[gentoo-dev] Testing to see if services have crashed on hardened

[gentoo-dev] Testing to see if services have crashed on hardened

[Roy Marples]

Hi List.

I've just removed the code to check for euid when running services and instead 
relying on permissions of the service state dir and testing errno. This is a 
good thing, but it does have one side effect.

OpenRC can track daemons by how they were started. So every time you run 
rc-status it tests each reported service to ensure all daemons are up.  This 
also works fine unprivileged on normal boxes - except for hardened where 
users can only see their own processes.

This isn't really an easy answer, as we could have installed OpenRC in a 
prefix where this wouldn't apply, but we don't know that either.

Ideas anyone?

Thanks

Roy
-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Fabian Groffen]

On 21-03-2008 10:20:45 +0000, Roy Marples wrote:
> Hi List.
> 
> I've just removed the code to check for euid when running services and
> instead relying on permissions of the service state dir and testing
> errno. This is a good thing, but it does have one side effect.
> 
> OpenRC can track daemons by how they were started. So every time you
> run rc-status it tests each reported service to ensure all daemons are
> up.  This also works fine unprivileged on normal boxes - except for
> hardened where users can only see their own processes.

Assuming you would use libkvm, on Darwin this means as unprivileged user
(not using suid) you can't see any processes at all.

> This isn't really an easy answer, as we could have installed OpenRC in a 
> prefix where this wouldn't apply, but we don't know that either.
> 
> Ideas anyone?

Is there a way to just have some fallback method which is less
functional, but just uses some pid file with a lock or something?


-- 
Fabian Groffen
Gentoo on a different level
-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Roy Marples]

On Friday 21 March 2008 10:37:11 Fabian Groffen wrote:
> Assuming you would use libkvm, on Darwin this means as unprivileged user
> (not using suid) you can't see any processes at all.

That's different from FreeBSD and NetBSD then.

>
> > This isn't really an easy answer, as we could have installed OpenRC in a
> > prefix where this wouldn't apply, but we don't know that either.
> >
> > Ideas anyone?
>
> Is there a way to just have some fallback method which is less
> functional, but just uses some pid file with a lock or something?

Not all services use pidfiles. Also, some services re-fork and re-write their 
pidfiles and I'm not sure the lock would carry across in that instance.

Thanks

Roy
-- 
gentoo-dev@lists.gentoo.org mailing list

[gentoo-dev] Why no updates on delay of 2008.0 release

[Ben de Groot]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I thought we had learnt something about not communicating with our userbase, but
it looks like this lesson has already been forgotten. While I appreciate there
probably are valid reasons for the delay of the beta and the release of 2008.0,
I don't think there is any excuse not to update the published release schedule,
nor for the utter lack of communication about this issue with our users. A short
message on the frontpage of www.gentoo.org with a new (even if tentative) ETA,
and some kind of explanation for the delay would certainly be much appreciated.

Thanks,

Ben



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH5N8vi+u7I1rvkiYRAqGBAJ49SeDwGgvVpTdMCI8M1DZ5hncuBwCZAWXd
GsgP7gY2xuOARHmCcbbx6xU=
=W6u7
-----END PGP SIGNATURE-----
-- 
gentoo-dev@lists.gentoo.org mailing list

RE: [gentoo-dev] Why no updates on delay of 2008.0 release

[Sylvain Alain]

[-- Attachment #1: Type: text/plain, Size: 1421 bytes --]


Yeah, they should at least post on note on the gentoo.org to announce the delay.SalutalpSylvain> Date: Sat, 22 Mar 2008 11:27:59 +0100> From: yngwin@gentoo.org> To: gentoo-dev@lists.gentoo.org> Subject: [gentoo-dev] Why no updates on delay of 2008.0 release> > -----BEGIN PGP SIGNED MESSAGE-----> Hash: SHA1> > I thought we had learnt something about not communicating with our userbase, but> it looks like this lesson has already been forgotten. While I appreciate there> probably are valid reasons for the delay of the beta and the release of 2008.0,> I don't think there is any excuse not to update the published release schedule,> nor for the utter lack of communication about this issue with our users. A short> message on the frontpage of www.gentoo.org with a new (even if tentative) ETA,> and some kind of explanation for the delay would certainly be much appreciated.> > Thanks,> > Ben> > > > -----BEGIN PGP SIGNATURE-----> Version: GnuPG v2.0.7 (GNU/Linux)> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org> > iD8DBQFH5N8vi+u7I1rvkiYRAqGBAJ49SeDwGgvVpTdMCI8M1DZ5hncuBwCZAWXd> GsgP7gY2xuOARHmCcbbx6xU=> =W6u7> -----END PGP SIGNATURE-----> -- > gentoo-dev@lists.gentoo.org mailing list> 
_________________________________________________________________
This Valentine's Day, get creative and show your sweetheart how much you care with flair! Find fun date ideas here!
http://g.msn.ca/ca55/224

[-- Attachment #2: Type: text/html, Size: 1834 bytes --]

[gentoo-dev] Re: Why no updates on delay of 2008.0 release

[Duncan]

Sylvain Alain <d2_racing@hotmail.com> posted
BAY107-W20CF7A660BEE105841ACD7D6020@phx.gbl, excerpted below, on  Sat, 22
Mar 2008 15:39:18 +0000:

[snip a scrambled HTML mess]

Do you realize what a scrambled mess your post looked like to those who 
choose not to enable HTML for security or other reasons?

Please set the message to plain text next time.  You'll definitely get 
more and more favorable readers that way, as many will ignore the mess 
that was, or worse yet, treat it as spam and killfile the sender.

Whatever the parent said, I agree with the OP.  Some sort of 2008.0 
status update would be nice, even if it's simply "We're still working on 
it.  Currently, we're targeting a media release in xxx."  Add beta info 
and other details as available/desired.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

-- 
gentoo-dev@lists.gentoo.org mailing list

[gentoo-dev] Re: Why no updates on delay of 2008.0 release

[Christian Faulhammer]

[-- Attachment #1: Type: text/plain, Size: 1081 bytes --]

Hi,

Ben de Groot <yngwin@gentoo.org>:

> I thought we had learnt something about not communicating with our
> userbase, but it looks like this lesson has already been forgotten.
> While I appreciate there probably are valid reasons for the delay of
> the beta and the release of 2008.0, I don't think there is any excuse
> not to update the published release schedule, nor for the utter lack
> of communication about this issue with our users. A short message on
> the frontpage of www.gentoo.org with a new (even if tentative) ETA,
> and some kind of explanation for the delay would certainly be much
> appreciated.

 Yes please, people are asking a lot on the forums, so a news item
would be nice.  I contributed a rough draft but I have not enough
insight into the reasoning to make it something proper...a "2008.0 will
be delayed but we are still working on it" would be sufficient in my
eyes.

V-Li

-- 
Christian Faulhammer, Gentoo Lisp project
<URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode

<URL:http://www.faulhammer.org/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

RE: [gentoo-dev] Why no updates on delay of 2008.0 release

[Chrissy Fullam]

> I thought we had learnt something about not communicating with our userbase, but
> it looks like this lesson has already been forgotten. While I appreciate there
> probably are valid reasons for the delay of the beta and the release of 2008.0,
> I don't think there is any excuse not to update the published release schedule,
> nor for the utter lack of communication about this issue with our users. A short
> message on the frontpage of www.gentoo.org with a new (even if tentative) ETA,
> and some kind of explanation for the delay would certainly be much appreciated.

While communication was sent via unofficial means we had intended to project a level of understanding to those actively involved, the update is simple: the untimely and quite unexpected surgical "complication" resulting in the death of my mother has set back a number of schedules, personal/professional/gentoo, for both myself and wolf31o2. We hope developers and users alike can be somewhat sympathetic as the family tries to cope with our loss of this truly dynamic and incredible woman.
As a result, projects involving release engineering, developer relations, and events will be delayed until further notice.


Kind regards,
Christina Fullam
Gentoo Developer Relations Lead | Gentoo Public Relations 




--
gentoo-dev@lists.gentoo.org mailing list

[gentoo-dev] Re: Why no updates on delay of 2008.0 release

[Duncan]

"Chrissy Fullam" <musikc@gentoo.org> posted
000701c88c89$db499560$91dcc020$@org, excerpted below, on  Sat, 22 Mar 2008
19:01:39 -0700:

> [T]he update is simple: the untimely and quite unexpected surgical
> "complication" resulting in the death of my mother has set back a
> number of schedules, personal/professional/gentoo[.] 
> As a result, projects involving release engineering, developer
> relations, and events will be delayed until further notice.

Ouch!  Condolences then... and understanding.  I'm sure other users will 
be understanding too, as soon as they get word of the circumstances.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Why no updates on delay of 2008.0 release

[Richard Freeman]

Chrissy Fullam wrote:
 > Somebody else wrote:
>> ... I don't think there is any excuse not to update the published
>> release schedule,...

<snip>

> the update is simple: the untimely and quite unexpected surgical 
> "complication" resulting in the death of my mother has set back a 
> number of schedules,

Lesson:  Ask nicely before going into attack mode.  Don't assume the 
worst.  Consequently, avoid putting foot in mouth...

Try to remember that this is a volunteer-driven effort.  If you want it 
to stay vibrant we need to try to be nice to each other.  There have 
been many occasions where I've needed something from a gentoo dev - if 
you ask nicely there is a good chance you'll get it, and if you 
volunteer to help out in some way there is an even better chance.

I was just browsing the net today looking for some options for a 
bootable linux CD that would turn a workstation into a dvdrip cluster 
node.  Sadly I ran into several projects that would be almost exactly 
what I need, and most are dead for various reasons.  Open source is 
something that needs to be nurtured, and if we don't want to write code 
the least we can do is offer a little help of some sort to somebody who 
does.

No, that doesn't justify some of the more antisocial behavior some 
developers dump on users, but I think that Gentoo has managed to put 
some of that in the past (I've been impressed about how cordially some 
devs have been getting along in recent months).

Sure, maybe some things could be improved. But, new blood is always 
welcome, and there are signs of new life springing up (recent talk about 
PMS progressing, innovations in the kde overlay, talk of openrc going 
mainstream, activity on the -nfp front, etc).  Not that it ever really 
died in the first place, but I think that the future looks good for Gentoo.

Let's just try not to stamp out the enthusiasm before it spreads a 
little more...  :)
-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Why no updates on delay of 2008.0 release

[Ciaran McCreesh]

[-- Attachment #1: Type: text/plain, Size: 282 bytes --]

On Sun, 23 Mar 2008 08:17:45 -0400
Richard Freeman <rich0@gentoo.org> wrote:
> Lesson:  Ask nicely before going into attack mode.  Don't assume the 
> worst.  Consequently, avoid putting foot in mouth...

Lesson: Don't put all your eggs in one basket.

-- 
Ciaran McCreesh

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-dev] Why no updates on delay of 2008.0 release

[Ben de Groot]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Richard Freeman wrote:
|>> ... I don't think there is any excuse not to update the published
|>> release schedule,...
|
| <snip>
|
|> the update is simple: the untimely and quite unexpected surgical
|> "complication" resulting in the death of my mother has set back a
|> number of schedules,
|
| Lesson:  Ask nicely before going into attack mode.  Don't assume the
| worst.  Consequently, avoid putting foot in mouth...

I did ask nicely. In the #gentoo-releng IRC channel. No action was taken, and
coming across users every day who are wondering what is going on, is simply said
frustrating. And you misunderstand, I'm not assuming the worst, I just was
making my point forcefully, in order to communicate both the frustration of
users left in the dark and of devs dealing with these users, as well as the need
for action. It is not an attack, but a serious point of concern, that I strongly
feel we need to take action about.

I fully and wholeheartedly sympathize with musikc and wolf31o2. My condolences.
You guys should deal with your family situation, that speaks for itself. Please
don't misunderstand my OP as an attack. It wasn't directed at you at all.

All I want, all most users want, is an announcement by somebody else from the
releng team about the delay.


| Try to remember that this is a volunteer-driven effort.  If you want it
| to stay vibrant we need to try to be nice to each other.  There have
| been many occasions where I've needed something from a gentoo dev - if
| you ask nicely there is a good chance you'll get it, and if you
| volunteer to help out in some way there is an even better chance.

I completely understand we are all volunteers. You don't hear me saying "we have
to keep to the release schedule no matter what". I understand that there are
reasons for the delay (and in this case extremely serious reasons). You don't
hear me complain about that.

I went to the #gentoo-releng channel and suggested nicely that an announcement
about the delay would be much appreciated. I also offered my help if there was
anything I can do. I was told there isn't anything I can do, and that's fair
enough. I just wanted to make my point that I'm willing to help, not just
"complaining".


| Sure, maybe some things could be improved.

That is all I'm trying to achieve.

| But, new blood is always welcome

Of which I am a drop.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH5lRai+u7I1rvkiYRAnkhAJ9wCRx/klDFCdDgWCPBNoh+Bq/IAgCcCL94
/5UcqKQvbLERKKHLw+v1T2U=
=+FBB
-----END PGP SIGNATURE-----
-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Fabian Groffen]

On 21-03-2008 12:07:24 +0000, Roy Marples wrote:
> On Friday 21 March 2008 10:37:11 Fabian Groffen wrote:
> > Assuming you would use libkvm, on Darwin this means as unprivileged user
> > (not using suid) you can't see any processes at all.
> 
> That's different from FreeBSD and NetBSD then.

Indeed.  And I just found out that Leopard (10.5) dropped the entire kvm
which wasn't working to funky anyway.  I just made some implementation
of walking through all running processes for portage-utils' `qlop -c`
using sysctl calls -- the way to do it on Darwin, and that works even as
normal unprivileged user, so I guess we can just use that.

> > Is there a way to just have some fallback method which is less
> > functional, but just uses some pid file with a lock or something?
> 
> Not all services use pidfiles. Also, some services re-fork and re-write their 
> pidfiles and I'm not sure the lock would carry across in that instance.

I was thinking of a wrapping process, but I only later realised that
this isn't working since many/most daemons fork into the background, so
you loose the control over it anyway.


-- 
Fabian Groffen
Gentoo on a different level
-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Natanael Copa]

On Fri, 2008-03-21 at 10:20 +0000, Roy Marples wrote:
> Hi List.
> 
> I've just removed the code to check for euid when running services and instead 
> relying on permissions of the service state dir and testing errno. This is a 
> good thing, but it does have one side effect.
> 
> OpenRC can track daemons by how they were started. So every time you run 
> rc-status it tests each reported service to ensure all daemons are up.  This 
> also works fine unprivileged on normal boxes - except for hardened where 
> users can only see their own processes.
> 
> This isn't really an easy answer, as we could have installed OpenRC in a 
> prefix where this wouldn't apply, but we don't know that either.
> 
> Ideas anyone?

err... run rc-status as root?

I mean if you are not supposed to see if a process is running or not as
normal user, then hardned is doin it's job when does not allow rc-status
to show this info to the unprivileged user.

if (!HARDENED || (HARDENED && euid=0) {
	/* show if process is running or not */
}

> Thanks
> 
> Roy

-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Roy Marples]

On Friday 21 March 2008 10:44:12 Natanael Copa wrote:
> err... run rc-status as root?
>
> I mean if you are not supposed to see if a process is running or not as
> normal user, then hardned is doin it's job when does not allow rc-status
> to show this info to the unprivileged user.
>
> if (!HARDENED || (HARDENED && euid=0) {
> 	/* show if process is running or not */
> }

Ideally I'd like a runtime catch rather than a define for this though, but 
that's probably the best idea thus far.

Thanks

Roy
-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Natanael Copa]

On Fri, 2008-03-21 at 12:08 +0000, Roy Marples wrote:
> On Friday 21 March 2008 10:44:12 Natanael Copa wrote:
> > err... run rc-status as root?
> >
> > I mean if you are not supposed to see if a process is running or not as
> > normal user, then hardned is doin it's job when does not allow rc-status
> > to show this info to the unprivileged user.
> >
> > if (!HARDENED || (HARDENED && euid=0) {
> > 	/* show if process is running or not */
> > }
> 
> Ideally I'd like a runtime catch rather than a define for this though, but 
> that's probably the best idea thus far.

/* pid 1 is most likely owned by root */
hardened = pid_is_running(1);
if (!hardened || (hardened && euid==0) {
....

-nc
	
> 
> Thanks

Thanks for working on openrc.

> Roy

-- 
gentoo-dev@lists.gentoo.org mailing list

Re: [gentoo-dev] Testing to see if services have crashed on hardened

[Roy Marples]

On Friday 21 March 2008 12:39:48 Natanael Copa wrote:
> /* pid 1 is most likely owned by root */
> hardened = pid_is_running(1);
> if (!hardened || (hardened && euid==0) {

OK, we'll go with that for the time being.

Thanks

Roy
-- 
gentoo-dev@lists.gentoo.org mailing list