2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afs/param.h>
25 #include <WINNT\afsreg.h>
32 #define MAXINSIZE 1300 /* pioctl complains if data is larger than this */
34 static char space[MAXSIZE];
35 static char tspace[1024];
38 static struct ubik_client *uclient;
39 #endif /* not WIN32 */
42 static char pn[] = "symlink";
43 static int rxInitDone = 0;
55 if (t >= 'A' && t <= 'Z') t += 0x20;
56 if (u >= 'A' && u <= 'Z') u += 0x20;
63 /* this function returns TRUE (1) if the file is in AFS, otherwise false (0) */
64 static int InAFS(register char *apath)
66 struct ViceIoctl blob;
67 register afs_int32 code;
70 blob.out_size = MAXSIZE;
73 code = pioctl_utf8(apath, VIOC_FILE_CELL_NAME, &blob, 1);
75 if ((errno == EINVAL) || (errno == ENOENT))
82 IsFreelanceRoot(char *apath)
84 struct ViceIoctl blob;
88 blob.out_size = MAXSIZE;
91 code = pioctl_utf8(apath, VIOC_FILE_CELL_NAME, &blob, 1);
93 return !stricmp("Freelance.Local.Root",space);
94 return 1; /* assume it is because it is more restrictive that way */
97 static const char * NetbiosName(void)
99 static char buffer[1024] = "AFS";
105 code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_SVC_PARAM_SUBKEY,
106 0, (IsWow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey);
107 if (code == ERROR_SUCCESS) {
108 dummyLen = sizeof(buffer);
109 code = RegQueryValueEx(parmKey, "NetbiosName", NULL, NULL,
111 RegCloseKey (parmKey);
113 strcpy(buffer, "AFS");
118 #define AFSCLIENT_ADMIN_GROUPNAME "AFS Client Admins"
120 static BOOL IsAdmin (void)
122 static BOOL fAdmin = FALSE;
123 static BOOL fTested = FALSE;
127 /* Obtain the SID for the AFS client admin group. If the group does
128 * not exist, then assume we have AFS client admin privileges.
130 PSID psidAdmin = NULL;
131 DWORD dwSize, dwSize2;
132 char pszAdminGroup[ MAX_COMPUTERNAME_LENGTH + sizeof(AFSCLIENT_ADMIN_GROUPNAME) + 2 ];
133 char *pszRefDomain = NULL;
134 SID_NAME_USE snu = SidTypeGroup;
136 dwSize = sizeof(pszAdminGroup);
138 if (!GetComputerName(pszAdminGroup, &dwSize)) {
139 /* Can't get computer name. We return false in this case.
140 Retain fAdmin and fTested. This shouldn't happen.*/
147 strcat(pszAdminGroup,"\\");
148 strcat(pszAdminGroup, AFSCLIENT_ADMIN_GROUPNAME);
150 LookupAccountName(NULL, pszAdminGroup, NULL, &dwSize, NULL, &dwSize2, &snu);
151 /* that should always fail. */
153 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
154 /* if we can't find the group, then we allow the operation */
159 if (dwSize == 0 || dwSize2 == 0) {
165 psidAdmin = (PSID)malloc(dwSize); memset(psidAdmin,0,dwSize);
167 pszRefDomain = (char *)malloc(dwSize2);
168 assert(pszRefDomain);
170 if (!LookupAccountName(NULL, pszAdminGroup, psidAdmin, &dwSize, pszRefDomain, &dwSize2, &snu)) {
171 /* We can't lookup the group now even though we looked it up earlier.
172 Could this happen? */
175 /* Then open our current ProcessToken */
178 if (OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &hToken))
181 if (!CheckTokenMembership(hToken, psidAdmin, &fAdmin)) {
182 /* We'll have to allocate a chunk of memory to store the list of
183 * groups to which this user belongs; find out how much memory
187 PTOKEN_GROUPS pGroups;
189 GetTokenInformation (hToken, TokenGroups, NULL, dwSize, &dwSize);
191 pGroups = (PTOKEN_GROUPS)malloc(dwSize);
194 /* Allocate that buffer, and read in the list of groups. */
195 if (GetTokenInformation (hToken, TokenGroups, pGroups, dwSize, &dwSize))
197 /* Look through the list of group SIDs and see if any of them
198 * matches the AFS Client Admin group SID.
201 for (; (!fAdmin) && (iGroup < pGroups->GroupCount); ++iGroup)
203 if (EqualSid (psidAdmin, pGroups->Groups[ iGroup ].Sid)) {
213 /* if do not have permission because we were not explicitly listed
214 * in the Admin Client Group let's see if we are the SYSTEM account
217 PTOKEN_USER pTokenUser;
218 SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;
219 PSID pSidLocalSystem = 0;
222 GetTokenInformation(hToken, TokenUser, NULL, 0, &dwSize);
224 pTokenUser = (PTOKEN_USER)malloc(dwSize);
227 if (!GetTokenInformation(hToken, TokenUser, pTokenUser, dwSize, &dwSize))
228 gle = GetLastError();
230 if (AllocateAndInitializeSid( &SIDAuth, 1,
231 SECURITY_LOCAL_SYSTEM_RID,
235 if (EqualSid(pTokenUser->User.Sid, pSidLocalSystem)) {
239 FreeSid(pSidLocalSystem);
257 /* return a static pointer to a buffer */
258 static char *Parent(apath)
261 strcpy(tspace, apath);
262 tp = strrchr(tspace, '\\');
264 *(tp+1) = 0; /* lv trailing slash so Parent("k:\foo") is "k:\" not "k:" */
267 fs_ExtractDriveLetter(apath, tspace);
274 static ListLinkCmd(register struct cmd_syndesc *as, void *arock)
276 register afs_int32 code;
277 struct ViceIoctl blob;
279 register struct cmd_item *ti;
280 char orig_name[1024]; /*Original name, may be modified*/
281 char true_name[1024]; /*``True'' dirname (e.g., symlink target)*/
282 char parent_dir[1024]; /*Parent directory of true name*/
283 register char *last_component; /*Last component of true name*/
285 struct stat statbuff; /*Buffer for status info*/
286 #endif /* not WIN32 */
288 int link_chars_read; /*Num chars read in readlink()*/
289 #endif /* not WIN32 */
290 int thru_symlink; /*Did we get to a mount point via a symlink?*/
293 for(ti=as->parms[0].items; ti; ti=ti->next) {
297 strcpy(orig_name, ti->data);
298 #else /* not WIN32 */
299 sprintf(orig_name, "%s%s",
300 (ti->data[0] == '/') ? "" : "./",
302 #endif /* not WIN32 */
305 if (lstat(orig_name, &statbuff) < 0) {
306 /* if lstat fails, we should still try the pioctl, since it
307 may work (for example, lstat will fail, but pioctl will
308 work if the volume of offline (returning ENODEV). */
309 statbuff.st_mode = S_IFDIR; /* lie like pros */
313 * The lstat succeeded. If the given file is a symlink, substitute
314 * the file name with the link name.
316 if ((statbuff.st_mode & S_IFMT) == S_IFLNK) {
319 * Read name of resolved file.
321 link_chars_read = readlink(orig_name, true_name, 1024);
322 if (link_chars_read <= 0) {
323 fprintf(stderr,"%s: Can't read target name for '%s' symbolic link!\n",
329 * Add a trailing null to what was read, bump the length.
331 true_name[link_chars_read++] = 0;
334 * If the symlink is an absolute pathname, we're fine. Otherwise, we
335 * have to create a full pathname using the original name and the
336 * relative symlink name. Find the rightmost slash in the original
337 * name (we know there is one) and splice in the symlink value.
339 if (true_name[0] != '\\') {
340 last_component = (char *) strrchr(orig_name, '\\');
341 strcpy(++last_component, true_name);
342 strcpy(true_name, orig_name);
346 strcpy(true_name, orig_name);
348 strcpy(true_name, orig_name);
352 * Find rightmost slash, if any.
354 last_component = (char *) strrchr(true_name, '\\');
356 last_component = (char *) strrchr(true_name, '/');
357 if (last_component) {
359 * Found it. Designate everything before it as the parent directory,
360 * everything after it as the final component.
362 strncpy(parent_dir, true_name, last_component - true_name + 1);
363 parent_dir[last_component - true_name + 1] = 0;
364 last_component++; /*Skip the slash*/
367 if (!InAFS(parent_dir)) {
368 const char * nbname = NetbiosName();
369 int len = (int)strlen(nbname);
371 if (parent_dir[0] == '\\' && parent_dir[1] == '\\' &&
372 parent_dir[len+2] == '\\' &&
373 parent_dir[len+3] == '\0' &&
374 !strnicmp(nbname,&parent_dir[2],len))
376 sprintf(parent_dir,"\\\\%s\\all\\", nbname);
383 * No slash appears in the given file name. Set parent_dir to the current
384 * directory, and the last component as the given name.
386 fs_ExtractDriveLetter(true_name, parent_dir);
387 strcat(parent_dir, ".");
388 last_component = true_name;
389 fs_StripDriveLetter(true_name, true_name, sizeof(true_name));
392 if (strcmp(last_component, ".") == 0 || strcmp(last_component, "..") == 0) {
393 fprintf(stderr,"%s: you may not use '.' or '..' as the last component\n", pn);
394 fprintf(stderr,"%s: of a name in the 'symlink list' command.\n", pn);
398 blob.in = last_component;
399 blob.in_size = (long)strlen(last_component)+1;
400 blob.out_size = MAXSIZE;
402 memset(space, 0, MAXSIZE);
404 code = pioctl_utf8(parent_dir, VIOC_LISTSYMLINK, &blob, 1);
407 printf("'%s' is a %ssymlink to '%s'\n",
409 (thru_symlink ? "symbolic link, leading to a " : ""),
415 fprintf(stderr,"'%s' is not a symlink.\n",
418 Die(errno, (ti->data ? ti->data : parent_dir));
425 static MakeLinkCmd(register struct cmd_syndesc *as, void *arock)
427 register afs_int32 code;
428 struct ViceIoctl blob;
430 char path[1024] = "";
432 strcpy(path, as->parms[0].items->data);
433 parent = Parent(path);
435 if (!InAFS(parent)) {
437 const char * nbname = NetbiosName();
438 int len = (int)strlen(nbname);
440 if (parent[0] == '\\' && parent[1] == '\\' &&
441 parent[len+2] == '\\' &&
442 parent[len+3] == '\0' &&
443 !strnicmp(nbname,&parent[2],len))
445 sprintf(path,"%sall\\%s", parent, &as->parms[0].items->data[strlen(parent)]);
446 parent = Parent(path);
447 if (!InAFS(parent)) {
448 fprintf(stderr,"%s: symlinks must be created within the AFS file system\n", pn);
454 fprintf(stderr,"%s: symlinks must be created within the AFS file system\n", pn);
460 if ( IsFreelanceRoot(parent) && !IsAdmin() ) {
461 fprintf(stderr,"%s: Only AFS Client Administrators may alter the root.afs volume\n", pn);
465 fprintf(stderr, "Creating symlink [%s] to [%s]\n", path, as->parms[1].items->data);
467 /* create symlink with a special pioctl for Windows NT, since it doesn't
468 * have a symlink system call.
471 blob.in_size = 1 + (long)strlen(as->parms[1].items->data);
472 blob.in = as->parms[1].items->data;
474 code = pioctl_utf8(path, VIOC_SYMLINK, &blob, 0);
475 #else /* not WIN32 */
476 code = symlink(as->parms[1].items->data, path);
477 #endif /* not WIN32 */
479 Die(errno, as->parms[0].items->data);
486 * Delete AFS symlinks. Variables are used as follows:
487 * tbuffer: Set to point to the null-terminated directory name of the
488 * symlink (or ``.'' if none is provided)
489 * tp: Set to point to the actual name of the symlink to nuke.
491 static RemoveLinkCmd(register struct cmd_syndesc *as, void *arock)
493 register afs_int32 code=0;
494 struct ViceIoctl blob;
495 register struct cmd_item *ti;
500 for(ti=as->parms[0].items; ti; ti=ti->next) {
502 tp = (char *) strrchr(ti->data, '\\');
504 tp = (char *) strrchr(ti->data, '/');
506 strncpy(tbuffer, ti->data, code=(afs_int32)(tp-ti->data+1)); /* the dir name */
508 tp++; /* skip the slash */
511 if (!InAFS(tbuffer)) {
512 const char * nbname = NetbiosName();
513 int len = (int)strlen(nbname);
515 if (tbuffer[0] == '\\' && tbuffer[1] == '\\' &&
516 tbuffer[len+2] == '\\' &&
517 tbuffer[len+3] == '\0' &&
518 !strnicmp(nbname,&tbuffer[2],len))
520 sprintf(tbuffer,"\\\\%s\\all\\", nbname);
526 fs_ExtractDriveLetter(ti->data, tbuffer);
527 strcat(tbuffer, ".");
529 fs_StripDriveLetter(tp, tp, 0);
532 blob.in_size = (int)strlen(tp)+1;
534 blob.out_size = sizeof(lsbuffer);
535 code = pioctl_utf8(tbuffer, VIOC_LISTSYMLINK, &blob, 0);
538 fprintf(stderr,"symlink: '%s' is not a symlink.\n", ti->data);
540 Die(errno, ti->data);
542 continue; /* don't bother trying */
545 if ( IsFreelanceRoot(tbuffer) && !IsAdmin() ) {
546 fprintf(stderr,"symlink: Only AFS Client Administrators may alter the root.afs volume\n");
553 blob.in_size = (long)strlen(tp)+1;
554 code = pioctl_utf8(tbuffer, VIOC_DELSYMLINK, &blob, 0);
556 Die(errno, ti->data);
563 FreeUtf8CmdLine(int argc, char ** argv)
566 for (i=0; i < argc; i++) {
574 MakeUtf8Cmdline(int argc, const wchar_t **wargv)
579 argv = calloc(argc, sizeof(argv[0]));
583 for (i=0; i < argc; i++) {
586 s = WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, NULL, 0, NULL, FALSE);
588 (argv[i] = calloc(s+1, sizeof(char))) == NULL) {
592 s = WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, argv[i], s+1, NULL, FALSE);
599 FreeUtf8CmdLine(argc, argv);
606 static struct ViceIoctl gblob;
607 static int debug = 0;
609 int wmain(int argc, wchar_t **wargv)
611 register afs_int32 code;
612 register struct cmd_syndesc *ts;
617 * The following signal action for AIX is necessary so that in case of a
618 * crash (i.e. core is generated) we can include the user's data section
619 * in the core dump. Unfortunately, by default, only a partial core is
620 * generated which, in many cases, isn't too useful.
622 struct sigaction nsa;
624 sigemptyset(&nsa.sa_mask);
625 nsa.sa_handler = SIG_DFL;
626 nsa.sa_flags = SA_FULLDUMP;
627 sigaction(SIGSEGV, &nsa, NULL);
632 WSAStartup(0x0101, &WSAjunk);
635 /* try to find volume location information */
637 argv = MakeUtf8Cmdline(argc, wargv);
641 ts = cmd_CreateSyntax("list", ListLinkCmd, NULL, "list symlink");
642 cmd_AddParm(ts, "-name", CMD_LIST, 0, "name");
644 ts = cmd_CreateSyntax("make", MakeLinkCmd, NULL, "make symlink");
645 cmd_AddParm(ts, "-name", CMD_SINGLE, 0, "name");
646 cmd_AddParm(ts, "-to", CMD_SINGLE, 0, "target");
648 ts = cmd_CreateSyntax("remove", RemoveLinkCmd, NULL, "remove symlink");
649 cmd_AddParm(ts, "-name", CMD_LIST, 0, "name");
650 cmd_CreateAlias(ts, "rm");
652 code = cmd_Dispatch(argc, argv);
655 if (rxInitDone) rx_Finalize();
656 #endif /* not WIN32 */
658 FreeUtf8CmdLine(argc, argv);
663 void Die(code, filename)
668 if (code == EINVAL) {
670 fprintf(stderr,"%s: Invalid argument; it is possible that %s is not in AFS.\n", pn, filename);
671 else fprintf(stderr,"%s: Invalid argument.\n", pn);
673 else if (code == ENOENT) {
674 if (filename) fprintf(stderr,"%s: File '%s' doesn't exist.\n", pn, filename);
675 else fprintf(stderr,"%s: no such file returned.\n", pn);
677 else if (code == EEXIST) {
678 if (filename) fprintf(stderr,"%s: File '%s' already exists.\n", pn, filename);
679 else fprintf(stderr,"%s: the specified file already exists.\n", pn);
681 else if (code == EROFS) fprintf(stderr,"%s: You can not change a backup or readonly volume\n", pn);
682 else if (code == EACCES || code == EPERM) {
683 if (filename) fprintf(stderr,"%s: You don't have the required access rights on '%s'\n", pn, filename);
684 else fprintf(stderr,"%s: You do not have the required rights to do this operation\n", pn);
686 else if (code == ENODEV) {
687 fprintf(stderr,"%s: AFS service may not have started.\n", pn);
689 else if (code == ESRCH) {
690 fprintf(stderr,"%s: Cell name not recognized.\n", pn);
692 else if (code == EPIPE) {
693 fprintf(stderr,"%s: Volume name or ID not recognized.\n", pn);
695 else if (code == EFBIG) {
696 fprintf(stderr,"%s: Cache size too large.\n", pn);
698 else if (code == ETIMEDOUT) {
700 fprintf(stderr,"%s:'%s': Connection timed out", pn, filename);
702 fprintf(stderr,"%s: Connection timed out", pn);
705 if (filename) fprintf(stderr,"%s:'%s'", pn, filename);
706 else fprintf(stderr,"%s", pn);
708 fprintf(stderr, ": code 0x%x\n", code);
709 #else /* not WIN32 */
710 fprintf(stderr,": %s\n", afs_error_message(code));
711 #endif /* not WIN32 */