Changeset 1134
- Timestamp:
- May 26, 2009, 10:57:18 PM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/server/common/patches/openafs-scripts.patch
r1070 r1134 3 3 # with modifications by Joe Presbrey <presbrey@mit.edu> 4 4 # and Anders Kaseorg <andersk@mit.edu> 5 # and Edward Z. Yang <ezyang@mit.edu> 5 6 # 6 7 # This file is available under both the MIT license and the GPL. … … 43 44 # 44 45 diff -ur openafs-1.4/src/afs/afs_analyze.c openafs-1.4+scripts/src/afs/afs_analyze.c 45 --- openafs-1.4/src/afs/afs_analyze.c 2008-10-27 19:54:06.000000000 -040046 +++ openafs-1.4+scripts/src/afs/afs_analyze.c 2009-04-08 08:07:22.000000000 -040046 --- openafs-1.4/src/afs/afs_analyze.c 47 +++ openafs-1.4+scripts/src/afs/afs_analyze.c 47 48 @@ -585,7 +585,7 @@ 48 49 (afid ? afid->Fid.Volume : 0)); … … 54 55 (aerrP->err_Volume)++; 55 56 areq->volumeError = VOLBUSY; 57 diff -ur openafs-1.4/src/afs/LINUX/osi_vnodeops.c openafs-1.4+scripts/src/afs/LINUX/osi_vnodeops.c 58 --- openafs-1.4/src/afs/LINUX/osi_vnodeops.c 59 +++ openafs-1.4+scripts/src/afs/LINUX/osi_vnodeops.c 60 @@ -875,6 +875,28 @@ 61 /* should we always update the attributes at this point? */ 62 /* unlikely--the vcache entry hasn't changed */ 63 64 + /* [scripts] This code makes hardlinks work correctly. 65 + * 66 + * We want Apache to be able to read a file with hardlinks 67 + * named .htaccess and foo to be able to read it via .htaccess 68 + * and not via foo, regardless of which name was looked up 69 + * (remember, inodes do not have filenames associated with them.) 70 + * 71 + * It is important that we modify the existing cache entry even 72 + * if it is otherwise totally valid and would not be reloaded. 73 + * Otherwise, it won't recover from repeatedly reading the same 74 + * inode via multiple hardlinks or different names. Specifically, 75 + * Apache will be able to read both names if it was first looked 76 + * up (by anyone!) via .htaccess, and neither if it was first 77 + * looked up via foo. 78 + * 79 + * With regards to performance, the strncmp() is bounded by 80 + * three characters, so it takes O(3) operations. If this code 81 + * is extended to all static-cat extensions, we'll want to do 82 + * some clever hashing using gperf here. 83 + */ 84 + vcp->apache_access = strncmp(dp->d_name.name, ".ht", 3) == 0; 85 + 86 } else { 87 #ifdef notyet 88 pvcp = VTOAFS(dp->d_parent->d_inode); /* dget_parent()? */ 89 diff -ur openafs-1.4/src/afs/VNOPS/afs_vnop_lookup.c openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_lookup.c 90 --- openafs-1.4/src/afs/VNOPS/afs_vnop_lookup.c 91 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_lookup.c 92 @@ -1572,6 +1572,12 @@ 93 } 94 95 done: 96 + if (tvc) { 97 + /* [scripts] check Apache's ability to read this file, so that 98 + * we can figure this out on an access() call */ 99 + tvc->apache_access = strncmp(aname, ".ht", 3) == 0; 100 + } 101 + 102 /* put the network buffer back, if need be */ 103 if (tname != aname && tname) 104 osi_FreeLargeSpace(tname); 56 105 diff -ur openafs-1.4/src/afs/afs.h openafs-1.4+scripts/src/afs/afs.h 57 --- openafs-1.4/src/afs/afs.h 2009-01-19 14:27:19.000000000 -050058 +++ openafs-1.4+scripts/src/afs/afs.h 2009-04-08 08:07:22.000000000 -0400106 --- openafs-1.4/src/afs/afs.h 107 +++ openafs-1.4+scripts/src/afs/afs.h 59 108 @@ -208,8 +208,16 @@ 60 109 #define QTOC(e) QEntry(e, struct cell, lruq) … … 74 123 afs_int32 flags; /* things like O_SYNC, O_NONBLOCK go here */ 75 124 char initd; /* if non-zero, Error fields meaningful */ 125 @@ -743,6 +751,7 @@ 126 #ifdef AFS_SUN5_ENV 127 short multiPage; /* count of multi-page getpages in progress */ 128 #endif 129 + bool apache_access; /* whether or not Apache has access to a file */ 130 }; 131 132 #define DONT_CHECK_MODE_BITS 0 76 133 diff -ur openafs-1.4/src/afs/afs_osi_pag.c openafs-1.4+scripts/src/afs/afs_osi_pag.c 77 --- openafs-1.4/src/afs/afs_osi_pag.c 2008-10-20 15:29:46.000000000 -040078 +++ openafs-1.4+scripts/src/afs/afs_osi_pag.c 2009-04-08 08:07:22.000000000 -0400134 --- openafs-1.4/src/afs/afs_osi_pag.c 135 +++ openafs-1.4+scripts/src/afs/afs_osi_pag.c 79 136 @@ -51,6 +51,8 @@ 80 137 #endif … … 103 160 } 104 161 diff -ur openafs-1.4/src/afs/afs_pioctl.c openafs-1.4+scripts/src/afs/afs_pioctl.c 105 --- openafs-1.4/src/afs/afs_pioctl.c 2009-01-19 13:09:34.000000000 -0500106 +++ openafs-1.4+scripts/src/afs/afs_pioctl.c 2009-04-08 08:07:22.000000000 -0400162 --- openafs-1.4/src/afs/afs_pioctl.c 163 +++ openafs-1.4+scripts/src/afs/afs_pioctl.c 107 164 @@ -1217,6 +1217,10 @@ 108 165 struct AFSFetchStatus OutStatus; … … 150 207 return EIO; /* Inappropriate ioctl for device */ 151 208 diff -ur openafs-1.4/src/afs/VNOPS/afs_vnop_access.c openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_access.c 152 --- openafs-1.4/src/afs/VNOPS/afs_vnop_access.c 2008-03-07 12:34:08.000000000 -0500153 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_access.c 2009-04-08 08:07:22.000000000 -0400209 --- openafs-1.4/src/afs/VNOPS/afs_vnop_access.c 210 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_access.c 154 211 @@ -118,6 +118,17 @@ 155 212 … … 170 227 } else { 171 228 /* some rights come from dir and some from file. Specifically, you 172 @@ -171,6 +182,1 8@@229 @@ -171,6 +182,19 @@ 173 230 fileBits |= PRSFS_READ; 174 231 } … … 180 237 + !(arights == PRSFS_LOOKUP && areq->realuid == HTTPD_UID) && 181 238 + !(arights == PRSFS_LOOKUP && areq->realuid == POSTFIX_UID) && 182 + !(arights == PRSFS_READ && areq->realuid == HTTPD_UID && avc->m.Mode == 33279) && 239 + !(arights == PRSFS_READ && areq->realuid == HTTPD_UID && 240 + (avc->m.Mode == 0100777 || avc->apache_access)) && 183 241 + !(areq->realuid == 0 && PRSFS_USR3 == afs_GetAccessBits(avc, PRSFS_USR3, areq)) && 184 242 + !((areq->realuid == 0 || areq->realuid == SIGNUP_UID) && PRSFS_USR4 == afs_GetAccessBits(avc, PRSFS_USR4, areq)) ) { … … 190 248 } 191 249 diff -ur openafs-1.4/src/afs/VNOPS/afs_vnop_attrs.c openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_attrs.c 192 --- openafs-1.4/src/afs/VNOPS/afs_vnop_attrs.c 2009-01-13 14:37:28.000000000 -0500193 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_attrs.c 2009-04-08 08:07:22.000000000 -0400250 --- openafs-1.4/src/afs/VNOPS/afs_vnop_attrs.c 251 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_attrs.c 194 252 @@ -87,8 +87,8 @@ 195 253 }
Note: See TracChangeset
for help on using the changeset viewer.