[systemd-devel] SD_BUS_VTABLE_CAPABILITY

Cameron Norman camerontnorman at gmail.com
Thu Apr 16 12:45:15 PDT 2015


On Thu, Apr 16, 2015 at 9:43 AM, Tom Gundersen <teg at jklm.no> wrote:
> On Thu, Apr 16, 2015 at 4:52 PM, Andy Lutomirski <luto at amacapital.net> wrote:
>> The ratio of complexity of capability code the kdbus folks have
>> already written (hundreds of lines across multiple files) to its
>> utility (very near zero AFAICT) is, in my book, not a good sign at
>> all.
>
> We have several uses of this, see my mail to Jiri regarding
> CAP_SYS_BOOT for instance:
>   https://lkml.org/lkml/2015/4/16/219
>

This could easily be done with polkit and a special `boot` group. Why
does it need to use CAP_SYS_BOOT? I mean why would you even *want*
CAP_SYS_BOOT to be used for this? Using CAP_SYS_BOOT means that
anything you want to let cleanly shutdown the system you would also
allow to do a hard shutdown and thus cause data loss in many cases.

In summary: not **necessary** or **ideal** to use a capability in this case.

If you could be so kind, could you summarize the other uses you have?
And if you can, explain why using regular user/group credentials does
not achieve the goal.

Thank you,
--
Cameron Norman


More information about the systemd-devel mailing list