From 190bc027de26e4193f5c6e424f9eaa7e66fab8ff Mon Sep 17 00:00:00 2001 From: Nathan Neulinger Date: Tue, 29 Oct 2002 00:06:41 +0000 Subject: [PATCH] fileserver-readonly-support-20021028 so a fileserver can deny writes --- src/viced/afsfileprocs.c | 34 ++++++++++++++++++++++++++++++++-- src/viced/viced.c | 5 +++++ 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c index 633f50a99..2d6e9f076 100644 --- a/src/viced/afsfileprocs.c +++ b/src/viced/afsfileprocs.c @@ -190,6 +190,7 @@ int Console = 0; afs_int32 BlocksSpare = 1024; /* allow 1 MB overruns */ afs_int32 PctSpare; extern afs_int32 implicitAdminRights; +extern afs_int32 readonlyServer; static TryLocalVLServer(); @@ -2290,6 +2291,10 @@ SAFSS_Rename (acall, OldDirFid, OldName, NewDirFid, NewName, OutOldDirStatus, /* Lookup the new file */ if (!(Lookup(&newdir, NewName, &newFileFid))) { + if (readonlyServer) { + errorCode = VREADONLY; + goto Bad_Rename; + } if (!(newrights & PRSFS_DELETE)) { errorCode = EACCES; goto Bad_Rename; @@ -2647,6 +2652,10 @@ SAFSS_Symlink (acall, DirFid, Name, LinkContents, InStatus, OutFid, OutFidStatus * to do this. */ if ((InStatus->Mask & AFS_SETMODE) && !(InStatus->UnixModeBits & 0111)) { + if (readonlyServer) { + errorCode = VREADONLY; + goto Bad_SymLink; + } /* * We have a mountpoint, 'cause we're trying to set the Unix mode * bits to something with some x bits missing (default mode bits @@ -4713,6 +4722,10 @@ afs_int32 SRXAFS_SetVolumeStatus (acall, avolid, StoreVolStatus, Name, OfflineMs &client, READ_LOCK, &rights, &anyrights))) goto Bad_SetVolumeStatus; + if (readonlyServer) { + errorCode = VREADONLY; + goto Bad_SetVolumeStatus; + } if (VanillaUser(client)) { errorCode = EACCES; goto Bad_SetVolumeStatus; @@ -5609,7 +5622,9 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus) * unless you are a system administrator */ /****** InStatus->Owner && UnixModeBits better be SET!! */ if ( CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) { - if (VanillaUser (client)) + if (readonlyServer) + return(VREADONLY); + else if (VanillaUser (client)) return(EPERM); /* Was EACCES */ else osi_audit( PrivilegeEvent, 0, AUD_INT, (client ? client->ViceId : 0), @@ -5621,6 +5636,9 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus) AUD_INT, CallingRoutine, AUD_END); } else { + if (readonlyServer) { + return(VREADONLY); + } if (CallingRoutine == CHK_STOREACL) { if (!(rights & PRSFS_ADMINISTER) && !VolumeOwner(client, targetptr)) return(EACCES); @@ -5628,7 +5646,9 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus) else { /* store data or status */ /* watch for chowns and chgrps */ if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) { - if (VanillaUser (client)) + if (readonlyServer) + return(VREADONLY); + else if (VanillaUser (client)) return(EPERM); /* Was EACCES */ else osi_audit(PrivilegeEvent, 0, @@ -5642,12 +5662,16 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus) #else (InStatus->UnixModeBits & (S_ISUID|S_ISGID)) != 0) { #endif + if (readonlyServer) + return(VREADONLY); if (VanillaUser(client)) return(EACCES); else osi_audit( PrivSetID, 0, AUD_INT, (client ? client->ViceId : 0), AUD_INT, CallingRoutine, AUD_END); } if (CallingRoutine == CHK_STOREDATA) { + if (readonlyServer) + return(VREADONLY); if (!(rights & PRSFS_WRITE)) return(EACCES); /* Next thing is tricky. We want to prevent people @@ -5674,12 +5698,16 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus) #endif if ((targetptr->disk.type != vDirectory) && (!(targetptr->disk.modeBits & OWNERWRITE))) + if (readonlyServer) + return(VREADONLY); if (VanillaUser(client)) return(EACCES); else osi_audit( PrivilegeEvent, 0, AUD_INT, (client ? client->ViceId : 0), AUD_INT, CallingRoutine, AUD_END); } else { /* a status store */ + if (readonlyServer) + return(VREADONLY); if (targetptr->disk.type == vDirectory) { if (!(rights & PRSFS_DELETE) && !(rights & PRSFS_INSERT)) return(EACCES); @@ -6601,6 +6629,8 @@ Vnode * targetptr; afs_int32 rights; int Prfs_Mode; { + if (readonlyServer) + return(VREADONLY); if (!(rights & Prfs_Mode)) return(EACCES); if ((targetptr->disk.type != vDirectory) && (!(targetptr->disk.modeBits & OWNERWRITE))) diff --git a/src/viced/viced.c b/src/viced/viced.c index 30e42b222..667a25865 100644 --- a/src/viced/viced.c +++ b/src/viced/viced.c @@ -144,6 +144,7 @@ int printBanner = 0; int rxJumbograms = 1; /* default is to send and receive jumbograms. */ afs_int32 implicitAdminRights = PRSFS_LOOKUP; /* The ADMINISTER right is already implied */ +afs_int32 readonlyServer = 0; int stack = 24; int stackSize = 24000; @@ -929,6 +930,7 @@ static FlagMsg() strcat(buffer, "[-banner (print banner every 10 minutes)] "); strcat(buffer, "[-novbc (whole volume cbs disabled)] "); strcat(buffer, "[-implicit ] "); + strcat(buffer, "[-readonly (read-only file server)] "); strcat(buffer, "[-hr ] "); strcat(buffer, "[-busyat n>] "); strcat(buffer, "[-rxpck ] "); @@ -1057,6 +1059,9 @@ static ParseArgs(argc, argv) if (!strcmp(argv[i], "-implicit")) { implicitAdminRights = ParseRights(argv[++i]); if (implicitAdminRights < 0) return implicitAdminRights; + } else + if (!strcmp(argv[i], "-readonly")) { + readonlyServer = 1; } else if (!strcmp(argv[i], "-L")) { SawL = 1; -- 2.39.5