Re: Annoying Minor Bug In Winbind 2.2.x
On 6 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote:
> As per my message an hour or so ago, I'm trying to get the winbind that
> comes with Debian 3.0 Samba 2.2.3a-12 configured to allow me to telnet into
> the box with authentication handed off to a real NT domain.
>
> Anyway, even before I really get started, I find what seems to be an
> obvious, simple and annoying buggette - if I stop and restart winbind (the
> sort of thing you do a lot at this stage) then it fails to restart, with
> this message in "/var/log/samba/log.winbindd" :
> "invalid permissions on socket directory /tmp/.winbindd"
>
> Here's the permissions :
> /etc# ls -ld /tmp/.w*
> drwxr-x---2 root root 4096 Feb 6 21:33 /tmp/.winbindd
The error is emitted from create_pipe_sock, which checks that the
permissions on the directory are exactly what winbind expects them to
be (0755). Obviously those permissions are not correct, which would
seem to be a problem because it might prevent non-root processes from
accessing winbindd. This looks very much like a umask problem.
I see the bug: create_pipe_sock tries to temporarily set its umask to
0 so as to give the right permissions, but it only does this after
creating the directory. So if you start winbindd with a umask
stronger than 022, it will fail in this way.
The bug apparently came in Andrew Bartlett's merge in 1.45; the
provenance of it I don't know. (TNG?) This patch ought to be applied
to 2.2, HEAD, 3.0, and APPL_HEAD.
Tim, how's this patch?
Index: util_sock.c
===
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.75
diff -u -u -p -r1.75 util_sock.c
--- util_sock.c 9 Jan 2003 06:58:07 - 1.75
+++ util_sock.c 7 Feb 2003 01:21:10 -
@@ -885,13 +885,18 @@ char *get_socket_addr(int fd)
}
-/***
- Create protected unix domain socket.
-
- some unixen cannot set permissions on a ux-dom-sock, so we
- have to make sure that the directory contains the protection
- permissions, instead.
- **/
+/**
+ * Create protected unix domain socket.
+ *
+ * Some unixen cannot set permissions on a ux-dom-sock, so we have to
+ * make sure that the directory contains the protection permissions,
+ * instead.
+ *
+ * It must be possible to access the socket from unprivileged
+ * programs, even if the daemon is started with a restrictive umask.
+ * Therefore is is temporarily removed while creating the directory
+ * and socket.
+ **/
int create_pipe_sock(const char *socket_dir,
const char *socket_name,
mode_t dir_perms)
@@ -903,56 +908,46 @@ int create_pipe_sock(const char *socket_
mode_t old_umask;
pstring path;
+old_umask = umask(0);
+
/* Create the socket directory or reuse the existing one */
if (lstat(socket_dir, &st) == -1) {
-
if (errno == ENOENT) {
-
-/* Create directory */
-
if (mkdir(socket_dir, dir_perms) == -1) {
DEBUG(0, ("error creating socket directory "
"%s: %s\n", socket_dir,
strerror(errno)));
-return -1;
+ goto out_umask;
}
-
} else {
-
DEBUG(0, ("lstat failed on socket directory %s: %s\n",
socket_dir, strerror(errno)));
-return -1;
+ goto out_umask;
}
-
} else {
-
/* Check ownership and permission on existing directory */
-
if (!S_ISDIR(st.st_mode)) {
DEBUG(0, ("socket directory %s isn't a directory\n",
socket_dir));
-return -1;
+ goto out_umask;
}
if ((st.st_uid != sec_initial_uid()) ||
((st.st_mode & 0777) != dir_perms)) {
DEBUG(0, ("invalid permissions on socket directory "
"%s\n", socket_dir));
-return -1;
+ goto out_umask;
}
}
/* Create the socket file */
-old_umask = umask(0);
-
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock == -1) {
perror("socket");
- umask(old_umask);
-return
Re: Annoying Minor Bug In Winbind 2.2.x
On Fri, Feb 07, 2003 at 12:23:30PM +1100, Martin Pool wrote:
> The bug apparently came in Andrew Bartlett's merge in 1.45; the
> provenance of it I don't know. (TNG?) This patch ought to be applied
> to 2.2, HEAD, 3.0, and APPL_HEAD.
>
> Tim, how's this patch?
How about this - I've collapsed the two error exits into one.
Tim.
Index: lib/util_sock.c
===
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.75
diff -u -r1.75 util_sock.c
--- lib/util_sock.c 9 Jan 2003 06:58:07 - 1.75
+++ lib/util_sock.c 7 Feb 2003 04:51:10 -
@@ -885,13 +885,18 @@
}
-/***
- Create protected unix domain socket.
-
- some unixen cannot set permissions on a ux-dom-sock, so we
- have to make sure that the directory contains the protection
- permissions, instead.
- **/
+/**
+ * Create protected unix domain socket.
+ *
+ * Some unixen cannot set permissions on a ux-dom-sock, so we have to
+ * make sure that the directory contains the protection permissions,
+ * instead.
+ *
+ * It must be possible to access the socket from unprivileged
+ * programs, even if the daemon is started with a restrictive umask.
+ * Therefore is is temporarily removed while creating the directory
+ * and socket.
+ **/
int create_pipe_sock(const char *socket_dir,
const char *socket_name,
mode_t dir_perms)
@@ -899,60 +904,50 @@
#ifdef HAVE_UNIXSOCKET
struct sockaddr_un sunaddr;
struct stat st;
-int sock;
+int sock = -1;
mode_t old_umask;
pstring path;
+old_umask = umask(0);
+
/* Create the socket directory or reuse the existing one */
if (lstat(socket_dir, &st) == -1) {
-
if (errno == ENOENT) {
-
-/* Create directory */
-
if (mkdir(socket_dir, dir_perms) == -1) {
DEBUG(0, ("error creating socket directory "
"%s: %s\n", socket_dir,
strerror(errno)));
-return -1;
+ goto error;
}
-
} else {
-
DEBUG(0, ("lstat failed on socket directory %s: %s\n",
socket_dir, strerror(errno)));
-return -1;
+ goto error;
}
-
} else {
-
/* Check ownership and permission on existing directory */
-
if (!S_ISDIR(st.st_mode)) {
DEBUG(0, ("socket directory %s isn't a directory\n",
socket_dir));
-return -1;
+ goto error;
}
if ((st.st_uid != sec_initial_uid()) ||
((st.st_mode & 0777) != dir_perms)) {
DEBUG(0, ("invalid permissions on socket directory "
"%s\n", socket_dir));
-return -1;
+ goto error;
}
}
/* Create the socket file */
-old_umask = umask(0);
-
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock == -1) {
perror("socket");
- umask(old_umask);
-return -1;
+ goto error;
}
snprintf(path, sizeof(path), "%s/%s", socket_dir, socket_name);
@@ -966,25 +961,26 @@
DEBUG(0, ("bind failed on pipe socket %s: %s\n",
path,
strerror(errno)));
-close(sock);
- umask(old_umask);
-return -1;
+ goto error;
}
if (listen(sock, 5) == -1) {
DEBUG(0, ("listen failed on pipe socket %s: %s\n",
path,
strerror(errno)));
-close(sock);
- umask(old_umask);
-return -1;
+ goto error;
}
umask(old_umask);
-
-/* Success! */
-
-return sock;
+return sock; /* success */
+
+error:
+ if (sock != -1)
+ close(sock);
+
+ umask(old_umask);
+ return -1;
+
#else
DEBUG(0, ("create_pipe_sock: No Unix sockets on this system\n"));
return -1;
RE: Annoying Minor Bug In Winbind 2.2.x
On 7 Feb 2003, Martin Pool wrote: > > On 6 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote: >> >> I find what seems to be an >> obvious, simple and annoying buggette - if I stop and restart winbind (the >> sort of thing you do a lot at this stage) then it fails to restart, with >> this message in "/var/log/samba/log.winbindd" : >> "invalid permissions on socket directory /tmp/.winbindd" >> >> Here's the permissions : >> /etc# ls -ld /tmp/.w* >> drwxr-x---2 root root 4096 Feb 6 21:33 /tmp/.winbindd > > The error is emitted from create_pipe_sock, which checks that the > permissions on the directory are exactly what winbind expects them to > be (0755). Obviously those permissions are not correct, which would > seem to be a problem because it might prevent non-root processes from > accessing winbindd. This looks very much like a umask problem. Thanks - that was it. I now have a script /usr/local/bin/winbind, which does umask 000 /etc/init.d/winbind $1 umask 027 and everything is working ok now - I can stop & restart winbind to my heart's content without any problem (well no socket directory permissions problems anyway ;-) [ I'm afraid I always run with umask=027 ... it's a hangover from my mainframe days ... I can't get away from the idea that you should grant only the access that is needed ... "all files world-readable by default ?" ... "Just Say No" ] Thanks a lot. Nick Boyce EDS Southwest Solution Centre, Bristol, UK
Re: Annoying Minor Bug In Winbind 2.2.x
On 7 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote: > Thanks - that was it. I now have a script /usr/local/bin/winbind, which > does >umask 000 >/etc/init.d/winbind $1 >umask 027 > and everything is working ok now - I can stop & restart winbind to my > heart's content without any problem (well no socket directory permissions > problems anyway ;-) You would be better off -- and you would be helping us too -- if you would apply the patch and let us know if it works. (I'm pretty sure it will, but it's always worth testing.) That way, rather than a temporary workaround, there will be a proper fix for future releases. Thanks, > [ I'm afraid I always run with umask=027 ... it's a hangover from my > mainframe days ... I can't get away from the idea that you should grant only > the access that is needed ... "all files world-readable by default ?" ... > "Just Say No" ] That's fine, winbindd ought to work with that. -- Martin
RE: Annoying Minor Bug In Winbind 2.2.x
On 7 Feb 2003, Martin Pool wrote: > > On 7 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote: >> >> Thanks - that was it. I now have a script /usr/local/bin/winbind, which >> does >>umask 000 >>/etc/init.d/winbind $1 >>umask 027 [...] > You would be better off -- and you would be helping us too -- if you > would apply the patch and let us know if it works. (I'm pretty sure > it will, but it's always worth testing.) OK - I've been trying to find time to do this today but have run out (it's 20:30 ... I want to go hme .. :) ... sorry. I'll do it on Monday next week and let you know what happens. (The Debian machine concerned was using the Debian Samba binaries, and I'd been hoping not to have to get involved in compiling -from-source ... advantages of sticking with distro components, package management system ==> easier upgrades, standard desktop rollout, mumble, etc. etc.) Cheers Nick Boyce EDS Southwest Solution Centre, Bristol, UK
RE: Annoying Minor Bug In Winbind 2.2.x
On 7 Feb 2003, Martin Poole wrote:
> On 7 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote:
>
>> Thanks - that was it. I now have a script /usr/local/bin/winbind, which
>> does
>> umask 000
>> /etc/init.d/winbind $1
>
> You would be better off -- and you would be helping us too -- if you
> would apply the patch and let us know if it works
OK - I've been trying to apply the patch that Tim posted (to supersede
Martin's first cut) to the Samba 2.2.7a source file for util_sock.c, but get
errors applying the patch no matter what I do. I guess the posted patch was
against CVS, so could someone please repost the patch for the 2.2.7a-rel
version of the file ?
Here's what I get if I apply the posted patch :
MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c
patch-util_sock.txt.orig
patching file util_sock.c
Hunk #1 succeeded at 1018 with fuzz 2 (offset 133 lines).
Hunk #2 FAILED at 1037.
Hunk #3 FAILED at 1094.
2 out of 3 hunks FAILED -- saving rejects to file util_sock.c.rej
After deleting the line containing "#ifdef HAVE_UNIXSOCKET" (because I
noticed it doesn't appear in my 2.2.7a version of util_sock.c), I get a
little further :
MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c
patch-util_sock.txt
patching file util_sock.c
Hunk #1 succeeded at 1018 with fuzz 2 (offset 133 lines).
patch: malformed patch at line 102: @@ -966,25 +961,26 @@
But now I'm completely stumped, and don't really know what I'm doing (...) -
I have no idea what "patch" is objecting to (it's not very helpful, is it ?
- even if you run it with --verbose it doesn't get any better .. sigh).
I've attached the patch from Tim that I'm trying to apply, to avoid any
confusion.
Cheers
Nick Boyce
EDS Southwest Solution Centre, Bristol, UK
Index: lib/util_sock.c
===
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.75
diff -u -r1.75 util_sock.c
--- lib/util_sock.c 9 Jan 2003 06:58:07 - 1.75
+++ lib/util_sock.c 7 Feb 2003 04:51:10 -
@@ -885,13 +885,18 @@
}
-/***
- Create protected unix domain socket.
-
- some unixen cannot set permissions on a ux-dom-sock, so we
- have to make sure that the directory contains the protection
- permissions, instead.
- **/
+/**
+ * Create protected unix domain socket.
+ *
+ * Some unixen cannot set permissions on a ux-dom-sock, so we have to
+ * make sure that the directory contains the protection permissions,
+ * instead.
+ *
+ * It must be possible to access the socket from unprivileged
+ * programs, even if the daemon is started with a restrictive umask.
+ * Therefore is is temporarily removed while creating the directory
+ * and socket.
+ **/
int create_pipe_sock(const char *socket_dir,
const char *socket_name,
mode_t dir_perms)
@@ -899,60 +904,50 @@
#ifdef HAVE_UNIXSOCKET
struct sockaddr_un sunaddr;
struct stat st;
-int sock;
+int sock = -1;
mode_t old_umask;
pstring path;
+old_umask = umask(0);
+
/* Create the socket directory or reuse the existing one */
if (lstat(socket_dir, &st) == -1) {
-
if (errno == ENOENT) {
-
-/* Create directory */
-
if (mkdir(socket_dir, dir_perms) == -1) {
DEBUG(0, ("error creating socket directory"
"%s: %s\n", socket_dir,
strerror(errno)));
-return -1;
+ goto error;
}
-
} else {
-
DEBUG(0, ("lstat failed on socket directory %s: %s\n",
socket_dir, strerror(errno)));
-return -1;
+ goto error;
}
-
} else {
-
/* Check ownership and permission on existing directory */
-
if (!S_ISDIR(st.st_mode)) {
DEBUG(0, ("socket directory %s isn't a directory\n",
socket_dir));
-return -1;
+ goto error;
}
if ((st.st_uid != sec_initial_uid()) ||
((st.st_mode & 0777) != dir_perms)) {
DEBUG(0, ("invalid permissions on socket directory"
"%s\n", socket_dir));
-return -1;
+ goto error;
}
}
/* Create the socket file */
-old_umask = umask(0);
-
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock == -1) {
Re: Annoying Minor Bug In Winbind 2.2.x
On 17 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote: > OK - I've been trying to apply the patch that Tim posted (to supersede > Martin's first cut) to the Samba 2.2.7a source file for util_sock.c, but get > errors applying the patch no matter what I do. Thanks for trying that. > I guess the posted patch was against CVS, so could someone please > repost the patch for the 2.2.7a-rel version of the file ? I'll do that. -- Martin If it's worth doing, it's worth doing for money.
Re: Annoying Minor Bug In Winbind 2.2.x
On 17 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote: > Here's what I get if I apply the posted patch : As I said I'll send you an update just for 2.2. But in general, in case you're interested, here are some tips on applying mismatched patches: >MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c > patch-util_sock.txt.orig >patching file util_sock.c >Hunk #1 succeeded at 1018 with fuzz 2 (offset 133 lines). >Hunk #2 FAILED at 1037. >Hunk #3 FAILED at 1094. >2 out of 3 hunks FAILED -- saving rejects to file util_sock.c.rej In general the best thing to do now is leave the main diff alone, and only work on the rejected parts in the .rej file. Basically you need to work out why patch thinks the 2.2 source file doesn't look like the "before" version of the rejected patch. > After deleting the line containing "#ifdef HAVE_UNIXSOCKET" (because I > noticed it doesn't appear in my 2.2.7a version of util_sock.c), I get a > little further : >MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c > patch-util_sock.txt >patching file util_sock.c >Hunk #1 succeeded at 1018 with fuzz 2 (offset 133 lines). >patch: malformed patch at line 102: @@ -966,25 +961,26 @@ Do you mean you deleted that line from the patch? That's probably what is causing the "malformed patch" error: the line numbers in the patch no longer add up. However, if you install the "patchutils" package, then you can run "recountdiff" to fix the lines up after you edit a diff, and it should then apply. patchutils is very very cool. -- Martin
Re: Annoying Minor Bug In Winbind 2.2.x
Oh, Jeremy already committed my patch to SAMBA_2_2 CVS. Here's the
patch.
Index: util_sock.c
===
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.16.4.36
retrieving revision 1.16.4.37
diff -u -u -p -r1.16.4.36 -r1.16.4.37
--- util_sock.c 26 Aug 2002 20:07:13 - 1.16.4.36
+++ util_sock.c 7 Feb 2003 22:04:37 - 1.16.4.37
@@ -1021,102 +1021,97 @@ char *get_socket_addr(int fd)
/***
Create protected unix domain socket.
- some unixen cannot set permissions on a ux-dom-sock, so we
+ Some unixes cannot set permissions on a ux-dom-sock, so we
have to make sure that the directory contains the protection
- permissions, instead.
+ permissions instead.
**/
+
int create_pipe_sock(const char *socket_dir,
- const char *socket_name,
- mode_t dir_perms)
+const char *socket_name,
+mode_t dir_perms)
{
-struct sockaddr_un sunaddr;
-struct stat st;
-int sock;
-mode_t old_umask;
-pstring path;
-
-/* Create the socket directory or reuse the existing one */
-
-if (lstat(socket_dir, &st) == -1) {
-
-if (errno == ENOENT) {
-
-/* Create directory */
-
-if (mkdir(socket_dir, dir_perms) == -1) {
-DEBUG(0, ("error creating socket directory "
- "%s: %s\n", socket_dir,
- strerror(errno)));
-return -1;
-}
-
-} else {
-
-DEBUG(0, ("lstat failed on socket directory %s: %s\n",
- socket_dir, strerror(errno)));
-return -1;
-}
-
-} else {
-
-/* Check ownership and permission on existing directory */
-
-if (!S_ISDIR(st.st_mode)) {
-DEBUG(0, ("socket directory %s isn't a directory\n",
- socket_dir));
-return -1;
-}
-
-if ((st.st_uid != sec_initial_uid()) ||
-((st.st_mode & 0777) != dir_perms)) {
-DEBUG(0, ("invalid permissions on socket directory "
- "%s\n", socket_dir));
-return -1;
-}
-}
-
-/* Create the socket file */
-
-old_umask = umask(0);
-
-sock = socket(AF_UNIX, SOCK_STREAM, 0);
-
-if (sock == -1) {
-perror("socket");
- umask(old_umask);
-return -1;
-}
-
-snprintf(path, sizeof(path), "%s/%s", socket_dir, socket_name);
-
-unlink(path);
-memset(&sunaddr, 0, sizeof(sunaddr));
-sunaddr.sun_family = AF_UNIX;
-safe_strcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)-1);
-
-if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) {
-DEBUG(0, ("bind failed on pipe socket %s: %s\n",
- path,
- strerror(errno)));
-close(sock);
- umask(old_umask);
-return -1;
-}
-
-if (listen(sock, 5) == -1) {
-DEBUG(0, ("listen failed on pipe socket %s: %s\n",
- path,
- strerror(errno)));
-close(sock);
- umask(old_umask);
-return -1;
-}
-
-umask(old_umask);
-
-/* Success! */
-
-return sock;
+#ifdef HAVE_UNIXSOCKET
+ struct sockaddr_un sunaddr;
+ struct stat st;
+ int sock;
+ mode_t old_umask;
+ pstring path;
+
+ old_umask = umask(0);
+
+ /* Create the socket directory or reuse the existing one */
+
+ if (lstat(socket_dir, &st) == -1) {
+ if (errno == ENOENT) {
+ /* Create directory */
+ if (mkdir(socket_dir, dir_perms) == -1) {
+ DEBUG(0, ("error creating socket directory "
+ "%s: %s\n", socket_dir,
+ strerror(errno)));
+ goto out_umask;
+ }
+ } else {
+
RE: Annoying Minor Bug In Winbind 2.2.x
On 18 Feb 2003, Martin Pool wrote :
> Jeremy already committed my patch to SAMBA_2_2 CVS.
> Here's the patch.
>
> Index: util_sock.c
> ===
> RCS file: /data/cvs/samba/source/lib/util_sock.c,v
> retrieving revision 1.16.4.36
> retrieving revision 1.16.4.37
> diff -u -u -p -r1.16.4.36 -r1.16.4.37
[snip]
I'm sorry - I'm probably doing something dumb, but I still get failures even
with this patch - first, if I save the patch as it appeared in my Outlook
window, then line 25 consists of a single left brace char, which results in
:
MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c
patch-util_sock-20030218
patching file util_sock.c
patch: malformed patch at line 25: {
So assuming line-wrap did something Bad to that line, I edited the patch
file to stick that line onto the end of line 24, resulting in :
MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c
patch-util_sock-20030218
patching file util_sock.c
Hunk #1 FAILED at 1021.
1 out of 1 hunk FAILED -- saving rejects to file util_sock.c.rej
and I don't know enough about what I'm looking at to figure it out.
> In general the best thing to do now is leave the main diff alone, and
> only work on the rejected parts in the .rej file. Basically you need
> to work out why patch thinks the 2.2 source file doesn't look like the
> "before" version of the rejected patch.
OK - hang on ... right, it seems the real original 2.2.7a util_sock.c really
*does* have the "{" on line 25 all by itself - but since that gave me
"malformed patch", I assume the patch needs a "rediff" ??? Here goes :
MYBOX:/usr/local/src/samba-2.2.7a/source/lib# rediff
patch-util_sock-20030218.orig patch-util_sock-20030218
Index: util_sock.c
===
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.16.4.36
retrieving revision 1.16.4.37
diff -u -u -p -r1.16.4.36 -r1.16.4.37
rediff: Not supported: -{
OK - I give up for now ... hlp :(
[sorry .. for all this trouble over such a minor thing]
Nick Boyce
EDS Southwest Solution Centre, Bristol, UK
-Original Message-
From: 'Martin Pool' [mailto:[EMAIL PROTECTED]]
Sent: 17 February 2003 23:08
To: Boyce, Nick
Cc: [EMAIL PROTECTED]
Subject: Re: Annoying Minor Bug In Winbind 2.2.x
Oh, Jeremy already committed my patch to SAMBA_2_2 CVS. Here's the
patch.
Index: util_sock.c
===
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.16.4.36
retrieving revision 1.16.4.37
diff -u -u -p -r1.16.4.36 -r1.16.4.37
--- util_sock.c 26 Aug 2002 20:07:13 - 1.16.4.36
+++ util_sock.c 7 Feb 2003 22:04:37 - 1.16.4.37
@@ -1021,102 +1021,97 @@ char *get_socket_addr(int fd)
/***
Create protected unix domain socket.
- some unixen cannot set permissions on a ux-dom-sock, so we
+ Some unixes cannot set permissions on a ux-dom-sock, so we
have to make sure that the directory contains the protection
- permissions, instead.
+ permissions instead.
**/
+
int create_pipe_sock(const char *socket_dir,
- const char *socket_name,
- mode_t dir_perms)
+const char *socket_name,
+mode_t dir_perms)
{
-struct sockaddr_un sunaddr;
-struct stat st;
-int sock;
-mode_t old_umask;
-pstring path;
-
-/* Create the socket directory or reuse the existing one */
-
-if (lstat(socket_dir, &st) == -1) {
-
-if (errno == ENOENT) {
-
-/* Create directory */
-
-if (mkdir(socket_dir, dir_perms) == -1) {
-DEBUG(0, ("error creating socket directory
"
- "%s: %s\n", socket_dir,
- strerror(errno)));
-return -1;
-}
-
-} else {
-
-DEBUG(0, ("lstat failed on socket directory %s:
%s\n",
- socket_dir, strerror(errno)));
-return -1;
-}
-
-} else {
-
-/* Check ownership and permission on existing directory */
-
-if (!S_ISDIR(st.st_mode)) {
-
RE: Annoying Minor Bug In Winbind 2.2.x
It's probably a line count thing. The head of the patch contains a certain
range of lines that the patch should apply to. If you truncated the patch at
the bottom, the header could be telling patch it needs to add, for example,
30 lines, while the patch text only contains 28.
Go back to the email and copy/paste lines from the email into your patch
file at the bottom, down to but not including the two dashes above Martin's
signature, and see if that helps. That line of stars is part of the patch,
and maybe a few blank lines below it. Make the part of the patch at the
bottom, below the lines with the plus signs, match what is already in the
target file.
> -Original Message-
> From: Boyce, Nick [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 18, 2003 2:58 PM
> To: [EMAIL PROTECTED]
> Cc: 'Martin Pool'
> Subject: RE: Annoying Minor Bug In Winbind 2.2.x
>
>
> On 18 Feb 2003, Martin Pool wrote :
>
> > Jeremy already committed my patch to SAMBA_2_2 CVS.
> > Here's the patch.
> >
> > Index: util_sock.c
> > ===
> > RCS file: /data/cvs/samba/source/lib/util_sock.c,v
> > retrieving revision 1.16.4.36
> > retrieving revision 1.16.4.37
> > diff -u -u -p -r1.16.4.36 -r1.16.4.37
> [snip]
>
> I'm sorry - I'm probably doing something dumb, but I still
> get failures even
> with this patch - first, if I save the patch as it appeared
> in my Outlook
> window, then line 25 consists of a single left brace char,
> which results in
> :
>
>MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c
> patch-util_sock-20030218
>patching file util_sock.c
>patch: malformed patch at line 25: {
>
> So assuming line-wrap did something Bad to that line, I
> edited the patch
> file to stick that line onto the end of line 24, resulting in :
>
>MYBOX:/usr/local/src/samba-2.2.7a/source/lib# patch util_sock.c
> patch-util_sock-20030218
>patching file util_sock.c
>Hunk #1 FAILED at 1021.
>1 out of 1 hunk FAILED -- saving rejects to file util_sock.c.rej
>
> and I don't know enough about what I'm looking at to figure it out.
>
> > In general the best thing to do now is leave the main diff
> alone, and
> > only work on the rejected parts in the .rej file.
> Basically you need
> > to work out why patch thinks the 2.2 source file doesn't
> look like the
> > "before" version of the rejected patch.
>
> OK - hang on ... right, it seems the real original 2.2.7a
> util_sock.c really
> *does* have the "{" on line 25 all by itself - but since that gave me
> "malformed patch", I assume the patch needs a "rediff" ???
> Here goes :
>
>MYBOX:/usr/local/src/samba-2.2.7a/source/lib# rediff
> patch-util_sock-20030218.orig patch-util_sock-20030218
>Index: util_sock.c
>===
>RCS file: /data/cvs/samba/source/lib/util_sock.c,v
>retrieving revision 1.16.4.36
>retrieving revision 1.16.4.37
>diff -u -u -p -r1.16.4.36 -r1.16.4.37
>rediff: Not supported: -{
>
> OK - I give up for now ... hlp :(
> [sorry .. for all this trouble over such a minor thing]
>
> Nick Boyce
> EDS Southwest Solution Centre, Bristol, UK
>
>
>
> -Original Message-
> From: 'Martin Pool' [mailto:[EMAIL PROTECTED]]
> Sent: 17 February 2003 23:08
> To: Boyce, Nick
> Cc: [EMAIL PROTECTED]
> Subject: Re: Annoying Minor Bug In Winbind 2.2.x
>
>
> Oh, Jeremy already committed my patch to SAMBA_2_2 CVS. Here's the
> patch.
>
>
>
>
> Index: util_sock.c
> ===
> RCS file: /data/cvs/samba/source/lib/util_sock.c,v
> retrieving revision 1.16.4.36
> retrieving revision 1.16.4.37
> diff -u -u -p -r1.16.4.36 -r1.16.4.37
> --- util_sock.c 26 Aug 2002 20:07:13 - 1.16.4.36
> +++ util_sock.c 7 Feb 2003 22:04:37 - 1.16.4.37
> @@ -1021,102 +1021,97 @@ char *get_socket_addr(int fd)
> /***
> Create protected unix domain socket.
>
> - some unixen cannot set permissions on a ux-dom-sock, so we
> + Some unixes cannot set permissions on a ux-dom-sock, so we
> have to make sure that the directory contains the protection
> - permissions, instead.
> + permissions instead.
> **/
> +
> int create_pipe_sock(const char *socket_dir,
> -
Re: Annoying Minor Bug In Winbind 2.2.x
On 18 Feb 2003, "Boyce, Nick" <[EMAIL PROTECTED]> wrote: > I'm sorry - I'm probably doing something dumb, but I still get failures even > with this patch - first, if I save the patch as it appeared in my Outlook > window, then line 25 consists of a single left brace char, which results in > : You can also download the patch from here http://pserver.samba.org/cgi-bin/cvsweb/samba/source/lib/util_sock.c.diff?r1=1.16.4.36&r2=1.16.4.37 In general you can try using "view source" to get a version that's not folded/spindled/mutilated by Outlook, or the very cool "unwrapdiff" to try to fix the line wrapping. Thanks for persisting. -- Martin
RE: Annoying Minor Bug In Winbind 2.2.x
On 19 Feb 2003, Andrew Esh wrote: > It's probably a line count thing. The head of the patch contains a certain > range of lines that the patch should apply to. If you truncated the patch at > the bottom, the header could be telling patch it needs to add, for example, > 30 lines, while the patch text only contains 28 ... That line of stars is > part of the patch, and maybe a few blank lines below it. Thanks - that was it - the two blank lines below the line of stars were part of the patch (a fact I was able to confirm by comparing with the CVS web ref Martin posted) but I'd missed them out. Patch applied - now recompiling Samba ... done. And now it works fine - I can restart winbindd to my heart's content and "/tmp/.winbindd" gets created with the right permissions and everybody's happy :) Thanks for bearing with me. Nick Boyce EDS Southwest Solution Centre, Bristol, UK
