On Sun, Dec 9, 2012 at 2:24 PM, Pádraig Brady <P@xxxxxxxxxxxxxx> wrote: > On 12/08/2012 08:19 AM, Andy Lutomirski wrote: > >> +.BR \--securebits=(+|-)securebit,... >> +Sets or clears securebits. The valid securebits are \fInoroot\fP, >> \fInoroot_locked\fP, >> +\fIno_setuid_fixup\fP, \fIno_setuid_fixup_locked\fP, and >> \fIkeep_caps_locked\fP. >> +\fIkeep_caps\fP is cleared by >> +.BR execve (2) >> +and is therefore not allowed. > > > It might be good to at least mention this is in relation to > capabilities and add a cross reference to cap_ng(3) Agreed. > > >> + >> +.TP >> +.BR \--selinux-label >> +Requests a particular SELinux transition (using a transition on exec, not >> dyntrans). >> +This will fail and cause >> +.BR setpriv (1) >> +to abort if SELinux is not in use, and the transition may be ignored or >> cause >> +.BR execve (2) >> +to fail at SELinux's whim. (In particular, this is unlikely to work in >> conjunction >> +with \fIno_new_privs\fP.) > > > In general it could be good to reference specific tools > that can do the same thing. runcon(1) in this case. > Hmm. I'll do that. Admittedly, this functionality is not really needed here given that runcon exists, but it's certainly a reasonable thing to do when adjusting privilege. (OTOH, the selinux reference policy is extremely stingy about granting transition and entrypoint privileges, so it's not terribly useful.) > >> +.TP >> +.BR \-h , " \-\-help" >> +Print a help message, >> +.SH NOTES >> +If applying any specified option fails, \fIprogram\fP will not be run and >> +\fIsetpriv\fP will return with exit code 127. > > > It seems worth standardising on error. > Most commands that exec on behalf of another use something like > the following, which I snarfed from timeout(1): > > EXIT_CANCELED 125 internal error > EXIT_CANNOT_INVOKE 126 error executing job > EXIT_ENOENT 127 couldn't find job to exec > > So I suppose you could use 125 if there was an error setting an option, > so that an exec wasn't even tried. Will do. --Andy -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
