int infoflg, verbose, syncflg, memberflg, recursflg, noauth;
int showusers, showstrings, showkerberos, showlists, showtags, showmachines;
int createflag, setinfo, active, public, hidden, maillist, grouplist;
-int nfsgroup;
+int nfsgroup, mailman;
struct member *owner, *memacl;
-char *desc, *newname;
+char *desc, *newname, *mailman_server, *gid;
/* various member lists */
struct save_queue *addlist, *dellist, *memberlist, *synclist, *taglist;
infoflg = verbose = syncflg = memberflg = recursflg = 0;
noauth = showusers = showstrings = showkerberos = showlists = 0;
showtags = showmachines = createflag = setinfo = 0;
- active = public = hidden = maillist = grouplist = nfsgroup = -1;
- listname = newname = desc = NULL;
+ active = public = hidden = maillist = grouplist = nfsgroup = mailman = -1;
+ listname = newname = desc = gid = NULL;
owner = NULL;
memacl = NULL;
addlist = sq_create();
setinfo++;
nfsgroup = 0;
}
+ else if (argis("mm", "mailman"))
+ {
+ setinfo++;
+ mailman = 1;
+ }
+ else if (argis("nmm", "notmailman"))
+ {
+ setinfo++;
+ mailman = 0;
+ }
+ else if (argis("ms", "mailman_server"))
+ {
+ if (arg - argv < argc - 1)
+ {
+ setinfo++;
+ ++arg;
+ mailman_server = canonicalize_hostname(strdup(*arg));
+ }
+ else
+ usage(argv);
+ }
else if (argis("D", "desc"))
{
if (arg - argv < argc - 1)
else
usage(argv);
}
+ else if (argis("g", "gid"))
+ {
+ if (arg - argv < argc - 1)
+ {
+ setinfo++;
+ ++arg;
+ gid = *arg;
+ }
+ else
+ usage(argv);
+ }
else
usage(argv);
}
/* If none of {users,strings,lists,kerberos,machines} specified,
turn them all on */
- if (!(showusers || showstrings || showlists || showkerberos))
+ if (!(showusers || showstrings || showlists || showkerberos || showmachines))
showusers = showstrings = showlists = showkerberos = showmachines = 1;
/* fire up Moira */
- status = mrcl_connect(server, "blanche", 4, !noauth);
+ status = mrcl_connect(server, "blanche", 10, !noauth);
if (status == MRCL_AUTH_ERROR)
{
com_err(whoami, 0, "Authentication error while working on list %s",
argv[L_HIDDEN] = (hidden == 1) ? "1" : "0";
argv[L_MAILLIST] = (maillist == 0) ? "0" : "1";
argv[L_GROUP] = (grouplist == 1) ? "1" : "0";
- argv[L_GID] = UNIQUE_GID;
+
+ if (gid)
+ argv[L_GID] = gid;
+ else
+ argv[L_GID] = UNIQUE_GID;
+
argv[L_NFSGROUP] = (nfsgroup == 1) ? "1" : "0";
+ argv[L_MAILMAN] = (mailman == 1) ? "1" : "0";
argv[L_DESC] = desc ? desc : "none";
+ if (mailman)
+ argv[L_MAILMAN_SERVER] = mailman_server ? mailman_server : "[ANY]";
+ else
+ argv[L_MAILMAN_SERVER] = "[NONE]";
+
if (memacl)
{
if (memacl->type == M_ANY)
&argv[L_MEMACE_NAME]);
if (mrcl_get_message())
mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ exit(1);
}
}
else
case M_ANY:
case M_USER:
argv[L_ACE_TYPE] = "USER";
- status = mr_query("add_list", 13, argv, NULL, NULL);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
if (owner->type != M_ANY || status != MR_USER)
break;
case M_LIST:
argv[L_ACE_TYPE] = "LIST";
- status = mr_query("add_list", 13, argv, NULL, NULL);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
break;
case M_KERBEROS:
&argv[L_ACE_NAME]);
if (mrcl_get_message())
mrcl_com_err(whoami);
- status = mr_query("add_list", 13, argv, NULL, NULL);
+ if (status == MRCL_REJECT)
+ exit(1);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
break;
case M_NONE:
argv[L_ACE_TYPE] = argv[L_ACE_NAME] = "NONE";
- status = mr_query("add_list", 13, argv, NULL, NULL);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
break;
}
}
argv[L_ACE_TYPE] = "USER";
argv[L_ACE_NAME] = get_username();
- status = mr_query("add_list", 13, argv, NULL, NULL);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
}
if (status)
argv[L_MAILLIST + 1] = maillist ? "1" : "0";
if (grouplist != -1)
argv[L_GROUP + 1] = grouplist ? "1" : "0";
+ if (gid)
+ argv[L_GID + 1] = gid;
if (nfsgroup != -1)
argv[L_NFSGROUP + 1] = nfsgroup ? "1" : "0";
+ if (mailman != -1)
+ argv[L_MAILMAN + 1] = mailman ? "1" : "0";
+
+ /* If someone toggled the mailman bit, but didn't specify a server,
+ * default to [ANY].
+ */
+ if (mailman_server)
+ argv[L_MAILMAN_SERVER + 1] = mailman_server;
+ else if ((mailman == 1) && !strcmp(argv[L_MAILMAN_SERVER + 1], "[NONE]"))
+ argv[L_MAILMAN_SERVER + 1] = "[ANY]";
+
if (desc)
argv[L_DESC + 1] = desc;
&argv[L_MEMACE_NAME + 1]);
if (mrcl_get_message())
mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ exit(1);
}
}
case M_ANY:
case M_USER:
argv[L_ACE_TYPE + 1] = "USER";
- status = mr_query("update_list", 14, argv, NULL, NULL);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
if (owner->type != M_ANY || status != MR_USER)
break;
case M_LIST:
argv[L_ACE_TYPE + 1] = "LIST";
- status = mr_query("update_list", 14, argv, NULL, NULL);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
break;
case M_KERBEROS:
&argv[L_ACE_NAME + 1]);
if (mrcl_get_message())
mrcl_com_err(whoami);
- status = mr_query("update_list", 14, argv, NULL, NULL);
+ if (status == MRCL_REJECT)
+ exit(1);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
break;
case M_NONE:
argv[L_ACE_TYPE + 1] = argv[L_ACE_NAME + 1] = "NONE";
- status = mr_query("update_list", 14, argv, NULL, NULL);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
break;
}
}
else
- status = mr_query("update_list", 14, argv, NULL, NULL);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
if (status)
{
memberlist = sq_create();
}
+ /* Process the delete list */
+ while (sq_get_data(dellist, &memberstruct))
+ {
+ membervec[0] = listname;
+ membervec[2] = memberstruct->name;
+ if (verbose)
+ {
+ printf("Deleting member ");
+ show_list_member(memberstruct);
+ }
+ switch (memberstruct->type)
+ {
+ case M_ANY:
+ case M_USER:
+ membervec[1] = "USER";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_SUCCESS)
+ break;
+ else if ((status != MR_USER && status != MR_NO_MATCH) ||
+ memberstruct->type != M_ANY)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ break;
+ }
+ case M_LIST:
+ membervec[1] = "LIST";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_SUCCESS)
+ break;
+ else if ((status != MR_LIST && status != MR_NO_MATCH) ||
+ memberstruct->type != M_ANY)
+ {
+ if (status == MR_PERM && memberstruct->type == M_ANY &&
+ !strcmp(membervec[2], get_username()))
+ {
+ /* M_ANY means we've fallen through from the user
+ * case. The user is trying to remove himself from a
+ * list, but we got MR_USER or MR_NO_MATCH above,
+ * meaning he's not really on it, and we got MR_PERM
+ * when trying to remove LIST:$USER because he's not
+ * on the acl. That error is useless, so return
+ * MR_NO_MATCH instead. However, this will generate
+ * the wrong error if the user was trying to remove
+ * the list with his username from a list he doesn't
+ * administrate without explicitly specifying
+ * "list:".
+ */
+ status = MR_NO_MATCH;
+ }
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ break;
+ }
+ case M_STRING:
+ membervec[1] = "STRING";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_STRING && memberstruct->type == M_ANY)
+ {
+ com_err(whoami, 0, " Unable to find member %s to delete from %s",
+ memberstruct->name, listname);
+ success = 0;
+ if (!strcmp(membervec[0], get_username()))
+ {
+ fprintf(stderr, "(If you were trying to remove yourself "
+ "from the list \"%s\",\n", membervec[2]);
+ fprintf(stderr, "the correct command is \"blanche %s -d "
+ "%s\".)\n", membervec[2], membervec[0]);
+ }
+ }
+ else if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ break;
+ case M_KERBEROS:
+ membervec[1] = "KERBEROS";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_STRING || status == MR_NO_MATCH)
+ {
+ /* Try canonicalizing the Kerberos principal and trying
+ * again. If we succeed, print the message from mrcl.
+ * Otherwise, just pretend we never did this and print
+ * the original error message.
+ */
+ mrcl_validate_kerberos_member(membervec[2], &membervec[2]);
+ if (mrcl_get_message())
+ {
+ if (mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL) == MR_SUCCESS)
+ mrcl_com_err(whoami);
+ status = MR_SUCCESS;
+ }
+ }
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ break;
+ case M_MACHINE:
+ membervec[1] = "MACHINE";
+ membervec[2] = canonicalize_hostname(memberstruct->name);
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ free(membervec[2]);
+ }
+ }
+
/* Process the add list */
while (sq_get_data(addlist, &memberstruct))
{
status = mrcl_validate_kerberos_member(membervec[2], &membervec[2]);
if (mrcl_get_message())
mrcl_com_err(whoami);
- status = mr_query("add_tagged_member_to_list", 4, membervec,
- NULL, NULL);
- if (status != MR_SUCCESS)
+ if (status == MRCL_REJECT)
{
- com_err(whoami, status, "while adding member %s to %s",
- memberstruct->name, listname);
success = 0;
+ break;
}
- free(membervec[2]);
- case M_MACHINE:
- membervec[1] = "MACHINE";
- membervec[2] = canonicalize_hostname(strdup(memberstruct->name));
status = mr_query("add_tagged_member_to_list", 4, membervec,
NULL, NULL);
if (status != MR_SUCCESS)
success = 0;
}
free(membervec[2]);
- }
- }
-
- /* Process the delete list */
- while (sq_get_data(dellist, &memberstruct))
- {
- membervec[0] = listname;
- membervec[2] = memberstruct->name;
- if (verbose)
- {
- printf("Deleting member ");
- show_list_member(memberstruct);
- }
- switch (memberstruct->type)
- {
- case M_ANY:
- case M_USER:
- membervec[1] = "USER";
- status = mr_query("delete_member_from_list", 3, membervec,
- NULL, NULL);
- if (status == MR_SUCCESS)
- break;
- else if ((status != MR_USER && status != MR_NO_MATCH) ||
- memberstruct->type != M_ANY)
- {
- com_err(whoami, status, "while deleting member %s from %s",
- memberstruct->name, listname);
- success = 0;
- break;
- }
- case M_LIST:
- membervec[1] = "LIST";
- status = mr_query("delete_member_from_list", 3, membervec,
- NULL, NULL);
- if (status == MR_SUCCESS)
- break;
- else if ((status != MR_LIST && status != MR_NO_MATCH) ||
- memberstruct->type != M_ANY)
- {
- if (status == MR_PERM && memberstruct->type == M_ANY &&
- !strcmp(membervec[2], get_username()))
- {
- /* M_ANY means we've fallen through from the user
- * case. The user is trying to remove himself from
- * a list, but we got MR_USER or MR_NO_MATCH above,
- * meaning he's not really on it, and we got MR_PERM
- * when trying to remove LIST:$USER because he's not
- * on the acl. That error is useless, so return
- * MR_NO_MATCH instead. However, this will generate the
- * wrong error if the user was trying to remove the list
- * with his username from a list he doesn't administrate
- * without explicitly specifying "list:".
- */
- status = MR_NO_MATCH;
- }
- com_err(whoami, status, "while deleting member %s from %s",
- memberstruct->name, listname);
- success = 0;
- break;
- }
- case M_STRING:
- membervec[1] = "STRING";
- status = mr_query("delete_member_from_list", 3, membervec,
- NULL, NULL);
- if (status == MR_STRING && memberstruct->type == M_ANY)
- {
- com_err(whoami, 0, " Unable to find member %s to delete from %s",
- memberstruct->name, listname);
- success = 0;
- if (!strcmp(membervec[0], get_username()))
- {
- fprintf(stderr, "(If you were trying to remove yourself "
- "from the list \"%s\",\n", membervec[2]);
- fprintf(stderr, "the correct command is \"blanche %s -d "
- "%s\".)\n", membervec[2], membervec[0]);
- }
- }
- else if (status != MR_SUCCESS)
- {
- com_err(whoami, status, "while deleting member %s from %s",
- memberstruct->name, listname);
- success = 0;
- }
break;
- case M_KERBEROS:
- membervec[1] = "KERBEROS";
- status = mr_query("delete_member_from_list", 3, membervec,
- NULL, NULL);
- if (status == MR_STRING || status == MR_NO_MATCH)
- {
- /* Try canonicalizing the Kerberos principal and trying
- * again. If we succeed, print the message from mrcl.
- * Otherwise, just pretend we never did this and print
- * the original error message.
- */
- mrcl_validate_kerberos_member(membervec[2], &membervec[2]);
- if (mrcl_get_message())
- {
- if (mr_query("delete_member_from_list", 3, membervec,
- NULL, NULL) == MR_SUCCESS)
- mrcl_com_err(whoami);
- status = MR_SUCCESS;
- }
- }
- if (status != MR_SUCCESS)
- {
- com_err(whoami, status, "while deleting member %s from %s",
- memberstruct->name, listname);
- success = 0;
- }
case M_MACHINE:
membervec[1] = "MACHINE";
- membervec[2] = canonicalize_hostname(memberstruct->name);
- status = mr_query("delete_member_from_list", 3, membervec,
+ membervec[2] = canonicalize_hostname(strdup(memberstruct->name));
+ status = mr_query("add_tagged_member_to_list", 4, membervec,
NULL, NULL);
if (status != MR_SUCCESS)
{
- com_err(whoami, status, "while deleting member %s from %s",
+ com_err(whoami, status, "while adding member %s to %s",
memberstruct->name, listname);
success = 0;
}
memberstruct->name, listname);
success = 0;
}
+ case M_MACHINE:
+ membervec[1] = "MACHINE";
+ status = mr_query("tag_member_of_list", 4, membervec,
+ NULL, NULL);
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while adding member %s to %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
}
}
fprintf(stderr, "Usage: %s listname [options]\n", argv[0]);
fprintf(stderr, "Options are\n");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-v | -verbose",
- "-C | -create");
+ "-C | -create");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-m | -members",
- "-R | -rename newname");
+ "-R | -rename newname");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-u | -users",
- "-P | -public");
+ "-P | -public");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-l | -lists",
- "-NP | -private");
+ "-NP | -private");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-s | -strings",
- "-A | -active");
+ "-A | -active");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-k | -kerberos",
- "-I | -inactive");
+ "-I | -inactive");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-i | -info",
- "-V | -visible");
+ "-V | -visible");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-r | -recursive",
- "-H | -hidden");
+ "-H | -hidden");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-a | -add member",
- "-M | -mail");
+ "-M | -mail");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-d | -delete member",
- "-NM | -notmail");
+ "-NM | -notmail");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-al | -addlist filename",
- "-G | -group");
+ "-G | -group");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-dl | -deletelist filename",
- "-NG | -notgroup");
+ "-NG | -notgroup");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-f | -file filename",
- "-N | -nfs");
+ "-N | -nfs");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-at | -addtagged member tag",
- "-NN | -notnfs");
+ "-NN | -notnfs");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-ct | -changetag member tag",
- "-D | -desc description");
+ "-mm | -mailman");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-t | -tags",
- "-O | -owner owner");
+ "-nmm | -notmailman");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-D | -desc description",
+ "-ms | -mailman_server server");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-O | -owner owner",
+ "-MA | -memacl membership_acl");
fprintf(stderr, USAGE_OPTIONS_FORMAT, "-n | -noauth",
- "-MA | -memacl membership_acl");
- fprintf(stderr, USAGE_OPTIONS_FORMAT, "-db | -database host[:port]",
- "");
+ "-db | -database host[:port]");
exit(1);
}
}
else
printf("\n");
+ if (atoi(argv[L_MAILMAN]))
+ printf("%s is a Mailman list on server %s\n", argv[L_NAME],
+ argv[L_MAILMAN_SERVER]);
printf("Owner: %s %s\n", argv[L_ACE_TYPE], argv[L_ACE_NAME]);
if (strcmp(argv[L_MEMACE_TYPE], "NONE"))
printf("Membership ACL: %s %s\n", argv[L_MEMACE_TYPE],
{
char **nargv = hint;
- for (argc = 0; argc < 14; argc++)
+ for (argc = 0; argc < 16; argc++)
nargv[argc + 1] = strdup(argv[argc]);
return MR_CONT;
}
andersk / moira.git / blobdiff