Forgot to update this list, but I submitted a pull request to the Plinth
repository:
https://github.com/jvasile/Plinth/pull/2
The core of the changes I made are also available in a separate
repository:
https://github.com/bnewbold/exmachina
http://git.bnewbold.net/?p=exmachina.git;a=summary
The scheme is pretty complicated and the init.d script is ugly, but the
end result is privilege separation and less complicated configuration
setting code. I implemented hostname changing as an example, but
(ironically?) changing the timezone with /etc/timezone is not supported by
augeas out of the box (that I could find). augeas added configuration file
lenses for openvpn configuration some years ago, but I haven't tested
them.
-bryan
On Tue, 10 Jul 2012, bnewb...@robocracy.org wrote:
Spoke with James and a few others here at the OpenITP event, notes and a
rought plan are below. Some of this feels like reinventing the wheel; a
future/mature implementation might use:
D-Bus for message passing, PolicyKit for access control, Augeas for
read/write
or
building off ubus (IPC from OpenWrt) and netif (network interface
configuration from OpenWrt), extending with augeas configuration
or
libassuan (from GPG) to handle narrow scope trusted IPC
But for now i'm just going to bang something out so that plinth can use the
python-augeas interface through an access controlled unix domain pipe.
-----------------------------------------------------------------------------
requirements/compromises:
- scope of configuration middleware is "regular" system files, mostly in /etc
(no user/identity management)
- files should be edited "in place"
- local changes should be respected
- single root/wheel permissions level for reading, writing, and applying
changes
- configuration "versioning" taken as a seperate problem from editing
- "client code" (aka plinth) is responsible for semantic/logical validation,
and service restarts
new program: "exmachina: hand of root"
configuration management daemon which runs with root permissions,
listens on a unix domain socket with access controlled by filesystem
permissions. uses a very simple api to provide access to augeas
configuration file editing and service restarts.
plinth/apache, running not-as-root, is passed access at startup (ENV vars?
file handle pass?)
single-thread, serializes edits
simple, written in python (for now), including python "client library"
which replicates python-augeas interface
extra features (somedaymaybe):
general purpose ncurses, gui, or web interface
no-downtime reloads of daemon via HUP (a la nginx)
fine-grain ACL
dpkg installation
general purpose features: process execution, package installation, file
read/write
-bryan
_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
