Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: src

Module Name:    src
Committed By:   riastradh
Date:           Wed Apr 29 05:54:37 UTC 2020

Modified Files:
        src/external/cddl/osnet/sys/sys: cred.h
        src/sys/sys: kauth.h

Log Message:
Fix crgetgroups shim.

- Don't use a static buffer for the result.

- kauth_cred_getgroups refuses to return more than the actual number
  of groups, so passing NGROUPS_MAX generally doesn't work.

To avoid patching zfs, just expose struct kauth_cred::cr_groups
directly, with __KAUTH_PRIVATE.  Unclear why the official API only
exposes it via memcpy or copyout anyway.

This makes unprivileged zfs operations work, by anyone with access to
/dev/zfs (which is conventionally mode 777, and which we should maybe
set it to by default; zfs has its own ACL system, zfs allow).

To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/external/cddl/osnet/sys/sys/cred.h
cvs rdiff -u -r1.83 -r1.84 src/sys/sys/kauth.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index