2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
11 * (5) Add functions to process supergroups:
12 * ChangeIDEntry(), RemoveFromSGEntry(),
13 * AddToSGEntry(), GetListSG2().
14 * (6) Add code to existing functions to process
16 * 2/1/98 jjm Add mdw's changes for bit mapping for supergroups
18 * 09/26/02 kwc Move depthsg definition here from ptserver.c since
19 * pt_util needs it defined also, and this file is
20 * common between the two programs.
23 #include <afsconfig.h>
24 #include <afs/param.h>
30 #include <sys/types.h>
35 #include <netinet/in.h>
41 #include <afs/com_err.h>
42 #include <afs/cellconfig.h>
45 #include "ptprototypes.h"
48 /* Foreign cells are represented by the group system:authuser@cell*/
49 #define AUTHUSER_GROUP "system:authuser"
51 extern int restricted;
52 extern struct ubik_dbase *dbase;
53 extern struct afsconf_dir *prdir;
56 static int inRange(struct prentry *cellEntry, afs_int32 aid);
57 static afs_int32 allocNextId(struct ubik_trans *, struct prentry *);
58 static int AddAuthGroup(struct prentry *tentry, prlist *alist, afs_int32 *size);
60 static char *whoami = "ptserver";
62 int prp_user_default = PRP_USER_DEFAULT;
63 int prp_group_default = PRP_GROUP_DEFAULT;
65 #if defined(SUPERGROUPS)
69 afs_int32 depthsg = 5; /* Maximum iterations used during IsAMemberOF */
70 afs_int32 GetListSG2(struct ubik_trans *at, afs_int32 gid, prlist * alist,
71 afs_int32 * sizeP, afs_int32 depth);
73 struct map *sg_flagged;
76 #define NIL_MAP ((struct map *) 0)
78 /* pt_mywrite hooks into the logic that writes ubik records to disk
79 * at a very low level. It invalidates mappings in sg_flagged/sg_found.
80 * By hoooking in at this level, we ensure that a ubik file reload
81 * invalidates our incore cache.
83 * We assert records, cheaders and everything else are 0 mod 64.
84 * So, we can always see the first 64 bytes of any record written.
85 * The stuff we're interested in (flags, id) are in the first 8 bytes.
86 * so we can always tell if we're writing a group record.
89 int (*pt_save_dbase_write) ();
92 pt_mywrite(struct ubik_dbase *tdb, afs_int32 fno, char *bp, afs_int32 pos, afs_int32 count)
94 afs_uint32 headersize = ntohl(cheader.headerSize);
96 if (fno == 0 && pos + count > headersize) {
111 #define xPT(p,x) ((((struct prentry *)(p))->flags & htonl(PRTYPE)) == htonl(x))
114 fprintf(stderr, "Writing %d bytes of entry @ %#lx(+%d)\n", c,
116 else if (c == ENTRYSIZE)
118 "Writing %d bytes of entry @ %#lx (%d<%s>,%d)\n",
119 c, p, ntohl(((struct prentry *)cp)->flags),
120 xPT(cp,PRUSER) ? "user" : xPT(cp,PRFREE) ? "free" :
121 xPT(cp,PRGRP) ? "group" : xPT(cp,PRCONT) ? "cont" :
122 xPT(cp,PRCELL) ? "cell" : xPT(cp,PRFOREIGN) ? "foreign" :
123 xPT(cp,PRINST) ? "sub/super instance" : "?",
124 ntohl(((struct prentry *)cp)->id));
127 "Writing first %d bytes of entry @ %#lx (%d<%s>,%d)\n",
128 c, p, ntohl(((struct prentry *)cp)->flags),
129 xPT(cp,PRUSER) ? "user" : xPT(cp,PRFREE) ? "free" :
130 xPT(cp,PRGRP) ? "group" : xPT(cp,PRCONT) ? "cont" :
131 xPT(cp,PRCELL) ? "cell" : xPT(cp,PRFOREIGN) ? "foreign" :
132 xPT(cp,PRINST) ? "sub/super instance" : "?",
133 ntohl(((struct prentry *)cp)->id));
135 fprintf(stderr, "Writing %d bytes of entry @ %#lx\n", c, p);
137 if (!o && c >= 8 && xPT(cp,PRGRP)) {
139 if (in_map(sg_found, -ntohl(((struct prentry *)cp)->id)))
140 fprintf(stderr, "Unfound: Removing group %d\n",
141 ntohl(((struct prentry *)cp)->id));
142 if (in_map(sg_flagged, -ntohl(((struct prentry *)cp)->id)))
143 fprintf(stderr, "Unflag: Removing group %d\n",
144 ntohl(((struct prentry *)cp)->id));
148 add_map(NIL_MAP, -ntohl(((struct prentry *)cp)->id)));
151 add_map(NIL_MAP, -ntohl(((struct prentry *)cp)->id)));
159 return (*pt_save_dbase_write) (tdb, fno, bp, pos, count);
163 * this function attaches pt_mywrite. It's called once,
164 * just after ubik_ServerInit.
170 extern struct ubik_dbase *ubik_dbase;
171 if (ubik_dbase->write != pt_mywrite) {
172 pt_save_dbase_write = ubik_dbase->write;
173 ubik_dbase->write = pt_mywrite;
177 #endif /* SUPERGROUPS */
179 /* CorrectUserName - Check to make sure a user name is OK. It must not include
180 * either a colon (or it would look like a group) or an atsign (or it would
181 * look like a foreign user). The length is checked as well to make sure
182 * that the user name, an atsign, and the local cell name will fit in
183 * PR_MAXNAMELEN. This is so this user can fit in another cells database as
184 * a foreign user with our cell name tacked on. This is a predicate, so it
185 * return one if name is OK and zero if name is bogus. */
188 CorrectUserName(char *name)
190 extern int pr_realmNameLen;
192 /* We accept foreign names, so we will deal with '@' later */
193 if (strchr(name, ':') || strchr(name, '\n'))
195 if (strlen(name) >= PR_MAXNAMELEN - pr_realmNameLen - 1)
200 /* CorrectGroupName - Like the above but handles more complicated cases caused
201 * by including the ownership in the name. The interface works by calculating
202 * the correct name based on a given name and owner. This allows easy use by
203 * rename, which then compares the correct name with the requested new name. */
206 CorrectGroupName(struct ubik_trans *ut, char aname[PR_MAXNAMELEN], /* name for group */
207 afs_int32 cid, /* caller id */
208 afs_int32 oid, /* owner of group */
209 char cname[PR_MAXNAMELEN]) /* correct name for group */
213 char *prefix; /* ptr to group owner part */
214 char *suffix; /* ptr to group name part */
215 char name[PR_MAXNAMELEN]; /* correct name for group */
216 struct prentry tentry;
218 if (strlen(aname) >= PR_MAXNAMELEN)
220 admin = pr_noAuth || IsAMemberOf(ut, cid, SYSADMINID);
225 /* Determine the correct prefix for the name. */
226 if (oid == SYSADMINID)
229 afs_int32 loc = FindByID(ut, oid);
231 /* let admin create groups owned by non-existent ids (probably
232 * setting a group to own itself). Check that they look like
233 * groups (with a colon) or otherwise are good user names. */
235 strcpy(cname, aname);
240 code = pr_Read(ut, 0, loc, &tentry, sizeof(tentry));
243 if (ntohl(tentry.flags) & PRGRP) {
244 if ((tentry.count == 0) && !admin)
246 /* terminate prefix at colon if there is one */
247 if ((prefix = strchr(tentry.name, ':')))
250 prefix = tentry.name;
252 /* only sysadmin allow to use 'system:' prefix */
253 if ((strcmp(prefix, "system") == 0) && !admin)
256 strcpy(name, aname); /* in case aname & cname are same */
257 suffix = strchr(name, ':');
259 /* sysadmin can make groups w/o ':', but they must still look like
260 * legal user names. */
265 if (strlen(prefix) + strlen(suffix) >= PR_MAXNAMELEN)
267 strcpy(cname, prefix);
268 strcat(cname, suffix);
271 /* check for legal name with either group rules or user rules */
272 if ((suffix = strchr(cname, ':'))) {
273 /* check for confusing characters */
274 if (strchr(cname, '\n') || /* restrict so recreate can work */
275 strchr(suffix + 1, ':')) /* avoid multiple colons */
278 if (!CorrectUserName(cname))
285 AccessOK(struct ubik_trans *ut, afs_int32 cid, /* caller id */
286 struct prentry *tentry, /* object being accessed */
287 int mem, /* check membership in aid, if group */
288 int any) /* if set return true */
296 if (cid == SYSADMINID)
297 return 1; /* special case fileserver */
298 if (restricted && ((mem == PRP_ADD_MEM) || (mem == PRP_REMOVE_MEM)) && (any == 0))
301 flags = tentry->flags;
305 flags = oid = aid = 0;
307 if (!(flags & PRACCESS)) { /* provide default access */
309 flags |= prp_group_default;
311 flags |= prp_user_default;
317 if ((cid == oid) || IsAMemberOf(ut, cid, oid))
320 if (aid > 0) { /* checking on a user */
323 } else if (aid < 0) { /* checking on group */
324 if ((flags & mem) && IsAMemberOf(ut, cid, aid))
327 /* Allow members of SYSVIEWERID to get membership and status only */
328 if (((mem == PRP_STATUS_MEM) || (mem == PRP_MEMBER_MEM)
329 || (any == PRP_OWNED_ANY)) && (IsAMemberOf(ut, cid, SYSVIEWERID)))
331 if (IsAMemberOf(ut, cid, SYSADMINID))
333 return 0; /* no access */
337 CreateEntry(struct ubik_trans *at, char aname[PR_MAXNAMELEN], afs_int32 *aid, afs_int32 idflag, afs_int32 flag, afs_int32 oid, afs_int32 creator)
339 /* get and init a new entry */
342 struct prentry tentry, tent;
345 memset(&tentry, 0, sizeof(tentry));
347 if ((oid == 0) || (oid == ANONYMOUSID))
351 code = CorrectGroupName(at, aname, creator, oid, tentry.name);
354 if (strcmp(aname, tentry.name) != 0)
356 } else { /* non-group must not have colon */
357 if (!CorrectUserName(aname))
359 strcpy(tentry.name, aname);
362 if (FindByName(at, aname, &tent))
365 newEntry = AllocBlock(at);
368 #ifdef PR_REMEMBER_TIMES
369 tentry.createTime = time(0);
373 tentry.flags = PRGRP;
375 } else if (flag == 0) {
377 tentry.owner = SYSADMINID;
382 atsign = strchr(aname, '@');
384 /* A normal user or group. Pick an id for it */
388 code = AllocID(at, flag, &tentry.id);
389 if (code != PRSUCCESS)
392 } else if (flag & PRGRP) {
393 /* A foreign group. Its format must be AUTHUSER_GROUP@cellname
394 * Then pick an id for the group.
399 badFormat = strcmp(AUTHUSER_GROUP, aname);
407 code = AllocID(at, flag, &tentry.id);
408 if (code != PRSUCCESS)
412 /* A foreign user: <name>@<cell>. The foreign user is added to
413 * its representing group. It is
417 struct prentry centry;
419 /* To create the user <name>@<cell> the group AUTHUSER_GROUP@<cell>
423 (char *)malloc(strlen(AUTHUSER_GROUP) + strlen(atsign) + 1);
424 strcpy(cellGroup, AUTHUSER_GROUP);
425 strcat(cellGroup, atsign);
426 pos = FindByName(at, cellGroup, ¢ry);
430 code = pr_Read(at, 0, pos, ¢ry, sizeof(centry));
434 /* cellid is the id of the group representing the cell */
435 tentry.cellid = ntohl(centry.id);
438 /* Check if id is good */
439 if (!inRange(¢ry, *aid))
443 /* Allocate an ID special for this foreign user. It is based
444 * on the representing group's id and nusers count.
446 tentry.id = allocNextId(at, ¢ry);
451 /* The foreign user will be added to the representing foreign
452 * group. The group can hold up to 30 entries.
454 if (!(ntohl(centry.flags) & PRQUOTA)) {
455 centry.flags = htonl(ntohl(centry.flags) | PRQUOTA);
456 centry.ngroups = htonl(30);
458 n = ntohl(centry.ngroups);
459 if ((n <= 0) && !pr_noAuth)
461 centry.ngroups = htonl(n - 1);
463 /* write updated entry for group */
464 code = pr_Write(at, 0, pos, ¢ry, sizeof(centry));
466 /* Now add the new user entry to the database */
467 tentry.creator = creator;
469 code = pr_WriteEntry(at, 0, newEntry, &tentry);
472 code = AddToIDHash(at, *aid, newEntry);
473 if (code != PRSUCCESS)
475 code = AddToNameHash(at, aname, newEntry);
476 if (code != PRSUCCESS)
478 if (inc_header_word(at, foreigncount, 1))
481 /* Now add the entry to the authuser group for this cell.
482 * We will reread the entries for the user and the group
483 * instead of modifying them before writing them in the
484 * previous steps. Although not very efficient, much simpler
486 pos = FindByID(at, tentry.cellid);
489 code = pr_ReadEntry(at, 0, pos, ¢ry);
492 code = AddToEntry(at, ¢ry, pos, *aid);
495 /* and now the user entry */
496 pos = FindByID(at, *aid);
499 code = pr_ReadEntry(at, 0, pos, &tentry);
502 code = AddToEntry(at, &tentry, pos, tentry.cellid);
509 /* Remember the largest group id or largest user id */
511 /* group ids are negative */
512 if (tentry.id < (afs_int32) ntohl(cheader.maxGroup)) {
513 code = set_header_word(at, maxGroup, htonl(tentry.id));
518 if (tentry.id > (afs_int32) ntohl(cheader.maxID)) {
519 code = set_header_word(at, maxID, htonl(tentry.id));
525 /* Charge the creator for this group */
527 afs_int32 loc = FindByID(at, creator);
528 struct prentry centry;
531 if (loc) { /* this should only fail during initialization */
532 code = pr_Read(at, 0, loc, ¢ry, sizeof(centry));
536 /* If quota is uninitialized, do it */
537 if (!(ntohl(centry.flags) & PRQUOTA)) {
538 centry.flags = htonl(ntohl(centry.flags) | PRQUOTA);
539 centry.ngroups = centry.nusers = htonl(20);
542 /* Admins don't get charged for creating a group.
543 * If in noAuth mode, you get changed for it but you
544 * are still allowed to create as many groups as you want.
546 admin = ((creator == SYSADMINID)
547 || IsAMemberOf(at, creator, SYSADMINID));
549 if (ntohl(centry.ngroups) <= 0) {
553 centry.ngroups = htonl(ntohl(centry.ngroups) - 1);
557 code = pr_Write(at, 0, loc, ¢ry, sizeof(centry));
562 /* Initialize the quota for the user. Groups don't have their
565 tentry.flags |= PRQUOTA;
566 tentry.ngroups = tentry.nusers = 20;
569 tentry.creator = creator;
571 code = pr_WriteEntry(at, 0, newEntry, &tentry);
574 code = AddToIDHash(at, *aid, newEntry);
575 if (code != PRSUCCESS)
577 code = AddToNameHash(at, aname, newEntry);
578 if (code != PRSUCCESS)
580 if (tentry.flags & PRGRP) {
581 code = AddToOwnerChain(at, tentry.id, oid);
585 if (tentry.flags & PRGRP) {
586 if (inc_header_word(at, groupcount, 1))
588 } else if (tentry.flags & PRINST) {
589 if (inc_header_word(at, instcount, 1))
592 if (inc_header_word(at, usercount, 1))
599 /* RemoveFromEntry - remove aid from bid's entries list, freeing a continuation
600 * entry if appropriate */
603 RemoveFromEntry(struct ubik_trans *at, afs_int32 aid, afs_int32 bid)
606 struct prentry tentry;
607 struct contentry centry;
608 struct contentry hentry;
615 return PRINCONSISTENT;
616 memset(&hentry, 0, sizeof(hentry));
617 temp = FindByID(at, bid);
620 code = pr_ReadEntry(at, 0, temp, &tentry);
623 #ifdef PR_REMEMBER_TIMES
624 tentry.removeTime = time(0);
626 for (i = 0; i < PRSIZE; i++) {
627 if (tentry.entries[i] == aid) {
628 tentry.entries[i] = PRBADID;
630 code = pr_WriteEntry(at, 0, temp, &tentry);
635 if (tentry.entries[i] == 0) /* found end of list */
641 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
644 if ((centry.id != bid) || !(centry.flags & PRCONT))
646 for (i = 0; i < COSIZE; i++) {
647 if (centry.entries[i] == aid) {
648 centry.entries[i] = PRBADID;
649 for (j = 0; j < COSIZE; j++)
650 if (centry.entries[j] != PRBADID
651 && centry.entries[j] != 0)
653 if (j == COSIZE) { /* can free this block */
655 tentry.next = centry.next;
657 hentry.next = centry.next;
658 code = pr_WriteCoEntry(at, 0, hloc, &hentry);
662 code = FreeBlock(at, nptr);
665 } else { /* can't free it yet */
666 code = pr_WriteCoEntry(at, 0, nptr, ¢ry);
671 code = pr_WriteEntry(at, 0, temp, &tentry);
676 if (centry.entries[i] == 0)
678 } /* for all coentry slots */
681 memcpy(&hentry, ¢ry, sizeof(centry));
682 } /* while there are coentries */
686 #if defined(SUPERGROUPS)
687 /* ChangeIDEntry - remove aid from bid's entries list, freeing a continuation
688 * entry if appropriate */
691 ChangeIDEntry(register struct ubik_trans *at, register afs_int32 aid, afs_int32 newid, register afs_int32 bid)
693 register afs_int32 code;
694 struct prentry tentry;
695 struct contentry centry;
701 return PRINCONSISTENT;
702 temp = FindByID(at, bid);
706 code = pr_ReadEntry(at, 0, temp, &tentry);
709 for (i = 0; i < PRSIZE; i++) {
710 if (tentry.entries[i] == aid) {
711 tentry.entries[i] = newid;
712 code = pr_WriteEntry(at, 0, temp, &tentry);
717 if (tentry.entries[i] == 0) { /* found end of list */
724 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
727 if ((centry.id != bid) || !(centry.flags & PRCONT)) {
729 "ChangeIDEntry: bad database bid=%d centry.id=%d .flags=%d\n",
730 bid, centry.id, centry.flags);
733 for (i = 0; i < COSIZE; i++) {
734 if (centry.entries[i] == aid) {
735 centry.entries[i] = newid;
736 for (j = 0; j < COSIZE; j++)
737 if (centry.entries[j] != PRBADID
738 && centry.entries[j] != 0)
740 code = pr_WriteCoEntry(at, 0, nptr, ¢ry);
745 if (centry.entries[i] == 0) {
748 } /* for all coentry slots */
750 } /* while there are coentries */
754 /* #ifdef SUPERGROUPS */
755 /* RemoveFromSGEntry - remove aid from bid's supergroups list, freeing a
756 * continuation entry if appropriate */
759 RemoveFromSGEntry(register struct ubik_trans *at, register afs_int32 aid, register afs_int32 bid)
761 register afs_int32 code;
762 struct prentry tentry;
763 struct prentryg *tentryg;
764 struct contentry centry;
765 struct contentry hentry;
772 return PRINCONSISTENT;
773 memset(&hentry, 0, sizeof(hentry));
774 temp = FindByID(at, bid);
778 code = pr_ReadEntry(at, 0, temp, &tentry);
781 #ifdef PR_REMEMBER_TIMES
782 tentry.removeTime = time(NULL);
784 tentryg = (struct prentryg *)&tentry;
785 for (i = 0; i < SGSIZE; i++) {
786 if (tentryg->supergroup[i] == aid) {
787 tentryg->supergroup[i] = PRBADID;
789 code = pr_WriteEntry(at, 0, temp, &tentry);
794 if (tentryg->supergroup[i] == 0) { /* found end of list */
799 nptr = tentryg->nextsg;
801 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
804 if ((centry.id != bid) || !(centry.flags & PRCONT)) {
806 "ChangeIDEntry: bad database bid=%d centry.id=%d .flags=%d\n",
807 bid, centry.id, centry.flags);
810 for (i = 0; i < COSIZE; i++) {
811 if (centry.entries[i] == aid) {
812 centry.entries[i] = PRBADID;
813 for (j = 0; j < COSIZE; j++)
814 if (centry.entries[j] != PRBADID
815 && centry.entries[j] != 0)
817 if (j == COSIZE) { /* can free this block */
819 tentryg->nextsg = centry.next;
821 hentry.next = centry.next;
822 code = pr_WriteCoEntry(at, 0, hloc, &hentry);
826 code = FreeBlock(at, nptr);
829 } else { /* can't free it yet */
830 code = pr_WriteCoEntry(at, 0, nptr, ¢ry);
835 code = pr_WriteEntry(at, 0, temp, &tentry);
840 if (centry.entries[i] == 0) {
843 } /* for all coentry slots */
846 memcpy((char *)¢ry, (char *)&hentry, sizeof(centry));
847 } /* while there are coentries */
851 #endif /* SUPERGROUPS */
853 /* DeleteEntry - delete the entry in tentry at loc, removing it from all
854 * groups, putting groups owned by it on orphan chain, and freeing the space */
857 DeleteEntry(struct ubik_trans *at, struct prentry *tentry, afs_int32 loc)
860 struct contentry centry;
864 if (strchr(tentry->name, '@')) {
865 if (tentry->flags & PRGRP) {
866 /* If there are still foreign user accounts from that cell
867 * don't delete the group */
873 afs_int32 loc = FindByID(at, tentry->cellid);
874 struct prentry centry;
876 code = pr_Read(at, 0, loc, ¢ry, sizeof(centry));
879 if (ntohl(centry.flags) & PRQUOTA) {
880 centry.ngroups = htonl(ntohl(centry.ngroups) + 1);
882 code = pr_Write(at, 0, loc, ¢ry, sizeof(centry));
888 /* First remove the entire membership list */
889 for (i = 0; i < PRSIZE; i++) {
890 if (tentry->entries[i] == PRBADID)
892 if (tentry->entries[i] == 0)
894 #if defined(SUPERGROUPS)
895 if ((tentry->flags & PRGRP) && tentry->entries[i] < 0) /* Supergroup */
896 code = RemoveFromSGEntry(at, tentry->id, tentry->entries[i]);
899 code = RemoveFromEntry(at, tentry->id, tentry->entries[i]);
903 #if defined(SUPERGROUPS)
905 struct prentryg *tentryg = (struct prentryg *)tentry;
907 /* Then remove the entire supergroup list */
908 for (i = 0; i < SGSIZE; i++) {
909 if (tentryg->supergroup[i] == PRBADID)
911 if (tentryg->supergroup[i] == 0)
913 code = RemoveFromEntry(at, tentry->id, tentryg->supergroup[i]);
918 #endif /* SUPERGROUPS */
920 while (nptr != (afs_int32) NULL) {
921 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
924 for (i = 0; i < COSIZE; i++) {
925 if (centry.entries[i] == PRBADID)
927 if (centry.entries[i] == 0)
929 code = RemoveFromEntry(at, tentry->id, centry.entries[i]);
933 code = FreeBlock(at, nptr); /* free continuation block */
939 /* Remove us from other's owned chain. Note that this will zero our owned
940 * field (on disk) so this step must follow the above step in case we are
941 * on our own owned list. */
942 if (tentry->flags & PRGRP) {
944 code = RemoveFromOwnerChain(at, tentry->id, tentry->owner);
948 code = RemoveFromOrphan(at, tentry->id);
954 code = RemoveFromIDHash(at, tentry->id, &loc);
955 if (code != PRSUCCESS)
957 code = RemoveFromNameHash(at, tentry->name, &loc);
958 if (code != PRSUCCESS)
961 if (tentry->flags & PRGRP) {
962 afs_int32 loc = FindByID(at, tentry->creator);
963 struct prentry centry;
967 code = pr_Read(at, 0, loc, ¢ry, sizeof(centry));
970 admin = ((tentry->creator == SYSADMINID)
971 || IsAMemberOf(at, tentry->creator, SYSADMINID));
972 if (ntohl(centry.flags) & PRQUOTA) {
973 if (!(admin && (ntohl(centry.ngroups) >= 20))) {
974 centry.ngroups = htonl(ntohl(centry.ngroups) + 1);
977 code = pr_Write(at, 0, loc, ¢ry, sizeof(centry));
983 if (tentry->flags & PRGRP) {
984 if (inc_header_word(at, groupcount, -1))
986 } else if (tentry->flags & PRINST) {
987 if (inc_header_word(at, instcount, -1))
990 if (strchr(tentry->name, '@')) {
991 if (inc_header_word(at, foreigncount, -1))
994 if (inc_header_word(at, usercount, -1))
998 code = FreeBlock(at, loc);
1002 /* AddToEntry - add aid to entry's entries list, alloc'ing a continuation block
1005 * Note the entry is written out by this routine. */
1008 AddToEntry(struct ubik_trans *tt, struct prentry *entry, afs_int32 loc, afs_int32 aid)
1012 struct contentry nentry;
1013 struct contentry aentry;
1015 afs_int32 last; /* addr of last cont. block */
1016 afs_int32 first = 0;
1018 afs_int32 slot = -1;
1020 if (entry->id == aid)
1021 return PRINCONSISTENT;
1022 #ifdef PR_REMEMBER_TIMES
1023 entry->addTime = time(0);
1025 for (i = 0; i < PRSIZE; i++) {
1026 if (entry->entries[i] == aid)
1028 if (entry->entries[i] == PRBADID) { /* remember this spot */
1031 } else if (entry->entries[i] == 0) { /* end of the line */
1041 while (nptr != (afs_int32) NULL) {
1042 code = pr_ReadCoEntry(tt, 0, nptr, &nentry);
1046 if (!(nentry.flags & PRCONT))
1048 for (i = 0; i < COSIZE; i++) {
1049 if (nentry.entries[i] == aid)
1051 if (nentry.entries[i] == PRBADID) {
1056 } else if (nentry.entries[i] == 0) {
1066 if (slot != -1) { /* we found a place */
1068 if (first) { /* place is in first block */
1069 entry->entries[slot] = aid;
1070 code = pr_WriteEntry(tt, 0, loc, entry);
1075 code = pr_WriteEntry(tt, 0, loc, entry);
1078 code = pr_ReadCoEntry(tt, 0, cloc, &aentry);
1081 aentry.entries[slot] = aid;
1082 code = pr_WriteCoEntry(tt, 0, cloc, &aentry);
1087 /* have to allocate a continuation block if we got here */
1088 nptr = AllocBlock(tt);
1090 /* then we should tack new block after last block in cont. chain */
1092 code = pr_WriteCoEntry(tt, 0, last, &nentry);
1098 memset(&aentry, 0, sizeof(aentry));
1099 aentry.flags |= PRCONT;
1100 aentry.id = entry->id;
1102 aentry.entries[0] = aid;
1103 code = pr_WriteCoEntry(tt, 0, nptr, &aentry);
1106 /* don't forget to update count, here! */
1108 code = pr_WriteEntry(tt, 0, loc, entry);
1113 #if defined(SUPERGROUPS)
1115 /* AddToSGEntry - add aid to entry's supergroup list, alloc'ing a
1116 * continuation block if needed.
1118 * Note the entry is written out by this routine. */
1121 AddToSGEntry(struct ubik_trans *tt, struct prentry *entry, afs_int32 loc, afs_int32 aid)
1123 register afs_int32 code;
1125 struct contentry nentry;
1126 struct contentry aentry;
1127 struct prentryg *entryg;
1129 afs_int32 last; /* addr of last cont. block */
1130 afs_int32 first = 0;
1132 afs_int32 slot = -1;
1134 if (entry->id == aid)
1135 return PRINCONSISTENT;
1136 #ifdef PR_REMEMBER_TIMES
1137 entry->addTime = time(NULL);
1139 entryg = (struct prentryg *)entry;
1140 for (i = 0; i < SGSIZE; i++) {
1141 if (entryg->supergroup[i] == aid)
1143 if (entryg->supergroup[i] == PRBADID) { /* remember this spot */
1146 } else if (entryg->supergroup[i] == 0) { /* end of the line */
1155 nptr = entryg->nextsg;
1157 code = pr_ReadCoEntry(tt, 0, nptr, &nentry);
1161 if (!(nentry.flags & PRCONT))
1163 for (i = 0; i < COSIZE; i++) {
1164 if (nentry.entries[i] == aid)
1166 if (nentry.entries[i] == PRBADID) {
1171 } else if (nentry.entries[i] == 0) {
1181 if (slot != -1) { /* we found a place */
1183 if (first) { /* place is in first block */
1184 entryg->supergroup[slot] = aid;
1185 code = pr_WriteEntry(tt, 0, loc, entry);
1190 code = pr_WriteEntry(tt, 0, loc, entry);
1193 code = pr_ReadCoEntry(tt, 0, cloc, &aentry);
1196 aentry.entries[slot] = aid;
1197 code = pr_WriteCoEntry(tt, 0, cloc, &aentry);
1202 /* have to allocate a continuation block if we got here */
1203 nptr = AllocBlock(tt);
1205 /* then we should tack new block after last block in cont. chain */
1207 code = pr_WriteCoEntry(tt, 0, last, &nentry);
1211 entryg->nextsg = nptr;
1213 memset(&aentry, 0, sizeof(aentry));
1214 aentry.flags |= PRCONT;
1215 aentry.id = entry->id;
1217 aentry.entries[0] = aid;
1218 code = pr_WriteCoEntry(tt, 0, nptr, &aentry);
1221 /* don't forget to update count, here! */
1223 code = pr_WriteEntry(tt, 0, loc, entry);
1227 #endif /* SUPERGROUPS */
1230 AddToPRList(prlist *alist, int *sizeP, afs_int32 id)
1235 if (alist->prlist_len >= *sizeP) {
1236 count = alist->prlist_len + 100;
1237 if (alist->prlist_val) {
1239 (char *)realloc(alist->prlist_val, count * sizeof(afs_int32));
1241 tmp = (char *)malloc(count * sizeof(afs_int32));
1245 alist->prlist_val = (afs_int32 *) tmp;
1248 alist->prlist_val[alist->prlist_len++] = id;
1253 GetList(struct ubik_trans *at, struct prentry *tentry, prlist *alist, afs_int32 add)
1257 struct contentry centry;
1263 alist->prlist_val = 0;
1264 alist->prlist_len = 0;
1266 for (i = 0; i < PRSIZE; i++) {
1267 if (tentry->entries[i] == PRBADID)
1269 if (tentry->entries[i] == 0)
1271 code = AddToPRList(alist, &size, tentry->entries[i]);
1274 #if defined(SUPERGROUPS)
1277 code = GetListSG2(at, tentry->entries[i], alist, &size, depthsg);
1283 for (nptr = tentry->next; nptr != 0; nptr = centry.next) {
1284 /* look through cont entries */
1285 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
1288 for (i = 0; i < COSIZE; i++) {
1289 if (centry.entries[i] == PRBADID)
1291 if (centry.entries[i] == 0)
1293 code = AddToPRList(alist, &size, centry.entries[i]);
1296 #if defined(SUPERGROUPS)
1299 code = GetListSG2(at, centry.entries[i], alist, &size, depthsg);
1305 #ifndef AFS_PTHREAD_ENV
1312 if (add) { /* this is for a CPS, so tack on appropriate stuff */
1313 if (tentry->id != ANONYMOUSID && tentry->id != ANYUSERID) {
1314 if ((code = AddToPRList(alist, &size, ANYUSERID))
1315 || (code = AddAuthGroup(tentry, alist, &size))
1316 || (code = AddToPRList(alist, &size, tentry->id)))
1319 if ((code = AddToPRList(alist, &size, ANYUSERID))
1320 || (code = AddToPRList(alist, &size, tentry->id)))
1324 #ifndef AFS_PTHREAD_ENV
1325 if (alist->prlist_len > 100)
1328 qsort(alist->prlist_val, alist->prlist_len, sizeof(afs_int32), IDCmp);
1334 GetList2(struct ubik_trans *at, struct prentry *tentry, struct prentry *tentry2, prlist *alist, afs_int32 add)
1338 struct contentry centry;
1344 alist->prlist_val = 0;
1345 alist->prlist_len = 0;
1346 for (i = 0; i < PRSIZE; i++) {
1347 if (tentry->entries[i] == PRBADID)
1349 if (tentry->entries[i] == 0)
1351 code = AddToPRList(alist, &size, tentry->entries[i]);
1354 #if defined(SUPERGROUPS)
1357 code = GetListSG2(at, tentry->entries[i], alist, &size, depthsg);
1363 nptr = tentry->next;
1364 while (nptr != (afs_uint32) NULL) {
1365 /* look through cont entries */
1366 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
1369 for (i = 0; i < COSIZE; i++) {
1370 if (centry.entries[i] == PRBADID)
1372 if (centry.entries[i] == 0)
1374 code = AddToPRList(alist, &size, centry.entries[i]);
1377 #if defined(SUPERGROUPS)
1380 code = GetListSG2(at, centry.entries[i], alist, &size, depthsg);
1387 #ifndef AFS_PTHREAD_ENV
1394 for (i = 0; i < PRSIZE; i++) {
1395 if (tentry2->entries[i] == PRBADID)
1397 if (tentry2->entries[i] == 0)
1399 code = AddToPRList(alist, &size, tentry2->entries[i]);
1405 nptr = tentry2->next;
1406 while (nptr != (afs_uint32) NULL) {
1407 /* look through cont entries */
1408 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
1411 for (i = 0; i < COSIZE; i++) {
1412 if (centry.entries[i] == PRBADID)
1414 if (centry.entries[i] == 0)
1416 code = AddToPRList(alist, &size, centry.entries[i]);
1422 #ifndef AFS_PTHREAD_ENV
1429 if (add) { /* this is for a CPS, so tack on appropriate stuff */
1430 if (tentry->id != ANONYMOUSID && tentry->id != ANYUSERID) {
1431 if ((code = AddToPRList(alist, &size, ANYUSERID))
1432 || (code = AddToPRList(alist, &size, AUTHUSERID))
1433 || (code = AddToPRList(alist, &size, tentry->id)))
1436 if ((code = AddToPRList(alist, &size, ANYUSERID))
1437 || (code = AddToPRList(alist, &size, tentry->id)))
1441 #ifndef AFS_PTHREAD_ENV
1442 if (alist->prlist_len > 100)
1445 qsort(alist->prlist_val, alist->prlist_len, sizeof(afs_int32), IDCmp);
1449 #if defined(SUPERGROUPS)
1452 GetListSG2(struct ubik_trans *at, afs_int32 gid, prlist *alist, afs_int32 *sizeP, afs_int32 depth)
1454 register afs_int32 code;
1455 struct prentry tentry;
1456 struct prentryg *tentryg = (struct prentryg *)&tentry;
1458 struct contentry centry;
1464 int predictfound, predictflagged;
1469 if (!in_map(sg_flagged, -gid)) {
1471 fprintf(stderr, "GetListSG2: I have not yet searched for gid=%d\n",
1473 } else if (predictflagged = 1, in_map(sg_found, -gid)) {
1476 "GetListSG2: I have already searched for gid=%d, and predict success.\n",
1481 if (in_map(sg_flagged, -gid) && !in_map(sg_found, -gid)) {
1484 "GetListSG2: I have already searched for gid=%d, and predict failure.\n",
1493 temp = FindByID(at, gid);
1498 code = pr_ReadEntry(at, 0, temp, &tentry);
1502 fprintf(stderr, "GetListSG2: lookup for gid=%d [\n", gid);
1506 for (i = 0; i < SGSIZE; i++) {
1507 if (tentryg->supergroup[i] == PRBADID)
1509 if (tentryg->supergroup[i] == 0)
1513 fprintf(stderr, "via gid=%d, added %d\n", gid,
1514 e.tentryg.supergroup[i]);
1516 code = AddToPRList(alist, sizeP, tentryg->supergroup[i]);
1520 GetListSG2(at, tentryg->supergroup[i], alist, sizeP, depth - 1);
1525 nptr = tentryg->nextsg;
1528 /* look through cont entries */
1529 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
1532 for (i = 0; i < COSIZE; i++) {
1533 if (centry.entries[i] == PRBADID)
1535 if (centry.entries[i] == 0)
1538 fprintf(stderr, "via gid=%d, added %d\n", gid,
1539 e.centry.entries[i]);
1541 code = AddToPRList(alist, sizeP, centry.entries[i]);
1544 code = GetListSG2(at, centry.entries[i], alist, sizeP, depth - 1);
1550 #ifndef AFS_PTHREAD_ENV
1557 fprintf(stderr, "] for gid %d, done [flag=%s]\n", gid,
1558 didsomething ? "TRUE" : "FALSE");
1559 if (predictflagged && didsomething != predictfound)
1560 fprintf(stderr, "**** for gid=%d, didsomething=%d predictfound=%d\n",
1561 didsomething, predictfound);
1564 sg_found = add_map(sg_found, -gid);
1566 sg_found = bic_map(sg_found, add_map(NIL_MAP, -gid));
1567 sg_flagged = add_map(sg_flagged, -gid);
1572 GetSGList(struct ubik_trans *at, struct prentry *tentry, prlist *alist)
1574 register afs_int32 code;
1576 struct contentry centry;
1577 struct prentryg *tentryg;
1583 alist->prlist_val = 0;
1584 alist->prlist_len = 0;
1586 tentryg = (struct prentryg *)tentry;
1587 for (i = 0; i < SGSIZE; i++) {
1588 if (tentryg->supergroup[i] == PRBADID)
1590 if (tentryg->supergroup[i] == 0)
1592 code = AddToPRList(alist, &size, tentryg->supergroup[i]);
1597 nptr = tentryg->nextsg;
1599 /* look through cont entries */
1600 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
1603 for (i = 0; i < COSIZE; i++) {
1604 if (centry.entries[i] == PRBADID)
1606 if (centry.entries[i] == 0)
1608 code = AddToPRList(alist, &size, centry.entries[i]);
1614 #ifndef AFS_PTHREAD_ENV
1621 #ifndef AFS_PTHREAD_ENV
1622 if (alist->prlist_len > 100)
1625 qsort((char *)alist->prlist_val, (int)alist->prlist_len,
1626 sizeof(afs_int32), IDCmp);
1629 #endif /* SUPERGROUPS */
1632 GetOwnedChain(struct ubik_trans *ut, afs_int32 *next, prlist *alist)
1635 struct prentry tentry;
1640 alist->prlist_val = 0;
1641 alist->prlist_len = 0;
1643 for (; *next; *next = ntohl(tentry.nextOwned)) {
1644 code = pr_Read(ut, 0, *next, &tentry, sizeof(tentry));
1647 code = AddToPRList(alist, &size, ntohl(tentry.id));
1648 if (alist->prlist_len >= PR_MAXGROUPS) {
1654 #ifndef AFS_PTHREAD_ENV
1660 #ifndef AFS_PTHREAD_ENV
1661 if (alist->prlist_len > 100)
1664 qsort(alist->prlist_val, alist->prlist_len, sizeof(afs_int32), IDCmp);
1669 GetMax(struct ubik_trans *at, afs_int32 *uid, afs_int32 *gid)
1671 *uid = ntohl(cheader.maxID);
1672 *gid = ntohl(cheader.maxGroup);
1677 SetMax(struct ubik_trans *at, afs_int32 id, afs_int32 flag)
1681 cheader.maxGroup = htonl(id);
1683 pr_Write(at, 0, 16, (char *)&cheader.maxGroup,
1684 sizeof(cheader.maxGroup));
1688 cheader.maxID = htonl(id);
1690 pr_Write(at, 0, 20, (char *)&cheader.maxID,
1691 sizeof(cheader.maxID));
1699 read_DbHeader(struct ubik_trans *tt)
1703 if (!ubik_CacheUpdate(tt))
1706 code = pr_Read(tt, 0, 0, (char *)&cheader, sizeof(cheader));
1708 afs_com_err(whoami, code, "Couldn't read header");
1714 afs_int32 initd = 0;
1720 struct ubik_trans *tt;
1723 /* init the database. We'll try reading it, but if we're starting
1724 * from scratch, we'll have to do a write transaction. */
1726 pr_noAuth = afsconf_GetNoAuthFlag(prdir);
1728 code = ubik_BeginTransReadAny(dbase, UBIK_READTRANS, &tt);
1731 code = ubik_SetLock(tt, 1, 1, LOCKREAD);
1733 ubik_AbortTrans(tt);
1738 } else if (!ubik_CacheUpdate(tt)) {
1739 code = ubik_EndTrans(tt);
1743 len = sizeof(cheader);
1744 code = pr_Read(tt, 0, 0, (char *)&cheader, len);
1746 afs_com_err(whoami, code, "couldn't read header");
1747 ubik_AbortTrans(tt);
1750 if ((ntohl(cheader.version) == PRDBVERSION)
1751 && ntohl(cheader.headerSize) == sizeof(cheader)
1752 && ntohl(cheader.eofPtr) != (afs_uint32) NULL
1753 && FindByID(tt, ANONYMOUSID) != 0) {
1754 /* database exists, so we don't have to build it */
1755 code = ubik_EndTrans(tt);
1760 /* else we need to build a database */
1761 code = ubik_EndTrans(tt);
1765 /* Only rebuild database if the db was deleted (the header is zero) and we
1766 * are running noAuth. */
1768 char *bp = (char *)&cheader;
1770 for (i = 0; i < sizeof(cheader); i++)
1773 afs_com_err(whoami, code,
1774 "Can't rebuild database because it is not empty");
1780 afs_com_err(whoami, code,
1781 "Can't rebuild database because not running NoAuth");
1785 code = ubik_BeginTrans(dbase, UBIK_WRITETRANS, &tt);
1789 code = ubik_SetLock(tt, 1, 1, LOCKWRITE);
1791 ubik_AbortTrans(tt);
1795 /* before doing a rebuild, check again that the dbase looks bad, because
1796 * the previous check was only under a ReadAny transaction, and there could
1797 * actually have been a good database out there. Now that we have a
1798 * real write transaction, make sure things are still bad.
1800 if ((ntohl(cheader.version) == PRDBVERSION)
1801 && ntohl(cheader.headerSize) == sizeof(cheader)
1802 && ntohl(cheader.eofPtr) != (afs_uint32) NULL
1803 && FindByID(tt, ANONYMOUSID) != 0) {
1804 /* database exists, so we don't have to build it */
1805 code = ubik_EndTrans(tt);
1811 /* Initialize the database header */
1812 if ((code = set_header_word(tt, version, htonl(PRDBVERSION)))
1813 || (code = set_header_word(tt, headerSize, htonl(sizeof(cheader))))
1814 || (code = set_header_word(tt, eofPtr, cheader.headerSize))) {
1815 afs_com_err(whoami, code, "couldn't write header words");
1816 ubik_AbortTrans(tt);
1819 #define InitialGroup(id,name) do { \
1820 afs_int32 temp = (id); \
1821 afs_int32 flag = (id) < 0 ? PRGRP : 0; \
1822 code = CreateEntry \
1823 (tt, (name), &temp, /*idflag*/1, flag, SYSADMINID, SYSADMINID); \
1825 afs_com_err (whoami, code, "couldn't create %s with id %di.", \
1827 ubik_AbortTrans(tt); \
1832 InitialGroup(SYSADMINID, "system:administrators");
1833 InitialGroup(SYSBACKUPID, "system:backup");
1834 InitialGroup(ANYUSERID, "system:anyuser");
1835 InitialGroup(AUTHUSERID, "system:authuser");
1836 InitialGroup(SYSVIEWERID, "system:ptsviewers");
1837 InitialGroup(ANONYMOUSID, "anonymous");
1839 /* Well, we don't really want the max id set to anonymousid, so we'll set
1841 code = set_header_word(tt, maxID, 0); /* correct in any byte order */
1843 afs_com_err(whoami, code, "couldn't reset max id");
1844 ubik_AbortTrans(tt);
1848 code = ubik_EndTrans(tt);
1855 ChangeEntry(struct ubik_trans *at, afs_int32 aid, afs_int32 cid, char *name, afs_int32 oid, afs_int32 newid)
1858 afs_int32 i, nptr, pos;
1859 #if defined(SUPERGROUPS)
1862 struct contentry centry;
1863 struct prentry tentry, tent;
1866 char holder[PR_MAXNAMELEN];
1867 char temp[PR_MAXNAMELEN];
1868 char oldname[PR_MAXNAMELEN];
1871 memset(holder, 0, PR_MAXNAMELEN);
1872 memset(temp, 0, PR_MAXNAMELEN);
1873 loc = FindByID(at, aid);
1876 code = pr_ReadEntry(at, 0, loc, &tentry);
1879 if (restricted && !IsAMemberOf(at, cid, SYSADMINID))
1881 if (tentry.owner != cid && !IsAMemberOf(at, cid, SYSADMINID)
1882 && !IsAMemberOf(at, cid, tentry.owner) && !pr_noAuth)
1884 #ifdef PR_REMEMBER_TIMES
1885 tentry.changeTime = time(0);
1888 /* we're actually trying to change the id */
1889 if (newid && (newid != aid)) {
1890 if (!IsAMemberOf(at, cid, SYSADMINID) && !pr_noAuth)
1893 pos = FindByID(at, newid);
1895 return PRIDEXIST; /* new id already in use! */
1896 if ((aid < 0 && newid > 0) || (aid > 0 && newid < 0))
1899 /* Should check that foreign users id to change to is good: inRange() */
1901 /* if new id is not in use, rehash things */
1902 code = RemoveFromIDHash(at, aid, &loc);
1903 if (code != PRSUCCESS)
1906 code = pr_WriteEntry(at, 0, loc, &tentry);
1909 code = AddToIDHash(at, tentry.id, loc);
1913 /* get current data */
1914 code = pr_ReadEntry(at, 0, loc, &tentry);
1918 #if defined(SUPERGROUPS)
1919 if (tentry.id > (afs_int32) ntohl(cheader.maxID))
1920 code = set_header_word(at, maxID, htonl(tentry.id));
1924 /* need to fix up: membership
1929 for (i = 0; i < PRSIZE; i++) {
1930 if (tentry.entries[i] == PRBADID)
1932 if (tentry.entries[i] == 0)
1934 if ((tentry.flags & PRGRP) && tentry.entries[i] < 0) { /* Supergroup */
1935 return 5; /* not yet, in short. */
1937 code = ChangeIDEntry(at, aid, newid, tentry.entries[i]);
1942 for (pos = ntohl(tentry.owned); pos; pos = nextpos) {
1943 code = pr_ReadEntry(at, 0, pos, &tent);
1947 nextpos = tent.nextOwned;
1948 code = pr_WriteEntry(at, 0, pos, &tent);
1954 #define centry (*(struct contentry*)&tent)
1955 code = pr_ReadCoEntry(at, 0, pos, ¢ry);
1956 if ((centry.id != aid)
1957 || !(centry.flags & PRCONT)) {
1959 "ChangeEntry: bad database aid=%d centry.id=%d .flags=%d\n",
1960 aid, centry.id, centry.flags);
1964 for (i = 0; i < COSIZE; i++) {
1965 if (centry.entries[i] == PRBADID)
1967 if (centry.entries[i] == 0)
1969 if ((centry.flags & PRGRP) && centry.entries[i] < 0) { /* Supergroup */
1970 return 5; /* not yet, in short. */
1972 code = ChangeIDEntry(at, aid, newid, centry.entries[i]);
1977 code = pr_WriteCoEntry(at, 0, pos, ¢ry);
1984 #else /* SUPERGROUPS */
1987 /* Also change the references from the membership list */
1988 for (i = 0; i < PRSIZE; i++) {
1989 if (tentry.entries[i] == PRBADID)
1991 if (tentry.entries[i] == 0)
1993 pos = FindByID(at, tentry.entries[i]);
1996 code = RemoveFromEntry(at, aid, tentry.entries[i]);
1999 code = pr_ReadEntry(at, 0, pos, &tent);
2002 code = AddToEntry(at, &tent, pos, newid);
2006 /* Look through cont entries too. This needs to be broken into
2007 * seperate transaction so that no one transaction becomes too
2008 * large to complete.
2010 for (nptr = tentry.next; nptr; nptr = centry.next) {
2011 code = pr_ReadCoEntry(at, 0, nptr, ¢ry);
2014 for (i = 0; i < COSIZE; i++) {
2015 if (centry.entries[i] == PRBADID)
2017 if (centry.entries[i] == 0)
2019 pos = FindByID(at, centry.entries[i]);
2022 code = RemoveFromEntry(at, aid, centry.entries[i]);
2025 code = pr_ReadEntry(at, 0, pos, &tent);
2028 code = AddToEntry(at, &tent, pos, newid);
2033 #endif /* SUPERGROUPS */
2036 atsign = strchr(tentry.name, '@'); /* check for foreign entry */
2038 /* Change the owner */
2039 if (oid && (oid != tentry.owner)) {
2040 /* only groups can have their owner's changed */
2041 if (!(tentry.flags & PRGRP))
2045 oldowner = tentry.owner;
2047 /* The entry must be written through first so Remove and Add routines
2048 * can operate on disk data */
2049 code = pr_WriteEntry(at, 0, loc, &tentry);
2053 /* switch owner chains */
2054 if (oldowner) /* if it has an owner */
2055 code = RemoveFromOwnerChain(at, tentry.id, oldowner);
2056 else /* must be an orphan */
2057 code = RemoveFromOrphan(at, tentry.id);
2060 code = AddToOwnerChain(at, tentry.id, tentry.owner);
2064 /* fix up the name */
2065 if (strlen(name) == 0)
2067 /* get current data */
2068 code = pr_ReadEntry(at, 0, loc, &tentry);
2073 /* Change the name, if name is a ptr to tentry.name then this name change
2074 * is due to a chown, otherwise caller has specified a new name */
2075 if ((name == tentry.name) || (*name && (strcmp(tentry.name, name) != 0))) {
2076 strncpy(oldname, tentry.name, PR_MAXNAMELEN);
2077 if (tentry.flags & PRGRP) {
2078 /* don't let foreign cell groups change name */
2081 code = CorrectGroupName(at, name, cid, tentry.owner, tentry.name);
2085 if (name == tentry.name) { /* owner fixup */
2086 if (strcmp(oldname, tentry.name) == 0)
2088 } else { /* new name, caller must be correct */
2089 if (strcmp(name, tentry.name) != 0)
2093 /* Allow a foreign name change only if the cellname part is
2098 newatsign = strchr(name, '@');
2099 if (newatsign != atsign) { /* if they are the same no problem */
2100 /*if the pointers are not equal the strings better be */
2101 if ((atsign == NULL) || (newatsign == NULL)
2102 || strcmp(atsign, newatsign))
2105 if (!CorrectUserName(name))
2109 pos = FindByName(at, name, &tent);
2112 code = RemoveFromNameHash(at, oldname, &loc);
2113 if (code != PRSUCCESS)
2115 strncpy(tentry.name, name, PR_MAXNAMELEN);
2116 code = pr_WriteEntry(at, 0, loc, &tentry);
2119 code = AddToNameHash(at, tentry.name, loc);
2120 if (code != PRSUCCESS)
2129 allocNextId(struct ubik_trans * at, struct prentry * cellEntry)
2131 /* Id's for foreign cell entries are constructed as follows:
2132 * The 16 low order bits are the group id of the cell and the
2133 * top 16 bits identify the particular users in that cell */
2136 afs_int32 cellid = ((ntohl(cellEntry->id)) & 0x0000ffff);
2138 id = (ntohl(cellEntry->nusers) + 1);
2139 while (FindByID(at, ((id << 16) | cellid))) {
2145 cellEntry->nusers = htonl(id);
2146 /* use the field nusers to keep
2147 * the next available id in that
2148 * foreign cell's group. Note :
2149 * It would seem more appropriate
2150 * to use ngroup for that and nusers
2151 * to enforce the quota, however pts
2152 * does not have an option to change
2153 * foreign users quota yet */
2155 id = (id << 16) | cellid;
2160 inRange(struct prentry *cellEntry, afs_int32 aid)
2162 afs_uint32 id, cellid, groupid;
2166 * The only thing that we want to make sure here is that
2167 * the id is in the legal range of this group. If it is
2168 * a duplicate we don't care since it will get caught
2169 * in a different check.
2172 cellid = aid & 0x0000ffff;
2173 groupid = (ntohl(cellEntry->id)) & 0x0000ffff;
2174 if (cellid != groupid)
2175 return 0; /* not in range */
2178 * if we got here we're ok but we need to update the nusers
2179 * field in order to get the id correct the next time that
2180 * we try to allocate it automatically
2184 if (id > ntohl(cellEntry->nusers))
2185 cellEntry->nusers = htonl(id);
2191 AddAuthGroup(struct prentry *tentry, prlist *alist, afs_int32 *size)
2193 if (!(strchr(tentry->name, '@')))
2194 return (AddToPRList(alist, size, AUTHUSERID));
git://git.openafs.org / openafs.git / blob