From: domg472@gmail.com (Dominick Grift) Date: Thu, 25 Aug 2011 11:56:41 +0200 Subject: [refpolicy] [PATCH 1/1] Allow userdomains to send syslog messages In-Reply-To: <4E55229F.4000700@tresys.com> References: <20110823105722.GA2352@siphos.be> <4E54F828.8020200@tresys.com> <20110824131507.GA25303@localhost.localdomain> <4E54FF76.2040804@tresys.com> <20110824135105.GB25303@localhost.localdomain> <4E5507B8.3080609@tresys.com> <20110824143108.GC25303@localhost.localdomain> <4E55229F.4000700@tresys.com> Message-ID: <20110825095639.GA22813@localhost.localdomain> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Wed, Aug 24, 2011 at 12:11:11PM -0400, Christopher J. PeBenito wrote: > On 08/24/11 10:31, Dominick Grift wrote: > > On Wed, Aug 24, 2011 at 10:16:24AM -0400, Christopher J. PeBenito wrote: > >> On 08/24/11 09:51, Dominick Grift wrote: > >>> On Wed, Aug 24, 2011 at 09:41:10AM -0400, Christopher J. PeBenito wrote: > >>>> On 08/24/11 09:15, Dominick Grift wrote: > >>>>> On Wed, Aug 24, 2011 at 09:10:00AM -0400, Christopher J. PeBenito wrote: > >>>>>> On 08/23/11 06:57, Sven Vermeulen wrote: > >>> ... snip ... > >>>>> I do, the git-daemon run by users can be configured to use syslog. I allowed this by default in my git policy. Would you prefer a boolean "git_session_daemon_can_syslog" instead of allowing it by default? > >>>> > >>>> Thats a different domain. I'm speaking of unpriv user domains user_t, > >>>> staff_t, etc. > >>> > >>> Until a git (session) daemon domain is implemented it runs in the unprivileged user domain. > >> > >> Ok. I don't see this as a good reason to allow this. A user running a > >> daemon should be logging to their home directory. > > > > Agreed, but what if the administrator decides to run it as an unprivileged user and still wants to it to syslog. > > > > It seems actually very sane to me. Running git-daemon as a system service requires inetd and it runs as root. Running inetd just to export a repository might be a bit much. If you can achieve what you want by running it as a unpriv user then why not. > > If a user can run it as a user service w/o inetd, then why can't it run > as a system service w/o inetd? Why cant you use start-stop-daemon or su > to run it with a different uid? Anyhow, if the git session daemon policy is generally accepted. i will be more than happy to send an additional patch removing the privilege for git_session_t to use syslog. Better something than nothing at all... > > -- > Chris PeBenito > Tresys Technology, LLC > www.tresys.com | oss.tresys.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20110825/97c73acd/attachment.bin