← Back to branch summary

~kees/eucalyptus/lp436977

« back to all changes in this revision

Viewing changes to util/wrappers.conf

  • Committer: Kees Cook
  • Date: 2009-10-06 20:52:06 UTC
  • Revision ID: kees@outflux.net-20091006205206-ps7pvee616tqdj2x
https://launchpad.net/bugs/436977
* Attempt to limit the scope of euca_rootwrap, with wrapper configuration
  and helper scripts (LP: #436977):
  - tools/dd-lv, tools/kill-vblade, tools/modprobe-aoe
  - util/euca_rootwrap.c, util/wrappers.conf

Show diffs side-by-side

added added

removed removed

Lines of Context:
util/wrappers.conf
 
1
# wrapper-name      fully-qualified-path                            uid-or-capability-to-use
 
2
#
 
3
# Networking
 
4
ip                  /sbin/ip                                        0 #cap_net_admin
 
5
iptables            /sbin/iptables                                  0 #cap_net_admin
 
6
iptables-save       /sbin/iptables-save                             0 #cap_net_admin
 
7
iptables-restore    /sbin/iptables-restore                          0 #cap_net_admin
 
8
euca_ipt            /usr/share/eucalyptus/euca_ipt                  0 #cap_net_admin # where does this write its tempfiles?
 
9
dhcpd3              /usr/sbin/dhcpd3                                0 #cap_net_admin
 
10
vtund               /usr/sbin/vtund                                 0 #cap_net_admin
 
11
vconfig             /sbin/vconfig                                   0 #cap_net_admin
 
12
brctl               /usr/sbin/brctl                                 0 #cap_net_admin
 
13
# Helpers
 
14
vblade              /usr/sbin/vblade                                0
 
15
get_sys_info        /usr/share/eucalyptus/get_sys_info              0
 
16
get_xen_info        /usr/share/eucalyptus/get_xen_info              0
 
17
add_key.pl          /usr/share/eucalyptus/add_key.pl                0
 
18
partition2disk      /usr/share/eucalyptus/partition2disk            0
 
19
gen_kvm_libvirt_xml /usr/share/eucalyptus/gen_kvm_libvirt_xml       0
 
20
gen_libvirt_xml     /usr/share/eucalyptus/gen_libvirt_xml           0
 
21
detach.pl           /usr/share/eucalyptus/detach.pl                 0
 
22
# Services
 
23
powernap            /etc/init.d/powernap                            0
 
24
# LVM management
 
25
losetup             /sbin/losetup                                   0
 
26
lvm                 /sbin/lvm                                       0
 
27
pvcreate            /sbin/pvcreate                                  0
 
28
vgcreate            /sbin/vgcreate                                  0
 
29
vgextend            /sbin/vgextend                                  0
 
30
lvremove            /sbin/lvremove                                  0
 
31
lvchange            /sbin/lvchange                                  0
 
32
vgremove            /sbin/vgremove                                  0
 
33
pvremove            /sbin/pvremove                                  0
 
34
vgreduce            /sbin/vgreduce                                  0
 
35
dmsetup             /sbin/dmsetup                                   0
 
36
# redirected wrappers
 
37
modprobe            /usr/share/eucalyptus/modprobe-aoe              0 #cap_sys_module
 
38
kill                /usr/share/eucalyptus/kill-vblade               0
 
39
dd                  /usr/share/eucalyptus/dd-lv                     0
 
40
# need to write wrapper
 
41
chgrp               /usr/share/eucalyptus/chgrp-dhcp                0
 
42
chmod               /usr/share/eucalyptus/chmod-dhcp                0
 
43
# These do not need root wrapping
 
44
cat                 /bin/cat
 
45
powerwake           /usr/bin/powerwake
 
46
virsh               /usr/bin/virsh