| blob | 662d2b9187e9c33adfcfc1da8a4a1d581182272b |
1 This patch deactivates the authentication.
2 It should work but the result of getpeerucred is ENOTSUP (48).
3 If you run corosync and pacemaker as root it doesn't matter.
4 The function is used is to assure that the processess started by pacemaker run as root.
5 If you run pacemaker as root it doesn't matter.
7 diff --git pacemaker-Pacemaker-1.1.21/lib/common/ipc.c.~1~ pacemaker-Pacemaker-1.1.21/lib/common/ipc.c
8 index 3e547f32a..5abb1cfb9 100644
9 --- pacemaker-Pacemaker-1.1.21/lib/common/ipc.c.~1~
10 +++ pacemaker-Pacemaker-1.1.21/lib/common/ipc.c
11 @@ -1447,7 +1447,7 @@ crm_ipc_is_authentic_process(int sock, uid_t refuid, gid_t refgid,
12 found_pid = PCMK__SPECIAL_PID; /* cannot obtain PID (FreeBSD) */
14 #elif defined(US_AUTH_GETPEERUCRED)
15 - ucred_t *ucred;
16 + ucred_t *ucred = NULL;
17 if (!getpeerucred(sock, &ucred)) {
18 errno = 0;
19 found_pid = ucred_getpid(ucred);
20 @@ -1457,7 +1457,8 @@ crm_ipc_is_authentic_process(int sock, uid_t refuid, gid_t refgid,
21 if (ret) {
22 return (ret < 0) ? ret : -pcmk_err_generic;
23 }
24 -
25 + }
26 + if (1) {
27 #else
28 # error "No way to authenticate a Unix socket peer"
29 errno = 0;