Patches item #509413, was opened at 2002-01-27 23:21 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=303152&aid=509413&group_id=3152
Category: other Group: None >Status: Closed >Resolution: Fixed Priority: 5 Submitted By: Jon Griffin (tresero) Assigned to: Kriston Rehberg (kriston) Summary: Patch for -g option Initial Comment: Fixes bad uid/gid parsing in nsmain. Now it acutally works. ---------------------------------------------------------------------- >Comment By: Kriston Rehberg (kriston) Date: 2002-03-20 10:59 Message: Logged In: YES user_id=16427 Fixed on nsd_v3_r3_p0 branch. Thanks! ---------------------------------------------------------------------- Comment By: John Caruso (johnjcaruso) Date: 2002-02-07 13:50 Message: Logged In: YES user_id=452169 Kris, I was about to submit an identical patch (other than the comment, of course). The problem is not that -g or -u "fails", it's that if -u is used, it renders -g useless, because the uarg-handling code calls Ns_GetUserGid and in doing so it overrides the group or gid that was specified with -g. This is solely because of the ordering of the code; if garg is handled AFTER uarg, as in this patch, you can use -g to override the primary group of the user specified with -u. Which is a desirable behavior in some environments. It appears that this "bug" can be overcome with old-style config files, but not with Tcl config files, and not at all with command-line options. A related enhancement that would be VERY useful would be the use of initgroups(3) to set the supplementary group access list when a user is specified with -u. Currently, AOLserver only sets the primary group for the specified user. I have a client using AOLserver, and this is a major source of headaches in their development environment, since the web server user and the developers have different primary groups. I may submit a patch for this someday. Sorry to butt in, but as I said this patch is identical to the one I was going to submit. Hope this helps. - John ---------------------------------------------------------------------- Comment By: Jon Griffin (tresero) Date: 2002-01-28 12:40 Message: Logged In: YES user_id=440916 Linux, no -z. It definitly fails without the patch. If I want to run with a user as -u and nsadmin as -g and had the aol files in /opt/aolserver but the config and web files in /home/user then without world read permissions it fails with permission errors. With the patch and everything else the same all worked as expected. In reading the code it appears that the getuid also gets gid if the user == 0. Thus it bypassed the -g argument. Isn't -z just for zippy memory or does it do more? ---------------------------------------------------------------------- Comment By: Kriston Rehberg (kriston) Date: 2002-01-28 10:13 Message: Logged In: YES user_id=16427 On which platforms does this fail? Do you use the "z" option while starting up? We have been using -g and -u forever on Solaris, SGI, and some other platforms and it works. Thanks, Kris ---------------------------------------------------------------------- Comment By: Kriston Rehberg (kriston) Date: 2002-01-28 10:13 Message: Logged In: YES user_id=16427 On which platforms does this fail? Do you use the "z" option while starting up? We have been using -g and -u forever on Solaris, SGI, and some other platforms and it works. Thanks, Kris ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=303152&aid=509413&group_id=3152
