Capabilities to run start-stop-daemon

Question

I would like to stop process (proc2) which was started by root by my unprivileged process (proc1).

My process proc1 calls execl("/bin/sh","sh","-c","/etc/init.d/proc2 restart",nullptr).

and /etc/init.d/proc2 restart calls start-stop-daemon

which fails because of lack of capabilities to kill proc2 (suid root)

What kind of capabilities have to be set to unprivileged process proc1 in order it could run start-stop-daemon (kill proc2)?

Answer 1

I will rewrite your question as how is it possible to trigger an administrative task (requiring root priviledges) from a user lever process?

The common way if to set a priviledged relay that will accept to be activated from a non priviledged task. There are two classical ways to do that in Unix/Linux world:

1. legacy way: an executale owned by root with the seuid bit set and executable only by a group of users allowed to execute the priviledged task. But setuid executables come with a high risk because any bug can lead to serious consequences. The well know sudo is just an example of such a root seutid executable but it has been extensively tested
2. the daemon way: a priviledged daemon waits for some event and executes the priviledged task. The interface with the unpriviledged world is only the event, so the risk is commonly seen as lower. The event is commonly the presence of a file in a directory, or a message written in a fifo file, or a network packet.

In either way, you must considere the security question: how to ensure only legitimate triggering of the priviledged task.