[Freedombox-discuss] FBx config mgmt update
bnewbold at robocracy.org
bnewbold at robocracy.org
Sun Jul 15 04:24:45 UTC 2012
Forgot to update this list, but I submitted a pull request to the Plinth
repository:
https://github.com/jvasile/Plinth/pull/2
The core of the changes I made are also available in a separate
repository:
https://github.com/bnewbold/exmachina
http://git.bnewbold.net/?p=exmachina.git;a=summary
The scheme is pretty complicated and the init.d script is ugly, but the
end result is privilege separation and less complicated configuration
setting code. I implemented hostname changing as an example, but
(ironically?) changing the timezone with /etc/timezone is not supported by
augeas out of the box (that I could find). augeas added configuration file
lenses for openvpn configuration some years ago, but I haven't tested
them.
-bryan
On Tue, 10 Jul 2012, bnewbold at robocracy.org wrote:
>
> Spoke with James and a few others here at the OpenITP event, notes and a
> rought plan are below. Some of this feels like reinventing the wheel; a
> future/mature implementation might use:
>
> D-Bus for message passing, PolicyKit for access control, Augeas for
> read/write
>
> or
>
> building off ubus (IPC from OpenWrt) and netif (network interface
> configuration from OpenWrt), extending with augeas configuration
>
> or
>
> libassuan (from GPG) to handle narrow scope trusted IPC
>
> But for now i'm just going to bang something out so that plinth can use the
> python-augeas interface through an access controlled unix domain pipe.
>
> -----------------------------------------------------------------------------
>
> requirements/compromises:
> - scope of configuration middleware is "regular" system files, mostly in /etc
> (no user/identity management)
> - files should be edited "in place"
> - local changes should be respected
> - single root/wheel permissions level for reading, writing, and applying
> changes
> - configuration "versioning" taken as a seperate problem from editing
> - "client code" (aka plinth) is responsible for semantic/logical validation,
> and service restarts
>
> new program: "exmachina: hand of root"
> configuration management daemon which runs with root permissions,
> listens on a unix domain socket with access controlled by filesystem
> permissions. uses a very simple api to provide access to augeas
> configuration file editing and service restarts.
>
> plinth/apache, running not-as-root, is passed access at startup (ENV vars?
> file handle pass?)
>
> single-thread, serializes edits
>
> simple, written in python (for now), including python "client library"
> which replicates python-augeas interface
>
> extra features (somedaymaybe):
> general purpose ncurses, gui, or web interface
> no-downtime reloads of daemon via HUP (a la nginx)
> fine-grain ACL
> dpkg installation
> general purpose features: process execution, package installation, file
> read/write
>
> -bryan
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
More information about the Freedombox-discuss
mailing list