Curt Manucredo wrote: > dear mentors and members > > i have written a program called urequestd. since it was and still is > very helpful for me, i hoped, that it could be helpful for you folks > too. it is of course licencend under GPLv2 or any later version if you > wish. since i could not find any place to upload it, or to get the > permission to do so, i want to ask you, if anybody of you is > interessted in this program. on the other hand it might be okay, not > uploading it without the sanctus of an expirienced programmer, since it > could be unsafe, where i do not suspect. and, as usual it might already > have been implemented somewhere else! > so this is the attempt to gain help from you! if you wish to have a > copy of this program, please say so. > the description of the 3 executable follows: > > *urequestd* can be called a *virtual super user*. it gets > started on system bootup and awaits requests from the *urequest > client* program. *urequestd* looks up the everybodys accessable > fifo-file */var/opt/urequestd* and in case it finds *urequest* > in */proc/$pid_of_urequest* and can make sure that the request > comes from an urequest instance, it will execute the request and > orphans it into background sendig the pid ot this process back to the > request client. since urequestd does not execute any process unless it > comes from an urequest-client, all verifications are done in the > urequest client program. this includes user and group verification as > well as checking if the request even exists. > > *urequest* is part of the urequest daemon package. it makes it > possible for any user to *call a command* > without the need for *root-rights*. to make this possible > a rule-file has to be created under */etc/urequestd/rules/*. it must > be a bash-script, set executable and having the file-extenstion > *.rule*. to then make a normal user able to call such a request > the user must be added with the *urequestp utility* as an authorized > user. it is also possible to add a group to the rule to make a punsh > of users able to call a rule. > > *urequestp* is used to setup the permissions for each rule in > */etc/urequestd/rules*. it saves the permission-information > in */etc/urequestd/rules/permission/name_of_rule*. remember > that these files, one for each rule, do not have the extenstion > *.rule* but the rule-files do. so if you edit them by hand > remember to never add a *username or groupname* but the > *uid and group-id*. the syntax for these files are as follows: > <user>[uid]<user> or <group>[group-id]<group>. also remember > to only place one entry per line. > > thank you for your attention! > regards > > ps: i am not subscribed to this list, please cc me! How is this different from sudo? Anton -- email: anton@piatek.co.uk blog/photos: http://www.strangeparty.com pgp: [0xB307BAEF] (http://tastycake.net/~anton/anton.asc) fingerprint: 116A 5F01 1E5F 1ADE 78C6 EDB3 B9B6 E622 B307 BAEF
Attachment:
signature.asc
Description: OpenPGP digital signature