On 04/10/2023 17:02, Spike White wrote:
We see in other places in this McAfee script that they run this command
using 'su' instead of 'sudo'.
su -s /bin/sh -c "LD_LIBRARY_PATH=... ${PROGROOT}/bin/macmnsvc
status" mfe
Running this command via 'su' instead of 'sudo' would not trigger this
thundering herd. (We have verified that.) Alternatively, randomizing
their healthcheck execution times would avoid this thundering herd problem.
Anyway, it's McAfee's problem to fix now. We'll report it and I'm sure
they'll figure out a solution.
If they are root and want to drop privileges then they would be better
served by runuser or setpriv. But as you point out even su is better
than sudo here.
--
Sam Morris <https://robots.org.uk/>
PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
