X-Git-Url: http://andersk.mit.edu/gitweb/moira.git/blobdiff_plain/582834428b73f77aaeb378cff93b7088f9f51af2..8ec23c21783e8533cf7af22edd612cebfe200916:/incremental/afs.c

diff --git a/incremental/afs.c b/incremental/afs.c
index d46b2e8b..b38347bc 100644
--- a/incremental/afs.c
+++ b/incremental/afs.c
@@ -11,6 +11,7 @@
 #include <sys/file.h>
 #include <strings.h>
 
+#include <krb.h>
 #include <moira.h>
 #include <moira_site.h>
 
@@ -20,10 +21,11 @@
 #include <afs/ptclient.h>
 #include <afs/pterror.h>
 
+#define STOP_FILE "/moira/afs/noafs"
+
 #define file_exists(file) (access((file), F_OK) == 0)
 
 char *whoami;
-char *cellname = "ATHENA.MIT.EDU";
 
 main(argc, argv)
 char **argv;
@@ -31,9 +33,7 @@ int argc;
 {
     int beforec, afterc, i;
     char *table, **before, **after;
-#ifdef DEBUG
     char buf[1024];
-#endif
 
     for (i = getdtablesize() - 1; i > 2; i--)
       close(i);
@@ -45,8 +45,8 @@ int argc;
     after = &argv[4 + beforec];
     whoami = argv[0];
 
-#ifdef DEBUG
-    sprintf(buf, "%s (", table);
+    strcpy(buf, table);
+    strcat(buf, " (");
     for (i = 0; i < beforec; i++) {
 	if (i > 0)
 	  strcat(buf, ",");
@@ -58,13 +58,23 @@ int argc;
 	  strcat(buf, ",");
 	strcat(buf, after[i]);
     }
-    strcat(buf, ")\n");
-    write(1,buf,strlen(buf));
+#ifdef DEBUG
+    printf("%s\n", buf);
 #endif
 
     initialize_sms_error_table();
     initialize_krb_error_table();
 
+    for (i=0; file_exists(STOP_FILE); i++) {
+	if (i > 30) {
+	    critical_alert("incremental",
+			   "AFS incremental failed (%s exists): %s",
+			   STOP_FILE, buf);
+	    exit(1);
+	}
+	sleep(60);
+    }
+
     if (!strcmp(table, "users")) {
 	do_user(before, beforec, after, afterc);
     } else if (!strcmp(table, "list")) {
@@ -170,22 +180,25 @@ int beforec;
 char **after;
 int afterc;
 {
-    int agid, bgid;
+    register int agid, bgid;
+    int ahide, bhide;
     long code, id;
     char hostname[64];
     char g1[PR_MAXNAMELEN], g2[PR_MAXNAMELEN];
     char *av[2];
 
     agid = bgid = 0;
-    if (beforec > L_GID && atoi(before[L_ACTIVE]) && atoi(before[L_GROUP]))
+    if (beforec > L_GID && atoi(before[L_ACTIVE]) && atoi(before[L_GROUP])) {
 	bgid = atoi(before[L_GID]);
-    if (afterc > L_GID && atoi(after[L_ACTIVE]) && atoi(after[L_GROUP]))
+	bhide = atoi(before[L_HIDDEN]);
+    }
+    if (afterc > L_GID && atoi(after[L_ACTIVE]) && atoi(after[L_GROUP])) {
 	agid = atoi(after[L_GID]);
+	ahide = atoi(after[L_HIDDEN]);
+    }
 
     if (agid == 0 && bgid == 0)			/* Not active groups */
 	return;
-    if (agid == bgid && !strcmp(after[L_NAME], before[L_NAME]))
-	return;					/* No change */
 
     code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0);
     if (code) {
@@ -195,17 +208,30 @@ int afterc;
     }
 
     if (agid && bgid) {
-	/* Only a modify is required */
-	strcpy(g1, "system:");
-	strcpy(g2, "system:");
-	strcat(g1, before[L_NAME]);
-	strcat(g2, after[L_NAME]);
-	code = pr_ChangeEntry(g1, g2, (agid==bgid) ? 0 : -agid, "");
-	if (code) {
-	    critical_alert("incremental",
-			   "Couldn't change group %s (id %d) to %s (id %d): %s",
-			   before[L_NAME], -bgid, after[L_NAME], -agid,
-			   error_message(code));
+	if (strcmp(after[L_NAME], before[L_NAME])) {
+	    /* Only a modify is required */
+	    strcpy(g1, "system:");
+	    strcpy(g2, "system:");
+	    strcat(g1, before[L_NAME]);
+	    strcat(g2, after[L_NAME]);
+	    code = pr_ChangeEntry(g1, g2, (agid==bgid) ? 0 : -agid, "");
+	    if (code) {
+		critical_alert("incremental",
+			       "Couldn't change group %s (id %d) to %s (id %d): %s",
+			       before[L_NAME], -bgid, after[L_NAME], -agid,
+			       error_message(code));
+	    }
+	}
+	if (ahide != bhide) {
+	    code = pr_SetFieldsEntry
+		(-agid, PR_SF_ALLBITS,
+		 (ahide ? PRP_STATUS_MEM : PRP_GROUP_DEFAULT) >> PRIVATE_SHIFT,
+		 0 /*ngroups*/, 0 /*nusers*/);
+	    if (code) {
+		critical_alert("incremental",
+			       "Couldn't set flags of group %s: %s",
+			       after[L_NAME], error_message(code));
+	    }
 	}
 	return;
     }
@@ -230,6 +256,17 @@ int afterc;
 			   after[L_NAME], id, error_message(code));
 	    return;
 	}
+	if (ahide) {
+	    code = pr_SetFieldsEntry
+		(-agid, PR_SF_ALLBITS,
+		 (ahide ? PRP_STATUS_MEM : PRP_GROUP_DEFAULT) >> PRIVATE_SHIFT,
+		 0 /*ngroups*/, 0 /*nusers*/);
+	    if (code) {
+		critical_alert("incremental",
+			       "Couldn't set flags of group %s: %s",
+			       after[L_NAME], error_message(code));
+	    }
+	}
 
 	/* We need to make sure the group is properly populated */
 	if (beforec < L_ACTIVE || atoi(before[L_ACTIVE]) == 0) return;
@@ -311,6 +348,7 @@ edit_group(op, group, type, member)
     char buf[PR_MAXNAMELEN];
     int (*fn)();
     int code;
+    static char local_realm[REALM_SZ+1] = "";
     extern long pr_AddToGroup(), pr_RemoveUserFromGroup();
 
     fn = op ? pr_AddToGroup : pr_RemoveUserFromGroup;
@@ -318,9 +356,11 @@ edit_group(op, group, type, member)
     /* The following KERBEROS code allows for the use of entities
      * user@foreign_cell.
      */
+    if (!local_realm[0])
+	krb_get_lrealm(local_realm, 1);
     if (!strcmp(type, "KERBEROS")) {
 	p = index(member, '@');
-	if (p && !strcasecmp(p+1, cellname))
+	if (p && !strcasecmp(p+1, local_realm))
 	    *p = 0;
     } else if (strcmp(type, "USER"))
 	return;					/* invalid type */