[distcc] Allowing non-root users to kill and start distccd

Dan Sturtevant sturtx at gmail.com
Sat Jun 3 00:28:57 GMT 2006


I'm setting up distcc in my organization.  I've built a "proof of concept"
cluster of about 30 SuSE 64 bit Opterons.  I plan to get this working on 32
bit Debian machines, Solaris boxes and Mac OSX boxes as well, and need to
set up init scripts for each.

In addition, I need to allow users to stop/suspend the daemon when they
don't want the load on their computer.  I've started doing the following:

 - Change distccd to be a SUID executable so that users can do
"/etc/init.d/distccd start".
 - Modify the "start-stop-daemon" open source C program to hard code all
values for location of the binary and make it only do "stop".
   Rename the executable to  "distccd-stop".  Also make this executable
 - Use "distccd-stop" inside "/etc/init.d/distccd stop"

I'm also planning on adding:

 - Something like "/etc/init.d/distccd temporarystop 4" which would stop the
daemon for 4 hours but start an "at" job to restart it after a
   limited period of time.  Maybe only allow root to call "stop" and only
allow non-root users to do "temporarystop" somehow.
 - "/etc/init.d/distccd start 2" which would tell distccd to accept an
opitonal number of simultaneous connections.

2 questions:

1. Is allowing users to start/stop the daemon on thier own machinies a
good/bad, commonly/uncommonly done thing?

2. I don't care too much about security in this environment, but don't want
to do anything rediculously stupid either.  Is this a decent strategy?

I'll upload my OSX and Solaris init scripts and distccd-stop.c when they're
ready if anyone thinks they would be useful.

Thanks for any insight.

-Dan Sturtevant
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the distcc mailing list