16185db85Sdougm /* 26185db85Sdougm * CDDL HEADER START 36185db85Sdougm * 46185db85Sdougm * The contents of this file are subject to the terms of the 56185db85Sdougm * Common Development and Distribution License (the "License"). 66185db85Sdougm * You may not use this file except in compliance with the License. 76185db85Sdougm * 86185db85Sdougm * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 96185db85Sdougm * or http://www.opensolaris.org/os/licensing. 106185db85Sdougm * See the License for the specific language governing permissions 116185db85Sdougm * and limitations under the License. 126185db85Sdougm * 136185db85Sdougm * When distributing Covered Code, include this CDDL HEADER in each 146185db85Sdougm * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 156185db85Sdougm * If applicable, add the following below this CDDL HEADER, with the 166185db85Sdougm * fields enclosed by brackets "[]" replaced with your own identifying 176185db85Sdougm * information: Portions Copyright [yyyy] [name of copyright owner] 186185db85Sdougm * 196185db85Sdougm * CDDL HEADER END 206185db85Sdougm */ 216185db85Sdougm 226185db85Sdougm /* 23822e6387SMarcel Telka * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. 24e72ff08dSGordon Ross * Copyright (c) 2014, 2016 by Delphix. All rights reserved. 25*0dfe541eSEvan Layton * Copyright 2018 Nexenta Systems, Inc. 2687da98afSVitaliy Gusev */ 276185db85Sdougm 286185db85Sdougm /* 296185db85Sdougm * NFS specific functions 306185db85Sdougm */ 31*0dfe541eSEvan Layton 326185db85Sdougm #include <stdio.h> 336185db85Sdougm #include <string.h> 346185db85Sdougm #include <ctype.h> 356185db85Sdougm #include <stdlib.h> 366185db85Sdougm #include <unistd.h> 376185db85Sdougm #include <errno.h> 386185db85Sdougm #include <locale.h> 396185db85Sdougm #include <signal.h> 40dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States #include <strings.h> 416185db85Sdougm #include "libshare.h" 426185db85Sdougm #include "libshare_impl.h" 436185db85Sdougm #include <nfs/export.h> 446185db85Sdougm #include <pwd.h> 455cb0d679SMarcel Telka #include <grp.h> 466185db85Sdougm #include <limits.h> 476185db85Sdougm #include <libscf.h> 48dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States #include <syslog.h> 49dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States #include <rpcsvc/daemon_utils.h> 506185db85Sdougm #include "nfslog_config.h" 516185db85Sdougm #include "nfslogtab.h" 526185db85Sdougm #include "libshare_nfs.h" 536185db85Sdougm #include <nfs/nfs.h> 54ecd6cf80Smarks #include <nfs/nfssys.h> 55f091aea1SYuri Pankov #include <netconfig.h> 56dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States #include "smfcfg.h" 576185db85Sdougm 586185db85Sdougm /* should really be in some global place */ 596185db85Sdougm #define DEF_WIN 30000 606185db85Sdougm #define OPT_CHUNK 1024 616185db85Sdougm 626185db85Sdougm int debug = 0; 636185db85Sdougm 64ecd6cf80Smarks #define NFS_SERVER_SVC "svc:/network/nfs/server:default" 65dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States #define NFS_CLIENT_SVC (char *)"svc:/network/nfs/client:default" 666185db85Sdougm 676185db85Sdougm /* internal functions */ 686185db85Sdougm static int nfs_init(); 696185db85Sdougm static void nfs_fini(); 706185db85Sdougm static int nfs_enable_share(sa_share_t); 71ecd6cf80Smarks static int nfs_disable_share(sa_share_t, char *); 72687915e9Sdougm static int nfs_validate_property(sa_handle_t, sa_property_t, sa_optionset_t); 736185db85Sdougm static int nfs_validate_security_mode(char *); 746185db85Sdougm static int nfs_is_security_opt(char *); 756185db85Sdougm static int nfs_parse_legacy_options(sa_group_t, char *); 766185db85Sdougm static char *nfs_format_options(sa_group_t, int); 776185db85Sdougm static int nfs_set_proto_prop(sa_property_t); 786185db85Sdougm static sa_protocol_properties_t nfs_get_proto_set(); 796185db85Sdougm static char *nfs_get_status(); 806185db85Sdougm static char *nfs_space_alias(char *); 81da6c28aaSamw static uint64_t nfs_features(); 826185db85Sdougm 836185db85Sdougm /* 846185db85Sdougm * ops vector that provides the protocol specific info and operations 856185db85Sdougm * for share management. 866185db85Sdougm */ 876185db85Sdougm 886185db85Sdougm struct sa_plugin_ops sa_plugin_ops = { 896185db85Sdougm SA_PLUGIN_VERSION, 906185db85Sdougm "nfs", 916185db85Sdougm nfs_init, 926185db85Sdougm nfs_fini, 936185db85Sdougm nfs_enable_share, 946185db85Sdougm nfs_disable_share, 956185db85Sdougm nfs_validate_property, 966185db85Sdougm nfs_validate_security_mode, 976185db85Sdougm nfs_is_security_opt, 986185db85Sdougm nfs_parse_legacy_options, 996185db85Sdougm nfs_format_options, 1006185db85Sdougm nfs_set_proto_prop, 1016185db85Sdougm nfs_get_proto_set, 1026185db85Sdougm nfs_get_status, 1036185db85Sdougm nfs_space_alias, 104da6c28aaSamw NULL, /* update_legacy */ 105da6c28aaSamw NULL, /* delete_legacy */ 106da6c28aaSamw NULL, /* change_notify */ 107da6c28aaSamw NULL, /* enable_resource */ 108da6c28aaSamw NULL, /* disable_resource */ 109da6c28aaSamw nfs_features, 110da6c28aaSamw NULL, /* transient shares */ 111da6c28aaSamw NULL, /* notify resource */ 1124bff34e3Sthurlow NULL, /* rename_resource */ 1134bff34e3Sthurlow NULL, /* run_command */ 1144bff34e3Sthurlow NULL, /* command_help */ 1154bff34e3Sthurlow NULL /* delete_proto_section */ 1166185db85Sdougm }; 1176185db85Sdougm 1186185db85Sdougm /* 1196185db85Sdougm * list of support services needed 1206185db85Sdougm * defines should come from head/rpcsvc/daemon_utils.h 1216185db85Sdougm */ 1226185db85Sdougm 1236185db85Sdougm static char *service_list_default[] = 1242f172c55SRobert Thurlow { STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, REPARSED, NULL }; 1256185db85Sdougm static char *service_list_logging[] = 1262f172c55SRobert Thurlow { STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NFSLOGD, REPARSED, 1272f172c55SRobert Thurlow NULL }; 1286185db85Sdougm 1296185db85Sdougm /* 1306185db85Sdougm * option definitions. Make sure to keep the #define for the option 1316185db85Sdougm * index just before the entry it is the index for. Changing the order 1326185db85Sdougm * can cause breakage. E.g OPT_RW is index 1 and must precede the 1336185db85Sdougm * line that includes the SHOPT_RW and OPT_RW entries. 1346185db85Sdougm */ 1356185db85Sdougm 1366185db85Sdougm struct option_defs optdefs[] = { 1376185db85Sdougm #define OPT_RO 0 1386185db85Sdougm {SHOPT_RO, OPT_RO, OPT_TYPE_ACCLIST}, 1396185db85Sdougm #define OPT_RW 1 1406185db85Sdougm {SHOPT_RW, OPT_RW, OPT_TYPE_ACCLIST}, 1416185db85Sdougm #define OPT_ROOT 2 1426185db85Sdougm {SHOPT_ROOT, OPT_ROOT, OPT_TYPE_ACCLIST}, 1436185db85Sdougm #define OPT_SECURE 3 1446185db85Sdougm {SHOPT_SECURE, OPT_SECURE, OPT_TYPE_DEPRECATED}, 1456185db85Sdougm #define OPT_ANON 4 1466185db85Sdougm {SHOPT_ANON, OPT_ANON, OPT_TYPE_USER}, 1476185db85Sdougm #define OPT_WINDOW 5 1486185db85Sdougm {SHOPT_WINDOW, OPT_WINDOW, OPT_TYPE_NUMBER}, 1496185db85Sdougm #define OPT_NOSUID 6 1506185db85Sdougm {SHOPT_NOSUID, OPT_NOSUID, OPT_TYPE_BOOLEAN}, 1516185db85Sdougm #define OPT_ACLOK 7 1526185db85Sdougm {SHOPT_ACLOK, OPT_ACLOK, OPT_TYPE_BOOLEAN}, 1536185db85Sdougm #define OPT_NOSUB 8 1546185db85Sdougm {SHOPT_NOSUB, OPT_NOSUB, OPT_TYPE_BOOLEAN}, 1556185db85Sdougm #define OPT_SEC 9 1566185db85Sdougm {SHOPT_SEC, OPT_SEC, OPT_TYPE_SECURITY}, 1576185db85Sdougm #define OPT_PUBLIC 10 1586185db85Sdougm {SHOPT_PUBLIC, OPT_PUBLIC, OPT_TYPE_BOOLEAN, OPT_SHARE_ONLY}, 1596185db85Sdougm #define OPT_INDEX 11 1606185db85Sdougm {SHOPT_INDEX, OPT_INDEX, OPT_TYPE_FILE}, 1616185db85Sdougm #define OPT_LOG 12 1626185db85Sdougm {SHOPT_LOG, OPT_LOG, OPT_TYPE_LOGTAG}, 1636185db85Sdougm #define OPT_CKSUM 13 1646185db85Sdougm {SHOPT_CKSUM, OPT_CKSUM, OPT_TYPE_STRINGSET}, 165b89a8333Snatalie li - Sun Microsystems - Irvine United States #define OPT_NONE 14 166b89a8333Snatalie li - Sun Microsystems - Irvine United States {SHOPT_NONE, OPT_NONE, OPT_TYPE_ACCLIST}, 167b89a8333Snatalie li - Sun Microsystems - Irvine United States #define OPT_ROOT_MAPPING 15 168b89a8333Snatalie li - Sun Microsystems - Irvine United States {SHOPT_ROOT_MAPPING, OPT_ROOT_MAPPING, OPT_TYPE_USER}, 169b89a8333Snatalie li - Sun Microsystems - Irvine United States #define OPT_CHARSET_MAP 16 170b89a8333Snatalie li - Sun Microsystems - Irvine United States {"", OPT_CHARSET_MAP, OPT_TYPE_ACCLIST}, 1716764e83bSVallish Vaidyeshwara #define OPT_NOACLFAB 17 1726764e83bSVallish Vaidyeshwara {SHOPT_NOACLFAB, OPT_NOACLFAB, OPT_TYPE_BOOLEAN}, 1735cb0d679SMarcel Telka #define OPT_UIDMAP 18 1745cb0d679SMarcel Telka {SHOPT_UIDMAP, OPT_UIDMAP, OPT_TYPE_MAPPING}, 1755cb0d679SMarcel Telka #define OPT_GIDMAP 19 1765cb0d679SMarcel Telka {SHOPT_GIDMAP, OPT_GIDMAP, OPT_TYPE_MAPPING}, 177f7db5903SVitaliy Gusev #define OPT_NOHIDE 20 178f7db5903SVitaliy Gusev {SHOPT_NOHIDE, OPT_NOHIDE, OPT_TYPE_BOOLEAN}, 1796185db85Sdougm #ifdef VOLATILE_FH_TEST /* XXX added for testing volatile fh's only */ 180f7db5903SVitaliy Gusev #define OPT_VOLFH 21 1816185db85Sdougm {SHOPT_VOLFH, OPT_VOLFH}, 1826185db85Sdougm #endif /* VOLATILE_FH_TEST */ 1836185db85Sdougm NULL 1846185db85Sdougm }; 1856185db85Sdougm 186b89a8333Snatalie li - Sun Microsystems - Irvine United States /* 187b89a8333Snatalie li - Sun Microsystems - Irvine United States * Codesets that may need to be converted to UTF-8 for file paths. 188b89a8333Snatalie li - Sun Microsystems - Irvine United States * Add new names here to add new property support. If we ever get a 189b89a8333Snatalie li - Sun Microsystems - Irvine United States * way to query the kernel for character sets, this should become 190b89a8333Snatalie li - Sun Microsystems - Irvine United States * dynamically loaded. Make sure changes here are reflected in 191b89a8333Snatalie li - Sun Microsystems - Irvine United States * cmd/fs.d/nfs/mountd/nfscmd.c 192b89a8333Snatalie li - Sun Microsystems - Irvine United States */ 193b89a8333Snatalie li - Sun Microsystems - Irvine United States 194b89a8333Snatalie li - Sun Microsystems - Irvine United States static char *legal_conv[] = { 195b89a8333Snatalie li - Sun Microsystems - Irvine United States "euc-cn", 196b89a8333Snatalie li - Sun Microsystems - Irvine United States "euc-jp", 197b89a8333Snatalie li - Sun Microsystems - Irvine United States "euc-jpms", 198b89a8333Snatalie li - Sun Microsystems - Irvine United States "euc-kr", 199b89a8333Snatalie li - Sun Microsystems - Irvine United States "euc-tw", 200b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-1", 201b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-2", 202b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-5", 203b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-6", 204b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-7", 205b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-8", 206b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-9", 207b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-13", 208b89a8333Snatalie li - Sun Microsystems - Irvine United States "iso8859-15", 209b89a8333Snatalie li - Sun Microsystems - Irvine United States "koi8-r", 210b89a8333Snatalie li - Sun Microsystems - Irvine United States NULL 211b89a8333Snatalie li - Sun Microsystems - Irvine United States }; 212b89a8333Snatalie li - Sun Microsystems - Irvine United States 2136185db85Sdougm /* 214a99982a7Sdougm * list of properties that are related to security flavors. 2156185db85Sdougm */ 2166185db85Sdougm static char *seclist[] = { 2176185db85Sdougm SHOPT_RO, 2186185db85Sdougm SHOPT_RW, 2196185db85Sdougm SHOPT_ROOT, 2206185db85Sdougm SHOPT_WINDOW, 221b89a8333Snatalie li - Sun Microsystems - Irvine United States SHOPT_NONE, 222b89a8333Snatalie li - Sun Microsystems - Irvine United States SHOPT_ROOT_MAPPING, 2235cb0d679SMarcel Telka SHOPT_UIDMAP, 2245cb0d679SMarcel Telka SHOPT_GIDMAP, 2256185db85Sdougm NULL 2266185db85Sdougm }; 2276185db85Sdougm 2286185db85Sdougm /* structure for list of securities */ 2296185db85Sdougm struct securities { 230a99982a7Sdougm sa_security_t security; 231a99982a7Sdougm struct securities *next; 2326185db85Sdougm }; 2336185db85Sdougm 234b89a8333Snatalie li - Sun Microsystems - Irvine United States /* 235b89a8333Snatalie li - Sun Microsystems - Irvine United States * findcharset(charset) 236b89a8333Snatalie li - Sun Microsystems - Irvine United States * 237b89a8333Snatalie li - Sun Microsystems - Irvine United States * Returns B_TRUE if the charset is a legal conversion otherwise 238b89a8333Snatalie li - Sun Microsystems - Irvine United States * B_FALSE. This will need to be rewritten to be more efficient when 239b89a8333Snatalie li - Sun Microsystems - Irvine United States * we have a dynamic list of legal conversions. 240b89a8333Snatalie li - Sun Microsystems - Irvine United States */ 241b89a8333Snatalie li - Sun Microsystems - Irvine United States 242b89a8333Snatalie li - Sun Microsystems - Irvine United States static boolean_t 243b89a8333Snatalie li - Sun Microsystems - Irvine United States findcharset(char *charset) 244b89a8333Snatalie li - Sun Microsystems - Irvine United States { 245b89a8333Snatalie li - Sun Microsystems - Irvine United States int i; 246b89a8333Snatalie li - Sun Microsystems - Irvine United States 247b89a8333Snatalie li - Sun Microsystems - Irvine United States for (i = 0; legal_conv[i] != NULL; i++) 248b89a8333Snatalie li - Sun Microsystems - Irvine United States if (strcmp(charset, legal_conv[i]) == 0) 249b89a8333Snatalie li - Sun Microsystems - Irvine United States return (B_TRUE); 250b89a8333Snatalie li - Sun Microsystems - Irvine United States return (B_FALSE); 251b89a8333Snatalie li - Sun Microsystems - Irvine United States } 252b89a8333Snatalie li - Sun Microsystems - Irvine United States 2536185db85Sdougm /* 2546185db85Sdougm * findopt(name) 2556185db85Sdougm * 2566185db85Sdougm * Lookup option "name" in the option table and return the table 2576185db85Sdougm * index. 2586185db85Sdougm */ 2596185db85Sdougm 2606185db85Sdougm static int 2616185db85Sdougm findopt(char *name) 2626185db85Sdougm { 2636185db85Sdougm int i; 2646185db85Sdougm if (name != NULL) { 265a3351425Sdougm for (i = 0; optdefs[i].tag != NULL; i++) { 266a3351425Sdougm if (strcmp(optdefs[i].tag, name) == 0) 26787da98afSVitaliy Gusev return (optdefs[i].index); 268a3351425Sdougm } 269b89a8333Snatalie li - Sun Microsystems - Irvine United States if (findcharset(name)) 270b89a8333Snatalie li - Sun Microsystems - Irvine United States return (OPT_CHARSET_MAP); 2716185db85Sdougm } 2726185db85Sdougm return (-1); 2736185db85Sdougm } 2746185db85Sdougm 2756185db85Sdougm /* 2766185db85Sdougm * gettype(name) 2776185db85Sdougm * 2786185db85Sdougm * Return the type of option "name". 2796185db85Sdougm */ 2806185db85Sdougm 2816185db85Sdougm static int 2826185db85Sdougm gettype(char *name) 2836185db85Sdougm { 2846185db85Sdougm int optdef; 2856185db85Sdougm 2866185db85Sdougm optdef = findopt(name); 2876185db85Sdougm if (optdef != -1) 288a3351425Sdougm return (optdefs[optdef].type); 2896185db85Sdougm return (OPT_TYPE_ANY); 2906185db85Sdougm } 2916185db85Sdougm 2926185db85Sdougm /* 2936185db85Sdougm * nfs_validate_security_mode(mode) 2946185db85Sdougm * 2956185db85Sdougm * is the specified mode string a valid one for use with NFS? 2966185db85Sdougm */ 2976185db85Sdougm 2986185db85Sdougm static int 2996185db85Sdougm nfs_validate_security_mode(char *mode) 3006185db85Sdougm { 3016185db85Sdougm seconfig_t secinfo; 3026185db85Sdougm int err; 3036185db85Sdougm 3046185db85Sdougm (void) memset(&secinfo, '\0', sizeof (secinfo)); 3056185db85Sdougm err = nfs_getseconfig_byname(mode, &secinfo); 3066185db85Sdougm if (err == SC_NOERROR) 307a3351425Sdougm return (1); 3086185db85Sdougm return (0); 3096185db85Sdougm } 3106185db85Sdougm 3116185db85Sdougm /* 3126185db85Sdougm * nfs_is_security_opt(tok) 3136185db85Sdougm * 3146185db85Sdougm * check to see if tok represents an option that is only valid in some 3156185db85Sdougm * security flavor. 3166185db85Sdougm */ 3176185db85Sdougm 3186185db85Sdougm static int 3196185db85Sdougm nfs_is_security_opt(char *tok) 3206185db85Sdougm { 3216185db85Sdougm int i; 3226185db85Sdougm 3236185db85Sdougm for (i = 0; seclist[i] != NULL; i++) { 324a3351425Sdougm if (strcmp(tok, seclist[i]) == 0) 325a3351425Sdougm return (1); 3266185db85Sdougm } 3276185db85Sdougm return (0); 3286185db85Sdougm } 3296185db85Sdougm 3306185db85Sdougm /* 3316185db85Sdougm * find_security(seclist, sec) 3326185db85Sdougm * 3336185db85Sdougm * Walk the current list of security flavors and return true if it is 3346185db85Sdougm * present, else return false. 3356185db85Sdougm */ 3366185db85Sdougm 3376185db85Sdougm static int 3386185db85Sdougm find_security(struct securities *seclist, sa_security_t sec) 3396185db85Sdougm { 3406185db85Sdougm while (seclist != NULL) { 341a3351425Sdougm if (seclist->security == sec) 342a3351425Sdougm return (1); 343a3351425Sdougm seclist = seclist->next; 3446185db85Sdougm } 3456185db85Sdougm return (0); 3466185db85Sdougm } 3476185db85Sdougm 3486185db85Sdougm /* 3496185db85Sdougm * make_security_list(group, securitymodes, proto) 3506185db85Sdougm * go through the list of securitymodes and add them to the 3516185db85Sdougm * group's list of security optionsets. We also keep a list of 3526185db85Sdougm * those optionsets so we don't have to find them later. All of 3536185db85Sdougm * these will get copies of the same properties. 3546185db85Sdougm */ 3556185db85Sdougm 3566185db85Sdougm static struct securities * 3576185db85Sdougm make_security_list(sa_group_t group, char *securitymodes, char *proto) 3586185db85Sdougm { 3596185db85Sdougm char *tok, *next = NULL; 3606185db85Sdougm struct securities *curp, *headp = NULL, *prev; 3616185db85Sdougm sa_security_t check; 3626185db85Sdougm int freetok = 0; 3636185db85Sdougm 3646185db85Sdougm for (tok = securitymodes; tok != NULL; tok = next) { 365a3351425Sdougm next = strchr(tok, ':'); 366a3351425Sdougm if (next != NULL) 367a3351425Sdougm *next++ = '\0'; 368a3351425Sdougm if (strcmp(tok, "default") == 0) { 369a3351425Sdougm /* resolve default into the real type */ 370a3351425Sdougm tok = nfs_space_alias(tok); 371a3351425Sdougm freetok = 1; 372a3351425Sdougm } 373a3351425Sdougm check = sa_get_security(group, tok, proto); 374a3351425Sdougm 375a3351425Sdougm /* add to the security list if it isn't there already */ 376a3351425Sdougm if (check == NULL || !find_security(headp, check)) { 377a3351425Sdougm curp = (struct securities *)calloc(1, 378a3351425Sdougm sizeof (struct securities)); 379a3351425Sdougm if (curp != NULL) { 380a3351425Sdougm if (check == NULL) { 381a3351425Sdougm curp->security = sa_create_security( 382a3351425Sdougm group, tok, proto); 383a3351425Sdougm } else { 384a3351425Sdougm curp->security = check; 385a3351425Sdougm } 386a3351425Sdougm /* 387a3351425Sdougm * note that the first time through the loop, 388a3351425Sdougm * headp will be NULL and prev will be 389a3351425Sdougm * undefined. Since headp is NULL, we set 390a3351425Sdougm * both it and prev to the curp (first 391a3351425Sdougm * structure to be allocated). 392a3351425Sdougm * 393a3351425Sdougm * later passes through the loop will have 394a3351425Sdougm * headp not being NULL and prev will be used 395a3351425Sdougm * to allocate at the end of the list. 396a3351425Sdougm */ 397a3351425Sdougm if (headp == NULL) { 398a3351425Sdougm headp = curp; 399a3351425Sdougm prev = curp; 400a3351425Sdougm } else { 401a3351425Sdougm prev->next = curp; 402a3351425Sdougm prev = curp; 403a3351425Sdougm } 404a3351425Sdougm } 4056185db85Sdougm } 406a99982a7Sdougm 407a3351425Sdougm if (freetok) { 408a3351425Sdougm freetok = 0; 409a3351425Sdougm sa_free_attr_string(tok); 410a3351425Sdougm } 4116185db85Sdougm } 4126185db85Sdougm return (headp); 4136185db85Sdougm } 4146185db85Sdougm 4156185db85Sdougm static void 4166185db85Sdougm free_security_list(struct securities *sec) 4176185db85Sdougm { 4186185db85Sdougm struct securities *next; 4196185db85Sdougm if (sec != NULL) { 420a3351425Sdougm for (next = sec->next; sec != NULL; sec = next) { 421a3351425Sdougm next = sec->next; 422a3351425Sdougm free(sec); 423a3351425Sdougm } 4246185db85Sdougm } 4256185db85Sdougm } 4266185db85Sdougm 4276185db85Sdougm /* 4286185db85Sdougm * nfs_alistcat(str1, str2, sep) 4296185db85Sdougm * 4306185db85Sdougm * concatenate str1 and str2 into a new string using sep as a separate 4316185db85Sdougm * character. If memory allocation fails, return NULL; 4326185db85Sdougm */ 4336185db85Sdougm 4346185db85Sdougm static char * 4356185db85Sdougm nfs_alistcat(char *str1, char *str2, char sep) 4366185db85Sdougm { 4376185db85Sdougm char *newstr; 4386185db85Sdougm size_t len; 4396185db85Sdougm 4406185db85Sdougm len = strlen(str1) + strlen(str2) + 2; 4416185db85Sdougm newstr = (char *)malloc(len); 4426185db85Sdougm if (newstr != NULL) 443a3351425Sdougm (void) snprintf(newstr, len, "%s%c%s", str1, sep, str2); 4446185db85Sdougm return (newstr); 4456185db85Sdougm } 4466185db85Sdougm 4476185db85Sdougm /* 4485cb0d679SMarcel Telka * add_security_prop(sec, name, value, persist, iszfs) 4496185db85Sdougm * 4506185db85Sdougm * Add the property to the securities structure. This accumulates 4516185db85Sdougm * properties for as part of parsing legacy options. 4526185db85Sdougm */ 4536185db85Sdougm 4546185db85Sdougm static int 4556185db85Sdougm add_security_prop(struct securities *sec, char *name, char *value, 456f091aea1SYuri Pankov int persist, int iszfs) 4576185db85Sdougm { 4586185db85Sdougm sa_property_t prop; 4596185db85Sdougm int ret = SA_OK; 4606185db85Sdougm 4616185db85Sdougm for (; sec != NULL; sec = sec->next) { 462a3351425Sdougm if (value == NULL) { 463a3351425Sdougm if (strcmp(name, SHOPT_RW) == 0 || 464a3351425Sdougm strcmp(name, SHOPT_RO) == 0) 465a3351425Sdougm value = "*"; 466a3351425Sdougm else 467a3351425Sdougm value = "true"; 468a3351425Sdougm } 469a99982a7Sdougm 470a99982a7Sdougm /* 471a99982a7Sdougm * Get the existing property, if it exists, so we can 472a99982a7Sdougm * determine what to do with it. The ro/rw/root 473a99982a7Sdougm * properties can be merged if multiple instances of 474a99982a7Sdougm * these properies are given. For example, if "rw" 475a99982a7Sdougm * exists with a value "host1" and a later token of 476a99982a7Sdougm * rw="host2" is seen, the values are merged into a 477a99982a7Sdougm * single rw="host1:host2". 478a99982a7Sdougm */ 479a3351425Sdougm prop = sa_get_property(sec->security, name); 480a99982a7Sdougm 481a3351425Sdougm if (prop != NULL) { 482a3351425Sdougm char *oldvalue; 483a3351425Sdougm char *newvalue; 484a99982a7Sdougm 485a99982a7Sdougm /* 4865cb0d679SMarcel Telka * The security options of ro/rw/root/uidmap/gidmap 4875cb0d679SMarcel Telka * might appear multiple times. If they do, the values 4885cb0d679SMarcel Telka * need to be merged. If it was previously empty, the 4895cb0d679SMarcel Telka * new value alone is added. 490a99982a7Sdougm */ 491a3351425Sdougm oldvalue = sa_get_property_attr(prop, "value"); 492a3351425Sdougm if (oldvalue != NULL) { 4935cb0d679SMarcel Telka char sep = ':'; 4945cb0d679SMarcel Telka 4955cb0d679SMarcel Telka if (strcmp(name, SHOPT_UIDMAP) == 0 || 4965cb0d679SMarcel Telka strcmp(name, SHOPT_GIDMAP) == 0) 4975cb0d679SMarcel Telka sep = '~'; 4985cb0d679SMarcel Telka 499a3351425Sdougm /* 500a3351425Sdougm * The general case is to concatenate the new 501a3351425Sdougm * value onto the old value for multiple 5025cb0d679SMarcel Telka * rw(ro/root/uidmap/gidmap) properties. For 5035cb0d679SMarcel Telka * rw/ro/root a special case exists when either 5045cb0d679SMarcel Telka * the old or new is the "all" case. In the 5055cb0d679SMarcel Telka * special case, if both are "all", then it is 5065cb0d679SMarcel Telka * "all", else if one is an access-list, that 5075cb0d679SMarcel Telka * replaces the "all". 508a3351425Sdougm */ 509a3351425Sdougm if (strcmp(oldvalue, "*") == 0) { 510a3351425Sdougm /* Replace old value with new value. */ 511a3351425Sdougm newvalue = strdup(value); 51297df5ac9Sdougm } else if (strcmp(value, "*") == 0 || 51397df5ac9Sdougm strcmp(oldvalue, value) == 0) { 514a3351425Sdougm /* 515a3351425Sdougm * Keep old value and ignore 516a3351425Sdougm * the new value. 517a3351425Sdougm */ 518a3351425Sdougm newvalue = NULL; 519a3351425Sdougm } else { 520a3351425Sdougm /* 521a3351425Sdougm * Make a new list of old plus new 522a3351425Sdougm * access-list. 523a3351425Sdougm */ 524a3351425Sdougm newvalue = nfs_alistcat(oldvalue, 5255cb0d679SMarcel Telka value, sep); 526a3351425Sdougm } 527a3351425Sdougm 528a3351425Sdougm if (newvalue != NULL) { 529a3351425Sdougm (void) sa_remove_property(prop); 530a3351425Sdougm prop = sa_create_property(name, 531a3351425Sdougm newvalue); 532a3351425Sdougm ret = sa_add_property(sec->security, 533a3351425Sdougm prop); 534a3351425Sdougm free(newvalue); 535a3351425Sdougm } 5365cb0d679SMarcel Telka 5375cb0d679SMarcel Telka sa_free_attr_string(oldvalue); 538a3351425Sdougm } 539a3351425Sdougm } else { 540a3351425Sdougm prop = sa_create_property(name, value); 541a99982a7Sdougm ret = sa_add_property(sec->security, prop); 5426185db85Sdougm } 543a3351425Sdougm if (ret == SA_OK && !iszfs) { 544a3351425Sdougm ret = sa_commit_properties(sec->security, !persist); 545a3351425Sdougm } 5466185db85Sdougm } 5476185db85Sdougm return (ret); 5486185db85Sdougm } 5496185db85Sdougm 5506185db85Sdougm /* 5516185db85Sdougm * check to see if group/share is persistent. 5526185db85Sdougm */ 5536185db85Sdougm static int 5546185db85Sdougm is_persistent(sa_group_t group) 5556185db85Sdougm { 5566185db85Sdougm char *type; 5576185db85Sdougm int persist = 1; 5586185db85Sdougm 5596185db85Sdougm type = sa_get_group_attr(group, "type"); 5606185db85Sdougm if (type != NULL && strcmp(type, "persist") != 0) 561a3351425Sdougm persist = 0; 5626185db85Sdougm if (type != NULL) 563a3351425Sdougm sa_free_attr_string(type); 5646185db85Sdougm return (persist); 5656185db85Sdougm } 5666185db85Sdougm 5676185db85Sdougm /* 5686185db85Sdougm * invalid_security(options) 5696185db85Sdougm * 5706185db85Sdougm * search option string for any invalid sec= type. 5716185db85Sdougm * return true (1) if any are not valid else false (0) 5726185db85Sdougm */ 5736185db85Sdougm static int 5746185db85Sdougm invalid_security(char *options) 5756185db85Sdougm { 5766185db85Sdougm char *copy, *base, *token, *value; 5776185db85Sdougm int ret = 0; 5786185db85Sdougm 5796185db85Sdougm copy = strdup(options); 5806185db85Sdougm token = base = copy; 5816185db85Sdougm while (token != NULL && ret == 0) { 582a3351425Sdougm token = strtok(base, ","); 583a3351425Sdougm base = NULL; 584a3351425Sdougm if (token != NULL) { 585a3351425Sdougm value = strchr(token, '='); 586a3351425Sdougm if (value != NULL) 587a3351425Sdougm *value++ = '\0'; 5885cb0d679SMarcel Telka if (strcmp(token, SHOPT_SEC) == 0) { 589a3351425Sdougm /* HAVE security flavors so check them */ 590a3351425Sdougm char *tok, *next; 591a3351425Sdougm for (next = NULL, tok = value; tok != NULL; 592a3351425Sdougm tok = next) { 593a3351425Sdougm next = strchr(tok, ':'); 594a3351425Sdougm if (next != NULL) 595a3351425Sdougm *next++ = '\0'; 596a3351425Sdougm ret = !nfs_validate_security_mode(tok); 597a3351425Sdougm if (ret) 598a3351425Sdougm break; 599a3351425Sdougm } 600a3351425Sdougm } 6016185db85Sdougm } 6026185db85Sdougm } 6036185db85Sdougm if (copy != NULL) 604a3351425Sdougm free(copy); 6056185db85Sdougm return (ret); 6066185db85Sdougm } 6076185db85Sdougm 6086185db85Sdougm /* 6096185db85Sdougm * nfs_parse_legacy_options(group, options) 6106185db85Sdougm * 6116185db85Sdougm * Parse the old style options into internal format and store on the 6126185db85Sdougm * specified group. Group could be a share for full legacy support. 6136185db85Sdougm */ 6146185db85Sdougm 6156185db85Sdougm static int 6166185db85Sdougm nfs_parse_legacy_options(sa_group_t group, char *options) 6176185db85Sdougm { 618aba7a40bSdougm char *dup; 6196185db85Sdougm char *base; 6206185db85Sdougm char *token; 6216185db85Sdougm sa_optionset_t optionset; 6226185db85Sdougm struct securities *security_list = NULL; 6236185db85Sdougm sa_property_t prop; 6246185db85Sdougm int ret = SA_OK; 6256185db85Sdougm int iszfs = 0; 6266185db85Sdougm sa_group_t parent; 6276185db85Sdougm int persist = 0; 6286185db85Sdougm char *lasts; 6296185db85Sdougm 6306185db85Sdougm /* do we have an existing optionset? */ 6316185db85Sdougm optionset = sa_get_optionset(group, "nfs"); 6326185db85Sdougm if (optionset == NULL) { 633a3351425Sdougm /* didn't find existing optionset so create one */ 634a3351425Sdougm optionset = sa_create_optionset(group, "nfs"); 6356185db85Sdougm } else { 6366185db85Sdougm /* 637da6c28aaSamw * Have an existing optionset . Ideally, we would need 638da6c28aaSamw * to compare options in order to detect errors. For 639da6c28aaSamw * now, we assume that the first optionset is the 640da6c28aaSamw * correct one and the others will be the same. An 641da6c28aaSamw * empty optionset is the same as no optionset so we 642da6c28aaSamw * don't want to exit in that case. Getting an empty 643da6c28aaSamw * optionset can occur with ZFS property checking. 6446185db85Sdougm */ 645da6c28aaSamw if (sa_get_property(optionset, NULL) != NULL) 646da6c28aaSamw return (ret); 6476185db85Sdougm } 6486185db85Sdougm 6496185db85Sdougm if (strcmp(options, SHOPT_RW) == 0) { 6506185db85Sdougm /* 6516185db85Sdougm * there is a special case of only the option "rw" 6526185db85Sdougm * being the default option. We don't have to do 6536185db85Sdougm * anything. 6546185db85Sdougm */ 655a3351425Sdougm return (ret); 6566185db85Sdougm } 6576185db85Sdougm 6586185db85Sdougm /* 6596185db85Sdougm * check if security types are present and validate them. If 6606185db85Sdougm * any are not legal, fail. 6616185db85Sdougm */ 6626185db85Sdougm 6636185db85Sdougm if (invalid_security(options)) { 664a3351425Sdougm return (SA_INVALID_SECURITY); 6656185db85Sdougm } 6666185db85Sdougm 6676185db85Sdougm /* 6686185db85Sdougm * in order to not attempt to change ZFS properties unless 6696185db85Sdougm * absolutely necessary, we never do it in the legacy parsing. 6706185db85Sdougm */ 6716185db85Sdougm if (sa_is_share(group)) { 672a3351425Sdougm char *zfs; 673a3351425Sdougm parent = sa_get_parent_group(group); 674a3351425Sdougm if (parent != NULL) { 675a3351425Sdougm zfs = sa_get_group_attr(parent, "zfs"); 676a3351425Sdougm if (zfs != NULL) { 677a3351425Sdougm sa_free_attr_string(zfs); 678a3351425Sdougm iszfs++; 679a3351425Sdougm } 6806185db85Sdougm } 6816185db85Sdougm } else { 682a3351425Sdougm iszfs = sa_group_is_zfs(group); 6836185db85Sdougm } 6846185db85Sdougm 685aba7a40bSdougm /* We need a copy of options for the next part. */ 686aba7a40bSdougm dup = strdup(options); 687aba7a40bSdougm if (dup == NULL) 688aba7a40bSdougm return (SA_NO_MEMORY); 689aba7a40bSdougm 6906185db85Sdougm /* 6916185db85Sdougm * we need to step through each option in the string and then 6926185db85Sdougm * add either the option or the security option as needed. If 6936185db85Sdougm * this is not a persistent share, don't commit to the 694a99982a7Sdougm * repository. If there is an error, we also want to abort the 695a99982a7Sdougm * processing and report it. 6966185db85Sdougm */ 6976185db85Sdougm persist = is_persistent(group); 6986185db85Sdougm base = dup; 6996185db85Sdougm token = dup; 7006185db85Sdougm lasts = NULL; 701a99982a7Sdougm while (token != NULL && ret == SA_OK) { 702a3351425Sdougm token = strtok_r(base, ",", &lasts); 703a3351425Sdougm base = NULL; 704a3351425Sdougm if (token != NULL) { 705a3351425Sdougm char *value; 7066185db85Sdougm /* 707a3351425Sdougm * if the option has a value, it will have an '=' to 708a3351425Sdougm * separate the name from the value. The following 709a3351425Sdougm * code will result in value != NULL and token 710a3351425Sdougm * pointing to just the name if there is a value. 7116185db85Sdougm */ 712a3351425Sdougm value = strchr(token, '='); 713a3351425Sdougm if (value != NULL) { 714a3351425Sdougm *value++ = '\0'; 7156185db85Sdougm } 7165cb0d679SMarcel Telka if (strcmp(token, SHOPT_SEC) == 0 || 7175cb0d679SMarcel Telka strcmp(token, SHOPT_SECURE) == 0) { 7186185db85Sdougm /* 719a3351425Sdougm * Once in security parsing, we only 720a3351425Sdougm * do security. We do need to move 721a3351425Sdougm * between the security node and the 722a3351425Sdougm * toplevel. The security tag goes on 723a3351425Sdougm * the root while the following ones 724a3351425Sdougm * go on the security. 7256185db85Sdougm */ 726a3351425Sdougm if (security_list != NULL) { 727a3351425Sdougm /* 728a3351425Sdougm * have an old list so close it and 729a3351425Sdougm * start the new 730a3351425Sdougm */ 731a3351425Sdougm free_security_list(security_list); 732a3351425Sdougm } 7335cb0d679SMarcel Telka if (strcmp(token, SHOPT_SECURE) == 0) { 734a3351425Sdougm value = "dh"; 735a3351425Sdougm } else { 736a3351425Sdougm if (value == NULL) { 737a3351425Sdougm ret = SA_SYNTAX_ERR; 738a3351425Sdougm break; 739a3351425Sdougm } 740a3351425Sdougm } 741a3351425Sdougm security_list = make_security_list(group, 742a3351425Sdougm value, "nfs"); 7436185db85Sdougm } else { 744a3351425Sdougm /* 745a3351425Sdougm * Note that the "old" syntax allowed a 7465cb0d679SMarcel Telka * default security model. This must be 747a3351425Sdougm * accounted for and internally converted to 748a3351425Sdougm * "standard" security structure. 749a3351425Sdougm */ 750a3351425Sdougm if (nfs_is_security_opt(token)) { 751a3351425Sdougm if (security_list == NULL) { 752a3351425Sdougm /* 753a3351425Sdougm * need to have a 754a3351425Sdougm * security 755a3351425Sdougm * option. This will 756a3351425Sdougm * be "closed" when a 757a3351425Sdougm * defined "sec=" 758a3351425Sdougm * option is 759a3351425Sdougm * seen. This is 760a3351425Sdougm * technically an 761a3351425Sdougm * error but will be 762a3351425Sdougm * allowed with 763a3351425Sdougm * warning. 764a3351425Sdougm */ 765a3351425Sdougm security_list = 766a3351425Sdougm make_security_list(group, 767a3351425Sdougm "default", 768a3351425Sdougm "nfs"); 769a3351425Sdougm } 770a3351425Sdougm if (security_list != NULL) { 771a3351425Sdougm ret = add_security_prop( 772a3351425Sdougm security_list, token, 773a3351425Sdougm value, persist, iszfs); 774a3351425Sdougm } else { 775a3351425Sdougm ret = SA_NO_MEMORY; 776a3351425Sdougm } 777a3351425Sdougm } else { 778a3351425Sdougm /* regular options */ 779a3351425Sdougm if (value == NULL) { 780a3351425Sdougm if (strcmp(token, SHOPT_RW) == 781a3351425Sdougm 0 || strcmp(token, 782a3351425Sdougm SHOPT_RO) == 0) { 783a3351425Sdougm value = "*"; 784a3351425Sdougm } else { 785a3351425Sdougm value = "global"; 786a3351425Sdougm if (strcmp(token, 787a3351425Sdougm SHOPT_LOG) != 0) { 788a3351425Sdougm value = "true"; 789a3351425Sdougm } 790a3351425Sdougm } 791a3351425Sdougm } 792d6405362Sdougm /* 793d6405362Sdougm * In all cases, create the 794d6405362Sdougm * property specified. If the 795d6405362Sdougm * value was NULL, the default 796d6405362Sdougm * value will have been 797d6405362Sdougm * substituted. 798d6405362Sdougm */ 799d6405362Sdougm prop = sa_create_property(token, value); 800d6405362Sdougm ret = sa_add_property(optionset, prop); 801d6405362Sdougm if (ret != SA_OK) 802d6405362Sdougm break; 803d6405362Sdougm 804a3351425Sdougm if (!iszfs) { 805a3351425Sdougm ret = sa_commit_properties( 806a3351425Sdougm optionset, !persist); 807a3351425Sdougm } 808a3351425Sdougm } 8096185db85Sdougm } 8106185db85Sdougm } 8116185db85Sdougm } 8126185db85Sdougm if (security_list != NULL) 813a3351425Sdougm free_security_list(security_list); 814aba7a40bSdougm 815aba7a40bSdougm free(dup); 8166185db85Sdougm return (ret); 8176185db85Sdougm } 8186185db85Sdougm 8196185db85Sdougm /* 8206185db85Sdougm * is_a_number(number) 8216185db85Sdougm * 8226185db85Sdougm * is the string a number in one of the forms we want to use? 8236185db85Sdougm */ 8246185db85Sdougm 8256185db85Sdougm static int 8266185db85Sdougm is_a_number(char *number) 8276185db85Sdougm { 8286185db85Sdougm int ret = 1; 8296185db85Sdougm int hex = 0; 8306185db85Sdougm 8316185db85Sdougm if (strncmp(number, "0x", 2) == 0) { 832a3351425Sdougm number += 2; 833a3351425Sdougm hex = 1; 834a3351425Sdougm } else if (*number == '-') { 835a3351425Sdougm number++; /* skip the minus */ 836a3351425Sdougm } 8376185db85Sdougm while (ret == 1 && *number != '\0') { 838a3351425Sdougm if (hex) { 839a3351425Sdougm ret = isxdigit(*number++); 840a3351425Sdougm } else { 841a3351425Sdougm ret = isdigit(*number++); 842a3351425Sdougm } 8436185db85Sdougm } 8446185db85Sdougm return (ret); 8456185db85Sdougm } 8466185db85Sdougm 8476185db85Sdougm /* 8486185db85Sdougm * Look for the specified tag in the configuration file. If it is found, 8496185db85Sdougm * enable logging and set the logging configuration information for exp. 8506185db85Sdougm */ 8516185db85Sdougm static void 8526185db85Sdougm configlog(struct exportdata *exp, char *tag) 8536185db85Sdougm { 8546185db85Sdougm nfsl_config_t *configlist = NULL, *configp; 8556185db85Sdougm int error = 0; 8566185db85Sdougm char globaltag[] = DEFAULTTAG; 8576185db85Sdougm 8586185db85Sdougm /* 8596185db85Sdougm * Sends config errors to stderr 8606185db85Sdougm */ 8616185db85Sdougm nfsl_errs_to_syslog = B_FALSE; 8626185db85Sdougm 8636185db85Sdougm /* 8646185db85Sdougm * get the list of configuration settings 8656185db85Sdougm */ 8666185db85Sdougm error = nfsl_getconfig_list(&configlist); 8676185db85Sdougm if (error) { 8686185db85Sdougm (void) fprintf(stderr, 869a3351425Sdougm dgettext(TEXT_DOMAIN, "Cannot get log configuration: %s\n"), 870a3351425Sdougm strerror(error)); 8716185db85Sdougm } 8726185db85Sdougm 8736185db85Sdougm if (tag == NULL) 8746185db85Sdougm tag = globaltag; 8756185db85Sdougm if ((configp = nfsl_findconfig(configlist, tag, &error)) == NULL) { 8766185db85Sdougm nfsl_freeconfig_list(&configlist); 8776185db85Sdougm (void) fprintf(stderr, 878a3351425Sdougm dgettext(TEXT_DOMAIN, "No tags matching \"%s\"\n"), tag); 8796185db85Sdougm /* bad configuration */ 8806185db85Sdougm error = ENOENT; 8816185db85Sdougm goto err; 8826185db85Sdougm } 8836185db85Sdougm 8846185db85Sdougm if ((exp->ex_tag = strdup(tag)) == NULL) { 8856185db85Sdougm error = ENOMEM; 8866185db85Sdougm goto out; 8876185db85Sdougm } 8886185db85Sdougm if ((exp->ex_log_buffer = strdup(configp->nc_bufferpath)) == NULL) { 8896185db85Sdougm error = ENOMEM; 8906185db85Sdougm goto out; 8916185db85Sdougm } 8926185db85Sdougm exp->ex_flags |= EX_LOG; 8936185db85Sdougm if (configp->nc_rpclogpath != NULL) 8946185db85Sdougm exp->ex_flags |= EX_LOG_ALLOPS; 8956185db85Sdougm out: 8966185db85Sdougm if (configlist != NULL) 897a3351425Sdougm nfsl_freeconfig_list(&configlist); 8986185db85Sdougm 8996185db85Sdougm err: 9006185db85Sdougm if (error != 0) { 901822e6387SMarcel Telka free(exp->ex_tag); 902822e6387SMarcel Telka free(exp->ex_log_buffer); 9036185db85Sdougm (void) fprintf(stderr, 904a3351425Sdougm dgettext(TEXT_DOMAIN, "Cannot set log configuration: %s\n"), 905a3351425Sdougm strerror(error)); 9066185db85Sdougm } 9076185db85Sdougm } 9086185db85Sdougm 9096185db85Sdougm /* 9106185db85Sdougm * fill_export_from_optionset(export, optionset) 9116185db85Sdougm * 9126185db85Sdougm * In order to share, we need to set all the possible general options 9136185db85Sdougm * into the export structure. Share info will be filled in by the 9146185db85Sdougm * caller. Various property values get turned into structure specific 9156185db85Sdougm * values. 9166185db85Sdougm */ 9176185db85Sdougm 9186185db85Sdougm static int 9196185db85Sdougm fill_export_from_optionset(struct exportdata *export, sa_optionset_t optionset) 9206185db85Sdougm { 9216185db85Sdougm sa_property_t option; 9226185db85Sdougm int ret = SA_OK; 9236185db85Sdougm 9246185db85Sdougm for (option = sa_get_property(optionset, NULL); 925a3351425Sdougm option != NULL; option = sa_get_next_property(option)) { 926a3351425Sdougm char *name; 927a3351425Sdougm char *value; 928a3351425Sdougm uint32_t val; 9296185db85Sdougm 930a3351425Sdougm /* 931a3351425Sdougm * since options may be set/reset multiple times, always do an 932a3351425Sdougm * explicit set or clear of the option. This allows defaults 933da6c28aaSamw * to be set and then the protocol specific to override. 934a3351425Sdougm */ 9356185db85Sdougm 936a3351425Sdougm name = sa_get_property_attr(option, "type"); 937a3351425Sdougm value = sa_get_property_attr(option, "value"); 938a3351425Sdougm switch (findopt(name)) { 939a3351425Sdougm case OPT_ANON: 940a3351425Sdougm if (value != NULL && is_a_number(value)) { 941a3351425Sdougm val = strtoul(value, NULL, 0); 942a3351425Sdougm } else { 943a3351425Sdougm struct passwd *pw; 944a3351425Sdougm pw = getpwnam(value != NULL ? value : "nobody"); 945a3351425Sdougm if (pw != NULL) { 946a3351425Sdougm val = pw->pw_uid; 947a3351425Sdougm } else { 948a3351425Sdougm val = UID_NOBODY; 949a3351425Sdougm } 950a3351425Sdougm endpwent(); 951a3351425Sdougm } 952a3351425Sdougm export->ex_anon = val; 953a3351425Sdougm break; 954a3351425Sdougm case OPT_NOSUID: 955a3351425Sdougm if (value != NULL && (strcasecmp(value, "true") == 0 || 956a3351425Sdougm strcmp(value, "1") == 0)) 957a3351425Sdougm export->ex_flags |= EX_NOSUID; 958a3351425Sdougm else 959a3351425Sdougm export->ex_flags &= ~EX_NOSUID; 960a3351425Sdougm break; 961a3351425Sdougm case OPT_ACLOK: 962a3351425Sdougm if (value != NULL && (strcasecmp(value, "true") == 0 || 963a3351425Sdougm strcmp(value, "1") == 0)) 964a3351425Sdougm export->ex_flags |= EX_ACLOK; 965a3351425Sdougm else 966a3351425Sdougm export->ex_flags &= ~EX_ACLOK; 967a3351425Sdougm break; 968a3351425Sdougm case OPT_NOSUB: 969a3351425Sdougm if (value != NULL && (strcasecmp(value, "true") == 0 || 970a3351425Sdougm strcmp(value, "1") == 0)) 971a3351425Sdougm export->ex_flags |= EX_NOSUB; 972a3351425Sdougm else 973a3351425Sdougm export->ex_flags &= ~EX_NOSUB; 974a3351425Sdougm break; 975a3351425Sdougm case OPT_PUBLIC: 976a3351425Sdougm if (value != NULL && (strcasecmp(value, "true") == 0 || 977a3351425Sdougm strcmp(value, "1") == 0)) 978a3351425Sdougm export->ex_flags |= EX_PUBLIC; 979a3351425Sdougm else 980a3351425Sdougm export->ex_flags &= ~EX_PUBLIC; 981a3351425Sdougm break; 982a3351425Sdougm case OPT_INDEX: 983a3351425Sdougm if (value != NULL && (strcmp(value, "..") == 0 || 984a3351425Sdougm strchr(value, '/') != NULL)) { 985a3351425Sdougm /* this is an error */ 986a3351425Sdougm (void) printf(dgettext(TEXT_DOMAIN, 987a3351425Sdougm "NFS: index=\"%s\" not valid;" 988a3351425Sdougm "must be a filename.\n"), 989a3351425Sdougm value); 990a3351425Sdougm break; 991a3351425Sdougm } 992a3351425Sdougm if (value != NULL && *value != '\0' && 993a3351425Sdougm strcmp(value, ".") != 0) { 994a3351425Sdougm /* valid index file string */ 995a3351425Sdougm if (export->ex_index != NULL) { 996a3351425Sdougm /* left over from "default" */ 997a3351425Sdougm free(export->ex_index); 998a3351425Sdougm } 999a3351425Sdougm /* remember to free */ 1000a3351425Sdougm export->ex_index = strdup(value); 1001a3351425Sdougm if (export->ex_index == NULL) { 1002a3351425Sdougm (void) printf(dgettext(TEXT_DOMAIN, 1003a3351425Sdougm "NFS: out of memory setting " 1004a3351425Sdougm "index property\n")); 1005a3351425Sdougm break; 1006a3351425Sdougm } 1007a3351425Sdougm export->ex_flags |= EX_INDEX; 1008a3351425Sdougm } 1009a3351425Sdougm break; 1010a3351425Sdougm case OPT_LOG: 1011a3351425Sdougm if (value == NULL) 1012a3351425Sdougm value = strdup("global"); 1013a3351425Sdougm if (value != NULL) 1014a3351425Sdougm configlog(export, 1015a3351425Sdougm strlen(value) ? value : "global"); 1016a3351425Sdougm break; 1017b89a8333Snatalie li - Sun Microsystems - Irvine United States case OPT_CHARSET_MAP: 1018b89a8333Snatalie li - Sun Microsystems - Irvine United States /* 1019b89a8333Snatalie li - Sun Microsystems - Irvine United States * Set EX_CHARMAP when there is at least one 1020b89a8333Snatalie li - Sun Microsystems - Irvine United States * charmap conversion property. This will get 1021b89a8333Snatalie li - Sun Microsystems - Irvine United States * checked by the nfs server when it needs to. 1022b89a8333Snatalie li - Sun Microsystems - Irvine United States */ 1023b89a8333Snatalie li - Sun Microsystems - Irvine United States export->ex_flags |= EX_CHARMAP; 1024b89a8333Snatalie li - Sun Microsystems - Irvine United States break; 10256764e83bSVallish Vaidyeshwara case OPT_NOACLFAB: 10266764e83bSVallish Vaidyeshwara if (value != NULL && (strcasecmp(value, "true") == 0 || 10276764e83bSVallish Vaidyeshwara strcmp(value, "1") == 0)) 10286764e83bSVallish Vaidyeshwara export->ex_flags |= EX_NOACLFAB; 10296764e83bSVallish Vaidyeshwara else 10306764e83bSVallish Vaidyeshwara export->ex_flags &= ~EX_NOACLFAB; 10316764e83bSVallish Vaidyeshwara break; 1032f7db5903SVitaliy Gusev case OPT_NOHIDE: 1033f7db5903SVitaliy Gusev if (value != NULL && (strcasecmp(value, "true") == 0 || 1034f7db5903SVitaliy Gusev strcmp(value, "1") == 0)) 1035f7db5903SVitaliy Gusev export->ex_flags |= EX_NOHIDE; 1036f7db5903SVitaliy Gusev else 1037f7db5903SVitaliy Gusev export->ex_flags &= ~EX_NOHIDE; 1038f7db5903SVitaliy Gusev 1039f7db5903SVitaliy Gusev break; 1040a3351425Sdougm default: 1041a3351425Sdougm /* have a syntactic error */ 1042549ec3ffSdougm (void) printf(dgettext(TEXT_DOMAIN, 1043a3351425Sdougm "NFS: unrecognized option %s=%s\n"), 1044fe1c642dSBill Krier name != NULL ? name : "", 1045fe1c642dSBill Krier value != NULL ? value : ""); 10466185db85Sdougm break; 10476185db85Sdougm } 1048a3351425Sdougm if (name != NULL) 1049a3351425Sdougm sa_free_attr_string(name); 10506185db85Sdougm if (value != NULL) 1051a3351425Sdougm sa_free_attr_string(value); 10526185db85Sdougm } 10536185db85Sdougm return (ret); 10546185db85Sdougm } 10556185db85Sdougm 10566185db85Sdougm /* 10576185db85Sdougm * cleanup_export(export) 10586185db85Sdougm * 10596185db85Sdougm * Cleanup the allocated areas so we don't leak memory 10606185db85Sdougm */ 10616185db85Sdougm 10626185db85Sdougm static void 10636185db85Sdougm cleanup_export(struct exportdata *export) 10646185db85Sdougm { 10656185db85Sdougm int i; 10666185db85Sdougm 10673253d86fSMarcel Telka free(export->ex_index); 10683253d86fSMarcel Telka 10693253d86fSMarcel Telka for (i = 0; i < export->ex_seccnt; i++) { 10703253d86fSMarcel Telka struct secinfo *s = &export->ex_secinfo[i]; 10713253d86fSMarcel Telka 10723253d86fSMarcel Telka while (s->s_rootcnt > 0) 10733253d86fSMarcel Telka free(s->s_rootnames[--s->s_rootcnt]); 10743253d86fSMarcel Telka 10753253d86fSMarcel Telka free(s->s_rootnames); 10766185db85Sdougm } 10773253d86fSMarcel Telka free(export->ex_secinfo); 10786185db85Sdougm } 10796185db85Sdougm 10806185db85Sdougm /* 10816185db85Sdougm * Given a seconfig entry and a colon-separated 10826185db85Sdougm * list of names, allocate an array big enough 10836185db85Sdougm * to hold the root list, then convert each name to 10846185db85Sdougm * a principal name according to the security 10856185db85Sdougm * info and assign it to an array element. 10866185db85Sdougm * Return the array and its size. 10876185db85Sdougm */ 10886185db85Sdougm static caddr_t * 10896185db85Sdougm get_rootnames(seconfig_t *sec, char *list, int *count) 10906185db85Sdougm { 10916185db85Sdougm caddr_t *a; 10926185db85Sdougm int c, i; 10936185db85Sdougm char *host, *p; 10946185db85Sdougm 10956185db85Sdougm /* 10966185db85Sdougm * Count the number of strings in the list. 10976185db85Sdougm * This is the number of colon separators + 1. 10986185db85Sdougm */ 10996185db85Sdougm c = 1; 11006185db85Sdougm for (p = list; *p; p++) 11016185db85Sdougm if (*p == ':') 11026185db85Sdougm c++; 11036185db85Sdougm *count = c; 11046185db85Sdougm 11056185db85Sdougm a = (caddr_t *)malloc(c * sizeof (char *)); 11066185db85Sdougm if (a == NULL) { 1107549ec3ffSdougm (void) printf(dgettext(TEXT_DOMAIN, 1108a3351425Sdougm "get_rootnames: no memory\n")); 110907b64d17SMarcel Telka *count = 0; 11106185db85Sdougm } else { 1111a3351425Sdougm for (i = 0; i < c; i++) { 1112a3351425Sdougm host = strtok(list, ":"); 1113a3351425Sdougm if (!nfs_get_root_principal(sec, host, &a[i])) { 11143253d86fSMarcel Telka while (i > 0) 11153253d86fSMarcel Telka free(a[--i]); 1116a3351425Sdougm free(a); 1117a3351425Sdougm a = NULL; 111807b64d17SMarcel Telka *count = 0; 1119a3351425Sdougm break; 1120a3351425Sdougm } 1121a3351425Sdougm list = NULL; 11226185db85Sdougm } 11236185db85Sdougm } 11246185db85Sdougm 11256185db85Sdougm return (a); 11266185db85Sdougm } 11276185db85Sdougm 11286185db85Sdougm /* 11296185db85Sdougm * fill_security_from_secopts(sp, secopts) 11306185db85Sdougm * 11316185db85Sdougm * Fill the secinfo structure from the secopts optionset. 11326185db85Sdougm */ 11336185db85Sdougm 11346185db85Sdougm static int 11356185db85Sdougm fill_security_from_secopts(struct secinfo *sp, sa_security_t secopts) 11366185db85Sdougm { 11376185db85Sdougm sa_property_t prop; 11386185db85Sdougm char *type; 11396185db85Sdougm int longform; 1140a99982a7Sdougm int err = SC_NOERROR; 1141b89a8333Snatalie li - Sun Microsystems - Irvine United States uint32_t val; 11426185db85Sdougm 11436185db85Sdougm type = sa_get_security_attr(secopts, "sectype"); 11446185db85Sdougm if (type != NULL) { 1145a3351425Sdougm /* named security type needs secinfo to be filled in */ 1146a3351425Sdougm err = nfs_getseconfig_byname(type, &sp->s_secinfo); 1147a3351425Sdougm sa_free_attr_string(type); 1148a3351425Sdougm if (err != SC_NOERROR) 1149a3351425Sdougm return (err); 11506185db85Sdougm } else { 1151a3351425Sdougm /* default case */ 1152a3351425Sdougm err = nfs_getseconfig_default(&sp->s_secinfo); 1153a3351425Sdougm if (err != SC_NOERROR) 1154a3351425Sdougm return (err); 11556185db85Sdougm } 11566185db85Sdougm 1157a99982a7Sdougm err = SA_OK; 11586185db85Sdougm for (prop = sa_get_property(secopts, NULL); 1159a3351425Sdougm prop != NULL && err == SA_OK; 1160a3351425Sdougm prop = sa_get_next_property(prop)) { 1161a3351425Sdougm char *name; 1162a3351425Sdougm char *value; 11636185db85Sdougm 1164a3351425Sdougm name = sa_get_property_attr(prop, "type"); 1165a3351425Sdougm value = sa_get_property_attr(prop, "value"); 11666185db85Sdougm 1167a3351425Sdougm longform = value != NULL && strcmp(value, "*") != 0; 11686185db85Sdougm 1169a3351425Sdougm switch (findopt(name)) { 1170a3351425Sdougm case OPT_RO: 1171a3351425Sdougm sp->s_flags |= longform ? M_ROL : M_RO; 1172a3351425Sdougm break; 1173a3351425Sdougm case OPT_RW: 1174a3351425Sdougm sp->s_flags |= longform ? M_RWL : M_RW; 1175a3351425Sdougm break; 1176a3351425Sdougm case OPT_ROOT: 1177a3351425Sdougm sp->s_flags |= M_ROOT; 1178a3351425Sdougm /* 1179a3351425Sdougm * if we are using AUTH_UNIX, handle like other things 1180a3351425Sdougm * such as RO/RW 1181a3351425Sdougm */ 1182a3351425Sdougm if (sp->s_secinfo.sc_rpcnum == AUTH_UNIX) 11836020a1b7SMarcel Telka break; 1184a3351425Sdougm /* not AUTH_UNIX */ 1185a3351425Sdougm if (value != NULL) { 1186a3351425Sdougm sp->s_rootnames = get_rootnames(&sp->s_secinfo, 1187a3351425Sdougm value, &sp->s_rootcnt); 1188a3351425Sdougm if (sp->s_rootnames == NULL) { 1189a3351425Sdougm err = SA_BAD_VALUE; 1190a3351425Sdougm (void) fprintf(stderr, 1191a3351425Sdougm dgettext(TEXT_DOMAIN, 1192a3351425Sdougm "Bad root list\n")); 1193a3351425Sdougm } 1194a3351425Sdougm } 1195a3351425Sdougm break; 1196b89a8333Snatalie li - Sun Microsystems - Irvine United States case OPT_NONE: 1197b89a8333Snatalie li - Sun Microsystems - Irvine United States sp->s_flags |= M_NONE; 1198b89a8333Snatalie li - Sun Microsystems - Irvine United States break; 1199a3351425Sdougm case OPT_WINDOW: 1200a3351425Sdougm if (value != NULL) { 1201a3351425Sdougm sp->s_window = atoi(value); 1202a3351425Sdougm /* just in case */ 1203a3351425Sdougm if (sp->s_window < 0) 1204a3351425Sdougm sp->s_window = DEF_WIN; 1205a3351425Sdougm } 1206a3351425Sdougm break; 1207b89a8333Snatalie li - Sun Microsystems - Irvine United States case OPT_ROOT_MAPPING: 1208b89a8333Snatalie li - Sun Microsystems - Irvine United States if (value != NULL && is_a_number(value)) { 1209b89a8333Snatalie li - Sun Microsystems - Irvine United States val = strtoul(value, NULL, 0); 1210b89a8333Snatalie li - Sun Microsystems - Irvine United States } else { 1211b89a8333Snatalie li - Sun Microsystems - Irvine United States struct passwd *pw; 1212b89a8333Snatalie li - Sun Microsystems - Irvine United States pw = getpwnam(value != NULL ? value : "nobody"); 1213b89a8333Snatalie li - Sun Microsystems - Irvine United States if (pw != NULL) { 1214b89a8333Snatalie li - Sun Microsystems - Irvine United States val = pw->pw_uid; 1215b89a8333Snatalie li - Sun Microsystems - Irvine United States } else { 1216b89a8333Snatalie li - Sun Microsystems - Irvine United States val = UID_NOBODY; 1217b89a8333Snatalie li - Sun Microsystems - Irvine United States } 1218b89a8333Snatalie li - Sun Microsystems - Irvine United States endpwent(); 1219b89a8333Snatalie li - Sun Microsystems - Irvine United States } 1220b89a8333Snatalie li - Sun Microsystems - Irvine United States sp->s_rootid = val; 1221b89a8333Snatalie li - Sun Microsystems - Irvine United States break; 12225cb0d679SMarcel Telka case OPT_UIDMAP: 12235cb0d679SMarcel Telka case OPT_GIDMAP: 12245cb0d679SMarcel Telka sp->s_flags |= M_MAP; 12255cb0d679SMarcel Telka break; 1226a3351425Sdougm default: 1227a3351425Sdougm break; 12286185db85Sdougm } 1229a3351425Sdougm if (name != NULL) 1230a3351425Sdougm sa_free_attr_string(name); 1231a3351425Sdougm if (value != NULL) 1232a3351425Sdougm sa_free_attr_string(value); 12336185db85Sdougm } 12346185db85Sdougm /* if rw/ro options not set, use default of RW */ 12356185db85Sdougm if ((sp->s_flags & NFS_RWMODES) == 0) 1236a3351425Sdougm sp->s_flags |= M_RW; 12376185db85Sdougm return (err); 12386185db85Sdougm } 12396185db85Sdougm 12406185db85Sdougm /* 12416185db85Sdougm * This is for testing only 12426185db85Sdougm * It displays the export structure that 12436185db85Sdougm * goes into the kernel. 12446185db85Sdougm */ 12456185db85Sdougm static void 12466185db85Sdougm printarg(char *path, struct exportdata *ep) 12476185db85Sdougm { 12486185db85Sdougm int i, j; 12496185db85Sdougm struct secinfo *sp; 12506185db85Sdougm 12516185db85Sdougm if (debug == 0) 1252a3351425Sdougm return; 12536185db85Sdougm 12546185db85Sdougm (void) printf("%s:\n", path); 12556185db85Sdougm (void) printf("\tex_version = %d\n", ep->ex_version); 12566185db85Sdougm (void) printf("\tex_path = %s\n", ep->ex_path); 1257549ec3ffSdougm (void) printf("\tex_pathlen = %ld\n", (ulong_t)ep->ex_pathlen); 12586185db85Sdougm (void) printf("\tex_flags: (0x%02x) ", ep->ex_flags); 12596185db85Sdougm if (ep->ex_flags & EX_NOSUID) 12606185db85Sdougm (void) printf("NOSUID "); 12616185db85Sdougm if (ep->ex_flags & EX_ACLOK) 12626185db85Sdougm (void) printf("ACLOK "); 12636185db85Sdougm if (ep->ex_flags & EX_PUBLIC) 12646185db85Sdougm (void) printf("PUBLIC "); 12656185db85Sdougm if (ep->ex_flags & EX_NOSUB) 12666185db85Sdougm (void) printf("NOSUB "); 12676185db85Sdougm if (ep->ex_flags & EX_LOG) 12686185db85Sdougm (void) printf("LOG "); 1269b89a8333Snatalie li - Sun Microsystems - Irvine United States if (ep->ex_flags & EX_CHARMAP) 1270b89a8333Snatalie li - Sun Microsystems - Irvine United States (void) printf("CHARMAP "); 12716185db85Sdougm if (ep->ex_flags & EX_LOG_ALLOPS) 12726185db85Sdougm (void) printf("LOG_ALLOPS "); 12736185db85Sdougm if (ep->ex_flags == 0) 12746185db85Sdougm (void) printf("(none)"); 1275ff168298SToomas Soome (void) printf("\n"); 12766185db85Sdougm if (ep->ex_flags & EX_LOG) { 12776185db85Sdougm (void) printf("\tex_log_buffer = %s\n", 1278a3351425Sdougm (ep->ex_log_buffer ? ep->ex_log_buffer : "(NULL)")); 12796185db85Sdougm (void) printf("\tex_tag = %s\n", 1280a3351425Sdougm (ep->ex_tag ? ep->ex_tag : "(NULL)")); 12816185db85Sdougm } 12826185db85Sdougm (void) printf("\tex_anon = %d\n", ep->ex_anon); 12836185db85Sdougm (void) printf("\tex_seccnt = %d\n", ep->ex_seccnt); 12846185db85Sdougm (void) printf("\n"); 12856185db85Sdougm for (i = 0; i < ep->ex_seccnt; i++) { 12866185db85Sdougm sp = &ep->ex_secinfo[i]; 12876185db85Sdougm (void) printf("\t\ts_secinfo = %s\n", sp->s_secinfo.sc_name); 12886185db85Sdougm (void) printf("\t\ts_flags: (0x%02x) ", sp->s_flags); 12896185db85Sdougm if (sp->s_flags & M_ROOT) (void) printf("M_ROOT "); 12906185db85Sdougm if (sp->s_flags & M_RO) (void) printf("M_RO "); 12916185db85Sdougm if (sp->s_flags & M_ROL) (void) printf("M_ROL "); 12926185db85Sdougm if (sp->s_flags & M_RW) (void) printf("M_RW "); 12936185db85Sdougm if (sp->s_flags & M_RWL) (void) printf("M_RWL "); 1294b89a8333Snatalie li - Sun Microsystems - Irvine United States if (sp->s_flags & M_NONE) (void) printf("M_NONE "); 12955cb0d679SMarcel Telka if (sp->s_flags & M_MAP) (void) printf("M_MAP "); 12966185db85Sdougm if (sp->s_flags == 0) (void) printf("(none)"); 12976185db85Sdougm (void) printf("\n"); 12986185db85Sdougm (void) printf("\t\ts_window = %d\n", sp->s_window); 1299b89a8333Snatalie li - Sun Microsystems - Irvine United States (void) printf("\t\ts_rootid = %d\n", sp->s_rootid); 13006185db85Sdougm (void) printf("\t\ts_rootcnt = %d ", sp->s_rootcnt); 13016185db85Sdougm (void) fflush(stdout); 13026185db85Sdougm for (j = 0; j < sp->s_rootcnt; j++) 13036185db85Sdougm (void) printf("%s ", sp->s_rootnames[j] ? 1304a3351425Sdougm sp->s_rootnames[j] : "<null>"); 13056185db85Sdougm (void) printf("\n\n"); 13066185db85Sdougm } 13076185db85Sdougm } 13086185db85Sdougm 13096185db85Sdougm /* 13106185db85Sdougm * count_security(opts) 13116185db85Sdougm * 13126185db85Sdougm * Count the number of security types (flavors). The optionset has 13136185db85Sdougm * been populated with the security flavors as a holding mechanism. 13146185db85Sdougm * We later use this number to allocate data structures. 13156185db85Sdougm */ 13166185db85Sdougm 13176185db85Sdougm static int 13186185db85Sdougm count_security(sa_optionset_t opts) 13196185db85Sdougm { 13206185db85Sdougm int count = 0; 13216185db85Sdougm sa_property_t prop; 13226185db85Sdougm if (opts != NULL) { 1323a3351425Sdougm for (prop = sa_get_property(opts, NULL); prop != NULL; 1324a3351425Sdougm prop = sa_get_next_property(prop)) { 1325a3351425Sdougm count++; 1326a3351425Sdougm } 13276185db85Sdougm } 13286185db85Sdougm return (count); 13296185db85Sdougm } 13306185db85Sdougm 13316185db85Sdougm /* 13326185db85Sdougm * nfs_sprint_option(rbuff, rbuffsize, incr, prop, sep) 13336185db85Sdougm * 13346185db85Sdougm * provides a mechanism to format NFS properties into legacy output 13356185db85Sdougm * format. If the buffer would overflow, it is reallocated and grown 13366185db85Sdougm * as appropriate. Special cases of converting internal form of values 13376185db85Sdougm * to those used by "share" are done. this function does one property 13386185db85Sdougm * at a time. 13396185db85Sdougm */ 13406185db85Sdougm 1341aed5d200Sdougm static int 13426185db85Sdougm nfs_sprint_option(char **rbuff, size_t *rbuffsize, size_t incr, 1343f091aea1SYuri Pankov sa_property_t prop, int sep) 13446185db85Sdougm { 13456185db85Sdougm char *name; 13466185db85Sdougm char *value; 13476185db85Sdougm int curlen; 13486185db85Sdougm char *buff = *rbuff; 13496185db85Sdougm size_t buffsize = *rbuffsize; 1350aed5d200Sdougm int printed = B_FALSE; 13516185db85Sdougm 13526185db85Sdougm name = sa_get_property_attr(prop, "type"); 13536185db85Sdougm value = sa_get_property_attr(prop, "value"); 13546185db85Sdougm if (buff != NULL) 1355a3351425Sdougm curlen = strlen(buff); 13566185db85Sdougm else 1357a3351425Sdougm curlen = 0; 13586185db85Sdougm if (name != NULL) { 1359a3351425Sdougm int len; 1360a3351425Sdougm len = strlen(name) + sep; 13616185db85Sdougm 13626185db85Sdougm /* 13636185db85Sdougm * A future RFE would be to replace this with more 13646185db85Sdougm * generic code and to possibly handle more types. 13656185db85Sdougm */ 1366a3351425Sdougm switch (gettype(name)) { 1367a3351425Sdougm case OPT_TYPE_BOOLEAN: 1368aed5d200Sdougm /* 1369aed5d200Sdougm * For NFS, boolean value of FALSE means it 1370aed5d200Sdougm * doesn't show up in the option list at all. 1371aed5d200Sdougm */ 1372a3351425Sdougm if (value != NULL && strcasecmp(value, "false") == 0) 1373aed5d200Sdougm goto skip; 1374aed5d200Sdougm if (value != NULL) { 1375a3351425Sdougm sa_free_attr_string(value); 1376aed5d200Sdougm value = NULL; 1377aed5d200Sdougm } 1378a3351425Sdougm break; 1379a3351425Sdougm case OPT_TYPE_ACCLIST: 1380a3351425Sdougm if (value != NULL && strcmp(value, "*") == 0) { 1381a3351425Sdougm sa_free_attr_string(value); 1382a3351425Sdougm value = NULL; 1383a3351425Sdougm } else { 1384a3351425Sdougm if (value != NULL) 1385a3351425Sdougm len += 1 + strlen(value); 1386a3351425Sdougm } 1387a3351425Sdougm break; 1388a3351425Sdougm case OPT_TYPE_LOGTAG: 1389a3351425Sdougm if (value != NULL && strlen(value) == 0) { 1390a3351425Sdougm sa_free_attr_string(value); 1391a3351425Sdougm value = NULL; 1392a3351425Sdougm } else { 1393a3351425Sdougm if (value != NULL) 1394a3351425Sdougm len += 1 + strlen(value); 1395a3351425Sdougm } 1396a3351425Sdougm break; 1397a3351425Sdougm default: 1398a3351425Sdougm if (value != NULL) 1399a3351425Sdougm len += 1 + strlen(value); 1400a3351425Sdougm break; 14016185db85Sdougm } 1402a3351425Sdougm while (buffsize <= (curlen + len)) { 1403a3351425Sdougm /* need more room */ 1404a3351425Sdougm buffsize += incr; 1405a3351425Sdougm buff = realloc(buff, buffsize); 1406a3351425Sdougm if (buff == NULL) { 1407a3351425Sdougm /* realloc failed so free everything */ 1408a3351425Sdougm if (*rbuff != NULL) 1409a3351425Sdougm free(*rbuff); 1410a3351425Sdougm } 1411a3351425Sdougm *rbuff = buff; 1412a3351425Sdougm *rbuffsize = buffsize; 1413aed5d200Sdougm if (buff == NULL) 1414aed5d200Sdougm goto skip; 1415aed5d200Sdougm 14166185db85Sdougm } 1417aed5d200Sdougm 1418a3351425Sdougm if (buff == NULL) 1419aed5d200Sdougm goto skip; 1420aed5d200Sdougm 1421a3351425Sdougm if (value == NULL) { 1422a3351425Sdougm (void) snprintf(buff + curlen, buffsize - curlen, 14235cb0d679SMarcel Telka "%s%s", sep ? "," : "", name); 14246185db85Sdougm } else { 1425a3351425Sdougm (void) snprintf(buff + curlen, buffsize - curlen, 1426a3351425Sdougm "%s%s=%s", sep ? "," : "", 1427a3351425Sdougm name, value != NULL ? value : ""); 14286185db85Sdougm } 1429aed5d200Sdougm printed = B_TRUE; 14306185db85Sdougm } 1431aed5d200Sdougm skip: 14326185db85Sdougm if (name != NULL) 1433a3351425Sdougm sa_free_attr_string(name); 14346185db85Sdougm if (value != NULL) 1435a3351425Sdougm sa_free_attr_string(value); 1436aed5d200Sdougm return (printed); 14376185db85Sdougm } 14386185db85Sdougm 14396185db85Sdougm /* 14406185db85Sdougm * nfs_format_options(group, hier) 14416185db85Sdougm * 14426185db85Sdougm * format all the options on the group into an old-style option 14436185db85Sdougm * string. If hier is non-zero, walk up the tree to get inherited 14446185db85Sdougm * options. 14456185db85Sdougm */ 14466185db85Sdougm 14476185db85Sdougm static char * 14486185db85Sdougm nfs_format_options(sa_group_t group, int hier) 14496185db85Sdougm { 14506185db85Sdougm sa_optionset_t options = NULL; 1451a3351425Sdougm sa_optionset_t secoptions = NULL; 14526185db85Sdougm sa_property_t prop, secprop; 1453a3351425Sdougm sa_security_t security = NULL; 14546185db85Sdougm char *buff; 14556185db85Sdougm size_t buffsize; 1456a3351425Sdougm char *sectype = NULL; 1457a3351425Sdougm int sep = 0; 1458a3351425Sdougm 1459a3351425Sdougm 1460a3351425Sdougm buff = malloc(OPT_CHUNK); 1461a3351425Sdougm if (buff == NULL) { 1462a3351425Sdougm return (NULL); 1463a3351425Sdougm } 1464a3351425Sdougm 1465a3351425Sdougm buff[0] = '\0'; 1466a3351425Sdougm buffsize = OPT_CHUNK; 1467a3351425Sdougm 1468a3351425Sdougm /* 1469a3351425Sdougm * We may have a an optionset relative to this item. format 1470a3351425Sdougm * these if we find them and then add any security definitions. 1471a3351425Sdougm */ 14726185db85Sdougm 14736185db85Sdougm options = sa_get_derived_optionset(group, "nfs", hier); 14746185db85Sdougm 14756185db85Sdougm /* 1476a3351425Sdougm * do the default set first but skip any option that is also 1477a3351425Sdougm * in the protocol specific optionset. 14786185db85Sdougm */ 1479a3351425Sdougm if (options != NULL) { 1480a3351425Sdougm for (prop = sa_get_property(options, NULL); 1481a3351425Sdougm prop != NULL; prop = sa_get_next_property(prop)) { 14826185db85Sdougm /* 1483a3351425Sdougm * use this one since we skipped any 1484a3351425Sdougm * of these that were also in 1485a3351425Sdougm * optdefault 14866185db85Sdougm */ 1487aed5d200Sdougm if (nfs_sprint_option(&buff, &buffsize, OPT_CHUNK, 1488aed5d200Sdougm prop, sep)) 1489aed5d200Sdougm sep = 1; 1490a3351425Sdougm if (buff == NULL) { 1491a3351425Sdougm /* 1492a3351425Sdougm * buff could become NULL if there 1493a3351425Sdougm * isn't enough memory for 1494a3351425Sdougm * nfs_sprint_option to realloc() 1495a3351425Sdougm * as necessary. We can't really 1496a3351425Sdougm * do anything about it at this 1497a3351425Sdougm * point so we return NULL. The 1498a3351425Sdougm * caller should handle the 1499a3351425Sdougm * failure. 1500a3351425Sdougm */ 15016185db85Sdougm if (options != NULL) 1502a3351425Sdougm sa_free_derived_optionset( 1503a3351425Sdougm options); 15046185db85Sdougm return (buff); 15056185db85Sdougm } 1506a3351425Sdougm } 1507a3351425Sdougm } 1508a3351425Sdougm secoptions = (sa_optionset_t)sa_get_all_security_types(group, 1509a3351425Sdougm "nfs", hier); 1510a3351425Sdougm if (secoptions != NULL) { 1511a3351425Sdougm for (secprop = sa_get_property(secoptions, NULL); 1512a3351425Sdougm secprop != NULL; 1513a3351425Sdougm secprop = sa_get_next_property(secprop)) { 1514a3351425Sdougm sectype = sa_get_property_attr(secprop, "type"); 1515a3351425Sdougm security = 1516a3351425Sdougm (sa_security_t)sa_get_derived_security( 1517a3351425Sdougm group, sectype, "nfs", hier); 1518a3351425Sdougm if (security != NULL) { 1519a3351425Sdougm if (sectype != NULL) { 1520a3351425Sdougm prop = sa_create_property( 1521a3351425Sdougm "sec", sectype); 1522aed5d200Sdougm if (prop == NULL) 1523aed5d200Sdougm goto err; 1524aed5d200Sdougm if (nfs_sprint_option(&buff, 1525aed5d200Sdougm &buffsize, OPT_CHUNK, prop, sep)) 1526aed5d200Sdougm sep = 1; 1527a3351425Sdougm (void) sa_remove_property(prop); 1528aed5d200Sdougm if (buff == NULL) 1529aed5d200Sdougm goto err; 1530a3351425Sdougm } 1531a3351425Sdougm for (prop = sa_get_property(security, 1532a3351425Sdougm NULL); prop != NULL; 1533a3351425Sdougm prop = sa_get_next_property(prop)) { 1534aed5d200Sdougm if (nfs_sprint_option(&buff, 1535aed5d200Sdougm &buffsize, OPT_CHUNK, prop, sep)) 1536aed5d200Sdougm sep = 1; 1537a3351425Sdougm if (buff == NULL) 1538a3351425Sdougm goto err; 1539a3351425Sdougm } 1540a3351425Sdougm sa_free_derived_optionset(security); 1541a3351425Sdougm } 1542a3351425Sdougm if (sectype != NULL) 1543a3351425Sdougm sa_free_attr_string(sectype); 15446185db85Sdougm } 15456185db85Sdougm sa_free_derived_optionset(secoptions); 15466185db85Sdougm } 1547a3351425Sdougm 15486185db85Sdougm if (options != NULL) 1549a3351425Sdougm sa_free_derived_optionset(options); 1550a3351425Sdougm return (buff); 1551a3351425Sdougm 1552a3351425Sdougm err: 1553a3351425Sdougm /* 1554a3351425Sdougm * If we couldn't allocate memory for option printing, we need 1555a3351425Sdougm * to break out of the nested loops, cleanup and return NULL. 1556a3351425Sdougm */ 1557a3351425Sdougm if (secoptions != NULL) 1558a3351425Sdougm sa_free_derived_optionset(secoptions); 1559a3351425Sdougm if (security != NULL) 1560a3351425Sdougm sa_free_derived_optionset(security); 1561a3351425Sdougm if (sectype != NULL) 1562a3351425Sdougm sa_free_attr_string(sectype); 1563a3351425Sdougm if (options != NULL) 1564a3351425Sdougm sa_free_derived_optionset(options); 1565dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States return (buff); 15666185db85Sdougm } 1567a3351425Sdougm 15686185db85Sdougm /* 15696185db85Sdougm * Append an entry to the nfslogtab file 15706185db85Sdougm */ 15716185db85Sdougm static int 1572f091aea1SYuri Pankov nfslogtab_add(char *dir, char *buffer, char *tag) 15736185db85Sdougm { 15746185db85Sdougm FILE *f; 15756185db85Sdougm struct logtab_ent lep; 15766185db85Sdougm int error = 0; 15776185db85Sdougm 15786185db85Sdougm /* 15796185db85Sdougm * Open the file for update and create it if necessary. 15806185db85Sdougm * This may leave the I/O offset at the end of the file, 15816185db85Sdougm * so rewind back to the beginning of the file. 15826185db85Sdougm */ 15836185db85Sdougm f = fopen(NFSLOGTAB, "a+"); 15846185db85Sdougm if (f == NULL) { 15856185db85Sdougm error = errno; 15866185db85Sdougm goto out; 15876185db85Sdougm } 15886185db85Sdougm rewind(f); 15896185db85Sdougm 15906185db85Sdougm if (lockf(fileno(f), F_LOCK, 0L) < 0) { 1591549ec3ffSdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1592a3351425Sdougm "share complete, however failed to lock %s " 1593a3351425Sdougm "for update: %s\n"), NFSLOGTAB, strerror(errno)); 15946185db85Sdougm error = -1; 15956185db85Sdougm goto out; 15966185db85Sdougm } 15976185db85Sdougm 15986185db85Sdougm if (logtab_deactivate_after_boot(f) == -1) { 1599549ec3ffSdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1600a3351425Sdougm "share complete, however could not deactivate " 1601a3351425Sdougm "entries in %s\n"), NFSLOGTAB); 16026185db85Sdougm error = -1; 16036185db85Sdougm goto out; 16046185db85Sdougm } 16056185db85Sdougm 16066185db85Sdougm /* 16076185db85Sdougm * Remove entries matching buffer and sharepoint since we're 16086185db85Sdougm * going to replace it with perhaps an entry with a new tag. 16096185db85Sdougm */ 16106185db85Sdougm if (logtab_rement(f, buffer, dir, NULL, -1)) { 1611549ec3ffSdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1612a3351425Sdougm "share complete, however could not remove matching " 1613a3351425Sdougm "entries in %s\n"), NFSLOGTAB); 16146185db85Sdougm error = -1; 16156185db85Sdougm goto out; 16166185db85Sdougm } 16176185db85Sdougm 16186185db85Sdougm /* 16196185db85Sdougm * Deactivate all active entries matching this sharepoint 16206185db85Sdougm */ 16216185db85Sdougm if (logtab_deactivate(f, NULL, dir, NULL)) { 1622549ec3ffSdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1623a3351425Sdougm "share complete, however could not deactivate matching " 1624a3351425Sdougm "entries in %s\n"), NFSLOGTAB); 16256185db85Sdougm error = -1; 16266185db85Sdougm goto out; 16276185db85Sdougm } 16286185db85Sdougm 16296185db85Sdougm lep.le_buffer = buffer; 16306185db85Sdougm lep.le_path = dir; 16316185db85Sdougm lep.le_tag = tag; 16326185db85Sdougm lep.le_state = LES_ACTIVE; 16336185db85Sdougm 16346185db85Sdougm /* 16356185db85Sdougm * Add new sharepoint / buffer location to nfslogtab 16366185db85Sdougm */ 16376185db85Sdougm if (logtab_putent(f, &lep) < 0) { 1638549ec3ffSdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1639a3351425Sdougm "share complete, however could not add %s to %s\n"), 1640a3351425Sdougm dir, NFSLOGTAB); 16416185db85Sdougm error = -1; 16426185db85Sdougm } 16436185db85Sdougm 16446185db85Sdougm out: 16456185db85Sdougm if (f != NULL) 16466185db85Sdougm (void) fclose(f); 16476185db85Sdougm return (error); 16486185db85Sdougm } 16496185db85Sdougm 16506185db85Sdougm /* 16516185db85Sdougm * Deactivate an entry from the nfslogtab file 16526185db85Sdougm */ 16536185db85Sdougm static int 1654f091aea1SYuri Pankov nfslogtab_deactivate(char *path) 16556185db85Sdougm { 16566185db85Sdougm FILE *f; 16576185db85Sdougm int error = 0; 16586185db85Sdougm 16596185db85Sdougm f = fopen(NFSLOGTAB, "r+"); 16606185db85Sdougm if (f == NULL) { 16616185db85Sdougm error = errno; 16626185db85Sdougm goto out; 16636185db85Sdougm } 16646185db85Sdougm if (lockf(fileno(f), F_LOCK, 0L) < 0) { 16656185db85Sdougm error = errno; 1666549ec3ffSdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1667a3351425Sdougm "share complete, however could not lock %s for " 1668a3351425Sdougm "update: %s\n"), NFSLOGTAB, strerror(error)); 16696185db85Sdougm goto out; 16706185db85Sdougm } 16716185db85Sdougm if (logtab_deactivate(f, NULL, path, NULL) == -1) { 16726185db85Sdougm error = -1; 16736185db85Sdougm (void) fprintf(stderr, 1674a3351425Sdougm dgettext(TEXT_DOMAIN, 1675a3351425Sdougm "share complete, however could not " 1676a3351425Sdougm "deactivate %s in %s\n"), path, NFSLOGTAB); 16776185db85Sdougm goto out; 16786185db85Sdougm } 16796185db85Sdougm 16806185db85Sdougm out: if (f != NULL) 16816185db85Sdougm (void) fclose(f); 16826185db85Sdougm 16836185db85Sdougm return (error); 16846185db85Sdougm } 16856185db85Sdougm 1686546405c3Sdougm /* 1687546405c3Sdougm * check_public(group, skipshare) 1688546405c3Sdougm * 1689546405c3Sdougm * Check the group for any shares that have the public property 1690546405c3Sdougm * enabled. We skip "skipshare" since that is the one we are 1691546405c3Sdougm * working with. This is a separate function to make handling 1692546405c3Sdougm * subgroups simpler. Returns true if there is a share with public. 1693546405c3Sdougm */ 1694546405c3Sdougm static int 1695546405c3Sdougm check_public(sa_group_t group, sa_share_t skipshare) 1696546405c3Sdougm { 1697546405c3Sdougm int exists = B_FALSE; 1698546405c3Sdougm sa_share_t share; 1699546405c3Sdougm sa_optionset_t opt; 1700546405c3Sdougm sa_property_t prop; 1701546405c3Sdougm char *shared; 1702546405c3Sdougm 1703546405c3Sdougm for (share = sa_get_share(group, NULL); share != NULL; 1704546405c3Sdougm share = sa_get_next_share(share)) { 1705546405c3Sdougm if (share == skipshare) 1706546405c3Sdougm continue; 1707546405c3Sdougm 1708546405c3Sdougm opt = sa_get_optionset(share, "nfs"); 1709546405c3Sdougm if (opt == NULL) 1710546405c3Sdougm continue; 1711546405c3Sdougm prop = sa_get_property(opt, "public"); 1712546405c3Sdougm if (prop == NULL) 1713546405c3Sdougm continue; 1714546405c3Sdougm shared = sa_get_share_attr(share, "shared"); 1715546405c3Sdougm if (shared != NULL) { 1716546405c3Sdougm exists = strcmp(shared, "true") == 0; 1717546405c3Sdougm sa_free_attr_string(shared); 1718546405c3Sdougm if (exists == B_TRUE) 1719546405c3Sdougm break; 1720546405c3Sdougm } 1721546405c3Sdougm } 1722546405c3Sdougm 1723546405c3Sdougm return (exists); 1724546405c3Sdougm } 1725546405c3Sdougm 17266185db85Sdougm /* 17275cb0d679SMarcel Telka * public_exists(handle, skipshare) 17286185db85Sdougm * 17296185db85Sdougm * check to see if public option is set on any other share than the 1730546405c3Sdougm * one specified. Need to check zfs sub-groups as well as the top 1731546405c3Sdougm * level groups. 17326185db85Sdougm */ 17336185db85Sdougm static int 1734687915e9Sdougm public_exists(sa_handle_t handle, sa_share_t skipshare) 17356185db85Sdougm { 1736687915e9Sdougm sa_group_t group = NULL; 1737549ec3ffSdougm 17383b61b335Sdougm /* 17393b61b335Sdougm * If we don't have a handle, we can only do syntax check. We 17403b61b335Sdougm * can't check against other shares so we assume OK and will 17413b61b335Sdougm * catch the problem only when we actually try to apply it. 17423b61b335Sdougm */ 1743549ec3ffSdougm if (handle == NULL) 17443b61b335Sdougm return (SA_OK); 1745549ec3ffSdougm 1746687915e9Sdougm if (skipshare != NULL) { 1747687915e9Sdougm group = sa_get_parent_group(skipshare); 1748687915e9Sdougm if (group == NULL) 1749687915e9Sdougm return (SA_NO_SUCH_GROUP); 1750687915e9Sdougm } 1751687915e9Sdougm 1752549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 17536185db85Sdougm group = sa_get_next_group(group)) { 1754546405c3Sdougm /* Walk any ZFS subgroups as well as all standard groups */ 1755546405c3Sdougm if (sa_group_is_zfs(group)) { 1756546405c3Sdougm sa_group_t subgroup; 1757546405c3Sdougm for (subgroup = sa_get_sub_group(group); 1758546405c3Sdougm subgroup != NULL; 1759546405c3Sdougm subgroup = sa_get_next_group(subgroup)) { 1760546405c3Sdougm if (check_public(subgroup, skipshare)) 1761546405c3Sdougm return (B_TRUE); 17626185db85Sdougm } 1763546405c3Sdougm } else { 1764546405c3Sdougm if (check_public(group, skipshare)) 1765546405c3Sdougm return (B_TRUE); 17666185db85Sdougm } 17676185db85Sdougm } 1768546405c3Sdougm return (B_FALSE); 17696185db85Sdougm } 17706185db85Sdougm 17716185db85Sdougm /* 17726185db85Sdougm * sa_enable_share at the protocol level, enable_share must tell the 17736185db85Sdougm * implementation that it is to enable the share. This entails 17746185db85Sdougm * converting the path and options into the appropriate ioctl 17756185db85Sdougm * calls. It is assumed that all error checking of paths, etc. were 17766185db85Sdougm * done earlier. 17776185db85Sdougm */ 17786185db85Sdougm static int 17796185db85Sdougm nfs_enable_share(sa_share_t share) 17806185db85Sdougm { 17816185db85Sdougm struct exportdata export; 17826185db85Sdougm sa_optionset_t secoptlist; 17836185db85Sdougm struct secinfo *sp; 17846185db85Sdougm int num_secinfo; 17856185db85Sdougm sa_optionset_t opt; 17866185db85Sdougm sa_security_t sec; 17876185db85Sdougm sa_property_t prop; 17886185db85Sdougm char *path; 17896185db85Sdougm int err = SA_OK; 1790546405c3Sdougm int i; 1791ecd6cf80Smarks int iszfs; 1792687915e9Sdougm sa_handle_t handle; 17936185db85Sdougm 17946185db85Sdougm /* Don't drop core if the NFS module isn't loaded. */ 17956185db85Sdougm (void) signal(SIGSYS, SIG_IGN); 17966185db85Sdougm 17976185db85Sdougm /* get the path since it is important in several places */ 17986185db85Sdougm path = sa_get_share_attr(share, "path"); 17996185db85Sdougm if (path == NULL) 1800a3351425Sdougm return (SA_NO_SUCH_PATH); 18016185db85Sdougm 1802ecd6cf80Smarks iszfs = sa_path_is_zfs(path); 18036185db85Sdougm /* 18046185db85Sdougm * find the optionsets and security sets. There may not be 18056185db85Sdougm * any or there could be one or two for each of optionset and 18066185db85Sdougm * security may have multiple, one per security type per 18076185db85Sdougm * protocol type. 18086185db85Sdougm */ 18096185db85Sdougm opt = sa_get_derived_optionset(share, "nfs", 1); 18106185db85Sdougm secoptlist = (sa_optionset_t)sa_get_all_security_types(share, "nfs", 1); 18116185db85Sdougm if (secoptlist != NULL) 1812a3351425Sdougm num_secinfo = MAX(1, count_security(secoptlist)); 18136185db85Sdougm else 1814a3351425Sdougm num_secinfo = 1; 18156185db85Sdougm 18166185db85Sdougm /* 18176185db85Sdougm * walk through the options and fill in the structure 18186185db85Sdougm * appropriately. 18196185db85Sdougm */ 18206185db85Sdougm 18216185db85Sdougm (void) memset(&export, '\0', sizeof (export)); 18226185db85Sdougm 18236185db85Sdougm /* 18246185db85Sdougm * do non-security options first since there is only one after 18256185db85Sdougm * the derived group is constructed. 18266185db85Sdougm */ 18276185db85Sdougm export.ex_version = EX_CURRENT_VERSION; 18286185db85Sdougm export.ex_anon = UID_NOBODY; /* this is our default value */ 18296185db85Sdougm export.ex_index = NULL; 18306185db85Sdougm export.ex_path = path; 18316185db85Sdougm export.ex_pathlen = strlen(path) + 1; 18326185db85Sdougm 18336185db85Sdougm if (opt != NULL) 1834a3351425Sdougm err = fill_export_from_optionset(&export, opt); 18356185db85Sdougm 18366185db85Sdougm /* 18376185db85Sdougm * check to see if "public" is set. If it is, then make sure 18386185db85Sdougm * no other share has it set. If it is already used, fail. 18396185db85Sdougm */ 18406185db85Sdougm 1841687915e9Sdougm handle = sa_find_group_handle((sa_group_t)share); 1842687915e9Sdougm if (export.ex_flags & EX_PUBLIC && public_exists(handle, share)) { 1843a3351425Sdougm (void) printf(dgettext(TEXT_DOMAIN, 1844a3351425Sdougm "NFS: Cannot share more than one file " 1845a3351425Sdougm "system with 'public' property\n")); 1846a3351425Sdougm err = SA_NOT_ALLOWED; 1847a3351425Sdougm goto out; 18486185db85Sdougm } 18496185db85Sdougm 1850546405c3Sdougm sp = calloc(num_secinfo, sizeof (struct secinfo)); 18516185db85Sdougm if (sp == NULL) { 1852a3351425Sdougm err = SA_NO_MEMORY; 1853546405c3Sdougm (void) printf(dgettext(TEXT_DOMAIN, 1854546405c3Sdougm "NFS: NFS: no memory for security\n")); 1855546405c3Sdougm goto out; 1856546405c3Sdougm } 1857546405c3Sdougm export.ex_secinfo = sp; 1858546405c3Sdougm /* get default secinfo */ 1859546405c3Sdougm export.ex_seccnt = num_secinfo; 1860546405c3Sdougm /* 1861546405c3Sdougm * since we must have one security option defined, we 1862546405c3Sdougm * init to the default and then override as we find 1863546405c3Sdougm * defined security options. This handles the case 1864546405c3Sdougm * where we have no defined options but we need to set 1865546405c3Sdougm * up one. 1866546405c3Sdougm */ 1867546405c3Sdougm sp[0].s_window = DEF_WIN; 1868546405c3Sdougm sp[0].s_rootnames = NULL; 1869546405c3Sdougm /* setup a default in case no properties defined */ 1870546405c3Sdougm if (nfs_getseconfig_default(&sp[0].s_secinfo)) { 1871546405c3Sdougm (void) printf(dgettext(TEXT_DOMAIN, 1872546405c3Sdougm "NFS: nfs_getseconfig_default: failed to " 1873546405c3Sdougm "get default security mode\n")); 1874546405c3Sdougm err = SA_CONFIG_ERR; 1875546405c3Sdougm } 1876546405c3Sdougm if (secoptlist != NULL) { 1877546405c3Sdougm for (i = 0, prop = sa_get_property(secoptlist, NULL); 1878546405c3Sdougm prop != NULL && i < num_secinfo; 1879546405c3Sdougm prop = sa_get_next_property(prop), i++) { 1880546405c3Sdougm char *sectype; 1881fe1c642dSBill Krier sectype = sa_get_property_attr(prop, "type"); 1882546405c3Sdougm /* 1883546405c3Sdougm * if sectype is NULL, we probably 1884546405c3Sdougm * have a memory problem and can't get 1885546405c3Sdougm * the correct values. Rather than 1886546405c3Sdougm * exporting with incorrect security, 1887546405c3Sdougm * don't share it. 1888546405c3Sdougm */ 1889546405c3Sdougm if (sectype == NULL) { 1890546405c3Sdougm err = SA_NO_MEMORY; 1891546405c3Sdougm (void) printf(dgettext(TEXT_DOMAIN, 1892546405c3Sdougm "NFS: Cannot share %s: " 1893546405c3Sdougm "no memory\n"), path); 1894546405c3Sdougm goto out; 1895a3351425Sdougm } 1896546405c3Sdougm sec = (sa_security_t)sa_get_derived_security( 1897546405c3Sdougm share, sectype, "nfs", 1); 1898546405c3Sdougm sp[i].s_window = DEF_WIN; 1899546405c3Sdougm sp[i].s_rootcnt = 0; 1900546405c3Sdougm sp[i].s_rootnames = NULL; 19015cb0d679SMarcel Telka (void) fill_security_from_secopts(&sp[i], sec); 1902546405c3Sdougm if (sec != NULL) 1903546405c3Sdougm sa_free_derived_security(sec); 1904546405c3Sdougm if (sectype != NULL) 1905546405c3Sdougm sa_free_attr_string(sectype); 19066185db85Sdougm } 1907546405c3Sdougm } 1908*0dfe541eSEvan Layton 1909546405c3Sdougm /* now add the share to the internal tables */ 1910546405c3Sdougm printarg(path, &export); 1911546405c3Sdougm /* 1912546405c3Sdougm * call the exportfs system call which is implemented 1913546405c3Sdougm * via the nfssys() call as the EXPORTFS subfunction. 1914546405c3Sdougm */ 1915ecd6cf80Smarks if (iszfs) { 1916ecd6cf80Smarks struct exportfs_args ea; 1917ecd6cf80Smarks share_t sh; 1918ecd6cf80Smarks 1919*0dfe541eSEvan Layton ea.dname = path; 1920*0dfe541eSEvan Layton ea.uex = &export; 1921ecd6cf80Smarks 1922*0dfe541eSEvan Layton (void) sa_sharetab_fill_zfs(share, &sh, "nfs"); 1923*0dfe541eSEvan Layton err = sa_share_zfs(share, NULL, path, &sh, &ea, ZFS_SHARE_NFS); 1924*0dfe541eSEvan Layton if (err != SA_OK) { 1925*0dfe541eSEvan Layton errno = err; 1926*0dfe541eSEvan Layton err = -1; 1927ecd6cf80Smarks } 1928*0dfe541eSEvan Layton sa_emptyshare(&sh); 1929ecd6cf80Smarks } else { 1930ecd6cf80Smarks err = exportfs(path, &export); 1931ecd6cf80Smarks } 1932ecd6cf80Smarks 1933ecd6cf80Smarks if (err < 0) { 1934546405c3Sdougm err = SA_SYSTEM_ERR; 1935546405c3Sdougm switch (errno) { 1936546405c3Sdougm case EPERM: 1937546405c3Sdougm err = SA_NO_PERMISSION; 19380616fd7fSPavel Filipensky break; 19390616fd7fSPavel Filipensky case EEXIST: 19400616fd7fSPavel Filipensky err = SA_SHARE_EXISTS; 19410616fd7fSPavel Filipensky break; 1942546405c3Sdougm default: 1943546405c3Sdougm break; 19446185db85Sdougm } 1945546405c3Sdougm } else { 1946546405c3Sdougm /* update sharetab with an add/modify */ 1947ecd6cf80Smarks if (!iszfs) { 1948ecd6cf80Smarks (void) sa_update_sharetab(share, "nfs"); 1949ecd6cf80Smarks } 19506185db85Sdougm } 19516185db85Sdougm 19526185db85Sdougm if (err == SA_OK) { 19536185db85Sdougm /* 19546185db85Sdougm * enable services as needed. This should probably be 19556185db85Sdougm * done elsewhere in order to minimize the calls to 19566185db85Sdougm * check services. 19576185db85Sdougm */ 19586185db85Sdougm /* 19596185db85Sdougm * check to see if logging and other services need to 19606185db85Sdougm * be triggered, but only if there wasn't an 19616185db85Sdougm * error. This is probably where sharetab should be 19626185db85Sdougm * updated with the NFS specific entry. 19636185db85Sdougm */ 1964a3351425Sdougm if (export.ex_flags & EX_LOG) { 1965a3351425Sdougm /* enable logging */ 1966a3351425Sdougm if (nfslogtab_add(path, export.ex_log_buffer, 1967a3351425Sdougm export.ex_tag) != 0) { 1968a3351425Sdougm (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1969a3351425Sdougm "Could not enable logging for %s\n"), 1970a3351425Sdougm path); 1971a3351425Sdougm } 1972a3351425Sdougm _check_services(service_list_logging); 1973a3351425Sdougm } else { 1974a3351425Sdougm /* 1975a3351425Sdougm * don't have logging so remove it from file. It might 1976a3351425Sdougm * not be thre, but that doesn't matter. 1977a3351425Sdougm */ 1978a3351425Sdougm (void) nfslogtab_deactivate(path); 1979a3351425Sdougm _check_services(service_list_default); 19806185db85Sdougm } 19816185db85Sdougm } 19826185db85Sdougm 19836185db85Sdougm out: 19846185db85Sdougm if (path != NULL) 1985a3351425Sdougm free(path); 19866185db85Sdougm 19876185db85Sdougm cleanup_export(&export); 19886185db85Sdougm if (opt != NULL) 1989a3351425Sdougm sa_free_derived_optionset(opt); 19906185db85Sdougm if (secoptlist != NULL) 1991a3351425Sdougm (void) sa_destroy_optionset(secoptlist); 19926185db85Sdougm return (err); 19936185db85Sdougm } 19946185db85Sdougm 19956185db85Sdougm /* 19968e314a44Sdougm * nfs_disable_share(share, path) 19976185db85Sdougm * 19988e314a44Sdougm * Unshare the specified share. Note that "path" is the same path as 19998e314a44Sdougm * what is in the "share" object. It is passed in to avoid an 20008e314a44Sdougm * additional lookup. A missing "path" value makes this a no-op 20018e314a44Sdougm * function. 20026185db85Sdougm */ 20036185db85Sdougm static int 2004ecd6cf80Smarks nfs_disable_share(sa_share_t share, char *path) 20056185db85Sdougm { 20066185db85Sdougm int err; 20076185db85Sdougm int ret = SA_OK; 2008ecd6cf80Smarks int iszfs; 20098e314a44Sdougm sa_group_t parent; 20105b6e0c46Sdougm sa_handle_t handle; 2011ecd6cf80Smarks 20128e314a44Sdougm if (path == NULL) 20138e314a44Sdougm return (ret); 2014ecd6cf80Smarks 20158e314a44Sdougm /* 20168e314a44Sdougm * If the share is in a ZFS group we need to handle it 20178e314a44Sdougm * differently. Just being on a ZFS file system isn't 20188e314a44Sdougm * enough since we may be in a legacy share case. 20198e314a44Sdougm */ 20208e314a44Sdougm parent = sa_get_parent_group(share); 20218e314a44Sdougm iszfs = sa_group_is_zfs(parent); 20228e314a44Sdougm if (iszfs) { 20238e314a44Sdougm struct exportfs_args ea; 20248e314a44Sdougm share_t sh = { 0 }; 20258e314a44Sdougm ea.dname = path; 20268e314a44Sdougm ea.uex = NULL; 20278e314a44Sdougm sh.sh_path = path; 20288e314a44Sdougm sh.sh_fstype = "nfs"; 20298e314a44Sdougm 2030743a77edSAlan Wright err = sa_share_zfs(share, NULL, path, &sh, 20318e314a44Sdougm &ea, ZFS_UNSHARE_NFS); 2032a63214d6SBill Krier if (err != SA_OK) { 2033a63214d6SBill Krier errno = err; 2034a63214d6SBill Krier err = -1; 2035a63214d6SBill Krier } 20368e314a44Sdougm } else { 20378e314a44Sdougm err = exportfs(path, NULL); 20388e314a44Sdougm } 20398e314a44Sdougm if (err < 0) { 20408e314a44Sdougm /* 20418e314a44Sdougm * TBD: only an error in some 20428e314a44Sdougm * cases - need better analysis 20438e314a44Sdougm */ 20448e314a44Sdougm switch (errno) { 20458e314a44Sdougm case EPERM: 20468e314a44Sdougm case EACCES: 20478e314a44Sdougm ret = SA_NO_PERMISSION; 20488e314a44Sdougm break; 20498e314a44Sdougm case EINVAL: 20508e314a44Sdougm case ENOENT: 20518e314a44Sdougm ret = SA_NO_SUCH_PATH; 2052ecd6cf80Smarks break; 2053a63214d6SBill Krier default: 2054a63214d6SBill Krier ret = SA_SYSTEM_ERR; 2055ecd6cf80Smarks break; 20566185db85Sdougm } 20576185db85Sdougm } 20588e314a44Sdougm if (ret == SA_OK || ret == SA_NO_SUCH_PATH) { 20595b6e0c46Sdougm handle = sa_find_group_handle((sa_group_t)share); 20608e314a44Sdougm if (!iszfs) 20615b6e0c46Sdougm (void) sa_delete_sharetab(handle, path, "nfs"); 20628e314a44Sdougm /* just in case it was logged */ 20638e314a44Sdougm (void) nfslogtab_deactivate(path); 20648e314a44Sdougm } 20656185db85Sdougm return (ret); 20666185db85Sdougm } 20676185db85Sdougm 20685cb0d679SMarcel Telka static int 20695cb0d679SMarcel Telka check_user(char *value) 20705cb0d679SMarcel Telka { 20715cb0d679SMarcel Telka int ret = SA_OK; 20725cb0d679SMarcel Telka 20735cb0d679SMarcel Telka if (!is_a_number(value)) { 20745cb0d679SMarcel Telka struct passwd *pw; 20755cb0d679SMarcel Telka /* 20765cb0d679SMarcel Telka * in this case it would have to be a 20775cb0d679SMarcel Telka * user name 20785cb0d679SMarcel Telka */ 20795cb0d679SMarcel Telka pw = getpwnam(value); 20805cb0d679SMarcel Telka if (pw == NULL) 20815cb0d679SMarcel Telka ret = SA_BAD_VALUE; 20825cb0d679SMarcel Telka endpwent(); 20835cb0d679SMarcel Telka } else { 20845cb0d679SMarcel Telka uint64_t intval; 20855cb0d679SMarcel Telka intval = strtoull(value, NULL, 0); 20865cb0d679SMarcel Telka if (intval > UID_MAX && intval != -1) 20875cb0d679SMarcel Telka ret = SA_BAD_VALUE; 20885cb0d679SMarcel Telka } 20895cb0d679SMarcel Telka 20905cb0d679SMarcel Telka return (ret); 20915cb0d679SMarcel Telka } 20925cb0d679SMarcel Telka 20935cb0d679SMarcel Telka static int 20945cb0d679SMarcel Telka check_group(char *value) 20955cb0d679SMarcel Telka { 20965cb0d679SMarcel Telka int ret = SA_OK; 20975cb0d679SMarcel Telka 20985cb0d679SMarcel Telka if (!is_a_number(value)) { 20995cb0d679SMarcel Telka struct group *gr; 21005cb0d679SMarcel Telka /* 21015cb0d679SMarcel Telka * in this case it would have to be a 21025cb0d679SMarcel Telka * group name 21035cb0d679SMarcel Telka */ 21045cb0d679SMarcel Telka gr = getgrnam(value); 21055cb0d679SMarcel Telka if (gr == NULL) 21065cb0d679SMarcel Telka ret = SA_BAD_VALUE; 21075cb0d679SMarcel Telka endgrent(); 21085cb0d679SMarcel Telka } else { 21095cb0d679SMarcel Telka uint64_t intval; 21105cb0d679SMarcel Telka intval = strtoull(value, NULL, 0); 21115cb0d679SMarcel Telka if (intval > UID_MAX && intval != -1) 21125cb0d679SMarcel Telka ret = SA_BAD_VALUE; 21135cb0d679SMarcel Telka } 21145cb0d679SMarcel Telka 21155cb0d679SMarcel Telka return (ret); 21165cb0d679SMarcel Telka } 21175cb0d679SMarcel Telka 21186185db85Sdougm /* 2119b89a8333Snatalie li - Sun Microsystems - Irvine United States * check_rorwnone(v1, v2, v3) 2120b89a8333Snatalie li - Sun Microsystems - Irvine United States * 2121b89a8333Snatalie li - Sun Microsystems - Irvine United States * check ro vs rw vs none values. Over time this may get beefed up. 2122b89a8333Snatalie li - Sun Microsystems - Irvine United States * for now it just does simple checks. v1 is never NULL but v2 or v3 2123b89a8333Snatalie li - Sun Microsystems - Irvine United States * could be. 21246185db85Sdougm */ 21256185db85Sdougm 21266185db85Sdougm static int 2127b89a8333Snatalie li - Sun Microsystems - Irvine United States check_rorwnone(char *v1, char *v2, char *v3) 21286185db85Sdougm { 21296185db85Sdougm int ret = SA_OK; 2130b89a8333Snatalie li - Sun Microsystems - Irvine United States if (v2 != NULL && strcmp(v1, v2) == 0) 2131b89a8333Snatalie li - Sun Microsystems - Irvine United States ret = SA_VALUE_CONFLICT; 2132b89a8333Snatalie li - Sun Microsystems - Irvine United States else if (v3 != NULL && strcmp(v1, v3) == 0) 2133a3351425Sdougm ret = SA_VALUE_CONFLICT; 2134b89a8333Snatalie li - Sun Microsystems - Irvine United States 21356185db85Sdougm return (ret); 21366185db85Sdougm } 21376185db85Sdougm 21386185db85Sdougm /* 2139687915e9Sdougm * nfs_validate_property(handle, property, parent) 21406185db85Sdougm * 21416185db85Sdougm * Check that the property has a legitimate value for its type. 21426185db85Sdougm */ 21436185db85Sdougm 21446185db85Sdougm static int 2145687915e9Sdougm nfs_validate_property(sa_handle_t handle, sa_property_t property, 2146687915e9Sdougm sa_optionset_t parent) 21476185db85Sdougm { 21486185db85Sdougm int ret = SA_OK; 21496185db85Sdougm char *propname; 2150b89a8333Snatalie li - Sun Microsystems - Irvine United States char *other1; 2151b89a8333Snatalie li - Sun Microsystems - Irvine United States char *other2; 21526185db85Sdougm int optindex; 21536185db85Sdougm nfsl_config_t *configlist; 21546185db85Sdougm sa_group_t parent_group; 21556185db85Sdougm char *value; 21566185db85Sdougm 21576185db85Sdougm propname = sa_get_property_attr(property, "type"); 21586185db85Sdougm 21596185db85Sdougm if ((optindex = findopt(propname)) < 0) 2160a3351425Sdougm ret = SA_NO_SUCH_PROP; 21616185db85Sdougm 21626185db85Sdougm /* need to validate value range here as well */ 21636185db85Sdougm 21646185db85Sdougm if (ret == SA_OK) { 2165a3351425Sdougm parent_group = sa_get_parent_group((sa_share_t)parent); 2166687915e9Sdougm if (optdefs[optindex].share && parent_group != NULL && 2167687915e9Sdougm !sa_is_share(parent_group)) 2168a3351425Sdougm ret = SA_PROP_SHARE_ONLY; 21696185db85Sdougm } 21706185db85Sdougm if (ret == SA_OK) { 2171687915e9Sdougm if (optdefs[optindex].index == OPT_PUBLIC) { 2172687915e9Sdougm /* 2173687915e9Sdougm * Public is special in that only one instance can 2174687915e9Sdougm * be in the repository at the same time. 2175687915e9Sdougm */ 2176687915e9Sdougm if (public_exists(handle, parent_group)) { 2177b89a8333Snatalie li - Sun Microsystems - Irvine United States sa_free_attr_string(propname); 2178687915e9Sdougm return (SA_VALUE_CONFLICT); 2179687915e9Sdougm } 2180687915e9Sdougm } 2181a3351425Sdougm value = sa_get_property_attr(property, "value"); 2182a3351425Sdougm if (value != NULL) { 2183a3351425Sdougm /* first basic type checking */ 2184a3351425Sdougm switch (optdefs[optindex].type) { 21855cb0d679SMarcel Telka 2186a3351425Sdougm case OPT_TYPE_NUMBER: 2187a3351425Sdougm /* check that the value is all digits */ 2188a3351425Sdougm if (!is_a_number(value)) 2189a3351425Sdougm ret = SA_BAD_VALUE; 2190a3351425Sdougm break; 21915cb0d679SMarcel Telka 2192a3351425Sdougm case OPT_TYPE_BOOLEAN: 2193a3351425Sdougm if (strlen(value) == 0 || 2194a3351425Sdougm strcasecmp(value, "true") == 0 || 2195a3351425Sdougm strcmp(value, "1") == 0 || 2196a3351425Sdougm strcasecmp(value, "false") == 0 || 2197a3351425Sdougm strcmp(value, "0") == 0) { 2198a3351425Sdougm ret = SA_OK; 2199a3351425Sdougm } else { 2200a3351425Sdougm ret = SA_BAD_VALUE; 2201a3351425Sdougm } 2202a3351425Sdougm break; 22035cb0d679SMarcel Telka 2204a3351425Sdougm case OPT_TYPE_USER: 22055cb0d679SMarcel Telka ret = check_user(value); 2206a3351425Sdougm break; 22075cb0d679SMarcel Telka 2208a3351425Sdougm case OPT_TYPE_FILE: 2209a3351425Sdougm if (strcmp(value, "..") == 0 || 2210a3351425Sdougm strchr(value, '/') != NULL) { 2211a3351425Sdougm ret = SA_BAD_VALUE; 2212a3351425Sdougm } 2213a3351425Sdougm break; 22145cb0d679SMarcel Telka 2215b89a8333Snatalie li - Sun Microsystems - Irvine United States case OPT_TYPE_ACCLIST: { 2216b89a8333Snatalie li - Sun Microsystems - Irvine United States sa_property_t oprop1; 2217b89a8333Snatalie li - Sun Microsystems - Irvine United States sa_property_t oprop2; 2218b89a8333Snatalie li - Sun Microsystems - Irvine United States char *ovalue1 = NULL; 2219b89a8333Snatalie li - Sun Microsystems - Irvine United States char *ovalue2 = NULL; 2220b89a8333Snatalie li - Sun Microsystems - Irvine United States 2221b89a8333Snatalie li - Sun Microsystems - Irvine United States if (parent == NULL) 2222b89a8333Snatalie li - Sun Microsystems - Irvine United States break; 2223a3351425Sdougm /* 2224a3351425Sdougm * access list handling. Should eventually 2225a3351425Sdougm * validate that all the values make sense. 2226a3351425Sdougm * Also, ro and rw may have cross value 2227a3351425Sdougm * conflicts. 2228a3351425Sdougm */ 2229b89a8333Snatalie li - Sun Microsystems - Irvine United States if (strcmp(propname, SHOPT_RO) == 0) { 2230b89a8333Snatalie li - Sun Microsystems - Irvine United States other1 = SHOPT_RW; 2231b89a8333Snatalie li - Sun Microsystems - Irvine United States other2 = SHOPT_NONE; 2232b89a8333Snatalie li - Sun Microsystems - Irvine United States } else if (strcmp(propname, SHOPT_RW) == 0) { 2233b89a8333Snatalie li - Sun Microsystems - Irvine United States other1 = SHOPT_RO; 2234b89a8333Snatalie li - Sun Microsystems - Irvine United States other2 = SHOPT_NONE; 2235b89a8333Snatalie li - Sun Microsystems - Irvine United States } else if (strcmp(propname, SHOPT_NONE) == 0) { 2236b89a8333Snatalie li - Sun Microsystems - Irvine United States other1 = SHOPT_RO; 2237b89a8333Snatalie li - Sun Microsystems - Irvine United States other2 = SHOPT_RW; 2238b89a8333Snatalie li - Sun Microsystems - Irvine United States } else { 2239b89a8333Snatalie li - Sun Microsystems - Irvine United States other1 = NULL; 2240b89a8333Snatalie li - Sun Microsystems - Irvine United States other2 = NULL; 2241a3351425Sdougm } 2242b89a8333Snatalie li - Sun Microsystems - Irvine United States if (other1 == NULL && other2 == NULL) 2243b89a8333Snatalie li - Sun Microsystems - Irvine United States break; 2244b89a8333Snatalie li - Sun Microsystems - Irvine United States 2245b89a8333Snatalie li - Sun Microsystems - Irvine United States /* compare rw(ro) with ro(rw) */ 2246b89a8333Snatalie li - Sun Microsystems - Irvine United States 2247b89a8333Snatalie li - Sun Microsystems - Irvine United States oprop1 = sa_get_property(parent, other1); 2248b89a8333Snatalie li - Sun Microsystems - Irvine United States oprop2 = sa_get_property(parent, other2); 2249b89a8333Snatalie li - Sun Microsystems - Irvine United States if (oprop1 == NULL && oprop2 == NULL) 2250b89a8333Snatalie li - Sun Microsystems - Irvine United States break; 2251b89a8333Snatalie li - Sun Microsystems - Irvine United States /* 2252b89a8333Snatalie li - Sun Microsystems - Irvine United States * Only potential confusion if other1 2253b89a8333Snatalie li - Sun Microsystems - Irvine United States * or other2 exists. Check the values 2254b89a8333Snatalie li - Sun Microsystems - Irvine United States * and run the check if there is a 2255b89a8333Snatalie li - Sun Microsystems - Irvine United States * value other than the one we are 2256b89a8333Snatalie li - Sun Microsystems - Irvine United States * explicitly looking at. 2257b89a8333Snatalie li - Sun Microsystems - Irvine United States */ 2258b89a8333Snatalie li - Sun Microsystems - Irvine United States ovalue1 = sa_get_property_attr(oprop1, "value"); 2259b89a8333Snatalie li - Sun Microsystems - Irvine United States ovalue2 = sa_get_property_attr(oprop2, "value"); 2260b89a8333Snatalie li - Sun Microsystems - Irvine United States if (ovalue1 != NULL || ovalue2 != NULL) 2261b89a8333Snatalie li - Sun Microsystems - Irvine United States ret = check_rorwnone(value, ovalue1, 2262b89a8333Snatalie li - Sun Microsystems - Irvine United States ovalue2); 2263b89a8333Snatalie li - Sun Microsystems - Irvine United States 2264b89a8333Snatalie li - Sun Microsystems - Irvine United States if (ovalue1 != NULL) 2265b89a8333Snatalie li - Sun Microsystems - Irvine United States sa_free_attr_string(ovalue1); 2266b89a8333Snatalie li - Sun Microsystems - Irvine United States if (ovalue2 != NULL) 2267b89a8333Snatalie li - Sun Microsystems - Irvine United States sa_free_attr_string(ovalue2); 2268a3351425Sdougm break; 2269b89a8333Snatalie li - Sun Microsystems - Irvine United States } 22705cb0d679SMarcel Telka 2271a3351425Sdougm case OPT_TYPE_LOGTAG: 2272a3351425Sdougm if (nfsl_getconfig_list(&configlist) == 0) { 2273a3351425Sdougm int error; 2274a3351425Sdougm if (value == NULL || 2275a3351425Sdougm strlen(value) == 0) { 2276a3351425Sdougm if (value != NULL) 2277a3351425Sdougm sa_free_attr_string( 2278a3351425Sdougm value); 2279a3351425Sdougm value = strdup("global"); 2280a3351425Sdougm } 2281a3351425Sdougm if (value != NULL && 2282a3351425Sdougm nfsl_findconfig(configlist, value, 2283a3351425Sdougm &error) == NULL) { 2284a3351425Sdougm ret = SA_BAD_VALUE; 2285a3351425Sdougm } 2286aed5d200Sdougm /* Must always free when done */ 2287aed5d200Sdougm nfsl_freeconfig_list(&configlist); 2288a3351425Sdougm } else { 2289a3351425Sdougm ret = SA_CONFIG_ERR; 2290a3351425Sdougm } 2291a3351425Sdougm break; 22925cb0d679SMarcel Telka 2293a3351425Sdougm case OPT_TYPE_STRING: 2294a3351425Sdougm /* whatever is here should be ok */ 2295a3351425Sdougm break; 22965cb0d679SMarcel Telka 2297a3351425Sdougm case OPT_TYPE_SECURITY: 2298a3351425Sdougm /* 2299a3351425Sdougm * The "sec" property isn't used in the 2300a3351425Sdougm * non-legacy parts of sharemgr. We need to 2301a3351425Sdougm * reject it here. For legacy, it is pulled 2302a3351425Sdougm * out well before we get here. 2303a3351425Sdougm */ 2304a3351425Sdougm ret = SA_NO_SUCH_PROP; 2305a3351425Sdougm break; 23065cb0d679SMarcel Telka 23075cb0d679SMarcel Telka case OPT_TYPE_MAPPING: { 23085cb0d679SMarcel Telka char *p; 23095cb0d679SMarcel Telka char *n; 23105cb0d679SMarcel Telka char *c; 23115cb0d679SMarcel Telka int (*f)(char *); 23125cb0d679SMarcel Telka 23135cb0d679SMarcel Telka sa_security_t security; 23145cb0d679SMarcel Telka 23155cb0d679SMarcel Telka /* 23165cb0d679SMarcel Telka * mapping is only supported for sec=sys 23175cb0d679SMarcel Telka */ 23185cb0d679SMarcel Telka ret = SA_CONFIG_ERR; 23195cb0d679SMarcel Telka if (parent_group == NULL) 23205cb0d679SMarcel Telka break; 23215cb0d679SMarcel Telka 23225cb0d679SMarcel Telka for (security = sa_get_security(parent_group, 23235cb0d679SMarcel Telka NULL, NULL); security != NULL; 23245cb0d679SMarcel Telka security = sa_get_next_security(security)) { 23255cb0d679SMarcel Telka char *type; 23265cb0d679SMarcel Telka char *sectype; 23275cb0d679SMarcel Telka 23285cb0d679SMarcel Telka type = sa_get_security_attr(security, 23295cb0d679SMarcel Telka "type"); 23305cb0d679SMarcel Telka if (type == NULL) 23315cb0d679SMarcel Telka continue; 23325cb0d679SMarcel Telka 23335cb0d679SMarcel Telka if (strcmp(type, "nfs") != 0) { 23345cb0d679SMarcel Telka sa_free_attr_string(type); 23355cb0d679SMarcel Telka continue; 23365cb0d679SMarcel Telka } 23375cb0d679SMarcel Telka sa_free_attr_string(type); 23385cb0d679SMarcel Telka 23395cb0d679SMarcel Telka sectype = sa_get_security_attr(security, 23405cb0d679SMarcel Telka "sectype"); 23415cb0d679SMarcel Telka if (sectype == NULL) 23425cb0d679SMarcel Telka continue; 23435cb0d679SMarcel Telka 23445cb0d679SMarcel Telka if (strcmp(sectype, "sys") != 0) { 23455cb0d679SMarcel Telka sa_free_attr_string(sectype); 23465cb0d679SMarcel Telka ret = SA_CONFIG_ERR; 23475cb0d679SMarcel Telka break; 23485cb0d679SMarcel Telka } 23495cb0d679SMarcel Telka sa_free_attr_string(sectype); 23505cb0d679SMarcel Telka ret = SA_OK; 23515cb0d679SMarcel Telka } 23525cb0d679SMarcel Telka 23535cb0d679SMarcel Telka if (ret != SA_OK) 23545cb0d679SMarcel Telka break; 23555cb0d679SMarcel Telka 23565cb0d679SMarcel Telka assert(optindex == OPT_UIDMAP || 23575cb0d679SMarcel Telka optindex == OPT_GIDMAP); 23585cb0d679SMarcel Telka f = optindex == OPT_UIDMAP ? check_user : 23595cb0d679SMarcel Telka check_group; 23605cb0d679SMarcel Telka 23615cb0d679SMarcel Telka 23625cb0d679SMarcel Telka p = strdup(value); 23635cb0d679SMarcel Telka if (p == NULL) 23645cb0d679SMarcel Telka ret = SA_BAD_VALUE; 23655cb0d679SMarcel Telka 23665cb0d679SMarcel Telka for (c = p; ret == SA_OK && c != NULL; c = n) { 23675cb0d679SMarcel Telka char *s; 23685cb0d679SMarcel Telka char *t; 23695cb0d679SMarcel Telka 23705cb0d679SMarcel Telka n = strchr(c, '~'); 23715cb0d679SMarcel Telka if (n != NULL) 23725cb0d679SMarcel Telka *n++ = '\0'; 23735cb0d679SMarcel Telka 23745cb0d679SMarcel Telka s = strchr(c, ':'); 23755cb0d679SMarcel Telka if (s != NULL) { 23765cb0d679SMarcel Telka *s++ = '\0'; 23775cb0d679SMarcel Telka t = strchr(s, ':'); 23785cb0d679SMarcel Telka if (t != NULL) 23795cb0d679SMarcel Telka *t = '\0'; 23805cb0d679SMarcel Telka } 23815cb0d679SMarcel Telka 23825cb0d679SMarcel Telka if (s == NULL || t == NULL) 23835cb0d679SMarcel Telka ret = SA_BAD_VALUE; 23845cb0d679SMarcel Telka 23855cb0d679SMarcel Telka if (ret == SA_OK && *c != '\0' && 23865cb0d679SMarcel Telka strcmp(c, "*") != 0) 23875cb0d679SMarcel Telka ret = f(c); 23885cb0d679SMarcel Telka 23895cb0d679SMarcel Telka if (ret == SA_OK && *s != '\0' && 23905cb0d679SMarcel Telka strcmp(s, "-1") != 0) 23915cb0d679SMarcel Telka ret = f(s); 23925cb0d679SMarcel Telka } 23935cb0d679SMarcel Telka 23945cb0d679SMarcel Telka free(p); 23955cb0d679SMarcel Telka 23965cb0d679SMarcel Telka break; 23975cb0d679SMarcel Telka } 23985cb0d679SMarcel Telka 2399a3351425Sdougm default: 2400a3351425Sdougm break; 24016185db85Sdougm } 2402aed5d200Sdougm 2403aed5d200Sdougm if (value != NULL) 2404aed5d200Sdougm sa_free_attr_string(value); 2405aed5d200Sdougm 2406a3351425Sdougm if (ret == SA_OK && optdefs[optindex].check != NULL) { 2407a3351425Sdougm /* do the property specific check */ 2408687915e9Sdougm ret = optdefs[optindex].check(handle, property); 24096185db85Sdougm } 24106185db85Sdougm } 24116185db85Sdougm } 24126185db85Sdougm 24136185db85Sdougm if (propname != NULL) 2414a3351425Sdougm sa_free_attr_string(propname); 24156185db85Sdougm return (ret); 24166185db85Sdougm } 24176185db85Sdougm 24186185db85Sdougm /* 24196185db85Sdougm * Protocol management functions 24206185db85Sdougm * 24213472f5dcSdougm * Properties defined in the default files are defined in 24223472f5dcSdougm * proto_option_defs for parsing and validation. If "other" and 24233472f5dcSdougm * "compare" are set, then the value for this property should be 24243472f5dcSdougm * compared against the property specified in "other" using the 24253472f5dcSdougm * "compare" check (either <= or >=) in order to ensure that the 24263472f5dcSdougm * values are in the correct range. E.g. setting server_versmin 24273472f5dcSdougm * higher than server_versmax should not be allowed. 24286185db85Sdougm */ 24296185db85Sdougm 24306185db85Sdougm struct proto_option_defs { 24316185db85Sdougm char *tag; 24326185db85Sdougm char *name; /* display name -- remove protocol identifier */ 24336185db85Sdougm int index; 24346185db85Sdougm int type; 24356185db85Sdougm union { 24366185db85Sdougm int intval; 24376185db85Sdougm char *string; 24386185db85Sdougm } defvalue; 24396185db85Sdougm uint32_t svcs; 24406185db85Sdougm int32_t minval; 24416185db85Sdougm int32_t maxval; 24423472f5dcSdougm char *other; 24433472f5dcSdougm int compare; 24443472f5dcSdougm #define OPT_CMP_GE 0 24453472f5dcSdougm #define OPT_CMP_LE 1 24466185db85Sdougm int (*check)(char *); 24476185db85Sdougm } proto_options[] = { 24486185db85Sdougm #define PROTO_OPT_NFSD_SERVERS 0 24496185db85Sdougm {"nfsd_servers", 2450201f5ebaSSebastien Roy "servers", PROTO_OPT_NFSD_SERVERS, OPT_TYPE_NUMBER, 1024, SVC_NFSD, 2451dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 1, INT32_MAX}, 24526185db85Sdougm #define PROTO_OPT_LOCKD_LISTEN_BACKLOG 1 24536185db85Sdougm {"lockd_listen_backlog", 24546185db85Sdougm "lockd_listen_backlog", PROTO_OPT_LOCKD_LISTEN_BACKLOG, 2455dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States OPT_TYPE_NUMBER, 32, SVC_LOCKD, 32, INT32_MAX}, 24566185db85Sdougm #define PROTO_OPT_LOCKD_SERVERS 2 24576185db85Sdougm {"lockd_servers", 2458201f5ebaSSebastien Roy "lockd_servers", PROTO_OPT_LOCKD_SERVERS, OPT_TYPE_NUMBER, 256, 2459dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States SVC_LOCKD, 1, INT32_MAX}, 24606185db85Sdougm #define PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT 3 24616185db85Sdougm {"lockd_retransmit_timeout", 24626185db85Sdougm "lockd_retransmit_timeout", PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT, 2463dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States OPT_TYPE_NUMBER, 5, SVC_LOCKD, 0, INT32_MAX}, 24646185db85Sdougm #define PROTO_OPT_GRACE_PERIOD 4 24656185db85Sdougm {"grace_period", 24666185db85Sdougm "grace_period", PROTO_OPT_GRACE_PERIOD, OPT_TYPE_NUMBER, 90, 2467dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States SVC_LOCKD, 0, INT32_MAX}, 24686185db85Sdougm #define PROTO_OPT_NFS_SERVER_VERSMIN 5 24696185db85Sdougm {"nfs_server_versmin", 24706185db85Sdougm "server_versmin", PROTO_OPT_NFS_SERVER_VERSMIN, OPT_TYPE_NUMBER, 24716185db85Sdougm (int)NFS_VERSMIN_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN, 2472dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States NFS_VERSMAX, "server_versmax", OPT_CMP_LE}, 24736185db85Sdougm #define PROTO_OPT_NFS_SERVER_VERSMAX 6 24746185db85Sdougm {"nfs_server_versmax", 24756185db85Sdougm "server_versmax", PROTO_OPT_NFS_SERVER_VERSMAX, OPT_TYPE_NUMBER, 24766185db85Sdougm (int)NFS_VERSMAX_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN, 2477dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States NFS_VERSMAX, "server_versmin", OPT_CMP_GE}, 24786185db85Sdougm #define PROTO_OPT_NFS_CLIENT_VERSMIN 7 24796185db85Sdougm {"nfs_client_versmin", 24806185db85Sdougm "client_versmin", PROTO_OPT_NFS_CLIENT_VERSMIN, OPT_TYPE_NUMBER, 2481dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States (int)NFS_VERSMIN_DEFAULT, SVC_CLIENT, NFS_VERSMIN, NFS_VERSMAX, 2482dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States "client_versmax", OPT_CMP_LE}, 24836185db85Sdougm #define PROTO_OPT_NFS_CLIENT_VERSMAX 8 24846185db85Sdougm {"nfs_client_versmax", 24856185db85Sdougm "client_versmax", PROTO_OPT_NFS_CLIENT_VERSMAX, OPT_TYPE_NUMBER, 2486dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States (int)NFS_VERSMAX_DEFAULT, SVC_CLIENT, NFS_VERSMIN, NFS_VERSMAX, 2487dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States "client_versmin", OPT_CMP_GE}, 24886185db85Sdougm #define PROTO_OPT_NFS_SERVER_DELEGATION 9 24896185db85Sdougm {"nfs_server_delegation", 24906185db85Sdougm "server_delegation", PROTO_OPT_NFS_SERVER_DELEGATION, 2491dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States OPT_TYPE_ONOFF, NFS_SERVER_DELEGATION_DEFAULT, SVC_NFSD, 0, 0}, 24926185db85Sdougm #define PROTO_OPT_NFSMAPID_DOMAIN 10 24936185db85Sdougm {"nfsmapid_domain", 24946185db85Sdougm "nfsmapid_domain", PROTO_OPT_NFSMAPID_DOMAIN, OPT_TYPE_DOMAIN, 2495ff168298SToomas Soome 0, SVC_NFSMAPID, 0, 0}, 24966185db85Sdougm #define PROTO_OPT_NFSD_MAX_CONNECTIONS 11 24976185db85Sdougm {"nfsd_max_connections", 24986185db85Sdougm "max_connections", PROTO_OPT_NFSD_MAX_CONNECTIONS, 2499dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States OPT_TYPE_NUMBER, -1, SVC_NFSD, -1, INT32_MAX}, 25006185db85Sdougm #define PROTO_OPT_NFSD_PROTOCOL 12 25016185db85Sdougm {"nfsd_protocol", 25026185db85Sdougm "protocol", PROTO_OPT_NFSD_PROTOCOL, OPT_TYPE_PROTOCOL, 0, 2503dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States SVC_NFSD, 0, 0}, 25046185db85Sdougm #define PROTO_OPT_NFSD_LISTEN_BACKLOG 13 25056185db85Sdougm {"nfsd_listen_backlog", 25066185db85Sdougm "listen_backlog", PROTO_OPT_NFSD_LISTEN_BACKLOG, 2507dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States OPT_TYPE_NUMBER, 0, SVC_NFSD, 0, INT32_MAX}, 2508dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States #define PROTO_OPT_NFSD_DEVICE 14 2509dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States {"nfsd_device", 2510dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States "device", PROTO_OPT_NFSD_DEVICE, 2511ff168298SToomas Soome OPT_TYPE_STRING, 0, SVC_NFSD, 0, 0}, 2512361f55a5SMarcel Telka #define PROTO_OPT_MOUNTD_LISTEN_BACKLOG 15 2513361f55a5SMarcel Telka {"mountd_listen_backlog", 2514361f55a5SMarcel Telka "mountd_listen_backlog", PROTO_OPT_MOUNTD_LISTEN_BACKLOG, 2515361f55a5SMarcel Telka OPT_TYPE_NUMBER, 64, SVC_NFSD|SVC_MOUNTD, 1, INT32_MAX}, 2516361f55a5SMarcel Telka #define PROTO_OPT_MOUNTD_MAX_THREADS 16 2517361f55a5SMarcel Telka {"mountd_max_threads", 2518361f55a5SMarcel Telka "mountd_max_threads", PROTO_OPT_MOUNTD_MAX_THREADS, 2519361f55a5SMarcel Telka OPT_TYPE_NUMBER, 16, SVC_NFSD|SVC_MOUNTD, 1, INT32_MAX}, 25202c3ccf74SGordon Ross #define PROTO_OPT_MOUNTD_PORT 17 25212c3ccf74SGordon Ross {"mountd_port", 25222c3ccf74SGordon Ross "mountd_port", PROTO_OPT_MOUNTD_PORT, 25232c3ccf74SGordon Ross OPT_TYPE_NUMBER, 0, SVC_MOUNTD, 1, UINT16_MAX}, 2524e72ff08dSGordon Ross #define PROTO_OPT_STATD_PORT 18 2525e72ff08dSGordon Ross {"statd_port", 2526e72ff08dSGordon Ross "statd_port", PROTO_OPT_STATD_PORT, 2527e72ff08dSGordon Ross OPT_TYPE_NUMBER, 0, SVC_STATD, 1, UINT16_MAX}, 25286185db85Sdougm {NULL} 25296185db85Sdougm }; 25306185db85Sdougm 25316185db85Sdougm /* 25326185db85Sdougm * the protoset holds the defined options so we don't have to read 25336185db85Sdougm * them multiple times 25346185db85Sdougm */ 2535aed5d200Sdougm static sa_protocol_properties_t protoset; 25366185db85Sdougm 25376185db85Sdougm static int 25386185db85Sdougm findprotoopt(char *name, int whichname) 25396185db85Sdougm { 25406185db85Sdougm int i; 25416185db85Sdougm for (i = 0; proto_options[i].tag != NULL; i++) { 2542a3351425Sdougm if (whichname == 1) { 2543a3351425Sdougm if (strcasecmp(proto_options[i].name, name) == 0) 25446185db85Sdougm return (i); 2545a3351425Sdougm } else { 2546a3351425Sdougm if (strcasecmp(proto_options[i].tag, name) == 0) 2547a3351425Sdougm return (i); 2548a3351425Sdougm } 25496185db85Sdougm } 25506185db85Sdougm return (-1); 25516185db85Sdougm } 25526185db85Sdougm 25536185db85Sdougm /* 25546185db85Sdougm * fixcaselower(str) 25556185db85Sdougm * 25566185db85Sdougm * convert a string to lower case (inplace). 25576185db85Sdougm */ 25586185db85Sdougm 25596185db85Sdougm static void 25606185db85Sdougm fixcaselower(char *str) 25616185db85Sdougm { 25626185db85Sdougm while (*str) { 2563a3351425Sdougm *str = tolower(*str); 2564a3351425Sdougm str++; 25656185db85Sdougm } 25666185db85Sdougm } 25676185db85Sdougm 2568330ef417Sdougm /* 2569330ef417Sdougm * skipwhitespace(str) 2570330ef417Sdougm * 2571330ef417Sdougm * Skip leading white space. It is assumed that it is called with a 2572330ef417Sdougm * valid pointer. 2573330ef417Sdougm */ 2574330ef417Sdougm 2575330ef417Sdougm static char * 2576330ef417Sdougm skipwhitespace(char *str) 2577330ef417Sdougm { 2578330ef417Sdougm while (*str && isspace(*str)) 2579330ef417Sdougm str++; 2580330ef417Sdougm 2581330ef417Sdougm return (str); 2582330ef417Sdougm } 2583330ef417Sdougm 2584a3351425Sdougm /* 2585a3351425Sdougm * extractprop() 2586a3351425Sdougm * 2587a3351425Sdougm * Extract the property and value out of the line and create the 2588a3351425Sdougm * property in the optionset. 2589a3351425Sdougm */ 2590e7bab347Sdougm static int 2591a3351425Sdougm extractprop(char *name, char *value) 2592a3351425Sdougm { 2593a3351425Sdougm sa_property_t prop; 2594a3351425Sdougm int index; 2595e7bab347Sdougm int ret = SA_OK; 2596a3351425Sdougm /* 2597a3351425Sdougm * Remove any leading 2598a3351425Sdougm * white space. 2599a3351425Sdougm */ 2600a3351425Sdougm name = skipwhitespace(name); 2601a3351425Sdougm 2602dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States index = findprotoopt(name, 1); 2603a3351425Sdougm if (index >= 0) { 2604a3351425Sdougm fixcaselower(name); 2605a3351425Sdougm prop = sa_create_property(proto_options[index].name, value); 2606a3351425Sdougm if (prop != NULL) 2607e7bab347Sdougm ret = sa_add_protocol_property(protoset, prop); 2608e7bab347Sdougm else 2609e7bab347Sdougm ret = SA_NO_MEMORY; 2610a3351425Sdougm } 2611e7bab347Sdougm return (ret); 2612a3351425Sdougm } 2613a3351425Sdougm 2614dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States scf_type_t 2615dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States getscftype(int type) 2616dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States { 2617dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States scf_type_t ret; 2618dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 2619dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States switch (type) { 2620dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case OPT_TYPE_NUMBER: 2621dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = SCF_TYPE_INTEGER; 2622dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2623dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case OPT_TYPE_BOOLEAN: 2624dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = SCF_TYPE_BOOLEAN; 2625dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2626dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States default: 2627dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = SCF_TYPE_ASTRING; 2628dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } 2629dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States return (ret); 2630dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } 2631dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 2632dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char * 2633dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States getsvcname(uint32_t svcs) 2634dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States { 2635dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char *service; 2636dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States switch (svcs) { 2637dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_LOCKD: 2638dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = LOCKD; 2639dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2640dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_STATD: 2641dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = STATD; 2642dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2643dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_NFSD: 2644dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFSD; 2645dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2646dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_CLIENT: 2647dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFS_CLIENT_SVC; 2648dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2649dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_NFS4CBD: 2650dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFS4CBD; 2651dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2652dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_NFSMAPID: 2653dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFSMAPID; 2654dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2655dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_RQUOTAD: 2656dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = RQUOTAD; 2657dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2658dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_NFSLOGD: 2659dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFSLOGD; 2660dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2661dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_REPARSED: 2662dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = REPARSED; 2663dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2664dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States default: 2665dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFSD; 2666dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } 2667dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States return (service); 2668dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } 2669dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 26706185db85Sdougm /* 2671dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * initprotofromsmf() 26726185db85Sdougm * 2673dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * Read NFS SMF properties and add the defined values to the 26746185db85Sdougm * protoset. Note that default values are known from the built in 2675dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * table in case SMF doesn't have a definition. Not having 2676dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * SMF properties is OK since we have builtin default 2677dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * values. 26786185db85Sdougm */ 26796185db85Sdougm static int 2680dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States initprotofromsmf() 26816185db85Sdougm { 2682dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char name[PATH_MAX]; 2683dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char value[PATH_MAX]; 2684dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States int ret = SA_OK, bufsz = 0, i; 26856185db85Sdougm 26866185db85Sdougm protoset = sa_create_protocol_properties("nfs"); 26876185db85Sdougm if (protoset != NULL) { 2688dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States for (i = 0; proto_options[i].tag != NULL; i++) { 2689dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States scf_type_t ptype; 2690dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char *svc_name; 2691dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 2692dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States bzero(value, PATH_MAX); 2693dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States (void) strncpy(name, proto_options[i].name, PATH_MAX); 2694dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States /* Replace NULL with the correct instance */ 2695dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ptype = getscftype(proto_options[i].type); 2696dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States svc_name = getsvcname(proto_options[i].svcs); 2697dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States bufsz = PATH_MAX; 2698dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = nfs_smf_get_prop(name, value, 2699dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States (char *)DEFAULT_INSTANCE, ptype, 2700dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States svc_name, &bufsz); 2701dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if (ret == SA_OK) { 2702dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = extractprop(name, value); 2703917c27c8Sdougm } 27046185db85Sdougm } 2705e7bab347Sdougm } else { 2706e7bab347Sdougm ret = SA_NO_MEMORY; 27076185db85Sdougm } 2708dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 2709e7bab347Sdougm return (ret); 27106185db85Sdougm } 27116185db85Sdougm 27126185db85Sdougm /* 2713a3351425Sdougm * add_defaults() 27146185db85Sdougm * 2715dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * Add the default values for any property not defined 2716dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * in NFS SMF repository. 2717dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States * Values are set according to their defined types. 27186185db85Sdougm */ 27196185db85Sdougm 27206185db85Sdougm static void 27216185db85Sdougm add_defaults() 27226185db85Sdougm { 27236185db85Sdougm int i; 27246185db85Sdougm char number[MAXDIGITS]; 27256185db85Sdougm 27266185db85Sdougm for (i = 0; proto_options[i].tag != NULL; i++) { 2727a3351425Sdougm sa_property_t prop; 2728a3351425Sdougm prop = sa_get_protocol_property(protoset, 2729a3351425Sdougm proto_options[i].name); 2730a3351425Sdougm if (prop == NULL) { 2731a3351425Sdougm /* add the default value */ 2732a3351425Sdougm switch (proto_options[i].type) { 2733a3351425Sdougm case OPT_TYPE_NUMBER: 2734a3351425Sdougm (void) snprintf(number, sizeof (number), "%d", 2735a3351425Sdougm proto_options[i].defvalue.intval); 2736a3351425Sdougm prop = sa_create_property(proto_options[i].name, 2737a3351425Sdougm number); 2738a3351425Sdougm break; 2739a3351425Sdougm 2740a3351425Sdougm case OPT_TYPE_BOOLEAN: 2741a3351425Sdougm prop = sa_create_property(proto_options[i].name, 2742a3351425Sdougm proto_options[i].defvalue.intval ? 2743a3351425Sdougm "true" : "false"); 2744a3351425Sdougm break; 2745a3351425Sdougm 2746a3351425Sdougm case OPT_TYPE_ONOFF: 2747a3351425Sdougm prop = sa_create_property(proto_options[i].name, 2748a3351425Sdougm proto_options[i].defvalue.intval ? 2749a3351425Sdougm "on" : "off"); 2750a3351425Sdougm break; 2751a3351425Sdougm 2752a3351425Sdougm default: 2753a3351425Sdougm /* treat as strings of zero length */ 2754a3351425Sdougm prop = sa_create_property(proto_options[i].name, 2755a3351425Sdougm ""); 2756a3351425Sdougm break; 2757a3351425Sdougm } 2758a3351425Sdougm if (prop != NULL) 2759a3351425Sdougm (void) sa_add_protocol_property(protoset, prop); 27606185db85Sdougm } 27616185db85Sdougm } 27626185db85Sdougm } 27636185db85Sdougm 27646185db85Sdougm static void 27656185db85Sdougm free_protoprops() 27666185db85Sdougm { 2767aed5d200Sdougm if (protoset != NULL) { 2768aed5d200Sdougm xmlFreeNode(protoset); 2769aed5d200Sdougm protoset = NULL; 2770aed5d200Sdougm } 27716185db85Sdougm } 27726185db85Sdougm 27736185db85Sdougm /* 27746185db85Sdougm * nfs_init() 27756185db85Sdougm * 27766185db85Sdougm * Initialize the NFS plugin. 27776185db85Sdougm */ 27786185db85Sdougm 27796185db85Sdougm static int 27806185db85Sdougm nfs_init() 27816185db85Sdougm { 27826185db85Sdougm int ret = SA_OK; 27836185db85Sdougm 2784917c27c8Sdougm if (sa_plugin_ops.sa_init != nfs_init) { 2785a3351425Sdougm (void) printf(dgettext(TEXT_DOMAIN, 2786a3351425Sdougm "NFS plugin not properly initialized\n")); 2787917c27c8Sdougm return (SA_CONFIG_ERR); 2788917c27c8Sdougm } 27896185db85Sdougm 2790dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = initprotofromsmf(); 2791917c27c8Sdougm if (ret != SA_OK) { 2792917c27c8Sdougm (void) printf(dgettext(TEXT_DOMAIN, 2793dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States "NFS plugin problem with SMF repository: %s\n"), 2794917c27c8Sdougm sa_errorstr(ret)); 2795917c27c8Sdougm ret = SA_OK; 2796917c27c8Sdougm } 2797917c27c8Sdougm add_defaults(); 27986185db85Sdougm 27996185db85Sdougm return (ret); 28006185db85Sdougm } 28016185db85Sdougm 28026185db85Sdougm /* 28036185db85Sdougm * nfs_fini() 28046185db85Sdougm * 28056185db85Sdougm * uninitialize the NFS plugin. Want to avoid memory leaks. 28066185db85Sdougm */ 28076185db85Sdougm 28086185db85Sdougm static void 28096185db85Sdougm nfs_fini() 28106185db85Sdougm { 28116185db85Sdougm free_protoprops(); 28126185db85Sdougm } 28136185db85Sdougm 28146185db85Sdougm /* 28156185db85Sdougm * nfs_get_proto_set() 28166185db85Sdougm * 28176185db85Sdougm * Return an optionset with all the protocol specific properties in 28186185db85Sdougm * it. 28196185db85Sdougm */ 28206185db85Sdougm 28216185db85Sdougm static sa_protocol_properties_t 28226185db85Sdougm nfs_get_proto_set() 28236185db85Sdougm { 28246185db85Sdougm return (protoset); 28256185db85Sdougm } 28266185db85Sdougm 28273472f5dcSdougm /* 28283472f5dcSdougm * service_in_state(service, chkstate) 28293472f5dcSdougm * 28303472f5dcSdougm * Want to know if the specified service is in the desired state 28313472f5dcSdougm * (chkstate) or not. Return true (1) if it is and false (0) if it 28323472f5dcSdougm * isn't. 28333472f5dcSdougm */ 28343472f5dcSdougm static int 28353472f5dcSdougm service_in_state(char *service, const char *chkstate) 28363472f5dcSdougm { 28373472f5dcSdougm char *state; 28383472f5dcSdougm int ret = B_FALSE; 28393472f5dcSdougm 28403472f5dcSdougm state = smf_get_state(service); 28413472f5dcSdougm if (state != NULL) { 2842a3351425Sdougm /* got the state so get the equality for the return value */ 2843a3351425Sdougm ret = strcmp(state, chkstate) == 0 ? B_TRUE : B_FALSE; 2844a3351425Sdougm free(state); 28453472f5dcSdougm } 28463472f5dcSdougm return (ret); 28473472f5dcSdougm } 28483472f5dcSdougm 28496185db85Sdougm /* 28506185db85Sdougm * restart_service(svcs) 28516185db85Sdougm * 28526185db85Sdougm * Walk through the bit mask of services that need to be restarted in 28536185db85Sdougm * order to use the new property values. Some properties affect 28543472f5dcSdougm * multiple daemons. Should only restart a service if it is currently 28553472f5dcSdougm * enabled (online). 28566185db85Sdougm */ 28576185db85Sdougm 28586185db85Sdougm static void 28596185db85Sdougm restart_service(uint32_t svcs) 28606185db85Sdougm { 28616185db85Sdougm uint32_t mask; 28623472f5dcSdougm int ret; 28633472f5dcSdougm char *service; 28643472f5dcSdougm 28656185db85Sdougm for (mask = 1; svcs != 0; mask <<= 1) { 2866a3351425Sdougm switch (svcs & mask) { 2867a3351425Sdougm case SVC_LOCKD: 2868a3351425Sdougm service = LOCKD; 2869a3351425Sdougm break; 2870a3351425Sdougm case SVC_STATD: 2871a3351425Sdougm service = STATD; 2872a3351425Sdougm break; 2873a3351425Sdougm case SVC_NFSD: 2874a3351425Sdougm service = NFSD; 2875a3351425Sdougm break; 2876a3351425Sdougm case SVC_MOUNTD: 2877a3351425Sdougm service = MOUNTD; 2878a3351425Sdougm break; 2879a3351425Sdougm case SVC_NFS4CBD: 2880a3351425Sdougm service = NFS4CBD; 2881a3351425Sdougm break; 2882a3351425Sdougm case SVC_NFSMAPID: 2883a3351425Sdougm service = NFSMAPID; 2884a3351425Sdougm break; 2885a3351425Sdougm case SVC_RQUOTAD: 2886a3351425Sdougm service = RQUOTAD; 2887a3351425Sdougm break; 2888a3351425Sdougm case SVC_NFSLOGD: 2889a3351425Sdougm service = NFSLOGD; 2890a3351425Sdougm break; 28912f172c55SRobert Thurlow case SVC_REPARSED: 28922f172c55SRobert Thurlow service = REPARSED; 28932f172c55SRobert Thurlow break; 2894dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States case SVC_CLIENT: 2895dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States service = NFS_CLIENT_SVC; 2896dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States break; 2897a3351425Sdougm default: 2898a3351425Sdougm continue; 2899a3351425Sdougm } 29003472f5dcSdougm 29013472f5dcSdougm /* 29023472f5dcSdougm * Only attempt to restart the service if it is 29033472f5dcSdougm * currently running. In the future, it may be 29043472f5dcSdougm * desirable to use smf_refresh_instance if the NFS 29053472f5dcSdougm * services ever implement the refresh method. 29063472f5dcSdougm */ 2907a3351425Sdougm if (service_in_state(service, SCF_STATE_STRING_ONLINE)) { 2908a3351425Sdougm ret = smf_restart_instance(service); 29093472f5dcSdougm /* 2910a3351425Sdougm * There are only a few SMF errors at this point, but 2911a3351425Sdougm * it is also possible that a bad value may have put 2912a3351425Sdougm * the service into maintenance if there wasn't an 2913a3351425Sdougm * SMF level error. 29143472f5dcSdougm */ 2915a3351425Sdougm if (ret != 0) { 2916a3351425Sdougm (void) fprintf(stderr, 2917a3351425Sdougm dgettext(TEXT_DOMAIN, 2918a3351425Sdougm "%s failed to restart: %s\n"), 291903205638SMarcel Telka service, scf_strerror(scf_error())); 2920a3351425Sdougm } else { 2921a3351425Sdougm /* 2922a3351425Sdougm * Check whether it has gone to "maintenance" 2923a3351425Sdougm * mode or not. Maintenance implies something 2924a3351425Sdougm * went wrong. 2925a3351425Sdougm */ 2926a3351425Sdougm if (service_in_state(service, 2927a3351425Sdougm SCF_STATE_STRING_MAINT)) { 2928a3351425Sdougm (void) fprintf(stderr, 2929a3351425Sdougm dgettext(TEXT_DOMAIN, 2930a3351425Sdougm "%s failed to restart\n"), 2931a3351425Sdougm service); 2932a3351425Sdougm } 2933a3351425Sdougm } 29343472f5dcSdougm } 2935a3351425Sdougm svcs &= ~mask; 29366185db85Sdougm } 29376185db85Sdougm } 29386185db85Sdougm 29393472f5dcSdougm /* 29403472f5dcSdougm * nfs_minmax_check(name, value) 29413472f5dcSdougm * 29423472f5dcSdougm * Verify that the value for the property specified by index is valid 29433472f5dcSdougm * relative to the opposite value in the case of a min/max variable. 29443472f5dcSdougm * Currently, server_minvers/server_maxvers and 29453472f5dcSdougm * client_minvers/client_maxvers are the only ones to check. 29463472f5dcSdougm */ 29473472f5dcSdougm 29483472f5dcSdougm static int 29493472f5dcSdougm nfs_minmax_check(int index, int value) 29503472f5dcSdougm { 29513472f5dcSdougm int val; 29523472f5dcSdougm char *pval; 29533472f5dcSdougm sa_property_t prop; 29543472f5dcSdougm sa_optionset_t opts; 29553472f5dcSdougm int ret = B_TRUE; 29563472f5dcSdougm 29573472f5dcSdougm if (proto_options[index].other != NULL) { 2958a3351425Sdougm /* have a property to compare against */ 2959a3351425Sdougm opts = nfs_get_proto_set(); 2960a3351425Sdougm prop = sa_get_property(opts, proto_options[index].other); 29613472f5dcSdougm /* 29623472f5dcSdougm * If we don't find the property, assume default 29633472f5dcSdougm * values which will work since the max will be at the 29643472f5dcSdougm * max and the min at the min. 29653472f5dcSdougm */ 2966a3351425Sdougm if (prop != NULL) { 2967a3351425Sdougm pval = sa_get_property_attr(prop, "value"); 2968a3351425Sdougm if (pval != NULL) { 2969a3351425Sdougm val = strtoul(pval, NULL, 0); 2970a3351425Sdougm if (proto_options[index].compare == 2971a3351425Sdougm OPT_CMP_LE) { 2972a3351425Sdougm ret = value <= val ? B_TRUE : B_FALSE; 2973a3351425Sdougm } else if (proto_options[index].compare == 2974a3351425Sdougm OPT_CMP_GE) { 2975a3351425Sdougm ret = value >= val ? B_TRUE : B_FALSE; 2976a3351425Sdougm } 2977fe1c642dSBill Krier sa_free_attr_string(pval); 2978a3351425Sdougm } 29793472f5dcSdougm } 29803472f5dcSdougm } 29813472f5dcSdougm return (ret); 29823472f5dcSdougm } 29833472f5dcSdougm 29846185db85Sdougm /* 29856185db85Sdougm * nfs_validate_proto_prop(index, name, value) 29866185db85Sdougm * 2987da6c28aaSamw * Verify that the property specified by name can take the new 29886185db85Sdougm * value. This is a sanity check to prevent bad values getting into 29893472f5dcSdougm * the default files. All values need to be checked against what is 29903472f5dcSdougm * allowed by their defined type. If a type isn't explicitly defined 29913472f5dcSdougm * here, it is treated as a string. 29923472f5dcSdougm * 29933472f5dcSdougm * Note that OPT_TYPE_NUMBER will additionally check that the value is 29943472f5dcSdougm * within the range specified and potentially against another property 29953472f5dcSdougm * value as well as specified in the proto_options members other and 29963472f5dcSdougm * compare. 29976185db85Sdougm */ 29986185db85Sdougm 29996185db85Sdougm static int 30006185db85Sdougm nfs_validate_proto_prop(int index, char *name, char *value) 30016185db85Sdougm { 30026185db85Sdougm int ret = SA_OK; 30036185db85Sdougm char *cp; 30046185db85Sdougm #ifdef lint 30056185db85Sdougm name = name; 30066185db85Sdougm #endif 30076185db85Sdougm switch (proto_options[index].type) { 30086185db85Sdougm case OPT_TYPE_NUMBER: 3009a3351425Sdougm if (!is_a_number(value)) 3010a3351425Sdougm ret = SA_BAD_VALUE; 3011a3351425Sdougm else { 3012a3351425Sdougm int val; 3013a3351425Sdougm val = strtoul(value, NULL, 0); 3014a3351425Sdougm if (val < proto_options[index].minval || 3015a3351425Sdougm val > proto_options[index].maxval) 3016a3351425Sdougm ret = SA_BAD_VALUE; 3017a3351425Sdougm /* 3018a3351425Sdougm * For server_versmin/server_versmax and 3019a3351425Sdougm * client_versmin/client_versmax, the value of the 3020a3351425Sdougm * min(max) should be checked to be correct relative 3021a3351425Sdougm * to the current max(min). 3022a3351425Sdougm */ 3023a3351425Sdougm if (!nfs_minmax_check(index, val)) { 3024a3351425Sdougm ret = SA_BAD_VALUE; 3025a3351425Sdougm } 30263472f5dcSdougm } 3027a3351425Sdougm break; 30283472f5dcSdougm 30296185db85Sdougm case OPT_TYPE_DOMAIN: 30306185db85Sdougm /* 30313472f5dcSdougm * needs to be a qualified domain so will have at 30323472f5dcSdougm * least one period and other characters on either 30333472f5dcSdougm * side of it. A zero length string is also allowed 30343472f5dcSdougm * and is the way to turn off the override. 30356185db85Sdougm */ 3036a3351425Sdougm if (strlen(value) == 0) 3037a3351425Sdougm break; 3038a3351425Sdougm cp = strchr(value, '.'); 3039a3351425Sdougm if (cp == NULL || cp == value || strchr(value, '@') != NULL) 3040a3351425Sdougm ret = SA_BAD_VALUE; 30413472f5dcSdougm break; 30423472f5dcSdougm 30436185db85Sdougm case OPT_TYPE_BOOLEAN: 3044a3351425Sdougm if (strlen(value) == 0 || 3045a3351425Sdougm strcasecmp(value, "true") == 0 || 3046a3351425Sdougm strcmp(value, "1") == 0 || 3047a3351425Sdougm strcasecmp(value, "false") == 0 || 3048a3351425Sdougm strcmp(value, "0") == 0) { 3049a3351425Sdougm ret = SA_OK; 3050a3351425Sdougm } else { 3051a3351425Sdougm ret = SA_BAD_VALUE; 3052a3351425Sdougm } 3053a3351425Sdougm break; 30543472f5dcSdougm 30556185db85Sdougm case OPT_TYPE_ONOFF: 3056a3351425Sdougm if (strcasecmp(value, "on") != 0 && 3057a3351425Sdougm strcasecmp(value, "off") != 0) { 3058a3351425Sdougm ret = SA_BAD_VALUE; 3059a3351425Sdougm } 3060a3351425Sdougm break; 30613472f5dcSdougm 3062f091aea1SYuri Pankov case OPT_TYPE_PROTOCOL: { 3063f091aea1SYuri Pankov struct netconfig *nconf; 3064f091aea1SYuri Pankov void *nc; 3065f091aea1SYuri Pankov boolean_t pfound = B_FALSE; 3066f091aea1SYuri Pankov 3067f091aea1SYuri Pankov if (strcasecmp(value, "all") == 0) 3068f091aea1SYuri Pankov break; 3069f091aea1SYuri Pankov 3070f091aea1SYuri Pankov if ((nc = setnetconfig()) == NULL) { 3071f091aea1SYuri Pankov (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 3072f091aea1SYuri Pankov "setnetconfig failed: %s\n"), strerror(errno)); 3073f091aea1SYuri Pankov } else { 3074f091aea1SYuri Pankov while ((nconf = getnetconfig(nc)) != NULL) { 3075f091aea1SYuri Pankov if (strcmp(nconf->nc_proto, value) == 0) { 3076f091aea1SYuri Pankov pfound = B_TRUE; 3077f091aea1SYuri Pankov break; 3078f091aea1SYuri Pankov } 3079f091aea1SYuri Pankov } 3080f091aea1SYuri Pankov (void) endnetconfig(nc); 3081f091aea1SYuri Pankov } 3082f091aea1SYuri Pankov 3083f091aea1SYuri Pankov if (!pfound) 3084a3351425Sdougm ret = SA_BAD_VALUE; 3085a3351425Sdougm break; 3086f091aea1SYuri Pankov } 30873472f5dcSdougm 30883472f5dcSdougm default: 3089a3351425Sdougm /* treat as a string */ 3090a3351425Sdougm break; 30916185db85Sdougm } 30926185db85Sdougm return (ret); 30936185db85Sdougm } 30946185db85Sdougm 30956185db85Sdougm /* 30966185db85Sdougm * nfs_set_proto_prop(prop) 30976185db85Sdougm * 30986185db85Sdougm * check that prop is valid. 30996185db85Sdougm */ 31006185db85Sdougm 31016185db85Sdougm static int 31026185db85Sdougm nfs_set_proto_prop(sa_property_t prop) 31036185db85Sdougm { 31046185db85Sdougm int ret = SA_OK; 31056185db85Sdougm char *name; 31066185db85Sdougm char *value; 31076185db85Sdougm 31086185db85Sdougm name = sa_get_property_attr(prop, "type"); 31096185db85Sdougm value = sa_get_property_attr(prop, "value"); 31106185db85Sdougm if (name != NULL && value != NULL) { 3111dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States scf_type_t sctype; 3112dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char *svc_name; 3113dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States char *instance = NULL; 3114a3351425Sdougm int index = findprotoopt(name, 1); 3115dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States 3116dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = nfs_validate_proto_prop(index, name, value); 3117dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if (ret == SA_OK) { 3118dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States sctype = getscftype(proto_options[index].type); 3119dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States svc_name = getsvcname(proto_options[index].svcs); 3120dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if (sctype == SCF_TYPE_BOOLEAN) { 3121dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if (value != NULL) 3122dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States sa_free_attr_string(value); 3123dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if (string_to_boolean(value) == 0) 3124dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States value = strdup("0"); 3125dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States else 3126dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States value = strdup("1"); 3127dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } 3128dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States ret = nfs_smf_set_prop(name, value, instance, sctype, 3129dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States svc_name); 3130dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if (ret == SA_OK) { 3131a3351425Sdougm restart_service(proto_options[index].svcs); 3132dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } else { 3133dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States (void) printf(dgettext(TEXT_DOMAIN, 3134dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States "Cannot restart NFS services : %s\n"), 3135dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States sa_errorstr(ret)); 3136dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States } 3137a3351425Sdougm } 31386185db85Sdougm } 31396185db85Sdougm if (name != NULL) 3140a3351425Sdougm sa_free_attr_string(name); 31416185db85Sdougm if (value != NULL) 3142a3351425Sdougm sa_free_attr_string(value); 31436185db85Sdougm return (ret); 31446185db85Sdougm } 31456185db85Sdougm 31466185db85Sdougm /* 31476185db85Sdougm * nfs_get_status() 31486185db85Sdougm * 31496185db85Sdougm * What is the current status of the nfsd? We use the SMF state here. 31506185db85Sdougm * Caller must free the returned value. 31516185db85Sdougm */ 31526185db85Sdougm 31536185db85Sdougm static char * 31546185db85Sdougm nfs_get_status() 31556185db85Sdougm { 3156652601fbSRobert Mustacchi return (smf_get_state(NFSD)); 31576185db85Sdougm } 31586185db85Sdougm 31596185db85Sdougm /* 31606185db85Sdougm * nfs_space_alias(alias) 31616185db85Sdougm * 31626185db85Sdougm * Lookup the space (security) name. If it is default, convert to the 31636185db85Sdougm * real name. 31646185db85Sdougm */ 31656185db85Sdougm 31666185db85Sdougm static char * 31676185db85Sdougm nfs_space_alias(char *space) 31686185db85Sdougm { 31696185db85Sdougm char *name = space; 31706185db85Sdougm seconfig_t secconf; 3171a99982a7Sdougm 3172a99982a7Sdougm /* 3173a99982a7Sdougm * Only the space named "default" is special. If it is used, 3174a99982a7Sdougm * the default needs to be looked up and the real name used. 3175a99982a7Sdougm * This is normally "sys" but could be changed. We always 31765cb0d679SMarcel Telka * change default to the real name. 3177a99982a7Sdougm */ 3178a99982a7Sdougm if (strcmp(space, "default") == 0 && 3179a99982a7Sdougm nfs_getseconfig_default(&secconf) == 0) { 3180a3351425Sdougm if (nfs_getseconfig_bynumber(secconf.sc_nfsnum, &secconf) == 0) 3181a3351425Sdougm name = secconf.sc_name; 31826185db85Sdougm } 31836185db85Sdougm return (strdup(name)); 31846185db85Sdougm } 3185da6c28aaSamw 3186da6c28aaSamw /* 3187da6c28aaSamw * nfs_features() 3188da6c28aaSamw * 3189da6c28aaSamw * Return a mask of the features required. 3190da6c28aaSamw */ 3191da6c28aaSamw 3192da6c28aaSamw static uint64_t 3193da6c28aaSamw nfs_features() 3194da6c28aaSamw { 31959e5da854Sdougm return ((uint64_t)SA_FEATURE_DFSTAB | SA_FEATURE_SERVER); 3196da6c28aaSamw } 3197