BIND 10 #1508: Move dropping root into sockcreator startup

BIND 10 Development do-not-reply at isc.org
Fri Jan 6 22:26:57 UTC 2012 

#1508: Move dropping root into sockcreator startup
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:  UnAssigned
  vorner                             |                Status:  reviewing
                       Type:  task   |             Milestone:
                   Priority:         |  Sprint-20120110
  blocker                            |            Resolution:
                  Component:  Boss   |             Sensitive:  0
  of BIND                            |           Sub-Project:  Core
                   Keywords:         |  Estimated Difficulty:  4
            Defect Severity:  N/A    |           Total Hours:  0
Feature Depending on Ticket:         |
  Socket creator                     |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------

Comment (by jinmei):

 The code seems to do what it seems to intend to do.  But I have some
 higher level comment.

 BIND10_SETUID is now used far from it's defined.  It's also not very
 obvious that it changes the UID of boss itself now it's done in
 something named "SockCreator".  Can't all of these be done in the
 main boss code?...and, thinking about it from this point, I now
 personally think the idea of pseudo "setuid" component wasn't that
 bad.  Whether or when to change uid is in itself independent from
 the sock creator component; it's the business of the main boss
 logic.  So, rather than pushing this logic to SockCreator, it seems
 to me to make more sense if we separate it from SockCreator and let
 the (main) boss control whether and how to do it.  (Keep) using th
 SetUID component is one way to do that; on looking at the code again,
 I also wonder whether we could do it more explicitly (and separately
 from the component framework) around start_all_components.  That is,
 Rather than starting all core components at once:
 {{{#!python
         # Start the real core (sockcreator, msgq, cfgmgr)
         self._component_configurator.startup(self.__core_components)
 }}}
 we might make it one step more gradual: first start the socket
 creator; then the boss explicitly change uid (if specified so by -u);
 then start the rest of the core components.

-- 
Ticket URL: <http://bind10.isc.org/ticket/1508#comment:7>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list