[master] fac01a5 differenciate JAIL_MASTER_HIGH into _PRIVPORT and _STORAGE

Fri Mar 13 20:02:29 CET 2015

commit fac01a55b7123c963bc8e4f9f048244d309ebc3d
Author: Nils Goroll <nils.goroll at uplex.de>
Date:   Fri Mar 13 20:01:56 2015 +0100

    differenciate JAIL_MASTER_HIGH into _PRIVPORT and _STORAGE

diff --git a/bin/varnishd/mgt/mgt.h b/bin/varnishd/mgt/mgt.h
index 8428b55..94eaef9 100644
--- a/bin/varnishd/mgt/mgt.h
+++ b/bin/varnishd/mgt/mgt.h
@@ -73,7 +73,8 @@ enum jail_subproc_e {
 
 enum jail_master_e {
 	JAIL_MASTER_LOW,
-	JAIL_MASTER_HIGH,
+	JAIL_MASTER_STORAGE,
+	JAIL_MASTER_PRIVPORT,
 };
 
 typedef int jail_init_f(char **);
diff --git a/bin/varnishd/mgt/mgt_acceptor.c b/bin/varnishd/mgt/mgt_acceptor.c
index dba338e..3d3908a 100644
--- a/bin/varnishd/mgt/mgt_acceptor.c
+++ b/bin/varnishd/mgt/mgt_acceptor.c
@@ -62,7 +62,7 @@ MAC_open_sockets(void)
 	struct listen_sock *ls;
 	int good = 0;
 
-	VJ_master(JAIL_MASTER_HIGH);
+	VJ_master(JAIL_MASTER_PRIVPORT);
 	VTAILQ_FOREACH(ls, &heritage.socks, list) {
 		if (ls->sock >= 0) {
 			good++;
diff --git a/bin/varnishd/mgt/mgt_cli.c b/bin/varnishd/mgt/mgt_cli.c
index 7f754e1..7c395a6 100644
--- a/bin/varnishd/mgt/mgt_cli.c
+++ b/bin/varnishd/mgt/mgt_cli.c
@@ -522,7 +522,7 @@ mct_callback(void *priv, const struct suckaddr *sa)
 	char pbuf[VTCP_PORTBUFSIZE];
 	struct telnet *tn;
 
-	VJ_master(JAIL_MASTER_HIGH);
+	VJ_master(JAIL_MASTER_PRIVPORT);
 	sock = VTCP_listen(sa, 10, &err);
 	VJ_master(JAIL_MASTER_LOW);
 	assert(sock != 0);		// We know where stdin is
diff --git a/bin/varnishd/mgt/mgt_jail_solaris.c b/bin/varnishd/mgt/mgt_jail_solaris.c
index 1ad6ce7..d213356 100644
--- a/bin/varnishd/mgt/mgt_jail_solaris.c
+++ b/bin/varnishd/mgt/mgt_jail_solaris.c
@@ -236,7 +236,8 @@ enum jail_gen_e {
 	JAILG_SUBPROC_WORKER = JAIL_SUBPROC_WORKER,
 
 	JAILG_MASTER_LOW = JAIL_MASTER_LOW << JAILG_SHIFT,
-	JAILG_MASTER_HIGH = JAIL_MASTER_HIGH << JAILG_SHIFT
+	JAILG_MASTER_STORAGE = JAIL_MASTER_STORAGE << JAILG_SHIFT
+	JAILG_MASTER_PRIVPORT = JAIL_MASTER_PRIVPORT << JAILG_SHIFT
 };
 
 static inline enum jail_gen_e
diff --git a/bin/varnishd/mgt/mgt_jail_unix.c b/bin/varnishd/mgt/mgt_jail_unix.c
index 09d14f6..f54c4c0 100644
--- a/bin/varnishd/mgt/mgt_jail_unix.c
+++ b/bin/varnishd/mgt/mgt_jail_unix.c
@@ -138,7 +138,8 @@ vju_init(char **args)
 static void __match_proto__(jail_master_f)
 vju_master(enum jail_master_e jme)
 {
-	if (jme == JAIL_MASTER_HIGH)
+	if (jme == JAIL_MASTER_STORAGE ||
+	    jme == JAIL_MASTER_PRIVPORT)
 		AZ(seteuid(0));
 	else
 		AZ(seteuid(vju_uid));
@@ -209,7 +210,7 @@ vju_make_workdir(const char *dname)
 static void
 vju_storage_file(int fd)
 {
-	/* Called under JAIL_MASTER_HIGH */
+	/* Called under JAIL_MASTER_STORAGE */
 
 	AZ(fchmod(fd, 0600));
 	AZ(fchown(fd, vju_uid, vju_gid));
diff --git a/bin/varnishd/storage/stevedore_utils.c b/bin/varnishd/storage/stevedore_utils.c
index 5d29080..96e24cc 100644
--- a/bin/varnishd/storage/stevedore_utils.c
+++ b/bin/varnishd/storage/stevedore_utils.c
@@ -91,7 +91,7 @@ STV_GetFile(const char *fn, int *fdp, const char **fnp, const char *ctx)
 	*fdp = -1;
 
 	/* try to create a new file of this name */
-	VJ_master(JAIL_MASTER_HIGH);
+	VJ_master(JAIL_MASTER_STORAGE);
 	fd = open(fn, O_RDWR | O_CREAT | O_EXCL | O_LARGEFILE, 0600);
 	if (fd >= 0) {
 		VJ_storage_file(fd);

