Skip to content
Snippets Groups Projects
Select Git revision
  • 3624d2d04a20551dfcf8c972cdc6a4aec1cbef3c
  • master default protected
  • rednatco-v2
  • rednatco
  • test
  • ntc-tube-uniform-color
  • ntc-tube-missing-atoms
  • restore-vertex-array-per-program
  • watlas2
  • dnatco_new
  • cleanup-old-nodejs
  • webmmb
  • fix_auth_seq_id
  • update_deps
  • ext_dev
  • ntc_balls
  • nci-2
  • plugin
  • bugfix-0.4.5
  • nci
  • servers
  • v0.5.0-dev.1
  • v0.4.5
  • v0.4.4
  • v0.4.3
  • v0.4.2
  • v0.4.1
  • v0.4.0
  • v0.3.12
  • v0.3.11
  • v0.3.10
  • v0.3.9
  • v0.3.8
  • v0.3.7
  • v0.3.6
  • v0.3.5
  • v0.3.4
  • v0.3.3
  • v0.3.2
  • v0.3.1
  • v0.3.0
41 results

classifier.ts

Blame
    • 30-DU-mnsswitch.patch 12.77 KiB 
    --- a/Makefile.am
+++ b/Makefile.am
@@ -11,7 +11,7 @@
 GUMS_MAPPING_LIB =
 endif
 lib_LTLIBRARIES = libnfsidmap.la
-pkglib_LTLIBRARIES = nsswitch.la static.la $(UMICH_LDAP_LIB) $(GUMS_MAPPING_LIB)
+pkglib_LTLIBRARIES = nsswitch.la mnsswitch.la static.la $(UMICH_LDAP_LIB) $(GUMS_MAPPING_LIB)
 
 # Library versioning notes from:
 #  http://sources.redhat.com/autobook/autobook/autobook_91.html
@@ -32,6 +32,9 @@
 nsswitch_la_SOURCES = nss.c
 nsswitch_la_LDFLAGS = -module -avoid-version
 
+mnsswitch_la_SOURCES = mnss.c
+mnsswitch_la_LDFLAGS = -module -avoid-version
+
 static_la_SOURCES = static.c
 static_la_LDFLAGS = -module -avoid-version
 
--- a/Makefile.in
+++ b/Makefile.in
@@ -99,6 +99,12 @@
 nsswitch_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
 	$(nsswitch_la_LDFLAGS) $(LDFLAGS) -o $@
+mnsswitch_la_LIBADD =
+am_mnsswitch_la_OBJECTS = mnss.lo
+mnsswitch_la_OBJECTS = $(am_mnsswitch_la_OBJECTS)
+mnsswitch_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(mnsswitch_la_LDFLAGS) $(LDFLAGS) -o $@
 static_la_LIBADD =
 am_static_la_OBJECTS = static.lo
 static_la_OBJECTS = $(am_static_la_OBJECTS)
@@ -126,10 +132,10 @@
 	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
 	$(LDFLAGS) -o $@
 SOURCES = $(gums_la_SOURCES) $(libnfsidmap_la_SOURCES) \
-	$(nsswitch_la_SOURCES) $(static_la_SOURCES) \
+	$(nsswitch_la_SOURCES) $(mnsswitch_la_SOURCES)  $(static_la_SOURCES) \
 	$(umich_ldap_la_SOURCES)
 DIST_SOURCES = $(gums_la_SOURCES) $(libnfsidmap_la_SOURCES) \
-	$(nsswitch_la_SOURCES) $(static_la_SOURCES) \
+	$(nsswitch_la_SOURCES) $(mnsswitch_la_SOURCES) $(static_la_SOURCES) \
 	$(umich_ldap_la_SOURCES)
 man3dir = $(mandir)/man3
 man5dir = $(mandir)/man5
@@ -202,7 +208,6 @@
 PACKAGE_NAME = @PACKAGE_NAME@
 PACKAGE_STRING = @PACKAGE_STRING@
 PACKAGE_TARNAME = @PACKAGE_TARNAME@
-PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
 RANLIB = @RANLIB@
@@ -248,6 +253,7 @@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -269,7 +275,7 @@
 @ENABLE_GUMS_FALSE@GUMS_MAPPING_LIB = 
 @ENABLE_GUMS_TRUE@GUMS_MAPPING_LIB = gums.la
 lib_LTLIBRARIES = libnfsidmap.la
-pkglib_LTLIBRARIES = nsswitch.la static.la $(UMICH_LDAP_LIB) $(GUMS_MAPPING_LIB)
    +pkglib_LTLIBRARIES = nsswitch.la mnsswitch.la static.la $(UMICH_LDAP_LIB) $(GUMS_MAPPING_LIB)
 
 # Library versioning notes from:
 #  http://sources.redhat.com/autobook/autobook/autobook_91.html
@@ -287,6 +293,8 @@
 libnfsidmap_la_LIBADD = -ldl
 nsswitch_la_SOURCES = nss.c
 nsswitch_la_LDFLAGS = -module -avoid-version
+mnsswitch_la_SOURCES = mnss.c
+mnsswitch_la_LDFLAGS = -module -avoid-version
 static_la_SOURCES = static.c
 static_la_LDFLAGS = -module -avoid-version
 umich_ldap_la_SOURCES = umich_ldap.c
@@ -430,6 +438,8 @@
 	$(libnfsidmap_la_LINK) -rpath $(libdir) $(libnfsidmap_la_OBJECTS) $(libnfsidmap_la_LIBADD) $(LIBS)
 nsswitch.la: $(nsswitch_la_OBJECTS) $(nsswitch_la_DEPENDENCIES) 
 	$(nsswitch_la_LINK) -rpath $(pkglibdir) $(nsswitch_la_OBJECTS) $(nsswitch_la_LIBADD) $(LIBS)
+mnsswitch.la: $(mnsswitch_la_OBJECTS) $(mnsswitch_la_DEPENDENCIES) 
+	$(mnsswitch_la_LINK) -rpath $(pkglibdir) $(mnsswitch_la_OBJECTS) $(mnsswitch_la_LIBADD) $(LIBS)
 static.la: $(static_la_OBJECTS) $(static_la_DEPENDENCIES) 
 	$(static_la_LINK) -rpath $(pkglibdir) $(static_la_OBJECTS) $(static_la_LIBADD) $(LIBS)
 umich_ldap.la: $(umich_ldap_la_OBJECTS) $(umich_ldap_la_DEPENDENCIES) 
@@ -445,6 +455,7 @@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gums.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnfsidmap.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nss.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mnss.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/static.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlcpy.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umich_ldap.Plo@am__quote@
--- /dev/null
+++ b/mnss.c
@@ -0,0 +1,414 @@
+/*
+ *  nss.c
+ *
+ *  nsswitch idmapping functions.
+ *
+ *  Copyright (c) 2004 The Regents of the University of Michigan.
+ *  All rights reserved.
+ *
+ *  J. Bruce Fields <bfields@umich.edu>
+ *
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions
+ *  are met:
+ *
+ *  1. Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *  2. Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in the
+ *     documentation and/or other materials provided with the distribution.
+ *  3. Neither the name of the University nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#define _GNU_SOURCE 1
    +#include <sys/types.h>
+#include <errno.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <pwd.h>
+#include <grp.h>
+#include <netdb.h>
+#include <err.h>
+#include <grp.h>
+#include "nfsidmap.h"
+#include "nfsidmap_internal.h"
+#include "cfg.h"
+#include <syslog.h>
+
+#define MNSS_FILE_UID "/etc/passwd-nfs4"
+#define MNSS_FILE_GID "/etc/group-nfs4"
+
+/*
+ * Multidomain NSS Translation Methods (require nss plugin)
+ *
+ * These are all just wrappers around getpwnam and friends;
+ */
+
+static int
+adddomain(char *name, size_t len)
+{
+	char *p;
+	if(strchr(name, '@') != NULL)
+		return 0;
+
+	if((p = get_default_domain()) == NULL)
+		return 0;
+
+	if(strlen(name)+strlen(p)+2 > len) {
+		return -ERANGE;
+	}
+
+	strcat(name, "@");
+	strcat(name, p);
+	return 0;
+}
+
+static void
+stripdomain(char *name)
+{
+        char *p, *p1;
+        if((p = get_default_domain())!=NULL) {
+                p1 = strchr(name, '@');
+                if(p1 == NULL)
+                        return;
+                if(strcasecmp(p1+1, p) == 0) {
+                        *p1 = 0;
+                        return;
+                }
+        }
+}
+
+
+static int mnss_uid_to_name(uid_t uid, char *domain, char *name, size_t len)
+{
+	FILE *file;
+	char *buff=NULL;
+	char *p;
+	int u;
+	size_t len_l=0;
+	int err = -ENOENT;
+
+	file = fopen(MNSS_FILE_UID, "r");
    +
+	if(!file)
+		return -ENOENT;
+
+	do {
+		if(getline(&buff, &len_l, file) < 1)
+			break;
+		p = strchr(buff, ':');
+		if(p == NULL)
+			continue;
+		*p = 0;
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		u = atoi(p+1);
+		if(u == uid) {
+			strncpy(name, buff, len);
+			err = adddomain(name,len);
+			goto out;
+		}
+	} while(!feof(file));
+
+out:	
+	fclose(file);
+	free(buff);
+	return err;
+}
+
+static int mnss_gid_to_name(gid_t gid, char *domain, char *name, size_t len)
+{
+	FILE *file;
+	char *buff=NULL;
+	char *p;
+	int u;
+	size_t len_l=0;
+	int err=-ENOENT;
+
+	file = fopen(MNSS_FILE_GID, "r");
+	if(!file)
+		return -ENOENT;
+
+	do {
+		if(getline(&buff, &len_l, file) < 0)
+			break;
+		p = strchr(buff, ':');
+		if(p == NULL)
+			continue;
+		*p = 0;
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		u = atoi(p+1);
+		if(u == gid) {
+			strncpy(name, buff, len);
+			err = adddomain(name, len);
+			goto out;
+		}
+	} while(!feof(file));
+
+out:
+	fclose(file);
+	free(buff);
+	return err;
+
+}
+
+static int mnss_name_to_uid(char *name, uid_t *uid)
+{
+	FILE *file;
+	char *buff=NULL;
    +	char *p;
+	int u;
+	size_t len=0;
+	int err = -ENOENT;
+
+	file = fopen(MNSS_FILE_UID, "r");
+	if(!file)
+		return -ENOENT;
+
+	do {
+		if(getline(&buff, &len, file) < 1)
+			break;
+		p = strchr(buff, ':');
+		if(p == NULL)
+			continue;
+		*p = 0;
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		u = atoi(p+1);
+		if(strchr(name, '@') == NULL) {
+			stripdomain(buff);
+		} else {
+			if(adddomain(buff, len) == -ERANGE) {
+				len = len + 2 + strlen(get_default_domain());
+				buff = realloc(buff, len);
+				if(!buff) {
+					err = -ENOMEM;
+					goto out;
+				}
+				adddomain(buff, len);
+			}		
+		}
+		if(strcmp(name, buff) == 0) {
+			*uid = u;
+			err = 0;
+			goto out;
+		}
+	} while(!feof(file));
+
+out:	
+	fclose(file);
+	free(buff);
+	return err;
+}
+
+static int find_gid(char *name, gid_t *gid)
+{
+	FILE *file;
+	char *buff=NULL;
+	char *p;
+	int u;
+	size_t len=0;
+	int err = -ENOENT;
+	
+	file = fopen(MNSS_FILE_UID, "r");
+	if(!file)
+		return -ENOENT;
+
+	do {
+		if(getline(&buff, &len, file) < 1)
+			break;
+		p = strchr(buff, ':');
+		if(p == NULL)
+			continue;
+		*p = 0;
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		p = strchr(p+1, ':');
    +		if(p == NULL)
+			continue;
+		u = atoi(p+1);
+		if(strchr(name, '@') == NULL) 
+			stripdomain(buff);
+		else {
+			if(adddomain(buff, len) == -ERANGE) {
+				len = len + 2 + strlen(get_default_domain());
+				buff = realloc(buff, len);
+				if(!buff) {
+					err = -ENOMEM;
+					goto out;
+				}
+				adddomain(buff, len);
+			}
+		}
+		if(strcmp(name, buff) == 0) {
+			*gid = u;
+			err = 0;
+			goto out;
+		}
+	} while(!feof(file));
+	IDMAP_LOG(1, ("No group found for user %s in " MNSS_FILE_UID "\n", name));
+out:	
+	fclose(file);
+	free(buff);
+	return err;
+
+}
+
+static int mnss_name_to_gid(char *name, gid_t *gid)
+{
+	FILE *file;
+	char *buff=NULL;
+	char *p;
+	int u;
+	size_t len=0;
+	int err = -ENOENT;
+	
+	file = fopen(MNSS_FILE_GID, "r");
+	if(!file)
+		return -ENOENT;
+
+	do {
+		if(getline(&buff, &len, file) < 1)
+			break;
+		p = strchr(buff, ':');
+		if(p == NULL)
+			continue;
+		*p = 0;
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		u = atoi(p+1);
+		if(strchr(name, '@') == NULL)
+			stripdomain(buff);
+		else {
+			if(adddomain(buff, len) == -ERANGE) {
+				len = len + 2 + strlen(get_default_domain());
+				buff = realloc(buff, len);
+				if(!buff) {
+					err = -ENOMEM;
+					goto out;
+				}
+				adddomain(buff, len);
+			}
+		}
+		if(strcmp(name, buff) == 0) {
+			*gid = u;
+			err = 0;
    +			goto out;
+		} else {
+			IDMAP_LOG(3, ("No match between %s and %s in " MNSS_FILE_GID "\n", name, buff));
+		}
+	} while(!feof(file));
+	IDMAP_LOG(1, ("No GID found for group %s in " MNSS_FILE_GID "\n", name));
+out:	
+	fclose(file);
+	free(buff);
+	return err;
+}
+
+static int mnss_gss_princ_to_ids(char *secname, char *princ,
+		uid_t *uid, uid_t *gid)
+{
+	struct passwd *pw;
+	int err = 0;
+
+	if (strcmp(secname, "krb5") != 0 && strcmp(secname, "spkm3") != 0)
+		return -EINVAL;
+	if(mnss_name_to_uid(princ, uid)==-ENOENT)
+		return -ENOENT;
+	return find_gid(princ, gid);
+}
+
+static int mnss_gss_princ_to_grouplist(char *secname, char *princ,
+		gid_t *groups, int *ngroups)
+{
+	int gid;
+	FILE *file;
+	char *buffer, *p, *tok, *p1;
+	int idx=0;
+	size_t len=0;
+
+	if (strcmp(secname, "krb5") != 0 && strcmp(secname, "spkm3") != 0)
+		return -EINVAL;
+	
+	if(find_gid(princ, &gid)==-ENOENT)
+		return -ENOENT;
+
+	if(*ngroups < 1)
+		return -ERANGE;
+
+	file = fopen(MNSS_FILE_GID, "r");
+	if(!file)
+		return -ENOENT;
+
+	do {
+		if(getline(&buffer, &len, file) < 1)
+			break;
+		p = strchr(buffer, ':');
+		if(p == NULL)
+			continue;
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		gid = atoi(p+1);
+		p = strchr(p+1, ':');
+		if(p == NULL)
+			continue;
+		p++;
+		while((p1 = strtok_r(p, ", \t:\n", &tok))) {
+			p = NULL;
+			if(strcmp(p1, princ)) {
+				if(idx >= *ngroups) {
+					fclose(file);
+					free(buffer);
+					return -ERANGE;
+				} else {
+					groups[idx++] = gid;
    +					break;
+				}
+			}
+		}
+	} while(!feof(file));
+	fclose(file);
+	free(buffer);
+	*ngroups = idx;
+	return idx;
+}
+
+
+struct trans_func mnss_trans = {
+	.name		= "mnsswitch",
+	.init		= NULL,
+	.princ_to_ids	= mnss_gss_princ_to_ids,
+	.name_to_uid	= mnss_name_to_uid,
+	.name_to_gid	= mnss_name_to_gid,
+	.uid_to_name	= mnss_uid_to_name,
+	.gid_to_name	= mnss_gid_to_name,
+	.gss_princ_to_grouplist = mnss_gss_princ_to_grouplist,
+};
+
+struct trans_func *libnfsidmap_plugin_init()
+{
+	        return (&mnss_trans);
+}