[redhat-lspp] multi-context aware cron
serue at us.ibm.com
serue at us.ibm.com
Fri Aug 26 20:58:18 UTC 2005
Oops, I hope you're all confused right now, bc halfway through
the email I was switching solutions in my head :)
To clarify, I *was* voting for polyinstantiation, that is:
/var/spool/cron/s0:c0..c127/hallyn
That's why I suggested a separate mc-crontab command. While
the crontab command would be subject to polyinstantiation
(it would see /var/spool/cron/s0:c0..c127 mounted under
/var/spool/cron), the mc-crontab command would not be, so
that it could just look under /var/spool/cron/*/hallyn for
anything I have access to.
This may not be strictly necessary as I believe Stephen's
original proposal for polyinstantiation included a way to access
the original mountpoint, so if we take advantage of that we
could just have
crontab -l
for regular output and
crontab -ml
for multi-context output.
thanks,
-serge
Quoting serue at us.ibm.com (serue at us.ibm.com):
> Quoting Janak Desai (janak at us.ibm.com):
> ...
> > multi-context cron
> > ------------------
> > In order to allow multi-context cron jobs, the job
> > file somehow has to convey to the cron daemon the context
> > of the process that created it. The cron daemon can then
> > duplicate appropriate process context when processing
> > a particular cron job.
> ...
> > 2) Polyinstantiate /var/spool/cron and extend TCS
> > patch to cover full security context and not just
> > sensitivity label. Generally follow the TCS logic but
>
> Without backing it up (beyond a plea to aesthetics) I'm going
> to vote for this one.
>
> I would only add one thing: Add some sort of 'mc-crontab -l',
> "multi-context crontab list" command which lists all my cron
> entries for any contexts I'm cleared to read. So if I'm at
> s2:c0..c127, and I have:
>
> /var/spool/cron/hallyn-s0:c0..c127
> /var/spool/cron/hallyn-s2:c0..c127
> /var/spool/cron/hallyn-s3:c0..c127
>
> I will see all the entries in the first two, for instance
>
> s0:c0..c127:
> mailbackup
> documentbackup
> x10update
> s2:c0..c127:
> secretdocumentbackup
>
> I've never used a system like this, so I'm just trying to
> imagine :) I'm only showing clearance, but it seems to me
> that also handling role+type should be intuitive - just show
> all files I have read access to.
>
> > Notes/Questions:
> > ----------------
> > None of the above approaches will handle the following
> > situation. A user goes from role A -> B -> C and
> > creates a cron job. If the role C is not directly
> > accessible from default role A, cron daemon will not
> > be able to set the appropriate context. Do we have to
> > handle such cases, or can we just document this
> > restriction in the manpage?
>
> I'd say just document it. Else I suppose 'crontab -e'
> could find a way to detect this and spit out a warning.
>
> -serge
>
> --
> redhat-lspp mailing list
> redhat-lspp at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-lspp
>
More information about the redhat-lspp
mailing list