From: Andy Lutomirski <luto@amacapital.net>
To: Olga Kornievskaia <kolga@netapp.com>
Cc: Linux FS Devel <linux-fsdevel@vger.kernel.org>,
linux-nfs@vger.kernel.org, Linux API <linux-api@vger.kernel.org>
Subject: Re: [RFC 1/1] destroy_creds.2: new page documenting destroy_creds()
Date: Wed, 9 Aug 2017 09:08:36 -0700 [thread overview]
Message-ID: <CALCETrXL2AkgMqHPonWJX-5Zckk1BELPtaikL-VkLqiPZ7Qf7A@mail.gmail.com> (raw)
In-Reply-To: <20170807212355.29127-3-kolga@netapp.com>
On Mon, Aug 7, 2017 at 2:23 PM, Olga Kornievskaia <kolga@netapp.com> wrote:
> destroy_creds() is a new system call for destroying file system
> credentials. This is usefulf for file systems that manage its
> own security contexts that were bootstrapped via some user land
> credentials (such as Kerberos).
>
> Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
> ---
> man2/destroy_creds.2 | 130 +++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 130 insertions(+)
> create mode 100644 man2/destroy_creds.2
>
> diff --git a/man2/destroy_creds.2 b/man2/destroy_creds.2
> new file mode 100644
> index 0000000..7b41c9d
> --- /dev/null
> +++ b/man2/destroy_creds.2
> @@ -0,0 +1,130 @@
> +.\"This manpage is Copyright (C) 2015 Olga Kornievskaia <kolga@Netapp.com>
> +.\"
> +.\" %%%LICENSE_START(VERBATIM)
> +.\" Permission is granted to make and distribute verbatim copies of this
> +.\" manual provided the copyright notice and this permission notice are
> +.\" preserved on all copies.
> +.\"
> +.\" Permission is granted to copy and distribute modified versions of
> +.\" this manual under the conditions for verbatim copying, provided that
> +.\" the entire resulting derived work is distributed under the terms of
> +.\" a permission notice identical to this one.
> +.\"
> +.\" Since the Linux kernel and libraries are constantly changing, this
> +.\" manual page may be incorrect or out-of-date. The author(s) assume
> +.\" no responsibility for errors or omissions, or for damages resulting
> +.\" from the use of the information contained herein. The author(s) may
> +.\" not have taken the same level of care in the production of this
> +.\" manual, which is licensed free of charge, as they might when working
> +.\" professionally.
> +.\"
> +.\" Formatted or processed versions of this manual, if unaccompanied by
> +.\" the source, must acknowledge the copyright and authors of this work.
> +.\" %%%LICENSE_END
> +.\"
> +.TH COPY 2 2017-08-07 "Linux" "Linux Programmer's Manual"
> +.SH NAME
> +destroy_creds \- destroy current user's file system credentials for a mount point
> +.SH SYNOPSIS
> +.nf
> +.B #include <sys/syscall.h>
> +.B #include <unistd.h>
> +
> +.BI "int destroy_creds(int " fd ");
> +.fi
> +.SH DESCRIPTION
> +The
> +.BR destroy ()
> +system call performs destruction of file system credentials for the current
> +user. It identifies the file system by the supplied file descriptor in
> +.I fd
> +that represents a mount point.
Does this mean that whatever credentials are used for the current
*fsuid* are destroyed? Are there actually per-uid credentials in the
first place?
What privileges, if any, are needed to call this?
What if fd points to a bind mount?
WARNING: multiple messages have this Message-ID (diff)
From: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
To: Olga Kornievskaia <kolga-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org>
Cc: Linux FS Devel
<linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Linux API <linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [RFC 1/1] destroy_creds.2: new page documenting destroy_creds()
Date: Wed, 9 Aug 2017 09:08:36 -0700 [thread overview]
Message-ID: <CALCETrXL2AkgMqHPonWJX-5Zckk1BELPtaikL-VkLqiPZ7Qf7A@mail.gmail.com> (raw)
In-Reply-To: <20170807212355.29127-3-kolga-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org>
On Mon, Aug 7, 2017 at 2:23 PM, Olga Kornievskaia <kolga-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org> wrote:
> destroy_creds() is a new system call for destroying file system
> credentials. This is usefulf for file systems that manage its
> own security contexts that were bootstrapped via some user land
> credentials (such as Kerberos).
>
> Signed-off-by: Olga Kornievskaia <kolga-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org>
> ---
> man2/destroy_creds.2 | 130 +++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 130 insertions(+)
> create mode 100644 man2/destroy_creds.2
>
> diff --git a/man2/destroy_creds.2 b/man2/destroy_creds.2
> new file mode 100644
> index 0000000..7b41c9d
> --- /dev/null
> +++ b/man2/destroy_creds.2
> @@ -0,0 +1,130 @@
> +.\"This manpage is Copyright (C) 2015 Olga Kornievskaia <kolga-ZwjVKphTwtPQT0dZR+AlfA@public.gmane.org>
> +.\"
> +.\" %%%LICENSE_START(VERBATIM)
> +.\" Permission is granted to make and distribute verbatim copies of this
> +.\" manual provided the copyright notice and this permission notice are
> +.\" preserved on all copies.
> +.\"
> +.\" Permission is granted to copy and distribute modified versions of
> +.\" this manual under the conditions for verbatim copying, provided that
> +.\" the entire resulting derived work is distributed under the terms of
> +.\" a permission notice identical to this one.
> +.\"
> +.\" Since the Linux kernel and libraries are constantly changing, this
> +.\" manual page may be incorrect or out-of-date. The author(s) assume
> +.\" no responsibility for errors or omissions, or for damages resulting
> +.\" from the use of the information contained herein. The author(s) may
> +.\" not have taken the same level of care in the production of this
> +.\" manual, which is licensed free of charge, as they might when working
> +.\" professionally.
> +.\"
> +.\" Formatted or processed versions of this manual, if unaccompanied by
> +.\" the source, must acknowledge the copyright and authors of this work.
> +.\" %%%LICENSE_END
> +.\"
> +.TH COPY 2 2017-08-07 "Linux" "Linux Programmer's Manual"
> +.SH NAME
> +destroy_creds \- destroy current user's file system credentials for a mount point
> +.SH SYNOPSIS
> +.nf
> +.B #include <sys/syscall.h>
> +.B #include <unistd.h>
> +
> +.BI "int destroy_creds(int " fd ");
> +.fi
> +.SH DESCRIPTION
> +The
> +.BR destroy ()
> +system call performs destruction of file system credentials for the current
> +user. It identifies the file system by the supplied file descriptor in
> +.I fd
> +that represents a mount point.
Does this mean that whatever credentials are used for the current
*fsuid* are destroyed? Are there actually per-uid credentials in the
first place?
What privileges, if any, are needed to call this?
What if fd points to a bind mount?
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-08-09 16:08 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-07 21:23 [RFC v3 0/3] VFS/NFS support to destroy FS credentials Olga Kornievskaia
2017-08-07 21:23 ` Olga Kornievskaia
2017-08-07 21:23 ` [RFC v3 1/3] VFS adding destroy_creds call Olga Kornievskaia
2017-08-07 21:23 ` Olga Kornievskaia
2017-08-07 21:23 ` [RFC 1/1] destroy_creds.2: new page documenting destroy_creds() Olga Kornievskaia
2017-08-07 21:23 ` Olga Kornievskaia
2017-08-09 12:30 ` Jeff Layton
2017-08-09 15:45 ` Olga Kornievskaia
2017-08-09 15:45 ` Olga Kornievskaia
2017-08-11 7:17 ` NeilBrown
2017-08-11 7:17 ` NeilBrown
2017-08-11 11:18 ` Jeff Layton
2017-08-11 11:18 ` Jeff Layton
2017-08-11 14:05 ` Olga Kornievskaia
2017-08-11 14:05 ` Olga Kornievskaia
2017-08-11 14:05 ` Olga Kornievskaia
[not found] ` <E127503D-3DFC-4FD3-99F6-012D100C168B@netapp.com>
2017-08-11 14:22 ` Jeff Layton
2017-08-11 14:22 ` Jeff Layton
2017-08-11 15:12 ` Trond Myklebust
2017-08-11 15:12 ` Trond Myklebust
2017-08-11 15:12 ` Trond Myklebust
2017-08-13 11:38 ` Jeff Layton
2017-08-13 11:38 ` Jeff Layton
2017-08-14 15:43 ` Olga Kornievskaia
2017-08-14 15:43 ` Olga Kornievskaia
2017-08-14 15:43 ` Olga Kornievskaia
[not found] ` <CB7D102A-5711-4661-928F-3689895A1A5A@netapp.com>
2017-08-14 15:59 ` Jeff Layton
2017-08-14 15:59 ` Jeff Layton
2017-08-11 13:37 ` Olga Kornievskaia
2017-08-11 13:37 ` Olga Kornievskaia
2017-08-11 13:37 ` Olga Kornievskaia
2017-08-11 14:09 ` Olga Kornievskaia
2017-08-11 14:09 ` Olga Kornievskaia
2017-08-11 14:09 ` Olga Kornievskaia
2017-08-09 16:08 ` Andy Lutomirski [this message]
2017-08-09 16:08 ` Andy Lutomirski
2017-08-09 16:44 ` Olga Kornievskaia
2017-08-07 21:23 ` [RFC v3 2/3] SUNRPC mark user credentials destroyed Olga Kornievskaia
2017-08-07 21:23 ` Olga Kornievskaia
2017-08-07 21:23 ` [RFC v3 3/3] NFS define vfs destroy_creds functions Olga Kornievskaia
2017-08-07 21:23 ` Olga Kornievskaia
2017-08-09 12:55 ` [RFC v3 0/3] VFS/NFS support to destroy FS credentials David Howells
2017-08-09 12:55 ` David Howells
2017-08-10 16:52 ` Olga Kornievskaia
2017-08-11 6:53 ` NeilBrown
2017-08-11 6:53 ` NeilBrown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrXL2AkgMqHPonWJX-5Zckk1BELPtaikL-VkLqiPZ7Qf7A@mail.gmail.com \
--to=luto@amacapital.net \
--cc=kolga@netapp.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.