nm-sudo: rename to nm-priv-helper
The name "nm-sudo" reminds of the "sudo" tool, and this is a bit
confusing because it's not related. Rename the service to
"nm-priv-helper", which stands for "NM privileged helper".
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/938
(cherry picked from commit d68ab6b8f0
)
This commit is contained in:
@@ -11,7 +11,7 @@ if install_systemdunitdir
|
||||
services = [
|
||||
'NetworkManager-dispatcher.service.in',
|
||||
'NetworkManager.service.in',
|
||||
'nm-sudo.service.in',
|
||||
'nm-priv-helper.service.in',
|
||||
]
|
||||
|
||||
if have_systemd_200
|
||||
|
79
data/nm-priv-helper.service.in
Normal file
79
data/nm-priv-helper.service.in
Normal file
@@ -0,0 +1,79 @@
|
||||
[Unit]
|
||||
Description=NetworkManager Privileged Helper
|
||||
|
||||
#
|
||||
# nm-priv-helper exists for privilege separation. It allows to run
|
||||
# NetworkManager without certain capabilities, and ask nm-priv-helper
|
||||
# for special operations where more privileges are required.
|
||||
#
|
||||
|
||||
# While nm-priv-helper has privileges that NetworkManager has not, it
|
||||
# does not mean that itself should run totally unconstrained. On the
|
||||
# contrary, it also should only have permissions it requires.
|
||||
#
|
||||
# nm-priv-helper rejects all requests that come from any other than the
|
||||
# name owner of "org.freedesktop.NetworkManager" (that is,
|
||||
# NetworkManager process itself). It is thus only an implementation
|
||||
# detail and provides no public API to the user.
|
||||
|
||||
[Service]
|
||||
Type=dbus
|
||||
BusName=org.freedesktop.nm-priv-helper
|
||||
ExecStart=@libexecdir@/nm-priv-helper
|
||||
NotifyAccess=main
|
||||
|
||||
# Extra configuration options. Set via `systemctl edit
|
||||
# nm-priv-helper.service`:
|
||||
#
|
||||
# FOR TESTING ONLY: disable authentication to allow requests from
|
||||
# everybody. Don't set this outside of testing!
|
||||
#Environment=NM_PRIV_HELPER_NO_AUTH_FOR_TESTING=1
|
||||
#
|
||||
# The logging level for debug messages (to stdout).
|
||||
#Environment=NM_PRIV_HELPER_LOG=TRACE
|
||||
#
|
||||
# nm-priv-helper will exit on idle after timeout. Set timeout here or
|
||||
# set to 2147483647 for infinity.
|
||||
|
||||
#Environment=NM_PRIV_HELPER_IDLE_TIMEOUT_MSEC=10000
|
||||
|
||||
|
||||
# Restrict:
|
||||
AmbientCapabilities=
|
||||
CapabilityBoundingSet=
|
||||
PrivateDevices=true
|
||||
PrivateMounts=true
|
||||
PrivateNetwork=true
|
||||
PrivateTmp=true
|
||||
ProtectClock=true
|
||||
ProtectControlGroups=true
|
||||
ProtectHome=true
|
||||
ProtectHostname=true
|
||||
ProtectKernelLogs=true
|
||||
ProtectKernelModules=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectSystem=strict
|
||||
RestrictAddressFamilies=
|
||||
RestrictNamespaces=true
|
||||
SystemCallFilter=~@clock
|
||||
SystemCallFilter=~@cpu-emulation
|
||||
SystemCallFilter=~@debug
|
||||
SystemCallFilter=~@module
|
||||
SystemCallFilter=~@mount
|
||||
SystemCallFilter=~@obsolete
|
||||
SystemCallFilter=~@privileged
|
||||
SystemCallFilter=~@raw-io
|
||||
SystemCallFilter=~@reboot
|
||||
SystemCallFilter=~@swap
|
||||
NoNewPrivileges=true
|
||||
SupplementaryGroups=
|
||||
|
||||
# Grant:
|
||||
CapabilityBoundingSet=CAP_DAC_OVERRIDE
|
||||
PrivateUsers=no
|
||||
RestrictAddressFamilies=AF_UNIX
|
||||
SystemCallFilter=@resources
|
||||
|
||||
|
||||
[Install]
|
||||
Alias=dbus-org.freedesktop.nm-priv-helper.service
|
@@ -1,75 +0,0 @@
|
||||
[Unit]
|
||||
Description=NetworkManager Sudo Helper
|
||||
#
|
||||
# nm-sudo exists for privilege separation. It allows to run NetworkManager
|
||||
# without certain capabilities, and ask nm-sudo for special operations
|
||||
# where more privileges are required.
|
||||
#
|
||||
# While nm-sudo has privileges that NetworkManager has not, it does not
|
||||
# mean that itself should run totally unconstrained. On the contrary, it
|
||||
# also should only have permissions it requires.
|
||||
#
|
||||
# nm-sudo rejects all requests that come from any other than the name
|
||||
# owner of "org.freedesktop.NetworkManager" (that is, NetworkManager process
|
||||
# itself). It is thus only an implementation detail and provides no public
|
||||
# API to the user.
|
||||
|
||||
[Service]
|
||||
Type=dbus
|
||||
BusName=org.freedesktop.nm.sudo
|
||||
ExecStart=@libexecdir@/nm-sudo
|
||||
NotifyAccess=main
|
||||
|
||||
# Extra configuration options. Set via `systemctl edit nm-sudo.service`:
|
||||
#
|
||||
# FOR TESTING ONLY: disable authentication to allow requests from
|
||||
# everybody. Don't set this outside of testing!
|
||||
#Environment=NM_SUDO_NO_AUTH_FOR_TESTING=1
|
||||
#
|
||||
# The logging level for debug messages (to stdout).
|
||||
#Environment=NM_SUDO_LOG=TRACE
|
||||
#
|
||||
# nm-sudo will exit on idle after timeout. Set timeout here
|
||||
# or set to 2147483647 for infinity.
|
||||
#Environment=NM_SUDO_IDLE_TIMEOUT_MSEC=10000
|
||||
|
||||
|
||||
# Restrict:
|
||||
AmbientCapabilities=
|
||||
CapabilityBoundingSet=
|
||||
PrivateDevices=true
|
||||
PrivateMounts=true
|
||||
PrivateNetwork=true
|
||||
PrivateTmp=true
|
||||
ProtectClock=true
|
||||
ProtectControlGroups=true
|
||||
ProtectHome=true
|
||||
ProtectHostname=true
|
||||
ProtectKernelLogs=true
|
||||
ProtectKernelModules=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectSystem=strict
|
||||
RestrictAddressFamilies=
|
||||
RestrictNamespaces=true
|
||||
SystemCallFilter=~@clock
|
||||
SystemCallFilter=~@cpu-emulation
|
||||
SystemCallFilter=~@debug
|
||||
SystemCallFilter=~@module
|
||||
SystemCallFilter=~@mount
|
||||
SystemCallFilter=~@obsolete
|
||||
SystemCallFilter=~@privileged
|
||||
SystemCallFilter=~@raw-io
|
||||
SystemCallFilter=~@reboot
|
||||
SystemCallFilter=~@swap
|
||||
NoNewPrivileges=true
|
||||
SupplementaryGroups=
|
||||
|
||||
# Grant:
|
||||
CapabilityBoundingSet=CAP_DAC_OVERRIDE
|
||||
PrivateUsers=no
|
||||
RestrictAddressFamilies=AF_UNIX
|
||||
SystemCallFilter=@resources
|
||||
|
||||
|
||||
[Install]
|
||||
Alias=dbus-org.freedesktop.nm.sudo.service
|
Reference in New Issue
Block a user