Sasha, Hal,
Here is a revised version of the patch - just the auth_check() routine.
Basically, it passes the test if root, or same ownership as umad0.
The motivation for this patch is to provide a quick (and early) check for the
perl scripts that were only intended for privilaged users. Stop partial
functionality, and provide a non-zero exit code.
I will patch the relevant perl scripts to use this check, if accepted.
--
Timothy A. Meier
Computer Scientist
ICCD/High Performance Computing
925.422.3341
[EMAIL PROTECTED]
>From 4ead5dcd79b6c37c3cb0a7ac29d273450aa407e0 Mon Sep 17 00:00:00 2001
From: Tim Meier <[EMAIL PROTECTED]>
Date: Fri, 23 May 2008 08:12:07 -0700
Subject: [PATCH] infiniband-diags: terminate perl scripts with error if not
authorized
An "auth_check" routine intended for use in scripts that use umad
functions. Quickly terminates with an error code, if not authorized.
Signed-off-by: Tim Meier <[EMAIL PROTECTED]>
---
infiniband-diags/scripts/IBswcountlimits.pm | 13 +++++++++++++
1 files changed, 13 insertions(+), 0 deletions(-)
diff --git a/infiniband-diags/scripts/IBswcountlimits.pm
b/infiniband-diags/scripts/IBswcountlimits.pm
index 9bc356f..da75b25 100755
--- a/infiniband-diags/scripts/IBswcountlimits.pm
+++ b/infiniband-diags/scripts/IBswcountlimits.pm
@@ -85,6 +85,19 @@ $IBswcountlimits::cache_dir =
"/var/cache/infiniband-diags";
"This counter can increase due to a valid network event"
);
+# =========================================================================
+# only authorized if uid is root, or matches umad ownership
+#
+sub auth_check
+{
+ my $file = "/dev/infiniband/umad0";
+ my $uid = (stat $file)[4];
+ my $gid = (stat $file)[5];
+ if (($> != $uid) && ($> != $gid) && ($> != 0)){
+ die "Permission denied\n";
+ }
+}
+
sub check_counters
{
my $print_action = $_[0];
--
1.5.1
_______________________________________________
general mailing list
[email protected]
http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general
To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
