xref: /onnv-gate/usr/src/cmd/idmap/idmapd/init.c (revision 4520:7dbeadedd7fe) 
1*4520Snw141292 /*
2*4520Snw141292  * CDDL HEADER START
3*4520Snw141292  *
4*4520Snw141292  * The contents of this file are subject to the terms of the
5*4520Snw141292  * Common Development and Distribution License (the "License").
6*4520Snw141292  * You may not use this file except in compliance with the License.
7*4520Snw141292  *
8*4520Snw141292  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*4520Snw141292  * or http://www.opensolaris.org/os/licensing.
10*4520Snw141292  * See the License for the specific language governing permissions
11*4520Snw141292  * and limitations under the License.
12*4520Snw141292  *
13*4520Snw141292  * When distributing Covered Code, include this CDDL HEADER in each
14*4520Snw141292  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*4520Snw141292  * If applicable, add the following below this CDDL HEADER, with the
16*4520Snw141292  * fields enclosed by brackets "[]" replaced with your own identifying
17*4520Snw141292  * information: Portions Copyright [yyyy] [name of copyright owner]
18*4520Snw141292  *
19*4520Snw141292  * CDDL HEADER END
20*4520Snw141292  */
21*4520Snw141292 /*
22*4520Snw141292  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23*4520Snw141292  * Use is subject to license terms.
24*4520Snw141292  */
25*4520Snw141292 
26*4520Snw141292 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27*4520Snw141292 
28*4520Snw141292 /*
29*4520Snw141292  * Initialization routines
30*4520Snw141292  */
31*4520Snw141292 
32*4520Snw141292 #include "idmapd.h"
33*4520Snw141292 #include <signal.h>
34*4520Snw141292 #include <thread.h>
35*4520Snw141292 #include <string.h>
36*4520Snw141292 #include <errno.h>
37*4520Snw141292 #include <assert.h>
38*4520Snw141292 #include <unistd.h>
39*4520Snw141292 #include <sys/types.h>
40*4520Snw141292 #include <sys/stat.h>
41*4520Snw141292 
42*4520Snw141292 static const char *me = "idmapd";
43*4520Snw141292 
44*4520Snw141292 int
45*4520Snw141292 init_mapping_system() {
46*4520Snw141292 	if (rwlock_init(&_idmapdstate.rwlk_cfg, USYNC_THREAD, NULL) != 0)
47*4520Snw141292 		return (-1);
48*4520Snw141292 	if (load_config() < 0)
49*4520Snw141292 		return (-1);
50*4520Snw141292 	if (init_dbs() < 0) {
51*4520Snw141292 		fini_mapping_system();
52*4520Snw141292 		return (-1);
53*4520Snw141292 	}
54*4520Snw141292 	return (0);
55*4520Snw141292 }
56*4520Snw141292 
57*4520Snw141292 void
58*4520Snw141292 fini_mapping_system() {
59*4520Snw141292 	fini_dbs();
60*4520Snw141292 }
61*4520Snw141292 
62*4520Snw141292 int
63*4520Snw141292 load_config() {
64*4520Snw141292 	if ((_idmapdstate.cfg = idmap_cfg_init()) == NULL) {
65*4520Snw141292 		idmapdlog(LOG_ERR, "%s: config init failed - %s",
66*4520Snw141292 			me, CHECK_NULL(idmap_cfg_error()));
67*4520Snw141292 		return (-1);
68*4520Snw141292 	}
69*4520Snw141292 	if (_idmapdstate.ad != NULL)
70*4520Snw141292 		idmap_ad_free(&_idmapdstate.ad);
71*4520Snw141292 	if (idmap_cfg_load(_idmapdstate.cfg) < 0) {
72*4520Snw141292 		idmapdlog(LOG_ERR, "%s: config load failed - %s",
73*4520Snw141292 			me, CHECK_NULL(idmap_cfg_error()));
74*4520Snw141292 		return (-1);
75*4520Snw141292 	}
76*4520Snw141292 	if (_idmapdstate.cfg->pgcfg.mapping_domain == NULL ||
77*4520Snw141292 	    _idmapdstate.cfg->pgcfg.mapping_domain[0] == '\0') {
78*4520Snw141292 		idmapdlog(LOG_ERR, "%s: Joined AD domain not configured; name "
79*4520Snw141292 			"based and ephemeral mapping will not function", me);
80*4520Snw141292 	} else if (idmap_ad_alloc(&_idmapdstate.ad,
81*4520Snw141292 		    _idmapdstate.cfg->pgcfg.mapping_domain,
82*4520Snw141292 		    IDMAP_AD_GLOBAL_CATALOG) != 0) {
83*4520Snw141292 		idmapdlog(LOG_ERR, "%s: could not initialize AD context",
84*4520Snw141292 			me);
85*4520Snw141292 		return (-1);
86*4520Snw141292 	}
87*4520Snw141292 	if (_idmapdstate.cfg->pgcfg.global_catalog == NULL ||
88*4520Snw141292 	    _idmapdstate.cfg->pgcfg.global_catalog[0] == '\0') {
89*4520Snw141292 		idmapdlog(LOG_ERR, "%s: Global catalog DSnot configured; name "
90*4520Snw141292 			"based and ephemeral mapping will not function", me);
91*4520Snw141292 	} else if (idmap_add_ds(_idmapdstate.ad,
92*4520Snw141292 		    _idmapdstate.cfg->pgcfg.global_catalog, 0) != 0) {
93*4520Snw141292 		idmapdlog(LOG_ERR, "%s: could not initialize AD DS context",
94*4520Snw141292 			me);
95*4520Snw141292 		return (-1);
96*4520Snw141292 	}
97*4520Snw141292 	return (0);
98*4520Snw141292 }
99*4520Snw141292 
100*4520Snw141292 void
101*4520Snw141292 print_idmapdstate() {
102*4520Snw141292 	RDLOCK_CONFIG();
103*4520Snw141292 
104*4520Snw141292 	if (_idmapdstate.daemon_mode == FALSE) {
105*4520Snw141292 		(void) fprintf(stderr, "%s: daemon_mode=%s\n",
106*4520Snw141292 			me, _idmapdstate.daemon_mode == TRUE?"true":"false");
107*4520Snw141292 		(void) fprintf(stderr, "%s: hostname=%s\n",
108*4520Snw141292 			me, _idmapdstate.hostname);
109*4520Snw141292 		(void) fprintf(stderr, "%s; name service domain=%s\n", me,
110*4520Snw141292 			_idmapdstate.domainname);
111*4520Snw141292 
112*4520Snw141292 		(void) fprintf(stderr, "%s: config=%s\n", me,
113*4520Snw141292 			_idmapdstate.cfg?"not null":"null");
114*4520Snw141292 	}
115*4520Snw141292 	if (_idmapdstate.cfg == NULL || _idmapdstate.daemon_mode == TRUE)
116*4520Snw141292 		goto out;
117*4520Snw141292 	(void) fprintf(stderr, "%s: list_size_limit=%llu\n", me,
118*4520Snw141292 		_idmapdstate.cfg->pgcfg.list_size_limit);
119*4520Snw141292 	(void) fprintf(stderr, "%s: mapping_domain=%s\n", me,
120*4520Snw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.mapping_domain));
121*4520Snw141292 	(void) fprintf(stderr, "%s: machine_sid=%s\n", me,
122*4520Snw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.machine_sid));
123*4520Snw141292 	(void) fprintf(stderr, "%s: global_catalog=%s\n", me,
124*4520Snw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.global_catalog));
125*4520Snw141292 	(void) fprintf(stderr, "%s: domain_controller=%s\n", me,
126*4520Snw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.domain_controller));
127*4520Snw141292 out:
128*4520Snw141292 	UNLOCK_CONFIG();
129*4520Snw141292 }
130*4520Snw141292 
131*4520Snw141292 int
132*4520Snw141292 create_directory(const char *path, uid_t uid, gid_t gid) {
133*4520Snw141292 	int	rc;
134*4520Snw141292 
135*4520Snw141292 	if ((rc = mkdir(path, 0700)) < 0 && errno != EEXIST) {
136*4520Snw141292 		idmapdlog(LOG_ERR,
137*4520Snw141292 			"%s: Error creating directory %s (%s)",
138*4520Snw141292 			me, path, strerror(errno));
139*4520Snw141292 		return (-1);
140*4520Snw141292 	}
141*4520Snw141292 
142*4520Snw141292 	if (lchown(path, uid, gid) < 0) {
143*4520Snw141292 		idmapdlog(LOG_ERR,
144*4520Snw141292 			"%s: Error creating directory %s (%s)",
145*4520Snw141292 			me, path, strerror(errno));
146*4520Snw141292 		if (rc == 0)
147*4520Snw141292 			(void) rmdir(path);
148*4520Snw141292 		return (-1);
149*4520Snw141292 	}
150*4520Snw141292 	return (0);
151*4520Snw141292 }
152