fs discon support alternate uid

this is a short-term hack. macos lacks pags, and anywhere without
pags won't have tokens when fs discon online is run as root unless
the tokens are explicitly set for root... which can be bad mojo.

instead, allow a uid to be passed in.

Change-Id: I44ebf9468976fa43d449f72d392fbb9e830e44d6
Reviewed-on: http://gerrit.openafs.org/2515
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index 355048a..931abf1 100644 (file)
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -5138,9 +5138,10 @@ DECL_PIOCTL(PDiscon)
     static afs_int32 mode = 1; /* Start up in 'off' */
     afs_int32 force = 0;
     int code = 0;
-    char flags[3];
+    char flags[4];
+    struct vrequest lreq;
 
-    if (afs_pd_getBytes(ain, &flags, 3) == 0) {
+    if (afs_pd_getBytes(ain, &flags, 4) == 0) {
        if (!afs_osi_suser(*acred))
            return EPERM;
 
@@ -5150,6 +5151,12 @@ DECL_PIOCTL(PDiscon)
            afs_ConflictPolicy = flags[1] - 1;
        if (flags[2])
            force = 1;
+       if (flags[3]) {
+           /* Fake InitReq support for UID override */
+           memset(&lreq, 0, sizeof(lreq));
+           lreq.uid = flags[3];
+           areq = &lreq; /* override areq we got */
+       }
 
        /*
         * All of these numbers are hard coded in fs.c. If they

diff --git a/src/venus/fs.c b/src/venus/fs.c
index 1470150..0a11d42 100644 (file)
--- a/src/venus/fs.c
+++ b/src/venus/fs.c
@@ -3476,13 +3476,13 @@ DisconCmd(struct cmd_syndesc *as, void *arock)
     char *modename;
     char *policyname;
     int modelen, policylen;
-    afs_int32 mode, policy, code;
+    afs_int32 mode, policy, code, unixuid = 0;
     struct ViceIoctl blob;
 
     blob.in = NULL;
     blob.in_size = 0;
 
-    space[0] = space[1] = space[2] = 0;
+    space[0] = space[1] = space[2] = space[3] = 0;
 
     ti = as->parms[0].items;
     if (ti) {
@@ -3516,8 +3516,19 @@ DisconCmd(struct cmd_syndesc *as, void *arock)
        printf("force on\n");
     }
 
+    ti = as->parms[3].items;
+    if (ti) {
+       code = util_GetInt32(ti->data, &unixuid);
+       if (code) {
+           fprintf(stderr, "%s: bad integer specified for uid.\n", pn);
+            return 1;
+        }
+       space[3] = unixuid;
+    } else
+       space[3] = 0;
+
     blob.in = space;
-    blob.in_size = 3 * sizeof(afs_int32);
+    blob.in_size = 4 * sizeof(afs_int32);
 
     blob.out_size = sizeof(mode);
     blob.out = space;
@@ -3866,6 +3877,7 @@ defect 3069
     cmd_AddParm(ts, "-mode", CMD_SINGLE, CMD_REQUIRED, "offline | online");
     cmd_AddParm(ts, "-policy", CMD_SINGLE, CMD_OPTIONAL, "client | server");
     cmd_AddParm(ts, "-force", CMD_FLAG, CMD_OPTIONAL, "Force reconnection, despite any synchronization issues.");
+    cmd_AddParm(ts, "-uid", CMD_SINGLE, CMD_OPTIONAL, "Numeric UID of user whose tokens to use at reconnect.");
 
     ts = cmd_CreateSyntax("nukenfscreds", NukeNFSCredsCmd, NULL, "nuke credentials for NFS client");
     cmd_AddParm(ts, "-addr", CMD_SINGLE, 0, "host name or address");