releases. All it does now is log a warning message about how the option is
obsolete.
+=item B<-restricted_query> (anyuser | admin)
+
+Restrict RPCs that query information about volumes to a specific group
+of users. You can use C<admin> to restrict to AFS administrators. The
+C<anyuser> option doesn't restrict the RPCs and leaves it open for all
+users including unauthenticated users, this is the default.
+
=item B<-help>
Prints the online help for this command. All other valid options are
[B<-rxbind>]
[B<-syslog>[=<I<FACILITY>]]
[B<-sleep> <I<sleep time>/I<run time>>]
+ [B<-restricted_query> (anyuser | admin)]
[B<-help>]
[B<-enable_peer_stats>] [B<-enable_process_stats>]
S<<< [B<-auditlog> <I<log path>>] >>>
S<<< [B<-audit-interface> (file | sysvmq)] >>>
+ S<<< [B<-restricted_query> (anyuser | admin)] >>>
[B<-help>]
=for html
option allows the use of alternative configuration locations for testing
purposes.
+=item B<-restricted_query> (anyuser | admin)
+
+Restrict RPCs that query information about volumes to a specific group
+of users. Only the RPCs that are not used by cache managers will be
+restricted, since cache manager connections to the Volume Server are
+always unauthenticated. You can use C<admin> to restrict to AFS
+administrators. The C<anyuser> option doesn't restrict the RPCs and
+leaves it open for all users including unauthenticated users, this is
+the default.
+
=item B<-help>
Prints the online help for this command. All other valid options are
extern int afsconf_SuperIdentity(struct afsconf_dir *, struct rx_call *,
struct rx_identity **);
extern int afsconf_IsSuperIdentity(struct afsconf_dir *, struct rx_identity *);
+extern int afsconf_CheckRestrictedQuery(struct afsconf_dir *adir,
+ struct rx_call *acall,
+ int needed_level);
+
+/*
+ * Level constants for the -restricted_query option used by vlserver
+ * and volser. Once we have vlserver and volserver to ptserver
+ * connection, we can add more access levels, like AUTHUSER or
+ * AUTHANDFOREIGNUSER.
+ */
+#define RESTRICTED_QUERY_ANYUSER 0
+#define RESTRICTED_QUERY_ADMIN 1
/* realms.c */
extern int afsconf_SetLocalRealm(const char *realm);
afsconf_ClientAuthSecure
afsconf_ClientAuthToken
afsconf_Close
+afsconf_CheckRestrictedQuery
afsconf_DeleteKey
afsconf_GetAfsdbInfo
afsconf_GetAllKeys
return ret;
}
+
+/*!
+ * Check whether the user authenticated on a given RX call is
+ * compatible with the access specified by needed_level.
+ *
+ * @param[in] adir
+ * The configuration directory currently in use
+ * @param[in] acall
+ * The RX call whose authenticated identity is being checked
+ * @param[in] needed_level
+ * Either RESTRICTED_QUERY_ANYUSER for allowing any access or
+ * RESTRICTED_QUERY_ADMIN for allowing super user only.
+ * @returns
+ * True if the user is compatible with needed_level.
+ * Otherwise, false.
+ */
+
+int
+afsconf_CheckRestrictedQuery(struct afsconf_dir *adir,
+ struct rx_call *acall,
+ int needed_level)
+{
+ if (needed_level == RESTRICTED_QUERY_ANYUSER)
+ return 1;
+
+ return afsconf_SuperIdentity(adir, acall, NULL);
+}
afsconf_AddTypedKey @164
afsconf_typedKey_values @165
afsconf_GetAllKeys @166
+ afsconf_CheckRestrictedQuery @167
afsconf_AddUser
afsconf_CellApply
afsconf_CheckAuth
+afsconf_CheckRestrictedQuery
afsconf_ClientAuth
afsconf_ClientAuthSecure
afsconf_Close
afsconf_ClientAuth
afsconf_ClientAuthSecure
afsconf_Close
+afsconf_CheckRestrictedQuery
afsconf_DeleteKey
afsconf_DeleteUser
afsconf_GetCellInfo
afsconf_ClientAuth;
afsconf_ClientAuthSecure;
afsconf_Close;
+ afsconf_CheckRestrictedQuery;
afsconf_DeleteKey;
afsconf_DeleteUser;
afsconf_GetCellInfo;
afsconf_ClientAuth@Base 1.5.75
afsconf_ClientAuthSecure@Base 1.5.75
afsconf_Close@Base 1.5.75
+ afsconf_CheckRestrictedQuery@Base 1.5.75
afsconf_DeleteKey@Base 1.5.75
afsconf_DeleteUser@Base 1.5.75
afsconf_GetCellInfo@Base 1.5.75
#endif
extern int smallMem;
+extern int restrictedQueryLevel;
extern int extent_mod;
extern struct afsconf_dir *vldb_confdir;
extern struct ubik_dbase *VL_dbase;
char rxstr[AFS_RXINFO_LEN];
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
goto end;
VLog(25, ("OListEntry index=%d %s\n", previous_index,
char rxstr[AFS_RXINFO_LEN];
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
goto end;
VLog(25, ("ListEntry index=%d %s\n", previous_index, rxinfo(rxstr, rxcall)));
char rxstr[AFS_RXINFO_LEN];
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
vldbentries->bulkentries_val = 0;
vldbentries->bulkentries_len = *nentries = 0;
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
char rxstr[AFS_RXINFO_LEN];
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
vldbentries->nbulkentries_val = 0;
vldbentries->nbulkentries_len = *nentries = 0;
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
#endif
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
vldbentries->nbulkentries_val = 0;
vldbentries->nbulkentries_len = 0;
*nentries = 0;
int pollcount = 0;
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
goto end;
int pollcount = 0;
countRequest(this_op);
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
goto end;
char rxstr[AFS_RXINFO_LEN];
countRequest(this_op);
-#ifdef notdef
- /* Allow users to get statistics freely */
- if (!afsconf_SuperUser(vldb_confdir, rxcall, NULL)) { /* Must be in 'UserList' to use */
- code = VL_PERM;
- goto end;
- }
-#endif
+
+ if (!afsconf_CheckRestrictedQuery(vldb_confdir, rxcall,
+ restrictedQueryLevel))
+ END(VL_PERM);
+
if ((code = Init_VLdbase(&ctx, LOCKREAD, this_op)))
goto end;
VLog(5, ("GetStats %s\n", rxinfo(rxstr, rxcall)));
static void *CheckSignal(void*);
int LogLevel = 0;
int smallMem = 0;
+int restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
int rxJumbograms = 0; /* default is to not send and receive jumbo grams */
int rxMaxMTU = -1;
afs_int32 rxBind = 0;
OPT_rxbind,
OPT_rxmaxmtu,
OPT_trace,
- OPT_dotted
+ OPT_dotted,
+ OPT_restricted_query
};
int
char *interface = NULL;
char *optstring = NULL;
+ char *restricted_query_parameter = NULL;
+
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
CMD_OPTIONAL, "maximum MTU for RX");
cmd_AddParmAtOffset(opts, OPT_trace, "-trace", CMD_SINGLE,
CMD_OPTIONAL, "rx trace file");
+ cmd_AddParmAtOffset(opts, OPT_restricted_query, "-restricted_query",
+ CMD_SINGLE, CMD_OPTIONAL, "anyuser | admin");
+
/* rxkad options */
cmd_AddParmAtOffset(opts, OPT_dotted, "-allow-dotted-principals",
/* rxkad options */
cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);
+ /* restricted query */
+ if (cmd_OptionAsString(opts, OPT_restricted_query,
+ &restricted_query_parameter) == 0) {
+ if (strcmp(restricted_query_parameter, "anyuser") == 0)
+ restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
+ else if (strcmp(restricted_query_parameter, "admin") == 0)
+ restrictedQueryLevel = RESTRICTED_QUERY_ADMIN;
+ else {
+ printf("invalid argument for -restricted_query: %s\n",
+ restricted_query_parameter);
+ return -1;
+ }
+ free(restricted_query_parameter);
+ }
+
if (auditFileName) {
osi_audit_file(auditFileName);
}
#define MAXLWP 128
int lwps = 9;
int udpBufSize = 0; /* UDP buffer size for receive */
+int restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
int rxBind = 0;
int rxkadDisableDotCheck = 0;
OPT_sync,
OPT_syslog,
OPT_logfile,
- OPT_config
+ OPT_config,
+ OPT_restricted_query
};
static int
struct cmd_syndesc *opts;
char *sleepSpec = NULL;
char *sync_behavior = NULL;
+ char *restricted_query_parameter = NULL;
opts = cmd_CreateSyntax(NULL, NULL, NULL, NULL);
cmd_AddParmAtOffset(opts, OPT_log, "-log", CMD_FLAG, CMD_OPTIONAL,
CMD_OPTIONAL, "location of log file");
cmd_AddParmAtOffset(opts, OPT_config, "-config", CMD_SINGLE,
CMD_OPTIONAL, "configuration location");
+ cmd_AddParmAtOffset(opts, OPT_restricted_query, "-restricted_query",
+ CMD_SINGLE, CMD_OPTIONAL, "anyuser | admin");
code = cmd_Parse(argc, argv, &opts);
if (code == CMD_HELP) {
}
cmd_OptionAsString(opts, OPT_logfile, &logFile);
cmd_OptionAsString(opts, OPT_config, &configDir);
+ if (cmd_OptionAsString(opts, OPT_restricted_query,
+ &restricted_query_parameter) == 0) {
+ if (strcmp(restricted_query_parameter, "anyuser") == 0)
+ restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
+ else if (strcmp(restricted_query_parameter, "admin") == 0)
+ restrictedQueryLevel = RESTRICTED_QUERY_ADMIN;
+ else {
+ printf("invalid argument for -restricted_query: %s\n",
+ restricted_query_parameter);
+ return -1;
+ }
+ free(restricted_query_parameter);
+ }
return 0;
}
extern int DoLogging;
extern struct afsconf_dir *tdir;
extern int DoPreserveVolumeStats;
+extern int restrictedQueryLevel;
extern void LogError(afs_int32 errcode);
{
struct DiskPartition64 *dp;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
VResetDiskUsage();
dp = VGetPartition(pname, 0);
if (dp) {
VolGetNthVolume(struct rx_call *acid, afs_int32 aindex, afs_uint32 *avolume,
afs_int32 *apart)
{
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
Log("1 Volser: GetNthVolume: Not yet implemented\n");
return VOLSERNO_OP;
}
{
struct volser_trans *tt;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
tt = FindTrans(atid);
if (!tt)
return ENOENT;
struct VolumeDiskData *td;
struct volser_trans *tt;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
tt = FindTrans(atrans);
if (!tt)
struct volser_trans *tt;
int len;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
/* We need to at least fill it in */
*aname = malloc(1);
if (!*aname)
char namehead[9];
int i;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
strcpy(namehead, "/vicep"); /*7 including null terminator */
/* Just return attached partitions. */
struct DiskPartition64 *dp;
int i, j = 0;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
strcpy(namehead, "/vicep"); /*7 including null terminator */
/* Only report attached partitions */
int found = 0;
volint_info_handle_t handle;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
volumeInfo->volEntries_val = calloc(1, sizeof(volintInfo));
if (!volumeInfo->volEntries_val)
return ENOMEM;
int found = 0; /*Did we find the volume we need? */
volint_info_handle_t handle;
+ if (!afsconf_CheckRestrictedQuery(tdir, a_rxCidP, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
/*
* Set up our pointers for action, marking our structure to hold exactly
* one entry. Also, assume we'll fail in our quest.
int code;
volint_info_handle_t handle;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
volumeInfo->volEntries_val = calloc(allocSize, sizeof(volintInfo));
if (!volumeInfo->volEntries_val)
return ENOMEM;
int code;
volint_info_handle_t handle;
+ if (!afsconf_CheckRestrictedQuery(tdir, a_rxCidP, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
/*
* Allocate a large array of extended volume info structures, then
* set it up for action.
afs_int32 allocSize = 50;
struct volser_trans *tt, *nt, *allTrans;
+ if (!afsconf_CheckRestrictedQuery(tdir, acid, restrictedQueryLevel))
+ return VOLSERBAD_ACCESS;
+
transInfo->transDebugEntries_val =
malloc(allocSize * sizeof(transDebugInfo));
if (!transInfo->transDebugEntries_val)