LISTSERV 16.5 - XROOTD-DEV Archives

OK, the sad story is the way we are approaching this is forbidden in the XRootD framework. Background tasks must be self-contained. They are forbidden to rely on the existence of any objects outside of their environment. This is because objects outside their environment may disappear. For instance, the object that launched a background task may go away because the client decided to close the connection.

So, the solution here is to make sure the uid/gid is correctly established in the post-authentication plugin (which is what you really want to do in any case). Then I can pass a stripped down version of the SecEntity object with that uid/gid in it so you can use it for setfsuid/fsgid (btw those are deprecated now so they may not be there in the future).

This does not address a similar problem for bridged protocols (e.g. HTTP). Here I would have to also provide a plugin mechanism for you to decorate the SecEntity object when the protocol logs into the bridge. It's doable and the interface would not be any different from the one the xroot protocol uses.

Let me know how you want to proceed.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/1319#issuecomment-720999931", "url": "https://github.com/xrootd/xrootd/pull/1319#issuecomment-720999931", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1