From 02cf898f11d506a4c3df111f602410daaed5e12a Mon Sep 17 00:00:00 2001
From: Moe Jette <jette1@llnl.gov>
Date: Mon, 24 Mar 2003 17:58:08 +0000
Subject: [PATCH] Correct argument to slurm_ping() in scontrol. Don't
 authenticate most RPCs processed by backup controller (only check SHUTDOWN,
 etc.).

---
 src/slurmctld/controller.c | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/src/slurmctld/controller.c b/src/slurmctld/controller.c
index d5363b7639d..8c362c5777e 100644
--- a/src/slurmctld/controller.c
+++ b/src/slurmctld/controller.c
@@ -2327,27 +2327,28 @@ static int _background_process_msg(slurm_msg_t * msg)
 {
 	int error_code = SLURM_SUCCESS;
 	uid_t uid;
+	bool super_user = false;
 
 	uid = g_slurm_auth_get_uid(msg->cred);
-	if ((uid != 0) && (uid != getuid())) {
-		error("Security violation, SHUTDOWN RPC from uid %u",
-		      (unsigned int) uid);
-		error_code = ESLURM_USER_ID_MISSING;
-	}
+	if ((uid == 0) || (uid == getuid()))
+		super_user = true;
 
 	if (error_code == SLURM_SUCCESS) {
 		if (msg->msg_type == REQUEST_PING) {
 			;
-		} else if (msg->msg_type == REQUEST_SHUTDOWN_IMMEDIATE) {
-			debug3
-			    ("Performing RPC: REQUEST_SHUTDOWN_IMMEDIATE");
-		} else if (msg->msg_type == REQUEST_SHUTDOWN) {
+		} else if (super_user && 
+			   (msg->msg_type == REQUEST_SHUTDOWN_IMMEDIATE)) {
+			debug3("Performing RPC: REQUEST_SHUTDOWN_IMMEDIATE");
+		} else if (super_user && 
+			   (msg->msg_type == REQUEST_SHUTDOWN)) {
 			debug("Performing RPC: REQUEST_SHUTDOWN");
 			pthread_kill(thread_id_sig, SIGTERM);
-		} else if (msg->msg_type == REQUEST_CONTROL) {
+		} else if (super_user && 
+			   (msg->msg_type == REQUEST_CONTROL)) {
 			debug3("Ignoring RPC: REQUEST_CONTROL");
 		} else {
-			error("Invalid RPC received %d", msg->msg_type);
+			error("Invalid RPC received %d from uid %u", 
+			      msg->msg_type, uid);
 			error_code = SLURM_COMMUNICATIONS_RECEIVE_ERROR;
 		}
 	}
-- 
GitLab