killall

I am thinking of extending the SE Linux functionality of killall. One significant feature that it lacks at the moment is to kill all processes of a specified context.

The current SE Linux functionality of killall is the ability to kill all processes of a specified name with a particular context. So I can kill every copy of "bash" with context "root:user_r:user_t" and avoid killing bash scripts run by daemons and shells of administrators. But I can't kill every process run by "root:user_r:user_t" regardless of what they are doing.

I plan to change killall so that you can just run "killall -Z context" to kill all processes in a particular context regardless of executable. Also I am thinking of making it possible to specify just an identity or a role. So I could kill all user_r processes, or all process from a particular user identity.

Is there any other SE Linux functionality that I should consider at the same time? I think I may have to mostly re-write killall so now is the best time to add features.

Also if you have any other ideas for features in killall please let me know. It will be a lot easier to implement them now than at any other time.

--

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

--

This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Mon 29 Mar 2004 - 08:47:39 EST