Module Name: src
Committed By: haad
Date: Wed Jan 5 14:57:29 UTC 2011
Modified Files:
src/distrib/sets/lists/base: mi
src/etc/mtree: NetBSD.dist.base
src/etc/rc.d: mountcritlocal
src/external/gpl2/lvm2: lvm2tools.mk
src/external/gpl2/lvm2/dist/include: defaults.h
src/external/gpl2/lvm2/dist/lib/format_text: archiver.c
src/external/gpl2/lvm2/dist/lib/locking: file_locking.c
src/external/gpl2/lvm2/dist/lib/misc: lvm-globals.c lvm-globals.h
src/external/gpl2/lvm2/dist/libdm: libdm-file.c
src/external/gpl2/lvm2/dist/tools: lvmcmdline.c
Log Message:
Allow operator to use lvm in read-only mode. Switch LVM lock dir to
/var/run/lvm and create it in rc.d/mountcritlocal. Fix dm control device
permissions to allow rw for operator.
Test if we are running lvm commands as operator and if that it's true do not
create vg backups and do not print confusing warning.
To generate a diff of this commit:
cvs rdiff -u -r1.912 -r1.913 src/distrib/sets/lists/base/mi
cvs rdiff -u -r1.71 -r1.72 src/etc/mtree/NetBSD.dist.base
cvs rdiff -u -r1.10 -r1.11 src/etc/rc.d/mountcritlocal
cvs rdiff -u -r1.2 -r1.3 src/external/gpl2/lvm2/lvm2tools.mk
cvs rdiff -u -r1.1.1.2 -r1.2 src/external/gpl2/lvm2/dist/include/defaults.h
cvs rdiff -u -r1.1.1.3 -r1.2 \
src/external/gpl2/lvm2/dist/lib/format_text/archiver.c
cvs rdiff -u -r1.1.1.3 -r1.2 \
src/external/gpl2/lvm2/dist/lib/locking/file_locking.c
cvs rdiff -u -r1.1.1.3 -r1.2 \
src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c
cvs rdiff -u -r1.1.1.2 -r1.2 \
src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h
cvs rdiff -u -r1.1.1.1 -r1.2 src/external/gpl2/lvm2/dist/libdm/libdm-file.c
cvs rdiff -u -r1.1.1.3 -r1.2 src/external/gpl2/lvm2/dist/tools/lvmcmdline.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/sets/lists/base/mi
diff -u src/distrib/sets/lists/base/mi:1.912 src/distrib/sets/lists/base/mi:1.913
--- src/distrib/sets/lists/base/mi:1.912 Sat Jan 1 13:09:13 2011
+++ src/distrib/sets/lists/base/mi Wed Jan 5 14:57:29 2011
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.912 2011/01/01 13:09:13 haad Exp $
+# $NetBSD: mi,v 1.913 2011/01/05 14:57:29 haad Exp $
#
# Note: Don't delete entries from here - mark them as "obsolete" instead,
# unless otherwise stated below.
@@ -4836,8 +4836,8 @@
./var/games/sail base-games-root
./var/games/save base-obsolete obsolete
./var/heimdal base-krb5-root
-./var/lock base-sys-root
-./var/lock/lvm base-sys-root lvm
+./var/lock base-sys-root obsolete
+./var/lock/lvm base-sys-root obsolete
./var/log base-sys-root
./var/log/rdist base-netutil-root
./var/mail base-mail-root
Index: src/etc/mtree/NetBSD.dist.base
diff -u src/etc/mtree/NetBSD.dist.base:1.71 src/etc/mtree/NetBSD.dist.base:1.72
--- src/etc/mtree/NetBSD.dist.base:1.71 Sat Jan 1 22:11:45 2011
+++ src/etc/mtree/NetBSD.dist.base Wed Jan 5 14:57:29 2011
@@ -1,4 +1,4 @@
-# $NetBSD: NetBSD.dist.base,v 1.71 2011/01/01 22:11:45 haad Exp $
+# $NetBSD: NetBSD.dist.base,v 1.72 2011/01/05 14:57:29 haad Exp $
# @(#)4.4BSD.dist 8.1 (Berkeley) 6/13/93
# Do not customize this file as it may be overwritten on upgrades.
@@ -1098,8 +1098,6 @@
./var/games/phantasia uname=games gname=games mode=0775
./var/games/sail uname=games gname=games mode=0775
./var/heimdal
-./var/lock gname=operator mode=0710
-./var/lock/lvm gname=operator mode=0770
./var/log
./var/log/rdist
./var/mail mode=1777
Index: src/etc/rc.d/mountcritlocal
diff -u src/etc/rc.d/mountcritlocal:1.10 src/etc/rc.d/mountcritlocal:1.11
--- src/etc/rc.d/mountcritlocal:1.10 Tue Apr 21 16:08:57 2009
+++ src/etc/rc.d/mountcritlocal Wed Jan 5 14:57:29 2011
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: mountcritlocal,v 1.10 2009/04/21 16:08:57 joerg Exp $
+# $NetBSD: mountcritlocal,v 1.11 2011/01/05 14:57:29 haad Exp $
#
# PROVIDE: mountcritlocal
@@ -25,6 +25,12 @@
#
rm -f /etc/nologin /var/spool/lock/LCK.*
(cd /var/run && rm -rf -- *)
+ # create LVM locking directory, it needs to be owned by operator
+ # group and has parmissions to allow lock file creation.
+ #
+ mkdir /var/run/lvm
+ chown root:operator /var/run/lvm
+ chmod 770 /var/run/lvm
}
load_rc_config $name
Index: src/external/gpl2/lvm2/lvm2tools.mk
diff -u src/external/gpl2/lvm2/lvm2tools.mk:1.2 src/external/gpl2/lvm2/lvm2tools.mk:1.3
--- src/external/gpl2/lvm2/lvm2tools.mk:1.2 Thu Dec 23 17:46:54 2010
+++ src/external/gpl2/lvm2/lvm2tools.mk Wed Jan 5 14:57:27 2011
@@ -1,4 +1,4 @@
-# $NetBSD: lvm2tools.mk,v 1.2 2010/12/23 17:46:54 christos Exp $
+# $NetBSD: lvm2tools.mk,v 1.3 2011/01/05 14:57:27 haad Exp $
.include <bsd.own.mk>
@@ -10,7 +10,8 @@
LIBDM_INCLUDE= ${NETBSDSRCDIR}/external/gpl2/lvm2/dist/include
# root:operator [cb]rw-r-----
-CPPFLAGS+=-DDM_DEVICE_UID=0 -DDM_DEVICE_GID=5 -DDM_DEVICE_MODE=0640
+CPPFLAGS+=-DDM_DEVICE_UID=0 -DDM_DEVICE_GID=5 -DDM_DEVICE_MODE=0640 \
+ -DDM_CONTROL_DEVICE_MODE=0660 -DLVM_LOCKDIR_MODE=0770
#
#LIBDM_OBJDIR.libdevmapper=${LIBDM_SRCDIR}/lib/libdevmapper/
Index: src/external/gpl2/lvm2/dist/include/defaults.h
diff -u src/external/gpl2/lvm2/dist/include/defaults.h:1.1.1.2 src/external/gpl2/lvm2/dist/include/defaults.h:1.2
--- src/external/gpl2/lvm2/dist/include/defaults.h:1.1.1.2 Wed Dec 2 00:25:44 2009
+++ src/external/gpl2/lvm2/dist/include/defaults.h Wed Jan 5 14:57:27 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: defaults.h,v 1.1.1.2 2009/12/02 00:25:44 haad Exp $ */
+/* $NetBSD: defaults.h,v 1.2 2011/01/05 14:57:27 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -39,7 +39,7 @@
#define DEFAULT_DATA_ALIGNMENT_OFFSET_DETECTION 1
#define DEFAULT_DATA_ALIGNMENT_DETECTION 1
-#define DEFAULT_LOCK_DIR "/var/lock/lvm"
+#define DEFAULT_LOCK_DIR "/var/run/lvm"
#define DEFAULT_LOCKING_LIB "liblvm2clusterlock.so"
#define DEFAULT_FALLBACK_TO_LOCAL_LOCKING 1
#define DEFAULT_FALLBACK_TO_CLUSTERED_LOCKING 1
Index: src/external/gpl2/lvm2/dist/lib/format_text/archiver.c
diff -u src/external/gpl2/lvm2/dist/lib/format_text/archiver.c:1.1.1.3 src/external/gpl2/lvm2/dist/lib/format_text/archiver.c:1.2
--- src/external/gpl2/lvm2/dist/lib/format_text/archiver.c:1.1.1.3 Wed Dec 2 00:26:29 2009
+++ src/external/gpl2/lvm2/dist/lib/format_text/archiver.c Wed Jan 5 14:57:28 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: archiver.c,v 1.1.1.3 2009/12/02 00:26:29 haad Exp $ */
+/* $NetBSD: archiver.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -117,6 +117,12 @@
return 1;
}
+#ifdef __NetBSD__
+ if (is_operator()) {
+ log_verbose("Operator usage: Skipping archiving of volume group.");
+ return 1;
+ }
+#endif
if (!dm_create_dir(vg->cmd->archive_params->dir))
return 0;
@@ -221,6 +227,12 @@
return 1;
}
+#ifdef __NetBSD__
+ if (is_operator()) {
+ log_verbose("Operator usage: Skipping archiving of volume group.");
+ return 1;
+ }
+#endif
if (!dm_create_dir(vg->cmd->backup_params->dir))
return 0;
Index: src/external/gpl2/lvm2/dist/lib/locking/file_locking.c
diff -u src/external/gpl2/lvm2/dist/lib/locking/file_locking.c:1.1.1.3 src/external/gpl2/lvm2/dist/lib/locking/file_locking.c:1.2
--- src/external/gpl2/lvm2/dist/lib/locking/file_locking.c:1.1.1.3 Wed Dec 2 00:26:24 2009
+++ src/external/gpl2/lvm2/dist/lib/locking/file_locking.c Wed Jan 5 14:57:28 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: file_locking.c,v 1.1.1.3 2009/12/02 00:26:24 haad Exp $ */
+/* $NetBSD: file_locking.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -322,6 +322,8 @@
int init_file_locking(struct locking_type *locking, struct cmd_context *cmd)
{
+ mode_t old_umask;
+
locking->lock_resource = _file_lock_resource;
locking->reset_locking = _reset_file_locking;
locking->fin_locking = _fin_file_locking;
@@ -335,10 +337,23 @@
_prioritise_write_locks =
find_config_tree_bool(cmd, "global/prioritise_write_locks",
DEFAULT_PRIORITISE_WRITE_LOCKS);
-
- if (!dm_create_dir(_lock_dir))
+ old_umask = umask(LVM_LOCKDIR_MODE);
+ if (!dm_create_dir(_lock_dir)){
+ umask(old_umask);
return 0;
+ } else {
+ /* Change lockfile directory owner to match with others */
+ if (chown(_lock_dir, DM_DEVICE_UID, DM_DEVICE_GID) == -1) {
+ if (errno == EPERM)
+ goto next;
+ log_sys_error("chown", _lock_dir);
+ return 0;
+ }
+ }
+next:
+ umask(old_umask);
+
/* Trap a read-only file system */
if ((access(_lock_dir, R_OK | W_OK | X_OK) == -1) && (errno == EROFS))
return 0;
Index: src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c
diff -u src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c:1.1.1.3 src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c:1.2
--- src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c:1.1.1.3 Wed Dec 2 00:26:44 2009
+++ src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c Wed Jan 5 14:57:28 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: lvm-globals.c,v 1.1.1.3 2009/12/02 00:26:44 haad Exp $ */
+/* $NetBSD: lvm-globals.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -41,6 +41,21 @@
static int _error_message_produced = 0;
static unsigned _is_static = 0;
+#ifdef __NetBSD__
+
+static int _is_operator = 0;
+
+void init_operator(int operator)
+{
+ _is_operator = operator;
+}
+
+int is_operator()
+{
+ return _is_operator;
+}
+#endif
+
void init_verbose(int level)
{
_verbose_level = level;
Index: src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h
diff -u src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h:1.1.1.2 src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h:1.2
--- src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h:1.1.1.2 Wed Feb 18 11:17:17 2009
+++ src/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h Wed Jan 5 14:57:28 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: lvm-globals.h,v 1.1.1.2 2009/02/18 11:17:17 haad Exp $ */
+/* $NetBSD: lvm-globals.h,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -21,6 +21,11 @@
#define VERBOSE_BASE_LEVEL _LOG_WARN
#define SECURITY_LEVEL 0
+#ifdef __NetBSD__
+void init_operator(int operator);
+int is_operator(void);
+#endif
+
void init_verbose(int level);
void init_test(int level);
void init_md_filtering(int level);
Index: src/external/gpl2/lvm2/dist/libdm/libdm-file.c
diff -u src/external/gpl2/lvm2/dist/libdm/libdm-file.c:1.1.1.1 src/external/gpl2/lvm2/dist/libdm/libdm-file.c:1.2
--- src/external/gpl2/lvm2/dist/libdm/libdm-file.c:1.1.1.1 Mon Dec 22 00:18:33 2008
+++ src/external/gpl2/lvm2/dist/libdm/libdm-file.c Wed Jan 5 14:57:28 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: libdm-file.c,v 1.1.1.1 2008/12/22 00:18:33 haad Exp $ */
+/* $NetBSD: libdm-file.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -21,6 +21,11 @@
#include <fcntl.h>
#include <dirent.h>
+/*
+ * Created directories permissions are controled by umask values and
+ * they should be set by api user before calling this function.
+ * Changing directory owners is also left on caller.
+ */
static int _create_dir_recursive(const char *dir)
{
char *orig, *s;
Index: src/external/gpl2/lvm2/dist/tools/lvmcmdline.c
diff -u src/external/gpl2/lvm2/dist/tools/lvmcmdline.c:1.1.1.3 src/external/gpl2/lvm2/dist/tools/lvmcmdline.c:1.2
--- src/external/gpl2/lvm2/dist/tools/lvmcmdline.c:1.1.1.3 Wed Dec 2 00:25:52 2009
+++ src/external/gpl2/lvm2/dist/tools/lvmcmdline.c Wed Jan 5 14:57:28 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: lvmcmdline.c,v 1.1.1.3 2009/12/02 00:25:52 haad Exp $ */
+/* $NetBSD: lvmcmdline.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@@ -1296,8 +1296,32 @@
static void _nonroot_warning(void)
{
+#ifdef __NetBSD__
+ gid_t groups_list[NGROUPS_MAX];
+ int i, group_num, is_operator = 0;
+
+ /* Operator group in NetBSD should be able to see lvm status. */
+ if (getuid() || geteuid()) {
+ group_num = getgroups(NGROUPS_MAX, groups_list);
+
+ for (i = 0; i < group_num; i++) {
+ if (groups_list[i] == DM_DEVICE_GID) {
+ is_operator = 1;
+ init_operator(is_operator);
+ break;
+ }
+ }
+
+ if (is_operator)
+ log_warn("WARNING: Using LVM as operator you have only read access.");
+ else
+ log_warn("WARNING: Running as a non-root user and without "
+ "operator group. Functionality may be unavailable.");
+ }
+#else
if (getuid() || geteuid())
log_warn("WARNING: Running as a non-root user. Functionality may be unavailable.");
+#endif
}
int lvm2_main(int argc, char **argv)
