static DWORD WriteNsswitchConfiguration(const char *rootPrefix, NsswitchConf *conf)
{
DWORD ceError = ERROR_SUCCESS;
DynamicArray printedLine;
int i;
char *tempName = NULL;
char *finalName = NULL;
char *prefixedPath = NULL;
FILE *file = NULL;
memset(&printedLine, 0, sizeof(printedLine));
GCE(ceError = CTAllocateStringPrintf(&prefixedPath, "%s%s", rootPrefix, conf->filename));
GCE(ceError = CTGetFileTempPath(
prefixedPath,
&finalName,
&tempName));
DJ_LOG_INFO("Writing nsswitch configuration for %s", finalName);
ceError = CTOpenFile(tempName, "w", &file);
if(ceError)
{
DJ_LOG_ERROR("Unable to open '%s' for writing", tempName);
GCE(ceError);
}
for(i = 0; i < conf->lines.size; i++)
{
GCE(ceError = GetPrintedLine(&printedLine, conf, i));
GCE(ceError = CTFilePrintf(file, "%s\n", printedLine.data));
}
GCE(ceError = CTCloseFile(file));
file = NULL;
GCE(ceError = CTSafeReplaceFile(
finalName,
tempName));
DJ_LOG_INFO("File moved into place");
cleanup:
if(file != NULL)
CTCloseFile(file);
CTArrayFree(&printedLine);
CT_SAFE_FREE_STRING(tempName);
CT_SAFE_FREE_STRING(finalName);
CT_SAFE_FREE_STRING(prefixedPath);
return ceError;
}
static DWORD ReadSshFile(struct SshConf *conf, const char *rootPrefix, const char *filename)
{
DWORD ceError = ERROR_SUCCESS;
FILE *file = NULL;
PSTR buffer = NULL;
char *fullPath = NULL;
BOOLEAN endOfFile = FALSE;
BOOLEAN exists;
BAIL_ON_CENTERIS_ERROR(ceError = CTAllocateStringPrintf(
&fullPath, "%s%s", rootPrefix, filename));
DJ_LOG_INFO("Reading ssh file %s", fullPath);
BAIL_ON_CENTERIS_ERROR(ceError = CTCheckFileOrLinkExists(fullPath, &exists));
if(!exists)
{
DJ_LOG_INFO("File %s does not exist", fullPath);
ceError = ERROR_FILE_NOT_FOUND;
goto error;
}
BAIL_ON_CENTERIS_ERROR(ceError = CTStrdup(filename,
&conf->filename));
BAIL_ON_CENTERIS_ERROR(ceError = CTOpenFile(fullPath, "r", &file));
CT_SAFE_FREE_STRING(fullPath);
while(TRUE)
{
CT_SAFE_FREE_STRING(buffer);
BAIL_ON_CENTERIS_ERROR(ceError = CTReadNextLine(file, &buffer, &endOfFile));
if(endOfFile)
break;
BAIL_ON_CENTERIS_ERROR(ceError = AddFormattedLine(conf, filename, buffer, NULL));
}
CT_SAFE_FREE_STRING(buffer);
BAIL_ON_CENTERIS_ERROR(ceError = CTCloseFile(file));
file = NULL;
return ceError;
error:
if(file != NULL)
CTCloseFile(file);
CT_SAFE_FREE_STRING(fullPath);
FreeSshConfContents(conf);
CT_SAFE_FREE_STRING(buffer);
return ceError;
}
static DWORD ReadNsswitchFile(NsswitchConf *conf, const char *rootPrefix, const char *filename)
{
DWORD ceError = ERROR_SUCCESS;
FILE *file = NULL;
PSTR buffer = NULL;
char *fullPath = NULL;
BOOLEAN endOfFile = FALSE;
BOOLEAN exists;
if(rootPrefix == NULL)
rootPrefix = "";
GCE(ceError = CTAllocateStringPrintf(
&fullPath, "%s%s", rootPrefix, filename));
DJ_LOG_INFO("Reading nsswitch file %s", fullPath);
GCE(ceError = CTCheckFileOrLinkExists(fullPath, &exists));
if(!exists)
{
DJ_LOG_INFO("File %s does not exist", fullPath);
ceError = ERROR_FILE_NOT_FOUND;
goto cleanup;
}
GCE(ceError = CTStrdup(filename,
&conf->filename));
GCE(ceError = CTOpenFile(fullPath, "r", &file));
CT_SAFE_FREE_STRING(fullPath);
while(TRUE)
{
CT_SAFE_FREE_STRING(buffer);
GCE(ceError = CTReadNextLine(file, &buffer, &endOfFile));
if(endOfFile)
break;
GCE(ceError = AddFormattedLine(conf, filename, buffer, NULL));
}
conf->modified = FALSE;
cleanup:
CT_SAFE_FREE_STRING(buffer);
if(file != NULL)
CTCloseFile(file);
CT_SAFE_FREE_STRING(fullPath);
if(ceError)
FreeNsswitchConfContents(conf);
return ceError;
}
static void ConfigureApparmor(BOOLEAN enable, LWException **exc)
{
DWORD ceError = ERROR_SUCCESS;
BOOLEAN hasApparmor;
BOOLEAN configured;
BOOLEAN usingMr;
FILE *file = NULL;
PCSTR addString;
PSTR restartPath = NULL;
PSTR restartCommand = NULL;
char *tempName = NULL;
char *finalName = NULL;
LW_CLEANUP_CTERR(exc, IsApparmorConfigured(&configured));
if(configured == enable)
goto cleanup;
LW_CLEANUP_CTERR(exc, CTCheckFileOrLinkExists(APPARMOR_NSSWITCH,
&hasApparmor));
if(!hasApparmor)
goto cleanup;
GCE(ceError = CTGetFileTempPath(
APPARMOR_NSSWITCH,
&finalName,
&tempName));
LW_CLEANUP_CTERR(exc, CTCheckFileHoldsPattern(finalName,
"mr,", &usingMr));
if(usingMr)
addString =
PREFIXDIR "/lib/*.so* mr,\n"
PREFIXDIR "/lib64/*.so* mr,\n"
"/tmp/.lwidentity/pipe rw,\n"
LOCALSTATEDIR "/lib/likewise/.lsassd rw,\n"
LOCALSTATEDIR "/tmp/.lsaclient_* rw,\n";
else
addString =
PREFIXDIR "/lib/*.so* r,\n"
PREFIXDIR "/lib64/*.so* r,\n"
"/tmp/.lwidentity/pipe rw,\n"
LOCALSTATEDIR "/lib/likewise/.lsassd rw,\n"
LOCALSTATEDIR "/tmp/.lsaclient_* rw,\n";
if(enable)
{
LW_CLEANUP_CTERR(exc, CTCopyFileWithOriginalPerms(finalName, tempName));
LW_CLEANUP_CTERR(exc, CTOpenFile(tempName, "a", &file));
LW_CLEANUP_CTERR(exc, CTFilePrintf(file, "# likewise\n%s# end likewise\n",
addString));
CTSafeCloseFile(&file);
LW_CLEANUP_CTERR(exc, CTSafeReplaceFile(finalName, tempName));
}
else
{
LW_CLEANUP_CTERR(exc, CTRunSedOnFile(finalName, finalName, FALSE, "/^[ \t]*#[ \t]*likewise[ \t]*$/,/^[ \t]*#[ \t]*end likewise[ \t]*$/d"));
LW_CLEANUP_CTERR(exc, CTRunSedOnFile(finalName, finalName, FALSE, "/^[ \t]*#[ \t]*centeris[ \t]*$/,/^[ \t]*#[ \t]*end centeris[ \t]*$/d"));
}
ceError = CTFindFileInPath("rcapparmor", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", &restartPath);
if(ceError == ERROR_FILE_NOT_FOUND)
{
ceError = CTFindFileInPath("apparmor", "/etc/init.d/apparmor", &restartPath);
}
if(ceError == ERROR_FILE_NOT_FOUND)
{
ceError = ERROR_SUCCESS;
}
else if(!ceError)
{
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(&restartCommand,
"%s restart", restartPath));
LW_TRY(exc, CTCaptureOutputToExc(restartCommand, &LW_EXC));
}
LW_CLEANUP_CTERR(exc, ceError);
cleanup:
if(file != NULL)
{
CTCloseFile(file);
CTRemoveFile(tempName);
}
CT_SAFE_FREE_STRING(restartPath);
CT_SAFE_FREE_STRING(restartCommand);
CT_SAFE_FREE_STRING(tempName);
CT_SAFE_FREE_STRING(finalName);
}
