OpenAFS Master Repository branch, openafs-stable-1_4_x, updated. a410b7fd45dde17d545b36b1f5e50d664f65e8c3

Tue, 3 Nov 2009 19:39:23 -0800 (PST)

The following commit has been merged in the openafs-stable-1_4_x branch:
commit a410b7fd45dde17d545b36b1f5e50d664f65e8c3
Author: Marc Dionne <marc.c.dionne@gmail.com>
Date:   Wed Oct 28 17:54:32 2009 -0400

    Linux - Fix disk cache access for selinux/AppArmor constrained processes
    
    Preserve the credentials used for cache initialisation and use then
    whenever disk cache files are opened.  This takes advantage of the
    credentials separation work from David Howells available in kernels
    2.6.29 and above.
    Access to cache files was done under the security context of the
    user process, causing processes constrained by selinux or AppArmor to
    fail to access AFS cache files and causing the cache manager to panic.
    
    Besides the RT tickets, should also fix the following Ubuntu bugs:
     415766 429260 457779 459299
    
    FIXES 92944,125544
    
    Change-Id: Ief8acd65c1a3e4d8c951f80bfd65f8340b8cec34
    Reviewed-on: http://gerrit.openafs.org/752
    Reviewed-by: Derrick Brashear <shadow@dementia.org>
    Reviewed-by: Russ Allbery <rra@stanford.edu>
    Tested-by: Russ Allbery <rra@stanford.edu>
    Reviewed-on: http://gerrit.openafs.org/774

 src/afs/LINUX/osi_file.c |    6 +++++-
 src/afs/afs_init.c       |   19 +++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletions(-)

-- 
OpenAFS Master Repository