Displaying 4 results from an estimated 4 matches for "check_if_allow".
Did you mean:
check_if_allowed
2020 Oct 03
0
[PATCH nbdkit v2 2/3] ip: Add filtering by process ID, user ID and group ID.
...pid () == rule->u.id;
+
+ case UID:
+ if (family != AF_UNIX) return false;
+ return nbdkit_peer_uid () == rule->u.id;
+
+ case GID:
+ if (family != AF_UNIX) return false;
+ return nbdkit_peer_gid () == rule->u.id;
+
case BAD:
default:
abort ();
@@ -430,8 +485,10 @@ check_if_allowed (const struct sockaddr *addr)
{
int family = ((struct sockaddr_in *)addr)->sin_family;
- /* There's an implicit allow all for non-IP sockets, see the manual. */
- if (family != AF_INET && family != AF_INET6)
+ /* There's an implicit allow all for non-IP, non-Unix socke...
2020 Oct 05
4
[PATCH nbdkit v3 0/4] ip: Add filtering by process ID, user ID and group ID.
v2 was here:
https://www.redhat.com/archives/libguestfs/2020-October/msg00019.html
v3:
* defence -> defense
* Use int64_t instead of int. This compiles on Windows.
* Add GC wrappers to OCaml bindings.
* New FreeBSD patch.
* Removed "pid:" example from the ip filter manual, and added a warning
beside the pid documentation.
Rich.
2020 Oct 03
7
[PATCH nbdkit v2 0/3] ip: Add filtering by process ID, user ID and group ID.
This is just a simple update to:
https://www.redhat.com/archives/libguestfs/2020-October/msg00015.html
rebased on top of current nbdkit master because I pushed a few simple
refactorings.
Rich.
2020 Oct 03
2
[PATCH nbdkit 0/2] ip: Add filtering by process ID, user ID and group ID.
These two commits add new APIs and enhance nbdkit-ip-filter to allow
filtering of Unix domain sockets by the client's PID, UID or GID. eg:
nbdkit -U sock --filter=ip ... allow=uid:`id -u` deny=all
Rich.