#include <unistd.h>
#include <com_err.h>
+#ifdef HAVE_KRB4
#include <krb.h>
+#endif
+#include <krb5.h>
#include <afs/param.h>
#include <afs/cellconfig.h>
#include <afs/ptclient.h>
#include <afs/pterror.h>
+/* Cheesy test for determining AFS more recent than 3.4a */
+#ifndef AFSCONF_CLIENTNAME
+#include <afs/dirpath.h>
+#define AFSCONF_CLIENTNAME AFSDIR_CLIENT_ETC_DIRPATH
+#endif
+
#define STOP_FILE "/moira/afs/noafs"
#define file_exists(file) (access((file), F_OK) == 0)
code = pr_try(pr_ChangeEntry, before[U_NAME], after[U_NAME], auid, "");
if (code)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Couldn't change user %s (id %d) to %s (id %d): %s",
before[U_NAME], buid, after[U_NAME], auid,
error_message(code));
code = pr_try(pr_DeleteByID, buid);
if (code && code != PRNOENT)
{
- critical_alert("incremental", "Couldn't delete user %s (id %d): %s",
+ critical_alert(whoami, "incremental", "Couldn't delete user %s (id %d): %s",
before[U_NAME], buid, error_message(code));
}
return;
}
if (code)
{
- critical_alert("incremental", "Couldn't create user %s (id %d): %s",
+ critical_alert(whoami, "incremental", "Couldn't create user %s (id %d): %s",
after[U_NAME], auid, error_message(code));
return;
}
code = moira_connect();
if (code)
{
- critical_alert("incremental", "Error contacting Moira server "
+ critical_alert(whoami, "incremental", "Error contacting Moira server "
"to retrieve grouplist of user %s: %s",
after[U_NAME], error_message(code));
return;
after[U_NAME]);
if (code && code != MR_NO_MATCH)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Couldn't retrieve membership of user %s: %s",
after[U_NAME], error_message(code));
}
code = pr_try(pr_ChangeEntry, g1, g2, -agid, "");
if (code)
{
- critical_alert("incremental", "Couldn't change group %s (id %d) "
+ critical_alert(whoami, "incremental", "Couldn't change group %s (id %d) "
"to %s (id %d): %s", before[L_NAME], -bgid,
after[L_NAME], -agid, error_message(code));
}
PRIVATE_SHIFT, 0 /*ngroups*/, 0 /*nusers*/);
if (code)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Couldn't set flags of group %s: %s",
after[L_NAME], error_message(code));
}
code = pr_try(pr_DeleteByID, -bgid);
if (code && code != PRNOENT)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Couldn't delete group %s (id %d): %s",
before[L_NAME], -bgid, error_message(code));
}
}
if (code)
{
- critical_alert("incremental", "Couldn't create group %s (id %d): %s",
+ critical_alert(whoami, "incremental", "Couldn't create group %s (id %d): %s",
after[L_NAME], id, error_message(code));
return;
}
PRIVATE_SHIFT, 0 /*ngroups*/, 0 /*nusers*/);
if (code)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Couldn't set flags of group %s: %s",
after[L_NAME], error_message(code));
}
code = moira_connect();
if (code)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Error contacting Moira server to resolve %s: %s",
after[L_NAME], error_message(code));
return;
add_list_members, after[L_NAME]);
if (code)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Couldn't retrieve full membership of list %s: %s",
after[L_NAME], error_message(code));
}
if (afterc < FS_CREATE)
{
if (btype && bcreate)
- critical_alert("incremental", "Cannot delete AFS filesystem %s: "
+ critical_alert(whoami, "incremental", "Cannot delete AFS filesystem %s: "
"Operation not supported", before[FS_NAME]);
return;
}
if (strcmp(before[FS_OWNER], after[FS_OWNER]) ||
strcmp(before[FS_OWNERS], after[FS_OWNERS]))
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"Cannot change ownership of filesystem %s: Operation not yet supported",
after[FS_NAME]);
}
success++;
}
if (!success)
- critical_alert("incremental", "failed command: %s", cmd);
+ critical_alert(whoami, "incremental", "failed command: %s", cmd);
}
char *p = 0;
char buf[PR_MAXNAMELEN];
int code, ustate;
- static char local_realm[REALM_SZ+1] = "";
+ static char *local_realm = NULL;
struct member *m;
+ krb5_context context = NULL;
/* The following KERBEROS code allows for the use of entities
* user@foreign_cell.
*/
- if (!local_realm[0])
- krb_get_lrealm(local_realm, 1);
+ if (!local_realm)
+ {
+ code = krb5_init_context(&context);
+ if (code)
+ goto out;
+
+ code = krb5_get_default_realm(context, &local_realm);
+ if (code)
+ goto out;
+ }
+
if (!strcmp(type, "KERBEROS"))
{
p = strchr(member, '@');
m = malloc(sizeof(struct member));
if (!m)
{
- critical_alert("incremental", "Out of memory");
+ critical_alert(whoami, "incremental", "Out of memory");
exit(1);
}
m->op = op;
}
if (code)
{
- critical_alert("incremental", "Error contacting Moira server "
+ critical_alert(whoami, "incremental", "Error contacting Moira server "
"to lookup user %s: %s", member,
error_message(code));
}
code = PRNOENT;
}
- critical_alert("incremental", "Couldn't %s %s %s %s: %s",
+ out:
+ if (context)
+ krb5_free_context(context);
+ if (local_realm)
+ free(local_realm);
+
+ critical_alert(whoami, "incremental", "Couldn't %s %s %s %s: %s",
op ? "add" : "remove", member,
op ? "to" : "from", buf,
error_message(code));
code = pr_Initialize(1, AFSCONF_CLIENTNAME, 0);
if (code)
{
- critical_alert("incremental", "Couldn't initialize libprot: %s",
+ critical_alert(whoami, "incremental", "Couldn't initialize libprot: %s",
error_message(code));
return code;
}
code = pr_Initialize(1, AFSCONF_CLIENTNAME, 0);
if (code)
{
- critical_alert("incremental", "Couldn't re-initialize libprot: %s",
+ critical_alert(whoami, "incremental", "Couldn't re-initialize libprot: %s",
error_message(code));
initd = 0; /* we lost */
break;
{
if (i > 30)
{
- critical_alert("incremental",
+ critical_alert(whoami, "incremental",
"AFS incremental failed (%s exists): %s",
STOP_FILE, tbl_buf);
exit(1);
uname(&uts);
code = mr_connect(uts.nodename);
if (!code)
- code = mr_auth("afs.incr");
+ code = mr_krb5_auth("afs.incr");
return code;
}
return 0;