From 6c0b49be2a61e1227f2f730fadf99d7914bbc24a Mon Sep 17 00:00:00 2001
From: Tim Wickberg <tim@schedmd.com>
Date: Thu, 31 Aug 2017 18:26:36 -0600
Subject: [PATCH] Revert "Add slurmdbd versions of SLURM_DROP_PRIV handling."

This reverts commit 46a46b912f803891f603769b6d3dfc65072c21b4.
---
 src/common/slurm_persist_conn.h |  1 -
 src/slurmdbd/proc_req.c         | 26 --------------------------
 2 files changed, 27 deletions(-)

diff --git a/src/common/slurm_persist_conn.h b/src/common/slurm_persist_conn.h
index 76d3bac7faa..3bdaa655188 100644
--- a/src/common/slurm_persist_conn.h
+++ b/src/common/slurm_persist_conn.h
@@ -43,7 +43,6 @@
 #define PERSIST_FLAG_DBD            0x0001
 #define PERSIST_FLAG_RECONNECT      0x0002
 #define PERSIST_FLAG_ALREADY_INITED 0x0004
-#define PERSIST_FLAG_DROP_PRIV      0x0008 /* must match SLURM_DROP_PRIV */
 
 typedef struct {
 	uint16_t msg_type;	/* see slurmdbd_msg_type_t or
diff --git a/src/slurmdbd/proc_req.c b/src/slurmdbd/proc_req.c
index 724993bce61..3e17f7198aa 100644
--- a/src/slurmdbd/proc_req.c
+++ b/src/slurmdbd/proc_req.c
@@ -234,19 +234,6 @@ static int   _step_complete(slurmdbd_conn_t *slurmdbd_conn,
 static int   _step_start(slurmdbd_conn_t *slurmdbd_conn,
 			 persist_msg_t *msg, Buf *out_buffer, uint32_t *uid);
 
-#ifndef NDEBUG
-/*
- * Used alongside the testsuite to signal that the RPC should be processed
- * as an untrusted user, rather than the "real" account. (Which in a lot of
- * testing is likely SlurmUser, and thus allowed to bypass many security
- * checks.
- *
- * Implemented with a thread-local variable to apply only to the current
- * RPC handling thread. Set by SLURM_DROP_PRIV bit in the slurm_msg_t flags.
- */
-static __thread bool drop_priv = false;
-#endif
-
 /* Process an incoming RPC
  * slurmdbd_conn IN/OUT - in will that the conn.fd set before
  *       calling and db_conn and conn.version will be filled in with the init.
@@ -267,7 +254,6 @@ proc_req(void *conn, persist_msg_t *msg,
 
 	DEF_TIMERS;
 	START_TIMER;
-
 	switch (msg->msg_type) {
 	case REQUEST_PERSIST_INIT:
 		rc = _unpack_persist_init(
@@ -610,10 +596,6 @@ proc_req(void *conn, persist_msg_t *msg,
  */
 static bool _validate_slurm_user(uint32_t uid)
 {
-#ifndef NDEBUG
-	if (drop_priv)
-		return false;
-#endif
 	if ((uid == 0) || (uid == slurmdbd_conf->slurm_user_id))
 		return true;
 
@@ -626,10 +608,6 @@ static bool _validate_slurm_user(uint32_t uid)
  */
 static bool _validate_super_user(uint32_t uid, slurmdbd_conn_t *dbd_conn)
 {
-#ifndef NDEBUG
-	if (drop_priv)
-		return false;
-#endif
 	if ((uid == 0) || (uid == slurmdbd_conf->slurm_user_id) ||
 	    assoc_mgr_get_admin_level(dbd_conn, uid) >= SLURMDB_ADMIN_SUPER_USER)
 		return true;
@@ -643,10 +621,6 @@ static bool _validate_super_user(uint32_t uid, slurmdbd_conn_t *dbd_conn)
  */
 static bool _validate_operator(uint32_t uid, slurmdbd_conn_t *dbd_conn)
 {
-#ifndef NDEBUG
-	if (drop_priv)
-		return false;
-#endif
 	if ((uid == 0) || (uid == slurmdbd_conf->slurm_user_id) ||
 	    assoc_mgr_get_admin_level(dbd_conn, uid) >= SLURMDB_ADMIN_OPERATOR)
 		return true;
-- 
GitLab