HI AndersBj, Reviewed and tested the patch. Ack .
/Neel. On Thursday 11 September 2014 03:16 PM, Anders Bjornerstedt wrote: > Summary: IMM: saImmOmAdminOwnerClear should only be allowed for root users > [#1053] > Review request for Trac Ticket(s): 1053 > Peer Reviewer(s): Neel, Zoran, HansF > Pull request to: > Affected branch(es): 4.5; default(4.6) > Development branch: > > -------------------------------- > Impacted area Impact y/n > -------------------------------- > Docs n > Build system n > RPM/packaging n > Configuration files n > Startup scripts n > SAF services y > OpenSAF services n > Core libraries n > Samples n > Tests n > Other n > > > Comments (indicate scope for each "y" above): > --------------------------------------------- > > changeset 490ab6ebfdbefb8503123dd87d9bb2b824f7af67 > Author: Anders Bjornerstedt <anders.bjornerst...@ericsson.com> > Date: Thu, 11 Sep 2014 11:30:35 +0200 > > IMM: saImmOmAdminOwnerClear should only be allowed for root users > [#1053] > > The local immnd enforces access control for saImmOmAdminOwnerClear if > access-control is enabled. > > In addition, a minor change of code is done for > immnd_fevs_local_checks. The > fix for ticket #938, changeset 5648:bc8d57d94f9f added a parameter > 'sinfo' > to immnd_fevs_local_checks. This is a pointer parameter and it turns out > that the sinfo struct is not available to all contexts where > immnd_fevs_local_checks is invoked. This caused coverity complaints and > these where justified because the code in immnd_fevs_local_checks using > sinfo did not guard for NULL. Instead of adding such code, this patch > changes the parameter to 'uid_t uid'. The uid is what is actually used > in > this function. It will be set to zero for cases where the message is > generated internally by the local IMMND. This matches the semantics of > the > parameter. Even if the IMMNDs are not executing as root, they need the > root > priviliges enforced by the IMM access control. > > > Complete diffstat: > ------------------ > osaf/services/saf/immsv/immnd/immnd_evt.c | 48 > ++++++++++++++++++++++++++++++++++-------------- > 1 files changed, 34 insertions(+), 14 deletions(-) > > > Testing Commands: > ----------------- > > Testing, Expected Results: > -------------------------- > > > Conditions of Submission: > ------------------------- > Ack from Neel. > > > Arch Built Started Linux distro > ------------------------------------------- > mips n n > mips64 n n > x86 n n > x86_64 n n > powerpc n n > powerpc64 n n > > > Reviewer Checklist: > ------------------- > [Submitters: make sure that your review doesn't trigger any checkmarks!] > > > Your checkin has not passed review because (see checked entries): > > ___ Your RR template is generally incomplete; it has too many blank entries > that need proper data filled in. > > ___ You have failed to nominate the proper persons for review and push. > > ___ Your patches do not have proper short+long header > > ___ You have grammar/spelling in your header that is unacceptable. > > ___ You have exceeded a sensible line length in your headers/comments/text. > > ___ You have failed to put in a proper Trac Ticket # into your commits. > > ___ You have incorrectly put/left internal data in your comments/files > (i.e. internal bug tracking tool IDs, product names etc) > > ___ You have not given any evidence of testing beyond basic build tests. > Demonstrate some level of runtime or other sanity testing. > > ___ You have ^M present in some of your files. These have to be removed. > > ___ You have needlessly changed whitespace or added whitespace crimes > like trailing spaces, or spaces before tabs. > > ___ You have mixed real technical changes with whitespace and other > cosmetic code cleanup changes. These have to be separate commits. > > ___ You need to refactor your submission into logical chunks; there is > too much content into a single commit. > > ___ You have extraneous garbage in your review (merge commits etc) > > ___ You have giant attachments which should never have been sent; > Instead you should place your content in a public tree to be pulled. > > ___ You have too many commits attached to an e-mail; resend as threaded > commits, or place in a public tree for a pull. > > ___ You have resent this content multiple times without a clear indication > of what has changed between each re-send. > > ___ You have failed to adequately and individually address all of the > comments and change requests that were proposed in the initial review. > > ___ You have a misconfigured ~/.hgrc file (i.e. username, email etc) > > ___ Your computer have a badly configured date and time; confusing the > the threaded patch review. > > ___ Your changes affect IPC mechanism, and you don't present any results > for in-service upgradability test. > > ___ Your changes affect user manual and documentation, your patch series > do not contain the patch that updates the Doxygen manual. > ------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce. Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk _______________________________________________ Opensaf-devel mailing list Opensaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opensaf-devel
