int main(int argc, char **argv) { int c; bool_t verbose = FALSE; bool_t headeronly = FALSE; uint32_t entry = 0; krb5_context context; kadm5_config_params params; kdb_log_context *log_ctx; kdb_hlog_t *ulog = NULL; (void) setlocale(LC_ALL, ""); #if !defined(TEXT_DOMAIN) #define TEXT_DOMAIN "SYS_TEST" #endif /* TEXT_DOMAIN */ (void) textdomain(TEXT_DOMAIN); if (geteuid() != (uid_t)0) { (void) fprintf(stderr, gettext("kproplog must be run as root\n\n")); exit(1); } progname = argv[0]; while ((c = getopt(argc, argv, "vhe:")) != -1) { switch (c) { case 'h': headeronly = TRUE; break; case 'e': entry = atoi(optarg); break; case 'v': verbose = TRUE; break; default: usage(); } } if (krb5_init_context(&context)) { (void) fprintf(stderr, gettext("Unable to initialize Kerberos\n\n")); exit(1); } (void) memset((char *)¶ms, 0, sizeof (params)); if (kadm5_get_config_params(context, NULL, NULL, ¶ms, ¶ms)) { (void) fprintf(stderr, gettext("Couldn't read database_name\n\n")); exit(1); } (void) printf(gettext("\nKerberos update log (%s.ulog)\n"), params.dbname); if (ulog_map(context, ¶ms, FKPROPLOG)) { (void) fprintf(stderr, gettext("Unable to map log file " "%s.ulog\n\n"), params.dbname); exit(1); } log_ctx = context->kdblog_context; if (log_ctx) ulog = log_ctx->ulog; else { (void) fprintf(stderr, gettext("Unable to map log file " "%s.ulog\n\n"), params.dbname); exit(1); } if (ulog->kdb_hmagic != KDB_HMAGIC) { (void) fprintf(stderr, gettext("Corrupt header log, exiting\n\n")); exit(1); } (void) printf(gettext("Update log dump :\n")); (void) printf(gettext("\tLog version # : %u\n"), ulog->db_version_num); (void) printf(gettext("\tLog state : ")); switch (ulog->kdb_state) { case KDB_STABLE: (void) printf(gettext("Stable\n")); break; case KDB_UNSTABLE: (void) printf(gettext("Unstable\n")); break; case KDB_CORRUPT: (void) printf(gettext("Corrupt\n")); break; default: (void) printf(gettext("Unknown state: %d\n"), ulog->kdb_state); break; } (void) printf(gettext("\tEntry block size : %u\n"), ulog->kdb_block); (void) printf(gettext("\tNumber of entries : %u\n"), ulog->kdb_num); if (ulog->kdb_last_sno == 0) (void) printf(gettext("\tLast serial # : None\n")); else { if (ulog->kdb_first_sno == 0) (void) printf(gettext("\tFirst serial # : None\n")); else { (void) printf(gettext("\tFirst serial # : ")); (void) printf("%u\n", ulog->kdb_first_sno); } (void) printf(gettext("\tLast serial # : ")); (void) printf("%u\n", ulog->kdb_last_sno); } if (ulog->kdb_last_time.seconds == 0L) { (void) printf(gettext("\tLast time stamp : None\n")); } else { if (ulog->kdb_first_time.seconds == 0L) (void) printf(gettext("\tFirst time stamp : None\n")); else { (void) printf(gettext("\tFirst time stamp : %s"), ctime((time_t *) &(ulog->kdb_first_time.seconds))); } (void) printf(gettext("\tLast time stamp : %s\n"), ctime((time_t *)&(ulog->kdb_last_time.seconds))); } if ((!headeronly) && ulog->kdb_num) { print_update(ulog, entry, verbose); } (void) printf("\n"); return (0); }
int main(int argc, char *argv[]) { OM_uint32 minor_status; gss_buffer_desc in_buf; gss_OID nt_krb5_name_oid = (gss_OID)GSS_KRB5_NT_PRINCIPAL_NAME; auth_gssapi_name names[4]; kadm5_config_params params; verto_ctx *vctx; const char *pid_file = NULL; char **db_args = NULL, **tmpargs; int ret, i, db_args_size = 0, strong_random = 1, proponly = 0; setlocale(LC_ALL, ""); setvbuf(stderr, NULL, _IONBF, 0); names[0].name = names[1].name = names[2].name = names[3].name = NULL; names[0].type = names[1].type = names[2].type = names[3].type = nt_krb5_name_oid; progname = (strrchr(argv[0], '/') != NULL) ? strrchr(argv[0], '/') + 1 : argv[0]; memset(¶ms, 0, sizeof(params)); argc--, argv++; while (argc) { if (strcmp(*argv, "-x") == 0) { argc--, argv++; if (!argc) usage(); db_args_size++; tmpargs = realloc(db_args, sizeof(char *) * (db_args_size + 1)); if (tmpargs == NULL) { fprintf(stderr, _("%s: cannot initialize. Not enough " "memory\n"), progname); exit(1); } db_args = tmpargs; db_args[db_args_size - 1] = *argv; db_args[db_args_size] = NULL; } else if (strcmp(*argv, "-r") == 0) { argc--, argv++; if (!argc) usage(); params.realm = *argv; params.mask |= KADM5_CONFIG_REALM; argc--, argv++; continue; } else if (strcmp(*argv, "-m") == 0) { params.mkey_from_kbd = 1; params.mask |= KADM5_CONFIG_MKEY_FROM_KBD; } else if (strcmp(*argv, "-nofork") == 0) { nofork = 1; #ifdef USE_PASSWORD_SERVER } else if (strcmp(*argv, "-passwordserver") == 0) { kadm5_set_use_password_server(); #endif #ifndef DISABLE_IPROP } else if (strcmp(*argv, "-proponly") == 0) { proponly = 1; #endif } else if (strcmp(*argv, "-port") == 0) { argc--, argv++; if (!argc) usage(); params.kadmind_port = atoi(*argv); params.mask |= KADM5_CONFIG_KADMIND_PORT; } else if (strcmp(*argv, "-P") == 0) { argc--, argv++; if (!argc) usage(); pid_file = *argv; } else if (strcmp(*argv, "-W") == 0) { strong_random = 0; } else if (strcmp(*argv, "-p") == 0) { argc--, argv++; if (!argc) usage(); kdb5_util = *argv; } else if (strcmp(*argv, "-F") == 0) { argc--, argv++; if (!argc) usage(); dump_file = *argv; } else if (strcmp(*argv, "-K") == 0) { argc--, argv++; if (!argc) usage(); kprop = *argv; } else if (strcmp(*argv, "-k") == 0) { argc--, argv++; if (!argc) usage(); kprop_port = *argv; } else { break; } argc--, argv++; } if (argc != 0) usage(); ret = kadm5_init_krb5_context(&context); if (ret) { fprintf(stderr, _("%s: %s while initializing context, aborting\n"), progname, error_message(ret)); exit(1); } krb5_klog_init(context, "admin_server", progname, 1); ret = kadm5_init(context, "kadmind", NULL, NULL, ¶ms, KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, db_args, &global_server_handle); if (ret) fail_to_start(ret, _("initializing")); ret = kadm5_get_config_params(context, 1, ¶ms, ¶ms); if (ret) fail_to_start(ret, _("getting config parameters")); if (!(params.mask & KADM5_CONFIG_REALM)) fail_to_start(0, _("Missing required realm configuration")); if (!(params.mask & KADM5_CONFIG_ACL_FILE)) fail_to_start(0, _("Missing required ACL file configuration")); ret = setup_loop(proponly, &vctx); if (ret) fail_to_start(ret, _("initializing network")); names[0].name = build_princ_name(KADM5_ADMIN_SERVICE, params.realm); names[1].name = build_princ_name(KADM5_CHANGEPW_SERVICE, params.realm); if (names[0].name == NULL || names[1].name == NULL) fail_to_start(0, _("Cannot build GSSAPI auth names")); ret = setup_kdb_keytab(); if (ret) fail_to_start(0, _("Cannot set up KDB keytab")); if (svcauth_gssapi_set_names(names, 2) == FALSE) fail_to_start(0, _("Cannot set GSSAPI authentication names")); /* if set_names succeeded, this will too */ in_buf.value = names[1].name; in_buf.length = strlen(names[1].name) + 1; (void)gss_import_name(&minor_status, &in_buf, nt_krb5_name_oid, &gss_changepw_name); svcauth_gssapi_set_log_badauth2_func(log_badauth, NULL); svcauth_gssapi_set_log_badverf_func(log_badverf, NULL); svcauth_gssapi_set_log_miscerr_func(log_miscerr, NULL); svcauth_gss_set_log_badauth2_func(log_badauth, NULL); svcauth_gss_set_log_badverf_func(log_badverf, NULL); svcauth_gss_set_log_miscerr_func(log_miscerr, NULL); if (svcauth_gss_set_svc_name(GSS_C_NO_NAME) != TRUE) fail_to_start(0, _("Cannot initialize GSSAPI service name")); ret = acl_init(context, params.acl_file); if (ret) fail_to_start(ret, _("initializing ACL file")); if (!nofork && daemon(0, 0) != 0) fail_to_start(errno, _("spawning daemon process")); if (pid_file != NULL) { ret = write_pid_file(pid_file); if (ret) fail_to_start(ret, _("creating PID file")); } krb5_klog_syslog(LOG_INFO, _("Seeding random number generator")); ret = krb5_c_random_os_entropy(context, strong_random, NULL); if (ret) fail_to_start(ret, _("getting random seed")); if (params.iprop_enabled == TRUE) { ulog_set_role(context, IPROP_MASTER); ret = ulog_map(context, params.iprop_logfile, params.iprop_ulogsize); if (ret) fail_to_start(ret, _("mapping update log")); if (nofork) { fprintf(stderr, _("%s: create IPROP svc (PROG=%d, VERS=%d)\n"), progname, KRB5_IPROP_PROG, KRB5_IPROP_VERS); } } if (kprop_port == NULL) kprop_port = getenv("KPROP_PORT"); krb5_klog_syslog(LOG_INFO, _("starting")); if (nofork) fprintf(stderr, _("%s: starting...\n"), progname); verto_run(vctx); krb5_klog_syslog(LOG_INFO, _("finished, exiting")); /* Clean up memory, etc */ svcauth_gssapi_unset_names(); kadm5_destroy(global_server_handle); loop_free(vctx); acl_finish(context); (void)gss_release_name(&minor_status, &gss_changepw_name); (void)gss_release_name(&minor_status, &gss_oldchangepw_name); for (i = 0; i < 4; i++) free(names[i].name); krb5_klog_close(context); krb5_free_context(context); exit(2); }