Re: if-up hooks not working



On Sat, 2007-12-01 at 20:56 -0600, Scott Severance wrote:
> snip
> 
> > > > > > After rebooting the computer in question as well as my
> server because
> > > > > > NFS was acting up, my script now seems to get run reliably
> if I put it
> > > > > > in /etc/network/if- up.d. However, contrary to the docs, the
> only script
> > > > > > in /etc/NetworkManager/dispatcher.d that ever gets executed
> is
> > > > > > 01ifupdown. Since that script calls run-parts
> on /etc/network/if- up.d,
> > > > > > My script gets executed in that directory.
> > > > > >
> > > > > > Is the NetworkManagerDispatcher man page wrong, or am I
> experiencing
> > > > > > some kind of bug? 
> > > > > >
> > > > > > By the way, I'm running Ubuntu Gutsy.
> > > > >
> > > > > Is the script only owned by root and executable?   Do you see
> the script
> > > > > execute when you tail syslog?
> > > > >
> > > > The script is owned by myuser:root, with 770 permissions. I
> chowned to
> > > > root:root, but it didn't make any difference. One reason that I
> know 
> > > > it isn't running is because the script logs several messages to
> > > > syslog, and those messages don't show up.
> NetworkManagerDispatcher
> > > > doesn't itself log the scripts it runs. So, the script
> definitely 
> > > > isn't executing.
> > >
> > > I think the permissions need to be 0700 or 0500 and the file owned
> by
> > > root.   I remember some messages on the list to that affect but I
> can't 
> > > seem to find them off-hand.
> > >
> > 
> > Yep that is correct from the source:
> >
> http://svn.gnome.org/viewvc/NetworkManager/tags/NETWORKMANAGER_0_6_5_RELEASE/dispatcher-daemon/NetworkManagerDispatcher.c?view=markup
> > 
> > 
> > /*
> >  * nmd_permission_check
> >  *
> >  * Verify that the given script has the permissions we
> want.  Specifically, 
> >  * ensure that the file is
> >  *      - A regular file.
> >  *      - Owned by root.
> >  *      - Not writable by the group or by other.
> >  *      - Not setuid.
> >  *      - Executable by the owner. 
> >  *
> >  */
> 
> OK. Changing the owner to root:root and the permissions to 755 (the
> permissions of 01ifupdown) did the trick. I'll file a documentation
> bug on this, since the man page says nothing about required
> permissions. 
> 
> I do wonder, though, why NetworkManagerDispatcher is so particular
> about permissions. As long as /etc/NetworkManager/dispatcher.d is only
> writable by root, then it is safe to assume that anything in there is
> something that root has authorized, regardless of its permissions. And
> a particular script might or might not contain sensitive information.
> Shouldn't security policy be left up to the system administrator? 
> 
> The reason this is an issue for me is that I have a number of scripts
> that I've written to automate various tasks. For the sake of
> maintainability, it's easiest to keep all of them in subdirectories of
> my normal user's home directory and then make symlinks as appropriate.
> Since /home is on a separate partition, I can have all my data on a
> single partition, leaving the rest of the filesystem for
> distro-specific stuff and system-wide config. 
> 
> Naturally, it is strongly preferable that everything under $HOME
> should be owned by $USER, so that I don't have to become root to
> manipulate files in my home directory. But NetworkManagerDispatcher
> actively prevents me from configuring my system as I see fit, and
> that's quite frustrating. 
> 
> Another point to make is that the machine in question is a laptop, and
> I'm the only person who uses it. So I'm not too worried about someone
> pulling some attack on files that aren't locked down. If someone were
> to steal my laptop, their ability to mess with a NetworkManager file
> would be the least of my worries. Besides, I have sudo configured to
> grant me root without asking for a password, so root ownership doesn't
> provide much protection against an adversary. I realize that many
> people want to run a much tighter system than I do, and they should
> have that choice. But should I be forced into a security model
> designed for a multi-user environment when I only operate in a
> single-user environment? 
> 
> Would it be possible to relax the permissions checking a bit?

Sure; NMD was written before a lot of stuff like SELinux or PolicyKit or
whatever came along, and really hasn't been touched in a long time.
What sort of permissions checks would you propose?

Dan




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]