[Jailkit-dev] proposal for new jk

jailkit-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jailkit-dev] proposal for new jk_init functionality

From:	Olivier Sessink
Subject:	[Jailkit-dev] proposal for new jk_init functionality
Date:	Thu, 28 Jun 2007 22:11:41 +0200
User-agent:	Icedove 1.5.0.12 (X11/20070607)

Hi all,

in some situations it can be required to keep the ownership of files thesame while copying them into the jail. For example a daemon that uses afile or directory to store current sessions. The current jk_init configfile format does not allow to specify this.


I was thinking of replacing the old format (example):

--------
[mysection]
executables = /bin/bash
regularfiles = /etc/bashrc
libraries = /lib/mylib.so
directories = /etc/terminfo
--------

with a new format (example):

--------
[mysection]
path =  /bin/bash,  /etc/bashrc, /lib/mylib.so, /etc/terminfo
path_w_owner = /var/lib/mydaemon/
allow_setuid = /var/lib/mydaemon/some_file_with_setuid_permissions
--------

this would copy files within /var/lib/mydaemon/ with their currentownership, keep the setuid permissions on/var/lib/mydaemon/some_file_with_setuid_permissions and for the rest itis the same as the above example.

is this a clear config file format? Can it do all the tricks you like todo with it?



regards,
Olivier

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-dev] proposal for new jk_init functionality, Olivier Sessink <=

Prev by Date: [Jailkit-dev] [bug #20271] elinks: Fatal: no entropy gathering module detected
Previous by thread: [Jailkit-dev] [bug #20271] elinks: Fatal: no entropy gathering module detected
Index(es):
- Date
- Thread