int
fixmount_check_mount(char *host, struct in_addr hostaddr, char *path)
{
  int start = 0;
  int err = 0;
  struct fs_data ment;
  int found = 0;

  /* scan mtab for path */
  while (!found && (err = getmnt(&start, &ment, sizeof(ment),
				 NOSTAT_MANY, NULL)) > 0) {
    char *colon;

    if (colon = strchr(ment.fd_devname, ':')) {
      *colon = '\0';
      if ((STREQ(colon + 1, path) ||
	   STREQ(ment.fd_path, path)) &&
	  is_same_host(ment.fd_devname, host, hostaddr))
	  found = 1;
    }
  }

  if (!found && err < 0) {
    perror("getmnt");
    exit(1);
  }
  return found;
}
Example #2
0
int
fixmount_check_mount(char *host, struct in_addr hostaddr, char *path)
{
  struct statfs *mntbufp, *mntp;
  int nloc, i;
  char *colon;

  /* read mount table from kernel */
  nloc = getmntinfo(&mntbufp, MNT_NOWAIT);
  if (nloc <= 0) {
    perror("getmntinfo");
    exit(1);
  }

  mntp = mntbufp;
  for (i=0; i<nloc; ++i) {
    if ((colon = strchr(mntp->f_mntfromname, ':'))) {
      *colon = '\0';
      if (STREQ(colon + 1, path) &&
	  is_same_host(mntp->f_mntfromname, host, hostaddr))
	return 1;
    }
  }

  return 0;
}
Example #3
0
int
fixmount_check_mount(char *host, struct in_addr hostaddr, char *path)
{
  FILE *mtab;
  mntent_t *ment;
  int found = 0;

  /* scan mtab for path */
  if (!(mtab = setmntent(_PATH_MTAB, "r"))) {
    perror(_PATH_MTAB);
    exit(1);
  }

  /*
   * setmntent() doesn't do locking in read-only mode. Too bad -- it seems to
   * rely on mount() and friends to do atomic updates by renaming the file.
   * Well, our patched amd rewrites mtab in place to avoid NFS lossage, so
   * better do the locking ourselves.
   */
#ifdef HAVE_FLOCK
  if (flock(fileno(mtab), LOCK_SH) < 0) {
#else /* not HAVE_FLOCK */
  if (lockf(fileno(mtab), F_LOCK, 0) < 0) {
#endif /* not HAVE_FLOCK */
    perror(_PATH_MTAB);
    exit(1);
  }

  while (!found && (ment = getmntent(mtab))) {
    char *colon;

    if ((colon = strchr(ment->mnt_fsname, ':'))) {
      *colon = '\0';
      if ((STREQ(colon + 1, path) ||
	   STREQ(ment->mnt_dir, path)) &&
	  is_same_host(ment->mnt_fsname, host, hostaddr))
	  found = 1;
    }
  }

  (void) endmntent(mtab);

  if (!found) {
    char *swap;

    /* swap files never show up in mtab, only root fs */
    if ((swap = strstr(path, "swap"))) {
      strncpy(swap, "root", 4);	/* this should NOT use xstrlcpy  */
      found = fixmount_check_mount(host, hostaddr, path);
      strncpy(swap, "swap", 4);	/* this should NOT use xstrlcpy  */
    }
  }
  return found;
}
Example #4
0
int
fixmount_check_mount(char *host, struct in_addr hostaddr, char *path)
{
  int nentries, i;
  struct statfs *fslist;
  int found = 0;

  nentries = getmntinfo(&fslist, MNT_NOWAIT);
  if (nentries <= 0) {
    perror("getmntinfo");
    exit(1);
  }

  for (i = 0; !found && (i < nentries); i++) {
    char *delim;

    /*
     * Apparently two forms of nfs mount syntax are
     * accepted: host:/path or /path@host
     */
    if ((delim = strchr(fslist[i].f_mntfromname, ':'))) {
      *delim = '\0';
      if ((STREQ(delim + 1, path) ||
	   STREQ(fslist[i].f_mntonname, path)) &&
	  is_same_host(fslist[i].f_mntfromname,
		       host, hostaddr))
	  found = 1;
    } else if ((delim = strchr(fslist[i].f_mntfromname, '@'))) {
      *delim = '\0';
      if ((STREQ(fslist[i].f_mntfromname, path) ||
	   STREQ(fslist[i].f_mntonname, path)) &&
	  is_same_host(delim + 1, host, hostaddr))
	  found = 1;
    }
  }

  return found;
}
Example #5
0
int
fixmount_check_mount(char *host, struct in_addr hostaddr, char *path)
{
  int ret, i;
  char *mntinfo = 0, *cp;
  char *short_hostname, *long_hostname, *mount_point;
  struct vmount *vp;

  /*
   * First figure out size of mount table and allocate space for a copy...
   * Then get mount table for real.
   */
  ret = mntctl(MCTL_QUERY, sizeof(i), (char *) &i);
  if (ret == 0) {
    mntinfo = xmalloc(i);
    ret = mntctl(MCTL_QUERY, i, mntinfo);
  }
  if (ret <= 0) {
    fprintf(stderr, "mntctl: %m");
    XFREE(mntinfo);
    exit(1);
  }

  /* iterate over each vmount structure */
  for (i = 0, cp = mntinfo; i < ret; i++, cp += vp->vmt_length) {
    vp = (struct vmount *) cp;
    mount_point = vmt2dataptr(vp, VMT_STUB);
    long_hostname = vmt2dataptr(vp, VMT_HOSTNAME);
    short_hostname = vmt2dataptr(vp, VMT_HOST);
    if (STREQ(path, mount_point) &&
	(is_same_host(long_hostname, host, hostaddr) ||
	 is_same_host(short_hostname, host, hostaddr)))
      return 1;
  }

  return 0;
}
Example #6
0
int
fixmount_check_mount(char *host, struct in_addr hostaddr, char *path)
{
  FILE *mtab;
  struct mnttab ment;
  int err = 0;
  int found = 0;

  /* scan mtab for path */
  if (!(mtab = fopen(MNTTAB, "r"))) {
    perror(MNTTAB);
    exit(1);
  }

  while (!found && (err = getmntent(mtab, &ment)) == 0) {
    char *colon;

    if ((colon = strchr(ment.mnt_fsname, ':'))) {
      *colon = '\0';
      if ((STREQ(colon + 1, path) ||
	   STREQ(ment.mnt_dir, path)) &&
	  is_same_host(ment.mnt_fsname, host, hostaddr))
	  found = 1;
    }
  }

  if (err > 0) {
    fprintf(stderr, "getmntent: %s: %s\n", MNTTAB,
	    err == MNT_TOOLONG ? "entry exceeds MNT_LINE_MAX" :
	    err == MNT_TOOMANY ? "too many fields in line" :
	    err == MNT_TOOFEW ? "too few fields in line" :
	    "unknown error code");
    exit(1);
  }
  (void) fclose(mtab);

  /* XXX: Is this still valid in SunOS 5.x ? */
  if (!found) {
    char *swap;

    /* swap files never show up in mtab, only root fs */
    if ((swap = strstr(path, "swap"))) {
      strncpy(swap, "root", 4);	/* this should NOT use xstrlcpy  */
      found = fixmount_check_mount(host, hostaddr, path);
      strncpy(swap, "swap", 4);	/* this should NOT use xstrlcpy  */
    }
  }
  return found;
}
Example #7
0
int
svr_get_privilege(char *user, char *host)
{
	int   is_root = 0;
	int   priv = (ATR_DFLAG_USRD | ATR_DFLAG_USWR);
	char  uh[PBS_MAXUSER + PBS_MAXHOSTNAME + 2];
#ifdef WIN32
	char  server_host_netbios[MAX_COMPUTERNAME_LENGTH+1];
	DWORD hsize = MAX_COMPUTERNAME_LENGTH;

	char  current_domain[PBS_MAXHOSTNAME+1];
	char  server_host_domain[PBS_MAXHOSTNAME+1];
	char  user_s[PBS_MAXHOSTNAME+ UNLEN+2];
	char  *p = NULL;
	char  *p0 = NULL;
	int   ch = '\\';
#endif

	(void)strcpy(uh, user);
	(void)strcat(uh, "@");
	(void)strcat(uh, host);

#ifdef WIN32
	/* Try to match requesting host against: 		  */
	/*    localhost						  */
	/*    <server_host> 			 		  */
	/*    <server_host_netbios_name>         		  */
	/*    <server_host_netbios_name>.<windows_domain>         */
	if ( isAdminPrivilege(user) && \
		( (strcasecmp(host, server_host) == 0)  || \
		(strcasecmp(host, LOCALHOST_SHORTNAME) == 0)  || \

		(GetComputerName(server_host_netbios, &hsize) && \
		(strcasecmp(host, server_host_netbios) == 0)) || \

		(GetComputerDomainName(current_domain) && \
		sprintf(server_host_domain, "%s.%s", server_host_netbios,
		current_domain) && \
		(strcasecmp(host, server_host_domain) == 0)) ) ) {
			is_root = 1;
	}
#else
	if (strcmp(user, PBS_DEFAULT_ADMIN) == 0) {
		char myhostname[PBS_MAXHOSTNAME+1];
		/* First try without DNS lookup. */
		if (strcasecmp(host, server_host) == 0) {
			is_root = 1;
		} else if (strcasecmp(host, LOCALHOST_SHORTNAME) == 0) {
			is_root = 1;
		} else if (strcasecmp(host, LOCALHOST_FULLNAME) == 0) {
			is_root = 1;
		} else {
			if (gethostname(myhostname, (sizeof(myhostname) - 1)) == -1) {
				myhostname[0] = '\0';
			}
			if (strcasecmp(host, myhostname) == 0) {
				is_root = 1;
			}
		}
		if (is_root == 0) {
			/* Now try with DNS lookup. */
			if (is_same_host(host, server_host)) {
				is_root = 1;
			} else if (is_same_host(host, myhostname)) {
				is_root = 1;
			}
		}
	}
#endif	/* WIN32 */

#ifdef PBS_ROOT_ALWAYS_ADMIN
	if (is_root)
		return (priv | ATR_DFLAG_MGRD | ATR_DFLAG_MGWR | ATR_DFLAG_OPRD | ATR_DFLAG_OPWR);
#endif	/* PBS_ROOT_ALWAYS_ADMIN */

	if (!(server.sv_attr[(int)SRV_ATR_managers].at_flags & ATR_VFLAG_SET)) {
		if (is_root)
			priv |= (ATR_DFLAG_MGRD | ATR_DFLAG_MGWR);

	} else if (acl_check(&server.sv_attr[SRV_ATR_managers], uh, ACL_User))
		priv |= (ATR_DFLAG_MGRD | ATR_DFLAG_MGWR);

	if (!(server.sv_attr[(int)SRV_ATR_operators].at_flags&ATR_VFLAG_SET)) {
		if (is_root)
			priv |= (ATR_DFLAG_OPRD | ATR_DFLAG_OPWR);

	} else if (acl_check(&server.sv_attr[SRV_ATR_operators], uh, ACL_User))
		priv |= (ATR_DFLAG_OPRD | ATR_DFLAG_OPWR);

	return (priv);
}
Example #8
0
int
svr_chk_owner(struct batch_request *preq, job *pjob)
{
	char  owner[PBS_MAXUSER+1];
	char *pu;
	char *ph;
	char  rmtuser[PBS_MAXUSER+PBS_MAXHOSTNAME+2];
	extern int ruserok(const char *rhost, int suser, const char *ruser,
		const char *luser);
#ifdef	WIN32
	extern int user_read_password(char *user, char **cred, size_t *len);
	extern int read_cred(job *pjob, char **cred, size_t *len);
	extern int decrypt_pwd(char *crypted, size_t len, char **passwd);
#endif

	/* Are the owner and requestor the same? */
	snprintf(rmtuser, sizeof(rmtuser), "%s",
			pjob->ji_wattr[(int)JOB_ATR_job_owner].at_val.at_str);
	pu = rmtuser;
	ph = strchr(rmtuser, '@');
	if (!ph)
		return -1;
	*ph++ = '\0';
	if (strcmp(preq->rq_user, pu) == 0) {
		/* Avoid the lookup if they match. */
		if (strcmp(preq->rq_host, ph) == 0)
			return 0;
		/* Perform the lookup. */
		if (is_same_host(preq->rq_host, ph))
			return 0;
	}

	/* map requestor user@host to "local" name */

	pu = site_map_user(preq->rq_user, preq->rq_host);
	if (pu == NULL)
		return (-1);
	(void)strncpy(rmtuser, pu, PBS_MAXUSER);

	/*
	 * Get job owner name without "@host" and then map to "local" name.
	 */

	get_jobowner(pjob->ji_wattr[(int)JOB_ATR_job_owner].at_val.at_str, owner);
	pu = site_map_user(owner, get_hostPart(pjob->ji_wattr[(int)JOB_ATR_job_owner].at_val.at_str));

	if (server.sv_attr[(int)SRV_ATR_FlatUID].at_val.at_long) {
		/* with flatuid, all that must match is user names */
		return (strcmp(rmtuser, pu));
	} else  {
		/* non-flatuid space, must validate rmtuser vs owner */
#ifdef	WIN32
		if ( (server.sv_attr[SRV_ATR_ssignon_enable].at_flags &      \
                                                   ATR_VFLAG_SET) &&         \
             	     (server.sv_attr[SRV_ATR_ssignon_enable].at_val.at_long  \
                                                              		== 1) ) {
			/* read/cache user password */
			cache_usertoken_and_homedir(pu, NULL, 0,
				user_read_password, (char *)pu, pbs_decrypt_pwd, 0);
		} else {
			/* read/cache job password */
			cache_usertoken_and_homedir(pu, NULL, 0,
				read_cred, (job *)pjob, pbs_decrypt_pwd, 0);
		}
#endif
		return (ruserok(preq->rq_host, 0, rmtuser, pu));
	}
}