Ack (not tested).
Note that this does not completely solve the problem reported in ticket
451. amfwd must check if it is running with user id zero, and if not,
add the string "sudo " to the beginning of the command line when calling
the killall program.
regards,
Anders Widell
2013-07-31 14:46, mathi.naic...@oracle.com skrev:
> 00-README.conf | 2 +-
> opensaf.spec.in | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
>
> amfwd uses the killall program to send the ABRT signal to amdnd.
> This works if amfwd is running as root, but not if it is running
> as the opensaf user (since the amfnd process is running as root even if amfwd
> is not).
> This patch adds killall to the sudoers to the rpm spec.
>
> diff --git a/00-README.conf b/00-README.conf
> --- a/00-README.conf
> +++ b/00-README.conf
> @@ -13,7 +13,7 @@ From 4.2 onwards, upon a 'make install'
> to be done to configure OpenSAF processes to run as the UNIX system user
> "opensaf":
>
> 1) useradd -r -g opensaf -d /usr/local/share/opensaf/ -s /sbin/nologin -c
> "OpenSAF" opensaf
> -2) echo "opensaf ALL = NOPASSWD: /sbin/reboot, /sbin/tipc-config,
> /usr/bin/pkill" >> /etc/sudoers
> +2) echo "opensaf ALL = NOPASSWD: /sbin/reboot, /sbin/tipc-config,
> /usr/bin/pkill, /usr/bin/killall" >> /etc/sudoers
> 3) echo 'Defaults:%opensaf !requiretty' >> /etc/sudoers
> 4) echo 'Defaults:opensaf !requiretty' >> /etc/sudoers
> 5) chown opensaf /var/lib/opensaf
> diff --git a/opensaf.spec.in b/opensaf.spec.in
> --- a/opensaf.spec.in
> +++ b/opensaf.spec.in
> @@ -747,7 +747,7 @@ getent group %{opensaf_group} > /dev/nul
> getent passwd %{opensaf_user} > /dev/null || \
> useradd -r -g %{opensaf_user} -d %{_pkgdatadir} -s /sbin/nologin -c
> "OpenSAF" %{opensaf_user}
> if ! grep %{opensaf_user} /etc/sudoers > /dev/null; then
> - echo '%{opensaf_user} ALL = NOPASSWD: /sbin/reboot, /sbin/tipc-config,
> /usr/bin/pkill' >> /etc/sudoers
> + echo '%{opensaf_user} ALL = NOPASSWD: /sbin/reboot, /sbin/tipc-config,
> /usr/bin/pkill, /usr/bin/killall' >> /etc/sudoers
> echo 'Defaults:%opensaf !requiretty' >> /etc/sudoers
> echo 'Defaults:opensaf !requiretty' >> /etc/sudoers
> fi
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-devel mailing list
Opensaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensaf-devel
