When the KeyFileExt and rxkad.keytab were added to OpenAFS, they were
not added to the bosserver's access rights check. Add these files to the
bosserver access checks, with the same access rights needed for the
original KeyFile.
Also, add the full path for KeyFileExt to the dirpath package (not just
the filename), which was not done when the KeyFileExt was introduced.
This is needed to perform the access checks.
Change-Id: I8c9028e846fad9f15823baeb7cc15a8f80ed5c1c
Reviewed-on: https://gerrit.openafs.org/14329
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
{NULL, 1, 1, 0700, 07}, /* AFSDIR_SERVER_DB_DIRPATH */
{NULL, 1, 1, 0700, 07}, /* AFSDIR_SERVER_LOCAL_DIRPATH */
{NULL, 0, 1, 0600, 07}, /* AFSDIR_SERVER_KEY_FILEPATH */
- {NULL, 0, 1, 0600, 03}
-}; /* AFSDIR_SERVER_ULIST_FILEPATH */
+ {NULL, 0, 1, 0600, 03}, /* AFSDIR_SERVER_ULIST_FILEPATH */
+ {NULL, 0, 1, 0600, 07}, /* AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH */
+ {NULL, 0, 1, 0600, 07} /* AFSDIR_SERVER_EXT_KEY_FILEPATH */
+};
int bozo_nbosEntryStats =
sizeof(bozo_bosEntryStats) / sizeof(bozo_bosEntryStats[0]);
bozo_bosEntryStats[6].path = AFSDIR_SERVER_LOCAL_DIRPATH;
bozo_bosEntryStats[7].path = AFSDIR_SERVER_KEY_FILEPATH;
bozo_bosEntryStats[8].path = AFSDIR_SERVER_ULIST_FILEPATH;
+ bozo_bosEntryStats[9].path = AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH;
+ bozo_bosEntryStats[10].path = AFSDIR_SERVER_EXT_KEY_FILEPATH;
return 0;
}
pathp = dirPathArray[AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH_ID];
AFSDIR_SERVER_FILEPATH(pathp, AFSDIR_SERVER_ETC_DIR, AFSDIR_RXKAD_KEYTAB_FILE);
+ pathp = dirPathArray[AFSDIR_SERVER_EXT_KEY_FILEPATH_ID];
+ AFSDIR_SERVER_FILEPATH(pathp, AFSDIR_SERVER_ETC_DIR, AFSDIR_EXT_KEY_FILE);
+
/* client file paths */
#ifdef AFS_NT40_ENV
strcpy(dirPathArray[AFSDIR_CLIENT_THISCELL_FILEPATH_ID],
AFSDIR_CLIENT_CONFIG_FILE_FILEPATH_ID,
AFSDIR_SERVER_CONFIG_FILE_FILEPATH_ID,
AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH_ID,
+ AFSDIR_SERVER_EXT_KEY_FILEPATH_ID,
AFSDIR_PATHSTRING_MAX } afsdir_id_t;
/* afs_getDirPath() returns a pointer to a string from an internal array of path strings
#define AFSDIR_SERVER_FSSTATE_FILEPATH afs_getDirPath(AFSDIR_SERVER_FSSTATE_FILEPATH_ID)
#define AFSDIR_SERVER_CONFIG_FILE_FILEPATH afs_getDirPath(AFSDIR_SERVER_CONFIG_FILE_FILEPATH_ID)
#define AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH afs_getDirPath(AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH_ID)
+#define AFSDIR_SERVER_EXT_KEY_FILEPATH afs_getDirPath(AFSDIR_SERVER_EXT_KEY_FILEPATH_ID)
/* client file paths */
#define AFSDIR_CLIENT_CONFIG_FILE_FILEPATH afs_getDirPath(AFSDIR_CLIENT_CONFIG_FILE_FILEPATH_ID)
AFSDIR_CLIENT_CONFIG_FILE_FILEPATH_ID,
AFSDIR_SERVER_CONFIG_FILE_FILEPATH_ID,
AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH_ID,
+ AFSDIR_SERVER_EXT_KEY_FILEPATH_ID,
AFSDIR_PATHSTRING_MAX
} afsdir_id_t;
#define AFSDIR_SERVER_FSSTATE_FILEPATH afs_getDirPath(AFSDIR_SERVER_FSSTATE_FILEPATH_ID)
#define AFSDIR_SERVER_CONFIG_FILE_FILEPATH afs_getDirPath(AFSDIR_SERVER_CONFIG_FILE_FILEPATH_ID)
#define AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH afs_getDirPath(AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH_ID)
+#define AFSDIR_SERVER_EXT_KEY_FILEPATH afs_getDirPath(AFSDIR_SERVER_EXT_KEY_FILEPATH_ID)
/* client file paths */
#define AFSDIR_CLIENT_CONFIG_FILE_FILEPATH afs_getDirPath(AFSDIR_CLIENT_CONFIG_FILE_FILEPATH_ID)
AFSDIR_SERVER_THISCELL_FILEPATH);
printf("AFSDIR_SERVER_CELLSERVDB_FILEPATH = %s\n",
AFSDIR_SERVER_CELLSERVDB_FILEPATH);
- printf("AFSDIR_SERVER_KEY_FILEPATH AFSDIR = %s\n",
+ printf("AFSDIR_SERVER_KEY_FILEPATH = %s\n",
AFSDIR_SERVER_KEY_FILEPATH);
+ printf("AFSDIR_SERVER_EXT_KEY_FILEPATH = %s\n",
+ AFSDIR_SERVER_EXT_KEY_FILEPATH);
printf("AFSDIR_SERVER_ULIST_FILEPATH = %s\n",
AFSDIR_SERVER_ULIST_FILEPATH);
printf("AFSDIR_SERVER_NOAUTH_FILEPATH = %s\n",
git://git.openafs.org / openafs.git / commitdiff