From e8c3441f29c638ee80edc708f9488b6fa6417df7 Mon Sep 17 00:00:00 2001 From: arcan1s Date: Mon, 25 Aug 2014 11:53:14 +0400 Subject: [PATCH] add profile reading description --- sources/gui/docs/netctl-gui-security-notes.html | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/sources/gui/docs/netctl-gui-security-notes.html b/sources/gui/docs/netctl-gui-security-notes.html index 7b79019..9489b74 100644 --- a/sources/gui/docs/netctl-gui-security-notes.html +++ b/sources/gui/docs/netctl-gui-security-notes.html @@ -46,6 +46,16 @@

If library will be initialized with FORCE_SUDO=true than it will use sudo command (which can be transferred to the library by SUDO_PATH option). Otherwise it will try to set UID of children processes to 0. Please note that sudo command and UID setting will be used only for those commands which require it.

+

Profiles reading should be described. Since profiles has shell-like syntax some variables (which provide an array) cannot be reading by usual ways. To do it library uses bash:

+
+# define system variables
+env -i bash -c "set"
+# get profile and system variable list
+env -i bash -c "source '<profile>'; set"
+# get profile variables
+env -i bash -c "source '<profile>'; for i in ${!<key>[@]}; do echo ${<key>[$i]}; done"
+
+

Helper

First of all the helper does not interact with netctl directly, it uses the library to do it. So all library security notes are applicable here. To start the helper and to create DBus services user must be in network group by default (or must be root). But you may change it by editing $DBUS_SYSTEMCONF_PATH/org.netctlgui.helper.conf policy file (/etc/dbus-1/system.d/org.netctlgui.helper.conf by default). Please refer to DBus documentation to do it.