Re: kern/40933: tmpfs and chown issue

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,mark%ecs.vuw.ac.nz@localhost
Subject: Re: kern/40933: tmpfs and chown issue
From: Mark Davies <mark%ecs.vuw.ac.nz@localhost>
Date: Wed, 8 Apr 2009 11:25:02 +0000 (UTC)

The following reply was made to PR kern/40933; it has been noted by GNATS.

From: Mark Davies <mark%ecs.vuw.ac.nz@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: kern/40933: tmpfs and chown issue
Date: Wed, 8 Apr 2009 23:24:12 +1200

 On Monday 02 March 2009 02:05:01 mark%ecs.vuw.ac.nz@localhost wrote:
 > >Description:
 >
 >      chown() on a file run by root seteuid to the owner of the file fails
 > when run on tmpfs but works on mfs and ffs.
 >
 >      This breaks setting up of the kerberos credential cache from sshd when
 > using pam and pam_krb5.so and /tmp is a tmpfs.
 
 So looking at ufs_vnops.c ufs_chown() has these checks:
 
         if ((kauth_cred_geteuid(cred) != ip->i_uid || uid != ip->i_uid ||
             (gid != ip->i_gid &&
             !(kauth_cred_getegid(cred) == gid ||
             (kauth_cred_ismember_gid(cred, gid, &ismember) == 0 &&
             ismember)))) &&
             ((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
             NULL)) != 0))
                 return (error);
 
 
 while in tmpfs_subr.c tmpfs_chown() has:
 
         if ((kauth_cred_geteuid(cred) != node->tn_uid || uid != 
 node->tn_uid ||
             (gid != node->tn_gid && !(kauth_cred_getegid(cred) == 
 node->tn_gid ||
             (kauth_cred_ismember_gid(cred, gid, &ismember) == 0 && 
 ismember)))) &&
             ((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
             NULL)) != 0))
 
 
 The significant difference being what kauth_cred_getegid(cred) is compared 
 against.
 
 So the below patch to tmpfs_subr.c fixes the tmpfs behaviour to be 
 consistent with the other filesystems
 
 Index: tmpfs_subr.c
 ===================================================================
 RCS file: /src/cvs/netbsd/src/sys/fs/tmpfs/tmpfs_subr.c,v
 retrieving revision 1.48
 diff -u -r1.48 tmpfs_subr.c
 --- tmpfs_subr.c       19 Jun 2008 19:03:44 -0000      1.48
 +++ tmpfs_subr.c       8 Apr 2009 10:45:27 -0000
 @@ -1098,7 +1098,7 @@
         * several other file systems.  Shouldn't this be centralized
         * somewhere? */
        if ((kauth_cred_geteuid(cred) != node->tn_uid || uid != node->tn_uid ||
 -          (gid != node->tn_gid && !(kauth_cred_getegid(cred) == node->tn_gid 
||
 +          (gid != node->tn_gid && !(kauth_cred_getegid(cred) == gid ||
            (kauth_cred_ismember_gid(cred, gid, &ismember) == 0 && ismember)))) 
 &&
            ((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
            NULL)) != 0))
 
 cheers
 mark

Prev by Date: Re: kern/41068: tmpfs assertion
Next by Date: Re: kern/38669 (NFS deadlock?)
Previous by Thread: kern/40933: tmpfs and chown issue
Next by Thread: kern/40936: ext2fs: add support for inodes > 128 bytes
Indexes:

Home | Main Index | Thread Index | Old Index