Thanks, Can I ask one more stupid question?
I'm trying to make brasero work out of the box with CD devices, and it
seems that in any case
for my profiles to be accounted for I have to use pfexec. Creating
privileges set and setppriv(PRIV_SET,PRIV_EFFECTIVE,pPrivSet)
is not enough. Is it correct or do I miss something?
I mean something like
static int setprivs(){
priv_set_t *pPrivSet;
if(geteuid()==0){
g_warning("Running with euid 0, assuming you know what
you are doing");
return 0;
}
if ((pPrivSet = priv_allocset()) == NULL) {
return 1;
}
priv_basicset(pPrivSet);
if(priv_addset(pPrivSet,PRIV_SYS_DEVICES)) {
return 2;
};
if(setppriv(PRIV_SET,PRIV_EFFECTIVE,pPrivSet)) {
return 3;
}
/* CLI tools should also be able to use USCSICMD ioctls */
if(setppriv(PRIV_SET,PRIV_INHERITABLE,pPrivSet)) {
return 4;
}
priv_freeset(pPrivSet);
return 0;
}
int main() {
...
setprivs();
...
}
doesn't work without pfexec.
---
System Administrator of Southern Federal University Computer Center
-------------------------------------------
illumos-discuss
Archives: https://www.listbox.com/member/archive/182180/=now
RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be
Modify Your Subscription:
https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4
Powered by Listbox: http://www.listbox.com
