On Feb 5, 2006, at 8:43 AM, Huang Zhen wrote:
It looks that the code deems the HA_CCMUID as group id and
HA_APIGID as user id.
is there a question in there somewhere?
linux-ha-cvs@lists.linux-ha.org wrote:
linux-ha CVS committal
Author : andrew
Host : Project : linux-ha
Module : crm
Dir : linux-ha/crm/cib
Modified Files:
io.c Log Message:
Check for correct permissions on the CIB at startup
Have CTS apply the correct permissions to the CIB it installs
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/crm/cib/io.c,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -3 -r1.41 -r1.42
--- io.c 20 Jan 2006 09:30:37 -0000 1.41
+++ io.c 2 Feb 2006 13:40:28 -0000 1.42
@@ -1,4 +1,4 @@
-/* $Id: io.c,v 1.41 2006/01/20 09:30:37 andrew Exp $ */
+/* $Id: io.c,v 1.42 2006/02/02 13:40:28 andrew Exp $ */
/* * Copyright (C) 2004 Andrew Beekhof <[EMAIL PROTECTED]>
* @@ -124,7 +124,26 @@
}
if (s_res == 0) {
- FILE *cib_file = fopen(filename, "r");
+ FILE *cib_file = NULL;
+ gboolean user_readwritable = (buf.st_gid == atoi(HA_CCMUID)) &&
(buf.st_mode & (S_IRGRP|S_IWGRP));
+
+ if( S_ISREG(buf.st_mode) == FALSE ) {
+ crm_err("%s must be a regular file", filename);
+ exit(100);
+
+ } else if( user_readwritable == FALSE ) {
+ gboolean group_readwritable = (buf.st_uid == atoi(HA_APIGID))
&& (buf.st_mode & (S_IRUSR|S_IWUSR));
+ if( group_readwritable == FALSE ) {
+ crm_err("%s must be owned and read/writeable by user
%s,"
+ " or owned and read/writable by group
%s",
+ filename, HA_CCMUID, HA_APIGID);
+ exit(100);
+ }
+ crm_warn("%s should be owned and read/writeable by user
%s",
+ filename, HA_CCMUID);
+ }
+
+ cib_file = fopen(filename, "r");
crm_info("Reading cluster configuration from: %s", filename);
root = file2xml(cib_file);
crm_xml_add(root, "generated", XML_BOOLEAN_FALSE);
_______________________________________________
Linux-ha-cvs mailing list
Linux-ha-cvs@lists.linux-ha.org
http://lists.community.tummy.com/mailman/listinfo/linux-ha-cvs
--
Best Regards,
Huang Zhen
Linux Technology Center
IBM China Development Lab, Beijing
Telno: (8610)82782244-2845
_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/
--
Andrew Beekhof
"I'd find myself if I knew where myself left me" - MGF
_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/