[5410] in Moira
Patch to fix Hesiod grplist truncation
daemon@ATHENA.MIT.EDU (Evan Broder)
Fri Jan 23 03:12:21 2009
Message-ID: <49797BA9.4020609@mit.edu>
Date: Fri, 23 Jan 2009 03:11:21 -0500
From: Evan Broder <broder@MIT.EDU>
MIME-Version: 1.0
To: moiradev@mit.edu
Content-Type: multipart/mixed;
boundary="------------040306070403030807040105"
This is a multi-part message in MIME format.
--------------040306070403030807040105
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Hello again -
I've come up with a patch to the Hesiod DCM that I think will solve
the issue where people's grplists get cut off if they're on too many NFS
groups. This is an issue for Athena 10, since we currently use this as a
way to restrict logins per group (several SIPB members get bumped off of
gsipb, and therefore can't remotely log into our Athena 10 office heads).
This patch should create a single RR that contains multiple string
entries. I've tested this using my personal domain, ebroder.net, to
verify that libhesiod does concatenate multiple string entries in a
single RR.
From the zone file:
> mitchb.grplist.ns TXT "sipb-door:68108:lsc-ec-only:1206:lsc-locker-a\
> dmin:14514:dcns-rcc:961:tetazoo-mach-login-acl:68748:lsc-sysadmin:20\
> 224:lsc:5127:lsc-projection:7521:tetazoo-mach-acl:26008:apo-printsho\
> p:16863:lsc-treasury:7526:lsc-slides:17199:axaa-acl:24117:apo-acl:24\
> 667:" "gsipb:15001"
And then querying with libhesiod
> dhcp-18-111-4-73:~ evan$ hesinfo mitchb@ebroder.net grplist
> sipb-door:68108:lsc-ec-only:1206:lsc-locker-admin:14514:dcns-rcc:961:t\
> etazoo-mach-login-acl:68748:lsc-sysadmin:20224:lsc:5127:lsc-projection\
> :7521:tetazoo-mach-acl:26008:apo-printshop:16863:lsc-treasury:7526:lsc\
> -slides:17199:axaa-acl:24117:apo-acl:24667:gsipb:15001
I (obviously) haven't had an opportunity to test this code, and C is not
my best language, so I certainly wouldn't run this on production
hardware without testing, but I believe it does the right thing.
- Evan
--------------040306070403030807040105
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0";
name="dont-truncate-grplist.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="dont-truncate-grplist.patch"
Index: gen/hesiod.pc
===================================================================
RCS file: /mit/moiradev/repository/moira/gen/hesiod.pc,v
retrieving revision 1.23
diff -u -r1.23 hesiod.pc
--- gen/hesiod.pc 22 Oct 2008 16:12:33 -0000 1.23
+++ gen/hesiod.pc 23 Jan 2009 07:52:25 -0000
@@ -448,19 +448,15 @@
len = 0;
for (; g; g = g->next)
{
- if (len + strlen(g->lid) + 1 < MAXHESSIZE)
- {
- fputs(g->lid, lout);
- if (g->next)
- putc(':', lout);
- len += strlen(g->lid) + 1;
- }
- else
- {
- com_err(whoami, 0, "truncated grp list for user %s",
- ((struct user *)b->data)->name);
- break;
- }
+ if (len + strlen(g->lid) + 1 >= MAXHESSIZE)
+ {
+ fputs("\" \"", lout);
+ len = 0;
+ }
+ fputs(g->lid, lout);
+ if (g->next)
+ putc(':', lout);
+ len += strlen(g->lid) + 1;
}
fputs("\"\n", lout);
}
--------------040306070403030807040105--
