diff --git a/torque-fix-munge-rhbz#752079-PTII.patch b/torque-fix-munge-rhbz#752079-PTII.patch new file mode 100644 index 0000000..c5b684a --- /dev/null +++ b/torque-fix-munge-rhbz#752079-PTII.patch @@ -0,0 +1,109 @@ +*** process_request.c.orig 2011-11-08 14:20:50.000000000 +0100 +--- process_request.c 2011-11-08 17:15:21.000000000 +0100 +*************** +*** 539,564 **** + + if (ENABLE_TRUSTED_AUTH == TRUE ) + rc = 0; /* bypass the authentication of the user--trust the client completely */ +! else if(munge_on) + { +! /* If munge_on is true we will validate the connection now */ +! if ( request->rq_type == PBS_BATCH_AltAuthenUser) + { +! rc = req_altauthenuser(request); +! if (rc == PBSE_NONE) + { +! conn_credent[sfds].timestamp = time_now; +! svr_conn[sfds].cn_authen = PBS_NET_CONN_AUTHENTICATED; + } + return; + } + else +! { +! rc = authenticate_user(request, &conn_credent[sfds]); +! } + } +- else if (svr_conn[sfds].cn_authen != PBS_NET_CONN_AUTHENTICATED) +- rc = PBSE_BADCRED; + else + rc = authenticate_user(request, &conn_credent[sfds]); + +--- 539,562 ---- + + if (ENABLE_TRUSTED_AUTH == TRUE ) + rc = 0; /* bypass the authentication of the user--trust the client completely */ +! else if (svr_conn[sfds].cn_authen != PBS_NET_CONN_AUTHENTICATED) + { +! if (munge_on && request->rq_type == PBS_BATCH_AltAuthenUser) + { +! /* If munge_on is true do the validation request now */ +! if (request->rq_ind.rq_authen.rq_port != svr_conn[sfds].cn_port) +! { +! req_reject(PBSE_IVALREQ, 0, request, NULL, "Unexpected request to authenticate an alternate connection"); +! } +! else + { +! req_altauthenuser(request); + } + return; + } + else +! rc = PBSE_BADCRED; + } + else + rc = authenticate_user(request, &conn_credent[sfds]); + +*************** +*** 1032,1038 **** + break; + + case PBS_BATCH_AltAuthenUser: +! + break; + + case PBS_BATCH_JobObit: +--- 1030,1036 ---- + break; + + case PBS_BATCH_AltAuthenUser: +! req_reject(PBSE_IVALREQ, 0, request, NULL, "Unexpected request to authenticate at this point"); + break; + + case PBS_BATCH_JobObit: +*** req_getcred.c.orig 2011-11-08 17:27:36.000000000 +0100 +--- req_getcred.c 2011-11-08 17:20:18.000000000 +0100 +*************** +*** 365,371 **** + /* Something went wrong. We will have to depend on the parent + to let everyone know */ + close(fd_pipe[1]); +! exit(0); + + } + +--- 365,371 ---- + /* Something went wrong. We will have to depend on the parent + to let everyone know */ + close(fd_pipe[1]); +! _exit(0); + + } + +*************** +*** 453,459 **** + + for (s = 0;s < PBS_NET_MAX_CONNECTIONS;++s) + { +! if (preq->rq_ind.rq_authen.rq_port != svr_conn[s].cn_port) + { + continue; + } +--- 453,460 ---- + + for (s = 0;s < PBS_NET_MAX_CONNECTIONS;++s) + { +! if (preq->rq_ind.rq_authen.rq_port != svr_conn[s].cn_port || +! svr_conn[preq->rq_conn].cn_addr != svr_conn[s].cn_addr) + { + continue; + } diff --git a/torque.spec b/torque.spec index ca1babb..17d8993 100644 --- a/torque.spec +++ b/torque.spec @@ -3,7 +3,7 @@ %define name torque %define version 2.5.7 #%%define snap 200604251602 -%define release 4 +%define release 5 # The following options are supported: # --with server_name=hostname @@ -101,6 +101,7 @@ Patch2: torque-initd-hangs-rhbz-744138.patch # https://bugzilla.redhat.com/show_bug.cgi?id=752079 Patch3: torque-fix-munge-rhbz#752079.patch +Patch4: torque-fix-munge-rhbz#752079-PTII.patch License: OpenPBS and TORQUEv1.1 Group: System Environment/Daemons @@ -135,6 +136,10 @@ This package holds just a few shared files and directories. %patch0 -p1 %patch2 -p1 %patch3 -p2 +pushd src/server +%patch4 -p 0 +popd + %__install -pm 644 %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE6} %{SOURCE7} . @@ -489,6 +494,9 @@ A simple PAM module to authorize users on PBS MOM nodes with a running job. %changelog +* Mon Nov 21 2011 Steve Traylen - 2.5.7-5 +- Add torque-fix-munge-rhbz#752079-PTII.patch + * Thu Nov 17 2011 Steve Traylen - 2.5.7-4 - Empty release for release mistake.