From: Benjamin Marzinski <bmarzins@redhat.com>
To: mwilck@suse.com
Cc: lixiaokeng@huawei.com, dm-devel@redhat.com,
Chongyun Wu <wu.chongyun@h3c.com>
Subject: Re: [dm-devel] [PATCH 29/35] multipathd: uxlsnr: use parser to determine non-root commands
Date: Wed, 15 Sep 2021 21:29:20 -0500 [thread overview]
Message-ID: <20210916022920.GO3087@octiron.msp.redhat.com> (raw)
In-Reply-To: <20210910114120.13665-30-mwilck@suse.com>
On Fri, Sep 10, 2021 at 01:41:14PM +0200, mwilck@suse.com wrote:
> From: Martin Wilck <mwilck@suse.com>
>
> Rather than using a separate poor-man's parser for checking root
> commands, use the real parser. It will return "LIST" as first verb
> for the read-only commands that non-root users may execute.
>
Reviewed-by: Benjamin Marzinski <bmarzins@redhat.com>
> Signed-off-by: Martin Wilck <mwilck@suse.com>
> ---
> multipathd/uxlsnr.c | 27 +++++++++++++++++----------
> 1 file changed, 17 insertions(+), 10 deletions(-)
>
> diff --git a/multipathd/uxlsnr.c b/multipathd/uxlsnr.c
> index cfff0ae..ff9604f 100644
> --- a/multipathd/uxlsnr.c
> +++ b/multipathd/uxlsnr.c
> @@ -362,16 +362,15 @@ static int uxsock_trigger(struct client *c, void *trigger_data)
>
> vecs = (struct vectors *)trigger_data;
>
> -
> - if (!c->is_root &&
> - (strncmp(c->cmd, "list", strlen("list")) != 0) &&
> - (strncmp(c->cmd, "show", strlen("show")) != 0)) {
> - append_strbuf_str(&c->reply, "permission deny: need to be root");
> - return r;
> - }
> -
> r = parse_cmd(c);
>
> + if (r == 0 && c->cmdvec && VECTOR_SIZE(c->cmdvec) > 0) {
> + struct key *kw = VECTOR_SLOT(c->cmdvec, 0);
> +
> + if (!c->is_root && kw->code != LIST)
> + r = EPERM;
> + }
> +
> if (r == 0 && c->handler)
> r = execute_handler(c, vecs, uxsock_timeout / 1000);
>
> @@ -381,10 +380,18 @@ static int uxsock_trigger(struct client *c, void *trigger_data)
> }
>
> if (r > 0) {
> - if (r == ETIMEDOUT)
> + switch(r) {
> + case ETIMEDOUT:
> append_strbuf_str(&c->reply, "timeout\n");
> - else
> + break;
> + case EPERM:
> + append_strbuf_str(&c->reply,
> + "permission deny: need to be root\n");
> + break;
> + default:
> append_strbuf_str(&c->reply, "fail\n");
> + break;
> + }
> }
> else if (!r && get_strbuf_len(&c->reply) == 0) {
> append_strbuf_str(&c->reply, "ok\n");
> --
> 2.33.0
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2021-09-16 2:32 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-10 11:40 [dm-devel] [PATCH 00/35] multipathd: uxlsnr overhaul mwilck
2021-09-10 11:40 ` [dm-devel] [PATCH 01/35] libmultipath: add timespeccmp() utility function mwilck
2021-09-15 22:07 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 02/35] libmultipath: add trylock() helper mwilck
2021-09-15 22:07 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 03/35] libmultipath: add optional wakeup functionality to lock.c mwilck
2021-09-15 22:13 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 04/35] libmultipath: print: add __snprint_config() mwilck
2021-09-15 22:14 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 05/35] libmultipath: improve cleanup of uevent queues on exit mwilck
2021-09-15 22:20 ` Benjamin Marzinski
2021-09-16 7:10 ` Martin Wilck
2021-09-16 14:26 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 06/35] multipathd: fix systemd notification when stopping while reloading mwilck
2021-09-15 22:55 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 07/35] multipathd: improve delayed reconfigure mwilck
2021-09-15 23:00 ` Benjamin Marzinski
2021-09-16 7:16 ` Martin Wilck
2021-09-10 11:40 ` [dm-devel] [PATCH 08/35] multipathd: cli.h: formatting improvements mwilck
2021-09-15 23:01 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 09/35] multipathd: cli_del_map: fix reply for delayed action mwilck
2021-09-15 23:40 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 10/35] multipathd: add prototype for cli_handler functions mwilck
2021-09-15 23:53 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 11/35] multipathd: make all cli_handlers static mwilck
2021-09-15 23:53 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 12/35] multipathd: add and set cli_handlers in a single step mwilck
2021-09-16 0:01 ` Benjamin Marzinski
2021-09-16 7:22 ` Martin Wilck
2021-11-12 21:45 ` Martin Wilck
2021-09-10 11:40 ` [dm-devel] [PATCH 13/35] multipathd: cli.c: use ESRCH for "command not found" mwilck
2021-09-16 0:02 ` Benjamin Marzinski
2021-09-10 11:40 ` [dm-devel] [PATCH 14/35] multipathd: add "force_reconfigure" option mwilck
2021-09-16 0:13 ` Benjamin Marzinski
2021-09-16 7:34 ` Martin Wilck
2021-09-16 14:32 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 15/35] multipathd: uxlsnr: avoid stalled clients during reconfigure mwilck
2021-09-16 2:17 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 16/35] multipathd: uxlsnr: handle client HUP mwilck
2021-09-16 2:17 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 17/35] multipathd: uxlsnr: use symbolic values for pollfd indices mwilck
2021-09-16 2:18 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 18/35] multipathd: uxlsnr: avoid using fd -1 in ppoll() mwilck
2021-09-16 2:18 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 19/35] multipathd: uxlsnr: data structure for stateful client connection mwilck
2021-09-16 2:19 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 20/35] multipathd: move uxsock_trigger() to uxlsnr.c mwilck
2021-09-16 2:19 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 21/35] multipathd: move parse_cmd() " mwilck
2021-09-16 2:19 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 22/35] multipathd: uxlsnr: remove check_timeout() mwilck
2021-09-16 2:21 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 23/35] multipathd: uxlsnr: move client handling to separate function mwilck
2021-09-16 2:21 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 24/35] multipathd: uxlsnr: use main poll loop for receiving mwilck
2021-09-16 2:22 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 25/35] multipathd: use strbuf in cli_handler functions mwilck
2021-09-16 2:23 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 26/35] multipathd: uxlsnr: check root on connection startup mwilck
2021-09-16 2:23 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 27/35] multipathd: uxlsnr: pass struct client to uxsock_trigger() and parse_cmd() mwilck
2021-09-16 2:28 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 28/35] multipathd: uxlsnr: move handler execution to separate function mwilck
2021-09-16 2:28 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 29/35] multipathd: uxlsnr: use parser to determine non-root commands mwilck
2021-09-16 2:29 ` Benjamin Marzinski [this message]
2021-09-10 11:41 ` [dm-devel] [PATCH 30/35] multipathd: uxlsnr: merge uxsock_trigger() into state machine mwilck
2021-09-16 3:32 ` Benjamin Marzinski
2021-09-16 8:02 ` Martin Wilck
2021-11-12 22:07 ` Martin Wilck
2021-09-10 11:41 ` [dm-devel] [PATCH 31/35] multipathd: uxlsnr: add idle notification mwilck
2021-09-16 4:14 ` Benjamin Marzinski
2021-09-16 8:54 ` Martin Wilck
2021-09-16 15:06 ` Benjamin Marzinski
2021-09-16 15:54 ` Martin Wilck
2021-09-16 16:10 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 32/35] multipathd: uxlsnr: add timeout handling mwilck
2021-09-16 4:17 ` Benjamin Marzinski
2021-09-16 8:58 ` Martin Wilck
2021-09-16 15:08 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 33/35] multipathd: uxlsnr: use poll loop for sending, too mwilck
2021-09-16 4:22 ` Benjamin Marzinski
2021-09-16 9:33 ` Martin Wilck
2021-09-16 15:26 ` Benjamin Marzinski
2021-09-10 11:41 ` [dm-devel] [PATCH 34/35] multipathd: uxlsnr: drop client_lock mwilck
2021-09-16 4:24 ` Benjamin Marzinski
2021-09-16 9:34 ` Martin Wilck
2021-09-10 11:41 ` [dm-devel] [PATCH 35/35] multipathd: uxclt: allow client mode for non-root, too mwilck
2021-09-16 4:24 ` Benjamin Marzinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210916022920.GO3087@octiron.msp.redhat.com \
--to=bmarzins@redhat.com \
--cc=dm-devel@redhat.com \
--cc=lixiaokeng@huawei.com \
--cc=mwilck@suse.com \
--cc=wu.chongyun@h3c.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).