struct member {
int type;
- char *name;
+ char *name, *tag;
};
/* It is important to membercmp that M_USER < M_LIST < M_STRING */
#define M_LIST 2
#define M_STRING 3
#define M_KERBEROS 4
+#define M_MACHINE 5
+#define M_NONE 6
+
+char *typename[] = { "ANY", "USER", "LIST", "STRING", "KERBEROS", "MACHINE",
+ "NONE" };
/* argument parsing macro */
#define argis(a, b) (!strcmp(*arg + 1, a) || !strcmp(*arg + 1, b))
/* flags from command line */
int infoflg, verbose, syncflg, memberflg, recursflg, noauth;
-int showusers, showstrings, showkerberos, showlists;
+int showusers, showstrings, showkerberos, showlists, showtags, showmachines;
int createflag, setinfo, active, public, hidden, maillist, grouplist;
-struct member *owner;
-char *desc, *newname;
+int nfsgroup, mailman;
+struct member *owner, *memacl;
+char *desc, *newname, *mailman_server, *gid;
/* various member lists */
-struct save_queue *addlist, *dellist, *memberlist, *synclist;
+struct save_queue *addlist, *dellist, *memberlist, *synclist, *taglist;
char *listname, *whoami;
struct member *parse_member(char *s);
int membercmp(const void *mem1, const void *mem2);
int sq_count_elts(struct save_queue *q);
+char *get_username(void);
int main(int argc, char **argv)
{
int status, success;
char **arg = argv;
- char *membervec[3];
+ char *membervec[4];
struct member *memberstruct;
char *server = NULL, *p;
/* clear all flags & lists */
infoflg = verbose = syncflg = memberflg = recursflg = 0;
noauth = showusers = showstrings = showkerberos = showlists = 0;
- createflag = setinfo = 0;
- active = public = hidden = maillist = grouplist = -1;
- listname = newname = desc = NULL;
+ showtags = showmachines = createflag = setinfo = 0;
+ active = public = hidden = maillist = grouplist = nfsgroup = mailman = -1;
+ listname = newname = desc = gid = NULL;
owner = NULL;
+ memacl = NULL;
addlist = sq_create();
dellist = sq_create();
memberlist = sq_create();
synclist = sq_create();
+ taglist = sq_create();
whoami = argv[0];
success = 1;
showlists++;
else if (argis("k", "kerberos"))
showkerberos++;
+ else if (argis("t", "tags"))
+ showtags++;
else if (argis("i", "info"))
infoflg++;
else if (argis("n", "noauth"))
else
usage(argv);
}
+ else if (argis("at", "addtagged"))
+ {
+ if (arg - argv < argc - 2)
+ {
+ ++arg;
+ if ((memberstruct = parse_member(*arg)))
+ sq_save_data(addlist, memberstruct);
+ memberstruct->tag = *++arg;
+ }
+ else
+ usage(argv);
+ }
else if (argis("al", "addlist"))
{
if (arg - argv < argc - 1)
else
usage(argv);
}
+ else if (argis("ct", "changetag"))
+ {
+ if (arg - argv < argc - 2)
+ {
+ ++arg;
+ if ((memberstruct = parse_member(*arg)))
+ sq_save_data(taglist, memberstruct);
+ memberstruct->tag = *++arg;
+ }
+ else
+ usage(argv);
+ }
else if (argis("C", "create"))
createflag++;
else if (argis("P", "public"))
setinfo++;
grouplist = 0;
}
+ else if (argis("N", "nfs"))
+ {
+ setinfo++;
+ nfsgroup = 1;
+ }
+ else if (argis("NN", "notnfs"))
+ {
+ setinfo++;
+ nfsgroup = 0;
+ }
+ else if (argis("mm", "mailman"))
+ {
+ setinfo++;
+ mailman = 1;
+ }
+ else if (argis("nmm", "notmailman"))
+ {
+ setinfo++;
+ mailman = 0;
+ }
+ else if (argis("ms", "mailman_server"))
+ {
+ if (arg - argv < argc - 1)
+ {
+ setinfo++;
+ ++arg;
+ mailman_server = canonicalize_hostname(strdup(*arg));
+ }
+ else
+ usage(argv);
+ }
else if (argis("D", "desc"))
{
if (arg - argv < argc - 1)
else
usage(argv);
}
+ else if (argis("MA", "memacl"))
+ {
+ if (arg - argv < argc -1)
+ {
+ setinfo++;
+ ++arg;
+ memacl = parse_member(*arg);
+ }
+ else
+ usage(argv);
+ }
else if (argis("R", "rename"))
{
if (arg - argv < argc - 1)
else
usage(argv);
}
+ else if (argis("g", "gid"))
+ {
+ if (arg - argv < argc - 1)
+ {
+ setinfo++;
+ ++arg;
+ gid = *arg;
+ }
+ else
+ usage(argv);
+ }
else
usage(argv);
}
/* if no other options specified, turn on list members flag */
if (!(infoflg || syncflg || createflag || setinfo ||
- addlist->q_next != addlist || dellist->q_next != dellist))
+ addlist->q_next != addlist || dellist->q_next != dellist ||
+ taglist->q_next != taglist))
memberflg++;
- /* If none of {users,strings,lists,kerberos} specified, turn them all on */
- if (!(showusers || showstrings || showlists || showkerberos))
- showusers = showstrings = showlists = showkerberos = 1;
+ /* If none of {users,strings,lists,kerberos,machines} specified,
+ turn them all on */
+ if (!(showusers || showstrings || showlists || showkerberos || showmachines))
+ showusers = showstrings = showlists = showkerberos = showmachines = 1;
/* fire up Moira */
- status = mrcl_connect(server, "blanche", 2, !noauth);
+ status = mrcl_connect(server, "blanche", 10, !noauth);
if (status == MRCL_AUTH_ERROR)
{
+ com_err(whoami, 0, "Authentication error while working on list %s",
+ listname);
com_err(whoami, 0, "Try the -noauth flag if you don't "
"need authentication.");
}
/* create if needed */
if (createflag)
{
- char *argv[10];
+ char *argv[13];
- argv[0] = listname;
- argv[1] = (active == 0) ? "0" : "1";
- argv[2] = (public == 1) ? "1" : "0";
- argv[3] = (hidden == 1) ? "1" : "0";
- argv[4] = (maillist == 0) ? "0" : "1";
- argv[5] = (grouplist == 1) ? "1" : "0";
- argv[6] = UNIQUE_GID;
- argv[9] = desc ? desc : "none";
+ argv[L_NAME] = listname;
+ argv[L_ACTIVE] = (active == 0) ? "0" : "1";
+ argv[L_PUBLIC] = (public == 1) ? "1" : "0";
+ argv[L_HIDDEN] = (hidden == 1) ? "1" : "0";
+ argv[L_MAILLIST] = (maillist == 0) ? "0" : "1";
+ argv[L_GROUP] = (grouplist == 1) ? "1" : "0";
+
+ if (gid)
+ argv[L_GID] = gid;
+ else
+ argv[L_GID] = UNIQUE_GID;
+
+ argv[L_NFSGROUP] = (nfsgroup == 1) ? "1" : "0";
+ argv[L_MAILMAN] = (mailman == 1) ? "1" : "0";
+ argv[L_DESC] = desc ? desc : "none";
+
+ if (mailman)
+ argv[L_MAILMAN_SERVER] = mailman_server ? mailman_server : "[ANY]";
+ else
+ argv[L_MAILMAN_SERVER] = "[NONE]";
+
+ if (memacl)
+ {
+ if (memacl->type == M_ANY)
+ {
+ status = mr_query("get_user_account_by_login", 1,
+ &memacl->name, NULL, NULL);
+ if (status == MR_NO_MATCH)
+ memacl->type = M_LIST;
+ else
+ memacl->type = M_USER;
+ }
+ argv[L_MEMACE_TYPE] = typename[memacl->type];
+ argv[L_MEMACE_NAME] = memacl->name;
+ if (memacl->type == M_KERBEROS)
+ {
+ status = mrcl_validate_kerberos_member(argv[L_MEMACE_NAME],
+ &argv[L_MEMACE_NAME]);
+ if (mrcl_get_message())
+ mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ exit(1);
+ }
+ }
+ else
+ argv[L_MEMACE_TYPE] = argv[L_MEMACE_NAME] = "NONE";
if (owner)
{
- argv[8] = owner->name;
+ argv[L_ACE_NAME] = owner->name;
switch (owner->type)
{
case M_ANY:
case M_USER:
- argv[7] = "USER";
- status = mr_query("add_list", 10, argv, NULL, NULL);
+ argv[L_ACE_TYPE] = "USER";
+ status = mr_query("add_list", 15, argv, NULL, NULL);
if (owner->type != M_ANY || status != MR_USER)
break;
case M_LIST:
- argv[7] = "LIST";
- status = mr_query("add_list", 10, argv, NULL, NULL);
+ argv[L_ACE_TYPE] = "LIST";
+ status = mr_query("add_list", 15, argv, NULL, NULL);
break;
case M_KERBEROS:
- argv[7] = "KERBEROS";
- status = mr_query("add_list", 10, argv, NULL, NULL);
+ argv[L_ACE_TYPE] = "KERBEROS";
+ status = mrcl_validate_kerberos_member(argv[L_ACE_NAME],
+ &argv[L_ACE_NAME]);
+ if (mrcl_get_message())
+ mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ exit(1);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
+ break;
+ case M_NONE:
+ argv[L_ACE_TYPE] = argv[L_ACE_NAME] = "NONE";
+ status = mr_query("add_list", 15, argv, NULL, NULL);
break;
}
}
else
{
- argv[7] = "USER";
- argv[8] = getenv("USER");
+ argv[L_ACE_TYPE] = "USER";
+ argv[L_ACE_NAME] = get_username();
- status = mr_query("add_list", 10, argv, NULL, NULL);
+ status = mr_query("add_list", 15, argv, NULL, NULL);
}
if (status)
}
else if (setinfo)
{
- char *argv[11];
+ char *argv[14];
status = mr_query("get_list_info", 1, &listname,
save_list_info, argv);
argv[0] = listname;
if (newname)
- argv[1] = newname;
+ argv[L_NAME + 1] = newname;
if (active != -1)
- argv[2] = active ? "1" : "0";
+ argv[L_ACTIVE + 1] = active ? "1" : "0";
if (public != -1)
- argv[3] = public ? "1" : "0";
+ argv[L_PUBLIC + 1] = public ? "1" : "0";
if (hidden != -1)
- argv[4] = hidden ? "1" : "0";
+ argv[L_HIDDEN + 1] = hidden ? "1" : "0";
if (maillist != -1)
- argv[5] = maillist ? "1" : "0";
+ argv[L_MAILLIST + 1] = maillist ? "1" : "0";
if (grouplist != -1)
- argv[6] = grouplist ? "1" : "0";
+ argv[L_GROUP + 1] = grouplist ? "1" : "0";
+ if (gid)
+ argv[L_GID + 1] = gid;
+ if (nfsgroup != -1)
+ argv[L_NFSGROUP + 1] = nfsgroup ? "1" : "0";
+ if (mailman != -1)
+ argv[L_MAILMAN + 1] = mailman ? "1" : "0";
+
+ /* If someone toggled the mailman bit, but didn't specify a server,
+ * default to [ANY].
+ */
+ if (mailman_server)
+ argv[L_MAILMAN_SERVER + 1] = mailman_server;
+ else if ((mailman == 1) && !strcmp(argv[L_MAILMAN_SERVER + 1], "[NONE]"))
+ argv[L_MAILMAN_SERVER + 1] = "[ANY]";
+
if (desc)
- argv[10] = desc;
+ argv[L_DESC + 1] = desc;
+
+ if (memacl)
+ {
+ if (memacl->type == M_ANY)
+ {
+ status = mr_query("get_user_account_by_login", 1,
+ &memacl->name, NULL, NULL);
+ if (status == MR_NO_MATCH)
+ memacl->type = M_LIST;
+ else
+ memacl->type = M_USER;
+ }
+ argv[L_MEMACE_TYPE + 1] = typename[memacl->type];
+ argv[L_MEMACE_NAME + 1] = memacl->name;
+ if (memacl->type == M_KERBEROS)
+ {
+ status = mrcl_validate_kerberos_member(argv[L_MEMACE_NAME + 1],
+ &argv[L_MEMACE_NAME + 1]);
+ if (mrcl_get_message())
+ mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ exit(1);
+ }
+ }
if (owner)
{
- argv[9] = owner->name;
+ argv[L_ACE_NAME + 1] = owner->name;
switch (owner->type)
{
case M_ANY:
case M_USER:
- argv[8] = "USER";
- status = mr_query("update_list", 11, argv, NULL, NULL);
+ argv[L_ACE_TYPE + 1] = "USER";
+ status = mr_query("update_list", 16, argv, NULL, NULL);
if (owner->type != M_ANY || status != MR_USER)
break;
case M_LIST:
- argv[8] = "LIST";
- status = mr_query("update_list", 11, argv, NULL, NULL);
+ argv[L_ACE_TYPE + 1] = "LIST";
+ status = mr_query("update_list", 16, argv, NULL, NULL);
break;
case M_KERBEROS:
- argv[8] = "KERBEROS";
- status = mr_query("update_list", 11, argv, NULL, NULL);
+ argv[L_ACE_TYPE + 1] = "KERBEROS";
+ status = mrcl_validate_kerberos_member(argv[L_ACE_NAME + 1],
+ &argv[L_ACE_NAME + 1]);
+ if (mrcl_get_message())
+ mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ exit(1);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
+ break;
+ case M_NONE:
+ argv[L_ACE_TYPE + 1] = argv[L_ACE_NAME + 1] = "NONE";
+ status = mr_query("update_list", 16, argv, NULL, NULL);
break;
}
}
else
- status = mr_query("update_list", 11, argv, NULL, NULL);
+ status = mr_query("update_list", 16, argv, NULL, NULL);
if (status)
{
memberlist = sq_create();
}
+ /* Process the delete list */
+ while (sq_get_data(dellist, &memberstruct))
+ {
+ membervec[0] = listname;
+ membervec[2] = memberstruct->name;
+ if (verbose)
+ {
+ printf("Deleting member ");
+ show_list_member(memberstruct);
+ }
+ switch (memberstruct->type)
+ {
+ case M_ANY:
+ case M_USER:
+ membervec[1] = "USER";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_SUCCESS)
+ break;
+ else if ((status != MR_USER && status != MR_NO_MATCH) ||
+ memberstruct->type != M_ANY)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ break;
+ }
+ case M_LIST:
+ membervec[1] = "LIST";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_SUCCESS)
+ break;
+ else if ((status != MR_LIST && status != MR_NO_MATCH) ||
+ memberstruct->type != M_ANY)
+ {
+ if (status == MR_PERM && memberstruct->type == M_ANY &&
+ !strcmp(membervec[2], get_username()))
+ {
+ /* M_ANY means we've fallen through from the user
+ * case. The user is trying to remove himself from a
+ * list, but we got MR_USER or MR_NO_MATCH above,
+ * meaning he's not really on it, and we got MR_PERM
+ * when trying to remove LIST:$USER because he's not
+ * on the acl. That error is useless, so return
+ * MR_NO_MATCH instead. However, this will generate
+ * the wrong error if the user was trying to remove
+ * the list with his username from a list he doesn't
+ * administrate without explicitly specifying
+ * "list:".
+ */
+ status = MR_NO_MATCH;
+ }
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ break;
+ }
+ case M_STRING:
+ membervec[1] = "STRING";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_STRING && memberstruct->type == M_ANY)
+ {
+ com_err(whoami, 0, " Unable to find member %s to delete from %s",
+ memberstruct->name, listname);
+ success = 0;
+ if (!strcmp(membervec[0], get_username()))
+ {
+ fprintf(stderr, "(If you were trying to remove yourself "
+ "from the list \"%s\",\n", membervec[2]);
+ fprintf(stderr, "the correct command is \"blanche %s -d "
+ "%s\".)\n", membervec[2], membervec[0]);
+ }
+ }
+ else if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ break;
+ case M_KERBEROS:
+ membervec[1] = "KERBEROS";
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status == MR_STRING || status == MR_NO_MATCH)
+ {
+ /* Try canonicalizing the Kerberos principal and trying
+ * again. If we succeed, print the message from mrcl.
+ * Otherwise, just pretend we never did this and print
+ * the original error message.
+ */
+ mrcl_validate_kerberos_member(membervec[2], &membervec[2]);
+ if (mrcl_get_message())
+ {
+ if (mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL) == MR_SUCCESS)
+ mrcl_com_err(whoami);
+ status = MR_SUCCESS;
+ }
+ }
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ break;
+ case M_MACHINE:
+ membervec[1] = "MACHINE";
+ membervec[2] = canonicalize_hostname(memberstruct->name);
+ status = mr_query("delete_member_from_list", 3, membervec,
+ NULL, NULL);
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while deleting member %s from %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ free(membervec[2]);
+ }
+ }
+
/* Process the add list */
while (sq_get_data(addlist, &memberstruct))
{
/* now continue adding member */
membervec[0] = listname;
membervec[2] = memberstruct->name;
+ membervec[3] = memberstruct->tag;
if (verbose)
{
printf("Adding member ");
case M_ANY:
case M_USER:
membervec[1] = "USER";
- status = mr_query("add_member_to_list", 3, membervec, NULL, NULL);
+ status = mr_query("add_tagged_member_to_list", 4, membervec,
+ NULL, NULL);
if (status == MR_SUCCESS)
break;
else if (status != MR_USER || memberstruct->type != M_ANY)
}
case M_LIST:
membervec[1] = "LIST";
- status = mr_query("add_member_to_list", 3, membervec,
+ status = mr_query("add_tagged_member_to_list", 4, membervec,
NULL, NULL);
if (status == MR_SUCCESS)
{
- if (!strcmp(membervec[0], getenv("USER")))
+ if (!strcmp(membervec[0], get_username()))
{
fprintf(stderr, "\nWARNING: \"LIST:%s\" was just added "
"to list \"%s\".\n", membervec[2], membervec[0]);
break;
}
case M_STRING:
- if (memberstruct->type == M_ANY &&
- !strchr(memberstruct->name, '@') &&
- !strchr(memberstruct->name, '!') &&
- !strchr(memberstruct->name, '%'))
+ status = mrcl_validate_string_member(memberstruct->name);
+ if (memberstruct->type == M_ANY && status == MRCL_WARN)
{
/* if user is trying to add something which isn't a
remote string, or a list, or a user, and didn't
success = 0;
break;
}
+ else
+ mrcl_com_err(whoami);
+
+ if (status == MRCL_REJECT)
+ {
+ success = 0;
+ break;
+ }
membervec[1] = "STRING";
- status = mr_query("add_member_to_list", 3, membervec,
+ status = mr_query("add_tagged_member_to_list", 4, membervec,
NULL, NULL);
if (status != MR_SUCCESS)
{
break;
case M_KERBEROS:
membervec[1] = "KERBEROS";
- status = mr_query("add_member_to_list", 3, membervec,
+ status = mrcl_validate_kerberos_member(membervec[2], &membervec[2]);
+ if (mrcl_get_message())
+ mrcl_com_err(whoami);
+ if (status == MRCL_REJECT)
+ {
+ success = 0;
+ break;
+ }
+ status = mr_query("add_tagged_member_to_list", 4, membervec,
+ NULL, NULL);
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while adding member %s to %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ free(membervec[2]);
+ break;
+ case M_MACHINE:
+ membervec[1] = "MACHINE";
+ membervec[2] = canonicalize_hostname(strdup(memberstruct->name));
+ status = mr_query("add_tagged_member_to_list", 4, membervec,
NULL, NULL);
if (status != MR_SUCCESS)
{
memberstruct->name, listname);
success = 0;
}
+ free(membervec[2]);
}
}
- /* Process the delete list */
- while (sq_get_data(dellist, &memberstruct))
+ /* Process the tag list */
+ while (sq_get_data(taglist, &memberstruct))
{
membervec[0] = listname;
membervec[2] = memberstruct->name;
+ membervec[3] = memberstruct->tag;
if (verbose)
{
- printf("Deleting member ");
+ printf("Tagging member ");
show_list_member(memberstruct);
}
switch (memberstruct->type)
case M_ANY:
case M_USER:
membervec[1] = "USER";
- status = mr_query("delete_member_from_list", 3, membervec,
+ status = mr_query("tag_member_of_list", 4, membervec,
NULL, NULL);
if (status == MR_SUCCESS)
break;
else if ((status != MR_USER && status != MR_NO_MATCH) ||
memberstruct->type != M_ANY)
{
- com_err(whoami, status, "while deleting member %s from %s",
+ com_err(whoami, status, "while changing tag on member %s of %s",
memberstruct->name, listname);
success = 0;
break;
}
case M_LIST:
membervec[1] = "LIST";
- status = mr_query("delete_member_from_list", 3, membervec,
+ status = mr_query("tag_member_of_list", 4, membervec,
NULL, NULL);
if (status == MR_SUCCESS)
break;
else if ((status != MR_LIST && status != MR_NO_MATCH) ||
memberstruct->type != M_ANY)
{
- if (status == MR_PERM && memberstruct->type == M_ANY &&
- !strcmp(membervec[2], getenv("USER")))
- {
- /* M_ANY means we've fallen through from the user
- * case. The user is trying to remove himself from
- * a list, but we got MR_USER or MR_NO_MATCH above,
- * meaning he's not really on it, and we got MR_PERM
- * when trying to remove LIST:$USER because he's not
- * on the acl. That error is useless, so return
- * MR_NO_MATCH instead. However, this will generate the
- * wrong error if the user was trying to remove the list
- * with his username from a list he doesn't administrate
- * without explicitly specifying "list:".
- */
- status = MR_NO_MATCH;
- }
- com_err(whoami, status, "while deleting member %s from %s",
+ com_err(whoami, status, "while changing tag on member %s of %s",
memberstruct->name, listname);
success = 0;
break;
}
case M_STRING:
membervec[1] = "STRING";
- status = mr_query("delete_member_from_list", 3, membervec,
+ status = mr_query("tag_member_of_list", 4, membervec,
NULL, NULL);
if (status == MR_STRING && memberstruct->type == M_ANY)
{
- com_err(whoami, 0, " Unable to find member %s to delete from %s",
+ com_err(whoami, 0, " Unable to find member %s on list %s",
memberstruct->name, listname);
success = 0;
- if (!strcmp(membervec[0], getenv("USER")))
- {
- fprintf(stderr, "(If you were trying to remove yourself "
- "from the list \"%s\",\n", membervec[2]);
- fprintf(stderr, "the correct command is \"blanche %s -d "
- "%s\".)\n", membervec[2], membervec[0]);
- }
}
else if (status != MR_SUCCESS)
{
- com_err(whoami, status, "while deleting member %s from %s",
+ com_err(whoami, status, "while retagging member %s on %s",
memberstruct->name, listname);
success = 0;
}
break;
case M_KERBEROS:
membervec[1] = "KERBEROS";
- status = mr_query("delete_member_from_list", 3, membervec,
+ status = mr_query("tag_member_of_list", 4, membervec,
+ NULL, NULL);
+ if (status == MR_STRING || status == MR_NO_MATCH)
+ {
+ /* Try canonicalizing the Kerberos principal and trying
+ * again. If we succeed, print the message from mrcl.
+ * Otherwise, just pretend we never did this and print
+ * the original error message.
+ */
+ mrcl_validate_kerberos_member(membervec[2], &membervec[2]);
+ if (mrcl_get_message())
+ {
+ if (mr_query("tag_member_of_list", 4, membervec,
+ NULL, NULL) == MR_SUCCESS)
+ mrcl_com_err(whoami);
+ status = MR_SUCCESS;
+ }
+ }
+ if (status != MR_SUCCESS)
+ {
+ com_err(whoami, status, "while changing tag on member %s of %s",
+ memberstruct->name, listname);
+ success = 0;
+ }
+ case M_MACHINE:
+ membervec[1] = "MACHINE";
+ status = mr_query("tag_member_of_list", 4, membervec,
NULL, NULL);
if (status != MR_SUCCESS)
{
- com_err(whoami, status, "while deleting member %s from %s",
+ com_err(whoami, status, "while adding member %s to %s",
memberstruct->name, listname);
success = 0;
}
recursive_display_list_members();
else
{
- status = mr_query("get_members_of_list", 1, &listname,
+ status = mr_query(showtags ? "get_tagged_members_of_list" :
+ "get_members_of_list", 1, &listname,
get_list_members, memberlist);
if (status)
com_err(whoami, status, "while getting members of list %s",
void usage(char **argv)
{
+#define USAGE_OPTIONS_FORMAT " %-39s%s\n"
fprintf(stderr, "Usage: %s listname [options]\n", argv[0]);
fprintf(stderr, "Options are\n");
- fprintf(stderr, " %-39s%-39s\n", "-v | -verbose",
- "-C | -create");
- fprintf(stderr, " %-39s%-39s\n", "-m | -members",
- "-R | -rename newname");
- fprintf(stderr, " %-39s%-39s\n", "-u | -users",
- "-P | -public");
- fprintf(stderr, " %-39s%-39s\n", "-l | -lists",
- "-NP | -private");
- fprintf(stderr, " %-39s%-39s\n", "-s | -strings",
- "-A | -active");
- fprintf(stderr, " %-39s%-39s\n", "-k | -kerberos",
- "-I | -inactive");
- fprintf(stderr, " %-39s%-39s\n", "-i | -info",
- "-V | -visible");
- fprintf(stderr, " %-39s%-39s\n", "-r | -recursive",
- "-H | -hidden");
- fprintf(stderr, " %-39s%-39s\n", "-a | -add member",
- "-M | -mail");
- fprintf(stderr, " %-39s%-39s\n", "-d | -delete member",
- "-NM | -notmail");
- fprintf(stderr, " %-39s%-39s\n", "-al | -addlist filename",
- "-G | -group");
- fprintf(stderr, " %-39s%-39s\n", "-dl | -deletelist filename",
- "-NG | -notgroup");
- fprintf(stderr, " %-39s%-39s\n", "-f | -file filename",
- "-D | -desc description");
- fprintf(stderr, " %-39s%-39s\n", "-n | -noauth",
- "-O | -owner owner");
- fprintf(stderr, " %-39s%-39s\n", "-db | -database host[:port]",
- "");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-v | -verbose",
+ "-C | -create");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-m | -members",
+ "-R | -rename newname");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-u | -users",
+ "-P | -public");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-l | -lists",
+ "-NP | -private");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-s | -strings",
+ "-A | -active");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-k | -kerberos",
+ "-I | -inactive");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-i | -info",
+ "-V | -visible");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-r | -recursive",
+ "-H | -hidden");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-a | -add member",
+ "-M | -mail");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-d | -delete member",
+ "-NM | -notmail");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-al | -addlist filename",
+ "-G | -group");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-dl | -deletelist filename",
+ "-NG | -notgroup");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-f | -file filename",
+ "-N | -nfs");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-at | -addtagged member tag",
+ "-NN | -notnfs");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-ct | -changetag member tag",
+ "-mm | -mailman");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-t | -tags",
+ "-nmm | -notmailman");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-D | -desc description",
+ "-ms | -mailman_server server");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-O | -owner owner",
+ "-MA | -memacl membership_acl");
+ fprintf(stderr, USAGE_OPTIONS_FORMAT, "-n | -noauth",
+ "-db | -database host[:port]");
exit(1);
}
return;
s = "KERBEROS";
break;
+ case M_MACHINE:
+ if (!showmachines)
+ return;
+ s = "MACHINE";
+ break;
case M_ANY:
printf("%s\n", memberstruct->name);
return;
}
if (verbose)
- printf("%s:%s\n", s, memberstruct->name);
+ printf("%s:%s", s, memberstruct->name);
else
{
if (memberstruct->type == M_LIST)
- printf("LIST:%s\n", memberstruct->name);
+ printf("LIST:%s", memberstruct->name);
else if (memberstruct->type == M_KERBEROS)
- printf("KERBEROS:%s\n", memberstruct->name);
+ printf("KERBEROS:%s", memberstruct->name);
else if (memberstruct->type == M_STRING &&
!strchr(memberstruct->name, '@'))
- printf("STRING:%s\n", memberstruct->name);
+ printf("STRING:%s", memberstruct->name);
+ else if (memberstruct->type == M_MACHINE)
+ printf("MACHINE:%s", memberstruct->name);
else
- printf("%s\n", memberstruct->name);
+ printf("%s", memberstruct->name);
}
+ if (showtags && *(memberstruct->tag))
+ printf(" (%s)\n", memberstruct->tag);
+ else
+ printf("\n");
}
int show_list_info(int argc, char **argv, void *hint)
{
- printf("List: %s\n", argv[0]);
- printf("Description: %s\n", argv[9]);
+ printf("List: %s\n", argv[L_NAME]);
+ printf("Description: %s\n", argv[L_DESC]);
printf("Flags: %s, %s, and %s\n",
- atoi(argv[1]) ? "active" : "inactive",
- atoi(argv[2]) ? "public" : "private",
- atoi(argv[3]) ? "hidden" : "visible");
- printf("%s is %sa maillist and is %sa group", argv[0],
- atoi(argv[4]) ? "" : "not ",
- atoi(argv[5]) ? "" : "not ");
- if (atoi(argv[5]))
- printf(" with GID %d\n", atoi(argv[6]));
+ atoi(argv[L_ACTIVE]) ? "active" : "inactive",
+ atoi(argv[L_PUBLIC]) ? "public" : "private",
+ atoi(argv[L_HIDDEN]) ? "hidden" : "visible");
+ printf("%s is %sa maillist and is %sa group", argv[L_NAME],
+ atoi(argv[L_MAILLIST]) ? "" : "not ",
+ atoi(argv[L_GROUP]) ? "" : "not ");
+ if (atoi(argv[L_GROUP]))
+ {
+ if (atoi(argv[L_NFSGROUP]))
+ printf(" (and an NFS group)");
+ printf(" with GID %d\n", atoi(argv[L_GID]));
+ }
else
printf("\n");
- printf("Owner: %s %s\n", argv[7], argv[8]);
- printf("Last modified by %s with %s on %s\n", argv[11], argv[12], argv[10]);
+ if (atoi(argv[L_MAILMAN]))
+ printf("%s is a Mailman list on server %s\n", argv[L_NAME],
+ argv[L_MAILMAN_SERVER]);
+ printf("Owner: %s %s\n", argv[L_ACE_TYPE], argv[L_ACE_NAME]);
+ if (strcmp(argv[L_MEMACE_TYPE], "NONE"))
+ printf("Membership ACL: %s %s\n", argv[L_MEMACE_TYPE],
+ argv[L_MEMACE_NAME]);
+ printf("Last modified by %s with %s on %s\n",
+ argv[L_MODBY], argv[L_MODWITH], argv[L_MODTIME]);
return MR_CONT;
}
{
char **nargv = hint;
- for (argc = 0; argc < 10; argc++)
+ for (argc = 0; argc < 16; argc++)
nargv[argc + 1] = strdup(argv[argc]);
return MR_CONT;
}
case 'K':
m->type = M_KERBEROS;
break;
+ case 'M':
+ m->type = M_MACHINE;
+ break;
}
m->name = strdup(argv[1]);
+ if (argc == 3)
+ m->tag = strdup(argv[2]);
+ else
+ m->tag = strdup("");
sq_save_data(q, m);
return MR_CONT;
}
if (!(m = malloc(sizeof(struct member))))
return NULL;
+ m->tag = strdup("");
if ((p = strchr(s, ':')))
{
m->type = M_STRING;
else if (!strcasecmp("kerberos", s))
m->type = M_KERBEROS;
+ else if (!strcasecmp("machine", s))
+ m->type = M_MACHINE;
+ else if (!strcasecmp("none", s))
+ m->type = M_NONE;
else
{
m->type = M_ANY;
else
{
m->name = strdup(s);
- m->type = M_ANY;
+ m->type = strcasecmp(s, "none") ? M_ANY : M_NONE;
}
return m;
}
count++;
return count;
}
+
+char *get_username(void)
+{
+ char *username;
+
+ username = getenv("USER");
+ if (!username)
+ {
+ username = mrcl_krb_user();
+ if (!username)
+ {
+ com_err(whoami, 0, "Could not determine username");
+ exit(1);
+ }
+ }
+ return username;
+}