#include <afs/keys.h>
#include <afs/volser.h>
#include <ubik.h>
+#include <afs/audit.h>
#include <afs/com_err.h>
#include <afs/cmd.h>
#include <afs/tcdata.h>
#define XBSA_TCMAIN
#include "butc_xbsa.h"
#include "butc_prototypes.h"
+#include "butc_internal.h"
#define N_SECURITY_OBJECTS 3
#define ERRCODE_RANGE 8 /* from error_table.h */
char *centralLogFile;
afs_int32 lastLog; /* Log last pass info */
int rxBind = 0;
+struct afsconf_dir *butc_confdir;
#define ADDRSPERSITE 16 /* Same global is in rx/rx_user.c */
afs_uint32 SHostAddrs[ADDRSPERSITE];
-/* dummy routine for the audit work. It should do nothing since audits */
-/* occur at the server level and bos is not a server. */
-int
-osi_audit(void)
-{
- return 0;
-}
-
static afs_int32
SafeATOL(char *anum)
{
#endif
static int
+tc_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
+{
+ struct afsconf_dir *dir = (struct afsconf_dir *)rock;
+ afs_int32 islocal = 0; /* default to no */
+ int code;
+
+ code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
+ if (code) {
+ TLog(0, ("Failed local realm check; code=%d, name=%s, inst=%s, cell=%s\n",
+ code, name, inst, cell));
+ }
+ return islocal;
+}
+
+static int
WorkerBee(struct cmd_syndesc *as, void *arock)
{
afs_int32 code;
PROCESS dbWatcherPid;
#endif
afs_uint32 host = htonl(INADDR_ANY);
+ char *auditFileName = NULL;
+ char *auditInterface = NULL;
debugLevel = 0;
struct stat sbuf;
afs_int32 statcode;
#ifndef AFS_NT40_ENV
- char path[AFSDIR_PATH_MAX];
+ char *path;
#endif
statcode = stat(centralLogFile, &sbuf);
}
#ifndef AFS_NT40_ENV
/* Make sure it is not in AFS, has to have been created first */
- if (!realpath(centralLogFile, path)) {
+ path = malloc(AFSDIR_PATH_MAX);
+ if (path == NULL || !realpath(centralLogFile, path)) {
fprintf(stderr,
"Warning: can't determine real path of '%s' (%d)\n",
centralLogFile, errno);
exit(1);
}
}
+ free(path);
#endif
/* Write header if created it */
}
}
+ /* Open the configuration directory */
+ butc_confdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
+ if (butc_confdir == NULL) {
+ TLog(0, "Failed to open server configuration directory");
+ exit(1);
+ }
+
+ /* Start auditing */
+ osi_audit_init();
+ if (as->parms[9].items) {
+ auditFileName = as->parms[9].items->data;
+ }
+ if (auditFileName != NULL)
+ osi_audit_file(auditFileName);
+ if (as->parms[10].items) {
+ auditInterface = as->parms[10].items->data;
+ if (osi_audit_interface(auditInterface)) {
+ TLog(0, "Invalid audit interface '%s'\n", auditInterface);
+ exit(1);
+ }
+ }
+ osi_audit(TC_StartEvent, 0, AUD_END);
+ osi_audit_set_user_check(butc_confdir, tc_IsLocalRealmMatch);
+
if (as->parms[1].items) {
debugLevel = SafeATOL(as->parms[1].items->data);
if (debugLevel == -1) {
* security on connections made to this server
*/
- securityObjects[0] = rxnull_NewServerSecurityObject();
- if (!securityObjects[0]) {
+ securityObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject();
+ if (!securityObjects[RX_SECIDX_NULL]) {
TLog(0, "rxnull_NewServerSecurityObject");
exit(1);
}
setlinebuf(stdout);
- ts = cmd_CreateSyntax(NULL, WorkerBee, NULL, "tape coordinator");
+ ts = cmd_CreateSyntax(NULL, WorkerBee, NULL, 0, "tape coordinator");
cmd_AddParm(ts, "-port", CMD_SINGLE, CMD_OPTIONAL, "port offset");
cmd_AddParm(ts, "-debuglevel", CMD_SINGLE, CMD_OPTIONAL, "0 | 1 | 2");
cmd_AddParm(ts, "-cell", CMD_SINGLE, CMD_OPTIONAL, "cell name");
"Force multiple XBSA server support");
cmd_AddParm(ts, "-rxbind", CMD_FLAG, CMD_OPTIONAL,
"bind Rx socket");
+ cmd_AddParm(ts, "-auditlog", CMD_SINGLE, CMD_OPTIONAL, "location of audit log");
+ cmd_AddParm(ts, "-audit-interface", CMD_SINGLE, CMD_OPTIONAL,
+ "interface to use for audit logging");
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {