kloczek: SOURCES pidentd.inetd

Marcin Bohosiewicz marcus w venus.wis.pk.edu.pl
Czw, 3 Sie 2000, 17:48:33 CEST 

On Thu, 3 Aug 2000, Sebastian Zagrodzki wrote:

> On Thu, 3 Aug 2000, Marcin Bohosiewicz wrote:
> > > Mam tylko pytanie: wpisywac gid cyfrowo na stale czy jakos
> > > wydobywac z /etc/group. Jesli to drugie to jak? 
> > Na razie zrobilem cyfrowo. Puscilem do cvs'a caly zestaw poprawek.
> > Tylko prosze o dodanie ze nowe rc.scripts wymagaja poprawionego setup'a.
> > (cos w Requires:), przy skladaniu tego wszystkiego, bo inaczej to bedzie
> > numeryczny gid w /proc'u.
> ale zaraz zaraz, a co z tym:
> 
> man mount:
> 
> Mount options for proc
>        uid=value and gid=value
>               These options are recognized, but have no effect as
>               far as I can see.
> 
> u mnie jest tak (po dodaniu gid=17 do mounta i grupy proc):
> 
> [sebek w sokrates sebek]$ mount | grep proc
> proc on /proc type proc (rw,gid=17)
> [sebek w sokrates sebek]$ ls -ld /proc
> dr-xr-xr-x   78 root     proc            0 sie  3 17:30 /proc/
> [sebek w sokrates sebek]$ ls -l /proc/net/tcp
> -r--r--r--    1 root     root            0 sie  3 17:32 /proc/net/tcp
> 
> czyli mimo że /proc jest rzeczywiście z gid=17, to /proc/* już nie.
To cos dziwne:

Z readme Solara:
This was originally a patch by route that only changed the permissions on
some directories in /proc, so you had to be root to access them.  Then
there were similar patches by others.  I found them all quite unusable for
my purposes, on a system where I wanted several admins to be able to see
all the processes, etc, without having to su root (or use sudo) each time.
So I had to create my own patch that I include here.

This option restricts the permissions on /proc so that non-root users can
see their own processes only, and nothing about active network connections,
unless they're in a special group.  This group's id is specified via the
gid= mount option, and is 0 by default.  (Note: if you're using identd, you
will need to edit the inetd.conf line to run identd as this special group.)

I sam Solar pisze o gidzie....

M.

-- 
-| == Marcin Bohosiewicz - MB8042-RIPE - marcus w venus.pk.edu.pl == |-
-| == tel. +48 601 485097 - PLD Team   - marcus w pld.org.pl      == |-
-| == Strona Domowa   -      http://venus.wis.pk.edu.pl/marcus/ == |-
-| == PLUG - Komisja Rewizyjna     -   http://www.linux.org.pl/ == |-


___________________________
polish  linux  distribution
-> http://lists.pld.org.pl/

Więcej informacji o liście dyskusyjnej pld-devel-pl