[distcc] masquerade confusion

Martin Pool mbp at samba.org
Thu Mar 13 03:47:42 GMT 2003


On 11 Mar 2003, Wayne Davison <wayned at users.sourceforge.net> wrote:

> Just to be clear here, we're not talking about the recently-added distcc
> masquerade support, but the presence of the ccache masquerade links on
> the PATH when distccd was started (the recursion changes that were in
> the masquerade patch handle the case where distccd accidentally calls
> distcc).

That is correct.  It only manifested now because I started running
"cc" (which was intercepted on the server) rather than "distcc
gcc-3.2".

init scripts that start distccd can (should?) reset the PATH to make
sure it does not contain the masquerade directories.  However I am a
bit worried that people will start distcc directly from their shells,
and it will inherit their path.  Especially if they run it with

  # sudo distccd --daemon

then it will switch to a different user, and want to write to their
ccache directory but be unable to.

> One possible way to improve this is to check the PATH when distccd
> starts up.  It could search down the path checking if "cc" is a symlink
> for "distcc" and/or "ccache" and trim off all the dirs up through the
> last masquerade dir we find.  (Seems a bit kludgey, but this might be
> better than nothing.)

Yeah, pretty kludgy.

> If we go this route or not, I'd also suggest adding support to distccd
> for an environment variable named DISTCCD_PATH that would be used to set
> the PATH that distccd will use when running.  This would allow a power
> user to include the ccache masquerade dir in the PATH (if desired), or
> for any other custom PATH to be preconfigured in the user's rc file and
> used for all distccd commands that get started.
> 
> Here's a patch that implements this idea:
> 
>     http://www.blorf.net/distccd.patch

Can you please humour me by writing smaller functions that do just one
thing?  I found dcc_set_path a bit hard to untangle.

The method of checking for masqueraded entries is pretty good.

It may be better to just eliminate matching directories rather than
going from that point onwards.

Since we have asprintf you might as well use it.

It would be good to have a test case that runs dcc_set_path against
different scenarios.

On the whole this seems like a good tradeoff between complexity and
the possibility of the daemon getting confused.

-- 
Martin 


More information about the distcc mailing list