diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-02-18 07:49:04 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-02-18 13:48:45 -0500 |
commit | 1c48b5a62f73234ed26bb20f0ab345ab61cda0ab (patch) | |
tree | 0b6cddd567a862e1a7b5df23764869782a62ca78 /server/tools/tools_util.c | |
parent | 8c56df3176f528fe0260974b3bf934173c4651ea (diff) | |
download | sssd-1c48b5a62f73234ed26bb20f0ab345ab61cda0ab.tar.gz sssd-1c48b5a62f73234ed26bb20f0ab345ab61cda0ab.tar.bz2 sssd-1c48b5a62f73234ed26bb20f0ab345ab61cda0ab.zip |
Rename server/ directory to src/
Also update BUILD.txt
Diffstat (limited to 'server/tools/tools_util.c')
-rw-r--r-- | server/tools/tools_util.c | 520 |
1 files changed, 0 insertions, 520 deletions
diff --git a/server/tools/tools_util.c b/server/tools/tools_util.c deleted file mode 100644 index 97945238..00000000 --- a/server/tools/tools_util.c +++ /dev/null @@ -1,520 +0,0 @@ -/* - SSSD - - tools_utils.c - - Copyright (C) Jakub Hrozek <jhrozek@redhat.com> 2009 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include <talloc.h> -#include <tevent.h> -#include <popt.h> -#include <errno.h> -#include <sys/stat.h> -#include <sys/types.h> -#include <fcntl.h> - -#include "config.h" -#ifdef HAVE_SELINUX -#include <selinux/selinux.h> -#endif - -#include "util/util.h" -#include "confdb/confdb.h" -#include "db/sysdb.h" -#include "tools/tools_util.h" -#include "tools/sss_sync_ops.h" - -static int setup_db(struct tools_ctx *ctx) -{ - char *confdb_path; - int ret; - - /* Create the event context */ - ctx->ev = tevent_context_init(ctx); - if (ctx->ev == NULL) { - DEBUG(1, ("Could not create event context\n")); - return EIO; - } - - confdb_path = talloc_asprintf(ctx, "%s/%s", DB_PATH, CONFDB_FILE); - if (confdb_path == NULL) { - return ENOMEM; - } - - /* Connect to the conf db */ - ret = confdb_init(ctx, &ctx->confdb, confdb_path); - if (ret != EOK) { - DEBUG(1, ("Could not initialize connection to the confdb\n")); - return ret; - } - - ret = confdb_get_domain(ctx->confdb, "local", &ctx->local); - if (ret != EOK) { - DEBUG(1, ("Could not get 'local' domain: [%d] [%s]\n", ret, strerror(ret))); - return ret; - } - - /* open 'local' sysdb at default path */ - ret = sysdb_domain_init(ctx, ctx->ev, ctx->local, DB_PATH, &ctx->sysdb); - if (ret != EOK) { - DEBUG(1, ("Could not initialize connection to the sysdb\n")); - return ret; - } - - talloc_free(confdb_path); - return EOK; -} - -/* - * Print poptUsage as well as our error message - */ -void usage(poptContext pc, const char *error) -{ - poptPrintUsage(pc, stderr, 0); - if (error) fprintf(stderr, "%s", error); -} - -int parse_groups(TALLOC_CTX *mem_ctx, const char *optstr, char ***_out) -{ - char **out; - char *orig, *n, *o; - char delim = ','; - unsigned int tokens = 1; - int i; - - orig = talloc_strdup(mem_ctx, optstr); - if (!orig) return ENOMEM; - - n = orig; - tokens = 1; - while ((n = strchr(n, delim))) { - n++; - tokens++; - } - - out = talloc_array(mem_ctx, char *, tokens+1); - if (!out) { - talloc_free(orig); - return ENOMEM; - } - - n = o = orig; - for (i = 0; i < tokens; i++) { - o = n; - n = strchr(n, delim); - if (!n) { - break; - } - *n = '\0'; - n++; - out[i] = talloc_strdup(out, o); - } - out[tokens-1] = talloc_strdup(out, o); - out[tokens] = NULL; - - talloc_free(orig); - *_out = out; - return EOK; -} - -int parse_group_name_domain(struct tools_ctx *tctx, - char **groups) -{ - int i; - int ret; - char *name = NULL; - char *domain = NULL; - - if (!groups) { - return EOK; - } - - for (i = 0; groups[i]; ++i) { - ret = sss_parse_name(tctx, tctx->snctx, groups[i], &domain, &name); - - /* If FQDN is specified, it must be within the same domain as user */ - if (domain) { - if (strcmp(domain, tctx->octx->domain->name) != 0) { - return EINVAL; - } - - /* Use only groupname */ - talloc_zfree(groups[i]); - groups[i] = talloc_strdup(tctx, name); - if (groups[i] == NULL) { - return ENOMEM; - } - } - - talloc_zfree(name); - talloc_zfree(domain); - } - - talloc_zfree(name); - talloc_zfree(domain); - return EOK; -} - -int parse_name_domain(struct tools_ctx *tctx, - const char *fullname) -{ - int ret; - char *domain = NULL; - - ret = sss_parse_name(tctx, tctx->snctx, fullname, &domain, &tctx->octx->name); - if (ret != EOK) { - DEBUG(0, ("Cannot parse full name\n")); - return ret; - } - DEBUG(5, ("Parsed username: %s\n", tctx->octx->name)); - - if (domain) { - DEBUG(5, ("Parsed domain: %s\n", domain)); - /* only the local domain, whatever named is allowed in tools */ - if (strcasecmp(domain, tctx->local->name) != 0) { - DEBUG(1, ("Invalid domain %s specified in FQDN\n", domain)); - return EINVAL; - } - } - - return EOK; -} - -int check_group_names(struct tools_ctx *tctx, - char **grouplist, - char **badgroup) -{ - int ret; - int i; - struct ops_ctx *groupinfo; - - groupinfo = talloc_zero(tctx, struct ops_ctx); - if (!groupinfo) { - return ENOMEM; - } - - ret = EOK; - for (i=0; grouplist[i]; ++i) { - ret = sysdb_getgrnam_sync(tctx, - tctx->ev, - tctx->sysdb, - grouplist[i], - tctx->local, - &groupinfo); - if (ret) { - DEBUG(6, ("Cannot find group %s, ret: %d\n", grouplist[i], ret)); - break; - } - } - - talloc_zfree(groupinfo); - *badgroup = grouplist[i]; - return ret; -} - -int id_in_range(uint32_t id, - struct sss_domain_info *dom) -{ - if (id && - ((id < dom->id_min) || - (dom->id_max && id > dom->id_max))) { - return ERANGE; - } - - return EOK; -} - -int set_locale(void) -{ - char *c; - - c = setlocale(LC_ALL, ""); - if (c == NULL) { - return EIO; - } - - errno = 0; - c = bindtextdomain(PACKAGE, LOCALEDIR); - if (c == NULL) { - return errno; - } - - errno = 0; - c = textdomain(PACKAGE); - if (c == NULL) { - return errno; - } - - return EOK; -} - -int init_sss_tools(struct tools_ctx **_tctx) -{ - int ret; - struct tools_ctx *tctx; - - tctx = talloc_zero(NULL, struct tools_ctx); - if (tctx == NULL) { - DEBUG(1, ("Could not allocate memory for tools context\n")); - return ENOMEM; - } - - /* Connect to the database */ - ret = setup_db(tctx); - if (ret != EOK) { - DEBUG(1, ("Could not set up database\n")); - goto fini; - } - - ret = sss_names_init(tctx, tctx->confdb, &tctx->snctx); - if (ret != EOK) { - DEBUG(1, ("Could not set up parsing\n")); - goto fini; - } - - tctx->octx = talloc_zero(tctx, struct ops_ctx); - if (!tctx->octx) { - DEBUG(1, ("Could not allocate memory for data context\n")); - ERROR("Out of memory\n"); - ret = ENOMEM; - goto fini; - } - tctx->octx->domain = tctx->local; - - *_tctx = tctx; - ret = EOK; - -fini: - if (ret != EOK) talloc_free(tctx); - return ret; -} - -/* - * Check is path is owned by uid - * returns 0 - owns - * -1 - does not own - * >0 - an error occured, error code - */ -static int is_owner(uid_t uid, const char *path) -{ - struct stat statres; - int ret; - - ret = stat(path, &statres); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot stat %s: [%d][%s]\n", path, ret, strerror(ret))); - return ret; - } - - if (statres.st_uid == uid) { - return EOK; - } - return -1; -} - -static int remove_mail_spool(TALLOC_CTX *mem_ctx, - const char *maildir, - const char *username, - uid_t uid, - bool force) -{ - int ret; - char *spool_file; - - spool_file = talloc_asprintf(mem_ctx, "%s/%s", maildir, username); - if (spool_file == NULL) { - ret = ENOMEM; - goto fail; - } - - if (force == false) { - /* Check the owner of the mail spool */ - ret = is_owner(uid, spool_file); - switch (ret) { - case 0: - break; - case -1: - DEBUG(3, ("%s not owned by %d, not removing\n", - spool_file, uid)); - ret = EACCES; - /* FALLTHROUGH */ - default: - goto fail; - } - } - - ret = unlink(spool_file); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot remove() the spool file %s: [%d][%s]\n", - spool_file, ret, strerror(ret))); - goto fail; - } - -fail: - talloc_free(spool_file); - return ret; -} - -int remove_homedir(TALLOC_CTX *mem_ctx, - const char *homedir, - const char *maildir, - const char *username, - uid_t uid, bool force) -{ - int ret; - - ret = remove_mail_spool(mem_ctx, maildir, username, uid, force); - if (ret != EOK) { - DEBUG(1, ("Cannot remove user's mail spool\n")); - /* Should this be fatal? I don't think so. Maybe convert to ERROR? */ - } - - if (force == false && is_owner(uid, homedir) == -1) { - DEBUG(1, ("Not removing home dir - not owned by user\n")); - return EPERM; - } - - /* Remove the tree */ - ret = remove_tree(homedir); - if (ret != EOK) { - DEBUG(1, ("Cannot remove homedir %s: %d\n", - homedir, ret)); - return ret; - } - - return EOK; -} - -/* The reason for not putting this into create_homedir - * is better granularity when it comes to reporting error - * messages and tracebacks in pysss - */ -int create_mail_spool(TALLOC_CTX *mem_ctx, - const char *username, - const char *maildir, - uid_t uid, gid_t gid) -{ - char *spool_file = NULL; - int fd; - int ret; - - spool_file = talloc_asprintf(mem_ctx, "%s/%s", maildir, username); - if (spool_file == NULL) { - ret = ENOMEM; - goto fail; - } - - selinux_file_context(spool_file); - - fd = open(spool_file, O_CREAT | O_WRONLY | O_EXCL, 0); - if (fd < 0) { - ret = errno; - DEBUG(1, ("Cannot open() the spool file: [%d][%s]\n", - ret, strerror(ret))); - goto fail; - } - - ret = fchmod(fd, 0600); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot fchmod() the spool file: [%d][%s]\n", - ret, strerror(ret))); - goto fail; - } - - ret = fchown(fd, uid, gid); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot fchown() the spool file: [%d][%s]\n", - ret, strerror(ret))); - goto fail; - } - - ret = fsync(fd); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot fsync() the spool file: [%d][%s]\n", - ret, strerror(ret))); - goto fail; - } - - ret = close(fd); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot close() the spool file: [%d][%s]\n", - ret, strerror(ret))); - goto fail; - } - -fail: - reset_selinux_file_context(); - talloc_free(spool_file); - return ret; -} - -int create_homedir(TALLOC_CTX *mem_ctx, - const char *skeldir, - const char *homedir, - const char *username, - uid_t uid, - gid_t gid, - mode_t default_umask) -{ - int ret; - - selinux_file_context(homedir); - - ret = mkdir(homedir, 0); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot create user's home directory: [%d][%s].\n", - ret, strerror(ret))); - goto done; - } - - ret = chown(homedir, uid, gid); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot chown user's home directory: [%d][%s].\n", - ret, strerror(ret))); - goto done; - } - - ret = chmod(homedir, 0777 & ~default_umask); - if (ret != 0) { - ret = errno; - DEBUG(1, ("Cannot chmod user's home directory: [%d][%s].\n", - ret, strerror(ret))); - goto done; - } - - reset_selinux_file_context(); - - ret = copy_tree(skeldir, homedir, uid, gid); - if (ret != EOK) { - DEBUG(1, ("Cannot populate user's home directory: [%d][%s].\n", - ret, strerror(ret))); - goto done; - } - -done: - reset_selinux_file_context(); - return ret; -} - |