nfsidmap calls keyctl_set_timeout after the key has been
instantiated, by which time our key modification privileges
have been removed. Move the timeout setting prior to key
instantiation.
Reviewed-by: Jeff Layton jlayton@xxxxxxxxxx
Signed-off-by: Jan Sanislo oystr@xxxxxxxxxxxxxxxxx
--- a/nfs-utils-1.2.6/utils/nfsidmap/nfsidmap.c
+++ b/nfs-utils-1.2.6/utils/nfsidmap/nfsidmap.c
@@ -320,6 +320,16 @@
key, type, value, timeout);
}
+ /*
+ * Set timeout before instantiation revokes our rights
+ * over the key.
+ */
+ if ( timeout > 0 ) {
+ rc = keyctl_set_timeout(key, timeout);
+ if ( rc != 0 )
+ xlog_warn("keyctl_set_timeout key 0x%x failed: %m",key);
+ }
+
if (strcmp(type, "uid") == 0)
rc = id_lookup(value, key, USER);
else if (strcmp(type, "gid") == 0)
@@ -329,10 +339,6 @@
else if (strcmp(type, "group") == 0)
rc = name_lookup(value, key, GROUP);
- /* Set timeout to 10 (600 seconds) minutes */
- if (rc == 0)
- keyctl_set_timeout(key, timeout);
-
free(arg);
return rc;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
