Re: if-up hooks not working
- From: Dan Williams <dcbw redhat com>
- To: Scott Severance <scott scottseverance us>
- Cc: NetworkManager Mailing List <networkmanager-list gnome org>, darren darrenalbers com
- Subject: Re: if-up hooks not working
- Date: Mon, 03 Dec 2007 09:33:37 -0500
On Sat, 2007-12-01 at 20:56 -0600, Scott Severance wrote:
> snip
>
> > > > > > After rebooting the computer in question as well as my
> server because
> > > > > > NFS was acting up, my script now seems to get run reliably
> if I put it
> > > > > > in /etc/network/if- up.d. However, contrary to the docs, the
> only script
> > > > > > in /etc/NetworkManager/dispatcher.d that ever gets executed
> is
> > > > > > 01ifupdown. Since that script calls run-parts
> on /etc/network/if- up.d,
> > > > > > My script gets executed in that directory.
> > > > > >
> > > > > > Is the NetworkManagerDispatcher man page wrong, or am I
> experiencing
> > > > > > some kind of bug?
> > > > > >
> > > > > > By the way, I'm running Ubuntu Gutsy.
> > > > >
> > > > > Is the script only owned by root and executable? Do you see
> the script
> > > > > execute when you tail syslog?
> > > > >
> > > > The script is owned by myuser:root, with 770 permissions. I
> chowned to
> > > > root:root, but it didn't make any difference. One reason that I
> know
> > > > it isn't running is because the script logs several messages to
> > > > syslog, and those messages don't show up.
> NetworkManagerDispatcher
> > > > doesn't itself log the scripts it runs. So, the script
> definitely
> > > > isn't executing.
> > >
> > > I think the permissions need to be 0700 or 0500 and the file owned
> by
> > > root. I remember some messages on the list to that affect but I
> can't
> > > seem to find them off-hand.
> > >
> >
> > Yep that is correct from the source:
> >
> http://svn.gnome.org/viewvc/NetworkManager/tags/NETWORKMANAGER_0_6_5_RELEASE/dispatcher-daemon/NetworkManagerDispatcher.c?view=markup
> >
> >
> > /*
> > * nmd_permission_check
> > *
> > * Verify that the given script has the permissions we
> want. Specifically,
> > * ensure that the file is
> > * - A regular file.
> > * - Owned by root.
> > * - Not writable by the group or by other.
> > * - Not setuid.
> > * - Executable by the owner.
> > *
> > */
>
> OK. Changing the owner to root:root and the permissions to 755 (the
> permissions of 01ifupdown) did the trick. I'll file a documentation
> bug on this, since the man page says nothing about required
> permissions.
>
> I do wonder, though, why NetworkManagerDispatcher is so particular
> about permissions. As long as /etc/NetworkManager/dispatcher.d is only
> writable by root, then it is safe to assume that anything in there is
> something that root has authorized, regardless of its permissions. And
> a particular script might or might not contain sensitive information.
> Shouldn't security policy be left up to the system administrator?
>
> The reason this is an issue for me is that I have a number of scripts
> that I've written to automate various tasks. For the sake of
> maintainability, it's easiest to keep all of them in subdirectories of
> my normal user's home directory and then make symlinks as appropriate.
> Since /home is on a separate partition, I can have all my data on a
> single partition, leaving the rest of the filesystem for
> distro-specific stuff and system-wide config.
>
> Naturally, it is strongly preferable that everything under $HOME
> should be owned by $USER, so that I don't have to become root to
> manipulate files in my home directory. But NetworkManagerDispatcher
> actively prevents me from configuring my system as I see fit, and
> that's quite frustrating.
>
> Another point to make is that the machine in question is a laptop, and
> I'm the only person who uses it. So I'm not too worried about someone
> pulling some attack on files that aren't locked down. If someone were
> to steal my laptop, their ability to mess with a NetworkManager file
> would be the least of my worries. Besides, I have sudo configured to
> grant me root without asking for a password, so root ownership doesn't
> provide much protection against an adversary. I realize that many
> people want to run a much tighter system than I do, and they should
> have that choice. But should I be forced into a security model
> designed for a multi-user environment when I only operate in a
> single-user environment?
>
> Would it be possible to relax the permissions checking a bit?
Sure; NMD was written before a lot of stuff like SELinux or PolicyKit or
whatever came along, and really hasn't been touched in a long time.
What sort of permissions checks would you propose?
Dan
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]