mirror of https://github.com/trapexit/mergerfs.git
Browse Source
Merge pull request #135 from trapexit/op-ugid
Merge pull request #135 from trapexit/op-ugid
make changing credentials opportunistic + per thread setgroups cachepull/136/head
Antonio SJ Musumeci
9 years ago
31 changed files with 381 additions and 169 deletions
-
6Makefile
-
2src/access.cpp
-
2src/chmod.cpp
-
2src/chown.cpp
-
5src/create.cpp
-
2src/getattr.cpp
-
2src/getxattr.cpp
-
3src/init.cpp
-
2src/ioctl.cpp
-
5src/link.cpp
-
2src/listxattr.cpp
-
5src/mkdir.cpp
-
6src/mknod.cpp
-
2src/open.cpp
-
2src/readdir.cpp
-
2src/readlink.cpp
-
2src/removexattr.cpp
-
2src/rename.cpp
-
2src/rmdir.cpp
-
2src/setxattr.cpp
-
2src/statfs.cpp
-
2src/symlink.cpp
-
2src/truncate.cpp
-
63src/ugid.cpp
-
23src/ugid.hpp
-
69src/ugid_linux.hpp
-
36src/ugid_linux.ipp
-
107src/ugid_rwlock.hpp
-
50src/ugid_rwlock.ipp
-
2src/unlink.cpp
-
2src/utimens.cpp
@ -0,0 +1,107 @@ |
|||||
|
/*
|
||||
|
The MIT License (MIT) |
||||
|
|
||||
|
Copyright (c) 2014 Antonio SJ Musumeci <trapexit@spawn.link> |
||||
|
|
||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy |
||||
|
of this software and associated documentation files (the "Software"), to deal |
||||
|
in the Software without restriction, including without limitation the rights |
||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
||||
|
copies of the Software, and to permit persons to whom the Software is |
||||
|
furnished to do so, subject to the following conditions: |
||||
|
|
||||
|
The above copyright notice and this permission notice shall be included in |
||||
|
all copies or substantial portions of the Software. |
||||
|
|
||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
||||
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
||||
|
THE SOFTWARE. |
||||
|
*/ |
||||
|
|
||||
|
#include <sys/types.h>
|
||||
|
#include <sys/stat.h>
|
||||
|
#include <unistd.h>
|
||||
|
#include <pthread.h>
|
||||
|
|
||||
|
namespace mergerfs |
||||
|
{ |
||||
|
namespace ugid |
||||
|
{ |
||||
|
extern uid_t currentuid; |
||||
|
extern gid_t currentgid; |
||||
|
extern pthread_rwlock_t rwlock; |
||||
|
|
||||
|
static |
||||
|
void |
||||
|
ugid_set(const uid_t newuid, |
||||
|
const gid_t newgid) |
||||
|
{ |
||||
|
pthread_rwlock_rdlock(&rwlock); |
||||
|
|
||||
|
if(newuid == currentuid && newgid == currentgid) |
||||
|
return; |
||||
|
|
||||
|
pthread_rwlock_unlock(&rwlock); |
||||
|
pthread_rwlock_wrlock(&rwlock); |
||||
|
|
||||
|
if(newuid == currentuid && newgid == currentgid) |
||||
|
return; |
||||
|
|
||||
|
if(currentuid != 0) |
||||
|
{ |
||||
|
::seteuid(0); |
||||
|
::setegid(0); |
||||
|
} |
||||
|
|
||||
|
if(newgid) |
||||
|
{ |
||||
|
::setegid(newgid); |
||||
|
initgroups(newuid,newgid); |
||||
|
} |
||||
|
|
||||
|
if(newuid) |
||||
|
::seteuid(newuid); |
||||
|
|
||||
|
currentuid = newuid; |
||||
|
currentgid = newgid; |
||||
|
} |
||||
|
|
||||
|
struct Set |
||||
|
{ |
||||
|
Set(const uid_t newuid, |
||||
|
const gid_t newgid) |
||||
|
{ |
||||
|
ugid_set(newuid,newgid); |
||||
|
} |
||||
|
|
||||
|
~Set() |
||||
|
{ |
||||
|
pthread_rwlock_unlock(&rwlock); |
||||
|
} |
||||
|
}; |
||||
|
|
||||
|
struct SetRootGuard |
||||
|
{ |
||||
|
SetRootGuard() : |
||||
|
prevuid(currentuid), |
||||
|
prevgid(currentgid) |
||||
|
{ |
||||
|
pthread_rwlock_unlock(&rwlock); |
||||
|
ugid_set(0,0); |
||||
|
} |
||||
|
|
||||
|
~SetRootGuard() |
||||
|
{ |
||||
|
pthread_rwlock_unlock(&rwlock); |
||||
|
ugid_set(prevuid,prevgid); |
||||
|
} |
||||
|
|
||||
|
const uid_t prevuid; |
||||
|
const gid_t prevgid; |
||||
|
}; |
||||
|
} |
||||
|
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue