fs discon support alternate uid

this is a short-term hack. macos lacks pags, and anywhere without pags won't have tokens when fs discon online is run as root unless the tokens are explicitly set for root... which can be bad mojo. instead, allow a uid to be passed in. Change-Id: I44ebf9468976fa43d449f72d392fbb9e830e44d6 Reviewed-on: http://gerrit.openafs.org/2515 Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
2025-02-01 05:57:43 +00:00 · 2010-08-04 09:38:10 -04:00 · 2010-08-04 09:38:10 -04:00 · 5a2ae98327
commit 5a2ae98327
parent e6aa0b38e9
2 changed files with 24 additions and 5 deletions
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@ -5138,9 +5138,10 @@ DECL_PIOCTL(PDiscon)
    static afs_int32 mode = 1; /* Start up in 'off' */
    afs_int32 force = 0;
    int code = 0;
-    char flags[3];
+    char flags[4];
+    struct vrequest lreq;

-    if (afs_pd_getBytes(ain, &flags, 3) == 0) {
+    if (afs_pd_getBytes(ain, &flags, 4) == 0) {
 	if (!afs_osi_suser(*acred))
 	    return EPERM;

@ -5150,6 +5151,12 @@ DECL_PIOCTL(PDiscon)
 	    afs_ConflictPolicy = flags[1] - 1;
 	if (flags[2])
 	    force = 1;
+	if (flags[3]) {
+	    /* Fake InitReq support for UID override */
+	    memset(&lreq, 0, sizeof(lreq));
+	    lreq.uid = flags[3];
+	    areq = &lreq; /* override areq we got */
+	}

 	/*
 	 * All of these numbers are hard coded in fs.c. If they
--- a/src/venus/fs.c
+++ b/src/venus/fs.c
@ -3476,13 +3476,13 @@ DisconCmd(struct cmd_syndesc *as, void *arock)
    char *modename;
    char *policyname;
    int modelen, policylen;
-    afs_int32 mode, policy, code;
+    afs_int32 mode, policy, code, unixuid = 0;
    struct ViceIoctl blob;

    blob.in = NULL;
    blob.in_size = 0;

-    space[0] = space[1] = space[2] = 0;
+    space[0] = space[1] = space[2] = space[3] = 0;

    ti = as->parms[0].items;
    if (ti) {
@ -3516,8 +3516,19 @@ DisconCmd(struct cmd_syndesc *as, void *arock)
    	printf("force on\n");
    }

+    ti = as->parms[3].items;
+    if (ti) {
+	code = util_GetInt32(ti->data, &unixuid);
+	if (code) {
+	    fprintf(stderr, "%s: bad integer specified for uid.\n", pn);
+            return 1;
+        }
+	space[3] = unixuid;
+    } else
+	space[3] = 0;
+
    blob.in = space;
-    blob.in_size = 3 * sizeof(afs_int32);
+    blob.in_size = 4 * sizeof(afs_int32);

    blob.out_size = sizeof(mode);
    blob.out = space;
@ -3866,6 +3877,7 @@ defect 3069
    cmd_AddParm(ts, "-mode", CMD_SINGLE, CMD_REQUIRED, "offline | online");
    cmd_AddParm(ts, "-policy", CMD_SINGLE, CMD_OPTIONAL, "client | server");
    cmd_AddParm(ts, "-force", CMD_FLAG, CMD_OPTIONAL, "Force reconnection, despite any synchronization issues.");
+    cmd_AddParm(ts, "-uid", CMD_SINGLE, CMD_OPTIONAL, "Numeric UID of user whose tokens to use at reconnect.");

    ts = cmd_CreateSyntax("nukenfscreds", NukeNFSCredsCmd, NULL, "nuke credentials for NFS client");
    cmd_AddParm(ts, "-addr", CMD_SINGLE, 0, "host name or address");