Opened 8 years ago

Closed 8 years ago

#1381 closed task (complete)

Dropping root on #213

Reported by: vorner Owned by: vorner
Priority: medium Milestone: Sprint-20111122
Component: ~Boss of BIND (obsolete) Version:
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: Core Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

This is another subbranch of #213. This one adds the ability to drop root privileges during the startup and places it just after the auth server in default configuration.

It sits on top of a merge of trac213-incremental and trac213-incremental-config, git commit 4b56e1807d8ce8b86da6793b67b50ff57ee62b9e.

It is in branch trac213-incremental-noroot.

I hope this subbranch to be the last one. I plan to merge all the branches together. Then we need to talk if we want to merge them all into master, or if to fix the problems of the branch (restarts, brittle mode, documentation) and merge after that.

Subtickets

Change History (8)

comment:1 Changed 8 years ago by vorner

  • Status changed from new to reviewing

comment:2 Changed 8 years ago by jelte

  • Milestone changed from Sprint-20111108 to Sprint-20111122

comment:3 follow-up: Changed 8 years ago by jinmei

I happened to notice an editorial error in a docstring (not related to
this branch) and fixed it.

The code basically looks okay, but if you haven't please make sure if
-u really works as expected on an installed system (this is something
we don't test (at it's mostly impossible) through our unit and system
tests).

Some comments on the code:

special_component.py

  • SetUID: s/forefull/forcefull/ here:
        def kill(self, forefull=False): pass
    
  • why is this a TODO? It seems to be a quite trivial addition:
            if self.uid is not None:
                # TODO: log
    

comment:4 Changed 8 years ago by jinmei

  • Owner changed from jinmei to vorner

comment:5 in reply to: ↑ 3 ; follow-up: Changed 8 years ago by vorner

  • Owner changed from vorner to jinmei

Hello

Replying to jinmei:

The code basically looks okay, but if you haven't please make sure if
-u really works as expected on an installed system (this is something
we don't test (at it's mostly impossible) through our unit and system
tests).

Right, I tested it, it looks it drops the privileges at the right time and the programs have the right user. The auth server could use the privileges sockets and this is what I get from pstree:

bash───sudo(root)───bind10(vorner)─┬─b10-auth
                                   ├─b10-cfgmgr
                                   ├─b10-cmdctl───{b10-cmdctl}
                                   ├─b10-msgq
                                   ├─b10-sockcreator(root)
                                   ├─b10-stats
                                   ├─b10-stats-httpd
                                   ├─b10-xfrin
                                   ├─b10-xfrout───2*[{b10-xfrout}]
                                   └─b10-zonemgr───{b10-zonemgr}

Some comments on the code:

special_component.py

  • why is this a TODO? It seems to be a quite trivial addition:

Because I forgot about it 5 minutes after I noted it down to do it later. Fixed.

Thank you

comment:6 in reply to: ↑ 5 Changed 8 years ago by jinmei

Replying to vorner:

This branch looks okay.

comment:7 Changed 8 years ago by jinmei

  • Owner changed from jinmei to vorner

comment:8 Changed 8 years ago by vorner

  • Resolution set to complete
  • Status changed from reviewing to closed

Merged back to #213, closing the ticket.

Note: See TracTickets for help on using tickets.