----- Original Message -----
> > One possibility is to give pcp sudo privileges on pmie.
> > Is there another way ?
>
> I think you have already suggested the "best" solution for a "behind the
> firewall" environment ... sudo glue, as in (in sort of reverse order of how
> you'd set it up)
> ...
There is an alternative which doesn't involve sudo, if use of sudo is an
issue. A PMDA can be written with a storable metric, and pmie can be told
to pmstore(1) into that metric on detection of a process to kill. A PMDA
starts out its life running as root, and (as many do) can choose to change
to an arbitrary unprivileged user.
They can also nowadays obtain the credentials of the user account requesting
the pmstore(1). As such they provide several options for security models -
e.g. the PMDA could change user to "apache" early on in its life, dropping
root privileges - then, at pmstore time (even if the credentials checks were
not being used) the PMDA would be limited in the damage it can do; e.g. only
being able to terminate "apache" user processes.
cheers.
--
Nathan
|