Re: policy on start-stop-daemon
On Thu, 14 Feb 2002 17:00, Anthony Towns wrote:
> On Thu, Feb 14, 2002 at 04:43:24PM +1100, Russell Coker wrote:
> > In which case using a command line parameter of "--started-from-cron"
> > which would be silently ignored by the default start-stop-daemon and
> > which would be taken to mean "don't change security context" by the SE
> > version would still allow you to achieve that aim.
>
> Well, why not use an environment variable then, which you can pass from
> cron all the way down to your modified start-stop-daemon yourself? Have
> cron export SELINUX_NOTERMINAL=yes and check for that before trying to
> prompt, eg.
Good idea!
> In an ideal world, what exactly would you want to have happen here? Should
> cron never *ever* attempt to restart a daemon when rotating its logs? If
> it should restart daemons, where do the extra capabilities come from --
> cron itself, the cron.daily/* shell fragments, the init.d script or
> somewhere else? Is it possible to make some shell scripts be "setuid"
> in terms of the particular capabilities required to restart their daemon?
The policy would have to be defined on a per-daemon basis for some of this
(ideally I want to do the minimum amount of per-daemon customisation).
Also I can control the interaction to a greater degree. For example I could
allow several domains to send SIGHUP to syslogd that I wouldn't allow to stop
it or to start a process with write access to log files. Therefore a
"killall -1 syslogd" operation would work where a /etc/init.d/sysklogd
restart wouldn't.
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: