[prev in list] [next in list] [prev in thread] [next in thread]
List: trousers-cvs
Subject: [Trousers-cvs] trousers/src/tcsd tcsd_conf.c
From: Rajiv Andrade <phreakz () users ! sourceforge ! net>
Date: 2009-07-06 19:57:57
Message-ID: E1MNuK5-0001V1-R8 () ddv4jf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Update of /cvsroot/trousers/trousers/src/tcsd
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv5761/src/tcsd
Modified Files:
tcsd_conf.c
Log Message:
The fix below enables the tcsd to take advantage of the SMF features
on Solaris.
Signed-off-by: Wyllys Ingersoll <wyllys.ingersoll@sun.com>
[Replaced #if define's for #ifdef's, the latter is the standard in
TrouSers and previous patches]
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Index: tcsd_conf.c
===================================================================
RCS file: /cvsroot/trousers/trousers/src/tcsd/tcsd_conf.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** tcsd_conf.c 18 Dec 2007 15:54:00 -0000 1.16
--- tcsd_conf.c 6 Jul 2009 19:57:55 -0000 1.17
***************
*** 22,25 ****
--- 22,29 ----
#include <stdlib.h>
+ #ifdef SOLARIS
+ #include <libscf.h>
+ #endif
+
#include "trousers/tss.h"
#include "trousers_types.h"
***************
*** 675,678 ****
--- 679,705 ----
}
+ #ifdef SOLARIS
+ static int
+ get_smf_prop(const char *var, boolean_t def_val)
+ {
+ scf_simple_prop_t *prop;
+ uint8_t *val;
+ boolean_t res = def_val;
+ prop = scf_simple_prop_get(NULL, "svc:/application/security/tcsd:default",
+ "config", var);
+ if (prop) {
+ if ((val = scf_simple_prop_next_boolean(prop)) != NULL)
+ res = (*val == 0) ? B_FALSE : B_TRUE;
+ scf_simple_prop_free(prop);
+ }
+ if (prop == NULL || val == NULL) {
+ syslog(LOG_ALERT, "no value for config/%s (%s). "
+ "Using default \"%s\"", var, scf_strerror(scf_error()),
+ def_val ? "true" : "false");
+ }
+ return (res);
+ }
+ #endif
+
TSS_RESULT
conf_file_init(struct tcsd_config *conf)
***************
*** 680,690 ****
--- 707,727 ----
FILE *f = NULL;
struct stat stat_buf;
+ #ifndef SOLARIS
struct group *grp;
struct passwd *pw;
mode_t mode = (S_IRUSR|S_IWUSR);
+ #endif /* SOLARIS */
TSS_RESULT result;
init_tcsd_config(conf);
+ #ifdef SOLARIS
+ /*
+ * Solaris runs as root:sys but with reduced privileges
+ * so we don't need to create a new user/group and also so
+ * we can have auditing support. The permissions on
+ * the tcsd configuration file are not checked on Solaris.
+ */
+ #endif
/* look for a config file, create if it doesn't exist */
if (stat(TCSD_CONFIG_FILE, &stat_buf) == -1) {
***************
*** 700,703 ****
--- 737,741 ----
}
+ #ifndef SOLARIS
/* find the gid that owns the conf file */
errno = 0;
***************
*** 737,740 ****
--- 775,779 ----
return TCSERR(TSS_E_INTERNAL_ERROR);
}
+ #endif /* SOLARIS */
if ((f = fopen(TCSD_CONFIG_FILE, "r")) == NULL) {
***************
*** 749,752 ****
--- 788,802 ----
config_set_defaults(conf);
+ #ifdef SOLARIS
+ /*
+ * The SMF value for "local_only" overrides the config file and
+ * disables all remote operations.
+ */
+ if (get_smf_prop("local_only", B_TRUE)) {
+ (void) memset(conf->remote_ops, 0, sizeof(conf->remote_ops));
+ conf->unset |= TCSD_OPTION_REMOTE_OPS;
+
+ }
+ #endif
return result;
}
***************
*** 790,794 ****
/* This path is likely to be hit since open &'s mode with ~umask */
LogInfo("resetting mode of %s from %o to: %o", tcsd_options.system_ps_dir,
! stat_buf.st_mode, mode);
if (chmod(tcsd_options.system_ps_dir, mode) == -1) {
LogError("chmod(%s) failed: %s", tcsd_options.system_ps_dir,
--- 840,844 ----
/* This path is likely to be hit since open &'s mode with ~umask */
LogInfo("resetting mode of %s from %o to: %o", tcsd_options.system_ps_dir,
! (unsigned int) stat_buf.st_mode, (unsigned int) mode);
if (chmod(tcsd_options.system_ps_dir, mode) == -1) {
LogError("chmod(%s) failed: %s", tcsd_options.system_ps_dir,
------------------------------------------------------------------------------
_______________________________________________
Trousers-cvs mailing list
Trousers-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/trousers-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic