[Chilli] Running chilli as non-root

[David Bird]

Hello,

Now in subversion is a new compile time option: --enable-chilliscript

The option will have the utility program "chilli_script" built. This
program will be installed with the setuid bit set, such that it is able
to run as root. The utility is needed when running chilli under a
non-root user in order to run script (like the up/down or conup/condown)
that require root. 

When compiled with the option, the utility program is built and chilli
will use it when launching it's scripts. When chilli launches scripts,
it does so using:

  /path/chilli_script /path/config.bin /path/prog prog-args

Where the first argument is the path to the running chilli binary
configuration, the second argument is the target script, and what
follows are arguments for the script. 

What exactly does chilli_script do? Not that much, really. It just
checks a couple things for security, then does a setuid(0) before
calling the real script. Before calling setuid(0), it does the following
checks:

- chilli_script must be running as user root or "chilli" (this "chilli"
username is hardcoded, changed with compile time define CHILLI_USER)

- chilli_script must be running as group root or "chilli" (this "chilli"
group is hardcoded, changed with compile time define CHILLI_GROUP)

- the target script must be owned by root and group "chilli". (and must,
of course, be readable for user "chilli")

- the target script must also have the setuid bit set. 

An alternative to using this is to use sudo and custom up/down scripts. 

David