Status osEnabler( int inEnable, int inOneTime, int inQuiet ) { Status theStatus; DaemonOp theOp = inEnable == 1 ? sOpEnable : sOpDisable; int theFlags = inOneTime == 1 ? SMF_TEMPORARY : 0; if ( inQuiet == 0 ) { writeInitialMessage( theOp ); } if ( theOp == sOpEnable ) { theStatus = smf_enable_instance( sInstanceName, theFlags ) == SCF_SUCCESS ? sStatusOK : sErrorGeneric; } else { theStatus = smf_disable_instance( sInstanceName, theFlags ) == SCF_SUCCESS ? sStatusOK : sErrorGeneric; } if ( inQuiet == 0 ) { writeFinalMessage( theOp, theStatus ); } return theStatus; }
static int set_svc_enable_cb(void *data, scf_walkinfo_t *wip) { uint8_t desired = *(uint8_t *)data; const char *instname = wip->fmri; if (desired) { if (smf_enable_instance(instname, 0) == 0) return (0); } else { if (smf_disable_instance(instname, 0) == 0) return (0); } switch (scf_error()) { case SCF_ERROR_INVALID_ARGUMENT: uu_die(gettext("Error: \"%s\" is not a valid service " "instance.\n"), instname); break; case SCF_ERROR_NOT_FOUND: uu_die(gettext("Error: Service instance \"%s\" not found.\n"), instname); break; default: scfdie(); } return (0); }
/*ARGSUSED*/ JNIEXPORT void JNICALL Java_com_sun_dhcpmgr_bridge_Bridge_shutdown( JNIEnv *env, jobject obj) { if (smf_disable_instance(DHCP_SERVER_INST, 0) != 0) { throw_bridge_exception(env, scf_strerror(scf_error())); } }
int main(int argc, char *argv[]) { isc_result_t result; #ifdef HAVE_LIBSCF char *instance = NULL; #endif #ifdef HAVE_GPERFTOOLS_PROFILER (void) ProfilerStart(NULL); #endif /* * Record version in core image. * strings named.core | grep "named version:" */ strlcat(version, #if defined(NO_VERSION_DATE) || !defined(__DATE__) "named version: BIND " VERSION " <" SRCID ">", #else "named version: BIND " VERSION " <" SRCID "> (" __DATE__ ")", #endif sizeof(version)); result = isc_file_progname(*argv, program_name, sizeof(program_name)); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("program name too long"); if (strcmp(program_name, "lwresd") == 0) ns_g_lwresdonly = ISC_TRUE; if (result != ISC_R_SUCCESS) ns_main_earlyfatal("failed to build internal symbol table"); isc_assertion_setcallback(assertion_failed); isc_error_setfatal(library_fatal_error); isc_error_setunexpected(library_unexpected_error); ns_os_init(program_name); dns_result_register(); dst_result_register(); isccc_result_register(); #ifdef PKCS11CRYPTO pk11_result_register(); #endif parse_command_line(argc, argv); pfilter_open(); /* * Warn about common configuration error. */ if (ns_g_chrootdir != NULL) { int len = strlen(ns_g_chrootdir); if (strncmp(ns_g_chrootdir, ns_g_conffile, len) == 0 && (ns_g_conffile[len] == '/' || ns_g_conffile[len] == '\\')) ns_main_earlywarning("config filename (-c %s) contains " "chroot path (-t %s)", ns_g_conffile, ns_g_chrootdir); } result = isc_mem_create(0, 0, &ns_g_mctx); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("isc_mem_create() failed: %s", isc_result_totext(result)); isc_mem_setname(ns_g_mctx, "main", NULL); setup(); /* * Start things running and then wait for a shutdown request * or reload. */ do { result = isc_app_run(); if (result == ISC_R_RELOAD) { ns_server_reloadwanted(ns_g_server); } else if (result != ISC_R_SUCCESS) { UNEXPECTED_ERROR(__FILE__, __LINE__, "isc_app_run(): %s", isc_result_totext(result)); /* * Force exit. */ result = ISC_R_SUCCESS; } } while (result != ISC_R_SUCCESS); #ifdef HAVE_LIBSCF if (ns_smf_want_disable == 1) { result = ns_smf_get_instance(&instance, 1, ns_g_mctx); if (result == ISC_R_SUCCESS && instance != NULL) { if (smf_disable_instance(instance, 0) != 0) UNEXPECTED_ERROR(__FILE__, __LINE__, "smf_disable_instance() " "failed for %s : %s", instance, scf_strerror(scf_error())); } if (instance != NULL) isc_mem_free(ns_g_mctx, instance); } #endif /* HAVE_LIBSCF */ cleanup(); if (want_stats) { isc_mem_stats(ns_g_mctx, stdout); isc_mutex_stats(stdout); } if (ns_g_memstatistics && memstats != NULL) { FILE *fp = NULL; result = isc_stdio_open(memstats, "w", &fp); if (result == ISC_R_SUCCESS) { isc_mem_stats(ns_g_mctx, fp); isc_mutex_stats(fp); isc_stdio_close(fp); } } isc_mem_destroy(&ns_g_mctx); isc_mem_checkdestroyed(stderr); ns_main_setmemstats(NULL); isc_app_finish(); ns_os_closedevnull(); ns_os_shutdown(); #ifdef HAVE_GPERFTOOLS_PROFILER ProfilerStop(); #endif return (0); }
int main(int argc, char *argv[]) { int c; /* Internationalization */ (void) setlocale(LC_ALL, ""); (void) textdomain(TEXT_DOMAIN); /* second or more options not allowed; please pick one */ if (argc > 2) { (void) fprintf(stderr, gettext("usage: %s\n"), usage); exit(1); } /* first option required */ if ((c = getopt(argc, argv, "nstTv")) == -1) { (void) fprintf(stderr, gettext("usage: %s\n"), usage); exit(1); } switch (c) { case 'n': if (!is_valid_zone(1)) /* 1 == display error if any */ exit(1); if (sig_auditd(SIGUSR1) != 0) exit(1); break; case 's': if (!is_valid_zone(1)) /* 1 == display error if any */ exit(1); else if (!is_audit_config_ok()) exit(1); start_auditd(); return (0); case 't': if (!is_valid_zone(0)) /* 0 == no error message display */ exit(1); if (smf_disable_instance(AUDITD_FMRI, 0) != 0) { display_smf_error(); exit(1); } break; case 'T': silent = 1; if (!is_valid_zone(0)) /* 0 == no error message display */ exit(1); if (smf_disable_instance(AUDITD_FMRI, SMF_TEMPORARY) != 0) { exit(1); } break; case 'v': if (is_audit_config_ok()) { (void) fprintf(stderr, gettext("configuration ok\n")); exit(0); } else { exit(1); } break; default: (void) fprintf(stderr, gettext("usage: %s\n"), usage); exit(1); } return (0); }
int main(int argc, char *argv[]) { int c; /* options character */ int type = 0; /* type of accounting */ int modified = 0; /* have we modified any properties? */ acctconf_t ac; /* current configuration */ char *typestr = NULL; /* type of accounting argument string */ char *enabled = NULL; /* enabled resources string */ char *disabled = NULL; /* disabled resources string */ char *file = NULL; int Eflg = 0; int Dflg = 0; int rflg = 0; int sflg = 0; int xflg = 0; int optcnt = 0; int state; const char *fmri; /* FMRI for this instance */ int err = 0; setup_privs(); (void) setlocale(LC_ALL, ""); (void) textdomain(TEXT_DOMAIN); (void) setpname(argv[0]); for (; optind < argc; optind++) { while ((c = getopt(argc, argv, OPTS)) != (int)EOF) { switch (c) { case 'd': disabled = optarg; break; case 'e': enabled = optarg; break; case 'D': Dflg = 1; optcnt++; break; case 'E': Eflg = 1; optcnt++; break; case 'f': file = optarg; optcnt++; break; case 'r': rflg = 1; optcnt++; break; case 's': sflg = 1; optcnt++; break; case 'x': xflg = 1; optcnt++; break; case '?': default: usage(); } } /* * Permanently give up euid 0, egid 0 and privileges we * don't need for the specified options. */ if (!(file || sflg)) { if (setreuid(getuid(), getuid()) == -1 || setregid(getgid(), getgid()) == -1) die(gettext("setreuid()/setregid() failed")); (void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_FILE_DAC_WRITE, NULL); } if (!(disabled || enabled || Dflg || Eflg || file || sflg || xflg)) (void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_SYS_ACCT, PRIV_SYS_DL_CONFIG, NULL); if (optind < argc) { if (typestr != NULL) { warn(gettext("illegal argument -- %s\n"), argv[optind]); usage(); } else { typestr = argv[optind]; } } } if (typestr != NULL) { if (strcmp(typestr, "process") == 0 || strcmp(typestr, "proc") == 0) type |= AC_PROC; else if (strcmp(typestr, "task") == 0) type |= AC_TASK; else if (strcmp(typestr, "flow") == 0) type |= AC_FLOW; else if (strcmp(typestr, "net") == 0) type |= AC_NET; else { warn(gettext("unknown accounting type -- %s\n"), typestr); usage(); } } else type = AC_PROC | AC_TASK | AC_FLOW | AC_NET; /* * Drop the DL config privilege if we are not working with * net. */ if ((type & AC_NET) == 0) { (void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_SYS_DL_CONFIG, NULL); } /* * check for invalid options */ if (optcnt > 1) usage(); /* * XXX For AC_NET, enabled/disabled should only be "basic" or * "extended" - need to check it here. */ if ((enabled || disabled) && (rflg || Dflg || sflg || xflg || Eflg)) usage(); if ((file || xflg || Dflg || Eflg || enabled || disabled) && !typestr) { warn(gettext("accounting type must be specified\n")); usage(); } if (rflg) { printgroups(type); return (E_SUCCESS); } /* * If no arguments have been passed then just print out the current * state and exit. */ if (!enabled && !disabled && !file && !Eflg && !rflg && !Dflg && !sflg && !xflg) { aconf_print(stdout, type); return (E_SUCCESS); } /* Open the libdladm handle */ if (dladm_open(&dld_handle) != DLADM_STATUS_OK) die(gettext("failed to open dladm handle\n")); /* * smf(5) start method. The FMRI to operate on is retrieved from the * SMF_FMRI environment variable that the restarter provides. */ if (sflg) { if ((fmri = getenv("SMF_FMRI")) != NULL) { int ret = aconf_setup(fmri); dladm_close(dld_handle); return (ret); } die(gettext("-s option should only be invoked by smf(5)\n")); } assert(type == AC_PROC || type == AC_TASK || type == AC_FLOW || type == AC_NET); if ((type == AC_FLOW || type == AC_NET) && getzoneid() != GLOBAL_ZONEID) die(gettext("%s accounting cannot be configured in " "non-global zones\n"), ac_type_name(type)); fmri = aconf_type2fmri(type); if (aconf_scf_init(fmri) == -1) die(gettext("cannot connect to repository for %s\n"), fmri); /* * Since the sys_acct the privilege allows use of acctctl() regardless * of the accounting type, we check the smf(5) authorizations granted * to the user to determine whether the user is allowed to change the * configuration for this particular accounting type. */ if (!aconf_have_smf_auths()) die(gettext("insufficient authorization to change %s extended " "accounting configuration\n"), ac_type_name(type)); if (xflg) { /* * Turn off the specified accounting and close its file */ /* * Stop net logging before turning it off so that the last * set of logs can be written. */ if (type & AC_NET) { (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); err = dladm_stop_usagelog(dld_handle, DLADM_LOGTYPE_FLOW); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); if (err != DLADM_STATUS_OK) { die(gettext("failed to stop logging network " "information, error %d\n"), errno); } } state = AC_OFF; (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (acctctl(type | AC_STATE_SET, &state, sizeof (int)) == -1) die(gettext("cannot disable %s accounting"), ac_type_name(type)); if (acctctl(type | AC_FILE_SET, NULL, 0) == -1) die(gettext("cannot close %s accounting file\n"), ac_type_name(type)); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (aconf_set_bool(AC_PROP_STATE, B_FALSE) == -1) die(gettext("cannot update %s property\n"), AC_PROP_STATE); if (aconf_set_string(AC_PROP_FILE, AC_STR_NONE) == -1) die(gettext("cannot update %s property\n"), AC_PROP_FILE); modified++; } if (enabled || disabled) { char *tracked, *untracked; ac_res_t *buf; /* * Enable/disable resources */ if ((buf = malloc(AC_BUFSIZE)) == NULL) die(gettext("not enough memory\n")); (void) memset(buf, 0, AC_BUFSIZE); if (acctctl(type | AC_RES_GET, buf, AC_BUFSIZE) == -1) { free(buf); die(gettext("cannot obtain list of resources\n")); } if (disabled) { /* * Stop net logging before turning it off so that the * last set of logs can be written. */ if (type & AC_NET) { (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); err = dladm_stop_usagelog(dld_handle, strcmp(disabled, "basic") == 0 ? DLADM_LOGTYPE_LINK : DLADM_LOGTYPE_FLOW); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); if (err != DLADM_STATUS_OK) { die(gettext("failed to stop logging " "network information, error %d\n"), errno); } } str2buf(buf, disabled, AC_OFF, type); } else if (enabled) { str2buf(buf, enabled, AC_ON, type); } (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (acctctl(type | AC_RES_SET, buf, AC_BUFSIZE) == -1) { free(buf); die(gettext("cannot enable/disable %s accounting " "resources\n"), ac_type_name(type)); } (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); tracked = buf2str(buf, AC_BUFSIZE, AC_ON, type); untracked = buf2str(buf, AC_BUFSIZE, AC_OFF, type); if (aconf_set_string(AC_PROP_TRACKED, tracked) == -1) die(gettext("cannot update %s property\n"), AC_PROP_TRACKED); if (aconf_set_string(AC_PROP_UNTRACKED, untracked) == -1) die(gettext("cannot update %s property\n"), AC_PROP_UNTRACKED); free(tracked); free(untracked); free(buf); modified++; } if (file) { /* * Open new accounting file */ (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (open_exacct_file(file, type) == -1) { dladm_close(dld_handle); exit(E_ERROR); } if (aconf_set_string(AC_PROP_FILE, file) == -1) die(gettext("cannot update %s property\n"), AC_PROP_FILE); state = AC_ON; if (acctctl(type | AC_STATE_SET, &state, sizeof (int)) == -1) die(gettext("cannot enable %s accounting"), ac_type_name(type)); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (aconf_set_bool(AC_PROP_STATE, B_TRUE) == -1) die(gettext("cannot update %s property\n"), AC_PROP_STATE); modified++; } /* * Let's get network logging started. We do this after turning on * accounting and opening the file so that we can start writing * immediately. */ if (enabled && (type & AC_NET)) { /* * Default logging interval for AC_NET is * ACCTADM_NET_LOG_INTERVAL. */ (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); err = dladm_start_usagelog(dld_handle, strcmp(enabled, "basic") == 0 ? DLADM_LOGTYPE_LINK : DLADM_LOGTYPE_FLOW, ACCTADM_NET_LOG_INTERVAL); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); if (err != DLADM_STATUS_OK) { die(gettext("failed to start logging " "network information, error %d\n"), errno); } } if (Dflg) { /* * Disable accounting */ /* * Stop net logging before turning it off so that the last * set of logs can be written. */ if (type & AC_NET) { (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); err = dladm_stop_usagelog(dld_handle, DLADM_LOGTYPE_FLOW); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); if (err != DLADM_STATUS_OK) { die(gettext("failed to stop logging " "network information, error %d\n"), errno); } } state = AC_OFF; (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (acctctl(type | AC_STATE_SET, &state, sizeof (int)) == -1) die(gettext("cannot disable %s accounting"), ac_type_name(type)); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (aconf_set_bool(AC_PROP_STATE, B_FALSE) == -1) die(gettext("cannot update %s property\n"), AC_PROP_STATE); modified++; } if (Eflg) { /* * Enable accounting */ /* * Let's get network logging started. */ if (type & AC_NET) { /* * Default logging interval for AC_NET is * ACCTADM_NET_LOG_INTERVAL. */ (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); err = dladm_start_usagelog(dld_handle, DLADM_LOGTYPE_FLOW, ACCTADM_NET_LOG_INTERVAL); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_DL_CONFIG, NULL); if (err != DLADM_STATUS_OK) { die(gettext("failed to start logging " "network information, error %d\n"), errno); } } state = AC_ON; (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (acctctl(type | AC_STATE_SET, &state, sizeof (int)) == -1) die(gettext("cannot enable %s accounting"), ac_type_name(type)); (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_SYS_ACCT, NULL); if (aconf_set_bool(AC_PROP_STATE, B_TRUE) == -1) die(gettext("cannot update %s property\n"), AC_PROP_STATE); modified++; } (void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_SYS_ACCT, NULL); if (modified) { char *smf_state; if (aconf_save() == -1) die(gettext("cannot save %s accounting " "configuration\n"), ac_type_name(type)); /* * Enable or disable the instance depending on the effective * configuration. If the effective configuration results in * extended accounting being 'on', the instance is enabled so * the configuration is applied at the next boot. */ smf_state = smf_get_state(fmri); aconf_init(&ac, type); if (ac.state == AC_ON || strcmp(ac.file, AC_STR_NONE) != 0 || strcmp(ac.tracked, AC_STR_NONE) != 0) { if (strcmp(smf_state, SCF_STATE_STRING_ONLINE) != 0) if (smf_enable_instance(fmri, 0) == -1) die(gettext("cannot enable %s\n"), fmri); } else { if (strcmp(smf_state, SCF_STATE_STRING_ONLINE) == 0) if (smf_disable_instance(fmri, 0) == -1) die(gettext("cannot disable %s\n"), fmri); } free(smf_state); } aconf_scf_fini(); dladm_close(dld_handle); return (E_SUCCESS); }
int delete_instance(const char *instance_name) { int status = FAILURE; char *buf; boolean_t errflag = B_FALSE; ssize_t max_fmri_len; scf_scope_t *scope; scf_service_t *svc; scf_handle_t *handle; scf_instance_t *instance; handle = scf_handle_create(SCF_VERSION); if (handle == NULL) { errflag = B_TRUE; KSSL_DEBUG("scf_handle_create failed: %s\n", scf_strerror(scf_error())); goto out1; } KSSL_DEBUG("scf_handle_create succeeded\n"); if (scf_handle_bind(handle) == -1) { errflag = B_TRUE; KSSL_DEBUG("scf_handle_bind failed: %s\n", scf_strerror(scf_error())); goto out1; } KSSL_DEBUG("scf_handle_bind succeeded\n"); if ((scope = scf_scope_create(handle)) == NULL) { errflag = B_TRUE; KSSL_DEBUG("scf_scope_create failed: %s\n", scf_strerror(scf_error())); goto out2; } KSSL_DEBUG("scf_scope_create succeeded\n"); if ((svc = scf_service_create(handle)) == NULL) { errflag = B_TRUE; KSSL_DEBUG("scf_service_create failed: %s\n", scf_strerror(scf_error())); goto out3; } KSSL_DEBUG("scf_service_create succeeded\n"); if (scf_handle_get_scope(handle, SCF_SCOPE_LOCAL, scope) == -1) { errflag = B_TRUE; KSSL_DEBUG("scf_handle_get_scope failed: %s\n", scf_strerror(scf_error())); goto out4; } KSSL_DEBUG("scf_handle_get_scope succeeded\n"); if (scf_scope_get_service(scope, SERVICE_NAME, svc) < 0) { scf_error_t scf_errnum = scf_error(); if (scf_errnum != SCF_ERROR_NOT_FOUND) { errflag = B_TRUE; KSSL_DEBUG( "ERROR scf_scope_get_service failed: %s\n", scf_strerror(scf_errnum)); } goto out4; } else { KSSL_DEBUG("scf_scope_get_service succeeded\n"); } instance = scf_instance_create(handle); if (instance == NULL) { errflag = B_TRUE; KSSL_DEBUG("scf_instance_create failed: %s\n", scf_strerror(scf_error())); goto out4; } if (scf_service_get_instance(svc, instance_name, instance) != 0) { scf_error_t scf_errnum = scf_error(); if (scf_errnum == SCF_ERROR_NOT_FOUND) { status = SUCCESS; } else { errflag = B_TRUE; KSSL_DEBUG( "ERROR scf_scope_get_service failed: %s\n", scf_strerror(scf_errnum)); } scf_instance_destroy(instance); goto out4; } max_fmri_len = scf_limit(SCF_LIMIT_MAX_FMRI_LENGTH); if ((buf = malloc(max_fmri_len + 1)) == NULL) goto out4; if (scf_instance_to_fmri(instance, buf, max_fmri_len + 1) > 0) { char *state; KSSL_DEBUG("instance_fmri=%s\n", buf); state = smf_get_state(buf); if (state) KSSL_DEBUG("state=%s\n", state); if (state && strcmp(state, "online") == 0) { if (smf_disable_instance(buf, 0) != 0) { errflag = B_TRUE; KSSL_DEBUG( "smf_disable_instance failed: %s\n", scf_strerror(scf_error())); } else { /* * Wait for some time till timeout to avoid * a race with scf_instance_delete() below. */ wait_till_to(buf); } } } if (scf_instance_delete(instance) != 0) { errflag = B_TRUE; KSSL_DEBUG( "ERROR scf_instance_delete failed: %s\n", scf_strerror(scf_error())); goto out4; } else { KSSL_DEBUG("deleted %s\n", instance_name); } status = SUCCESS; out4: scf_service_destroy(svc); out3: scf_scope_destroy(scope); out2: (void) scf_handle_unbind(handle); out1: if (handle != NULL) scf_handle_destroy(handle); if (errflag) (void) fprintf(stderr, gettext( "Unexpected fatal libscf error: %s. Exiting.\n"), scf_strerror(scf_error())); return (status); }