#include <stdlib.h>
#include <string.h>
+#ifdef HAVE_KRB4
#include <krb.h>
+#endif
EXEC SQL INCLUDE sqlca;
char *whoami = "acl.gen";
char *db = "moira/moira";
-char defaultrealm[REALM_SZ];
void dump_access_file(FILE *out, int lid);
char *merge_access_bits(char *t1, char *t2);
int main(int argc, char **argv)
{
EXEC SQL BEGIN DECLARE SECTION;
- int mid, lid;
+ int mid, lid, discuss_uid = -1;
char target[ACL_TARGET_SIZE], kind[ACL_KIND_SIZE];
char host[MACHINE_NAME_SIZE];
EXEC SQL END DECLARE SECTION;
strtrim(target);
strtrim(kind);
- out = tarfile_start(tf, target, 0644, 0, 0, "root", "root", now);
-
- if (!strcasecmp(kind, "kerberos4"))
- dump_krb_acl(out, "LIST", lid, 4);
- else if (!strcasecmp(kind, "kerberos5"))
- dump_krb_acl(out, "LIST", lid, 5);
- else if (!strcasecmp(kind, "access"))
- dump_access_file(out, lid);
- else if (!strcasecmp(kind, "discuss"))
- dump_discuss_acl(out, lid);
- else if (!strcasecmp(kind, "passwd"))
- dump_passwd_file(out, lid);
- else if (!strcasecmp(kind, "group"))
- dump_group_file(out, lid);
+ if (!strcasecmp(kind, "discuss"))
+ {
+ /* Discuss acls need to be owned by discuss. */
+ if (discuss_uid == -1)
+ {
+ EXEC SQL SELECT unix_uid INTO :discuss_uid
+ FROM users WHERE login = 'discuss';
+ }
+ out = tarfile_start(tf, target, 0644, discuss_uid, 1,
+ "discuss", "daemon", now);
+ dump_discuss_acl(out, lid);
+ }
+ else
+ {
+ /* Otherwise own by root? Perhaps the acl table should
+ * say, really...
+ */
+ out = tarfile_start(tf, target, 0644, 0, 0, "root", "root", now);
+
+ if (!strcasecmp(kind, "kerberos4"))
+ dump_krb_acl(out, "LIST", lid, 4);
+ else if (!strcasecmp(kind, "kerberos5"))
+ dump_krb_acl(out, "LIST", lid, 5);
+ else if (!strcasecmp(kind, "access"))
+ dump_access_file(out, lid);
+ else if (!strcasecmp(kind, "passwd"))
+ dump_passwd_file(out, lid);
+ else if (!strcasecmp(kind, "group"))
+ dump_group_file(out, lid);
+ else if (!strcasecmp(kind, "userlist"))
+ dump_user_list(out, "LIST", lid);
+ }
tarfile_end(tf);
}
{
struct save_queue *sq = get_acl("LIST", lid, merge_access_bits);
struct imember *m;
+ char *name, *lasts = NULL;
+ int i = 0;
while (sq_remove_data(sq, &m))
{
else
fprintf(out, "%-10s rl\n", m->name);
}
+ else if (m->type == 'K')
+ {
+ name = strtok_r(m->name, "@", &lasts);
+ EXEC SQL SELECT count(login) INTO :i FROM users
+ WHERE login = :name and status != 3;
+ if (i == 1)
+ {
+ if (*(m->tag))
+ fprintf(out, "%-10s %s\n", m->name, m->tag);
+ else
+ fprintf(out, "%-10s rl\n", m->name);
+ }
+ }
freeimember(m);
}
sq_destroy(sq);
struct save_queue *sq = get_acl("LIST", lid, merge_discuss_acls);
struct imember *m;
char name[STRINGS_STRING_SIZE], *bits;
+ char starbits[8] = { 0 };
int num;
num = 0;
while (sq_get_data(sq, &m))
- num++;
+ {
+ if (m->type != 'S' || !strcmp(m->name, "*"))
+ num++;
+ }
fprintf(out, "%d\n", num);
while (sq_remove_data(sq, &m))
{
+ bits = merge_discuss_acls(m->tag, "");
if (m->type != 'S')
{
canon_krb(m, 4, name, sizeof(name));
- bits = merge_discuss_acls(m->tag, "");
- fprintf(out, "%s %s\n", bits, name);
- free(bits);
+ fprintf(out, "%s:%s\n", bits, name);
}
+ else if (!strcmp(m->name, "*"))
+ strcpy(starbits, bits);
+ free(bits);
freeimember(m);
}
sq_destroy(sq);
+
+ /* Discuss ACLs are ordered, so "*" must come last. */
+ if (*starbits)
+ fprintf(out, "%s:*\n", starbits);
}
char *merge_discuss_acls(char *one, char *two)
char shell[USERS_SHELL_SIZE], fullname[USERS_FULLNAME_SIZE];
char nickname[USERS_NICKNAME_SIZE], oa[USERS_OFFICE_ADDR_SIZE];
char op[USERS_OFFICE_PHONE_SIZE], hp[USERS_HOME_PHONE_SIZE];
- int uid;
- char *name;
+ int uid, i = 0;
+ char *name, *n, *lasts = NULL;
EXEC SQL END DECLARE SECTION;
while (sq_remove_data(sq, &m))
fprintf(out, "%s:*:%d:101:%s,%s,%s,%s,%s:/mit/%s:%s\n",
name, uid, fullname, nickname, oa, op, hp, name, shell);
break;
+
+ case 'K':
+ name = strtok_r(m->name, "@", &lasts);
+
+ EXEC SQL SELECT count(login) INTO :i FROM users WHERE
+ login = :name and status != 3;
+ if (i == 1)
+ {
+ EXEC SQL SELECT unix_uid, shell, fullname, nickname,
+ office_addr, office_phone, home_phone
+ INTO :uid, :shell, :fullname, :nickname, :oa, :op, :hp
+ FROM users
+ WHERE login = :name AND status != 3;
+ if (sqlca.sqlcode)
+ continue;
+
+ strtrim(shell);
+ strtrim(fullname);
+ strtrim(nickname);
+ strtrim(op);
+ strtrim(oa);
+ strtrim(hp);
+
+ fprintf(out, "%s:*:%d:101:%s,%s,%s,%s,%s:/mit/%s:%s\n",
+ name, uid, fullname, nickname, oa, op, hp, name, shell);
+ }
+ break;
}
freeimember(m);
}
void dump_group_file(FILE *out, int id)
{
EXEC SQL BEGIN DECLARE SECTION;
- int lid = id, mid, gid, grouplist;
+ int lid = id, mid, gid, grouplist, i = 0;
char mtype[IMEMBERS_MEMBER_TYPE_SIZE], name[LIST_NAME_SIZE];
EXEC SQL END DECLARE SECTION;
struct save_queue *sq;
struct imember *m;
- char *maybecomma, *s;
+ char *maybecomma, *s, *n, *lasts = NULL;
EXEC SQL DECLARE csr_grp CURSOR FOR
SELECT member_type, member_id FROM imembers
fprintf(out, "%s%s", maybecomma, m->name);
maybecomma = ",";
}
+ else if (m->type == 'K')
+ {
+ n = strtok_r(m->name, "@", &lasts);
+ EXEC SQL SELECT count(login) INTO :i FROM users
+ WHERE login = :n and status != 3;
+ if (i == 1)
+ {
+ fprintf(out, "%s%s", maybecomma, n);
+ maybecomma = ",";
+ }
+ }
freeimember(m);
}
fprintf(out, "\n");