Security Model

From Elektra Initiative

Elektra lets system administrators control security in a much fine grained way. With the current text file paradigm it is impossible to control permissions and access times on each /etc/passwd or /etc/shadow atoms. Elektra lets you do that because each information atom stored in it (key) has a unique name (key name) and access rights. See Hans Reiser (creator of ReiserFS) comments about it.

To show the security model in action, this screen shows the kdb command listing keys and their attributes related to user nobody.

  bash$ kdb ls -Rlv system/users/nobody
  -rw-r--r--   root  root    17 Mar 31 09:07 system/users/nobody/uid=99
  -rw-r--r--   root  root    17 Mar 31 09:07 system/users/nobody/gid=99
  -rw-r--r--   root  root    21 Mar 31 09:07 system/users/nobody/gecos=Nobody
  -rw-r--r--   root  root    16 Mar 31 09:07 system/users/nobody/home=/
  -rw-r--r--   root  root    28 Mar 31 09:07 system/users/nobody/shell=/sbin/nologin
  -rw-------   root  root    16 Mar 31 09:07 system/users/nobody/password
  -rw-------   root  root    16 Mar 31 09:07 system/users/nobody/passwdChangeBefore
  -rw-------   root  root    20 Mar 31 09:07 system/users/nobody/passwdChangeAfter
  -rw-------   root  root    16 Mar 31 09:07 system/users/nobody/passwdWarnBefore
  -rw-------   root  root    15 Mar 31 09:07 system/users/nobody/passwdDisableAfter
  -rw-------   root  root    15 Mar 31 09:07 system/users/nobody/passwdDisabledSince
  -rw-------   root  root    15 Mar 31 09:07 system/users/nobody/passwdReserved

We ran the kdb command without super-user credentials, asking for long (-l), recursive (-R) listing, and to show each key value (-v). But (since we are) regular user, we don't have permission to see the values of the system/users/nobody/passwd* fields.

The users database files were elektrified to key-value pairs using the users-convert script included with the distribution.