Client.cc.diff
src/client/Client.cc | ||
---|---|---|
23 | 23 |
#include <fcntl.h> |
24 | 24 |
#include <sys/utsname.h> |
25 | 25 |
#include <sys/uio.h> |
26 |
#include <grp.h> |
|
27 |
#include <pwd.h> |
|
26 | 28 | |
27 | 29 |
#if defined(__linux__) |
28 | 30 |
#include <linux/falloc.h> |
... | ... | |
4545 | 4547 | |
4546 | 4548 |
int Client::check_permissions(Inode *in, int flags, int uid, int gid) |
4547 | 4549 |
{ |
4550 |
// initial number of group entries, defaults to posix standard of 16 |
|
4551 |
// PAM implementations may provide more than 16 groups... |
|
4552 |
int initial_group_count = 16; |
|
4553 | ||
4548 | 4554 |
gid_t *sgids = NULL; |
4549 | 4555 |
int sgid_count = 0; |
4550 | 4556 |
if (getgroups_cb) { |
... | ... | |
4554 | 4560 |
return sgid_count; |
4555 | 4561 |
} |
4556 | 4562 |
} |
4563 |
else { |
|
4564 |
// use PAM to get the group list |
|
4565 |
sgid_count = initial_group_count; |
|
4566 |
sgids = (gid_t*)malloc (sgid_count * sizeof(gid_t)); |
|
4567 |
if (sgids == NULL) { |
|
4568 |
ldout(cct, 3) << "allocating group memory failed!" << dendl; |
|
4569 |
return -EACCES; |
|
4570 |
} |
|
4571 |
|
|
4572 |
struct passwd *pw; |
|
4573 |
pw = getpwuid(uid); |
|
4574 |
if (pw == NULL) { |
|
4575 |
ldout(cct, 3) << "getting user name failed!" << dendl; |
|
4576 |
return -EACCES; |
|
4577 |
} |
|
4578 |
while(1) { |
|
4579 |
if (getgrouplist(pw->pw_name, gid, sgids, &sgid_count) == -1) { |
|
4580 |
// we need to resize the group list and try again |
|
4581 |
sgids = (gid_t*)realloc(sgids, sgid_count * sizeof(gid_t)); |
|
4582 |
continue; |
|
4583 |
} |
|
4584 |
// list was successfully retrieved |
|
4585 |
break; |
|
4586 |
} |
|
4587 |
} |
|
4557 | 4588 |
// check permissions before doing anything else |
4589 |
int ret = 0; |
|
4558 | 4590 |
if (uid != 0 && !in->check_mode(uid, gid, sgids, sgid_count, flags)) { |
4559 |
return -EACCES;
|
|
4591 |
ret = -EACCES;
|
|
4560 | 4592 |
} |
4561 |
return 0; |
|
4593 |
|
|
4594 |
// free group list |
|
4595 |
free (sgids); |
|
4596 |
return ret; |
|
4562 | 4597 |
} |
4563 | 4598 | |
4564 | 4599 |
vinodeno_t Client::_get_vino(Inode *in) |