HCoop / hcoop / debian / openafs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Import Upstream version 1.8.5
[hcoop/debian/openafs.git] / src / uss / uss_ptserver.c
1 /*
2 * Copyright 2000, International Business Machines Corporation and others.
3 * All Rights Reserved.
4 *
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
8 */
9
10 /*
11 * Implementation of basic procedures for the AFS user account
12 * facility.
13 */
14
15 /*
16 * --------------------- Required definitions ---------------------
17 */
18 #include <afsconfig.h>
19 #include <afs/param.h>
20
21 #include <roken.h>
22
23 #include <afs/ptclient.h> /*Protection Server client interface */
24 #include <afs/pterror.h> /*Protection Server error codes */
25 #include <afs/ptuser.h>
26 #include <afs/com_err.h> /*Error code xlation */
27
28 #include "uss_ptserver.h" /*Module interface */
29
30 #undef USS_PTSERVER_DB
31
32 extern int line;
33
34
35 /*
36 * ---------------------- Private definitions ---------------------
37 */
38 #define uss_ptserver_MAX_SIZE 2048
39
40
41 /*
42 * ------------------------ Private globals -----------------------
43 */
44 static int initDone = 0; /*Module initialized? */
45
46
47 /*-----------------------------------------------------------------------
48 * static InitThisModule
49 *
50 * Description:
51 * Set up this module, namely make the connection to the Protection
52 * Server.
53 *
54 * Arguments:
55 * None.
56 *
57 * Returns:
58 * 0 if everything went fine, or
59 * lower-level error code otherwise.
60 *
61 * Environment:
62 * This routine will only be called once.
63 *
64 * Side Effects:
65 * As advertised.
66 *------------------------------------------------------------------------*/
67
68 static afs_int32
69 InitThisModule(void)
70 { /*InitThisModule */
71
72 #ifdef USS_PTSERVER_DB
73 static char rn[] = "uss_ptserver:InitThisModule"; /*Routine name */
74 #endif
75 afs_int32 code; /*Return code */
76
77 /*
78 * Only once, guys.
79 */
80 if (initDone)
81 return (0);
82
83 /*
84 * Connect up with the Protection Server.
85 */
86 #ifdef USS_PTSERVER_DB
87 printf
88 ("%s: Initializing Protection Server: security=1, confdir = '%s', cell = '%s'\n",
89 rn, uss_ConfDir, uss_Cell);
90 #endif /* USS_PTSERVER_DB */
91 code = pr_Initialize(1, /*Security level */
92 uss_ConfDir, /*Config directory */
93 uss_Cell); /*Cell to touch */
94 if (code) {
95 afs_com_err(uss_whoami, code,
96 "while initializing Protection Server library");
97 return (code);
98 }
99
100 initDone = 1;
101 return (0);
102
103 } /*InitThisModule */
104
105
106 /*-----------------------------------------------------------------------
107 * EXPORTED uss_ptserver_AddUser
108 *
109 * Environment:
110 * The common DesiredUID variable, if non-zero, is the value
111 * desired for the user's uid.
112 *
113 * Side Effects:
114 * As advertised.
115 *------------------------------------------------------------------------*/
116
117 afs_int32
118 uss_ptserver_AddUser(char *a_user, char *a_uid)
119 { /*uss_ptserver_AddUser */
120
121 afs_int32 code; /*Various return codes */
122 afs_int32 id = uss_DesiredUID; /*ID desired for user, if any */
123 afs_int32 mappedUserID; /*ID user already has */
124
125 if (uss_verbose) {
126 fprintf(stderr, "Adding user '%s' to the Protection DB\n", a_user);
127 if (id)
128 fprintf(stderr, "\t[Presetting uid to %d]\n", id);
129 }
130
131 /*
132 * Make sure we're initialized before doing anything.
133 */
134 if (!initDone) {
135 code = InitThisModule();
136 if (code)
137 return (code);
138 }
139
140 /*
141 * If this is a dry run, we still need to setup the uid before
142 * returning.
143 */
144 if (uss_DryRun) {
145 fprintf(stderr, "\t[Dry run - user %d not created]\n",
146 uss_DesiredUID);
147 sprintf(a_uid, "%d", uss_DesiredUID);
148 return (0);
149 }
150
151 /*
152 * Go ahead and create the user.
153 */
154 code = pr_CreateUser(a_user, &id);
155 if (code) {
156 if (code == PREXIST || code == PRIDEXIST) {
157 if (code == PREXIST)
158 fprintf(stderr,
159 "%s: Warning: '%s' already in the Protection DB\n",
160 uss_whoami, a_user);
161 else
162 fprintf(stderr,
163 "%s: Warning: Id '%d' already in Protection DB\n",
164 uss_whoami, id);
165
166 /*
167 * Make sure the user name given matches the id that has
168 * already been registered with the Protection Server.
169 *
170 * Note: pr_SNameToId ONLY returns a non-zero error code
171 * for a major problem, like a network partition, so we
172 * have to explicitly check the ID returned against
173 * ANONYMOUSID, which is what we get when there is no
174 * ID known for the user name.
175 */
176 mappedUserID = id;
177 if ((code = pr_SNameToId(a_user, &mappedUserID))) {
178 afs_com_err(uss_whoami, code,
179 "while getting uid from Protection Server");
180 return (code);
181 }
182 if (mappedUserID == ANONYMOUSID) {
183 fprintf(stderr,
184 "%s: User '%s' unknown, yet given id (%d) already has a mapping!\n",
185 uss_whoami, a_user, id);
186 return (PRIDEXIST);
187 }
188 if (id == 0)
189 id = mappedUserID;
190 else if (mappedUserID != id) {
191 fprintf(stderr,
192 "%s: User '%s' already has id %d; won't assign id %d\n",
193 uss_whoami, a_user, mappedUserID, id);
194 return (PRIDEXIST);
195 }
196 } else {
197 /*
198 * Got a fatal error.
199 */
200 afs_com_err(uss_whoami, code, "while accessing Protection Server");
201 return (code);
202 }
203 }
204 /*Create the user's protection entry */
205 sprintf(a_uid, "%d", id);
206 if (uss_verbose)
207 fprintf(stderr, "The uid for user '%s' is %s\n", a_user, a_uid);
208
209 /*
210 * Return sweetness & light.
211 */
212 return (0);
213
214 } /*uss_ptserver_AddUser */
215
216
217 /*-----------------------------------------------------------------------
218 * EXPORTED uss_ptserver_DelUser
219 *
220 * Environment:
221 * Nothing interesting.
222 *
223 * Side Effects:
224 * As advertised.
225 *------------------------------------------------------------------------*/
226
227 afs_int32
228 uss_ptserver_DelUser(char *a_name)
229 { /*uss_ptserver_DelUser */
230
231 afs_int32 code; /*Various return codes */
232
233 /*
234 * Make sure we're initialized before doing anything.
235 */
236 if (!initDone) {
237 code = InitThisModule();
238 if (code)
239 return (code);
240 }
241
242 if (uss_DryRun) {
243 fprintf(stderr,
244 "\t[Dry run - user '%s' not deleted from Protection DB]\n",
245 a_name);
246 return (0);
247 }
248
249 if (uss_verbose)
250 fprintf(stderr, "Deleting user '%s' from the Protection DB\n",
251 a_name);
252
253 /*
254 * Go ahead and delete the user.
255 */
256 code = pr_Delete(a_name);
257 if (code) {
258 if (code == PRNOENT) {
259 /*
260 * There's no entry for that user in the Protection DB,
261 * so our job is done.
262 */
263 fprintf(stderr,
264 "%s: Warning: User '%s' not found in Protection DB\n",
265 uss_whoami, a_name);
266 } /*User not registered */
267 else {
268 afs_com_err(uss_whoami, code,
269 "while deleting user from Protection DB");
270 return (code);
271 } /*Fatal PTS error */
272 }
273
274 /*Error in deletion */
275 /*
276 * Return sweetness & light.
277 */
278 return (0);
279
280 } /*uss_ptserver_DelUser */
281
282
283 /*-----------------------------------------------------------------------
284 * EXPORTED uss_ptserver_XlateUser
285 *
286 * Environment:
287 * Nothing interesting.
288 *
289 * Side Effects:
290 * As advertised.
291 *------------------------------------------------------------------------*/
292
293 afs_int32
294 uss_ptserver_XlateUser(char *a_user, afs_int32 *a_uidP)
295 { /*uss_ptserver_XlateUser */
296 #ifdef USS_PTSERVER_DB
297 static char rn[] = "uss_ptserver_XlateUser"; /*Routine name */
298 #endif
299 afs_int32 code; /*Various return codes */
300
301 if (uss_verbose)
302 fprintf(stderr, "Translating user '%s' via the Protection DB\n",
303 a_user);
304
305 /*
306 * Make sure we're initialized before doing anything.
307 */
308 if (!initDone) {
309 code = InitThisModule();
310 if (code)
311 return (code);
312 }
313
314 /*
315 * Note: pr_SNameToId ONLY returns a non-zero error code
316 * for a major problem, like a network partition, so we
317 * have to explicitly check the ID returned against
318 * ANONYMOUSID, which is what we get when there is no
319 * ID known for the user name.
320 */
321 *a_uidP = 0;
322 code = pr_SNameToId(a_user, a_uidP);
323 if (code) {
324 afs_com_err(uss_whoami, code, "while getting uid from Protection DB");
325 return (code);
326 }
327 if (*a_uidP == ANONYMOUSID) {
328 fprintf(stderr, "%s: No entry for user '%s' in the Protection DB\n",
329 uss_whoami, a_user);
330 return (code);
331 }
332
333 /*
334 * Return sweetness & light.
335 */
336 #ifdef USS_PTSERVER_DB
337 printf("%s: User '%s' maps to uid %d\n", rn, a_user, *a_uidP);
338 #endif /* USS_PTSERVER_DB */
339 return (0);
340
341 } /*uss_ptserver_XlateUser */
openafs packaging