bozo: Add KeyFileExt and rxkad.keytab to access rights check When the KeyFileExt and rxkad.keytab were added to OpenAFS, they were not added to the bosserver's access rights check. Add these files to the bosserver access checks, with the same access rights needed for the original KeyFile. Also, add the full path for KeyFileExt to the dirpath package (not just the filename), which was not done when the KeyFileExt was introduced. This is needed to perform the access checks. Change-Id: I8c9028e846fad9f15823baeb7cc15a8f80ed5c1c Reviewed-on: https://gerrit.openafs.org/14329 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Rename getDirPath to afs_getDirPath in preparation for export The symbol name getDirPath is rather generic and we probably shouldn't squat on it in the application's namespace. In preparation for exporting this functionality from the Unix shared libraries, rename it to afs_getDirPath. Retain a Windows-only wrapper getDirPath that can continue to be exported from libafsauthent on Windows, for ABI compatibility. New consumers should use afs_getDirPath. Change-Id: Ie3f3f7b0662451353834d2e3b5c3dd1131c1935e Reviewed-on: https://gerrit.openafs.org/13058 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Anders Kaseorg <andersk@mit.edu> Tested-by: Anders Kaseorg <andersk@mit.edu> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Add filepath entries for rxkad.keytab Even though master is not using it, we still want to be able to find it. Change-Id: I31fa39fe4d4bed5144c5169236b1106bd9f18501 Reviewed-on: http://gerrit.openafs.org/11784 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tweak AFSDIR_PATH_MAX definition On recent Debian, we run into runtime errors in the test suite because _POSIX_PATH_MAX is only 256, and that buffer is too small for a call to realpath(). Use PATH_MAX if it's available and larger than _POSIX_PATH_MAX, in a way that should be safe even when PATH_MAX is not defined. Change-Id: I39127e88d92b358245ece21131219380ca4be98a Reviewed-on: http://gerrit.openafs.org/11453 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: D Brashear <shadow@your-file-system.com>
krb5 profile config support create openafs-client.conf and openafs-server.conf in respective ETC dirs. enable afsd, ptserver, vlserver and fileserver option parsing from it [afsd] dynroot = true dcache = 800 cachedir = /var/db/openafs/cache Change-Id: I4bae437d7c8f54daa5dadfaeb875cdd185809d61 Reviewed-on: http://gerrit.openafs.org/7903 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
bozo: report bosserver -rxbind address Create a file on bosserver startup called bosserver.rxbind in the server local directory which contains an address local scripts may use to contact the bosserver. When bosserver is started with the -rxbind option, write the address selected from the intersection of the interfaces, NetInfo, and NetRestrict configuration to the bosserver.rxbind file, otherwise write the loopback address 127.0.0.1. Update the RedHat init script to use the new bosserver.rxbind file. Change-Id: I00a4249ae7445f872625ec46f960e778483d1f9f Reviewed-on: http://gerrit.openafs.org/5488 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
auth: Rewrite KeyFile handling code Extend the KeyFile API so that we can support arbitrary numbers of different key types, each with their own key version numbers and sub types. Completely rewrite the KeyFile implementation with this in mind, but implement all of the "old" API in terms of the new one. Given that the existing KeyFile is modified by third party programs, we retain that as the storage location for all afsconf_rxkad keys. Only keys with a type of 1, or above are stored in the new extended keyfile. Change-Id: I903a1de938544541a1bfecedb2a039ba24bdfdbc Reviewed-on: http://gerrit.openafs.org/3772 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
macos fstrace msgcat search path everything else on osx will look for config in /var/db/openafs; make fstrace do the same Change-Id: I7b787435343b15c82cd8eb8f3ed00096d469e888 Reviewed-on: http://gerrit.openafs.org/772 Tested-by: Derrick Brashear <shadow@dementia.org> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Provide an AFSDIR_DATA_DIR path for architecture-independent data Add AFSDIR_DATA_DIR to dirpath.h, defined to be the location for installing and finding architecture-independent data files. Add a corresponding AFSDIR_CLIENT_DATA_DIRPATH macro that retrieves the possibly-prefixed version of this path. This will be ${datadir}/openafs with normal UNIX installation paths and /usr/vice/etc for Transarc paths. Since there is no apparent need for this path on Windows, it is not defined in Windows builds. The only intended use for this path for right now is the message catalog for fstrace. Reviewed-on: http://gerrit.openafs.org/91 Verified-by: Derrick Brashear <shadow@dementia.org> Reviewed-by: Derrick Brashear <shadow@dementia.org>
dafs-20060317 FIXES 26648 demand attach/fast restart fileserver
multiple-local-realms-fix-20051210 The krb.excl paths need to be defined for Unix as well.
dynroot-allow-cell-aliases-20011101 allow cell aliases. includes support for non-'V' pioctls
darwin-optimize-and-fix-dirpath-20010920 change optimization, add alternate dirpath for dealing with darwin and macos in same binaries
make-install-support-for-transarc-and-prefix-style-universes-20010907 according to jeff: - Renames the top-level 'install' target to 'build'. This should be transparent, since no one should be using that. - Improves on Sam's dirpath patches, by splitting out server binaries into separate bin, sbin, and libexec directories in GCS mode (these are all /usr/afs/bin in Transarc mode). - Updates the top-level 'all' target so that it builds the software but does not generate a dest tree. Top-level 'lib' and 'include' directories are generated to hold the intermediate libraries and headers used during the build. - Adds a new top-level 'install' target, which installs things in the appropriate directories under ${DESTDIR}, based on configure's install directories plus the extras added by Sam's patch. - Adds a new top-level 'dest' target, which creates an old-style dest directory under ${DEST}. The ${DEST} variable defaults to the traditional value of ${SRCDIR_PARENT}/${SYS_NAME}/dest. Note that this variable used to be called ${DESTDIR}; it was renamed to avoid conflicts with the de facto standard usage of ${DESTDIR}. ==================== This delta was composed from multiple commits as part of the CVS->Git migration. The checkin message with each commit was inconsistent. The following are the additional commit messages. ==================== fix missed makefile ==================== update another missed file ==================== eliminate bogus escaping ==================== get rid of another bogus escape ==================== remove unused include directory ==================== get rid of no longer used libdir ==================== remove unused incdir ==================== fix up some problems for make compatibility and missing trailing / ==================== put afs.exp in the right place ==================== remove bogus afssrvdir reference ==================== update dest version of output ==================== update ref to libexecdir ==================== kill refs to afssrvdir ==================== convert missed LIBDIR to TOP_LIBDIR ==================== remove explicit INSTALL and use makefile.@sys value instead ==================== except it's helpful to actually include makefile.@sys ==================== convert LIBDIR to TOP_LIBDIR
dirpath-support-configure-path-options-and-decanonicalization-20010906 Sam's notes: "Here is a patch that supports directory paths, documentation for the above and decanonicalization of of supplied paths. Here are tests I have run: * Build with both transarc and non-transarc paths and examined dirpath.o * Build with roughly FHS-style paths and tested on Debian * confirmed that bos salvage works even when salvager not in /usr/afs/bin (it gets the log correctly too) * confirms that bos getlog can get logs from /usr/afs/logs even when /ur/afs/logs is /var/lib/openafs/logs * confirmed that bos getlog can get /etc/motd "