CVS commit: src

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src
From: "Taylor R Campbell" <riastradh%netbsd.org@localhost>
Date: Wed, 29 Apr 2020 05:54:38 +0000

Module Name:    src
Committed By:   riastradh
Date:           Wed Apr 29 05:54:37 UTC 2020

Modified Files:
        src/external/cddl/osnet/sys/sys: cred.h
        src/sys/sys: kauth.h

Log Message:
Fix crgetgroups shim.

- Don't use a static buffer for the result.

- kauth_cred_getgroups refuses to return more than the actual number
  of groups, so passing NGROUPS_MAX generally doesn't work.

To avoid patching zfs, just expose struct kauth_cred::cr_groups
directly, with __KAUTH_PRIVATE.  Unclear why the official API only
exposes it via memcpy or copyout anyway.

This makes unprivileged zfs operations work, by anyone with access to
/dev/zfs (which is conventionally mode 777, and which we should maybe
set it to by default; zfs has its own ACL system, zfs allow).


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/external/cddl/osnet/sys/sys/cred.h
cvs rdiff -u -r1.83 -r1.84 src/sys/sys/kauth.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/external/cddl/osnet/dist/uts/common/fs/zfs
Next by Date: CVS commit: src/distrib/arc/ramdisk
Previous by Thread: CVS commit: src/external/cddl/osnet/dist/uts/common/fs/zfs
Next by Thread: CVS commit: src/distrib/arc/ramdisk
Indexes:

Home | Main Index | Thread Index | Old Index