Bug#487434: [Pkg-vsquare-devel] Bug#487434: vde ctl permission

[Ludovico Gardenghi]

On Sat, Jun 21, 2008 at 09:06:29PM +0100, Matthew King wrote:

 Improve the permission on /var/run/vde2 and /var/run/vde2/*.ctl (or
 whatever ctl file is chosen).

Could you please take a look to the SVN revision r310 and check if it
addresses the issue?

Thanks,
Ludovico
-- 
[EMAIL PROTECTED]#acheronte (irc.freenode.net) ICQ: 64483080
GPG ID: 07F89BB8  Jabber: [EMAIL PROTECTED] Yahoo: gardenghelle
-- This is signature nr. 4233



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#487434: vde ctl permission

[Matthew King]

Package: vde2
Version: 2.2.1-1
Severity: wishlist

Improve the permission on /var/run/vde2 and /var/run/vde2/*.ctl (or
whatever ctl file is chosen).

First I should indicate that I can see no reason why 2775 (ie. o+rx) is
a bad idea on /var/run/ctl. Any user who can run ps or ifconfig can
guess what's inside. If there is a compelling reason why this is a bad
thing then so be it.

On the other hand, if it remains 2770 then anybody who wishes to connect
a vde port must be in the vde2-net group, which also grants access to
write to the /var/run/vde2 directory and, by extension, connect to the
management port.

The attached patch allows one group (passed to vde_switch) to be given
rights to connect to ports while another (vde2-net) gets authority to
manage the switch itself.

If vde_switch is passed -g vmuser, then the various directories look
like (with one port attached):

drwxrwsr-x 3 vde2-net vde2-net 4096 2008-06-21 20:27 /var/run/vde2
drwxrws--- 2 root vmuser   4096 2008-06-21 20:27 
/var/run/vde2/vde_lego_kvm.ctl
srwx-- 1 mkingvmuser  0 2008-06-21 20:27 
/var/run/vde2/vde_lego_kvm.ctl/002
srw-rw 1 root vmuser  0 2008-06-21 20:27 
/var/run/vde2/vde_lego_kvm.ctl/ctl
srw-rw 1 root vde2-net0 2008-06-21 20:27 
/var/run/vde2/vde_lego_kvm.mgmt
-rw-r--r-- 1 root vde2-net6 2008-06-21 20:27 
/var/run/vde2/vde_lego_kvm.pid

Matthew

diff -ur vde2-2.2.1/debian/network/if-pre-up.d/vde2 
vde2-2.2.1-owner/debian/network/if-pre-up.d/vde2
--- vde2-2.2.1/debian/network/if-pre-up.d/vde2  2008-06-21 20:52:48.0 
+0100
+++ vde2-2.2.1-owner/debian/network/if-pre-up.d/vde22008-06-21 
19:58:17.0 +0100
@@ -21,7 +21,7 @@
 if [ ! -d /var/run/vde2 ]; then
 mkdir -p /var/run/vde2
 chown vde2-net:vde2-net /var/run/vde2
-chmod 2770 /var/run/vde2
+chmod 2775 /var/run/vde2
 fi
 
 # vde2-switch [-|args]
diff -ur vde2-2.2.1/debian/postinst vde2-2.2.1-owner/debian/postinst
--- vde2-2.2.1/debian/postinst  2008-06-21 20:52:48.0 +0100
+++ vde2-2.2.1-owner/debian/postinst2008-06-21 20:58:55.0 +0100
@@ -13,7 +13,7 @@
 
 if ! dpkg-statoverride --list /var/run/vde2 /dev/null; then
 chown vde2-net:vde2-net /var/run/vde2
-chmod 2770 /var/run/vde2
+chmod 2775 /var/run/vde2
 fi
 
 if [ ! -e /dev/.devfsd ]  [ ! -e /dev/net/tun ]; then
diff -ur vde2-2.2.1/src/vde_switch/datasock.c 
vde2-2.2.1-owner/src/vde_switch/datasock.c
--- vde2-2.2.1/src/vde_switch/datasock.c2008-06-15 17:49:16.0 
+0100
+++ vde2-2.2.1-owner/src/vde_switch/datasock.c  2008-06-21 20:22:19.0 
+0100
@@ -418,6 +418,10 @@
printlog(LOG_ERR,Could not set the VDE ctl directory '%s' 
permissions: %s, ctl_socket, strerror(errno));
exit(-1);
}
+   if(chown(ctl_socket,-1,grp_owner)  0) {
+   printlog(LOG_ERR, Could not chown the VDE ctl directory '%s': 
%s, ctl_socket, strerror(errno));
+   exit(-1);
+   }
sun.sun_family = AF_UNIX;
snprintf(sun.sun_path,sizeof(sun.sun_path),%s/ctl,ctl_socket);
if(bind(connect_fd, (struct sockaddr *) sun, sizeof(sun))  0){

-- 
I must take issue with the term a mere child, for it has been my
invariable experience that the company of a mere child is infinitely
preferable to that of a mere adult.
   --  Fran Lebowitz



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]