extern afs_int32 depthsg;
#endif
-char *pr_realmName;
-
int restricted = 0;
int rxMaxMTU = -1;
int rxBind = 0;
return afsconf_SuperUser(prdir, call, NULL);
}
+/**
+ * Return true if this name is a member of the local realm.
+ */
+int
+pr_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
+{
+ struct afsconf_dir *dir = (struct afsconf_dir *)rock;
+ afs_int32 islocal = 0; /* default to no */
+ int code;
+
+ code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
+ if (code) {
+ ViceLog(0, ("Failed local realm check; code=%d, name=%s, inst=%s, cell=%s\n",
+ code, name, inst, cell));
+ }
+ return islocal;
+}
+
+
enum optionsList {
OPT_database,
OPT_access,
if (code)
PT_EXIT(1);
+ cmd_OptionAsString(opts, OPT_config, &configDir);
+
+ cmd_OpenConfigFile(AFSDIR_SERVER_CONFIG_FILE_FILEPATH);
+ cmd_SetCommandName("ptserver");
+
if (cmd_OptionAsList(opts, OPT_access, &list) == 0) {
prp_user_default = prp_access_mask(list->data);
if (list->next == NULL || list->next->data == NULL) {
free(interface);
}
- cmd_OptionAsString(opts, OPT_config, &configDir);
cmd_OptionAsInt(opts, OPT_debug, &LogLevel);
cmd_OptionAsString(opts, OPT_database, &pr_dbaseName);
cmd_OptionAsString(opts, OPT_logfile, &logFile);
if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
- if (lwps > 16) { /* maximum of 16 */
+ if (lwps > 64) { /* maximum of 64 */
printf("Warning: '-p %d' is too big; using %d instead\n",
- lwps, 16);
- lwps = 16;
+ lwps, 64);
+ lwps = 64;
} else if (lwps < 3) { /* minimum of 3 */
printf("Warning: '-p %d' is too small; using %d instead\n",
lwps, 3);
cmd_OptionAsFlag(opts, OPT_rxbind, &rxBind);
- if (cmd_OptionAsInt(opts, OPT_rxmaxmtu, &rxMaxMTU) == 0) {
- if ((rxMaxMTU < RX_MIN_PACKET_SIZE) ||
- (rxMaxMTU > RX_MAX_PACKET_DATA_SIZE)) {
- printf("rxMaxMTU %d invalid; must be between %d-%" AFS_SIZET_FMT "\n",
- rxMaxMTU, RX_MIN_PACKET_SIZE,
- RX_MAX_PACKET_DATA_SIZE);
- PT_EXIT(1);
- }
- }
+ cmd_OptionAsInt(opts, OPT_rxmaxmtu, &rxMaxMTU);
/* rxkad options */
cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);
afs_com_err(whoami, code, "Couldn't get server list");
PT_EXIT(2);
}
- pr_realmName = info.name;
+
+ /* initialize audit user check */
+ osi_audit_set_user_check(prdir, pr_IsLocalRealmMatch);
/* initialize ubik */
ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, prdir);
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
- ccode = parseNetFiles(SHostAddrs, NULL, NULL,
- ADDRSPERSITE, reason,
- AFSDIR_SERVER_NETINFO_FILEPATH,
- AFSDIR_SERVER_NETRESTRICT_FILEPATH);
+ ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
+ ADDRSPERSITE, reason,
+ AFSDIR_SERVER_NETINFO_FILEPATH,
+ AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
}
+ /* Disable jumbograms */
+ rx_SetNoJumbo();
+
+ if (rxMaxMTU != -1) {
+ if (rx_SetMaxMTU(rxMaxMTU) != 0) {
+ printf("rxMaxMTU %d is invalid\n", rxMaxMTU);
+ PT_EXIT(1);
+ }
+ }
+
code =
ubik_ServerInitByInfo(myHost, htons(AFSCONF_PROTPORT), &info, clones,
pr_dbaseName, &dbase);
afs_com_err(whoami, code, "Ubik init failed");
PT_EXIT(2);
}
+
#if defined(SUPERGROUPS)
pt_hook_write();
#endif
afsconf_BuildServerSecurityObjects(prdir, &securityClasses, &numClasses);
- /* Disable jumbograms */
- rx_SetNoJumbo();
-
- if (rxMaxMTU != -1) {
- rx_SetMaxMTU(rxMaxMTU);
- }
-
tservice =
rx_NewServiceHost(host, 0, PRSRV, "Protection Server", securityClasses,
numClasses, PR_ExecuteRequest);
"1.0",
#endif
"Starting AFS", FSLog);
+ if (afsconf_GetLatestKey(prdir, NULL, NULL) == 0) {
+ LogDesWarning();
+ }
rx_StartServer(1);
osi_audit(PTS_FinishEvent, -1, AUD_END);