]> andersk Git - moira.git/blobdiff - gen/acl.pc
andersk / moira.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Build without krb4 if it's unavailable.
[moira.git] / gen / acl.pc
diff --git a/gen/acl.pc b/gen/acl.pc
index 167d4e3198b6150e23750f905a0ed707b8fa40c8..9a211385a5572fcad7b90528e3c64ce543e5a8c7 100644 (file)
--- a/gen/acl.pc
+++ b/gen/acl.pc
@@ -19,7 +19,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#ifdef HAVE_KRB4
 #include <krb.h>
+#endif
 
 EXEC SQL INCLUDE sqlca;
 
@@ -27,7 +29,6 @@ RCSID("$Header$");
 
 char *whoami = "acl.gen";
 char *db = "moira/moira";
-char defaultrealm[REALM_SZ];
 
 void dump_access_file(FILE *out, int lid);
 char *merge_access_bits(char *t1, char *t2);
@@ -40,7 +41,7 @@ void sqlerr(void);
 int main(int argc, char **argv)
 {
   EXEC SQL BEGIN DECLARE SECTION;
-  int mid, lid;
+  int mid, lid, discuss_uid = -1;
   char target[ACL_TARGET_SIZE], kind[ACL_KIND_SIZE];
   char host[MACHINE_NAME_SIZE];
   EXEC SQL END DECLARE SECTION;
@@ -86,20 +87,38 @@ int main(int argc, char **argv)
          strtrim(target);
          strtrim(kind);
 
-         out = tarfile_start(tf, target, 0644, 0, 0, "root", "root", now);
-
-         if (!strcasecmp(kind, "kerberos4"))
-           dump_krb_acl(out, "LIST", lid, 4);
-         else if (!strcasecmp(kind, "kerberos5"))
-           dump_krb_acl(out, "LIST", lid, 5);
-         else if (!strcasecmp(kind, "access"))
-           dump_access_file(out, lid);
-         else if (!strcasecmp(kind, "discuss"))
-           dump_discuss_acl(out, lid);
-         else if (!strcasecmp(kind, "passwd"))
-           dump_passwd_file(out, lid);
-         else if (!strcasecmp(kind, "group"))
-           dump_group_file(out, lid);
+         if (!strcasecmp(kind, "discuss"))
+           {
+             /* Discuss acls need to be owned by discuss. */
+             if (discuss_uid == -1)
+               {
+                 EXEC SQL SELECT unix_uid INTO :discuss_uid
+                   FROM users WHERE login = 'discuss';
+               }
+             out = tarfile_start(tf, target, 0644, discuss_uid, 1,
+                                 "discuss", "daemon", now);
+             dump_discuss_acl(out, lid);
+           }
+         else
+           {
+             /* Otherwise own by root? Perhaps the acl table should
+              * say, really...
+              */
+             out = tarfile_start(tf, target, 0644, 0, 0, "root", "root", now);
+
+             if (!strcasecmp(kind, "kerberos4"))
+               dump_krb_acl(out, "LIST", lid, 4);
+             else if (!strcasecmp(kind, "kerberos5"))
+               dump_krb_acl(out, "LIST", lid, 5);
+             else if (!strcasecmp(kind, "access"))
+               dump_access_file(out, lid);
+             else if (!strcasecmp(kind, "passwd"))
+               dump_passwd_file(out, lid);
+             else if (!strcasecmp(kind, "group"))
+               dump_group_file(out, lid);
+             else if (!strcasecmp(kind, "userlist"))
+               dump_user_list(out, "LIST", lid);
+           }
 
          tarfile_end(tf);
        }
@@ -116,6 +135,8 @@ void dump_access_file(FILE *out, int lid)
 {
   struct save_queue *sq = get_acl("LIST", lid, merge_access_bits);
   struct imember *m;
+  char *name, *lasts = NULL;
+  int i = 0;
 
   while (sq_remove_data(sq, &m))
     {
@@ -127,6 +148,19 @@ void dump_access_file(FILE *out, int lid)
          else
            fprintf(out, "%-10s rl\n", m->name);
        }
+      else if (m->type == 'K')
+       {
+         name = strtok_r(m->name, "@", &lasts);
+         EXEC SQL SELECT count(login) INTO :i FROM users 
+           WHERE login = :name and status != 3;
+         if (i == 1)
+           {
+             if (*(m->tag))
+               fprintf(out, "%-10s %s\n", m->name, m->tag);
+             else
+               fprintf(out, "%-10s rl\n", m->name);
+           }
+       }
       freeimember(m);
     }
   sq_destroy(sq);
@@ -180,25 +214,35 @@ void dump_discuss_acl(FILE *out, int lid)
   struct save_queue *sq = get_acl("LIST", lid, merge_discuss_acls);
   struct imember *m;
   char name[STRINGS_STRING_SIZE], *bits;
+  char starbits[8] = { 0 };
   int num;
 
   num = 0;
   while (sq_get_data(sq, &m))
-    num++;
+    {
+      if (m->type != 'S' || !strcmp(m->name, "*"))
+       num++;
+    }
 
   fprintf(out, "%d\n", num);
   while (sq_remove_data(sq, &m))
     {
+      bits = merge_discuss_acls(m->tag, "");
       if (m->type != 'S')
        {
          canon_krb(m, 4, name, sizeof(name));
-         bits = merge_discuss_acls(m->tag, "");
-         fprintf(out, "%s    %s\n", bits, name);
-         free(bits);
+         fprintf(out, "%s:%s\n", bits, name);
        }
+      else if (!strcmp(m->name, "*"))
+       strcpy(starbits, bits);
+      free(bits);
       freeimember(m);
     }
   sq_destroy(sq);
+
+  /* Discuss ACLs are ordered, so "*" must come last. */
+  if (*starbits)
+    fprintf(out, "%s:*\n", starbits);
 }
 
 char *merge_discuss_acls(char *one, char *two)
@@ -224,8 +268,8 @@ void dump_passwd_file(FILE *out, int lid)
   char shell[USERS_SHELL_SIZE], fullname[USERS_FULLNAME_SIZE];
   char nickname[USERS_NICKNAME_SIZE], oa[USERS_OFFICE_ADDR_SIZE];
   char op[USERS_OFFICE_PHONE_SIZE], hp[USERS_HOME_PHONE_SIZE];
-  int uid;
-  char *name;
+  int uid, i = 0;
+  char *name, *n, *lasts = NULL;
   EXEC SQL END DECLARE SECTION;
 
   while (sq_remove_data(sq, &m))
@@ -253,6 +297,33 @@ void dump_passwd_file(FILE *out, int lid)
          fprintf(out, "%s:*:%d:101:%s,%s,%s,%s,%s:/mit/%s:%s\n",
                  name, uid, fullname, nickname, oa, op, hp, name, shell);
          break;
+
+       case 'K':
+         name = strtok_r(m->name, "@", &lasts);
+           
+         EXEC SQL SELECT count(login) INTO :i FROM users WHERE 
+           login = :name and status != 3;
+         if (i == 1)
+           {
+             EXEC SQL SELECT unix_uid, shell, fullname, nickname,
+               office_addr, office_phone, home_phone 
+               INTO :uid, :shell, :fullname, :nickname, :oa, :op, :hp 
+               FROM users 
+               WHERE login = :name AND status != 3;          
+             if (sqlca.sqlcode)
+               continue;
+             
+             strtrim(shell);
+             strtrim(fullname);
+             strtrim(nickname);
+             strtrim(op);
+             strtrim(oa);
+             strtrim(hp);
+             
+             fprintf(out, "%s:*:%d:101:%s,%s,%s,%s,%s:/mit/%s:%s\n",
+                     name, uid, fullname, nickname, oa, op, hp, name, shell);
+           }
+         break;
        }
       freeimember(m);
     }
@@ -265,12 +336,12 @@ void dump_passwd_file(FILE *out, int lid)
 void dump_group_file(FILE *out, int id)
 {
   EXEC SQL BEGIN DECLARE SECTION;
-  int lid = id, mid, gid, grouplist;
+  int lid = id, mid, gid, grouplist, i = 0;
   char mtype[IMEMBERS_MEMBER_TYPE_SIZE], name[LIST_NAME_SIZE];
   EXEC SQL END DECLARE SECTION;
   struct save_queue *sq;
   struct imember *m;
-  char *maybecomma, *s;
+  char *maybecomma, *s, *n, *lasts = NULL;
 
   EXEC SQL DECLARE csr_grp CURSOR FOR
     SELECT member_type, member_id FROM imembers
@@ -304,6 +375,17 @@ void dump_group_file(FILE *out, int id)
                  fprintf(out, "%s%s", maybecomma, m->name);
                  maybecomma = ",";
                }
+             else if (m->type == 'K')
+               {
+                 n = strtok_r(m->name, "@", &lasts);
+                 EXEC SQL SELECT count(login) INTO :i FROM users
+                   WHERE login = :n and status != 3;
+                 if (i == 1)
+                   {
+                     fprintf(out, "%s%s", maybecomma, n);
+                     maybecomma = ",";
+                   }
+               }
              freeimember(m);
            }
          fprintf(out, "\n");
Moira, the Athena Service Management system
This page took 0.040766 seconds and 4 git commands to generate.