errno_t monitor_common_rotate_logs(struct confdb_ctx *confdb,
const char *conf_path)
{
errno_t ret;
int old_debug_level = debug_level;
ret = rotate_debug_files();
if (ret) {
sss_log(SSS_LOG_ALERT, "Could not rotate debug files! [%d][%s]\n",
ret, strerror(ret));
return ret;
}
/* Get new debug level from the confdb */
ret = confdb_get_int(confdb, conf_path,
CONFDB_SERVICE_DEBUG_LEVEL,
old_debug_level,
&debug_level);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Error reading from confdb (%d) [%s]\n",
ret, strerror(ret));
/* Try to proceed with the old value */
debug_level = old_debug_level;
}
if (debug_level != old_debug_level) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Debug level changed to %#.4x\n", debug_level);
debug_level = debug_convert_old_level(debug_level);
}
return EOK;
}
int main(int argc, const char **argv)
{
TALLOC_CTX *mem_ctx = NULL;
int pc_debug = SSSDBG_DEFAULT;
const char *pc_domain = NULL;
const char *pc_user = NULL;
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &pc_debug, 0,
_("The debug level to run with"), NULL },
{ "domain", 'd', POPT_ARG_STRING, &pc_domain, 0,
_("The SSSD domain to use"), NULL },
POPT_TABLEEND
};
poptContext pc = NULL;
const char *user;
struct sss_ssh_ent *ent;
size_t i;
char *repr;
int ret;
debug_prg_name = argv[0];
ret = set_locale();
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
("set_locale() failed (%d): %s\n", ret, strerror(ret)));
ERROR("Error setting the locale\n");
ret = EXIT_FAILURE;
goto fini;
}
mem_ctx = talloc_new(NULL);
if (!mem_ctx) {
ERROR("Not enough memory\n");
ret = EXIT_FAILURE;
goto fini;
}
/* parse parameters */
pc = poptGetContext(NULL, argc, argv, long_options, 0);
poptSetOtherOptionHelp(pc, "USER");
while ((ret = poptGetNextOpt(pc)) > 0)
;
debug_level = debug_convert_old_level(pc_debug);
if (ret != -1) {
BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
}
pc_user = poptGetArg(pc);
if (pc_user == NULL) {
BAD_POPT_PARAMS(pc, _("User not specified\n"), ret, fini);
}
/* append domain to username if domain is specified */
if (pc_domain) {
user = talloc_asprintf(mem_ctx, "%s@%s", pc_user, pc_domain);
if (!user) {
ERROR("Not enough memory\n");
ret = EXIT_FAILURE;
goto fini;
}
} else {
user = pc_user;
}
/* look up public keys */
ret = sss_ssh_get_ent(mem_ctx, SSS_SSH_GET_USER_PUBKEYS,
user, NULL, &ent);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
("sss_ssh_get_ent() failed (%d): %s\n", ret, strerror(ret)));
ERROR("Error looking up public keys\n");
ret = EXIT_FAILURE;
goto fini;
}
/* print results */
for (i = 0; i < ent->num_pubkeys; i++) {
repr = sss_ssh_format_pubkey(mem_ctx, ent, &ent->pubkeys[i],
SSS_SSH_FORMAT_OPENSSH, NULL);
if (!repr) {
ERROR("Not enough memory\n");
ret = EXIT_FAILURE;
goto fini;
}
printf("%s\n", repr);
}
ret = EXIT_SUCCESS;
fini:
poptFreeContext(pc);
talloc_free(mem_ctx);
return ret;
}
int main(int argc, const char **argv)
{
int ret = EXIT_SUCCESS;
struct tools_ctx *tctx = NULL;
const char *pc_username = NULL;
int pc_debug = SSSDBG_DEFAULT;
int pc_remove = 0;
int pc_force = 0;
int pc_kick = 0;
poptContext pc = NULL;
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &pc_debug,
0, _("The debug level to run with"), NULL },
{ "remove", 'r', POPT_ARG_NONE, NULL, 'r',
_("Remove home directory and mail spool"), NULL },
{ "no-remove", 'R', POPT_ARG_NONE, NULL, 'R',
_("Do not remove home directory and mail spool"), NULL },
{ "force", 'f', POPT_ARG_NONE, NULL, 'f',
_("Force removal of files not owned by the user"), NULL },
{ "kick", 'k', POPT_ARG_NONE, NULL, 'k',
_("Kill users' processes before removing him"), NULL },
POPT_TABLEEND
};
debug_prg_name = argv[0];
ret = set_locale();
if (ret != EOK) {
DEBUG(1, ("set_locale failed (%d): %s\n", ret, strerror(ret)));
ERROR("Error setting the locale\n");
ret = EXIT_FAILURE;
goto fini;
}
/* parse parameters */
pc = poptGetContext(NULL, argc, argv, long_options, 0);
poptSetOtherOptionHelp(pc, "USERNAME");
while ((ret = poptGetNextOpt(pc)) > 0) {
switch (ret) {
case 'r':
pc_remove = DO_REMOVE_HOME;
break;
case 'R':
pc_remove = DO_NOT_REMOVE_HOME;
break;
case 'f':
pc_force = DO_FORCE_REMOVAL;
break;
case 'k':
pc_kick = 1;
break;
}
}
debug_level = debug_convert_old_level(pc_debug);
if (ret != -1) {
BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
}
pc_username = poptGetArg(pc);
if (pc_username == NULL) {
BAD_POPT_PARAMS(pc, _("Specify user to delete\n"), ret, fini);
}
CHECK_ROOT(ret, debug_prg_name);
ret = init_sss_tools(&tctx);
if (ret != EOK) {
DEBUG(1, ("init_sss_tools failed (%d): %s\n", ret, strerror(ret)));
if (ret == ENOENT) {
ERROR("Error initializing the tools - no local domain\n");
} else {
ERROR("Error initializing the tools\n");
}
ret = EXIT_FAILURE;
goto fini;
}
/* if the domain was not given as part of FQDN, default to local domain */
ret = parse_name_domain(tctx, pc_username);
if (ret != EOK) {
ERROR("Invalid domain specified in FQDN\n");
ret = EXIT_FAILURE;
goto fini;
}
/*
* Fills in defaults for ops_ctx user did not specify.
*/
ret = userdel_defaults(tctx, tctx->confdb, tctx->octx, pc_remove);
if (ret != EOK) {
ERROR("Cannot set default values\n");
ret = EXIT_FAILURE;
goto fini;
}
ret = sysdb_getpwnam_sync(tctx,
tctx->sysdb,
tctx->octx->name,
tctx->octx);
if (ret != EOK) {
/* Error message will be printed in the switch */
goto done;
}
if ((tctx->octx->uid < tctx->local->id_min) ||
(tctx->local->id_max && tctx->octx->uid > tctx->local->id_max)) {
ERROR("User %1$s is outside the defined ID range for domain\n",
tctx->octx->name);
ret = EXIT_FAILURE;
goto fini;
}
if (pc_kick) {
ret = kick_user(tctx);
if (ret != EOK) {
tctx->error = ret;
goto done;
}
}
/* userdel */
ret = userdel(tctx, tctx->sysdb, tctx->octx);
if (ret != EOK) {
goto done;
}
/* Set SELinux login context - must be done after transaction is done
* b/c libselinux calls getpwnam */
ret = del_seuser(tctx->octx->name);
if (ret != EOK) {
ERROR("Cannot reset SELinux login context\n");
ret = EXIT_FAILURE;
goto fini;
}
if (!pc_kick) {
ret = is_logged_in(tctx, tctx->octx->uid);
switch(ret) {
case ENOENT:
break;
case EOK:
ERROR("WARNING: The user (uid %1$lu) was still logged in when "
"deleted.\n", (unsigned long) tctx->octx->uid);
break;
case ENOSYS:
ERROR("Cannot determine if the user was logged in on this "
"platform");
break;
default:
ERROR("Error while checking if the user was logged in\n");
break;
}
}
ret = run_userdel_cmd(tctx);
if (ret != EOK) {
ERROR("The post-delete command failed: %1$s\n", strerror(ret));
goto fini;
}
if (tctx->octx->remove_homedir) {
ret = remove_homedir(tctx,
tctx->octx->home,
tctx->octx->maildir,
tctx->octx->name,
tctx->octx->uid,
pc_force);
if (ret == EPERM) {
ERROR("Not removing home dir - not owned by user\n");
} else if (ret != EOK) {
ERROR("Cannot remove homedir: %1$s\n", strerror(ret));
ret = EXIT_FAILURE;
goto fini;
}
}
done:
if (ret) {
DEBUG(1, ("sysdb operation failed (%d)[%s]\n", ret, strerror(ret)));
switch (ret) {
case ENOENT:
ERROR("No such user in local domain. "
"Removing users only allowed in local domain.\n");
break;
default:
ERROR("Internal error. Could not remove user.\n");
break;
}
ret = EXIT_FAILURE;
goto fini;
}
ret = EXIT_SUCCESS;
fini:
talloc_free(tctx);
poptFreeContext(pc);
exit(ret);
}
int main(int argc, const char **argv)
{
TALLOC_CTX *mem_ctx = NULL;
int pc_debug = SSSDBG_DEFAULT;
int pc_port = 22;
const char *pc_domain = NULL;
const char *pc_host = NULL;
const char **pc_args = NULL;
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &pc_debug, 0,
_("The debug level to run with"), NULL },
{ "port", 'p', POPT_ARG_INT, &pc_port, 0,
_("The port to use to connect to the host"), NULL },
{ "domain", 'd', POPT_ARG_STRING, &pc_domain, 0,
_("The SSSD domain to use"), NULL },
POPT_TABLEEND
};
poptContext pc = NULL;
char strport[6];
struct addrinfo ai_hint;
struct addrinfo *ai = NULL;
char canonhost[NI_MAXHOST];
const char *host = NULL;
struct sss_ssh_ent *ent;
int ret;
debug_prg_name = argv[0];
ret = set_locale();
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
("set_locale() failed (%d): %s\n", ret, strerror(ret)));
ret = EXIT_FAILURE;
goto fini;
}
mem_ctx = talloc_new(NULL);
if (!mem_ctx) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Not enough memory\n"));
ret = EXIT_FAILURE;
goto fini;
}
/* parse parameters */
pc = poptGetContext(NULL, argc, argv, long_options, 0);
poptSetOtherOptionHelp(pc, "HOST [PROXY_COMMAND]");
while ((ret = poptGetNextOpt(pc)) > 0)
;
debug_level = debug_convert_old_level(pc_debug);
if (ret != -1) {
BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
}
if (pc_port < 1 || pc_port > 65535) {
BAD_POPT_PARAMS(pc, _("Invalid port\n"), ret, fini);
}
pc_host = poptGetArg(pc);
if (pc_host == NULL) {
BAD_POPT_PARAMS(pc, _("Host not specified\n"), ret, fini);
}
pc_args = poptGetArgs(pc);
if (pc_args && pc_args[0] && pc_args[0][0] != '/') {
BAD_POPT_PARAMS(pc,
_("The path to the proxy command must be absolute\n"),
ret, fini);
}
/* canonicalize hostname */
snprintf(strport, 6, "%d", pc_port);
memset(&ai_hint, 0, sizeof(struct addrinfo));
ai_hint.ai_family = AF_UNSPEC;
ai_hint.ai_socktype = SOCK_STREAM;
ai_hint.ai_protocol = IPPROTO_TCP;
ai_hint.ai_flags = AI_ADDRCONFIG | AI_NUMERICHOST | AI_NUMERICSERV;
ret = getaddrinfo(pc_host, strport, &ai_hint, &ai);
if (ret) {
ai_hint.ai_flags = AI_ADDRCONFIG | AI_CANONNAME | AI_NUMERICSERV;
ret = getaddrinfo(pc_host, strport, &ai_hint, &ai);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE,
("getaddrinfo() failed (%d): %s\n", ret, gai_strerror(ret)));
} else {
host = ai[0].ai_canonname;
}
} else {
ret = getnameinfo(ai[0].ai_addr, ai[0].ai_addrlen,
canonhost, NI_MAXHOST, NULL, 0, NI_NAMEREQD);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE,
("getnameinfo() failed (%d): %s\n", ret, gai_strerror(ret)));
} else {
host = canonhost;
}
}
if (host) {
/* append domain to hostname if domain is specified */
if (pc_domain) {
host = talloc_asprintf(mem_ctx, "%s@%s", host, pc_domain);
if (!host) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Not enough memory\n"));
ret = EXIT_FAILURE;
goto fini;
}
}
/* look up public keys */
ret = sss_ssh_get_ent(mem_ctx, SSS_SSH_GET_HOST_PUBKEYS,
host, pc_host, &ent);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE,
("sss_ssh_get_ent() failed (%d): %s\n", ret, strerror(ret)));
}
}
/* connect to server */
if (pc_args) {
ret = connect_proxy_command(discard_const(pc_args));
} else if (ai) {
ret = connect_socket(ai[0].ai_family, ai[0].ai_addr, ai[0].ai_addrlen);
} else {
ret = EFAULT;
}
ret = (ret == EOK) ? EXIT_SUCCESS : EXIT_FAILURE;
fini:
poptFreeContext(pc);
if (ai) freeaddrinfo(ai);
talloc_free(mem_ctx);
return ret;
}
