static char * determine_egroup(void *pobj, int objtype, attribute *pattr) { char *hit = 0; int i; struct array_strings *parst; char *pn; char *ptr; static char groupname[PBS_MAXUSER+1]; /* search the group-list attribute */ if ((pattr->at_flags & ATR_VFLAG_SET) && (parst = pattr->at_val.at_arst)) { for (i=0; i<parst->as_usedptr; i++) { pn = parst->as_string[i]; ptr = strchr(pn, '@'); if (ptr) { /* has host specification */ if (!strncasecmp(server_host, ptr+1, strlen(ptr+1))) { hit = pn; /* option 1. */ break; } } else { /* wildcard host (null) */ hit = pn; /* option 2. */ } } } if (!hit) /* nothing sepecified, return null */ return NULL; /* copy group name into return buffer, strip host name */ cvrt_fqn_to_name(hit, groupname); return (groupname); }
int site_check_user_map(void *pobj, int objtype, char *luser) { char *orighost; char owner[PBS_MAXUSER+1]; char *p1; char *objid; int event_type, event_class; int rc; /* set pointer variables etc based on object's type */ if (objtype == JOB_OBJECT) { p1 = ((job *)pobj)->ji_wattr[JOB_ATR_job_owner].at_val.at_str; objid = ((job *)pobj)->ji_qs.ji_jobid; event_type = PBSEVENT_JOB; event_class = PBS_EVENTCLASS_JOB; } else { p1 = ((resc_resv *)pobj)->ri_wattr[RESV_ATR_resv_owner].at_val.at_str; objid = ((resc_resv *)pobj)->ri_qs.ri_resvID; event_type = PBSEVENT_JOB; event_class = PBS_EVENTCLASS_JOB; } /* the owner name, without the "@host" */ cvrt_fqn_to_name(p1, owner); orighost = strchr(p1, '@'); if ((orighost == (char *)0) || (*++orighost == '\0')) { log_event(event_type, event_class, LOG_INFO, objid, msg_orighost); return (-1); } if (!strcasecmp(orighost, server_host) && !strcmp(owner, luser)) return (0); #ifdef WIN32 rc = ruserok(orighost, isAdminPrivilege(luser), owner, luser); if (rc == -2) { sprintf(log_buffer, "User %s does not exist!", luser); log_err(0, "site_check_user_map", log_buffer); rc = -1; } else if (rc == -3) { sprintf(log_buffer, "User %s's [HOMEDIR]/.rhosts is unreadable! Needs SYSTEM or Everyone access", luser); log_err(0, "site_check_user_map", log_buffer); rc = -1; } #else rc = ruserok(orighost, 0, owner, luser); #endif #ifdef sun /* broken Sun ruserok() sets process so it appears to be owned */ /* by the luser, change it back for cosmetic reasons */ if (setuid(0) == -1) { log_err(errno, "site_check_user_map", "cannot go back to root"); exit(1); } #endif /* sun */ return (rc); }
static char * determine_euser(void *pobj, int objtype, attribute *pattr, int *isowner) { char *hit = 0; int i; struct array_strings *parst; char *pn; char *ptr; int idx_owner; attribute *objattrs; static char username[PBS_MAXUSER+1]; #ifdef WIN32 extern int read_cred(job *pjob, char **cred, size_t *len); extern int decrypt_pwd(char *crypted, size_t len, char **passwd); #endif memset(username,'\0', sizeof(username)); /* set index and pointers based on object type */ if (objtype == JOB_OBJECT) { idx_owner = (int)JOB_ATR_job_owner; objattrs = &((job *)pobj)->ji_wattr[0]; } else { idx_owner = (int)RESV_ATR_resv_owner; objattrs = &((resc_resv *)pobj)->ri_wattr[0]; } /* search the User_List attribute */ if ((pattr->at_flags & ATR_VFLAG_SET) && (parst = pattr->at_val.at_arst) ) { *isowner = 0; for (i=0; i<parst->as_usedptr; i++) { pn = parst->as_string[i]; ptr = strchr(pn, '@'); if (ptr) { /* if has host specification, check for the complete host name, if host name is incorrect, hit is not set */ if (!strcasecmp(server_host, ptr+1)) { hit = pn; /* option 1. */ break; } } else { /* wildcard host (null) */ hit = pn; /* option 2. */ } } } if (!(pattr->at_flags & ATR_VFLAG_SET)) { /* if no user is specified, default to the object owner ( 3.) */ hit = objattrs[idx_owner].at_val.at_str; *isowner = 1; } /* copy user name into return buffer and strip off host name only when hit is set * i.e. when either no user is specified(in this case, default the job to the object owner) * or a user is provided with the correct host name. * If not set, job can't be run as no user to run the job */ if (hit) { cvrt_fqn_to_name(hit, username); } return (username); }