class = "domain"};
your_usrs := Acl.class {user = getUser (),
class = "user"};
- your_grps := Acl.class {user = getUser (),
- class = "group"};
+ your_grps := SS.add (Acl.class {user = getUser (),
+ class = "group"},
+ "nogroup");
your_pths := your_paths;
readable_pths := SS.union (your_paths, world_readable);
your_ipss := Acl.class {user = getUser (),
fun validNode s = List.exists (fn s' => s = s') nodes
fun yourDomain s = !fakePrivs orelse SS.member (your_domains (), s)
-fun yourUser s = SS.member (your_users (), s)
-fun yourGroup s = SS.member (your_groups (), s)
+fun yourUser s = !fakePrivs orelse SS.member (your_users (), s)
+fun yourGroup s = !fakePrivs orelse SS.member (your_groups (), s)
+
fun checkPath paths path =
+ !fakePrivs orelse
(List.all (fn s => s <> "..") (String.fields (fn ch => ch = #"/") path)
andalso CharVector.all (fn ch => Char.isAlphaNum ch orelse ch = #"." orelse ch = #"/"
orelse ch = #"-" orelse ch = #"_") path
andalso SS.exists (fn s' => path = s' orelse String.isPrefix (s' ^ "/") path) (paths ()))
val yourPath = checkPath your_paths
val readablePath = checkPath readable_paths
+
fun yourIp s = !fakePrivs orelse SS.member (your_ips (), s)
fun yourDomainHost s =
in
print ("New configuration for node " ^ site ^ "\n");
- if site = Config.defaultNode then
+ if site = Config.dispatcherName then
Slave.handleChanges files
else let
val bio = OpenSSL.connect true (valOf (!ssl_context),
Posix.SysDB.Passwd.home (Posix.SysDB.getpwnam uname)
fun homedir () = homedirOf (getUser ())
+ handle e => if !fakePrivs then "/tmp" else raise e
type subject = {node : string, domain : string}