TECH日記

技術の薀蓄

mkstemp() for win32

2008-01-26 09:25:47 | Weblog
仕様
http://www.linux.or.jp/JM/html/LDP_man-pages/man3/mkstemp.3.html

実装Hint
16進数を使うのは頭いいですね
http://lists.osuosl.org/pipermail/darcs-devel/attachments/20050127/ef5b98af/
attachment.bin

GetTempFileName()関数を考えてが、フォルダー文字("\")の問題であきらめた
http://www.ipa.go.jp/security/awareness/vendor/programmingv2/contents/c603.h
tml
http://nienie.com/~masapico/api_GetTempFileName.html

乱数の初期化
自分で考えたが、同じやり方みたい
http://www9.plala.or.jp/sgwr-t/lib/srand.html

Printf
http://www.linux.or.jp/JM/html/LDP_man-pages/man3/snprintf.3.html


ソースコード
// license free and risk free
// 自由に使っていいですが動作保障しません
int mkstemp(char *temp)
{
// 乱数を初期化(最初のみ)
static bool rand_seed_done;
if(!rand_seed_done)
{
srand((unsigned)time(NULL));
rand_seed_done = true;
}

// 空引数禁止
if(!temp) { return -1;}

// 最後6文字がXかを確認
size_t len = strlen(temp);
if(len <6 || strcmp(temp+len-6, "XXXXXX") ) // 最後6文字X以外はダメ
//errno = EINVAL;
return -1;
}

// ファイル名作成
_snprintf(temp+len-6, 2,"%02x", rand()); // 引数が定数の場合
ここでエラー
_snprintf(temp+len-4, 2,"%02x", rand());
_snprintf(temp+len-2, 2,"%02x", rand());
*(temp+len) = 0; // 念のため

return open(temp, O_CREAT | O_RDWR, 0666);
}


もう少し頑張ればちゃんとしたファイル名もつくれるけどね。まぁいいか

can not access saamba on redhat as 5

2008-01-02 23:41:53 | Weblog
start samba service on redhat as 5, but can not access it from windows box, got this errors in server log


smbd/service.c:make_connection_snum(1003) does not exist or permission denied when connecting to Error was 許可がありません

[2007/12/26 16:03:24, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:24, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:24, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:24, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:24, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:25, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:25, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:44, 0] smbd/service.c:make_connection_snum(1003) '/home/izaoi' does not exist or permission denied when connecting to [izaoi] Error was 許可がありません
[2007/12/26 16:03:44, 0] smbd/service.c:make_connection(1191) fm-198778267 (10.68.80.72) couldn't find service izayo

tree connect failed: NT_STATUS_BAD_NETWORK_NAME

see audit.log, found this:

type=AVC msg=audit(1198654162.789:143): avc: denied { search } for pid=6780 comm="smbd" name="home" dev=dm-0 ino=983041 scontext=root:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir
type=SYSCALL msg=audit(1198654162.789:143): arch=40000003 syscall=195 success=no exit=-13 a0=9248668 a1=bfe62d30 a2=3eaff4 a3=bfe62d30 items=0 ppid=6767 pid=6780 auid=0 uid=500 gid=0 euid=500 suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) comm="smbd" exe="/usr/sbin/smbd" subj=root:system_r:smbd_t:s0 key=(null)
type=AVC msg=audit(1198654182.373:144): avc: denied { search } for pid=6780 comm="smbd" name="home" dev=dm-0 ino=983041 scontext=root:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir
type=SYSCALL msg=audit(1198654182.373:144): arch=40000003 syscall=195 success=no exit=-13 a0=928e248 a1=bfe62d30 a2=3eaff4 a3=bfe62d30 items=0 ppid=6767 pid=6780 auid=0 uid=500 gid=0 euid=500 suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) comm="smbd" exe="/usr/sbin/smbd" subj=root:system_r:smbd_t:s0 key=(null)


Answer: the Firewall named SELinux is running, and block the connect.

to stop it, use this command


getenforce で確認
setenforce 0 で停止

ref
http://kajuhome.com/cgi-bin/patio/patio.cgi?mode=view&no=928
http://homepage.dynalias.net/linux/archives/2005/12/selinux.html