X-Git-Url: http://andersk.mit.edu/gitweb/moira.git/blobdiff_plain/8ec23c21783e8533cf7af22edd612cebfe200916..refs/heads/LOCKING:/incremental/afs.c diff --git a/incremental/afs.c b/incremental/afs.c index b38347bc..fcdcd78a 100644 --- a/incremental/afs.c +++ b/incremental/afs.c @@ -7,6 +7,7 @@ * . */ +#include #include #include #include @@ -22,59 +23,92 @@ #include #define STOP_FILE "/moira/afs/noafs" - #define file_exists(file) (access((file), F_OK) == 0) +#if defined(vax) && !defined(__STDC__) +#define volatile +#endif + char *whoami; +/* Main stub routines */ +int do_user(); +int do_list(); +int do_member(); +int do_filesys(); +int do_quota(); + +/* Support stub routines */ +int run_cmd(); +int add_user_lists(); +int add_list_members(); +int check_user(); +int edit_group(); +int pr_try(); +int check_afs(); + +/* libprot.a routines */ +extern long pr_Initialize(); +extern long pr_CreateUser(); +extern long pr_CreateGroup(); +extern long pr_DeleteByID(); +extern long pr_ChangeEntry(); +extern long pr_SetFieldsEntry(); +extern long pr_AddToGroup(); +extern long pr_RemoveUserFromGroup(); + +static char tbl_buf[1024]; +static struct member { + int op; + char list[33]; + char type[9]; + char member[129]; + struct member *next; +} *member_head = 0; + +static int mr_connections=0; + main(argc, argv) char **argv; int argc; { int beforec, afterc, i; char *table, **before, **after; - char buf[1024]; for (i = getdtablesize() - 1; i > 2; i--) close(i); + whoami = ((whoami = rindex(argv[0], '/')) ? whoami++ : argv[0]); + table = argv[1]; beforec = atoi(argv[2]); before = &argv[4]; afterc = atoi(argv[3]); after = &argv[4 + beforec]; - whoami = argv[0]; - strcpy(buf, table); - strcat(buf, " ("); + setlinebuf(stdout); + + strcpy(tbl_buf, table); + strcat(tbl_buf, " ("); for (i = 0; i < beforec; i++) { if (i > 0) - strcat(buf, ","); - strcat(buf, before[i]); + strcat(tbl_buf, ","); + strcat(tbl_buf, before[i]); } - strcat(buf, ")->("); + strcat(tbl_buf, ")->("); for (i = 0; i < afterc; i++) { if (i > 0) - strcat(buf, ","); - strcat(buf, after[i]); + strcat(tbl_buf, ","); + strcat(tbl_buf, after[i]); } + strcat(tbl_buf, ")"); #ifdef DEBUG - printf("%s\n", buf); + com_err(whoami, 0, "%s", tbl_buf); #endif initialize_sms_error_table(); initialize_krb_error_table(); - for (i=0; file_exists(STOP_FILE); i++) { - if (i > 30) { - critical_alert("incremental", - "AFS incremental failed (%s exists): %s", - STOP_FILE, buf); - exit(1); - } - sleep(60); - } - if (!strcmp(table, "users")) { do_user(before, beforec, after, afterc); } else if (!strcmp(table, "list")) { @@ -90,23 +124,6 @@ int argc; } -do_cmd(cmd) -char *cmd; -{ - int success = 0, tries = 0; - - while (success == 0 && tries < 1) { - if (tries++) - sleep(5*60); - com_err(whoami, 0, "Executing command: %s", cmd); - if (system(cmd) == 0) - success++; - } - if (!success) - critical_alert("incremental", "failed command: %s", cmd); -} - - do_user(before, beforec, after, afterc) char **before; int beforec; @@ -114,6 +131,7 @@ char **after; int afterc; { int astate, bstate, auid, buid, code; + char *av[2]; auid = buid = astate = bstate = 0; if (afterc > U_STATE) astate = atoi(after[U_STATE]); @@ -133,17 +151,12 @@ int afterc; /* No AFS related attributes have changed */ return; - code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0); - if (code) { - critical_alert("incremental", "Couldn't initialize libprot: %s", - error_message(code)); - return; - } - if (astate == bstate) { /* Only a modify has to be done */ - code = pr_ChangeEntry(before[U_NAME], after[U_NAME], - (auid==buid) ? 0 : auid, ""); + com_err(whoami, 0, "Changing user %s (uid %d) to %s (uid %d)", + before[U_NAME], buid, after[U_NAME], auid); + + code = pr_try(pr_ChangeEntry, before[U_NAME], after[U_NAME], auid, ""); if (code) { critical_alert("incremental", "Couldn't change user %s (id %d) to %s (id %d): %s", @@ -153,7 +166,10 @@ int afterc; return; } if (bstate == 1) { - code = pr_DeleteByID(buid); + com_err(whoami, 0, "Deleting user %s (uid %d)", + before[U_NAME], buid); + + code = pr_try(pr_DeleteByID, buid); if (code && code != PRNOENT) { critical_alert("incremental", "Couldn't delete user %s (id %d): %s", @@ -162,18 +178,42 @@ int afterc; return; } if (astate == 1) { - code = pr_CreateUser(after[U_NAME], &auid); + com_err(whoami, 0, "%s user %s (uid %d)", + ((bstate != 0) ? "Reactivating" : "Creating"), + after[U_NAME], auid); + + code = pr_try(pr_CreateUser, after[U_NAME], &auid); if (code) { critical_alert("incremental", "Couldn't create user %s (id %d): %s", after[U_NAME], auid, error_message(code)); + return; + } + + if (bstate != 0) { + /* Reactivating a user; get his group list */ + code = moira_connect(); + if (code) { + critical_alert("incremental", + "Error contacting Moira server to retrieve grouplist of user %s: %s", + after[U_NAME], error_message(code)); + return; + } + av[0] = "ruser"; + av[1] = after[U_NAME]; + code = mr_query("get_lists_of_member", 2, av, + add_user_lists, after[U_NAME]); + if (code && code != MR_NO_MATCH) + critical_alert("incremental", + "Couldn't retrieve membership of user %s: %s", + after[U_NAME], error_message(code)); + moira_disconnect(); } return; } } - do_list(before, beforec, after, afterc) char **before; int beforec; @@ -183,7 +223,6 @@ int afterc; register int agid, bgid; int ahide, bhide; long code, id; - char hostname[64]; char g1[PR_MAXNAMELEN], g2[PR_MAXNAMELEN]; char *av[2]; @@ -200,13 +239,6 @@ int afterc; if (agid == 0 && bgid == 0) /* Not active groups */ return; - code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0); - if (code) { - critical_alert("incremental", "Couldn't initialize libprot: %s", - error_message(code)); - return; - } - if (agid && bgid) { if (strcmp(after[L_NAME], before[L_NAME])) { /* Only a modify is required */ @@ -214,7 +246,11 @@ int afterc; strcpy(g2, "system:"); strcat(g1, before[L_NAME]); strcat(g2, after[L_NAME]); - code = pr_ChangeEntry(g1, g2, (agid==bgid) ? 0 : -agid, ""); + + com_err(whoami, 0, "Changing group %s (gid %d) to %s (gid %d)", + before[L_NAME], bgid, after[L_NAME], agid); + + code = pr_try(pr_ChangeEntry, g1, g2, -agid, ""); if (code) { critical_alert("incremental", "Couldn't change group %s (id %d) to %s (id %d): %s", @@ -223,10 +259,12 @@ int afterc; } } if (ahide != bhide) { - code = pr_SetFieldsEntry - (-agid, PR_SF_ALLBITS, - (ahide ? PRP_STATUS_MEM : PRP_GROUP_DEFAULT) >> PRIVATE_SHIFT, - 0 /*ngroups*/, 0 /*nusers*/); + com_err(whoami, 0, "Making group %s (gid %d) %s", + after[L_NAME], agid, + (ahide ? "hidden" : "visible")); + code = pr_try(pr_SetFieldsEntry, -agid, PR_SF_ALLBITS, + (ahide ? PRP_STATUS_ANY : PRP_GROUP_DEFAULT) >>PRIVATE_SHIFT, + 0 /*ngroups*/, 0 /*nusers*/); if (code) { critical_alert("incremental", "Couldn't set flags of group %s: %s", @@ -236,7 +274,9 @@ int afterc; return; } if (bgid) { - code = pr_DeleteByID(-bgid); + com_err(whoami, 0, "Deleting group %s (gid %d)", + before[L_NAME], bgid); + code = pr_try(pr_DeleteByID, -bgid); if (code && code != PRNOENT) { critical_alert("incremental", "Couldn't delete group %s (id %d): %s", @@ -249,7 +289,9 @@ int afterc; strcat(g1, after[L_NAME]); strcpy(g2, "system:administrators"); id = -agid; - code = pr_CreateGroup(g1, g2, &id); + com_err(whoami, 0, "Creating %s group %s (gid %d)", + (ahide ? "hidden" : "visible"), after[L_NAME], agid); + code = pr_try(pr_CreateGroup, g1, g2, &id); if (code) { critical_alert("incremental", "Couldn't create group %s (id %d): %s", @@ -257,10 +299,9 @@ int afterc; return; } if (ahide) { - code = pr_SetFieldsEntry - (-agid, PR_SF_ALLBITS, - (ahide ? PRP_STATUS_MEM : PRP_GROUP_DEFAULT) >> PRIVATE_SHIFT, - 0 /*ngroups*/, 0 /*nusers*/); + code = pr_try(pr_SetFieldsEntry, -agid, PR_SF_ALLBITS, + (ahide ? PRP_STATUS_ANY : PRP_GROUP_DEFAULT) >>PRIVATE_SHIFT, + 0 /*ngroups*/, 0 /*nusers*/); if (code) { critical_alert("incremental", "Couldn't set flags of group %s: %s", @@ -269,27 +310,37 @@ int afterc; } /* We need to make sure the group is properly populated */ - if (beforec < L_ACTIVE || atoi(before[L_ACTIVE]) == 0) return; + if (beforec < L_ACTIVE) return; - gethostname(hostname, sizeof(hostname)); - code = mr_connect(hostname); - if (!code) code = mr_auth("afs.incr"); + code = moira_connect(); if (code) { critical_alert("incremental", "Error contacting Moira server to resolve %s: %s", after[L_NAME], error_message(code)); return; } - av[0] = "LIST"; - av[1] = after[L_NAME]; - get_members(2, av, after[L_NAME]); - - mr_disconnect(); + av[0] = after[L_NAME]; + code = mr_query("get_end_members_of_list", 1, av, + add_list_members, after[L_NAME]); + if (code) + critical_alert("incremental", + "Couldn't retrieve full membership of list %s: %s", + after[L_NAME], error_message(code)); + moira_disconnect(); return; } } + +#define LM_EXTRA_ACTIVE (LM_END) +#define LM_EXTRA_PUBLIC (LM_END+1) +#define LM_EXTRA_HIDDEN (LM_END+2) +#define LM_EXTRA_MAILLIST (LM_END+3) +#define LM_EXTRA_GROUP (LM_END+4) +#define LM_EXTRA_GID (LM_END+5) +#define LM_EXTRA_END (LM_END+6) + do_member(before, beforec, after, afterc) char **before; int beforec; @@ -298,43 +349,165 @@ int afterc; { int code; char *p; + + if (afterc) { + if (afterc < LM_EXTRA_END) { + return; + } else + if (!atoi(after[LM_EXTRA_ACTIVE]) || !atoi(after[LM_EXTRA_GROUP])) + return; + + edit_group(1, after[LM_LIST], after[LM_TYPE], after[LM_MEMBER]); + } else if (beforec) { + if (beforec < LM_EXTRA_END) { + return; + } else + if (!atoi(before[LM_EXTRA_ACTIVE]) || !atoi(before[LM_EXTRA_GROUP])) + return; + edit_group(0, before[LM_LIST], before[LM_TYPE], before[LM_MEMBER]); + } +} + + +do_filesys(before, beforec, after, afterc) +char **before; +int beforec; +char **after; +int afterc; +{ + char cmd[1024]; + int acreate, atype, btype; + + if (afterc < FS_CREATE) { + atype = acreate = 0; + } else { + atype = !strcmp(after[FS_TYPE], "AFS"); + acreate = atoi(after[FS_CREATE]); + } + + if (beforec < FS_CREATE) { + if (acreate == 0 || atype == 0) return; + + /* new locker creation */ + sprintf(cmd, "%s/perl -I%s %s/afs_create.pl %s %s %s %s %s %s", + BIN_DIR, BIN_DIR, BIN_DIR, + after[FS_NAME], after[FS_L_TYPE], after[FS_MACHINE], + after[FS_PACK], after[FS_OWNER], after[FS_OWNERS]); + run_cmd(cmd); + return; + } - if ((beforec < 4 || !atoi(before[LM_END])) && - (afterc < 4 || !atoi(after[LM_END]))) + btype = !strcmp(before[FS_TYPE], "AFS"); + if (afterc < FS_CREATE) { + if (btype) + critical_alert("incremental", + "Cannot delete AFS filesystem %s: Operation not supported", + before[FS_NAME]); return; + } - code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0); - if (code) { - critical_alert("incremental", "Couldn't initialize libprot: %s", - error_message(code)); + if (!acreate) return; + + /* Are we dealing with AFS lockers (could be type ERR lockers) */ + if (!atype && !btype) + if (strcmp(before[FS_TYPE], "ERR") || strcmp(after[FS_TYPE], "ERR")) + return; + + /* By now, we know we are simply changing AFS filesystem attributes. + * Operations supported: + * Name change: rename/remount + * Path change: remount + * Type change: ERR<-->AFS + */ + +#if 0 + if (strcmp(before[FS_OWNER], after[FS_OWNER]) || + strcmp(before[FS_OWNERS], after[FS_OWNERS])) + { + critical_alert("incremental", + "Cannot change ownership of filesystem %s: Operation not yet supported", + after[FS_NAME]); } +#endif - if (afterc) - edit_group(1, after[LM_LIST], after[LM_TYPE], after[LM_MEMBER]); - if (beforec) - edit_group(0, after[LM_LIST], after[LM_TYPE], after[LM_MEMBER]); + sprintf(cmd, "%s/perl -I%s %s/afs_rename.pl %s %s %s %s %s %s %s %s %s %s", + BIN_DIR, BIN_DIR, BIN_DIR, + before[FS_NAME], before[FS_MACHINE], before[FS_TYPE], + before[FS_L_TYPE], before[FS_PACK], + after[FS_NAME], after[FS_MACHINE], after[FS_TYPE], + after[FS_L_TYPE], after[FS_PACK]); + run_cmd(cmd); } -get_members(ac, av, group) +do_quota(before, beforec, after, afterc) +char **before; +int beforec; +char **after; +int afterc; +{ + char cmd[1024]; + + if (afterc < Q_DIRECTORY || strcmp("ANY", after[Q_TYPE]) || + strncmp("/afs/", after[Q_DIRECTORY], 5)) + return; + + sprintf(cmd, "%s/perl -I%s %s/afs_quota.pl %s %s", + BIN_DIR, BIN_DIR, BIN_DIR, + after[Q_DIRECTORY], after[Q_QUOTA]); + run_cmd(cmd); + return; +} + + +run_cmd(cmd) +char *cmd; +{ + int success=0, tries=0; + + check_afs(); + + while (success == 0 && tries < 2) { + if (tries++) + sleep(90); + com_err(whoami, 0, "Executing command: %s", cmd); + if (system(cmd) == 0) + success++; + } + if (!success) + critical_alert("incremental", "failed command: %s", cmd); +} + + +add_user_lists(ac, av, user) + int ac; + char *av[]; + char *user; +{ + if (atoi(av[L_ACTIVE]) && atoi(av[L_GROUP])) /* active group ? */ + edit_group(1, av[L_NAME], "USER", user); + return 0; +} + + +add_list_members(ac, av, group) int ac; char *av[]; char *group; { - int code=0; + edit_group(1, group, av[0], av[1]); + return 0; +} - if (strcmp(av[0], "LIST")) { - sleep(1); /* give the ptserver room */ - edit_group(1, group, av[0], av[1]); - } else { - code = mr_query("get_members_of_list", 1, &av[1], get_members, group); - if (code) - critical_alert("incremental", - "Couldn't retrieve full membership of %s: %s", - group, error_message(code)); - } - return code; + +check_user(ac, av, ustate) + int ac; + char *av[]; + int *ustate; +{ + *ustate = atoi(av[U_STATE]); + return 0; } @@ -346,13 +519,10 @@ edit_group(op, group, type, member) { char *p = 0; char buf[PR_MAXNAMELEN]; - int (*fn)(); - int code; + int code, ustate; static char local_realm[REALM_SZ+1] = ""; - extern long pr_AddToGroup(), pr_RemoveUserFromGroup(); + struct member *m; - fn = op ? pr_AddToGroup : pr_RemoveUserFromGroup; - /* The following KERBEROS code allows for the use of entities * user@foreign_cell. */ @@ -365,72 +535,179 @@ edit_group(op, group, type, member) } else if (strcmp(type, "USER")) return; /* invalid type */ + /* Cannot risk doing another query during a callback */ + /* We could do this simply for type USER, but eventually this may also + * dynamically add KERBEROS types to the prdb, and we will need to do + * a query to look up the uid of the null-instance user */ + if (mr_connections) { + m = (struct member *)malloc(sizeof(struct member)); + if (!m) { + critical_alert("incremental", "Out of memory"); + exit(1); + } + m->op = op; + strcpy(m->list, group); + strcpy(m->type, type); + strcpy(m->member, member); + m->next = member_head; + member_head = m; + return; + } + strcpy(buf, "system:"); strcat(buf, group); - code = (*fn)(member, buf); + com_err(whoami, 0, "%s %s %s group %s", + (op ? "Adding" : "Removing"), member, + (op ? "to" : "from"), group); + code = 0; + code=pr_try(op ? pr_AddToGroup : pr_RemoveUserFromGroup, member, buf); if (code) { - if (op==0 && code == PRNOENT) return; - if (op==1 && code == PRIDEXIST) return; - if (strcmp(type, "KERBEROS") || code != PRNOENT) { - critical_alert("incremental", - "Couldn't %s %s %s %s: %s", - op ? "add" : "remove", member, - op ? "to" : "from", buf, - error_message(code)); + if (op==1 && code == PRIDEXIST) return; /* Already added */ + + if (code == PRNOENT) { /* Something is missing */ + if (op==0) return; /* Already deleted */ + if (!strcmp(type, "KERBEROS")) /* Special instances; ok */ + return; + + /* Check whether the member being added is an active user */ + code = moira_connect(); + if (!code) code = mr_query("get_user_by_login", 1, &member, + check_user, &ustate); + if (code) { + critical_alert("incremental", + "Error contacting Moira server to lookup user %s: %s", + member, error_message(code)); + } + + /* We don't use moira_disconnect() + * because we may already be in the routine. + */ + mr_disconnect(); + mr_connections--; + + if (!code && ustate!=1 && ustate!=2) return; /* inactive user */ + code = PRNOENT; } + + critical_alert("incremental", + "Couldn't %s %s %s %s: %s", + op ? "add" : "remove", member, + op ? "to" : "from", buf, + error_message(code)); } - if (p) *p = '@'; } -do_filesys(before, beforec, after, afterc) -char **before; -int beforec; -char **after; -int afterc; +long pr_try(fn, a1, a2, a3, a4, a5, a6, a7, a8) + long (*fn)(); + char *a1, *a2, *a3, *a4, *a5, *a6, *a7, *a8; { - char cmd[1024]; - - if (beforec < FS_CREATE) { - if (afterc < FS_CREATE || atoi(after[FS_CREATE])==0 || - strcmp(after[FS_TYPE], "AFS")) - return; + static int initd=0; + volatile register long code; + register int tries = 0; +#ifdef DEBUG + char fname[64]; +#endif - /* new locker creation */ - sprintf(cmd, "%s/perl -I%s %s/afs_create.pl %s %s %s %s %s %s", - BIN_DIR, BIN_DIR, BIN_DIR, - after[FS_NAME], after[FS_L_TYPE], after[FS_MACHINE], - after[FS_PACK], after[FS_OWNER], after[FS_OWNERS]); - do_cmd(cmd); + check_afs(); + + if (initd) { + code=pr_Initialize(0, AFSCONF_CLIENTNAME, 0); + } else { + code = 0; + initd = 1; + } + if (!code) code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0); + if (code) { + critical_alert("incremental", "Couldn't initialize libprot: %s", + error_message(code)); return; } - /* What do we do? When do we use FS_CREATE? - * - * TYPE change: AFS->ERR, ERR->AFS: rename/unmount/remount - * LOCKERTYPE change: rename/remount - * PACK change: remount - * LABEL change: rename/remount - * Deletion: rename/unmount - */ + sleep(1); /* give ptserver room */ + + while (code = (*fn)(a1, a2, a3, a4, a5, a6, a7, a8)) { +#ifdef DEBUG + long t; + t = time(0); + if (fn == pr_AddToGroup) strcpy(fname, "pr_AddToGroup"); + else if (fn == pr_RemoveUserFromGroup) + strcpy(fname, "pr_RemoveUserFromGroup"); + else if (fn == pr_CreateUser) strcpy(fname, "pr_CreateUser"); + else if (fn == pr_CreateGroup) strcpy(fname, "pr_CreateGroup"); + else if (fn == pr_DeleteByID) strcpy(fname, "pr_DeleteByID"); + else if (fn == pr_ChangeEntry) strcpy(fname, "pr_ChangeEntry"); + else if (fn == pr_SetFieldsEntry) strcpy(fname, "pr_SetFieldsEntry"); + else if (fn == pr_AddToGroup) strcpy(fname, "pr_AddToGroup"); + else + sprintf(fname, "pr_??? (0x%08x)", (long)fn); + + com_err(whoami, code, "- %s failed (try %d @%u)", fname, tries+1, t); +#endif + if (++tries > 2) break; /* 3 tries */ + + if (code == UNOQUORUM) sleep(90); + else sleep(15); + + /* Re-initialize the prdb connection */ + code=pr_Initialize(0, AFSCONF_CLIENTNAME, 0); + if (!code) code=pr_Initialize(1, AFSCONF_CLIENTNAME, 0); + if (code) { + critical_alert("incremental", "Couldn't re-initialize libprot: %s", + error_message(code)); + initd = 0; /* we lost */ + break; + } + } + return code; } -do_quota(before, beforec, after, afterc) -char **before; -int beforec; -char **after; -int afterc; +check_afs() { - char cmd[1024]; + int i; + + for (i=0; file_exists(STOP_FILE); i++) { + if (i > 30) { + critical_alert("incremental", + "AFS incremental failed (%s exists): %s", + STOP_FILE, tbl_buf); + exit(1); + } + sleep(60); + } +} - if (afterc < Q_DIRECTORY || strcmp("ANY", after[Q_TYPE]) || - strncmp("/afs/", after[Q_DIRECTORY], 5)) - return; - sprintf(cmd, "%s/perl -I%s %s/afs_quota.pl %s %s", - BIN_DIR, BIN_DIR, BIN_DIR, - after[Q_DIRECTORY], after[Q_QUOTA]); - do_cmd(cmd); - return; +moira_connect() +{ + static char hostname[64]; + long code; + + if (!mr_connections++) { +#ifdef DEBUG + code = mr_connect("moira"); +#else + gethostname(hostname, sizeof(hostname)); + code = mr_connect(hostname); +#endif + if (!code) code = mr_auth("afs.incr"); + return code; + } + return 0; +} + +moira_disconnect() +{ + struct member *m; + + if (!--mr_connections) { + mr_disconnect(); + while(m = member_head) { + edit_group(m->op, m->list, m->type, m->member); + member_head = m->next; + free(m); + } + } + return 0; }