3 * Do AFS incremental updates
5 * Copyright (C) 1989,1992 by the Massachusetts Institute of Technology
6 * for copying and distribution information, please see the file
11 #include <sys/types.h>
18 #include <moira_site.h>
20 #include <afs/param.h>
21 #include <afs/cellconfig.h>
22 #include <afs/venus.h>
23 #include <afs/ptclient.h>
24 #include <afs/pterror.h>
26 #define STOP_FILE "/moira/afs/noafs"
27 #define file_exists(file) (access((file), F_OK) == 0)
31 /* Main stub routines */
38 /* Support stub routines */
41 int add_list_members();
47 /* libprot.a routines */
48 extern long pr_Initialize();
49 extern long pr_CreateUser();
50 extern long pr_CreateGroup();
51 extern long pr_DeleteByID();
52 extern long pr_ChangeEntry();
53 extern long pr_SetFieldsEntry();
54 extern long pr_AddToGroup();
55 extern long pr_RemoveUserFromGroup();
56 extern long pr_SIdToName();
58 static char tbl_buf[1024];
59 static struct member {
67 static int mr_connections=0;
73 int beforec, afterc, i;
74 char *table, **before, **after;
76 for (i = getdtablesize() - 1; i > 2; i--)
79 whoami = ((whoami = strrchr(argv[0], '/')) ? whoami+1 : argv[0]);
82 beforec = atoi(argv[2]);
84 afterc = atoi(argv[3]);
85 after = &argv[4 + beforec];
87 setvbuf(stdout, NULL, _IOLBF, BUFSIZ);
89 strcpy(tbl_buf, table);
90 strcat(tbl_buf, " (");
91 for (i = 0; i < beforec; i++) {
94 strcat(tbl_buf, before[i]);
96 strcat(tbl_buf, ")->(");
97 for (i = 0; i < afterc; i++) {
100 strcat(tbl_buf, after[i]);
102 strcat(tbl_buf, ")");
104 com_err(whoami, 0, "%s", tbl_buf);
107 initialize_sms_error_table();
108 initialize_krb_error_table();
110 if (!strcmp(table, "users")) {
111 do_user(before, beforec, after, afterc);
112 } else if (!strcmp(table, "list")) {
113 do_list(before, beforec, after, afterc);
114 } else if (!strcmp(table, "imembers")) {
115 do_member(before, beforec, after, afterc);
116 } else if (!strcmp(table, "filesys")) {
117 do_filesys(before, beforec, after, afterc);
118 } else if (!strcmp(table, "quota")) {
119 do_quota(before, beforec, after, afterc);
125 do_user(before, beforec, after, afterc)
131 int astate, bstate, auid, buid, code;
134 auid = buid = astate = bstate = 0;
135 if (afterc > U_STATE) astate = atoi(after[U_STATE]);
136 if (beforec > U_STATE) bstate = atoi(before[U_STATE]);
137 if (afterc > U_UID) auid = atoi(after[U_UID]);
138 if (beforec > U_UID) buid = atoi(before[U_UID]);
140 /* We consider "half-registered" users to be active */
141 if (astate == 2) astate = 1;
142 if (bstate == 2) bstate = 1;
144 if (astate != 1 && bstate != 1) /* inactive user */
147 if (astate == bstate && auid == buid &&
148 !strcmp(before[U_NAME], after[U_NAME]))
149 /* No AFS related attributes have changed */
152 if (astate == bstate) {
153 /* Only a modify has to be done */
154 com_err(whoami, 0, "Changing user %s (uid %d) to %s (uid %d)",
155 before[U_NAME], buid, after[U_NAME], auid);
157 code = pr_try(pr_ChangeEntry, before[U_NAME], after[U_NAME], auid, "");
159 critical_alert("incremental",
160 "Couldn't change user %s (id %d) to %s (id %d): %s",
161 before[U_NAME], buid, after[U_NAME], auid,
162 error_message(code));
167 com_err(whoami, 0, "Deleting user %s (uid %d)",
168 before[U_NAME], buid);
170 code = pr_try(pr_DeleteByID, buid);
171 if (code && code != PRNOENT) {
172 critical_alert("incremental",
173 "Couldn't delete user %s (id %d): %s",
174 before[U_NAME], buid, error_message(code));
179 com_err(whoami, 0, "%s user %s (uid %d)",
180 ((bstate != 0) ? "Reactivating" : "Creating"),
181 after[U_NAME], auid);
183 code = pr_try(pr_CreateUser, after[U_NAME], &auid);
184 /* if we get PRIDEXIST, it's only an error if the username
185 doesn't match (otherwise it just means the user was deleted
186 from Moira but not AFS */
187 if (code == PRIDEXIST) {
190 if (pr_try(pr_SIdToName, auid, ename) == 0 &&
191 !strcmp(after[U_NAME], ename))
195 critical_alert("incremental",
196 "Couldn't create user %s (id %d): %s",
197 after[U_NAME], auid, error_message(code));
202 /* Reactivating a user; get his group list */
203 code = moira_connect();
205 critical_alert("incremental",
206 "Error contacting Moira server to retrieve grouplist of user %s: %s",
207 after[U_NAME], error_message(code));
211 av[1] = after[U_NAME];
212 code = mr_query("get_lists_of_member", 2, av,
213 add_user_lists, after[U_NAME]);
214 if (code && code != MR_NO_MATCH)
215 critical_alert("incremental",
216 "Couldn't retrieve membership of user %s: %s",
217 after[U_NAME], error_message(code));
225 do_list(before, beforec, after, afterc)
231 register int agid, bgid;
234 char g1[PR_MAXNAMELEN], g2[PR_MAXNAMELEN];
238 if (beforec > L_GID && atoi(before[L_ACTIVE]) && atoi(before[L_GROUP])) {
239 bgid = atoi(before[L_GID]);
240 bhide = atoi(before[L_HIDDEN]);
242 if (afterc > L_GID && atoi(after[L_ACTIVE]) && atoi(after[L_GROUP])) {
243 agid = atoi(after[L_GID]);
244 ahide = atoi(after[L_HIDDEN]);
247 if (agid == 0 && bgid == 0) /* Not active groups */
251 if (strcmp(after[L_NAME], before[L_NAME])) {
252 /* Only a modify is required */
253 strcpy(g1, "system:");
254 strcpy(g2, "system:");
255 strcat(g1, before[L_NAME]);
256 strcat(g2, after[L_NAME]);
258 com_err(whoami, 0, "Changing group %s (gid %d) to %s (gid %d)",
259 before[L_NAME], bgid, after[L_NAME], agid);
261 code = pr_try(pr_ChangeEntry, g1, g2, -agid, "");
263 critical_alert("incremental",
264 "Couldn't change group %s (id %d) to %s (id %d): %s",
265 before[L_NAME], -bgid, after[L_NAME], -agid,
266 error_message(code));
269 if (ahide != bhide) {
270 com_err(whoami, 0, "Making group %s (gid %d) %s",
272 (ahide ? "hidden" : "visible"));
273 code = pr_try(pr_SetFieldsEntry, -agid, PR_SF_ALLBITS,
274 (ahide ? PRP_STATUS_ANY : PRP_GROUP_DEFAULT) >>PRIVATE_SHIFT,
275 0 /*ngroups*/, 0 /*nusers*/);
277 critical_alert("incremental",
278 "Couldn't set flags of group %s: %s",
279 after[L_NAME], error_message(code));
285 com_err(whoami, 0, "Deleting group %s (gid %d)",
286 before[L_NAME], bgid);
287 code = pr_try(pr_DeleteByID, -bgid);
288 if (code && code != PRNOENT) {
289 critical_alert("incremental",
290 "Couldn't delete group %s (id %d): %s",
291 before[L_NAME], -bgid, error_message(code));
296 strcpy(g1, "system:");
297 strcat(g1, after[L_NAME]);
298 strcpy(g2, "system:administrators");
300 com_err(whoami, 0, "Creating %s group %s (gid %d)",
301 (ahide ? "hidden" : "visible"), after[L_NAME], agid);
302 code = pr_try(pr_CreateGroup, g1, g2, &id);
303 if (code == PRIDEXIST) {
306 if (pr_try(pr_SIdToName, -agid, ename) == 0 && !strcmp(g1, ename))
310 critical_alert("incremental",
311 "Couldn't create group %s (id %d): %s",
312 after[L_NAME], id, error_message(code));
316 code = pr_try(pr_SetFieldsEntry, -agid, PR_SF_ALLBITS,
317 (ahide ? PRP_STATUS_ANY : PRP_GROUP_DEFAULT) >>PRIVATE_SHIFT,
318 0 /*ngroups*/, 0 /*nusers*/);
320 critical_alert("incremental",
321 "Couldn't set flags of group %s: %s",
322 after[L_NAME], error_message(code));
326 /* We need to make sure the group is properly populated */
327 if (beforec < L_ACTIVE) return;
329 code = moira_connect();
331 critical_alert("incremental",
332 "Error contacting Moira server to resolve %s: %s",
333 after[L_NAME], error_message(code));
336 av[0] = after[L_NAME];
337 code = mr_query("get_end_members_of_list", 1, av,
338 add_list_members, after[L_NAME]);
340 critical_alert("incremental",
341 "Couldn't retrieve full membership of list %s: %s",
342 after[L_NAME], error_message(code));
350 #define LM_EXTRA_ACTIVE (LM_END)
351 #define LM_EXTRA_PUBLIC (LM_END+1)
352 #define LM_EXTRA_HIDDEN (LM_END+2)
353 #define LM_EXTRA_MAILLIST (LM_END+3)
354 #define LM_EXTRA_GROUP (LM_END+4)
355 #define LM_EXTRA_GID (LM_END+5)
356 #define LM_EXTRA_END (LM_END+6)
358 do_member(before, beforec, after, afterc)
368 if (afterc < LM_EXTRA_END) {
371 if (!atoi(after[LM_EXTRA_ACTIVE]) || !atoi(after[LM_EXTRA_GROUP]))
374 edit_group(1, after[LM_LIST], after[LM_TYPE], after[LM_MEMBER]);
375 } else if (beforec) {
376 if (beforec < LM_EXTRA_END) {
379 if (!atoi(before[LM_EXTRA_ACTIVE]) || !atoi(before[LM_EXTRA_GROUP]))
381 edit_group(0, before[LM_LIST], before[LM_TYPE], before[LM_MEMBER]);
386 do_filesys(before, beforec, after, afterc)
393 int acreate, atype, bcreate, btype;
395 if (afterc < FS_CREATE) {
398 atype = !strcmp(after[FS_TYPE], "AFS");
399 acreate = atoi(after[FS_CREATE]);
402 if (beforec < FS_CREATE) {
403 if (acreate == 0 || atype == 0) return;
405 /* new locker creation */
406 sprintf(cmd, "%s/perl -I%s %s/afs_create.pl %s %s %s %s %s %s",
407 BIN_DIR, BIN_DIR, BIN_DIR,
408 after[FS_NAME], after[FS_L_TYPE], after[FS_MACHINE],
409 after[FS_PACK], after[FS_OWNER], after[FS_OWNERS]);
414 btype = !strcmp(before[FS_TYPE], "AFS");
415 bcreate = atoi(before[FS_CREATE]);
416 if (afterc < FS_CREATE) {
417 if (btype && bcreate)
418 critical_alert("incremental",
419 "Cannot delete AFS filesystem %s: Operation not supported",
427 /* Are we dealing with AFS lockers (could be type ERR lockers) */
428 if (!atype && !btype)
429 if (strcmp(before[FS_TYPE], "ERR") || strcmp(after[FS_TYPE], "ERR"))
432 /* By now, we know we are simply changing AFS filesystem attributes.
433 * Operations supported:
434 * Name change: rename/remount
435 * Path change: remount
436 * Type change: ERR<-->AFS
440 if (strcmp(before[FS_OWNER], after[FS_OWNER]) ||
441 strcmp(before[FS_OWNERS], after[FS_OWNERS]))
443 critical_alert("incremental",
444 "Cannot change ownership of filesystem %s: Operation not yet supported",
449 sprintf(cmd, "%s/perl -I%s %s/afs_rename.pl %s %s %s %s %s %s %s %s %s %s",
450 BIN_DIR, BIN_DIR, BIN_DIR,
451 before[FS_NAME], before[FS_MACHINE], before[FS_TYPE],
452 before[FS_L_TYPE], before[FS_PACK],
453 after[FS_NAME], after[FS_MACHINE], after[FS_TYPE],
454 after[FS_L_TYPE], after[FS_PACK]);
459 do_quota(before, beforec, after, afterc)
467 if (afterc < Q_DIRECTORY || strcmp("ANY", after[Q_TYPE]) ||
468 strncmp("/afs/", after[Q_DIRECTORY], 5))
471 sprintf(cmd, "%s/perl -I%s %s/afs_quota.pl %s %s",
472 BIN_DIR, BIN_DIR, BIN_DIR,
473 after[Q_DIRECTORY], after[Q_QUOTA]);
482 int success=0, tries=0;
486 while (success == 0 && tries < 2) {
489 com_err(whoami, 0, "Executing command: %s", cmd);
490 if (system(cmd) == 0)
494 critical_alert("incremental", "failed command: %s", cmd);
498 add_user_lists(ac, av, user)
503 if (atoi(av[L_ACTIVE]) && atoi(av[L_GROUP])) /* active group ? */
504 edit_group(1, av[L_NAME], "USER", user);
509 add_list_members(ac, av, group)
514 edit_group(1, group, av[0], av[1]);
519 check_user(ac, av, ustate)
524 *ustate = atoi(av[U_STATE]);
529 edit_group(op, group, type, member)
536 char buf[PR_MAXNAMELEN];
538 static char local_realm[REALM_SZ+1] = "";
541 /* The following KERBEROS code allows for the use of entities
545 krb_get_lrealm(local_realm, 1);
546 if (!strcmp(type, "KERBEROS")) {
547 p = strchr(member, '@');
548 if (p && !strcasecmp(p+1, local_realm))
550 } else if (strcmp(type, "USER"))
551 return; /* invalid type */
553 /* Cannot risk doing another query during a callback */
554 /* We could do this simply for type USER, but eventually this may also
555 * dynamically add KERBEROS types to the prdb, and we will need to do
556 * a query to look up the uid of the null-instance user */
557 if (mr_connections) {
558 m = (struct member *)malloc(sizeof(struct member));
560 critical_alert("incremental", "Out of memory");
564 strcpy(m->list, group);
565 strcpy(m->type, type);
566 strcpy(m->member, member);
567 m->next = member_head;
572 strcpy(buf, "system:");
574 com_err(whoami, 0, "%s %s %s group %s",
575 (op ? "Adding" : "Removing"), member,
576 (op ? "to" : "from"), group);
578 code=pr_try(op ? pr_AddToGroup : pr_RemoveUserFromGroup, member, buf);
580 if (op==1 && code == PRIDEXIST) return; /* Already added */
582 if (code == PRNOENT) { /* Something is missing */
583 if (op==0) return; /* Already deleted */
584 if (!strcmp(type, "KERBEROS")) /* Special instances; ok */
587 /* Check whether the member being added is an active user */
588 code = moira_connect();
589 if (!code) code = mr_query("get_user_by_login", 1, &member,
590 check_user, (char *)&ustate);
592 critical_alert("incremental",
593 "Error contacting Moira server to lookup user %s: %s",
594 member, error_message(code));
597 /* We don't use moira_disconnect()
598 * because we may already be in the routine.
603 if (!code && ustate!=1 && ustate!=2) return; /* inactive user */
607 critical_alert("incremental",
608 "Couldn't %s %s %s %s: %s",
609 op ? "add" : "remove", member,
610 op ? "to" : "from", buf,
611 error_message(code));
616 long pr_try(fn, a1, a2, a3, a4, a5, a6, a7, a8)
618 char *a1, *a2, *a3, *a4, *a5, *a6, *a7, *a8;
622 register int tries = 0;
630 code=pr_Initialize(0, AFSCONF_CLIENTNAME, 0);
635 if (!code) code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0);
637 critical_alert("incremental", "Couldn't initialize libprot: %s",
638 error_message(code));
642 sleep(1); /* give ptserver room */
644 while (code = (*fn)(a1, a2, a3, a4, a5, a6, a7, a8)) {
648 if (fn == pr_AddToGroup) strcpy(fname, "pr_AddToGroup");
649 else if (fn == pr_RemoveUserFromGroup)
650 strcpy(fname, "pr_RemoveUserFromGroup");
651 else if (fn == pr_CreateUser) strcpy(fname, "pr_CreateUser");
652 else if (fn == pr_CreateGroup) strcpy(fname, "pr_CreateGroup");
653 else if (fn == pr_DeleteByID) strcpy(fname, "pr_DeleteByID");
654 else if (fn == pr_ChangeEntry) strcpy(fname, "pr_ChangeEntry");
655 else if (fn == pr_SetFieldsEntry) strcpy(fname, "pr_SetFieldsEntry");
656 else if (fn == pr_AddToGroup) strcpy(fname, "pr_AddToGroup");
658 sprintf(fname, "pr_??? (0x%08x)", (long)fn);
660 com_err(whoami, code, "- %s failed (try %d @%u)", fname, tries+1, t);
662 if (++tries > 2) break; /* 3 tries */
664 if (code == UNOQUORUM) sleep(90);
667 /* Re-initialize the prdb connection */
668 code=pr_Initialize(0, AFSCONF_CLIENTNAME, 0);
669 if (!code) code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0);
671 critical_alert("incremental", "Couldn't re-initialize libprot: %s",
672 error_message(code));
673 initd = 0; /* we lost */
685 for (i=0; file_exists(STOP_FILE); i++) {
687 critical_alert("incremental",
688 "AFS incremental failed (%s exists): %s",
699 static char hostname[64];
702 if (!mr_connections++) {
703 gethostname(hostname, sizeof(hostname));
704 code = mr_connect(hostname);
705 if (!code) code = mr_auth("afs.incr");
715 if (!--mr_connections) {
717 while(m = member_head) {
718 edit_group(m->op, m->list, m->type, m->member);
719 member_head = m->next;