2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
17 #include <sys/utime.h>
18 #endif /* AFS_NT40_ENV */
23 #include <afs/cellconfig.h>
25 #include <afs/afsutil.h>
26 #include <afs/fileutil.h>
27 #include <afs/ktime.h>
28 #include <afs/audit.h>
29 #include <afs/kautils.h>
32 #include "bnode_internal.h"
34 #include "bosprototypes.h"
36 extern struct ktime bozo_nextRestartKT, bozo_nextDayKT;
38 extern struct afsconf_dir *bozo_confdir;
39 extern int bozo_newKTs;
41 extern int bozo_isrestricted;
44 SBOZO_GetRestartTime(struct rx_call *acall, afs_int32 atype, struct bozo_netKTime *aktime)
48 code = 0; /* assume success */
51 memcpy(aktime, &bozo_nextRestartKT, sizeof(struct ktime));
55 memcpy(aktime, &bozo_nextDayKT, sizeof(struct ktime));
67 SBOZO_SetRestartTime(struct rx_call *acall, afs_int32 atype, struct bozo_netKTime *aktime)
70 char caller[MAXKTCNAMELEN];
72 /* check for proper permissions */
73 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
78 bozo_Log("%s is executing SetRestartTime\n", caller);
80 code = 0; /* assume success */
83 memcpy(&bozo_nextRestartKT, aktime, sizeof(struct ktime));
87 memcpy(&bozo_nextDayKT, aktime, sizeof(struct ktime));
96 /* try to update the bozo init file */
97 code = WriteBozoFile(0);
102 osi_auditU(acall, BOS_SetRestartEvent, code, AUD_END);
107 SBOZO_Exec(struct rx_call *acall, char *acmd)
110 char caller[MAXKTCNAMELEN];
113 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
117 if (bozo_isrestricted) {
122 bozo_Log("%s is executing the shell command '%s'\n", caller, acmd);
124 /* should copy output to acall, but don't yet cause its hard */
125 /* hard... NOT! Nnow _at least_ return the exit status */
127 osi_auditU(acall, BOS_ExecEvent, code, AUD_STR, acmd, AUD_END);
134 SBOZO_GetDates(struct rx_call *acall, char *aname, afs_int32 *atime,
135 afs_int32 *abakTime, afs_int32 *aoldTime)
138 char *filepath = NULL, *fpBak = NULL, *fpOld = NULL;
140 *atime = *abakTime = *aoldTime = 0;
142 /* construct local path from canonical (wire-format) path */
143 if (ConstructLocalBinPath(aname, &filepath)) {
146 if (asprintf(&fpBak, "%s.BAK", filepath) < 0) {
150 if (asprintf(&fpOld, "%s.OLD", filepath) < 0) {
155 if (!stat(filepath, &tstat)) {
156 *atime = tstat.st_mtime;
159 if (!stat(fpBak, &tstat)) {
160 *abakTime = tstat.st_mtime;
163 if (!stat(fpOld, &tstat)) {
164 *aoldTime = tstat.st_mtime;
174 SBOZO_UnInstall(struct rx_call *acall, char *aname)
176 char *filepath = NULL;
177 char *fpOld = NULL, *fpBak = NULL;
179 char caller[MAXKTCNAMELEN];
182 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
184 osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END);
187 if (bozo_isrestricted) {
189 osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END);
193 /* construct local path from canonical (wire-format) path */
194 if (ConstructLocalBinPath(aname, &filepath)) {
199 bozo_Log("%s is executing UnInstall '%s'\n", caller, filepath);
201 if (asprintf(&fpBak, "%s.BAK", filepath) < 0) {
206 if (asprintf(&fpOld, "%s.OLD", filepath) < 0) {
212 code = rk_rename(fpBak, filepath);
214 /* can't find .BAK, try .OLD */
215 code = rk_rename(fpOld, filepath);
216 if (code && errno == ENOENT) /* If doesn't exist don't fail */
219 /* now rename .OLD to .BAK */
220 if (stat(fpOld, &tstat) == 0)
221 code = rk_rename(fpOld, fpBak);
227 osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, filepath, AUD_END);
235 #define BOZO_OLDTIME (7*24*3600) /* 7 days old */
237 SaveOldFiles(char *aname)
240 char *bbuffer = NULL, *obuffer = NULL;
243 afs_int32 oldTime, bakTime;
245 now = FT_ApproxTime();
247 code = stat(aname, &tstat);
249 return; /* can't stat file */
251 if (asprintf(&bbuffer, "%s.BAK", aname) < 0)
254 if (asprintf(&obuffer, "%s.OLD", aname) < 0) {
259 code = stat(obuffer, &tstat); /* discover old file's time */
263 oldTime = tstat.st_mtime;
265 code = stat(bbuffer, &tstat); /* discover back file's time */
269 bakTime = tstat.st_mtime;
271 if (bakTime && (oldTime == 0 || bakTime < now - BOZO_OLDTIME)) {
272 /* no .OLD file, or .BAK is at least a week old */
273 rk_rename(bbuffer, obuffer);
276 /* finally rename to .BAK extension */
277 rk_rename(aname, bbuffer);
285 SBOZO_Install(struct rx_call *acall, char *aname, afs_int32 asize, afs_int32 mode, afs_int32 amtime)
287 afs_int32 code, ret = 0;
292 struct _utimbuf utbuf;
294 struct timeval tvb[2];
296 char *filepath = NULL, *fpNew = NULL, *tbuffer = NULL;
297 char caller[MAXKTCNAMELEN];
299 if (!afsconf_SuperUser(bozo_confdir, acall, caller))
301 if (bozo_isrestricted)
304 /* construct local path from canonical (wire-format) path */
305 if (ConstructLocalBinPath(aname, &filepath)) {
308 if (asprintf(&fpNew, "%s.NEW", filepath) < 0) {
313 tbuffer = malloc(AFSDIR_PATH_MAX);
314 if (tbuffer == NULL) {
320 bozo_Log("%s is executing Install '%s'\n", caller, filepath);
323 fd = open(fpNew, O_CREAT | O_RDWR | O_TRUNC, 0777);
330 len = rx_Read(acall, tbuffer, sizeof(tbuffer));
337 break; /* no more input */
338 code = write(fd, tbuffer, len);
344 total += len; /* track total written for safety check at end */
346 if (asize != total) {
348 ret = 101; /* wrong size */
353 SaveOldFiles(filepath); /* don't care if it works, still install */
355 /* all done, rename to final name */
356 code = (rk_rename(fpNew, filepath) ? errno : 0);
358 /* label file with same time for our sanity */
360 utbuf.actime = utbuf.modtime = amtime;
361 _utime(filepath, &utbuf);
363 tvb[0].tv_sec = tvb[1].tv_sec = amtime;
364 tvb[0].tv_usec = tvb[1].tv_usec = 0;
365 utimes(filepath, tvb);
366 #endif /* AFS_NT40_ENV */
369 chmod(filepath, mode);
372 osi_auditU(acall, BOS_InstallEvent, code, AUD_STR, filepath, AUD_END);
387 SBOZO_SetCellName(struct rx_call *acall, char *aname)
389 struct afsconf_cell tcell;
391 char caller[MAXKTCNAMELEN];
392 char clones[MAXHOSTSPERCELL];
394 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
399 bozo_Log("%s is executing SetCellName '%s'\n", caller, aname);
402 afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell,
407 /* Check that tcell has enough space for the new cellname. */
408 if (strlen(aname) > sizeof tcell.name - 1) {
410 ("ERROR: SetCellName: cell name '%s' exceeds %ld bytes (cell name not changed)\n",
411 aname, (long)(sizeof tcell.name - 1));
416 strcpy(tcell.name, aname);
418 afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH,
422 osi_auditU(acall, BOS_SetCellEvent, code, AUD_STR, aname, AUD_END);
427 SBOZO_GetCellName(struct rx_call *acall, char **aname)
430 char tname[MAXCELLCHARS];
432 code = afsconf_GetLocalCell(bozo_confdir, tname, sizeof(tname));
434 *aname = strdup(tname);
443 SBOZO_GetCellHost(struct rx_call *acall, afs_uint32 awhich, char **aname)
446 struct afsconf_cell tcell;
448 char clones[MAXHOSTSPERCELL];
451 afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell,
456 if (awhich >= tcell.numServers) {
461 tp = tcell.hostName[awhich];
462 if (clones[awhich]) {
463 if (asprintf(aname, "[%s]", tp) < 0)
467 if (*aname == NULL) {
474 *aname = malloc(1); /* return fake string */
482 SBOZO_DeleteCellHost(struct rx_call *acall, char *aname)
485 struct afsconf_cell tcell;
488 char caller[MAXKTCNAMELEN];
489 char clones[MAXHOSTSPERCELL];
491 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
496 bozo_Log("%s is executing DeleteCellHost '%s'\n", caller, aname);
499 afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell,
505 for (i = 0; i < tcell.numServers; i++) {
506 if (strcmp(tcell.hostName[i], aname) == 0) {
517 memset(&tcell.hostAddr[which], 0, sizeof(struct sockaddr_in));
518 memset(tcell.hostName[which], 0, MAXHOSTCHARS);
520 afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH,
524 osi_auditU(acall, BOS_DeleteHostEvent, code, AUD_STR, aname, AUD_END);
529 SBOZO_AddCellHost(struct rx_call *acall, char *aname)
532 struct afsconf_cell tcell;
535 char caller[MAXKTCNAMELEN];
536 char clones[MAXHOSTSPERCELL];
540 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
545 bozo_Log("%s is executing AddCellHost '%s'\n", caller, aname);
548 afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell,
555 *(n + strlen(n) - 1) = 0;
561 for (i = 0; i < tcell.numServers; i++) {
562 if (strcmp(tcell.hostName[i], n) == 0) {
568 which = tcell.numServers;
572 * Check that tcell has enough space for an additional host.
574 * We assume that tcell.hostAddr[] and tcell.hostName[] have the
575 * same number of entries.
577 if (tcell.numServers >
578 sizeof tcell.hostAddr / sizeof tcell.hostAddr[0]) {
580 ("ERROR: AddCellHost: attempt to add more than %ld database servers (database server '%s' not added)\n",
581 (long)(sizeof tcell.hostAddr / sizeof tcell.hostAddr[0]),
587 /* Check that tcell has enough space for the new hostname. */
588 if (strlen(aname) > sizeof tcell.hostName[0] - 1) {
590 ("ERROR: AddCellHost: host name '%s' exceeds %ld bytes (not added)\n",
591 aname, (long)(sizeof tcell.hostName[0] - 1));
597 memset(&tcell.hostAddr[which], 0, sizeof(struct sockaddr_in));
598 strcpy(tcell.hostName[which], n);
599 clones[which] = isClone;
601 afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH,
605 osi_auditU(acall, BOS_AddHostEvent, code, AUD_STR, aname, AUD_END);
610 SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno,
611 struct bozo_key *akey, struct bozo_keyInfo *akeyinfo)
613 struct afsconf_keys tkeys;
617 char caller[MAXKTCNAMELEN];
618 rxkad_level enc_level = rxkad_clear;
620 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
625 bozo_Log("%s is executing ListKeys\n", caller);
627 code = afsconf_GetKeys(bozo_confdir, &tkeys);
631 if (tkeys.nkeys <= an) {
635 *akvno = tkeys.key[an].kvno;
636 memset(akeyinfo, 0, sizeof(struct bozo_keyInfo));
638 noauth = afsconf_GetNoAuthFlag(bozo_confdir);
639 rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0);
641 * only return actual keys in noauth or if this is an encrypted connection
644 if ((noauth) || (enc_level == rxkad_crypt)) {
645 memcpy(akey, tkeys.key[an].key, 8);
649 code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat);
651 akeyinfo->mod_sec = tstat.st_mtime;
654 /* This will return an error if the key is 'bad' (bad checksum, weak DES
655 * key, etc). But we don't care, since we can still return the other
656 * information about the key, so ignore the result. */
657 (void)ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum);
661 osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END);
662 osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END);
667 SBOZO_AddKey(struct rx_call *acall, afs_int32 an, struct bozo_key *akey)
670 char caller[MAXKTCNAMELEN];
671 rxkad_level enc_level = rxkad_clear;
674 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
678 noauth = afsconf_GetNoAuthFlag(bozo_confdir);
679 rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0);
680 if ((!noauth) && (enc_level != rxkad_crypt)) {
685 bozo_Log("%s is executing AddKey\n", caller);
687 code = afsconf_AddKey(bozo_confdir, an, akey->data, 0);
688 if (code == AFSCONF_KEYINUSE)
689 code = BZKEYINUSE; /* Unique code for afs rpc calls */
691 osi_auditU(acall, BOS_AddKeyEvent, code, AUD_END);
696 SBOZO_SetNoAuthFlag(struct rx_call *acall, afs_int32 aflag)
699 char caller[MAXKTCNAMELEN];
701 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
706 bozo_Log("%s is executing Set No Authentication\n", caller);
708 afsconf_SetNoAuthFlag(bozo_confdir, aflag);
711 osi_auditU(acall, BOS_SetNoAuthEvent, code, AUD_LONG, aflag, AUD_END);
716 SBOZO_DeleteKey(struct rx_call *acall, afs_int32 an)
719 char caller[MAXKTCNAMELEN];
721 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
726 bozo_Log("%s is executing DeleteKey\n", caller);
728 code = afsconf_DeleteKey(bozo_confdir, an);
731 osi_auditU(acall, BOS_DeleteKeyEvent, code, AUD_END);
737 SBOZO_ListSUsers(struct rx_call *acall, afs_int32 an, char **aname)
742 tp = *aname = malloc(256);
743 *tp = 0; /* in case getnthuser doesn't null-terminate the string */
744 code = afsconf_GetNthUser(bozo_confdir, an, tp, 256);
747 osi_auditU(acall, BOS_ListSUserEvent, code, AUD_END);
752 SBOZO_AddSUser(struct rx_call *acall, char *aname)
755 char caller[MAXKTCNAMELEN];
757 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
762 bozo_Log("%s is executing Add SuperUser '%s'\n", caller, aname);
764 code = afsconf_AddUser(bozo_confdir, aname);
767 osi_auditU(acall, BOS_AddSUserEvent, code, AUD_END);
772 SBOZO_DeleteSUser(struct rx_call *acall, char *aname)
775 char caller[MAXKTCNAMELEN];
777 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
783 bozo_Log("%s is executing Delete SuperUser '%s'\n", caller, aname);
785 code = afsconf_DeleteUser(bozo_confdir, aname);
788 osi_auditU(acall, BOS_DeleteSUserEvent, code, AUD_END);
793 SBOZO_CreateBnode(struct rx_call *acall, char *atype, char *ainstance,
794 char *ap1, char *ap2, char *ap3, char *ap4, char *ap5,
799 char caller[MAXKTCNAMELEN];
801 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
805 if (bozo_isrestricted) {
806 const char *salvpath = AFSDIR_CANONICAL_SERVER_SALVAGER_FILEPATH;
807 /* for DAFS, 'bos salvage' will pass "salvageserver -client" instead */
808 const char *salsrvpath = AFSDIR_CANONICAL_SERVER_SALSRV_FILEPATH " -client ";
810 /* still allow 'bos salvage' to work */
811 if (strcmp(atype, "cron") || strcmp(ainstance, "salvage-tmp")
812 || strcmp(ap2, "now")
813 || (strncmp(ap1, salvpath, strlen(salvpath))
814 && strncmp(ap1, salsrvpath, strlen(salsrvpath)))) {
822 bnode_Create(atype, ainstance, &tb, ap1, ap2, ap3, ap4, ap5, notifier,
825 bnode_SetStat(tb, BSTAT_NORMAL);
828 osi_auditU(acall, BOS_CreateBnodeEvent, code, AUD_END);
833 SBOZO_WaitAll(struct rx_call *acall)
836 char caller[MAXKTCNAMELEN];
838 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
844 bozo_Log("%s is executing Wait for All\n", caller);
846 code = bnode_WaitAll();
849 osi_auditU(acall, BOS_WaitAllEvent, code, AUD_END);
854 SBOZO_DeleteBnode(struct rx_call *acall, char *ainstance)
857 char caller[MAXKTCNAMELEN];
859 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
863 if (bozo_isrestricted) {
868 bozo_Log("%s is executing DeleteBnode '%s'\n", caller, ainstance);
870 code = bnode_DeleteName(ainstance);
873 osi_auditU(acall, BOS_DeleteBnodeEvent, code, AUD_STR, ainstance,
879 swproc(struct bnode *abnode, void *arock)
881 if (abnode->goal == BSTAT_NORMAL)
882 return 0; /* this one's not shutting down */
883 /* otherwise, we are shutting down */
885 bnode_WaitStatus(abnode, BSTAT_SHUTDOWN);
886 bnode_Release(abnode);
887 return 0; /* don't stop apply function early, no matter what */
891 stproc(struct bnode *abnode, void *arock)
893 if (abnode->fileGoal == BSTAT_SHUTDOWN)
894 return 0; /* don't do these guys */
897 bnode_ResetErrorCount(abnode);
898 bnode_SetStat(abnode, BSTAT_NORMAL);
899 bnode_Release(abnode);
904 sdproc(struct bnode *abnode, void *arock)
907 bnode_SetStat(abnode, BSTAT_SHUTDOWN);
908 bnode_Release(abnode);
912 /* shutdown and leave down */
914 SBOZO_ShutdownAll(struct rx_call *acall)
916 /* iterate over all bnodes, setting the status to temporarily disabled */
918 char caller[MAXKTCNAMELEN];
920 /* check for authorization */
921 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
926 bozo_Log("%s is executing ShutdownAll\n", caller);
928 code = bnode_ApplyInstance(sdproc, NULL);
931 osi_auditU(acall, BOS_ShutdownAllEvent, code, AUD_END);
935 /* shutdown and restart */
937 SBOZO_RestartAll(struct rx_call *acall)
940 char caller[MAXKTCNAMELEN];
942 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
947 bozo_Log("%s is executing RestartAll\n", caller);
949 /* start shutdown of all processes */
950 code = bnode_ApplyInstance(sdproc, NULL);
954 /* wait for all done */
955 code = bnode_ApplyInstance(swproc, NULL);
959 /* start them up again */
960 code = bnode_ApplyInstance(stproc, NULL);
963 osi_auditU(acall, BOS_RestartAllEvent, code, AUD_END);
968 SBOZO_ReBozo(struct rx_call *acall)
971 char caller[MAXKTCNAMELEN];
973 /* acall is null if called internally to restart bosserver */
974 if (acall && !afsconf_SuperUser(bozo_confdir, acall, caller)) {
979 bozo_Log("%s is executing ReBozo\n", caller);
981 /* start shutdown of all processes */
982 code = bnode_ApplyInstance(sdproc, NULL);
986 /* wait for all done */
987 code = bnode_ApplyInstance(swproc, NULL);
992 osi_auditU(acall, BOS_RebozoEvent, code, AUD_END);
994 osi_audit(BOS_RebozoIntEvent, code, AUD_END);
997 rx_EndCall(acall, 0); /* try to get it done */
999 bozo_ReBozo(); /* this reexecs us, and doesn't return, of course */
1002 /* Differentiate between external and internal ReBozo; prevents AFS_Aud_NoCall event */
1004 osi_auditU(acall, BOS_RebozoEvent, code, AUD_END);
1006 osi_audit(BOS_RebozoIntEvent, code, AUD_END);
1007 return code; /* should only get here in unusual circumstances */
1010 /* make sure all are running */
1012 SBOZO_StartupAll(struct rx_call *acall)
1015 char caller[MAXKTCNAMELEN];
1017 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1022 bozo_Log("%s is executing StartupAll\n", caller);
1023 code = bnode_ApplyInstance(stproc, NULL);
1026 osi_auditU(acall, BOS_StartupAllEvent, code, AUD_END);
1031 SBOZO_Restart(struct rx_call *acall, char *ainstance)
1035 char caller[MAXKTCNAMELEN];
1037 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1042 bozo_Log("%s is executing Restart '%s'\n", caller, ainstance);
1044 tb = bnode_FindInstance(ainstance);
1051 bnode_SetStat(tb, BSTAT_SHUTDOWN);
1052 code = bnode_WaitStatus(tb, BSTAT_SHUTDOWN); /* this can fail */
1053 bnode_ResetErrorCount(tb);
1054 bnode_SetStat(tb, BSTAT_NORMAL);
1058 osi_auditU(acall, BOS_RestartEvent, code, AUD_STR, ainstance, AUD_END);
1062 /* set temp status */
1064 SBOZO_SetTStatus(struct rx_call *acall, char *ainstance, afs_int32 astatus)
1068 char caller[MAXKTCNAMELEN];
1070 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1075 bozo_Log("%s is executing SetTempStatus '%s'\n", caller, ainstance);
1077 tb = bnode_FindInstance(ainstance);
1083 bnode_ResetErrorCount(tb);
1084 code = bnode_SetStat(tb, astatus);
1088 osi_auditU(acall, BOS_SetTempStatusEvent, code, AUD_STR, ainstance,
1094 SBOZO_SetStatus(struct rx_call *acall, char *ainstance, afs_int32 astatus)
1098 char caller[MAXKTCNAMELEN];
1100 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1105 bozo_Log("%s is executing SetStatus '%s' (status = %d)\n", caller,
1106 ainstance, astatus);
1108 tb = bnode_FindInstance(ainstance);
1114 bnode_SetFileGoal(tb, astatus);
1115 code = bnode_SetStat(tb, astatus);
1119 osi_auditU(acall, BOS_SetStatusEvent, code, AUD_STR, ainstance, AUD_END);
1124 SBOZO_GetStatus(struct rx_call *acall, char *ainstance, afs_int32 *astat,
1130 tb = bnode_FindInstance(ainstance);
1137 code = bnode_GetStat(tb, astat);
1143 *astatDescr = malloc(BOZO_BSSIZE);
1144 code = bnode_GetString(tb, *astatDescr, BOZO_BSSIZE);
1147 (*astatDescr)[0] = 0; /* null string means no further info */
1151 *astatDescr = malloc(1);
1162 eifunc(struct bnode *abnode, void *param)
1164 struct eidata *arock = (struct eidata *)param;
1166 if (arock->counter-- == 0) {
1168 strcpy(arock->iname, abnode->name);
1177 ZapFile(const char *adir, const char *aname)
1180 if (snprintf(tbuffer, 256, "%s/%s", adir, aname)<256)
1181 return unlink(tbuffer);
1187 SBOZO_Prune(struct rx_call *acall, afs_int32 aflags)
1193 char caller[MAXKTCNAMELEN];
1195 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1199 if (bozo_isrestricted) {
1204 bozo_Log("%s is executing Prune (flags=%d)\n", caller, aflags);
1206 /* first scan AFS binary directory */
1207 dirp = opendir(AFSDIR_SERVER_BIN_DIRPATH);
1209 for (tde = readdir(dirp); tde; tde = readdir(dirp)) {
1210 i = strlen(tde->d_name);
1211 if (aflags & BOZO_PRUNEOLD) {
1212 if (i >= 4 && strncmp(tde->d_name + i - 4, ".OLD", 4) == 0)
1213 ZapFile(AFSDIR_SERVER_BIN_DIRPATH, tde->d_name);
1215 if (aflags & BOZO_PRUNEBAK) {
1216 if (i >= 4 && strncmp(tde->d_name + i - 4, ".BAK", 4) == 0)
1217 ZapFile(AFSDIR_SERVER_BIN_DIRPATH, tde->d_name);
1223 /* then scan AFS log directory */
1224 dirp = opendir(AFSDIR_SERVER_LOGS_DIRPATH);
1226 for (tde = readdir(dirp); tde; tde = readdir(dirp)) {
1227 if (aflags & BOZO_PRUNECORE) {
1228 if (strncmp(tde->d_name, AFSDIR_CORE_FILE, 4) == 0)
1229 ZapFile(AFSDIR_SERVER_LOGS_DIRPATH, tde->d_name);
1237 osi_auditU(acall, BOS_PruneLogs, code, AUD_END);
1242 SBOZO_EnumerateInstance(struct rx_call *acall, afs_int32 anum,
1245 struct eidata tdata;
1250 *ainstance = malloc(BOZO_BSSIZE);
1252 tdata.counter = anum;
1253 tdata.iname = *ainstance;
1254 bnode_ApplyInstance(eifunc, &tdata);
1255 if (tdata.counter >= 0)
1256 return BZDOM; /* anum > # of actual instances */
1261 struct bozo_bosEntryStats bozo_bosEntryStats[] = {
1262 {NULL, 1, 1, 0755, 02}, /* AFSDIR_SERVER_AFS_DIRPATH */
1263 {NULL, 1, 1, 0755, 02}, /* AFSDIR_SERVER_ETC_DIRPATH */
1264 {NULL, 1, 1, 0755, 02}, /* AFSDIR_SERVER_BIN_DIRPATH */
1265 {NULL, 1, 1, 0755, 02}, /* AFSDIR_SERVER_LOGS_DIRPATH */
1266 {NULL, 1, 0, 0700, 07}, /* AFSDIR_SERVER_BACKUP_DIRPATH */
1267 {NULL, 1, 1, 0700, 07}, /* AFSDIR_SERVER_DB_DIRPATH */
1268 {NULL, 1, 1, 0700, 07}, /* AFSDIR_SERVER_LOCAL_DIRPATH */
1269 {NULL, 0, 1, 0600, 07}, /* AFSDIR_SERVER_KEY_FILEPATH */
1270 {NULL, 0, 1, 0600, 03}, /* AFSDIR_SERVER_ULIST_FILEPATH */
1271 {NULL, 0, 1, 0600, 07}, /* AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH */
1272 {NULL, 0, 1, 0600, 07} /* AFSDIR_SERVER_EXT_KEY_FILEPATH */
1274 int bozo_nbosEntryStats =
1275 sizeof(bozo_bosEntryStats) / sizeof(bozo_bosEntryStats[0]);
1277 /* This function performs initialization of the bozo_bosEntrystats[]
1278 * array. This array contains the list of dirs that the bosserver
1279 * is interested in along with their recommended permissions
1280 * NOTE: This initialization is a bit ugly. This was caused because
1281 * the path names require procedural as opposed to static initialization.
1282 * The other fields in the struct are however, statically initialized.
1285 initBosEntryStats(void)
1287 bozo_bosEntryStats[0].path = AFSDIR_SERVER_AFS_DIRPATH;
1288 bozo_bosEntryStats[1].path = AFSDIR_SERVER_ETC_DIRPATH;
1289 bozo_bosEntryStats[2].path = AFSDIR_SERVER_BIN_DIRPATH;
1290 bozo_bosEntryStats[3].path = AFSDIR_SERVER_LOGS_DIRPATH;
1291 bozo_bosEntryStats[4].path = AFSDIR_SERVER_BACKUP_DIRPATH;
1292 bozo_bosEntryStats[5].path = AFSDIR_SERVER_DB_DIRPATH;
1293 bozo_bosEntryStats[6].path = AFSDIR_SERVER_LOCAL_DIRPATH;
1294 bozo_bosEntryStats[7].path = AFSDIR_SERVER_KEY_FILEPATH;
1295 bozo_bosEntryStats[8].path = AFSDIR_SERVER_ULIST_FILEPATH;
1296 bozo_bosEntryStats[9].path = AFSDIR_SERVER_RXKAD_KEYTAB_FILEPATH;
1297 bozo_bosEntryStats[10].path = AFSDIR_SERVER_EXT_KEY_FILEPATH;
1302 /* StatEachEntry - If it's not there, it is okay. If anything else goes wrong
1303 * complain. Otherwise check permissions: shouldn't allow write or (usually)
1307 StatEachEntry(IN struct bozo_bosEntryStats *stats)
1310 if (stat(stats->path, &info)) {
1311 if (errno == ENOENT)
1312 return 1; /* no such entry: just ignore it */
1313 return 0; /* something else went wrong */
1316 if (((info.st_mode & S_IFDIR) != 0) != stats->dir)
1317 return 0; /* not expected type */
1318 if (stats->rootOwner && (info.st_uid != 0))
1319 return 0; /* not owned by root */
1320 rights = (info.st_mode & 0000777);
1321 if ((rights & stats->reqPerm) != stats->reqPerm)
1322 return 0; /* required permissions not present */
1323 if ((rights & stats->proPerm) != 0)
1324 return 0; /* prohibited permissions present */
1329 /* DirAccessOK - checks the mode bits on the AFS dir and decendents and
1330 * returns 0 if some are not OK and 1 otherwise. For efficiency, it doesn't do
1331 * this check more often than every 5 seconds. */
1337 /* underlying filesystem may not support directory protection */
1340 static afs_uint32 lastTime = 0;
1341 afs_uint32 now = FT_ApproxTime();
1342 static int lastResult = -1;
1346 if ((now - lastTime) < 5)
1351 for (i = 0; i < bozo_nbosEntryStats; i++) {
1352 struct bozo_bosEntryStats *e = &bozo_bosEntryStats[i];
1353 if (!StatEachEntry(e)) {
1354 bozo_Log("unhappy with %s which is a %s that should "
1355 "have at least rights %o, at most rights %o %s\n",
1356 e->path, e->dir ? "dir" : "file", e->reqPerm,
1357 (~e->proPerm & 0777),
1358 e->rootOwner ? ", owned by root" : "");
1363 if (result != lastResult) { /* log changes */
1364 bozo_Log("Server directory access is %sokay\n",
1365 (result ? "" : "not "));
1367 lastResult = result;
1369 #endif /* AFS_NT40_ENV */
1373 GetRequiredDirPerm(const char *path)
1376 for (i = 0; i < bozo_nbosEntryStats; i++)
1377 if (strcmp(path, bozo_bosEntryStats[i].path) == 0)
1378 return bozo_bosEntryStats[i].reqPerm;
1383 SBOZO_GetInstanceInfo(IN struct rx_call *acall,
1386 OUT struct bozo_status *astatus)
1390 tb = bnode_FindInstance(ainstance);
1391 *atype = malloc(BOZO_BSSIZE);
1396 strcpy(*atype, tb->type->name);
1398 (*atype)[0] = 0; /* null string */
1399 memset(astatus, 0, sizeof(struct bozo_status)); /* good defaults */
1400 astatus->goal = tb->goal;
1401 astatus->fileGoal = tb->fileGoal;
1402 astatus->procStartTime = tb->procStartTime;
1403 astatus->procStarts = tb->procStarts;
1404 astatus->lastAnyExit = tb->lastAnyExit;
1405 astatus->lastErrorExit = tb->lastErrorExit;
1406 astatus->errorCode = tb->errorCode;
1407 astatus->errorSignal = tb->errorSignal;
1408 if (tb->flags & BNODE_ERRORSTOP)
1409 astatus->flags |= BOZO_ERRORSTOP;
1410 if (bnode_HasCore(tb))
1411 astatus->flags |= BOZO_HASCORE;
1413 astatus->flags |= BOZO_BADDIRACCESS;
1418 SBOZO_GetInstanceParm(struct rx_call *acall,
1427 tp = malloc(BOZO_BSSIZE);
1429 *tp = 0; /* null-terminate string in error case */
1430 tb = bnode_FindInstance(ainstance);
1436 memcpy(tp, tb->notifier, strlen(tb->notifier) + 1);
1439 code = BZNOENT; /* XXXXX */
1441 code = bnode_GetParm(tb, anum, tp, BOZO_BSSIZE);
1444 /* Not Currently Audited */
1449 SBOZO_GetLog(struct rx_call *acall, char *aname)
1456 char caller[MAXKTCNAMELEN];
1458 /* Check access since 'aname' could specify a file outside of the
1459 * AFS log directory (which is bosserver's working directory).
1461 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1465 if (bozo_isrestricted && strchr(aname, '/')
1466 && strcmp(aname, AFSDIR_CANONICAL_SERVER_SLVGLOG_FILEPATH)) {
1471 /* construct local path from canonical (wire-format) path */
1472 if (ConstructLocalLogPath(aname, &logpath)) {
1476 bozo_Log("%s is executing GetLog '%s'\n", caller, logpath);
1477 tfile = fopen(logpath, "r");
1487 continue; /* our termination condition on other end */
1491 if (rx_Write(acall, &buffer, 1) != 1) {
1498 /* all done, cleanup and return */
1501 /* write out the end delimeter */
1503 if (rx_Write(acall, &buffer, 1) != 1)
1508 osi_auditU(acall, BOS_GetLogsEvent, code, AUD_END);
1513 SBOZO_GetInstanceStrings(struct rx_call *acall, char *abnodeName,
1514 char **as1, char **as2, char **as3, char **as4)
1524 tb = bnode_FindInstance(abnodeName);
1528 /* now, return the appropriate error string, if any */
1529 if (tb->lastErrorName) {
1530 *as1 = strdup(tb->lastErrorName);
1544 SBOZO_GetRestrictedMode(struct rx_call *acall, afs_int32 *arestmode)
1546 *arestmode = bozo_isrestricted;
1551 SBOZO_SetRestrictedMode(struct rx_call *acall, afs_int32 arestmode)
1554 char caller[MAXKTCNAMELEN];
1556 if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
1559 if (bozo_isrestricted) {
1562 if (arestmode != 0 && arestmode != 1) {
1565 bozo_isrestricted = arestmode;
1566 code = WriteBozoFile(0);
1572 bozo_ShutdownAndExit(void *param)
1574 int asignal = (intptr_t)param;
1578 ("Shutdown of BOS server and processes in response to signal %d\n",
1581 /* start shutdown of all processes */
1582 if ((code = bnode_ApplyInstance(sdproc, NULL)) == 0) {
1583 /* wait for shutdown to complete */
1584 code = bnode_ApplyInstance(swproc, NULL);
1588 bozo_Log("Shutdown incomplete (code = %d); manual cleanup required\n",
git://git.openafs.org / openafs.git / blob