Date: Wed, 11 Jun 1997 08:19:50 -0400 (EDT) From: Peter Dufault <dufault@hda.com> To: luigi@iet.unipi.it (Luigi Rizzo) Cc: hackers@FreeBSD.ORG Subject: Re: rtprio from non-root users ? Message-ID: <199706111219.IAA02802@hda.hda.com> In-Reply-To: <Pine.BSF.3.95q.970609215133.253A-100000@prova.iet.unipi.it> from Luigi Rizzo at "Jun 9, 97 10:25:58 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> I am trying to allow non-root accounts to use CD-R devices. Although > I might probably create some suid-root shell scripts, I don't like > much the idea and I would prefer a different approach, i.e. limiting > access to a group of allowed users and letting them to write their own > scripts. > > I am running into a couple of problems, namely: > > 1) there is no command-level method (I think) to add groups to the > credential of a user. Probably this is a more general problem, > but fortunately this is only a nuisance, because it can be solved > by making allowed users "su" to the username with rights to use > the device. > > 2) (major problem) rtprio does not allow the necessary priority > settings if not superuser; but it cannot be made suid root since > it does not drop priority before execing the requested process. > Of the following two fixes: > > a) modify the rtprio syscall so that it can set realtime priority > for a restricted set of users (but then, how to configure this > set ?); > > b) modify the rtprio(1) command so that it can run suid-root, by > allowing RTP_SET for a configurable class of users (e.g. > /etc/rtprio.users) and calling setuid to restore the real uid > before calling execvp > I have some of this now - can you wait a bit longer so we don't collide? The problem with the current patches is they use ioctls against a device and I have to change them to system calls. I'm using a pseudo device that requires that you either be root or have the device opened, then I use group protection on the device. You put users in a "realtime" group. The problem is non-portability for non root programs (using the P1003.1b interface) that must be modified to write-open the device. I've been thinking of changing this to an inherited per process bit mask you set by opening a pseudo device. Then you get the privileges by "cp /dev/null /dev/rtperms" and they stay for all descendant processes until you give it up or have it revoked. Comments? -- Peter Dufault (dufault@hda.com) Realtime development, Machine control, HD Associates, Inc. Safety critical systems, Agency approval
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706111219.IAA02802>