Ethanlm commented on a change in pull request #3366:
URL: https://github.com/apache/storm/pull/3366#discussion_r669098558
##########
File path: storm-core/src/native/worker-launcher/impl/worker-launcher.c
##########
@@ -93,41 +109,41 @@ char* get_executable() {
int check_executor_permissions(char *executable_file) {
errno = 0;
- char * resolved_path = realpath(executable_file, NULL);
+ char* resolved_path = realpath(executable_file, NULL);
if (resolved_path == NULL) {
fprintf(ERRORFILE,
- "Error resolving the canonical name for the executable : %s!",
- strerror(errno));
+ "ERROR: Error resolving the canonical name for the executable :
%s!",
+ strerror(errno));
return -1;
}
struct stat filestat;
errno = 0;
if (stat(resolved_path, &filestat) != 0) {
- fprintf(ERRORFILE,
- "Could not stat the executable : %s!.\n", strerror(errno));
+ fprintf(ERRORFILE,
+ "ERROR: Could not stat the executable : %s!.\n", strerror(errno));
return -1;
}
uid_t binary_euid = filestat.st_uid; // Binary's user owner
- gid_t binary_gid = filestat.st_gid; // Binary's group owner
+ gid_t binary_gid = filestat.st_gid; // Binary's group owner
// Effective uid should be root
if (binary_euid != 0) {
- fprintf(LOGFILE,
- "The worker-launcher binary should be user-owned by root.\n");
+ fprintf(LOGFILE, "The worker-launcher binary should be user-owned by
root.\n");
return -1;
}
if (binary_gid != getgid()) {
fprintf(LOGFILE, "ERROR: The configured worker-launcher group %d is
different from"
- " the group of the executable %d\n", getgid(), binary_gid);
+ " the group of the executable %d\n",
Review comment:
yes the worker-launcher binary needs to have setuid set.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@storm.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
