Hi, I am extremely sorry for being very late. I have reworked on the fix based on the comments, I have adjusted the unwanted spaces reworked on the coding style as suggested by Tirthankar. I have also incorporated the suggestions made by Swathi.
The changes can be seen at http://cr.opensolaris.org/~sdevulap/ha-dns_CR6530498/<http://cr.opensolaris.org/%7Esdevulap/ha-dns_CR6530498/>. I would also like to start a discussion on what changes need to be done in the documentation. Regards, Abhilash > > 2008/11/6 Abhilash T.G <abhi.tg4u at gmail.com> > > Hi, >> >> >> I am right now busy with my end semester exam. I will look into all your >> suggestions as soon as my exams are over. >> >> Regards >> Abhilash >> >> 2008/11/6 Swathi Devulapalli <Swathi.Devulapalli at sun.com> >> >> Hi Abhilash, >>> >>> Thanks for contributing to OHAC. Please find my comments below: >>> >>> 1. It would be good to have #def variables in capitals. aka ., #define >>> USER "user" >>> >>> 2. I doubt if this code will work as desired. >>> >>> *249 if (errno == ERANGE) {* >>> *250 ds_internal_error("Data buffer for user %s >>> "* >>> *251 "is not big enough", >>> user_name_st->val.val_str);* >>> >>> *252 if (print_messages) {* >>> * 253 (void) fprintf(stderr,* >>> *254 gettext("Data buffer for >>> user %s "* >>> *255 "is not big >>> enough.\n"),* >>> * 256 >>> user_name_st->val.val_str);* >>> *257 }* >>> You are not returning here. Do you want to continue even with an error? >>> For this, you could move return statement to line # 270. ie. after the >>> closing brace. >>> >>> *268 return (1);* >>> *269 }* >>> Where are you getting this "errno" from? >>> >>> 3. In the same code snip above, you are using ds_internal_error in the >>> "if" part and scds_syslog in the else part. Any specific reason? >>> >>> 4. */* Gets the username from the command line */* >>> >>> *562 strcpy(user_name, user_name_st->val.val_str);* >>> >>> *You may want to add (void) before this statement. Also, I feel it would >>> be better to do a strncpy with size as SCDS_ARRAY_SIZE.* >>> >>> *5. I do not see any debug statements in the code. You may want to >>> include some. * >>> >>> *6. Please check the indentations properly.* >>> >>> *7. Lastly, I would suggest you to do negative testing as well. Just >>> doing positive testing, may not help. Problems can be seen only in negative >>> testing.* >>> >>> *Thanks,* >>> >>> *Swathi* >>> >>> >>> >>> ----- Original Message ----- >>> From: "Abhilash T.G" <abhi.tg4u at gmail.com> >>> Date: Wednesday, November 5, 2008 9:32 am >>> Subject: [ha-clusters-discuss] CR-6530498 >>> To: clusters <ha-clusters-discuss at opensolaris.org> >>> >>> > Hello, >>> > >>> > I am Abhilash T.G (OS0183). I have done the CR-6530498. The >>> > changes can >>> > be viewed at >>> > http://cr.opensolaris.org/~hari.sun/DNS_non-root_user_prop/webrev/<http://cr.opensolaris.org/%7Ehari.sun/DNS_non-root_user_prop/webrev/> >>> > >>> > The synopsis is .... >>> > >>> > *Bug ID* 6530498 *Synopsis* HA DNS should provide a property >>> > to allow >>> > the DNS service to be run as a non-root user *State* >>> > 1-Dispatched(Default State) >>> > *Category:Subcategory* suncluster:ha-dns *Keywords* DNS | >>> > named | >>> > non-root | oss-bite-size | oss-request | user *Sponsor* >>> > *Submitter* >>> > *Reported Against* >>> > *Duplicate Of* >>> > *Introduced In* >>> > *Commit to Fix* >>> > *Fixed In* >>> > *Release Fixed* >>> > *Related Bugs* >>> > *Submit Date* 02-MAR-2007 *Last Update Date* 20-DEC-2007 * >>> > Description* >>> > >>> > Customer request via the Sun Cluster forum: >>> > >>> > I'd like the DNS HA Agent for Sun Cluster 3.2 to be modified so that >>> > the admin can choose to run BIND as a >>> > non-root user ie. named. This functionality is desirable for security >>> > reasons, as it gives the admin a layer of protection in >>> > the event that BIND is compromised. As a non-root process, it >>> > won't be >>> > capable of doing >>> > as much damage as a compromised root process could. This behaviour is >>> > similar to how Apache works, and is already >>> > available by specifying "-u <userid>" when starting BIND from the >>> > command line, or setting 'user' >>> > and 'group' in method_credential in the SMF manifest. >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > *Work Around* >>> > >>> > N/A >>> > >>> > >>> > >>> > My Sponsor Harish has done the testing... >>> > >>> > I request you all to please review the changes. >>> > >>> > Regards >>> > Abhilash >>> > >>> > -- >>> > Have the courage to follow your heart and intuitions, they somehow >>> > alreadyknow what you truly wants >>> > >>> >> >> >> >> -- >> Have the courage to follow your heart and intuitions, they somehow already >> know what you truly wants >> > > > > -- > Have the courage to follow your heart and intuitions, they somehow already > know what you truly wants > -- Have the courage to follow your heart and intuitions, they somehow already know what you truly wants -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/ha-clusters-discuss/attachments/20090619/a5fd5025/attachment.html>
