1*0Sstevel@tonic-gate /* 2*0Sstevel@tonic-gate * CDDL HEADER START 3*0Sstevel@tonic-gate * 4*0Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*0Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*0Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*0Sstevel@tonic-gate * with the License. 8*0Sstevel@tonic-gate * 9*0Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*0Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*0Sstevel@tonic-gate * See the License for the specific language governing permissions 12*0Sstevel@tonic-gate * and limitations under the License. 13*0Sstevel@tonic-gate * 14*0Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*0Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*0Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*0Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*0Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*0Sstevel@tonic-gate * 20*0Sstevel@tonic-gate * CDDL HEADER END 21*0Sstevel@tonic-gate */ 22*0Sstevel@tonic-gate /* 23*0Sstevel@tonic-gate * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24*0Sstevel@tonic-gate * Use is subject to license terms. 25*0Sstevel@tonic-gate */ 26*0Sstevel@tonic-gate 27*0Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*0Sstevel@tonic-gate 29*0Sstevel@tonic-gate /* 30*0Sstevel@tonic-gate * ldapaddrbac.c 31*0Sstevel@tonic-gate * 32*0Sstevel@tonic-gate * Routines to add RBAC /etc files into LDAP. 33*0Sstevel@tonic-gate * Can also be used to dump entries from a ldap container in /etc format. 34*0Sstevel@tonic-gate */ 35*0Sstevel@tonic-gate 36*0Sstevel@tonic-gate #include <stdio.h> 37*0Sstevel@tonic-gate #include <stdlib.h> 38*0Sstevel@tonic-gate #include <libintl.h> 39*0Sstevel@tonic-gate #include <strings.h> 40*0Sstevel@tonic-gate #include <sys/param.h> 41*0Sstevel@tonic-gate #include <ctype.h> 42*0Sstevel@tonic-gate #include <sys/types.h> 43*0Sstevel@tonic-gate #include <sys/socket.h> 44*0Sstevel@tonic-gate #include <netinet/in.h> 45*0Sstevel@tonic-gate #include <arpa/inet.h> 46*0Sstevel@tonic-gate #include <locale.h> 47*0Sstevel@tonic-gate #include <syslog.h> 48*0Sstevel@tonic-gate #include "ldapaddent.h" 49*0Sstevel@tonic-gate 50*0Sstevel@tonic-gate #undef opaque 51*0Sstevel@tonic-gate #undef GROUP 52*0Sstevel@tonic-gate #include <bsm/libbsm.h> 53*0Sstevel@tonic-gate 54*0Sstevel@tonic-gate extern char *_strtok_escape(char *, char *, char **); /* from libnsl */ 55*0Sstevel@tonic-gate 56*0Sstevel@tonic-gate #include <user_attr.h> 57*0Sstevel@tonic-gate #include <prof_attr.h> 58*0Sstevel@tonic-gate #include <exec_attr.h> 59*0Sstevel@tonic-gate #include <auth_attr.h> 60*0Sstevel@tonic-gate 61*0Sstevel@tonic-gate /* 62*0Sstevel@tonic-gate * The parsing routines for RBAC and audit_user databases 63*0Sstevel@tonic-gate */ 64*0Sstevel@tonic-gate 65*0Sstevel@tonic-gate /* 66*0Sstevel@tonic-gate * genent_attr: 67*0Sstevel@tonic-gate * Generic function for generating entries for all of the *_attr databases. 68*0Sstevel@tonic-gate */ 69*0Sstevel@tonic-gate static int 70*0Sstevel@tonic-gate genent_attr( 71*0Sstevel@tonic-gate char *line, /* entry to parse */ 72*0Sstevel@tonic-gate int ncol, /* number of columns in the database */ 73*0Sstevel@tonic-gate entry_col **ecolret) /* return entry array */ 74*0Sstevel@tonic-gate { 75*0Sstevel@tonic-gate int i; 76*0Sstevel@tonic-gate char (*buf)[BUFSIZ + 1]; 77*0Sstevel@tonic-gate char *s; 78*0Sstevel@tonic-gate char *sep = KV_TOKEN_DELIMIT; 79*0Sstevel@tonic-gate char *lasts; 80*0Sstevel@tonic-gate entry_col *ecol; 81*0Sstevel@tonic-gate 82*0Sstevel@tonic-gate /* 83*0Sstevel@tonic-gate * check input length 84*0Sstevel@tonic-gate */ 85*0Sstevel@tonic-gate if (strlen(line) >= sizeof (*buf)) { 86*0Sstevel@tonic-gate (void) strcpy(parse_err_msg, "line too long"); 87*0Sstevel@tonic-gate return (GENENT_PARSEERR); 88*0Sstevel@tonic-gate } 89*0Sstevel@tonic-gate 90*0Sstevel@tonic-gate /* 91*0Sstevel@tonic-gate * setup and clear column data 92*0Sstevel@tonic-gate */ 93*0Sstevel@tonic-gate if ((ecol = (entry_col *)malloc(ncol * sizeof (entry_col) + 94*0Sstevel@tonic-gate sizeof (*buf))) == NULL) 95*0Sstevel@tonic-gate return (GENENT_ERR); 96*0Sstevel@tonic-gate (void) memset((char *)ecol, 0, ncol * sizeof (ecol)); 97*0Sstevel@tonic-gate 98*0Sstevel@tonic-gate /* don't scribble over input */ 99*0Sstevel@tonic-gate buf = (char (*)[sizeof (*buf)]) (ecol + ncol); 100*0Sstevel@tonic-gate (void) strncpy((char *)buf, line, sizeof (*buf)); 101*0Sstevel@tonic-gate 102*0Sstevel@tonic-gate /* Split up columns */ 103*0Sstevel@tonic-gate for (i = 0; i < ncol; i++, buf = NULL) { 104*0Sstevel@tonic-gate s = _strtok_escape((char *)buf, sep, &lasts); 105*0Sstevel@tonic-gate if (s == NULL) { 106*0Sstevel@tonic-gate ecol[i].ec_value.ec_value_val = ""; 107*0Sstevel@tonic-gate ecol[i].ec_value.ec_value_len = 0; 108*0Sstevel@tonic-gate } else { 109*0Sstevel@tonic-gate ecol[i].ec_value.ec_value_val = s; 110*0Sstevel@tonic-gate ecol[i].ec_value.ec_value_len = strlen(s)+1; 111*0Sstevel@tonic-gate } 112*0Sstevel@tonic-gate } 113*0Sstevel@tonic-gate 114*0Sstevel@tonic-gate *ecolret = ecol; 115*0Sstevel@tonic-gate return (GENENT_OK); 116*0Sstevel@tonic-gate } 117*0Sstevel@tonic-gate 118*0Sstevel@tonic-gate int 119*0Sstevel@tonic-gate genent_user_attr(char *line, int (*cback)()) 120*0Sstevel@tonic-gate { 121*0Sstevel@tonic-gate entry_col *ecol; 122*0Sstevel@tonic-gate userstr_t data; 123*0Sstevel@tonic-gate int res, retval; 124*0Sstevel@tonic-gate 125*0Sstevel@tonic-gate /* 126*0Sstevel@tonic-gate * parse entry into columns 127*0Sstevel@tonic-gate */ 128*0Sstevel@tonic-gate res = genent_attr(line, USERATTR_DB_NCOL, &ecol); 129*0Sstevel@tonic-gate if (res != GENENT_OK) 130*0Sstevel@tonic-gate return (res); 131*0Sstevel@tonic-gate 132*0Sstevel@tonic-gate data.name = ecol[0].ec_value.ec_value_val; 133*0Sstevel@tonic-gate data.qualifier = ecol[1].ec_value.ec_value_val; 134*0Sstevel@tonic-gate data.res1 = NULL; 135*0Sstevel@tonic-gate data.res2 = NULL; 136*0Sstevel@tonic-gate data.attr = ecol[4].ec_value.ec_value_val; 137*0Sstevel@tonic-gate 138*0Sstevel@tonic-gate if (flags & F_VERBOSE) 139*0Sstevel@tonic-gate (void) fprintf(stdout, 140*0Sstevel@tonic-gate gettext("Adding entry : %s\n"), data.name); 141*0Sstevel@tonic-gate 142*0Sstevel@tonic-gate retval = (*cback)(&data, 1); 143*0Sstevel@tonic-gate if (retval) 144*0Sstevel@tonic-gate res = GENENT_CBERR; 145*0Sstevel@tonic-gate 146*0Sstevel@tonic-gate free(ecol); 147*0Sstevel@tonic-gate 148*0Sstevel@tonic-gate return (res); 149*0Sstevel@tonic-gate } 150*0Sstevel@tonic-gate 151*0Sstevel@tonic-gate void 152*0Sstevel@tonic-gate dump_user_attr(ns_ldap_result_t *res) 153*0Sstevel@tonic-gate { 154*0Sstevel@tonic-gate char **value = NULL; 155*0Sstevel@tonic-gate 156*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "uid"); 157*0Sstevel@tonic-gate if (value && value[0]) 158*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 159*0Sstevel@tonic-gate else 160*0Sstevel@tonic-gate return; 161*0Sstevel@tonic-gate 162*0Sstevel@tonic-gate (void) fprintf(stdout, "::::"); 163*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrKeyValue"); 164*0Sstevel@tonic-gate if (value && value[0]) 165*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 166*0Sstevel@tonic-gate (void) fprintf(stdout, "\n"); 167*0Sstevel@tonic-gate } 168*0Sstevel@tonic-gate 169*0Sstevel@tonic-gate int 170*0Sstevel@tonic-gate genent_prof_attr(char *line, int (*cback)()) 171*0Sstevel@tonic-gate { 172*0Sstevel@tonic-gate entry_col *ecol; 173*0Sstevel@tonic-gate profstr_t data; 174*0Sstevel@tonic-gate int res, retval; 175*0Sstevel@tonic-gate 176*0Sstevel@tonic-gate /* 177*0Sstevel@tonic-gate * parse entry into columns 178*0Sstevel@tonic-gate */ 179*0Sstevel@tonic-gate res = genent_attr(line, PROFATTR_DB_NCOL, &ecol); 180*0Sstevel@tonic-gate if (res != GENENT_OK) 181*0Sstevel@tonic-gate return (res); 182*0Sstevel@tonic-gate 183*0Sstevel@tonic-gate data.name = ecol[0].ec_value.ec_value_val; 184*0Sstevel@tonic-gate data.res1 = NULL; 185*0Sstevel@tonic-gate data.res2 = NULL; 186*0Sstevel@tonic-gate data.desc = ecol[3].ec_value.ec_value_val; 187*0Sstevel@tonic-gate data.attr = ecol[4].ec_value.ec_value_val; 188*0Sstevel@tonic-gate 189*0Sstevel@tonic-gate if (flags & F_VERBOSE) 190*0Sstevel@tonic-gate (void) fprintf(stdout, 191*0Sstevel@tonic-gate gettext("Adding entry : %s\n"), data.name); 192*0Sstevel@tonic-gate 193*0Sstevel@tonic-gate retval = (*cback)(&data, 0); 194*0Sstevel@tonic-gate if (retval == LDAP_ALREADY_EXISTS) { 195*0Sstevel@tonic-gate if (continue_onerror) 196*0Sstevel@tonic-gate (void) fprintf(stderr, 197*0Sstevel@tonic-gate gettext("Entry: %s - already Exists," 198*0Sstevel@tonic-gate " skipping it.\n"), 199*0Sstevel@tonic-gate data.name); 200*0Sstevel@tonic-gate else { 201*0Sstevel@tonic-gate res = GENENT_CBERR; 202*0Sstevel@tonic-gate (void) fprintf(stderr, 203*0Sstevel@tonic-gate gettext("Entry: %s - already Exists\n"), 204*0Sstevel@tonic-gate data.name); 205*0Sstevel@tonic-gate } 206*0Sstevel@tonic-gate } else if (retval) 207*0Sstevel@tonic-gate res = GENENT_CBERR; 208*0Sstevel@tonic-gate 209*0Sstevel@tonic-gate free(ecol); 210*0Sstevel@tonic-gate 211*0Sstevel@tonic-gate return (res); 212*0Sstevel@tonic-gate } 213*0Sstevel@tonic-gate 214*0Sstevel@tonic-gate void 215*0Sstevel@tonic-gate dump_prof_attr(ns_ldap_result_t *res) 216*0Sstevel@tonic-gate { 217*0Sstevel@tonic-gate char **value = NULL; 218*0Sstevel@tonic-gate 219*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "cn"); 220*0Sstevel@tonic-gate if (value && value[0]) 221*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 222*0Sstevel@tonic-gate else 223*0Sstevel@tonic-gate return; 224*0Sstevel@tonic-gate 225*0Sstevel@tonic-gate (void) fprintf(stdout, ":::"); 226*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrLongDesc"); 227*0Sstevel@tonic-gate if (value && value[0]) 228*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 229*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 230*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrKeyValue"); 231*0Sstevel@tonic-gate if (value && value[0]) 232*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 233*0Sstevel@tonic-gate (void) fprintf(stdout, "\n"); 234*0Sstevel@tonic-gate } 235*0Sstevel@tonic-gate 236*0Sstevel@tonic-gate int 237*0Sstevel@tonic-gate genent_exec_attr(char *line, int (*cback)()) 238*0Sstevel@tonic-gate { 239*0Sstevel@tonic-gate entry_col *ecol; 240*0Sstevel@tonic-gate execstr_t data; 241*0Sstevel@tonic-gate int res, retval; 242*0Sstevel@tonic-gate 243*0Sstevel@tonic-gate /* 244*0Sstevel@tonic-gate * parse entry into columns 245*0Sstevel@tonic-gate */ 246*0Sstevel@tonic-gate res = genent_attr(line, EXECATTR_DB_NCOL, &ecol); 247*0Sstevel@tonic-gate if (res != GENENT_OK) 248*0Sstevel@tonic-gate return (res); 249*0Sstevel@tonic-gate 250*0Sstevel@tonic-gate data.name = ecol[0].ec_value.ec_value_val; 251*0Sstevel@tonic-gate data.policy = ecol[1].ec_value.ec_value_val; 252*0Sstevel@tonic-gate data.type = ecol[2].ec_value.ec_value_val; 253*0Sstevel@tonic-gate data.res1 = NULL; 254*0Sstevel@tonic-gate data.res2 = NULL; 255*0Sstevel@tonic-gate data.id = ecol[5].ec_value.ec_value_val; 256*0Sstevel@tonic-gate data.attr = ecol[6].ec_value.ec_value_val; 257*0Sstevel@tonic-gate data.next = NULL; 258*0Sstevel@tonic-gate 259*0Sstevel@tonic-gate if (flags & F_VERBOSE) 260*0Sstevel@tonic-gate (void) fprintf(stdout, 261*0Sstevel@tonic-gate gettext("Adding entry : %s+%s+%s+%s\n"), 262*0Sstevel@tonic-gate data.name, data.policy, data.type, data.id); 263*0Sstevel@tonic-gate 264*0Sstevel@tonic-gate retval = (*cback)(&data, 0); 265*0Sstevel@tonic-gate if (retval == LDAP_ALREADY_EXISTS) { 266*0Sstevel@tonic-gate if (continue_onerror) 267*0Sstevel@tonic-gate (void) fprintf(stderr, 268*0Sstevel@tonic-gate gettext("Entry: %s+%s+%s+%s - already Exists," 269*0Sstevel@tonic-gate " skipping it.\n"), 270*0Sstevel@tonic-gate data.name, data.policy, data.type, data.id); 271*0Sstevel@tonic-gate else { 272*0Sstevel@tonic-gate res = GENENT_CBERR; 273*0Sstevel@tonic-gate (void) fprintf(stderr, 274*0Sstevel@tonic-gate gettext("Entry: %s+%s+%s+%s - already Exists\n"), 275*0Sstevel@tonic-gate data.name, data.policy, data.type, data.id); 276*0Sstevel@tonic-gate } 277*0Sstevel@tonic-gate } else if (retval) 278*0Sstevel@tonic-gate res = GENENT_CBERR; 279*0Sstevel@tonic-gate 280*0Sstevel@tonic-gate free(ecol); 281*0Sstevel@tonic-gate 282*0Sstevel@tonic-gate return (res); 283*0Sstevel@tonic-gate } 284*0Sstevel@tonic-gate 285*0Sstevel@tonic-gate void 286*0Sstevel@tonic-gate dump_exec_attr(ns_ldap_result_t *res) 287*0Sstevel@tonic-gate { 288*0Sstevel@tonic-gate char **profile; 289*0Sstevel@tonic-gate char **policy; 290*0Sstevel@tonic-gate char **type; 291*0Sstevel@tonic-gate char **id; 292*0Sstevel@tonic-gate char **value; 293*0Sstevel@tonic-gate 294*0Sstevel@tonic-gate profile = __ns_ldap_getAttr(res->entry, "cn"); 295*0Sstevel@tonic-gate policy = __ns_ldap_getAttr(res->entry, "SolarisKernelSecurityPolicy"); 296*0Sstevel@tonic-gate type = __ns_ldap_getAttr(res->entry, "SolarisProfileType"); 297*0Sstevel@tonic-gate id = __ns_ldap_getAttr(res->entry, "SolarisProfileId"); 298*0Sstevel@tonic-gate 299*0Sstevel@tonic-gate if (profile == NULL || profile[0] == NULL || 300*0Sstevel@tonic-gate policy == NULL || policy[0] == NULL || 301*0Sstevel@tonic-gate type == NULL || type[0] == NULL || 302*0Sstevel@tonic-gate id == NULL || id[0] == NULL) 303*0Sstevel@tonic-gate return; 304*0Sstevel@tonic-gate 305*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", profile[0]); 306*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 307*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", policy[0]); 308*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 309*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", type[0]); 310*0Sstevel@tonic-gate (void) fprintf(stdout, ":::"); 311*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", id[0]); 312*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 313*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrKeyValue"); 314*0Sstevel@tonic-gate if (value && value[0]) 315*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 316*0Sstevel@tonic-gate (void) fprintf(stdout, "\n"); 317*0Sstevel@tonic-gate } 318*0Sstevel@tonic-gate 319*0Sstevel@tonic-gate int 320*0Sstevel@tonic-gate genent_auth_attr(char *line, int (*cback)()) 321*0Sstevel@tonic-gate { 322*0Sstevel@tonic-gate entry_col *ecol; 323*0Sstevel@tonic-gate authstr_t data; 324*0Sstevel@tonic-gate int res, retval; 325*0Sstevel@tonic-gate 326*0Sstevel@tonic-gate /* 327*0Sstevel@tonic-gate * parse entry into columns 328*0Sstevel@tonic-gate */ 329*0Sstevel@tonic-gate res = genent_attr(line, AUTHATTR_DB_NCOL, &ecol); 330*0Sstevel@tonic-gate if (res != GENENT_OK) 331*0Sstevel@tonic-gate return (res); 332*0Sstevel@tonic-gate 333*0Sstevel@tonic-gate data.name = ecol[0].ec_value.ec_value_val; 334*0Sstevel@tonic-gate data.res1 = NULL; 335*0Sstevel@tonic-gate data.res2 = NULL; 336*0Sstevel@tonic-gate data.short_desc = ecol[3].ec_value.ec_value_val; 337*0Sstevel@tonic-gate data.long_desc = ecol[4].ec_value.ec_value_val; 338*0Sstevel@tonic-gate data.attr = ecol[5].ec_value.ec_value_val; 339*0Sstevel@tonic-gate 340*0Sstevel@tonic-gate if (flags & F_VERBOSE) 341*0Sstevel@tonic-gate (void) fprintf(stdout, 342*0Sstevel@tonic-gate gettext("Adding entry : %s\n"), data.name); 343*0Sstevel@tonic-gate 344*0Sstevel@tonic-gate retval = (*cback)(&data, 0); 345*0Sstevel@tonic-gate if (retval == LDAP_ALREADY_EXISTS) { 346*0Sstevel@tonic-gate if (continue_onerror) 347*0Sstevel@tonic-gate (void) fprintf(stderr, 348*0Sstevel@tonic-gate gettext("Entry: %s - already Exists," 349*0Sstevel@tonic-gate " skipping it.\n"), data.name); 350*0Sstevel@tonic-gate else { 351*0Sstevel@tonic-gate res = GENENT_CBERR; 352*0Sstevel@tonic-gate (void) fprintf(stderr, 353*0Sstevel@tonic-gate gettext("Entry: %s - already Exists\n"), 354*0Sstevel@tonic-gate data.name); 355*0Sstevel@tonic-gate } 356*0Sstevel@tonic-gate } else if (retval) 357*0Sstevel@tonic-gate res = GENENT_CBERR; 358*0Sstevel@tonic-gate 359*0Sstevel@tonic-gate free(ecol); 360*0Sstevel@tonic-gate 361*0Sstevel@tonic-gate return (res); 362*0Sstevel@tonic-gate } 363*0Sstevel@tonic-gate 364*0Sstevel@tonic-gate void 365*0Sstevel@tonic-gate dump_auth_attr(ns_ldap_result_t *res) 366*0Sstevel@tonic-gate { 367*0Sstevel@tonic-gate char **value = NULL; 368*0Sstevel@tonic-gate 369*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "cn"); 370*0Sstevel@tonic-gate if (value && value[0]) 371*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 372*0Sstevel@tonic-gate else 373*0Sstevel@tonic-gate return; 374*0Sstevel@tonic-gate 375*0Sstevel@tonic-gate (void) fprintf(stdout, ":::"); 376*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrShortDesc"); 377*0Sstevel@tonic-gate if (value && value[0]) 378*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 379*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 380*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrLongDesc"); 381*0Sstevel@tonic-gate if (value && value[0]) 382*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 383*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 384*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAttrKeyValue"); 385*0Sstevel@tonic-gate if (value && value[0]) 386*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 387*0Sstevel@tonic-gate (void) fprintf(stdout, "\n"); 388*0Sstevel@tonic-gate } 389*0Sstevel@tonic-gate 390*0Sstevel@tonic-gate int 391*0Sstevel@tonic-gate genent_audit_user(char *line, int (*cback)()) 392*0Sstevel@tonic-gate { 393*0Sstevel@tonic-gate entry_col *ecol; 394*0Sstevel@tonic-gate au_user_str_t data; 395*0Sstevel@tonic-gate int res, retval; 396*0Sstevel@tonic-gate 397*0Sstevel@tonic-gate /* 398*0Sstevel@tonic-gate * parse entry into columns 399*0Sstevel@tonic-gate */ 400*0Sstevel@tonic-gate res = genent_attr(line, AUDITUSER_DB_NCOL, &ecol); 401*0Sstevel@tonic-gate if (res != GENENT_OK) 402*0Sstevel@tonic-gate return (res); 403*0Sstevel@tonic-gate 404*0Sstevel@tonic-gate data.au_name = strdup(ecol[0].ec_value.ec_value_val); 405*0Sstevel@tonic-gate data.au_always = strdup(ecol[1].ec_value.ec_value_val); 406*0Sstevel@tonic-gate data.au_never = strdup(ecol[2].ec_value.ec_value_val); 407*0Sstevel@tonic-gate 408*0Sstevel@tonic-gate if (flags & F_VERBOSE) 409*0Sstevel@tonic-gate (void) fprintf(stdout, 410*0Sstevel@tonic-gate gettext("Adding entry : %s\n"), data.au_name); 411*0Sstevel@tonic-gate 412*0Sstevel@tonic-gate retval = (*cback)(&data, 1); 413*0Sstevel@tonic-gate if (retval) 414*0Sstevel@tonic-gate res = GENENT_CBERR; 415*0Sstevel@tonic-gate 416*0Sstevel@tonic-gate free(ecol); 417*0Sstevel@tonic-gate 418*0Sstevel@tonic-gate return (res); 419*0Sstevel@tonic-gate } 420*0Sstevel@tonic-gate 421*0Sstevel@tonic-gate void 422*0Sstevel@tonic-gate dump_audit_user(ns_ldap_result_t *res) 423*0Sstevel@tonic-gate { 424*0Sstevel@tonic-gate char **value = NULL; 425*0Sstevel@tonic-gate 426*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "uid"); 427*0Sstevel@tonic-gate if (value && value[0]) 428*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 429*0Sstevel@tonic-gate else 430*0Sstevel@tonic-gate return; 431*0Sstevel@tonic-gate 432*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 433*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAuditAlways"); 434*0Sstevel@tonic-gate if (value && value[0]) 435*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 436*0Sstevel@tonic-gate (void) fprintf(stdout, ":"); 437*0Sstevel@tonic-gate value = __ns_ldap_getAttr(res->entry, "SolarisAuditNever"); 438*0Sstevel@tonic-gate if (value && value[0]) 439*0Sstevel@tonic-gate (void) fprintf(stdout, "%s", value[0]); 440*0Sstevel@tonic-gate (void) fprintf(stdout, "\n"); 441*0Sstevel@tonic-gate } 442