afs_int32
SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno,
struct bozo_key *akey, struct bozo_keyInfo *akeyinfo)
{
struct afsconf_keys tkeys;
afs_int32 code;
struct stat tstat;
int noauth = 0;
char caller[MAXKTCNAMELEN];
rxkad_level enc_level = rxkad_clear;
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing ListKeys\n", caller);
code = afsconf_GetKeys(bozo_confdir, &tkeys);
if (code)
goto fail;
if (tkeys.nkeys <= an) {
code = BZDOM;
goto fail;
}
*akvno = tkeys.key[an].kvno;
memset(akeyinfo, 0, sizeof(struct bozo_keyInfo));
noauth = afsconf_GetNoAuthFlag(bozo_confdir);
rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0);
/*
* only return actual keys in noauth or if this is an encrypted connection
*/
if ((noauth) || (enc_level == rxkad_crypt)) {
memcpy(akey, tkeys.key[an].key, 8);
} else
memset(akey, 0, 8);
code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat);
if (code == 0) {
akeyinfo->mod_sec = tstat.st_mtime;
}
/* This will return an error if the key is 'bad' (bad checksum, weak DES
* key, etc). But we don't care, since we can still return the other
* information about the key, so ignore the result. */
(void)ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum);
fail:
if (noauth)
osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END);
osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno,
struct bozo_key *akey, struct bozo_keyInfo *akeyinfo)
{
struct afsconf_keys tkeys;
afs_int32 code;
struct stat tstat;
int noauth = 0;
char caller[MAXKTCNAMELEN];
rxkad_level enc_level = rxkad_clear;
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing ListKeys\n", caller);
code = afsconf_GetKeys(bozo_confdir, &tkeys);
if (code)
goto fail;
if (tkeys.nkeys <= an) {
code = BZDOM;
goto fail;
}
*akvno = tkeys.key[an].kvno;
memset(akeyinfo, 0, sizeof(struct bozo_keyInfo));
noauth = afsconf_GetNoAuthFlag(bozo_confdir);
rxkad_GetServerInfo(acall->conn, &enc_level, 0, 0, 0, 0, 0);
/*
* only return actual keys in noauth or if this is an encrypted connection
*/
if ((noauth) || (enc_level == rxkad_crypt)) {
memcpy(akey, tkeys.key[an].key, 8);
} else
memset(akey, 0, 8);
code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat);
if (code == 0) {
akeyinfo->mod_sec = tstat.st_mtime;
}
ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum);
/* only errors is bad key parity */
fail:
if (noauth)
osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END);
osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_UnInstall(struct rx_call *acall, char *aname)
{
char *filepath;
char fpOld[AFSDIR_PATH_MAX], fpBak[AFSDIR_PATH_MAX];
afs_int32 code;
char caller[MAXKTCNAMELEN];
struct stat tstat;
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END);
return code;
}
if (bozo_isrestricted) {
code = BZACCESS;
osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END);
return code;
}
/* construct local path from canonical (wire-format) path */
if (ConstructLocalBinPath(aname, &filepath)) {
return BZNOENT;
}
if (DoLogging)
bozo_Log("%s is executing UnInstall '%s'\n", caller, filepath);
strcpy(fpBak, filepath);
strcat(fpBak, ".BAK");
strcpy(fpOld, filepath);
strcat(fpOld, ".OLD");
code = rk_rename(fpBak, filepath);
if (code) {
/* can't find .BAK, try .OLD */
code = rk_rename(fpOld, filepath);
if (code && errno == ENOENT) /* If doesn't exist don't fail */
code = 0;
} else {
/* now rename .OLD to .BAK */
if (stat(fpOld, &tstat) == 0)
code = rk_rename(fpOld, fpBak);
}
if (code)
code = errno;
osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, filepath, AUD_END);
free(filepath);
return code;
}
/* shutdown and restart */
afs_int32
SBOZO_RestartAll(struct rx_call *acall)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing RestartAll\n", caller);
/* start shutdown of all processes */
code = bnode_ApplyInstance(sdproc, NULL);
if (code)
goto fail;
/* wait for all done */
code = bnode_ApplyInstance(swproc, NULL);
if (code)
goto fail;
/* start them up again */
code = bnode_ApplyInstance(stproc, NULL);
fail:
osi_auditU(acall, BOS_RestartAllEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_Restart(struct rx_call *acall, char *ainstance)
{
struct bnode *tb;
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing Restart '%s'\n", caller, ainstance);
tb = bnode_FindInstance(ainstance);
if (!tb) {
code = BZNOENT;
goto fail;
}
bnode_Hold(tb);
bnode_SetStat(tb, BSTAT_SHUTDOWN);
code = bnode_WaitStatus(tb, BSTAT_SHUTDOWN); /* this can fail */
bnode_ResetErrorCount(tb);
bnode_SetStat(tb, BSTAT_NORMAL);
bnode_Release(tb);
fail:
osi_auditU(acall, BOS_RestartEvent, code, AUD_STR, ainstance, AUD_END);
return code;
}
afs_int32
SBOZO_AddKey(struct rx_call *acall, afs_int32 an, struct bozo_key *akey)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
rxkad_level enc_level = rxkad_clear;
int noauth;
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
noauth = afsconf_GetNoAuthFlag(bozo_confdir);
rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0);
if ((!noauth) && (enc_level != rxkad_crypt)) {
code = BZENCREQ;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing AddKey\n", caller);
code = afsconf_AddKey(bozo_confdir, an, akey->data, 0);
if (code == AFSCONF_KEYINUSE)
code = BZKEYINUSE; /* Unique code for afs rpc calls */
fail:
osi_auditU(acall, BOS_AddKeyEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_SetStatus(struct rx_call *acall, char *ainstance, afs_int32 astatus)
{
struct bnode *tb;
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing SetStatus '%s' (status = %d)\n", caller,
ainstance, astatus);
tb = bnode_FindInstance(ainstance);
if (!tb) {
code = BZNOENT;
goto fail;
}
bnode_Hold(tb);
bnode_SetFileGoal(tb, astatus);
code = bnode_SetStat(tb, astatus);
bnode_Release(tb);
fail:
osi_auditU(acall, BOS_SetStatusEvent, code, AUD_STR, ainstance, AUD_END);
return code;
}
afs_int32
SBOZO_Exec(struct rx_call *acall, char *acmd)
{
char caller[MAXKTCNAMELEN];
int code;
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (bozo_isrestricted) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing the shell command '%s'\n", caller, acmd);
/* should copy output to acall, but don't yet cause its hard */
/* hard... NOT! Nnow _at least_ return the exit status */
code = system(acmd);
osi_auditU(acall, BOS_ExecEvent, code, AUD_STR, acmd, AUD_END);
fail:
return code;
}
afs_int32
SBUDB_GetInstanceId(struct rx_call *call, afs_uint32 *instanceId)
{
afs_int32 code;
code = GetInstanceId(call, instanceId);
osi_auditU(call, BUDB_GetIIdEvent, code, AUD_END);
return code;
}
afs_int32
SBUDB_FreeAllLocks(struct rx_call *call, afs_uint32 instanceId)
{
afs_int32 code;
code = FreeAllLocks(call, instanceId);
osi_auditU(call, BUDB_FrALckEvent, code, AUD_END);
return code;
}
afs_int32
SBUDB_FreeLock(struct rx_call *call, afs_uint32 lockHandle)
{
afs_int32 code;
code = FreeLock(call, lockHandle);
osi_auditU(call, BUDB_FreLckEvent, code, AUD_END);
return code;
}
afs_int32
SBUDB_RestoreDbHeader(struct rx_call *call, struct DbHeader *header)
{
afs_int32 code;
code = RestoreDbHeader(call, header);
osi_auditU(call, BUDB_RstDBHEvent, code, AUD_END);
return code;
}
afs_int32
SBUDB_DumpDB(struct rx_call *call, int firstcall, afs_int32 maxLength,
charListT *charListPtr, afs_int32 *done)
{
afs_int32 code;
code = DumpDB(call, firstcall, maxLength, charListPtr, done);
osi_auditU(call, BUDB_DmpDBEvent, code, AUD_END);
return code;
}
afs_int32
SBUDB_GetLock(struct rx_call *call, afs_uint32 instanceId, afs_int32 lockName,
afs_int32 expiration, afs_uint32 *lockHandle)
{
afs_int32 code;
code = GetLock(call, instanceId, lockName, expiration, lockHandle);
osi_auditU(call, BUDB_GetLckEvent, code, AUD_END);
return code;
}
afs_int32
SBUDB_GetTextVersion(struct rx_call *call, afs_int32 textType,
afs_uint32 *tversion)
{
afs_int32 code;
code = GetTextVersion(call, textType, tversion);
osi_auditU(call, BUDB_GetTxVEvent, code, AUD_LONG, textType, AUD_END);
return code;
}
afs_int32
SBOZO_ReBozo(struct rx_call *acall)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
/* acall is null if called internally to restart bosserver */
if (acall && !afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing ReBozo\n", caller);
/* start shutdown of all processes */
code = bnode_ApplyInstance(sdproc, NULL);
if (code)
goto fail;
/* wait for all done */
code = bnode_ApplyInstance(swproc, NULL);
if (code)
goto fail;
if (acall)
osi_auditU(acall, BOS_RebozoEvent, code, AUD_END);
else
osi_audit(BOS_RebozoIntEvent, code, AUD_END);
if (acall)
rx_EndCall(acall, 0); /* try to get it done */
rx_Finalize();
bozo_ReBozo(); /* this reexecs us, and doesn't return, of course */
fail:
/* Differentiate between external and internal ReBozo; prevents AFS_Aud_NoCall event */
if (acall)
osi_auditU(acall, BOS_RebozoEvent, code, AUD_END);
else
osi_audit(BOS_RebozoIntEvent, code, AUD_END);
return code; /* should only get here in unusual circumstances */
}
afs_int32
SBUDB_SaveText(struct rx_call *call, afs_uint32 lockHandle,
afs_int32 textType, afs_int32 offset, afs_int32 flags,
charListT *charListPtr)
{
afs_int32 code;
code = SaveText(call, lockHandle, textType, offset, flags, charListPtr);
osi_auditU(call, BUDB_SavTxtEvent, code, AUD_LONG, textType, AUD_END);
return code;
}
afs_int32
SBOZO_Prune(struct rx_call *acall, afs_int32 aflags)
{
afs_int32 code;
DIR *dirp;
struct dirent *tde;
int i;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (bozo_isrestricted) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing Prune (flags=%d)\n", caller, aflags);
/* first scan AFS binary directory */
dirp = opendir(AFSDIR_SERVER_BIN_DIRPATH);
if (dirp) {
for (tde = readdir(dirp); tde; tde = readdir(dirp)) {
i = strlen(tde->d_name);
if (aflags & BOZO_PRUNEOLD) {
if (i >= 4 && strncmp(tde->d_name + i - 4, ".OLD", 4) == 0)
ZapFile(AFSDIR_SERVER_BIN_DIRPATH, tde->d_name);
}
if (aflags & BOZO_PRUNEBAK) {
if (i >= 4 && strncmp(tde->d_name + i - 4, ".BAK", 4) == 0)
ZapFile(AFSDIR_SERVER_BIN_DIRPATH, tde->d_name);
}
}
closedir(dirp);
}
/* then scan AFS log directory */
dirp = opendir(AFSDIR_SERVER_LOGS_DIRPATH);
if (dirp) {
for (tde = readdir(dirp); tde; tde = readdir(dirp)) {
if (aflags & BOZO_PRUNECORE) {
if (strncmp(tde->d_name, AFSDIR_CORE_FILE, 4) == 0)
ZapFile(AFSDIR_SERVER_LOGS_DIRPATH, tde->d_name);
}
}
closedir(dirp);
}
code = 0;
fail:
osi_auditU(acall, BOS_PruneLogs, code, AUD_END);
return code;
}
afs_int32
SBUDB_GetText(struct rx_call *call, afs_uint32 lockHandle, afs_int32 textType,
afs_int32 maxLength, afs_int32 offset, afs_int32 *nextOffset,
charListT *charListPtr)
{
afs_int32 code;
code =
GetText(call, lockHandle, textType, maxLength, offset, nextOffset,
charListPtr);
osi_auditU(call, BUDB_GetTxtEvent, code, AUD_LONG, textType, AUD_END);
return code;
}
afs_int32
SBOZO_ListSUsers(struct rx_call *acall, afs_int32 an, char **aname)
{
afs_int32 code;
char *tp;
tp = *aname = malloc(256);
*tp = 0; /* in case getnthuser doesn't null-terminate the string */
code = afsconf_GetNthUser(bozo_confdir, an, tp, 256);
/* fail: */
osi_auditU(acall, BOS_ListSUserEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_DeleteCellHost(struct rx_call *acall, char *aname)
{
afs_int32 code;
struct afsconf_cell tcell;
afs_int32 which;
int i;
char caller[MAXKTCNAMELEN];
char clones[MAXHOSTSPERCELL];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing DeleteCellHost '%s'\n", caller, aname);
code =
afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell,
clones);
if (code)
goto fail;
which = -1;
for (i = 0; i < tcell.numServers; i++) {
if (strcmp(tcell.hostName[i], aname) == 0) {
which = i;
break;
}
}
if (which < 0) {
code = BZNOENT;
goto fail;
}
memset(&tcell.hostAddr[which], 0, sizeof(struct sockaddr_in));
memset(tcell.hostName[which], 0, MAXHOSTCHARS);
code =
afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH,
&tcell, clones);
fail:
osi_auditU(acall, BOS_DeleteHostEvent, code, AUD_STR, aname, AUD_END);
return code;
}
/* make sure all are running */
afs_int32
SBOZO_StartupAll(struct rx_call *acall)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing StartupAll\n", caller);
code = bnode_ApplyInstance(stproc, NULL);
fail:
osi_auditU(acall, BOS_StartupAllEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_SetNoAuthFlag(struct rx_call *acall, afs_int32 aflag)
{
afs_int32 code = 0;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing Set No Authentication\n", caller);
afsconf_SetNoAuthFlag(bozo_confdir, aflag);
fail:
osi_auditU(acall, BOS_SetNoAuthEvent, code, AUD_LONG, aflag, AUD_END);
return code;
}
afs_int32
SBOZO_DeleteKey(struct rx_call *acall, afs_int32 an)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing DeleteKey\n", caller);
code = afsconf_DeleteKey(bozo_confdir, an);
fail:
osi_auditU(acall, BOS_DeleteKeyEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_AddSUser(struct rx_call *acall, char *aname)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing Add SuperUser '%s'\n", caller, aname);
code = afsconf_AddUser(bozo_confdir, aname);
fail:
osi_auditU(acall, BOS_AddSUserEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_WaitAll(struct rx_call *acall)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing Wait for All\n", caller);
code = bnode_WaitAll();
fail:
osi_auditU(acall, BOS_WaitAllEvent, code, AUD_END);
return code;
}
/* shutdown and leave down */
afs_int32
SBOZO_ShutdownAll(struct rx_call *acall)
{
/* iterate over all bnodes, setting the status to temporarily disabled */
afs_int32 code;
char caller[MAXKTCNAMELEN];
/* check for authorization */
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing ShutdownAll\n", caller);
code = bnode_ApplyInstance(sdproc, NULL);
fail:
osi_auditU(acall, BOS_ShutdownAllEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_CreateBnode(struct rx_call *acall, char *atype, char *ainstance,
char *ap1, char *ap2, char *ap3, char *ap4, char *ap5,
char *notifier)
{
struct bnode *tb;
afs_int32 code;
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (bozo_isrestricted) {
const char *salvpath = AFSDIR_CANONICAL_SERVER_SALVAGER_FILEPATH;
/* for DAFS, 'bos salvage' will pass "salvageserver -client" instead */
const char *salsrvpath = AFSDIR_CANONICAL_SERVER_SALSRV_FILEPATH " -client ";
/* still allow 'bos salvage' to work */
if (strcmp(atype, "cron") || strcmp(ainstance, "salvage-tmp")
|| strcmp(ap2, "now")
|| (strncmp(ap1, salvpath, strlen(salvpath))
&& strncmp(ap1, salsrvpath, strlen(salsrvpath)))) {
code = BZACCESS;
goto fail;
}
}
code =
bnode_Create(atype, ainstance, &tb, ap1, ap2, ap3, ap4, ap5, notifier,
BSTAT_NORMAL, 1);
if (!code)
bnode_SetStat(tb, BSTAT_NORMAL);
fail:
osi_auditU(acall, BOS_CreateBnodeEvent, code, AUD_END);
return code;
}
afs_int32
SBOZO_SetCellName(struct rx_call *acall, char *aname)
{
struct afsconf_cell tcell;
afs_int32 code;
char caller[MAXKTCNAMELEN];
char clones[MAXHOSTSPERCELL];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing SetCellName '%s'\n", caller, aname);
code =
afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell,
clones);
if (code)
goto fail;
/* Check that tcell has enough space for the new cellname. */
if (strlen(aname) > sizeof tcell.name - 1) {
bozo_Log
("ERROR: SetCellName: cell name '%s' exceeds %ld bytes (cell name not changed)\n",
aname, (long)(sizeof tcell.name - 1));
code = BZDOM;
goto fail;
}
strcpy(tcell.name, aname);
code =
afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH,
&tcell, clones);
fail:
osi_auditU(acall, BOS_SetCellEvent, code, AUD_STR, aname, AUD_END);
return code;
}
afs_int32
SBOZO_SetRestartTime(struct rx_call *acall, afs_int32 atype, struct bozo_netKTime *aktime)
{
afs_int32 code;
char caller[MAXKTCNAMELEN];
/* check for proper permissions */
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
code = BZACCESS;
goto fail;
}
if (DoLogging)
bozo_Log("%s is executing SetRestartTime\n", caller);
code = 0; /* assume success */
switch (atype) {
case 1:
memcpy(&bozo_nextRestartKT, aktime, sizeof(struct ktime));
break;
case 2:
memcpy(&bozo_nextDayKT, aktime, sizeof(struct ktime));
break;
default:
code = BZDOM;
break;
}
if (code == 0) {
/* try to update the bozo init file */
code = WriteBozoFile(0);
bozo_newKTs = 1;
}
fail:
osi_auditU(acall, BOS_SetRestartEvent, code, AUD_END);
return code;
}
