X-Git-Url: http://andersk.mit.edu/gitweb/moira.git/blobdiff_plain/f633445dc8231415c11f271f45124aaab7841567..c63e9dd3e70d0b9b80ccdb7574d3f9e75d4bf4f6:/incremental/afs.c diff --git a/incremental/afs.c b/incremental/afs.c index 8d2cf2e9..c3e75887 100644 --- a/incremental/afs.c +++ b/incremental/afs.c @@ -9,19 +9,11 @@ #include #include -#include -#include -#include -#include -#include #include #define file_exists(file) (access((file), F_OK) == 0) -#define LOCALCELL "sms_test.mit.edu" -#define PRS "/u1/sms/bin/prs" -#define FS "/u1/sms/bin/fs" - +char prs[64], fs[64]; char *whoami; @@ -29,8 +21,14 @@ main(argc, argv) char **argv; int argc; { - int beforec, afterc; + int beforec, afterc, i; char *table, **before, **after; +#ifdef DEBUG + char buf[1024]; +#endif + + for (i = getdtablesize() - 1; i > 2; i--) + close(i); table = argv[1]; beforec = atoi(argv[2]); @@ -39,8 +37,27 @@ int argc; after = &argv[4 + beforec]; whoami = argv[0]; +#ifdef DEBUG + sprintf(buf, "%s (", table); + for (i = 0; i < beforec; i++) { + if (i > 0) + strcat(buf, ","); + strcat(buf, before[i]); + } + strcat(buf, ")->("); + for (i = 0; i < afterc; i++) { + if (i > 0) + strcat(buf, ","); + strcat(buf, after[i]); + } + strcat(buf, ")\n"); + write(1,buf,strlen(buf)); +#endif + initialize_sms_error_table(); initialize_krb_error_table(); + sprintf(prs, "%s/prs", BIN_DIR); + sprintf(fs, "%s/fs", BIN_DIR); if (!strcmp(table, "users")) { do_user(before, beforec, after, afterc); @@ -53,7 +70,6 @@ int argc; } else if (!strcmp(table, "nfsquota")) { do_quota(before, beforec, after, afterc); } - unlog(); exit(0); } @@ -61,35 +77,12 @@ int argc; do_cmd(cmd) char *cmd; { - char realm[REALM_SZ + 1]; - static int inited = 0; int success = 0, tries = 0; - CREDENTIALS *c, *get_ticket(); - struct passwd *pw; - char buf[128]; while (success == 0 && tries < 3) { - if (!inited) { - if (krb_get_lrealm(realm) != KSUCCESS) - (void) strcpy(realm, KRB_REALM); - sprintf(buf, "/tmp/tkt_%d_afsinc", getpid()); - krb_set_tkt_string(buf); - - if (((pw = getpwnam("smsdba")) == NULL) || - ((c = get_ticket("sms", "", realm, LOCALCELL)) == NULL) || - (setpag() < 0) || - (setreuid(pw->pw_uid, pw->pw_uid) < 0) || - aklog(c, LOCALCELL)) { - com_err(whoami, 0, "failed to authenticate"); - } else - inited++; - } - - if (inited) { - com_err(whoami, 0, "Executing command: %s", cmd); - if (system(cmd) == 0) - success++; - } + com_err(whoami, 0, "Executing command: %s", cmd); + if (system(cmd) == 0) + success++; if (!success) { tries++; sleep(5 * 60); @@ -114,16 +107,18 @@ int afterc; astate = atoi(after[U_STATE]); if (beforec > U_STATE) bstate = atoi(before[U_STATE]); + if (astate == 2) astate = 1; + if (bstate == 2) bstate = 1; if (astate != 1 && bstate != 1) return; if (astate == 1 && bstate != 1) { - sprintf(cmd, "%s newuser -name %s -id %s -cell %s", - PRS, after[U_NAME], after[U_UID], LOCALCELL); + sprintf(cmd, "%s newuser -name %s -id %s", + prs, after[U_NAME], after[U_UID]); do_cmd(cmd); return; } else if (astate != 1 && bstate == 1) { - sprintf(cmd, "%s delete %s -cell %s", PRS, before[U_NAME], LOCALCELL); + sprintf(cmd, "%s delete %s", prs, before[U_NAME]); do_cmd(cmd); return; } @@ -136,8 +131,8 @@ int afterc; if (beforec > U_NAME && afterc > U_NAME && strcmp(before[U_NAME], after[U_NAME])) { - sprintf(cmd, "%s chname -oldname %s -newname %s -cell %s", - PRS, before[U_NAME], after[U_NAME], LOCALCELL); + sprintf(cmd, "%s chname -oldname %s -newname %s", + prs, before[U_NAME], after[U_NAME]); do_cmd(cmd); } } @@ -160,14 +155,14 @@ int afterc; agid = atoi(after[L_GID]); if (bgid == 0 && agid != 0) { - sprintf(cmd, "%s create -name system:%s -id %s -cell %s", - PRS, after[L_NAME], after[L_GID], LOCALCELL); + sprintf(cmd, + "%s create -name system:%s -id %s -owner system:administrators", + prs, after[L_NAME], after[L_GID]); do_cmd(cmd); return; } if (agid == 0 && bgid != 0) { - sprintf(cmd, "%s delete -name system:%s -cell %s", - PRS, before[L_NAME], LOCALCELL); + sprintf(cmd, "%s delete -name system:%s", prs, before[L_NAME]); do_cmd(cmd); return; } @@ -175,8 +170,8 @@ int afterc; return; if (strcmp(before[L_NAME], after[L_NAME])) { sprintf(cmd, - "%s chname -oldname system:%s -newname system:%s -cell %s", - PRS, before[L_NAME], after[L_NAME], LOCALCELL); + "%s chname -oldname system:%s -newname system:%s", + prs, before[L_NAME], after[L_NAME]); do_cmd(cmd); return; } @@ -192,14 +187,14 @@ int afterc; char cmd[512]; if (beforec == 0 && !strcmp(after[LM_TYPE], "USER")) { - sprintf(cmd, "%s add -user %s -group system:%s -cell %s", - PRS, after[LM_MEMBER], after[LM_LIST], LOCALCELL); + sprintf(cmd, "%s add -user %s -group system:%s", + prs, after[LM_MEMBER], after[LM_LIST]); do_cmd(cmd); return; } if (afterc == 0 && !strcmp(before[LM_TYPE], "USER")) { - sprintf(cmd, "%s remove -user %s -group system:%s -cell %s", - PRS, before[LM_MEMBER], before[LM_LIST], LOCALCELL); + sprintf(cmd, "%s remove -user %s -group system:%s", + prs, before[LM_MEMBER], before[LM_LIST]); do_cmd(cmd); return; } @@ -214,8 +209,10 @@ int afterc; { if (afterc < FS_CREATE) return; - if (!strcmp("AFS", after[FS_TYPE]) && !strncmp("/afs", after[FS_PACK]) && - !file_exists(after[FS_PACK])) { + if (!strcmp("AFS", after[FS_TYPE]) && + !strncmp("/afs/", after[FS_PACK], 5) && + atoi(after[FS_CREATE]) && + !file_exists(after[FS_PACK])) { critical_alert("incremental", "unable to create locker %s", after[FS_PACK]); } @@ -237,66 +234,8 @@ int afterc; return; if (afterc != 0) { sprintf(cmd, "%s setquota -dir %s -quota %s", - FS, after[Q_DIRECTORY], after[Q_QUOTA]); + fs, after[Q_DIRECTORY], after[Q_QUOTA]); do_cmd(cmd); return; } } - - -CREDENTIALS *get_ticket(name, instance, realm, cell) -char *name; -char *instance; -char *realm; -char *cell; -{ - static CREDENTIALS c; - int status; - - status = krb_get_svc_in_tkt(name, instance, realm, - "krbtgt", realm, 1, KEYFILE); - if (status != 0) { - com_err(whoami, status+ERROR_TABLE_BASE_krb, "getting initial ticket from srvtab"); - return(NULL); - } - status = krb_get_cred("afs", cell, realm, &c); - if (status != 0) { - status = get_ad_tkt("afs", cell, realm, 255); - if (status == 0) - status = krb_get_cred("afs", cell, realm, &c); - } - if (status != 0) { - com_err(whoami, status+ERROR_TABLE_BASE_krb, "getting service ticket"); - return(NULL); - } - return(&c); -} - - -aklog(c, cell) -CREDENTIALS *c; -char *cell; -{ - struct ktc_principal aserver; - struct ktc_token atoken; - - atoken.kvno = c->kvno; - strcpy(aserver.name, "afs"); - strcpy(aserver.instance, ""); - strcpy(aserver.cell, cell); - - atoken.startTime = c->issue_date; - atoken.endTime = c->issue_date + (c->lifetime * 5 * 60); - bcopy (c->session, &atoken.sessionKey, 8); - atoken.ticketLen = c->ticket_st.length; - bcopy (c->ticket_st.dat, atoken.ticket, atoken.ticketLen); - - return(ktc_SetToken(&aserver, &atoken, NULL)); -} - - -unlog() -{ - ktc_ForgetToken("afs"); - dest_tkt(); -}