[OpenAFS-devel] allocating "C" acl bit

Derrick Brashear shadow@gmail.com
Thu, 31 Jan 2008 11:24:23 -0500


------=_Part_18449_18792831.1201796663300
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

 The following small patch against OpenAFS 1.4.5 will allow users to to
change file ownership to another user with the chown command (System 5 chown
semantics). The
reserved 'C' ACL entry (rlidwkaABCDEFGH) is used to control when this is
permitted (set
using the standard 'fs setacl' command).

Is this something of general use or is this going to cause issues for
people? Discussion?



cvs diff: Diffing src/viced
Index: src/viced/afsfileprocs.c
 ===================================================================
 RCS file: /cvs/openafs/src/viced/afsfileprocs.c,v
retrieving revision 1.81.2.43
diff -u -r1.81.2.43 afsfileprocs.c
--- src/viced/afsfileprocs.c 21 Aug 2007 08:28:37 -0000 1.81.2.43
+++ src/viced/afsfileprocs.c 31 Oct 2007 19:50:44 -0000
@@ -909,7 +909,7 @@
if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) {
if (readonlyServer)
return (VREADONLY);
- else if (VanillaUser(client))
+ else if (VanillaUser(client) && !(rights & PRSFS_USR2))
return (EPERM); /* Was EACCES */
else
osi_audit(PrivilegeEvent, 0, AUD_ID,

------=_Part_18449_18792831.1201796663300
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

<font color="#000000">
The following small patch against OpenAFS 1.4.5 will allow users to to<br>change file ownership to another user with the chown command (System 5 chown semantics). The<br>reserved &#39;C&#39; ACL entry (rlidwkaABCDEFGH) is used to control when this is permitted (set<br>
using the standard &#39;fs setacl&#39; command).  <br><br>Is this something of general use or is this going to cause issues for people? Discussion?<br><br><br>
<br>
cvs diff: Diffing src/viced<br>Index: src/viced/afsfileprocs.c<br>
<font color="#660000">
===================================================================<br>
</font>
RCS file: /cvs/openafs/src/viced/afsfileprocs.c,v<br>retrieving revision <a href="http://1.81.2.43">1.81.2.43</a><br>diff -u -r1.81.2.43 afsfileprocs.c<br>--- src/viced/afsfileprocs.c    21 Aug 2007 08:28:37 -0000      <a href="http://1.81.2.43">1.81.2.43</a><br>
+++ src/viced/afsfileprocs.c    31 Oct 2007 19:50:44 -0000<br>@@ -909,7 +909,7 @@<br>            if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) {<br>                if (readonlyServer)<br>                    return (VREADONLY);<br>
-               else if (VanillaUser(client))<br>+               else if (VanillaUser(client) &amp;&amp; !(rights &amp; PRSFS_USR2))<br>                    return (EPERM);     /* Was EACCES */<br>                else<br>                    osi_audit(PrivilegeEvent, 0, AUD_ID,</font>

------=_Part_18449_18792831.1201796663300--