Steven,
patch attached.
Regards,
Honza
Steven Dake wrote:
> I already merged your previous patch. Can you rework the defines into a
> new patch? Thanks!
>
> Regards
> -steve
>
> On Wed, 2009-04-01 at 12:30 +0200, Jan Friesse wrote:
>> Attached is patch with included suggested changes.
>>
>> Thanks Jim.
>>
>> Jim Meyering wrote:
>>> Jan Friesse wrote:
>>>> Attached patch solves problem with running corosync as ais user.
>>>>
>>>> Main problem was hidden in reading aisexec section. If this section
>>>> exists in corosync.conf, everything works, but in other cases,
>>>> main_config->uid/gid are initialized to 0 (so only root:root) can run
>>>> corosync.
>>>>
>>>> Another problem, what this patch fixes is documentation of
>>>> corosync.conf, so now aisexec section is documented (at least user and
>>>> group).
>>>>
>>>> Index: exec/mainconfig.c
>>>> ===================================================================
>>>> --- exec/mainconfig.c (revision 1975)
>>>> +++ exec/mainconfig.c (working copy)
>>>> @@ -352,6 +352,10 @@
>>>> main_config->gid = gid_determine(value);
>>>> } else
>>>> main_config->gid = gid_determine("ais");
>>>> + } else {
>>>> + /*We don't find object aisexec, but we allow ais user/group to
>>>> run corosync*/
>>>> + main_config->uid = uid_determine("ais");
>>>> + main_config->gid = gid_determine("ais");
>>> Those two added uses of "ais" bring the total to 4.
>>> Maybe factor them out into e.g., this?
>>>
>>> #define DEFAULT_AIS_USER_NAME "ais"
>>> #define DEFAULT_AIS_GROUP_NAME "ais"
>>>
>>>
>>>> Index: man/corosync.conf.5
>>>> ===================================================================
>>>> --- man/corosync.conf.5 (revision 1975)
>>>> +++ man/corosync.conf.5 (working copy)
>>>> @@ -55,6 +55,9 @@
>>>> .TP
>>>> event { }
>>>> This top level directive contains configuration options for the event
>>>> service.
>>>> +.TP
>>>> +aisexec { }
>>>> +This top level directive contains configuration options for user
>>>> privilegies.
>>> s/ies/es/
>>>
>>>> .PP
>>>> .PP
>>>> @@ -496,6 +499,20 @@
>>>>
>>>> The default is none.
>>>>
>>>> +.PP
>>>> +Within the
>>>> +.B aisexec
>>>> +directive, there are two configuration options which are all optional:
>>>> +.TP
>>>> +user
>>>> +.TP
>>>> +group
>>>> +These specify the user and group, which is able to run and use corosync.
>>>> +In any case, this is able to do root:root. But if you don't want run
>>> s/run/to run/
>>>
>>>> +corosync as root, you can use this directives.
>>> s/this/these/
>>>
>>>> +
>>>> +The default is ais.
>>>> +
>>>> .SH "FILES"
>>>> .TP
>>>> /etc/corosync.conf
>>>> _______________________________________________
>>>> Openais mailing list
>>>> [email protected]
>>>> https://lists.linux-foundation.org/mailman/listinfo/openais
>> plain text document attachment (run_as_ais.patch)
>> Index: exec/mainconfig.c
>> ===================================================================
>> --- exec/mainconfig.c (revision 1975)
>> +++ exec/mainconfig.c (working copy)
>> @@ -346,12 +346,16 @@
>> if (!objdb_get_string (objdb,object_service_handle, "user",
>> &value)) {
>> main_config->uid = uid_determine(value);
>> } else
>> - main_config->uid = uid_determine("ais");
>> + main_config->uid = uid_determine(DEFAULT_AIS_USER_NAME);
>>
>> if (!objdb_get_string (objdb,object_service_handle, "group",
>> &value)) {
>> main_config->gid = gid_determine(value);
>> } else
>> - main_config->gid = gid_determine("ais");
>> + main_config->gid =
>> gid_determine(DEFAULT_AIS_GROUP_NAME);
>> + } else {
>> + /*We don't find object aisexec, but we allow ais user/group to
>> run corosync*/
>> + main_config->uid = uid_determine(DEFAULT_AIS_USER_NAME);
>> + main_config->gid = gid_determine(DEFAULT_AIS_GROUP_NAME);
>> }
>>
>> objdb->object_find_destroy (object_find_handle);
>> Index: exec/mainconfig.h
>> ===================================================================
>> --- exec/mainconfig.h (revision 1975)
>> +++ exec/mainconfig.h (working copy)
>> @@ -49,6 +49,9 @@
>> };
>> #define MAX_DYNAMIC_SERVICES 128
>>
>> +#define DEFAULT_AIS_USER_NAME "ais"
>> +#define DEFAULT_AIS_GROUP_NAME "ais"
>> +
>> struct main_config {
>> /*
>> * logging configuration
>> Index: man/corosync.conf.5
>> ===================================================================
>> --- man/corosync.conf.5 (revision 1975)
>> +++ man/corosync.conf.5 (working copy)
>> @@ -55,6 +55,9 @@
>> .TP
>> event { }
>> This top level directive contains configuration options for the event
>> service.
>> +.TP
>> +aisexec { }
>> +This top level directive contains configuration options for user privileges.
>>
>> .PP
>> .PP
>> @@ -496,6 +499,20 @@
>>
>> The default is none.
>>
>> +.PP
>> +Within the
>> +.B aisexec
>> +directive, there are two configuration options which are all optional:
>> +.TP
>> +user
>> +.TP
>> +group
>> +These specify the user and group, which is able to run and use corosync.
>> +In any case, this is able to do root:root. But if you don't want to run
>> +corosync as root, you can use these directives.
>> +
>> +The default is ais.
>> +
>> .SH "FILES"
>> .TP
>> /etc/corosync.conf
>> _______________________________________________
>> Openais mailing list
>> [email protected]
>> https://lists.linux-foundation.org/mailman/listinfo/openais
>
Index: exec/mainconfig.c
===================================================================
--- exec/mainconfig.c (revision 1989)
+++ exec/mainconfig.c (working copy)
@@ -433,8 +433,8 @@
strlen ("aisexec"),
&object_find_handle);
- main_config->uid = uid_determine("ais");
- main_config->gid = gid_determine("ais");
+ main_config->uid = uid_determine(DEFAULT_AIS_USER_NAME);
+ main_config->gid = gid_determine(DEFAULT_AIS_GROUP_NAME);
if (objdb->object_find_next (
object_find_handle,
Index: exec/mainconfig.h
===================================================================
--- exec/mainconfig.h (revision 1989)
+++ exec/mainconfig.h (working copy)
@@ -49,6 +49,9 @@
};
#define MAX_DYNAMIC_SERVICES 128
+#define DEFAULT_AIS_USER_NAME "ais"
+#define DEFAULT_AIS_GROUP_NAME "ais"
+
struct main_config {
/*
* logging configuration
Index: man/corosync.conf.5
===================================================================
--- man/corosync.conf.5 (revision 1989)
+++ man/corosync.conf.5 (working copy)
@@ -57,7 +57,7 @@
This top level directive contains configuration options for the event service.
.TP
aisexec { }
-This top level directive contains configuration options for user privilegies.
+This top level directive contains configuration options for user privileges.
.PP
.PP
@@ -514,10 +514,10 @@
.TP
group
These specify the user and group, which is able to run and use corosync.
-In any case, this is able to do root:root. But if you don't want run
-corosync as root, you can use this directives.
+In any case, this is able to do root:root. But if you don't want to run
+corosync as root, you can use these directives.
-The default is ais.
+The default for each is ais.
.SH "FILES"
.TP
_______________________________________________
Openais mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/openais
