static gfarm_error_t gfarm_set_global_user_for_sharedsecret(void) { gfarm_error_t e; char *local_user, *global_user; /* * Sharedsecret authentication requires to send a global user * name when connecting to gfmd, which is determined by the * local user account. */ local_user = gfarm_get_local_username(); e = gfarm_local_to_global_username(local_user, &global_user); if (e != GFARM_ERR_NO_ERROR) return (e); e = gfarm_set_global_username(global_user); free(global_user); return (e); }
int FUNC___XSTAT(int ver, const char *path, STRUCT_STAT *buf) { const char *e; char *url; struct gfs_stat gs; int nf = -1, np, errno_save = errno; _gfs_hook_debug_v(gflog_info(GFARM_MSG_UNFIXED, "Hooking " S(FUNC___XSTAT) "(%s)", path)); if (!gfs_hook_is_url(path, &url)) return (SYSCALL_XSTAT(ver, path, buf)); _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: Hooking " S(FUNC___XSTAT) "(%s)", path)); switch (gfs_hook_get_current_view()) { case section_view: _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(GFS_STAT_SECTION) "(%s, %s)", url, gfs_hook_get_current_section())); e = GFS_STAT_SECTION(url, gfs_hook_get_current_section(), &gs); break; case index_view: _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(GFS_STAT_INDEX) "(%s, %d)", url, gfs_hook_get_current_index())); e = GFS_STAT_INDEX(url, gfs_hook_get_current_index(), &gs); break; case local_view: /* * If the number of fragments is not the same as the * number of parallel processes, or the file is not * fragmented, do not change to the local file view. */ if (gfarm_url_fragment_number(url, &nf) == NULL) { if (gfs_pio_get_node_size(&np) == NULL && nf == np) { _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(GFS_STAT_INDEX) "(%s, %d)", url, gfarm_node)); e = GFS_STAT_INDEX(url, gfarm_node, &gs); } else { _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(GFS_STAT) "(%s)", url)); e = GFS_STAT(url, &gs); } } else { _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(GFS_STAT) "(%s)", url)); e = GFS_STAT(url, &gs); } break; default: _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(GFS_STAT) "(%s)", url)); e = GFS_STAT(url, &gs); } free(url); if (e == NULL) { struct passwd *p; memset(buf, 0, sizeof(*buf)); buf->st_dev = GFS_DEV; buf->st_ino = gs.st_ino; buf->st_mode = gs.st_mode; buf->st_nlink = S_ISDIR(buf->st_mode) ? GFS_NLINK_DIR : 1; /* XXX FIXME: need to convert gfarm global user to UNIX uid */ p = getpwnam(gfarm_get_local_username()); if (p != NULL) { buf->st_uid = p->pw_uid; buf->st_gid = p->pw_gid; } else { buf->st_uid = getuid(); /* XXX */ buf->st_gid = getgid(); /* XXX */ } buf->st_size = gs.st_size; buf->st_blksize = GFS_BLKSIZE; buf->st_blocks = (gs.st_size + STAT_BLKSIZ - 1) / STAT_BLKSIZ; buf->st_atime = gs.st_atimespec.tv_sec; buf->st_mtime = gs.st_mtimespec.tv_sec; buf->st_ctime = gs.st_ctimespec.tv_sec; gfs_stat_free(&gs); errno = errno_save; return (0); } _gfs_hook_debug(gflog_info(GFARM_MSG_UNFIXED, "GFS: " S(FUNC___XSTAT) ": %s", e)); errno = gfarm_error_to_errno(e); return (-1); }
char * gfarm_gsi_cred_config_convert_to_name( enum gfarm_auth_cred_type type, char *service, char *name, char *hostname, gss_name_t *namep) { int rv; OM_uint32 e_major; OM_uint32 e_minor; gss_cred_id_t cred; switch (type) { case GFARM_AUTH_CRED_TYPE_DEFAULT: /* special. equivalent to GSS_C_NO_CREDENTIAL */ if (name != NULL) return ("cred_type is not set, but cred_name is set"); if (service != NULL) return ("cred_type is not set, but cred_service is set" ); return ("internal error: missing GSS_C_NO_CREDENTIAL check"); case GFARM_AUTH_CRED_TYPE_NO_NAME: if (name != NULL) return ("cred_type is \"no-name\", " "but cred_name is set"); if (service != NULL) return ("cred_type is \"no-name\", " "but cred_service is set"); *namep = GSS_C_NO_NAME; return (NULL); case GFARM_AUTH_CRED_TYPE_MECHANISM_SPECIFIC: if (name == NULL) return ("cred_type is \"mechanism-specific\", " "but cred_name is not set"); if (service != NULL) return ("cred_type is \"mechanism-specific\", " "but cred_service is set"); rv = gfarmGssImportName(namep, name, strlen(name), GSS_C_NO_OID, &e_major, &e_minor); break; case GFARM_AUTH_CRED_TYPE_HOST: if (name == NULL) name = hostname; if (service == NULL) { rv = gfarmGssImportNameOfHost(namep, name, &e_major, &e_minor); } else { rv = gfarmGssImportNameOfHostBasedService(namep, service, name, &e_major, &e_minor); } break; case GFARM_AUTH_CRED_TYPE_USER: if (service != NULL) return ("cred_type is \"user\", " "but cred_service is set"); /* * XXX FIXME: `name' must be converted from global_username * to local_username, but there is no such function for now. */ if (name == NULL) name = gfarm_get_local_username(); rv = gfarmGssImportName(namep, name, strlen(name), GSS_C_NT_USER_NAME, &e_major, &e_minor); break; case GFARM_AUTH_CRED_TYPE_SELF: /* special. there is no corresponding name_type in GSSAPI */ if (name != NULL) return ("cred_type is \"self\", but cred_name is set"); if (service != NULL) return ("cred_type is \"self\", " "but cred_service is set"); if (gfarmSecSessionGetInitiatorInitialCredential(&cred) < 0 || cred == GSS_C_NO_CREDENTIAL) return ("cred_type is \"self\", " "but not initialized as an initiator"); rv = gfarmGssNewCredentialName(namep, cred, &e_major,&e_minor); break; default: return ("internal error - invalid cred_type"); } if (rv < 0) { if (gflog_auth_get_verbose()) { gflog_error("gfarmGssImportName(): " "invalid credential configuration:"); gfarmGssPrintMajorStatus(e_major); gfarmGssPrintMinorStatus(e_minor); } return ("invalid credential configuration"); } return (NULL); }