Changeset 628
- Timestamp:
- Feb 3, 2008, 7:06:15 AM (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
server/common/patches/openafs-scripts.patch
r622 r628 2 2 # Copyright (C) 2006 Jeff Arnold <jbarnold@mit.edu> 3 3 # with modifications by Joe Presbrey <presbrey@mit.edu> 4 # and Anders Kaseorg <andersk@mit.edu> 4 5 # 5 6 # This file is available under both the MIT license and the GPL. … … 41 42 # See /COPYRIGHT in this repository for more information. 42 43 # 43 diff -ur openafs-1.4 .1-rc10/src/afs/afs_analyze.c openafs-1.4.1-rc10-scripts/src/afs/afs_analyze.c44 --- openafs-1.4 .1-rc10/src/afs/afs_analyze.c 2003-08-27 17:43:16.000000000 -040045 +++ openafs-1.4 .1-rc10-scripts/src/afs/afs_analyze.c 2006-04-18 16:38:55.000000000 -040044 diff -ur openafs-1.4/src/afs/afs_analyze.c openafs-1.4+scripts/src/afs/afs_analyze.c 45 --- openafs-1.4/src/afs/afs_analyze.c 2007-11-05 23:08:45.000000000 -0500 46 +++ openafs-1.4+scripts/src/afs/afs_analyze.c 2007-12-18 19:22:59.000000000 -0500 46 47 @@ -505,7 +505,7 @@ 47 48 (afid ? afid->Fid.Volume : 0)); … … 53 54 (aerrP->err_Volume)++; 54 55 areq->volumeError = VOLBUSY; 55 diff -ur openafs-1.4 .1-rc10/src/afs/afs.h openafs-1.4.1-rc10-scripts/src/afs/afs.h56 --- openafs-1.4 .1-rc10/src/afs/afs.h 2006-02-17 16:58:33.000000000 -050057 +++ openafs-1.4 .1-rc10-scripts/src/afs/afs.h 2006-04-18 16:38:55.000000000 -040058 @@ -17 5,8 +175,14@@59 struct afs_q *prev;56 diff -ur openafs-1.4/src/afs/afs.h openafs-1.4+scripts/src/afs/afs.h 57 --- openafs-1.4/src/afs/afs.h 2007-12-05 03:57:36.000000000 -0500 58 +++ openafs-1.4+scripts/src/afs/afs.h 2007-12-18 20:12:31.000000000 -0500 59 @@ -177,8 +177,16 @@ 60 struct afs_q *prev; 60 61 }; 61 62 62 63 +#define AFSAGENT_UID (101) 63 64 +#define SIGNUP_UID (102) … … 65 66 +#define POSTFIX_UID (89) 66 67 +#define DAEMON_SCRIPTS_PTSID (33554596) 68 +extern afs_int32 globalpag; 69 + 67 70 struct vrequest { 68 71 afs_int32 uid; /* user id making the request */ … … 71 74 afs_int32 flags; /* things like O_SYNC, O_NONBLOCK go here */ 72 75 char initd; /* if non-zero, non-uid fields meaningful */ 73 diff -ur openafs-1.4 .1-rc10/src/afs/afs_osi_pag.c openafs-1.4.1-rc10-scripts/src/afs/afs_osi_pag.c74 --- openafs-1.4 .1-rc10/src/afs/afs_osi_pag.c 2005-10-05 01:58:27.000000000 -040075 +++ openafs-1.4 .1-rc10-scripts/src/afs/afs_osi_pag.c 2006-04-18 16:38:55.000000000 -040076 @@ - 46,6 +46,8 @@77 76 diff -ur openafs-1.4/src/afs/afs_osi_pag.c openafs-1.4+scripts/src/afs/afs_osi_pag.c 77 --- openafs-1.4/src/afs/afs_osi_pag.c 2007-11-05 23:08:45.000000000 -0500 78 +++ openafs-1.4+scripts/src/afs/afs_osi_pag.c 2007-12-18 20:26:57.000000000 -0500 79 @@ -51,6 +51,8 @@ 80 #endif 78 81 /* Local variables */ 79 82 … … 83 86 * Pags are implemented as follows: the set of groups whose long 84 87 * representation is '41XXXXXX' hex are used to represent the pags. 85 @@ -4 26,6 +430,15 @@88 @@ -442,6 +444,15 @@ 86 89 av->uid = acred->cr_ruid; /* default when no pag is set */ 87 90 #endif … … 92 95 + globalpag = av->uid; 93 96 + } 94 + else {97 + else if (globalpag && av->uid == acred->cr_ruid) { 95 98 + av->uid = globalpag; 96 99 + } … … 99 102 return 0; 100 103 } 101 diff -ur openafs-1.4 .1-rc10/src/afs/afs_pioctl.c openafs-1.4.1-rc10-scripts/src/afs/afs_pioctl.c102 --- openafs-1.4 .1-rc10/src/afs/afs_pioctl.c 2006-03-02 01:44:05.000000000 -0500103 +++ openafs-1.4 .1-rc10-scripts/src/afs/afs_pioctl.c 2006-04-18 16:38:55.000000000 -0400104 @@ -120 2,6 +1202,10 @@104 diff -ur openafs-1.4/src/afs/afs_pioctl.c openafs-1.4+scripts/src/afs/afs_pioctl.c 105 --- openafs-1.4/src/afs/afs_pioctl.c 2007-12-05 03:57:37.000000000 -0500 106 +++ openafs-1.4+scripts/src/afs/afs_pioctl.c 2007-12-18 21:05:10.000000000 -0500 107 @@ -1208,6 +1208,10 @@ 105 108 struct AFSFetchStatus OutStatus; 106 109 XSTATS_DECLS; 107 110 108 + if (areq->realuid != AFSAGENT_UID) {111 + if (areq->uid == globalpag && areq->realuid != AFSAGENT_UID) { 109 112 + return EACCES; 110 113 + } … … 113 116 if (!avc) 114 117 return EINVAL; 115 @@ -142 2,6 +1428,10 @@118 @@ -1428,6 +1432,10 @@ 116 119 struct vrequest treq; 117 120 afs_int32 flag, set_parent_pag = 0; 118 121 119 + if (areq->realuid != AFSAGENT_UID) {120 + 122 + if (areq->uid == globalpag && areq->realuid != AFSAGENT_UID) { 123 + return 0; 121 124 + } 122 125 + … … 124 127 if (!afs_resourceinit_flag) { 125 128 return EIO; 126 @@ -18 64,6 +1876,10 @@129 @@ -1870,6 +1878,10 @@ 127 130 register afs_int32 i; 128 131 register struct unixuser *tu; 129 132 130 + if (areq->realuid != AFSAGENT_UID) {131 + 133 + if (areq->uid == globalpag && areq->realuid != AFSAGENT_UID) { 134 + return 0; 132 135 + } 133 136 + … … 135 138 if (!afs_resourceinit_flag) /* afs daemons haven't started yet */ 136 139 return EIO; /* Inappropriate ioctl for device */ 137 diff -ur openafs-1.4 .1-rc10/src/afs/VNOPS/afs_vnop_access.c openafs-1.4.1-rc10-scripts/src/afs/VNOPS/afs_vnop_access.c138 --- openafs-1.4 .1-rc10/src/afs/VNOPS/afs_vnop_access.c 2004-08-25 03:09:35.000000000 -0400139 +++ openafs-1.4 .1-rc10-scripts/src/afs/VNOPS/afs_vnop_access.c 2006-04-18 16:38:55.000000000 -0400140 @@ -118,6 +118,1 6@@140 diff -ur openafs-1.4/src/afs/VNOPS/afs_vnop_access.c openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_access.c 141 --- openafs-1.4/src/afs/VNOPS/afs_vnop_access.c 2007-11-05 23:08:46.000000000 -0500 142 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_access.c 2007-12-18 21:06:20.000000000 -0500 143 @@ -118,6 +118,17 @@ 141 144 142 145 if ((vType(avc) == VDIR) || (avc->states & CForeign)) { 143 146 /* rights are just those from acl */ 144 147 + 145 + if ( !(areq->realuid == avc->fid.Fid.Volume) && 148 + if ( areq->uid == globalpag && 149 + !(areq->realuid == avc->fid.Fid.Volume) && 146 150 + !((avc->anyAccess | arights) == avc->anyAccess) && 147 151 + !(((arights & ~(PRSFS_LOOKUP|PRSFS_READ)) == 0) && areq->realuid == HTTPD_UID) && … … 155 159 } else { 156 160 /* some rights come from dir and some from file. Specifically, you 157 @@ -171,6 +182,1 7@@161 @@ -171,6 +182,18 @@ 158 162 fileBits |= PRSFS_READ; 159 163 } 160 164 } 161 165 + 162 + if ( !(areq->realuid == avc->fid.Fid.Volume) && 166 + if ( areq->uid == globalpag && 167 + !(areq->realuid == avc->fid.Fid.Volume) && 163 168 + !((avc->anyAccess | arights) == avc->anyAccess) && 164 169 + !(arights == PRSFS_LOOKUP && areq->realuid == HTTPD_UID) && … … 173 178 } 174 179 } 175 @@ -192,6 +21 8,7 @@180 @@ -192,6 +215,7 @@ 176 181 OSI_VC_CONVERT(avc); 177 182 … … 181 186 ICL_TYPE_INT32, amode, ICL_TYPE_OFFSET, 182 187 ICL_HANDLE_OFFSET(avc->m.Length)); 183 diff -ur openafs-1.4 .1-rc10/src/afs/VNOPS/afs_vnop_attrs.c openafs-1.4.1-rc10-scripts/src/afs/VNOPS/afs_vnop_attrs.c184 --- openafs-1.4 .1-rc10/src/afs/VNOPS/afs_vnop_attrs.c 2005-10-23 02:31:23.000000000 -0400185 +++ openafs-1.4 .1-rc10-scripts/src/afs/VNOPS/afs_vnop_attrs.c 2006-04-18 16:41:32.000000000 -0400188 diff -ur openafs-1.4/src/afs/VNOPS/afs_vnop_attrs.c openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_attrs.c 189 --- openafs-1.4/src/afs/VNOPS/afs_vnop_attrs.c 2007-11-05 23:08:46.000000000 -0500 190 +++ openafs-1.4+scripts/src/afs/VNOPS/afs_vnop_attrs.c 2007-12-18 19:22:59.000000000 -0500 186 191 @@ -87,8 +87,8 @@ 187 192 } … … 195 200 attrs->va_fsid = avc->v.v_vfsp->vfs_fsid.val[0]; 196 201 #elif defined(AFS_OSF_ENV) 197 @@ -172,6 +17 9,7 @@202 @@ -172,6 +172,7 @@ 198 203 #else /* everything else */ 199 204 attrs->va_blocks = (attrs->va_size ? ((attrs->va_size + 1023)>>10)<<1:0);
Note: See TracChangeset
for help on using the changeset viewer.