[Freedombox-discuss] FBx config mgmt update

bnewbold at robocracy.org bnewbold at robocracy.org
Sun Jul 15 04:24:45 UTC 2012


Forgot to update this list, but I submitted a pull request to the Plinth 
repository:

   https://github.com/jvasile/Plinth/pull/2

The core of the changes I made are also available in a separate 
repository:

   https://github.com/bnewbold/exmachina
   http://git.bnewbold.net/?p=exmachina.git;a=summary

The scheme is pretty complicated and the init.d script is ugly, but the 
end result is privilege separation and less complicated configuration 
setting code. I implemented hostname changing as an example, but 
(ironically?) changing the timezone with /etc/timezone is not supported by 
augeas out of the box (that I could find). augeas added configuration file 
lenses for openvpn configuration some years ago, but I haven't tested 
them.

-bryan

On Tue, 10 Jul 2012, bnewbold at robocracy.org wrote:

>
> Spoke with James and a few others here at the OpenITP event, notes and a 
> rought plan are below. Some of this feels like reinventing the wheel; a 
> future/mature implementation might use:
>
>  D-Bus for message passing, PolicyKit for access control, Augeas for
>  read/write
>
>    or
>
>  building off ubus (IPC from OpenWrt) and netif (network interface
>  configuration from OpenWrt), extending with augeas configuration
>
>    or
>
>  libassuan (from GPG) to handle narrow scope trusted IPC
>
> But for now i'm just going to bang something out so that plinth can use the 
> python-augeas interface through an access controlled unix domain pipe.
>
> -----------------------------------------------------------------------------
>
> requirements/compromises:
> - scope of configuration middleware is "regular" system files, mostly in /etc
>  (no user/identity management)
> - files should be edited "in place"
> - local changes should be respected
> - single root/wheel permissions level for reading, writing, and applying 
> changes
> - configuration "versioning" taken as a seperate problem from editing
> - "client code" (aka plinth) is responsible for semantic/logical validation,
>  and service restarts
>
> new program: "exmachina: hand of root"
>  configuration management daemon which runs with root permissions,
>  listens on a unix domain socket with access controlled by filesystem
>  permissions. uses a very simple api to provide access to augeas
>  configuration file editing and service restarts.
>
>  plinth/apache, running not-as-root, is passed access at startup (ENV vars?
>  file handle pass?)
>
>  single-thread, serializes edits
>
>  simple, written in python (for now), including python "client library"
>  which replicates python-augeas interface
>
> extra features (somedaymaybe):
>  general purpose ncurses, gui, or web interface
>  no-downtime reloads of daemon via HUP (a la nginx)
>  fine-grain ACL
>  dpkg installation
>  general purpose features: process execution, package installation, file
>      read/write
>
> -bryan
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>



More information about the Freedombox-discuss mailing list