Bug 1028134

Summary: snapper: user/group name resolution
Product: Red Hat Enterprise Linux 7 Reporter: Florian Weimer <fweimer>
Component: snapperAssignee: LVM and device-mapper development team <lvm-team>
snapper sub component: general QA Contact: Storage QE <storage-qe>
Status: CLOSED WONTFIX Docs Contact:
Severity: low    
Priority: low CC: agk, jbrassow, msnitzer, okozina, prajnoha, zkabelac
Version: 7.0Keywords: Reopened
Target Milestone: rc   
Target Release: 7.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1163208 (view as bug list) Environment:
Last Closed: 2020-08-19 21:19:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1163208    
Bug Blocks: 1028133    

Description Florian Weimer 2013-11-07 18:06:52 UTC 
_SC_GETPW_R_SIZE_MAX and _SC_GETGR_R_SIZE_MAX are only size *hints*.  Their names are misleading, it is not a maximum size.  snapperd should still loop around the getpwnam_r and getgrnam_r calls and allocate more memory as necessary (on the heap, not the stack).  This is required so that users in many groups and groups with many users can access snapperd.  Affected the functions get_user_uid and get_group_uids in server/MetaSnapper.cc.
Comment 3 Ondrej Kozina 2014-02-26 12:10:53 UTC 
We'll advise not to set ALLOW_USERS or ALLOW_GROUPS in snapper config anyway. It would bypass MAC and would expose files not visible to identities in ALLOW_*
Comment 6 RHEL Program Management 2015-05-06 11:45:49 UTC 
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Comment 7 Ondrej Kozina 2015-05-06 11:59:42 UTC 
should have been Cond NAK only
Comment 10 Jakub Krysl 2019-10-02 11:45:09 UTC 
Mass migration to lilin.