Send Linux-ha-cvs mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.community.tummy.com/mailman/listinfo/linux-ha-cvs
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Linux-ha-cvs digest..."
Today's Topics:
1. Linux-HA CVS: mgmt by zhenh from
([email protected])
2. Linux-HA CVS: mgmt by zhenh from
([email protected])
----------------------------------------------------------------------
Message: 1
Date: Fri, 30 Dec 2005 01:31:30 -0700 (MST)
From: [email protected]
Subject: [Linux-ha-cvs] Linux-HA CVS: mgmt by zhenh from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : zhenh
Host :
Project : linux-ha
Module : mgmt
Dir : linux-ha/mgmt/daemon
Modified Files:
mgmtd.c
Log Message:
add the limit that only user belong haclient group can login
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/mgmt/daemon/mgmtd.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -3 -r1.11 -r1.12
--- mgmtd.c 21 Dec 2005 08:11:15 -0000 1.11
+++ mgmtd.c 30 Dec 2005 08:31:27 -0000 1.12
@@ -21,6 +21,8 @@
#include <portability.h>
+#include <sys/types.h>
+#include <grp.h>
#include <unistd.h>
#include <stdarg.h>
#include <errno.h>
@@ -45,7 +47,7 @@
#define OPTARGS "skrhvt"
#define PID_FILE HA_VARRUNDIR"/mgmtd.pid"
-
+#define ALLOW_GRP "haclient"
/* common daemon and debug functions */
static gboolean debug_level_adjust(int nsig, gpointer user_data);
@@ -56,6 +58,7 @@
static int init_status(const char *pid_file, const char *client_name);
static void shutdown_mgmtd(void);
static int on_event(const char* event);
+static int usr_belong_grp(const char* usr, const char* grp);
/* management daemon internal data structure */
typedef struct
@@ -412,7 +415,7 @@
return TRUE;
}
/* authorization check with pam */
- if (pam_auth(args[1],args[2]) != 0) {
+ if (pam_auth(args[1],args[2]) != 0 ||
!usr_belong_grp(args[1],ALLOW_GRP)) {
mgmt_del_args(args);
mgmt_del_msg(msg);
mgmt_session_sendmsg(session, MSG_FAIL);
@@ -643,3 +646,22 @@
exit(LSB_EXIT_OK);
}
}
+static int
+usr_belong_grp(const char* usr, const char* grp)
+{
+ int index = 0;
+ char* grp_usr = NULL;
+ struct group* gren = getgrnam(grp);
+ if (gren == NULL) {
+ return 0;
+ }
+ grp_usr = gren->gr_mem[index];
+ while (grp_usr != NULL) {
+ if (strncmp(usr,grp_usr,MAX_STRLEN) == 0) {
+ return 1;
+ }
+ index ++;
+ grp_usr = gren->gr_mem[index];
+ }
+ return 0;
+}
------------------------------
Message: 2
Date: Fri, 30 Dec 2005 01:35:28 -0700 (MST)
From: [email protected]
Subject: [Linux-ha-cvs] Linux-HA CVS: mgmt by zhenh from
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
linux-ha CVS committal
Author : zhenh
Host :
Project : linux-ha
Module : mgmt
Dir : linux-ha/mgmt/daemon
Modified Files:
mgmtd.pam
Log Message:
use more general format in pam config file, thanks sunjd
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/mgmt/daemon/mgmtd.pam,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -3 -r1.2 -r1.3
--- mgmtd.pam 6 Dec 2005 16:12:14 -0000 1.2
+++ mgmtd.pam 30 Dec 2005 08:35:27 -0000 1.3
@@ -1 +1,3 @@
-auth include common-auth
+auth required pam_unix.so
+account required pam_unix.so
+
------------------------------
_______________________________________________
Linux-ha-cvs mailing list
[email protected]
http://lists.community.tummy.com/mailman/listinfo/linux-ha-cvs
End of Linux-ha-cvs Digest, Vol 25, Issue 75
********************************************
