Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow operator to use lvm in read-only mode. Switch LVM lock dir to 

/var/run/lvm and create it in rc.d/mountcritlocal. Fix dm control device
permissions to allow rw for operator.

Test if we are running lvm commands as operator and if that it's true do not
create vg backups and do not print confusing warning.
This commit is contained in:
haad 2011-01-05 14:57:27 +00:00
parent 4f0bf5bf27
commit 912a040b47
11 changed files with 100 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
distrib/sets/lists/base/mi
View File

@ -1,4 +1,4 @@
# $NetBSD: mi,v 1.912 2011/01/01 13:09:13 haad Exp $ # $NetBSD: mi,v 1.913 2011/01/05 14:57:29 haad Exp $
# #
# Note: Don't delete entries from here - mark them as "obsolete" instead, # Note: Don't delete entries from here - mark them as "obsolete" instead,
# unless otherwise stated below. # unless otherwise stated below.
@ -4836,8 +4836,8 @@
./var/games/sail base-games-root ./var/games/sail base-games-root
./var/games/save base-obsolete obsolete ./var/games/save base-obsolete obsolete
./var/heimdal base-krb5-root ./var/heimdal base-krb5-root
./var/lock base-sys-root ./var/lock base-sys-root obsolete
./var/lock/lvm base-sys-root lvm ./var/lock/lvm base-sys-root obsolete
./var/log base-sys-root ./var/log base-sys-root
./var/log/rdist base-netutil-root ./var/log/rdist base-netutil-root
./var/mail base-mail-root ./var/mail base-mail-root

4
etc/mtree/NetBSD.dist.base
View File

@ -1,4 +1,4 @@
# $NetBSD: NetBSD.dist.base,v 1.71 2011/01/01 22:11:45 haad Exp $ # $NetBSD: NetBSD.dist.base,v 1.72 2011/01/05 14:57:29 haad Exp $
# @(#)4.4BSD.dist 8.1 (Berkeley) 6/13/93 # @(#)4.4BSD.dist 8.1 (Berkeley) 6/13/93
# Do not customize this file as it may be overwritten on upgrades. # Do not customize this file as it may be overwritten on upgrades.
@ -1098,8 +1098,6 @@
./var/games/phantasia uname=games gname=games mode=0775 ./var/games/phantasia uname=games gname=games mode=0775
./var/games/sail uname=games gname=games mode=0775 ./var/games/sail uname=games gname=games mode=0775
./var/heimdal ./var/heimdal
./var/lock gname=operator mode=0710
./var/lock/lvm gname=operator mode=0770
./var/log ./var/log
./var/log/rdist ./var/log/rdist
./var/mail mode=1777 ./var/mail mode=1777

8
etc/rc.d/mountcritlocal
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# $NetBSD: mountcritlocal,v 1.10 2009/04/21 16:08:57 joerg Exp $ # $NetBSD: mountcritlocal,v 1.11 2011/01/05 14:57:29 haad Exp $
# #
# PROVIDE: mountcritlocal # PROVIDE: mountcritlocal
@ -25,6 +25,12 @@ mountcritlocal_start()
# #
rm -f /etc/nologin /var/spool/lock/LCK.* rm -f /etc/nologin /var/spool/lock/LCK.*
(cd /var/run && rm -rf -- *) (cd /var/run && rm -rf -- *)
# create LVM locking directory, it needs to be owned by operator
# group and has parmissions to allow lock file creation.
#
mkdir /var/run/lvm
chown root:operator /var/run/lvm
chmod 770 /var/run/lvm
} }
load_rc_config $name load_rc_config $name

4
external/gpl2/lvm2/dist/include/defaults.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: defaults.h,v 1.1.1.2 2009/12/02 00:25:44 haad Exp $ */ /* $NetBSD: defaults.h,v 1.2 2011/01/05 14:57:27 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -39,7 +39,7 @@
#define DEFAULT_DATA_ALIGNMENT_OFFSET_DETECTION 1 #define DEFAULT_DATA_ALIGNMENT_OFFSET_DETECTION 1
#define DEFAULT_DATA_ALIGNMENT_DETECTION 1 #define DEFAULT_DATA_ALIGNMENT_DETECTION 1
#define DEFAULT_LOCK_DIR "/var/lock/lvm" #define DEFAULT_LOCK_DIR "/var/run/lvm"
#define DEFAULT_LOCKING_LIB "liblvm2clusterlock.so" #define DEFAULT_LOCKING_LIB "liblvm2clusterlock.so"
#define DEFAULT_FALLBACK_TO_LOCAL_LOCKING 1 #define DEFAULT_FALLBACK_TO_LOCAL_LOCKING 1
#define DEFAULT_FALLBACK_TO_CLUSTERED_LOCKING 1 #define DEFAULT_FALLBACK_TO_CLUSTERED_LOCKING 1

14
external/gpl2/lvm2/dist/lib/format_text/archiver.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: archiver.c,v 1.1.1.3 2009/12/02 00:26:29 haad Exp $ */ /* $NetBSD: archiver.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -117,6 +117,12 @@ int archive(struct volume_group *vg)
return 1; return 1;
} }
#ifdef __NetBSD__
if (is_operator()) {
log_verbose("Operator usage: Skipping archiving of volume group.");
return 1;
}
#endif
if (!dm_create_dir(vg->cmd->archive_params->dir)) if (!dm_create_dir(vg->cmd->archive_params->dir))
return 0; return 0;
@ -221,6 +227,12 @@ int backup_locally(struct volume_group *vg)
return 1; return 1;
} }
#ifdef __NetBSD__
if (is_operator()) {
log_verbose("Operator usage: Skipping archiving of volume group.");
return 1;
}
#endif
if (!dm_create_dir(vg->cmd->backup_params->dir)) if (!dm_create_dir(vg->cmd->backup_params->dir))
return 0; return 0;

21
external/gpl2/lvm2/dist/lib/locking/file_locking.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: file_locking.c,v 1.1.1.3 2009/12/02 00:26:24 haad Exp $ */ /* $NetBSD: file_locking.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -322,6 +322,8 @@ static int _file_lock_resource(struct cmd_context *cmd, const char *resource,
int init_file_locking(struct locking_type *locking, struct cmd_context *cmd) int init_file_locking(struct locking_type *locking, struct cmd_context *cmd)
{ {
mode_t old_umask;
locking->lock_resource = _file_lock_resource; locking->lock_resource = _file_lock_resource;
locking->reset_locking = _reset_file_locking; locking->reset_locking = _reset_file_locking;
locking->fin_locking = _fin_file_locking; locking->fin_locking = _fin_file_locking;
@ -335,10 +337,23 @@ int init_file_locking(struct locking_type *locking, struct cmd_context *cmd)
_prioritise_write_locks = _prioritise_write_locks =
find_config_tree_bool(cmd, "global/prioritise_write_locks", find_config_tree_bool(cmd, "global/prioritise_write_locks",
DEFAULT_PRIORITISE_WRITE_LOCKS); DEFAULT_PRIORITISE_WRITE_LOCKS);
old_umask = umask(LVM_LOCKDIR_MODE);
if (!dm_create_dir(_lock_dir)) if (!dm_create_dir(_lock_dir)){
umask(old_umask);
return 0; return 0;
} else {
/* Change lockfile directory owner to match with others */
if (chown(_lock_dir, DM_DEVICE_UID, DM_DEVICE_GID) == -1) {
if (errno == EPERM)
goto next;
log_sys_error("chown", _lock_dir);
return 0;
}
}
next:
umask(old_umask);
/* Trap a read-only file system */ /* Trap a read-only file system */
if ((access(_lock_dir, R_OK | W_OK | X_OK) == -1) && (errno == EROFS)) if ((access(_lock_dir, R_OK | W_OK | X_OK) == -1) && (errno == EROFS))
return 0; return 0;

17
external/gpl2/lvm2/dist/lib/misc/lvm-globals.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: lvm-globals.c,v 1.1.1.3 2009/12/02 00:26:44 haad Exp $ */ /* $NetBSD: lvm-globals.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -41,6 +41,21 @@ static int _ignore_suspended_devices = 0;
static int _error_message_produced = 0; static int _error_message_produced = 0;
static unsigned _is_static = 0; static unsigned _is_static = 0;
#ifdef __NetBSD__
static int _is_operator = 0;
void init_operator(int operator)
{
_is_operator = operator;
}
int is_operator()
{
return _is_operator;
}
#endif
void init_verbose(int level) void init_verbose(int level)
{ {
_verbose_level = level; _verbose_level = level;

7
external/gpl2/lvm2/dist/lib/misc/lvm-globals.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: lvm-globals.h,v 1.1.1.2 2009/02/18 11:17:17 haad Exp $ */ /* $NetBSD: lvm-globals.h,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -21,6 +21,11 @@
#define VERBOSE_BASE_LEVEL _LOG_WARN #define VERBOSE_BASE_LEVEL _LOG_WARN
#define SECURITY_LEVEL 0 #define SECURITY_LEVEL 0
#ifdef __NetBSD__
void init_operator(int operator);
int is_operator(void);
#endif
void init_verbose(int level); void init_verbose(int level);
void init_test(int level); void init_test(int level);
void init_md_filtering(int level); void init_md_filtering(int level);

7
external/gpl2/lvm2/dist/libdm/libdm-file.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: libdm-file.c,v 1.1.1.1 2008/12/22 00:18:33 haad Exp $ */ /* $NetBSD: libdm-file.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -21,6 +21,11 @@
#include <fcntl.h> #include <fcntl.h>
#include <dirent.h> #include <dirent.h>
/*
* Created directories permissions are controled by umask values and
* they should be set by api user before calling this function.
* Changing directory owners is also left on caller.
*/
static int _create_dir_recursive(const char *dir) static int _create_dir_recursive(const char *dir)
{ {
char *orig, *s; char *orig, *s;

26
external/gpl2/lvm2/dist/tools/lvmcmdline.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: lvmcmdline.c,v 1.1.1.3 2009/12/02 00:25:52 haad Exp $ */ /* $NetBSD: lvmcmdline.c,v 1.2 2011/01/05 14:57:28 haad Exp $ */
/* /*
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved. * Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
@ -1296,8 +1296,32 @@ static void _exec_lvm1_command(char **argv)
static void _nonroot_warning(void) static void _nonroot_warning(void)
{ {
#ifdef __NetBSD__
gid_t groups_list[NGROUPS_MAX];
int i, group_num, is_operator = 0;
/* Operator group in NetBSD should be able to see lvm status. */
if (getuid() || geteuid()) {
group_num = getgroups(NGROUPS_MAX, groups_list);
for (i = 0; i < group_num; i++) {
if (groups_list[i] == DM_DEVICE_GID) {
is_operator = 1;
init_operator(is_operator);
break;
}
}
if (is_operator)
log_warn("WARNING: Using LVM as operator you have only read access.");
else
log_warn("WARNING: Running as a non-root user and without "
"operator group. Functionality may be unavailable.");
}
#else
if (getuid() || geteuid()) if (getuid() || geteuid())
log_warn("WARNING: Running as a non-root user. Functionality may be unavailable."); log_warn("WARNING: Running as a non-root user. Functionality may be unavailable.");
#endif
} }
int lvm2_main(int argc, char **argv) int lvm2_main(int argc, char **argv)

5
external/gpl2/lvm2/lvm2tools.mk vendored
View File

@ -1,4 +1,4 @@
# $NetBSD: lvm2tools.mk,v 1.2 2010/12/23 17:46:54 christos Exp $ # $NetBSD: lvm2tools.mk,v 1.3 2011/01/05 14:57:27 haad Exp $
.include <bsd.own.mk> .include <bsd.own.mk>
@ -10,7 +10,8 @@ LIBDM_DISTDIR= ${NETBSDSRCDIR}/external/gpl2/lvm2/dist/libdm
LIBDM_INCLUDE= ${NETBSDSRCDIR}/external/gpl2/lvm2/dist/include LIBDM_INCLUDE= ${NETBSDSRCDIR}/external/gpl2/lvm2/dist/include
# root:operator [cb]rw-r----- # root:operator [cb]rw-r-----
CPPFLAGS+=-DDM_DEVICE_UID=0 -DDM_DEVICE_GID=5 -DDM_DEVICE_MODE=0640 CPPFLAGS+=-DDM_DEVICE_UID=0 -DDM_DEVICE_GID=5 -DDM_DEVICE_MODE=0640 \
-DDM_CONTROL_DEVICE_MODE=0660 -DLVM_LOCKDIR_MODE=0770
# #
#LIBDM_OBJDIR.libdevmapper=${LIBDM_SRCDIR}/lib/libdevmapper/ #LIBDM_OBJDIR.libdevmapper=${LIBDM_SRCDIR}/lib/libdevmapper/