Displaying 7 results from an estimated 7 matches for "scm_credenti".
2003 Jan 09
1
[Bug 421] compile error on Debian slink
...mments From carl at chage.com 2003-01-10 05:38 -------
I noticed the same problem with a compile error where ucred is undefined in
SUSE Linux 6.1. The problem is the test for SO_PEERCRED-- the feature is not
available even though the define is present. In my linux/socket.h there is
a "#define SCM_CREDENTIALS" next to the ucred definition, so the change from
#if defined(SO_PEERCRED)
to
#if defined(SO_PEERCRED) && defined(SCM_CREDENTIALS)
solves the compile problem, but I don't know which other distributions have the
same. It may be SCM_CREDS or SCM_RIGHTS.
Perhaps the only good...
2018 Aug 22
2
openssh 7.6 and 7.7 on Oracle Linux 7 (compiled from source) doesn't start correctly with systemd
On Wed, 2018-08-22 at 09:02 -0500, kevin martin wrote:
> Simple seems to have fixed it. I was also trying with "forking" as
> the
> type and that was failing as well.
That is not as simple as that -- we lived with "simple" for long time,
but it was not covering some corner cases so we ended up using the
sd_notify, since that was the only reliable way for systemd to
1997 Feb 13
0
Avoiding setuid applications
...vileges.
The sample program is a primitve modem manager that hands out open
file descriptors to modems. This is done by passing the file descriptor
over a UNIX domain socket.
The protocol also provides for some kind of authentication, but it''s
not really good. Recent 2.1 kernels provide SCM_CREDENTIALS passing,
which could be used here.
The source can be found on
ftp://ftp.mathematik.th-darmstadt.de/pub/linux/okir/modemmgr-0.2.tar.gz
Feedback welcome,
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin....
2018 Aug 22
3
openssh 7.6 and 7.7 on Oracle Linux 7 (compiled from source) doesn't start correctly with systemd
...ould be good to have sshd integrate with systemd here, but we
need to avoid the libsystemd dependency.
Fortunately, sd_notify() doesn't need to do all too much; almost
everything is used before in the OpenSSH codebase, so it's easy
enough to add local code for it. It's a sendmsg() with SCM_CREDENTIALS
to the AF_UNIX SOCK_DGRAM named in $NOTIFY_SOCKET.
The file descriptor passing code in monitor_fdpass.c sends other
messages with ancillary data.
Damien, how do you feel about adding the notification without the
dependency, maybe conditioned on a configure.ac check for (Linux-only)
SCM_CREDEN...
1997 Oct 20
1
LPRng security
...setuid enabled (and at first
glance, setuid privileges seem to be handled quite carefully). We''re
currently looking into this. Anybody would like to share their experience
with making LPRng setuid root?
Cheers
Olaf
PS: Excercise to the reader:-) Problems like this can be solved using
the SCM_CREDENTIALS stuff in 2.1.x kernels. Lpr can authenticate itself
with the local lpd via a unix socket, and have lpd forward the job to
the remote printer using a privileged port. Any takers?
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dho...
2010 Mar 13
1
klibc build trouble
as the next klibc release 1.5.16 looks like shaping up,
I have a trouble to build that for Debian.
currently I build depent on linux-libc-dev, I don't know what
against I can build latest klibc, see
klibc fails to build due too:
make -C linux/ ARCH=x86_64 INSTALL_HDR_PATH=debian/tmp/usr/lib/klibc/ headers_install
make[3]: *** No rule to make target `headers_install'. Stop.
make[2]: ***
2010 Jul 07
0
[git pull v2] x86_32, sh4, getrusage()
...ine struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr *__cmsg)
+{
+ return __cmsg_nxthdr(__msg->msg_control, __msg->msg_controllen, __cmsg);
+}
+
+/* "Socket"-level control message types: */
+
+#define SCM_RIGHTS 0x01 /* rw: access rights (array of int) */
+#define SCM_CREDENTIALS 0x02 /* rw: struct ucred */
+#define SCM_SECURITY 0x03 /* rw: security label */
+
+struct ucred {
+ __u32 pid;
+ __u32 uid;
+ __u32 gid;
+};
+#endif /* CMSG_FIRSTHDR */
+
__extern int socket(int, int, int);
__extern int bind(int, struct sockaddr *, int);
commit 23d04ca085b97f8075b0e2296...