/* * if auditd isn't running, start it. Otherwise refresh. * First check to see if c2audit is loaded via the auditon() * system call, then check SMF state. */ static void start_auditd() { int audit_state; char *state; if (auditon(A_GETCOND, (caddr_t)&audit_state, sizeof (audit_state)) != 0) exit(1); if ((state = smf_get_state(AUDITD_FMRI)) == NULL) { display_smf_error(); exit(1); } if (strcmp(SCF_STATE_STRING_ONLINE, state) != 0) { if (smf_enable_instance(AUDITD_FMRI, 0) != 0) { display_smf_error(); free(state); exit(1); } } else { if (smf_refresh_instance(AUDITD_FMRI) != 0) { display_smf_error(); free(state); exit(1); } } free(state); }
/*ARGSUSED*/ JNIEXPORT void JNICALL Java_com_sun_dhcpmgr_bridge_Bridge_startup( JNIEnv *env, jobject obj) { char *s; int ret; /* * We first get the current state of the server according to * svc.startd; if it's "disabled", we can just enable it. * In any other case, we want to send a refresh so that * dependencies are re-evaluated, which will be the case if the * service was marked enabled by the profile, yet the * config file didn't exist to allow it to run. */ if ((s = smf_get_state(DHCP_SERVER_INST)) != NULL) { if (strcmp(SCF_STATE_STRING_DISABLED, s) == 0) ret = smf_enable_instance(DHCP_SERVER_INST, 0); else ret = smf_refresh_instance(DHCP_SERVER_INST); free(s); if (ret == 0) return; } /* Something wasn't right, return exception with error from smf */ throw_bridge_exception(env, scf_strerror(scf_error())); }
/* Enables the location. */ static void nwamd_loc_activate(const char *object_name) { char *enabled; nlog(LOG_DEBUG, "nwamd_loc_activate: activating loc %s", object_name); /* * Find currently enabled location and change its state to disabled * if it is a manual location, or offline (if it is not). * Only manual locations reach disabled, since conditional and * system locations which are manually disabled simply revert to * their conditions for activation. */ if ((enabled = malloc(NWAM_MAX_NAME_LEN)) != NULL && nwamd_lookup_string_property(NET_LOC_FMRI, NET_LOC_PG, NET_LOC_SELECTED_PROP, enabled, NWAM_MAX_NAME_LEN) == 0) { /* Only change state if current != new */ if (strcmp(enabled, object_name) != 0) { boolean_t do_disable = B_FALSE; nwamd_object_t eobj = nwamd_object_find (NWAM_OBJECT_TYPE_LOC, enabled); if (eobj == NULL) { nlog(LOG_INFO, "nwamd_loc_activate: could not " "find old location %s", enabled); goto skip_disable; } /* * Disable if the old location was manual, since the * only way a manual location can deactivate is if * it is disabled. */ do_disable = (loc_get_activation_mode(eobj->nwamd_object_handle) == (int64_t)NWAM_ACTIVATION_MODE_MANUAL); nwamd_object_release(eobj); if (do_disable) { nlog(LOG_DEBUG, "nwamd_loc_activate: " "disable needed for old location %s", enabled); nwamd_object_set_state (NWAM_OBJECT_TYPE_LOC, enabled, NWAM_STATE_DISABLED, NWAM_AUX_STATE_MANUAL_DISABLE); } else { nlog(LOG_DEBUG, "nwamd_loc_activate: " "offline needed for old location %s", enabled); nwamd_object_set_state (NWAM_OBJECT_TYPE_LOC, enabled, NWAM_STATE_OFFLINE, NWAM_AUX_STATE_CONDITIONS_NOT_MET); } } } skip_disable: free(enabled); if (nwamd_set_string_property(NET_LOC_FMRI, NET_LOC_PG, NET_LOC_SELECTED_PROP, object_name) == 0) { char *state = smf_get_state(NET_LOC_FMRI); nlog(LOG_INFO, "nwamd_loc_activate: set %s/%s to %s; " "service is in %s state", NET_LOC_PG, NET_LOC_SELECTED_PROP, object_name, state == NULL ? "unknown" : state); free(state); (void) smf_restore_instance(NET_LOC_FMRI); if (smf_refresh_instance(NET_LOC_FMRI) == 0) { (void) pthread_mutex_lock(&active_loc_mutex); (void) strlcpy(active_loc, object_name, sizeof (active_loc)); (void) pthread_mutex_unlock(&active_loc_mutex); nwamd_object_set_state(NWAM_OBJECT_TYPE_LOC, object_name, NWAM_STATE_ONLINE, NWAM_AUX_STATE_ACTIVE); } else { nlog(LOG_ERR, "nwamd_loc_activate: " "%s could not be refreshed", NET_LOC_FMRI); nwamd_object_set_state(NWAM_OBJECT_TYPE_LOC, object_name, NWAM_STATE_MAINTENANCE, NWAM_AUX_STATE_METHOD_FAILED); } } }
/* * mgmt_config_save2scf() saves main configuration to scf * See also : mgmt_get_main_config() */ Boolean_t mgmt_config_save2scf() { targ_scf_t *h = NULL; scf_property_t *prop = NULL; scf_value_t *value = NULL; scf_iter_t *iter = NULL; char pgname[64]; char passcode[32]; unsigned int outlen; tgt_node_t *n = NULL; tgt_node_t *pn = NULL; tgt_node_t *tn = NULL; scf_transaction_t *tx = NULL; secret_list_t *sl_head; secret_list_t *sl_tail; h = mgmt_handle_init(); if (h == NULL) return (False); prop = scf_property_create(h->t_handle); value = scf_value_create(h->t_handle); iter = scf_iter_create(h->t_handle); (void) pthread_mutex_lock(&scf_conf_mutex); if (mgmt_transaction_start(h, "iscsitgt", "basic") == True) { scf_pg_delete(h->t_pg); mgmt_transaction_end(h); } if (mgmt_transaction_start(h, "passwords", "application") == True) { scf_pg_delete(h->t_pg); mgmt_transaction_end(h); } if (scf_iter_service_pgs_typed(iter, h->t_service, "configuration") == -1) { goto error; } tx = scf_transaction_create(h->t_handle); while (scf_iter_next_pg(iter, h->t_pg) > 0) { scf_transaction_start(tx, h->t_pg); scf_pg_delete(h->t_pg); scf_transaction_commit(tx); } scf_transaction_reset(tx); scf_transaction_destroy(tx); sl_head = (secret_list_t *)calloc(1, sizeof (secret_list_t)); sl_tail = sl_head; if (mgmt_transaction_start(h, "iscsitgt", "basic") == True) { for (n = main_config->x_child; n; n = n->x_sibling) { if (strcmp(n->x_name, XML_ELEMENT_CHAPSECRET) == 0) { sl_tail->next = (secret_list_t *) calloc(1, sizeof (secret_list_t)); sl_tail = sl_tail->next; sl_tail->name = strdup("main"); sl_tail->secret = strdup(n->x_value); continue; } /* so does the radius server secret */ if (strcmp(n->x_name, XML_ELEMENT_RAD_SECRET) == 0) { sl_tail->next = (secret_list_t *) calloc(1, sizeof (secret_list_t)); sl_tail = sl_tail->next; sl_tail->name = strdup("radius"); sl_tail->secret = strdup(n->x_value); continue; } if (n->x_child == NULL) { new_property(h, n); } } new_property(h, main_config->x_attr); n = tgt_node_alloc(ISCSI_MODIFY_AUTHNAME, String, ISCSI_AUTH_MODIFY); new_property(h, n); tgt_node_free(n); n = tgt_node_alloc(ISCSI_VALUE_AUTHNAME, String, ISCSI_AUTH_VALUE); new_property(h, n); tgt_node_free(n); mgmt_transaction_end(h); } /* now update target/initiator/tpgt information */ for (n = main_config->x_child; n; n = n->x_sibling) { if (n->x_child == NULL) continue; snprintf(pgname, sizeof (pgname), "%s_%s", n->x_name, n->x_value); if (mgmt_transaction_start(h, pgname, "configuration") == True) { for (pn = n->x_child; pn; pn = pn->x_sibling) { if (strcmp(pn->x_name, XML_ELEMENT_CHAPSECRET) == 0) { sl_tail->next = (secret_list_t *) calloc(1, sizeof (secret_list_t)); sl_tail = sl_tail->next; sl_tail->name = (char *) calloc(1, strlen(n->x_value) + 3); snprintf(sl_tail->name, strlen(n->x_value) + 3, "I_%s", n->x_value); sl_tail->secret = strdup(pn->x_value); continue; } if (pn->x_child == NULL) { /* normal property */ new_property(h, pn); } else { /* pn -> xxx-list */ new_value_list(h, pn); } tn = tgt_node_alloc(ISCSI_MODIFY_AUTHNAME, String, ISCSI_AUTH_MODIFY); new_property(h, tn); tgt_node_free(tn); tn = tgt_node_alloc(ISCSI_VALUE_AUTHNAME, String, ISCSI_AUTH_VALUE); new_property(h, tn); tgt_node_free(tn); } mgmt_transaction_end(h); } } if (mgmt_transaction_start(h, "passwords", "application") == True) { while (sl_head != NULL) { /* Here we use sl_tail as a temporari var */ sl_tail = sl_head->next; if (sl_head->name) { /* max length of encoded passwd is 24B */ sasl_encode64(sl_head->secret, strlen(sl_head->secret), passcode, sizeof (passcode), &outlen); n = tgt_node_alloc(sl_head->name, String, passcode); new_property(h, n); tgt_node_free(n); } if (sl_head->name) free(sl_head->name); if (sl_head->secret) free(sl_head->secret); free(sl_head); sl_head = sl_tail; } n = tgt_node_alloc(ISCSI_READ_AUTHNAME, String, ISCSI_AUTH_READ); new_property(h, n); tgt_node_free(n); n = tgt_node_alloc(ISCSI_VALUE_AUTHNAME, String, ISCSI_AUTH_VALUE); new_property(h, n); tgt_node_free(n); n = tgt_node_alloc(ISCSI_MODIFY_AUTHNAME, String, ISCSI_AUTH_MODIFY); new_property(h, n); tgt_node_free(n); mgmt_transaction_end(h); } if (smf_refresh_instance(SA_TARGET_SVC_INSTANCE_FMRI) != 0) goto error; (void) pthread_mutex_unlock(&scf_conf_mutex); scf_iter_destroy(iter); scf_value_destroy(value); scf_property_destroy(prop); return (True); error: (void) pthread_mutex_unlock(&scf_conf_mutex); scf_iter_destroy(iter); scf_value_destroy(value); scf_property_destroy(prop); mgmt_handle_fini(h); return (False); }
conerr_t smfu_set_property(char *fmri, char *pgname, char *propname, char *value) { conerr_t err = ce_ok; scf_handle_t *scfhandle = handle_create(); scf_service_t *service = scf_service_create(scfhandle); scf_instance_t *instance = scf_instance_create(scfhandle); scf_propertygroup_t *pg = scf_pg_create(scfhandle); scf_property_t *prop = scf_property_create(scfhandle); scf_value_t *val = scf_value_create(scfhandle); scf_transaction_t *tx = scf_transaction_create(scfhandle); scf_transaction_entry_t *ent = scf_entry_create(scfhandle); scf_type_t type; if (scfhandle == NULL || service == NULL || instance == NULL || pg == NULL || prop == NULL || tx == NULL || ent == NULL || val == NULL) { err = ce_nomem; goto out; } if (scf_handle_decode_fmri(scfhandle, fmri, NULL, service, instance, NULL, NULL, 0) != SCF_SUCCESS) { rad_log(RL_ERROR, "couldn't decode '%s': %s\n", fmri, scf_strerror(scf_error())); err = maperr(scf_error()); goto out; } if (scf_instance_get_pg(instance, pgname, pg) != 0 || scf_pg_get_property(pg, propname, prop) != 0 || scf_property_type(prop, &type) != 0) { rad_log(RL_ERROR, "couldn't get property: '%s/%s/%s': %s\n", fmri, pgname, propname, scf_strerror(scf_error())); err = maperr(scf_error()); goto out; } top: if (scf_transaction_start(tx, pg) == -1 || scf_transaction_property_change(tx, ent, propname, type) != 0 || scf_value_set_from_string(val, type, value) != 0 || scf_entry_add_value(ent, val) != 0) { rad_log(RL_ERROR, "couldn't set property: '%s/%s/%s': %s\n", fmri, pgname, propname, scf_strerror(scf_error())); err = maperr(scf_error()); goto out; } switch (scf_transaction_commit(tx)) { /* success */ case 1: if (smf_refresh_instance(fmri) != 0) { err = maperr(scf_error()); goto out; } break; /* retry */ case 0: if (scf_pg_update(pg) != 0) { err = maperr(scf_error()); goto out; } scf_transaction_reset(tx); goto top; default: err = maperr(scf_error()); goto out; } out: scf_entry_destroy(ent); scf_transaction_destroy(tx); scf_value_destroy(val); scf_property_destroy(prop); scf_pg_destroy(pg); scf_instance_destroy(instance); scf_service_destroy(service); scf_handle_destroy(scfhandle); return (err); }
static int modify_inst_props_cb(void *data, scf_walkinfo_t *wip) { int i, j; char *value; const char *fmri = wip->fmri; scf_instance_t *inst = wip->inst; inetd_prop_t *mod, *prop_table; size_t numprops; ssize_t max_val; int64_t new_int; int argc = ((arglist_t *)data)->argc; char **argv = ((arglist_t *)data)->argv; if ((max_val = scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH)) < 0) scfdie(); prop_table = get_prop_table(&numprops); if ((mod = malloc(numprops * sizeof (inetd_prop_t))) == NULL) uu_die(gettext("Error: Out of memory.\n")); (void) memcpy(mod, prop_table, numprops * sizeof (inetd_prop_t)); /* * For each property to be changed, look up the property name in the * property table. Change each property in the mod array, and then * write the entire thing back. */ for (i = 0; i < argc; i++) { /* Separate argument into name and value pair */ if ((value = strchr(argv[i], '=')) == NULL) uu_die(gettext("Error: Malformed name=value pair " "\"%s\"\n"), argv[i]); *value = '\0'; value++; /* Find property name in array of properties */ for (j = 0; mod[j].ip_name != NULL; j++) { if (strcmp(mod[j].ip_name, argv[i]) == 0) break; } if (mod[j].ip_name == NULL) uu_die(gettext("Error: \"%s\" is not a valid " "property.\n"), argv[i]); if (*value == '\0') { if ((mod[j].ip_default) || (j == PT_ARG0_INDEX)) { /* mark property for deletion */ mod[j].ip_error = IVE_INVALID; /* return the '=' taken out above */ *(--value) = '='; continue; } else { uu_die(gettext("\"%s\" is a mandatory " "property and can not be deleted.\n"), argv[i]); } } switch (mod[j].ip_type) { case INET_TYPE_INTEGER: if (uu_strtoint(value, &new_int, sizeof (new_int), NULL, NULL, NULL) == -1) uu_die(gettext("Error: \"%s\" is not a valid " "integer value.\n"), value); mod[j].ip_value.iv_int = new_int; break; case INET_TYPE_STRING: if (strlen(value) >= max_val) { uu_die(gettext("Error: String value is longer " "than %l characters.\n"), max_val); } else if ((mod[j].ip_value.iv_string = strdup(value)) == NULL) { uu_die(gettext("Error: Out of memory.\n")); } break; case INET_TYPE_STRING_LIST: if ((mod[j].ip_value.iv_string_list = get_protos(value)) == NULL) { if (errno == ENOMEM) { uu_die(gettext( "Error: Out of memory.\n")); } else if (errno == E2BIG) { uu_die(gettext( "Error: String value in " "%s property longer than " "%l characters.\n"), PR_PROTO_NAME, max_val); } else { uu_die(gettext( "Error: No values " "specified for %s " "property.\n"), PR_PROTO_NAME); } } break; case INET_TYPE_BOOLEAN: if (strcasecmp(value, INETADM_TRUE_STR) == 0) mod[j].ip_value.iv_boolean = B_TRUE; else if (strcasecmp(value, INETADM_FALSE_STR) == 0) mod[j].ip_value.iv_boolean = B_FALSE; else uu_die(gettext("Error: \"%s\" is not a valid " "boolean value. (TRUE or FALSE)\n"), value); } /* mark property for modification */ mod[j].ip_error = IVE_VALID; /* return the '=' taken out above */ *(--value) = '='; } commit_props(inst, mod, B_FALSE); free(mod); if (smf_refresh_instance(fmri) != 0) uu_die(gettext("Error: Unable to refresh instance %s.\n"), fmri); return (0); }