diff options
| author | Jeff Layton <jlayton@redhat.com> | 2012-05-09 13:25:34 -0400 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2012-05-09 13:25:34 -0400 |
| commit | 623a550b16835685ddca3736a9a00218bd582a2f (patch) | |
| tree | 0ec5faf304e3f4d55f8ad05794fbd615062380d3 /support/export/export.c | |
| parent | b6a0ab1dfe85b84ab30a1b656a6bc88b9e025434 (diff) | |
| download | nfs-utils-623a550b16835685ddca3736a9a00218bd582a2f.tar.gz nfs-utils-623a550b16835685ddca3736a9a00218bd582a2f.tar.xz nfs-utils-623a550b16835685ddca3736a9a00218bd582a2f.zip | |
nfsdcld: add support for dropping capabilities
As a long running daemon, we need to be security-conscious with nfsdcld,
so let's prune what it can do down to nearly nothing.
We want the daemon to run as root so that it has access to open and
reopen the rpc_pipefs pipe, but we don't actually need any of the
superuser caps that come with it. Have it drop all capabilities early
on. We don't need any of them as long as the fsuid continues to be 0.
Once we do that though, check to ensure that the db dir is actually
usable by root w/o CAP_DAC_OVERRIDE. Do an access() check on it and
throw a warning if it's not. Hopefully that will assist users in
debugging if they get the ownership of the DB dir wrong.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'support/export/export.c')
0 files changed, 0 insertions, 0 deletions