DWORD CTWriteToken(FILE *file, CTParseToken *token)
{
const char *value = token->value;
const char *white = token->trailingSeparator;
if(value == NULL)
value = "";
if(white == NULL)
white = "";
return CTFilePrintf(file, "%s%s", value, white);
}
static DWORD WriteNsswitchConfiguration(const char *rootPrefix, NsswitchConf *conf)
{
DWORD ceError = ERROR_SUCCESS;
DynamicArray printedLine;
int i;
char *tempName = NULL;
char *finalName = NULL;
char *prefixedPath = NULL;
FILE *file = NULL;
memset(&printedLine, 0, sizeof(printedLine));
GCE(ceError = CTAllocateStringPrintf(&prefixedPath, "%s%s", rootPrefix, conf->filename));
GCE(ceError = CTGetFileTempPath(
prefixedPath,
&finalName,
&tempName));
DJ_LOG_INFO("Writing nsswitch configuration for %s", finalName);
ceError = CTOpenFile(tempName, "w", &file);
if(ceError)
{
DJ_LOG_ERROR("Unable to open '%s' for writing", tempName);
GCE(ceError);
}
for(i = 0; i < conf->lines.size; i++)
{
GCE(ceError = GetPrintedLine(&printedLine, conf, i));
GCE(ceError = CTFilePrintf(file, "%s\n", printedLine.data));
}
GCE(ceError = CTCloseFile(file));
file = NULL;
GCE(ceError = CTSafeReplaceFile(
finalName,
tempName));
DJ_LOG_INFO("File moved into place");
cleanup:
if(file != NULL)
CTCloseFile(file);
CTArrayFree(&printedLine);
CT_SAFE_FREE_STRING(tempName);
CT_SAFE_FREE_STRING(finalName);
CT_SAFE_FREE_STRING(prefixedPath);
return ceError;
}
static void ConfigureApparmor(BOOLEAN enable, LWException **exc)
{
DWORD ceError = ERROR_SUCCESS;
BOOLEAN hasApparmor;
BOOLEAN configured;
BOOLEAN usingMr;
FILE *file = NULL;
PCSTR addString;
PSTR restartPath = NULL;
PSTR restartCommand = NULL;
char *tempName = NULL;
char *finalName = NULL;
LW_CLEANUP_CTERR(exc, IsApparmorConfigured(&configured));
if(configured == enable)
goto cleanup;
LW_CLEANUP_CTERR(exc, CTCheckFileOrLinkExists(APPARMOR_NSSWITCH,
&hasApparmor));
if(!hasApparmor)
goto cleanup;
GCE(ceError = CTGetFileTempPath(
APPARMOR_NSSWITCH,
&finalName,
&tempName));
LW_CLEANUP_CTERR(exc, CTCheckFileHoldsPattern(finalName,
"mr,", &usingMr));
if(usingMr)
addString =
PREFIXDIR "/lib/*.so* mr,\n"
PREFIXDIR "/lib64/*.so* mr,\n"
"/tmp/.lwidentity/pipe rw,\n"
LOCALSTATEDIR "/lib/likewise/.lsassd rw,\n"
LOCALSTATEDIR "/tmp/.lsaclient_* rw,\n";
else
addString =
PREFIXDIR "/lib/*.so* r,\n"
PREFIXDIR "/lib64/*.so* r,\n"
"/tmp/.lwidentity/pipe rw,\n"
LOCALSTATEDIR "/lib/likewise/.lsassd rw,\n"
LOCALSTATEDIR "/tmp/.lsaclient_* rw,\n";
if(enable)
{
LW_CLEANUP_CTERR(exc, CTCopyFileWithOriginalPerms(finalName, tempName));
LW_CLEANUP_CTERR(exc, CTOpenFile(tempName, "a", &file));
LW_CLEANUP_CTERR(exc, CTFilePrintf(file, "# likewise\n%s# end likewise\n",
addString));
CTSafeCloseFile(&file);
LW_CLEANUP_CTERR(exc, CTSafeReplaceFile(finalName, tempName));
}
else
{
LW_CLEANUP_CTERR(exc, CTRunSedOnFile(finalName, finalName, FALSE, "/^[ \t]*#[ \t]*likewise[ \t]*$/,/^[ \t]*#[ \t]*end likewise[ \t]*$/d"));
LW_CLEANUP_CTERR(exc, CTRunSedOnFile(finalName, finalName, FALSE, "/^[ \t]*#[ \t]*centeris[ \t]*$/,/^[ \t]*#[ \t]*end centeris[ \t]*$/d"));
}
ceError = CTFindFileInPath("rcapparmor", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", &restartPath);
if(ceError == ERROR_FILE_NOT_FOUND)
{
ceError = CTFindFileInPath("apparmor", "/etc/init.d/apparmor", &restartPath);
}
if(ceError == ERROR_FILE_NOT_FOUND)
{
ceError = ERROR_SUCCESS;
}
else if(!ceError)
{
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(&restartCommand,
"%s restart", restartPath));
LW_TRY(exc, CTCaptureOutputToExc(restartCommand, &LW_EXC));
}
LW_CLEANUP_CTERR(exc, ceError);
cleanup:
if(file != NULL)
{
CTCloseFile(file);
CTRemoveFile(tempName);
}
CT_SAFE_FREE_STRING(restartPath);
CT_SAFE_FREE_STRING(restartCommand);
CT_SAFE_FREE_STRING(tempName);
CT_SAFE_FREE_STRING(finalName);
}
