Remove last remnants of -S option support.

This commit is contained in:
Ulrich Drepper 2005-12-30 16:51:19 +00:00
parent 08be1ea824
commit 70e2ebba53
3 changed files with 18 additions and 51 deletions

View File

@ -431,7 +431,7 @@ void
nscd_init (void)
{
/* Secure mode and unprivileged mode are incompatible */
if (server_user != NULL && secure_in_use)
if (server_user != NULL)
{
dbg_log (_("Cannot run nscd in secure mode as unprivileged user"));
exit (4);
@ -1060,29 +1060,28 @@ cannot handle old request version %d; current version is %d"),
case GETSTAT:
case SHUTDOWN:
case INVALIDATE:
if (! secure_in_use)
{
/* Get the callers credentials. */
{
/* Get the callers credentials. */
#ifdef SO_PEERCRED
struct ucred caller;
socklen_t optlen = sizeof (caller);
struct ucred caller;
socklen_t optlen = sizeof (caller);
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &caller, &optlen) < 0)
{
char buf[256];
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &caller, &optlen) < 0)
{
char buf[256];
dbg_log (_("error getting callers id: %s"),
strerror_r (errno, buf, sizeof (buf)));
break;
}
dbg_log (_("error getting callers id: %s"),
strerror_r (errno, buf, sizeof (buf)));
break;
}
uid = caller.uid;
uid = caller.uid;
#else
/* Some systems have no SO_PEERCRED implementation. They don't
care about security so we don't as well. */
uid = 0;
/* Some systems have no SO_PEERCRED implementation. They don't
care about security so we don't as well. */
uid = 0;
#endif
}
}
/* Accept shutdown, getstat and invalidate only from root. For
the stat call also allow the user specified in the config file. */
@ -1376,25 +1375,7 @@ nscd_run (void *p)
#ifdef SO_PEERCRED
pid_t pid = 0;
if (secure_in_use)
{
struct ucred caller;
socklen_t optlen = sizeof (caller);
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &caller, &optlen) < 0)
{
dbg_log (_("error getting callers id: %s"),
strerror_r (errno, buf, sizeof (buf)));
goto close_and_out;
}
if (req.type < GETPWBYNAME || req.type > LASTDBREQ
|| serv2db[req.type]->secure)
uid = caller.uid;
pid = caller.pid;
}
else if (__builtin_expect (debug_level > 0, 0))
if (__builtin_expect (debug_level > 0, 0))
{
struct ucred caller;
socklen_t optlen = sizeof (caller);

View File

@ -70,7 +70,6 @@ int disabled_passwd;
int disabled_group;
int go_background = 1;
int secure_in_use;
static const char *conffile = _PATH_NSCDCONF;
time_t start_time;
@ -366,16 +365,7 @@ parse_opt (int key, char *arg, struct argp_state *state)
break;
case 'S':
#if 0
if (strcmp (arg, "passwd,yes") == 0)
secure_in_use = dbs[pwddb].secure = 1;
else if (strcmp (arg, "group,yes") == 0)
secure_in_use = dbs[grpdb].secure = 1;
else if (strcmp (arg, "hosts,yes") == 0)
secure_in_use = dbs[hstdb].secure = 1;
#else
error (0, 0, _("secure services not implemented anymore"));
#endif
break;
default:

View File

@ -68,7 +68,6 @@ struct database_dyn
const char *db_filename;
time_t file_mtime;
size_t suggested_module;
int secure;
unsigned long int postimeout; /* In seconds. */
unsigned long int negtimeout; /* In seconds. */
@ -122,9 +121,6 @@ extern int nthreads;
/* Maximum number of threads to use. */
extern int max_nthreads;
/* Tables for which we cache data with uid. */
extern int secure_in_use; /* Is one of the above 1? */
/* User name to run server processes as. */
extern const char *server_user;