 |
 |
We have several problems with XRootD using seteuid/setegid in KRB5 and GSI plugins since seteuid is not thread local. Would it be possible (atleast on Linux) to run with seteuid(0) + setfsuid(<xrootd-user>) + setfsgid(<xrootd-group>) and provide a guard function which is changing temporarily the filesystem uid/gid not the effective user ID ... (this is thread local on linux !!!!). If this approach is used one can actually keep the way KRB5 and GSI plugins are implemented to be able to read the keytab etc. --- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/67 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1