From: mwilck@suse.com
To: Christophe Varoqui <christophe.varoqui@opensvc.com>,
Benjamin Marzinski <bmarzins@redhat.com>
Cc: lixiaokeng@huawei.com, Chongyun Wu <wu.chongyun@h3c.com>,
dm-devel@redhat.com, Martin Wilck <mwilck@suse.com>
Subject: [dm-devel] [PATCH 29/35] multipathd: uxlsnr: use parser to determine non-root commands
Date: Fri, 10 Sep 2021 13:41:14 +0200 [thread overview]
Message-ID: <20210910114120.13665-30-mwilck@suse.com> (raw)
In-Reply-To: <20210910114120.13665-1-mwilck@suse.com>
From: Martin Wilck <mwilck@suse.com>
Rather than using a separate poor-man's parser for checking root
commands, use the real parser. It will return "LIST" as first verb
for the read-only commands that non-root users may execute.
Signed-off-by: Martin Wilck <mwilck@suse.com>
---
multipathd/uxlsnr.c | 27 +++++++++++++++++----------
1 file changed, 17 insertions(+), 10 deletions(-)
diff --git a/multipathd/uxlsnr.c b/multipathd/uxlsnr.c
index cfff0ae..ff9604f 100644
--- a/multipathd/uxlsnr.c
+++ b/multipathd/uxlsnr.c
@@ -362,16 +362,15 @@ static int uxsock_trigger(struct client *c, void *trigger_data)
vecs = (struct vectors *)trigger_data;
-
- if (!c->is_root &&
- (strncmp(c->cmd, "list", strlen("list")) != 0) &&
- (strncmp(c->cmd, "show", strlen("show")) != 0)) {
- append_strbuf_str(&c->reply, "permission deny: need to be root");
- return r;
- }
-
r = parse_cmd(c);
+ if (r == 0 && c->cmdvec && VECTOR_SIZE(c->cmdvec) > 0) {
+ struct key *kw = VECTOR_SLOT(c->cmdvec, 0);
+
+ if (!c->is_root && kw->code != LIST)
+ r = EPERM;
+ }
+
if (r == 0 && c->handler)
r = execute_handler(c, vecs, uxsock_timeout / 1000);
@@ -381,10 +380,18 @@ static int uxsock_trigger(struct client *c, void *trigger_data)
}
if (r > 0) {
- if (r == ETIMEDOUT)
+ switch(r) {
+ case ETIMEDOUT:
append_strbuf_str(&c->reply, "timeout\n");
- else
+ break;
+ case EPERM:
+ append_strbuf_str(&c->reply,
+ "permission deny: need to be root\n");
+ break;
+ default:
append_strbuf_str(&c->reply, "fail\n");
+ break;
+ }
}
else if (!r && get_strbuf_len(&c->reply) == 0) {
append_strbuf_str(&c->reply, "ok\n");
--
2.33.0
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2021-09-10 11:43 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-10 11:40 [dm-devel] [PATCH 00/35] multipathd: uxlsnr overhaul mwilck
2021-09-10 11:40 ` [dm-devel] [PATCH 01/35] libmultipath: add timespeccmp() utility function mwilck
2021-09-15 22:07 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 02/35] libmultipath: add trylock() helper mwilck
2021-09-15 22:07 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 03/35] libmultipath: add optional wakeup functionality to lock.c mwilck
2021-09-15 22:13 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 04/35] libmultipath: print: add __snprint_config() mwilck
2021-09-15 22:14 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 05/35] libmultipath: improve cleanup of uevent queues on exit mwilck
2021-09-15 22:20 ` Benjamin Marzinski
2021-09-16 7:10 ` Martin Wilck
2021-09-16 14:26 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 06/35] multipathd: fix systemd notification when stopping while reloading mwilck
2021-09-15 22:55 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 07/35] multipathd: improve delayed reconfigure mwilck
2021-09-15 23:00 ` Benjamin Marzinski
2021-09-16 7:16 ` Martin Wilck
2021-09-10 11:40 ` [dm-devel] [PATCH 08/35] multipathd: cli.h: formatting improvements mwilck
2021-09-15 23:01 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 09/35] multipathd: cli_del_map: fix reply for delayed action mwilck
2021-09-15 23:40 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 10/35] multipathd: add prototype for cli_handler functions mwilck
2021-09-15 23:53 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 11/35] multipathd: make all cli_handlers static mwilck
2021-09-15 23:53 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 12/35] multipathd: add and set cli_handlers in a single step mwilck
2021-09-16 0:01 ` Benjamin Marzinski
2021-09-16 7:22 ` Martin Wilck
2021-11-12 21:45 ` Martin Wilck
2021-09-10 11:40 ` [dm-devel] [PATCH 13/35] multipathd: cli.c: use ESRCH for "command not found" mwilck
2021-09-16 0:02 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 14/35] multipathd: add "force_reconfigure" option mwilck
2021-09-16 0:13 ` Benjamin Marzinski
2021-09-16 7:34 ` Martin Wilck
2021-09-16 14:32 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 15/35] multipathd: uxlsnr: avoid stalled clients during reconfigure mwilck
2021-09-16 2:17 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 16/35] multipathd: uxlsnr: handle client HUP mwilck
2021-09-16 2:17 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 17/35] multipathd: uxlsnr: use symbolic values for pollfd indices mwilck
2021-09-16 2:18 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 18/35] multipathd: uxlsnr: avoid using fd -1 in ppoll() mwilck
2021-09-16 2:18 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 19/35] multipathd: uxlsnr: data structure for stateful client connection mwilck
2021-09-16 2:19 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 20/35] multipathd: move uxsock_trigger() to uxlsnr.c mwilck
2021-09-16 2:19 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 21/35] multipathd: move parse_cmd() " mwilck
2021-09-16 2:19 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 22/35] multipathd: uxlsnr: remove check_timeout() mwilck
2021-09-16 2:21 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 23/35] multipathd: uxlsnr: move client handling to separate function mwilck
2021-09-16 2:21 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 24/35] multipathd: uxlsnr: use main poll loop for receiving mwilck
2021-09-16 2:22 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 25/35] multipathd: use strbuf in cli_handler functions mwilck
2021-09-16 2:23 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 26/35] multipathd: uxlsnr: check root on connection startup mwilck
2021-09-16 2:23 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 27/35] multipathd: uxlsnr: pass struct client to uxsock_trigger() and parse_cmd() mwilck
2021-09-16 2:28 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 28/35] multipathd: uxlsnr: move handler execution to separate function mwilck
2021-09-16 2:28 ` Benjamin Marzinski
2021-09-10 11:41 ` mwilck [this message]
2021-09-16 2:29 ` [dm-devel] [PATCH 29/35] multipathd: uxlsnr: use parser to determine non-root commands Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 30/35] multipathd: uxlsnr: merge uxsock_trigger() into state machine mwilck
2021-09-16 3:32 ` Benjamin Marzinski
2021-09-16 8:02 ` Martin Wilck
2021-11-12 22:07 ` Martin Wilck
2021-09-10 11:41 ` [dm-devel] [PATCH 31/35] multipathd: uxlsnr: add idle notification mwilck
2021-09-16 4:14 ` Benjamin Marzinski
2021-09-16 8:54 ` Martin Wilck
2021-09-16 15:06 ` Benjamin Marzinski
2021-09-16 15:54 ` Martin Wilck
2021-09-16 16:10 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 32/35] multipathd: uxlsnr: add timeout handling mwilck
2021-09-16 4:17 ` Benjamin Marzinski
2021-09-16 8:58 ` Martin Wilck
2021-09-16 15:08 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 33/35] multipathd: uxlsnr: use poll loop for sending, too mwilck
2021-09-16 4:22 ` Benjamin Marzinski
2021-09-16 9:33 ` Martin Wilck
2021-09-16 15:26 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 34/35] multipathd: uxlsnr: drop client_lock mwilck
2021-09-16 4:24 ` Benjamin Marzinski
2021-09-16 9:34 ` Martin Wilck
2021-09-10 11:41 ` [dm-devel] [PATCH 35/35] multipathd: uxclt: allow client mode for non-root, too mwilck
2021-09-16 4:24 ` Benjamin Marzinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210910114120.13665-30-mwilck@suse.com \
--to=mwilck@suse.com \
--cc=bmarzins@redhat.com \
--cc=christophe.varoqui@opensvc.com \
--cc=dm-devel@redhat.com \
--cc=lixiaokeng@huawei.com \
--cc=wu.chongyun@h3c.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).