|
 |
27d9ad3 |
diff --git a/support/nfs/cacheio.c b/support/nfs/cacheio.c
|
|
|
27d9ad3 |
index 48292f8..f303734 100644
|
|
|
27d9ad3 |
--- a/support/nfs/cacheio.c
|
|
|
27d9ad3 |
+++ b/support/nfs/cacheio.c
|
|
|
27d9ad3 |
@@ -24,6 +24,7 @@
|
|
|
27d9ad3 |
#include <sys/stat.h>
|
|
|
27d9ad3 |
#include <fcntl.h>
|
|
|
27d9ad3 |
#include <time.h>
|
|
|
27d9ad3 |
+#include <errno.h>
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
void qword_add(char **bpp, int *lp, char *str)
|
|
|
27d9ad3 |
{
|
|
|
27d9ad3 |
@@ -125,7 +126,10 @@ void qword_print(FILE *f, char *str)
|
|
|
27d9ad3 |
char *bp = qword_buf;
|
|
|
27d9ad3 |
int len = sizeof(qword_buf);
|
|
|
27d9ad3 |
qword_add(&bp, &len, str);
|
|
|
27d9ad3 |
- fwrite(qword_buf, bp-qword_buf, 1, f);
|
|
|
27d9ad3 |
+ if (fwrite(qword_buf, bp-qword_buf, 1, f) != 1) {
|
|
|
27d9ad3 |
+ xlog_warn("qword_print: fwrite failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
void qword_printhex(FILE *f, char *str, int slen)
|
|
|
27d9ad3 |
@@ -133,7 +137,10 @@ void qword_printhex(FILE *f, char *str, int slen)
|
|
|
27d9ad3 |
char *bp = qword_buf;
|
|
|
27d9ad3 |
int len = sizeof(qword_buf);
|
|
|
27d9ad3 |
qword_addhex(&bp, &len, str, slen);
|
|
|
27d9ad3 |
- fwrite(qword_buf, bp-qword_buf, 1, f);
|
|
|
27d9ad3 |
+ if (fwrite(qword_buf, bp-qword_buf, 1, f) != 1) {
|
|
|
27d9ad3 |
+ xlog_warn("qword_printhex: fwrite failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
void qword_printint(FILE *f, int num)
|
|
|
27d9ad3 |
@@ -318,7 +325,10 @@ cache_flush(int force)
|
|
|
27d9ad3 |
sprintf(path, "/proc/net/rpc/%s/flush", cachelist[c]);
|
|
|
27d9ad3 |
fd = open(path, O_RDWR);
|
|
|
27d9ad3 |
if (fd >= 0) {
|
|
|
27d9ad3 |
- write(fd, stime, strlen(stime));
|
|
|
27d9ad3 |
+ if (write(fd, stime, strlen(stime)) != strlen(stime)) {
|
|
|
27d9ad3 |
+ xlog_warn("Writing to '%s' failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ path, errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
diff --git a/tools/locktest/testlk.c b/tools/locktest/testlk.c
|
|
|
27d9ad3 |
index b392f71..82ed765 100644
|
|
|
27d9ad3 |
--- a/tools/locktest/testlk.c
|
|
|
27d9ad3 |
+++ b/tools/locktest/testlk.c
|
|
|
27d9ad3 |
@@ -81,7 +81,7 @@ main(int argc, char **argv)
|
|
|
27d9ad3 |
if (fl.l_type == F_UNLCK) {
|
|
|
27d9ad3 |
printf("%s: no conflicting lock\n", fname);
|
|
|
27d9ad3 |
} else {
|
|
|
27d9ad3 |
- printf("%s: conflicting lock by %d on (%ld;%ld)\n",
|
|
|
27d9ad3 |
+ printf("%s: conflicting lock by %d on (%lld;%lld)\n",
|
|
|
27d9ad3 |
fname, fl.l_pid, fl.l_start, fl.l_len);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
return 0;
|
|
|
27d9ad3 |
diff --git a/utils/gssd/context_heimdal.c b/utils/gssd/context_heimdal.c
|
|
|
27d9ad3 |
index ddf064d..6f3b8fd 100644
|
|
|
27d9ad3 |
--- a/utils/gssd/context_heimdal.c
|
|
|
27d9ad3 |
+++ b/utils/gssd/context_heimdal.c
|
|
|
27d9ad3 |
@@ -69,19 +69,19 @@ int write_heimdal_enc_key(char **p, char *end, gss_ctx_id_t ctx)
|
|
|
27d9ad3 |
krb5_context context;
|
|
|
27d9ad3 |
krb5_error_code ret;
|
|
|
27d9ad3 |
int i;
|
|
|
27d9ad3 |
- char *skd, *dkd;
|
|
|
27d9ad3 |
+ char *skd, *dkd, *k5err = NULL;
|
|
|
27d9ad3 |
int code = -1;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((ret = krb5_init_context(&context))) {
|
|
|
27d9ad3 |
- printerr(0, "ERROR: initializing krb5_context: %s\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(NULL, ret));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(NULL, ret);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: initializing krb5_context: %s\n", k5err);
|
|
|
27d9ad3 |
goto out_err;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((ret = krb5_auth_con_getlocalsubkey(context,
|
|
|
27d9ad3 |
ctx->auth_context, &key))){
|
|
|
27d9ad3 |
- printerr(0, "ERROR: getting auth_context key: %s\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, ret));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, ret);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: getting auth_context key: %s\n", k5err);
|
|
|
27d9ad3 |
goto out_err_free_context;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -97,9 +97,9 @@ int write_heimdal_enc_key(char **p, char *end, gss_ctx_id_t ctx)
|
|
|
27d9ad3 |
enc_key.keyvalue.length = key->keyvalue.length;
|
|
|
27d9ad3 |
if ((enc_key.keyvalue.data =
|
|
|
27d9ad3 |
calloc(1, enc_key.keyvalue.length)) == NULL) {
|
|
|
27d9ad3 |
-
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, ENOMEM);
|
|
|
27d9ad3 |
printerr(0, "ERROR: allocating memory for enc key: %s\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, ENOMEM));
|
|
|
27d9ad3 |
+ k5err);
|
|
|
27d9ad3 |
goto out_err_free_key;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
skd = (char *) key->keyvalue.data;
|
|
|
27d9ad3 |
@@ -119,6 +119,7 @@ int write_heimdal_enc_key(char **p, char *end, gss_ctx_id_t ctx)
|
|
|
27d9ad3 |
out_err_free_context:
|
|
|
27d9ad3 |
krb5_free_context(context);
|
|
|
27d9ad3 |
out_err:
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
printerr(2, "write_heimdal_enc_key: %s\n", code ? "FAILED" : "SUCCESS");
|
|
|
27d9ad3 |
return(code);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -128,18 +129,19 @@ int write_heimdal_seq_key(char **p, char *end, gss_ctx_id_t ctx)
|
|
|
27d9ad3 |
krb5_keyblock *key;
|
|
|
27d9ad3 |
krb5_context context;
|
|
|
27d9ad3 |
krb5_error_code ret;
|
|
|
27d9ad3 |
+ char *k5err = NULL;
|
|
|
27d9ad3 |
int code = -1;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((ret = krb5_init_context(&context))) {
|
|
|
27d9ad3 |
- printerr(0, "ERROR: initializing krb5_context: %s\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(NULL, ret));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(NULL, ret);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: initializing krb5_context: %s\n", k5err);
|
|
|
27d9ad3 |
goto out_err;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((ret = krb5_auth_con_getlocalsubkey(context,
|
|
|
27d9ad3 |
ctx->auth_context, &key))){
|
|
|
27d9ad3 |
- printerr(0, "ERROR: getting auth_context key: %s\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, ret));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, ret);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: getting auth_context key: %s\n", k5err);
|
|
|
27d9ad3 |
goto out_err_free_context;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -162,6 +164,7 @@ int write_heimdal_seq_key(char **p, char *end, gss_ctx_id_t ctx)
|
|
|
27d9ad3 |
out_err_free_context:
|
|
|
27d9ad3 |
krb5_free_context(context);
|
|
|
27d9ad3 |
out_err:
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
printerr(2, "write_heimdal_seq_key: %s\n", code ? "FAILED" : "SUCCESS");
|
|
|
27d9ad3 |
return(code);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
diff --git a/utils/gssd/context_lucid.c b/utils/gssd/context_lucid.c
|
|
|
27d9ad3 |
index af7de58..4a682ae 100644
|
|
|
27d9ad3 |
--- a/utils/gssd/context_lucid.c
|
|
|
27d9ad3 |
+++ b/utils/gssd/context_lucid.c
|
|
|
27d9ad3 |
@@ -70,9 +70,10 @@ static int
|
|
|
27d9ad3 |
prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
|
|
|
27d9ad3 |
gss_buffer_desc *buf, int32_t *endtime)
|
|
|
27d9ad3 |
{
|
|
|
27d9ad3 |
+#define FAKESEED_SIZE 16
|
|
|
27d9ad3 |
char *p, *end;
|
|
|
27d9ad3 |
static int constant_zero = 0;
|
|
|
27d9ad3 |
- unsigned char fakeseed[16];
|
|
|
27d9ad3 |
+ unsigned char fakeseed[FAKESEED_SIZE];
|
|
|
27d9ad3 |
uint32_t word_send_seq;
|
|
|
27d9ad3 |
gss_krb5_lucid_key_t enc_key;
|
|
|
27d9ad3 |
int i;
|
|
|
27d9ad3 |
@@ -88,6 +89,7 @@ prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
|
|
|
27d9ad3 |
*/
|
|
|
27d9ad3 |
memset(&enc_key, 0, sizeof(enc_key));
|
|
|
27d9ad3 |
memset(&fakeoid, 0, sizeof(fakeoid));
|
|
|
27d9ad3 |
+ memset(fakeseed, 0, FAKESEED_SIZE);
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if (!(buf->value = calloc(1, MAX_CTX_LEN)))
|
|
|
27d9ad3 |
goto out_err;
|
|
|
27d9ad3 |
@@ -98,7 +100,7 @@ prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
/* seed_init and seed not used by kernel anyway */
|
|
|
27d9ad3 |
if (WRITE_BYTES(&p, end, constant_zero)) goto out_err;
|
|
|
27d9ad3 |
- if (write_bytes(&p, end, &fakeseed, 16)) goto out_err;
|
|
|
27d9ad3 |
+ if (write_bytes(&p, end, &fakeseed, FAKESEED_SIZE)) goto out_err;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.sign_alg)) goto out_err;
|
|
|
27d9ad3 |
if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.seal_alg)) goto out_err;
|
|
|
27d9ad3 |
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
|
|
|
27d9ad3 |
index 295c37d..509946e 100644
|
|
|
27d9ad3 |
--- a/utils/gssd/gssd_proc.c
|
|
|
27d9ad3 |
+++ b/utils/gssd/gssd_proc.c
|
|
|
27d9ad3 |
@@ -107,7 +107,7 @@ static int
|
|
|
27d9ad3 |
read_service_info(char *info_file_name, char **servicename, char **servername,
|
|
|
27d9ad3 |
int *prog, int *vers, char **protocol, int *port) {
|
|
|
27d9ad3 |
#define INFOBUFLEN 256
|
|
|
27d9ad3 |
- char buf[INFOBUFLEN];
|
|
|
27d9ad3 |
+ char buf[INFOBUFLEN + 1];
|
|
|
27d9ad3 |
static char dummy[128];
|
|
|
27d9ad3 |
int nbytes;
|
|
|
27d9ad3 |
static char service[128];
|
|
|
27d9ad3 |
@@ -132,6 +132,7 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
|
|
|
27d9ad3 |
if ((nbytes = read(fd, buf, INFOBUFLEN)) == -1)
|
|
|
27d9ad3 |
goto fail;
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
+ buf[nbytes] = '\0';
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
numfields = sscanf(buf,"RPC server: %127s\n"
|
|
|
27d9ad3 |
"service: %127s %15s version %15s\n"
|
|
|
27d9ad3 |
@@ -181,9 +182,10 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
|
|
|
27d9ad3 |
fail:
|
|
|
27d9ad3 |
printerr(0, "ERROR: failed to read service info\n");
|
|
|
27d9ad3 |
if (fd != -1) close(fd);
|
|
|
27d9ad3 |
- if (*servername) free(*servername);
|
|
|
27d9ad3 |
- if (*servicename) free(*servicename);
|
|
|
27d9ad3 |
- if (*protocol) free(*protocol);
|
|
|
27d9ad3 |
+ free(*servername);
|
|
|
27d9ad3 |
+ free(*servicename);
|
|
|
27d9ad3 |
+ free(*protocol);
|
|
|
27d9ad3 |
+ *servicename = *servername = *protocol = NULL;
|
|
|
27d9ad3 |
return -1;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -199,10 +201,10 @@ destroy_client(struct clnt_info *clp)
|
|
|
27d9ad3 |
if (clp->dir_fd != -1) close(clp->dir_fd);
|
|
|
27d9ad3 |
if (clp->krb5_fd != -1) close(clp->krb5_fd);
|
|
|
27d9ad3 |
if (clp->spkm3_fd != -1) close(clp->spkm3_fd);
|
|
|
27d9ad3 |
- if (clp->dirname) free(clp->dirname);
|
|
|
27d9ad3 |
- if (clp->servicename) free(clp->servicename);
|
|
|
27d9ad3 |
- if (clp->servername) free(clp->servername);
|
|
|
27d9ad3 |
- if (clp->protocol) free(clp->protocol);
|
|
|
27d9ad3 |
+ free(clp->dirname);
|
|
|
27d9ad3 |
+ free(clp->servicename);
|
|
|
27d9ad3 |
+ free(clp->servername);
|
|
|
27d9ad3 |
+ free(clp->protocol);
|
|
|
27d9ad3 |
free(clp);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
|
|
|
27d9ad3 |
index e3c6f5e..3009cc5 100644
|
|
|
27d9ad3 |
--- a/utils/gssd/krb5_util.c
|
|
|
27d9ad3 |
+++ b/utils/gssd/krb5_util.c
|
|
|
27d9ad3 |
@@ -375,6 +375,7 @@ gssd_get_single_krb5_cred(krb5_context context,
|
|
|
27d9ad3 |
time_t now = time(0);
|
|
|
27d9ad3 |
char *cache_type;
|
|
|
27d9ad3 |
char *pname = NULL;
|
|
|
27d9ad3 |
+ char *k5err = NULL;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
memset(&my_creds, 0, sizeof(my_creds));
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -397,8 +398,8 @@ gssd_get_single_krb5_cred(krb5_context context,
|
|
|
27d9ad3 |
#if HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS
|
|
|
27d9ad3 |
code = krb5_get_init_creds_opt_alloc(context, &init_opts);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
- printerr(0, "ERROR: %s allocating gic options\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: %s allocating gic options\n", k5err);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
if (krb5_get_init_creds_opt_set_addressless(context, init_opts, 1))
|
|
|
27d9ad3 |
@@ -425,9 +426,9 @@ gssd_get_single_krb5_cred(krb5_context context,
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((code = krb5_get_init_creds_keytab(context, &my_creds, ple->princ,
|
|
|
27d9ad3 |
kt, 0, NULL, opts))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(1, "WARNING: %s while getting initial ticket for "
|
|
|
27d9ad3 |
- "principal '%s' using keytab '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code),
|
|
|
27d9ad3 |
+ "principal '%s' using keytab '%s'\n", k5err,
|
|
|
27d9ad3 |
pname ? pname : "<unparsable>", kt_name);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -455,19 +456,21 @@ gssd_get_single_krb5_cred(krb5_context context,
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
if ((code = krb5_cc_resolve(context, cc_name, &ccache))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s while opening credential cache '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), cc_name);
|
|
|
27d9ad3 |
+ k5err, cc_name);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
if ((code = krb5_cc_initialize(context, ccache, ple->princ))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s while initializing credential "
|
|
|
27d9ad3 |
- "cache '%s'\n", gssd_k5_err_msg(context, code),
|
|
|
27d9ad3 |
- cc_name);
|
|
|
27d9ad3 |
+ "cache '%s'\n", k5err, cc_name);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
if ((code = krb5_cc_store_cred(context, ccache, &my_creds))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s while storing credentials in '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), cc_name);
|
|
|
27d9ad3 |
+ k5err, cc_name);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -484,6 +487,7 @@ gssd_get_single_krb5_cred(krb5_context context,
|
|
|
27d9ad3 |
if (ccache)
|
|
|
27d9ad3 |
krb5_cc_close(context, ccache);
|
|
|
27d9ad3 |
krb5_free_cred_contents(context, &my_creds);
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
return (code);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -707,6 +711,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
|
|
|
27d9ad3 |
int retval = -1;
|
|
|
27d9ad3 |
char kt_name[BUFSIZ];
|
|
|
27d9ad3 |
char *pname;
|
|
|
27d9ad3 |
+ char *k5err = NULL;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if (found == NULL) {
|
|
|
27d9ad3 |
retval = EINVAL;
|
|
|
27d9ad3 |
@@ -720,15 +725,15 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
|
|
|
27d9ad3 |
* save info in the global principal list (gssd_k5_kt_princ_list).
|
|
|
27d9ad3 |
*/
|
|
|
27d9ad3 |
if ((code = krb5_kt_get_name(context, kt, kt_name, BUFSIZ))) {
|
|
|
27d9ad3 |
- printerr(0, "ERROR: %s attempting to get keytab name\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: %s attempting to get keytab name\n", k5err);
|
|
|
27d9ad3 |
retval = code;
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
if ((code = krb5_kt_start_seq_get(context, kt, &cursor))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s while beginning keytab scan "
|
|
|
27d9ad3 |
- "for keytab '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), kt_name);
|
|
|
27d9ad3 |
+ "for keytab '%s'\n", k5err, kt_name);
|
|
|
27d9ad3 |
retval = code;
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -736,9 +741,10 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
|
|
|
27d9ad3 |
while ((code = krb5_kt_next_entry(context, kt, kte, &cursor)) == 0) {
|
|
|
27d9ad3 |
if ((code = krb5_unparse_name(context, kte->principal,
|
|
|
27d9ad3 |
&pname))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "WARNING: Skipping keytab entry because "
|
|
|
27d9ad3 |
"we failed to unparse principal name: %s\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code));
|
|
|
27d9ad3 |
+ k5err);
|
|
|
27d9ad3 |
k5_free_kt_entry(context, kte);
|
|
|
27d9ad3 |
continue;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -772,13 +778,14 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((code = krb5_kt_end_seq_get(context, kt, &cursor))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "WARNING: %s while ending keytab scan for "
|
|
|
27d9ad3 |
- "keytab '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), kt_name);
|
|
|
27d9ad3 |
+ "keytab '%s'\n", k5err, kt_name);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
retval = 0;
|
|
|
27d9ad3 |
out:
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
return retval;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -798,6 +805,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
|
|
|
27d9ad3 |
int i, j, retval;
|
|
|
27d9ad3 |
char *default_realm = NULL;
|
|
|
27d9ad3 |
char *realm;
|
|
|
27d9ad3 |
+ char *k5err = NULL;
|
|
|
27d9ad3 |
int tried_all = 0, tried_default = 0;
|
|
|
27d9ad3 |
krb5_principal princ;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -811,8 +819,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
|
|
|
27d9ad3 |
/* Get full local hostname */
|
|
|
27d9ad3 |
retval = gethostname(myhostname, sizeof(myhostname));
|
|
|
27d9ad3 |
if (retval) {
|
|
|
27d9ad3 |
- printerr(1, "%s while getting local hostname\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, retval));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, retval);
|
|
|
27d9ad3 |
+ printerr(1, "%s while getting local hostname\n", k5err);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
|
|
|
27d9ad3 |
@@ -822,8 +830,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
|
|
|
27d9ad3 |
code = krb5_get_default_realm(context, &default_realm);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
retval = code;
|
|
|
27d9ad3 |
- printerr(1, "%s while getting default realm name\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
+ printerr(1, "%s while getting default realm name\n", k5err);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -835,8 +843,9 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
|
|
|
27d9ad3 |
*/
|
|
|
27d9ad3 |
code = krb5_get_host_realm(context, targethostname, &realmnames);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s while getting realm(s) for host '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), targethostname);
|
|
|
27d9ad3 |
+ k5err, targethostname);
|
|
|
27d9ad3 |
retval = code;
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -867,19 +876,19 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
|
|
|
27d9ad3 |
myhostname,
|
|
|
27d9ad3 |
NULL);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(1, "%s while building principal for "
|
|
|
27d9ad3 |
- "'%s/%s@%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code),
|
|
|
27d9ad3 |
- svcnames[j], myhostname, realm);
|
|
|
27d9ad3 |
+ "'%s/%s@%s'\n", k5err, svcnames[j],
|
|
|
27d9ad3 |
+ myhostname, realm);
|
|
|
27d9ad3 |
continue;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
code = krb5_kt_get_entry(context, kt, princ, 0, 0, kte);
|
|
|
27d9ad3 |
krb5_free_principal(context, princ);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(3, "%s while getting keytab entry for "
|
|
|
27d9ad3 |
- "'%s/%s@%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code),
|
|
|
27d9ad3 |
- svcnames[j], myhostname, realm);
|
|
|
27d9ad3 |
+ "'%s/%s@%s'\n", k5err, svcnames[j],
|
|
|
27d9ad3 |
+ myhostname, realm);
|
|
|
27d9ad3 |
} else {
|
|
|
27d9ad3 |
printerr(3, "Success getting keytab entry for "
|
|
|
27d9ad3 |
"'%s/%s@%s'\n",
|
|
|
27d9ad3 |
@@ -914,6 +923,7 @@ out:
|
|
|
27d9ad3 |
k5_free_default_realm(context, default_realm);
|
|
|
27d9ad3 |
if (realmnames)
|
|
|
27d9ad3 |
krb5_free_host_realm(context, realmnames);
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
return retval;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -1139,11 +1149,12 @@ gssd_destroy_krb5_machine_creds(void)
|
|
|
27d9ad3 |
krb5_error_code code = 0;
|
|
|
27d9ad3 |
krb5_ccache ccache;
|
|
|
27d9ad3 |
struct gssd_k5_kt_princ *ple;
|
|
|
27d9ad3 |
+ char *k5err = NULL;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
code = krb5_init_context(&context);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
- printerr(0, "ERROR: %s while initializing krb5\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(NULL, code));
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(NULL, code);
|
|
|
27d9ad3 |
+ printerr(0, "ERROR: %s while initializing krb5\n", k5err);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -1151,19 +1162,21 @@ gssd_destroy_krb5_machine_creds(void)
|
|
|
27d9ad3 |
if (!ple->ccname)
|
|
|
27d9ad3 |
continue;
|
|
|
27d9ad3 |
if ((code = krb5_cc_resolve(context, ple->ccname, &ccache))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "WARNING: %s while resolving credential "
|
|
|
27d9ad3 |
- "cache '%s' for destruction\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), ple->ccname);
|
|
|
27d9ad3 |
+ "cache '%s' for destruction\n", k5err,
|
|
|
27d9ad3 |
+ ple->ccname);
|
|
|
27d9ad3 |
continue;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((code = krb5_cc_destroy(context, ccache))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "WARNING: %s while destroying credential "
|
|
|
27d9ad3 |
- "cache '%s'\n",
|
|
|
27d9ad3 |
- gssd_k5_err_msg(context, code), ple->ccname);
|
|
|
27d9ad3 |
+ "cache '%s'\n", k5err, ple->ccname);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
out:
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
krb5_free_context(context);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -1178,22 +1191,24 @@ gssd_refresh_krb5_machine_credential(char *hostname,
|
|
|
27d9ad3 |
krb5_context context;
|
|
|
27d9ad3 |
krb5_keytab kt = NULL;;
|
|
|
27d9ad3 |
int retval = 0;
|
|
|
27d9ad3 |
+ char *k5err = NULL;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if (hostname == NULL && ple == NULL)
|
|
|
27d9ad3 |
return EINVAL;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
code = krb5_init_context(&context);
|
|
|
27d9ad3 |
if (code) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(NULL, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s: %s while initializing krb5 context\n",
|
|
|
27d9ad3 |
- __FUNCTION__, gssd_k5_err_msg(NULL, code));
|
|
|
27d9ad3 |
+ __func__, k5err);
|
|
|
27d9ad3 |
retval = code;
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((code = krb5_kt_resolve(context, keytabfile, &kt))) {
|
|
|
27d9ad3 |
+ k5err = gssd_k5_err_msg(context, code);
|
|
|
27d9ad3 |
printerr(0, "ERROR: %s: %s while resolving keytab '%s'\n",
|
|
|
27d9ad3 |
- __FUNCTION__, gssd_k5_err_msg(context, code),
|
|
|
27d9ad3 |
- keytabfile);
|
|
|
27d9ad3 |
+ __func__, k5err, keytabfile);
|
|
|
27d9ad3 |
goto out;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
@@ -1230,29 +1245,35 @@ out:
|
|
|
27d9ad3 |
if (kt)
|
|
|
27d9ad3 |
krb5_kt_close(context, kt);
|
|
|
27d9ad3 |
krb5_free_context(context);
|
|
|
27d9ad3 |
+ free(k5err);
|
|
|
27d9ad3 |
return retval;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
/*
|
|
|
27d9ad3 |
* A common routine for getting the Kerberos error message
|
|
|
27d9ad3 |
*/
|
|
|
27d9ad3 |
-const char *
|
|
|
27d9ad3 |
+char *
|
|
|
27d9ad3 |
gssd_k5_err_msg(krb5_context context, krb5_error_code code)
|
|
|
27d9ad3 |
{
|
|
|
27d9ad3 |
- const char *msg = NULL;
|
|
|
27d9ad3 |
+ const char *origmsg;
|
|
|
27d9ad3 |
+ char *msg = NULL;
|
|
|
27d9ad3 |
+
|
|
|
27d9ad3 |
#if HAVE_KRB5_GET_ERROR_MESSAGE
|
|
|
27d9ad3 |
- if (context != NULL)
|
|
|
27d9ad3 |
- msg = krb5_get_error_message(context, code);
|
|
|
27d9ad3 |
+ if (context != NULL) {
|
|
|
27d9ad3 |
+ origmsg = krb5_get_error_message(context, code);
|
|
|
27d9ad3 |
+ msg = strdup(origmsg);
|
|
|
27d9ad3 |
+ krb5_free_error_message(context, origmsg);
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
#endif
|
|
|
27d9ad3 |
if (msg != NULL)
|
|
|
27d9ad3 |
return msg;
|
|
|
27d9ad3 |
#if HAVE_KRB5
|
|
|
27d9ad3 |
- return error_message(code);
|
|
|
27d9ad3 |
+ return strdup(error_message(code));
|
|
|
27d9ad3 |
#else
|
|
|
27d9ad3 |
if (context != NULL)
|
|
|
27d9ad3 |
- return krb5_get_err_text(context, code);
|
|
|
27d9ad3 |
+ return strdup(krb5_get_err_text(context, code));
|
|
|
27d9ad3 |
else
|
|
|
27d9ad3 |
- return error_message(code);
|
|
|
27d9ad3 |
+ return strdup(error_message(code));
|
|
|
27d9ad3 |
#endif
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
|
|
|
27d9ad3 |
index 7d808f5..3d39300 100644
|
|
|
27d9ad3 |
--- a/utils/gssd/krb5_util.h
|
|
|
27d9ad3 |
+++ b/utils/gssd/krb5_util.h
|
|
|
27d9ad3 |
@@ -31,8 +31,7 @@ void gssd_setup_krb5_machine_gss_ccache(char *servername);
|
|
|
27d9ad3 |
void gssd_destroy_krb5_machine_creds(void);
|
|
|
27d9ad3 |
int gssd_refresh_krb5_machine_credential(char *hostname,
|
|
|
27d9ad3 |
struct gssd_k5_kt_princ *ple);
|
|
|
27d9ad3 |
-const char *
|
|
|
27d9ad3 |
-gssd_k5_err_msg(krb5_context context, krb5_error_code code);
|
|
|
27d9ad3 |
+char *gssd_k5_err_msg(krb5_context context, krb5_error_code code);
|
|
|
27d9ad3 |
void gssd_k5_get_default_realm(char **def_realm);
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
#ifdef HAVE_SET_ALLOWABLE_ENCTYPES
|
|
|
27d9ad3 |
diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c
|
|
|
27d9ad3 |
index f97dcd3..6ca0e8d 100644
|
|
|
27d9ad3 |
--- a/utils/gssd/svcgssd.c
|
|
|
27d9ad3 |
+++ b/utils/gssd/svcgssd.c
|
|
|
27d9ad3 |
@@ -132,7 +132,11 @@ release_parent(void)
|
|
|
27d9ad3 |
int status;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if (pipefds[1] > 0) {
|
|
|
27d9ad3 |
- write(pipefds[1], &status, 1);
|
|
|
27d9ad3 |
+ if (write(pipefds[1], &status, 1) != 1) {
|
|
|
27d9ad3 |
+ printerr(1,
|
|
|
27d9ad3 |
+ "WARN: writing to parent pipe failed: errno %d (%s)\n",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(pipefds[1]);
|
|
|
27d9ad3 |
pipefds[1] = -1;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
|
|
|
27d9ad3 |
index c1cf4eb..b690e21 100644
|
|
|
27d9ad3 |
--- a/utils/idmapd/idmapd.c
|
|
|
27d9ad3 |
+++ b/utils/idmapd/idmapd.c
|
|
|
27d9ad3 |
@@ -169,7 +169,10 @@ flush_nfsd_cache(char *path, time_t now)
|
|
|
27d9ad3 |
fd = open(path, O_RDWR);
|
|
|
27d9ad3 |
if (fd == -1)
|
|
|
27d9ad3 |
return -1;
|
|
|
27d9ad3 |
- write(fd, stime, strlen(stime));
|
|
|
27d9ad3 |
+ if (write(fd, stime, strlen(stime)) != strlen(stime)) {
|
|
|
27d9ad3 |
+ errx(1, "Flushing nfsd cache failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
return 0;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -988,7 +991,10 @@ release_parent(void)
|
|
|
27d9ad3 |
int status;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if (pipefds[1] > 0) {
|
|
|
27d9ad3 |
- write(pipefds[1], &status, 1);
|
|
|
27d9ad3 |
+ if (write(pipefds[1], &status, 1) != 1) {
|
|
|
27d9ad3 |
+ err(1, "Writing to parent pipe failed: errno %d (%s)\n",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(pipefds[1]);
|
|
|
27d9ad3 |
pipefds[1] = -1;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
diff --git a/utils/mount/fstab.c b/utils/mount/fstab.c
|
|
|
27d9ad3 |
index e19e58b..7668167 100644
|
|
|
27d9ad3 |
--- a/utils/mount/fstab.c
|
|
|
27d9ad3 |
+++ b/utils/mount/fstab.c
|
|
|
27d9ad3 |
@@ -546,8 +546,12 @@ update_mtab (const char *dir, struct mntent *instead)
|
|
|
27d9ad3 |
* from the present mtab before renaming.
|
|
|
27d9ad3 |
*/
|
|
|
27d9ad3 |
struct stat sbuf;
|
|
|
27d9ad3 |
- if (stat (MOUNTED, &sbuf) == 0)
|
|
|
27d9ad3 |
- chown (MOUNTED_TEMP, sbuf.st_uid, sbuf.st_gid);
|
|
|
27d9ad3 |
+ if (stat (MOUNTED, &sbuf) == 0) {
|
|
|
27d9ad3 |
+ if (chown (MOUNTED_TEMP, sbuf.st_uid, sbuf.st_gid) < 0) {
|
|
|
27d9ad3 |
+ nfs_error(_("%s: error changing owner of %s: %s"),
|
|
|
27d9ad3 |
+ progname, MOUNTED_TEMP, strerror (errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
/* rename mtemp to mtab */
|
|
|
27d9ad3 |
diff --git a/utils/statd/monitor.c b/utils/statd/monitor.c
|
|
|
27d9ad3 |
index 169cd78..a2c9e2b 100644
|
|
|
27d9ad3 |
--- a/utils/statd/monitor.c
|
|
|
27d9ad3 |
+++ b/utils/statd/monitor.c
|
|
|
27d9ad3 |
@@ -204,7 +204,10 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp)
|
|
|
27d9ad3 |
e += sprintf(e, "%02x", 0xff & (argp->priv[i]));
|
|
|
27d9ad3 |
if (e+1-buf != LINELEN) abort();
|
|
|
27d9ad3 |
e += sprintf(e, " %s %s\n", mon_name, my_name);
|
|
|
27d9ad3 |
- write(fd, buf, e-buf);
|
|
|
27d9ad3 |
+ if (write(fd, buf, e-buf) != (e-buf)) {
|
|
|
27d9ad3 |
+ note(N_WARNING, "writing to %s failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ path, errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
free(path);
|
|
|
27d9ad3 |
diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c
|
|
|
27d9ad3 |
index d58e0be..f1fc619 100644
|
|
|
27d9ad3 |
--- a/utils/statd/sm-notify.c
|
|
|
27d9ad3 |
+++ b/utils/statd/sm-notify.c
|
|
|
27d9ad3 |
@@ -782,7 +782,10 @@ static int record_pid(void)
|
|
|
27d9ad3 |
fd = open("/var/run/sm-notify.pid", O_CREAT|O_EXCL|O_WRONLY, 0600);
|
|
|
27d9ad3 |
if (fd < 0)
|
|
|
27d9ad3 |
return 0;
|
|
|
27d9ad3 |
- write(fd, pid, strlen(pid));
|
|
|
27d9ad3 |
+ if (write(fd, pid, strlen(pid)) != strlen(pid)) {
|
|
|
27d9ad3 |
+ nsm_log(LOG_WARNING, "Writing to pid file failed: errno %d(%s)",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
return 1;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -818,12 +821,16 @@ static void drop_privs(void)
|
|
|
27d9ad3 |
static void set_kernel_nsm_state(int state)
|
|
|
27d9ad3 |
{
|
|
|
27d9ad3 |
int fd;
|
|
|
27d9ad3 |
+ const char *file = "/proc/sys/fs/nfs/nsm_local_state";
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
- fd = open("/proc/sys/fs/nfs/nsm_local_state",O_WRONLY);
|
|
|
27d9ad3 |
+ fd = open(file ,O_WRONLY);
|
|
|
27d9ad3 |
if (fd >= 0) {
|
|
|
27d9ad3 |
char buf[20];
|
|
|
27d9ad3 |
snprintf(buf, sizeof(buf), "%d", state);
|
|
|
27d9ad3 |
- write(fd, buf, strlen(buf));
|
|
|
27d9ad3 |
+ if (write(fd, buf, strlen(buf)) != strlen(buf)) {
|
|
|
27d9ad3 |
+ nsm_log(LOG_WARNING, "Writing to '%s' failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ file, errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
diff --git a/utils/statd/statd.c b/utils/statd/statd.c
|
|
|
27d9ad3 |
index 6da2ab2..1c5247e 100644
|
|
|
27d9ad3 |
--- a/utils/statd/statd.c
|
|
|
27d9ad3 |
+++ b/utils/statd/statd.c
|
|
|
27d9ad3 |
@@ -179,14 +179,20 @@ static void create_pidfile(void)
|
|
|
27d9ad3 |
pidfile, strerror(errno));
|
|
|
27d9ad3 |
fprintf(fp, "%d\n", getpid());
|
|
|
27d9ad3 |
pidfd = dup(fileno(fp));
|
|
|
27d9ad3 |
- if (fclose(fp) < 0)
|
|
|
27d9ad3 |
- note(N_WARNING, "Flushing pid file failed.\n");
|
|
|
27d9ad3 |
+ if (fclose(fp) < 0) {
|
|
|
27d9ad3 |
+ note(N_WARNING, "Flushing pid file failed: errno %d (%s)\n",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
static void truncate_pidfile(void)
|
|
|
27d9ad3 |
{
|
|
|
27d9ad3 |
- if (pidfd >= 0)
|
|
|
27d9ad3 |
- ftruncate(pidfd, 0);
|
|
|
27d9ad3 |
+ if (pidfd >= 0) {
|
|
|
27d9ad3 |
+ if (ftruncate(pidfd, 0) < 0) {
|
|
|
27d9ad3 |
+ note(N_WARNING, "truncating pid file failed: errno %d (%s)\n",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
static void drop_privs(void)
|
|
|
27d9ad3 |
@@ -207,9 +213,12 @@ static void drop_privs(void)
|
|
|
27d9ad3 |
/* better chown the pid file before dropping, as if it
|
|
|
27d9ad3 |
* if over nfs we might loose access
|
|
|
27d9ad3 |
*/
|
|
|
27d9ad3 |
- if (pidfd >= 0)
|
|
|
27d9ad3 |
- fchown(pidfd, st.st_uid, st.st_gid);
|
|
|
27d9ad3 |
-
|
|
|
27d9ad3 |
+ if (pidfd >= 0) {
|
|
|
27d9ad3 |
+ if (fchown(pidfd, st.st_uid, st.st_gid) < 0) {
|
|
|
27d9ad3 |
+ note(N_ERROR, "Unable to change owner of %s: %d (%s)",
|
|
|
27d9ad3 |
+ SM_DIR, strerror (errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
setgroups(0, NULL);
|
|
|
27d9ad3 |
if (setgid(st.st_gid) == -1
|
|
|
27d9ad3 |
|| setuid(st.st_uid) == -1) {
|
|
|
27d9ad3 |
@@ -495,7 +504,10 @@ int main (int argc, char **argv)
|
|
|
27d9ad3 |
/* If we got this far, we have successfully started, so notify parent */
|
|
|
27d9ad3 |
if (pipefds[1] > 0) {
|
|
|
27d9ad3 |
status = 0;
|
|
|
27d9ad3 |
- write(pipefds[1], &status, 1);
|
|
|
27d9ad3 |
+ if (write(pipefds[1], &status, 1) != 1) {
|
|
|
27d9ad3 |
+ note(N_WARNING, "writing to parent pipe failed: errno %d (%s)\n",
|
|
|
27d9ad3 |
+ errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(pipefds[1]);
|
|
|
27d9ad3 |
pipefds[1] = -1;
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
@@ -534,17 +546,23 @@ static void
|
|
|
27d9ad3 |
load_state_number(void)
|
|
|
27d9ad3 |
{
|
|
|
27d9ad3 |
int fd;
|
|
|
27d9ad3 |
+ const char *file = "/proc/sys/fs/nfs/nsm_local_state";
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
if ((fd = open(SM_STAT_PATH, O_RDONLY)) == -1)
|
|
|
27d9ad3 |
return;
|
|
|
27d9ad3 |
|
|
|
27d9ad3 |
- read(fd, &MY_STATE, sizeof(MY_STATE));
|
|
|
27d9ad3 |
+ if (read(fd, &MY_STATE, sizeof(MY_STATE)) != sizeof(MY_STATE)) {
|
|
|
27d9ad3 |
+ note(N_WARNING, "Unable to read state from '%s': errno %d (%s)",
|
|
|
27d9ad3 |
+ SM_STAT_PATH, errno, strerror(errno));
|
|
|
27d9ad3 |
+ }
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
- fd = open("/proc/sys/fs/nfs/nsm_local_state",O_WRONLY);
|
|
|
27d9ad3 |
+ fd = open(file, O_WRONLY);
|
|
|
27d9ad3 |
if (fd >= 0) {
|
|
|
27d9ad3 |
char buf[20];
|
|
|
27d9ad3 |
snprintf(buf, sizeof(buf), "%d", MY_STATE);
|
|
|
27d9ad3 |
- write(fd, buf, strlen(buf));
|
|
|
27d9ad3 |
+ if (write(fd, buf, strlen(buf)) != strlen(buf))
|
|
|
27d9ad3 |
+ note(N_WARNING, "Writing to '%s' failed: errno %d (%s)",
|
|
|
27d9ad3 |
+ file, errno, strerror(errno));
|
|
|
27d9ad3 |
close(fd);
|
|
|
27d9ad3 |
}
|
|
|
27d9ad3 |
|