From owner-svn-src-head@FreeBSD.ORG Mon Sep 28 19:46:20 2009 Return-Path: Delivered-To: svn-src-head@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 49C73106568D; Mon, 28 Sep 2009 19:46:20 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 0C99C8FC0C; Mon, 28 Sep 2009 19:46:19 +0000 (UTC) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id n8SJkInb092329; Mon, 28 Sep 2009 13:46:18 -0600 (MDT) Message-ID: <4AC11285.5070404@FreeBSD.org> Date: Mon, 28 Sep 2009 13:46:13 -0600 From: Jamie Gritton User-Agent: Thunderbird 2.0.0.19 (X11/20090109) MIME-Version: 1.0 To: Robert Watson References: <200909281855.n8SItTDF062998@svn.freebsd.org> <200909281511.25338.jhb@freebsd.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org, John Baldwin Subject: Re: svn commit: r197584 - head/sys/rpc/rpcsec_gss X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Sep 2009 19:46:20 -0000 Robert Watson wrote: > > On Mon, 28 Sep 2009, John Baldwin wrote: > >> ============================================================================== >> >>> --- head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Mon Sep 28 18:54:26 2009 >> (r197583) >>> +++ head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Mon Sep 28 18:55:29 2009 >> (r197584) >>> @@ -449,6 +449,8 @@ rpc_gss_svc_getcred(struct svc_req *req, >>> cr->cr_uid = cr->cr_ruid = cr->cr_svuid = uc->uid; >>> cr->cr_rgid = cr->cr_svgid = uc->gid; >>> crsetgroups(cr, uc->gidlen, uc->gidlist); >>> + cr->cr_prison = &prison0; >>> + prison_hold(cr->cr_prison); >>> *crp = crhold(cr); >>> >>> return (TRUE); >> >> FYI, it would be nice if prison_hold() returned a pointer to the >> prison as you can then do what crhold() does above: >> >> cr->cr_prison = prison_hold(&prison0); >> >> I prefer combining the refcount and assignment into one step with the >> goal of avoiding outright assignments that don't go via foo_hold() or >> fooref() for refcounted objects. > > In the long-term, explicit references to proc0, prison0, thread0, > filedesc0, ... all make me rather nervous. I'd rather that all these > things were linked to either the credentials of the file system mount, > the user thread, or perhaps gssd in some cases. From the perspective if > virtualization, the file system mount credential seems the most likely > candidate. Do we want some better standard for creating these daemon creds than hand-rolling them from crget? Both NFS export and GSS seems to have a user and group list passed in, so it's more than a matter of using the current cred - perhaps some superset of change_ruid. - Jamie