Closed matyasselmeci closed 8 months ago
@matyasselmeci - can you do a small refactor to have the denial statement in the same line? Makes it more grep-able. That is, replace
m_log.Emsg("UserSentry", "Failure when looking up UID for username", username.c_str(), strerror(retval));
m_log.Emsg("UserSentry", "Multiuser denying access");
with
m_log.Emsg("UserSentry", "Multiuser denying access: Failure when looking up UID for username", username.c_str(), strerror(retval));
Good idea! Updated.
Since the various operations just return -EACCES when xrootd-multiuser couldn't change users (or groups), it's confusing whether access is denied by the file system, or by xrootd-multiuser itself. Make it explicit via a log message.