idmap: get uid/gid for each upcall
Signed-off-by: Casey Bodley <cbodley@citi.umich.edu>
This commit is contained in:
Casey Bodley
unknown
parent
cd1251758d
commit
a320a1b17e
2 changed files with 50 additions and 6 deletions
|
|
@ -27,10 +27,12 @@
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
#include <devioctl.h>
|
#include <devioctl.h>
|
||||||
|
#include <lmcons.h> /* UNLEN for GetUserName() */
|
||||||
|
|
||||||
#include "nfs41_driver.h" /* for NFS41_USER_DEVICE_NAME_A */
|
#include "nfs41_driver.h" /* for NFS41_USER_DEVICE_NAME_A */
|
||||||
#include "nfs41_np.h" /* for NFS41NP_SHARED_MEMORY */
|
#include "nfs41_np.h" /* for NFS41NP_SHARED_MEMORY */
|
||||||
|
|
||||||
|
#include "idmap.h"
|
||||||
#include "daemon_debug.h"
|
#include "daemon_debug.h"
|
||||||
#include "upcall.h"
|
#include "upcall.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
|
|
@ -47,8 +49,30 @@ typedef struct _nfs41_process_thread {
|
||||||
uint32_t tid;
|
uint32_t tid;
|
||||||
} nfs41_process_thread;
|
} nfs41_process_thread;
|
||||||
|
|
||||||
|
static int map_user_to_ids(nfs41_idmapper *idmapper, uid_t *uid, gid_t *gid)
|
||||||
|
{
|
||||||
|
char username[UNLEN + 1];
|
||||||
|
DWORD len = UNLEN + 1;
|
||||||
|
int status = NO_ERROR;
|
||||||
|
|
||||||
|
if (!GetUserNameA(username, &len)) {
|
||||||
|
status = GetLastError();
|
||||||
|
eprintf("GetUserName() failed with %d\n", status);
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (nfs41_idmap_name_to_ids(idmapper, username, uid, gid)) {
|
||||||
|
/* instead of failing for auth_sys, fall back to 'nobody' uid/gid */
|
||||||
|
*uid = 666;
|
||||||
|
*gid = 777;
|
||||||
|
}
|
||||||
|
out:
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
static unsigned int WINAPI thread_main(void *args)
|
static unsigned int WINAPI thread_main(void *args)
|
||||||
{
|
{
|
||||||
|
nfs41_idmapper *idmapper = (nfs41_idmapper*)args;
|
||||||
DWORD status = 0;
|
DWORD status = 0;
|
||||||
HANDLE pipe;
|
HANDLE pipe;
|
||||||
// buffer used to process upcall, assumed to be fixed size.
|
// buffer used to process upcall, assumed to be fixed size.
|
||||||
|
|
@ -83,6 +107,13 @@ static unsigned int WINAPI thread_main(void *args)
|
||||||
goto write_downcall;
|
goto write_downcall;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* map username to uid/gid */
|
||||||
|
status = map_user_to_ids(idmapper, &upcall.uid, &upcall.gid);
|
||||||
|
if (status) {
|
||||||
|
upcall.status = status;
|
||||||
|
goto write_downcall;
|
||||||
|
}
|
||||||
|
|
||||||
#if 1 //AGLO: this is just a placeholder for a real solution. I know this variable needs a lock in a
|
#if 1 //AGLO: this is just a placeholder for a real solution. I know this variable needs a lock in a
|
||||||
//normal case. However, this does not prevent us from receiving an upcall for an old mount
|
//normal case. However, this does not prevent us from receiving an upcall for an old mount
|
||||||
//that was not reestablished. It will only work for erroring requests until the 1st mount upcall.
|
//that was not reestablished. It will only work for erroring requests until the 1st mount upcall.
|
||||||
|
|
@ -152,6 +183,7 @@ VOID ServiceStart(DWORD argc, LPTSTR *argv)
|
||||||
// handle to our drivers
|
// handle to our drivers
|
||||||
HANDLE pipe;
|
HANDLE pipe;
|
||||||
nfs41_process_thread tids[MAX_NUM_THREADS];
|
nfs41_process_thread tids[MAX_NUM_THREADS];
|
||||||
|
nfs41_idmapper *idmapper;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (argc > 2) {
|
if (argc > 2) {
|
||||||
|
|
@ -172,13 +204,19 @@ VOID ServiceStart(DWORD argc, LPTSTR *argv)
|
||||||
|
|
||||||
nfs41_server_list_init();
|
nfs41_server_list_init();
|
||||||
|
|
||||||
|
status = nfs41_idmap_create(&idmapper);
|
||||||
|
if (status) {
|
||||||
|
eprintf("id mapping initialization failed with %d\n", status);
|
||||||
|
goto out_logs;
|
||||||
|
}
|
||||||
|
|
||||||
pipe = CreateFile(NFS41_USER_DEVICE_NAME_A, GENERIC_READ | GENERIC_WRITE,
|
pipe = CreateFile(NFS41_USER_DEVICE_NAME_A, GENERIC_READ | GENERIC_WRITE,
|
||||||
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING,
|
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING,
|
||||||
0, NULL);
|
0, NULL);
|
||||||
if (pipe == INVALID_HANDLE_VALUE)
|
if (pipe == INVALID_HANDLE_VALUE)
|
||||||
{
|
{
|
||||||
eprintf("Unable to open upcall pipe %d\n", GetLastError());
|
eprintf("Unable to open upcall pipe %d\n", GetLastError());
|
||||||
return;
|
goto out_idmap;
|
||||||
}
|
}
|
||||||
|
|
||||||
dprintf(1, "starting nfs41 mini redirector\n");
|
dprintf(1, "starting nfs41 mini redirector\n");
|
||||||
|
|
@ -187,7 +225,7 @@ VOID ServiceStart(DWORD argc, LPTSTR *argv)
|
||||||
if (!status) {
|
if (!status) {
|
||||||
eprintf("IOCTL_NFS41_START failed with %d\n",
|
eprintf("IOCTL_NFS41_START failed with %d\n",
|
||||||
GetLastError());
|
GetLastError());
|
||||||
goto quit;
|
goto out_pipe;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef STANDALONE_NFSD
|
#ifndef STANDALONE_NFSD
|
||||||
|
|
@ -198,17 +236,17 @@ VOID ServiceStart(DWORD argc, LPTSTR *argv)
|
||||||
|
|
||||||
for (i = 0; i < MAX_NUM_THREADS; i++) {
|
for (i = 0; i < MAX_NUM_THREADS; i++) {
|
||||||
tids[i].handle = (HANDLE)_beginthreadex(NULL, 0, thread_main,
|
tids[i].handle = (HANDLE)_beginthreadex(NULL, 0, thread_main,
|
||||||
NULL, 0, &tids[i].tid);
|
idmapper, 0, &tids[i].tid);
|
||||||
if (tids[i].handle == INVALID_HANDLE_VALUE) {
|
if (tids[i].handle == INVALID_HANDLE_VALUE) {
|
||||||
status = GetLastError();
|
status = GetLastError();
|
||||||
eprintf("_beginthreadex failed %d\n", status);
|
eprintf("_beginthreadex failed %d\n", status);
|
||||||
goto quit;
|
goto out_pipe;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#ifndef STANDALONE_NFSD
|
#ifndef STANDALONE_NFSD
|
||||||
// report the status to the service control manager.
|
// report the status to the service control manager.
|
||||||
if (!ReportStatusToSCMgr(SERVICE_RUNNING, NO_ERROR, 0))
|
if (!ReportStatusToSCMgr(SERVICE_RUNNING, NO_ERROR, 0))
|
||||||
goto quit;
|
goto out_pipe;
|
||||||
WaitForSingleObject(stop_event, INFINITE);
|
WaitForSingleObject(stop_event, INFINITE);
|
||||||
#else
|
#else
|
||||||
//This can be changed to waiting on an array of handles and using waitformultipleobjects
|
//This can be changed to waiting on an array of handles and using waitformultipleobjects
|
||||||
|
|
@ -218,8 +256,11 @@ VOID ServiceStart(DWORD argc, LPTSTR *argv)
|
||||||
#endif
|
#endif
|
||||||
dprintf(1, "Parent woke up!!!!\n");
|
dprintf(1, "Parent woke up!!!!\n");
|
||||||
|
|
||||||
quit:
|
out_pipe:
|
||||||
CloseHandle(pipe);
|
CloseHandle(pipe);
|
||||||
|
out_idmap:
|
||||||
|
nfs41_idmap_free(idmapper);
|
||||||
|
out_logs:
|
||||||
#ifndef STANDALONE_NFSD
|
#ifndef STANDALONE_NFSD
|
||||||
close_log_files();
|
close_log_files();
|
||||||
#endif
|
#endif
|
||||||
|
|
|
||||||
|
|
@ -177,6 +177,9 @@ typedef struct __nfs41_upcall {
|
||||||
uint32_t last_error;
|
uint32_t last_error;
|
||||||
upcall_args args;
|
upcall_args args;
|
||||||
|
|
||||||
|
uid_t uid;
|
||||||
|
gid_t gid;
|
||||||
|
|
||||||
/* store referenced pointers with the upcall for
|
/* store referenced pointers with the upcall for
|
||||||
* automatic dereferencing on upcall_cleanup();
|
* automatic dereferencing on upcall_cleanup();
|
||||||
* see upcall_root_ref() and upcall_open_state_ref() */
|
* see upcall_root_ref() and upcall_open_state_ref() */
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue