BIND 10 master, updated. 73d2c507ffae1519e72f6b2e372f75aa5ad536c1 Changelog
BIND 10 source code commits
bind10-changes at lists.isc.org
Thu Jan 12 00:18:04 UTC 2012
The branch, master has been updated
via 73d2c507ffae1519e72f6b2e372f75aa5ad536c1 (commit)
via edc5b3c12eb45437361484c843794416ad86bb00 (commit)
via 47eecefe9805a080decaefa12509a361b9213677 (commit)
via 142ae6ee996b782e97a7db7c1b2318a0548178b0 (commit)
via 07ff448e6c11eba022786cccf03d89e658c37d9f (commit)
via 4c80cfde85d88b2d8846197075ff22eed2bca306 (commit)
via dcfd99e26c1cf8040d58a77a689ad7939cc24884 (commit)
via 7fc73c203b222c1dbbd12744b4244b2673aa6f94 (commit)
via 81d3340075975fd4d9ff0e0fb3c526bf1f1b58a6 (commit)
via 6ce0d2a309b5032305ae13528ad0a71494558b58 (commit)
via 04dca588b5ec0f63e91800c612f6f616422cc9df (commit)
via 9e43c8d7558c31febb16c412a4ce425cac5257b5 (commit)
from 17c32814ead8f8f4241e7f89eeed668d89868ef0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 73d2c507ffae1519e72f6b2e372f75aa5ad536c1
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Jan 11 21:31:20 2012 +0100
Changelog
commit edc5b3c12eb45437361484c843794416ad86bb00
Merge: 47eecefe9805a080decaefa12509a361b9213677 81d3340075975fd4d9ff0e0fb3c526bf1f1b58a6
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Jan 11 21:17:48 2012 +0100
Merge #1509
commit 47eecefe9805a080decaefa12509a361b9213677
Merge: 142ae6ee996b782e97a7db7c1b2318a0548178b0 4c80cfde85d88b2d8846197075ff22eed2bca306
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Jan 11 21:16:33 2012 +0100
Merge #1510
commit 142ae6ee996b782e97a7db7c1b2318a0548178b0
Merge: 17c32814ead8f8f4241e7f89eeed668d89868ef0 07ff448e6c11eba022786cccf03d89e658c37d9f
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Jan 11 20:20:18 2012 +0100
Merge #1508
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 9 +++-
doc/guide/bind10-guide.xml | 18 +------
src/bin/auth/Makefile.am | 1 -
src/bin/auth/b10-auth.xml | 15 -----
src/bin/auth/change_user.cc | 54 -----------------
src/bin/auth/change_user.h | 57 ------------------
src/bin/auth/main.cc | 10 ---
src/bin/auth/tests/Makefile.am | 2 -
src/bin/auth/tests/change_user_unittest.cc | 65 ---------------------
src/bin/bind10/bind10_src.py.in | 27 +-------
src/bin/bind10/bob.spec | 7 +--
src/bin/resolver/Makefile.am | 2 -
src/bin/resolver/b10-resolver.xml | 15 -----
src/bin/resolver/main.cc | 11 ----
src/lib/python/isc/bind10/special_component.py | 34 ++---------
src/lib/python/isc/bind10/tests/component_test.py | 42 +++++++++++---
16 files changed, 53 insertions(+), 316 deletions(-)
delete mode 100644 src/bin/auth/change_user.cc
delete mode 100644 src/bin/auth/change_user.h
delete mode 100644 src/bin/auth/tests/change_user_unittest.cc
-----------------------------------------------------------------------
diff --git a/ChangeLog b/ChangeLog
index c1d99a0..76fb26f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,11 @@
-361. [func] vorner,jelte,jinmei
+362. [func]* vorner
+ Due to the socket creator changes, b10-auth and b10-resolver are no longer
+ needed to start as root. They are started as the user they should be
+ running, so they no longer have the -u flag for switching the user after
+ initialization.
+ (Trac #1508-#1510, git edc5b3c12eb45437361484c843794416ad86bb00)
+
+361. [func] vorner,jelte,jinmei
The socket creator is now used to provide sockets. It means you can
reconfigure the ports and addresses at runtime even when the rest
of the bind10 runs as non root user.
diff --git a/doc/guide/bind10-guide.xml b/doc/guide/bind10-guide.xml
index 5cf7271..c37f1c3 100644
--- a/doc/guide/bind10-guide.xml
+++ b/doc/guide/bind10-guide.xml
@@ -829,7 +829,6 @@ as a dependency earlier -->
<row><entry>b10-auth</entry><entry>auth</entry><entry>Authoritative server</entry></row>
<row><entry>b10-resolver</entry><entry>resolver</entry><entry>The resolver</entry></row>
<row><entry>b10-cmdctl</entry><entry>cmdctl</entry><entry>The command control (remote control interface)</entry></row>
- <row><entry>setuid</entry><entry>setuid</entry><entry>Virtual component, see below</entry></row>
<!-- TODO Either add xfrin and xfrout as well or clean up the workarounds in boss before the release -->
</tbody>
</tgroup>
@@ -857,6 +856,7 @@ as a dependency earlier -->
The priority defines order in which the components should start.
The ones with higher number are started sooner than the ones with
lower ones. If you don't set it, 0 (zero) is used as the priority.
+ Usually, leaving it at the default is enough.
</para>
<para>
@@ -914,22 +914,6 @@ address, but the usual ones don't." mean? -->
</para>
</note>
- <para>
- Now, to the mysterious setuid virtual component. If you
- use the <command>-u</command> option to start the
- <command>bind10</command> as root, but change the user
- later, we need to start the <command>b10-auth</command> or
- <command>b10-resolver</command> as root (until the socket
- creator is finished).<!-- TODO --> So we need to specify
- the time when the switch from root do the given user happens
- and that's what the setuid component is for. The switch is
- done at the time the setuid component would be started, if
- it was a process. The default configuration contains the
- setuid component with priority 5, <command>b10-auth</command>
- has 10 to be started before the switch and everything else
- is without priority, so it is started after the switch.
- </para>
-
</section>
</chapter>
diff --git a/src/bin/auth/Makefile.am b/src/bin/auth/Makefile.am
index 3d60432..66abbe2 100644
--- a/src/bin/auth/Makefile.am
+++ b/src/bin/auth/Makefile.am
@@ -44,7 +44,6 @@ pkglibexec_PROGRAMS = b10-auth
b10_auth_SOURCES = query.cc query.h
b10_auth_SOURCES += auth_srv.cc auth_srv.h
b10_auth_SOURCES += auth_log.cc auth_log.h
-b10_auth_SOURCES += change_user.cc change_user.h
b10_auth_SOURCES += auth_config.cc auth_config.h
b10_auth_SOURCES += command.cc command.h
b10_auth_SOURCES += common.h common.cc
diff --git a/src/bin/auth/b10-auth.xml b/src/bin/auth/b10-auth.xml
index 636f437..f2f185a 100644
--- a/src/bin/auth/b10-auth.xml
+++ b/src/bin/auth/b10-auth.xml
@@ -45,7 +45,6 @@
<cmdsynopsis>
<command>b10-auth</command>
<arg><option>-n</option></arg>
- <arg><option>-u <replaceable>username</replaceable></option></arg>
<arg><option>-v</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -93,20 +92,6 @@
</varlistentry>
<varlistentry>
- <term><option>-u <replaceable>username</replaceable></option></term>
- <listitem>
- <para>
- The user name of the <command>b10-auth</command> daemon.
- If specified, the daemon changes the process owner to the
- specified user.
- The <replaceable>username</replaceable> must be either a
- valid numeric user ID or a valid user name.
- By default the daemon runs as the user who invokes it.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term><option>-v</option></term>
<listitem><para>
Enabled verbose mode. This enables diagnostic messages to
diff --git a/src/bin/auth/change_user.cc b/src/bin/auth/change_user.cc
deleted file mode 100644
index 253b8fb..0000000
--- a/src/bin/auth/change_user.cc
+++ /dev/null
@@ -1,54 +0,0 @@
-// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-// PERFORMANCE OF THIS SOFTWARE.
-
-#include <errno.h>
-#include <string.h>
-#include <pwd.h>
-#include <unistd.h>
-
-#include <boost/lexical_cast.hpp>
-
-#include <exceptions/exceptions.h>
-
-#include <auth/common.h>
-
-using namespace boost;
-using namespace std;
-
-void
-changeUser(const char* const username) {
- const struct passwd *runas_pw = NULL;
-
- runas_pw = getpwnam(username);
- endpwent();
- if (runas_pw == NULL) {
- try {
- runas_pw = getpwuid(lexical_cast<uid_t>(username));
- endpwent();
- } catch (const bad_lexical_cast&) {
- ; // fall through to isc_throw below.
- }
- }
- if (runas_pw == NULL) {
- throw FatalError("Unknown user name or UID:" + string(username));
- }
-
- if (setgid(runas_pw->pw_gid) < 0) {
- throw FatalError("setgid() failed: " + string(strerror(errno)));
- }
-
- if (setuid(runas_pw->pw_uid) < 0) {
- throw FatalError("setuid() failed: " + string(strerror(errno)));
- }
-}
diff --git a/src/bin/auth/change_user.h b/src/bin/auth/change_user.h
deleted file mode 100644
index e4fc5ee..0000000
--- a/src/bin/auth/change_user.h
+++ /dev/null
@@ -1,57 +0,0 @@
-// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-// PERFORMANCE OF THIS SOFTWARE.
-
-#ifndef __CHANGE_USER_H
-#define __CHANGE_USER_H 1
-
-/// \brief Change the run time user.
-///
-/// This function changes the user and its group of the authoritative server
-/// process.
-///
-/// On success the user ID of the process is changed to the specified user,
-/// and the group is changed to that of the new user.
-///
-/// This is considered a short term workaround until we develop clearer
-/// privilege separation, where the server won't even have to open privileged
-/// ports and can be started by a non privileged user from the beginning.
-/// This function therefore ignores some corner case problems (see below)
-/// which we would address otherwise.
-///
-/// \c username can be either a textual user name or its numeric ID.
-/// If the specified user name (or ID) doesn't specify a local user ID
-/// or the user originally starting the process doesn't have a permission
-/// of changing the user to \c username, this function throws an exception
-/// of class \c FatalError.
-///
-/// This function internally uses system libraries that do not guarantee
-/// reentrancy. In fact, it doesn't even expect to be called more than once.
-/// The behavior is undefined if this function is called from multiple threads
-/// simultaneously or more generally called multiple times.
-///
-/// This function only offers the basic exception guarantee, that is, if
-/// an exception is thrown from this function, it's possible that an exception
-/// is thrown after changing the group ID. This function doesn't recover
-/// from that situation. In practice, the process is expected to consider
-/// this event a fatal error and will immediately exit, and shouldn't cause
-/// a real trouble.
-///
-/// \param username User name or ID of the new effective user.
-void changeUser(const char* const username);
-
-#endif // __CHANGE_USER_H
-
-// Local Variables:
-// mode: c++
-// End:
diff --git a/src/bin/auth/main.cc b/src/bin/auth/main.cc
index 8b8f63a..ee3a95d 100644
--- a/src/bin/auth/main.cc
+++ b/src/bin/auth/main.cc
@@ -42,7 +42,6 @@
#include <auth/common.h>
#include <auth/auth_config.h>
#include <auth/command.h>
-#include <auth/change_user.h>
#include <auth/auth_srv.h>
#include <auth/auth_log.h>
#include <asiodns/asiodns.h>
@@ -86,7 +85,6 @@ usage() {
cerr << "Usage: b10-auth [-u user] [-nv]"
<< endl;
cerr << "\t-n: do not cache answers in memory" << endl;
- cerr << "\t-u: change process UID to the specified user" << endl;
cerr << "\t-v: verbose output" << endl;
exit(1);
}
@@ -96,7 +94,6 @@ usage() {
int
main(int argc, char* argv[]) {
int ch;
- const char* uid = NULL;
bool cache = true;
bool verbose = false;
@@ -105,9 +102,6 @@ main(int argc, char* argv[]) {
case 'n':
cache = false;
break;
- case 'u':
- uid = optarg;
- break;
case 'v':
verbose = true;
break;
@@ -201,10 +195,6 @@ main(int argc, char* argv[]) {
LOG_ERROR(auth_logger, AUTH_CONFIG_LOAD_FAIL).arg(ex.what());
}
- if (uid != NULL) {
- changeUser(uid);
- }
-
LOG_DEBUG(auth_logger, DBG_AUTH_START, AUTH_LOAD_TSIG);
isc::server_common::initKeyring(*config_session);
auth_server->setTSIGKeyRing(&isc::server_common::keyring);
diff --git a/src/bin/auth/tests/Makefile.am b/src/bin/auth/tests/Makefile.am
index b5b96d7..d24ba89 100644
--- a/src/bin/auth/tests/Makefile.am
+++ b/src/bin/auth/tests/Makefile.am
@@ -24,7 +24,6 @@ run_unittests_SOURCES += $(top_srcdir)/src/lib/dns/tests/unittest_util.cc
run_unittests_SOURCES += ../auth_srv.h ../auth_srv.cc
run_unittests_SOURCES += ../auth_log.h ../auth_log.cc
run_unittests_SOURCES += ../query.h ../query.cc
-run_unittests_SOURCES += ../change_user.h ../change_user.cc
run_unittests_SOURCES += ../auth_config.h ../auth_config.cc
run_unittests_SOURCES += ../command.h ../command.cc
run_unittests_SOURCES += ../common.h ../common.cc
@@ -34,7 +33,6 @@ run_unittests_SOURCES += config_unittest.cc
run_unittests_SOURCES += command_unittest.cc
run_unittests_SOURCES += common_unittest.cc
run_unittests_SOURCES += query_unittest.cc
-run_unittests_SOURCES += change_user_unittest.cc
run_unittests_SOURCES += statistics_unittest.cc
run_unittests_SOURCES += run_unittests.cc
# This is a temporary workaround for #1206, where the InMemoryClient has been
diff --git a/src/bin/auth/tests/change_user_unittest.cc b/src/bin/auth/tests/change_user_unittest.cc
deleted file mode 100644
index 33897b6..0000000
--- a/src/bin/auth/tests/change_user_unittest.cc
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-// PERFORMANCE OF THIS SOFTWARE.
-
-#include <stdlib.h>
-#include <unistd.h> // for getuid
-
-#include <string>
-
-#include <boost/lexical_cast.hpp>
-
-#include <gtest/gtest.h>
-
-#include <auth/common.h>
-#include <auth/change_user.h>
-
-using namespace std;
-
-namespace {
-TEST(ChangeUserTest, changeToTheSameUser) {
- const char* const my_username = getenv("USER");
-
- // normally the USER environment variable should be set to the name
- // of the local user running this test, but it's not always the case.
- if (my_username == NULL) {
- cerr << "Environment variable USER is undefined, skipping the test"
- << endl;
- return;
- }
-
- // changing to the run time user should succeed.
- EXPECT_NO_THROW(changeUser(my_username));
-}
-
-TEST(ChangeUserTest, changeToTheSameUserId) {
- // same as above, but using numeric user ID
- EXPECT_NO_THROW(changeUser(
- (boost::lexical_cast<string>(getuid())).c_str()));
-}
-
-TEST(ChangeUserTest, badUID) {
- // -1 should be an invalid numeric UID, and (hopefully) shouldn't be
- // a valid textual username.
- EXPECT_THROW(changeUser("-1"), FatalError);
-}
-
-TEST(ChangeUserTest, promotionAttempt) {
- // change to root should fail unless the running user is a super user.
- if (getuid() == 0) {
- cerr << "Already a super user, skipping the test" << endl;
- return;
- }
- EXPECT_THROW(changeUser("root"), FatalError);
-}
-}
diff --git a/src/bin/bind10/bind10_src.py.in b/src/bin/bind10/bind10_src.py.in
index 1d43513..3e14f0f 100755
--- a/src/bin/bind10/bind10_src.py.in
+++ b/src/bin/bind10/bind10_src.py.in
@@ -106,14 +106,12 @@ class ProcessInfo:
dev_null = open(os.devnull, "w")
def __init__(self, name, args, env={}, dev_null_stdout=False,
- dev_null_stderr=False, uid=None, username=None):
- self.name = name
+ dev_null_stderr=False):
+ self.name = name
self.args = args
self.env = env
self.dev_null_stdout = dev_null_stdout
self.dev_null_stderr = dev_null_stderr
- self.uid = uid
- self.username = username
self.process = None
self.pid = None
@@ -124,17 +122,6 @@ class ProcessInfo:
# SIGINT signals on Ctrl-C (the boss will shut everthing down by
# other means).
os.setpgrp()
- # Second, set the user ID if one has been specified
- if self.uid is not None:
- try:
- posix.setuid(self.uid)
- except OSError as e:
- if e.errno == errno.EPERM:
- # if we failed to change user due to permission report that
- raise ProcessInfoError("Unable to change to user %s (uid %d)" % (self.username, self.uid))
- else:
- # otherwise simply re-raise whatever error we found
- raise
def _spawn(self):
if self.dev_null_stdout:
@@ -437,8 +424,7 @@ class BoB:
"""
self.log_starting("b10-msgq")
msgq_proc = ProcessInfo("b10-msgq", ["b10-msgq"], self.c_channel_env,
- True, not self.verbose, uid=self.uid,
- username=self.username)
+ True, not self.verbose)
msgq_proc.spawn()
self.log_started(msgq_proc.pid)
@@ -472,8 +458,7 @@ class BoB:
if self.config_filename is not None:
args.append("--config-filename=" + self.config_filename)
bind_cfgd = ProcessInfo("b10-cfgmgr", args,
- self.c_channel_env, uid=self.uid,
- username=self.username)
+ self.c_channel_env)
bind_cfgd.spawn()
self.log_started(bind_cfgd.pid)
@@ -570,8 +555,6 @@ class BoB:
authargs = ['b10-auth']
if self.nocache:
authargs += ['-n']
- if self.uid:
- authargs += ['-u', str(self.uid)]
if self.verbose:
authargs += ['-v']
@@ -589,8 +572,6 @@ class BoB:
self.curproc = "b10-resolver"
# XXX: this must be read from the configuration manager in the future
resargs = ['b10-resolver']
- if self.uid:
- resargs += ['-u', str(self.uid)]
if self.verbose:
resargs += ['-v']
diff --git a/src/bin/bind10/bob.spec b/src/bin/bind10/bob.spec
index adc9798..29b1f40 100644
--- a/src/bin/bind10/bob.spec
+++ b/src/bin/bind10/bob.spec
@@ -8,12 +8,7 @@
"item_type": "named_set",
"item_optional": false,
"item_default": {
- "b10-auth": { "special": "auth", "kind": "needed", "priority": 10 },
- "setuid": {
- "special": "setuid",
- "priority": 5,
- "kind": "dispensable"
- },
+ "b10-auth": { "special": "auth", "kind": "needed" },
"b10-xfrin": { "address": "Xfrin", "kind": "dispensable" },
"b10-xfrout": { "address": "Xfrout", "kind": "dispensable" },
"b10-zonemgr": { "address": "Zonemgr", "kind": "dispensable" },
diff --git a/src/bin/resolver/Makefile.am b/src/bin/resolver/Makefile.am
index 3f5f049..faa166f 100644
--- a/src/bin/resolver/Makefile.am
+++ b/src/bin/resolver/Makefile.am
@@ -49,7 +49,6 @@ pkglibexec_PROGRAMS = b10-resolver
b10_resolver_SOURCES = resolver.cc resolver.h
b10_resolver_SOURCES += resolver_log.cc resolver_log.h
b10_resolver_SOURCES += response_scrubber.cc response_scrubber.h
-b10_resolver_SOURCES += $(top_builddir)/src/bin/auth/change_user.h
b10_resolver_SOURCES += $(top_builddir)/src/bin/auth/common.h
b10_resolver_SOURCES += main.cc
@@ -70,7 +69,6 @@ b10_resolver_LDADD += $(top_builddir)/src/lib/server_common/libserver_common.la
b10_resolver_LDADD += $(top_builddir)/src/lib/cache/libcache.la
b10_resolver_LDADD += $(top_builddir)/src/lib/nsas/libnsas.la
b10_resolver_LDADD += $(top_builddir)/src/lib/resolve/libresolve.la
-b10_resolver_LDADD += $(top_builddir)/src/bin/auth/change_user.o
b10_resolver_LDFLAGS = -pthread
# TODO: config.h.in is wrong because doesn't honor pkgdatadir
diff --git a/src/bin/resolver/b10-resolver.xml b/src/bin/resolver/b10-resolver.xml
index 75cced7..d8f5c45 100644
--- a/src/bin/resolver/b10-resolver.xml
+++ b/src/bin/resolver/b10-resolver.xml
@@ -44,7 +44,6 @@
<refsynopsisdiv>
<cmdsynopsis>
<command>b10-resolver</command>
- <arg><option>-u <replaceable>username</replaceable></option></arg>
<arg><option>-v</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -85,20 +84,6 @@
<variablelist>
- <varlistentry>
- <term><option>-u <replaceable>username</replaceable></option></term>
- <listitem>
- <para>
- The user name of the <command>b10-resolver</command> daemon.
- If specified, the daemon changes the process owner to the
- specified user.
- The <replaceable>username</replaceable> must be either a
- valid numeric user ID or a valid user name.
- By default the daemon runs as the user who invokes it.
- </para>
- </listitem>
- </varlistentry>
-
<!-- TODO: this needs to be fixed as -v on command line
should imply stdout or stderr output also -->
<!-- TODO: can this -v be overidden by configuration or bindctl? -->
diff --git a/src/bin/resolver/main.cc b/src/bin/resolver/main.cc
index ef995c2..4834458 100644
--- a/src/bin/resolver/main.cc
+++ b/src/bin/resolver/main.cc
@@ -45,7 +45,6 @@
#include <xfr/xfrout_client.h>
-#include <auth/change_user.h>
#include <auth/common.h>
#include <resolver/spec_config.h>
@@ -95,7 +94,6 @@ my_command_handler(const string& command, ConstElementPtr args) {
void
usage() {
cerr << "Usage: b10-resolver [-u user] [-v]" << endl;
- cerr << "\t-u: change process UID to the specified user" << endl;
cerr << "\t-v: verbose output" << endl;
exit(1);
}
@@ -105,13 +103,9 @@ int
main(int argc, char* argv[]) {
bool verbose = false;
int ch;
- const char* uid = NULL;
while ((ch = getopt(argc, argv, "u:v")) != -1) {
switch (ch) {
- case 'u':
- uid = optarg;
- break;
case 'v':
verbose = true;
break;
@@ -214,11 +208,6 @@ main(int argc, char* argv[]) {
my_command_handler);
LOG_DEBUG(resolver_logger, RESOLVER_DBG_INIT, RESOLVER_CONFIG_CHANNEL);
- // FIXME: This does not belong here, but inside Boss
- if (uid != NULL) {
- changeUser(uid);
- }
-
resolver->setConfigSession(config_session);
// Install all initial configurations. If loading configuration
// fails, it will be logged, but we start the server anyway, giving
diff --git a/src/lib/python/isc/bind10/special_component.py b/src/lib/python/isc/bind10/special_component.py
index 29cdf62..ebdc07f 100644
--- a/src/lib/python/isc/bind10/special_component.py
+++ b/src/lib/python/isc/bind10/special_component.py
@@ -36,6 +36,7 @@ class SockCreator(BaseComponent):
def __init__(self, process, boss, kind, address=None, params=None):
BaseComponent.__init__(self, boss, kind)
self.__creator = None
+ self.__uid = boss.uid
def _start_internal(self):
self._boss.curproc = 'b10-sockcreator'
@@ -44,6 +45,9 @@ class SockCreator(BaseComponent):
self._boss.register_process(self.pid(), self)
self._boss.set_creator(self.__creator)
self._boss.log_started(self.pid())
+ if self.__uid is not None:
+ logger.info(BIND10_SETUID, self.__uid)
+ posix.setuid(self.__uid)
def _stop_internal(self):
self.__creator.terminate()
@@ -108,32 +112,6 @@ class CmdCtl(Component):
def __init__(self, process, boss, kind, address=None, params=None):
Component.__init__(self, process, boss, kind, 'Cmdctl', None,
boss.start_cmdctl)
-
-class SetUID(BaseComponent):
- """
- This is a pseudo-component which drops root privileges when started
- and sets the uid stored in boss.
-
- This component does nothing when stopped.
- """
- def __init__(self, process, boss, kind, address=None, params=None):
- BaseComponent.__init__(self, boss, kind)
- self.uid = boss.uid
-
- def _start_internal(self):
- if self.uid is not None:
- logger.info(BIND10_SETUID, self.uid)
- posix.setuid(self.uid)
-
- def _stop_internal(self): pass
- def kill(self, forceful=False): pass
-
- def name(self):
- return "Set UID"
-
- def pid(self):
- return None
-
def get_specials():
"""
List of specially started components. Each one should be the class than can
@@ -147,7 +125,5 @@ def get_specials():
# They should not have any parameters anyway
'auth': Auth,
'resolver': Resolver,
- 'cmdctl': CmdCtl,
- # TODO: Remove when not needed, workaround before sockcreator works
- 'setuid': SetUID
+ 'cmdctl': CmdCtl
}
diff --git a/src/lib/python/isc/bind10/tests/component_test.py b/src/lib/python/isc/bind10/tests/component_test.py
index 3b49b18..95137a9 100644
--- a/src/lib/python/isc/bind10/tests/component_test.py
+++ b/src/lib/python/isc/bind10/tests/component_test.py
@@ -507,8 +507,7 @@ class ComponentTests(BossUtils, unittest.TestCase):
isc.bind10.special_component.CfgMgr,
isc.bind10.special_component.Auth,
isc.bind10.special_component.Resolver,
- isc.bind10.special_component.CmdCtl,
- isc.bind10.special_component.SetUID]:
+ isc.bind10.special_component.CmdCtl]:
component = component_type('none', self, 'needed')
self.assertIsNone(component.pid())
@@ -611,14 +610,38 @@ class ComponentTests(BossUtils, unittest.TestCase):
def setuid(self, uid):
self.__uid_set = uid
- def test_setuid(self):
+ class FakeCreator:
+ def pid(self):
+ return 42
+ def terminate(self): pass
+ def kill(self): pass
+
+ def set_creator(self, creator):
+ """
+ Part of faking being the boss. Check the creator (faked as well)
+ is passed here.
+ """
+ self.assertTrue(isinstance(creator, self.FakeCreator))
+
+ def log_started(self, pid):
+ """
+ Part of faking the boss. Check the pid is the one of the fake creator.
+ """
+ self.assertEqual(42, pid)
+
+ def test_creator(self):
"""
- Some tests around the SetUID pseudo-component.
+ Some tests around the SockCreator component.
"""
- component = isc.bind10.special_component.SetUID(None, self, 'needed',
- None)
+ component = isc.bind10.special_component.SockCreator(None, self,
+ 'needed', None)
orig_setuid = isc.bind10.special_component.posix.setuid
isc.bind10.special_component.posix.setuid = self.setuid
+ orig_creator = \
+ isc.bind10.special_component.isc.bind10.sockcreator.Creator
+ # Just ignore the creator call
+ isc.bind10.special_component.isc.bind10.sockcreator.Creator = \
+ lambda path: self.FakeCreator()
component.start()
# No uid set in boss, nothing called.
self.assertIsNone(self.__uid_set)
@@ -627,11 +650,14 @@ class ComponentTests(BossUtils, unittest.TestCase):
component.kill()
component.kill(True)
self.uid = 42
- component = isc.bind10.special_component.SetUID(None, self, 'needed',
- None)
+ component = isc.bind10.special_component.SockCreator(None, self,
+ 'needed', None)
component.start()
# This time, it get's called
self.assertEqual(42, self.__uid_set)
+ isc.bind10.special_component.posix.setuid = orig_setuid
+ isc.bind10.special_component.isc.bind10.sockcreator.Creator = \
+ orig_creator
class TestComponent(BaseComponent):
"""
More information about the bind10-changes
mailing list