xref: /illumos-gate/usr/src/cmd/krb5/kadmin/dbutil/kdb5_destroy.c (revision a5f69788de7ac07553de47f7fec8c05a9a94c105)
1 /*
2  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 #pragma ident	"%Z%%M%	%I%	%E% SMI"
7 
8 /*
9  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
10  *
11  *	Openvision retains the copyright to derivative works of
12  *	this source code.  Do *NOT* create a derivative of this
13  *	source code before consulting with your legal department.
14  *	Do *NOT* integrate *ANY* of this source code into another
15  *	product before consulting with your legal department.
16  *
17  *	For further information, read the top-level Openvision
18  *	copyright which is contained in the top-level MIT Kerberos
19  *	copyright.
20  *
21  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
22  *
23  */
24 
25 
26 /*
27  * admin/destroy/kdb5_destroy.c
28  *
29  * Copyright 1990 by the Massachusetts Institute of Technology.
30  * All Rights Reserved.
31  *
32  * Export of this software from the United States of America may
33  *   require a specific license from the United States Government.
34  *   It is the responsibility of any person or organization contemplating
35  *   export to obtain such a license before exporting.
36  *
37  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
38  * distribute this software and its documentation for any purpose and
39  * without fee is hereby granted, provided that the above copyright
40  * notice appear in all copies and that both that copyright notice and
41  * this permission notice appear in supporting documentation, and that
42  * the name of M.I.T. not be used in advertising or publicity pertaining
43  * to distribution of the software without specific, written prior
44  * permission.  Furthermore if you modify this software you must label
45  * your software as modified software and not distribute it in such a
46  * fashion that it might be confused with the original M.I.T. software.
47  * M.I.T. makes no representations about the suitability of
48  * this software for any purpose.  It is provided "as is" without express
49  * or implied warranty.
50  *
51  *
52  * kdb_dest(roy): destroy the named database.
53  *
54  * This version knows about DBM format databases.
55  */
56 
57 #define KDB5_DISPATCH
58 #define KRB5_KDB5_DBM__
59 #include <k5-int.h>
60 /* #define these to avoid an indirection function; for future implementations,
61    these may be redirected from a dispatch table/routine */
62 #define krb5_dbm_db_set_name krb5_db_set_name
63 #define krb5_dbm_db_set_nonblocking krb5_db_set_nonblocking
64 #define krb5_dbm_db_init krb5_db_init
65 #define krb5_dbm_db_get_age krb5_db_get_age
66 #define krb5_dbm_db_create krb5_db_create
67 #define krb5_dbm_db_rename krb5_db_rename
68 #define krb5_dbm_db_get_principal krb5_db_get_principal
69 #define krb5_dbm_db_free_principal krb5_db_free_principal
70 #define krb5_dbm_db_put_principal krb5_db_put_principal
71 #define krb5_dbm_db_delete_principal krb5_db_delete_principal
72 #define krb5_dbm_db_lock krb5_db_lock
73 #define krb5_dbm_db_unlock krb5_db_unlock
74 #define krb5_dbm_db_set_lockmode krb5_db_set_lockmode
75 #define krb5_dbm_db_close_database krb5_db_close_database
76 #define krb5_dbm_db_open_database krb5_db_open_database
77 
78 #include <stdio.h>
79 #include "com_err.h"
80 #include <kadm5/admin.h>
81 #include <kadm5/adb.h>
82 #include <libintl.h>
83 #include "kdb5_util.h"
84 
85 extern int errno;
86 extern int exit_status;
87 extern krb5_boolean dbactive;
88 extern kadm5_config_params global_params;
89 
90 
91 void
92 kdb5_destroy(argc, argv)
93     int argc;
94     char *argv[];
95 {
96     extern char *optarg;
97     extern int optind;
98     int optchar;
99     char *dbname;
100     char buf[5];
101     char dbfilename[MAXPATHLEN];
102     krb5_error_code retval, retval1, retval2;
103     krb5_context context;
104     char ufilename[MAX_FILENAME];
105 
106     krb5_init_context(&context);
107 
108     if (strrchr(argv[0], '/'))
109 	argv[0] = strrchr(argv[0], '/')+1;
110 
111     dbname = global_params.dbname;
112 
113     printf(gettext("Deleting KDC database stored in '%s', "
114 		"are you sure?\n"), dbname);
115     printf(gettext("(type 'yes' or 'y' to confirm)? "));
116 
117     if (fgets(buf, sizeof (buf), stdin) == NULL) {
118 	exit_status++;
119 	return;
120     }
121     if ((strncmp(buf, gettext("yes\n"),
122 	 	strlen(gettext("yes\n"))) != 0) &&
123 	(strncmp(buf, gettext("y\n"),
124 		strlen(gettext("y\n"))) != 0)) {
125 	printf(gettext("database not deleted !! '%s'...\n"),
126 		dbname);
127 
128 	exit_status++;
129 	return;
130     }
131     printf(gettext("OK, deleting database '%s'...\n"), dbname);
132     if (retval = krb5_db_set_name(context, dbname)) {
133 	com_err(argv[0], retval, "'%s'",dbname);
134 		exit_status++;
135 		return;
136     }
137     retval1 = krb5_db_destroy(context, dbname);
138 
139     /* check for a stash file and delete it if necessary */
140     if (global_params.stash_file == NULL) {
141 	char stash[MAXPATHLEN+1];
142 	extern krb5_principal master_princ;
143 	krb5_data *realm = krb5_princ_realm(context, master_princ);
144 	(void) strlcpy(stash, DEFAULT_KEYFILE_STUB, sizeof (stash));
145 	/*
146 	 * realm->data is not necessarily NULL terminated so be
147 	 * careful how much data is copied here.  Don't overrun
148 	 * the "stash" buffer and dont overrun the realm->data buffer,
149 	 * copy the smaller of the 2 lengths.
150 	 */
151 	(void) strncat(stash, realm->data,
152 		(realm->length < (MAXPATHLEN-strlen(stash)) ? realm->length :
153 		MAXPATHLEN-strlen(stash)));
154 	global_params.stash_file = (char *)strdup(stash);
155     }
156     if (!access(global_params.stash_file, F_OK))
157 	(void)unlink(global_params.stash_file);
158 
159     retval2 = osa_adb_destroy_policy_db(&global_params);
160     if (retval1) {
161 		com_err(argv[0], retval1,
162 			gettext("deleting database '%s'"), dbname);
163 		exit_status++;
164 		return;
165     }
166     if (retval2) {
167 		com_err(argv[0], retval2,
168 			gettext("destroying policy database"));
169 		exit_status++;
170 		return;
171     }
172 
173     if (global_params.iprop_enabled) {
174 	if (strlcpy(ufilename, dbname, MAX_FILENAME) >= MAX_FILENAME) {
175 		exit_status++;
176 		return;
177 	}
178 	if (strlcat(ufilename, ".ulog", MAX_FILENAME) >= MAX_FILENAME) {
179 		exit_status++;
180 		return;
181 	}
182 
183 	(void) unlink(ufilename);
184     }
185 
186     dbactive = FALSE;
187 	printf(gettext("** Database '%s' destroyed.\n"), dbname);
188 }
189