diff options
| author | Tomas Mraz <tm@t8m.info> | 2008-02-13 12:49:43 +0000 |
|---|---|---|
| committer | Tomas Mraz <tm@t8m.info> | 2008-02-13 12:49:43 +0000 |
| commit | 5607d7250357a548f04fe5e31cc960a2e54cf908 (patch) | |
| tree | b6f4d7a8ebee5d75db63b9f676c5eec2c86ba170 /modules/pam_namespace/namespace.conf.5.xml | |
| parent | 6962e7e541546253d6d8d4d8e4bc5ca5290b8e5a (diff) | |
| download | pam-5607d7250357a548f04fe5e31cc960a2e54cf908.tar.gz pam-5607d7250357a548f04fe5e31cc960a2e54cf908.tar.bz2 pam-5607d7250357a548f04fe5e31cc960a2e54cf908.zip | |
Relevant BUGIDs:
Purpose of commit: bugfix, new feature
Commit summary:
---------------
2008-02-13 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/Makefile.am: Add argv_parse files and namespace.d
dir.
* modules/pam_namespace/argv_parse.c: New file.
* modules/pam_namespace/argv_parse.h: New file.
* modules/pam_namespace/namespace.conf.5.xml: Document new features.
* modules/pam_namespace/pam_namespace.8.xml: Likewise.
* modules/pam_namespace/pam_namespace.h: Use SECURECONF_DIR define.
Define NAMESPACE_D_DIR and NAMESPACE_D_GLOB. Define new option flags
and polydir flags.
(polydir_s): Add rdir, replace exclusive with flags, add init_script,
owner, group, and mode.
(instance_data): Add ruser, gid, and ruid.
* modules/pam_namespace/pam_namespace.c: Remove now unused copy_ent().
(add_polydir_entry): Add the entry directly, no copy.
(del_polydir): New function.
(del_polydir_list): Call del_polydir().
(expand_variables, parse_create_params, parse_iscript_params,
parse_method): New functions.
(process_line): Call expand_variables() on polydir and instance prefix.
Call argv_parse() instead of strtok_r(). Allocate struct polydir_s on heap.
(parse_config_file): Parse .conf files from namespace.d dir after
namespace.conf.
(form_context): Call getcon() or get_default_context_with_level() when
appropriate flags are set.
(poly_name): Handle shared polydir flag.
(inst_init): Execute non-default init script when specified.
(create_polydir): New function.
(create_dirs): Remove the code which checks the polydir. Do not call
inst_init() when noinit flag is set.
(ns_setup): Check the polydir and eventually create it if the create flag
is set.
(setup_namespace): Use ruser uid from idata. Set the namespace polydir
pam data only when namespace was set up correctly. Unmount polydir
based on ruser.
(get_user_data): New function.
(pam_sm_open_session): Check for use_current_context and
use_default_context options. Call get_user_data().
(pam_sm_close_session): Call get_user_data().
Diffstat (limited to 'modules/pam_namespace/namespace.conf.5.xml')
| -rw-r--r-- | modules/pam_namespace/namespace.conf.5.xml | 68 |
1 files changed, 52 insertions, 16 deletions
diff --git a/modules/pam_namespace/namespace.conf.5.xml b/modules/pam_namespace/namespace.conf.5.xml index 9fbefc49..a1769600 100644 --- a/modules/pam_namespace/namespace.conf.5.xml +++ b/modules/pam_namespace/namespace.conf.5.xml @@ -20,8 +20,9 @@ <title>DESCRIPTION</title> <para> - This module allows setup of private namespaces with polyinstantiated - directories. Directories can be polyinstantiated based on user name + The <emphasis>pam_namespace.so</emphasis> module allows setup of + private namespaces with polyinstantiated directories. + Directories can be polyinstantiated based on user name or, in the case of SELinux, user name, sensitivity level or complete security context. If an executable script <filename>/etc/security/namespace.init</filename> exists, it is used to initialize the namespace every time a new instance @@ -38,19 +39,23 @@ <para> When someone logs in, the file <filename>namespace.conf</filename> is - scanned where each non comment line represents one polyinstantiated - directory with space separated fields as follows: + scanned. Comments are marked by <emphasis>#</emphasis> characters. + Each non comment line represents one polyinstantiated + directory. The fields are separated by spaces but can be quoted by + <emphasis>"</emphasis> characters also escape + sequences <emphasis>\b</emphasis>, <emphasis>\n</emphasis>, and + <emphasis>\t</emphasis> are recognized. The fields are as follows: </para> - <para> - <replaceable>polydir</replaceable> <replaceable> instance_prefix</replaceable> <replaceable> method</replaceable> <replaceable> list_of_uids</replaceable> + <para><replaceable>polydir</replaceable> <replaceable>instance_prefix</replaceable> <replaceable>method</replaceable> <replaceable>list_of_uids</replaceable> </para> <para> The first field, <replaceable>polydir</replaceable>, is the absolute - pathname of the directory to polyinstantiate. Special entry $HOME is - supported to designate user's home directory. This field cannot be - blank. + pathname of the directory to polyinstantiate. The special string + <emphasis>$HOME</emphasis> is replaced with the user's home directory, + and <emphasis>$USER</emphasis> with the username. This field cannot + be blank. </para> <para> @@ -62,12 +67,9 @@ instance directory path. This directory is created if it did not exist already, and is then bind mounted on the <polydir> to provide an instance of <polydir> based on the <method> column. - The special string $HOME is replaced with the user's home directory, - and $USER with the username. This field cannot be blank. - The directory where polyinstantiated instances are to be - created, must exist and must have, by default, the mode of 000. The - requirement that the instance parent be of mode 000 can be overridden - with the command line option <replaceable>ignore_instance_parent_mode</replaceable> + The special string <emphasis>$HOME</emphasis> is replaced with the + user's home directory, and <emphasis>$USER</emphasis> with the username. + This field cannot be blank. </para> <para> @@ -92,6 +94,39 @@ </para> <para> + The <replaceable>method</replaceable> field can contain also following + optional flags separated by <emphasis>:</emphasis> characters. + </para> + + <para><emphasis>create</emphasis>=<replaceable>mode</replaceable>,<replaceable>owner</replaceable>,<replaceable>group</replaceable> + - create the polyinstantiated directory. The mode, owner and group parameters + are optional. The default for mode is determined by umask, the default + owner is the user whose session is opened, the default group is the + primary group of the user. + </para> + + <para><emphasis>iscript</emphasis>=<replaceable>path</replaceable> + - path to the instance directory init script. The base directory for relative + paths is <filename>/etc/security/namespace.d</filename>. + </para> + + <para><emphasis>noinit</emphasis> + - instance directory init script will not be executed. + </para> + + <para><emphasis>shared</emphasis> + - the instance directories for "context" and "level" methods will not + contain the user name and will be shared among all users. + </para> + + <para> + The directory where polyinstantiated instances are to be + created, must exist and must have, by default, the mode of 0000. The + requirement that the instance parent be of mode 0000 can be overridden + with the command line option <emphasis>ignore_instance_parent_mode</emphasis> + </para> + + <para> In case of context or level polyinstantiation the SELinux context which is used for polyinstantiation is the context used for executing a new process as obtained by getexeccon. This context must be set @@ -105,7 +140,7 @@ method and <user name>_<raw directory context> for "context" and "level" methods. If the whole string is too long the end of it is replaced with md5sum of itself. Also when command line option - <replaceable>gen_hash</replaceable> is used the whole string is replaced + <emphasis>gen_hash</emphasis> is used the whole string is replaced with md5sum of itself. </para> @@ -169,6 +204,7 @@ <title>AUTHORS</title> <para> The namespace.conf manual page was written by Janak Desai <janak@us.ibm.com>. + More features added by Tomas Mraz <tmraz@redhat.com>. </para> </refsect1> </refentry> |