Add a hackish attempt at a workaround for #961235
Add a patch to create /run/user/0 if we're trying to resolve a DIR: ccache somewhere below it and neither the target location nor /run/user/0 exist yet. The better workaround is to set the location's owner to "linger" via logind, since even after we do what we're doing here, if the user logs in and logs back out, our location is still removed.
This commit is contained in:
Nalin Dahyabhai
parent
559c78a30a
commit
dc293b3d84
34
krb5-1.11-run_user_0.patch
Normal file
34
krb5-1.11-run_user_0.patch
Normal file
@ -0,0 +1,34 @@
|
||||
A hack: if we're looking at creating a ccache directory directly below
|
||||
the /run/user/0 directory, and /run/user/0 doesn't exist, try to create
|
||||
it, too.
|
||||
|
||||
--- krb5/src/lib/krb5/ccache/cc_dir.c
|
||||
+++ krb5/src/lib/krb5/ccache/cc_dir.c
|
||||
@@ -61,6 +61,8 @@
|
||||
|
||||
#include <dirent.h>
|
||||
|
||||
+#define ROOT_SPECIAL_DCC_PARENT "/run/user/0"
|
||||
+
|
||||
extern const krb5_cc_ops krb5_dcc_ops;
|
||||
extern const krb5_cc_ops krb5_fcc_ops;
|
||||
|
||||
@@ -239,6 +241,18 @@
|
||||
|
||||
if (stat(dirname, &st) < 0) {
|
||||
if (errno == ENOENT) {
|
||||
+ if (strncmp(dirname, ROOT_SPECIAL_DCC_PARENT "/",
|
||||
+ sizeof(ROOT_SPECIAL_DCC_PARENT)) == 0 &&
|
||||
+ stat(ROOT_SPECIAL_DCC_PARENT, &st) < 0 &&
|
||||
+ errno == ENOENT) {
|
||||
+#ifdef USE_SELINUX
|
||||
+ selabel = krb5int_push_fscreatecon_for(ROOT_SPECIAL_DCC_PARENT);
|
||||
+#endif
|
||||
+ status = mkdir(ROOT_SPECIAL_DCC_PARENT, S_IRWXU);
|
||||
+#ifdef USE_SELINUX
|
||||
+ krb5int_pop_fscreatecon(selabel);
|
||||
+#endif
|
||||
+ }
|
||||
#ifdef USE_SELINUX
|
||||
selabel = krb5int_push_fscreatecon_for(dirname);
|
||||
#endif
|
||||
@ -85,6 +85,7 @@ Patch125: krb5-1.11.2-skew1.patch
|
||||
Patch126: krb5-1.11.2-skew2.patch
|
||||
Patch127: krb5-master-test_gss_no_udp.patch
|
||||
Patch128: krb5-master-test_no_pmap.patch
|
||||
Patch129: krb5-1.11-run_user_0.patch
|
||||
|
||||
# Patches for otp plugin backport
|
||||
Patch201: krb5-1.11.2-keycheck.patch
|
||||
@ -312,6 +313,7 @@ ln -s NOTICE LICENSE
|
||||
%patch126 -p1 -b .skew2
|
||||
%patch127 -p1 -b .test_gss_no_udp
|
||||
%patch128 -p1 -b .test_no_pmap
|
||||
%patch129 -p1 -b .run_user_0
|
||||
|
||||
%patch201 -p1 -b .keycheck
|
||||
%patch202 -p1 -b .otp
|
||||
@ -840,6 +842,10 @@ exit 0
|
||||
* Thu May 30 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.2-9
|
||||
- don't forget to set the SELinux label when creating the directory for
|
||||
a DIR: ccache
|
||||
- special-case /run/user/0, attempting to create it when resolving a
|
||||
directory cache below it fails due to ENOENT and we find that it doesn't
|
||||
already exist, either, before attempting to create the directory cache
|
||||
(maybe helping, maybe just making things more confusing for #961235)
|
||||
|
||||
* Thu May 30 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.2-8
|
||||
- pull in patches from master to not test GSSRPC-over-UDP and to not
|
||||
|
||||
Loading…
Reference in New Issue
Block a user