Return to readme.privsep CVS log | Up to [Pegasus] / pegasus |
1 kumpf 1.1.4.2 Using Pegasus Privilege Separation Functionality 2 3 Privilege separation was added to Pegasus starting with Pegasus 2.7. This 4 is a security feature. It allows separation of the functionality so that 5 only a minimal set of code runs as a privileged user (ex. root) in a 6 separate process (the executor). The majority of pegasus runs as a 7 nonprivileged user (the cim server). The CIM Server makes requests on the 8 executor for functions that require root privilege. 9 10 The privilege separation functionality is documented in PEP 286. 11 | ||
12 kumpf 1.1.4.3 cimserver is the executor program (see src/Executor). 13 cimservermain is the server program (see src/Server and 14 src/Pegasus/Common/Executor.h). | ||
15 kumpf 1.1.4.2 16 Privilege separation is build-time optional functionality. To enable privilege 17 separation, define the following environment variable before compiling. 18 19 PEGASUS_ENABLE_PRIVILEGE_SEPARATION=true 20 21 If this build variable is not set, the cimserver runs as the user under which 22 it was started and all privelege separation functionality is disabled. 23 24 The nonprivileged user for privilege separation is the user under which the 25 cimservermain component executes. 26 27 Upon startup the cimserver uses the config parameter "serverUser" to determine 28 this user name. 29 30 This user name is defined as follows: 31 32 1. optional serverUser=<user name> on the cimserver commandline 33 2. optional value of serverUser config parameter 34 3. default of "pegasus" if the the config parameter is not found in the 35 commandline or planned config file. 36 kumpf 1.1.4.2 | ||
37 kumpf 1.1.4.3 The defined user MUST exist or cimserver will terminate immediately. | ||
38 kumpf 1.1.4.2 | ||
39 kumpf 1.1.4.3 4/9/2007 |
No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |