Bug 1028134 - snapper: user/group name resolution
Summary: snapper: user/group name resolution
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: snapper
Version: 7.0
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: rc
: 7.1
Assignee: LVM and device-mapper development team
QA Contact: Storage QE
URL:
Whiteboard:
Depends On: 1163208
Blocks: 1028133
TreeView+ depends on / blocked
 
Reported: 2013-11-07 18:06 UTC by Florian Weimer
Modified: 2021-09-03 13:03 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1163208 (view as bug list)
Environment:
Last Closed: 2020-08-19 21:19:10 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Florian Weimer 2013-11-07 18:06:52 UTC 
_SC_GETPW_R_SIZE_MAX and _SC_GETGR_R_SIZE_MAX are only size *hints*.  Their names are misleading, it is not a maximum size.  snapperd should still loop around the getpwnam_r and getgrnam_r calls and allocate more memory as necessary (on the heap, not the stack).  This is required so that users in many groups and groups with many users can access snapperd.  Affected the functions get_user_uid and get_group_uids in server/MetaSnapper.cc.
Comment 3 Ondrej Kozina 2014-02-26 12:10:53 UTC 
We'll advise not to set ALLOW_USERS or ALLOW_GROUPS in snapper config anyway. It would bypass MAC and would expose files not visible to identities in ALLOW_*
Comment 6 RHEL Program Management 2015-05-06 11:45:49 UTC 
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Comment 7 Ondrej Kozina 2015-05-06 11:59:42 UTC 
should have been Cond NAK only
Comment 10 Jakub Krysl 2019-10-02 11:45:09 UTC 
Mass migration to lilin.
Note You need to log in before you can comment on or make changes to this bug.