5 * Copyright 2008, licensed under GNU Library General Public License (LGPL)
6 * see COPYING file for details
8 * derived from Frank Burkhardt's libnss_ptdb,
9 * which was derived from Todd M. Lewis' libnss_pts
13 * if you are reading this code for the first time, start at the
14 * bottom and work your way upwards
23 #include <netinet/in.h>
33 #include <sys/select.h>
34 #include <sys/socket.h>
36 #include <sys/types.h>
39 #include <afs/afsutil.h>
40 #include <afs/cellconfig.h>
41 #include <afs/com_err.h>
42 #include <afs/param.h>
43 #include <afs/ptclient.h>
44 #include <afs/pterror.h>
47 #define HOMEDIR_AUTO 0
48 #define HOMEDIR_ADMINLINK 1
49 #define HOMEDIR_PREFIX 2
51 #define SHELL_ADMINLINK 1
52 #define SHELL_USERLINK 2
54 #define AFS_MAGIC_ANONYMOUS_USERID 32766
55 #define MIN_PAG_GID 0x41000000L
56 #define MAX_PAG_GID 0x41FFFFFFL
57 #define MIN_OLDPAG_GID 0x3f00
58 #define MAX_OLDPAG_GID 0xff00
60 static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
62 extern int cpstr( char *str, char **buf, size_t *buflen);
64 extern struct ubik_client *pruclient;
66 int afs_initialized = 0;
68 char homedir_prefix[300];
69 int homedir_prefix_len=0;
70 char homedirs_method=0;
73 int cpstr( char *str, char **buf, size_t *buflen) {
74 int len = strlen(str);
75 if ( len >= *buflen-1 ) return 0;
84 * Look up the name corresponding to uid, store in buffer.
86 * returns NSS_STATUS_SUCCESS, NSS_STATUS_NOTFOUND, or NSS_STATUS_UNAVAIL
88 int ptsid2name(int uid, char **buffer, int *buflen) {
95 if (uid==AFS_MAGIC_ANONYMOUS_USERID) {
96 if (!cpstr("anonymous", buffer, buflen)) return NSS_STATUS_UNAVAIL;
97 return NSS_STATUS_SUCCESS;
100 if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
102 lid.idlist_val = (afs_int32*)&uid;
104 lnames.namelist_val = 0;
105 lnames.namelist_len = 0;
107 if (ubik_Call(PR_IDToName,pruclient,0,&lid,&lnames) != PRSUCCESS) {
108 pthread_mutex_unlock(&mutex);
109 return NSS_STATUS_UNAVAIL;
112 ret = NSS_STATUS_NOTFOUND;
113 for (i=0;i<lnames.namelist_len;i++) {
114 int delta = strlen(lnames.namelist_val[i]);
115 if ( (delta < buflen) && islower(*(lnames.namelist_val[i])) ) {
116 cpstr(lnames.namelist_val[i], buffer, buflen);
117 ret = NSS_STATUS_SUCCESS;
120 free(lnames.namelist_val);
121 /* free(lid.idlist_val); */
125 pthread_mutex_unlock(&mutex);
130 * Look up the uid corresponding to name, stores it in *uid.
132 * returns NSS_STATUS_SUCCESS, NSS_STATUS_NOTFOUND, or NSS_STATUS_UNAVAIL
134 int ptsname2id(char *name, uid_t* uid) {
141 if (!strcmp(name,"anonymous")) {
142 *uid = AFS_MAGIC_ANONYMOUS_USERID;
143 return NSS_STATUS_SUCCESS;
146 if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
150 lnames.namelist_val = (prname*)name;
151 lnames.namelist_len = 1;
153 if (ubik_Call(PR_NameToID,pruclient,0,&lnames,&lid) != PRSUCCESS) {
154 pthread_mutex_unlock(&mutex);
155 return NSS_STATUS_UNAVAIL;
157 pthread_mutex_unlock(&mutex);
159 res = (uid_t)lid.idlist_val[0];
160 if (res == AFS_MAGIC_ANONYMOUS_USERID) return NSS_STATUS_NOTFOUND;
162 return NSS_STATUS_SUCCESS;
166 * returns zero on success
172 if (afs_initialized) return 0;
174 if (pthread_mutex_lock(&mutex)) return -1;
176 homedirs_method=HOMEDIR_PREFIX;
177 shells_method=SHELL_USERLINK;
179 thiscell=fopen("/etc/openafs/ThisCell","r");
180 if (thiscell == NULL) break;
181 len=fread(cellname,1,256,thiscell);
182 if (!feof(thiscell)) {
185 strcpy(homedir_prefix,"/tmp/\0");
186 homedir_prefix_len=5;
190 if (cellname[len-1] == '\n') len--;
192 sprintf(homedir_prefix,"/afs/%s/user/",cellname);
193 homedir_prefix_len=strlen(homedir_prefix);
195 if (pr_Initialize(0L,AFSDIR_CLIENT_ETC_DIRPATH, 0)) break;
198 pthread_mutex_unlock(&mutex);
202 pthread_mutex_unlock(&mutex);
208 result=get_homedir(char *name,char **buffer,size_t *buflen)
209 Writes the guessed Homedirectory of a given user 'name' into
210 '*buffer', increasing *buflen accordingly.
211 result == 1, only if the buffer was big enough.
213 int get_homedir(char *name, char **buffer, size_t *buflen) {
218 switch (homedirs_method) {
220 homedir_prefix[homedir_prefix_len+0]=name[0];
221 homedir_prefix[homedir_prefix_len+1]='/';
222 homedir_prefix[homedir_prefix_len+2]=name[0];
223 homedir_prefix[homedir_prefix_len+3]=name[1];
224 homedir_prefix[homedir_prefix_len+4]='/';
225 homedir_prefix[homedir_prefix_len+5]=0;
226 strncpy(&homedir_prefix[homedir_prefix_len+5],name,40);
227 if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
230 homedir_prefix[homedir_prefix_len]=0;
231 strncpy(&homedir_prefix[homedir_prefix_len],name,40);
232 if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
234 case HOMEDIR_ADMINLINK:
235 if ( snprintf(buf,256,"/afs/%s/admin/homedirs/%s",cellname,name) > 0 ) {
236 temp=readlink(buf,*buffer,*buflen);
239 *buflen = *buflen - temp - 1;
243 if (! cpstr("/tmp",buffer,buflen) ) return -1;
249 int get_shell(char *name, char **buffer, size_t *buflen) {
257 switch (shells_method) {
259 if (!cpstr("/bin/bash",buffer, buflen)) return -1;
262 case SHELL_ADMINLINK:
263 if ( snprintf(buf,256,"/afs/%s/admin/shells/%s",cellname,name) > 0 ) {
264 temp=readlink(buf,*buffer,*buflen);
267 *buflen = *buflen - temp - 1;
271 if (! cpstr("/bin/bash",buffer,buflen) )
276 if (get_homedir(name, &bufx, &bufxlen)) return -1;
277 strncpy(buf+strlen(buf),"/.loginshell",bufxlen);
278 temp=readlink(buf,*buffer,*buflen);
281 *buflen = *buflen - temp - 1;
284 if (! cpstr("/bin/bash",buffer,buflen) )
293 * this function is invoked by glibc to resolve the name of a numeric groupid
295 enum nss_status _nss_afs_getgrgid_r (gid_t gid, struct group *result,
296 char *buffer, size_t buflen, int *errnop) {
299 if (gid >= MIN_PAG_GID && gid <= MAX_PAG_GID) {
300 showgid = gid-MIN_PAG_GID;
301 } else if (gid >= MIN_OLDPAG_GID && gid <= MAX_OLDPAG_GID) {
302 showgid = gid-MIN_OLDPAG_GID;
305 return NSS_STATUS_NOTFOUND;
310 result->gr_name=buffer;
311 length=snprintf(buffer,buflen,"AfsPag-%x",showgid);
313 if (length < 0) break;
318 result->gr_passwd=buffer;
320 if (!cpstr("x",&buffer,&buflen)) break;
322 if (buflen < sizeof(char*)) break;
323 result->gr_mem=buffer;
324 result->gr_mem[0] = NULL;
327 return NSS_STATUS_SUCCESS;
331 return NSS_STATUS_UNAVAIL;
335 This is a the ptdb-getpwuid-function.
337 enum nss_status _nss_afs_getpwuid_r (uid_t uid, struct passwd *result_buf, char *buffer, size_t buflen, int *errnop) {
340 if (init_afs()) return NSS_STATUS_UNAVAIL;
342 result_buf->pw_name = buffer;
343 temp = ptsid2name( uid, &buffer, &buflen);
344 if (temp != NSS_STATUS_SUCCESS) {
349 #ifdef LIMIT_USERNAME_CHARS
350 if ( strlen(result_buf->pw_name) > LIMIT_USERNAME_CHARS ) {
351 result_buf->pw_name[LIMIT_USERNAME_CHARS] = '\0';
352 buflen = buflen + ( buffer - &result_buf->pw_name[LIMIT_USERNAME_CHARS+1] );
353 buffer = &result_buf->pw_name[LIMIT_USERNAME_CHARS+1];
358 /* set the password to "x" */
359 result_buf->pw_passwd = buffer;
360 if ( ! cpstr("x",&buffer, &buflen) ) break;
361 /* the uid and gid are both the uid passed in */
362 result_buf->pw_uid = uid;
363 result_buf->pw_gid = 65534;
364 /* make the gecos the same as the PTS name */
365 result_buf->pw_gecos = buffer;
366 if ( ! cpstr(result_buf->pw_name, &buffer, &buflen ) ) break;
368 // Set the homedirectory
369 result_buf->pw_dir = buffer;
370 if ( get_homedir(result_buf->pw_name,&buffer,&buflen) ) break;
372 // Set the login shell
373 result_buf->pw_shell = buffer;
374 if ( get_shell(result_buf->pw_name,&buffer,&buflen) ) break;
377 return NSS_STATUS_SUCCESS;
381 return NSS_STATUS_UNAVAIL;
386 * This is the ptdb-getpwnam-function.
388 enum nss_status _nss_afs_getpwnam_r (char *name, struct passwd *result_buf, char *buffer, size_t buflen, int *errnop) {
392 if (init_afs()) return NSS_STATUS_UNAVAIL;
394 temp = ptsname2id(name,&uid);
395 if (temp != NSS_STATUS_SUCCESS) {
400 // This causes an additional PTDB-lookup and should be removed in the future
401 return _nss_afs_getpwuid_r (uid, result_buf,buffer,buflen, errnop);