Parent Directory
| 
Revision Log
| Links to HEAD: | (view) (download) (as text) (annotate) |
| Sticky Revision: |
- prevent "warning: unused variable `lck'"
- Forcing umask for cgul_mkdir_with_parents() and cgul_open_logfile() to be identical to the specified modes, so forcing it to be not stricter than the specified mode.
Adding new function: cgul_open_logfile() opens a logfile, root-owned, with suitable checks, using J. Kupsch library.
Syncing with fileutil in glexec. Note that there were a few issues with the
wrong groups being added:
- Rewritten trusted/confidential checks for cgul_read_config, to make it more
consistent and solve a number of unclear situations and inconsistencies.
* confidentiality check is now only enabled when a macro
DEMAND_CONFIG_CONFIDENTIAL is defined.
* Only trusted user and root are trusted for read/write. The trusted group is
not trusted for writing.
* When in addition a confidentiality check is done, the file may ONLY be
readable for the trusted users, the trusted groups and the effective gid,
the latter only when different from real gid.
- Adding a #ifdef around 2 variable definitions to prevent 'unused variable'
warnings.
- Allow to 'drop' privilege to root group when needed.
- properly deal with negative 'gid's' (use int and cast at the right place).
- Fix wrong return code for read_config: missing file should NOT be a privilege drop error but a I/O error.
flock() doesn't work on Solaris, so always return error.
- updated comment
- Heavily improved mkdir_with_parents function for crippled automount behaviour.
- resync-ed with glexec: lstat -> stat etc.
Bringing fileutil back in sync with version in gLExec
- cgul_write_uniq_proxy now updates the template such that one can figure out the actual filename
- Updated the API for the proxy reading and config file, after extensively looking at use-cases. Preferred for config file: 'glexec'.root (or 'scas'.root or whatever), and reading as glexec.glexec or glexec.gid - two writing functions synchronized.
- (almost) no type incompatibilities. Removed 1 potentially dangerous size_t
- introduced cgul_ prefix for environ - synchronized two proxy writing functions, thereby fixing a const char* writing issue (segfault).
- parent directory of to-be-written proxy is created and with right mode.
- LICENSES added - added ifndef construct to prevent double inclusion - added many comments - fixed a few uninitialized variables - fixed too small buffer for reading (\0 forgotten) also fixed forgotten addition of \0 after reading. - read_config() now has preferred uid/gid. 0 (root) effectively ignores, because root is always trusted (cannot be untrusted). - priv_drop has int argu's because uid/gid is unsigned. - same for read_proxy: read_gid is int - priv_drop now fails when NOT euid==0 - read_config figures out whether switching or not and acts accordingly: in switching mode we demand confidential, in non-switching, trusted is good enough. - check on template in write_uniq_proxy: ending with 6 times X - difference in file mode and dirmode, for same one... - fixed bug in dir creation, missed last element.
- new function cgul_read_config that reads a config file into a memory buffer using J. Kupsch' safefile (only the safe_is_path_trusted_r() ) - hopefully raise all privileges also when failure. - remove dead code
- Added extra return code -3 for cgul_write_proxy(): permissions error Also split opening/changing ownership/mode for this, in this function - fixed number of missing variable declarations - fixed number of typos
- First (preliminary) version of fileutil files: locking, reading/writing proxy and directory creation.
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.
| grid.support@nikhef.nl | ViewVC Help |
| Powered by ViewVC 1.1.28 |