[Linux-ha-dev] Re: [Linux-ha-cvs] Linux-HA CVS: crm by andrew from

Sat, 04 Feb 2006 23:47:45 -0800 

It looks that the code deems the HA_CCMUID as group id and HA_APIGID as user id.

linux-ha-cvs@lists.linux-ha.org wrote:

linux-ha CVS committal

Author  : andrew
Host : Project : linux-ha 
Module  : crm

Dir     : linux-ha/crm/cib


Modified Files:
io.c 

Log Message:
Check for correct permissions on the CIB at startup
Have CTS apply the correct permissions to the CIB it installs

===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/crm/cib/io.c,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -3 -r1.41 -r1.42
--- io.c        20 Jan 2006 09:30:37 -0000      1.41
+++ io.c        2 Feb 2006 13:40:28 -0000       1.42
@@ -1,4 +1,4 @@
-/* $Id: io.c,v 1.41 2006/01/20 09:30:37 andrew Exp $ */
+/* $Id: io.c,v 1.42 2006/02/02 13:40:28 andrew Exp $ */
/* * Copyright (C) 2004 Andrew Beekhof <[EMAIL PROTECTED]> * @@ -124,7 +124,26 @@ 
        }
        
        if (s_res == 0) {
-               FILE *cib_file = fopen(filename, "r");
+               FILE *cib_file = NULL;
+               gboolean user_readwritable = (buf.st_gid == atoi(HA_CCMUID)) && 
(buf.st_mode & (S_IRGRP|S_IWGRP));
+
+               if( S_ISREG(buf.st_mode) == FALSE ) {
+                       crm_err("%s must be a regular file", filename);
+                       exit(100);
+                       
+               } else if( user_readwritable == FALSE ) {
+                       gboolean group_readwritable = (buf.st_uid == atoi(HA_APIGID)) 
&& (buf.st_mode & (S_IRUSR|S_IWUSR));
+                       if( group_readwritable == FALSE ) {
+                               crm_err("%s must be owned and read/writeable by user 
%s,"
+                                       " or owned and read/writable by group 
%s",
+                                       filename, HA_CCMUID, HA_APIGID);
+                               exit(100);
+                       }
+                       crm_warn("%s should be owned and read/writeable by user 
%s",
+                                filename, HA_CCMUID);
+               }
+
+               cib_file = fopen(filename, "r");
                crm_info("Reading cluster configuration from: %s", filename);
                root = file2xml(cib_file);
                crm_xml_add(root, "generated", XML_BOOLEAN_FALSE);


_______________________________________________
Linux-ha-cvs mailing list
Linux-ha-cvs@lists.linux-ha.org
http://lists.community.tummy.com/mailman/listinfo/linux-ha-cvs




--
Best Regards,
Huang Zhen
Linux Technology Center
IBM China Development Lab, Beijing
Telno: (8610)82782244-2845
_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/

Reply via email to