403Webshell
Server IP : 103.119.228.120  /  Your IP : 3.144.253.195
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/local/ssl/local/ssl/share/doc/pam-1.1.8/html/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/local/ssl/local/ssl/share/doc/pam-1.1.8/html/sag-pam_namespace.html
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>6.22. pam_namespace - setup a private namespace</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="Linux-PAM_SAG.html" title="The Linux-PAM System Administrators' Guide"><link rel="up" href="sag-module-reference.html" title="Chapter 6. A reference guide for available modules"><link rel="prev" href="sag-pam_motd.html" title="6.21. pam_motd - display the motd file"><link rel="next" href="sag-pam_nologin.html" title="6.23. pam_nologin - prevent non-root users from login"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">6.22. pam_namespace - setup a private namespace</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="sag-pam_motd.html">Prev</a> </td><th width="60%" align="center">Chapter 6. A reference guide for available modules</th><td width="20%" align="right"> <a accesskey="n" href="sag-pam_nologin.html">Next</a></td></tr></table><hr></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sag-pam_namespace"></a>6.22. pam_namespace - setup a private namespace</h2></div></div></div><div class="cmdsynopsis"><p><code class="command">pam_namespace.so</code>  [
        debug
      ] [
        unmnt_remnt
      ] [
        unmnt_only
      ] [
        require_selinux
      ] [
        gen_hash
      ] [
        ignore_config_error
      ] [
        ignore_instance_parent_mode
      ] [
        unmount_on_close
      ] [
        use_current_context
      ] [
        use_default_context
      ] [
        mount_private
      ]</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_namespace-description"></a>6.22.1. DESCRIPTION</h3></div></div></div><p>
      The pam_namespace PAM module sets up a private namespace for a session
      with polyinstantiated directories. A polyinstantiated directory
      provides a different instance of itself based on user name, or when
      using SELinux, user name, security context or both.  If an executable
      script <code class="filename">/etc/security/namespace.init</code> exists, it
      is used to initialize the instance directory after it is set up
      and mounted on the polyinstantiated directory. The script receives the
      polyinstantiated directory path, the instance directory path, flag
      whether the instance directory was newly created (0 for no, 1 for yes),
      and the user name as its arguments.
    </p><p>
      The pam_namespace module disassociates the session namespace from
      the parent namespace. Any mounts/unmounts performed in the parent
      namespace, such as mounting of devices, are not reflected in the
      session namespace. To propagate selected mount/unmount events from
      the parent namespace into the disassociated session namespace, an
      administrator may use the special shared-subtree feature. For
      additional information on shared-subtree feature, please refer to
      the mount(8) man page and the shared-subtree description at
      http://lwn.net/Articles/159077 and http://lwn.net/Articles/159092.
    </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-namespace.conf-description"></a>6.22.2. DESCRIPTION</h3></div></div></div><p>
      The <span class="emphasis"><em>pam_namespace.so</em></span> module allows setup of
      private namespaces with polyinstantiated directories.
      Directories can be polyinstantiated based on user name
      or, in the case of SELinux, user name, sensitivity level or complete security context.  If an
      executable script <code class="filename">/etc/security/namespace.init</code>
      exists, it is used to initialize the namespace every time an instance
      directory is set up and mounted. The script receives the polyinstantiated
      directory path and the instance directory path as its arguments.
    </p><p>
      The <code class="filename">/etc/security/namespace.conf</code> file specifies
      which directories are polyinstantiated, how they are polyinstantiated,
      how instance directories would be named, and any users for whom
      polyinstantiation would not be performed.
    </p><p>
      When someone logs in, the file <code class="filename">namespace.conf</code> is
      scanned. Comments are marked by <span class="emphasis"><em>#</em></span> characters.
      Each non comment line represents one polyinstantiated
      directory. The fields are separated by spaces but can be quoted by
      <span class="emphasis"><em>"</em></span> characters also escape
      sequences <span class="emphasis"><em>\b</em></span>, <span class="emphasis"><em>\n</em></span>, and
      <span class="emphasis"><em>\t</em></span> are recognized. The fields are as follows:
   </p><p><em class="replaceable"><code>polydir</code></em> <em class="replaceable"><code>instance_prefix</code></em> <em class="replaceable"><code>method</code></em> <em class="replaceable"><code>list_of_uids</code></em>
    </p><p>
      The first field, <em class="replaceable"><code>polydir</code></em>, is the absolute
      pathname of the directory to polyinstantiate. The special string
      <span class="emphasis"><em>$HOME</em></span> is replaced with the user's home directory,
      and <span class="emphasis"><em>$USER</em></span> with the username. This field cannot
      be blank.
    </p><p>
      The second field, <em class="replaceable"><code>instance_prefix</code></em> is
      the string prefix used to build the pathname for the instantiation
      of &lt;polydir&gt;. Depending on the polyinstantiation
      <em class="replaceable"><code>method</code></em> it is then appended with
      "instance differentiation string" to generate the final
      instance directory path. This directory is created if it did not exist
      already, and is then bind mounted on the &lt;polydir&gt; to provide an
      instance of &lt;polydir&gt; based on the &lt;method&gt; column.
      The special string <span class="emphasis"><em>$HOME</em></span> is replaced with the
      user's home directory, and <span class="emphasis"><em>$USER</em></span> with the username.
      This field cannot be blank.
    </p><p>
      The third field, <em class="replaceable"><code>method</code></em>, is the method
      used for polyinstantiation. It can take these values; "user"
      for polyinstantiation based on user name, "level" for
      polyinstantiation based on process MLS level and user name, "context" for
      polyinstantiation based on process security context and user name,
      "tmpfs" for mounting tmpfs filesystem as an instance dir, and
      "tmpdir" for creating temporary directory as an instance dir which is
      removed when the user's session is closed.
      Methods "context" and "level" are only available with SELinux. This
      field cannot be blank.
    </p><p>
      The fourth field, <em class="replaceable"><code>list_of_uids</code></em>, is
      a comma separated list of user names for whom the polyinstantiation
      is not performed. If left blank, polyinstantiation will be performed
      for all users. If the list is preceded with a single "~" character,
      polyinstantiation is performed only for users in the list.
    </p><p>
      The <em class="replaceable"><code>method</code></em> field can contain also following
      optional flags separated by <span class="emphasis"><em>:</em></span> characters.
    </p><p><span class="emphasis"><em>create</em></span>=<em class="replaceable"><code>mode</code></em>,<em class="replaceable"><code>owner</code></em>,<em class="replaceable"><code>group</code></em>
      - create the polyinstantiated directory. The mode, owner and group parameters
      are optional. The default for mode is determined by umask, the default
      owner is the user whose session is opened, the default group is the
      primary group of the user.
    </p><p><span class="emphasis"><em>iscript</em></span>=<em class="replaceable"><code>path</code></em>
      - path to the instance directory init script. The base directory for relative
      paths is <code class="filename">/etc/security/namespace.d</code>.
    </p><p><span class="emphasis"><em>noinit</em></span>
      - instance directory init script will not be executed.
    </p><p><span class="emphasis"><em>shared</em></span>
      - the instance directories for "context" and "level" methods will not
      contain the user name and will be shared among all users.
    </p><p><span class="emphasis"><em>mntopts</em></span>=<em class="replaceable"><code>value</code></em>
      - value of this flag is passed to the mount call when the tmpfs mount is
      done. It allows for example the specification of the maximum size of the
      tmpfs instance that is created by the mount call. See <span class="citerefentry"><span class="refentrytitle">mount</span>(8)</span> for details.
    </p><p>
      The directory where polyinstantiated instances are to be
      created, must exist and must have, by default, the mode of 0000.  The
      requirement that the instance parent be of mode 0000 can be overridden
      with the command line option <span class="emphasis"><em>ignore_instance_parent_mode</em></span>
    </p><p>
      In case of context or level polyinstantiation the SELinux context
      which is used for polyinstantiation is the context used for executing
      a new process as obtained by getexeccon. This context must be set
      by the calling application or <code class="filename">pam_selinux.so</code>
      module. If this context is not set the polyinstatiation will be
      based just on user name.
    </p><p>
      The "instance differentiation string" is &lt;user name&gt; for "user"
      method and &lt;user name&gt;_&lt;raw directory context&gt; for "context"
      and "level" methods. If the whole string is too long the end of it is
      replaced with md5sum of itself. Also when command line option
      <span class="emphasis"><em>gen_hash</em></span> is used the whole string is replaced
      with md5sum of itself.
    </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_namespace-options"></a>6.22.3. OPTIONS</h3></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
          <code class="option">debug</code>
        </span></dt><dd><p>
            A lot of debug information is logged using syslog
          </p></dd><dt><span class="term">
          <code class="option">unmnt_remnt</code>
        </span></dt><dd><p>
            For programs such as su and newrole, the login
            session has already setup a polyinstantiated
            namespace. For these programs, polyinstantiation
            is performed based on new user id or security
            context, however the command first needs to
            undo the polyinstantiation performed by login.
            This argument instructs the command to
            first undo previous polyinstantiation before
            proceeding with new polyinstantiation based on
            new id/context
          </p></dd><dt><span class="term">
          <code class="option">unmnt_only</code>
        </span></dt><dd><p>
            For trusted programs that want to undo any
            existing bind mounts and process instance
            directories on their own, this argument allows
            them to unmount currently mounted instance
            directories
          </p></dd><dt><span class="term">
          <code class="option">require_selinux</code>
        </span></dt><dd><p>
            If selinux is not enabled, return failure
          </p></dd><dt><span class="term">
          <code class="option">gen_hash</code>
        </span></dt><dd><p>
            Instead of using the security context string
            for the instance name, generate and use its
            md5 hash.
          </p></dd><dt><span class="term">
          <code class="option">ignore_config_error</code>
        </span></dt><dd><p>
            If a line in the configuration file corresponding
            to a polyinstantiated directory contains format
            error, skip that line process the next line.
            Without this option, pam will return an error
            to the calling program resulting in termination
            of the session.
          </p></dd><dt><span class="term">
          <code class="option">ignore_instance_parent_mode</code>
        </span></dt><dd><p>
	    Instance parent directories by default are expected to have
	    the restrictive mode of 000. Using this option, an administrator
	    can choose to ignore the mode of the instance parent. This option
            should be used with caution as it will reduce security and
            isolation goals of the polyinstantiation mechanism.
          </p></dd><dt><span class="term">
          <code class="option">unmount_on_close</code>
        </span></dt><dd><p>
           Explicitly unmount the polyinstantiated directories instead
           of relying on automatic namespace destruction after the last
           process in a namespace exits. This option should be used
           only in case it is ensured by other means that there cannot be
           any processes running in the private namespace left after the
           session close. It is also useful only in case there are
           multiple pam session calls in sequence from the same process.
          </p></dd><dt><span class="term">
          <code class="option">use_current_context</code>
        </span></dt><dd><p>
	    Useful for services which do not change the SELinux context
	    with setexeccon call. The module will use the current SELinux
	    context of the calling process for the level and context
	    polyinstantiation.
          </p></dd><dt><span class="term">
          <code class="option">use_default_context</code>
        </span></dt><dd><p>
	    Useful for services which do not use pam_selinux for changing
	    the SELinux context with setexeccon call. The module will use
	    the default SELinux context of the user for the level and context
	    polyinstantiation.
          </p></dd><dt><span class="term">
          <code class="option">mount_private</code>
        </span></dt><dd><p>
	    This option can be used on systems where the / mount point or
	    its submounts are made shared (for example with a
	    <span class="command"><strong>mount --make-rshared /</strong></span> command).
	    The module will mark the whole directory tree so any mount and
	    unmount operations in the polyinstantiation namespace are private.
	    Normally the pam_namespace will try to detect the
	    shared / mount point and make the polyinstantiated directories
	    private automatically. This option has to be used just when
	    only a subtree is shared and / is not.
          </p><p>
	    Note that mounts and unmounts done in the private namespace will not
	    affect the parent namespace if this option is used or when the
	    shared / mount point is autodetected.
          </p></dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_namespace-types"></a>6.22.4. MODULE TYPES PROVIDED</h3></div></div></div><p>
      Only the <code class="option">session</code> module type is provided.
      The module must not be called from multithreaded processes.
    </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_namespace-return_values"></a>6.22.5. RETURN VALUES</h3></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">PAM_SUCCESS</span></dt><dd><p>
             Namespace setup was successful.
          </p></dd><dt><span class="term">PAM_SERVICE_ERR</span></dt><dd><p>
             Unexpected system error occurred while setting up namespace.
          </p></dd><dt><span class="term">PAM_SESSION_ERR</span></dt><dd><p>
             Unexpected namespace configuration error occurred.
          </p></dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_namespace-files"></a>6.22.6. FILES</h3></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="filename">/etc/security/namespace.conf</code></span></dt><dd><p>Main configuration file</p></dd><dt><span class="term"><code class="filename">/etc/security/namespace.d</code></span></dt><dd><p>Directory for additional configuration files</p></dd><dt><span class="term"><code class="filename">/etc/security/namespace.init</code></span></dt><dd><p>Init script for instance directories</p></dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-namespace.conf-examples"></a>6.22.7. EXAMPLES</h3></div></div></div><p>
      These are some example lines which might be specified in
      <code class="filename">/etc/security/namespace.conf</code>.
    </p><div class="literallayout"><p><br>
      # The following three lines will polyinstantiate /tmp,<br>
      # /var/tmp and user's home directories. /tmp and /var/tmp<br>
      # will be polyinstantiated based on the security level<br>
      # as well as user name, whereas home directory will be<br>
      # polyinstantiated based on the full security context and user name.<br>
      # Polyinstantiation will not be performed for user root<br>
      # and adm for directories /tmp and /var/tmp, whereas home<br>
      # directories will be polyinstantiated for all users.<br>
      #<br>
      # Note that instance directories do not have to reside inside<br>
      # the polyinstantiated directory. In the examples below,<br>
      # instances of /tmp will be created in /tmp-inst directory,<br>
      # where as instances of /var/tmp and users home directories<br>
      # will reside within the directories that are being<br>
      # polyinstantiated.<br>
      #<br>
      /tmp     /tmp-inst/               level      root,adm<br>
      /var/tmp /var/tmp/tmp-inst/   	level      root,adm<br>
      $HOME    $HOME/$USER.inst/inst- context<br>
    </p></div><p>
      For the &lt;service&gt;s you need polyinstantiation (login for example)
      put the following line in /etc/pam.d/&lt;service&gt; as the last line for
      session group:
    </p><p>
      session  required  pam_namespace.so [arguments]
    </p><p>
      This module also depends on pam_selinux.so setting the context.
    </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_namespace-authors"></a>6.22.8. AUTHORS</h3></div></div></div><p>
      The namespace setup scheme was designed by Stephen Smalley, Janak Desai
      and Chad Sellers.
      The pam_namespace PAM module was developed by Janak Desai &lt;janak@us.ibm.com&gt;,
      Chad Sellers &lt;csellers@tresys.com&gt; and Steve Grubb &lt;sgrubb@redhat.com&gt;.
      Additional improvements by Xavier Toth &lt;txtoth@gmail.com&gt; and Tomas Mraz
      &lt;tmraz@redhat.com&gt;.
    </p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="sag-pam_motd.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="sag-module-reference.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="sag-pam_nologin.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">6.21. pam_motd - display the motd file </td><td width="20%" align="center"><a accesskey="h" href="Linux-PAM_SAG.html">Home</a></td><td width="40%" align="right" valign="top"> 6.23. pam_nologin - prevent non-root users from login</td></tr></table></div></body></html>

Youez - 2016 - github.com/yon3zu
LinuXploit