PCP Updates: Check user credentials for pmlogger control connections via

To:	pcp@xxxxxxxxxxx
Subject:	PCP Updates: Check user credentials for pmlogger control connections via AF_UNIX
From:	Dave Brolley <brolley@xxxxxxxxxx>
Date:	Tue, 18 Mar 2014 12:10:44 -0400
Delivered-to:	pcp@xxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0

This change implements a simple user credential check for pmloggercontrol connections via the AF_UNIX socket. The implementation(hopefully!) as discussed in


http://oss.sgi.com/pipermail/pcp/2014-March/004537.html

which is to initially accept connections from root (uid==0) and from thesame user as the one running pmlogger. There is a bit of a grey areawith the latter, as pmlogger is a setuid program which sometimes setsits effective user to be the 'pcp' user. In this initial implementation,I allowed connections from users with the same uid and euid as pmlogger.


As always the code is on the brolley/dev branch of pcpfans.

Dave
------------------------------------------------------------
commit f06a7f06b614feefea14f27b2723ed8606de9e8f
Author: Dave Brolley <brolley@xxxxxxxxxx>
Date:   Tue Mar 18 11:41:57 2014 -0400

For pmlogger control connections via AF_UNIX, check the connector'scredentials.


    This initial implementation allows connections by root and
    by the same user as the one running pmlogger.

<Prev in Thread]	Current Thread	[Next in Thread>
PCP Updates: Check user credentials for pmlogger control connections via AF_UNIX, Dave Brolley <=

Previous by Date:	PacketTrap users, Aileen Lewis
Next by Date:	Re: PCP developers meeting minutes - 21st March, Frank Ch. Eigler
Previous by Thread:	PacketTrap users, Aileen Lewis
Next by Thread:	1st International Conference meeting, Program Coordinator
Indexes:	[Date] [Thread] [Top] [All Lists]