Commit 671aae57 authored by Leigh B. Stoller's avatar Leigh B. Stoller

A small set of vnode changes required for jails.

parent 087720cd
......@@ -94,7 +94,7 @@ static event_handle_t event_handle = NULL;
#define COMMAND_PROTOTYPE(x) \
static int \
x(int sock, char *nodeid, char *rdata, int tcp, \
int islocal, char *nodetype, int vers)
int islocal, int isvnode, char *nodetype, int vers)
COMMAND_PROTOTYPE(doreboot);
COMMAND_PROTOTYPE(dostatus);
......@@ -127,7 +127,7 @@ COMMAND_PROTOTYPE(doipodinfo);
struct command {
char *cmdname;
int (*func)(int, char *, char *, int, int, char *, int);
int (*func)(int, char *, char *, int, int, int, char *, int);
} command_array[] = {
{ "reboot", doreboot },
{ "status", dostatus },
......@@ -673,7 +673,7 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
* Simple "isalive" support for remote nodes.
*/
doisalive(sock, nodeid, rdata, istcp,
islocal, type, version);
islocal, isvnode, type, version);
goto skipit;
}
error("%s: Remote node connected without SSL!\n", nodeid);
......@@ -690,7 +690,7 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
* Simple "isup" daemon support!
*/
doisalive(sock, nodeid, rdata, istcp,
islocal, type, version);
islocal, isvnode, type, version);
goto skipit;
}
error("%s: Remote node connected without SSL!\n", nodeid);
......@@ -761,7 +761,7 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
istcp ? "TCP" : "UDP", cp, command_array[i].cmdname);
err = command_array[i].func(sock, nodeid, rdata, istcp,
islocal, type, version);
islocal, isvnode, type, version);
if (err)
info("%s: %s: returned %d\n",
......@@ -1024,7 +1024,7 @@ COMMAND_PROTOTYPE(doaccounts)
/*
* Now check reserved table
*/
if (islocal && nodeidtoexp(nodeid, pid, eid, gid)) {
if ((islocal || isvnode) && nodeidtoexp(nodeid, pid, eid, gid)) {
error("ACCOUNTS: %s: Node is free\n", nodeid);
return 1;
}
......@@ -1032,7 +1032,7 @@ COMMAND_PROTOTYPE(doaccounts)
/*
* We need the unix GID and unix name for each group in the project.
*/
if (islocal) {
if (islocal || isvnode) {
res = mydb_query("select unix_name,unix_gid from groups "
"where pid='%s'",
2, pid);
......@@ -1098,7 +1098,7 @@ COMMAND_PROTOTYPE(doaccounts)
/*
* Now onto the users in the project.
*/
if (islocal) {
if (islocal || isvnode) {
/*
* This crazy join is going to give us multiple lines for
* each user that is allowed on the node, where each line
......@@ -1238,6 +1238,14 @@ COMMAND_PROTOTYPE(doaccounts)
break;
row = nextrow;
}
/*
* Drop root privs if a remote node, but not a vnode.
* This is an interim measure until accounts are
* built just inside the jails.
*/
if (!islocal && !isvnode)
root = tbadmin;
/*
* Okay, process the UID. If there is no primary gid,
* then use one from the list. Then convert the rest of
......@@ -1274,8 +1282,11 @@ COMMAND_PROTOTYPE(doaccounts)
row[10] ? row[10] : "");
}
else {
if (!islocal && vers == 5) {
row[1] = "'*'";
if (!islocal) {
if (vers == 5)
row[1] = "'*'";
else
row[1] = "*";
}
sprintf(buf,
"ADDUSER LOGIN=%s "
......@@ -1472,7 +1483,7 @@ COMMAND_PROTOTYPE(dohostsV2)
/*
* This will go away. Ignore version and assume latest.
*/
return(dohosts(sock, nodeid, rdata, tcp, islocal,
return(dohosts(sock, nodeid, rdata, tcp, islocal, isvnode,
nodetype, CURRENT_VERSION));
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment