diff --git a/distrib/sets/lists/base/mi b/distrib/sets/lists/base/mi index 841624c7d162..3096e4173f81 100644 --- a/distrib/sets/lists/base/mi +++ b/distrib/sets/lists/base/mi @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.912 2011/01/01 13:09:13 haad Exp $ +# $NetBSD: mi,v 1.913 2011/01/05 14:57:29 haad Exp $ # # Note: Don't delete entries from here - mark them as "obsolete" instead, # unless otherwise stated below. @@ -4836,8 +4836,8 @@ ./var/games/sail base-games-root ./var/games/save base-obsolete obsolete ./var/heimdal base-krb5-root -./var/lock base-sys-root -./var/lock/lvm base-sys-root lvm +./var/lock base-sys-root obsolete +./var/lock/lvm base-sys-root obsolete ./var/log base-sys-root ./var/log/rdist base-netutil-root ./var/mail base-mail-root diff --git a/etc/mtree/NetBSD.dist.base b/etc/mtree/NetBSD.dist.base index c7bf9e301c67..e7702bf7ccb1 100644 --- a/etc/mtree/NetBSD.dist.base +++ b/etc/mtree/NetBSD.dist.base @@ -1,4 +1,4 @@ -# $NetBSD: NetBSD.dist.base,v 1.71 2011/01/01 22:11:45 haad Exp $ +# $NetBSD: NetBSD.dist.base,v 1.72 2011/01/05 14:57:29 haad Exp $ # @(#)4.4BSD.dist 8.1 (Berkeley) 6/13/93 # Do not customize this file as it may be overwritten on upgrades. @@ -1098,8 +1098,6 @@ ./var/games/phantasia uname=games gname=games mode=0775 ./var/games/sail uname=games gname=games mode=0775 ./var/heimdal -./var/lock gname=operator mode=0710 -./var/lock/lvm gname=operator mode=0770 ./var/log ./var/log/rdist ./var/mail mode=1777 diff --git a/etc/rc.d/mountcritlocal b/etc/rc.d/mountcritlocal index bed941d0de9e..dbe92bffb98c 100755 --- a/etc/rc.d/mountcritlocal +++ b/etc/rc.d/mountcritlocal @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: mountcritlocal,v 1.10 2009/04/21 16:08:57 joerg Exp $ +# $NetBSD: mountcritlocal,v 1.11 2011/01/05 14:57:29 haad Exp $ # # PROVIDE: mountcritlocal @@ -25,6 +25,12 @@ mountcritlocal_start() # rm -f /etc/nologin /var/spool/lock/LCK.* (cd /var/run && rm -rf -- *) + # create LVM locking directory, it needs to be owned by operator + # group and has parmissions to allow lock file creation. + # + mkdir /var/run/lvm + chown root:operator /var/run/lvm + chmod 770 /var/run/lvm } load_rc_config $name diff --git a/external/gpl2/lvm2/dist/include/defaults.h b/external/gpl2/lvm2/dist/include/defaults.h index b85941227499..712b20d9632b 100644 --- a/external/gpl2/lvm2/dist/include/defaults.h +++ b/external/gpl2/lvm2/dist/include/defaults.h @@ -1,4 +1,4 @@ -/* $NetBSD: defaults.h,v 1.1.1.2 2009/12/02 00:25:44 haad Exp $ */ +/* $NetBSD: defaults.h,v 1.2 2011/01/05 14:57:27 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -39,7 +39,7 @@ #define DEFAULT_DATA_ALIGNMENT_OFFSET_DETECTION 1 #define DEFAULT_DATA_ALIGNMENT_DETECTION 1 -#define DEFAULT_LOCK_DIR "/var/lock/lvm" +#define DEFAULT_LOCK_DIR "/var/run/lvm" #define DEFAULT_LOCKING_LIB "liblvm2clusterlock.so" #define DEFAULT_FALLBACK_TO_LOCAL_LOCKING 1 #define DEFAULT_FALLBACK_TO_CLUSTERED_LOCKING 1 diff --git a/external/gpl2/lvm2/dist/lib/format_text/archiver.c b/external/gpl2/lvm2/dist/lib/format_text/archiver.c index 100569ca8cd9..b2f7545692ad 100644 --- a/external/gpl2/lvm2/dist/lib/format_text/archiver.c +++ b/external/gpl2/lvm2/dist/lib/format_text/archiver.c @@ -1,4 +1,4 @@ -/* $NetBSD: archiver.c,v 1.1.1.3 2009/12/02 00:26:29 haad Exp $ */ +/* $NetBSD: archiver.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -117,6 +117,12 @@ int archive(struct volume_group *vg) return 1; } +#ifdef __NetBSD__ + if (is_operator()) { + log_verbose("Operator usage: Skipping archiving of volume group."); + return 1; + } +#endif if (!dm_create_dir(vg->cmd->archive_params->dir)) return 0; @@ -221,6 +227,12 @@ int backup_locally(struct volume_group *vg) return 1; } +#ifdef __NetBSD__ + if (is_operator()) { + log_verbose("Operator usage: Skipping archiving of volume group."); + return 1; + } +#endif if (!dm_create_dir(vg->cmd->backup_params->dir)) return 0; diff --git a/external/gpl2/lvm2/dist/lib/locking/file_locking.c b/external/gpl2/lvm2/dist/lib/locking/file_locking.c index d0298c42c075..6937d474c73e 100644 --- a/external/gpl2/lvm2/dist/lib/locking/file_locking.c +++ b/external/gpl2/lvm2/dist/lib/locking/file_locking.c @@ -1,4 +1,4 @@ -/* $NetBSD: file_locking.c,v 1.1.1.3 2009/12/02 00:26:24 haad Exp $ */ +/* $NetBSD: file_locking.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -322,6 +322,8 @@ static int _file_lock_resource(struct cmd_context *cmd, const char *resource, int init_file_locking(struct locking_type *locking, struct cmd_context *cmd) { + mode_t old_umask; + locking->lock_resource = _file_lock_resource; locking->reset_locking = _reset_file_locking; locking->fin_locking = _fin_file_locking; @@ -335,10 +337,23 @@ int init_file_locking(struct locking_type *locking, struct cmd_context *cmd) _prioritise_write_locks = find_config_tree_bool(cmd, "global/prioritise_write_locks", DEFAULT_PRIORITISE_WRITE_LOCKS); - - if (!dm_create_dir(_lock_dir)) + old_umask = umask(LVM_LOCKDIR_MODE); + if (!dm_create_dir(_lock_dir)){ + umask(old_umask); return 0; + } else { + /* Change lockfile directory owner to match with others */ + if (chown(_lock_dir, DM_DEVICE_UID, DM_DEVICE_GID) == -1) { + if (errno == EPERM) + goto next; + log_sys_error("chown", _lock_dir); + return 0; + } + } +next: + umask(old_umask); + /* Trap a read-only file system */ if ((access(_lock_dir, R_OK | W_OK | X_OK) == -1) && (errno == EROFS)) return 0; diff --git a/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c b/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c index 752bbb24ebe0..6f38ca25fed4 100644 --- a/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c +++ b/external/gpl2/lvm2/dist/lib/misc/lvm-globals.c @@ -1,4 +1,4 @@ -/* $NetBSD: lvm-globals.c,v 1.1.1.3 2009/12/02 00:26:44 haad Exp $ */ +/* $NetBSD: lvm-globals.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -41,6 +41,21 @@ static int _ignore_suspended_devices = 0; static int _error_message_produced = 0; static unsigned _is_static = 0; +#ifdef __NetBSD__ + +static int _is_operator = 0; + +void init_operator(int operator) +{ + _is_operator = operator; +} + +int is_operator() +{ + return _is_operator; +} +#endif + void init_verbose(int level) { _verbose_level = level; diff --git a/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h b/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h index 435f35bdd634..bf6c38af7bd2 100644 --- a/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h +++ b/external/gpl2/lvm2/dist/lib/misc/lvm-globals.h @@ -1,4 +1,4 @@ -/* $NetBSD: lvm-globals.h,v 1.1.1.2 2009/02/18 11:17:17 haad Exp $ */ +/* $NetBSD: lvm-globals.h,v 1.2 2011/01/05 14:57:28 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -21,6 +21,11 @@ #define VERBOSE_BASE_LEVEL _LOG_WARN #define SECURITY_LEVEL 0 +#ifdef __NetBSD__ +void init_operator(int operator); +int is_operator(void); +#endif + void init_verbose(int level); void init_test(int level); void init_md_filtering(int level); diff --git a/external/gpl2/lvm2/dist/libdm/libdm-file.c b/external/gpl2/lvm2/dist/libdm/libdm-file.c index 3ae9f8e7ea0e..b51bec4aec29 100644 --- a/external/gpl2/lvm2/dist/libdm/libdm-file.c +++ b/external/gpl2/lvm2/dist/libdm/libdm-file.c @@ -1,4 +1,4 @@ -/* $NetBSD: libdm-file.c,v 1.1.1.1 2008/12/22 00:18:33 haad Exp $ */ +/* $NetBSD: libdm-file.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -21,6 +21,11 @@ #include #include +/* + * Created directories permissions are controled by umask values and + * they should be set by api user before calling this function. + * Changing directory owners is also left on caller. + */ static int _create_dir_recursive(const char *dir) { char *orig, *s; diff --git a/external/gpl2/lvm2/dist/tools/lvmcmdline.c b/external/gpl2/lvm2/dist/tools/lvmcmdline.c index 7d7dfbb186b9..ae58457993f1 100644 --- a/external/gpl2/lvm2/dist/tools/lvmcmdline.c +++ b/external/gpl2/lvm2/dist/tools/lvmcmdline.c @@ -1,4 +1,4 @@ -/* $NetBSD: lvmcmdline.c,v 1.1.1.3 2009/12/02 00:25:52 haad Exp $ */ +/* $NetBSD: lvmcmdline.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */ /* * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. @@ -1296,8 +1296,32 @@ static void _exec_lvm1_command(char **argv) static void _nonroot_warning(void) { +#ifdef __NetBSD__ + gid_t groups_list[NGROUPS_MAX]; + int i, group_num, is_operator = 0; + + /* Operator group in NetBSD should be able to see lvm status. */ + if (getuid() || geteuid()) { + group_num = getgroups(NGROUPS_MAX, groups_list); + + for (i = 0; i < group_num; i++) { + if (groups_list[i] == DM_DEVICE_GID) { + is_operator = 1; + init_operator(is_operator); + break; + } + } + + if (is_operator) + log_warn("WARNING: Using LVM as operator you have only read access."); + else + log_warn("WARNING: Running as a non-root user and without " + "operator group. Functionality may be unavailable."); + } +#else if (getuid() || geteuid()) log_warn("WARNING: Running as a non-root user. Functionality may be unavailable."); +#endif } int lvm2_main(int argc, char **argv) diff --git a/external/gpl2/lvm2/lvm2tools.mk b/external/gpl2/lvm2/lvm2tools.mk index 78f041dc9a3e..3507078449db 100644 --- a/external/gpl2/lvm2/lvm2tools.mk +++ b/external/gpl2/lvm2/lvm2tools.mk @@ -1,4 +1,4 @@ -# $NetBSD: lvm2tools.mk,v 1.2 2010/12/23 17:46:54 christos Exp $ +# $NetBSD: lvm2tools.mk,v 1.3 2011/01/05 14:57:27 haad Exp $ .include @@ -10,7 +10,8 @@ LIBDM_DISTDIR= ${NETBSDSRCDIR}/external/gpl2/lvm2/dist/libdm LIBDM_INCLUDE= ${NETBSDSRCDIR}/external/gpl2/lvm2/dist/include # root:operator [cb]rw-r----- -CPPFLAGS+=-DDM_DEVICE_UID=0 -DDM_DEVICE_GID=5 -DDM_DEVICE_MODE=0640 +CPPFLAGS+=-DDM_DEVICE_UID=0 -DDM_DEVICE_GID=5 -DDM_DEVICE_MODE=0640 \ + -DDM_CONTROL_DEVICE_MODE=0660 -DLVM_LOCKDIR_MODE=0770 # #LIBDM_OBJDIR.libdevmapper=${LIBDM_SRCDIR}/lib/libdevmapper/