[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ITS#98 'user' patch for BSD systems

patl@phoenix.volant.org writes:

> There may not be a passwd entry for that uid.

Good point.

> I'll admit that multiple usernames with one uid (and different group
> sets), and valid uids with no associated passwd entry are probably
> rare pathological cases.  I was taking the paranoid cover-all-bases
> approach; but I'm not particularly married to it.

Thanks.  Then I suggest we require groups to be specified if the user is
numeric _and_ getpwuid() failed (so run_username == NULL).  Since ps/ls
don't do or say anything clever, people who use uids with multiple
usernames need to know what they are doing anyway.

> That looks reasonable.  You might be able to simplify a little by
> leaving ngids==0 for the initgroups case and making that final part:
>     if ( run_uid != 0 ) {

Poor 'root' - isn't he allowed to grab a group id and use that to access
the database? :-)  He might be mapped to 'nobody' on some relevant
filesystem.  This seems better:

      if ( run_uid >= 0 || run_username != NULL ) {

where run_uid would be initialized as -1.

> But your version is better if we assume the possible addition of
> separate -u and -g command-line options; and we allow -g to be
> specified without -u.  Separate options seems likely since that
> provides the easiest way of parsing multiple groups.

Whoever adds options can worry about that.  But maybe the easiest to
implement is
	-c "slapd.conf-line"
in any case.

>>> (It is only by a herculean effort of will that I'm avoiding starting a
>>> rant about isdigit(), et. al., not being able to handle whatever char
>>> type is native to that compiler.
> (...)

Sorry, after your herculean effort I should not have tempted you.
I'll send a short private reply instead.