[mythtv-users] Elevating privileges for network handling (was: Re: new YouTube plugin for MythTV)
david at thegeorges.us
Tue Nov 13 15:39:35 UTC 2007
On 11/13/2007 12:22 PM, Islam Amer wrote:
> No I can the plugin allows the user to set and save the network settings
> ( static or DHCP , IP netmask gateway, DNS etc. ) so that it gets used
> on every boot.
> That would make sense for a settop box that doesn't have any other UI
> available right ?
> On Tue, 2007-11-13 at 10:07 -0500, David George wrote:
>> On 11/13/2007 11:45 AM, Islam Amer wrote:
>>> About the basic stuff like wget and ffmpeg your comment is right of
>>> course, but I was talking about things like handling the network, how
>>> can you do that without gaining elevated privileges ?
>> I haven't looked at the project, but I am curious what "handling the
>> network" things it does that needs elevated privileges. Is it something
>> like binding to a port less than 1024? If so, there is a capability for
>> that (CAP_NET_BIND_SERVICE). 'man capabilities' will give more info.
>> There is also a CAP_NET_ADMIN for other network operations.
Ah, that is interesting. I am not sure if you are involved with that
project or not, but here is some info you can use or pass on. I am
sending it here on the myth list just in case someone here may find this
In that case you need CAP_NET_ADMIN. You can change ip address with
ioctl SIOCSIFADDR, netmask with SIOCSIFNETMASK. There are others for
setting other settings. Not sure if there is one for DNS servers
though. In the one project where I change DNS servers I cheat and
modify the resolv.conf file directly.
For gateway and routing stuff you may need to mess with netlink. I
haven't delved very far into this though. Here is how you open a socket
to the netlink layer: fd = socket(AF_NETLINK, SOCK_DGRAM,
NETLINK_ROUTE). Then you need to do your netlink requests (man
netlink). You should be able to find more detailed info on all the
above on google.
More information about the mythtv-users