From owner-freebsd-hackers Wed Jun 11 05:28:09 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id FAA19587 for hackers-outgoing; Wed, 11 Jun 1997 05:28:09 -0700 (PDT) Received: from hda.hda.com (hda-bicnet.bicnet.net [207.198.1.121]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA19582 for ; Wed, 11 Jun 1997 05:28:04 -0700 (PDT) Received: (from dufault@localhost) by hda.hda.com (8.8.5/8.8.5) id IAA02802; Wed, 11 Jun 1997 08:19:51 -0400 (EDT) From: Peter Dufault Message-Id: <199706111219.IAA02802@hda.hda.com> Subject: Re: rtprio from non-root users ? In-Reply-To: from Luigi Rizzo at "Jun 9, 97 10:25:58 pm" To: luigi@iet.unipi.it (Luigi Rizzo) Date: Wed, 11 Jun 1997 08:19:50 -0400 (EDT) Cc: hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL25 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > I am trying to allow non-root accounts to use CD-R devices. Although > I might probably create some suid-root shell scripts, I don't like > much the idea and I would prefer a different approach, i.e. limiting > access to a group of allowed users and letting them to write their own > scripts. > > I am running into a couple of problems, namely: > > 1) there is no command-level method (I think) to add groups to the > credential of a user. Probably this is a more general problem, > but fortunately this is only a nuisance, because it can be solved > by making allowed users "su" to the username with rights to use > the device. > > 2) (major problem) rtprio does not allow the necessary priority > settings if not superuser; but it cannot be made suid root since > it does not drop priority before execing the requested process. > Of the following two fixes: > > a) modify the rtprio syscall so that it can set realtime priority > for a restricted set of users (but then, how to configure this > set ?); > > b) modify the rtprio(1) command so that it can run suid-root, by > allowing RTP_SET for a configurable class of users (e.g. > /etc/rtprio.users) and calling setuid to restore the real uid > before calling execvp > I have some of this now - can you wait a bit longer so we don't collide? The problem with the current patches is they use ioctls against a device and I have to change them to system calls. I'm using a pseudo device that requires that you either be root or have the device opened, then I use group protection on the device. You put users in a "realtime" group. The problem is non-portability for non root programs (using the P1003.1b interface) that must be modified to write-open the device. I've been thinking of changing this to an inherited per process bit mask you set by opening a pseudo device. Then you get the privileges by "cp /dev/null /dev/rtperms" and they stay for all descendant processes until you give it up or have it revoked. Comments? -- Peter Dufault (dufault@hda.com) Realtime development, Machine control, HD Associates, Inc. Safety critical systems, Agency approval