Hi!
> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> write the signal number in base-10 ASCII to the kill file of the
> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
>
> Semantically, /proc/pid/kill works like kill(2), except that the
> process ID comes from
Quoting Christian Brauner (christian.brau...@canonical.com):
> On Thu, Nov 01, 2018 at 01:40:59PM -0700, Joel Fernandes wrote:
> > On Tue, Oct 30, 2018 at 09:24:00PM -0700, Joel Fernandes wrote:
> > > On Tue, Oct 30, 2018 at 7:56 PM, Aleksa Sarai wrote:
> > > > On 2018-10-31, Christian Brauner
>
On Thu, Nov 01, 2018 at 01:40:59PM -0700, Joel Fernandes wrote:
> On Tue, Oct 30, 2018 at 09:24:00PM -0700, Joel Fernandes wrote:
> > On Tue, Oct 30, 2018 at 7:56 PM, Aleksa Sarai wrote:
> > > On 2018-10-31, Christian Brauner wrote:
> > >> > I think Aleksa's larger point is that it's useful to tr
On Tue, Oct 30, 2018 at 09:24:00PM -0700, Joel Fernandes wrote:
> On Tue, Oct 30, 2018 at 7:56 PM, Aleksa Sarai wrote:
> > On 2018-10-31, Christian Brauner wrote:
> >> > I think Aleksa's larger point is that it's useful to treat processes
> >> > as other file-descriptor-named, poll-able, wait-abl
On Thu, Nov 1, 2018 at 11:53 AM, David Laight wrote:
> From: Sent: 31 October 2018 13:28
> ...
>> * I actually have a local variant of the patch that would have you
>> open "/proc/$PID/kill/$SIGNO" instead, since different signal numbers
>> have different permission checks.
>
> I think you'd need
From: Sent: 31 October 2018 13:28
...
> * I actually have a local variant of the patch that would have you
> open "/proc/$PID/kill/$SIGNO" instead, since different signal numbers
> have different permission checks.
I think you'd need the open() to specify some specific unusual
open modes.
Otherwis
On Wed, Oct 31, 2018 at 9:23 AM Jann Horn wrote:
>
> +linux-api, Andy Lutomirski, Eric Biederman
>
> On Wed, Oct 31, 2018 at 3:12 AM Daniel Colascione wrote:
> > Add a simple proc-based kill interface. To use /proc/pid/kill, just
> > write the signal number in base-10 ASCII to the kill file of th
+linux-api, Andy Lutomirski, Eric Biederman
On Wed, Oct 31, 2018 at 3:12 AM Daniel Colascione wrote:
> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> write the signal number in base-10 ASCII to the kill file of the
> process to be killed: for example, 'echo 9 > /proc/$$/kil
On 10/31, Daniel Colascione wrote:
>
> > Confused... why? kill_ok_by_cred() should fail?
>
> Not if we don't run it. :-) I thought you were proposing that we do
> *all* access checks in open() and let write() succeed unconditionally,
Ah, no ;)
> Anyway, I sent a v2 patch that I think closes the h
On Wed, Oct 31, 2018 at 3:10 PM, Oleg Nesterov wrote:
> On 10/31, Daniel Colascione wrote:
>>
>> > perhaps it would be simpler to do
>> >
>> > my_cred = override_creds(file->f_cred);
>> > kill_pid(...);
>> > revert_creds(my_cred);
>>
>> Thanks for the suggestion. That looks
On 10/31, Daniel Colascione wrote:
>
> > perhaps it would be simpler to do
> >
> > my_cred = override_creds(file->f_cred);
> > kill_pid(...);
> > revert_creds(my_cred);
>
> Thanks for the suggestion. That looks neat, but it's not quite enough.
> The problem is that check_kil
On Wed, Oct 31, 2018 at 12:44 PM, Oleg Nesterov wrote:
> On 10/30, Eric W. Biederman wrote:
>>
>> At a bare minimum you need to perform the permission check using the
>> credentials of the opener of the file.Which means refactoring
>> kill_pid so that you can perform the permission check for k
On 10/30, Eric W. Biederman wrote:
>
> At a bare minimum you need to perform the permission check using the
> credentials of the opener of the file.Which means refactoring
> kill_pid so that you can perform the permission check for killing the
> application during open.
perhaps it would be sim
Christian Brauner writes:
> On Tue, Oct 30, 2018 at 12:12 PM Daniel Colascione wrote:
>>
>> On Tue, Oct 30, 2018 at 11:04 AM, Christian Brauner
>> wrote:
>> > On Tue, Oct 30, 2018 at 11:48 AM Daniel Colascione
>> > wrote:
>> >>
>> >> Why not?
>> >>
>> >> Does your proposed API allow for a rac
Aleksa Sarai writes:
> On 2018-10-29, Daniel Colascione wrote:
>> Add a simple proc-based kill interface. To use /proc/pid/kill, just
>> write the signal number in base-10 ASCII to the kill file of the
>> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
>>
>> Semantically, /proc/pid
Daniel Colascione writes:
> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> write the signal number in base-10 ASCII to the kill file of the
> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
>
> Semantically, /proc/pid/kill works like kill(2), except that the
>
On Tue, Oct 30, 2018 at 7:56 PM, Aleksa Sarai wrote:
> On 2018-10-31, Christian Brauner wrote:
>> > I think Aleksa's larger point is that it's useful to treat processes
>> > as other file-descriptor-named, poll-able, wait-able resources.
>> > Consistency is important. A process is just another sy
On 2018-10-31, Christian Brauner wrote:
> > I think Aleksa's larger point is that it's useful to treat processes
> > as other file-descriptor-named, poll-able, wait-able resources.
> > Consistency is important. A process is just another system resource,
> > and like any other system resource, you
On Wed, Oct 31, 2018 at 12:42 AM, Joel Fernandes wrote:
> On Wed, Oct 31, 2018 at 09:49:08AM +1100, Aleksa Sarai wrote:
>> On 2018-10-30, Joel Fernandes wrote:
>> > > > [...]
>> > > > > > > (Unfortunately
>> > > > > > > there are lots of things that make it a bit difficult to use
>> > > > > > >
On Wed, Oct 31, 2018 at 12:57 AM, Joel Fernandes wrote:
> On Tue, Oct 30, 2018 at 11:10:47PM +, Daniel Colascione wrote:
>> On Tue, Oct 30, 2018 at 10:33 PM, Joel Fernandes
>> wrote:
>> > On Wed, Oct 31, 2018 at 09:23:39AM +1100, Aleksa Sarai wrote:
>> >> On 2018-10-30, Joel Fernandes wrote
On Tue, Oct 30, 2018 at 11:10:47PM +, Daniel Colascione wrote:
> On Tue, Oct 30, 2018 at 10:33 PM, Joel Fernandes
> wrote:
> > On Wed, Oct 31, 2018 at 09:23:39AM +1100, Aleksa Sarai wrote:
> >> On 2018-10-30, Joel Fernandes wrote:
> >> > On Wed, Oct 31, 2018 at 07:45:01AM +1100, Aleksa Sarai
On Wed, Oct 31, 2018 at 09:49:08AM +1100, Aleksa Sarai wrote:
> On 2018-10-30, Joel Fernandes wrote:
> > > > [...]
> > > > > > > (Unfortunately
> > > > > > > there are lots of things that make it a bit difficult to use
> > > > > > > /proc/$pid
> > > > > > > exclusively for introspection of a pro
On Tue, Oct 30, 2018 at 11:23 PM, Christian Brauner
wrote:
> On Wed, Oct 31, 2018 at 12:10 AM Daniel Colascione wrote:
>> I think Aleksa's larger point is that it's useful to treat processes
>> as other file-descriptor-named, poll-able, wait-able resources.
>> Consistency is important. A process
On Wed, Oct 31, 2018 at 12:10 AM Daniel Colascione wrote:
>
> On Tue, Oct 30, 2018 at 10:33 PM, Joel Fernandes
> wrote:
> > On Wed, Oct 31, 2018 at 09:23:39AM +1100, Aleksa Sarai wrote:
> >> On 2018-10-30, Joel Fernandes wrote:
> >> > On Wed, Oct 31, 2018 at 07:45:01AM +1100, Aleksa Sarai wrote
On Tue, Oct 30, 2018 at 10:33 PM, Joel Fernandes wrote:
> On Wed, Oct 31, 2018 at 09:23:39AM +1100, Aleksa Sarai wrote:
>> On 2018-10-30, Joel Fernandes wrote:
>> > On Wed, Oct 31, 2018 at 07:45:01AM +1100, Aleksa Sarai wrote:
>> > [...]
>> > > > > (Unfortunately
>> > > > > there are lots of thin
On 2018-10-30, Joel Fernandes wrote:
> > > [...]
> > > > > > (Unfortunately
> > > > > > there are lots of things that make it a bit difficult to use
> > > > > > /proc/$pid
> > > > > > exclusively for introspection of a process -- especially in the
> > > > > > context
> > > > > > of containers.)
On Wed, Oct 31, 2018 at 09:23:39AM +1100, Aleksa Sarai wrote:
> On 2018-10-30, Joel Fernandes wrote:
> > On Wed, Oct 31, 2018 at 07:45:01AM +1100, Aleksa Sarai wrote:
> > [...]
> > > > > (Unfortunately
> > > > > there are lots of things that make it a bit difficult to use
> > > > > /proc/$pid
>
On 2018-10-30, Joel Fernandes wrote:
> On Wed, Oct 31, 2018 at 07:45:01AM +1100, Aleksa Sarai wrote:
> [...]
> > > > (Unfortunately
> > > > there are lots of things that make it a bit difficult to use /proc/$pid
> > > > exclusively for introspection of a process -- especially in the context
> > >
On Wed, Oct 31, 2018 at 07:45:01AM +1100, Aleksa Sarai wrote:
[...]
> > > (Unfortunately
> > > there are lots of things that make it a bit difficult to use /proc/$pid
> > > exclusively for introspection of a process -- especially in the context
> > > of containers.)
> >
> > Tons of things already
On 2018-10-30, Daniel Colascione wrote:
> >> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> >> write the signal number in base-10 ASCII to the kill file of the
> >> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
> >>
> >> Semantically, /proc/pid/kill works like
On Tue, Oct 30, 2018 at 1:50 AM Daniel Colascione wrote:
>
> On Tue, Oct 30, 2018 at 3:21 AM, Joel Fernandes wrote:
> > On Mon, Oct 29, 2018 at 3:11 PM Daniel Colascione wrote:
> >>
> >> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> >> write the signal number in base-10 A
On Tue, Oct 30, 2018 at 12:12 PM Daniel Colascione wrote:
>
> On Tue, Oct 30, 2018 at 11:04 AM, Christian Brauner
> wrote:
> > On Tue, Oct 30, 2018 at 11:48 AM Daniel Colascione
> > wrote:
> >>
> >> On Tue, Oct 30, 2018 at 10:40 AM, Christian Brauner
> >> wrote:
> >> > On Tue, Oct 30, 2018 at
On Tue, Oct 30, 2018 at 11:04 AM, Christian Brauner
wrote:
> On Tue, Oct 30, 2018 at 11:48 AM Daniel Colascione wrote:
>>
>> On Tue, Oct 30, 2018 at 10:40 AM, Christian Brauner
>> wrote:
>> > On Tue, Oct 30, 2018 at 11:39:11AM +0100, Christian Brauner wrote:
>> >> On Tue, Oct 30, 2018 at 08:50:2
On Tue, Oct 30, 2018 at 11:48 AM Daniel Colascione wrote:
>
> On Tue, Oct 30, 2018 at 10:40 AM, Christian Brauner
> wrote:
> > On Tue, Oct 30, 2018 at 11:39:11AM +0100, Christian Brauner wrote:
> >> On Tue, Oct 30, 2018 at 08:50:22AM +, Daniel Colascione wrote:
> >> > On Tue, Oct 30, 2018 at
On Tue, Oct 30, 2018 at 10:40 AM, Christian Brauner
wrote:
> On Tue, Oct 30, 2018 at 11:39:11AM +0100, Christian Brauner wrote:
>> On Tue, Oct 30, 2018 at 08:50:22AM +, Daniel Colascione wrote:
>> > On Tue, Oct 30, 2018 at 3:21 AM, Joel Fernandes wrote:
>> > > On Mon, Oct 29, 2018 at 3:11 PM
On Tue, Oct 30, 2018 at 11:39:11AM +0100, Christian Brauner wrote:
> On Tue, Oct 30, 2018 at 08:50:22AM +, Daniel Colascione wrote:
> > On Tue, Oct 30, 2018 at 3:21 AM, Joel Fernandes wrote:
> > > On Mon, Oct 29, 2018 at 3:11 PM Daniel Colascione
> > > wrote:
> > >>
> > >> Add a simple proc-
On Tue, Oct 30, 2018 at 08:50:22AM +, Daniel Colascione wrote:
> On Tue, Oct 30, 2018 at 3:21 AM, Joel Fernandes wrote:
> > On Mon, Oct 29, 2018 at 3:11 PM Daniel Colascione wrote:
> >>
> >> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> >> write the signal number in ba
On Tue, Oct 30, 2018 at 5:00 AM, Aleksa Sarai wrote:
> On 2018-10-29, Daniel Colascione wrote:
>> Add a simple proc-based kill interface. To use /proc/pid/kill, just
>> write the signal number in base-10 ASCII to the kill file of the
>> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
On Tue, Oct 30, 2018 at 3:21 AM, Joel Fernandes wrote:
> On Mon, Oct 29, 2018 at 3:11 PM Daniel Colascione wrote:
>>
>> Add a simple proc-based kill interface. To use /proc/pid/kill, just
>> write the signal number in base-10 ASCII to the kill file of the
>> process to be killed: for example, 'ec
On 2018-10-29, Daniel Colascione wrote:
> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> write the signal number in base-10 ASCII to the kill file of the
> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
>
> Semantically, /proc/pid/kill works like kill(2), exce
On Mon, Oct 29, 2018 at 3:11 PM Daniel Colascione wrote:
>
> Add a simple proc-based kill interface. To use /proc/pid/kill, just
> write the signal number in base-10 ASCII to the kill file of the
> process to be killed: for example, 'echo 9 > /proc/$$/kill'.
>
> Semantically, /proc/pid/kill works
41 matches
Mail list logo