fs discon support alternate uid

this is a short-term hack. macos lacks pags, and anywhere without
pags won't have tokens when fs discon online is run as root unless
the tokens are explicitly set for root... which can be bad mojo.

instead, allow a uid to be passed in.

Change-Id: I44ebf9468976fa43d449f72d392fbb9e830e44d6
Reviewed-on: http://gerrit.openafs.org/2515
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index 355048afd8e69e3dae468276d8b0c5cc88a6ff54..931abf1936d6d5905182274c7aa8c2e92f75d57f 100644 (file)
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -5138,9 +5138,10 @@ DECL_PIOCTL(PDiscon)
     static afs_int32 mode = 1; /* Start up in 'off' */
     afs_int32 force = 0;
     int code = 0;
-    char flags[3];
+    char flags[4];
+    struct vrequest lreq;
 
-    if (afs_pd_getBytes(ain, &flags, 3) == 0) {
+    if (afs_pd_getBytes(ain, &flags, 4) == 0) {
        if (!afs_osi_suser(*acred))
            return EPERM;
 
@@ -5150,6 +5151,12 @@ DECL_PIOCTL(PDiscon)
            afs_ConflictPolicy = flags[1] - 1;
        if (flags[2])
            force = 1;
+       if (flags[3]) {
+           /* Fake InitReq support for UID override */
+           memset(&lreq, 0, sizeof(lreq));
+           lreq.uid = flags[3];
+           areq = &lreq; /* override areq we got */
+       }
 
        /*
         * All of these numbers are hard coded in fs.c. If they

diff --git a/src/venus/fs.c b/src/venus/fs.c
index 147015011a860078a5dd16c4b956d665c1761908..0a11d4228dd398daf695dab188889f4f144d8b58 100644 (file)
--- a/src/venus/fs.c
+++ b/src/venus/fs.c
@@ -3476,13 +3476,13 @@ DisconCmd(struct cmd_syndesc *as, void *arock)
     char *modename;
     char *policyname;
     int modelen, policylen;
-    afs_int32 mode, policy, code;
+    afs_int32 mode, policy, code, unixuid = 0;
     struct ViceIoctl blob;
 
     blob.in = NULL;
     blob.in_size = 0;
 
-    space[0] = space[1] = space[2] = 0;
+    space[0] = space[1] = space[2] = space[3] = 0;
 
     ti = as->parms[0].items;
     if (ti) {
@@ -3516,8 +3516,19 @@ DisconCmd(struct cmd_syndesc *as, void *arock)
        printf("force on\n");
     }
 
+    ti = as->parms[3].items;
+    if (ti) {
+       code = util_GetInt32(ti->data, &unixuid);
+       if (code) {
+           fprintf(stderr, "%s: bad integer specified for uid.\n", pn);
+            return 1;
+        }
+       space[3] = unixuid;
+    } else
+       space[3] = 0;
+
     blob.in = space;
-    blob.in_size = 3 * sizeof(afs_int32);
+    blob.in_size = 4 * sizeof(afs_int32);
 
     blob.out_size = sizeof(mode);
     blob.out = space;
@@ -3866,6 +3877,7 @@ defect 3069
     cmd_AddParm(ts, "-mode", CMD_SINGLE, CMD_REQUIRED, "offline | online");
     cmd_AddParm(ts, "-policy", CMD_SINGLE, CMD_OPTIONAL, "client | server");
     cmd_AddParm(ts, "-force", CMD_FLAG, CMD_OPTIONAL, "Force reconnection, despite any synchronization issues.");
+    cmd_AddParm(ts, "-uid", CMD_SINGLE, CMD_OPTIONAL, "Numeric UID of user whose tokens to use at reconnect.");
 
     ts = cmd_CreateSyntax("nukenfscreds", NukeNFSCredsCmd, NULL, "nuke credentials for NFS client");
     cmd_AddParm(ts, "-addr", CMD_SINGLE, 0, "host name or address");