proxmox-mirrors/mirror_corosync
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_corosync synced 2025-08-02 23:25:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove requirement of having uid and gid of "ais" on the system and allow

Browse Source 
nonroot users to access ipc if their uid/gid is in the /etc/corosync/uidgid.d
directory.


git-svn-id: http://svn.fedorahosted.org/svn/corosync/trunk@2261 fd59a12c-fef9-0310-b244-a6a79926bd2f
This commit is contained in:
Steven Dake 2009-06-19 00:03:56 +00:00
parent 967be5a38a
commit bc87f196f7
5 changed files with 21 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
exec/main.c
View File

@ -117,8 +117,6 @@ static struct objdb_iface_ver0 *objdb = NULL;
static struct corosync_api_v1 *api = NULL;
static struct ug_config ug_config;
unsigned long long *(*main_clm_get_by_nodeid) (unsigned int node_id);
hdb_handle_t corosync_poll_handle;
@ -276,9 +274,7 @@ static void confchg_fn (
static void priv_drop (void)
{
return; /* TODO: we are still not dropping privs */
setuid (ug_config.uid);
setegid (ug_config.gid);
return; /* TODO: we are still not dropping privs */
}
static void corosync_tty_detach (void)
@ -486,8 +482,11 @@ static int corosync_security_valid (int euid, int egid)
return (1);
}
for (iter = ug_config.uidgid_list.next; iter != &ug_config.uidgid_list; iter = iter->next) {
struct uidgid_item *ugi = list_entry (iter, struct uidgid_item, list);
for (iter = uidgid_list_head.next; iter != &uidgid_list_head;
iter = iter->next) {
struct uidgid_item *ugi = list_entry (iter, struct uidgid_item,
list);
if (euid == ugi->uid || egid == ugi->gid)
return (1);
@ -786,7 +785,7 @@ int main (int argc, char **argv)
}
free(config_iface);
res = corosync_main_config_read (objdb, &error_string, &ug_config);
res = corosync_main_config_read (objdb, &error_string);
if (res == -1) {
/*
* if we are here, we _must_ flush the logsys queue

53
exec/mainconfig.c
View File

@ -55,8 +55,12 @@
#include "mainconfig.h"
static char error_string_response[512];
static struct objdb_iface_ver0 *global_objdb;
DECLARE_LIST_INIT(uidgid_list_head);
/* This just makes the code below a little neater */
static inline int objdb_get_string (
const struct objdb_iface_ver0 *objdb,
@ -642,8 +646,7 @@ static void add_logsys_config_notification(
static int corosync_main_config_read_uidgid (
struct objdb_iface_ver0 *objdb,
const char **error_string,
struct ug_config *ug_config)
const char **error_string)
{
hdb_handle_t object_find_handle;
hdb_handle_t object_service_handle;
@ -651,8 +654,6 @@ static int corosync_main_config_read_uidgid (
int uid, gid;
struct uidgid_item *ugi;
list_init (&ug_config->uidgid_list);
objdb->object_find_create (
OBJECT_PARENT_HANDLE,
"uidgid",
@ -680,7 +681,8 @@ static int corosync_main_config_read_uidgid (
}
ugi->uid = uid;
ugi->gid = gid;
list_add (&ugi->list, &ug_config->uidgid_list);
list_init (&ugi->list);
list_add (&ugi->list, &uidgid_list_head);
}
}
objdb->object_find_destroy (object_find_handle);
@ -690,53 +692,16 @@ static int corosync_main_config_read_uidgid (
int corosync_main_config_read (
struct objdb_iface_ver0 *objdb,
const char **error_string,
struct ug_config *ug_config)
const char **error_string)
{
hdb_handle_t object_service_handle;
char *value;
const char *error_reason = error_string_response;
hdb_handle_t object_find_handle;
memset (ug_config, 0, sizeof (struct ug_config));
if (corosync_main_config_read_logging(objdb, error_string) < 0) {
error_reason = *error_string;
goto parse_error;
}
ug_config->uid = -1;
ug_config->gid = -1;
objdb->object_find_create (
OBJECT_PARENT_HANDLE,
"aisexec",
strlen ("aisexec"),
&object_find_handle);
if (objdb->object_find_next (
object_find_handle,
&object_service_handle) == 0) {
if (!objdb_get_string (objdb,object_service_handle, "user", &value)) {
ug_config->uid = uid_determine(value);
}
if (!objdb_get_string (objdb,object_service_handle, "group", &value)) {
ug_config->gid = gid_determine(value);
}
}
objdb->object_find_destroy (object_find_handle);
if (ug_config->uid < 0) {
ug_config->uid = uid_determine("ais");
}
if (ug_config->gid < 0) {
ug_config->gid = gid_determine("ais");
}
corosync_main_config_read_uidgid (objdb, error_string, ug_config);
corosync_main_config_read_uidgid (objdb, error_string);
add_logsys_config_notification(objdb);

17
exec/mainconfig.h
View File

@ -59,23 +59,10 @@ struct uidgid_item {
int gid;
};
struct ug_config {
/*
* user/group to run as
*/
int uid;
int gid;
/*
* Allowed users/group to connect. This is of type uidgid item.
*/
struct list_head uidgid_list;
};
extern struct list_head uidgid_list_head;
extern int corosync_main_config_read (
struct objdb_iface_ver0 *objdb,
const char **error_string,
struct ug_config *ug_config);
const char **error_string);
#endif /* MAINCONFIG_H_DEFINED */

19
man/corosync.conf.5
View File

@ -1,6 +1,6 @@
.\"/*
.\" * Copyright (c) 2005 MontaVista Software, Inc.
.\" * Copyright (c) 2006 Red Hat, Inc.
.\" * Copyright (c) 2006-2009 Red Hat, Inc.
.\" *
.\" * All rights reserved.
.\" *
@ -55,9 +55,6 @@ This top level directive contains configuration options for logging.
.TP
event { }
This top level directive contains configuration options for the event service.
.TP
aisexec { }
This top level directive contains configuration options for user privilegies.
.PP
.PP
@ -537,20 +534,6 @@ This specifies the subsystem identity (name) for which logging is specified. Thi
name used by a service in the log_init () call. E.g. 'CKPT'. This directive is
required.
.PP
Within the
.B aisexec
directive, there are two configuration options which are all optional:
.TP
user
.TP
group
These specify the user and group, which is able to run and use corosync.
In any case, this is able to do root:root. But if you don't want run
corosync as root, you can use this directives.
The default is ais.
.SH "FILES"
.TP
/etc/corosync.conf

10
man/corosync_overview.8
View File

@ -1,6 +1,6 @@
.\"/*
.\" * Copyright (c) 2005 MontaVista Software, Inc.
.\" * Copyright (c) 2006 Red Hat, Inc.
.\" * Copyright (c) 2006-2009 Red Hat, Inc.
.\" *
.\" * All rights reserved.
.\" *
@ -86,7 +86,7 @@ which make virtual synchrony ideal for developing distributed applications.
.SH QUICKSTART
The corosync executive must be configured. In the directory conf in the
source distribution are several files that must be copied to the /etc/ais
source distribution are several files that must be copied to the /etc/corosync
directory. If corosync is packaged by a distro, this may be complete.
The directory contains the file corosync.conf. Please read the corosync.conf(5)
@ -94,12 +94,6 @@ man page for details on the configuration options. The corosync project will
work out of the box with the default configuration options, although the
administrator may desire different options.
An user and group of the name "ais" must be added to the system. If corosync
is packaged from a distro, this step should already be completed.
This can be achieved by executing:
[root@slickdeal root]# adduser ais -g ais
The corosync executive uses cryptographic techniques to ensure authenticity
and privacy of the messages. In order for corosync to be secure and operate,
a private key must be generated and shared to all processors.