git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 78c3b5b)
ctdb-daemon: Do not attempt to chown Unix domain socket in test mode
authorMartin Schwenke <martin@meltin.net>
Sat, 24 Oct 2020 09:35:53 +0000 (20:35 +1100)
committerAmitay Isaacs <amitay@samba.org>
Mon, 2 Nov 2020 08:58:31 +0000 (08:58 +0000)
If run with UID wrapper and UID_WRAPPER_ROOT=1 then securing the
socket will fail.

Test mode means that local daemons are in use, so securing the socket
is not important.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
ctdb/server/ctdb_daemon.c patch | blob | history

diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c
index abe47fd231115e859d91d274951ab8989ae8036c..9035f5b4748ae3b79762e08c12b4a4284ad4006a 100644 (file)
--- a/ctdb/server/ctdb_daemon.c
+++ b/ctdb/server/ctdb_daemon.c
@@ -1171,7 +1171,7 @@ static void ctdb_accept_client(struct tevent_context *ev,
  * Create a unix domain socket, bind it, secure it and listen.  Return
  * the file descriptor for the socket.
  */
-static int ux_socket_bind(struct ctdb_context *ctdb)
+static int ux_socket_bind(struct ctdb_context *ctdb, bool test_mode_enabled)
 {
        struct sockaddr_un addr = { .sun_family = AF_UNIX };
        int ret;
@@ -1202,11 +1202,13 @@ static int ux_socket_bind(struct ctdb_context *ctdb)
                goto failed;
        }
 
-       ret = chown(ctdb->daemon.name, geteuid(), getegid());
-       if (ret != 0) {
-               D_ERR("Unable to secure (chown) ctdb socket '%s'\n",
-                     ctdb->daemon.name);
-               goto failed;
+       if (!test_mode_enabled) {
+               ret = chown(ctdb->daemon.name, geteuid(), getegid());
+               if (ret != 0 && !test_mode_enabled) {
+                       D_ERR("Unable to secure (chown) ctdb socket '%s'\n",
+                             ctdb->daemon.name);
+                       goto failed;
+               }
        }
 
        ret = chmod(ctdb->daemon.name, 0700);
@@ -1493,7 +1495,7 @@ int ctdb_start_daemon(struct ctdb_context *ctdb,
        ctdb_create_pidfile(ctdb);
 
        /* create a unix domain stream socket to listen to */
-       ret = ux_socket_bind(ctdb);
+       ret = ux_socket_bind(ctdb, test_mode_enabled);
        if (ret != 0) {
                D_ERR("Cannot continue.  Exiting!\n");
                exit(10);
Samba Shared Repository