Page MenuHomeFreeBSD
Files F136583438

D53747.id166390.diff
No OneTemporary
Actions

D53747.id166390.diff
View Options

diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -55,6 +55,7 @@
_svcj_generic_params="path=/ mount.nodevfs host=inherit"
JID=0
CPUSET="/bin/cpuset"
+SETAUDIT="/usr/sbin/setaudit"
# Cache the services that we loaded with load_rc_config.
_loaded_services=""
@@ -933,6 +934,9 @@
# Meant to be used in /etc/rc.conf to override
# ${command}.
#
+# ${name}_audit_user n Override the audit user for ${command},
+# specified as a user name or UID.
+#
# ${name}_chroot n Directory to chroot to before running ${command}
# Requires /usr to be mounted.
#
@@ -1151,6 +1155,15 @@
_cpusetcmd="$CPUSET -l $_cpuset"
fi
+ eval _audit_user=\$${name}_audit_user
+ if [ -z "$_audit_user" -a -n "$audit_user" ]; then
+ _audit_user=$audit_user
+ fi
+ _setauditcmd=
+ if [ -n "$_audit_user" ]; then
+ _setauditcmd="setaudit -U -a $_audit_user"
+ fi
+
# If a specific jail has a specific svcj request, honor it (YES/NO).
# If not (variable empty), evaluate the global svcj catch-all.
# A global YES can be overriden by a specific NO, and a global NO is overriden
@@ -1515,6 +1528,7 @@
_doit="\
${_nice:+nice -n $_nice }\
$_cpusetcmd \
+$_setauditcmd \
${_fib:+setfib -F $_fib }\
${_env:+env $_env }\
chroot ${_user:+-u $_user }${_group:+-g $_group }${_groups:+-G $_groups }\
@@ -1524,7 +1538,9 @@
_doit="\
${_fib:+setfib -F $_fib }\
${_env:+env $_env }\
-$_cpusetcmd $command $rc_flags $command_args"
+$_cpusetcmd \
+$_setauditcmd \
+$command $rc_flags $command_args"
if [ -n "$_user" ]; then
_doit="su -m $_user -c 'sh -c \"$_doit\"'"
fi

File Metadata

Mime Type
text/plain
Expires
Wed, Nov 19, 11:14 AM (12 h, 10 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
25300968
Default Alt Text
D53747.id166390.diff (1 KB)

Event Timeline