Commit 97b206ba authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Add widearearoot and wideareajailroot to the users table, to control

who gets root on widearea nodes, inside and outside of jail. Kinda
brute force; might need to make this more flexible at some point,
perhaps with a node/user mapping table for widearearoot (root outside
the jail), and a widearea_trust slot to the group_membership table
(root inside a jail), but this will do for now since its handled
entirely inside of tmcd.

I was originally using local_root to determine root access inside the
jail, but we need to more finely control who gets root on widearea
nodes. Outside the jail, only tbadmin got jail, and thats definitely
too restrictive!
parent 4154972a
......@@ -1161,14 +1161,14 @@ COMMAND_PROTOTYPE(doaccounts)
" p.trust,g.pid,g.gid,g.unix_gid,u.admin, "
" u.emulab_pubkey,u.home_pubkey, "
" UNIX_TIMESTAMP(u.usr_modified), "
" u.usr_email "
" u.usr_email,u.widearearoot,u.wideareajailroot "
"from group_membership as p "
"left join users as u on p.uid=u.uid "
"left join groups as g on p.pid=g.pid "
"where ((p.pid='%s' and p.gid='%s')) "
" and p.trust!='none' "
" and u.status='active' order by u.uid",
13, reqp->pid, reqp->gid);
15, reqp->pid, reqp->gid);
}
else {
res = mydb_query("select distinct "
......@@ -1176,14 +1176,14 @@ COMMAND_PROTOTYPE(doaccounts)
" p.trust,g.pid,g.gid,g.unix_gid,u.admin, "
" u.emulab_pubkey,u.home_pubkey, "
" UNIX_TIMESTAMP(u.usr_modified), "
" u.usr_email "
" u.usr_email,u.widearearoot,u.wideareajailroot "
"from group_membership as p "
"left join users as u on p.uid=u.uid "
"left join groups as g on "
" p.pid=g.pid and p.gid=g.gid "
"where ((p.pid='%s')) and p.trust!='none' "
" and u.status='active' order by u.uid",
13, reqp->pid);
15, reqp->pid);
}
}
else if (reqp->jailflag) {
......@@ -1196,7 +1196,7 @@ COMMAND_PROTOTYPE(doaccounts)
" p.trust,g.pid,g.gid,g.unix_gid,u.admin, "
" u.emulab_pubkey,u.home_pubkey, "
" UNIX_TIMESTAMP(u.usr_modified), "
" u.usr_email "
" u.usr_email,u.widearearoot,u.wideareajailroot "
"from group_membership as p "
"left join users as u on p.uid=u.uid "
"left join groups as g on "
......@@ -1204,7 +1204,7 @@ COMMAND_PROTOTYPE(doaccounts)
"where (p.pid='%s') and p.trust!='none' "
" and u.status='active' and u.admin=1 "
" order by u.uid",
13, RELOADPID);
15, RELOADPID);
}
else {
/*
......@@ -1222,7 +1222,8 @@ COMMAND_PROTOTYPE(doaccounts)
"m.trust,g.pid,g.gid,g.unix_gid,u.admin, "
"u.emulab_pubkey,u.home_pubkey, "
"UNIX_TIMESTAMP(u.usr_modified), "
" u.usr_email "
"u.usr_email,u.widearearoot, "
"u.wideareajailroot "
"from projects as p "
"left join group_membership as m "
" on m.pid=p.pid "
......@@ -1234,7 +1235,7 @@ COMMAND_PROTOTYPE(doaccounts)
" and m.trust!='none' "
" and u.status='active' "
"order by u.uid",
13, reqp->type);
15, reqp->type);
}
if (!res) {
......@@ -1311,12 +1312,19 @@ COMMAND_PROTOTYPE(doaccounts)
row = nextrow;
}
/*
* Drop root privs if a remote node, but not a vnode.
* This is an interim measure until accounts are
* built just inside the jails.
* widearearoot and wideareajailroot override trust values
* from the project (above). Of course, tbadmin overrides
* everthing!
*/
if (!reqp->islocal && !reqp->isvnode)
root = tbadmin;
if (!reqp->islocal) {
if (!reqp->isvnode)
root = atoi(row[13]);
else
root = atoi(row[14]);
if (tbadmin)
root = 1;
}
/*
* Okay, process the UID. If there is no primary gid,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment