Changeset 2820
- Timestamp:
- Feb 6, 2017, 10:22:52 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/server/common/patches/openafs-scripts.patch
r2712 r2820 82 82 --- a/src/afs/VNOPS/afs_vnop_access.c 83 83 +++ b/src/afs/VNOPS/afs_vnop_access.c 84 @@ -130,6 +130,1 5@@ afs_AccessOK(struct vcache *avc, afs_int32 arights, struct vrequest *areq,84 @@ -130,6 +130,16 @@ afs_AccessOK(struct vcache *avc, afs_int32 arights, struct vrequest *areq, 85 85 dirBits = PRSFS_LOOKUP | PRSFS_READ; 86 86 return (arights == (dirBits & arights)); … … 91 91 + !(((arights & ~(PRSFS_LOOKUP|PRSFS_READ)) == 0) && areq->realuid == HTTPD_UID) && 92 92 + !(((arights & ~(PRSFS_LOOKUP|PRSFS_READ)) == 0) && areq->realuid == POSTFIX_UID) && 93 + !(PRSFS_USR2 == afs_GetAccessBits(avc, PRSFS_USR2, areq)) && 93 94 + !(areq->realuid == 0 && PRSFS_USR3 == afs_GetAccessBits(avc, PRSFS_USR3, areq)) && 94 95 + !((areq->realuid == 0 || areq->realuid == SIGNUP_UID) && PRSFS_USR4 == afs_GetAccessBits(avc, PRSFS_USR4, areq)) ) { … … 98 99 } else { 99 100 /* some rights come from dir and some from file. Specifically, you 100 @@ -183,6 +192, 19@@ afs_AccessOK(struct vcache *avc, afs_int32 arights, struct vrequest *areq,101 @@ -183,6 +192,20 @@ afs_AccessOK(struct vcache *avc, afs_int32 arights, struct vrequest *areq, 101 102 fileBits |= PRSFS_READ; 102 103 } … … 110 111 + !(arights == PRSFS_READ && areq->realuid == HTTPD_UID && 111 112 + (avc->f.m.Mode == 0100777 || avc->apache_access)) && 113 + !(PRSFS_USR2 == afs_GetAccessBits(avc, PRSFS_USR2, areq)) && 112 114 + !(areq->realuid == 0 && PRSFS_USR3 == afs_GetAccessBits(avc, PRSFS_USR3, areq)) && 113 115 + !((areq->realuid == 0 || areq->realuid == SIGNUP_UID) && PRSFS_USR4 == afs_GetAccessBits(avc, PRSFS_USR4, areq)) ) {
Note: See TracChangeset
for help on using the changeset viewer.