[redhat-lspp] multi-context aware cron

serue at us.ibm.com serue at us.ibm.com
Fri Aug 26 20:58:18 UTC 2005 

Oops, I hope you're all confused right now, bc halfway through
the email I was switching solutions in my head :)

To clarify, I *was* voting for polyinstantiation, that is:

	/var/spool/cron/s0:c0..c127/hallyn

That's why I suggested a separate mc-crontab command.  While
the crontab command would be subject to polyinstantiation
(it would see /var/spool/cron/s0:c0..c127 mounted under
/var/spool/cron), the mc-crontab command would not be, so
that it could just look under /var/spool/cron/*/hallyn for
anything I have access to.

This may not be strictly necessary as I believe Stephen's
original proposal for polyinstantiation included a way to access
the original mountpoint, so if we take advantage of that we
could just have
	crontab -l
for regular output and
	crontab -ml
for multi-context output.

thanks,
-serge

Quoting serue at us.ibm.com (serue at us.ibm.com):
> Quoting Janak Desai (janak at us.ibm.com):
> ...
> > multi-context cron
> > ------------------
> > In order to allow multi-context cron jobs, the job
> > file somehow has to convey to the cron daemon the context
> > of the process that created it. The cron daemon can then
> > duplicate appropriate process context when processing
> > a particular cron job.
> ...
> > 2) Polyinstantiate /var/spool/cron and extend TCS
> >    patch to cover full security context and not just
> >    sensitivity label. Generally follow the TCS logic but
> 
> Without backing it up (beyond a plea to aesthetics) I'm going
> to vote for this one.
> 
> I would only add one thing:  Add some sort of 'mc-crontab -l',
> "multi-context crontab list" command which lists all my cron
> entries for any contexts I'm cleared to read.  So if I'm at
> s2:c0..c127, and I have:
> 
> 	/var/spool/cron/hallyn-s0:c0..c127
> 	/var/spool/cron/hallyn-s2:c0..c127
> 	/var/spool/cron/hallyn-s3:c0..c127
> 
> I will see all the entries in the first two, for instance
> 
> 	s0:c0..c127:
> 		mailbackup
> 		documentbackup
> 		x10update
> 	s2:c0..c127:
> 		secretdocumentbackup
> 
> I've never used a system like this, so I'm just trying to
> imagine :)  I'm only showing clearance, but it seems to me
> that also handling role+type should be intuitive - just show
> all files I have read access to.
> 
> > Notes/Questions:
> > ----------------
> > None of the above approaches will handle the following
> > situation.  A user goes from role A -> B -> C and
> > creates a cron job. If the role C is not directly
> > accessible from default role A, cron daemon will not
> > be able to set the appropriate context. Do we have to
> > handle such cases, or can we just document this
> > restriction in the manpage?
> 
> I'd say just document it.  Else I suppose 'crontab -e'
> could find a way to detect this and spit out a warning.
> 
> -serge
> 
> --
> redhat-lspp mailing list
> redhat-lspp at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-lspp
>

More information about the redhat-lspp mailing list