1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <sys/types.h> 30 #include <sys/stat.h> 31 #include <fcntl.h> 32 #include <stdlib.h> 33 #include <stdio.h> 34 #include <string.h> 35 #include <ctype.h> 36 #include <unistd.h> 37 #include <getopt.h> 38 #include <utmpx.h> 39 #include <pwd.h> 40 #include <auth_attr.h> 41 #include <secdb.h> 42 #include <sys/param.h> 43 #include <sys/stat.h> 44 #include <errno.h> 45 46 #include <libshare.h> 47 #include "sharemgr.h" 48 #include <libscf.h> 49 #include <libxml/tree.h> 50 #include <libintl.h> 51 #include <assert.h> 52 #include <iconv.h> 53 #include <langinfo.h> 54 #include <dirent.h> 55 56 static char *sa_get_usage(sa_usage_t); 57 58 /* 59 * Implementation of the common sub-commands supported by sharemgr. 60 * A number of helper functions are also included. 61 */ 62 63 /* 64 * has_protocol(group, proto) 65 * If the group has an optionset with the specified protocol, 66 * return true (1) otherwise false (0). 67 */ 68 static int 69 has_protocol(sa_group_t group, char *protocol) 70 { 71 sa_optionset_t optionset; 72 int result = 0; 73 74 optionset = sa_get_optionset(group, protocol); 75 if (optionset != NULL) { 76 result++; 77 } 78 return (result); 79 } 80 81 /* 82 * validresource(name) 83 * 84 * Check that name only has valid characters in it. The current valid 85 * set are the printable characters but not including: 86 * " / \ [ ] : | < > + ; , ? * = \t 87 * Note that space is included and there is a maximum length. 88 */ 89 static int 90 validresource(const char *name) 91 { 92 const char *cp; 93 size_t len; 94 95 if (name == NULL) 96 return (B_FALSE); 97 98 len = strlen(name); 99 if (len == 0 || len > SA_MAX_RESOURCE_NAME) 100 return (B_FALSE); 101 102 if (strpbrk(name, "\"/\\[]:|<>+;,?*=\t") != NULL) { 103 return (B_FALSE); 104 } 105 106 for (cp = name; *cp != '\0'; cp++) 107 if (iscntrl(*cp)) 108 return (B_FALSE); 109 110 return (B_TRUE); 111 } 112 113 /* 114 * conv_to_utf8(input) 115 * 116 * Convert the input string to utf8 from the current locale. If the 117 * conversion fails, use the current locale, it is likely close 118 * enough. For example, the "C" locale is a subset of utf-8. The 119 * return value may be a new string or the original input string. 120 */ 121 122 static char * 123 conv_to_utf8(char *input) 124 { 125 iconv_t cd; 126 char *inval = input; 127 char *output = input; 128 char *outleft; 129 char *curlocale; 130 size_t bytesleft; 131 size_t size; 132 size_t osize; 133 static int warned = 0; 134 135 curlocale = nl_langinfo(CODESET); 136 if (curlocale == NULL) 137 curlocale = "C"; 138 cd = iconv_open("UTF-8", curlocale); 139 if (cd != NULL && cd != (iconv_t)-1) { 140 size = strlen(input); 141 /* Assume worst case of characters expanding to 4 bytes. */ 142 bytesleft = size * 4; 143 output = calloc(bytesleft, 1); 144 if (output != NULL) { 145 outleft = output; 146 /* inval can be modified on return */ 147 osize = iconv(cd, (const char **)&inval, &size, 148 &outleft, &bytesleft); 149 if (osize == (size_t)-1 || size != 0) { 150 free(output); 151 output = input; 152 } 153 } else { 154 /* Need to return something. */ 155 output = input; 156 } 157 (void) iconv_close(cd); 158 } else { 159 if (!warned) 160 (void) fprintf(stderr, 161 gettext("Cannot convert to UTF-8 from %s\n"), 162 curlocale ? curlocale : gettext("unknown")); 163 warned = 1; 164 } 165 return (output); 166 } 167 168 /* 169 * conv_from(input) 170 * 171 * Convert the input string from utf8 to current locale. If the 172 * conversion isn't supported, just use as is. The return value may be 173 * a new string or the original input string. 174 */ 175 176 static char * 177 conv_from_utf8(char *input) 178 { 179 iconv_t cd; 180 char *output = input; 181 char *inval = input; 182 char *outleft; 183 char *curlocale; 184 size_t bytesleft; 185 size_t size; 186 size_t osize; 187 static int warned = 0; 188 189 curlocale = nl_langinfo(CODESET); 190 if (curlocale == NULL) 191 curlocale = "C"; 192 cd = iconv_open(curlocale, "UTF-8"); 193 if (cd != NULL && cd != (iconv_t)-1) { 194 size = strlen(input); 195 /* Assume worst case of characters expanding to 4 bytes. */ 196 bytesleft = size * 4; 197 output = calloc(bytesleft, 1); 198 if (output != NULL) { 199 outleft = output; 200 osize = iconv(cd, (const char **)&inval, &size, 201 &outleft, &bytesleft); 202 if (osize == (size_t)-1 || size != 0) 203 output = input; 204 } else { 205 /* Need to return something. */ 206 output = input; 207 } 208 (void) iconv_close(cd); 209 } else { 210 if (!warned) 211 (void) fprintf(stderr, 212 gettext("Cannot convert to %s from UTF-8\n"), 213 curlocale ? curlocale : gettext("unknown")); 214 warned = 1; 215 } 216 return (output); 217 } 218 219 /* 220 * print_rsrc_desc(resource, sharedesc) 221 * 222 * Print the resource description string after converting from UTF8 to 223 * the current locale. If sharedesc is not NULL and there is no 224 * description on the resource, use sharedesc. sharedesc will already 225 * be converted to UTF8. 226 */ 227 228 static void 229 print_rsrc_desc(sa_resource_t resource, char *sharedesc) 230 { 231 char *description; 232 char *desc; 233 234 if (resource == NULL) 235 return; 236 237 description = sa_get_resource_description(resource); 238 if (description != NULL) { 239 desc = conv_from_utf8(description); 240 if (desc != description) { 241 sa_free_share_description(description); 242 description = desc; 243 } 244 } else if (sharedesc != NULL) { 245 description = strdup(sharedesc); 246 } 247 if (description != NULL) { 248 (void) printf("\t\"%s\"", description); 249 sa_free_share_description(description); 250 } 251 } 252 253 /* 254 * set_resource_desc(share, description) 255 * 256 * Set the share description value after converting the description 257 * string to UTF8 from the current locale. 258 */ 259 260 static int 261 set_resource_desc(sa_share_t share, char *description) 262 { 263 char *desc; 264 int ret; 265 266 desc = conv_to_utf8(description); 267 ret = sa_set_resource_description(share, desc); 268 if (description != desc) 269 sa_free_share_description(desc); 270 return (ret); 271 } 272 273 /* 274 * set_share_desc(share, description) 275 * 276 * Set the resource description value after converting the description 277 * string to UTF8 from the current locale. 278 */ 279 280 static int 281 set_share_desc(sa_share_t share, char *description) 282 { 283 char *desc; 284 int ret; 285 286 desc = conv_to_utf8(description); 287 ret = sa_set_share_description(share, desc); 288 if (description != desc) 289 sa_free_share_description(desc); 290 return (ret); 291 } 292 293 /* 294 * add_list(list, item, data, proto) 295 * Adds a new list member that points holds item in the list. 296 * If list is NULL, it starts a new list. The function returns 297 * the first member of the list. 298 */ 299 struct list * 300 add_list(struct list *listp, void *item, void *data, char *proto) 301 { 302 struct list *new, *tmp; 303 304 new = malloc(sizeof (struct list)); 305 if (new != NULL) { 306 new->next = NULL; 307 new->item = item; 308 new->itemdata = data; 309 new->proto = proto; 310 } else { 311 return (listp); 312 } 313 314 if (listp == NULL) 315 return (new); 316 317 for (tmp = listp; tmp->next != NULL; tmp = tmp->next) { 318 /* get to end of list */ 319 } 320 tmp->next = new; 321 return (listp); 322 } 323 324 /* 325 * free_list(list) 326 * Given a list, free all the members of the list; 327 */ 328 static void 329 free_list(struct list *listp) 330 { 331 struct list *tmp; 332 while (listp != NULL) { 333 tmp = listp; 334 listp = listp->next; 335 free(tmp); 336 } 337 } 338 339 /* 340 * check_authorization(instname, which) 341 * 342 * Checks to see if the specific type of authorization in which is 343 * enabled for the user in this SMF service instance. 344 */ 345 346 static int 347 check_authorization(char *instname, int which) 348 { 349 scf_handle_t *handle = NULL; 350 scf_simple_prop_t *prop = NULL; 351 char svcstring[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 352 char *authstr = NULL; 353 ssize_t numauths; 354 int ret = B_TRUE; 355 uid_t uid; 356 struct passwd *pw = NULL; 357 358 uid = getuid(); 359 pw = getpwuid(uid); 360 if (pw == NULL) { 361 ret = B_FALSE; 362 } else { 363 /* 364 * Since names are restricted to SA_MAX_NAME_LEN won't 365 * overflow. 366 */ 367 (void) snprintf(svcstring, sizeof (svcstring), "%s:%s", 368 SA_SVC_FMRI_BASE, instname); 369 handle = scf_handle_create(SCF_VERSION); 370 if (handle != NULL) { 371 if (scf_handle_bind(handle) == 0) { 372 switch (which) { 373 case SVC_SET: 374 prop = scf_simple_prop_get(handle, 375 svcstring, "general", 376 SVC_AUTH_VALUE); 377 break; 378 case SVC_ACTION: 379 prop = scf_simple_prop_get(handle, 380 svcstring, "general", 381 SVC_AUTH_ACTION); 382 break; 383 } 384 } 385 } 386 } 387 /* make sure we have an authorization string property */ 388 if (prop != NULL) { 389 int i; 390 numauths = scf_simple_prop_numvalues(prop); 391 for (ret = 0, i = 0; i < numauths; i++) { 392 authstr = scf_simple_prop_next_astring(prop); 393 if (authstr != NULL) { 394 /* check if this user has one of the strings */ 395 if (chkauthattr(authstr, pw->pw_name)) { 396 ret = 1; 397 break; 398 } 399 } 400 } 401 endauthattr(); 402 scf_simple_prop_free(prop); 403 } else { 404 /* no authorization string defined */ 405 ret = 0; 406 } 407 if (handle != NULL) 408 scf_handle_destroy(handle); 409 return (ret); 410 } 411 412 /* 413 * check_authorizations(instname, flags) 414 * 415 * check all the needed authorizations for the user in this service 416 * instance. Return value of 1(true) or 0(false) indicates whether 417 * there are authorizations for the user or not. 418 */ 419 420 static int 421 check_authorizations(char *instname, int flags) 422 { 423 int ret1 = 0; 424 int ret2 = 0; 425 int ret; 426 427 if (flags & SVC_SET) 428 ret1 = check_authorization(instname, SVC_SET); 429 if (flags & SVC_ACTION) 430 ret2 = check_authorization(instname, SVC_ACTION); 431 switch (flags) { 432 case SVC_ACTION: 433 ret = ret2; 434 break; 435 case SVC_SET: 436 ret = ret1; 437 break; 438 case SVC_ACTION|SVC_SET: 439 ret = ret1 & ret2; 440 break; 441 default: 442 /* if not flags set, we assume we don't need authorizations */ 443 ret = 1; 444 } 445 return (ret); 446 } 447 448 /* 449 * notify_or_enable_share(share, protocol) 450 * 451 * Since some protocols don't want an "enable" when properties change, 452 * this function will use the protocol specific notify function 453 * first. If that fails, it will then attempt to use the 454 * sa_enable_share(). "protocol" is the protocol that was specified 455 * on the command line. 456 */ 457 static void 458 notify_or_enable_share(sa_share_t share, char *protocol) 459 { 460 sa_group_t group; 461 sa_optionset_t opt; 462 int ret = SA_OK; 463 char *path; 464 char *groupproto; 465 sa_share_t parent = share; 466 467 /* If really a resource, get parent share */ 468 if (!sa_is_share(share)) { 469 parent = sa_get_resource_parent((sa_resource_t)share); 470 } 471 472 /* 473 * Now that we've got a share in "parent", make sure it has a path. 474 */ 475 path = sa_get_share_attr(parent, "path"); 476 if (path == NULL) 477 return; 478 479 group = sa_get_parent_group(parent); 480 481 if (group == NULL) { 482 sa_free_attr_string(path); 483 return; 484 } 485 for (opt = sa_get_optionset(group, NULL); 486 opt != NULL; 487 opt = sa_get_next_optionset(opt)) { 488 groupproto = sa_get_optionset_attr(opt, "type"); 489 if (groupproto == NULL || 490 (protocol != NULL && strcmp(groupproto, protocol) != 0)) { 491 sa_free_attr_string(groupproto); 492 continue; 493 } 494 if (sa_is_share(share)) { 495 if ((ret = sa_proto_change_notify(share, 496 groupproto)) != SA_OK) { 497 ret = sa_enable_share(share, groupproto); 498 if (ret != SA_OK) { 499 (void) printf( 500 gettext("Could not reenable" 501 " share %s: %s\n"), 502 path, sa_errorstr(ret)); 503 } 504 } 505 } else { 506 /* Must be a resource */ 507 if ((ret = sa_proto_notify_resource(share, 508 groupproto)) != SA_OK) { 509 ret = sa_enable_resource(share, groupproto); 510 if (ret != SA_OK) { 511 (void) printf( 512 gettext("Could not " 513 "reenable resource %s: " 514 "%s\n"), path, 515 sa_errorstr(ret)); 516 } 517 } 518 } 519 sa_free_attr_string(groupproto); 520 } 521 sa_free_attr_string(path); 522 } 523 524 /* 525 * enable_group(group, updateproto, notify, proto) 526 * 527 * enable all the shares in the specified group. This is a helper for 528 * enable_all_groups in order to simplify regular and subgroup (zfs) 529 * enabling. Group has already been checked for non-NULL. If notify 530 * is non-zero, attempt to use the notify interface rather than 531 * enable. 532 */ 533 static void 534 enable_group(sa_group_t group, char *updateproto, int notify, char *proto) 535 { 536 sa_share_t share; 537 538 for (share = sa_get_share(group, NULL); 539 share != NULL; 540 share = sa_get_next_share(share)) { 541 if (updateproto != NULL) 542 (void) sa_update_legacy(share, updateproto); 543 if (notify) 544 notify_or_enable_share(share, proto); 545 else 546 (void) sa_enable_share(share, proto); 547 } 548 } 549 550 /* 551 * isenabled(group) 552 * 553 * Returns B_TRUE if the group is enabled or B_FALSE if it isn't. 554 * Moved to separate function to reduce clutter in the code. 555 */ 556 557 static int 558 isenabled(sa_group_t group) 559 { 560 char *state; 561 int ret = B_FALSE; 562 563 if (group != NULL) { 564 state = sa_get_group_attr(group, "state"); 565 if (state != NULL) { 566 567 if (strcmp(state, "enabled") == 0) 568 ret = B_TRUE; 569 sa_free_attr_string(state); 570 } 571 } 572 return (ret); 573 } 574 575 /* 576 * enable_all_groups(list, setstate, online, updateproto) 577 * 578 * Given a list of groups, enable each one found. If updateproto is 579 * not NULL, then update all the shares for the protocol that was 580 * passed in. If enable is non-zero, tell enable_group to try the 581 * notify interface since this is a property change. 582 */ 583 static int 584 enable_all_groups(sa_handle_t handle, struct list *work, int setstate, 585 int online, char *updateproto, int enable) 586 { 587 int ret; 588 char instance[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 589 char *state; 590 char *name; 591 char *zfs = NULL; 592 sa_group_t group; 593 sa_group_t subgroup; 594 595 for (ret = SA_OK; work != NULL; work = work->next) { 596 group = (sa_group_t)work->item; 597 598 /* 599 * If setstate == TRUE, then make sure to set 600 * enabled. This needs to be done here in order for 601 * the isenabled check to succeed on a newly enabled 602 * group. 603 */ 604 if (setstate == B_TRUE) { 605 ret = sa_set_group_attr(group, "state", "enabled"); 606 if (ret != SA_OK) 607 break; 608 } 609 610 /* 611 * Check to see if group is enabled. If it isn't, skip 612 * the rest. We don't want shares starting if the 613 * group is disabled. The properties may have been 614 * updated, but there won't be a change until the 615 * group is enabled. 616 */ 617 if (!isenabled(group)) 618 continue; 619 620 /* if itemdata != NULL then a single share */ 621 if (work->itemdata != NULL) { 622 if (enable) { 623 if (work->itemdata != NULL) 624 notify_or_enable_share(work->itemdata, 625 updateproto); 626 else 627 ret = SA_CONFIG_ERR; 628 } else { 629 if (sa_is_share(work->itemdata)) { 630 ret = sa_enable_share( 631 (sa_share_t)work->itemdata, 632 updateproto); 633 } else { 634 ret = sa_enable_resource( 635 (sa_resource_t)work->itemdata, 636 updateproto); 637 } 638 } 639 } 640 if (ret != SA_OK) 641 break; 642 643 /* if itemdata == NULL then the whole group */ 644 if (work->itemdata == NULL) { 645 zfs = sa_get_group_attr(group, "zfs"); 646 /* 647 * If the share is managed by ZFS, don't 648 * update any of the protocols since ZFS is 649 * handling this. Updateproto will contain 650 * the name of the protocol that we want to 651 * update legacy files for. 652 */ 653 enable_group(group, zfs == NULL ? updateproto : NULL, 654 enable, work->proto); 655 for (subgroup = sa_get_sub_group(group); 656 subgroup != NULL; 657 subgroup = sa_get_next_group(subgroup)) { 658 /* never update legacy for ZFS subgroups */ 659 enable_group(subgroup, NULL, enable, 660 work->proto); 661 } 662 } 663 if (online) { 664 zfs = sa_get_group_attr(group, "zfs"); 665 name = sa_get_group_attr(group, "name"); 666 if (name != NULL) { 667 if (zfs == NULL) { 668 (void) snprintf(instance, 669 sizeof (instance), "%s:%s", 670 SA_SVC_FMRI_BASE, name); 671 state = smf_get_state(instance); 672 if (state == NULL || 673 strcmp(state, "online") != 0) { 674 (void) smf_enable_instance( 675 instance, 0); 676 free(state); 677 } 678 } else { 679 sa_free_attr_string(zfs); 680 zfs = NULL; 681 } 682 if (name != NULL) 683 sa_free_attr_string(name); 684 } 685 } 686 } 687 if (ret == SA_OK) { 688 ret = sa_update_config(handle); 689 } 690 return (ret); 691 } 692 693 /* 694 * chk_opt(optlistp, security, proto) 695 * 696 * Do a sanity check on the optlist provided for the protocol. This 697 * is a syntax check and verification that the property is either a 698 * general or specific to a names optionset. 699 */ 700 701 static int 702 chk_opt(struct options *optlistp, int security, char *proto) 703 { 704 struct options *optlist; 705 char *sep = ""; 706 int notfirst = 0; 707 int ret; 708 709 for (optlist = optlistp; optlist != NULL; optlist = optlist->next) { 710 char *optname; 711 712 optname = optlist->optname; 713 ret = OPT_ADD_OK; 714 /* extract property/value pair */ 715 if (sa_is_security(optname, proto)) { 716 if (!security) 717 ret = OPT_ADD_SECURITY; 718 } else { 719 if (security) 720 ret = OPT_ADD_PROPERTY; 721 } 722 if (ret != OPT_ADD_OK) { 723 if (notfirst == 0) 724 (void) printf( 725 gettext("Property syntax error: ")); 726 switch (ret) { 727 case OPT_ADD_SYNTAX: 728 (void) printf(gettext("%ssyntax error: %s"), 729 sep, optname); 730 sep = ", "; 731 break; 732 case OPT_ADD_SECURITY: 733 (void) printf(gettext("%s%s requires -S"), 734 optname, sep); 735 sep = ", "; 736 break; 737 case OPT_ADD_PROPERTY: 738 (void) printf( 739 gettext("%s%s not supported with -S"), 740 optname, sep); 741 sep = ", "; 742 break; 743 } 744 notfirst++; 745 } 746 } 747 if (notfirst) { 748 (void) printf("\n"); 749 ret = SA_SYNTAX_ERR; 750 } 751 return (ret); 752 } 753 754 /* 755 * free_opt(optlist) 756 * Free the specified option list. 757 */ 758 static void 759 free_opt(struct options *optlist) 760 { 761 struct options *nextopt; 762 while (optlist != NULL) { 763 nextopt = optlist->next; 764 free(optlist); 765 optlist = nextopt; 766 } 767 } 768 769 /* 770 * check property list for valid properties 771 * A null value is a remove which is always valid. 772 */ 773 static int 774 valid_options(struct options *optlist, char *proto, void *object, char *sec) 775 { 776 int ret = SA_OK; 777 struct options *cur; 778 sa_property_t prop; 779 sa_optionset_t parent = NULL; 780 781 if (object != NULL) { 782 if (sec == NULL) 783 parent = sa_get_optionset(object, proto); 784 else 785 parent = sa_get_security(object, sec, proto); 786 } 787 788 for (cur = optlist; cur != NULL; cur = cur->next) { 789 if (cur->optvalue == NULL) 790 continue; 791 prop = sa_create_property(cur->optname, cur->optvalue); 792 if (prop == NULL) 793 ret = SA_NO_MEMORY; 794 if (ret != SA_OK || 795 (ret = sa_valid_property(parent, proto, prop)) != SA_OK) { 796 (void) printf( 797 gettext("Could not add property %s: %s\n"), 798 cur->optname, sa_errorstr(ret)); 799 } 800 (void) sa_remove_property(prop); 801 } 802 return (ret); 803 } 804 805 /* 806 * add_optionset(group, optlist, protocol, *err) 807 * Add the options in optlist to an optionset and then add the optionset 808 * to the group. 809 * 810 * The return value indicates if there was a "change" while errors are 811 * returned via the *err parameters. 812 */ 813 static int 814 add_optionset(sa_group_t group, struct options *optlist, char *proto, int *err) 815 { 816 sa_optionset_t optionset; 817 int ret = SA_OK; 818 int result = B_FALSE; 819 820 optionset = sa_get_optionset(group, proto); 821 if (optionset == NULL) { 822 optionset = sa_create_optionset(group, proto); 823 if (optionset == NULL) 824 ret = SA_NO_MEMORY; 825 result = B_TRUE; /* adding a protocol is a change */ 826 } 827 if (optionset == NULL) { 828 ret = SA_NO_MEMORY; 829 goto out; 830 } 831 while (optlist != NULL) { 832 sa_property_t prop; 833 prop = sa_get_property(optionset, optlist->optname); 834 if (prop == NULL) { 835 /* 836 * add the property, but only if it is 837 * a non-NULL or non-zero length value 838 */ 839 if (optlist->optvalue != NULL) { 840 prop = sa_create_property(optlist->optname, 841 optlist->optvalue); 842 if (prop != NULL) { 843 ret = sa_valid_property(optionset, 844 proto, prop); 845 if (ret != SA_OK) { 846 (void) sa_remove_property(prop); 847 (void) printf(gettext("Could " 848 "not add property " 849 "%s: %s\n"), 850 optlist->optname, 851 sa_errorstr(ret)); 852 } 853 } 854 if (ret == SA_OK) { 855 ret = sa_add_property(optionset, prop); 856 if (ret != SA_OK) { 857 (void) printf(gettext( 858 "Could not add property " 859 "%s: %s\n"), 860 optlist->optname, 861 sa_errorstr(ret)); 862 } else { 863 /* there was a change */ 864 result = B_TRUE; 865 } 866 } 867 } 868 } else { 869 ret = sa_update_property(prop, optlist->optvalue); 870 /* should check to see if value changed */ 871 if (ret != SA_OK) { 872 (void) printf(gettext("Could not update " 873 "property %s: %s\n"), optlist->optname, 874 sa_errorstr(ret)); 875 } else { 876 result = B_TRUE; 877 } 878 } 879 optlist = optlist->next; 880 } 881 ret = sa_commit_properties(optionset, 0); 882 883 out: 884 if (err != NULL) 885 *err = ret; 886 return (result); 887 } 888 889 /* 890 * resource_compliant(group) 891 * 892 * Go through all the shares in the group. Assume compliant, but if 893 * any share doesn't have at least one resource name, it isn't 894 * compliant. 895 */ 896 static int 897 resource_compliant(sa_group_t group) 898 { 899 sa_share_t share; 900 901 for (share = sa_get_share(group, NULL); share != NULL; 902 share = sa_get_next_share(share)) { 903 if (sa_get_share_resource(share, NULL) == NULL) { 904 return (B_FALSE); 905 } 906 } 907 return (B_TRUE); 908 } 909 910 /* 911 * fix_path(path) 912 * 913 * change all illegal characters to something else. For now, all get 914 * converted to '_' and the leading '/' is stripped off. This is used 915 * to construct an resource name (SMB share name) that is valid. 916 * Caller must pass a valid path. 917 */ 918 static void 919 fix_path(char *path) 920 { 921 char *cp; 922 size_t len; 923 924 assert(path != NULL); 925 926 /* make sure we are appropriate length */ 927 cp = path + 1; /* skip leading slash */ 928 while (cp != NULL && strlen(cp) > SA_MAX_RESOURCE_NAME) { 929 cp = strchr(cp, '/'); 930 if (cp != NULL) 931 cp++; 932 } 933 /* two cases - cp == NULL and cp is substring of path */ 934 if (cp == NULL) { 935 /* just take last SA_MAX_RESOURCE_NAME chars */ 936 len = 1 + strlen(path) - SA_MAX_RESOURCE_NAME; 937 (void) memmove(path, path + len, SA_MAX_RESOURCE_NAME); 938 path[SA_MAX_RESOURCE_NAME] = '\0'; 939 } else { 940 len = strlen(cp) + 1; 941 (void) memmove(path, cp, len); 942 } 943 944 /* 945 * Don't want any of the characters that are not allowed 946 * in and SMB share name. Replace them with '_'. 947 */ 948 while (*path) { 949 switch (*path) { 950 case '/': 951 case '"': 952 case '\\': 953 case '[': 954 case ']': 955 case ':': 956 case '|': 957 case '<': 958 case '>': 959 case '+': 960 case ';': 961 case ',': 962 case '?': 963 case '*': 964 case '=': 965 case '\t': 966 *path = '_'; 967 break; 968 } 969 path++; 970 } 971 } 972 973 /* 974 * name_adjust(path, count) 975 * 976 * Add a ~<count> in place of last few characters. The total number of 977 * characters is dependent on count. 978 */ 979 #define MAX_MANGLE_NUMBER 10000 980 981 static int 982 name_adjust(char *path, int count) 983 { 984 size_t len; 985 986 len = strlen(path) - 2; 987 if (count > 10) 988 len--; 989 if (count > 100) 990 len--; 991 if (count > 1000) 992 len--; 993 if (len > 0) 994 (void) sprintf(path + len, "~%d", count); 995 else 996 return (SA_BAD_VALUE); 997 998 return (SA_OK); 999 } 1000 1001 /* 1002 * make_resources(group) 1003 * 1004 * Go through all the shares in the group and make them have resource 1005 * names. 1006 */ 1007 static void 1008 make_resources(sa_group_t group) 1009 { 1010 sa_share_t share; 1011 int count; 1012 int err = SA_OK; 1013 1014 for (share = sa_get_share(group, NULL); share != NULL; 1015 share = sa_get_next_share(share)) { 1016 /* Skip those with resources */ 1017 if (sa_get_share_resource(share, NULL) == NULL) { 1018 char *path; 1019 path = sa_get_share_attr(share, "path"); 1020 if (path == NULL) 1021 continue; 1022 fix_path(path); 1023 count = 0; /* reset for next resource */ 1024 while (sa_add_resource(share, path, 1025 SA_SHARE_PERMANENT, &err) == NULL && 1026 err == SA_DUPLICATE_NAME) { 1027 int ret; 1028 ret = name_adjust(path, count); 1029 count++; 1030 if (ret != SA_OK || 1031 count >= MAX_MANGLE_NUMBER) { 1032 (void) printf(gettext( 1033 "Cannot create resource name for" 1034 " path: %s\n"), path); 1035 break; 1036 } 1037 } 1038 sa_free_attr_string(path); 1039 } 1040 } 1041 } 1042 1043 /* 1044 * sa_create(flags, argc, argv) 1045 * create a new group 1046 * this may or may not have a protocol associated with it. 1047 * No protocol means "all" protocols in this case. 1048 */ 1049 static int 1050 sa_create(sa_handle_t handle, int flags, int argc, char *argv[]) 1051 { 1052 char *groupname; 1053 1054 sa_group_t group; 1055 int force = 0; 1056 int verbose = 0; 1057 int dryrun = 0; 1058 int c; 1059 char *protocol = NULL; 1060 int ret = SA_OK; 1061 struct options *optlist = NULL; 1062 int err = 0; 1063 int auth; 1064 1065 while ((c = getopt(argc, argv, "?fhvnP:p:")) != EOF) { 1066 switch (c) { 1067 case 'f': 1068 force++; 1069 break; 1070 case 'v': 1071 verbose++; 1072 break; 1073 case 'n': 1074 dryrun++; 1075 break; 1076 case 'P': 1077 if (protocol != NULL) { 1078 (void) printf(gettext("Specifying " 1079 "multiple protocols " 1080 "not supported: %s\n"), protocol); 1081 return (SA_SYNTAX_ERR); 1082 } 1083 protocol = optarg; 1084 if (sa_valid_protocol(protocol)) 1085 break; 1086 (void) printf(gettext( 1087 "Invalid protocol specified: %s\n"), protocol); 1088 return (SA_INVALID_PROTOCOL); 1089 break; 1090 case 'p': 1091 ret = add_opt(&optlist, optarg, 0); 1092 switch (ret) { 1093 case OPT_ADD_SYNTAX: 1094 (void) printf(gettext( 1095 "Property syntax error for property: %s\n"), 1096 optarg); 1097 return (SA_SYNTAX_ERR); 1098 case OPT_ADD_SECURITY: 1099 (void) printf(gettext( 1100 "Security properties need " 1101 "to be set with set-security: %s\n"), 1102 optarg); 1103 return (SA_SYNTAX_ERR); 1104 default: 1105 break; 1106 } 1107 break; 1108 default: 1109 case 'h': 1110 case '?': 1111 (void) printf(gettext("usage: %s\n"), 1112 sa_get_usage(USAGE_CREATE)); 1113 return (0); 1114 } 1115 } 1116 1117 if (optind >= argc) { 1118 (void) printf(gettext("usage: %s\n"), 1119 sa_get_usage(USAGE_CREATE)); 1120 (void) printf(gettext("\tgroup must be specified.\n")); 1121 return (SA_BAD_PATH); 1122 } 1123 1124 if ((optind + 1) < argc) { 1125 (void) printf(gettext("usage: %s\n"), 1126 sa_get_usage(USAGE_CREATE)); 1127 (void) printf(gettext("\textraneous group(s) at end\n")); 1128 return (SA_SYNTAX_ERR); 1129 } 1130 1131 if (protocol == NULL && optlist != NULL) { 1132 /* lookup default protocol */ 1133 (void) printf(gettext("usage: %s\n"), 1134 sa_get_usage(USAGE_CREATE)); 1135 (void) printf(gettext("\tprotocol must be specified " 1136 "with properties\n")); 1137 return (SA_INVALID_PROTOCOL); 1138 } 1139 1140 if (optlist != NULL) 1141 ret = chk_opt(optlist, 0, protocol); 1142 if (ret == OPT_ADD_SECURITY) { 1143 (void) printf(gettext("Security properties not " 1144 "supported with create\n")); 1145 return (SA_SYNTAX_ERR); 1146 } 1147 1148 /* 1149 * If a group already exists, we can only add a new protocol 1150 * to it and not create a new one or add the same protocol 1151 * again. 1152 */ 1153 1154 groupname = argv[optind]; 1155 1156 auth = check_authorizations(groupname, flags); 1157 1158 group = sa_get_group(handle, groupname); 1159 if (group != NULL) { 1160 /* group exists so must be a protocol add */ 1161 if (protocol != NULL) { 1162 if (has_protocol(group, protocol)) { 1163 (void) printf(gettext( 1164 "Group \"%s\" already exists" 1165 " with protocol %s\n"), groupname, 1166 protocol); 1167 ret = SA_DUPLICATE_NAME; 1168 } 1169 } else { 1170 /* must add new protocol */ 1171 (void) printf(gettext( 1172 "Group already exists and no protocol " 1173 "specified.\n")); 1174 ret = SA_DUPLICATE_NAME; 1175 } 1176 } else { 1177 /* 1178 * is it a valid name? Must comply with SMF instance 1179 * name restrictions. 1180 */ 1181 if (!sa_valid_group_name(groupname)) { 1182 ret = SA_INVALID_NAME; 1183 (void) printf(gettext("Invalid group name: %s\n"), 1184 groupname); 1185 } 1186 } 1187 if (ret == SA_OK) { 1188 /* check protocol vs optlist */ 1189 if (optlist != NULL) { 1190 /* check options, if any, for validity */ 1191 ret = valid_options(optlist, protocol, group, NULL); 1192 } 1193 } 1194 if (ret == SA_OK && !dryrun) { 1195 if (group == NULL) { 1196 group = sa_create_group(handle, (char *)groupname, 1197 &err); 1198 } 1199 if (group != NULL) { 1200 sa_optionset_t optionset; 1201 /* 1202 * First check to see if the new protocol is one that 1203 * requires resource names and make sure we are 1204 * compliant before proceeding. 1205 */ 1206 if (protocol != NULL) { 1207 uint64_t features; 1208 1209 features = sa_proto_get_featureset(protocol); 1210 if ((features & SA_FEATURE_RESOURCE) && 1211 !resource_compliant(group)) { 1212 if (force) { 1213 make_resources(group); 1214 } else { 1215 ret = SA_RESOURCE_REQUIRED; 1216 (void) printf( 1217 gettext("Protocol " 1218 "requires resource " 1219 "names to be " 1220 "set: %s\n"), 1221 protocol); 1222 goto err; 1223 } 1224 } 1225 } 1226 if (optlist != NULL) { 1227 (void) add_optionset(group, optlist, protocol, 1228 &ret); 1229 } else if (protocol != NULL) { 1230 optionset = sa_create_optionset(group, 1231 protocol); 1232 if (optionset == NULL) 1233 ret = SA_NO_MEMORY; 1234 } else if (protocol == NULL) { 1235 char **protolist; 1236 int numprotos, i; 1237 numprotos = sa_get_protocols(&protolist); 1238 for (i = 0; i < numprotos; i++) { 1239 optionset = sa_create_optionset(group, 1240 protolist[i]); 1241 } 1242 if (protolist != NULL) 1243 free(protolist); 1244 } 1245 /* 1246 * We have a group and legal additions 1247 */ 1248 if (ret == SA_OK) { 1249 /* 1250 * Commit to configuration for protocols that 1251 * need to do block updates. For NFS, this 1252 * doesn't do anything but it will be run for 1253 * all protocols that implement the 1254 * appropriate plugin. 1255 */ 1256 ret = sa_update_config(handle); 1257 } else { 1258 if (group != NULL) 1259 (void) sa_remove_group(group); 1260 } 1261 } else { 1262 ret = err; 1263 (void) printf(gettext("Could not create group: %s\n"), 1264 sa_errorstr(ret)); 1265 } 1266 } 1267 if (dryrun && ret == SA_OK && !auth && verbose) { 1268 (void) printf(gettext("Command would fail: %s\n"), 1269 sa_errorstr(SA_NO_PERMISSION)); 1270 ret = SA_NO_PERMISSION; 1271 } 1272 err: 1273 free_opt(optlist); 1274 return (ret); 1275 } 1276 1277 /* 1278 * group_status(group) 1279 * 1280 * return the current status (enabled/disabled) of the group. 1281 */ 1282 1283 static char * 1284 group_status(sa_group_t group) 1285 { 1286 char *state; 1287 int enabled = 0; 1288 1289 state = sa_get_group_attr(group, "state"); 1290 if (state != NULL) { 1291 if (strcmp(state, "enabled") == 0) { 1292 enabled = 1; 1293 } 1294 sa_free_attr_string(state); 1295 } 1296 return (enabled ? "enabled" : "disabled"); 1297 } 1298 1299 /* 1300 * sa_delete(flags, argc, argv) 1301 * 1302 * Delete a group. 1303 */ 1304 1305 static int 1306 sa_delete(sa_handle_t handle, int flags, int argc, char *argv[]) 1307 { 1308 char *groupname; 1309 sa_group_t group; 1310 sa_share_t share; 1311 int verbose = 0; 1312 int dryrun = 0; 1313 int force = 0; 1314 int c; 1315 char *protocol = NULL; 1316 char *sectype = NULL; 1317 int ret = SA_OK; 1318 int auth; 1319 1320 while ((c = getopt(argc, argv, "?hvnP:fS:")) != EOF) { 1321 switch (c) { 1322 case 'v': 1323 verbose++; 1324 break; 1325 case 'n': 1326 dryrun++; 1327 break; 1328 case 'P': 1329 if (protocol != NULL) { 1330 (void) printf(gettext("Specifying " 1331 "multiple protocols " 1332 "not supported: %s\n"), protocol); 1333 return (SA_SYNTAX_ERR); 1334 } 1335 protocol = optarg; 1336 if (!sa_valid_protocol(protocol)) { 1337 (void) printf(gettext("Invalid protocol " 1338 "specified: %s\n"), protocol); 1339 return (SA_INVALID_PROTOCOL); 1340 } 1341 break; 1342 case 'S': 1343 if (sectype != NULL) { 1344 (void) printf(gettext("Specifying " 1345 "multiple property " 1346 "spaces not supported: %s\n"), sectype); 1347 return (SA_SYNTAX_ERR); 1348 } 1349 sectype = optarg; 1350 break; 1351 case 'f': 1352 force++; 1353 break; 1354 default: 1355 case 'h': 1356 case '?': 1357 (void) printf(gettext("usage: %s\n"), 1358 sa_get_usage(USAGE_DELETE)); 1359 return (0); 1360 } 1361 } 1362 1363 if (optind >= argc) { 1364 (void) printf(gettext("usage: %s\n"), 1365 sa_get_usage(USAGE_DELETE)); 1366 (void) printf(gettext("\tgroup must be specified.\n")); 1367 return (SA_SYNTAX_ERR); 1368 } 1369 1370 if ((optind + 1) < argc) { 1371 (void) printf(gettext("usage: %s\n"), 1372 sa_get_usage(USAGE_DELETE)); 1373 (void) printf(gettext("\textraneous group(s) at end\n")); 1374 return (SA_SYNTAX_ERR); 1375 } 1376 1377 if (sectype != NULL && protocol == NULL) { 1378 (void) printf(gettext("usage: %s\n"), 1379 sa_get_usage(USAGE_DELETE)); 1380 (void) printf(gettext("\tsecurity requires protocol to be " 1381 "specified.\n")); 1382 return (SA_SYNTAX_ERR); 1383 } 1384 1385 /* 1386 * Determine if the group already exists since it must in 1387 * order to be removed. 1388 * 1389 * We can delete when: 1390 * 1391 * - group is empty 1392 * - force flag is set 1393 * - if protocol specified, only delete the protocol 1394 */ 1395 1396 groupname = argv[optind]; 1397 group = sa_get_group(handle, groupname); 1398 if (group == NULL) { 1399 ret = SA_NO_SUCH_GROUP; 1400 goto done; 1401 } 1402 auth = check_authorizations(groupname, flags); 1403 if (protocol == NULL) { 1404 share = sa_get_share(group, NULL); 1405 if (share != NULL) 1406 ret = SA_BUSY; 1407 if (share == NULL || (share != NULL && force == 1)) { 1408 ret = SA_OK; 1409 if (!dryrun) { 1410 while (share != NULL) { 1411 sa_share_t next_share; 1412 next_share = sa_get_next_share(share); 1413 /* 1414 * need to do the disable of 1415 * each share, but don't 1416 * actually do anything on a 1417 * dryrun. 1418 */ 1419 ret = sa_disable_share(share, NULL); 1420 ret = sa_remove_share(share); 1421 share = next_share; 1422 } 1423 ret = sa_remove_group(group); 1424 } 1425 } 1426 /* Commit to configuration if not a dryrun */ 1427 if (!dryrun && ret == SA_OK) { 1428 ret = sa_update_config(handle); 1429 } 1430 } else { 1431 /* a protocol delete */ 1432 sa_optionset_t optionset; 1433 sa_security_t security; 1434 if (sectype != NULL) { 1435 /* only delete specified security */ 1436 security = sa_get_security(group, sectype, protocol); 1437 if (security != NULL && !dryrun) 1438 ret = sa_destroy_security(security); 1439 else 1440 ret = SA_INVALID_PROTOCOL; 1441 } else { 1442 optionset = sa_get_optionset(group, protocol); 1443 if (optionset != NULL && !dryrun) { 1444 /* 1445 * have an optionset with 1446 * protocol to delete 1447 */ 1448 ret = sa_destroy_optionset(optionset); 1449 /* 1450 * Now find all security sets 1451 * for the protocol and remove 1452 * them. Don't remove other 1453 * protocols. 1454 */ 1455 for (security = 1456 sa_get_security(group, NULL, NULL); 1457 ret == SA_OK && security != NULL; 1458 security = sa_get_next_security(security)) { 1459 char *secprot; 1460 secprot = sa_get_security_attr(security, 1461 "type"); 1462 if (secprot != NULL && 1463 strcmp(secprot, protocol) == 0) 1464 ret = sa_destroy_security( 1465 security); 1466 if (secprot != NULL) 1467 sa_free_attr_string(secprot); 1468 } 1469 } else { 1470 if (!dryrun) 1471 ret = SA_INVALID_PROTOCOL; 1472 } 1473 } 1474 /* 1475 * With the protocol items removed, make sure that all 1476 * the shares are updated in the legacy files, if 1477 * necessary. 1478 */ 1479 for (share = sa_get_share(group, NULL); 1480 share != NULL; 1481 share = sa_get_next_share(share)) { 1482 (void) sa_delete_legacy(share, protocol); 1483 } 1484 } 1485 1486 done: 1487 if (ret != SA_OK) { 1488 (void) printf(gettext("Could not delete group: %s\n"), 1489 sa_errorstr(ret)); 1490 } else if (dryrun && !auth && verbose) { 1491 (void) printf(gettext("Command would fail: %s\n"), 1492 sa_errorstr(SA_NO_PERMISSION)); 1493 } 1494 return (ret); 1495 } 1496 1497 /* 1498 * strndupr(*buff, str, buffsize) 1499 * 1500 * used with small strings to duplicate and possibly increase the 1501 * buffer size of a string. 1502 */ 1503 static char * 1504 strndupr(char *buff, char *str, int *buffsize) 1505 { 1506 int limit; 1507 char *orig_buff = buff; 1508 1509 if (buff == NULL) { 1510 buff = (char *)malloc(64); 1511 if (buff == NULL) 1512 return (NULL); 1513 *buffsize = 64; 1514 buff[0] = '\0'; 1515 } 1516 limit = strlen(buff) + strlen(str) + 1; 1517 if (limit > *buffsize) { 1518 limit = *buffsize = *buffsize + ((limit / 64) + 64); 1519 buff = realloc(buff, limit); 1520 } 1521 if (buff != NULL) { 1522 (void) strcat(buff, str); 1523 } else { 1524 /* if it fails, fail it hard */ 1525 if (orig_buff != NULL) 1526 free(orig_buff); 1527 } 1528 return (buff); 1529 } 1530 1531 /* 1532 * group_proto(group) 1533 * 1534 * return a string of all the protocols (space separated) associated 1535 * with this group. 1536 */ 1537 1538 static char * 1539 group_proto(sa_group_t group) 1540 { 1541 sa_optionset_t optionset; 1542 char *proto; 1543 char *buff = NULL; 1544 int buffsize = 0; 1545 int addspace = 0; 1546 /* 1547 * get the protocol list by finding the optionsets on this 1548 * group and extracting the type value. The initial call to 1549 * strndupr() initailizes buff. 1550 */ 1551 buff = strndupr(buff, "", &buffsize); 1552 if (buff != NULL) { 1553 for (optionset = sa_get_optionset(group, NULL); 1554 optionset != NULL && buff != NULL; 1555 optionset = sa_get_next_optionset(optionset)) { 1556 /* 1557 * extract out the protocol type from this optionset 1558 * and append it to the buffer "buff". strndupr() will 1559 * reallocate space as necessay. 1560 */ 1561 proto = sa_get_optionset_attr(optionset, "type"); 1562 if (proto != NULL) { 1563 if (addspace++) 1564 buff = strndupr(buff, " ", &buffsize); 1565 buff = strndupr(buff, proto, &buffsize); 1566 sa_free_attr_string(proto); 1567 } 1568 } 1569 } 1570 return (buff); 1571 } 1572 1573 /* 1574 * sa_list(flags, argc, argv) 1575 * 1576 * implements the "list" subcommand to list groups and optionally 1577 * their state and protocols. 1578 */ 1579 1580 static int 1581 sa_list(sa_handle_t handle, int flags, int argc, char *argv[]) 1582 { 1583 sa_group_t group; 1584 int verbose = 0; 1585 int c; 1586 char *protocol = NULL; 1587 #ifdef lint 1588 flags = flags; 1589 #endif 1590 1591 while ((c = getopt(argc, argv, "?hvP:")) != EOF) { 1592 switch (c) { 1593 case 'v': 1594 verbose++; 1595 break; 1596 case 'P': 1597 if (protocol != NULL) { 1598 (void) printf(gettext( 1599 "Specifying multiple protocols " 1600 "not supported: %s\n"), 1601 protocol); 1602 return (SA_SYNTAX_ERR); 1603 } 1604 protocol = optarg; 1605 if (!sa_valid_protocol(protocol)) { 1606 (void) printf(gettext( 1607 "Invalid protocol specified: %s\n"), 1608 protocol); 1609 return (SA_INVALID_PROTOCOL); 1610 } 1611 break; 1612 default: 1613 case 'h': 1614 case '?': 1615 (void) printf(gettext("usage: %s\n"), 1616 sa_get_usage(USAGE_LIST)); 1617 return (0); 1618 } 1619 } 1620 1621 if (optind != argc) { 1622 (void) printf(gettext("usage: %s\n"), 1623 sa_get_usage(USAGE_LIST)); 1624 return (SA_SYNTAX_ERR); 1625 } 1626 1627 for (group = sa_get_group(handle, NULL); 1628 group != NULL; 1629 group = sa_get_next_group(group)) { 1630 char *name; 1631 char *proto; 1632 if (protocol == NULL || has_protocol(group, protocol)) { 1633 name = sa_get_group_attr(group, "name"); 1634 if (name != NULL && (verbose > 1 || name[0] != '#')) { 1635 (void) printf("%s", (char *)name); 1636 if (verbose) { 1637 /* 1638 * Need the list of protocols 1639 * and current status once 1640 * available. We do want to 1641 * translate the 1642 * enabled/disabled text here. 1643 */ 1644 (void) printf("\t%s", isenabled(group) ? 1645 gettext("enabled") : 1646 gettext("disabled")); 1647 proto = group_proto(group); 1648 if (proto != NULL) { 1649 (void) printf("\t%s", 1650 (char *)proto); 1651 free(proto); 1652 } 1653 } 1654 (void) printf("\n"); 1655 } 1656 if (name != NULL) 1657 sa_free_attr_string(name); 1658 } 1659 } 1660 return (0); 1661 } 1662 1663 /* 1664 * out_properties(optionset, proto, sec) 1665 * 1666 * Format the properties and encode the protocol and optional named 1667 * optionset into the string. 1668 * 1669 * format is protocol[:name]=(property-list) 1670 */ 1671 1672 static void 1673 out_properties(sa_optionset_t optionset, char *proto, char *sec) 1674 { 1675 char *type; 1676 char *value; 1677 int spacer; 1678 sa_property_t prop; 1679 1680 if (sec == NULL) 1681 (void) printf(" %s=(", proto ? proto : gettext("all")); 1682 else 1683 (void) printf(" %s:%s=(", proto ? proto : gettext("all"), sec); 1684 1685 for (spacer = 0, prop = sa_get_property(optionset, NULL); 1686 prop != NULL; 1687 prop = sa_get_next_property(prop)) { 1688 1689 /* 1690 * extract the property name/value and output with 1691 * appropriate spacing. I.e. no prefixed space the 1692 * first time through but a space on subsequent 1693 * properties. 1694 */ 1695 type = sa_get_property_attr(prop, "type"); 1696 value = sa_get_property_attr(prop, "value"); 1697 if (type != NULL) { 1698 (void) printf("%s%s=", spacer ? " " : "", type); 1699 spacer = 1; 1700 if (value != NULL) 1701 (void) printf("\"%s\"", value); 1702 else 1703 (void) printf("\"\""); 1704 } 1705 if (type != NULL) 1706 sa_free_attr_string(type); 1707 if (value != NULL) 1708 sa_free_attr_string(value); 1709 } 1710 (void) printf(")"); 1711 } 1712 1713 /* 1714 * show_properties(group, protocol, prefix) 1715 * 1716 * print the properties for a group. If protocol is NULL, do all 1717 * protocols otherwise only the specified protocol. All security 1718 * (named groups specific to the protocol) are included. 1719 * 1720 * The "prefix" is always applied. The caller knows whether it wants 1721 * some type of prefix string (white space) or not. Once the prefix 1722 * has been output, it is reduced to the zero length string for the 1723 * remainder of the property output. 1724 */ 1725 1726 static void 1727 show_properties(sa_group_t group, char *protocol, char *prefix) 1728 { 1729 sa_optionset_t optionset; 1730 sa_security_t security; 1731 char *value; 1732 char *secvalue; 1733 1734 if (protocol != NULL) { 1735 optionset = sa_get_optionset(group, protocol); 1736 if (optionset != NULL) { 1737 (void) printf("%s", prefix); 1738 prefix = ""; 1739 out_properties(optionset, protocol, NULL); 1740 } 1741 security = sa_get_security(group, protocol, NULL); 1742 if (security != NULL) { 1743 (void) printf("%s", prefix); 1744 prefix = ""; 1745 out_properties(security, protocol, NULL); 1746 } 1747 } else { 1748 for (optionset = sa_get_optionset(group, protocol); 1749 optionset != NULL; 1750 optionset = sa_get_next_optionset(optionset)) { 1751 1752 value = sa_get_optionset_attr(optionset, "type"); 1753 (void) printf("%s", prefix); 1754 prefix = ""; 1755 out_properties(optionset, value, 0); 1756 if (value != NULL) 1757 sa_free_attr_string(value); 1758 } 1759 for (security = sa_get_security(group, NULL, protocol); 1760 security != NULL; 1761 security = sa_get_next_security(security)) { 1762 1763 value = sa_get_security_attr(security, "type"); 1764 secvalue = sa_get_security_attr(security, "sectype"); 1765 (void) printf("%s", prefix); 1766 prefix = ""; 1767 out_properties(security, value, secvalue); 1768 if (value != NULL) 1769 sa_free_attr_string(value); 1770 if (secvalue != NULL) 1771 sa_free_attr_string(secvalue); 1772 } 1773 } 1774 } 1775 1776 /* 1777 * get_resource(share) 1778 * 1779 * Get the first resource name, if any, and fix string to be in 1780 * current locale and have quotes if it has embedded spaces. Return 1781 * an attr string that must be freed. 1782 */ 1783 1784 static char * 1785 get_resource(sa_share_t share) 1786 { 1787 sa_resource_t resource; 1788 char *resstring = NULL; 1789 char *retstring; 1790 1791 if ((resource = sa_get_share_resource(share, NULL)) != NULL) { 1792 resstring = sa_get_resource_attr(resource, "name"); 1793 if (resstring != NULL) { 1794 char *cp; 1795 int len; 1796 1797 retstring = conv_from_utf8(resstring); 1798 if (retstring != resstring) { 1799 sa_free_attr_string(resstring); 1800 resstring = retstring; 1801 } 1802 if (strpbrk(resstring, " ") != NULL) { 1803 /* account for quotes */ 1804 len = strlen(resstring) + 3; 1805 cp = calloc(len, sizeof (char)); 1806 if (cp != NULL) { 1807 (void) snprintf(cp, len, 1808 "\"%s\"", resstring); 1809 sa_free_attr_string(resstring); 1810 resstring = cp; 1811 } else { 1812 sa_free_attr_string(resstring); 1813 resstring = NULL; 1814 } 1815 } 1816 } 1817 } 1818 return (resstring); 1819 } 1820 1821 /* 1822 * has_resource_with_opt(share) 1823 * 1824 * Check to see if the share has any resource names with optionsets 1825 * set. Also indicate if multiple resource names since the syntax 1826 * would be about the same. 1827 */ 1828 static int 1829 has_resource_with_opt(sa_share_t share) 1830 { 1831 sa_resource_t resource; 1832 int ret = B_FALSE; 1833 1834 for (resource = sa_get_share_resource(share, NULL); 1835 resource != NULL; 1836 resource = sa_get_next_resource(resource)) { 1837 1838 if (sa_get_optionset(resource, NULL) != NULL) { 1839 ret = B_TRUE; 1840 break; 1841 } 1842 } 1843 return (ret); 1844 } 1845 1846 /* 1847 * has_multiple_resource(share) 1848 * 1849 * Check to see if the share has multiple resource names since 1850 * the syntax would be about the same. 1851 */ 1852 static boolean_t 1853 has_multiple_resource(sa_share_t share) 1854 { 1855 sa_resource_t resource; 1856 int num; 1857 1858 for (num = 0, resource = sa_get_share_resource(share, NULL); 1859 resource != NULL; 1860 resource = sa_get_next_resource(resource)) { 1861 num++; 1862 if (num > 1) 1863 return (B_TRUE); 1864 } 1865 return (B_FALSE); 1866 } 1867 1868 /* 1869 * show_share(share, verbose, properties, proto, iszfs, sharepath) 1870 * 1871 * print out the share information. With the addition of resource as a 1872 * full object that can have multiple instances below the share, we 1873 * need to display that as well. 1874 */ 1875 1876 static void 1877 show_share(sa_share_t share, int verbose, int properties, char *proto, 1878 int iszfs, char *sharepath) 1879 { 1880 char *drive; 1881 char *exclude; 1882 sa_resource_t resource = NULL; 1883 char *description; 1884 char *rsrcname; 1885 int rsrcwithopt; 1886 boolean_t multiple; 1887 char *type; 1888 1889 rsrcwithopt = has_resource_with_opt(share); 1890 1891 if (verbose || (properties && rsrcwithopt)) { 1892 /* First, indicate if transient */ 1893 type = sa_get_share_attr(share, "type"); 1894 if (type != NULL && !iszfs && verbose && 1895 strcmp(type, "transient") == 0) 1896 (void) printf("\t* "); 1897 else 1898 (void) printf("\t "); 1899 1900 if (type != NULL) 1901 sa_free_attr_string(type); 1902 1903 /* 1904 * If we came in with verbose, we want to handle the case of 1905 * multiple resources as though they had properties set. 1906 */ 1907 multiple = has_multiple_resource(share); 1908 1909 /* 1910 * if there is a description on the share and there 1911 * are resources, treat as multiple resources in order 1912 * to get all descriptions displayed. 1913 */ 1914 description = sa_get_share_description(share); 1915 resource = sa_get_share_resource(share, NULL); 1916 1917 if (description != NULL && resource != NULL) 1918 multiple = B_TRUE; 1919 1920 /* Next, if not multiple follow old model */ 1921 if (!multiple && !rsrcwithopt) { 1922 rsrcname = get_resource(share); 1923 if (rsrcname != NULL && strlen(rsrcname) > 0) { 1924 (void) printf("%s=%s", rsrcname, sharepath); 1925 } else { 1926 (void) printf("%s", sharepath); 1927 } 1928 if (rsrcname != NULL) 1929 sa_free_attr_string(rsrcname); 1930 /* Print the description string if there is one. */ 1931 print_rsrc_desc(resource, description); 1932 } else { 1933 /* Treat as simple and then resources come later */ 1934 (void) printf("%s", sharepath); 1935 } 1936 drive = sa_get_share_attr(share, "drive-letter"); 1937 if (drive != NULL) { 1938 if (strlen(drive) > 0) 1939 (void) printf(gettext("\tdrive-letter=\"%s:\""), 1940 drive); 1941 sa_free_attr_string(drive); 1942 } 1943 if (properties) 1944 show_properties(share, proto, "\t"); 1945 exclude = sa_get_share_attr(share, "exclude"); 1946 if (exclude != NULL) { 1947 (void) printf(gettext("\tnot-shared-with=[%s]"), 1948 exclude); 1949 sa_free_attr_string(exclude); 1950 } 1951 1952 if (description != NULL) { 1953 print_rsrc_desc((sa_resource_t)share, description); 1954 } 1955 /* 1956 * If there are resource names with options, show them 1957 * here, with one line per resource. Resource specific 1958 * options are at the end of the line followed by 1959 * description, if any. 1960 */ 1961 if (rsrcwithopt || multiple) { 1962 for (resource = sa_get_share_resource(share, NULL); 1963 resource != NULL; 1964 resource = sa_get_next_resource(resource)) { 1965 int has_space; 1966 char *rsrc; 1967 1968 (void) printf("\n\t\t "); 1969 rsrcname = sa_get_resource_attr(resource, 1970 "name"); 1971 if (rsrcname == NULL) 1972 continue; 1973 1974 rsrc = conv_from_utf8(rsrcname); 1975 has_space = strpbrk(rsrc, " ") != NULL; 1976 1977 if (has_space) 1978 (void) printf("\"%s\"=%s", rsrc, 1979 sharepath); 1980 else 1981 (void) printf("%s=%s", rsrc, 1982 sharepath); 1983 if (rsrc != rsrcname) 1984 sa_free_attr_string(rsrc); 1985 sa_free_attr_string(rsrcname); 1986 if (properties || rsrcwithopt) 1987 show_properties(resource, proto, "\t"); 1988 1989 /* Get description string if any */ 1990 print_rsrc_desc(resource, description); 1991 } 1992 } 1993 if (description != NULL) 1994 sa_free_share_description(description); 1995 } else { 1996 (void) printf("\t %s", sharepath); 1997 if (properties) 1998 show_properties(share, proto, "\t"); 1999 } 2000 (void) printf("\n"); 2001 } 2002 2003 /* 2004 * show_group(group, verbose, properties, proto, subgroup) 2005 * 2006 * helper function to show the contents of a group. 2007 */ 2008 2009 static void 2010 show_group(sa_group_t group, int verbose, int properties, char *proto, 2011 char *subgroup) 2012 { 2013 sa_share_t share; 2014 char *groupname; 2015 char *zfs = NULL; 2016 int iszfs = 0; 2017 char *sharepath; 2018 2019 groupname = sa_get_group_attr(group, "name"); 2020 if (groupname != NULL) { 2021 if (proto != NULL && !has_protocol(group, proto)) { 2022 sa_free_attr_string(groupname); 2023 return; 2024 } 2025 /* 2026 * check to see if the group is managed by ZFS. If 2027 * there is an attribute, then it is. A non-NULL zfs 2028 * variable will trigger the different way to display 2029 * and will remove the transient property indicator 2030 * from the output. 2031 */ 2032 zfs = sa_get_group_attr(group, "zfs"); 2033 if (zfs != NULL) { 2034 iszfs = 1; 2035 sa_free_attr_string(zfs); 2036 } 2037 share = sa_get_share(group, NULL); 2038 if (subgroup == NULL) 2039 (void) printf("%s", groupname); 2040 else 2041 (void) printf(" %s/%s", subgroup, groupname); 2042 if (properties) 2043 show_properties(group, proto, ""); 2044 (void) printf("\n"); 2045 if (strcmp(groupname, "zfs") == 0) { 2046 sa_group_t zgroup; 2047 2048 for (zgroup = sa_get_sub_group(group); 2049 zgroup != NULL; 2050 zgroup = sa_get_next_group(zgroup)) { 2051 show_group(zgroup, verbose, properties, proto, 2052 "zfs"); 2053 } 2054 sa_free_attr_string(groupname); 2055 return; 2056 } 2057 /* 2058 * Have a group, so list the contents. Resource and 2059 * description are only listed if verbose is set. 2060 */ 2061 for (share = sa_get_share(group, NULL); 2062 share != NULL; 2063 share = sa_get_next_share(share)) { 2064 sharepath = sa_get_share_attr(share, "path"); 2065 if (sharepath != NULL) { 2066 show_share(share, verbose, properties, proto, 2067 iszfs, sharepath); 2068 sa_free_attr_string(sharepath); 2069 } 2070 } 2071 } 2072 if (groupname != NULL) { 2073 sa_free_attr_string(groupname); 2074 } 2075 } 2076 2077 /* 2078 * show_group_xml_init() 2079 * 2080 * Create an XML document that will be used to display config info via 2081 * XML format. 2082 */ 2083 2084 xmlDocPtr 2085 show_group_xml_init() 2086 { 2087 xmlDocPtr doc; 2088 xmlNodePtr root; 2089 2090 doc = xmlNewDoc((xmlChar *)"1.0"); 2091 if (doc != NULL) { 2092 root = xmlNewNode(NULL, (xmlChar *)"sharecfg"); 2093 if (root != NULL) 2094 xmlDocSetRootElement(doc, root); 2095 } 2096 return (doc); 2097 } 2098 2099 /* 2100 * show_group_xml(doc, group) 2101 * 2102 * Copy the group info into the XML doc. 2103 */ 2104 2105 static void 2106 show_group_xml(xmlDocPtr doc, sa_group_t group) 2107 { 2108 xmlNodePtr node; 2109 xmlNodePtr root; 2110 2111 root = xmlDocGetRootElement(doc); 2112 node = xmlCopyNode((xmlNodePtr)group, 1); 2113 if (node != NULL && root != NULL) { 2114 xmlAddChild(root, node); 2115 /* 2116 * In the future, we may have interally used tags that 2117 * should not appear in the XML output. Remove 2118 * anything we don't want to show here. 2119 */ 2120 } 2121 } 2122 2123 /* 2124 * sa_show(flags, argc, argv) 2125 * 2126 * Implements the show subcommand. 2127 */ 2128 2129 int 2130 sa_show(sa_handle_t handle, int flags, int argc, char *argv[]) 2131 { 2132 sa_group_t group; 2133 int verbose = 0; 2134 int properties = 0; 2135 int c; 2136 int ret = SA_OK; 2137 char *protocol = NULL; 2138 int xml = 0; 2139 xmlDocPtr doc; 2140 #ifdef lint 2141 flags = flags; 2142 #endif 2143 2144 while ((c = getopt(argc, argv, "?hvP:px")) != EOF) { 2145 switch (c) { 2146 case 'v': 2147 verbose++; 2148 break; 2149 case 'p': 2150 properties++; 2151 break; 2152 case 'P': 2153 if (protocol != NULL) { 2154 (void) printf(gettext( 2155 "Specifying multiple protocols " 2156 "not supported: %s\n"), 2157 protocol); 2158 return (SA_SYNTAX_ERR); 2159 } 2160 protocol = optarg; 2161 if (!sa_valid_protocol(protocol)) { 2162 (void) printf(gettext( 2163 "Invalid protocol specified: %s\n"), 2164 protocol); 2165 return (SA_INVALID_PROTOCOL); 2166 } 2167 break; 2168 case 'x': 2169 xml++; 2170 break; 2171 default: 2172 case 'h': 2173 case '?': 2174 (void) printf(gettext("usage: %s\n"), 2175 sa_get_usage(USAGE_SHOW)); 2176 return (0); 2177 } 2178 } 2179 2180 if (xml) { 2181 doc = show_group_xml_init(); 2182 if (doc == NULL) 2183 ret = SA_NO_MEMORY; 2184 } 2185 2186 if (optind == argc) { 2187 /* No group specified so go through them all */ 2188 for (group = sa_get_group(handle, NULL); 2189 group != NULL; 2190 group = sa_get_next_group(group)) { 2191 /* 2192 * Have a group so check if one we want and then list 2193 * contents with appropriate options. 2194 */ 2195 if (xml) 2196 show_group_xml(doc, group); 2197 else 2198 show_group(group, verbose, properties, protocol, 2199 NULL); 2200 } 2201 } else { 2202 /* Have a specified list of groups */ 2203 for (; optind < argc; optind++) { 2204 group = sa_get_group(handle, argv[optind]); 2205 if (group != NULL) { 2206 if (xml) 2207 show_group_xml(doc, group); 2208 else 2209 show_group(group, verbose, properties, 2210 protocol, NULL); 2211 } else { 2212 (void) printf(gettext("%s: not found\n"), 2213 argv[optind]); 2214 ret = SA_NO_SUCH_GROUP; 2215 } 2216 } 2217 } 2218 if (xml && ret == SA_OK) { 2219 xmlDocFormatDump(stdout, doc, 1); 2220 xmlFreeDoc(doc); 2221 } 2222 return (ret); 2223 2224 } 2225 2226 /* 2227 * enable_share(group, share, update_legacy) 2228 * 2229 * helper function to enable a share if the group is enabled. 2230 */ 2231 2232 static int 2233 enable_share(sa_handle_t handle, sa_group_t group, sa_share_t share, 2234 int update_legacy) 2235 { 2236 char *value; 2237 int enabled; 2238 sa_optionset_t optionset; 2239 int err; 2240 int ret = SA_OK; 2241 char *zfs = NULL; 2242 int iszfs = 0; 2243 int isshare; 2244 2245 /* 2246 * need to enable this share if the group is enabled but not 2247 * otherwise. The enable is also done on each protocol 2248 * represented in the group. 2249 */ 2250 value = sa_get_group_attr(group, "state"); 2251 enabled = value != NULL && strcmp(value, "enabled") == 0; 2252 if (value != NULL) 2253 sa_free_attr_string(value); 2254 /* remove legacy config if necessary */ 2255 if (update_legacy) 2256 ret = sa_delete_legacy(share, NULL); 2257 zfs = sa_get_group_attr(group, "zfs"); 2258 if (zfs != NULL) { 2259 iszfs++; 2260 sa_free_attr_string(zfs); 2261 } 2262 2263 /* 2264 * Step through each optionset at the group level and 2265 * enable the share based on the protocol type. This 2266 * works because protocols must be set on the group 2267 * for the protocol to be enabled. 2268 */ 2269 isshare = sa_is_share(share); 2270 for (optionset = sa_get_optionset(group, NULL); 2271 optionset != NULL && ret == SA_OK; 2272 optionset = sa_get_next_optionset(optionset)) { 2273 value = sa_get_optionset_attr(optionset, "type"); 2274 if (value != NULL) { 2275 if (enabled) { 2276 if (isshare) { 2277 err = sa_enable_share(share, value); 2278 } else { 2279 err = sa_enable_resource(share, value); 2280 if (err == SA_NOT_SUPPORTED) { 2281 sa_share_t parent; 2282 parent = sa_get_resource_parent( 2283 share); 2284 if (parent != NULL) 2285 err = sa_enable_share( 2286 parent, value); 2287 } 2288 } 2289 if (err != SA_OK) { 2290 ret = err; 2291 (void) printf(gettext( 2292 "Failed to enable share for " 2293 "\"%s\": %s\n"), 2294 value, sa_errorstr(ret)); 2295 } 2296 } 2297 /* 2298 * If we want to update the legacy, use a copy of 2299 * share so we can avoid breaking the loop we are in 2300 * since we might also need to go up the tree to the 2301 * parent. 2302 */ 2303 if (update_legacy && !iszfs) { 2304 sa_share_t update = share; 2305 if (!sa_is_share(share)) { 2306 update = sa_get_resource_parent(share); 2307 } 2308 (void) sa_update_legacy(update, value); 2309 } 2310 sa_free_attr_string(value); 2311 } 2312 } 2313 if (ret == SA_OK) 2314 (void) sa_update_config(handle); 2315 return (ret); 2316 } 2317 2318 /* 2319 * sa_require_resource(group) 2320 * 2321 * if any of the defined protocols on the group require resource 2322 * names, then all shares must have them. 2323 */ 2324 2325 static int 2326 sa_require_resource(sa_group_t group) 2327 { 2328 sa_optionset_t optionset; 2329 2330 for (optionset = sa_get_optionset(group, NULL); 2331 optionset != NULL; 2332 optionset = sa_get_next_optionset(optionset)) { 2333 char *proto; 2334 2335 proto = sa_get_optionset_attr(optionset, "type"); 2336 if (proto != NULL) { 2337 uint64_t features; 2338 2339 features = sa_proto_get_featureset(proto); 2340 if (features & SA_FEATURE_RESOURCE) { 2341 sa_free_attr_string(proto); 2342 return (B_TRUE); 2343 } 2344 sa_free_attr_string(proto); 2345 } 2346 } 2347 return (B_FALSE); 2348 } 2349 2350 /* 2351 * sa_addshare(flags, argc, argv) 2352 * 2353 * implements add-share subcommand. 2354 */ 2355 2356 static int 2357 sa_addshare(sa_handle_t handle, int flags, int argc, char *argv[]) 2358 { 2359 int verbose = 0; 2360 int dryrun = 0; 2361 int c; 2362 int ret = SA_OK; 2363 sa_group_t group; 2364 sa_share_t share; 2365 sa_resource_t resource = NULL; 2366 char *sharepath = NULL; 2367 char *description = NULL; 2368 char *rsrcname = NULL; 2369 char *rsrc = NULL; 2370 int persist = SA_SHARE_PERMANENT; /* default to persist */ 2371 int auth; 2372 char dir[MAXPATHLEN]; 2373 2374 while ((c = getopt(argc, argv, "?hvns:d:r:t")) != EOF) { 2375 switch (c) { 2376 case 'n': 2377 dryrun++; 2378 break; 2379 case 'v': 2380 verbose++; 2381 break; 2382 case 'd': 2383 description = optarg; 2384 break; 2385 case 'r': 2386 if (rsrcname != NULL) { 2387 (void) printf(gettext("Adding multiple " 2388 "resource names not" 2389 " supported\n")); 2390 return (SA_SYNTAX_ERR); 2391 } 2392 rsrcname = optarg; 2393 break; 2394 case 's': 2395 /* 2396 * Save share path into group. Currently limit 2397 * to one share per command. 2398 */ 2399 if (sharepath != NULL) { 2400 (void) printf(gettext( 2401 "Adding multiple shares not supported\n")); 2402 return (SA_SYNTAX_ERR); 2403 } 2404 sharepath = optarg; 2405 break; 2406 case 't': 2407 persist = SA_SHARE_TRANSIENT; 2408 break; 2409 default: 2410 case 'h': 2411 case '?': 2412 (void) printf(gettext("usage: %s\n"), 2413 sa_get_usage(USAGE_ADD_SHARE)); 2414 return (0); 2415 } 2416 } 2417 2418 if (optind >= argc) { 2419 (void) printf(gettext("usage: %s\n"), 2420 sa_get_usage(USAGE_ADD_SHARE)); 2421 if (dryrun || sharepath != NULL || description != NULL || 2422 rsrcname != NULL || verbose || persist) { 2423 (void) printf(gettext("\tgroup must be specified\n")); 2424 ret = SA_NO_SUCH_GROUP; 2425 } else { 2426 ret = SA_OK; 2427 } 2428 } else { 2429 if (sharepath == NULL) { 2430 (void) printf(gettext("usage: %s\n"), 2431 sa_get_usage(USAGE_ADD_SHARE)); 2432 (void) printf(gettext( 2433 "\t-s sharepath must be specified\n")); 2434 ret = SA_BAD_PATH; 2435 } 2436 if (ret == SA_OK) { 2437 if (realpath(sharepath, dir) == NULL) { 2438 ret = SA_BAD_PATH; 2439 (void) printf(gettext("Path " 2440 "is not valid: %s\n"), 2441 sharepath); 2442 } else { 2443 sharepath = dir; 2444 } 2445 } 2446 if (ret == SA_OK && rsrcname != NULL) { 2447 /* check for valid syntax */ 2448 if (validresource(rsrcname)) { 2449 rsrc = conv_to_utf8(rsrcname); 2450 resource = sa_find_resource(handle, rsrc); 2451 if (resource != NULL) { 2452 /* 2453 * Resource names must be 2454 * unique in the system 2455 */ 2456 ret = SA_DUPLICATE_NAME; 2457 (void) printf(gettext("usage: %s\n"), 2458 sa_get_usage(USAGE_ADD_SHARE)); 2459 (void) printf(gettext( 2460 "\tresource names must be unique " 2461 "in the system\n")); 2462 } 2463 } else { 2464 (void) printf(gettext("usage: %s\n"), 2465 sa_get_usage(USAGE_ADD_SHARE)); 2466 (void) printf(gettext( 2467 "\tresource names use restricted " 2468 "character set\n")); 2469 ret = SA_INVALID_NAME; 2470 } 2471 } 2472 2473 if (ret != SA_OK) { 2474 if (rsrc != NULL && rsrcname != rsrc) 2475 sa_free_attr_string(rsrc); 2476 return (ret); 2477 } 2478 2479 share = sa_find_share(handle, sharepath); 2480 if (share != NULL) { 2481 if (rsrcname == NULL) { 2482 /* 2483 * Can only have a duplicate share if a new 2484 * resource name is being added. 2485 */ 2486 ret = SA_DUPLICATE_NAME; 2487 (void) printf(gettext("Share path already " 2488 "shared: %s\n"), sharepath); 2489 } 2490 } 2491 if (ret != SA_OK) 2492 return (ret); 2493 2494 group = sa_get_group(handle, argv[optind]); 2495 if (group != NULL) { 2496 if (sa_require_resource(group) == B_TRUE && 2497 rsrcname == NULL) { 2498 (void) printf(gettext( 2499 "Resource name is required " 2500 "by at least one enabled protocol " 2501 "in group\n")); 2502 return (SA_RESOURCE_REQUIRED); 2503 } 2504 if (share == NULL && ret == SA_OK) { 2505 if (dryrun) 2506 ret = sa_check_path(group, sharepath, 2507 SA_CHECK_NORMAL); 2508 else 2509 share = sa_add_share(group, sharepath, 2510 persist, &ret); 2511 } 2512 /* 2513 * Make sure this isn't an attempt to put a resourced 2514 * share into a different group than it already is in. 2515 */ 2516 if (share != NULL) { 2517 sa_group_t parent; 2518 parent = sa_get_parent_group(share); 2519 if (parent != group) { 2520 ret = SA_DUPLICATE_NAME; 2521 (void) printf(gettext( 2522 "Share path already " 2523 "shared: %s\n"), sharepath); 2524 } 2525 } 2526 if (!dryrun && share == NULL) { 2527 (void) printf(gettext( 2528 "Could not add share: %s\n"), 2529 sa_errorstr(ret)); 2530 } else { 2531 auth = check_authorizations(argv[optind], 2532 flags); 2533 if (!dryrun && ret == SA_OK) { 2534 if (rsrcname != NULL) { 2535 resource = sa_add_resource( 2536 share, 2537 rsrc, 2538 SA_SHARE_PERMANENT, 2539 &ret); 2540 } 2541 if (ret == SA_OK && 2542 description != NULL) { 2543 if (resource != NULL) 2544 ret = 2545 set_resource_desc( 2546 resource, 2547 description); 2548 else 2549 ret = 2550 set_share_desc( 2551 share, 2552 description); 2553 } 2554 if (ret == SA_OK) { 2555 /* now enable the share(s) */ 2556 if (resource != NULL) { 2557 ret = enable_share( 2558 handle, 2559 group, 2560 resource, 2561 1); 2562 } else { 2563 ret = enable_share( 2564 handle, 2565 group, 2566 share, 2567 1); 2568 } 2569 ret = sa_update_config(handle); 2570 } 2571 switch (ret) { 2572 case SA_DUPLICATE_NAME: 2573 (void) printf(gettext( 2574 "Resource name in" 2575 "use: %s\n"), 2576 rsrcname); 2577 break; 2578 default: 2579 (void) printf(gettext( 2580 "Could not set " 2581 "attribute: %s\n"), 2582 sa_errorstr(ret)); 2583 break; 2584 case SA_OK: 2585 break; 2586 } 2587 } else if (dryrun && ret == SA_OK && 2588 !auth && verbose) { 2589 (void) printf(gettext( 2590 "Command would fail: %s\n"), 2591 sa_errorstr(SA_NO_PERMISSION)); 2592 ret = SA_NO_PERMISSION; 2593 } 2594 } 2595 } else { 2596 switch (ret) { 2597 default: 2598 (void) printf(gettext( 2599 "Group \"%s\" not found\n"), argv[optind]); 2600 ret = SA_NO_SUCH_GROUP; 2601 break; 2602 case SA_BAD_PATH: 2603 case SA_DUPLICATE_NAME: 2604 break; 2605 } 2606 } 2607 } 2608 return (ret); 2609 } 2610 2611 /* 2612 * sa_moveshare(flags, argc, argv) 2613 * 2614 * implements move-share subcommand. 2615 */ 2616 2617 int 2618 sa_moveshare(sa_handle_t handle, int flags, int argc, char *argv[]) 2619 { 2620 int verbose = 0; 2621 int dryrun = 0; 2622 int c; 2623 int ret = SA_OK; 2624 sa_group_t group; 2625 sa_share_t share; 2626 char *rsrcname = NULL; 2627 char *sharepath = NULL; 2628 int authsrc = 0, authdst = 0; 2629 char dir[MAXPATHLEN]; 2630 2631 while ((c = getopt(argc, argv, "?hvnr:s:")) != EOF) { 2632 switch (c) { 2633 case 'n': 2634 dryrun++; 2635 break; 2636 case 'v': 2637 verbose++; 2638 break; 2639 case 'r': 2640 if (rsrcname != NULL) { 2641 (void) printf(gettext( 2642 "Moving multiple resource names not" 2643 " supported\n")); 2644 return (SA_SYNTAX_ERR); 2645 } 2646 rsrcname = optarg; 2647 break; 2648 case 's': 2649 /* 2650 * Remove share path from group. Currently limit 2651 * to one share per command. 2652 */ 2653 if (sharepath != NULL) { 2654 (void) printf(gettext("Moving multiple shares" 2655 " not supported\n")); 2656 return (SA_SYNTAX_ERR); 2657 } 2658 sharepath = optarg; 2659 break; 2660 default: 2661 case 'h': 2662 case '?': 2663 (void) printf(gettext("usage: %s\n"), 2664 sa_get_usage(USAGE_MOVE_SHARE)); 2665 return (0); 2666 } 2667 } 2668 2669 if (optind >= argc || sharepath == NULL) { 2670 (void) printf(gettext("usage: %s\n"), 2671 sa_get_usage(USAGE_MOVE_SHARE)); 2672 if (dryrun || verbose || sharepath != NULL) { 2673 (void) printf(gettext("\tgroup must be specified\n")); 2674 ret = SA_NO_SUCH_GROUP; 2675 } else { 2676 if (sharepath == NULL) { 2677 ret = SA_SYNTAX_ERR; 2678 (void) printf(gettext( 2679 "\tsharepath must be specified\n")); 2680 } else { 2681 ret = SA_OK; 2682 } 2683 } 2684 } else { 2685 sa_group_t parent; 2686 char *zfsold; 2687 char *zfsnew; 2688 2689 if (sharepath == NULL) { 2690 (void) printf(gettext( 2691 "sharepath must be specified with the -s " 2692 "option\n")); 2693 return (SA_BAD_PATH); 2694 } 2695 group = sa_get_group(handle, argv[optind]); 2696 if (group == NULL) { 2697 (void) printf(gettext("Group \"%s\" not found\n"), 2698 argv[optind]); 2699 return (SA_NO_SUCH_GROUP); 2700 } 2701 share = sa_find_share(handle, sharepath); 2702 /* 2703 * If a share wasn't found, it may have been a symlink 2704 * or has a trailing '/'. Try again after resolving 2705 * with realpath(). 2706 */ 2707 if (share == NULL) { 2708 if (realpath(sharepath, dir) == NULL) { 2709 (void) printf(gettext("Path " 2710 "is not valid: %s\n"), 2711 sharepath); 2712 return (SA_BAD_PATH); 2713 } 2714 sharepath = dir; 2715 share = sa_find_share(handle, sharepath); 2716 } 2717 if (share == NULL) { 2718 (void) printf(gettext("Share not found: %s\n"), 2719 sharepath); 2720 return (SA_NO_SUCH_PATH); 2721 } 2722 authdst = check_authorizations(argv[optind], flags); 2723 2724 parent = sa_get_parent_group(share); 2725 if (parent != NULL) { 2726 char *pname; 2727 pname = sa_get_group_attr(parent, "name"); 2728 if (pname != NULL) { 2729 authsrc = check_authorizations(pname, flags); 2730 sa_free_attr_string(pname); 2731 } 2732 zfsold = sa_get_group_attr(parent, "zfs"); 2733 zfsnew = sa_get_group_attr(group, "zfs"); 2734 if ((zfsold != NULL && zfsnew == NULL) || 2735 (zfsold == NULL && zfsnew != NULL)) { 2736 ret = SA_NOT_ALLOWED; 2737 } 2738 if (zfsold != NULL) 2739 sa_free_attr_string(zfsold); 2740 if (zfsnew != NULL) 2741 sa_free_attr_string(zfsnew); 2742 } 2743 2744 if (ret == SA_OK && parent != group && !dryrun) { 2745 char *oldstate; 2746 /* 2747 * Note that the share may need to be 2748 * "unshared" if the new group is disabled and 2749 * the old was enabled or it may need to be 2750 * share to update if the new group is 2751 * enabled. We disable before the move and 2752 * will have to enable after the move in order 2753 * to cleanup entries for protocols that 2754 * aren't in the new group. 2755 */ 2756 oldstate = sa_get_group_attr(parent, "state"); 2757 2758 /* enable_share determines what to do */ 2759 if (strcmp(oldstate, "enabled") == 0) 2760 (void) sa_disable_share(share, NULL); 2761 2762 if (oldstate != NULL) 2763 sa_free_attr_string(oldstate); 2764 } 2765 2766 if (!dryrun && ret == SA_OK) 2767 ret = sa_move_share(group, share); 2768 2769 /* 2770 * Reenable and update any config information. 2771 */ 2772 if (ret == SA_OK && parent != group && !dryrun) { 2773 ret = sa_update_config(handle); 2774 2775 (void) enable_share(handle, group, share, 1); 2776 } 2777 2778 if (ret != SA_OK) 2779 (void) printf(gettext("Could not move share: %s\n"), 2780 sa_errorstr(ret)); 2781 2782 if (dryrun && ret == SA_OK && !(authsrc & authdst) && 2783 verbose) { 2784 (void) printf(gettext("Command would fail: %s\n"), 2785 sa_errorstr(SA_NO_PERMISSION)); 2786 } 2787 } 2788 return (ret); 2789 } 2790 2791 /* 2792 * sa_removeshare(flags, argc, argv) 2793 * 2794 * implements remove-share subcommand. 2795 */ 2796 2797 int 2798 sa_removeshare(sa_handle_t handle, int flags, int argc, char *argv[]) 2799 { 2800 int verbose = 0; 2801 int dryrun = 0; 2802 int force = 0; 2803 int c; 2804 int ret = SA_OK; 2805 sa_group_t group; 2806 sa_resource_t resource = NULL; 2807 sa_share_t share = NULL; 2808 char *rsrcname = NULL; 2809 char *sharepath = NULL; 2810 char dir[MAXPATHLEN]; 2811 int auth; 2812 2813 while ((c = getopt(argc, argv, "?hfnr:s:v")) != EOF) { 2814 switch (c) { 2815 case 'n': 2816 dryrun++; 2817 break; 2818 case 'v': 2819 verbose++; 2820 break; 2821 case 'f': 2822 force++; 2823 break; 2824 case 's': 2825 /* 2826 * Remove share path from group. Currently limit 2827 * to one share per command. 2828 */ 2829 if (sharepath != NULL) { 2830 (void) printf(gettext( 2831 "Removing multiple shares not " 2832 "supported\n")); 2833 return (SA_SYNTAX_ERR); 2834 } 2835 sharepath = optarg; 2836 break; 2837 case 'r': 2838 /* 2839 * Remove share from group if last resource or remove 2840 * resource from share if multiple resources. 2841 */ 2842 if (rsrcname != NULL) { 2843 (void) printf(gettext( 2844 "Removing multiple resource names not " 2845 "supported\n")); 2846 return (SA_SYNTAX_ERR); 2847 } 2848 rsrcname = optarg; 2849 break; 2850 default: 2851 case 'h': 2852 case '?': 2853 (void) printf(gettext("usage: %s\n"), 2854 sa_get_usage(USAGE_REMOVE_SHARE)); 2855 return (0); 2856 } 2857 } 2858 2859 if (optind >= argc || (rsrcname == NULL && sharepath == NULL)) { 2860 if (sharepath == NULL && rsrcname == NULL) { 2861 (void) printf(gettext("usage: %s\n"), 2862 sa_get_usage(USAGE_REMOVE_SHARE)); 2863 (void) printf(gettext("\t-s sharepath or -r resource" 2864 " must be specified\n")); 2865 ret = SA_BAD_PATH; 2866 } else { 2867 ret = SA_OK; 2868 } 2869 } 2870 if (ret != SA_OK) { 2871 return (ret); 2872 } 2873 2874 if (optind < argc) { 2875 if ((optind + 1) < argc) { 2876 (void) printf(gettext("Extraneous group(s) at end of " 2877 "command\n")); 2878 ret = SA_SYNTAX_ERR; 2879 } else { 2880 group = sa_get_group(handle, argv[optind]); 2881 if (group == NULL) { 2882 (void) printf(gettext( 2883 "Group \"%s\" not found\n"), argv[optind]); 2884 ret = SA_NO_SUCH_GROUP; 2885 } 2886 } 2887 } else { 2888 group = NULL; 2889 } 2890 2891 if (rsrcname != NULL) { 2892 resource = sa_find_resource(handle, rsrcname); 2893 if (resource == NULL) { 2894 ret = SA_NO_SUCH_RESOURCE; 2895 (void) printf(gettext( 2896 "Resource name not found for share: %s\n"), 2897 rsrcname); 2898 } 2899 } 2900 2901 /* 2902 * Lookup the path in the internal configuration. Care 2903 * must be taken to handle the case where the 2904 * underlying path has been removed since we need to 2905 * be able to deal with that as well. 2906 */ 2907 if (ret == SA_OK) { 2908 if (sharepath != NULL) { 2909 if (group != NULL) 2910 share = sa_get_share(group, sharepath); 2911 else 2912 share = sa_find_share(handle, sharepath); 2913 } 2914 2915 if (resource != NULL) { 2916 sa_share_t rsrcshare; 2917 rsrcshare = sa_get_resource_parent(resource); 2918 if (share == NULL) 2919 share = rsrcshare; 2920 else if (share != rsrcshare) { 2921 ret = SA_NO_SUCH_RESOURCE; 2922 (void) printf(gettext( 2923 "Bad resource name for share: %s\n"), 2924 rsrcname); 2925 share = NULL; 2926 } 2927 } 2928 2929 /* 2930 * If we didn't find the share with the provided path, 2931 * it may be a symlink so attempt to resolve it using 2932 * realpath and try again. Realpath will resolve any 2933 * symlinks and place them in "dir". Note that 2934 * sharepath is only used for the lookup the first 2935 * time and later for error messages. dir will be used 2936 * on the second attempt. Once a share is found, all 2937 * operations are based off of the share variable. 2938 */ 2939 if (share == NULL) { 2940 if (realpath(sharepath, dir) == NULL) { 2941 ret = SA_BAD_PATH; 2942 (void) printf(gettext( 2943 "Path is not valid: %s\n"), sharepath); 2944 } else { 2945 if (group != NULL) 2946 share = sa_get_share(group, dir); 2947 else 2948 share = sa_find_share(handle, dir); 2949 } 2950 } 2951 } 2952 2953 /* 2954 * If there hasn't been an error, there was likely a 2955 * path found. If not, give the appropriate error 2956 * message and set the return error. If it was found, 2957 * then disable the share and then remove it from the 2958 * configuration. 2959 */ 2960 if (ret != SA_OK) { 2961 return (ret); 2962 } 2963 if (share == NULL) { 2964 if (group != NULL) 2965 (void) printf(gettext("Share not found in group %s:" 2966 " %s\n"), argv[optind], sharepath); 2967 else 2968 (void) printf(gettext("Share not found: %s\n"), 2969 sharepath); 2970 ret = SA_NO_SUCH_PATH; 2971 } else { 2972 if (group == NULL) 2973 group = sa_get_parent_group(share); 2974 if (!dryrun) { 2975 if (ret == SA_OK) { 2976 if (resource != NULL) 2977 ret = sa_disable_resource(resource, 2978 NULL); 2979 else 2980 ret = sa_disable_share(share, NULL); 2981 /* 2982 * We don't care if it fails since it 2983 * could be disabled already. Some 2984 * unexpected errors could occur that 2985 * prevent removal, so also check for 2986 * force being set. 2987 */ 2988 if ((ret == SA_OK || ret == SA_NO_SUCH_PATH || 2989 ret == SA_NOT_SUPPORTED || 2990 ret == SA_SYSTEM_ERR || force) && 2991 resource == NULL) 2992 ret = sa_remove_share(share); 2993 2994 if ((ret == SA_OK || ret == SA_NO_SUCH_PATH || 2995 ret == SA_NOT_SUPPORTED || 2996 ret == SA_SYSTEM_ERR || force) && 2997 resource != NULL) { 2998 ret = sa_remove_resource(resource); 2999 if (ret == SA_OK) { 3000 /* 3001 * If this was the 3002 * last one, remove 3003 * the share as well. 3004 */ 3005 resource = 3006 sa_get_share_resource( 3007 share, NULL); 3008 if (resource == NULL) 3009 ret = sa_remove_share( 3010 share); 3011 } 3012 } 3013 if (ret == SA_OK) 3014 ret = sa_update_config(handle); 3015 } 3016 if (ret != SA_OK) 3017 (void) printf(gettext("Could not remove share:" 3018 " %s\n"), sa_errorstr(ret)); 3019 } else if (ret == SA_OK) { 3020 char *pname; 3021 pname = sa_get_group_attr(group, "name"); 3022 if (pname != NULL) { 3023 auth = check_authorizations(pname, flags); 3024 sa_free_attr_string(pname); 3025 } 3026 if (!auth && verbose) { 3027 (void) printf(gettext( 3028 "Command would fail: %s\n"), 3029 sa_errorstr(SA_NO_PERMISSION)); 3030 } 3031 } 3032 } 3033 return (ret); 3034 } 3035 3036 /* 3037 * sa_set_share(flags, argc, argv) 3038 * 3039 * implements set-share subcommand. 3040 */ 3041 3042 int 3043 sa_set_share(sa_handle_t handle, int flags, int argc, char *argv[]) 3044 { 3045 int dryrun = 0; 3046 int c; 3047 int ret = SA_OK; 3048 sa_group_t group, sharegroup; 3049 sa_share_t share = NULL; 3050 sa_resource_t resource = NULL; 3051 char *sharepath = NULL; 3052 char *description = NULL; 3053 char *rsrcname = NULL; 3054 char *rsrc = NULL; 3055 char *newname = NULL; 3056 char *newrsrc; 3057 char *groupname = NULL; 3058 int auth; 3059 int verbose = 0; 3060 3061 while ((c = getopt(argc, argv, "?hnd:r:s:")) != EOF) { 3062 switch (c) { 3063 case 'n': 3064 dryrun++; 3065 break; 3066 case 'd': 3067 description = optarg; 3068 break; 3069 case 'v': 3070 verbose++; 3071 break; 3072 case 'r': 3073 /* 3074 * Update share by resource name 3075 */ 3076 if (rsrcname != NULL) { 3077 (void) printf(gettext( 3078 "Updating multiple resource names not " 3079 "supported\n")); 3080 return (SA_SYNTAX_ERR); 3081 } 3082 rsrcname = optarg; 3083 break; 3084 case 's': 3085 /* 3086 * Save share path into group. Currently limit 3087 * to one share per command. 3088 */ 3089 if (sharepath != NULL) { 3090 (void) printf(gettext( 3091 "Updating multiple shares not " 3092 "supported\n")); 3093 return (SA_SYNTAX_ERR); 3094 } 3095 sharepath = optarg; 3096 break; 3097 default: 3098 case 'h': 3099 case '?': 3100 (void) printf(gettext("usage: %s\n"), 3101 sa_get_usage(USAGE_SET_SHARE)); 3102 return (SA_OK); 3103 } 3104 } 3105 3106 if (optind >= argc && sharepath == NULL && rsrcname == NULL) { 3107 if (sharepath == NULL) { 3108 (void) printf(gettext("usage: %s\n"), 3109 sa_get_usage(USAGE_SET_SHARE)); 3110 (void) printf(gettext("\tgroup must be specified\n")); 3111 ret = SA_BAD_PATH; 3112 } else { 3113 ret = SA_OK; 3114 } 3115 } 3116 if ((optind + 1) < argc) { 3117 (void) printf(gettext("usage: %s\n"), 3118 sa_get_usage(USAGE_SET_SHARE)); 3119 (void) printf(gettext("\tExtraneous group(s) at end\n")); 3120 ret = SA_SYNTAX_ERR; 3121 } 3122 3123 /* 3124 * Must have at least one of sharepath and rsrcrname. 3125 * It is a syntax error to be missing both. 3126 */ 3127 if (sharepath == NULL && rsrcname == NULL) { 3128 (void) printf(gettext("usage: %s\n"), 3129 sa_get_usage(USAGE_SET_SHARE)); 3130 ret = SA_SYNTAX_ERR; 3131 } 3132 3133 if (ret != SA_OK) 3134 return (ret); 3135 3136 if (optind < argc) { 3137 groupname = argv[optind]; 3138 group = sa_get_group(handle, groupname); 3139 } else { 3140 group = NULL; 3141 groupname = NULL; 3142 } 3143 if (rsrcname != NULL) { 3144 /* 3145 * If rsrcname exists, split rename syntax and then 3146 * convert to utf 8 if no errors. 3147 */ 3148 newname = strchr(rsrcname, '='); 3149 if (newname != NULL) { 3150 *newname++ = '\0'; 3151 } 3152 if (!validresource(rsrcname)) { 3153 ret = SA_INVALID_NAME; 3154 (void) printf(gettext("Invalid resource name: " 3155 "\"%s\"\n"), rsrcname); 3156 } else { 3157 rsrc = conv_to_utf8(rsrcname); 3158 } 3159 if (newname != NULL) { 3160 if (!validresource(newname)) { 3161 ret = SA_INVALID_NAME; 3162 (void) printf(gettext("Invalid resource name: " 3163 "%s\n"), newname); 3164 } else { 3165 newrsrc = conv_to_utf8(newname); 3166 } 3167 } 3168 } 3169 3170 if (ret != SA_OK) { 3171 if (rsrcname != NULL && rsrcname != rsrc) 3172 sa_free_attr_string(rsrc); 3173 if (newname != NULL && newname != newrsrc) 3174 sa_free_attr_string(newrsrc); 3175 return (ret); 3176 } 3177 3178 if (sharepath != NULL) { 3179 share = sa_find_share(handle, sharepath); 3180 } else if (rsrcname != NULL) { 3181 resource = sa_find_resource(handle, rsrc); 3182 if (resource != NULL) 3183 share = sa_get_resource_parent(resource); 3184 else 3185 ret = SA_NO_SUCH_RESOURCE; 3186 } 3187 if (share != NULL) { 3188 sharegroup = sa_get_parent_group(share); 3189 if (group != NULL && group != sharegroup) { 3190 (void) printf(gettext("Group \"%s\" does not contain " 3191 "share %s\n"), 3192 argv[optind], sharepath); 3193 ret = SA_BAD_PATH; 3194 } else { 3195 int delgroupname = 0; 3196 if (groupname == NULL) { 3197 groupname = sa_get_group_attr(sharegroup, 3198 "name"); 3199 delgroupname = 1; 3200 } 3201 if (groupname != NULL) { 3202 auth = check_authorizations(groupname, flags); 3203 if (delgroupname) { 3204 sa_free_attr_string(groupname); 3205 groupname = NULL; 3206 } 3207 } else { 3208 ret = SA_NO_MEMORY; 3209 } 3210 if (rsrcname != NULL) { 3211 resource = sa_find_resource(handle, rsrc); 3212 if (!dryrun) { 3213 if (newname != NULL && 3214 resource != NULL) 3215 ret = sa_rename_resource( 3216 resource, newrsrc); 3217 else if (newname != NULL) 3218 ret = SA_NO_SUCH_RESOURCE; 3219 if (newname != NULL && 3220 newname != newrsrc) 3221 sa_free_attr_string(newrsrc); 3222 } 3223 if (rsrc != rsrcname) 3224 sa_free_attr_string(rsrc); 3225 } 3226 3227 /* 3228 * If the user has set a description, it will be 3229 * on the resource if -r was used otherwise it 3230 * must be on the share. 3231 */ 3232 if (!dryrun && ret == SA_OK && description != NULL) { 3233 char *desc; 3234 desc = conv_to_utf8(description); 3235 if (resource != NULL) 3236 ret = sa_set_resource_description( 3237 resource, desc); 3238 else 3239 ret = sa_set_share_description(share, 3240 desc); 3241 if (desc != description) 3242 sa_free_share_description(desc); 3243 } 3244 } 3245 if (!dryrun && ret == SA_OK) { 3246 if (resource != NULL) 3247 (void) sa_enable_resource(resource, NULL); 3248 ret = sa_update_config(handle); 3249 } 3250 switch (ret) { 3251 case SA_DUPLICATE_NAME: 3252 (void) printf(gettext("Resource name in use: %s\n"), 3253 rsrcname); 3254 break; 3255 default: 3256 (void) printf(gettext("Could not set: %s\n"), 3257 sa_errorstr(ret)); 3258 break; 3259 case SA_OK: 3260 if (dryrun && !auth && verbose) { 3261 (void) printf(gettext( 3262 "Command would fail: %s\n"), 3263 sa_errorstr(SA_NO_PERMISSION)); 3264 } 3265 break; 3266 } 3267 } else { 3268 switch (ret) { 3269 case SA_NO_SUCH_RESOURCE: 3270 (void) printf(gettext("Resource \"%s\" not found\n"), 3271 rsrcname); 3272 break; 3273 default: 3274 if (sharepath != NULL) { 3275 (void) printf( 3276 gettext("Share path \"%s\" not found\n"), 3277 sharepath); 3278 ret = SA_NO_SUCH_PATH; 3279 } else { 3280 (void) printf(gettext("Set failed: %s\n"), 3281 sa_errorstr(ret)); 3282 } 3283 } 3284 } 3285 3286 return (ret); 3287 } 3288 3289 /* 3290 * add_security(group, sectype, optlist, proto, *err) 3291 * 3292 * Helper function to add a security option (named optionset) to the 3293 * group. 3294 */ 3295 3296 static int 3297 add_security(sa_group_t group, char *sectype, 3298 struct options *optlist, char *proto, int *err) 3299 { 3300 sa_security_t security; 3301 int ret = SA_OK; 3302 int result = 0; 3303 3304 sectype = sa_proto_space_alias(proto, sectype); 3305 security = sa_get_security(group, sectype, proto); 3306 if (security == NULL) 3307 security = sa_create_security(group, sectype, proto); 3308 3309 if (sectype != NULL) 3310 sa_free_attr_string(sectype); 3311 3312 if (security == NULL) 3313 return (ret); 3314 3315 while (optlist != NULL) { 3316 sa_property_t prop; 3317 prop = sa_get_property(security, optlist->optname); 3318 if (prop == NULL) { 3319 /* 3320 * Add the property, but only if it is 3321 * a non-NULL or non-zero length value 3322 */ 3323 if (optlist->optvalue != NULL) { 3324 prop = sa_create_property(optlist->optname, 3325 optlist->optvalue); 3326 if (prop != NULL) { 3327 ret = sa_valid_property(security, 3328 proto, prop); 3329 if (ret != SA_OK) { 3330 (void) sa_remove_property(prop); 3331 (void) printf(gettext( 3332 "Could not add " 3333 "property %s: %s\n"), 3334 optlist->optname, 3335 sa_errorstr(ret)); 3336 } 3337 if (ret == SA_OK) { 3338 ret = sa_add_property(security, 3339 prop); 3340 if (ret != SA_OK) { 3341 (void) printf(gettext( 3342 "Could not add " 3343 "property (%s=%s):" 3344 " %s\n"), 3345 optlist->optname, 3346 optlist->optvalue, 3347 sa_errorstr(ret)); 3348 } else { 3349 result = 1; 3350 } 3351 } 3352 } 3353 } 3354 } else { 3355 ret = sa_update_property(prop, optlist->optvalue); 3356 result = 1; /* should check if really changed */ 3357 } 3358 optlist = optlist->next; 3359 } 3360 /* 3361 * When done, properties may have all been removed but 3362 * we need to keep the security type itself until 3363 * explicitly removed. 3364 */ 3365 if (result) 3366 ret = sa_commit_properties(security, 0); 3367 *err = ret; 3368 return (result); 3369 } 3370 3371 /* 3372 * zfscheck(group, share) 3373 * 3374 * For the special case where a share was provided, make sure it is a 3375 * compatible path for a ZFS property change. The only path 3376 * acceptable is the path that defines the zfs sub-group (dataset with 3377 * the sharenfs property set) and not one of the paths that inherited 3378 * the NFS properties. Returns SA_OK if it is usable and 3379 * SA_NOT_ALLOWED if it isn't. 3380 * 3381 * If group is not a ZFS group/subgroup, we assume OK since the check 3382 * on return will catch errors for those cases. What we are looking 3383 * for here is that the group is ZFS and the share is not the defining 3384 * share. All else is SA_OK. 3385 */ 3386 3387 static int 3388 zfscheck(sa_group_t group, sa_share_t share) 3389 { 3390 int ret = SA_OK; 3391 char *attr; 3392 3393 if (sa_group_is_zfs(group)) { 3394 /* 3395 * The group is a ZFS group. Does the share represent 3396 * the dataset that defined the group? It is only OK 3397 * if the attribute "subgroup" exists on the share and 3398 * has a value of "true". 3399 */ 3400 3401 ret = SA_NOT_ALLOWED; 3402 attr = sa_get_share_attr(share, "subgroup"); 3403 if (attr != NULL) { 3404 if (strcmp(attr, "true") == 0) 3405 ret = SA_OK; 3406 sa_free_attr_string(attr); 3407 } 3408 } 3409 return (ret); 3410 } 3411 3412 /* 3413 * basic_set(groupname, optlist, protocol, sharepath, rsrcname, dryrun) 3414 * 3415 * This function implements "set" when a name space (-S) is not 3416 * specified. It is a basic set. Options and other CLI parsing has 3417 * already been done. 3418 * 3419 * "rsrcname" is a "resource name". If it is non-NULL, it must match 3420 * the sharepath if present or group if present, otherwise it is used 3421 * to set options. 3422 * 3423 * Resource names may take options if the protocol supports it. If the 3424 * protocol doesn't support resource level options, rsrcname is just 3425 * an alias for the share. 3426 */ 3427 3428 static int 3429 basic_set(sa_handle_t handle, char *groupname, struct options *optlist, 3430 char *protocol, char *sharepath, char *rsrcname, int dryrun) 3431 { 3432 sa_group_t group; 3433 int ret = SA_OK; 3434 int change = 0; 3435 struct list *worklist = NULL; 3436 3437 group = sa_get_group(handle, groupname); 3438 if (group != NULL) { 3439 sa_share_t share = NULL; 3440 sa_resource_t resource = NULL; 3441 3442 /* 3443 * If there is a sharepath, make sure it belongs to 3444 * the group. 3445 */ 3446 if (sharepath != NULL) { 3447 share = sa_get_share(group, sharepath); 3448 if (share == NULL) { 3449 (void) printf(gettext( 3450 "Share does not exist in group %s\n"), 3451 groupname, sharepath); 3452 ret = SA_NO_SUCH_PATH; 3453 } else { 3454 /* if ZFS and OK, then only group */ 3455 ret = zfscheck(group, share); 3456 if (ret == SA_OK && 3457 sa_group_is_zfs(group)) 3458 share = NULL; 3459 if (ret == SA_NOT_ALLOWED) 3460 (void) printf(gettext( 3461 "Properties on ZFS group shares " 3462 "not supported: %s\n"), sharepath); 3463 } 3464 } 3465 3466 /* 3467 * If a resource name exists, make sure it belongs to 3468 * the share if present else it belongs to the 3469 * group. Also check the protocol to see if it 3470 * supports resource level properties or not. If not, 3471 * use share only. 3472 */ 3473 if (rsrcname != NULL) { 3474 if (share != NULL) { 3475 resource = sa_get_share_resource(share, 3476 rsrcname); 3477 if (resource == NULL) 3478 ret = SA_NO_SUCH_RESOURCE; 3479 } else { 3480 resource = sa_get_resource(group, rsrcname); 3481 if (resource != NULL) 3482 share = sa_get_resource_parent( 3483 resource); 3484 else 3485 ret = SA_NO_SUCH_RESOURCE; 3486 } 3487 if (ret == SA_OK && resource != NULL) { 3488 uint64_t features; 3489 /* 3490 * Check to see if the resource can take 3491 * properties. If so, stick the resource into 3492 * "share" so it will all just work. 3493 */ 3494 features = sa_proto_get_featureset(protocol); 3495 if (features & SA_FEATURE_RESOURCE) 3496 share = (sa_share_t)resource; 3497 } 3498 } 3499 3500 if (ret == SA_OK) { 3501 /* group must exist */ 3502 ret = valid_options(optlist, protocol, 3503 share == NULL ? group : share, NULL); 3504 if (ret == SA_OK && !dryrun) { 3505 if (share != NULL) 3506 change |= add_optionset(share, optlist, 3507 protocol, &ret); 3508 else 3509 change |= add_optionset(group, optlist, 3510 protocol, &ret); 3511 if (ret == SA_OK && change) 3512 worklist = add_list(worklist, group, 3513 share, protocol); 3514 } 3515 } 3516 free_opt(optlist); 3517 } else { 3518 (void) printf(gettext("Group \"%s\" not found\n"), groupname); 3519 ret = SA_NO_SUCH_GROUP; 3520 } 3521 /* 3522 * we have a group and potentially legal additions 3523 */ 3524 3525 /* 3526 * Commit to configuration if not a dryrunp and properties 3527 * have changed. 3528 */ 3529 if (!dryrun && ret == SA_OK && change && worklist != NULL) 3530 /* properties changed, so update all shares */ 3531 (void) enable_all_groups(handle, worklist, 0, 0, protocol, 3532 B_TRUE); 3533 3534 if (worklist != NULL) 3535 free_list(worklist); 3536 return (ret); 3537 } 3538 3539 /* 3540 * space_set(groupname, optlist, protocol, sharepath, dryrun) 3541 * 3542 * This function implements "set" when a name space (-S) is 3543 * specified. It is a namespace set. Options and other CLI parsing has 3544 * already been done. 3545 */ 3546 3547 static int 3548 space_set(sa_handle_t handle, char *groupname, struct options *optlist, 3549 char *protocol, char *sharepath, int dryrun, char *sectype) 3550 { 3551 sa_group_t group; 3552 int ret = SA_OK; 3553 int change = 0; 3554 struct list *worklist = NULL; 3555 3556 /* 3557 * make sure protcol and sectype are valid 3558 */ 3559 3560 if (sa_proto_valid_space(protocol, sectype) == 0) { 3561 (void) printf(gettext("Option space \"%s\" not valid " 3562 "for protocol.\n"), sectype); 3563 return (SA_INVALID_SECURITY); 3564 } 3565 3566 group = sa_get_group(handle, groupname); 3567 if (group != NULL) { 3568 sa_share_t share = NULL; 3569 if (sharepath != NULL) { 3570 share = sa_get_share(group, sharepath); 3571 if (share == NULL) { 3572 (void) printf(gettext( 3573 "Share does not exist in group %s\n"), 3574 groupname, sharepath); 3575 ret = SA_NO_SUCH_PATH; 3576 } else { 3577 /* if ZFS and OK, then only group */ 3578 ret = zfscheck(group, share); 3579 if (ret == SA_OK && 3580 sa_group_is_zfs(group)) 3581 share = NULL; 3582 if (ret == SA_NOT_ALLOWED) 3583 (void) printf(gettext( 3584 "Properties on ZFS group shares " 3585 "not supported: %s\n"), sharepath); 3586 } 3587 } 3588 if (ret == SA_OK) { 3589 /* group must exist */ 3590 ret = valid_options(optlist, protocol, 3591 share == NULL ? group : share, sectype); 3592 if (ret == SA_OK && !dryrun) { 3593 if (share != NULL) 3594 change = add_security(share, sectype, 3595 optlist, protocol, &ret); 3596 else 3597 change = add_security(group, sectype, 3598 optlist, protocol, &ret); 3599 if (ret != SA_OK) 3600 (void) printf(gettext( 3601 "Could not set property: %s\n"), 3602 sa_errorstr(ret)); 3603 } 3604 if (ret == SA_OK && change) 3605 worklist = add_list(worklist, group, share, 3606 protocol); 3607 } 3608 free_opt(optlist); 3609 } else { 3610 (void) printf(gettext("Group \"%s\" not found\n"), groupname); 3611 ret = SA_NO_SUCH_GROUP; 3612 } 3613 3614 /* 3615 * We have a group and potentially legal additions. 3616 */ 3617 3618 /* Commit to configuration if not a dryrun */ 3619 if (!dryrun && ret == 0) { 3620 if (change && worklist != NULL) { 3621 /* properties changed, so update all shares */ 3622 (void) enable_all_groups(handle, worklist, 0, 0, 3623 protocol, B_TRUE); 3624 } 3625 ret = sa_update_config(handle); 3626 } 3627 if (worklist != NULL) 3628 free_list(worklist); 3629 return (ret); 3630 } 3631 3632 /* 3633 * sa_set(flags, argc, argv) 3634 * 3635 * Implements the set subcommand. It keys off of -S to determine which 3636 * set of operations to actually do. 3637 */ 3638 3639 int 3640 sa_set(sa_handle_t handle, int flags, int argc, char *argv[]) 3641 { 3642 char *groupname; 3643 int verbose = 0; 3644 int dryrun = 0; 3645 int c; 3646 char *protocol = NULL; 3647 int ret = SA_OK; 3648 struct options *optlist = NULL; 3649 char *rsrcname = NULL; 3650 char *sharepath = NULL; 3651 char *optset = NULL; 3652 int auth; 3653 3654 while ((c = getopt(argc, argv, "?hvnP:p:r:s:S:")) != EOF) { 3655 switch (c) { 3656 case 'v': 3657 verbose++; 3658 break; 3659 case 'n': 3660 dryrun++; 3661 break; 3662 case 'P': 3663 if (protocol != NULL) { 3664 (void) printf(gettext( 3665 "Specifying multiple protocols " 3666 "not supported: %s\n"), protocol); 3667 return (SA_SYNTAX_ERR); 3668 } 3669 protocol = optarg; 3670 if (!sa_valid_protocol(protocol)) { 3671 (void) printf(gettext( 3672 "Invalid protocol specified: %s\n"), 3673 protocol); 3674 return (SA_INVALID_PROTOCOL); 3675 } 3676 break; 3677 case 'p': 3678 ret = add_opt(&optlist, optarg, 0); 3679 switch (ret) { 3680 case OPT_ADD_SYNTAX: 3681 (void) printf(gettext("Property syntax error:" 3682 " %s\n"), optarg); 3683 return (SA_SYNTAX_ERR); 3684 case OPT_ADD_MEMORY: 3685 (void) printf(gettext("No memory to set " 3686 "property: %s\n"), optarg); 3687 return (SA_NO_MEMORY); 3688 default: 3689 break; 3690 } 3691 break; 3692 case 'r': 3693 if (rsrcname != NULL) { 3694 (void) printf(gettext( 3695 "Setting multiple resource names not" 3696 " supported\n")); 3697 return (SA_SYNTAX_ERR); 3698 } 3699 rsrcname = optarg; 3700 break; 3701 case 's': 3702 if (sharepath != NULL) { 3703 (void) printf(gettext( 3704 "Setting multiple shares not supported\n")); 3705 return (SA_SYNTAX_ERR); 3706 } 3707 sharepath = optarg; 3708 break; 3709 case 'S': 3710 if (optset != NULL) { 3711 (void) printf(gettext( 3712 "Specifying multiple property " 3713 "spaces not supported: %s\n"), optset); 3714 return (SA_SYNTAX_ERR); 3715 } 3716 optset = optarg; 3717 break; 3718 default: 3719 case 'h': 3720 case '?': 3721 (void) printf(gettext("usage: %s\n"), 3722 sa_get_usage(USAGE_SET)); 3723 return (SA_OK); 3724 } 3725 } 3726 3727 if (optlist != NULL) 3728 ret = chk_opt(optlist, optset != NULL, protocol); 3729 3730 if (optind >= argc || (optlist == NULL && optset == NULL) || 3731 protocol == NULL || ret != OPT_ADD_OK) { 3732 char *sep = "\t"; 3733 3734 (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_SET)); 3735 if (optind >= argc) { 3736 (void) printf(gettext("%sgroup must be specified"), 3737 sep); 3738 sep = ", "; 3739 } 3740 if (optlist == NULL) { 3741 (void) printf(gettext("%sat least one property must be" 3742 " specified"), sep); 3743 sep = ", "; 3744 } 3745 if (protocol == NULL) { 3746 (void) printf(gettext("%sprotocol must be specified"), 3747 sep); 3748 sep = ", "; 3749 } 3750 (void) printf("\n"); 3751 ret = SA_SYNTAX_ERR; 3752 } else { 3753 /* 3754 * Group already exists so we can proceed after a few 3755 * additional checks related to ZFS handling. 3756 */ 3757 3758 groupname = argv[optind]; 3759 if (strcmp(groupname, "zfs") == 0) { 3760 (void) printf(gettext("Changing properties for group " 3761 "\"zfs\" not allowed\n")); 3762 return (SA_NOT_ALLOWED); 3763 } 3764 3765 auth = check_authorizations(groupname, flags); 3766 if (optset == NULL) 3767 ret = basic_set(handle, groupname, optlist, protocol, 3768 sharepath, rsrcname, dryrun); 3769 else 3770 ret = space_set(handle, groupname, optlist, protocol, 3771 sharepath, dryrun, optset); 3772 if (dryrun && ret == SA_OK && !auth && verbose) { 3773 (void) printf(gettext("Command would fail: %s\n"), 3774 sa_errorstr(SA_NO_PERMISSION)); 3775 } 3776 } 3777 return (ret); 3778 } 3779 3780 /* 3781 * remove_options(group, optlist, proto, *err) 3782 * 3783 * Helper function to actually remove options from a group after all 3784 * preprocessing is done. 3785 */ 3786 3787 static int 3788 remove_options(sa_group_t group, struct options *optlist, 3789 char *proto, int *err) 3790 { 3791 struct options *cur; 3792 sa_optionset_t optionset; 3793 sa_property_t prop; 3794 int change = 0; 3795 int ret = SA_OK; 3796 3797 optionset = sa_get_optionset(group, proto); 3798 if (optionset != NULL) { 3799 for (cur = optlist; cur != NULL; cur = cur->next) { 3800 prop = sa_get_property(optionset, cur->optname); 3801 if (prop != NULL) { 3802 ret = sa_remove_property(prop); 3803 if (ret != SA_OK) 3804 break; 3805 change = 1; 3806 } 3807 } 3808 } 3809 if (ret == SA_OK && change) 3810 ret = sa_commit_properties(optionset, 0); 3811 3812 if (err != NULL) 3813 *err = ret; 3814 return (change); 3815 } 3816 3817 /* 3818 * valid_unset(group, optlist, proto) 3819 * 3820 * Sanity check the optlist to make sure they can be removed. Issue an 3821 * error if a property doesn't exist. 3822 */ 3823 3824 static int 3825 valid_unset(sa_group_t group, struct options *optlist, char *proto) 3826 { 3827 struct options *cur; 3828 sa_optionset_t optionset; 3829 sa_property_t prop; 3830 int ret = SA_OK; 3831 3832 optionset = sa_get_optionset(group, proto); 3833 if (optionset != NULL) { 3834 for (cur = optlist; cur != NULL; cur = cur->next) { 3835 prop = sa_get_property(optionset, cur->optname); 3836 if (prop == NULL) { 3837 (void) printf(gettext( 3838 "Could not unset property %s: not set\n"), 3839 cur->optname); 3840 ret = SA_NO_SUCH_PROP; 3841 } 3842 } 3843 } 3844 return (ret); 3845 } 3846 3847 /* 3848 * valid_unset_security(group, optlist, proto) 3849 * 3850 * Sanity check the optlist to make sure they can be removed. Issue an 3851 * error if a property doesn't exist. 3852 */ 3853 3854 static int 3855 valid_unset_security(sa_group_t group, struct options *optlist, char *proto, 3856 char *sectype) 3857 { 3858 struct options *cur; 3859 sa_security_t security; 3860 sa_property_t prop; 3861 int ret = SA_OK; 3862 char *sec; 3863 3864 sec = sa_proto_space_alias(proto, sectype); 3865 security = sa_get_security(group, sec, proto); 3866 if (security != NULL) { 3867 for (cur = optlist; cur != NULL; cur = cur->next) { 3868 prop = sa_get_property(security, cur->optname); 3869 if (prop == NULL) { 3870 (void) printf(gettext( 3871 "Could not unset property %s: not set\n"), 3872 cur->optname); 3873 ret = SA_NO_SUCH_PROP; 3874 } 3875 } 3876 } else { 3877 (void) printf(gettext( 3878 "Could not unset %s: space not defined\n"), sectype); 3879 ret = SA_NO_SUCH_SECURITY; 3880 } 3881 if (sec != NULL) 3882 sa_free_attr_string(sec); 3883 return (ret); 3884 } 3885 3886 /* 3887 * remove_security(group, optlist, proto) 3888 * 3889 * Remove the properties since they were checked as valid. 3890 */ 3891 3892 static int 3893 remove_security(sa_group_t group, char *sectype, 3894 struct options *optlist, char *proto, int *err) 3895 { 3896 sa_security_t security; 3897 int ret = SA_OK; 3898 int change = 0; 3899 3900 sectype = sa_proto_space_alias(proto, sectype); 3901 security = sa_get_security(group, sectype, proto); 3902 if (sectype != NULL) 3903 sa_free_attr_string(sectype); 3904 3905 if (security != NULL) { 3906 while (optlist != NULL) { 3907 sa_property_t prop; 3908 prop = sa_get_property(security, optlist->optname); 3909 if (prop != NULL) { 3910 ret = sa_remove_property(prop); 3911 if (ret != SA_OK) 3912 break; 3913 change = 1; 3914 } 3915 optlist = optlist->next; 3916 } 3917 /* 3918 * when done, properties may have all been removed but 3919 * we need to keep the security type itself until 3920 * explicitly removed. 3921 */ 3922 if (ret == SA_OK && change) 3923 ret = sa_commit_properties(security, 0); 3924 } else { 3925 ret = SA_NO_SUCH_PROP; 3926 } 3927 if (err != NULL) 3928 *err = ret; 3929 return (change); 3930 } 3931 3932 /* 3933 * basic_unset(groupname, optlist, protocol, sharepath, rsrcname, dryrun) 3934 * 3935 * Unset non-named optionset properties. 3936 */ 3937 3938 static int 3939 basic_unset(sa_handle_t handle, char *groupname, struct options *optlist, 3940 char *protocol, char *sharepath, char *rsrcname, int dryrun) 3941 { 3942 sa_group_t group; 3943 int ret = SA_OK; 3944 int change = 0; 3945 struct list *worklist = NULL; 3946 sa_share_t share = NULL; 3947 sa_resource_t resource = NULL; 3948 3949 group = sa_get_group(handle, groupname); 3950 if (group == NULL) 3951 return (ret); 3952 3953 /* 3954 * If there is a sharepath, make sure it belongs to 3955 * the group. 3956 */ 3957 if (sharepath != NULL) { 3958 share = sa_get_share(group, sharepath); 3959 if (share == NULL) { 3960 (void) printf(gettext( 3961 "Share does not exist in group %s\n"), 3962 groupname, sharepath); 3963 ret = SA_NO_SUCH_PATH; 3964 } 3965 } 3966 /* 3967 * If a resource name exists, make sure it belongs to 3968 * the share if present else it belongs to the 3969 * group. Also check the protocol to see if it 3970 * supports resource level properties or not. If not, 3971 * use share only. 3972 */ 3973 if (rsrcname != NULL) { 3974 if (share != NULL) { 3975 resource = sa_get_share_resource(share, rsrcname); 3976 if (resource == NULL) 3977 ret = SA_NO_SUCH_RESOURCE; 3978 } else { 3979 resource = sa_get_resource(group, rsrcname); 3980 if (resource != NULL) { 3981 share = sa_get_resource_parent(resource); 3982 } else { 3983 ret = SA_NO_SUCH_RESOURCE; 3984 } 3985 } 3986 if (ret == SA_OK && resource != NULL) { 3987 uint64_t features; 3988 /* 3989 * Check to see if the resource can take 3990 * properties. If so, stick the resource into 3991 * "share" so it will all just work. 3992 */ 3993 features = sa_proto_get_featureset(protocol); 3994 if (features & SA_FEATURE_RESOURCE) 3995 share = (sa_share_t)resource; 3996 } 3997 } 3998 3999 if (ret == SA_OK) { 4000 /* group must exist */ 4001 ret = valid_unset(share != NULL ? share : group, 4002 optlist, protocol); 4003 if (ret == SA_OK && !dryrun) { 4004 if (share != NULL) { 4005 sa_optionset_t optionset; 4006 sa_property_t prop; 4007 change |= remove_options(share, optlist, 4008 protocol, &ret); 4009 /* 4010 * If a share optionset is 4011 * empty, remove it. 4012 */ 4013 optionset = sa_get_optionset((sa_share_t)share, 4014 protocol); 4015 if (optionset != NULL) { 4016 prop = sa_get_property(optionset, NULL); 4017 if (prop == NULL) 4018 (void) sa_destroy_optionset( 4019 optionset); 4020 } 4021 } else { 4022 change |= remove_options(group, 4023 optlist, protocol, &ret); 4024 } 4025 if (ret == SA_OK && change) 4026 worklist = add_list(worklist, group, share, 4027 protocol); 4028 if (ret != SA_OK) 4029 (void) printf(gettext( 4030 "Could not remove properties: " 4031 "%s\n"), sa_errorstr(ret)); 4032 } 4033 } else { 4034 (void) printf(gettext("Group \"%s\" not found\n"), groupname); 4035 ret = SA_NO_SUCH_GROUP; 4036 } 4037 free_opt(optlist); 4038 4039 /* 4040 * We have a group and potentially legal additions 4041 * 4042 * Commit to configuration if not a dryrun 4043 */ 4044 if (!dryrun && ret == SA_OK) { 4045 if (change && worklist != NULL) { 4046 /* properties changed, so update all shares */ 4047 (void) enable_all_groups(handle, worklist, 0, 0, 4048 protocol, B_TRUE); 4049 } 4050 } 4051 if (worklist != NULL) 4052 free_list(worklist); 4053 return (ret); 4054 } 4055 4056 /* 4057 * space_unset(groupname, optlist, protocol, sharepath, dryrun) 4058 * 4059 * Unset named optionset properties. 4060 */ 4061 static int 4062 space_unset(sa_handle_t handle, char *groupname, struct options *optlist, 4063 char *protocol, char *sharepath, int dryrun, char *sectype) 4064 { 4065 sa_group_t group; 4066 int ret = SA_OK; 4067 int change = 0; 4068 struct list *worklist = NULL; 4069 sa_share_t share = NULL; 4070 4071 group = sa_get_group(handle, groupname); 4072 if (group == NULL) { 4073 (void) printf(gettext("Group \"%s\" not found\n"), groupname); 4074 return (SA_NO_SUCH_GROUP); 4075 } 4076 if (sharepath != NULL) { 4077 share = sa_get_share(group, sharepath); 4078 if (share == NULL) { 4079 (void) printf(gettext( 4080 "Share does not exist in group %s\n"), 4081 groupname, sharepath); 4082 return (SA_NO_SUCH_PATH); 4083 } 4084 } 4085 ret = valid_unset_security(share != NULL ? share : group, 4086 optlist, protocol, sectype); 4087 4088 if (ret == SA_OK && !dryrun) { 4089 if (optlist != NULL) { 4090 if (share != NULL) { 4091 sa_security_t optionset; 4092 sa_property_t prop; 4093 change = remove_security(share, 4094 sectype, optlist, protocol, &ret); 4095 4096 /* If a share security is empty, remove it */ 4097 optionset = sa_get_security((sa_group_t)share, 4098 sectype, protocol); 4099 if (optionset != NULL) { 4100 prop = sa_get_property(optionset, 4101 NULL); 4102 if (prop == NULL) 4103 ret = sa_destroy_security( 4104 optionset); 4105 } 4106 } else { 4107 change = remove_security(group, sectype, 4108 optlist, protocol, &ret); 4109 } 4110 } else { 4111 sa_security_t security; 4112 char *sec; 4113 sec = sa_proto_space_alias(protocol, sectype); 4114 security = sa_get_security(group, sec, protocol); 4115 if (sec != NULL) 4116 sa_free_attr_string(sec); 4117 if (security != NULL) { 4118 ret = sa_destroy_security(security); 4119 if (ret == SA_OK) 4120 change = 1; 4121 } else { 4122 ret = SA_NO_SUCH_PROP; 4123 } 4124 } 4125 if (ret != SA_OK) 4126 (void) printf(gettext("Could not unset property: %s\n"), 4127 sa_errorstr(ret)); 4128 } 4129 4130 if (ret == SA_OK && change) 4131 worklist = add_list(worklist, group, 0, protocol); 4132 4133 free_opt(optlist); 4134 /* 4135 * We have a group and potentially legal additions 4136 */ 4137 4138 /* Commit to configuration if not a dryrun */ 4139 if (!dryrun && ret == 0) { 4140 /* properties changed, so update all shares */ 4141 if (change && worklist != NULL) 4142 (void) enable_all_groups(handle, worklist, 0, 0, 4143 protocol, B_TRUE); 4144 ret = sa_update_config(handle); 4145 } 4146 if (worklist != NULL) 4147 free_list(worklist); 4148 return (ret); 4149 } 4150 4151 /* 4152 * sa_unset(flags, argc, argv) 4153 * 4154 * Implements the unset subcommand. Parsing done here and then basic 4155 * or space versions of the real code are called. 4156 */ 4157 4158 int 4159 sa_unset(sa_handle_t handle, int flags, int argc, char *argv[]) 4160 { 4161 char *groupname; 4162 int verbose = 0; 4163 int dryrun = 0; 4164 int c; 4165 char *protocol = NULL; 4166 int ret = SA_OK; 4167 struct options *optlist = NULL; 4168 char *rsrcname = NULL; 4169 char *sharepath = NULL; 4170 char *optset = NULL; 4171 int auth; 4172 4173 while ((c = getopt(argc, argv, "?hvnP:p:r:s:S:")) != EOF) { 4174 switch (c) { 4175 case 'v': 4176 verbose++; 4177 break; 4178 case 'n': 4179 dryrun++; 4180 break; 4181 case 'P': 4182 if (protocol != NULL) { 4183 (void) printf(gettext( 4184 "Specifying multiple protocols " 4185 "not supported: %s\n"), protocol); 4186 return (SA_SYNTAX_ERR); 4187 } 4188 protocol = optarg; 4189 if (!sa_valid_protocol(protocol)) { 4190 (void) printf(gettext( 4191 "Invalid protocol specified: %s\n"), 4192 protocol); 4193 return (SA_INVALID_PROTOCOL); 4194 } 4195 break; 4196 case 'p': 4197 ret = add_opt(&optlist, optarg, 1); 4198 switch (ret) { 4199 case OPT_ADD_SYNTAX: 4200 (void) printf(gettext("Property syntax error " 4201 "for property %s\n"), optarg); 4202 return (SA_SYNTAX_ERR); 4203 4204 case OPT_ADD_PROPERTY: 4205 (void) printf(gettext("Properties need to be " 4206 "set with set command: %s\n"), optarg); 4207 return (SA_SYNTAX_ERR); 4208 4209 default: 4210 break; 4211 } 4212 break; 4213 case 'r': 4214 /* 4215 * Unset properties on resource if applicable or on 4216 * share if resource for this protocol doesn't use 4217 * resources. 4218 */ 4219 if (rsrcname != NULL) { 4220 (void) printf(gettext( 4221 "Unsetting multiple resource " 4222 "names not supported\n")); 4223 return (SA_SYNTAX_ERR); 4224 } 4225 rsrcname = optarg; 4226 break; 4227 case 's': 4228 if (sharepath != NULL) { 4229 (void) printf(gettext( 4230 "Adding multiple shares not supported\n")); 4231 return (SA_SYNTAX_ERR); 4232 } 4233 sharepath = optarg; 4234 break; 4235 case 'S': 4236 if (optset != NULL) { 4237 (void) printf(gettext( 4238 "Specifying multiple property " 4239 "spaces not supported: %s\n"), optset); 4240 return (SA_SYNTAX_ERR); 4241 } 4242 optset = optarg; 4243 break; 4244 default: 4245 case 'h': 4246 case '?': 4247 (void) printf(gettext("usage: %s\n"), 4248 sa_get_usage(USAGE_UNSET)); 4249 return (SA_OK); 4250 } 4251 } 4252 4253 if (optlist != NULL) 4254 ret = chk_opt(optlist, optset != NULL, protocol); 4255 4256 if (optind >= argc || (optlist == NULL && optset == NULL) || 4257 protocol == NULL) { 4258 char *sep = "\t"; 4259 (void) printf(gettext("usage: %s\n"), 4260 sa_get_usage(USAGE_UNSET)); 4261 if (optind >= argc) { 4262 (void) printf(gettext("%sgroup must be specified"), 4263 sep); 4264 sep = ", "; 4265 } 4266 if (optlist == NULL) { 4267 (void) printf(gettext("%sat least one property must " 4268 "be specified"), sep); 4269 sep = ", "; 4270 } 4271 if (protocol == NULL) { 4272 (void) printf(gettext("%sprotocol must be specified"), 4273 sep); 4274 sep = ", "; 4275 } 4276 (void) printf("\n"); 4277 ret = SA_SYNTAX_ERR; 4278 } else { 4279 4280 /* 4281 * If a group already exists, we can only add a new 4282 * protocol to it and not create a new one or add the 4283 * same protocol again. 4284 */ 4285 4286 groupname = argv[optind]; 4287 auth = check_authorizations(groupname, flags); 4288 if (optset == NULL) 4289 ret = basic_unset(handle, groupname, optlist, protocol, 4290 sharepath, rsrcname, dryrun); 4291 else 4292 ret = space_unset(handle, groupname, optlist, protocol, 4293 sharepath, dryrun, optset); 4294 4295 if (dryrun && ret == SA_OK && !auth && verbose) 4296 (void) printf(gettext("Command would fail: %s\n"), 4297 sa_errorstr(SA_NO_PERMISSION)); 4298 } 4299 return (ret); 4300 } 4301 4302 /* 4303 * sa_enable_group(flags, argc, argv) 4304 * 4305 * Implements the enable subcommand 4306 */ 4307 4308 int 4309 sa_enable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 4310 { 4311 int verbose = 0; 4312 int dryrun = 0; 4313 int all = 0; 4314 int c; 4315 int ret = SA_OK; 4316 char *protocol = NULL; 4317 char *state; 4318 struct list *worklist = NULL; 4319 int auth = 1; 4320 sa_group_t group; 4321 4322 while ((c = getopt(argc, argv, "?havnP:")) != EOF) { 4323 switch (c) { 4324 case 'a': 4325 all = 1; 4326 break; 4327 case 'n': 4328 dryrun++; 4329 break; 4330 case 'P': 4331 if (protocol != NULL) { 4332 (void) printf(gettext( 4333 "Specifying multiple protocols " 4334 "not supported: %s\n"), protocol); 4335 return (SA_SYNTAX_ERR); 4336 } 4337 protocol = optarg; 4338 if (!sa_valid_protocol(protocol)) { 4339 (void) printf(gettext( 4340 "Invalid protocol specified: %s\n"), 4341 protocol); 4342 return (SA_INVALID_PROTOCOL); 4343 } 4344 break; 4345 case 'v': 4346 verbose++; 4347 break; 4348 default: 4349 case 'h': 4350 case '?': 4351 (void) printf(gettext("usage: %s\n"), 4352 sa_get_usage(USAGE_ENABLE)); 4353 return (0); 4354 } 4355 } 4356 4357 if (optind == argc && !all) { 4358 (void) printf(gettext("usage: %s\n"), 4359 sa_get_usage(USAGE_ENABLE)); 4360 (void) printf(gettext("\tmust specify group\n")); 4361 return (SA_NO_SUCH_PATH); 4362 } 4363 if (!all) { 4364 while (optind < argc) { 4365 group = sa_get_group(handle, argv[optind]); 4366 if (group != NULL) { 4367 auth &= check_authorizations(argv[optind], 4368 flags); 4369 state = sa_get_group_attr(group, "state"); 4370 if (state != NULL && 4371 strcmp(state, "enabled") == 0) { 4372 /* already enabled */ 4373 if (verbose) 4374 (void) printf(gettext( 4375 "Group \"%s\" is already " 4376 "enabled\n"), 4377 argv[optind]); 4378 ret = SA_BUSY; /* already enabled */ 4379 } else { 4380 worklist = add_list(worklist, group, 4381 0, protocol); 4382 if (verbose) 4383 (void) printf(gettext( 4384 "Enabling group \"%s\"\n"), 4385 argv[optind]); 4386 } 4387 if (state != NULL) 4388 sa_free_attr_string(state); 4389 } else { 4390 ret = SA_NO_SUCH_GROUP; 4391 } 4392 optind++; 4393 } 4394 } else { 4395 for (group = sa_get_group(handle, NULL); 4396 group != NULL; 4397 group = sa_get_next_group(group)) { 4398 worklist = add_list(worklist, group, 0, protocol); 4399 } 4400 } 4401 if (!dryrun && ret == SA_OK) 4402 ret = enable_all_groups(handle, worklist, 1, 0, NULL, B_FALSE); 4403 4404 if (ret != SA_OK && ret != SA_BUSY) 4405 (void) printf(gettext("Could not enable group: %s\n"), 4406 sa_errorstr(ret)); 4407 if (ret == SA_BUSY) 4408 ret = SA_OK; 4409 4410 if (worklist != NULL) 4411 free_list(worklist); 4412 if (dryrun && ret == SA_OK && !auth && verbose) { 4413 (void) printf(gettext("Command would fail: %s\n"), 4414 sa_errorstr(SA_NO_PERMISSION)); 4415 } 4416 return (ret); 4417 } 4418 4419 /* 4420 * disable_group(group, proto) 4421 * 4422 * Disable all the shares in the specified group.. This is a helper 4423 * for disable_all_groups in order to simplify regular and subgroup 4424 * (zfs) disabling. Group has already been checked for non-NULL. 4425 */ 4426 4427 static int 4428 disable_group(sa_group_t group, char *proto) 4429 { 4430 sa_share_t share; 4431 int ret = SA_OK; 4432 4433 /* 4434 * If the protocol isn't enabled, skip it and treat as 4435 * successful. 4436 */ 4437 if (!has_protocol(group, proto)) 4438 return (ret); 4439 4440 for (share = sa_get_share(group, NULL); 4441 share != NULL && ret == SA_OK; 4442 share = sa_get_next_share(share)) { 4443 ret = sa_disable_share(share, proto); 4444 if (ret == SA_NO_SUCH_PATH) { 4445 /* 4446 * this is OK since the path is gone. we can't 4447 * re-share it anyway so no error. 4448 */ 4449 ret = SA_OK; 4450 } 4451 } 4452 return (ret); 4453 } 4454 4455 /* 4456 * disable_all_groups(work, setstate) 4457 * 4458 * helper function that disables the shares in the list of groups 4459 * provided. It optionally marks the group as disabled. Used by both 4460 * enable and start subcommands. 4461 */ 4462 4463 static int 4464 disable_all_groups(sa_handle_t handle, struct list *work, int setstate) 4465 { 4466 int ret = SA_OK; 4467 sa_group_t subgroup, group; 4468 4469 while (work != NULL && ret == SA_OK) { 4470 group = (sa_group_t)work->item; 4471 if (setstate) 4472 ret = sa_set_group_attr(group, "state", "disabled"); 4473 if (ret == SA_OK) { 4474 char *name; 4475 name = sa_get_group_attr(group, "name"); 4476 if (name != NULL && strcmp(name, "zfs") == 0) { 4477 /* need to get the sub-groups for stopping */ 4478 for (subgroup = sa_get_sub_group(group); 4479 subgroup != NULL; 4480 subgroup = sa_get_next_group(subgroup)) { 4481 ret = disable_group(subgroup, 4482 work->proto); 4483 } 4484 } else { 4485 ret = disable_group(group, work->proto); 4486 } 4487 /* 4488 * We don't want to "disable" since it won't come 4489 * up after a reboot. The SMF framework should do 4490 * the right thing. On enable we do want to do 4491 * something. 4492 */ 4493 } 4494 work = work->next; 4495 } 4496 if (ret == SA_OK) 4497 ret = sa_update_config(handle); 4498 return (ret); 4499 } 4500 4501 /* 4502 * sa_disable_group(flags, argc, argv) 4503 * 4504 * Implements the disable subcommand 4505 */ 4506 4507 int 4508 sa_disable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 4509 { 4510 int verbose = 0; 4511 int dryrun = 0; 4512 int all = 0; 4513 int c; 4514 int ret = SA_OK; 4515 char *protocol = NULL; 4516 char *state; 4517 struct list *worklist = NULL; 4518 sa_group_t group; 4519 int auth = 1; 4520 4521 while ((c = getopt(argc, argv, "?havn")) != EOF) { 4522 switch (c) { 4523 case 'a': 4524 all = 1; 4525 break; 4526 case 'n': 4527 dryrun++; 4528 break; 4529 case 'P': 4530 if (protocol != NULL) { 4531 (void) printf(gettext( 4532 "Specifying multiple protocols " 4533 "not supported: %s\n"), protocol); 4534 return (SA_SYNTAX_ERR); 4535 } 4536 protocol = optarg; 4537 if (!sa_valid_protocol(protocol)) { 4538 (void) printf(gettext( 4539 "Invalid protocol specified: %s\n"), 4540 protocol); 4541 return (SA_INVALID_PROTOCOL); 4542 } 4543 break; 4544 case 'v': 4545 verbose++; 4546 break; 4547 default: 4548 case 'h': 4549 case '?': 4550 (void) printf(gettext("usage: %s\n"), 4551 sa_get_usage(USAGE_DISABLE)); 4552 return (0); 4553 } 4554 } 4555 4556 if (optind == argc && !all) { 4557 (void) printf(gettext("usage: %s\n"), 4558 sa_get_usage(USAGE_DISABLE)); 4559 (void) printf(gettext("\tmust specify group\n")); 4560 return (SA_NO_SUCH_PATH); 4561 } 4562 if (!all) { 4563 while (optind < argc) { 4564 group = sa_get_group(handle, argv[optind]); 4565 if (group != NULL) { 4566 auth &= check_authorizations(argv[optind], 4567 flags); 4568 state = sa_get_group_attr(group, "state"); 4569 if (state == NULL || 4570 strcmp(state, "disabled") == 0) { 4571 /* already disabled */ 4572 if (verbose) 4573 (void) printf(gettext( 4574 "Group \"%s\" is " 4575 "already disabled\n"), 4576 argv[optind]); 4577 ret = SA_BUSY; /* already disabled */ 4578 } else { 4579 worklist = add_list(worklist, group, 0, 4580 protocol); 4581 if (verbose) 4582 (void) printf(gettext( 4583 "Disabling group " 4584 "\"%s\"\n"), argv[optind]); 4585 } 4586 if (state != NULL) 4587 sa_free_attr_string(state); 4588 } else { 4589 ret = SA_NO_SUCH_GROUP; 4590 } 4591 optind++; 4592 } 4593 } else { 4594 for (group = sa_get_group(handle, NULL); 4595 group != NULL; 4596 group = sa_get_next_group(group)) 4597 worklist = add_list(worklist, group, 0, protocol); 4598 } 4599 4600 if (ret == SA_OK && !dryrun) 4601 ret = disable_all_groups(handle, worklist, 1); 4602 if (ret != SA_OK && ret != SA_BUSY) 4603 (void) printf(gettext("Could not disable group: %s\n"), 4604 sa_errorstr(ret)); 4605 if (ret == SA_BUSY) 4606 ret = SA_OK; 4607 if (worklist != NULL) 4608 free_list(worklist); 4609 if (dryrun && ret == SA_OK && !auth && verbose) 4610 (void) printf(gettext("Command would fail: %s\n"), 4611 sa_errorstr(SA_NO_PERMISSION)); 4612 return (ret); 4613 } 4614 4615 /* 4616 * sa_start_group(flags, argc, argv) 4617 * 4618 * Implements the start command. 4619 * This is similar to enable except it doesn't change the state 4620 * of the group(s) and only enables shares if the group is already 4621 * enabled. 4622 */ 4623 4624 int 4625 sa_start_group(sa_handle_t handle, int flags, int argc, char *argv[]) 4626 { 4627 int verbose = 0; 4628 int all = 0; 4629 int c; 4630 int ret = SMF_EXIT_OK; 4631 char *protocol = NULL; 4632 char *state; 4633 struct list *worklist = NULL; 4634 sa_group_t group; 4635 #ifdef lint 4636 flags = flags; 4637 #endif 4638 4639 while ((c = getopt(argc, argv, "?havP:")) != EOF) { 4640 switch (c) { 4641 case 'a': 4642 all = 1; 4643 break; 4644 case 'P': 4645 if (protocol != NULL) { 4646 (void) printf(gettext( 4647 "Specifying multiple protocols " 4648 "not supported: %s\n"), protocol); 4649 return (SA_SYNTAX_ERR); 4650 } 4651 protocol = optarg; 4652 if (!sa_valid_protocol(protocol)) { 4653 (void) printf(gettext( 4654 "Invalid protocol specified: %s\n"), 4655 protocol); 4656 return (SA_INVALID_PROTOCOL); 4657 } 4658 break; 4659 case 'v': 4660 verbose++; 4661 break; 4662 default: 4663 case 'h': 4664 case '?': 4665 (void) printf(gettext("usage: %s\n"), 4666 sa_get_usage(USAGE_START)); 4667 return (SA_OK); 4668 } 4669 } 4670 4671 if (optind == argc && !all) { 4672 (void) printf(gettext("usage: %s\n"), 4673 sa_get_usage(USAGE_START)); 4674 return (SMF_EXIT_ERR_FATAL); 4675 } 4676 4677 if (!all) { 4678 while (optind < argc) { 4679 group = sa_get_group(handle, argv[optind]); 4680 if (group != NULL) { 4681 state = sa_get_group_attr(group, "state"); 4682 if (state == NULL || 4683 strcmp(state, "enabled") == 0) { 4684 worklist = add_list(worklist, group, 0, 4685 protocol); 4686 if (verbose) 4687 (void) printf(gettext( 4688 "Starting group \"%s\"\n"), 4689 argv[optind]); 4690 } else { 4691 /* 4692 * Determine if there are any 4693 * protocols. If there aren't any, 4694 * then there isn't anything to do in 4695 * any case so no error. 4696 */ 4697 if (sa_get_optionset(group, 4698 protocol) != NULL) { 4699 ret = SMF_EXIT_OK; 4700 } 4701 } 4702 if (state != NULL) 4703 sa_free_attr_string(state); 4704 } 4705 optind++; 4706 } 4707 } else { 4708 for (group = sa_get_group(handle, NULL); 4709 group != NULL; 4710 group = sa_get_next_group(group)) { 4711 state = sa_get_group_attr(group, "state"); 4712 if (state == NULL || strcmp(state, "enabled") == 0) 4713 worklist = add_list(worklist, group, 0, 4714 protocol); 4715 if (state != NULL) 4716 sa_free_attr_string(state); 4717 } 4718 } 4719 4720 (void) enable_all_groups(handle, worklist, 0, 1, protocol, B_FALSE); 4721 4722 if (worklist != NULL) 4723 free_list(worklist); 4724 return (ret); 4725 } 4726 4727 /* 4728 * sa_stop_group(flags, argc, argv) 4729 * 4730 * Implements the stop command. 4731 * This is similar to disable except it doesn't change the state 4732 * of the group(s) and only disables shares if the group is already 4733 * enabled. 4734 */ 4735 int 4736 sa_stop_group(sa_handle_t handle, int flags, int argc, char *argv[]) 4737 { 4738 int verbose = 0; 4739 int all = 0; 4740 int c; 4741 int ret = SMF_EXIT_OK; 4742 char *protocol = NULL; 4743 char *state; 4744 struct list *worklist = NULL; 4745 sa_group_t group; 4746 #ifdef lint 4747 flags = flags; 4748 #endif 4749 4750 while ((c = getopt(argc, argv, "?havP:")) != EOF) { 4751 switch (c) { 4752 case 'a': 4753 all = 1; 4754 break; 4755 case 'P': 4756 if (protocol != NULL) { 4757 (void) printf(gettext( 4758 "Specifying multiple protocols " 4759 "not supported: %s\n"), protocol); 4760 return (SA_SYNTAX_ERR); 4761 } 4762 protocol = optarg; 4763 if (!sa_valid_protocol(protocol)) { 4764 (void) printf(gettext( 4765 "Invalid protocol specified: %s\n"), 4766 protocol); 4767 return (SA_INVALID_PROTOCOL); 4768 } 4769 break; 4770 case 'v': 4771 verbose++; 4772 break; 4773 default: 4774 case 'h': 4775 case '?': 4776 (void) printf(gettext("usage: %s\n"), 4777 sa_get_usage(USAGE_STOP)); 4778 return (0); 4779 } 4780 } 4781 4782 if (optind == argc && !all) { 4783 (void) printf(gettext("usage: %s\n"), 4784 sa_get_usage(USAGE_STOP)); 4785 return (SMF_EXIT_ERR_FATAL); 4786 } else if (!all) { 4787 while (optind < argc) { 4788 group = sa_get_group(handle, argv[optind]); 4789 if (group != NULL) { 4790 state = sa_get_group_attr(group, "state"); 4791 if (state == NULL || 4792 strcmp(state, "enabled") == 0) { 4793 worklist = add_list(worklist, group, 0, 4794 protocol); 4795 if (verbose) 4796 (void) printf(gettext( 4797 "Stopping group \"%s\"\n"), 4798 argv[optind]); 4799 } else { 4800 ret = SMF_EXIT_OK; 4801 } 4802 if (state != NULL) 4803 sa_free_attr_string(state); 4804 } 4805 optind++; 4806 } 4807 } else { 4808 for (group = sa_get_group(handle, NULL); 4809 group != NULL; 4810 group = sa_get_next_group(group)) { 4811 state = sa_get_group_attr(group, "state"); 4812 if (state == NULL || strcmp(state, "enabled") == 0) 4813 worklist = add_list(worklist, group, 0, 4814 protocol); 4815 if (state != NULL) 4816 sa_free_attr_string(state); 4817 } 4818 } 4819 (void) disable_all_groups(handle, worklist, 0); 4820 ret = sa_update_config(handle); 4821 4822 if (worklist != NULL) 4823 free_list(worklist); 4824 return (ret); 4825 } 4826 4827 /* 4828 * remove_all_options(share, proto) 4829 * 4830 * Removes all options on a share. 4831 */ 4832 4833 static void 4834 remove_all_options(sa_share_t share, char *proto) 4835 { 4836 sa_optionset_t optionset; 4837 sa_security_t security; 4838 sa_security_t prevsec = NULL; 4839 4840 optionset = sa_get_optionset(share, proto); 4841 if (optionset != NULL) 4842 (void) sa_destroy_optionset(optionset); 4843 for (security = sa_get_security(share, NULL, NULL); 4844 security != NULL; 4845 security = sa_get_next_security(security)) { 4846 char *type; 4847 /* 4848 * We walk through the list. prevsec keeps the 4849 * previous security so we can delete it without 4850 * destroying the list. 4851 */ 4852 if (prevsec != NULL) { 4853 /* remove the previously seen security */ 4854 (void) sa_destroy_security(prevsec); 4855 /* set to NULL so we don't try multiple times */ 4856 prevsec = NULL; 4857 } 4858 type = sa_get_security_attr(security, "type"); 4859 if (type != NULL) { 4860 /* 4861 * if the security matches the specified protocol, we 4862 * want to remove it. prevsec holds it until either 4863 * the next pass or we fall out of the loop. 4864 */ 4865 if (strcmp(type, proto) == 0) 4866 prevsec = security; 4867 sa_free_attr_string(type); 4868 } 4869 } 4870 /* in case there is one left */ 4871 if (prevsec != NULL) 4872 (void) sa_destroy_security(prevsec); 4873 } 4874 4875 4876 /* 4877 * for legacy support, we need to handle the old syntax. This is what 4878 * we get if sharemgr is called with the name "share" rather than 4879 * sharemgr. 4880 */ 4881 4882 static int 4883 format_legacy_path(char *buff, int buffsize, char *proto, char *cmd) 4884 { 4885 int err; 4886 4887 err = snprintf(buff, buffsize, "/usr/lib/fs/%s/%s", proto, cmd); 4888 if (err > buffsize) 4889 return (-1); 4890 return (0); 4891 } 4892 4893 4894 /* 4895 * check_legacy_cmd(proto, cmd) 4896 * 4897 * Check to see if the cmd exists in /usr/lib/fs/<proto>/<cmd> and is 4898 * executable. 4899 */ 4900 4901 static int 4902 check_legacy_cmd(char *path) 4903 { 4904 struct stat st; 4905 int ret = 0; 4906 4907 if (stat(path, &st) == 0) { 4908 if (S_ISREG(st.st_mode) && 4909 st.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) 4910 ret = 1; 4911 } 4912 return (ret); 4913 } 4914 4915 /* 4916 * run_legacy_command(proto, cmd, argv) 4917 * 4918 * We know the command exists, so attempt to execute it with all the 4919 * arguments. This implements full legacy share support for those 4920 * protocols that don't have plugin providers. 4921 */ 4922 4923 static int 4924 run_legacy_command(char *path, char *argv[]) 4925 { 4926 int ret; 4927 4928 ret = execv(path, argv); 4929 if (ret < 0) { 4930 switch (errno) { 4931 case EACCES: 4932 ret = SA_NO_PERMISSION; 4933 break; 4934 default: 4935 ret = SA_SYSTEM_ERR; 4936 break; 4937 } 4938 } 4939 return (ret); 4940 } 4941 4942 /* 4943 * out_share(out, group, proto) 4944 * 4945 * Display the share information in the format that the "share" 4946 * command has traditionally used. 4947 */ 4948 4949 static void 4950 out_share(FILE *out, sa_group_t group, char *proto) 4951 { 4952 sa_share_t share; 4953 char resfmt[128]; 4954 char *defprop; 4955 4956 /* 4957 * The original share command defaulted to displaying NFS 4958 * shares or allowed a protocol to be specified. We want to 4959 * skip those shares that are not the specified protocol. 4960 */ 4961 if (proto != NULL && sa_get_optionset(group, proto) == NULL) 4962 return; 4963 4964 if (proto == NULL) 4965 proto = "nfs"; 4966 4967 /* 4968 * get the default property string. NFS uses "rw" but 4969 * everything else will use "". 4970 */ 4971 if (proto != NULL && strcmp(proto, "nfs") != 0) 4972 defprop = "\"\""; 4973 else 4974 defprop = "rw"; 4975 4976 for (share = sa_get_share(group, NULL); 4977 share != NULL; 4978 share = sa_get_next_share(share)) { 4979 char *path; 4980 char *type; 4981 char *resource; 4982 char *description; 4983 char *groupname; 4984 char *sharedstate; 4985 int shared = 1; 4986 char *soptions; 4987 char shareopts[MAXNAMLEN]; 4988 4989 sharedstate = sa_get_share_attr(share, "shared"); 4990 path = sa_get_share_attr(share, "path"); 4991 type = sa_get_share_attr(share, "type"); 4992 resource = get_resource(share); 4993 groupname = sa_get_group_attr(group, "name"); 4994 4995 if (groupname != NULL && strcmp(groupname, "default") == 0) { 4996 sa_free_attr_string(groupname); 4997 groupname = NULL; 4998 } 4999 description = sa_get_share_description(share); 5000 5001 /* 5002 * Want the sharetab version if it exists, defaulting 5003 * to NFS if no protocol specified. 5004 */ 5005 (void) snprintf(shareopts, MAXNAMLEN, "shareopts-%s", proto); 5006 soptions = sa_get_share_attr(share, shareopts); 5007 5008 if (sharedstate == NULL) 5009 shared = 0; 5010 5011 if (soptions == NULL) 5012 soptions = sa_proto_legacy_format(proto, share, 1); 5013 5014 if (shared) { 5015 /* only active shares go here */ 5016 (void) snprintf(resfmt, sizeof (resfmt), "%s%s%s", 5017 resource != NULL ? resource : "-", 5018 groupname != NULL ? "@" : "", 5019 groupname != NULL ? groupname : ""); 5020 (void) fprintf(out, "%-14.14s %s %s \"%s\" \n", 5021 resfmt, path, 5022 (soptions != NULL && strlen(soptions) > 0) ? 5023 soptions : defprop, 5024 (description != NULL) ? description : ""); 5025 } 5026 5027 if (path != NULL) 5028 sa_free_attr_string(path); 5029 if (type != NULL) 5030 sa_free_attr_string(type); 5031 if (resource != NULL) 5032 sa_free_attr_string(resource); 5033 if (groupname != NULL) 5034 sa_free_attr_string(groupname); 5035 if (description != NULL) 5036 sa_free_share_description(description); 5037 if (sharedstate != NULL) 5038 sa_free_attr_string(sharedstate); 5039 if (soptions != NULL) 5040 sa_format_free(soptions); 5041 } 5042 } 5043 5044 /* 5045 * output_legacy_file(out, proto) 5046 * 5047 * Walk all of the groups for the specified protocol and call 5048 * out_share() to format and write in the format displayed by the 5049 * "share" command with no arguments. 5050 */ 5051 5052 static void 5053 output_legacy_file(FILE *out, char *proto, sa_handle_t handle) 5054 { 5055 sa_group_t group; 5056 5057 for (group = sa_get_group(handle, NULL); 5058 group != NULL; 5059 group = sa_get_next_group(group)) { 5060 char *zfs; 5061 5062 /* 5063 * Go through all the groups and ZFS 5064 * sub-groups. out_share() will format the shares in 5065 * the group appropriately. 5066 */ 5067 5068 zfs = sa_get_group_attr(group, "zfs"); 5069 if (zfs != NULL) { 5070 sa_group_t zgroup; 5071 sa_free_attr_string(zfs); 5072 for (zgroup = sa_get_sub_group(group); 5073 zgroup != NULL; 5074 zgroup = sa_get_next_group(zgroup)) { 5075 5076 /* got a group, so display it */ 5077 out_share(out, zgroup, proto); 5078 } 5079 } else { 5080 out_share(out, group, proto); 5081 } 5082 } 5083 } 5084 5085 int 5086 sa_legacy_share(sa_handle_t handle, int flags, int argc, char *argv[]) 5087 { 5088 char *protocol = "nfs"; 5089 char *options = NULL; 5090 char *description = NULL; 5091 char *groupname = NULL; 5092 char *sharepath = NULL; 5093 char *resource = NULL; 5094 char *groupstatus = NULL; 5095 int persist = SA_SHARE_TRANSIENT; 5096 int argsused = 0; 5097 int c; 5098 int ret = SA_OK; 5099 int zfs = 0; 5100 int true_legacy = 0; 5101 int curtype = SA_SHARE_TRANSIENT; 5102 char cmd[MAXPATHLEN]; 5103 sa_group_t group = NULL; 5104 sa_resource_t rsrc = NULL; 5105 sa_share_t share; 5106 char dir[MAXPATHLEN]; 5107 uint64_t features; 5108 #ifdef lint 5109 flags = flags; 5110 #endif 5111 5112 while ((c = getopt(argc, argv, "?hF:d:o:p")) != EOF) { 5113 switch (c) { 5114 case 'd': 5115 description = optarg; 5116 argsused++; 5117 break; 5118 case 'F': 5119 protocol = optarg; 5120 if (!sa_valid_protocol(protocol)) { 5121 if (format_legacy_path(cmd, MAXPATHLEN, 5122 protocol, "share") == 0 && 5123 check_legacy_cmd(cmd)) { 5124 true_legacy++; 5125 } else { 5126 (void) fprintf(stderr, gettext( 5127 "Invalid protocol specified: " 5128 "%s\n"), protocol); 5129 return (SA_INVALID_PROTOCOL); 5130 } 5131 } 5132 break; 5133 case 'o': 5134 options = optarg; 5135 argsused++; 5136 break; 5137 case 'p': 5138 persist = SA_SHARE_PERMANENT; 5139 argsused++; 5140 break; 5141 case 'h': 5142 case '?': 5143 default: 5144 (void) fprintf(stderr, gettext("usage: %s\n"), 5145 sa_get_usage(USAGE_SHARE)); 5146 return (SA_OK); 5147 } 5148 } 5149 5150 /* Have the info so construct what is needed */ 5151 if (!argsused && optind == argc) { 5152 /* display current info in share format */ 5153 (void) output_legacy_file(stdout, protocol, handle); 5154 return (ret); 5155 } 5156 5157 /* We are modifying the configuration */ 5158 if (optind == argc) { 5159 (void) fprintf(stderr, gettext("usage: %s\n"), 5160 sa_get_usage(USAGE_SHARE)); 5161 return (SA_LEGACY_ERR); 5162 } 5163 if (true_legacy) { 5164 /* If still using legacy share/unshare, exec it */ 5165 ret = run_legacy_command(cmd, argv); 5166 return (ret); 5167 } 5168 5169 sharepath = argv[optind++]; 5170 if (optind < argc) { 5171 resource = argv[optind]; 5172 groupname = strchr(resource, '@'); 5173 if (groupname != NULL) 5174 *groupname++ = '\0'; 5175 } 5176 if (realpath(sharepath, dir) == NULL) 5177 ret = SA_BAD_PATH; 5178 else 5179 sharepath = dir; 5180 if (ret == SA_OK) 5181 share = sa_find_share(handle, sharepath); 5182 else 5183 share = NULL; 5184 5185 features = sa_proto_get_featureset(protocol); 5186 5187 if (groupname != NULL) { 5188 ret = SA_NOT_ALLOWED; 5189 } else if (ret == SA_OK) { 5190 char *legacygroup; 5191 /* 5192 * The legacy group is always present and zfs groups 5193 * come and go. zfs shares may be in sub-groups and 5194 * the zfs share will already be in that group so it 5195 * isn't an error. If the protocol is "smb", the group 5196 * "smb" is used when "default" would otherwise be 5197 * used. "default" is NFS only and "smb" is SMB only. 5198 */ 5199 if (strcmp(protocol, "smb") == 0) 5200 legacygroup = "smb"; 5201 else 5202 legacygroup = "default"; 5203 5204 /* 5205 * If the share exists (not NULL), then make sure it 5206 * is one we want to handle by getting the parent 5207 * group. 5208 */ 5209 if (share != NULL) { 5210 group = sa_get_parent_group(share); 5211 } else { 5212 group = sa_get_group(handle, legacygroup); 5213 if (group == NULL && strcmp(legacygroup, "smb") == 0) { 5214 /* 5215 * This group may not exist, so create 5216 * as necessary. It only contains the 5217 * "smb" protocol. 5218 */ 5219 group = sa_create_group(handle, legacygroup, 5220 &ret); 5221 if (group != NULL) 5222 (void) sa_create_optionset(group, 5223 protocol); 5224 } 5225 } 5226 5227 if (group == NULL) { 5228 ret = SA_SYSTEM_ERR; 5229 goto err; 5230 } 5231 5232 groupstatus = group_status(group); 5233 if (share == NULL) { 5234 share = sa_add_share(group, sharepath, 5235 persist, &ret); 5236 if (share == NULL && 5237 ret == SA_DUPLICATE_NAME) { 5238 /* 5239 * Could be a ZFS path being started 5240 */ 5241 if (sa_zfs_is_shared(handle, 5242 sharepath)) { 5243 ret = SA_OK; 5244 group = sa_get_group(handle, 5245 "zfs"); 5246 if (group == NULL) { 5247 /* 5248 * This shouldn't 5249 * happen. 5250 */ 5251 ret = SA_CONFIG_ERR; 5252 } else { 5253 share = sa_add_share( 5254 group, sharepath, 5255 persist, &ret); 5256 } 5257 } 5258 } 5259 } else { 5260 char *type; 5261 /* 5262 * May want to change persist state, but the 5263 * important thing is to change options. We 5264 * need to change them regardless of the 5265 * source. 5266 */ 5267 5268 if (sa_zfs_is_shared(handle, sharepath)) { 5269 zfs = 1; 5270 } 5271 remove_all_options(share, protocol); 5272 type = sa_get_share_attr(share, "type"); 5273 if (type != NULL && 5274 strcmp(type, "transient") != 0) { 5275 curtype = SA_SHARE_PERMANENT; 5276 } 5277 if (type != NULL) 5278 sa_free_attr_string(type); 5279 if (curtype != persist) { 5280 (void) sa_set_share_attr(share, "type", 5281 persist == SA_SHARE_PERMANENT ? 5282 "persist" : "transient"); 5283 } 5284 } 5285 5286 /* 5287 * If there is a resource name, we may 5288 * actually care about it if this is share for 5289 * a protocol that uses resource level sharing 5290 * (SMB). We need to find the resource and, if 5291 * it exists, make sure it belongs to the 5292 * current share. If it doesn't exist, attempt 5293 * to create it. 5294 */ 5295 5296 if (ret == SA_OK && resource != NULL) { 5297 rsrc = sa_find_resource(handle, resource); 5298 if (rsrc != NULL) { 5299 if (share != sa_get_resource_parent(rsrc)) 5300 ret = SA_DUPLICATE_NAME; 5301 } else { 5302 rsrc = sa_add_resource(share, resource, 5303 persist, &ret); 5304 } 5305 if (features & SA_FEATURE_RESOURCE) 5306 share = rsrc; 5307 } 5308 5309 /* Have a group to hold this share path */ 5310 if (ret == SA_OK && options != NULL && 5311 strlen(options) > 0) { 5312 ret = sa_parse_legacy_options(share, 5313 options, 5314 protocol); 5315 } 5316 if (!zfs) { 5317 /* 5318 * ZFS shares never have a description 5319 * and we can't store the values so 5320 * don't try. 5321 */ 5322 if (ret == SA_OK && description != NULL) 5323 ret = sa_set_share_description(share, 5324 description); 5325 } 5326 if (ret == SA_OK && 5327 strcmp(groupstatus, "enabled") == 0) { 5328 if (rsrc != share) 5329 ret = sa_enable_share(share, protocol); 5330 else 5331 ret = sa_enable_resource(rsrc, 5332 protocol); 5333 if (ret == SA_OK && 5334 persist == SA_SHARE_PERMANENT) { 5335 (void) sa_update_legacy(share, 5336 protocol); 5337 } 5338 if (ret == SA_OK) 5339 ret = sa_update_config(handle); 5340 } 5341 } 5342 err: 5343 if (ret != SA_OK) { 5344 (void) fprintf(stderr, gettext("Could not share: %s: %s\n"), 5345 sharepath, sa_errorstr(ret)); 5346 ret = SA_LEGACY_ERR; 5347 } 5348 return (ret); 5349 } 5350 5351 /* 5352 * sa_legacy_unshare(flags, argc, argv) 5353 * 5354 * Implements the original unshare command. 5355 */ 5356 int 5357 sa_legacy_unshare(sa_handle_t handle, int flags, int argc, char *argv[]) 5358 { 5359 char *protocol = "nfs"; /* for now */ 5360 char *options = NULL; 5361 char *sharepath = NULL; 5362 int persist = SA_SHARE_TRANSIENT; 5363 int argsused = 0; 5364 int c; 5365 int ret = SA_OK; 5366 int true_legacy = 0; 5367 uint64_t features = 0; 5368 sa_resource_t resource = NULL; 5369 char cmd[MAXPATHLEN]; 5370 #ifdef lint 5371 flags = flags; 5372 options = options; 5373 #endif 5374 5375 while ((c = getopt(argc, argv, "?hF:o:p")) != EOF) { 5376 switch (c) { 5377 case 'h': 5378 case '?': 5379 break; 5380 case 'F': 5381 protocol = optarg; 5382 if (!sa_valid_protocol(protocol)) { 5383 if (format_legacy_path(cmd, MAXPATHLEN, 5384 protocol, "unshare") == 0 && 5385 check_legacy_cmd(cmd)) { 5386 true_legacy++; 5387 } else { 5388 (void) printf(gettext( 5389 "Invalid file system name\n")); 5390 return (SA_INVALID_PROTOCOL); 5391 } 5392 } 5393 break; 5394 case 'o': 5395 options = optarg; 5396 argsused++; 5397 break; 5398 case 'p': 5399 persist = SA_SHARE_PERMANENT; 5400 argsused++; 5401 break; 5402 default: 5403 (void) printf(gettext("usage: %s\n"), 5404 sa_get_usage(USAGE_UNSHARE)); 5405 return (SA_OK); 5406 } 5407 } 5408 5409 /* Have the info so construct what is needed */ 5410 if (optind == argc || (optind + 1) < argc || options != NULL) { 5411 ret = SA_SYNTAX_ERR; 5412 } else { 5413 sa_share_t share; 5414 char dir[MAXPATHLEN]; 5415 if (true_legacy) { 5416 /* if still using legacy share/unshare, exec it */ 5417 ret = run_legacy_command(cmd, argv); 5418 return (ret); 5419 } 5420 /* 5421 * Find the path in the internal configuration. If it 5422 * isn't found, attempt to resolve the path via 5423 * realpath() and try again. 5424 */ 5425 sharepath = argv[optind++]; 5426 share = sa_find_share(handle, sharepath); 5427 if (share == NULL) { 5428 if (realpath(sharepath, dir) == NULL) { 5429 ret = SA_NO_SUCH_PATH; 5430 } else { 5431 share = sa_find_share(handle, dir); 5432 } 5433 } 5434 if (share == NULL) { 5435 /* Could be a resource name so check that next */ 5436 features = sa_proto_get_featureset(protocol); 5437 resource = sa_find_resource(handle, sharepath); 5438 if (resource != NULL) { 5439 share = sa_get_resource_parent(resource); 5440 if (features & SA_FEATURE_RESOURCE) 5441 (void) sa_disable_resource(resource, 5442 protocol); 5443 if (persist == SA_SHARE_PERMANENT) { 5444 ret = sa_remove_resource(resource); 5445 if (ret == SA_OK) 5446 ret = sa_update_config(handle); 5447 } 5448 /* 5449 * If we still have a resource on the 5450 * share, we don't disable the share 5451 * itself. IF there aren't anymore, we 5452 * need to remove the share. The 5453 * removal will be done in the next 5454 * section if appropriate. 5455 */ 5456 resource = sa_get_share_resource(share, NULL); 5457 if (resource != NULL) 5458 share = NULL; 5459 } else if (ret == SA_OK) { 5460 /* Didn't find path and no resource */ 5461 ret = SA_BAD_PATH; 5462 } 5463 } 5464 if (share != NULL && resource == NULL) { 5465 ret = sa_disable_share(share, protocol); 5466 /* 5467 * Errors are ok and removal should still occur. The 5468 * legacy unshare is more forgiving of errors than the 5469 * remove-share subcommand which may need the force 5470 * flag set for some error conditions. That is, the 5471 * "unshare" command will always unshare if it can 5472 * while "remove-share" might require the force option. 5473 */ 5474 if (persist == SA_SHARE_PERMANENT) { 5475 ret = sa_remove_share(share); 5476 if (ret == SA_OK) 5477 ret = sa_update_config(handle); 5478 } 5479 } else if (ret == SA_OK && share == NULL && resource == NULL) { 5480 /* 5481 * If both share and resource are NULL, then 5482 * share not found. If one or the other was 5483 * found or there was an earlier error, we 5484 * assume it was handled earlier. 5485 */ 5486 ret = SA_NOT_SHARED; 5487 } 5488 } 5489 switch (ret) { 5490 default: 5491 (void) printf("%s: %s\n", sharepath, sa_errorstr(ret)); 5492 ret = SA_LEGACY_ERR; 5493 break; 5494 case SA_SYNTAX_ERR: 5495 (void) printf(gettext("usage: %s\n"), 5496 sa_get_usage(USAGE_UNSHARE)); 5497 break; 5498 case SA_OK: 5499 break; 5500 } 5501 return (ret); 5502 } 5503 5504 /* 5505 * Common commands that implement the sub-commands used by all 5506 * protocols. The entries are found via the lookup command 5507 */ 5508 5509 static sa_command_t commands[] = { 5510 {"add-share", 0, sa_addshare, USAGE_ADD_SHARE, SVC_SET}, 5511 {"create", 0, sa_create, USAGE_CREATE, SVC_SET|SVC_ACTION}, 5512 {"delete", 0, sa_delete, USAGE_DELETE, SVC_SET|SVC_ACTION}, 5513 {"disable", 0, sa_disable_group, USAGE_DISABLE, SVC_SET|SVC_ACTION}, 5514 {"enable", 0, sa_enable_group, USAGE_ENABLE, SVC_SET|SVC_ACTION}, 5515 {"list", 0, sa_list, USAGE_LIST}, 5516 {"move-share", 0, sa_moveshare, USAGE_MOVE_SHARE, SVC_SET}, 5517 {"remove-share", 0, sa_removeshare, USAGE_REMOVE_SHARE, SVC_SET}, 5518 {"set", 0, sa_set, USAGE_SET, SVC_SET}, 5519 {"set-share", 0, sa_set_share, USAGE_SET_SHARE, SVC_SET}, 5520 {"show", 0, sa_show, USAGE_SHOW}, 5521 {"share", 0, sa_legacy_share, USAGE_SHARE, SVC_SET|SVC_ACTION}, 5522 {"start", CMD_NODISPLAY, sa_start_group, USAGE_START, 5523 SVC_SET|SVC_ACTION}, 5524 {"stop", CMD_NODISPLAY, sa_stop_group, USAGE_STOP, SVC_SET|SVC_ACTION}, 5525 {"unset", 0, sa_unset, USAGE_UNSET, SVC_SET}, 5526 {"unshare", 0, sa_legacy_unshare, USAGE_UNSHARE, SVC_SET|SVC_ACTION}, 5527 {NULL, 0, NULL, NULL} 5528 }; 5529 5530 static char * 5531 sa_get_usage(sa_usage_t index) 5532 { 5533 char *ret = NULL; 5534 switch (index) { 5535 case USAGE_ADD_SHARE: 5536 ret = gettext("add-share [-nth] [-r resource-name] " 5537 "[-d \"description text\"] -s sharepath group"); 5538 break; 5539 case USAGE_CREATE: 5540 ret = gettext( 5541 "create [-nvh] [-P proto [-p property=value]] group"); 5542 break; 5543 case USAGE_DELETE: 5544 ret = gettext("delete [-nvh] [-P proto] [-f] group"); 5545 break; 5546 case USAGE_DISABLE: 5547 ret = gettext("disable [-nvh] {-a | group ...}"); 5548 break; 5549 case USAGE_ENABLE: 5550 ret = gettext("enable [-nvh] {-a | group ...}"); 5551 break; 5552 case USAGE_LIST: 5553 ret = gettext("list [-vh] [-P proto]"); 5554 break; 5555 case USAGE_MOVE_SHARE: 5556 ret = gettext( 5557 "move-share [-nvh] -s sharepath destination-group"); 5558 break; 5559 case USAGE_REMOVE_SHARE: 5560 ret = gettext( 5561 "remove-share [-fnvh] {-s sharepath | -r resource} " 5562 "group"); 5563 break; 5564 case USAGE_SET: 5565 ret = gettext("set [-nvh] -P proto [-S optspace] " 5566 "[-p property=value]* [-s sharepath] [-r resource]] " 5567 "group"); 5568 break; 5569 case USAGE_SET_SECURITY: 5570 ret = gettext("set-security [-nvh] -P proto -S security-type " 5571 "[-p property=value]* group"); 5572 break; 5573 case USAGE_SET_SHARE: 5574 ret = gettext("set-share [-nh] [-r resource] " 5575 "[-d \"description text\"] -s sharepath group"); 5576 break; 5577 case USAGE_SHOW: 5578 ret = gettext("show [-pvxh] [-P proto] [group ...]"); 5579 break; 5580 case USAGE_SHARE: 5581 ret = gettext("share [-F fstype] [-p] [-o optionlist]" 5582 "[-d description] [pathname [resourcename]]"); 5583 break; 5584 case USAGE_START: 5585 ret = gettext("start [-vh] [-P proto] {-a | group ...}"); 5586 break; 5587 case USAGE_STOP: 5588 ret = gettext("stop [-vh] [-P proto] {-a | group ...}"); 5589 break; 5590 case USAGE_UNSET: 5591 ret = gettext("unset [-nvh] -P proto [-S optspace] " 5592 "[-p property]* group"); 5593 break; 5594 case USAGE_UNSET_SECURITY: 5595 ret = gettext("unset-security [-nvh] -P proto " 5596 "-S security-type [-p property]* group"); 5597 break; 5598 case USAGE_UNSHARE: 5599 ret = gettext( 5600 "unshare [-F fstype] [-p] [-o optionlist] sharepath"); 5601 break; 5602 } 5603 return (ret); 5604 } 5605 5606 /* 5607 * sa_lookup(cmd, proto) 5608 * 5609 * Lookup the sub-command. proto isn't currently used, but it may 5610 * eventually provide a way to provide protocol specific sub-commands. 5611 */ 5612 sa_command_t * 5613 sa_lookup(char *cmd, char *proto) 5614 { 5615 int i; 5616 size_t len; 5617 #ifdef lint 5618 proto = proto; 5619 #endif 5620 5621 len = strlen(cmd); 5622 for (i = 0; commands[i].cmdname != NULL; i++) { 5623 if (strncmp(cmd, commands[i].cmdname, len) == 0) 5624 return (&commands[i]); 5625 } 5626 return (NULL); 5627 } 5628 5629 void 5630 sub_command_help(char *proto) 5631 { 5632 int i; 5633 #ifdef lint 5634 proto = proto; 5635 #endif 5636 5637 (void) printf(gettext("\tsub-commands:\n")); 5638 for (i = 0; commands[i].cmdname != NULL; i++) { 5639 if (!(commands[i].flags & (CMD_ALIAS|CMD_NODISPLAY))) 5640 (void) printf("\t%s\n", 5641 sa_get_usage((sa_usage_t)commands[i].cmdidx)); 5642 } 5643 } 5644