Hi, I am extremely sorry for being very late. I have reworked on the fix based on the comments, I have adjusted the unwanted spaces reworked on the coding style as suggested by Tirthankar. I have also incorporated the suggestions made by Swathi.
The changes can be seen at http://cr.opensolaris.org/~sdevulap/ha-dns_CR6530498/ . I would also like to start a discussion on what changes need to be done in the documentation. Regards, Abhilash 2008/11/6 Abhilash T.G <abhi.tg4u at gmail.com> > Hi, > > > I am right now busy with my end semester exam. I will look into all your > suggestions as soon as my exams are over. > > Regards > Abhilash > > 2008/11/6 Swathi Devulapalli <Swathi.Devulapalli at sun.com> > > Hi Abhilash, >> >> Thanks for contributing to OHAC. Please find my comments below: >> >> 1. It would be good to have #def variables in capitals. aka ., #define >> USER "user" >> >> 2. I doubt if this code will work as desired. >> >> *249 if (errno == ERANGE) {* >> *250 ds_internal_error("Data buffer for user %s " >> * >> *251 "is not big enough", >> user_name_st->val.val_str);* >> >> *252 if (print_messages) {* >> * 253 (void) fprintf(stderr,* >> *254 gettext("Data buffer for >> user %s "* >> *255 "is not big >> enough.\n"),* >> * 256 >> user_name_st->val.val_str);* >> *257 }* >> You are not returning here. Do you want to continue even with an error? >> For this, you could move return statement to line # 270. ie. after the >> closing brace. >> >> *268 return (1);* >> *269 }* >> Where are you getting this "errno" from? >> >> 3. In the same code snip above, you are using ds_internal_error in the >> "if" part and scds_syslog in the else part. Any specific reason? >> >> 4. */* Gets the username from the command line */* >> >> *562 strcpy(user_name, user_name_st->val.val_str);* >> >> *You may want to add (void) before this statement. Also, I feel it would >> be better to do a strncpy with size as SCDS_ARRAY_SIZE.* >> >> *5. I do not see any debug statements in the code. You may want to >> include some. * >> >> *6. Please check the indentations properly.* >> >> *7. Lastly, I would suggest you to do negative testing as well. Just >> doing positive testing, may not help. Problems can be seen only in negative >> testing.* >> >> *Thanks,* >> >> *Swathi* >> >> >> >> ----- Original Message ----- >> From: "Abhilash T.G" <abhi.tg4u at gmail.com> >> Date: Wednesday, November 5, 2008 9:32 am >> Subject: [ha-clusters-discuss] CR-6530498 >> To: clusters <ha-clusters-discuss at opensolaris.org> >> >> > Hello, >> > >> > I am Abhilash T.G (OS0183). I have done the CR-6530498. The >> > changes can >> > be viewed at >> > http://cr.opensolaris.org/~hari.sun/DNS_non-root_user_prop/webrev/<http://cr.opensolaris.org/%7Ehari.sun/DNS_non-root_user_prop/webrev/> >> > >> > The synopsis is .... >> > >> > *Bug ID* 6530498 *Synopsis* HA DNS should provide a property >> > to allow >> > the DNS service to be run as a non-root user *State* >> > 1-Dispatched(Default State) >> > *Category:Subcategory* suncluster:ha-dns *Keywords* DNS | >> > named | >> > non-root | oss-bite-size | oss-request | user *Sponsor* >> > *Submitter* >> > *Reported Against* >> > *Duplicate Of* >> > *Introduced In* >> > *Commit to Fix* >> > *Fixed In* >> > *Release Fixed* >> > *Related Bugs* >> > *Submit Date* 02-MAR-2007 *Last Update Date* 20-DEC-2007 * >> > Description* >> > >> > Customer request via the Sun Cluster forum: >> > >> > I'd like the DNS HA Agent for Sun Cluster 3.2 to be modified so that >> > the admin can choose to run BIND as a >> > non-root user ie. named. This functionality is desirable for security >> > reasons, as it gives the admin a layer of protection in >> > the event that BIND is compromised. As a non-root process, it >> > won't be >> > capable of doing >> > as much damage as a compromised root process could. This behaviour is >> > similar to how Apache works, and is already >> > available by specifying "-u <userid>" when starting BIND from the >> > command line, or setting 'user' >> > and 'group' in method_credential in the SMF manifest. >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > *Work Around* >> > >> > N/A >> > >> > >> > >> > My Sponsor Harish has done the testing... >> > >> > I request you all to please review the changes. >> > >> > Regards >> > Abhilash >> > >> > -- >> > Have the courage to follow your heart and intuitions, they somehow >> > alreadyknow what you truly wants >> > >> > > > > -- > Have the courage to follow your heart and intuitions, they somehow already > know what you truly wants > -- Have the courage to follow your heart and intuitions, they somehow already know what you truly wants -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/ha-clusters-discuss/attachments/20090608/15359137/attachment.html>
