[OpenAFS-devel] setgroups() fails to change pag under linux 2.6

[Christopher Allen Wing]

Yep, this is due to the fact that linux 2.6 now supports an arbitrary 
number of supplemental groups (instead of the fixed array in earlier 
versions).

I had various similar hacks in the past that also broke.


I think if you want to make this work you might consider writing a kernel 
module or something that just modifies the group list directly.  Or you 
could propose a cross-platform interface for OpenAFS to offer a means of 
joining existing PAGs.

-Chris Wing
wingc@engin.umich.edu


On Fri, 14 Jul 2006, David Thompson wrote:

>
> I have a "pag manager" I'm trying to migrate from linux 2.4 to linux 2.6, and
> I seem to have hit a wall.
>
> The manager's function is to select an appropriate (preexisting) pag based on
> the user's identity, cause it to become the pag for the current process,
> and exec a target program.
>
> Under linux 2.4, if I happened to know the group IDs for a given pag, sample
> code like the following allowed a euid=0 process to acquire that pag:
>
> int joinpag (int g0, int g1)
> {
>  int res, ngroups;
>  gid_t grouplist[NGROUPS_MAX];
>
>  if ((ngroups = getgroups (NGROUPS_MAX, grouplist))<0) { return -1; }
>
>  grouplist[0] = (gid_t)g0;
>  grouplist[1] = (gid_t)g1;
>
>  if ((res = setgroups (ngroups, grouplist)) < 0) { return -2; }
>
>  return 0;
> }
>
> If I try this with a 2.6 kernel, the groups g0 and g1 end up at the _end_ of
> the groups list, and the original pag remains active.
>
> Have other people run into this?  Is there an alternative method to joining an
> existing pag?
>
> Thanks in advance.
>
> Dave Thompson
> UW-Madison
>
>
>
>
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
>
>