16185db85Sdougm /* 26185db85Sdougm * CDDL HEADER START 36185db85Sdougm * 46185db85Sdougm * The contents of this file are subject to the terms of the 56185db85Sdougm * Common Development and Distribution License (the "License"). 66185db85Sdougm * You may not use this file except in compliance with the License. 76185db85Sdougm * 86185db85Sdougm * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 96185db85Sdougm * or http://www.opensolaris.org/os/licensing. 106185db85Sdougm * See the License for the specific language governing permissions 116185db85Sdougm * and limitations under the License. 126185db85Sdougm * 136185db85Sdougm * When distributing Covered Code, include this CDDL HEADER in each 146185db85Sdougm * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 156185db85Sdougm * If applicable, add the following below this CDDL HEADER, with the 166185db85Sdougm * fields enclosed by brackets "[]" replaced with your own identifying 176185db85Sdougm * information: Portions Copyright [yyyy] [name of copyright owner] 186185db85Sdougm * 196185db85Sdougm * CDDL HEADER END 206185db85Sdougm */ 216185db85Sdougm 226185db85Sdougm /* 23f345c0beSdougm * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 246185db85Sdougm * Use is subject to license terms. 256185db85Sdougm */ 266185db85Sdougm 276185db85Sdougm #pragma ident "%Z%%M% %I% %E% SMI" 286185db85Sdougm 296185db85Sdougm #include <sys/types.h> 306185db85Sdougm #include <sys/stat.h> 316185db85Sdougm #include <fcntl.h> 326185db85Sdougm #include <stdlib.h> 336185db85Sdougm #include <stdio.h> 346185db85Sdougm #include <string.h> 356185db85Sdougm #include <ctype.h> 366185db85Sdougm #include <unistd.h> 376185db85Sdougm #include <getopt.h> 386185db85Sdougm #include <utmpx.h> 396185db85Sdougm #include <pwd.h> 406185db85Sdougm #include <auth_attr.h> 416185db85Sdougm #include <secdb.h> 426185db85Sdougm #include <sys/param.h> 436185db85Sdougm #include <sys/stat.h> 446185db85Sdougm #include <errno.h> 456185db85Sdougm 466185db85Sdougm #include <libshare.h> 476185db85Sdougm #include "sharemgr.h" 486185db85Sdougm #include <libscf.h> 496185db85Sdougm #include <libxml/tree.h> 506185db85Sdougm #include <libintl.h> 516185db85Sdougm 526185db85Sdougm static char *sa_get_usage(sa_usage_t); 536185db85Sdougm 546185db85Sdougm /* 556185db85Sdougm * Implementation of the common sub-commands supported by sharemgr. 566185db85Sdougm * A number of helper functions are also included. 576185db85Sdougm */ 586185db85Sdougm 596185db85Sdougm /* 606185db85Sdougm * has_protocol(group, proto) 616185db85Sdougm * If the group has an optionset with the specified protocol, 626185db85Sdougm * return true (1) otherwise false (0). 636185db85Sdougm */ 646185db85Sdougm static int 656185db85Sdougm has_protocol(sa_group_t group, char *protocol) 666185db85Sdougm { 676185db85Sdougm sa_optionset_t optionset; 686185db85Sdougm int result = 0; 696185db85Sdougm 706185db85Sdougm optionset = sa_get_optionset(group, protocol); 716185db85Sdougm if (optionset != NULL) { 72*25a68471Sdougm result++; 736185db85Sdougm } 746185db85Sdougm return (result); 756185db85Sdougm } 766185db85Sdougm 776185db85Sdougm /* 786185db85Sdougm * add_list(list, item) 796185db85Sdougm * Adds a new list member that points to item to the list. 806185db85Sdougm * If list is NULL, it starts a new list. The function returns 816185db85Sdougm * the first member of the list. 826185db85Sdougm */ 836185db85Sdougm struct list * 846185db85Sdougm add_list(struct list *listp, void *item, void *data) 856185db85Sdougm { 866185db85Sdougm struct list *new, *tmp; 876185db85Sdougm 886185db85Sdougm new = malloc(sizeof (struct list)); 896185db85Sdougm if (new != NULL) { 90*25a68471Sdougm new->next = NULL; 91*25a68471Sdougm new->item = item; 92*25a68471Sdougm new->itemdata = data; 936185db85Sdougm } else { 94*25a68471Sdougm return (listp); 956185db85Sdougm } 966185db85Sdougm 976185db85Sdougm if (listp == NULL) 98*25a68471Sdougm return (new); 996185db85Sdougm 1006185db85Sdougm for (tmp = listp; tmp->next != NULL; tmp = tmp->next) { 1016185db85Sdougm /* get to end of list */ 1026185db85Sdougm } 1036185db85Sdougm tmp->next = new; 1046185db85Sdougm return (listp); 1056185db85Sdougm } 1066185db85Sdougm 1076185db85Sdougm /* 1086185db85Sdougm * free_list(list) 1096185db85Sdougm * Given a list, free all the members of the list; 1106185db85Sdougm */ 1116185db85Sdougm static void 1126185db85Sdougm free_list(struct list *listp) 1136185db85Sdougm { 1146185db85Sdougm struct list *tmp; 1156185db85Sdougm while (listp != NULL) { 116*25a68471Sdougm tmp = listp; 117*25a68471Sdougm listp = listp->next; 118*25a68471Sdougm free(tmp); 1196185db85Sdougm } 1206185db85Sdougm } 1216185db85Sdougm 1226185db85Sdougm /* 1236185db85Sdougm * check_authorization(instname, which) 1246185db85Sdougm * 1256185db85Sdougm * Checks to see if the specific type of authorization in which is 1266185db85Sdougm * enabled for the user in this SMF service instance. 1276185db85Sdougm */ 1286185db85Sdougm 1296185db85Sdougm static int 1306185db85Sdougm check_authorization(char *instname, int which) 1316185db85Sdougm { 1326185db85Sdougm scf_handle_t *handle = NULL; 1336185db85Sdougm scf_simple_prop_t *prop = NULL; 1346185db85Sdougm char svcstring[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 1356185db85Sdougm char *authstr = NULL; 1366185db85Sdougm ssize_t numauths; 137*25a68471Sdougm int ret = B_TRUE; 1386185db85Sdougm uid_t uid; 1396185db85Sdougm struct passwd *pw = NULL; 1406185db85Sdougm 1416185db85Sdougm uid = getuid(); 1426185db85Sdougm pw = getpwuid(uid); 143*25a68471Sdougm if (pw == NULL) { 144*25a68471Sdougm ret = B_FALSE; 145*25a68471Sdougm } else { 146*25a68471Sdougm /* 147*25a68471Sdougm * Since names are restricted to SA_MAX_NAME_LEN won't 148*25a68471Sdougm * overflow. 149*25a68471Sdougm */ 150*25a68471Sdougm (void) snprintf(svcstring, sizeof (svcstring), "%s:%s", 151*25a68471Sdougm SA_SVC_FMRI_BASE, instname); 152*25a68471Sdougm handle = scf_handle_create(SCF_VERSION); 153*25a68471Sdougm if (handle != NULL) { 154*25a68471Sdougm if (scf_handle_bind(handle) == 0) { 155*25a68471Sdougm switch (which) { 156*25a68471Sdougm case SVC_SET: 157*25a68471Sdougm prop = scf_simple_prop_get(handle, 158*25a68471Sdougm svcstring, "general", 159*25a68471Sdougm SVC_AUTH_VALUE); 160*25a68471Sdougm break; 161*25a68471Sdougm case SVC_ACTION: 162*25a68471Sdougm prop = scf_simple_prop_get(handle, 163*25a68471Sdougm svcstring, "general", 164*25a68471Sdougm SVC_AUTH_ACTION); 165*25a68471Sdougm break; 166*25a68471Sdougm } 167*25a68471Sdougm } 168*25a68471Sdougm } 1696185db85Sdougm } 1706185db85Sdougm /* make sure we have an authorization string property */ 1716185db85Sdougm if (prop != NULL) { 172*25a68471Sdougm int i; 173*25a68471Sdougm numauths = scf_simple_prop_numvalues(prop); 174*25a68471Sdougm for (ret = 0, i = 0; i < numauths; i++) { 175*25a68471Sdougm authstr = scf_simple_prop_next_astring(prop); 176*25a68471Sdougm if (authstr != NULL) { 177*25a68471Sdougm /* check if this user has one of the strings */ 178*25a68471Sdougm if (chkauthattr(authstr, pw->pw_name)) { 179*25a68471Sdougm ret = 1; 180*25a68471Sdougm break; 181*25a68471Sdougm } 182*25a68471Sdougm } 1836185db85Sdougm } 184*25a68471Sdougm endauthattr(); 185*25a68471Sdougm scf_simple_prop_free(prop); 1866185db85Sdougm } else { 187*25a68471Sdougm /* no authorization string defined */ 188*25a68471Sdougm ret = 0; 1896185db85Sdougm } 1906185db85Sdougm if (handle != NULL) 191*25a68471Sdougm scf_handle_destroy(handle); 1926185db85Sdougm return (ret); 1936185db85Sdougm } 1946185db85Sdougm 1956185db85Sdougm /* 1966185db85Sdougm * check_authorizations(instname, flags) 1976185db85Sdougm * 1986185db85Sdougm * check all the needed authorizations for the user in this service 1996185db85Sdougm * instance. Return value of 1(true) or 0(false) indicates whether 2006185db85Sdougm * there are authorizations for the user or not. 2016185db85Sdougm */ 2026185db85Sdougm 2036185db85Sdougm static int 2046185db85Sdougm check_authorizations(char *instname, int flags) 2056185db85Sdougm { 2066185db85Sdougm int ret1 = 0; 2076185db85Sdougm int ret2 = 0; 2086185db85Sdougm int ret; 2096185db85Sdougm 2106185db85Sdougm if (flags & SVC_SET) 211*25a68471Sdougm ret1 = check_authorization(instname, SVC_SET); 2126185db85Sdougm if (flags & SVC_ACTION) 213*25a68471Sdougm ret2 = check_authorization(instname, SVC_ACTION); 2146185db85Sdougm switch (flags) { 2156185db85Sdougm case SVC_ACTION: 216*25a68471Sdougm ret = ret2; 217*25a68471Sdougm break; 2186185db85Sdougm case SVC_SET: 219*25a68471Sdougm ret = ret1; 220*25a68471Sdougm break; 2216185db85Sdougm case SVC_ACTION|SVC_SET: 222*25a68471Sdougm ret = ret1 & ret2; 223*25a68471Sdougm break; 2246185db85Sdougm default: 225*25a68471Sdougm /* if not flags set, we assume we don't need authorizations */ 226*25a68471Sdougm ret = 1; 2276185db85Sdougm } 2286185db85Sdougm return (ret); 2296185db85Sdougm } 2306185db85Sdougm 2316185db85Sdougm /* 2327d968cb8Sdougm * enable_group(group, updateproto) 2337d968cb8Sdougm * 2347d968cb8Sdougm * enable all the shares in the specified group. This is a helper for 2357d968cb8Sdougm * enable_all_groups in order to simplify regular and subgroup (zfs) 2367d968cb8Sdougm * disabling. Group has already been checked for non-NULL. 2376185db85Sdougm */ 2387d968cb8Sdougm 2397d968cb8Sdougm static void 2407d968cb8Sdougm enable_group(sa_group_t group, char *updateproto) 2416185db85Sdougm { 2426185db85Sdougm sa_share_t share; 2437d968cb8Sdougm 2447d968cb8Sdougm for (share = sa_get_share(group, NULL); 2457d968cb8Sdougm share != NULL; 2467d968cb8Sdougm share = sa_get_next_share(share)) { 247*25a68471Sdougm if (updateproto != NULL) 248*25a68471Sdougm (void) sa_update_legacy(share, updateproto); 249*25a68471Sdougm (void) sa_enable_share(share, NULL); 2507d968cb8Sdougm } 2517d968cb8Sdougm } 2527d968cb8Sdougm 253330ef417Sdougm /* 254330ef417Sdougm * isenabled(group) 255330ef417Sdougm * 256330ef417Sdougm * Returns B_TRUE if the group is enabled or B_FALSE if it isn't. 257330ef417Sdougm * Moved to separate function to reduce clutter in the code. 258330ef417Sdougm */ 259330ef417Sdougm 260330ef417Sdougm static int 261330ef417Sdougm isenabled(sa_group_t group) 262330ef417Sdougm { 263330ef417Sdougm char *state; 264330ef417Sdougm int ret = B_FALSE; 265330ef417Sdougm 266330ef417Sdougm if (group != NULL) { 267*25a68471Sdougm state = sa_get_group_attr(group, "state"); 268*25a68471Sdougm if (state != NULL) { 269*25a68471Sdougm if (strcmp(state, "enabled") == 0) 270*25a68471Sdougm ret = B_TRUE; 271*25a68471Sdougm sa_free_attr_string(state); 272*25a68471Sdougm } 273330ef417Sdougm } 274330ef417Sdougm return (ret); 275330ef417Sdougm } 276330ef417Sdougm 2777d968cb8Sdougm /* 2787d968cb8Sdougm * enable_all_groups(list, setstate, online, updateproto) 2797d968cb8Sdougm * Given a list of groups, enable each one found. If updateproto 2807d968cb8Sdougm * is not NULL, then update all the shares for the protocol that 2817d968cb8Sdougm * was passed in. 2827d968cb8Sdougm */ 2837d968cb8Sdougm static int 284549ec3ffSdougm enable_all_groups(sa_handle_t handle, struct list *work, int setstate, 285549ec3ffSdougm int online, char *updateproto) 2867d968cb8Sdougm { 287330ef417Sdougm int ret; 2886185db85Sdougm char instance[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 2896185db85Sdougm char *state; 2906185db85Sdougm char *name; 2916185db85Sdougm char *zfs = NULL; 2926185db85Sdougm sa_group_t group; 2937d968cb8Sdougm sa_group_t subgroup; 2946185db85Sdougm 295330ef417Sdougm for (ret = SA_OK; work != NULL; work = work->next) { 296*25a68471Sdougm group = (sa_group_t)work->item; 297330ef417Sdougm 298330ef417Sdougm /* 299330ef417Sdougm * If setstate == TRUE, then make sure to set 300330ef417Sdougm * enabled. This needs to be done here in order for 301330ef417Sdougm * the isenabled check to succeed on a newly enabled 302330ef417Sdougm * group. 303330ef417Sdougm */ 304*25a68471Sdougm if (setstate == B_TRUE) { 305*25a68471Sdougm ret = sa_set_group_attr(group, "state", "enabled"); 306*25a68471Sdougm if (ret != SA_OK) 307*25a68471Sdougm break; 308*25a68471Sdougm } 309330ef417Sdougm 310330ef417Sdougm /* 311330ef417Sdougm * Check to see if group is enabled. If it isn't, skip 312330ef417Sdougm * the rest. We don't want shares starting if the 313330ef417Sdougm * group is disabled. The properties may have been 314330ef417Sdougm * updated, but there won't be a change until the 315330ef417Sdougm * group is enabled. 316330ef417Sdougm */ 317*25a68471Sdougm if (!isenabled(group)) 318*25a68471Sdougm continue; 319330ef417Sdougm 320*25a68471Sdougm /* if itemdata != NULL then a single share */ 321*25a68471Sdougm if (work->itemdata != NULL) { 322*25a68471Sdougm ret = sa_enable_share((sa_share_t)work->itemdata, NULL); 323*25a68471Sdougm } 324*25a68471Sdougm if (ret != SA_OK) 325*25a68471Sdougm break; 326*25a68471Sdougm 327*25a68471Sdougm /* if itemdata == NULL then the whole group */ 328*25a68471Sdougm if (work->itemdata == NULL) { 329*25a68471Sdougm zfs = sa_get_group_attr(group, "zfs"); 330*25a68471Sdougm /* 331*25a68471Sdougm * if the share is managed by ZFS, don't 332*25a68471Sdougm * update any of the protocols since ZFS is 333*25a68471Sdougm * handling this. updateproto will contain 334*25a68471Sdougm * the name of the protocol that we want to 335*25a68471Sdougm * update legacy files for. 336*25a68471Sdougm */ 337*25a68471Sdougm enable_group(group, zfs == NULL ? updateproto : NULL); 338*25a68471Sdougm for (subgroup = sa_get_sub_group(group); 339*25a68471Sdougm subgroup != NULL; 340*25a68471Sdougm subgroup = sa_get_next_group(subgroup)) { 341*25a68471Sdougm /* never update legacy for ZFS subgroups */ 342*25a68471Sdougm enable_group(subgroup, NULL); 343*25a68471Sdougm } 344*25a68471Sdougm } 345*25a68471Sdougm if (online) { 346*25a68471Sdougm zfs = sa_get_group_attr(group, "zfs"); 347*25a68471Sdougm name = sa_get_group_attr(group, "name"); 348*25a68471Sdougm if (name != NULL) { 349*25a68471Sdougm if (zfs == NULL) { 350*25a68471Sdougm (void) snprintf(instance, 351*25a68471Sdougm sizeof (instance), "%s:%s", 352*25a68471Sdougm SA_SVC_FMRI_BASE, name); 353*25a68471Sdougm state = smf_get_state(instance); 354*25a68471Sdougm if (state == NULL || 355*25a68471Sdougm strcmp(state, "online") != 0) { 356*25a68471Sdougm (void) smf_enable_instance( 357*25a68471Sdougm instance, 0); 358*25a68471Sdougm free(state); 359*25a68471Sdougm } 360*25a68471Sdougm } else { 361*25a68471Sdougm sa_free_attr_string(zfs); 362*25a68471Sdougm zfs = NULL; 363*25a68471Sdougm } 364*25a68471Sdougm if (name != NULL) 365*25a68471Sdougm sa_free_attr_string(name); 3666185db85Sdougm } 3676185db85Sdougm } 3686185db85Sdougm } 3696185db85Sdougm if (ret == SA_OK) { 370*25a68471Sdougm ret = sa_update_config(handle); 3716185db85Sdougm } 3726185db85Sdougm return (ret); 3736185db85Sdougm } 3746185db85Sdougm 3756185db85Sdougm /* 3766185db85Sdougm * chk_opt(optlistp, security, proto) 3776185db85Sdougm * 3786185db85Sdougm * Do a sanity check on the optlist provided for the protocol. This 3796185db85Sdougm * is a syntax check and verification that the property is either a 3806185db85Sdougm * general or specific to a names optionset. 3816185db85Sdougm */ 3826185db85Sdougm 3836185db85Sdougm static int 3846185db85Sdougm chk_opt(struct options *optlistp, int security, char *proto) 3856185db85Sdougm { 3866185db85Sdougm struct options *optlist; 3876185db85Sdougm char *sep = ""; 3886185db85Sdougm int notfirst = 0; 3896185db85Sdougm int ret; 3906185db85Sdougm 3916185db85Sdougm for (optlist = optlistp; optlist != NULL; optlist = optlist->next) { 392*25a68471Sdougm char *optname; 393*25a68471Sdougm 394*25a68471Sdougm optname = optlist->optname; 395*25a68471Sdougm ret = OPT_ADD_OK; 396*25a68471Sdougm /* extract property/value pair */ 397*25a68471Sdougm if (sa_is_security(optname, proto)) { 398*25a68471Sdougm if (!security) 399*25a68471Sdougm ret = OPT_ADD_SECURITY; 400*25a68471Sdougm } else { 401*25a68471Sdougm if (security) 402*25a68471Sdougm ret = OPT_ADD_PROPERTY; 403*25a68471Sdougm } 404*25a68471Sdougm if (ret != OPT_ADD_OK) { 405*25a68471Sdougm if (notfirst == 0) 406*25a68471Sdougm (void) printf( 407*25a68471Sdougm gettext("Property syntax error: ")); 408*25a68471Sdougm switch (ret) { 409*25a68471Sdougm case OPT_ADD_SYNTAX: 410*25a68471Sdougm (void) printf(gettext("%ssyntax error: %s"), 4116185db85Sdougm sep, optname); 412*25a68471Sdougm sep = ", "; 413*25a68471Sdougm break; 414*25a68471Sdougm case OPT_ADD_SECURITY: 415*25a68471Sdougm (void) printf(gettext("%s%s requires -S"), 4166185db85Sdougm optname, sep); 417*25a68471Sdougm sep = ", "; 418*25a68471Sdougm break; 419*25a68471Sdougm case OPT_ADD_PROPERTY: 420*25a68471Sdougm (void) printf( 421*25a68471Sdougm gettext("%s%s not supported with -S"), 4226185db85Sdougm optname, sep); 423*25a68471Sdougm sep = ", "; 424*25a68471Sdougm break; 425*25a68471Sdougm } 426*25a68471Sdougm notfirst++; 4276185db85Sdougm } 4286185db85Sdougm } 4296185db85Sdougm if (notfirst) { 430*25a68471Sdougm (void) printf("\n"); 431*25a68471Sdougm ret = SA_SYNTAX_ERR; 4326185db85Sdougm } 4336185db85Sdougm return (ret); 4346185db85Sdougm } 4356185db85Sdougm 4366185db85Sdougm /* 4376185db85Sdougm * free_opt(optlist) 4386185db85Sdougm * Free the specified option list. 4396185db85Sdougm */ 4406185db85Sdougm static void 4416185db85Sdougm free_opt(struct options *optlist) 4426185db85Sdougm { 4436185db85Sdougm struct options *nextopt; 4446185db85Sdougm while (optlist != NULL) { 4456185db85Sdougm nextopt = optlist->next; 4466185db85Sdougm free(optlist); 4476185db85Sdougm optlist = nextopt; 4486185db85Sdougm } 4496185db85Sdougm } 4506185db85Sdougm 4516185db85Sdougm /* 4526185db85Sdougm * check property list for valid properties 4536185db85Sdougm * A null value is a remove which is always valid. 4546185db85Sdougm */ 4556185db85Sdougm static int 4566185db85Sdougm valid_options(struct options *optlist, char *proto, void *object, char *sec) 4576185db85Sdougm { 4586185db85Sdougm int ret = SA_OK; 4596185db85Sdougm struct options *cur; 4606185db85Sdougm sa_property_t prop; 4616185db85Sdougm sa_optionset_t parent = NULL; 4626185db85Sdougm 4636185db85Sdougm if (object != NULL) { 464*25a68471Sdougm if (sec == NULL) 465*25a68471Sdougm parent = sa_get_optionset(object, proto); 466*25a68471Sdougm else 467*25a68471Sdougm parent = sa_get_security(object, sec, proto); 4686185db85Sdougm } 4696185db85Sdougm 4706185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 471*25a68471Sdougm if (cur->optvalue == NULL) 472*25a68471Sdougm continue; 4736185db85Sdougm prop = sa_create_property(cur->optname, cur->optvalue); 4746185db85Sdougm if (prop == NULL) 475*25a68471Sdougm ret = SA_NO_MEMORY; 4766185db85Sdougm if (ret != SA_OK || 4776185db85Sdougm (ret = sa_valid_property(parent, proto, prop)) != SA_OK) { 478*25a68471Sdougm (void) printf( 479*25a68471Sdougm gettext("Could not add property %s: %s\n"), 480*25a68471Sdougm cur->optname, sa_errorstr(ret)); 4816185db85Sdougm } 4826185db85Sdougm (void) sa_remove_property(prop); 4836185db85Sdougm } 4846185db85Sdougm return (ret); 4856185db85Sdougm } 4866185db85Sdougm 4876185db85Sdougm /* 4886185db85Sdougm * add_optionset(group, optlist, protocol, *err) 4896185db85Sdougm * Add the options in optlist to an optionset and then add the optionset 4906185db85Sdougm * to the group. 4916185db85Sdougm * 4926185db85Sdougm * The return value indicates if there was a "change" while errors are 4936185db85Sdougm * returned via the *err parameters. 4946185db85Sdougm */ 4956185db85Sdougm static int 4966185db85Sdougm add_optionset(sa_group_t group, struct options *optlist, char *proto, int *err) 4976185db85Sdougm { 4986185db85Sdougm sa_optionset_t optionset; 4996185db85Sdougm int ret = SA_OK; 5006185db85Sdougm int result = 0; 5016185db85Sdougm 5026185db85Sdougm optionset = sa_get_optionset(group, proto); 5036185db85Sdougm if (optionset == NULL) { 504*25a68471Sdougm optionset = sa_create_optionset(group, proto); 505*25a68471Sdougm result = 1; /* adding a protocol is a change */ 5066185db85Sdougm } 507*25a68471Sdougm if (optionset == NULL) { 508*25a68471Sdougm ret = SA_NO_MEMORY; 509*25a68471Sdougm goto out; 510*25a68471Sdougm } 511*25a68471Sdougm while (optlist != NULL) { 5126185db85Sdougm sa_property_t prop; 5136185db85Sdougm prop = sa_get_property(optionset, optlist->optname); 5146185db85Sdougm if (prop == NULL) { 5156185db85Sdougm /* 5166185db85Sdougm * add the property, but only if it is 5176185db85Sdougm * a non-NULL or non-zero length value 5186185db85Sdougm */ 519*25a68471Sdougm if (optlist->optvalue != NULL) { 520*25a68471Sdougm prop = sa_create_property(optlist->optname, 521*25a68471Sdougm optlist->optvalue); 522*25a68471Sdougm if (prop != NULL) { 523*25a68471Sdougm ret = sa_valid_property(optionset, 524*25a68471Sdougm proto, prop); 525*25a68471Sdougm if (ret != SA_OK) { 526*25a68471Sdougm (void) sa_remove_property(prop); 527*25a68471Sdougm (void) printf(gettext("Could " 528*25a68471Sdougm "not add property " 529*25a68471Sdougm "%s: %s\n"), 530*25a68471Sdougm optlist->optname, 531*25a68471Sdougm sa_errorstr(ret)); 532*25a68471Sdougm } 533*25a68471Sdougm } 534*25a68471Sdougm if (ret == SA_OK) { 535*25a68471Sdougm ret = sa_add_property(optionset, prop); 536*25a68471Sdougm if (ret != SA_OK) { 537*25a68471Sdougm (void) printf(gettext( 538*25a68471Sdougm "Could not add property " 539*25a68471Sdougm "%s: %s\n"), 540*25a68471Sdougm optlist->optname, 541*25a68471Sdougm sa_errorstr(ret)); 542*25a68471Sdougm } else { 543*25a68471Sdougm /* there was a change */ 544*25a68471Sdougm result = 1; 545*25a68471Sdougm } 546*25a68471Sdougm } 5476185db85Sdougm } 548*25a68471Sdougm } else { 549*25a68471Sdougm ret = sa_update_property(prop, optlist->optvalue); 550*25a68471Sdougm /* should check to see if value changed */ 551*25a68471Sdougm if (ret != SA_OK) { 552*25a68471Sdougm (void) printf(gettext("Could not update " 553*25a68471Sdougm "property %s: %s\n"), optlist->optname, 554*25a68471Sdougm sa_errorstr(ret)); 555*25a68471Sdougm } else { 5566185db85Sdougm result = 1; 5576185db85Sdougm } 5586185db85Sdougm } 5596185db85Sdougm optlist = optlist->next; 5606185db85Sdougm } 561*25a68471Sdougm ret = sa_commit_properties(optionset, 0); 562*25a68471Sdougm 563*25a68471Sdougm out: 5646185db85Sdougm if (err != NULL) 565*25a68471Sdougm *err = ret; 5666185db85Sdougm return (result); 5676185db85Sdougm } 5686185db85Sdougm 5696185db85Sdougm /* 5706185db85Sdougm * sa_create(flags, argc, argv) 5716185db85Sdougm * create a new group 5726185db85Sdougm * this may or may not have a protocol associated with it. 5736185db85Sdougm * No protocol means "all" protocols in this case. 5746185db85Sdougm */ 5756185db85Sdougm static int 576549ec3ffSdougm sa_create(sa_handle_t handle, int flags, int argc, char *argv[]) 5776185db85Sdougm { 5786185db85Sdougm char *groupname; 5796185db85Sdougm 5806185db85Sdougm sa_group_t group; 5816185db85Sdougm int verbose = 0; 5826185db85Sdougm int dryrun = 0; 5836185db85Sdougm int c; 5846185db85Sdougm char *protocol = NULL; 5856185db85Sdougm int ret = SA_OK; 5866185db85Sdougm struct options *optlist = NULL; 5876185db85Sdougm int err = 0; 5886185db85Sdougm int auth; 5896185db85Sdougm 5906185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:")) != EOF) { 591*25a68471Sdougm switch (c) { 592*25a68471Sdougm case 'v': 593*25a68471Sdougm verbose++; 594*25a68471Sdougm break; 595*25a68471Sdougm case 'n': 596*25a68471Sdougm dryrun++; 597*25a68471Sdougm break; 598*25a68471Sdougm case 'P': 599*25a68471Sdougm protocol = optarg; 600*25a68471Sdougm if (sa_valid_protocol(protocol)) 601*25a68471Sdougm break; 602*25a68471Sdougm (void) printf(gettext( 603*25a68471Sdougm "Invalid protocol specified: %s\n"), protocol); 604*25a68471Sdougm return (SA_INVALID_PROTOCOL); 605*25a68471Sdougm break; 606*25a68471Sdougm case 'p': 607*25a68471Sdougm ret = add_opt(&optlist, optarg, 0); 608*25a68471Sdougm switch (ret) { 609*25a68471Sdougm case OPT_ADD_SYNTAX: 610*25a68471Sdougm (void) printf(gettext( 611*25a68471Sdougm "Property syntax error for property: %s\n"), 6126185db85Sdougm optarg); 613*25a68471Sdougm return (SA_SYNTAX_ERR); 614*25a68471Sdougm case OPT_ADD_SECURITY: 615*25a68471Sdougm (void) printf(gettext( 616*25a68471Sdougm "Security properties need " 617*25a68471Sdougm "to be set with set-security: %s\n"), 6186185db85Sdougm optarg); 619*25a68471Sdougm return (SA_SYNTAX_ERR); 620*25a68471Sdougm default: 621*25a68471Sdougm break; 622*25a68471Sdougm } 623*25a68471Sdougm break; 6246185db85Sdougm default: 625*25a68471Sdougm case 'h': 626*25a68471Sdougm case '?': 627*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 628*25a68471Sdougm sa_get_usage(USAGE_CREATE)); 629*25a68471Sdougm return (0); 6306185db85Sdougm } 6316185db85Sdougm } 6326185db85Sdougm 6336185db85Sdougm if (optind >= argc) { 634*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 635*25a68471Sdougm sa_get_usage(USAGE_CREATE)); 636*25a68471Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 637*25a68471Sdougm return (SA_BAD_PATH); 6386185db85Sdougm } 6396185db85Sdougm 6406185db85Sdougm if ((optind + 1) < argc) { 641*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 642*25a68471Sdougm sa_get_usage(USAGE_CREATE)); 643*25a68471Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 644*25a68471Sdougm return (SA_SYNTAX_ERR); 6456185db85Sdougm } 6466185db85Sdougm 6476185db85Sdougm if (protocol == NULL && optlist != NULL) { 648*25a68471Sdougm /* lookup default protocol */ 649*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 650*25a68471Sdougm sa_get_usage(USAGE_CREATE)); 651*25a68471Sdougm (void) printf(gettext("\tprotocol must be specified " 652*25a68471Sdougm "with properties\n")); 653*25a68471Sdougm return (SA_INVALID_PROTOCOL); 6546185db85Sdougm } 6556185db85Sdougm 6566185db85Sdougm if (optlist != NULL) 657*25a68471Sdougm ret = chk_opt(optlist, 0, protocol); 6586185db85Sdougm if (ret == OPT_ADD_SECURITY) { 659*25a68471Sdougm (void) printf(gettext("Security properties not " 660*25a68471Sdougm "supported with create\n")); 661*25a68471Sdougm return (SA_SYNTAX_ERR); 6626185db85Sdougm } 6636185db85Sdougm 6646185db85Sdougm /* 665*25a68471Sdougm * If a group already exists, we can only add a new protocol 6666185db85Sdougm * to it and not create a new one or add the same protocol 6676185db85Sdougm * again. 6686185db85Sdougm */ 6696185db85Sdougm 6706185db85Sdougm groupname = argv[optind]; 6716185db85Sdougm 6726185db85Sdougm auth = check_authorizations(groupname, flags); 6736185db85Sdougm 674549ec3ffSdougm group = sa_get_group(handle, groupname); 6756185db85Sdougm if (group != NULL) { 676*25a68471Sdougm /* group exists so must be a protocol add */ 677*25a68471Sdougm if (protocol != NULL) { 678*25a68471Sdougm if (has_protocol(group, protocol)) { 679*25a68471Sdougm (void) printf(gettext( 680*25a68471Sdougm "Group \"%s\" already exists" 681*25a68471Sdougm " with protocol %s\n"), groupname, 682*25a68471Sdougm protocol); 683*25a68471Sdougm ret = SA_DUPLICATE_NAME; 684*25a68471Sdougm } 685*25a68471Sdougm } else { 686*25a68471Sdougm /* must add new protocol */ 687*25a68471Sdougm (void) printf(gettext( 688*25a68471Sdougm "Group already exists and no protocol " 689*25a68471Sdougm "specified.\n")); 690*25a68471Sdougm ret = SA_DUPLICATE_NAME; 691*25a68471Sdougm } 6926185db85Sdougm } else { 6936185db85Sdougm /* 6946185db85Sdougm * is it a valid name? Must comply with SMF instance 6956185db85Sdougm * name restrictions. 6966185db85Sdougm */ 697*25a68471Sdougm if (!sa_valid_group_name(groupname)) { 698*25a68471Sdougm ret = SA_INVALID_NAME; 699*25a68471Sdougm (void) printf(gettext("Invalid group name: %s\n"), 700*25a68471Sdougm groupname); 701*25a68471Sdougm } 7026185db85Sdougm } 7036185db85Sdougm if (ret == SA_OK) { 704*25a68471Sdougm /* check protocol vs optlist */ 705*25a68471Sdougm if (optlist != NULL) { 706*25a68471Sdougm /* check options, if any, for validity */ 707*25a68471Sdougm ret = valid_options(optlist, protocol, group, NULL); 708*25a68471Sdougm } 7096185db85Sdougm } 7106185db85Sdougm if (ret == SA_OK && !dryrun) { 711*25a68471Sdougm if (group == NULL) { 712*25a68471Sdougm group = sa_create_group(handle, (char *)groupname, 713*25a68471Sdougm &err); 7146185db85Sdougm } 715*25a68471Sdougm if (group != NULL) { 716*25a68471Sdougm sa_optionset_t optionset; 717*25a68471Sdougm if (optlist != NULL) { 718*25a68471Sdougm (void) add_optionset(group, optlist, protocol, 719*25a68471Sdougm &ret); 720*25a68471Sdougm } else if (protocol != NULL) { 721*25a68471Sdougm optionset = sa_create_optionset(group, 722*25a68471Sdougm protocol); 723*25a68471Sdougm if (optionset == NULL) 724*25a68471Sdougm ret = SA_NO_MEMORY; 725*25a68471Sdougm } else if (protocol == NULL) { 726*25a68471Sdougm char **protolist; 727*25a68471Sdougm int numprotos, i; 728*25a68471Sdougm numprotos = sa_get_protocols(&protolist); 729*25a68471Sdougm for (i = 0; i < numprotos; i++) { 730*25a68471Sdougm optionset = sa_create_optionset(group, 731*25a68471Sdougm protolist[i]); 732*25a68471Sdougm } 733*25a68471Sdougm if (protolist != NULL) 734*25a68471Sdougm free(protolist); 735*25a68471Sdougm } 7366185db85Sdougm /* 737*25a68471Sdougm * We have a group and legal additions 7386185db85Sdougm */ 739*25a68471Sdougm if (ret == SA_OK) { 740*25a68471Sdougm /* 741*25a68471Sdougm * Commit to configuration for protocols that 742*25a68471Sdougm * need to do block updates. For NFS, this 743*25a68471Sdougm * doesn't do anything but it will be run for 744*25a68471Sdougm * all protocols that implement the 745*25a68471Sdougm * appropriate plugin. 746*25a68471Sdougm */ 747*25a68471Sdougm ret = sa_update_config(handle); 748*25a68471Sdougm } else { 749*25a68471Sdougm if (group != NULL) 750*25a68471Sdougm (void) sa_remove_group(group); 751*25a68471Sdougm } 7526185db85Sdougm } else { 753*25a68471Sdougm ret = err; 754*25a68471Sdougm (void) printf(gettext("Could not create group: %s\n"), 755*25a68471Sdougm sa_errorstr(ret)); 7566185db85Sdougm } 7576185db85Sdougm } 7586185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 759*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 760*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 761*25a68471Sdougm ret = SA_NO_PERMISSION; 7626185db85Sdougm } 7636185db85Sdougm free_opt(optlist); 7646185db85Sdougm return (ret); 7656185db85Sdougm } 7666185db85Sdougm 7676185db85Sdougm /* 7686185db85Sdougm * group_status(group) 7696185db85Sdougm * 7706185db85Sdougm * return the current status (enabled/disabled) of the group. 7716185db85Sdougm */ 7726185db85Sdougm 7736185db85Sdougm static char * 7746185db85Sdougm group_status(sa_group_t group) 7756185db85Sdougm { 7766185db85Sdougm char *state; 7776185db85Sdougm int enabled = 0; 7786185db85Sdougm 7796185db85Sdougm state = sa_get_group_attr(group, "state"); 7806185db85Sdougm if (state != NULL) { 781*25a68471Sdougm if (strcmp(state, "enabled") == 0) { 782*25a68471Sdougm enabled = 1; 783*25a68471Sdougm } 784*25a68471Sdougm sa_free_attr_string(state); 7856185db85Sdougm } 7864db300d5Sdougm return (enabled ? "enabled" : "disabled"); 7876185db85Sdougm } 7886185db85Sdougm 7896185db85Sdougm /* 7906185db85Sdougm * sa_delete(flags, argc, argv) 7916185db85Sdougm * 7926185db85Sdougm * Delete a group. 7936185db85Sdougm */ 7946185db85Sdougm 7956185db85Sdougm static int 796549ec3ffSdougm sa_delete(sa_handle_t handle, int flags, int argc, char *argv[]) 7976185db85Sdougm { 7986185db85Sdougm char *groupname; 7996185db85Sdougm sa_group_t group; 8006185db85Sdougm sa_share_t share; 8016185db85Sdougm int verbose = 0; 8026185db85Sdougm int dryrun = 0; 8036185db85Sdougm int force = 0; 8046185db85Sdougm int c; 8056185db85Sdougm char *protocol = NULL; 8066185db85Sdougm char *sectype = NULL; 8076185db85Sdougm int ret = SA_OK; 8086185db85Sdougm int auth; 8096185db85Sdougm 8106185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:fS:")) != EOF) { 811*25a68471Sdougm switch (c) { 812*25a68471Sdougm case 'v': 813*25a68471Sdougm verbose++; 814*25a68471Sdougm break; 815*25a68471Sdougm case 'n': 816*25a68471Sdougm dryrun++; 817*25a68471Sdougm break; 818*25a68471Sdougm case 'P': 819*25a68471Sdougm protocol = optarg; 820*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 821*25a68471Sdougm (void) printf(gettext("Invalid protocol " 822*25a68471Sdougm "specified: %s\n"), protocol); 823*25a68471Sdougm return (SA_INVALID_PROTOCOL); 824*25a68471Sdougm } 825*25a68471Sdougm break; 826*25a68471Sdougm case 'S': 827*25a68471Sdougm sectype = optarg; 828*25a68471Sdougm break; 829*25a68471Sdougm case 'f': 830*25a68471Sdougm force++; 831*25a68471Sdougm break; 832*25a68471Sdougm default: 833*25a68471Sdougm case 'h': 834*25a68471Sdougm case '?': 835*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 836*25a68471Sdougm sa_get_usage(USAGE_DELETE)); 837*25a68471Sdougm return (0); 8386185db85Sdougm } 8396185db85Sdougm } 8406185db85Sdougm 8416185db85Sdougm if (optind >= argc) { 842*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 843*25a68471Sdougm sa_get_usage(USAGE_DELETE)); 844*25a68471Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 845*25a68471Sdougm return (SA_SYNTAX_ERR); 8466185db85Sdougm } 8476185db85Sdougm 8486185db85Sdougm if ((optind + 1) < argc) { 849*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 850*25a68471Sdougm sa_get_usage(USAGE_DELETE)); 851*25a68471Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 852*25a68471Sdougm return (SA_SYNTAX_ERR); 8536185db85Sdougm } 8546185db85Sdougm 8556185db85Sdougm if (sectype != NULL && protocol == NULL) { 856*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 857*25a68471Sdougm sa_get_usage(USAGE_DELETE)); 858*25a68471Sdougm (void) printf(gettext("\tsecurity requires protocol to be " 859*25a68471Sdougm "specified.\n")); 860*25a68471Sdougm return (SA_SYNTAX_ERR); 8616185db85Sdougm } 8626185db85Sdougm 8636185db85Sdougm /* 8646185db85Sdougm * Determine if the group already exists since it must in 8656185db85Sdougm * order to be removed. 8666185db85Sdougm * 8676185db85Sdougm * We can delete when: 8686185db85Sdougm * 8696185db85Sdougm * - group is empty 8706185db85Sdougm * - force flag is set 8716185db85Sdougm * - if protocol specified, only delete the protocol 8726185db85Sdougm */ 8736185db85Sdougm 8746185db85Sdougm groupname = argv[optind]; 875549ec3ffSdougm group = sa_get_group(handle, groupname); 8766185db85Sdougm if (group == NULL) { 8776185db85Sdougm ret = SA_NO_SUCH_GROUP; 878*25a68471Sdougm goto done; 879*25a68471Sdougm } 880*25a68471Sdougm auth = check_authorizations(groupname, flags); 881*25a68471Sdougm if (protocol == NULL) { 8826185db85Sdougm share = sa_get_share(group, NULL); 8836185db85Sdougm if (share != NULL) 884*25a68471Sdougm ret = SA_BUSY; 8856185db85Sdougm if (share == NULL || (share != NULL && force == 1)) { 886*25a68471Sdougm ret = SA_OK; 887*25a68471Sdougm if (!dryrun) { 888*25a68471Sdougm while (share != NULL) { 889*25a68471Sdougm sa_share_t next_share; 890*25a68471Sdougm next_share = sa_get_next_share(share); 891*25a68471Sdougm /* 892*25a68471Sdougm * need to do the disable of 893*25a68471Sdougm * each share, but don't 894*25a68471Sdougm * actually do anything on a 895*25a68471Sdougm * dryrun. 896*25a68471Sdougm */ 897*25a68471Sdougm ret = sa_disable_share(share, NULL); 898*25a68471Sdougm ret = sa_remove_share(share); 899*25a68471Sdougm share = next_share; 900*25a68471Sdougm } 901*25a68471Sdougm ret = sa_remove_group(group); 9026185db85Sdougm } 9036185db85Sdougm } 904*25a68471Sdougm /* Commit to configuration if not a dryrun */ 9056185db85Sdougm if (!dryrun && ret == SA_OK) { 906*25a68471Sdougm ret = sa_update_config(handle); 9076185db85Sdougm } 908*25a68471Sdougm } else { 9096185db85Sdougm /* a protocol delete */ 9106185db85Sdougm sa_optionset_t optionset; 9116185db85Sdougm sa_security_t security; 912*25a68471Sdougm if (sectype != NULL) { 913*25a68471Sdougm /* only delete specified security */ 914*25a68471Sdougm security = sa_get_security(group, sectype, protocol); 915*25a68471Sdougm if (security != NULL && !dryrun) 9166185db85Sdougm ret = sa_destroy_security(security); 917*25a68471Sdougm else 918*25a68471Sdougm ret = SA_INVALID_PROTOCOL; 919*25a68471Sdougm } else { 920*25a68471Sdougm optionset = sa_get_optionset(group, protocol); 921*25a68471Sdougm if (optionset != NULL && !dryrun) { 922*25a68471Sdougm /* 923*25a68471Sdougm * have an optionset with 924*25a68471Sdougm * protocol to delete 925*25a68471Sdougm */ 926*25a68471Sdougm ret = sa_destroy_optionset(optionset); 927*25a68471Sdougm /* 928*25a68471Sdougm * Now find all security sets 929*25a68471Sdougm * for the protocol and remove 930*25a68471Sdougm * them. Don't remove other 931*25a68471Sdougm * protocols. 932*25a68471Sdougm */ 933*25a68471Sdougm for (security = 934*25a68471Sdougm sa_get_security(group, NULL, NULL); 935*25a68471Sdougm ret == SA_OK && security != NULL; 936*25a68471Sdougm security = sa_get_next_security(security)) { 937*25a68471Sdougm char *secprot; 938*25a68471Sdougm secprot = sa_get_security_attr(security, 939*25a68471Sdougm "type"); 940*25a68471Sdougm if (secprot != NULL && 941*25a68471Sdougm strcmp(secprot, protocol) == 0) 942*25a68471Sdougm ret = sa_destroy_security( 943*25a68471Sdougm security); 944*25a68471Sdougm if (secprot != NULL) 945*25a68471Sdougm sa_free_attr_string(secprot); 946*25a68471Sdougm } 947*25a68471Sdougm } else { 948*25a68471Sdougm if (!dryrun) 949*25a68471Sdougm ret = SA_INVALID_PROTOCOL; 9506185db85Sdougm } 9516185db85Sdougm } 9526185db85Sdougm } 953*25a68471Sdougm 954*25a68471Sdougm done: 9556185db85Sdougm if (ret != SA_OK) { 956*25a68471Sdougm (void) printf(gettext("Could not delete group: %s\n"), 957*25a68471Sdougm sa_errorstr(ret)); 9586185db85Sdougm } else if (dryrun && !auth && verbose) { 959*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 960*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 9616185db85Sdougm } 9626185db85Sdougm return (ret); 9636185db85Sdougm } 9646185db85Sdougm 9656185db85Sdougm /* 9666185db85Sdougm * strndupr(*buff, str, buffsize) 9676185db85Sdougm * 9686185db85Sdougm * used with small strings to duplicate and possibly increase the 9696185db85Sdougm * buffer size of a string. 9706185db85Sdougm */ 9716185db85Sdougm static char * 9726185db85Sdougm strndupr(char *buff, char *str, int *buffsize) 9736185db85Sdougm { 9746185db85Sdougm int limit; 9756185db85Sdougm char *orig_buff = buff; 9766185db85Sdougm 9776185db85Sdougm if (buff == NULL) { 978*25a68471Sdougm buff = (char *)malloc(64); 979*25a68471Sdougm if (buff == NULL) 980*25a68471Sdougm return (NULL); 981*25a68471Sdougm *buffsize = 64; 982*25a68471Sdougm buff[0] = '\0'; 9836185db85Sdougm } 9846185db85Sdougm limit = strlen(buff) + strlen(str) + 1; 9856185db85Sdougm if (limit > *buffsize) { 986*25a68471Sdougm limit = *buffsize = *buffsize + ((limit / 64) + 64); 987*25a68471Sdougm buff = realloc(buff, limit); 9886185db85Sdougm } 9896185db85Sdougm if (buff != NULL) { 990*25a68471Sdougm (void) strcat(buff, str); 9916185db85Sdougm } else { 992*25a68471Sdougm /* if it fails, fail it hard */ 993*25a68471Sdougm if (orig_buff != NULL) 994*25a68471Sdougm free(orig_buff); 9956185db85Sdougm } 9966185db85Sdougm return (buff); 9976185db85Sdougm } 9986185db85Sdougm 9996185db85Sdougm /* 10006185db85Sdougm * group_proto(group) 10016185db85Sdougm * 10026185db85Sdougm * return a string of all the protocols (space separated) associated 10036185db85Sdougm * with this group. 10046185db85Sdougm */ 10056185db85Sdougm 10066185db85Sdougm static char * 10076185db85Sdougm group_proto(sa_group_t group) 10086185db85Sdougm { 10096185db85Sdougm sa_optionset_t optionset; 10106185db85Sdougm char *proto; 10116185db85Sdougm char *buff = NULL; 10126185db85Sdougm int buffsize = 0; 10136185db85Sdougm int addspace = 0; 10146185db85Sdougm /* 10156185db85Sdougm * get the protocol list by finding the optionsets on this 10166185db85Sdougm * group and extracting the type value. The initial call to 10176185db85Sdougm * strndupr() initailizes buff. 10186185db85Sdougm */ 10196185db85Sdougm buff = strndupr(buff, "", &buffsize); 10206185db85Sdougm if (buff != NULL) { 1021*25a68471Sdougm for (optionset = sa_get_optionset(group, NULL); 1022*25a68471Sdougm optionset != NULL && buff != NULL; 1023*25a68471Sdougm optionset = sa_get_next_optionset(optionset)) { 1024*25a68471Sdougm /* 1025*25a68471Sdougm * extract out the protocol type from this optionset 1026*25a68471Sdougm * and append it to the buffer "buff". strndupr() will 1027*25a68471Sdougm * reallocate space as necessay. 1028*25a68471Sdougm */ 1029*25a68471Sdougm proto = sa_get_optionset_attr(optionset, "type"); 1030*25a68471Sdougm if (proto != NULL) { 1031*25a68471Sdougm if (addspace++) 1032*25a68471Sdougm buff = strndupr(buff, " ", &buffsize); 1033*25a68471Sdougm buff = strndupr(buff, proto, &buffsize); 1034*25a68471Sdougm sa_free_attr_string(proto); 1035*25a68471Sdougm } 10366185db85Sdougm } 10376185db85Sdougm } 10386185db85Sdougm return (buff); 10396185db85Sdougm } 10406185db85Sdougm 10416185db85Sdougm /* 10426185db85Sdougm * sa_list(flags, argc, argv) 10436185db85Sdougm * 10446185db85Sdougm * implements the "list" subcommand to list groups and optionally 10456185db85Sdougm * their state and protocols. 10466185db85Sdougm */ 10476185db85Sdougm 1048*25a68471Sdougm /*ARGSUSED*/ 10496185db85Sdougm static int 1050549ec3ffSdougm sa_list(sa_handle_t handle, int flags, int argc, char *argv[]) 10516185db85Sdougm { 10526185db85Sdougm sa_group_t group; 10536185db85Sdougm int verbose = 0; 10546185db85Sdougm int c; 10556185db85Sdougm char *protocol = NULL; 10566185db85Sdougm 10576185db85Sdougm while ((c = getopt(argc, argv, "?hvP:")) != EOF) { 1058*25a68471Sdougm switch (c) { 1059*25a68471Sdougm case 'v': 1060*25a68471Sdougm verbose++; 1061*25a68471Sdougm break; 1062*25a68471Sdougm case 'P': 1063*25a68471Sdougm protocol = optarg; 1064*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 1065*25a68471Sdougm (void) printf(gettext( 1066*25a68471Sdougm "Invalid protocol specified: %s\n"), 1067*25a68471Sdougm protocol); 1068*25a68471Sdougm return (SA_INVALID_PROTOCOL); 1069*25a68471Sdougm } 1070*25a68471Sdougm break; 1071*25a68471Sdougm default: 1072*25a68471Sdougm case 'h': 1073*25a68471Sdougm case '?': 1074*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1075*25a68471Sdougm sa_get_usage(USAGE_LIST)); 1076*25a68471Sdougm return (0); 10776185db85Sdougm } 10786185db85Sdougm } 10796185db85Sdougm 1080*25a68471Sdougm for (group = sa_get_group(handle, NULL); 1081*25a68471Sdougm group != NULL; 10826185db85Sdougm group = sa_get_next_group(group)) { 1083*25a68471Sdougm char *name; 1084*25a68471Sdougm char *proto; 1085*25a68471Sdougm if (protocol == NULL || has_protocol(group, protocol)) { 1086*25a68471Sdougm name = sa_get_group_attr(group, "name"); 1087*25a68471Sdougm if (name != NULL && (verbose > 1 || name[0] != '#')) { 1088*25a68471Sdougm (void) printf("%s", (char *)name); 1089*25a68471Sdougm if (verbose) { 1090*25a68471Sdougm /* 1091*25a68471Sdougm * Need the list of protocols 1092*25a68471Sdougm * and current status once 1093*25a68471Sdougm * available. We do want to 1094*25a68471Sdougm * translate the 1095*25a68471Sdougm * enabled/disabled text here. 1096*25a68471Sdougm */ 1097*25a68471Sdougm (void) printf("\t%s", isenabled(group) ? 1098*25a68471Sdougm gettext("enabled") : 1099*25a68471Sdougm gettext("disabled")); 1100*25a68471Sdougm proto = group_proto(group); 1101*25a68471Sdougm if (proto != NULL) { 1102*25a68471Sdougm (void) printf("\t%s", 1103*25a68471Sdougm (char *)proto); 1104*25a68471Sdougm free(proto); 1105*25a68471Sdougm } 1106*25a68471Sdougm } 1107*25a68471Sdougm (void) printf("\n"); 11086185db85Sdougm } 1109*25a68471Sdougm if (name != NULL) 1110*25a68471Sdougm sa_free_attr_string(name); 11116185db85Sdougm } 11126185db85Sdougm } 11136185db85Sdougm return (0); 11146185db85Sdougm } 11156185db85Sdougm 11166185db85Sdougm /* 11176185db85Sdougm * out_properties(optionset, proto, sec) 11186185db85Sdougm * 11196185db85Sdougm * Format the properties and encode the protocol and optional named 11206185db85Sdougm * optionset into the string. 11216185db85Sdougm * 11226185db85Sdougm * format is protocol[:name]=(property-list) 11236185db85Sdougm */ 11246185db85Sdougm 11256185db85Sdougm static void 11266185db85Sdougm out_properties(sa_optionset_t optionset, char *proto, char *sec) 11276185db85Sdougm { 11286185db85Sdougm char *type; 11296185db85Sdougm char *value; 11306185db85Sdougm int spacer; 11316185db85Sdougm sa_property_t prop; 11326185db85Sdougm 1133*25a68471Sdougm if (sec == NULL) 1134*25a68471Sdougm (void) printf(" %s=(", proto ? proto : gettext("all")); 1135*25a68471Sdougm else 1136*25a68471Sdougm (void) printf(" %s:%s=(", proto ? proto : gettext("all"), sec); 11376185db85Sdougm 11386185db85Sdougm for (spacer = 0, prop = sa_get_property(optionset, NULL); 1139*25a68471Sdougm prop != NULL; 1140*25a68471Sdougm prop = sa_get_next_property(prop)) { 11416185db85Sdougm 11426185db85Sdougm /* 11436185db85Sdougm * extract the property name/value and output with 11446185db85Sdougm * appropriate spacing. I.e. no prefixed space the 11456185db85Sdougm * first time through but a space on subsequent 11466185db85Sdougm * properties. 11476185db85Sdougm */ 1148*25a68471Sdougm type = sa_get_property_attr(prop, "type"); 1149*25a68471Sdougm value = sa_get_property_attr(prop, "value"); 1150*25a68471Sdougm if (type != NULL) { 1151*25a68471Sdougm (void) printf("%s%s=", spacer ? " " : "", type); 1152*25a68471Sdougm spacer = 1; 1153*25a68471Sdougm if (value != NULL) 1154*25a68471Sdougm (void) printf("\"%s\"", value); 1155*25a68471Sdougm else 1156*25a68471Sdougm (void) printf("\"\""); 1157*25a68471Sdougm } 1158*25a68471Sdougm if (type != NULL) 1159*25a68471Sdougm sa_free_attr_string(type); 11606185db85Sdougm if (value != NULL) 1161*25a68471Sdougm sa_free_attr_string(value); 11626185db85Sdougm } 11636185db85Sdougm (void) printf(")"); 11646185db85Sdougm } 11656185db85Sdougm 11666185db85Sdougm /* 11676185db85Sdougm * show_properties(group, protocol, prefix) 11686185db85Sdougm * 11696185db85Sdougm * print the properties for a group. If protocol is NULL, do all 11706185db85Sdougm * protocols otherwise only the specified protocol. All security 11716185db85Sdougm * (named groups specific to the protocol) are included. 11726185db85Sdougm * 11736185db85Sdougm * The "prefix" is always applied. The caller knows whether it wants 11746185db85Sdougm * some type of prefix string (white space) or not. Once the prefix 11756185db85Sdougm * has been output, it is reduced to the zero length string for the 11766185db85Sdougm * remainder of the property output. 11776185db85Sdougm */ 11786185db85Sdougm 11796185db85Sdougm static void 11806185db85Sdougm show_properties(sa_group_t group, char *protocol, char *prefix) 11816185db85Sdougm { 11826185db85Sdougm sa_optionset_t optionset; 11836185db85Sdougm sa_security_t security; 11846185db85Sdougm char *value; 11856185db85Sdougm char *secvalue; 11866185db85Sdougm 11876185db85Sdougm if (protocol != NULL) { 1188*25a68471Sdougm optionset = sa_get_optionset(group, protocol); 1189*25a68471Sdougm if (optionset != NULL) { 1190*25a68471Sdougm (void) printf("%s", prefix); 1191*25a68471Sdougm prefix = ""; 1192*25a68471Sdougm out_properties(optionset, protocol, NULL); 1193*25a68471Sdougm } 1194*25a68471Sdougm security = sa_get_security(group, protocol, NULL); 1195*25a68471Sdougm if (security != NULL) { 1196*25a68471Sdougm (void) printf("%s", prefix); 1197*25a68471Sdougm prefix = ""; 1198*25a68471Sdougm out_properties(security, protocol, NULL); 1199*25a68471Sdougm } 12006185db85Sdougm } else { 1201*25a68471Sdougm for (optionset = sa_get_optionset(group, protocol); 1202*25a68471Sdougm optionset != NULL; 1203*25a68471Sdougm optionset = sa_get_next_optionset(optionset)) { 1204*25a68471Sdougm 1205*25a68471Sdougm value = sa_get_optionset_attr(optionset, "type"); 1206*25a68471Sdougm (void) printf("%s", prefix); 1207*25a68471Sdougm prefix = ""; 1208*25a68471Sdougm out_properties(optionset, value, 0); 1209*25a68471Sdougm if (value != NULL) 1210*25a68471Sdougm sa_free_attr_string(value); 1211*25a68471Sdougm } 1212*25a68471Sdougm for (security = sa_get_security(group, NULL, protocol); 1213*25a68471Sdougm security != NULL; 1214*25a68471Sdougm security = sa_get_next_security(security)) { 1215*25a68471Sdougm 1216*25a68471Sdougm value = sa_get_security_attr(security, "type"); 1217*25a68471Sdougm secvalue = sa_get_security_attr(security, "sectype"); 1218*25a68471Sdougm (void) printf("%s", prefix); 1219*25a68471Sdougm prefix = ""; 1220*25a68471Sdougm out_properties(security, value, secvalue); 1221*25a68471Sdougm if (value != NULL) 1222*25a68471Sdougm sa_free_attr_string(value); 1223*25a68471Sdougm if (secvalue != NULL) 1224*25a68471Sdougm sa_free_attr_string(secvalue); 1225*25a68471Sdougm } 12266185db85Sdougm } 12276185db85Sdougm } 12286185db85Sdougm 12296185db85Sdougm /* 12306185db85Sdougm * show_group(group, verbose, properties, proto, subgroup) 12316185db85Sdougm * 12326185db85Sdougm * helper function to show the contents of a group. 12336185db85Sdougm */ 12346185db85Sdougm 12356185db85Sdougm static void 12366185db85Sdougm show_group(sa_group_t group, int verbose, int properties, char *proto, 12376185db85Sdougm char *subgroup) 12386185db85Sdougm { 12396185db85Sdougm sa_share_t share; 12406185db85Sdougm char *groupname; 12416185db85Sdougm char *sharepath; 12426185db85Sdougm char *resource; 12436185db85Sdougm char *description; 12446185db85Sdougm char *type; 12456185db85Sdougm char *zfs = NULL; 12466185db85Sdougm int iszfs = 0; 12476185db85Sdougm 12486185db85Sdougm groupname = sa_get_group_attr(group, "name"); 12496185db85Sdougm if (groupname != NULL) { 1250*25a68471Sdougm if (proto != NULL && !has_protocol(group, proto)) { 1251*25a68471Sdougm sa_free_attr_string(groupname); 1252*25a68471Sdougm return; 1253*25a68471Sdougm } 12546185db85Sdougm /* 12556185db85Sdougm * check to see if the group is managed by ZFS. If 12566185db85Sdougm * there is an attribute, then it is. A non-NULL zfs 12576185db85Sdougm * variable will trigger the different way to display 12586185db85Sdougm * and will remove the transient property indicator 12596185db85Sdougm * from the output. 12606185db85Sdougm */ 1261*25a68471Sdougm zfs = sa_get_group_attr(group, "zfs"); 1262*25a68471Sdougm if (zfs != NULL) { 1263*25a68471Sdougm iszfs = 1; 1264*25a68471Sdougm sa_free_attr_string(zfs); 1265*25a68471Sdougm } 1266*25a68471Sdougm share = sa_get_share(group, NULL); 1267*25a68471Sdougm if (subgroup == NULL) 1268*25a68471Sdougm (void) printf("%s", groupname); 1269*25a68471Sdougm else 1270*25a68471Sdougm (void) printf(" %s/%s", subgroup, groupname); 1271*25a68471Sdougm if (properties) 1272*25a68471Sdougm show_properties(group, proto, ""); 1273*25a68471Sdougm (void) printf("\n"); 1274*25a68471Sdougm if (strcmp(groupname, "zfs") == 0) { 1275*25a68471Sdougm sa_group_t zgroup; 1276*25a68471Sdougm 1277*25a68471Sdougm for (zgroup = sa_get_sub_group(group); 1278*25a68471Sdougm zgroup != NULL; 1279*25a68471Sdougm zgroup = sa_get_next_group(zgroup)) { 1280*25a68471Sdougm show_group(zgroup, verbose, properties, proto, 1281*25a68471Sdougm "zfs"); 1282*25a68471Sdougm } 1283*25a68471Sdougm sa_free_attr_string(groupname); 1284*25a68471Sdougm return; 12856185db85Sdougm } 12866185db85Sdougm /* 1287*25a68471Sdougm * Have a group, so list the contents. Resource and 12886185db85Sdougm * description are only listed if verbose is set. 12896185db85Sdougm */ 1290*25a68471Sdougm for (share = sa_get_share(group, NULL); 1291*25a68471Sdougm share != NULL; 1292*25a68471Sdougm share = sa_get_next_share(share)) { 1293*25a68471Sdougm sharepath = sa_get_share_attr(share, "path"); 1294*25a68471Sdougm if (sharepath != NULL) { 1295*25a68471Sdougm if (verbose) { 1296*25a68471Sdougm resource = sa_get_share_attr(share, 1297*25a68471Sdougm "resource"); 1298*25a68471Sdougm description = 1299*25a68471Sdougm sa_get_share_description(share); 1300*25a68471Sdougm type = sa_get_share_attr(share, 1301*25a68471Sdougm "type"); 1302*25a68471Sdougm if (type != NULL && !iszfs && 1303*25a68471Sdougm strcmp(type, "transient") == 0) 1304*25a68471Sdougm (void) printf("\t* "); 1305*25a68471Sdougm else 1306*25a68471Sdougm (void) printf("\t "); 1307*25a68471Sdougm if (resource != NULL && 1308*25a68471Sdougm strlen(resource) > 0) { 1309*25a68471Sdougm (void) printf("%s=%s", 1310*25a68471Sdougm resource, sharepath); 1311*25a68471Sdougm } else { 1312*25a68471Sdougm (void) printf("%s", sharepath); 1313*25a68471Sdougm } 1314*25a68471Sdougm if (resource != NULL) 1315*25a68471Sdougm sa_free_attr_string(resource); 1316*25a68471Sdougm if (properties) 1317*25a68471Sdougm show_properties(share, NULL, 1318*25a68471Sdougm "\t"); 1319*25a68471Sdougm if (description != NULL) { 1320*25a68471Sdougm if (strlen(description) > 0) { 1321*25a68471Sdougm (void) printf( 1322*25a68471Sdougm "\t\"%s\"", 1323*25a68471Sdougm description); 1324*25a68471Sdougm } 1325*25a68471Sdougm sa_free_share_description( 1326*25a68471Sdougm description); 1327*25a68471Sdougm } 1328*25a68471Sdougm if (type != NULL) 1329*25a68471Sdougm sa_free_attr_string(type); 1330*25a68471Sdougm } else { 1331*25a68471Sdougm (void) printf("\t%s", sharepath); 1332*25a68471Sdougm if (properties) 1333*25a68471Sdougm show_properties(share, NULL, 1334*25a68471Sdougm "\t"); 1335*25a68471Sdougm } 1336*25a68471Sdougm (void) printf("\n"); 1337*25a68471Sdougm sa_free_attr_string(sharepath); 1338*25a68471Sdougm } 1339*25a68471Sdougm } 13406185db85Sdougm } 13416185db85Sdougm if (groupname != NULL) { 13426185db85Sdougm sa_free_attr_string(groupname); 13436185db85Sdougm } 13446185db85Sdougm } 13456185db85Sdougm 13466185db85Sdougm /* 13476185db85Sdougm * show_group_xml_init() 13486185db85Sdougm * 13496185db85Sdougm * Create an XML document that will be used to display config info via 13506185db85Sdougm * XML format. 13516185db85Sdougm */ 13526185db85Sdougm 13536185db85Sdougm xmlDocPtr 13546185db85Sdougm show_group_xml_init() 13556185db85Sdougm { 13566185db85Sdougm xmlDocPtr doc; 13576185db85Sdougm xmlNodePtr root; 13586185db85Sdougm 13596185db85Sdougm doc = xmlNewDoc((xmlChar *)"1.0"); 13606185db85Sdougm if (doc != NULL) { 1361*25a68471Sdougm root = xmlNewNode(NULL, (xmlChar *)"sharecfg"); 1362*25a68471Sdougm if (root != NULL) 1363*25a68471Sdougm xmlDocSetRootElement(doc, root); 13646185db85Sdougm } 13656185db85Sdougm return (doc); 13666185db85Sdougm } 13676185db85Sdougm 13686185db85Sdougm /* 13696185db85Sdougm * show_group_xml(doc, group) 13706185db85Sdougm * 13716185db85Sdougm * Copy the group info into the XML doc. 13726185db85Sdougm */ 13736185db85Sdougm 13746185db85Sdougm static void 13756185db85Sdougm show_group_xml(xmlDocPtr doc, sa_group_t group) 13766185db85Sdougm { 13776185db85Sdougm xmlNodePtr node; 13786185db85Sdougm xmlNodePtr root; 13796185db85Sdougm 13806185db85Sdougm root = xmlDocGetRootElement(doc); 13816185db85Sdougm node = xmlCopyNode((xmlNodePtr)group, 1); 13826185db85Sdougm if (node != NULL && root != NULL) { 1383*25a68471Sdougm xmlAddChild(root, node); 13846185db85Sdougm /* 13856185db85Sdougm * In the future, we may have interally used tags that 13866185db85Sdougm * should not appear in the XML output. Remove 13876185db85Sdougm * anything we don't want to show here. 13886185db85Sdougm */ 13896185db85Sdougm } 13906185db85Sdougm } 13916185db85Sdougm 13926185db85Sdougm /* 13936185db85Sdougm * sa_show(flags, argc, argv) 13946185db85Sdougm * 13956185db85Sdougm * Implements the show subcommand. 13966185db85Sdougm */ 13976185db85Sdougm 1398*25a68471Sdougm /*ARGSUSED*/ 13996185db85Sdougm int 1400549ec3ffSdougm sa_show(sa_handle_t handle, int flags, int argc, char *argv[]) 14016185db85Sdougm { 14026185db85Sdougm sa_group_t group; 14036185db85Sdougm int verbose = 0; 14046185db85Sdougm int properties = 0; 14056185db85Sdougm int c; 14066185db85Sdougm int ret = SA_OK; 14076185db85Sdougm char *protocol = NULL; 14086185db85Sdougm int xml = 0; 14096185db85Sdougm xmlDocPtr doc; 14106185db85Sdougm 14116185db85Sdougm while ((c = getopt(argc, argv, "?hvP:px")) != EOF) { 1412*25a68471Sdougm switch (c) { 1413*25a68471Sdougm case 'v': 1414*25a68471Sdougm verbose++; 1415*25a68471Sdougm break; 1416*25a68471Sdougm case 'p': 1417*25a68471Sdougm properties++; 1418*25a68471Sdougm break; 1419*25a68471Sdougm case 'P': 1420*25a68471Sdougm protocol = optarg; 1421*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 1422*25a68471Sdougm (void) printf(gettext( 1423*25a68471Sdougm "Invalid protocol specified: %s\n"), 1424*25a68471Sdougm protocol); 1425*25a68471Sdougm return (SA_INVALID_PROTOCOL); 1426*25a68471Sdougm } 1427*25a68471Sdougm break; 1428*25a68471Sdougm case 'x': 1429*25a68471Sdougm xml++; 1430*25a68471Sdougm break; 1431*25a68471Sdougm default: 1432*25a68471Sdougm case 'h': 1433*25a68471Sdougm case '?': 1434*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1435*25a68471Sdougm sa_get_usage(USAGE_SHOW)); 1436*25a68471Sdougm return (0); 14376185db85Sdougm } 14386185db85Sdougm } 14396185db85Sdougm 14406185db85Sdougm if (xml) { 1441*25a68471Sdougm doc = show_group_xml_init(); 1442*25a68471Sdougm if (doc == NULL) 1443*25a68471Sdougm ret = SA_NO_MEMORY; 14446185db85Sdougm } 14456185db85Sdougm 14466185db85Sdougm if (optind == argc) { 1447*25a68471Sdougm /* No group specified so go through them all */ 1448*25a68471Sdougm for (group = sa_get_group(handle, NULL); 1449*25a68471Sdougm group != NULL; 1450*25a68471Sdougm group = sa_get_next_group(group)) { 1451*25a68471Sdougm /* 1452*25a68471Sdougm * Have a group so check if one we want and then list 1453*25a68471Sdougm * contents with appropriate options. 1454*25a68471Sdougm */ 1455*25a68471Sdougm if (xml) 1456*25a68471Sdougm show_group_xml(doc, group); 1457*25a68471Sdougm else 1458*25a68471Sdougm show_group(group, verbose, properties, protocol, 1459*25a68471Sdougm NULL); 1460*25a68471Sdougm } 14616185db85Sdougm } else { 1462*25a68471Sdougm /* Have a specified list of groups */ 1463*25a68471Sdougm for (; optind < argc; optind++) { 1464*25a68471Sdougm group = sa_get_group(handle, argv[optind]); 1465*25a68471Sdougm if (group != NULL) { 1466*25a68471Sdougm if (xml) 1467*25a68471Sdougm show_group_xml(doc, group); 1468*25a68471Sdougm else 1469*25a68471Sdougm show_group(group, verbose, properties, 1470*25a68471Sdougm protocol, NULL); 1471*25a68471Sdougm } else { 1472*25a68471Sdougm (void) printf(gettext("%s: not found\n"), 1473*25a68471Sdougm argv[optind]); 1474*25a68471Sdougm ret = SA_NO_SUCH_GROUP; 1475*25a68471Sdougm } 14766185db85Sdougm } 14776185db85Sdougm } 14786185db85Sdougm if (xml && ret == SA_OK) { 1479*25a68471Sdougm xmlDocFormatDump(stdout, doc, 1); 1480*25a68471Sdougm xmlFreeDoc(doc); 14816185db85Sdougm } 14826185db85Sdougm return (ret); 14836185db85Sdougm 14846185db85Sdougm } 14856185db85Sdougm 14866185db85Sdougm /* 14876185db85Sdougm * enable_share(group, share, update_legacy) 14886185db85Sdougm * 14896185db85Sdougm * helper function to enable a share if the group is enabled. 14906185db85Sdougm */ 14916185db85Sdougm 14926185db85Sdougm static int 1493549ec3ffSdougm enable_share(sa_handle_t handle, sa_group_t group, sa_share_t share, 1494549ec3ffSdougm int update_legacy) 14956185db85Sdougm { 14966185db85Sdougm char *value; 14976185db85Sdougm int enabled; 14986185db85Sdougm sa_optionset_t optionset; 14996185db85Sdougm int ret = SA_OK; 15006185db85Sdougm char *zfs = NULL; 15016185db85Sdougm int iszfs = 0; 15026185db85Sdougm 15036185db85Sdougm /* 15046185db85Sdougm * need to enable this share if the group is enabled but not 15056185db85Sdougm * otherwise. The enable is also done on each protocol 15066185db85Sdougm * represented in the group. 15076185db85Sdougm */ 15086185db85Sdougm value = sa_get_group_attr(group, "state"); 15096185db85Sdougm enabled = value != NULL && strcmp(value, "enabled") == 0; 15106185db85Sdougm if (value != NULL) 1511*25a68471Sdougm sa_free_attr_string(value); 15126185db85Sdougm /* remove legacy config if necessary */ 15136185db85Sdougm if (update_legacy) 1514*25a68471Sdougm ret = sa_delete_legacy(share); 15156185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 15166185db85Sdougm if (zfs != NULL) { 1517*25a68471Sdougm iszfs++; 1518*25a68471Sdougm sa_free_attr_string(zfs); 15196185db85Sdougm } 15206185db85Sdougm 15216185db85Sdougm /* 15226185db85Sdougm * Step through each optionset at the group level and 15236185db85Sdougm * enable the share based on the protocol type. This 15246185db85Sdougm * works because protocols must be set on the group 15256185db85Sdougm * for the protocol to be enabled. 15266185db85Sdougm */ 15276185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 15286185db85Sdougm optionset != NULL && ret == SA_OK; 15296185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 1530*25a68471Sdougm value = sa_get_optionset_attr(optionset, "type"); 1531*25a68471Sdougm if (value != NULL) { 1532*25a68471Sdougm if (enabled) 1533*25a68471Sdougm ret = sa_enable_share(share, value); 1534*25a68471Sdougm if (update_legacy && !iszfs) 1535*25a68471Sdougm (void) sa_update_legacy(share, value); 1536*25a68471Sdougm sa_free_attr_string(value); 1537*25a68471Sdougm } 15386185db85Sdougm } 15396185db85Sdougm if (ret == SA_OK) 1540*25a68471Sdougm (void) sa_update_config(handle); 15416185db85Sdougm return (ret); 15426185db85Sdougm } 15436185db85Sdougm 15446185db85Sdougm /* 15456185db85Sdougm * sa_addshare(flags, argc, argv) 15466185db85Sdougm * 15476185db85Sdougm * implements add-share subcommand. 15486185db85Sdougm */ 15496185db85Sdougm 15506185db85Sdougm int 1551549ec3ffSdougm sa_addshare(sa_handle_t handle, int flags, int argc, char *argv[]) 15526185db85Sdougm { 15536185db85Sdougm int verbose = 0; 15546185db85Sdougm int dryrun = 0; 15556185db85Sdougm int c; 15566185db85Sdougm int ret = SA_OK; 15576185db85Sdougm sa_group_t group; 15586185db85Sdougm sa_share_t share; 15596185db85Sdougm char *sharepath = NULL; 15606185db85Sdougm char *description = NULL; 15616185db85Sdougm char *resource = NULL; 15626185db85Sdougm int persist = SA_SHARE_PERMANENT; /* default to persist */ 15636185db85Sdougm int auth; 15646185db85Sdougm char dir[MAXPATHLEN]; 15656185db85Sdougm 15666185db85Sdougm while ((c = getopt(argc, argv, "?hvns:d:r:t")) != EOF) { 1567*25a68471Sdougm switch (c) { 1568*25a68471Sdougm case 'n': 1569*25a68471Sdougm dryrun++; 1570*25a68471Sdougm break; 1571*25a68471Sdougm case 'v': 1572*25a68471Sdougm verbose++; 1573*25a68471Sdougm break; 1574*25a68471Sdougm case 'd': 1575*25a68471Sdougm description = optarg; 1576*25a68471Sdougm break; 1577*25a68471Sdougm case 'r': 1578*25a68471Sdougm resource = optarg; 1579*25a68471Sdougm break; 1580*25a68471Sdougm case 's': 1581*25a68471Sdougm /* 1582*25a68471Sdougm * Save share path into group. Currently limit 1583*25a68471Sdougm * to one share per command. 1584*25a68471Sdougm */ 1585*25a68471Sdougm if (sharepath != NULL) { 1586*25a68471Sdougm (void) printf(gettext( 1587*25a68471Sdougm "Adding multiple shares not supported\n")); 1588*25a68471Sdougm return (1); 1589*25a68471Sdougm } 1590*25a68471Sdougm sharepath = optarg; 1591*25a68471Sdougm break; 1592*25a68471Sdougm case 't': 1593*25a68471Sdougm persist = SA_SHARE_TRANSIENT; 1594*25a68471Sdougm break; 1595*25a68471Sdougm default: 1596*25a68471Sdougm case 'h': 1597*25a68471Sdougm case '?': 1598*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1599*25a68471Sdougm sa_get_usage(USAGE_ADD_SHARE)); 1600*25a68471Sdougm return (0); 16016185db85Sdougm } 16026185db85Sdougm } 16036185db85Sdougm 16046185db85Sdougm if (optind >= argc) { 16056185db85Sdougm (void) printf(gettext("usage: %s\n"), 1606*25a68471Sdougm sa_get_usage(USAGE_ADD_SHARE)); 1607*25a68471Sdougm if (dryrun || sharepath != NULL || description != NULL || 1608*25a68471Sdougm resource != NULL || verbose || persist) { 1609*25a68471Sdougm (void) printf(gettext("\tgroup must be specified\n")); 1610*25a68471Sdougm ret = SA_NO_SUCH_GROUP; 1611*25a68471Sdougm } else { 1612*25a68471Sdougm ret = SA_OK; 1613*25a68471Sdougm } 1614*25a68471Sdougm } else { 1615*25a68471Sdougm if (sharepath == NULL) { 1616*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1617*25a68471Sdougm sa_get_usage(USAGE_ADD_SHARE)); 1618*25a68471Sdougm (void) printf(gettext( 1619*25a68471Sdougm "\t-s sharepath must be specified\n")); 1620*25a68471Sdougm return (SA_BAD_PATH); 1621*25a68471Sdougm } 1622*25a68471Sdougm if (realpath(sharepath, dir) == NULL) { 1623*25a68471Sdougm (void) printf(gettext( 1624*25a68471Sdougm "Path is not valid: %s\n"), sharepath); 1625*25a68471Sdougm return (SA_BAD_PATH); 16266185db85Sdougm } else { 1627*25a68471Sdougm sharepath = dir; 1628*25a68471Sdougm } 1629*25a68471Sdougm 1630*25a68471Sdougm /* Check for valid syntax */ 1631*25a68471Sdougm if (resource != NULL && strpbrk(resource, " \t/") != NULL) { 1632*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1633*25a68471Sdougm sa_get_usage(USAGE_ADD_SHARE)); 1634*25a68471Sdougm (void) printf(gettext( 1635*25a68471Sdougm "\tresource must not contain white" 1636*25a68471Sdougm "space or '/' characters\n")); 1637*25a68471Sdougm return (SA_BAD_PATH); 1638*25a68471Sdougm } 1639549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 1640*25a68471Sdougm if (group == NULL) { 1641*25a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 1642*25a68471Sdougm argv[optind]); 1643*25a68471Sdougm return (SA_NO_SUCH_GROUP); 1644*25a68471Sdougm } 1645*25a68471Sdougm auth = check_authorizations(argv[optind], flags); 1646*25a68471Sdougm share = sa_find_share(handle, sharepath); 1647*25a68471Sdougm if (share != NULL) { 16486185db85Sdougm group = sa_get_parent_group(share); 16496185db85Sdougm if (group != NULL) { 1650*25a68471Sdougm char *groupname; 1651*25a68471Sdougm groupname = sa_get_group_attr( 1652*25a68471Sdougm group, "name"); 1653*25a68471Sdougm if (groupname != NULL) { 1654*25a68471Sdougm (void) printf(gettext( 1655*25a68471Sdougm "Share path already " 1656*25a68471Sdougm "shared in group " 1657*25a68471Sdougm "\"%s\": %s\n"), 1658*25a68471Sdougm groupname, sharepath); 1659*25a68471Sdougm sa_free_attr_string(groupname); 1660*25a68471Sdougm } else { 1661*25a68471Sdougm (void) printf(gettext( 1662*25a68471Sdougm "Share path already" 1663*25a68471Sdougm "shared: %s\n"), 1664*25a68471Sdougm groupname, sharepath); 1665*25a68471Sdougm } 16666185db85Sdougm } else { 1667*25a68471Sdougm (void) printf(gettext( 1668*25a68471Sdougm "Share path %s already shared\n"), 16696185db85Sdougm sharepath); 16706185db85Sdougm } 1671*25a68471Sdougm return (SA_DUPLICATE_NAME); 1672*25a68471Sdougm } else { 16736185db85Sdougm /* 1674*25a68471Sdougm * Need to check that resource name is 1675*25a68471Sdougm * unique at some point. Path checking 1676*25a68471Sdougm * should use the "normal" rules which 1677*25a68471Sdougm * don't check the repository. 16786185db85Sdougm */ 16796185db85Sdougm if (dryrun) 1680*25a68471Sdougm ret = sa_check_path(group, sharepath, 1681*25a68471Sdougm SA_CHECK_NORMAL); 16826185db85Sdougm else 1683*25a68471Sdougm share = sa_add_share(group, sharepath, 1684*25a68471Sdougm persist, &ret); 16856185db85Sdougm if (!dryrun && share == NULL) { 1686*25a68471Sdougm (void) printf(gettext( 1687*25a68471Sdougm "Could not add share: %s\n"), 1688*25a68471Sdougm sa_errorstr(ret)); 16896185db85Sdougm } else { 1690*25a68471Sdougm if (!dryrun && ret == SA_OK) { 1691*25a68471Sdougm if (resource != NULL && 1692*25a68471Sdougm strpbrk(resource, " \t/") == NULL) { 1693*25a68471Sdougm ret = sa_set_share_attr(share, 1694*25a68471Sdougm "resource", resource); 1695*25a68471Sdougm } 1696*25a68471Sdougm if (ret == SA_OK && 1697*25a68471Sdougm description != NULL) { 1698*25a68471Sdougm ret = sa_set_share_description( 1699*25a68471Sdougm share, description); 1700*25a68471Sdougm } 1701*25a68471Sdougm if (ret == SA_OK) { 1702*25a68471Sdougm /* Now enable the share(s) */ 1703*25a68471Sdougm ret = enable_share(handle, 1704*25a68471Sdougm group, share, 1); 1705*25a68471Sdougm ret = sa_update_config(handle); 1706*25a68471Sdougm } 1707*25a68471Sdougm switch (ret) { 1708*25a68471Sdougm case SA_DUPLICATE_NAME: 1709*25a68471Sdougm (void) printf(gettext( 1710*25a68471Sdougm "Resource name in" 1711*25a68471Sdougm "use: %s\n"), resource); 1712*25a68471Sdougm break; 1713*25a68471Sdougm default: 1714*25a68471Sdougm (void) printf( 1715*25a68471Sdougm gettext("Could not set " 17166185db85Sdougm "attribute: %s\n"), 1717*25a68471Sdougm sa_errorstr(ret)); 1718*25a68471Sdougm break; 1719*25a68471Sdougm case SA_OK: 1720*25a68471Sdougm break; 1721*25a68471Sdougm } 1722*25a68471Sdougm } else if (dryrun && ret == SA_OK && !auth && 1723*25a68471Sdougm verbose) { 1724*25a68471Sdougm (void) printf(gettext( 1725*25a68471Sdougm "Command would fail: %s\n"), 1726*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 1727*25a68471Sdougm ret = SA_NO_PERMISSION; 17286185db85Sdougm } 1729*25a68471Sdougm } 17306185db85Sdougm } 17316185db85Sdougm } 17326185db85Sdougm return (ret); 17336185db85Sdougm } 17346185db85Sdougm 17356185db85Sdougm /* 17366185db85Sdougm * sa_moveshare(flags, argc, argv) 17376185db85Sdougm * 17386185db85Sdougm * implements move-share subcommand. 17396185db85Sdougm */ 17406185db85Sdougm 17416185db85Sdougm int 1742549ec3ffSdougm sa_moveshare(sa_handle_t handle, int flags, int argc, char *argv[]) 17436185db85Sdougm { 17446185db85Sdougm int verbose = 0; 17456185db85Sdougm int dryrun = 0; 17466185db85Sdougm int c; 17476185db85Sdougm int ret = SA_OK; 17486185db85Sdougm sa_group_t group; 17496185db85Sdougm sa_share_t share; 17506185db85Sdougm char *sharepath = NULL; 17516185db85Sdougm int authsrc = 0, authdst = 0; 17526185db85Sdougm 17536185db85Sdougm while ((c = getopt(argc, argv, "?hvns:")) != EOF) { 1754*25a68471Sdougm switch (c) { 1755*25a68471Sdougm case 'n': 1756*25a68471Sdougm dryrun++; 1757*25a68471Sdougm break; 1758*25a68471Sdougm case 'v': 1759*25a68471Sdougm verbose++; 1760*25a68471Sdougm break; 1761*25a68471Sdougm case 's': 1762*25a68471Sdougm /* 1763*25a68471Sdougm * Remove share path from group. Currently limit 1764*25a68471Sdougm * to one share per command. 1765*25a68471Sdougm */ 1766*25a68471Sdougm if (sharepath != NULL) { 1767*25a68471Sdougm (void) printf(gettext("Moving multiple shares" 1768*25a68471Sdougm "not supported\n")); 1769*25a68471Sdougm return (SA_BAD_PATH); 1770*25a68471Sdougm } 1771*25a68471Sdougm sharepath = optarg; 1772*25a68471Sdougm break; 1773*25a68471Sdougm default: 1774*25a68471Sdougm case 'h': 1775*25a68471Sdougm case '?': 1776*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1777*25a68471Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 1778*25a68471Sdougm return (0); 17796185db85Sdougm } 17806185db85Sdougm } 17816185db85Sdougm 17826185db85Sdougm if (optind >= argc || sharepath == NULL) { 17836185db85Sdougm (void) printf(gettext("usage: %s\n"), 1784*25a68471Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 1785*25a68471Sdougm if (dryrun || verbose || sharepath != NULL) { 1786*25a68471Sdougm (void) printf(gettext( 1787*25a68471Sdougm "\tgroup must be specified\n")); 1788*25a68471Sdougm ret = SA_NO_SUCH_GROUP; 1789*25a68471Sdougm } else { 1790*25a68471Sdougm if (sharepath == NULL) { 1791*25a68471Sdougm ret = SA_SYNTAX_ERR; 1792*25a68471Sdougm (void) printf(gettext( 1793*25a68471Sdougm "\tsharepath must be specified\n")); 1794*25a68471Sdougm } else { 1795*25a68471Sdougm ret = SA_OK; 1796*25a68471Sdougm } 1797*25a68471Sdougm } 17986185db85Sdougm } else { 1799*25a68471Sdougm sa_group_t parent; 1800*25a68471Sdougm char *zfsold; 1801*25a68471Sdougm char *zfsnew; 1802*25a68471Sdougm 1803*25a68471Sdougm if (sharepath == NULL) { 1804*25a68471Sdougm (void) printf(gettext( 1805*25a68471Sdougm "sharepath must be specified with the -s " 1806*25a68471Sdougm "option\n")); 1807*25a68471Sdougm return (SA_BAD_PATH); 1808*25a68471Sdougm } 1809549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 1810*25a68471Sdougm if (group == NULL) { 1811*25a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 1812*25a68471Sdougm argv[optind]); 1813*25a68471Sdougm return (SA_NO_SUCH_GROUP); 1814*25a68471Sdougm } 1815*25a68471Sdougm share = sa_find_share(handle, sharepath); 1816*25a68471Sdougm authdst = check_authorizations(argv[optind], flags); 1817*25a68471Sdougm if (share == NULL) { 18186185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 1819*25a68471Sdougm sharepath); 1820*25a68471Sdougm return (SA_NO_SUCH_PATH); 1821*25a68471Sdougm } 1822*25a68471Sdougm 1823*25a68471Sdougm parent = sa_get_parent_group(share); 1824*25a68471Sdougm if (parent != NULL) { 1825*25a68471Sdougm char *pname; 1826*25a68471Sdougm pname = sa_get_group_attr(parent, "name"); 1827*25a68471Sdougm if (pname != NULL) { 18286185db85Sdougm authsrc = check_authorizations(pname, flags); 18296185db85Sdougm sa_free_attr_string(pname); 1830*25a68471Sdougm } 1831*25a68471Sdougm zfsold = sa_get_group_attr(parent, "zfs"); 1832*25a68471Sdougm zfsnew = sa_get_group_attr(group, "zfs"); 1833*25a68471Sdougm if ((zfsold != NULL && zfsnew == NULL) || 1834*25a68471Sdougm (zfsold == NULL && zfsnew != NULL)) { 18356185db85Sdougm ret = SA_NOT_ALLOWED; 1836*25a68471Sdougm } 1837*25a68471Sdougm if (zfsold != NULL) 18386185db85Sdougm sa_free_attr_string(zfsold); 1839*25a68471Sdougm if (zfsnew != NULL) 18406185db85Sdougm sa_free_attr_string(zfsnew); 1841*25a68471Sdougm } 1842*25a68471Sdougm if (!dryrun && ret == SA_OK) 1843*25a68471Sdougm ret = sa_move_share(group, share); 1844*25a68471Sdougm 1845*25a68471Sdougm if (ret == SA_OK && parent != group && !dryrun) { 1846*25a68471Sdougm char *oldstate; 1847*25a68471Sdougm ret = sa_update_config(handle); 1848*25a68471Sdougm /* 1849*25a68471Sdougm * Note that the share may need to be 1850*25a68471Sdougm * "unshared" if the new group is 1851*25a68471Sdougm * disabled and the old was enabled or 1852*25a68471Sdougm * it may need to be share to update 1853*25a68471Sdougm * if the new group is enabled. 1854*25a68471Sdougm */ 1855*25a68471Sdougm oldstate = sa_get_group_attr(parent, "state"); 1856*25a68471Sdougm 1857*25a68471Sdougm /* enable_share determines what to do */ 1858*25a68471Sdougm if (strcmp(oldstate, "enabled") == 0) { 18596185db85Sdougm (void) sa_disable_share(share, NULL); 18606185db85Sdougm } 1861*25a68471Sdougm (void) enable_share(handle, group, share, 1); 1862*25a68471Sdougm if (oldstate != NULL) 1863*25a68471Sdougm sa_free_attr_string(oldstate); 1864*25a68471Sdougm } 1865*25a68471Sdougm 1866*25a68471Sdougm if (ret != SA_OK) 1867*25a68471Sdougm (void) printf(gettext("Could not move share: %s\n"), 1868*25a68471Sdougm sa_errorstr(ret)); 1869*25a68471Sdougm 1870*25a68471Sdougm if (dryrun && ret == SA_OK && !(authsrc & authdst) && 1871*25a68471Sdougm verbose) { 1872*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 1873*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 18746185db85Sdougm } 18756185db85Sdougm } 18766185db85Sdougm return (ret); 18776185db85Sdougm } 18786185db85Sdougm 18796185db85Sdougm /* 18806185db85Sdougm * sa_removeshare(flags, argc, argv) 18816185db85Sdougm * 18826185db85Sdougm * implements remove-share subcommand. 18836185db85Sdougm */ 18846185db85Sdougm 18856185db85Sdougm int 1886549ec3ffSdougm sa_removeshare(sa_handle_t handle, int flags, int argc, char *argv[]) 18876185db85Sdougm { 18886185db85Sdougm int verbose = 0; 18896185db85Sdougm int dryrun = 0; 18906185db85Sdougm int force = 0; 18916185db85Sdougm int c; 18926185db85Sdougm int ret = SA_OK; 18936185db85Sdougm sa_group_t group; 18946185db85Sdougm sa_share_t share; 18956185db85Sdougm char *sharepath = NULL; 18966185db85Sdougm char dir[MAXPATHLEN]; 18976185db85Sdougm int auth; 18986185db85Sdougm 18996185db85Sdougm while ((c = getopt(argc, argv, "?hfns:v")) != EOF) { 1900*25a68471Sdougm switch (c) { 1901*25a68471Sdougm case 'n': 1902*25a68471Sdougm dryrun++; 1903*25a68471Sdougm break; 1904*25a68471Sdougm case 'v': 1905*25a68471Sdougm verbose++; 1906*25a68471Sdougm break; 1907*25a68471Sdougm case 'f': 1908*25a68471Sdougm force++; 1909*25a68471Sdougm break; 1910*25a68471Sdougm case 's': 1911*25a68471Sdougm /* 1912*25a68471Sdougm * Remove share path from group. Currently limit 1913*25a68471Sdougm * to one share per command. 1914*25a68471Sdougm */ 1915*25a68471Sdougm if (sharepath != NULL) { 1916*25a68471Sdougm (void) printf(gettext( 1917*25a68471Sdougm "Removing multiple shares not " 19186185db85Sdougm "supported\n")); 1919*25a68471Sdougm return (SA_SYNTAX_ERR); 1920*25a68471Sdougm } 1921*25a68471Sdougm sharepath = optarg; 1922*25a68471Sdougm break; 1923*25a68471Sdougm default: 1924*25a68471Sdougm case 'h': 1925*25a68471Sdougm case '?': 1926*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 1927*25a68471Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 1928*25a68471Sdougm return (0); 19296185db85Sdougm } 19306185db85Sdougm } 19316185db85Sdougm 19326185db85Sdougm if (optind >= argc || sharepath == NULL) { 1933*25a68471Sdougm if (sharepath == NULL) { 19346185db85Sdougm (void) printf(gettext("usage: %s\n"), 1935*25a68471Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 1936*25a68471Sdougm (void) printf(gettext( 1937*25a68471Sdougm "\t-s sharepath must be specified\n")); 1938*25a68471Sdougm ret = SA_BAD_PATH; 1939*25a68471Sdougm } else { 1940*25a68471Sdougm ret = SA_OK; 1941*25a68471Sdougm } 19426185db85Sdougm } 1943*25a68471Sdougm if (ret != SA_OK) { 1944*25a68471Sdougm return (ret); 1945*25a68471Sdougm } 1946*25a68471Sdougm 1947*25a68471Sdougm if (optind < argc) { 19486185db85Sdougm if ((optind + 1) < argc) { 1949*25a68471Sdougm (void) printf(gettext("Extraneous group(s) at end of " 1950*25a68471Sdougm "command\n")); 1951*25a68471Sdougm ret = SA_SYNTAX_ERR; 19526185db85Sdougm } else { 1953*25a68471Sdougm group = sa_get_group(handle, argv[optind]); 1954*25a68471Sdougm if (group == NULL) { 1955*25a68471Sdougm (void) printf(gettext( 1956*25a68471Sdougm "Group \"%s\" not found\n"), argv[optind]); 1957*25a68471Sdougm ret = SA_NO_SUCH_GROUP; 1958*25a68471Sdougm } 19596185db85Sdougm } 1960*25a68471Sdougm } else { 19616185db85Sdougm group = NULL; 1962*25a68471Sdougm } 1963a99982a7Sdougm 1964*25a68471Sdougm /* 1965*25a68471Sdougm * Lookup the path in the internal configuration. Care 1966*25a68471Sdougm * must be taken to handle the case where the 1967*25a68471Sdougm * underlying path has been removed since we need to 1968*25a68471Sdougm * be able to deal with that as well. 1969*25a68471Sdougm */ 1970*25a68471Sdougm if (ret == SA_OK) { 19716185db85Sdougm if (group != NULL) 1972*25a68471Sdougm share = sa_get_share(group, sharepath); 19736185db85Sdougm else 1974*25a68471Sdougm share = sa_find_share(handle, sharepath); 1975a99982a7Sdougm /* 1976a99982a7Sdougm * If we didn't find the share with the provided path, 1977a99982a7Sdougm * it may be a symlink so attempt to resolve it using 1978a99982a7Sdougm * realpath and try again. Realpath will resolve any 1979a99982a7Sdougm * symlinks and place them in "dir". Note that 1980a99982a7Sdougm * sharepath is only used for the lookup the first 1981a99982a7Sdougm * time and later for error messages. dir will be used 1982a99982a7Sdougm * on the second attempt. Once a share is found, all 1983a99982a7Sdougm * operations are based off of the share variable. 1984a99982a7Sdougm */ 1985a99982a7Sdougm if (share == NULL) { 1986*25a68471Sdougm if (realpath(sharepath, dir) == NULL) { 1987*25a68471Sdougm ret = SA_BAD_PATH; 1988*25a68471Sdougm (void) printf(gettext( 1989*25a68471Sdougm "Path is not valid: %s\n"), sharepath); 1990*25a68471Sdougm } else { 1991*25a68471Sdougm if (group != NULL) 1992*25a68471Sdougm share = sa_get_share(group, dir); 1993*25a68471Sdougm else 1994*25a68471Sdougm share = sa_find_share(handle, dir); 1995*25a68471Sdougm } 1996a99982a7Sdougm } 1997*25a68471Sdougm } 1998a99982a7Sdougm 1999*25a68471Sdougm /* 2000*25a68471Sdougm * If there hasn't been an error, there was likely a 2001*25a68471Sdougm * path found. If not, give the appropriate error 2002*25a68471Sdougm * message and set the return error. If it was found, 2003*25a68471Sdougm * then disable the share and then remove it from the 2004*25a68471Sdougm * configuration. 2005*25a68471Sdougm */ 2006*25a68471Sdougm if (ret != SA_OK) { 2007*25a68471Sdougm return (ret); 2008*25a68471Sdougm } 2009*25a68471Sdougm if (share == NULL) { 2010*25a68471Sdougm if (group != NULL) 20116185db85Sdougm (void) printf(gettext("Share not found in group %s:" 2012*25a68471Sdougm " %s\n"), argv[optind], sharepath); 2013*25a68471Sdougm else 20146185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 2015*25a68471Sdougm sharepath); 2016*25a68471Sdougm ret = SA_NO_SUCH_PATH; 2017*25a68471Sdougm } else { 2018*25a68471Sdougm if (group == NULL) 20196185db85Sdougm group = sa_get_parent_group(share); 2020*25a68471Sdougm if (!dryrun) { 20216185db85Sdougm if (ret == SA_OK) { 2022*25a68471Sdougm ret = sa_disable_share(share, NULL); 20236185db85Sdougm /* 2024*25a68471Sdougm * We don't care if it fails since it 2025a99982a7Sdougm * could be disabled already. Some 2026a99982a7Sdougm * unexpected errors could occur that 2027a99982a7Sdougm * prevent removal, so also check for 2028a99982a7Sdougm * force being set. 20296185db85Sdougm */ 2030*25a68471Sdougm if (ret == SA_OK || ret == SA_NO_SUCH_PATH || 2031*25a68471Sdougm ret == SA_NOT_SUPPORTED || 2032*25a68471Sdougm ret == SA_SYSTEM_ERR || force) { 2033*25a68471Sdougm ret = sa_remove_share(share); 2034*25a68471Sdougm } 2035*25a68471Sdougm if (ret == SA_OK) 2036*25a68471Sdougm ret = sa_update_config(handle); 20376185db85Sdougm } 2038*25a68471Sdougm if (ret != SA_OK) 2039*25a68471Sdougm (void) printf(gettext( 2040*25a68471Sdougm "Could not remove share: %s\n"), 2041*25a68471Sdougm sa_errorstr(ret)); 2042*25a68471Sdougm 2043*25a68471Sdougm } else if (ret == SA_OK) { 20446185db85Sdougm char *pname; 20456185db85Sdougm pname = sa_get_group_attr(group, "name"); 20466185db85Sdougm if (pname != NULL) { 2047*25a68471Sdougm auth = check_authorizations(pname, flags); 2048*25a68471Sdougm sa_free_attr_string(pname); 20496185db85Sdougm } 20506185db85Sdougm if (!auth && verbose) { 2051*25a68471Sdougm (void) printf(gettext( 2052*25a68471Sdougm "Command would fail: %s\n"), 2053*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 20546185db85Sdougm } 20556185db85Sdougm } 20566185db85Sdougm } 20576185db85Sdougm return (ret); 20586185db85Sdougm } 20596185db85Sdougm 20606185db85Sdougm /* 20616185db85Sdougm * sa_set_share(flags, argc, argv) 20626185db85Sdougm * 20636185db85Sdougm * implements set-share subcommand. 20646185db85Sdougm */ 20656185db85Sdougm 20666185db85Sdougm int 2067549ec3ffSdougm sa_set_share(sa_handle_t handle, int flags, int argc, char *argv[]) 20686185db85Sdougm { 20696185db85Sdougm int dryrun = 0; 20706185db85Sdougm int c; 20716185db85Sdougm int ret = SA_OK; 20726185db85Sdougm sa_group_t group, sharegroup; 20736185db85Sdougm sa_share_t share; 20746185db85Sdougm char *sharepath = NULL; 20756185db85Sdougm char *description = NULL; 20766185db85Sdougm char *resource = NULL; 20776185db85Sdougm int auth; 20786185db85Sdougm int verbose = 0; 2079*25a68471Sdougm char *groupname; 20806185db85Sdougm 20816185db85Sdougm while ((c = getopt(argc, argv, "?hnd:r:s:")) != EOF) { 2082*25a68471Sdougm switch (c) { 2083*25a68471Sdougm case 'n': 2084*25a68471Sdougm dryrun++; 2085*25a68471Sdougm break; 2086*25a68471Sdougm case 'd': 2087*25a68471Sdougm description = optarg; 2088*25a68471Sdougm break; 2089*25a68471Sdougm case 'r': 2090*25a68471Sdougm resource = optarg; 2091*25a68471Sdougm break; 2092*25a68471Sdougm case 'v': 2093*25a68471Sdougm verbose++; 2094*25a68471Sdougm break; 2095*25a68471Sdougm case 's': 2096*25a68471Sdougm /* 2097*25a68471Sdougm * Save share path into group. Currently limit 2098*25a68471Sdougm * to one share per command. 2099*25a68471Sdougm */ 2100*25a68471Sdougm if (sharepath != NULL) { 2101*25a68471Sdougm (void) printf(gettext( 2102*25a68471Sdougm "Updating multiple shares not " 21036185db85Sdougm "supported\n")); 2104*25a68471Sdougm return (SA_BAD_PATH); 2105*25a68471Sdougm } 2106*25a68471Sdougm sharepath = optarg; 2107*25a68471Sdougm break; 2108*25a68471Sdougm default: 2109*25a68471Sdougm case 'h': 2110*25a68471Sdougm case '?': 2111*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 2112*25a68471Sdougm sa_get_usage(USAGE_SET_SHARE)); 2113*25a68471Sdougm return (SA_OK); 21146185db85Sdougm } 21156185db85Sdougm } 2116*25a68471Sdougm 21176185db85Sdougm if (optind >= argc || sharepath == NULL) { 2118*25a68471Sdougm if (sharepath == NULL) { 2119*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 2120*25a68471Sdougm sa_get_usage(USAGE_SET_SHARE)); 2121*25a68471Sdougm (void) printf(gettext("\tgroup must be specified\n")); 2122*25a68471Sdougm ret = SA_BAD_PATH; 2123*25a68471Sdougm } else { 2124*25a68471Sdougm ret = SA_OK; 2125*25a68471Sdougm } 21266185db85Sdougm } 21276185db85Sdougm if ((optind + 1) < argc) { 2128*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 2129*25a68471Sdougm sa_get_usage(USAGE_SET_SHARE)); 2130*25a68471Sdougm (void) printf(gettext("\tExtraneous group(s) at end\n")); 2131*25a68471Sdougm ret = SA_SYNTAX_ERR; 21326185db85Sdougm } 2133*25a68471Sdougm 2134*25a68471Sdougm if (ret != SA_OK) 2135*25a68471Sdougm return (ret); 2136*25a68471Sdougm 2137*25a68471Sdougm if (optind < argc) { 21386185db85Sdougm groupname = argv[optind]; 2139549ec3ffSdougm group = sa_get_group(handle, groupname); 2140*25a68471Sdougm } else { 21416185db85Sdougm group = NULL; 21426185db85Sdougm groupname = NULL; 2143*25a68471Sdougm } 2144*25a68471Sdougm share = sa_find_share(handle, sharepath); 2145*25a68471Sdougm if (share == NULL) { 2146*25a68471Sdougm (void) printf(gettext("Share path \"%s\" not found\n"), 2147*25a68471Sdougm sharepath); 2148*25a68471Sdougm return (SA_NO_SUCH_PATH); 2149*25a68471Sdougm } 2150*25a68471Sdougm sharegroup = sa_get_parent_group(share); 2151*25a68471Sdougm if (group != NULL && group != sharegroup) { 2152*25a68471Sdougm (void) printf(gettext("Group \"%s\" does not contain " 2153*25a68471Sdougm "share %s\n"), argv[optind], sharepath); 2154*25a68471Sdougm ret = SA_BAD_PATH; 2155*25a68471Sdougm } else { 2156*25a68471Sdougm int delgroupname = 0; 2157*25a68471Sdougm if (groupname == NULL) { 21586185db85Sdougm groupname = sa_get_group_attr(sharegroup, "name"); 21596185db85Sdougm delgroupname = 1; 2160*25a68471Sdougm } 2161*25a68471Sdougm if (groupname != NULL) { 21626185db85Sdougm auth = check_authorizations(groupname, flags); 21636185db85Sdougm if (delgroupname) { 2164*25a68471Sdougm sa_free_attr_string(groupname); 2165*25a68471Sdougm groupname = NULL; 21666185db85Sdougm } 2167*25a68471Sdougm } else { 21686185db85Sdougm ret = SA_NO_MEMORY; 2169*25a68471Sdougm } 2170*25a68471Sdougm if (resource != NULL) { 21716185db85Sdougm if (strpbrk(resource, " \t/") == NULL) { 2172*25a68471Sdougm if (!dryrun) { 2173*25a68471Sdougm ret = sa_set_share_attr(share, 2174*25a68471Sdougm "resource", resource); 2175*25a68471Sdougm } else { 2176*25a68471Sdougm sa_share_t resshare; 2177*25a68471Sdougm resshare = sa_get_resource(sharegroup, 2178*25a68471Sdougm resource); 2179*25a68471Sdougm if (resshare != NULL && 2180*25a68471Sdougm resshare != share) 2181*25a68471Sdougm ret = SA_DUPLICATE_NAME; 2182*25a68471Sdougm } 21836185db85Sdougm } else { 2184*25a68471Sdougm ret = SA_BAD_PATH; 2185*25a68471Sdougm (void) printf(gettext("Resource must not " 2186*25a68471Sdougm "contain white space or '/'\n")); 21876185db85Sdougm } 21886185db85Sdougm } 2189*25a68471Sdougm if (ret == SA_OK && description != NULL) 2190*25a68471Sdougm ret = sa_set_share_description(share, description); 2191*25a68471Sdougm } 2192*25a68471Sdougm if (!dryrun && ret == SA_OK) 2193*25a68471Sdougm ret = sa_update_config(handle); 2194*25a68471Sdougm 2195*25a68471Sdougm switch (ret) { 2196*25a68471Sdougm case SA_DUPLICATE_NAME: 2197*25a68471Sdougm (void) printf(gettext("Resource name in use: %s\n"), resource); 2198*25a68471Sdougm break; 2199*25a68471Sdougm default: 2200*25a68471Sdougm (void) printf(gettext("Could not set attribute: %s\n"), 2201*25a68471Sdougm sa_errorstr(ret)); 2202*25a68471Sdougm break; 2203*25a68471Sdougm case SA_OK: 2204*25a68471Sdougm if (dryrun && !auth && verbose) 22056185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 2206*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 2207*25a68471Sdougm break; 22086185db85Sdougm } 2209*25a68471Sdougm 22106185db85Sdougm return (ret); 22116185db85Sdougm } 22126185db85Sdougm 22136185db85Sdougm /* 22146185db85Sdougm * add_security(group, sectype, optlist, proto, *err) 22156185db85Sdougm * 22166185db85Sdougm * Helper function to add a security option (named optionset) to the 22176185db85Sdougm * group. 22186185db85Sdougm */ 22196185db85Sdougm 22206185db85Sdougm static int 22216185db85Sdougm add_security(sa_group_t group, char *sectype, 22226185db85Sdougm struct options *optlist, char *proto, int *err) 22236185db85Sdougm { 22246185db85Sdougm sa_security_t security; 22256185db85Sdougm int ret = SA_OK; 22266185db85Sdougm int result = 0; 22276185db85Sdougm 22286185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 22296185db85Sdougm security = sa_get_security(group, sectype, proto); 2230*25a68471Sdougm if (security == NULL) 2231*25a68471Sdougm security = sa_create_security(group, sectype, proto); 2232*25a68471Sdougm 22336185db85Sdougm if (sectype != NULL) 2234*25a68471Sdougm sa_free_attr_string(sectype); 2235*25a68471Sdougm 2236*25a68471Sdougm if (security == NULL) 2237*25a68471Sdougm return (ret); 2238*25a68471Sdougm 2239*25a68471Sdougm while (optlist != NULL) { 22406185db85Sdougm sa_property_t prop; 22416185db85Sdougm prop = sa_get_property(security, optlist->optname); 22426185db85Sdougm if (prop == NULL) { 22436185db85Sdougm /* 2244*25a68471Sdougm * Add the property, but only if it is 22456185db85Sdougm * a non-NULL or non-zero length value 22466185db85Sdougm */ 2247*25a68471Sdougm if (optlist->optvalue != NULL) { 2248*25a68471Sdougm prop = sa_create_property(optlist->optname, 2249*25a68471Sdougm optlist->optvalue); 2250*25a68471Sdougm if (prop != NULL) { 2251*25a68471Sdougm ret = sa_valid_property(security, proto, 2252*25a68471Sdougm prop); 2253*25a68471Sdougm if (ret != SA_OK) { 2254*25a68471Sdougm (void) sa_remove_property(prop); 2255*25a68471Sdougm (void) printf(gettext( 2256*25a68471Sdougm "Could not add " 2257*25a68471Sdougm "property %s: %s\n"), 2258*25a68471Sdougm optlist->optname, 2259*25a68471Sdougm sa_errorstr(ret)); 2260*25a68471Sdougm } 2261*25a68471Sdougm if (ret == SA_OK) { 2262*25a68471Sdougm ret = sa_add_property(security, 2263*25a68471Sdougm prop); 2264*25a68471Sdougm if (ret != SA_OK) { 2265*25a68471Sdougm (void) printf(gettext( 2266*25a68471Sdougm "Could not add " 2267*25a68471Sdougm "property (%s=%s): " 2268*25a68471Sdougm "%s\n"), 2269*25a68471Sdougm optlist->optname, 2270*25a68471Sdougm optlist->optvalue, 2271*25a68471Sdougm sa_errorstr(ret)); 2272*25a68471Sdougm } else { 2273*25a68471Sdougm result = 1; 2274*25a68471Sdougm } 2275*25a68471Sdougm } 22766185db85Sdougm } 22776185db85Sdougm } 22786185db85Sdougm } else { 2279*25a68471Sdougm ret = sa_update_property(prop, optlist->optvalue); 2280*25a68471Sdougm result = 1; /* should check if really changed */ 22816185db85Sdougm } 22826185db85Sdougm optlist = optlist->next; 22836185db85Sdougm } 2284*25a68471Sdougm /* 2285*25a68471Sdougm * When done, properties may have all been removed but 2286*25a68471Sdougm * we need to keep the security type itself until 2287*25a68471Sdougm * explicitly removed. 2288*25a68471Sdougm */ 2289*25a68471Sdougm if (result) 2290*25a68471Sdougm ret = sa_commit_properties(security, 0); 22916185db85Sdougm *err = ret; 22926185db85Sdougm return (result); 22936185db85Sdougm } 22946185db85Sdougm 22956185db85Sdougm /* 22966185db85Sdougm * basic_set(groupname, optlist, protocol, sharepath, dryrun) 22976185db85Sdougm * 22986185db85Sdougm * This function implements "set" when a name space (-S) is not 22996185db85Sdougm * specified. It is a basic set. Options and other CLI parsing has 23006185db85Sdougm * already been done. 23016185db85Sdougm */ 23026185db85Sdougm 23036185db85Sdougm static int 2304549ec3ffSdougm basic_set(sa_handle_t handle, char *groupname, struct options *optlist, 2305549ec3ffSdougm char *protocol, char *sharepath, int dryrun) 23066185db85Sdougm { 23076185db85Sdougm sa_group_t group; 23086185db85Sdougm int ret = SA_OK; 23096185db85Sdougm int change = 0; 23106185db85Sdougm struct list *worklist = NULL; 23116185db85Sdougm 2312549ec3ffSdougm group = sa_get_group(handle, groupname); 23136185db85Sdougm if (group != NULL) { 2314*25a68471Sdougm sa_share_t share = NULL; 2315*25a68471Sdougm if (sharepath != NULL) { 2316*25a68471Sdougm share = sa_get_share(group, sharepath); 2317*25a68471Sdougm if (share == NULL) { 2318*25a68471Sdougm (void) printf(gettext( 2319*25a68471Sdougm "Share does not exist in group %s\n"), 2320*25a68471Sdougm groupname, sharepath); 2321*25a68471Sdougm ret = SA_NO_SUCH_PATH; 2322*25a68471Sdougm } 23236185db85Sdougm } 2324*25a68471Sdougm if (ret == SA_OK) { 2325*25a68471Sdougm /* group must exist */ 2326*25a68471Sdougm ret = valid_options(optlist, protocol, 2327*25a68471Sdougm share == NULL ? group : share, NULL); 2328*25a68471Sdougm if (ret == SA_OK && !dryrun) { 2329*25a68471Sdougm if (share != NULL) 2330*25a68471Sdougm change |= add_optionset(share, optlist, 2331*25a68471Sdougm protocol, &ret); 2332*25a68471Sdougm else 2333*25a68471Sdougm change |= add_optionset(group, optlist, 2334*25a68471Sdougm protocol, &ret); 2335*25a68471Sdougm if (ret == SA_OK && change) 2336*25a68471Sdougm worklist = add_list(worklist, group, 2337*25a68471Sdougm share); 2338*25a68471Sdougm } 2339*25a68471Sdougm } 2340*25a68471Sdougm free_opt(optlist); 23416185db85Sdougm } else { 23426185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 23436185db85Sdougm ret = SA_NO_SUCH_GROUP; 23446185db85Sdougm } 23456185db85Sdougm /* 23466185db85Sdougm * we have a group and potentially legal additions 23476185db85Sdougm */ 23486185db85Sdougm 2349*25a68471Sdougm /* 2350*25a68471Sdougm * Commit to configuration if not a dryrunp and properties 2351*25a68471Sdougm * have changed. 2352*25a68471Sdougm */ 2353*25a68471Sdougm if (!dryrun && ret == SA_OK && change && worklist != NULL) 23546185db85Sdougm /* properties changed, so update all shares */ 2355549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 0, protocol); 2356*25a68471Sdougm 23576185db85Sdougm if (worklist != NULL) 2358*25a68471Sdougm free_list(worklist); 23596185db85Sdougm return (ret); 23606185db85Sdougm } 23616185db85Sdougm 23626185db85Sdougm /* 23636185db85Sdougm * space_set(groupname, optlist, protocol, sharepath, dryrun) 23646185db85Sdougm * 23656185db85Sdougm * This function implements "set" when a name space (-S) is 23666185db85Sdougm * specified. It is a namespace set. Options and other CLI parsing has 23676185db85Sdougm * already been done. 23686185db85Sdougm */ 23696185db85Sdougm 23706185db85Sdougm static int 2371549ec3ffSdougm space_set(sa_handle_t handle, char *groupname, struct options *optlist, 2372549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 23736185db85Sdougm { 23746185db85Sdougm sa_group_t group; 23756185db85Sdougm int ret = SA_OK; 23766185db85Sdougm int change = 0; 23776185db85Sdougm struct list *worklist = NULL; 23786185db85Sdougm 23796185db85Sdougm /* 23806185db85Sdougm * make sure protcol and sectype are valid 23816185db85Sdougm */ 23826185db85Sdougm 23836185db85Sdougm if (sa_proto_valid_space(protocol, sectype) == 0) { 2384*25a68471Sdougm (void) printf(gettext("Option space \"%s\" not valid " 2385*25a68471Sdougm "for protocol.\n"), sectype); 2386*25a68471Sdougm return (SA_INVALID_SECURITY); 23876185db85Sdougm } 23886185db85Sdougm 2389549ec3ffSdougm group = sa_get_group(handle, groupname); 23906185db85Sdougm if (group != NULL) { 2391*25a68471Sdougm sa_share_t share = NULL; 2392*25a68471Sdougm if (sharepath != NULL) { 2393*25a68471Sdougm share = sa_get_share(group, sharepath); 2394*25a68471Sdougm if (share == NULL) { 2395*25a68471Sdougm (void) printf(gettext( 2396*25a68471Sdougm "Share does not exist in group %s\n"), 2397*25a68471Sdougm groupname, sharepath); 2398*25a68471Sdougm ret = SA_NO_SUCH_PATH; 2399*25a68471Sdougm } 24006185db85Sdougm } 2401*25a68471Sdougm if (ret == SA_OK) { 2402*25a68471Sdougm /* group must exist */ 2403*25a68471Sdougm ret = valid_options(optlist, protocol, 2404*25a68471Sdougm share == NULL ? group : share, sectype); 2405*25a68471Sdougm if (ret == SA_OK && !dryrun) { 2406*25a68471Sdougm if (share != NULL) 2407*25a68471Sdougm change = add_security(share, sectype, 2408*25a68471Sdougm optlist, protocol, &ret); 2409*25a68471Sdougm else 2410*25a68471Sdougm change = add_security(group, sectype, 2411*25a68471Sdougm optlist, protocol, &ret); 2412*25a68471Sdougm if (ret != SA_OK) 2413*25a68471Sdougm (void) printf(gettext( 2414*25a68471Sdougm "Could not set property: %s\n"), 2415*25a68471Sdougm sa_errorstr(ret)); 2416*25a68471Sdougm } 2417*25a68471Sdougm if (ret == SA_OK && change) 2418*25a68471Sdougm worklist = add_list(worklist, group, share); 24196185db85Sdougm } 2420*25a68471Sdougm free_opt(optlist); 24216185db85Sdougm } else { 24226185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 24236185db85Sdougm ret = SA_NO_SUCH_GROUP; 24246185db85Sdougm } 24256185db85Sdougm /* 24266185db85Sdougm * we have a group and potentially legal additions 24276185db85Sdougm */ 24286185db85Sdougm 2429*25a68471Sdougm /* Commit to configuration if not a dryrun */ 24306185db85Sdougm if (!dryrun && ret == 0) { 2431*25a68471Sdougm if (change && worklist != NULL) { 2432*25a68471Sdougm /* properties changed, so update all shares */ 2433*25a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 2434*25a68471Sdougm protocol); 2435*25a68471Sdougm } 2436*25a68471Sdougm ret = sa_update_config(handle); 24376185db85Sdougm } 24386185db85Sdougm if (worklist != NULL) 2439*25a68471Sdougm free_list(worklist); 24406185db85Sdougm return (ret); 24416185db85Sdougm } 24426185db85Sdougm 24436185db85Sdougm /* 24446185db85Sdougm * sa_set(flags, argc, argv) 24456185db85Sdougm * 24466185db85Sdougm * Implements the set subcommand. It keys off of -S to determine which 24476185db85Sdougm * set of operations to actually do. 24486185db85Sdougm */ 24496185db85Sdougm 24506185db85Sdougm int 2451549ec3ffSdougm sa_set(sa_handle_t handle, int flags, int argc, char *argv[]) 24526185db85Sdougm { 24536185db85Sdougm char *groupname; 24546185db85Sdougm int verbose = 0; 24556185db85Sdougm int dryrun = 0; 24566185db85Sdougm int c; 24576185db85Sdougm char *protocol = NULL; 24586185db85Sdougm int ret = SA_OK; 24596185db85Sdougm struct options *optlist = NULL; 24606185db85Sdougm char *sharepath = NULL; 24616185db85Sdougm char *optset = NULL; 24626185db85Sdougm int auth; 24636185db85Sdougm 24646185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:s:S:")) != EOF) { 2465*25a68471Sdougm switch (c) { 2466*25a68471Sdougm case 'v': 2467*25a68471Sdougm verbose++; 2468*25a68471Sdougm break; 2469*25a68471Sdougm case 'n': 2470*25a68471Sdougm dryrun++; 2471*25a68471Sdougm break; 2472*25a68471Sdougm case 'P': 2473*25a68471Sdougm protocol = optarg; 2474*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 2475*25a68471Sdougm (void) printf(gettext( 2476*25a68471Sdougm "Invalid protocol specified: %s\n"), 2477*25a68471Sdougm protocol); 2478*25a68471Sdougm return (SA_INVALID_PROTOCOL); 2479*25a68471Sdougm } 2480*25a68471Sdougm break; 2481*25a68471Sdougm case 'p': 2482*25a68471Sdougm ret = add_opt(&optlist, optarg, 0); 2483*25a68471Sdougm switch (ret) { 2484*25a68471Sdougm case OPT_ADD_SYNTAX: 2485*25a68471Sdougm (void) printf(gettext("Property syntax error:" 2486*25a68471Sdougm " %s\n"), optarg); 2487*25a68471Sdougm return (SA_SYNTAX_ERR); 2488*25a68471Sdougm case OPT_ADD_MEMORY: 2489*25a68471Sdougm (void) printf(gettext("No memory to set " 2490*25a68471Sdougm "property: %s\n"), optarg); 2491*25a68471Sdougm return (SA_NO_MEMORY); 2492*25a68471Sdougm default: 2493*25a68471Sdougm break; 2494*25a68471Sdougm } 2495*25a68471Sdougm break; 2496*25a68471Sdougm case 's': 2497*25a68471Sdougm sharepath = optarg; 2498*25a68471Sdougm break; 2499*25a68471Sdougm case 'S': 2500*25a68471Sdougm optset = optarg; 2501*25a68471Sdougm break; 25026185db85Sdougm default: 2503*25a68471Sdougm case 'h': 2504*25a68471Sdougm case '?': 2505*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 2506*25a68471Sdougm sa_get_usage(USAGE_SET)); 2507*25a68471Sdougm return (SA_OK); 25086185db85Sdougm } 25096185db85Sdougm } 25106185db85Sdougm 25116185db85Sdougm if (optlist != NULL) 2512*25a68471Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 25136185db85Sdougm 25146185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 2515*25a68471Sdougm protocol == NULL || ret != OPT_ADD_OK) { 2516*25a68471Sdougm char *sep = "\t"; 2517*25a68471Sdougm 2518*25a68471Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_SET)); 2519*25a68471Sdougm if (optind >= argc) { 2520*25a68471Sdougm (void) printf(gettext("%sgroup must be specified"), 2521*25a68471Sdougm sep); 2522*25a68471Sdougm sep = ", "; 2523*25a68471Sdougm } 2524*25a68471Sdougm if (optlist == NULL) { 2525*25a68471Sdougm (void) printf(gettext("%sat least one property must be" 2526*25a68471Sdougm " specified"), sep); 2527*25a68471Sdougm sep = ", "; 2528*25a68471Sdougm } 2529*25a68471Sdougm if (protocol == NULL) { 2530*25a68471Sdougm (void) printf(gettext("%sprotocol must be specified"), 2531*25a68471Sdougm sep); 2532*25a68471Sdougm sep = ", "; 2533*25a68471Sdougm } 2534*25a68471Sdougm (void) printf("\n"); 2535*25a68471Sdougm ret = SA_SYNTAX_ERR; 25366185db85Sdougm } else { 25376185db85Sdougm /* 2538*25a68471Sdougm * If a group already exists, we can only add a new 25396185db85Sdougm * protocol to it and not create a new one or add the 25406185db85Sdougm * same protocol again. 25416185db85Sdougm */ 25426185db85Sdougm 2543*25a68471Sdougm groupname = argv[optind]; 2544*25a68471Sdougm auth = check_authorizations(groupname, flags); 2545*25a68471Sdougm if (optset == NULL) 2546*25a68471Sdougm ret = basic_set(handle, groupname, optlist, protocol, 2547*25a68471Sdougm sharepath, dryrun); 2548*25a68471Sdougm else 2549*25a68471Sdougm ret = space_set(handle, groupname, optlist, protocol, 2550*25a68471Sdougm sharepath, dryrun, optset); 2551*25a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 2552*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 2553*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 2554*25a68471Sdougm } 25556185db85Sdougm } 25566185db85Sdougm return (ret); 25576185db85Sdougm } 25586185db85Sdougm 25596185db85Sdougm /* 25606185db85Sdougm * remove_options(group, optlist, proto, *err) 25616185db85Sdougm * 2562*25a68471Sdougm * Helper function to actually remove options from a group after all 25636185db85Sdougm * preprocessing is done. 25646185db85Sdougm */ 25656185db85Sdougm 25666185db85Sdougm static int 25676185db85Sdougm remove_options(sa_group_t group, struct options *optlist, 25686185db85Sdougm char *proto, int *err) 25696185db85Sdougm { 25706185db85Sdougm struct options *cur; 25716185db85Sdougm sa_optionset_t optionset; 25726185db85Sdougm sa_property_t prop; 25736185db85Sdougm int change = 0; 25746185db85Sdougm int ret = SA_OK; 25756185db85Sdougm 25766185db85Sdougm optionset = sa_get_optionset(group, proto); 25776185db85Sdougm if (optionset != NULL) { 2578*25a68471Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 2579*25a68471Sdougm prop = sa_get_property(optionset, cur->optname); 2580*25a68471Sdougm if (prop != NULL) { 2581*25a68471Sdougm ret = sa_remove_property(prop); 2582*25a68471Sdougm if (ret != SA_OK) 2583*25a68471Sdougm break; 2584*25a68471Sdougm change = 1; 2585*25a68471Sdougm } 25866185db85Sdougm } 25876185db85Sdougm } 25886185db85Sdougm if (ret == SA_OK && change) 2589*25a68471Sdougm ret = sa_commit_properties(optionset, 0); 25906185db85Sdougm 25916185db85Sdougm if (err != NULL) 2592*25a68471Sdougm *err = ret; 25936185db85Sdougm return (change); 25946185db85Sdougm } 25956185db85Sdougm 25966185db85Sdougm /* 25976185db85Sdougm * valid_unset(group, optlist, proto) 25986185db85Sdougm * 25996185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 26006185db85Sdougm * error if a property doesn't exist. 26016185db85Sdougm */ 26026185db85Sdougm 26036185db85Sdougm static int 26046185db85Sdougm valid_unset(sa_group_t group, struct options *optlist, char *proto) 26056185db85Sdougm { 26066185db85Sdougm struct options *cur; 26076185db85Sdougm sa_optionset_t optionset; 26086185db85Sdougm sa_property_t prop; 26096185db85Sdougm int ret = SA_OK; 26106185db85Sdougm 26116185db85Sdougm optionset = sa_get_optionset(group, proto); 26126185db85Sdougm if (optionset != NULL) { 2613*25a68471Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 2614*25a68471Sdougm prop = sa_get_property(optionset, cur->optname); 2615*25a68471Sdougm if (prop == NULL) { 2616*25a68471Sdougm (void) printf(gettext( 2617*25a68471Sdougm "Could not unset property %s: not set\n"), 2618*25a68471Sdougm cur->optname); 2619*25a68471Sdougm ret = SA_NO_SUCH_PROP; 2620*25a68471Sdougm } 26216185db85Sdougm } 26226185db85Sdougm } 26236185db85Sdougm return (ret); 26246185db85Sdougm } 26256185db85Sdougm 26266185db85Sdougm /* 26276185db85Sdougm * valid_unset_security(group, optlist, proto) 26286185db85Sdougm * 26296185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 26306185db85Sdougm * error if a property doesn't exist. 26316185db85Sdougm */ 26326185db85Sdougm 26336185db85Sdougm static int 26346185db85Sdougm valid_unset_security(sa_group_t group, struct options *optlist, char *proto, 26356185db85Sdougm char *sectype) 26366185db85Sdougm { 26376185db85Sdougm struct options *cur; 26386185db85Sdougm sa_security_t security; 26396185db85Sdougm sa_property_t prop; 26406185db85Sdougm int ret = SA_OK; 26416185db85Sdougm char *sec; 26426185db85Sdougm 26436185db85Sdougm sec = sa_proto_space_alias(proto, sectype); 26446185db85Sdougm security = sa_get_security(group, sec, proto); 26456185db85Sdougm if (security != NULL) { 2646*25a68471Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 2647*25a68471Sdougm prop = sa_get_property(security, cur->optname); 2648*25a68471Sdougm if (prop == NULL) { 2649*25a68471Sdougm (void) printf(gettext( 2650*25a68471Sdougm "Could not unset property %s: not set\n"), 2651*25a68471Sdougm cur->optname); 2652*25a68471Sdougm ret = SA_NO_SUCH_PROP; 2653*25a68471Sdougm } 26546185db85Sdougm } 26556185db85Sdougm } else { 2656*25a68471Sdougm (void) printf(gettext( 2657*25a68471Sdougm "Could not unset %s: space not defined\n"), sectype); 2658*25a68471Sdougm ret = SA_NO_SUCH_SECURITY; 26596185db85Sdougm } 26606185db85Sdougm if (sec != NULL) 2661*25a68471Sdougm sa_free_attr_string(sec); 26626185db85Sdougm return (ret); 26636185db85Sdougm } 26646185db85Sdougm 26656185db85Sdougm /* 26666185db85Sdougm * remove_security(group, optlist, proto) 26676185db85Sdougm * 26686185db85Sdougm * Remove the properties since they were checked as valid. 26696185db85Sdougm */ 26706185db85Sdougm 26716185db85Sdougm static int 26726185db85Sdougm remove_security(sa_group_t group, char *sectype, 26736185db85Sdougm struct options *optlist, char *proto, int *err) 26746185db85Sdougm { 26756185db85Sdougm sa_security_t security; 26766185db85Sdougm int ret = SA_OK; 26776185db85Sdougm int change = 0; 26786185db85Sdougm 26796185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 26806185db85Sdougm security = sa_get_security(group, sectype, proto); 26816185db85Sdougm if (sectype != NULL) 2682*25a68471Sdougm sa_free_attr_string(sectype); 26836185db85Sdougm 26846185db85Sdougm if (security != NULL) { 2685*25a68471Sdougm while (optlist != NULL) { 2686*25a68471Sdougm sa_property_t prop; 2687*25a68471Sdougm prop = sa_get_property(security, optlist->optname); 2688*25a68471Sdougm if (prop != NULL) { 2689*25a68471Sdougm ret = sa_remove_property(prop); 2690*25a68471Sdougm if (ret != SA_OK) 2691*25a68471Sdougm break; 2692*25a68471Sdougm change = 1; 2693*25a68471Sdougm } 2694*25a68471Sdougm optlist = optlist->next; 26956185db85Sdougm } 26966185db85Sdougm /* 26976185db85Sdougm * when done, properties may have all been removed but 26986185db85Sdougm * we need to keep the security type itself until 26996185db85Sdougm * explicitly removed. 27006185db85Sdougm */ 2701*25a68471Sdougm if (ret == SA_OK && change) 2702*25a68471Sdougm ret = sa_commit_properties(security, 0); 27036185db85Sdougm } else { 2704*25a68471Sdougm ret = SA_NO_SUCH_PROP; 27056185db85Sdougm } 27066185db85Sdougm if (err != NULL) 2707*25a68471Sdougm *err = ret; 27086185db85Sdougm return (change); 27096185db85Sdougm } 27106185db85Sdougm 27116185db85Sdougm /* 27126185db85Sdougm * basic_unset(groupname, optlist, protocol, sharepath, dryrun) 27136185db85Sdougm * 2714*25a68471Sdougm * Unset non-named optionset properties. 27156185db85Sdougm */ 27166185db85Sdougm 27176185db85Sdougm static int 2718549ec3ffSdougm basic_unset(sa_handle_t handle, char *groupname, struct options *optlist, 2719549ec3ffSdougm char *protocol, char *sharepath, int dryrun) 27206185db85Sdougm { 27216185db85Sdougm sa_group_t group; 27226185db85Sdougm int ret = SA_OK; 27236185db85Sdougm int change = 0; 27246185db85Sdougm struct list *worklist = NULL; 2725*25a68471Sdougm sa_share_t share = NULL; 27266185db85Sdougm 2727549ec3ffSdougm group = sa_get_group(handle, groupname); 2728*25a68471Sdougm if (group == NULL) 2729*25a68471Sdougm return (ret); 2730*25a68471Sdougm 2731*25a68471Sdougm if (sharepath != NULL) { 27326185db85Sdougm share = sa_get_share(group, sharepath); 27336185db85Sdougm if (share == NULL) { 2734*25a68471Sdougm (void) printf(gettext( 2735*25a68471Sdougm "Share does not exist in group %s\n"), 2736*25a68471Sdougm groupname, sharepath); 2737*25a68471Sdougm ret = SA_NO_SUCH_PATH; 27386185db85Sdougm } 2739*25a68471Sdougm } 2740*25a68471Sdougm if (ret == SA_OK) { 27416185db85Sdougm /* group must exist */ 27426185db85Sdougm ret = valid_unset(share != NULL ? share : group, 2743*25a68471Sdougm optlist, protocol); 27446185db85Sdougm if (ret == SA_OK && !dryrun) { 2745*25a68471Sdougm if (share != NULL) { 2746*25a68471Sdougm sa_optionset_t optionset; 2747*25a68471Sdougm sa_property_t prop; 2748*25a68471Sdougm change |= remove_options(share, optlist, 2749*25a68471Sdougm protocol, &ret); 2750*25a68471Sdougm /* 2751*25a68471Sdougm * If a share optionset is 2752*25a68471Sdougm * empty, remove it. 2753*25a68471Sdougm */ 2754*25a68471Sdougm optionset = sa_get_optionset((sa_share_t)share, 2755*25a68471Sdougm protocol); 2756*25a68471Sdougm if (optionset != NULL) { 2757*25a68471Sdougm prop = sa_get_property(optionset, NULL); 2758*25a68471Sdougm if (prop == NULL) 2759*25a68471Sdougm (void) sa_destroy_optionset( 2760*25a68471Sdougm optionset); 2761*25a68471Sdougm } 2762*25a68471Sdougm } else { 2763*25a68471Sdougm change |= remove_options(group, 2764*25a68471Sdougm optlist, protocol, &ret); 2765*25a68471Sdougm } 2766*25a68471Sdougm if (ret == SA_OK && change) 2767*25a68471Sdougm worklist = add_list(worklist, group, 2768*25a68471Sdougm share); 2769*25a68471Sdougm if (ret != SA_OK) 2770*25a68471Sdougm (void) printf(gettext( 2771*25a68471Sdougm "Could not remove properties: " 2772*25a68471Sdougm "%s\n"), sa_errorstr(ret)); 2773*25a68471Sdougm } 2774*25a68471Sdougm } else { 2775*25a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 2776*25a68471Sdougm groupname); 27776185db85Sdougm ret = SA_NO_SUCH_GROUP; 27786185db85Sdougm } 2779*25a68471Sdougm free_opt(optlist); 27806185db85Sdougm 27816185db85Sdougm /* 2782*25a68471Sdougm * We have a group and potentially legal additions 2783*25a68471Sdougm * 2784*25a68471Sdougm * Commit to configuration if not a dryrun 27856185db85Sdougm */ 27866185db85Sdougm if (!dryrun && ret == SA_OK) { 2787*25a68471Sdougm if (change && worklist != NULL) { 2788*25a68471Sdougm /* properties changed, so update all shares */ 2789*25a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 2790*25a68471Sdougm protocol); 2791*25a68471Sdougm } 27926185db85Sdougm } 27936185db85Sdougm if (worklist != NULL) 2794*25a68471Sdougm free_list(worklist); 27956185db85Sdougm return (ret); 27966185db85Sdougm } 27976185db85Sdougm 27986185db85Sdougm /* 27996185db85Sdougm * space_unset(groupname, optlist, protocol, sharepath, dryrun) 28006185db85Sdougm * 2801*25a68471Sdougm * Unset named optionset properties. 28026185db85Sdougm */ 28036185db85Sdougm static int 2804549ec3ffSdougm space_unset(sa_handle_t handle, char *groupname, struct options *optlist, 2805549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 28066185db85Sdougm { 28076185db85Sdougm sa_group_t group; 28086185db85Sdougm int ret = SA_OK; 28096185db85Sdougm int change = 0; 28106185db85Sdougm struct list *worklist = NULL; 2811*25a68471Sdougm sa_share_t share = NULL; 28126185db85Sdougm 2813549ec3ffSdougm group = sa_get_group(handle, groupname); 2814*25a68471Sdougm if (group == NULL) { 2815*25a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 2816*25a68471Sdougm return (SA_NO_SUCH_GROUP); 2817*25a68471Sdougm } 2818*25a68471Sdougm if (sharepath != NULL) { 28196185db85Sdougm share = sa_get_share(group, sharepath); 28206185db85Sdougm if (share == NULL) { 2821*25a68471Sdougm (void) printf(gettext( 2822*25a68471Sdougm "Share does not exist in group %s\n"), 2823*25a68471Sdougm groupname, sharepath); 2824*25a68471Sdougm return (SA_NO_SUCH_PATH); 2825*25a68471Sdougm } 2826*25a68471Sdougm } 2827*25a68471Sdougm ret = valid_unset_security(share != NULL ? share : group, optlist, 2828*25a68471Sdougm protocol, sectype); 2829*25a68471Sdougm 2830*25a68471Sdougm if (ret == SA_OK && !dryrun) { 2831*25a68471Sdougm if (optlist != NULL) { 28326185db85Sdougm if (share != NULL) { 2833*25a68471Sdougm sa_security_t optionset; 2834*25a68471Sdougm sa_property_t prop; 2835*25a68471Sdougm change = remove_security(share, 2836*25a68471Sdougm sectype, optlist, protocol, &ret); 2837*25a68471Sdougm 2838*25a68471Sdougm /* If a share security is empty, remove it */ 2839*25a68471Sdougm optionset = sa_get_security((sa_group_t)share, 2840*25a68471Sdougm sectype, protocol); 2841*25a68471Sdougm if (optionset != NULL) { 2842*25a68471Sdougm prop = sa_get_property(optionset, 2843*25a68471Sdougm NULL); 2844*25a68471Sdougm if (prop == NULL) 2845*25a68471Sdougm ret = sa_destroy_security( 2846*25a68471Sdougm optionset); 2847*25a68471Sdougm } 28486185db85Sdougm } else { 2849*25a68471Sdougm change = remove_security(group, sectype, 2850*25a68471Sdougm optlist, protocol, &ret); 28516185db85Sdougm } 2852*25a68471Sdougm } else { 28536185db85Sdougm sa_security_t security; 28546185db85Sdougm char *sec; 28556185db85Sdougm sec = sa_proto_space_alias(protocol, sectype); 28566185db85Sdougm security = sa_get_security(group, sec, protocol); 28576185db85Sdougm if (sec != NULL) 2858*25a68471Sdougm sa_free_attr_string(sec); 28596185db85Sdougm if (security != NULL) { 2860*25a68471Sdougm ret = sa_destroy_security(security); 2861*25a68471Sdougm if (ret == SA_OK) 2862*25a68471Sdougm change = 1; 28636185db85Sdougm } else { 2864*25a68471Sdougm ret = SA_NO_SUCH_PROP; 28656185db85Sdougm } 28666185db85Sdougm } 2867*25a68471Sdougm if (ret != SA_OK) 2868*25a68471Sdougm (void) printf(gettext("Could not unset property: %s\n"), 2869*25a68471Sdougm sa_errorstr(ret)); 28706185db85Sdougm } 2871*25a68471Sdougm 2872*25a68471Sdougm if (ret == SA_OK && change) 2873*25a68471Sdougm worklist = add_list(worklist, group, 0); 2874*25a68471Sdougm 28756185db85Sdougm free_opt(optlist); 28766185db85Sdougm /* 2877*25a68471Sdougm * We have a group and potentially legal additions 28786185db85Sdougm */ 28796185db85Sdougm 2880*25a68471Sdougm /* Commit to configuration if not a dryrun */ 28816185db85Sdougm if (!dryrun && ret == 0) { 28826185db85Sdougm /* properties changed, so update all shares */ 2883*25a68471Sdougm if (change && worklist != NULL) 2884*25a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 2885*25a68471Sdougm protocol); 2886*25a68471Sdougm ret = sa_update_config(handle); 28876185db85Sdougm } 28886185db85Sdougm if (worklist != NULL) 2889*25a68471Sdougm free_list(worklist); 28906185db85Sdougm return (ret); 28916185db85Sdougm } 28926185db85Sdougm 28936185db85Sdougm /* 28946185db85Sdougm * sa_unset(flags, argc, argv) 28956185db85Sdougm * 2896*25a68471Sdougm * Implements the unset subcommand. Parsing done here and then basic 28976185db85Sdougm * or space versions of the real code are called. 28986185db85Sdougm */ 28996185db85Sdougm 29006185db85Sdougm int 2901549ec3ffSdougm sa_unset(sa_handle_t handle, int flags, int argc, char *argv[]) 29026185db85Sdougm { 29036185db85Sdougm char *groupname; 29046185db85Sdougm int verbose = 0; 29056185db85Sdougm int dryrun = 0; 29066185db85Sdougm int c; 29076185db85Sdougm char *protocol = NULL; 29086185db85Sdougm int ret = SA_OK; 29096185db85Sdougm struct options *optlist = NULL; 29106185db85Sdougm char *sharepath = NULL; 29116185db85Sdougm char *optset = NULL; 29126185db85Sdougm int auth; 29136185db85Sdougm 29146185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:s:S:")) != EOF) { 2915*25a68471Sdougm switch (c) { 2916*25a68471Sdougm case 'v': 2917*25a68471Sdougm verbose++; 2918*25a68471Sdougm break; 2919*25a68471Sdougm case 'n': 2920*25a68471Sdougm dryrun++; 2921*25a68471Sdougm break; 2922*25a68471Sdougm case 'P': 2923*25a68471Sdougm protocol = optarg; 2924*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 2925*25a68471Sdougm (void) printf(gettext( 2926*25a68471Sdougm "Invalid protocol specified: %s\n"), 2927*25a68471Sdougm protocol); 2928*25a68471Sdougm return (SA_INVALID_PROTOCOL); 2929*25a68471Sdougm } 2930*25a68471Sdougm break; 2931*25a68471Sdougm case 'p': 2932*25a68471Sdougm ret = add_opt(&optlist, optarg, 1); 2933*25a68471Sdougm switch (ret) { 2934*25a68471Sdougm case OPT_ADD_SYNTAX: 2935*25a68471Sdougm (void) printf(gettext("Property syntax error " 2936*25a68471Sdougm "for property %s\n"), optarg); 2937*25a68471Sdougm return (SA_SYNTAX_ERR); 2938*25a68471Sdougm 2939*25a68471Sdougm case OPT_ADD_PROPERTY: 2940*25a68471Sdougm (void) printf(gettext("Properties need to be " 2941*25a68471Sdougm "set with set command: %s\n"), optarg); 2942*25a68471Sdougm return (SA_SYNTAX_ERR); 2943*25a68471Sdougm 2944*25a68471Sdougm default: 2945*25a68471Sdougm break; 2946*25a68471Sdougm } 2947*25a68471Sdougm break; 2948*25a68471Sdougm case 's': 2949*25a68471Sdougm sharepath = optarg; 2950*25a68471Sdougm break; 2951*25a68471Sdougm case 'S': 2952*25a68471Sdougm optset = optarg; 2953*25a68471Sdougm break; 29546185db85Sdougm default: 2955*25a68471Sdougm case 'h': 2956*25a68471Sdougm case '?': 2957*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 2958*25a68471Sdougm sa_get_usage(USAGE_UNSET)); 2959*25a68471Sdougm return (SA_OK); 29606185db85Sdougm } 29616185db85Sdougm } 29626185db85Sdougm 29636185db85Sdougm if (optlist != NULL) 2964*25a68471Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 29656185db85Sdougm 29666185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 29676185db85Sdougm protocol == NULL) { 2968*25a68471Sdougm char *sep = "\t"; 2969*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 2970*25a68471Sdougm sa_get_usage(USAGE_UNSET)); 2971*25a68471Sdougm if (optind >= argc) { 2972*25a68471Sdougm (void) printf(gettext("%sgroup must be specified"), 2973*25a68471Sdougm sep); 2974*25a68471Sdougm sep = ", "; 2975*25a68471Sdougm } 2976*25a68471Sdougm if (optlist == NULL) { 2977*25a68471Sdougm (void) printf(gettext("%sat least one property must " 2978*25a68471Sdougm "be specified"), sep); 2979*25a68471Sdougm sep = ", "; 2980*25a68471Sdougm } 2981*25a68471Sdougm if (protocol == NULL) { 2982*25a68471Sdougm (void) printf(gettext("%sprotocol must be specified"), 2983*25a68471Sdougm sep); 2984*25a68471Sdougm sep = ", "; 2985*25a68471Sdougm } 2986*25a68471Sdougm (void) printf("\n"); 2987*25a68471Sdougm ret = SA_SYNTAX_ERR; 29886185db85Sdougm } else { 29896185db85Sdougm 29906185db85Sdougm /* 2991*25a68471Sdougm * If a group already exists, we can only add a new 29926185db85Sdougm * protocol to it and not create a new one or add the 29936185db85Sdougm * same protocol again. 29946185db85Sdougm */ 29956185db85Sdougm 2996*25a68471Sdougm groupname = argv[optind]; 2997*25a68471Sdougm auth = check_authorizations(groupname, flags); 2998*25a68471Sdougm if (optset == NULL) 2999*25a68471Sdougm ret = basic_unset(handle, groupname, optlist, protocol, 3000*25a68471Sdougm sharepath, dryrun); 3001*25a68471Sdougm else 3002*25a68471Sdougm ret = space_unset(handle, groupname, optlist, protocol, 3003*25a68471Sdougm sharepath, dryrun, optset); 30046185db85Sdougm 3005*25a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) 3006*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 3007*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 30086185db85Sdougm } 30096185db85Sdougm return (ret); 30106185db85Sdougm } 30116185db85Sdougm 30126185db85Sdougm /* 30136185db85Sdougm * sa_enable_group(flags, argc, argv) 30146185db85Sdougm * 30156185db85Sdougm * Implements the enable subcommand 30166185db85Sdougm */ 30176185db85Sdougm 30186185db85Sdougm int 3019549ec3ffSdougm sa_enable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 30206185db85Sdougm { 30216185db85Sdougm int verbose = 0; 30226185db85Sdougm int dryrun = 0; 30236185db85Sdougm int all = 0; 30246185db85Sdougm int c; 30256185db85Sdougm int ret = SA_OK; 30266185db85Sdougm char *protocol = NULL; 30276185db85Sdougm char *state; 30286185db85Sdougm struct list *worklist = NULL; 30296185db85Sdougm int auth = 1; 3030*25a68471Sdougm sa_group_t group; 30316185db85Sdougm 30326185db85Sdougm while ((c = getopt(argc, argv, "?havnP:")) != EOF) { 3033*25a68471Sdougm switch (c) { 3034*25a68471Sdougm case 'a': 3035*25a68471Sdougm all = 1; 3036*25a68471Sdougm break; 3037*25a68471Sdougm case 'n': 3038*25a68471Sdougm dryrun++; 3039*25a68471Sdougm break; 3040*25a68471Sdougm case 'P': 3041*25a68471Sdougm protocol = optarg; 3042*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 3043*25a68471Sdougm (void) printf(gettext( 3044*25a68471Sdougm "Invalid protocol specified: %s\n"), 30456185db85Sdougm protocol); 3046*25a68471Sdougm return (SA_INVALID_PROTOCOL); 3047*25a68471Sdougm } 3048*25a68471Sdougm break; 3049*25a68471Sdougm case 'v': 3050*25a68471Sdougm verbose++; 3051*25a68471Sdougm break; 3052*25a68471Sdougm default: 3053*25a68471Sdougm case 'h': 3054*25a68471Sdougm case '?': 3055*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3056*25a68471Sdougm sa_get_usage(USAGE_ENABLE)); 3057*25a68471Sdougm return (0); 30586185db85Sdougm } 30596185db85Sdougm } 30606185db85Sdougm 30616185db85Sdougm if (optind == argc && !all) { 3062*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3063*25a68471Sdougm sa_get_usage(USAGE_ENABLE)); 3064*25a68471Sdougm (void) printf(gettext("\tmust specify group\n")); 3065*25a68471Sdougm return (SA_NO_SUCH_PATH); 3066*25a68471Sdougm } 3067*25a68471Sdougm if (!all) { 30686185db85Sdougm while (optind < argc) { 3069*25a68471Sdougm group = sa_get_group(handle, argv[optind]); 3070*25a68471Sdougm if (group != NULL) { 3071*25a68471Sdougm auth &= check_authorizations(argv[optind], 3072*25a68471Sdougm flags); 3073*25a68471Sdougm state = sa_get_group_attr(group, "state"); 3074*25a68471Sdougm if (state != NULL && 3075*25a68471Sdougm strcmp(state, "enabled") == 0) { 3076*25a68471Sdougm /* already enabled */ 3077*25a68471Sdougm if (verbose) 3078*25a68471Sdougm (void) printf(gettext( 3079*25a68471Sdougm "Group \"%s\" is already " 3080*25a68471Sdougm "enabled\n"), 3081*25a68471Sdougm argv[optind]); 3082*25a68471Sdougm ret = SA_BUSY; /* already enabled */ 3083*25a68471Sdougm } else { 3084*25a68471Sdougm worklist = add_list(worklist, group, 3085*25a68471Sdougm 0); 3086*25a68471Sdougm if (verbose) 3087*25a68471Sdougm (void) printf(gettext( 3088*25a68471Sdougm "Enabling group \"%s\"\n"), 3089*25a68471Sdougm argv[optind]); 3090*25a68471Sdougm } 3091*25a68471Sdougm if (state != NULL) 3092*25a68471Sdougm sa_free_attr_string(state); 30936185db85Sdougm } else { 3094*25a68471Sdougm ret = SA_NO_SUCH_GROUP; 30956185db85Sdougm } 3096*25a68471Sdougm optind++; 30976185db85Sdougm } 3098*25a68471Sdougm } else { 3099*25a68471Sdougm for (group = sa_get_group(handle, NULL); 3100*25a68471Sdougm group != NULL; 31016185db85Sdougm group = sa_get_next_group(group)) { 3102*25a68471Sdougm worklist = add_list(worklist, group, 0); 31036185db85Sdougm } 3104*25a68471Sdougm } 3105*25a68471Sdougm if (!dryrun && ret == SA_OK) 3106549ec3ffSdougm ret = enable_all_groups(handle, worklist, 1, 0, NULL); 3107*25a68471Sdougm 3108*25a68471Sdougm if (ret != SA_OK && ret != SA_BUSY) 31096185db85Sdougm (void) printf(gettext("Could not enable group: %s\n"), 3110*25a68471Sdougm sa_errorstr(ret)); 3111*25a68471Sdougm if (ret == SA_BUSY) 31126185db85Sdougm ret = SA_OK; 3113*25a68471Sdougm 31146185db85Sdougm if (worklist != NULL) 3115*25a68471Sdougm free_list(worklist); 31166185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 3117*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 3118*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 31196185db85Sdougm } 31206185db85Sdougm return (ret); 31216185db85Sdougm } 31226185db85Sdougm 31236185db85Sdougm /* 31246185db85Sdougm * disable_group(group, setstate) 31256185db85Sdougm * 3126*25a68471Sdougm * Disable all the shares in the specified group honoring the setstate 31276185db85Sdougm * argument. This is a helper for disable_all_groups in order to 31286185db85Sdougm * simplify regular and subgroup (zfs) disabling. Group has already 31296185db85Sdougm * been checked for non-NULL. 31306185db85Sdougm */ 31316185db85Sdougm 31326185db85Sdougm static int 31336185db85Sdougm disable_group(sa_group_t group) 31346185db85Sdougm { 31356185db85Sdougm sa_share_t share; 31366185db85Sdougm int ret = SA_OK; 31376185db85Sdougm 31386185db85Sdougm for (share = sa_get_share(group, NULL); 31396185db85Sdougm share != NULL && ret == SA_OK; 31406185db85Sdougm share = sa_get_next_share(share)) { 3141*25a68471Sdougm ret = sa_disable_share(share, NULL); 3142*25a68471Sdougm if (ret == SA_NO_SUCH_PATH) { 3143*25a68471Sdougm /* 3144*25a68471Sdougm * this is OK since the path is gone. we can't 3145*25a68471Sdougm * re-share it anyway so no error. 3146*25a68471Sdougm */ 3147*25a68471Sdougm ret = SA_OK; 3148*25a68471Sdougm } 31496185db85Sdougm } 31506185db85Sdougm return (ret); 31516185db85Sdougm } 31526185db85Sdougm 31536185db85Sdougm 31546185db85Sdougm /* 31556185db85Sdougm * disable_all_groups(work, setstate) 31566185db85Sdougm * 31576185db85Sdougm * helper function that disables the shares in the list of groups 31586185db85Sdougm * provided. It optionally marks the group as disabled. Used by both 31596185db85Sdougm * enable and start subcommands. 31606185db85Sdougm */ 31616185db85Sdougm 31626185db85Sdougm static int 3163549ec3ffSdougm disable_all_groups(sa_handle_t handle, struct list *work, int setstate) 31646185db85Sdougm { 31656185db85Sdougm int ret = SA_OK; 31666185db85Sdougm sa_group_t subgroup, group; 31676185db85Sdougm 31686185db85Sdougm while (work != NULL && ret == SA_OK) { 3169*25a68471Sdougm group = (sa_group_t)work->item; 3170*25a68471Sdougm if (setstate) 3171*25a68471Sdougm ret = sa_set_group_attr(group, "state", "disabled"); 3172*25a68471Sdougm if (ret == SA_OK) { 3173*25a68471Sdougm char *name; 3174*25a68471Sdougm name = sa_get_group_attr(group, "name"); 3175*25a68471Sdougm if (name != NULL && strcmp(name, "zfs") == 0) { 3176*25a68471Sdougm /* need to get the sub-groups for stopping */ 3177*25a68471Sdougm for (subgroup = sa_get_sub_group(group); 3178*25a68471Sdougm subgroup != NULL; 3179*25a68471Sdougm subgroup = sa_get_next_group(subgroup)) { 3180*25a68471Sdougm ret = disable_group(subgroup); 3181*25a68471Sdougm } 3182*25a68471Sdougm } else { 3183*25a68471Sdougm ret = disable_group(group); 3184*25a68471Sdougm } 3185*25a68471Sdougm /* 3186*25a68471Sdougm * We don't want to "disable" since it won't come 3187*25a68471Sdougm * up after a reboot. The SMF framework should do 3188*25a68471Sdougm * the right thing. On enable we do want to do 3189*25a68471Sdougm * something. 3190*25a68471Sdougm */ 31916185db85Sdougm } 3192*25a68471Sdougm work = work->next; 31936185db85Sdougm } 31946185db85Sdougm if (ret == SA_OK) 3195*25a68471Sdougm ret = sa_update_config(handle); 31966185db85Sdougm return (ret); 31976185db85Sdougm } 31986185db85Sdougm 31996185db85Sdougm /* 32006185db85Sdougm * sa_disable_group(flags, argc, argv) 32016185db85Sdougm * 32026185db85Sdougm * Implements the disable subcommand 32036185db85Sdougm */ 32046185db85Sdougm 32056185db85Sdougm int 3206549ec3ffSdougm sa_disable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 32076185db85Sdougm { 32086185db85Sdougm int verbose = 0; 32096185db85Sdougm int dryrun = 0; 32106185db85Sdougm int all = 0; 32116185db85Sdougm int c; 32126185db85Sdougm int ret = SA_OK; 32136185db85Sdougm char *protocol; 32146185db85Sdougm char *state; 32156185db85Sdougm struct list *worklist = NULL; 3216*25a68471Sdougm sa_group_t group; 32176185db85Sdougm int auth = 1; 32186185db85Sdougm 32196185db85Sdougm while ((c = getopt(argc, argv, "?havn")) != EOF) { 3220*25a68471Sdougm switch (c) { 3221*25a68471Sdougm case 'a': 3222*25a68471Sdougm all = 1; 3223*25a68471Sdougm break; 3224*25a68471Sdougm case 'n': 3225*25a68471Sdougm dryrun++; 3226*25a68471Sdougm break; 3227*25a68471Sdougm case 'P': 3228*25a68471Sdougm protocol = optarg; 3229*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 3230*25a68471Sdougm (void) printf(gettext( 3231*25a68471Sdougm "Invalid protocol specified: %s\n"), 3232*25a68471Sdougm protocol); 3233*25a68471Sdougm return (SA_INVALID_PROTOCOL); 3234*25a68471Sdougm } 3235*25a68471Sdougm break; 3236*25a68471Sdougm case 'v': 3237*25a68471Sdougm verbose++; 3238*25a68471Sdougm break; 3239*25a68471Sdougm default: 3240*25a68471Sdougm case 'h': 3241*25a68471Sdougm case '?': 3242*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3243*25a68471Sdougm sa_get_usage(USAGE_DISABLE)); 3244*25a68471Sdougm return (0); 32456185db85Sdougm } 32466185db85Sdougm } 32476185db85Sdougm 32486185db85Sdougm if (optind == argc && !all) { 32496185db85Sdougm (void) printf(gettext("usage: %s\n"), 3250*25a68471Sdougm sa_get_usage(USAGE_DISABLE)); 32516185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 3252*25a68471Sdougm return (SA_NO_SUCH_PATH); 3253*25a68471Sdougm } 3254*25a68471Sdougm if (!all) { 3255*25a68471Sdougm while (optind < argc) { 3256549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 32576185db85Sdougm if (group != NULL) { 3258*25a68471Sdougm auth &= check_authorizations(argv[optind], 3259*25a68471Sdougm flags); 3260*25a68471Sdougm state = sa_get_group_attr(group, "state"); 3261*25a68471Sdougm if (state == NULL || 3262*25a68471Sdougm strcmp(state, "disabled") == 0) { 3263*25a68471Sdougm /* already disabled */ 3264*25a68471Sdougm if (verbose) 3265*25a68471Sdougm (void) printf(gettext( 3266*25a68471Sdougm "Group \"%s\" is " 3267*25a68471Sdougm "already disabled\n"), 3268*25a68471Sdougm argv[optind]); 3269*25a68471Sdougm ret = SA_BUSY; /* already disable */ 3270*25a68471Sdougm } else { 3271*25a68471Sdougm worklist = add_list(worklist, group, 0); 3272*25a68471Sdougm if (verbose) 3273*25a68471Sdougm (void) printf(gettext( 3274*25a68471Sdougm "Disabling group " 3275*25a68471Sdougm "\"%s\"\n"), argv[optind]); 3276*25a68471Sdougm } 3277*25a68471Sdougm if (state != NULL) 3278*25a68471Sdougm sa_free_attr_string(state); 32796185db85Sdougm } else { 3280*25a68471Sdougm ret = SA_NO_SUCH_GROUP; 32816185db85Sdougm } 32826185db85Sdougm optind++; 32836185db85Sdougm } 3284*25a68471Sdougm } else { 3285*25a68471Sdougm for (group = sa_get_group(handle, NULL); 3286*25a68471Sdougm group != NULL; 3287*25a68471Sdougm group = sa_get_next_group(group)) 3288*25a68471Sdougm worklist = add_list(worklist, group, 0); 32896185db85Sdougm } 3290*25a68471Sdougm 3291*25a68471Sdougm if (ret == SA_OK && !dryrun) 3292*25a68471Sdougm ret = disable_all_groups(handle, worklist, 1); 3293*25a68471Sdougm if (ret != SA_OK && ret != SA_BUSY) 3294*25a68471Sdougm (void) printf(gettext("Could not disable group: %s\n"), 3295*25a68471Sdougm sa_errorstr(ret)); 3296*25a68471Sdougm if (ret == SA_BUSY) 3297*25a68471Sdougm ret = SA_OK; 32986185db85Sdougm if (worklist != NULL) 3299*25a68471Sdougm free_list(worklist); 3300*25a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) 3301*25a68471Sdougm (void) printf(gettext("Command would fail: %s\n"), 3302*25a68471Sdougm sa_errorstr(SA_NO_PERMISSION)); 33036185db85Sdougm return (ret); 33046185db85Sdougm } 33056185db85Sdougm 33066185db85Sdougm /* 33076185db85Sdougm * sa_start_group(flags, argc, argv) 33086185db85Sdougm * 33096185db85Sdougm * Implements the start command. 33106185db85Sdougm * This is similar to enable except it doesn't change the state 33116185db85Sdougm * of the group(s) and only enables shares if the group is already 33126185db85Sdougm * enabled. 33136185db85Sdougm */ 3314*25a68471Sdougm /*ARGSUSED*/ 33156185db85Sdougm int 3316549ec3ffSdougm sa_start_group(sa_handle_t handle, int flags, int argc, char *argv[]) 33176185db85Sdougm { 33186185db85Sdougm int verbose = 0; 33196185db85Sdougm int all = 0; 33206185db85Sdougm int c; 33216185db85Sdougm int ret = SMF_EXIT_OK; 33226185db85Sdougm char *protocol = NULL; 33236185db85Sdougm char *state; 33246185db85Sdougm struct list *worklist = NULL; 3325*25a68471Sdougm sa_group_t group; 33266185db85Sdougm 33276185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 3328*25a68471Sdougm switch (c) { 3329*25a68471Sdougm case 'a': 3330*25a68471Sdougm all = 1; 3331*25a68471Sdougm break; 3332*25a68471Sdougm case 'P': 3333*25a68471Sdougm protocol = optarg; 3334*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 3335*25a68471Sdougm (void) printf(gettext( 3336*25a68471Sdougm "Invalid protocol specified: %s\n"), 33376185db85Sdougm protocol); 3338*25a68471Sdougm return (SA_INVALID_PROTOCOL); 3339*25a68471Sdougm } 3340*25a68471Sdougm break; 3341*25a68471Sdougm case 'v': 3342*25a68471Sdougm verbose++; 3343*25a68471Sdougm break; 3344*25a68471Sdougm default: 3345*25a68471Sdougm case 'h': 3346*25a68471Sdougm case '?': 3347*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3348*25a68471Sdougm sa_get_usage(USAGE_START)); 3349*25a68471Sdougm return (SA_OK); 33506185db85Sdougm } 33516185db85Sdougm } 33526185db85Sdougm 33536185db85Sdougm if (optind == argc && !all) { 33546185db85Sdougm (void) printf(gettext("usage: %s\n"), 3355*25a68471Sdougm sa_get_usage(USAGE_START)); 3356*25a68471Sdougm return (SMF_EXIT_ERR_FATAL); 3357*25a68471Sdougm } 33586185db85Sdougm 3359*25a68471Sdougm if (!all) { 3360*25a68471Sdougm while (optind < argc) { 3361549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 33626185db85Sdougm if (group != NULL) { 3363*25a68471Sdougm state = sa_get_group_attr(group, "state"); 3364*25a68471Sdougm if (state == NULL || 3365*25a68471Sdougm strcmp(state, "enabled") == 0) { 3366*25a68471Sdougm worklist = add_list(worklist, group, 0); 3367*25a68471Sdougm if (verbose) 3368*25a68471Sdougm (void) printf(gettext( 3369*25a68471Sdougm "Starting group \"%s\"\n"), 3370*25a68471Sdougm argv[optind]); 3371*25a68471Sdougm } else { 3372*25a68471Sdougm /* 3373*25a68471Sdougm * Determine if there are any 3374*25a68471Sdougm * protocols. if there aren't any, 3375*25a68471Sdougm * then there isn't anything to do in 3376*25a68471Sdougm * any case so no error. 3377*25a68471Sdougm */ 3378*25a68471Sdougm if (sa_get_optionset(group, 3379*25a68471Sdougm protocol) != NULL) { 3380*25a68471Sdougm ret = SMF_EXIT_OK; 3381*25a68471Sdougm } 33826185db85Sdougm } 3383*25a68471Sdougm if (state != NULL) 3384*25a68471Sdougm sa_free_attr_string(state); 33856185db85Sdougm } 33866185db85Sdougm optind++; 3387*25a68471Sdougm } 3388*25a68471Sdougm } else { 3389*25a68471Sdougm for (group = sa_get_group(handle, NULL); group != NULL; 3390*25a68471Sdougm group = sa_get_next_group(group)) { 33916185db85Sdougm state = sa_get_group_attr(group, "state"); 33926185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 3393*25a68471Sdougm worklist = add_list(worklist, group, 0); 33946185db85Sdougm if (state != NULL) 3395*25a68471Sdougm sa_free_attr_string(state); 33966185db85Sdougm } 33976185db85Sdougm } 3398*25a68471Sdougm 3399*25a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 1, NULL); 3400*25a68471Sdougm 34016185db85Sdougm if (worklist != NULL) 3402*25a68471Sdougm free_list(worklist); 34036185db85Sdougm return (ret); 34046185db85Sdougm } 34056185db85Sdougm 34066185db85Sdougm /* 34076185db85Sdougm * sa_stop_group(flags, argc, argv) 34086185db85Sdougm * 34096185db85Sdougm * Implements the stop command. 34106185db85Sdougm * This is similar to disable except it doesn't change the state 34116185db85Sdougm * of the group(s) and only disables shares if the group is already 34126185db85Sdougm * enabled. 34136185db85Sdougm */ 3414*25a68471Sdougm /*ARGSUSED*/ 34156185db85Sdougm int 3416549ec3ffSdougm sa_stop_group(sa_handle_t handle, int flags, int argc, char *argv[]) 34176185db85Sdougm { 34186185db85Sdougm int verbose = 0; 34196185db85Sdougm int all = 0; 34206185db85Sdougm int c; 34216185db85Sdougm int ret = SMF_EXIT_OK; 34226185db85Sdougm char *protocol = NULL; 34236185db85Sdougm char *state; 34246185db85Sdougm struct list *worklist = NULL; 3425*25a68471Sdougm sa_group_t group; 34266185db85Sdougm 34276185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 3428*25a68471Sdougm switch (c) { 3429*25a68471Sdougm case 'a': 3430*25a68471Sdougm all = 1; 3431*25a68471Sdougm break; 3432*25a68471Sdougm case 'P': 3433*25a68471Sdougm protocol = optarg; 3434*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 3435*25a68471Sdougm (void) printf(gettext( 3436*25a68471Sdougm "Invalid protocol specified: %s\n"), 3437*25a68471Sdougm protocol); 3438*25a68471Sdougm return (SA_INVALID_PROTOCOL); 3439*25a68471Sdougm } 3440*25a68471Sdougm break; 3441*25a68471Sdougm case 'v': 3442*25a68471Sdougm verbose++; 3443*25a68471Sdougm break; 3444*25a68471Sdougm default: 3445*25a68471Sdougm case 'h': 3446*25a68471Sdougm case '?': 3447*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3448*25a68471Sdougm sa_get_usage(USAGE_STOP)); 3449*25a68471Sdougm return (0); 34506185db85Sdougm } 34516185db85Sdougm } 34526185db85Sdougm 34536185db85Sdougm if (optind == argc && !all) { 3454*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3455*25a68471Sdougm sa_get_usage(USAGE_STOP)); 3456*25a68471Sdougm return (SMF_EXIT_ERR_FATAL); 3457*25a68471Sdougm } else if (!all) { 3458*25a68471Sdougm while (optind < argc) { 3459549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 34606185db85Sdougm if (group != NULL) { 3461*25a68471Sdougm state = sa_get_group_attr(group, "state"); 3462*25a68471Sdougm if (state == NULL || 3463*25a68471Sdougm strcmp(state, "enabled") == 0) { 3464*25a68471Sdougm worklist = add_list(worklist, group, 0); 3465*25a68471Sdougm if (verbose) 3466*25a68471Sdougm (void) printf(gettext( 3467*25a68471Sdougm "Stopping group \"%s\"\n"), 3468*25a68471Sdougm argv[optind]); 3469*25a68471Sdougm } else { 3470*25a68471Sdougm ret = SMF_EXIT_OK; 3471*25a68471Sdougm } 3472*25a68471Sdougm if (state != NULL) 3473*25a68471Sdougm sa_free_attr_string(state); 34746185db85Sdougm } 34756185db85Sdougm optind++; 3476*25a68471Sdougm } 3477*25a68471Sdougm } else { 3478*25a68471Sdougm for (group = sa_get_group(handle, NULL); group != NULL; 3479*25a68471Sdougm group = sa_get_next_group(group)) { 34806185db85Sdougm state = sa_get_group_attr(group, "state"); 34816185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 3482*25a68471Sdougm worklist = add_list(worklist, group, 0); 34836185db85Sdougm if (state != NULL) 3484*25a68471Sdougm sa_free_attr_string(state); 34856185db85Sdougm } 34866185db85Sdougm } 3487*25a68471Sdougm 3488*25a68471Sdougm (void) disable_all_groups(handle, worklist, 0); 3489*25a68471Sdougm ret = sa_update_config(handle); 3490*25a68471Sdougm 34916185db85Sdougm if (worklist != NULL) 3492*25a68471Sdougm free_list(worklist); 34936185db85Sdougm return (ret); 34946185db85Sdougm } 34956185db85Sdougm 34966185db85Sdougm /* 34976185db85Sdougm * remove_all_options(share, proto) 34986185db85Sdougm * 34996185db85Sdougm * Removes all options on a share. 35006185db85Sdougm */ 35016185db85Sdougm 35026185db85Sdougm static void 35036185db85Sdougm remove_all_options(sa_share_t share, char *proto) 35046185db85Sdougm { 35056185db85Sdougm sa_optionset_t optionset; 35066185db85Sdougm sa_security_t security; 35076185db85Sdougm sa_security_t prevsec = NULL; 35086185db85Sdougm 35096185db85Sdougm optionset = sa_get_optionset(share, proto); 35106185db85Sdougm if (optionset != NULL) 3511*25a68471Sdougm (void) sa_destroy_optionset(optionset); 35126185db85Sdougm for (security = sa_get_security(share, NULL, NULL); 35136185db85Sdougm security != NULL; 35146185db85Sdougm security = sa_get_next_security(security)) { 3515*25a68471Sdougm char *type; 35166185db85Sdougm /* 3517*25a68471Sdougm * We walk through the list. prevsec keeps the 35186185db85Sdougm * previous security so we can delete it without 35196185db85Sdougm * destroying the list. 35206185db85Sdougm */ 3521*25a68471Sdougm if (prevsec != NULL) { 3522*25a68471Sdougm /* remove the previously seen security */ 3523*25a68471Sdougm (void) sa_destroy_security(prevsec); 3524*25a68471Sdougm /* set to NULL so we don't try multiple times */ 3525*25a68471Sdougm prevsec = NULL; 3526*25a68471Sdougm } 3527*25a68471Sdougm type = sa_get_security_attr(security, "type"); 3528*25a68471Sdougm if (type != NULL) { 3529*25a68471Sdougm /* 3530*25a68471Sdougm * if the security matches the specified protocol, we 3531*25a68471Sdougm * want to remove it. prevsec holds it until either 3532*25a68471Sdougm * the next pass or we fall out of the loop. 3533*25a68471Sdougm */ 3534*25a68471Sdougm if (strcmp(type, proto) == 0) 3535*25a68471Sdougm prevsec = security; 3536*25a68471Sdougm sa_free_attr_string(type); 3537*25a68471Sdougm } 35386185db85Sdougm } 35396185db85Sdougm /* in case there is one left */ 35406185db85Sdougm if (prevsec != NULL) 3541*25a68471Sdougm (void) sa_destroy_security(prevsec); 35426185db85Sdougm } 35436185db85Sdougm 35446185db85Sdougm 35456185db85Sdougm /* 35466185db85Sdougm * for legacy support, we need to handle the old syntax. This is what 35476185db85Sdougm * we get if sharemgr is called with the name "share" rather than 35486185db85Sdougm * sharemgr. 35496185db85Sdougm */ 35506185db85Sdougm 35516185db85Sdougm static int 35526185db85Sdougm format_legacy_path(char *buff, int buffsize, char *proto, char *cmd) 35536185db85Sdougm { 35546185db85Sdougm int err; 35556185db85Sdougm 35566185db85Sdougm err = snprintf(buff, buffsize, "/usr/lib/fs/%s/%s", proto, cmd); 35576185db85Sdougm if (err > buffsize) 3558*25a68471Sdougm return (-1); 35596185db85Sdougm return (0); 35606185db85Sdougm } 35616185db85Sdougm 35626185db85Sdougm 35636185db85Sdougm /* 35646185db85Sdougm * check_legacy_cmd(proto, cmd) 35656185db85Sdougm * 35666185db85Sdougm * Check to see if the cmd exists in /usr/lib/fs/<proto>/<cmd> and is 35676185db85Sdougm * executable. 35686185db85Sdougm */ 35696185db85Sdougm 35706185db85Sdougm static int 35716185db85Sdougm check_legacy_cmd(char *path) 35726185db85Sdougm { 35736185db85Sdougm struct stat st; 35746185db85Sdougm int ret = 0; 35756185db85Sdougm 35766185db85Sdougm if (stat(path, &st) == 0) { 3577*25a68471Sdougm if (S_ISREG(st.st_mode) && 3578*25a68471Sdougm st.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) 3579*25a68471Sdougm ret = 1; 35806185db85Sdougm } 35816185db85Sdougm return (ret); 35826185db85Sdougm } 35836185db85Sdougm 35846185db85Sdougm /* 35856185db85Sdougm * run_legacy_command(proto, cmd, argv) 35866185db85Sdougm * 3587*25a68471Sdougm * We know the command exists, so attempt to execute it with all the 35886185db85Sdougm * arguments. This implements full legacy share support for those 35896185db85Sdougm * protocols that don't have plugin providers. 35906185db85Sdougm */ 35916185db85Sdougm 35926185db85Sdougm static int 35936185db85Sdougm run_legacy_command(char *path, char *argv[]) 35946185db85Sdougm { 35956185db85Sdougm int ret; 35966185db85Sdougm 35976185db85Sdougm ret = execv(path, argv); 35986185db85Sdougm if (ret < 0) { 3599*25a68471Sdougm switch (errno) { 3600*25a68471Sdougm case EACCES: 3601*25a68471Sdougm ret = SA_NO_PERMISSION; 3602*25a68471Sdougm break; 3603*25a68471Sdougm default: 3604*25a68471Sdougm ret = SA_SYSTEM_ERR; 3605*25a68471Sdougm break; 3606*25a68471Sdougm } 36076185db85Sdougm } 36086185db85Sdougm return (ret); 36096185db85Sdougm } 36106185db85Sdougm 36116185db85Sdougm /* 3612f345c0beSdougm * out_share(out, group, proto) 36136185db85Sdougm * 36146185db85Sdougm * Display the share information in the format that the "share" 36156185db85Sdougm * command has traditionally used. 36166185db85Sdougm */ 36176185db85Sdougm 36186185db85Sdougm static void 3619f345c0beSdougm out_share(FILE *out, sa_group_t group, char *proto) 36206185db85Sdougm { 36216185db85Sdougm sa_share_t share; 36226185db85Sdougm char resfmt[128]; 36236185db85Sdougm 3624*25a68471Sdougm for (share = sa_get_share(group, NULL); 3625*25a68471Sdougm share != NULL; 3626*25a68471Sdougm share = sa_get_next_share(share)) { 3627*25a68471Sdougm char *path; 3628*25a68471Sdougm char *type; 3629*25a68471Sdougm char *resource; 3630*25a68471Sdougm char *description; 3631*25a68471Sdougm char *groupname; 3632*25a68471Sdougm char *sharedstate; 3633*25a68471Sdougm int shared = 1; 3634*25a68471Sdougm char *soptions; 3635*25a68471Sdougm 3636*25a68471Sdougm sharedstate = sa_get_share_attr(share, "shared"); 3637*25a68471Sdougm path = sa_get_share_attr(share, "path"); 3638*25a68471Sdougm type = sa_get_share_attr(share, "type"); 3639*25a68471Sdougm resource = sa_get_share_attr(share, "resource"); 3640*25a68471Sdougm groupname = sa_get_group_attr(group, "name"); 3641*25a68471Sdougm 3642*25a68471Sdougm if (groupname != NULL && strcmp(groupname, "default") == 0) { 3643*25a68471Sdougm sa_free_attr_string(groupname); 3644*25a68471Sdougm groupname = NULL; 3645*25a68471Sdougm } 3646*25a68471Sdougm description = sa_get_share_description(share); 3647*25a68471Sdougm 3648*25a68471Sdougm /* Want the sharetab version if it exists */ 3649*25a68471Sdougm soptions = sa_get_share_attr(share, "shareopts"); 3650*25a68471Sdougm 3651*25a68471Sdougm if (sharedstate == NULL) 3652*25a68471Sdougm shared = 0; 3653*25a68471Sdougm 3654*25a68471Sdougm if (soptions == NULL) 3655*25a68471Sdougm soptions = sa_proto_legacy_format(proto, share, 1); 3656*25a68471Sdougm 3657*25a68471Sdougm if (shared) { 3658*25a68471Sdougm /* only active shares go here */ 3659*25a68471Sdougm (void) snprintf(resfmt, sizeof (resfmt), "%s%s%s", 3660*25a68471Sdougm resource != NULL ? resource : "-", 3661*25a68471Sdougm groupname != NULL ? "@" : "", 3662*25a68471Sdougm groupname != NULL ? groupname : ""); 3663*25a68471Sdougm (void) fprintf(out, "%-14.14s %s %s \"%s\" \n", 3664*25a68471Sdougm resfmt, path, 3665*25a68471Sdougm (soptions != NULL && strlen(soptions) > 0) ? 3666*25a68471Sdougm soptions : "rw", 3667*25a68471Sdougm (description != NULL) ? description : ""); 3668*25a68471Sdougm } 3669*25a68471Sdougm 3670*25a68471Sdougm if (path != NULL) 3671*25a68471Sdougm sa_free_attr_string(path); 3672*25a68471Sdougm if (type != NULL) 3673*25a68471Sdougm sa_free_attr_string(type); 3674*25a68471Sdougm if (resource != NULL) 3675*25a68471Sdougm sa_free_attr_string(resource); 3676*25a68471Sdougm if (groupname != NULL) 3677*25a68471Sdougm sa_free_attr_string(groupname); 3678*25a68471Sdougm if (description != NULL) 3679*25a68471Sdougm sa_free_share_description(description); 3680*25a68471Sdougm if (sharedstate != NULL) 3681*25a68471Sdougm sa_free_attr_string(sharedstate); 3682*25a68471Sdougm if (soptions != NULL) 3683*25a68471Sdougm sa_format_free(soptions); 36846185db85Sdougm } 36856185db85Sdougm } 36866185db85Sdougm 36876185db85Sdougm /* 36886185db85Sdougm * output_legacy_file(out, proto) 36896185db85Sdougm * 36906185db85Sdougm * Walk all of the groups for the specified protocol and call 36916185db85Sdougm * out_share() to format and write in the format displayed by the 36926185db85Sdougm * "share" command with no arguments. 36936185db85Sdougm */ 36946185db85Sdougm 36956185db85Sdougm static void 3696549ec3ffSdougm output_legacy_file(FILE *out, char *proto, sa_handle_t handle) 36976185db85Sdougm { 36986185db85Sdougm sa_group_t group; 36996185db85Sdougm 3700549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 3701*25a68471Sdougm group = sa_get_next_group(group)) { 3702*25a68471Sdougm char *options; 3703*25a68471Sdougm char *zfs; 37046185db85Sdougm 37056185db85Sdougm /* 3706*25a68471Sdougm * Get default options preformated, being careful to 37076185db85Sdougm * handle legacy shares differently from new style 37086185db85Sdougm * shares. Legacy share have options on the share. 37096185db85Sdougm */ 37106185db85Sdougm 3711*25a68471Sdougm zfs = sa_get_group_attr(group, "zfs"); 3712*25a68471Sdougm if (zfs != NULL) { 3713*25a68471Sdougm sa_group_t zgroup; 3714*25a68471Sdougm sa_free_attr_string(zfs); 3715*25a68471Sdougm options = sa_proto_legacy_format(proto, group, 1); 3716*25a68471Sdougm for (zgroup = sa_get_sub_group(group); 3717*25a68471Sdougm zgroup != NULL; 3718*25a68471Sdougm zgroup = sa_get_next_group(zgroup)) { 3719*25a68471Sdougm 3720*25a68471Sdougm /* got a group, so display it */ 3721*25a68471Sdougm out_share(out, zgroup, proto); 3722*25a68471Sdougm } 3723*25a68471Sdougm } else { 3724*25a68471Sdougm options = sa_proto_legacy_format(proto, group, 1); 3725*25a68471Sdougm out_share(out, group, proto); 37266185db85Sdougm } 3727*25a68471Sdougm if (options != NULL) 3728*25a68471Sdougm free(options); 37296185db85Sdougm } 37306185db85Sdougm } 37316185db85Sdougm 3732*25a68471Sdougm /*ARGSUSED*/ 37336185db85Sdougm int 3734549ec3ffSdougm sa_legacy_share(sa_handle_t handle, int flags, int argc, char *argv[]) 37356185db85Sdougm { 37366185db85Sdougm char *protocol = "nfs"; 37376185db85Sdougm char *options = NULL; 37386185db85Sdougm char *description = NULL; 37396185db85Sdougm char *groupname = NULL; 37406185db85Sdougm char *sharepath = NULL; 37416185db85Sdougm char *resource = NULL; 37426185db85Sdougm char *groupstatus = NULL; 37436185db85Sdougm int persist = SA_SHARE_TRANSIENT; 37446185db85Sdougm int argsused = 0; 37456185db85Sdougm int c; 37466185db85Sdougm int ret = SA_OK; 37476185db85Sdougm int zfs = 0; 37486185db85Sdougm int true_legacy = 0; 37496185db85Sdougm int curtype = SA_SHARE_TRANSIENT; 37506185db85Sdougm char cmd[MAXPATHLEN]; 3751*25a68471Sdougm sa_group_t group = NULL; 3752*25a68471Sdougm sa_share_t share; 3753*25a68471Sdougm char dir[MAXPATHLEN]; 37546185db85Sdougm 37556185db85Sdougm while ((c = getopt(argc, argv, "?hF:d:o:p")) != EOF) { 3756*25a68471Sdougm switch (c) { 3757*25a68471Sdougm case 'd': 3758*25a68471Sdougm description = optarg; 3759*25a68471Sdougm argsused++; 3760*25a68471Sdougm break; 3761*25a68471Sdougm case 'F': 3762*25a68471Sdougm protocol = optarg; 3763*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 3764*25a68471Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 3765*25a68471Sdougm protocol, "share") == 0 && 3766*25a68471Sdougm check_legacy_cmd(cmd)) { 3767*25a68471Sdougm true_legacy++; 3768*25a68471Sdougm } else { 3769*25a68471Sdougm (void) fprintf(stderr, gettext( 3770*25a68471Sdougm "Invalid protocol specified: " 3771*25a68471Sdougm "%s\n"), protocol); 3772*25a68471Sdougm return (SA_INVALID_PROTOCOL); 3773*25a68471Sdougm } 3774*25a68471Sdougm } 3775*25a68471Sdougm break; 3776*25a68471Sdougm case 'o': 3777*25a68471Sdougm options = optarg; 3778*25a68471Sdougm argsused++; 3779*25a68471Sdougm break; 3780*25a68471Sdougm case 'p': 3781*25a68471Sdougm persist = SA_SHARE_PERMANENT; 3782*25a68471Sdougm argsused++; 3783*25a68471Sdougm break; 3784*25a68471Sdougm case 'h': 3785*25a68471Sdougm case '?': 3786*25a68471Sdougm default: 3787*25a68471Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 3788*25a68471Sdougm sa_get_usage(USAGE_SHARE)); 3789*25a68471Sdougm return (SA_OK); 37906185db85Sdougm } 37916185db85Sdougm } 37926185db85Sdougm 3793*25a68471Sdougm /* Have the info so construct what is needed */ 37946185db85Sdougm if (!argsused && optind == argc) { 3795*25a68471Sdougm /* display current info in share format */ 3796*25a68471Sdougm (void) output_legacy_file(stdout, "nfs", handle); 3797*25a68471Sdougm return (ret); 3798*25a68471Sdougm } 37996185db85Sdougm 3800*25a68471Sdougm /* We are modifying the configuration */ 3801*25a68471Sdougm if (optind == argc) { 38026185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 3803*25a68471Sdougm sa_get_usage(USAGE_SHARE)); 38046185db85Sdougm return (SA_LEGACY_ERR); 3805*25a68471Sdougm } 3806*25a68471Sdougm if (true_legacy) { 3807*25a68471Sdougm /* If still using legacy share/unshare, exec it */ 38086185db85Sdougm ret = run_legacy_command(cmd, argv); 38096185db85Sdougm return (ret); 3810*25a68471Sdougm } 38116185db85Sdougm 3812*25a68471Sdougm sharepath = argv[optind++]; 3813*25a68471Sdougm if (optind < argc) { 38146185db85Sdougm resource = argv[optind]; 38156185db85Sdougm groupname = strchr(resource, '@'); 38166185db85Sdougm if (groupname != NULL) 3817*25a68471Sdougm *groupname++ = '\0'; 3818*25a68471Sdougm } 3819*25a68471Sdougm if (realpath(sharepath, dir) == NULL) 38206185db85Sdougm ret = SA_BAD_PATH; 3821*25a68471Sdougm else 38226185db85Sdougm sharepath = dir; 3823*25a68471Sdougm if (ret == SA_OK) 3824549ec3ffSdougm share = sa_find_share(handle, sharepath); 3825*25a68471Sdougm else 38266185db85Sdougm share = NULL; 3827*25a68471Sdougm 3828*25a68471Sdougm if (groupname != NULL) { 3829*25a68471Sdougm ret = SA_NOT_ALLOWED; 3830*25a68471Sdougm } else if (ret == SA_OK) { 38316185db85Sdougm char *legacygroup = "default"; 38326185db85Sdougm /* 3833*25a68471Sdougm * The legacy group is always present and zfs groups 38346185db85Sdougm * come and go. zfs shares may be in sub-groups and 38356185db85Sdougm * the zfs share will already be in that group so it 38366185db85Sdougm * isn't an error. 38376185db85Sdougm */ 38386185db85Sdougm /* 3839*25a68471Sdougm * If the share exists (not NULL), then make sure it 3840*25a68471Sdougm * is one we want to handle by getting the parent 3841*25a68471Sdougm * group. 38426185db85Sdougm */ 3843*25a68471Sdougm if (share != NULL) 3844*25a68471Sdougm group = sa_get_parent_group(share); 3845*25a68471Sdougm else 3846*25a68471Sdougm group = sa_get_group(handle, legacygroup); 3847*25a68471Sdougm 38486185db85Sdougm if (group != NULL) { 3849*25a68471Sdougm groupstatus = group_status(group); 3850*25a68471Sdougm if (share == NULL) { 3851*25a68471Sdougm share = sa_add_share(group, sharepath, 3852*25a68471Sdougm persist, &ret); 3853*25a68471Sdougm if (share == NULL && 3854*25a68471Sdougm ret == SA_DUPLICATE_NAME) { 3855*25a68471Sdougm /* 3856*25a68471Sdougm * Could be a ZFS path being started 3857*25a68471Sdougm */ 3858*25a68471Sdougm if (sa_zfs_is_shared(handle, 3859*25a68471Sdougm sharepath)) { 3860*25a68471Sdougm ret = SA_OK; 3861*25a68471Sdougm group = sa_get_group(handle, 3862*25a68471Sdougm "zfs"); 3863*25a68471Sdougm if (group == NULL) { 3864*25a68471Sdougm /* 3865*25a68471Sdougm * This shouldn't 3866*25a68471Sdougm * happen. 3867*25a68471Sdougm */ 3868*25a68471Sdougm ret = SA_CONFIG_ERR; 3869*25a68471Sdougm } else { 3870*25a68471Sdougm share = sa_add_share( 3871*25a68471Sdougm group, sharepath, 38726185db85Sdougm persist, &ret); 3873*25a68471Sdougm } 3874*25a68471Sdougm } 3875*25a68471Sdougm } 3876*25a68471Sdougm } else { 3877*25a68471Sdougm char *type; 3878*25a68471Sdougm /* 3879*25a68471Sdougm * May want to change persist state, but the 3880*25a68471Sdougm * important thing is to change options. We 3881*25a68471Sdougm * need to change them regardless of the 3882*25a68471Sdougm * source. 3883*25a68471Sdougm */ 3884*25a68471Sdougm if (sa_zfs_is_shared(handle, sharepath)) { 3885*25a68471Sdougm zfs = 1; 3886*25a68471Sdougm } 3887*25a68471Sdougm remove_all_options(share, protocol); 3888*25a68471Sdougm type = sa_get_share_attr(share, "type"); 3889*25a68471Sdougm if (type != NULL && 3890*25a68471Sdougm strcmp(type, "transient") != 0) { 3891*25a68471Sdougm curtype = SA_SHARE_PERMANENT; 3892*25a68471Sdougm } 3893*25a68471Sdougm if (type != NULL) 3894*25a68471Sdougm sa_free_attr_string(type); 3895*25a68471Sdougm if (curtype != persist) { 3896*25a68471Sdougm (void) sa_set_share_attr(share, "type", 3897*25a68471Sdougm persist == SA_SHARE_PERMANENT ? 3898*25a68471Sdougm "persist" : "transient"); 38996185db85Sdougm } 39006185db85Sdougm } 3901*25a68471Sdougm /* Have a group to hold this share path */ 3902*25a68471Sdougm if (ret == SA_OK && options != NULL && 3903*25a68471Sdougm strlen(options) > 0) { 3904*25a68471Sdougm ret = sa_parse_legacy_options(share, 3905*25a68471Sdougm options, 3906*25a68471Sdougm protocol); 3907*25a68471Sdougm } 3908*25a68471Sdougm if (!zfs) { 3909*25a68471Sdougm /* 3910*25a68471Sdougm * ZFS shares never have resource or 3911*25a68471Sdougm * description and we can't store the values 3912*25a68471Sdougm * so don't try. 3913*25a68471Sdougm */ 3914*25a68471Sdougm if (ret == SA_OK && description != NULL) 3915*25a68471Sdougm ret = sa_set_share_description(share, 3916*25a68471Sdougm description); 3917*25a68471Sdougm if (ret == SA_OK && resource != NULL) 3918*25a68471Sdougm ret = sa_set_share_attr(share, 3919*25a68471Sdougm "resource", resource); 3920*25a68471Sdougm } 3921*25a68471Sdougm if (ret == SA_OK) { 3922*25a68471Sdougm if (strcmp(groupstatus, "enabled") == 0) 3923*25a68471Sdougm ret = sa_enable_share(share, protocol); 3924*25a68471Sdougm if (ret == SA_OK && 3925*25a68471Sdougm persist == SA_SHARE_PERMANENT) { 3926*25a68471Sdougm (void) sa_update_legacy(share, 3927*25a68471Sdougm protocol); 3928*25a68471Sdougm } 3929*25a68471Sdougm if (ret == SA_OK) 3930*25a68471Sdougm ret = sa_update_config(handle); 3931*25a68471Sdougm } 39326185db85Sdougm } else { 3933*25a68471Sdougm ret = SA_SYSTEM_ERR; 39346185db85Sdougm } 39356185db85Sdougm } 39366185db85Sdougm if (ret != SA_OK) { 3937*25a68471Sdougm (void) fprintf(stderr, gettext("Could not share: %s: %s\n"), 3938*25a68471Sdougm sharepath, sa_errorstr(ret)); 3939*25a68471Sdougm ret = SA_LEGACY_ERR; 39406185db85Sdougm 39416185db85Sdougm } 39426185db85Sdougm return (ret); 39436185db85Sdougm } 39446185db85Sdougm 39456185db85Sdougm /* 39466185db85Sdougm * sa_legacy_unshare(flags, argc, argv) 39476185db85Sdougm * 39486185db85Sdougm * Implements the original unshare command. 39496185db85Sdougm */ 3950*25a68471Sdougm /*ARGSUSED*/ 39516185db85Sdougm int 3952549ec3ffSdougm sa_legacy_unshare(sa_handle_t handle, int flags, int argc, char *argv[]) 39536185db85Sdougm { 39546185db85Sdougm char *protocol = "nfs"; /* for now */ 39556185db85Sdougm char *options = NULL; 39566185db85Sdougm char *sharepath = NULL; 39576185db85Sdougm int persist = SA_SHARE_TRANSIENT; 39586185db85Sdougm int argsused = 0; 39596185db85Sdougm int c; 39606185db85Sdougm int ret = SA_OK; 39616185db85Sdougm int true_legacy = 0; 39626185db85Sdougm char cmd[MAXPATHLEN]; 39636185db85Sdougm 39646185db85Sdougm while ((c = getopt(argc, argv, "?hF:o:p")) != EOF) { 3965*25a68471Sdougm switch (c) { 3966*25a68471Sdougm case 'h': 3967*25a68471Sdougm case '?': 3968*25a68471Sdougm break; 3969*25a68471Sdougm case 'F': 3970*25a68471Sdougm protocol = optarg; 3971*25a68471Sdougm if (!sa_valid_protocol(protocol)) { 3972*25a68471Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 3973*25a68471Sdougm protocol, "unshare") == 0 && 3974*25a68471Sdougm check_legacy_cmd(cmd)) { 3975*25a68471Sdougm true_legacy++; 3976*25a68471Sdougm } else { 3977*25a68471Sdougm (void) printf(gettext( 3978*25a68471Sdougm "Invalid file system name\n")); 3979*25a68471Sdougm return (SA_INVALID_PROTOCOL); 3980*25a68471Sdougm } 3981*25a68471Sdougm } 3982*25a68471Sdougm break; 3983*25a68471Sdougm case 'o': 3984*25a68471Sdougm options = optarg; 3985*25a68471Sdougm argsused++; 3986*25a68471Sdougm break; 3987*25a68471Sdougm case 'p': 3988*25a68471Sdougm persist = SA_SHARE_PERMANENT; 3989*25a68471Sdougm argsused++; 3990*25a68471Sdougm break; 3991*25a68471Sdougm default: 3992*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 3993*25a68471Sdougm sa_get_usage(USAGE_UNSHARE)); 3994*25a68471Sdougm return (SA_OK); 39956185db85Sdougm } 39966185db85Sdougm } 39976185db85Sdougm 3998*25a68471Sdougm /* Have the info so construct what is needed */ 3999*25a68471Sdougm if (optind == argc || (optind + 1) < argc || options != NULL) { 4000*25a68471Sdougm ret = SA_SYNTAX_ERR; 40016185db85Sdougm } else { 4002*25a68471Sdougm sa_share_t share; 4003*25a68471Sdougm char dir[MAXPATHLEN]; 4004*25a68471Sdougm if (true_legacy) { 4005*25a68471Sdougm /* if still using legacy share/unshare, exec it */ 4006*25a68471Sdougm ret = run_legacy_command(cmd, argv); 4007*25a68471Sdougm return (ret); 4008*25a68471Sdougm } 4009a99982a7Sdougm /* 4010a99982a7Sdougm * Find the path in the internal configuration. If it 4011a99982a7Sdougm * isn't found, attempt to resolve the path via 4012a99982a7Sdougm * realpath() and try again. 4013a99982a7Sdougm */ 4014*25a68471Sdougm sharepath = argv[optind++]; 4015*25a68471Sdougm share = sa_find_share(handle, sharepath); 4016*25a68471Sdougm if (share == NULL) { 4017*25a68471Sdougm if (realpath(sharepath, dir) == NULL) { 4018*25a68471Sdougm ret = SA_NO_SUCH_PATH; 4019*25a68471Sdougm } else { 4020*25a68471Sdougm share = sa_find_share(handle, dir); 4021*25a68471Sdougm } 40226185db85Sdougm } 4023*25a68471Sdougm if (share != NULL) { 4024*25a68471Sdougm ret = sa_disable_share(share, protocol); 4025*25a68471Sdougm /* 4026*25a68471Sdougm * Errors are ok and removal should still occur. The 4027*25a68471Sdougm * legacy unshare is more forgiving of errors than the 4028*25a68471Sdougm * remove-share subcommand which may need the force 4029*25a68471Sdougm * flag set for some error conditions. That is, the 4030*25a68471Sdougm * "unshare" command will always unshare if it can 4031*25a68471Sdougm * while "remove-share" might require the force option. 4032*25a68471Sdougm */ 4033*25a68471Sdougm if (persist == SA_SHARE_PERMANENT) { 4034*25a68471Sdougm ret = sa_remove_share(share); 4035*25a68471Sdougm if (ret == SA_OK) 4036*25a68471Sdougm ret = sa_update_config(handle); 4037*25a68471Sdougm } 4038*25a68471Sdougm } else { 4039*25a68471Sdougm ret = SA_NOT_SHARED; 4040a99982a7Sdougm } 40416185db85Sdougm } 40426185db85Sdougm switch (ret) { 40436185db85Sdougm default: 4044*25a68471Sdougm (void) printf("%s: %s\n", sharepath, sa_errorstr(ret)); 4045*25a68471Sdougm ret = SA_LEGACY_ERR; 4046*25a68471Sdougm break; 40476185db85Sdougm case SA_SYNTAX_ERR: 4048*25a68471Sdougm (void) printf(gettext("usage: %s\n"), 4049*25a68471Sdougm sa_get_usage(USAGE_UNSHARE)); 4050*25a68471Sdougm break; 40516185db85Sdougm case SA_OK: 4052*25a68471Sdougm break; 40536185db85Sdougm } 40546185db85Sdougm return (ret); 40556185db85Sdougm } 40566185db85Sdougm 40576185db85Sdougm /* 4058*25a68471Sdougm * Common commands that implement the sub-commands used by all 40596185db85Sdougm * protcols. The entries are found via the lookup command 40606185db85Sdougm */ 40616185db85Sdougm 40626185db85Sdougm static sa_command_t commands[] = { 40636185db85Sdougm {"add-share", 0, sa_addshare, USAGE_ADD_SHARE, SVC_SET}, 40646185db85Sdougm {"create", 0, sa_create, USAGE_CREATE, SVC_SET|SVC_ACTION}, 40656185db85Sdougm {"delete", 0, sa_delete, USAGE_DELETE, SVC_SET|SVC_ACTION}, 40666185db85Sdougm {"disable", 0, sa_disable_group, USAGE_DISABLE, SVC_SET|SVC_ACTION}, 40676185db85Sdougm {"enable", 0, sa_enable_group, USAGE_ENABLE, SVC_SET|SVC_ACTION}, 40686185db85Sdougm {"list", 0, sa_list, USAGE_LIST}, 40696185db85Sdougm {"move-share", 0, sa_moveshare, USAGE_MOVE_SHARE, SVC_SET}, 40706185db85Sdougm {"remove-share", 0, sa_removeshare, USAGE_REMOVE_SHARE, SVC_SET}, 40716185db85Sdougm {"set", 0, sa_set, USAGE_SET, SVC_SET}, 40726185db85Sdougm {"set-share", 0, sa_set_share, USAGE_SET_SHARE, SVC_SET}, 40736185db85Sdougm {"show", 0, sa_show, USAGE_SHOW}, 40746185db85Sdougm {"share", 0, sa_legacy_share, USAGE_SHARE, SVC_SET|SVC_ACTION}, 40756185db85Sdougm {"start", CMD_NODISPLAY, sa_start_group, USAGE_START, 40766185db85Sdougm SVC_SET|SVC_ACTION}, 40776185db85Sdougm {"stop", CMD_NODISPLAY, sa_stop_group, USAGE_STOP, SVC_SET|SVC_ACTION}, 40786185db85Sdougm {"unset", 0, sa_unset, USAGE_UNSET, SVC_SET}, 40796185db85Sdougm {"unshare", 0, sa_legacy_unshare, USAGE_UNSHARE, SVC_SET|SVC_ACTION}, 40806185db85Sdougm {NULL, 0, NULL, NULL} 40816185db85Sdougm }; 40826185db85Sdougm 40836185db85Sdougm static char * 40846185db85Sdougm sa_get_usage(sa_usage_t index) 40856185db85Sdougm { 40866185db85Sdougm char *ret = NULL; 40876185db85Sdougm switch (index) { 40886185db85Sdougm case USAGE_ADD_SHARE: 4089*25a68471Sdougm ret = gettext("add-share [-nth] [-r resource-name] " 4090*25a68471Sdougm "[-d \"description text\"] -s sharepath group"); 4091*25a68471Sdougm break; 40926185db85Sdougm case USAGE_CREATE: 4093*25a68471Sdougm ret = gettext( 4094*25a68471Sdougm "create [-nvh] [-P proto [-p property=value]] group"); 4095*25a68471Sdougm break; 40966185db85Sdougm case USAGE_DELETE: 4097*25a68471Sdougm ret = gettext("delete [-nvh] [-P proto] [-f] group"); 4098*25a68471Sdougm break; 40996185db85Sdougm case USAGE_DISABLE: 4100*25a68471Sdougm ret = gettext("disable [-nvh] {-a | group ...}"); 4101*25a68471Sdougm break; 41026185db85Sdougm case USAGE_ENABLE: 4103*25a68471Sdougm ret = gettext("enable [-nvh] {-a | group ...}"); 4104*25a68471Sdougm break; 41056185db85Sdougm case USAGE_LIST: 4106*25a68471Sdougm ret = gettext("list [-vh] [-P proto]"); 4107*25a68471Sdougm break; 41086185db85Sdougm case USAGE_MOVE_SHARE: 4109*25a68471Sdougm ret = gettext( 4110*25a68471Sdougm "move-share [-nvh] -s sharepath destination-group"); 4111*25a68471Sdougm break; 41126185db85Sdougm case USAGE_REMOVE_SHARE: 4113*25a68471Sdougm ret = gettext("remove-share [-fnvh] -s sharepath group"); 4114*25a68471Sdougm break; 41156185db85Sdougm case USAGE_SET: 4116*25a68471Sdougm ret = gettext("set [-nvh] -P proto [-S optspace] " 4117*25a68471Sdougm "[-p property=value]* [-s sharepath] group"); 4118*25a68471Sdougm break; 41196185db85Sdougm case USAGE_SET_SECURITY: 4120*25a68471Sdougm ret = gettext("set-security [-nvh] -P proto -S security-type " 4121*25a68471Sdougm "[-p property=value]* group"); 4122*25a68471Sdougm break; 41236185db85Sdougm case USAGE_SET_SHARE: 4124*25a68471Sdougm ret = gettext("set-share [-nh] [-r resource] " 4125*25a68471Sdougm "[-d \"description text\"] -s sharepath group"); 4126*25a68471Sdougm break; 41276185db85Sdougm case USAGE_SHOW: 4128*25a68471Sdougm ret = gettext("show [-pvxh] [-P proto] [group ...]"); 4129*25a68471Sdougm break; 41306185db85Sdougm case USAGE_SHARE: 4131*25a68471Sdougm ret = gettext("share [-F fstype] [-p] [-o optionlist]" 4132*25a68471Sdougm "[-d description] [pathname [resourcename]]"); 4133*25a68471Sdougm break; 41346185db85Sdougm case USAGE_START: 4135*25a68471Sdougm ret = gettext("start [-vh] [-P proto] {-a | group ...}"); 4136*25a68471Sdougm break; 41376185db85Sdougm case USAGE_STOP: 4138*25a68471Sdougm ret = gettext("stop [-vh] [-P proto] {-a | group ...}"); 4139*25a68471Sdougm break; 41406185db85Sdougm case USAGE_UNSET: 4141*25a68471Sdougm ret = gettext("unset [-nvh] -P proto [-S optspace] " 4142*25a68471Sdougm "[-p property]* group"); 4143*25a68471Sdougm break; 41446185db85Sdougm case USAGE_UNSET_SECURITY: 4145*25a68471Sdougm ret = gettext("unset-security [-nvh] -P proto -S security-type" 4146*25a68471Sdougm " [-p property]* group"); 4147*25a68471Sdougm break; 41486185db85Sdougm case USAGE_UNSHARE: 4149*25a68471Sdougm ret = gettext( 4150*25a68471Sdougm "unshare [-F fstype] [-p] sharepath"); 4151*25a68471Sdougm break; 41526185db85Sdougm } 41536185db85Sdougm return (ret); 41546185db85Sdougm } 41556185db85Sdougm 41566185db85Sdougm /* 41576185db85Sdougm * sa_lookup(cmd, proto) 41586185db85Sdougm * 41596185db85Sdougm * Lookup the sub-command. proto isn't currently used, but it may 41606185db85Sdougm * eventually provide a way to provide protocol specific sub-commands. 41616185db85Sdougm */ 4162*25a68471Sdougm /*ARGSUSED*/ 41636185db85Sdougm sa_command_t * 41646185db85Sdougm sa_lookup(char *cmd, char *proto) 41656185db85Sdougm { 41666185db85Sdougm int i; 41676185db85Sdougm size_t len; 41686185db85Sdougm 41696185db85Sdougm len = strlen(cmd); 41706185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 4171*25a68471Sdougm if (strncmp(cmd, commands[i].cmdname, len) == 0) 4172*25a68471Sdougm return (&commands[i]); 41736185db85Sdougm } 41746185db85Sdougm return (NULL); 41756185db85Sdougm } 41766185db85Sdougm 4177*25a68471Sdougm /*ARGSUSED*/ 41786185db85Sdougm void 41796185db85Sdougm sub_command_help(char *proto) 41806185db85Sdougm { 41816185db85Sdougm int i; 41826185db85Sdougm 41836185db85Sdougm (void) printf(gettext("\tsub-commands:\n")); 41846185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 4185*25a68471Sdougm if (!(commands[i].flags & (CMD_ALIAS|CMD_NODISPLAY))) 4186*25a68471Sdougm (void) printf("\t%s\n", 4187*25a68471Sdougm sa_get_usage((sa_usage_t)commands[i].cmdidx)); 41886185db85Sdougm } 41896185db85Sdougm } 4190