Context Navigation

source: trunk/server/common/oursrc/accountadm/admof.c @ 1596

Last change on this file since 1596 was 1596, checked in by geofft, 14 years ago
admof: pts groups are identified by negative IDs, not colons
File size: 7.1 KB

Line
1	/* admof
2	* Version 2.0, released 2007-12-30
3	* Anders Kaseorg <andersk@mit.edu>
4	* replacing Perl version by Jeff Arnold <jbarnold@mit.edu>
5	*
6	* Usage:
7	* admof scripts andersk/root@ATHENA.MIT.EDU
8	* Outputs "yes" and exits with status 33 if the given principal is an
9	* administrator of the locker.
10	*
11	* Requires tokens (to authenticate/encrypt the connection to the
12	* ptserver) unless -noauth is given.
13	*/
14
15	#include <stdio.h>
16	#include <limits.h>
17	#include <string.h>
18	#include <sys/types.h>
19	#include <sys/stat.h>
20	#include <pwd.h>
21	#include <unistd.h>
22	#include <netinet/in.h>
23	#include <afs/vice.h>
24	#include <afs/venus.h>
25	#include <afs/ptclient.h>
26	#include <afs/ptuser.h>
27	#include <afs/prs_fs.h>
28	#include <afs/ptint.h>
29	#include <afs/cellconfig.h>
30	#include <afs/afsutil.h>
31	#include <krb5.h>
32	#include <kerberosIV/krb.h>
33	#include <stdbool.h>
34	#include <syslog.h>
35
36	extern int pioctl(char , afs_int32, struct ViceIoctl , afs_int32);
37
38	#define die(args...) do { fprintf(stderr, args); pr_End(); exit(1); } while(0)
39	#define _STR(x) #x
40	#define STR(x) _STR(x)
41
42	#define OVERLORDS "system:scripts-root"
43
44	static bool
45	ismember(const char user, const char group)
46	{
47	int flag;
48	if (pr_IsAMemberOf((char )user, (char )group, &flag) == 0)
49	return flag;
50	else
51	return 0;
52	}
53
54	/* Parse an ACL of n entries, returning the rights for user. */
55	static int
56	parse_rights(int n, const char *p, const char user)
57	{
58	int rights = 0, trights = malloc(n sizeof(int)), i;
59	namelist tnames = {.namelist_len = n,
60	.namelist_val = malloc(n * PR_MAXNAMELEN)};
61	idlist tids = {.idlist_len = 0,
62	.idlist_val = NULL};
63
64	for (i = 0; i < n; ++i) {
65	int off;
66	if (sscanf(*p, "%" STR(PR_MAXNAMELEN) "s %d\n%n",
67	tnames.namelist_val[i], &trights[i], &off) < 2)
68	die("internal error: can't parse output from pioctl\n");
69	*p += off;
70	}
71
72	if (pr_NameToId(&tnames, &tids) != 0)
73	die("internal error: pr_NameToId failed");
74	if (tids.idlist_len != n)
75	die("internal error: pr_NameToId did not return as many ids as names");
76
77	for (i = 0; i < n; ++i) {
78	if (~rights & trights[i] &&
79	(strcasecmp(tnames.namelist_val[i], user) == 0 \|\|
80	(tids.idlist_val[i] < 0 && ismember(user, tnames.namelist_val[i]))))
81	rights \|= trights[i];
82	}
83
84	/* Note: this first free probably should be xdr_free in OpenAFS 1.5.
85	* See commits b40b606 and f02f2e8 */
86	free(tids.idlist_val);
87	tids.idlist_val = NULL;
88	free(tnames.namelist_val);
89	free(trights);
90
91	return rights;
92	}
93
94	int
95	main(int argc, const char *argv[])
96	{
97	/* Get arguments. */
98	const char locker, name;
99	afs_int32 secLevel;
100
101	if (argc == 3) {
102	locker = argv[1];
103	name = argv[2];
104	secLevel = 3;
105	} else if (argc == 4 && strcmp("-noauth", argv[1]) == 0) {
106	locker = argv[2];
107	name = argv[3];
108	secLevel = 0;
109	} else {
110	die("Usage: %s [-noauth] LOCKER PRINCIPAL\n", argv[0]);
111	}
112
113	/* Convert the locker into a directory. */
114	char dir[PATH_MAX];
115	int n;
116	struct passwd *pwd = getpwnam(locker);
117	if (pwd != NULL)
118	n = snprintf(dir, sizeof dir, "%s", pwd->pw_dir);
119	else
120	n = snprintf(dir, sizeof dir, "/mit/%s", locker);
121	if (n < 0 \|\| n >= sizeof dir)
122	die("internal error\n");
123
124	/* For non-AFS homedirs, read the .k5login file. */
125	if (strncmp(dir, "/afs/", 5) != 0 && strncmp(dir, "/mit/", 5) != 0) {
126	if (chdir(dir) != 0)
127	die("internal error: chdir: %m\n");
128	FILE *fp = fopen(".k5login", "r");
129	if (fp == NULL)
130	die("internal error: .k5login: %m\n");
131	struct stat st;
132	if (fstat(fileno(fp), &st) != 0)
133	die("internal error: fstat: %m\n");
134	if (st.st_uid != pwd->pw_uid && st.st_uid != 0) {
135	fclose(fp);
136	die("internal error: bad .k5login permissions\n");
137	}
138	bool found = false;
139	char *line = NULL;
140	size_t len = 0;
141	ssize_t read;
142	while ((read = getline(&line, &len, fp)) != -1) {
143	if (read > 0 && line[read - 1] == '\n')
144	line[read - 1] = '\0';
145	if (strcmp(name, line) == 0) {
146	found = true;
147	break;
148	}
149	}
150	if (line)
151	free(line);
152	fclose(fp);
153	if (found) {
154	printf("yes\n");
155	exit(33);
156	} else {
157	printf("no\n");
158	exit(1);
159	}
160	}
161
162	/* Get the locker's cell. */
163	char cell[MAXCELLCHARS];
164	struct ViceIoctl vi;
165	vi.in = NULL;
166	vi.in_size = 0;
167	vi.out = cell;
168	vi.out_size = sizeof cell;
169	if (pioctl(dir, VIOC_FILE_CELL_NAME, &vi, 1) != 0)
170	die("internal error: pioctl: %m\n");
171
172	if (pr_Initialize(secLevel, (char *)AFSDIR_CLIENT_ETC_DIRPATH, cell) != 0)
173	die("internal error: pr_Initialize failed\n");
174
175	/* Get the cell configuration. */
176	struct afsconf_dir *configdir = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH);
177	if (configdir == NULL)
178	die("internal error: afsconf_Open failed\n");
179	struct afsconf_cell cellconfig;
180	if (afsconf_GetCellInfo(configdir, cell, NULL, &cellconfig) != 0)
181	die("internal error: afsconf_GetCellInfo failed\n");
182	afsconf_Close(configdir);
183
184	/* Figure out the cell's realm. */
185	krb5_context context;
186	krb5_init_context(&context);
187
188	char **realm_list;
189	if (krb5_get_host_realm(context, cellconfig.hostName[0], &realm_list) != 0 \|\|
190	realm_list[0] == NULL)
191	die("internal error: krb5_get_host_realm failed");
192
193	/* Convert the Kerberos 5 principal into a (Kerberos IV-style) AFS
194	name, omitting the realm if it equals the cell's realm. */
195	krb5_principal principal;
196	if (krb5_parse_name(context, name, &principal) != 0)
197	die("internal error: krb5_parse_name failed");
198	char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
199	if (krb5_524_conv_principal(context, principal, pname, pinst, prealm) != 0)
200	die("internal error: krb5_524_conv_principal failed\n");
201	char user[MAX(PR_MAXNAMELEN, MAX_K_NAME_SZ)];
202	if (kname_unparse(user, pname, pinst,
203	strcmp(prealm, realm_list[0]) == 0 ? NULL : prealm) != 0)
204	die("internal error: kname_unparse failed\n");
205
206	krb5_free_principal(context, principal);
207	krb5_free_host_realm(context, realm_list);
208	krb5_free_context(context);
209
210	/* Instead of canonicalizing the name as below, we just use
211	strcasecmp above. */
212	#if 0
213	afs_int32 id;
214	if (pr_SNameToId((char *)user, &id) != 0)
215	die("bad principal\n");
216	if (id == ANONYMOUSID)
217	die("anonymous\n");
218	if (pr_SIdToName(id, user) != 0)
219	die("internal error: pr_SIdToName failed\n");
220	#endif
221
222	/* Read the locker ACL. */
223	char acl[2048];
224	vi.in = NULL;
225	vi.in_size = 0;
226	vi.out = acl;
227	vi.out_size = sizeof acl;
228	if (pioctl(dir, VIOCGETAL, &vi, 1) != 0)
229	die("internal error: pioctl: %m\n");
230
231	/* Parse the locker ACL to compute the user's rights. */
232	const char *p = acl;
233
234	int nplus, nminus;
235	int off;
236	if (sscanf(p, "%d\n%d\n%n", &nplus, &nminus, &off) < 2)
237	die("internal error: can't parse output from pioctl\n");
238	p += off;
239
240	int rights = parse_rights(nplus, &p, user);
241	rights &= ~parse_rights(nminus, &p, user);
242	#ifdef OVERLORDS
243	if (~rights & PRSFS_ADMINISTER && ismember(user, OVERLORDS)) {
244	openlog("admof", 0, LOG_AUTHPRIV);
245	syslog(LOG_NOTICE, "giving %s admin rights on %s", user, locker);
246	closelog();
247	rights \|= PRSFS_ADMINISTER;
248	}
249	#endif
250
251	pr_End();
252
253	/* Output whether the user is an administrator. */
254	if (rights & PRSFS_ADMINISTER) {
255	printf("yes\n");
256	exit(33);
257	} else {
258	printf("no\n");
259	exit(1);
260	}
261	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: