Re: [gentoo-dev] Testing to see if services have crashed on hardened
On 21-03-2008 12:07:24 +, Roy Marples wrote: On Friday 21 March 2008 10:37:11 Fabian Groffen wrote: Assuming you would use libkvm, on Darwin this means as unprivileged user (not using suid) you can't see any processes at all. That's different from FreeBSD and NetBSD then. Indeed. And I just found out that Leopard (10.5) dropped the entire kvm which wasn't working to funky anyway. I just made some implementation of walking through all running processes for portage-utils' `qlop -c` using sysctl calls -- the way to do it on Darwin, and that works even as normal unprivileged user, so I guess we can just use that. Is there a way to just have some fallback method which is less functional, but just uses some pid file with a lock or something? Not all services use pidfiles. Also, some services re-fork and re-write their pidfiles and I'm not sure the lock would carry across in that instance. I was thinking of a wrapping process, but I only later realised that this isn't working since many/most daemons fork into the background, so you loose the control over it anyway. -- Fabian Groffen Gentoo on a different level -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Testing to see if services have crashed on hardened
On 21-03-2008 10:20:45 +, Roy Marples wrote: Hi List. I've just removed the code to check for euid when running services and instead relying on permissions of the service state dir and testing errno. This is a good thing, but it does have one side effect. OpenRC can track daemons by how they were started. So every time you run rc-status it tests each reported service to ensure all daemons are up. This also works fine unprivileged on normal boxes - except for hardened where users can only see their own processes. Assuming you would use libkvm, on Darwin this means as unprivileged user (not using suid) you can't see any processes at all. This isn't really an easy answer, as we could have installed OpenRC in a prefix where this wouldn't apply, but we don't know that either. Ideas anyone? Is there a way to just have some fallback method which is less functional, but just uses some pid file with a lock or something? -- Fabian Groffen Gentoo on a different level -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Testing to see if services have crashed on hardened
On Fri, 2008-03-21 at 10:20 +, Roy Marples wrote: Hi List. I've just removed the code to check for euid when running services and instead relying on permissions of the service state dir and testing errno. This is a good thing, but it does have one side effect. OpenRC can track daemons by how they were started. So every time you run rc-status it tests each reported service to ensure all daemons are up. This also works fine unprivileged on normal boxes - except for hardened where users can only see their own processes. This isn't really an easy answer, as we could have installed OpenRC in a prefix where this wouldn't apply, but we don't know that either. Ideas anyone? err... run rc-status as root? I mean if you are not supposed to see if a process is running or not as normal user, then hardned is doin it's job when does not allow rc-status to show this info to the unprivileged user. if (!HARDENED || (HARDENED euid=0) { /* show if process is running or not */ } Thanks Roy -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Testing to see if services have crashed on hardened
On Friday 21 March 2008 10:37:11 Fabian Groffen wrote: Assuming you would use libkvm, on Darwin this means as unprivileged user (not using suid) you can't see any processes at all. That's different from FreeBSD and NetBSD then. This isn't really an easy answer, as we could have installed OpenRC in a prefix where this wouldn't apply, but we don't know that either. Ideas anyone? Is there a way to just have some fallback method which is less functional, but just uses some pid file with a lock or something? Not all services use pidfiles. Also, some services re-fork and re-write their pidfiles and I'm not sure the lock would carry across in that instance. Thanks Roy -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Testing to see if services have crashed on hardened
On Friday 21 March 2008 10:44:12 Natanael Copa wrote: err... run rc-status as root? I mean if you are not supposed to see if a process is running or not as normal user, then hardned is doin it's job when does not allow rc-status to show this info to the unprivileged user. if (!HARDENED || (HARDENED euid=0) { /* show if process is running or not */ } Ideally I'd like a runtime catch rather than a define for this though, but that's probably the best idea thus far. Thanks Roy -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Testing to see if services have crashed on hardened
On Fri, 2008-03-21 at 12:08 +, Roy Marples wrote: On Friday 21 March 2008 10:44:12 Natanael Copa wrote: err... run rc-status as root? I mean if you are not supposed to see if a process is running or not as normal user, then hardned is doin it's job when does not allow rc-status to show this info to the unprivileged user. if (!HARDENED || (HARDENED euid=0) { /* show if process is running or not */ } Ideally I'd like a runtime catch rather than a define for this though, but that's probably the best idea thus far. /* pid 1 is most likely owned by root */ hardened = pid_is_running(1); if (!hardened || (hardened euid==0) { -nc Thanks Thanks for working on openrc. Roy -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Testing to see if services have crashed on hardened
On Friday 21 March 2008 12:39:48 Natanael Copa wrote: /* pid 1 is most likely owned by root */ hardened = pid_is_running(1); if (!hardened || (hardened euid==0) { OK, we'll go with that for the time being. Thanks Roy -- gentoo-dev@lists.gentoo.org mailing list