FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 02-08-2009, 02:59 PM
 
Default share control rights to a daemon by both root and another user

Me as root user of a server wish to share the control privilege (to
start and stop) a daemon with another non-root user and find it
difficult. The requirement: 1) either me or him can start the daemon
then stop it; 2) he can stop the daemon started by me; 3) I can stop the
daemon started by him.

3) is very easy because I am root; 1) is also easy, difficult part is 2).

I first thought of setting the process suid and make him owner of the
executable. However I found if I do so, the process starts with his
privilege while belonging to me, he could not signal the processes of mine.

Is the requirement 2 possible with Linux? How?

If the problem can be solved giving the setting two users both are not
root, the solution would be even more preferable.

Thanks in advance!

--
Real Softservice

Huateng Tower, Unit 1788
Jia 302 3rd area of Jinsong, Chao Yang

Tel: +86 (10) 8773 0650 ext 603
Mobile: 159 1111 7382
http://www.realss.com
 
Old 02-08-2009, 03:30 PM
Daniel Troeder
 
Default share control rights to a daemon by both root and another user

Am Sonntag, den 08.02.2009, 23:59 +0800 schrieb zhangweiwu@realss.com:
> Me as root user of a server wish to share the control privilege (to
> start and stop) a daemon with another non-root user and find it
> difficult. The requirement: 1) either me or him can start the daemon
> then stop it; 2) he can stop the daemon started by me; 3) I can stop the
> daemon started by him.
>
> 3) is very easy because I am root; 1) is also easy, difficult part is 2).
>
> I first thought of setting the process suid and make him owner of the
> executable. However I found if I do so, the process starts with his
> privilege while belonging to me, he could not signal the processes of mine.
>
> Is the requirement 2 possible with Linux? How?
>
> If the problem can be solved giving the setting two users both are not
> root, the solution would be even more preferable.
>
> Thanks in advance!
>
Hello

You can use app-admin/sudo to achieve your goal. It can be configured to
allow certain users to execute certain commands as other users (possibly
root). You can even restrict the allowed arguments to a command.

Bye,
Daniel
 
Old 02-09-2009, 12:44 AM
 
Default share control rights to a daemon by both root and another user

Daniel Troeder schrieb:
> Hello
>
> You can use app-admin/sudo to achieve your goal. It can be configured to
> allow certain users to execute certain commands as other users (possibly
> root). You can even restrict the allowed arguments to a command.

Hi. Thanks for that suggestion. I am thinking I need to add a
configuration in sudo that everyone in "fetch" group (who can run the
daemon) should be able to sudo and run the daemon. I'll try it later.
 

Thread Tools




All times are GMT. The time now is 11:47 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org