[devel] [PATCH hasher-priv v1 0/3] Make a daemon from the hasher-priv

Alex Gladkov legion на altlinux.ru
Пт Дек 13 14:42:02 MSK 2019 

From: Alexey Gladkov <legion на altlinux.org>

The hasher-priv is a SUID utility. This is not good. Separation of the
server and client parts will allow us to remove SUID flag.

The separation of server and client is not intended to give clients
access over the network. This separation is only necessary to distinguish
privileges. Only UNIX domain socket is used.

A separate session process is created for each connected user. Each such
process ends after a certain period of inactivity.

Alexey Gladkov (3):
  Make a daemon from the hasher-priv
  Add systemd and sysvinit service files
  Add cgroup support

 hasher-priv/.gitignore            |   1 +
 hasher-priv/DESIGN                | 281 +++++++++++++--------
 hasher-priv/Makefile              |  34 ++-
 hasher-priv/caller.c              |  81 +++---
 hasher-priv/caller_server.c       | 373 ++++++++++++++++++++++++++++
 hasher-priv/caller_task.c         | 217 +++++++++++++++++
 hasher-priv/cgroup.c              | 119 +++++++++
 hasher-priv/cmdline.c             |  27 +-
 hasher-priv/communication.c       | 392 ++++++++++++++++++++++++++++++
 hasher-priv/communication.h       |  77 ++++++
 hasher-priv/config.c              | 148 ++++++++++-
 hasher-priv/epoll.c               |  39 +++
 hasher-priv/epoll.h               |  18 ++
 hasher-priv/hasher-priv.c         |  78 ++++++
 hasher-priv/hasher-privd.c        | 375 ++++++++++++++++++++++++++++
 hasher-priv/hasher-privd.service  |  11 +
 hasher-priv/hasher-privd.sysvinit |  86 +++++++
 hasher-priv/io_log.c              |   2 +-
 hasher-priv/io_x11.c              |   2 +-
 hasher-priv/killuid.c             |   2 +-
 hasher-priv/logging.c             |  64 +++++
 hasher-priv/logging.h             |  55 +++++
 hasher-priv/main.c                |  75 ------
 hasher-priv/pass.c                | 117 ++++++++-
 hasher-priv/pidfile.c             | 128 ++++++++++
 hasher-priv/pidfile.h             |  44 ++++
 hasher-priv/priv.h                |  35 ++-
 hasher-priv/server.conf           |  22 ++
 hasher-priv/sockets.c             | 183 ++++++++++++++
 hasher-priv/sockets.h             |  32 +++
 hasher-priv/x11.c                 |   1 +
 31 files changed, 2872 insertions(+), 247 deletions(-)
 create mode 100644 hasher-priv/caller_server.c
 create mode 100644 hasher-priv/caller_task.c
 create mode 100644 hasher-priv/cgroup.c
 create mode 100644 hasher-priv/communication.c
 create mode 100644 hasher-priv/communication.h
 create mode 100644 hasher-priv/epoll.c
 create mode 100644 hasher-priv/epoll.h
 create mode 100644 hasher-priv/hasher-priv.c
 create mode 100644 hasher-priv/hasher-privd.c
 create mode 100644 hasher-priv/hasher-privd.service
 create mode 100755 hasher-priv/hasher-privd.sysvinit
 create mode 100644 hasher-priv/logging.c
 create mode 100644 hasher-priv/logging.h
 delete mode 100644 hasher-priv/main.c
 create mode 100644 hasher-priv/pidfile.c
 create mode 100644 hasher-priv/pidfile.h
 create mode 100644 hasher-priv/server.conf
 create mode 100644 hasher-priv/sockets.c
 create mode 100644 hasher-priv/sockets.h

-- 
2.24.0

Подробная информация о списке рассылки Devel