From owner-freebsd-hackers Mon Jun 9 23:49:20 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id XAA14336 for hackers-outgoing; Mon, 9 Jun 1997 23:49:20 -0700 (PDT) Received: from terra.stack.nl (terra.stack.nl [131.155.140.128]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id XAA14331 for ; Mon, 9 Jun 1997 23:49:17 -0700 (PDT) Received: from xaa.stack.nl (uucp@localhost) by terra.stack.nl (8.8.5) with UUCP id XAA28545; Mon, 9 Jun 1997 23:09:40 +0200 (MET DST) Received: (from freebsd@localhost) by xaa.stack.nl (8.8.5/8.8.2) id XAA23884; Mon, 9 Jun 1997 23:09:27 +0200 (MET DST) Message-ID: <19970609230927.65057@xaa.stack.nl> Date: Mon, 9 Jun 1997 23:09:27 +0200 From: Mark Huizer To: Luigi Rizzo Cc: hackers@FreeBSD.ORG Subject: your rtprio stuff References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.69 In-Reply-To: ; from Luigi Rizzo on Mon, Jun 09, 1997 at 10:25:58PM +0200 Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > 2) (major problem) rtprio does not allow the necessary priority > settings if not superuser; but it cannot be made suid root since > it does not drop priority before execing the requested process. > Of the following two fixes: > > a) modify the rtprio syscall so that it can set realtime priority > for a restricted set of users (but then, how to configure this > set ?); > > b) modify the rtprio(1) command so that it can run suid-root, by > allowing RTP_SET for a configurable class of users (e.g. > /etc/rtprio.users) and calling setuid to restore the real uid > before calling execvp If you don't mind the risk of letting them run other commands in real time, you could of course use commands like sudo or opcom that will give selected users root-privs without su for certain commands Mark