[OpenAFS] Issue with 1.4.11 pagsh.krb ioctl for curpag returning
-1 E2BIG
Douglas E. Engert
deengert@anl.gov
Mon, 03 Aug 2009 15:26:43 -0500
Looks like ktc_curpag is assuming the PAG is on two groups, but your
trace shows only one group, 1098319022= 0x417704AE
Does it need to test for AFS_LINUX26_ONEGROUP_ENV?
Was there any reason the ONEGROUP mod was limited to LINUX only?
Many other systenms have large groups numbers today too.
mike coyne wrote:
> As far as i have been able to trace ,
>
> src/sys/pagsh.c first calls setpag() ... i think that the first ioctl
> call
>
> then the second is from ...
> src/sys/pagsh.c which calls ktc_newpag();
>
> ktc_newpag seem to be now defined in sys/auth/ktc.c
>
> ...
> int
> ktc_newpag(void)
> {
> extern char **environ;
>
> afs_uint32 pag;
> struct stat sbuf;
> char fname[256], *prefix = "/ticket/";
> char fname5[256], *prefix5 = "FILE:/ticket/krb5cc_";
> int numenv;
> char **newenv, **senv, **denv;
>
> LOCK_GLOBAL_MUTEX;
> if (stat("/ticket", &sbuf) == -1) {
> prefix = "/tmp/tkt";
> prefix5 = "FILE:/tmp/krb5cc_";
> }
>
> pag = ktc_curpag() & 0xffffffff;
> if (pag == -1) {
> sprintf(fname, "%s%d", prefix, getuid());
> sprintf(fname5, "%s%d", prefix5, getuid());
> } else {
> sprintf(fname, "%sp%ld", prefix, (long int) pag);
> sprintf(fname5, "%sp%lud", prefix5, (long int) pag);
> }
> ktc_set_tkt_string(fname);
>
> for (senv = environ, numenv = 0; *senv; senv++)
> numenv++;
> newenv = (char **)malloc((numenv + 2) * sizeof(char *));
>
> for (senv = environ, denv = newenv; *senv; senv++) {
> if (strncmp(*senv, "KRBTKFILE=", 10) != 0 &&
> strncmp(*senv, "KRB5CCNAME=", 11) != 0)
> *denv++ = *senv;
> }
>
> *denv = malloc(10+11 + strlen(fname) + strlen(fname5) + 2);
> strcpy(*denv, "KRBTKFILE=");
> strcat(*denv, fname);
> *(denv+1) = *denv + strlen(*denv) + 1;
> denv++;
> strcpy(*denv, "KRB5CCNAME=");
> strcat(*denv, fname5);
> *++denv = 0;
> environ = newenv;
> UNLOCK_GLOBAL_MUTEX;
> return 0;
> }
> ...
>
> which in turn call out
>
> ...
> afs_uint32
> ktc_curpag(void)
> {
> int code;
> struct ViceIoctl iob;
> afs_int32 pag;
>
> /* now setup for the pioctl */
> iob.in = NULL;
> iob.in_size = 0;
> iob.out = &pag;
> iob.out_size = sizeof(afs_int32);
>
> code = PIOCTL(0, VIOC_GETPAG, &iob, 0);
> if (code < 0) {
> #if defined(AFS_AIX52_ENV)
> code = getpagvalue("afs");
> if (code < 0 && errno == EINVAL)
> code = 0;
> return code;
> #elif defined(AFS_AIX51_ENV)
> return -1;
> #else
> gid_t groups[NGROUPS_MAX];
> afs_uint32 g0, g1;
> afs_uint32 h, l, ret;
>
> if (getgroups(sizeof groups / sizeof groups[0], groups) < 2)
> return 0;
>
> g0 = groups[0] & 0xffff;
> g1 = groups[1] & 0xffff;
> g0 -= 0x3f00;
> g1 -= 0x3f00;
> if (g0 < 0xc000 && g1 < 0xc000) {
> l = ((g0 & 0x3fff) << 14) | (g1 & 0x3fff);
> h = (g0 >> 14);
> h = (g1 >> 14) + h + h + h;
> ret = ((h << 28) | l);
> /* Additional testing */
> if (((ret >> 24) & 0xff) == 'A')
> return ret;
> else
> return -1;
> }
> return -1;
> #endif
> }
> return pag;
> }
>
> ....
>
> If i every thing worked right? i would expect a env variable like
> KRB5CCNAME=FILE://tmp/krb5cc_<pagno> .... but i am getting the uid
> instead...
> i believe because ktc_curpag() seem to be returning a -1
> instead of the pag?
>
> On Mon, 2009-08-03 at 11:55 -0700, Russ Allbery wrote:
>> "mike coyne" <mike.coyne@paccar.com> writes:
>>
>>> I Just built the new release of openafs 1.4.11 on Rhel5 (patched
>>> current) on a X86_64 Dell 69 usging the dkms kernel module build.
>>>
>>> For some reason pagsh.krb is not returning the correct username in
>>> KRB5CCNAME.
>> I'm not sure I understand. pagsh.krb doesn't know anything at all about
>> Kerberos v5 and hence about KRB5CCNAME so far as I know.
>>
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444