OpenAFS CVS Commit: openafs/src/bozo by shadow

cvs@penn.central.org cvs@penn.central.org
Mon, 29 Jan 2001 12:38:35 EST


Update of /usr1/cvs/openafs/src/bozo
In directory penn.central.org:/usr0/build/openafs/openafs/src/bozo

Modified Files:
	bos.c bosint.xg bosoprocs.c bosserver.c 
Log Message:
DELTA implement-bos-restricted-mode-20010129
AUTHOR cg2v@andrew.cmu.edu
This patch enables the bosserver to be placed in a restricted mode in
which AFS superusers are only granted limited access to the server host.
The following functionality is disabled when restricted mode is in use:

bos exec
bos getlog (except for files with no '/'s in their name)*
bos create *
bos delete
bos install
bos uninstall

* specific exceptions are made for functionality that "bos salvage" uses:

a cron bnode who's name is "salvage-tmp", time is now, and command begins with
"/usr/afs/bin/salvager" may be created. This bnode deletes itself when
complete, so no special "delete" support is needed. This functionality
may be removed in the future if a "Salvage" RPC is implimented.

The file with the exact path /usr/afs/logs/SalvageLog may be fetched,
since that is how bos salvage [...] -showlog is implimented.

Restricted mode is enabled using a new bos command (bos setrestricted)
or bossever command line switch (bosserver -restricted). Restricted mode
can be disabled by a) sending the bosserver process a SIGFPE (which will
then allow restricted operations until the next restart or setrestricted
command) or b) editing /usr/afs/local/BosConfig (or BosConfig.new), and
restarting the bosserver.


--- DELTA config follows ---
implement-bos-restricted-mode-20010129 openafs/src/bozo/bos.c 1.2 1.3
implement-bos-restricted-mode-20010129 openafs/src/bozo/bosint.xg 1.2 1.3
implement-bos-restricted-mode-20010129 openafs/src/bozo/bosoprocs.c 1.2 1.3
implement-bos-restricted-mode-20010129 openafs/src/bozo/bosserver.c 1.2 1.3