Mailinglist Archive: opensuse-factory (1264 mails)

< Previous Next >
Re: [opensuse-factory] Features making it into 12.1 for blog
On 27/09/11 00:38, Christian Boltz wrote:
Hello,

on Montag, 26. September 2011, Ludwig Nussel wrote:
Christian Boltz wrote:
- start aa-notify using sudo:
sudo HOME="$HOME" DISPLAY="$DISPLAY" /usr/sbin/aa-notify -p
For the records: at least HOME=... isn't needed anymore - the upstream
version (post-2.7beta2) now sets $HOME correctly.

This is also where I found the bug mentioned above - sudo drops
lots of environment variables for security reasons. In practise,
it drops too many of them and breaks aa-notify :-(
IOW aa-notify is either broken by design or not meant to be run as
user.
I'm not sure about your first option ;-)) but I'm sure the second one
doesn't apply.

aa-notify must be started as root (to be able to read audit.log) and
then drops the privileges to the user (which is autodetected from the
$SUDO_* environment variables when started with sudo) to display the
notifications.

Well, to be exact: aa-notify sets its EUID/EGID to the user, switches
back to root once per second to check audit.log for changes, and back to
the user afterwards and displays a notification if needed. That's still
simplified, but you should get the picture.

Couldn't this be done with setuid binary (+ restricted to trusted users execute permissions obviously) instead? It seems that would be the more typical solution compared to relying on sudo (which not everyone uses) and requiring a special config.

<snip>
Christian Boltz

Regards,
Tejas

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx

< Previous Next >