afs_int32 SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno, struct bozo_key *akey, struct bozo_keyInfo *akeyinfo) { struct afsconf_keys tkeys; afs_int32 code; struct stat tstat; int noauth = 0; char caller[MAXKTCNAMELEN]; rxkad_level enc_level = rxkad_clear; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing ListKeys\n", caller); code = afsconf_GetKeys(bozo_confdir, &tkeys); if (code) goto fail; if (tkeys.nkeys <= an) { code = BZDOM; goto fail; } *akvno = tkeys.key[an].kvno; memset(akeyinfo, 0, sizeof(struct bozo_keyInfo)); noauth = afsconf_GetNoAuthFlag(bozo_confdir); rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0); /* * only return actual keys in noauth or if this is an encrypted connection */ if ((noauth) || (enc_level == rxkad_crypt)) { memcpy(akey, tkeys.key[an].key, 8); } else memset(akey, 0, 8); code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat); if (code == 0) { akeyinfo->mod_sec = tstat.st_mtime; } /* This will return an error if the key is 'bad' (bad checksum, weak DES * key, etc). But we don't care, since we can still return the other * information about the key, so ignore the result. */ (void)ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum); fail: if (noauth) osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END); osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END); return code; }
afs_int32 SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno, struct bozo_key *akey, struct bozo_keyInfo *akeyinfo) { struct afsconf_keys tkeys; afs_int32 code; struct stat tstat; int noauth = 0; char caller[MAXKTCNAMELEN]; rxkad_level enc_level = rxkad_clear; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing ListKeys\n", caller); code = afsconf_GetKeys(bozo_confdir, &tkeys); if (code) goto fail; if (tkeys.nkeys <= an) { code = BZDOM; goto fail; } *akvno = tkeys.key[an].kvno; memset(akeyinfo, 0, sizeof(struct bozo_keyInfo)); noauth = afsconf_GetNoAuthFlag(bozo_confdir); rxkad_GetServerInfo(acall->conn, &enc_level, 0, 0, 0, 0, 0); /* * only return actual keys in noauth or if this is an encrypted connection */ if ((noauth) || (enc_level == rxkad_crypt)) { memcpy(akey, tkeys.key[an].key, 8); } else memset(akey, 0, 8); code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat); if (code == 0) { akeyinfo->mod_sec = tstat.st_mtime; } ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum); /* only errors is bad key parity */ fail: if (noauth) osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END); osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END); return code; }
afs_int32 SBOZO_UnInstall(struct rx_call *acall, char *aname) { char *filepath; char fpOld[AFSDIR_PATH_MAX], fpBak[AFSDIR_PATH_MAX]; afs_int32 code; char caller[MAXKTCNAMELEN]; struct stat tstat; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END); return code; } if (bozo_isrestricted) { code = BZACCESS; osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END); return code; } /* construct local path from canonical (wire-format) path */ if (ConstructLocalBinPath(aname, &filepath)) { return BZNOENT; } if (DoLogging) bozo_Log("%s is executing UnInstall '%s'\n", caller, filepath); strcpy(fpBak, filepath); strcat(fpBak, ".BAK"); strcpy(fpOld, filepath); strcat(fpOld, ".OLD"); code = rk_rename(fpBak, filepath); if (code) { /* can't find .BAK, try .OLD */ code = rk_rename(fpOld, filepath); if (code && errno == ENOENT) /* If doesn't exist don't fail */ code = 0; } else { /* now rename .OLD to .BAK */ if (stat(fpOld, &tstat) == 0) code = rk_rename(fpOld, fpBak); } if (code) code = errno; osi_auditU(acall, BOS_UnInstallEvent, code, AUD_STR, filepath, AUD_END); free(filepath); return code; }
/* shutdown and restart */ afs_int32 SBOZO_RestartAll(struct rx_call *acall) { afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing RestartAll\n", caller); /* start shutdown of all processes */ code = bnode_ApplyInstance(sdproc, NULL); if (code) goto fail; /* wait for all done */ code = bnode_ApplyInstance(swproc, NULL); if (code) goto fail; /* start them up again */ code = bnode_ApplyInstance(stproc, NULL); fail: osi_auditU(acall, BOS_RestartAllEvent, code, AUD_END); return code; }
afs_int32 SBOZO_Restart(struct rx_call *acall, char *ainstance) { struct bnode *tb; afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing Restart '%s'\n", caller, ainstance); tb = bnode_FindInstance(ainstance); if (!tb) { code = BZNOENT; goto fail; } bnode_Hold(tb); bnode_SetStat(tb, BSTAT_SHUTDOWN); code = bnode_WaitStatus(tb, BSTAT_SHUTDOWN); /* this can fail */ bnode_ResetErrorCount(tb); bnode_SetStat(tb, BSTAT_NORMAL); bnode_Release(tb); fail: osi_auditU(acall, BOS_RestartEvent, code, AUD_STR, ainstance, AUD_END); return code; }
afs_int32 SBOZO_AddKey(struct rx_call *acall, afs_int32 an, struct bozo_key *akey) { afs_int32 code; char caller[MAXKTCNAMELEN]; rxkad_level enc_level = rxkad_clear; int noauth; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } noauth = afsconf_GetNoAuthFlag(bozo_confdir); rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0); if ((!noauth) && (enc_level != rxkad_crypt)) { code = BZENCREQ; goto fail; } if (DoLogging) bozo_Log("%s is executing AddKey\n", caller); code = afsconf_AddKey(bozo_confdir, an, akey->data, 0); if (code == AFSCONF_KEYINUSE) code = BZKEYINUSE; /* Unique code for afs rpc calls */ fail: osi_auditU(acall, BOS_AddKeyEvent, code, AUD_END); return code; }
afs_int32 SBOZO_SetStatus(struct rx_call *acall, char *ainstance, afs_int32 astatus) { struct bnode *tb; afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing SetStatus '%s' (status = %d)\n", caller, ainstance, astatus); tb = bnode_FindInstance(ainstance); if (!tb) { code = BZNOENT; goto fail; } bnode_Hold(tb); bnode_SetFileGoal(tb, astatus); code = bnode_SetStat(tb, astatus); bnode_Release(tb); fail: osi_auditU(acall, BOS_SetStatusEvent, code, AUD_STR, ainstance, AUD_END); return code; }
afs_int32 SBOZO_Exec(struct rx_call *acall, char *acmd) { char caller[MAXKTCNAMELEN]; int code; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (bozo_isrestricted) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing the shell command '%s'\n", caller, acmd); /* should copy output to acall, but don't yet cause its hard */ /* hard... NOT! Nnow _at least_ return the exit status */ code = system(acmd); osi_auditU(acall, BOS_ExecEvent, code, AUD_STR, acmd, AUD_END); fail: return code; }
afs_int32 SBUDB_GetInstanceId(struct rx_call *call, afs_uint32 *instanceId) { afs_int32 code; code = GetInstanceId(call, instanceId); osi_auditU(call, BUDB_GetIIdEvent, code, AUD_END); return code; }
afs_int32 SBUDB_FreeAllLocks(struct rx_call *call, afs_uint32 instanceId) { afs_int32 code; code = FreeAllLocks(call, instanceId); osi_auditU(call, BUDB_FrALckEvent, code, AUD_END); return code; }
afs_int32 SBUDB_FreeLock(struct rx_call *call, afs_uint32 lockHandle) { afs_int32 code; code = FreeLock(call, lockHandle); osi_auditU(call, BUDB_FreLckEvent, code, AUD_END); return code; }
afs_int32 SBUDB_RestoreDbHeader(struct rx_call *call, struct DbHeader *header) { afs_int32 code; code = RestoreDbHeader(call, header); osi_auditU(call, BUDB_RstDBHEvent, code, AUD_END); return code; }
afs_int32 SBUDB_DumpDB(struct rx_call *call, int firstcall, afs_int32 maxLength, charListT *charListPtr, afs_int32 *done) { afs_int32 code; code = DumpDB(call, firstcall, maxLength, charListPtr, done); osi_auditU(call, BUDB_DmpDBEvent, code, AUD_END); return code; }
afs_int32 SBUDB_GetLock(struct rx_call *call, afs_uint32 instanceId, afs_int32 lockName, afs_int32 expiration, afs_uint32 *lockHandle) { afs_int32 code; code = GetLock(call, instanceId, lockName, expiration, lockHandle); osi_auditU(call, BUDB_GetLckEvent, code, AUD_END); return code; }
afs_int32 SBUDB_GetTextVersion(struct rx_call *call, afs_int32 textType, afs_uint32 *tversion) { afs_int32 code; code = GetTextVersion(call, textType, tversion); osi_auditU(call, BUDB_GetTxVEvent, code, AUD_LONG, textType, AUD_END); return code; }
afs_int32 SBOZO_ReBozo(struct rx_call *acall) { afs_int32 code; char caller[MAXKTCNAMELEN]; /* acall is null if called internally to restart bosserver */ if (acall && !afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing ReBozo\n", caller); /* start shutdown of all processes */ code = bnode_ApplyInstance(sdproc, NULL); if (code) goto fail; /* wait for all done */ code = bnode_ApplyInstance(swproc, NULL); if (code) goto fail; if (acall) osi_auditU(acall, BOS_RebozoEvent, code, AUD_END); else osi_audit(BOS_RebozoIntEvent, code, AUD_END); if (acall) rx_EndCall(acall, 0); /* try to get it done */ rx_Finalize(); bozo_ReBozo(); /* this reexecs us, and doesn't return, of course */ fail: /* Differentiate between external and internal ReBozo; prevents AFS_Aud_NoCall event */ if (acall) osi_auditU(acall, BOS_RebozoEvent, code, AUD_END); else osi_audit(BOS_RebozoIntEvent, code, AUD_END); return code; /* should only get here in unusual circumstances */ }
afs_int32 SBUDB_SaveText(struct rx_call *call, afs_uint32 lockHandle, afs_int32 textType, afs_int32 offset, afs_int32 flags, charListT *charListPtr) { afs_int32 code; code = SaveText(call, lockHandle, textType, offset, flags, charListPtr); osi_auditU(call, BUDB_SavTxtEvent, code, AUD_LONG, textType, AUD_END); return code; }
afs_int32 SBOZO_Prune(struct rx_call *acall, afs_int32 aflags) { afs_int32 code; DIR *dirp; struct dirent *tde; int i; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (bozo_isrestricted) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing Prune (flags=%d)\n", caller, aflags); /* first scan AFS binary directory */ dirp = opendir(AFSDIR_SERVER_BIN_DIRPATH); if (dirp) { for (tde = readdir(dirp); tde; tde = readdir(dirp)) { i = strlen(tde->d_name); if (aflags & BOZO_PRUNEOLD) { if (i >= 4 && strncmp(tde->d_name + i - 4, ".OLD", 4) == 0) ZapFile(AFSDIR_SERVER_BIN_DIRPATH, tde->d_name); } if (aflags & BOZO_PRUNEBAK) { if (i >= 4 && strncmp(tde->d_name + i - 4, ".BAK", 4) == 0) ZapFile(AFSDIR_SERVER_BIN_DIRPATH, tde->d_name); } } closedir(dirp); } /* then scan AFS log directory */ dirp = opendir(AFSDIR_SERVER_LOGS_DIRPATH); if (dirp) { for (tde = readdir(dirp); tde; tde = readdir(dirp)) { if (aflags & BOZO_PRUNECORE) { if (strncmp(tde->d_name, AFSDIR_CORE_FILE, 4) == 0) ZapFile(AFSDIR_SERVER_LOGS_DIRPATH, tde->d_name); } } closedir(dirp); } code = 0; fail: osi_auditU(acall, BOS_PruneLogs, code, AUD_END); return code; }
afs_int32 SBUDB_GetText(struct rx_call *call, afs_uint32 lockHandle, afs_int32 textType, afs_int32 maxLength, afs_int32 offset, afs_int32 *nextOffset, charListT *charListPtr) { afs_int32 code; code = GetText(call, lockHandle, textType, maxLength, offset, nextOffset, charListPtr); osi_auditU(call, BUDB_GetTxtEvent, code, AUD_LONG, textType, AUD_END); return code; }
afs_int32 SBOZO_ListSUsers(struct rx_call *acall, afs_int32 an, char **aname) { afs_int32 code; char *tp; tp = *aname = malloc(256); *tp = 0; /* in case getnthuser doesn't null-terminate the string */ code = afsconf_GetNthUser(bozo_confdir, an, tp, 256); /* fail: */ osi_auditU(acall, BOS_ListSUserEvent, code, AUD_END); return code; }
afs_int32 SBOZO_DeleteCellHost(struct rx_call *acall, char *aname) { afs_int32 code; struct afsconf_cell tcell; afs_int32 which; int i; char caller[MAXKTCNAMELEN]; char clones[MAXHOSTSPERCELL]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing DeleteCellHost '%s'\n", caller, aname); code = afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell, clones); if (code) goto fail; which = -1; for (i = 0; i < tcell.numServers; i++) { if (strcmp(tcell.hostName[i], aname) == 0) { which = i; break; } } if (which < 0) { code = BZNOENT; goto fail; } memset(&tcell.hostAddr[which], 0, sizeof(struct sockaddr_in)); memset(tcell.hostName[which], 0, MAXHOSTCHARS); code = afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH, &tcell, clones); fail: osi_auditU(acall, BOS_DeleteHostEvent, code, AUD_STR, aname, AUD_END); return code; }
/* make sure all are running */ afs_int32 SBOZO_StartupAll(struct rx_call *acall) { afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing StartupAll\n", caller); code = bnode_ApplyInstance(stproc, NULL); fail: osi_auditU(acall, BOS_StartupAllEvent, code, AUD_END); return code; }
afs_int32 SBOZO_SetNoAuthFlag(struct rx_call *acall, afs_int32 aflag) { afs_int32 code = 0; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing Set No Authentication\n", caller); afsconf_SetNoAuthFlag(bozo_confdir, aflag); fail: osi_auditU(acall, BOS_SetNoAuthEvent, code, AUD_LONG, aflag, AUD_END); return code; }
afs_int32 SBOZO_DeleteKey(struct rx_call *acall, afs_int32 an) { afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing DeleteKey\n", caller); code = afsconf_DeleteKey(bozo_confdir, an); fail: osi_auditU(acall, BOS_DeleteKeyEvent, code, AUD_END); return code; }
afs_int32 SBOZO_AddSUser(struct rx_call *acall, char *aname) { afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing Add SuperUser '%s'\n", caller, aname); code = afsconf_AddUser(bozo_confdir, aname); fail: osi_auditU(acall, BOS_AddSUserEvent, code, AUD_END); return code; }
afs_int32 SBOZO_WaitAll(struct rx_call *acall) { afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing Wait for All\n", caller); code = bnode_WaitAll(); fail: osi_auditU(acall, BOS_WaitAllEvent, code, AUD_END); return code; }
/* shutdown and leave down */ afs_int32 SBOZO_ShutdownAll(struct rx_call *acall) { /* iterate over all bnodes, setting the status to temporarily disabled */ afs_int32 code; char caller[MAXKTCNAMELEN]; /* check for authorization */ if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing ShutdownAll\n", caller); code = bnode_ApplyInstance(sdproc, NULL); fail: osi_auditU(acall, BOS_ShutdownAllEvent, code, AUD_END); return code; }
afs_int32 SBOZO_CreateBnode(struct rx_call *acall, char *atype, char *ainstance, char *ap1, char *ap2, char *ap3, char *ap4, char *ap5, char *notifier) { struct bnode *tb; afs_int32 code; char caller[MAXKTCNAMELEN]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (bozo_isrestricted) { const char *salvpath = AFSDIR_CANONICAL_SERVER_SALVAGER_FILEPATH; /* for DAFS, 'bos salvage' will pass "salvageserver -client" instead */ const char *salsrvpath = AFSDIR_CANONICAL_SERVER_SALSRV_FILEPATH " -client "; /* still allow 'bos salvage' to work */ if (strcmp(atype, "cron") || strcmp(ainstance, "salvage-tmp") || strcmp(ap2, "now") || (strncmp(ap1, salvpath, strlen(salvpath)) && strncmp(ap1, salsrvpath, strlen(salsrvpath)))) { code = BZACCESS; goto fail; } } code = bnode_Create(atype, ainstance, &tb, ap1, ap2, ap3, ap4, ap5, notifier, BSTAT_NORMAL, 1); if (!code) bnode_SetStat(tb, BSTAT_NORMAL); fail: osi_auditU(acall, BOS_CreateBnodeEvent, code, AUD_END); return code; }
afs_int32 SBOZO_SetCellName(struct rx_call *acall, char *aname) { struct afsconf_cell tcell; afs_int32 code; char caller[MAXKTCNAMELEN]; char clones[MAXHOSTSPERCELL]; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing SetCellName '%s'\n", caller, aname); code = afsconf_GetExtendedCellInfo(bozo_confdir, NULL, NULL, &tcell, clones); if (code) goto fail; /* Check that tcell has enough space for the new cellname. */ if (strlen(aname) > sizeof tcell.name - 1) { bozo_Log ("ERROR: SetCellName: cell name '%s' exceeds %ld bytes (cell name not changed)\n", aname, (long)(sizeof tcell.name - 1)); code = BZDOM; goto fail; } strcpy(tcell.name, aname); code = afsconf_SetExtendedCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH, &tcell, clones); fail: osi_auditU(acall, BOS_SetCellEvent, code, AUD_STR, aname, AUD_END); return code; }
afs_int32 SBOZO_SetRestartTime(struct rx_call *acall, afs_int32 atype, struct bozo_netKTime *aktime) { afs_int32 code; char caller[MAXKTCNAMELEN]; /* check for proper permissions */ if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing SetRestartTime\n", caller); code = 0; /* assume success */ switch (atype) { case 1: memcpy(&bozo_nextRestartKT, aktime, sizeof(struct ktime)); break; case 2: memcpy(&bozo_nextDayKT, aktime, sizeof(struct ktime)); break; default: code = BZDOM; break; } if (code == 0) { /* try to update the bozo init file */ code = WriteBozoFile(0); bozo_newKTs = 1; } fail: osi_auditU(acall, BOS_SetRestartEvent, code, AUD_END); return code; }