2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
11 * Implementation of basic procedures for the AFS user account
16 * --------------------- Required definitions ---------------------
18 #include <afsconfig.h>
19 #include <afs/param.h>
24 #include "uss_ptserver.h" /*Module interface */
25 #include <afs/ptclient.h> /*Protection Server client interface */
26 #include <afs/pterror.h> /*Protection Server error codes */
27 #include <afs/com_err.h> /*Error code xlation */
30 #undef USS_PTSERVER_DB
36 * ---------------------- Private definitions ---------------------
38 #define uss_ptserver_MAX_SIZE 2048
42 * ------------------------ Private globals -----------------------
44 static int initDone = 0; /*Module initialized? */
47 /*-----------------------------------------------------------------------
48 * static InitThisModule
51 * Set up this module, namely make the connection to the Protection
58 * 0 if everything went fine, or
59 * lower-level error code otherwise.
62 * This routine will only be called once.
66 *------------------------------------------------------------------------*/
72 static char rn[] = "uss_ptserver:InitThisModule"; /*Routine name */
73 register afs_int32 code; /*Return code */
82 * Connect up with the Protection Server.
84 #ifdef USS_PTSERVER_DB
86 ("%s: Initializing Protection Server: security=1, confdir = '%s', cell = '%s'\n",
87 rn, uss_ConfDir, uss_Cell);
88 #endif /* USS_PTSERVER_DB */
89 code = pr_Initialize(1, /*Security level */
90 uss_ConfDir, /*Config directory */
91 uss_Cell); /*Cell to touch */
93 com_err(uss_whoami, code,
94 "while initializing Protection Server library");
101 } /*InitThisModule */
104 /*-----------------------------------------------------------------------
105 * EXPORTED uss_ptserver_AddUser
108 * The common DesiredUID variable, if non-zero, is the value
109 * desired for the user's uid.
113 *------------------------------------------------------------------------*/
116 uss_ptserver_AddUser(a_user, a_uid)
120 { /*uss_ptserver_AddUser */
122 afs_int32 code; /*Various return codes */
123 afs_int32 id = uss_DesiredUID; /*ID desired for user, if any */
124 afs_int32 mappedUserID; /*ID user already has */
127 fprintf(stderr, "Adding user '%s' to the Protection DB\n", a_user);
129 fprintf(stderr, "\t[Presetting uid to %d]\n", id);
133 * Make sure we're initialized before doing anything.
136 code = InitThisModule();
142 * If this is a dry run, we still need to setup the uid before
146 fprintf(stderr, "\t[Dry run - user %d not created]\n",
148 sprintf(a_uid, "%d", uss_DesiredUID);
153 * Go ahead and create the user.
155 code = pr_CreateUser(a_user, &id);
157 if (code == PREXIST || code == PRIDEXIST) {
160 "%s: Warning: '%s' already in the Protection DB\n",
164 "%s: Warning: Id '%d' already in Protection DB\n",
168 * Make sure the user name given matches the id that has
169 * already been registered with the Protection Server.
171 * Note: pr_SNameToId ONLY returns a non-zero error code
172 * for a major problem, like a network partition, so we
173 * have to explicitly check the ID returned against
174 * ANONYMOUSID, which is what we get when there is no
175 * ID known for the user name.
178 if (code = pr_SNameToId(a_user, &mappedUserID)) {
179 com_err(uss_whoami, code,
180 "while getting uid from Protection Server");
183 if (mappedUserID == ANONYMOUSID) {
185 "%s: User '%s' unknown, yet given id (%d) already has a mapping!\n",
186 uss_whoami, a_user, id);
191 else if (mappedUserID != id) {
193 "%s: User '%s' already has id %d; won't assign id %d\n",
194 uss_whoami, a_user, mappedUserID, id);
201 com_err(uss_whoami, code, "while accessing Protection Server");
205 /*Create the user's protection entry */
206 sprintf(a_uid, "%d", id);
208 fprintf(stderr, "The uid for user '%s' is %s\n", a_user, a_uid);
211 * Return sweetness & light.
215 } /*uss_ptserver_AddUser */
218 /*-----------------------------------------------------------------------
219 * EXPORTED uss_ptserver_DelUser
222 * Nothing interesting.
226 *------------------------------------------------------------------------*/
229 uss_ptserver_DelUser(a_name)
232 { /*uss_ptserver_DelUser */
234 afs_int32 code; /*Various return codes */
237 * Make sure we're initialized before doing anything.
240 code = InitThisModule();
247 "\t[Dry run - user '%s' not deleted from Protection DB]\n",
253 fprintf(stderr, "Deleting user '%s' from the Protection DB\n",
257 * Go ahead and delete the user.
259 code = pr_Delete(a_name);
261 if (code == PRNOENT) {
263 * There's no entry for that user in the Protection DB,
264 * so our job is done.
267 "%s: Warning: User '%s' not found in Protection DB\n",
269 } /*User not registered */
271 com_err(uss_whoami, code,
272 "while deleting user from Protection DB");
274 } /*Fatal PTS error */
277 /*Error in deletion */
279 * Return sweetness & light.
283 } /*uss_ptserver_DelUser */
286 /*-----------------------------------------------------------------------
287 * EXPORTED uss_ptserver_XlateUser
290 * Nothing interesting.
294 *------------------------------------------------------------------------*/
297 uss_ptserver_XlateUser(a_user, a_uidP)
301 { /*uss_ptserver_XlateUser */
303 static char rn[] = "uss_ptserver_XlateUser"; /*Routine name */
304 register afs_int32 code; /*Various return codes */
307 fprintf(stderr, "Translating user '%s' via the Protection DB\n",
311 * Make sure we're initialized before doing anything.
314 code = InitThisModule();
320 * Note: pr_SNameToId ONLY returns a non-zero error code
321 * for a major problem, like a network partition, so we
322 * have to explicitly check the ID returned against
323 * ANONYMOUSID, which is what we get when there is no
324 * ID known for the user name.
327 code = pr_SNameToId(a_user, a_uidP);
329 com_err(uss_whoami, code, "while getting uid from Protection DB");
332 if (*a_uidP == ANONYMOUSID) {
333 fprintf(stderr, "%s: No entry for user '%s' in the Protection DB\n",
339 * Return sweetness & light.
341 #ifdef USS_PTSERVER_DB
342 printf("%s: User '%s' maps to uid %d\n", rn, a_user, *a_uidP);
343 #endif /* USS_PTSERVER_DB */
346 } /*uss_ptserver_XlateUser */