14520Snw141292 /* 24520Snw141292 * CDDL HEADER START 34520Snw141292 * 44520Snw141292 * The contents of this file are subject to the terms of the 54520Snw141292 * Common Development and Distribution License (the "License"). 64520Snw141292 * You may not use this file except in compliance with the License. 74520Snw141292 * 84520Snw141292 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 94520Snw141292 * or http://www.opensolaris.org/os/licensing. 104520Snw141292 * See the License for the specific language governing permissions 114520Snw141292 * and limitations under the License. 124520Snw141292 * 134520Snw141292 * When distributing Covered Code, include this CDDL HEADER in each 144520Snw141292 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 154520Snw141292 * If applicable, add the following below this CDDL HEADER, with the 164520Snw141292 * fields enclosed by brackets "[]" replaced with your own identifying 174520Snw141292 * information: Portions Copyright [yyyy] [name of copyright owner] 184520Snw141292 * 194520Snw141292 * CDDL HEADER END 204520Snw141292 */ 214520Snw141292 /* 224520Snw141292 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 234520Snw141292 * Use is subject to license terms. 244520Snw141292 */ 254520Snw141292 264520Snw141292 #pragma ident "%Z%%M% %I% %E% SMI" 274520Snw141292 284520Snw141292 /* 294520Snw141292 * Initialization routines 304520Snw141292 */ 314520Snw141292 324520Snw141292 #include "idmapd.h" 334520Snw141292 #include <signal.h> 344520Snw141292 #include <thread.h> 354520Snw141292 #include <string.h> 364520Snw141292 #include <errno.h> 374520Snw141292 #include <assert.h> 384520Snw141292 #include <unistd.h> 394520Snw141292 #include <sys/types.h> 404520Snw141292 #include <sys/stat.h> 41*4695Sbaban #include <rpcsvc/daemon_utils.h> 424520Snw141292 434520Snw141292 static const char *me = "idmapd"; 444520Snw141292 454520Snw141292 int 464520Snw141292 init_mapping_system() { 47*4695Sbaban int rc = 0; 48*4695Sbaban 494520Snw141292 if (rwlock_init(&_idmapdstate.rwlk_cfg, USYNC_THREAD, NULL) != 0) 504520Snw141292 return (-1); 514520Snw141292 if (load_config() < 0) 524520Snw141292 return (-1); 53*4695Sbaban 54*4695Sbaban (void) setegid(DAEMON_GID); 55*4695Sbaban (void) seteuid(DAEMON_UID); 564520Snw141292 if (init_dbs() < 0) { 57*4695Sbaban rc = -1; 584520Snw141292 fini_mapping_system(); 594520Snw141292 } 60*4695Sbaban (void) seteuid(0); 61*4695Sbaban (void) setegid(0); 62*4695Sbaban 63*4695Sbaban return (rc); 644520Snw141292 } 654520Snw141292 664520Snw141292 void 674520Snw141292 fini_mapping_system() { 684520Snw141292 fini_dbs(); 694520Snw141292 } 704520Snw141292 714520Snw141292 int 724520Snw141292 load_config() { 734520Snw141292 if ((_idmapdstate.cfg = idmap_cfg_init()) == NULL) { 744644Sbaban idmapdlog(LOG_ERR, "%s: failed to initialize config", me); 754520Snw141292 return (-1); 764520Snw141292 } 774520Snw141292 if (_idmapdstate.ad != NULL) 784520Snw141292 idmap_ad_free(&_idmapdstate.ad); 794520Snw141292 if (idmap_cfg_load(_idmapdstate.cfg) < 0) { 804644Sbaban idmapdlog(LOG_ERR, "%s: failed to load config", me); 814520Snw141292 return (-1); 824520Snw141292 } 834520Snw141292 if (_idmapdstate.cfg->pgcfg.mapping_domain == NULL || 844520Snw141292 _idmapdstate.cfg->pgcfg.mapping_domain[0] == '\0') { 854520Snw141292 idmapdlog(LOG_ERR, "%s: Joined AD domain not configured; name " 864520Snw141292 "based and ephemeral mapping will not function", me); 874520Snw141292 } else if (idmap_ad_alloc(&_idmapdstate.ad, 884520Snw141292 _idmapdstate.cfg->pgcfg.mapping_domain, 894520Snw141292 IDMAP_AD_GLOBAL_CATALOG) != 0) { 904520Snw141292 idmapdlog(LOG_ERR, "%s: could not initialize AD context", 914520Snw141292 me); 924520Snw141292 return (-1); 934520Snw141292 } 944520Snw141292 if (_idmapdstate.cfg->pgcfg.global_catalog == NULL || 954520Snw141292 _idmapdstate.cfg->pgcfg.global_catalog[0] == '\0') { 964520Snw141292 idmapdlog(LOG_ERR, "%s: Global catalog DSnot configured; name " 974520Snw141292 "based and ephemeral mapping will not function", me); 984520Snw141292 } else if (idmap_add_ds(_idmapdstate.ad, 994520Snw141292 _idmapdstate.cfg->pgcfg.global_catalog, 0) != 0) { 1004520Snw141292 idmapdlog(LOG_ERR, "%s: could not initialize AD DS context", 1014520Snw141292 me); 1024520Snw141292 return (-1); 1034520Snw141292 } 1044520Snw141292 return (0); 1054520Snw141292 } 1064520Snw141292 1074520Snw141292 void 1084520Snw141292 print_idmapdstate() { 1094520Snw141292 RDLOCK_CONFIG(); 1104520Snw141292 1114520Snw141292 if (_idmapdstate.daemon_mode == FALSE) { 1124520Snw141292 (void) fprintf(stderr, "%s: daemon_mode=%s\n", 1134520Snw141292 me, _idmapdstate.daemon_mode == TRUE?"true":"false"); 1144520Snw141292 (void) fprintf(stderr, "%s: hostname=%s\n", 1154520Snw141292 me, _idmapdstate.hostname); 1164520Snw141292 (void) fprintf(stderr, "%s; name service domain=%s\n", me, 1174520Snw141292 _idmapdstate.domainname); 1184520Snw141292 1194520Snw141292 (void) fprintf(stderr, "%s: config=%s\n", me, 1204520Snw141292 _idmapdstate.cfg?"not null":"null"); 1214520Snw141292 } 1224520Snw141292 if (_idmapdstate.cfg == NULL || _idmapdstate.daemon_mode == TRUE) 1234520Snw141292 goto out; 1244520Snw141292 (void) fprintf(stderr, "%s: list_size_limit=%llu\n", me, 1254520Snw141292 _idmapdstate.cfg->pgcfg.list_size_limit); 1264520Snw141292 (void) fprintf(stderr, "%s: mapping_domain=%s\n", me, 1274520Snw141292 CHECK_NULL(_idmapdstate.cfg->pgcfg.mapping_domain)); 1284520Snw141292 (void) fprintf(stderr, "%s: machine_sid=%s\n", me, 1294520Snw141292 CHECK_NULL(_idmapdstate.cfg->pgcfg.machine_sid)); 1304520Snw141292 (void) fprintf(stderr, "%s: global_catalog=%s\n", me, 1314520Snw141292 CHECK_NULL(_idmapdstate.cfg->pgcfg.global_catalog)); 1324520Snw141292 (void) fprintf(stderr, "%s: domain_controller=%s\n", me, 1334520Snw141292 CHECK_NULL(_idmapdstate.cfg->pgcfg.domain_controller)); 1344520Snw141292 out: 1354520Snw141292 UNLOCK_CONFIG(); 1364520Snw141292 } 1374520Snw141292 1384520Snw141292 int 1394520Snw141292 create_directory(const char *path, uid_t uid, gid_t gid) { 1404520Snw141292 int rc; 1414520Snw141292 1424520Snw141292 if ((rc = mkdir(path, 0700)) < 0 && errno != EEXIST) { 1434520Snw141292 idmapdlog(LOG_ERR, 1444520Snw141292 "%s: Error creating directory %s (%s)", 1454520Snw141292 me, path, strerror(errno)); 1464520Snw141292 return (-1); 1474520Snw141292 } 1484520Snw141292 1494520Snw141292 if (lchown(path, uid, gid) < 0) { 1504520Snw141292 idmapdlog(LOG_ERR, 1514520Snw141292 "%s: Error creating directory %s (%s)", 1524520Snw141292 me, path, strerror(errno)); 1534520Snw141292 if (rc == 0) 1544520Snw141292 (void) rmdir(path); 1554520Snw141292 return (-1); 1564520Snw141292 } 1574520Snw141292 return (0); 1584520Snw141292 } 159