17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 37c478bd9Sstevel@tonic-gate * Use is subject to license terms. 47c478bd9Sstevel@tonic-gate */ 57c478bd9Sstevel@tonic-gate 67c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 77c478bd9Sstevel@tonic-gate 87c478bd9Sstevel@tonic-gate /* 97c478bd9Sstevel@tonic-gate * RPC server procedures for the usermode daemon kwarnd. 107c478bd9Sstevel@tonic-gate */ 117c478bd9Sstevel@tonic-gate 127c478bd9Sstevel@tonic-gate #include <stdio.h> 137c478bd9Sstevel@tonic-gate #include <unistd.h> 147c478bd9Sstevel@tonic-gate #include <pwd.h> 157c478bd9Sstevel@tonic-gate #include <grp.h> 167c478bd9Sstevel@tonic-gate #include <strings.h> 177c478bd9Sstevel@tonic-gate #include <string.h> 187c478bd9Sstevel@tonic-gate #include <sys/param.h> 197c478bd9Sstevel@tonic-gate #include <sys/syslog.h> 207c478bd9Sstevel@tonic-gate #include "kwarnd.h" 217c478bd9Sstevel@tonic-gate #include <rpc/rpc.h> 227c478bd9Sstevel@tonic-gate #include <stdlib.h> 237c478bd9Sstevel@tonic-gate #include <syslog.h> 247c478bd9Sstevel@tonic-gate #include <poll.h> 257c478bd9Sstevel@tonic-gate #include <utmpx.h> 267c478bd9Sstevel@tonic-gate #include <pwd.h> 277c478bd9Sstevel@tonic-gate #include <strings.h> 287c478bd9Sstevel@tonic-gate #include <ctype.h> 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <k5-int.h> 317c478bd9Sstevel@tonic-gate #include <profile/prof_int.h> 327c478bd9Sstevel@tonic-gate #include <com_err.h> 337c478bd9Sstevel@tonic-gate #include <libintl.h> 347c478bd9Sstevel@tonic-gate #include <krb5.h> 357c478bd9Sstevel@tonic-gate 367c478bd9Sstevel@tonic-gate struct k5_data 377c478bd9Sstevel@tonic-gate { 387c478bd9Sstevel@tonic-gate krb5_context ctx; 397c478bd9Sstevel@tonic-gate krb5_ccache cc; 407c478bd9Sstevel@tonic-gate krb5_principal me; 417c478bd9Sstevel@tonic-gate char *name; 427c478bd9Sstevel@tonic-gate }; 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate 457c478bd9Sstevel@tonic-gate #define MAIL "mail" 467c478bd9Sstevel@tonic-gate #define MAILPATH "/usr/bin/mail" 477c478bd9Sstevel@tonic-gate #define DEFAULT_CONFIG "* terminal 30m" 487c478bd9Sstevel@tonic-gate #define CONF_FILENAME "/etc/krb5/warn.conf" 497c478bd9Sstevel@tonic-gate 507c478bd9Sstevel@tonic-gate /* warn.conf info */ 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate typedef struct config_entry_s { 537c478bd9Sstevel@tonic-gate struct config_entry_s *next; 547c478bd9Sstevel@tonic-gate int seconds_to_warn; 557c478bd9Sstevel@tonic-gate char *principal; 567c478bd9Sstevel@tonic-gate char *where_to; 577c478bd9Sstevel@tonic-gate char *email; 587c478bd9Sstevel@tonic-gate int renew; 597c478bd9Sstevel@tonic-gate int log_success; 607c478bd9Sstevel@tonic-gate int log_failure; 617c478bd9Sstevel@tonic-gate } config_entry_list_t; 627c478bd9Sstevel@tonic-gate static config_entry_list_t *config_entry_list; 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate /* list of principals to be warned */ 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate typedef struct cred_warning_list_s { 677c478bd9Sstevel@tonic-gate struct cred_warning_list_s *next; 687c478bd9Sstevel@tonic-gate WARNING_NAME_T warn_name; 697c478bd9Sstevel@tonic-gate time_t cred_exp_time; 707c478bd9Sstevel@tonic-gate time_t cred_warn_time; 717c478bd9Sstevel@tonic-gate mutex_t cwm; 727c478bd9Sstevel@tonic-gate } cred_warning_list_t; 737c478bd9Sstevel@tonic-gate static cred_warning_list_t *cred_warning_list; 747c478bd9Sstevel@tonic-gate static rwlock_t cred_lock = DEFAULTRWLOCK; 757c478bd9Sstevel@tonic-gate 767c478bd9Sstevel@tonic-gate static bool_t 777c478bd9Sstevel@tonic-gate del_warning_pvt(char *); 787c478bd9Sstevel@tonic-gate 797c478bd9Sstevel@tonic-gate static config_entry_list_t * 807c478bd9Sstevel@tonic-gate find_warning_info(char *); 817c478bd9Sstevel@tonic-gate 827c478bd9Sstevel@tonic-gate static bool_t 837c478bd9Sstevel@tonic-gate parseConfigLine(char *buffer); 847c478bd9Sstevel@tonic-gate 85*814a60b1Sgtb extern int warn_send(char *, char *); 867c478bd9Sstevel@tonic-gate 877c478bd9Sstevel@tonic-gate extern int kwarnd_debug; 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate cred_warning_list_t * 907c478bd9Sstevel@tonic-gate find_cred_warning(WARNING_NAME_T warn_name) 917c478bd9Sstevel@tonic-gate { 927c478bd9Sstevel@tonic-gate cred_warning_list_t *cw; 937c478bd9Sstevel@tonic-gate if (!cred_warning_list) 947c478bd9Sstevel@tonic-gate return (NULL); 957c478bd9Sstevel@tonic-gate for (cw = cred_warning_list; cw != NULL; cw = cw->next) { 967c478bd9Sstevel@tonic-gate if (strcmp(warn_name, cw->warn_name) != 0) 977c478bd9Sstevel@tonic-gate continue; 987c478bd9Sstevel@tonic-gate return (cw); 997c478bd9Sstevel@tonic-gate } 1007c478bd9Sstevel@tonic-gate return (NULL); 1017c478bd9Sstevel@tonic-gate } 1027c478bd9Sstevel@tonic-gate 1037c478bd9Sstevel@tonic-gate /* 1047c478bd9Sstevel@tonic-gate * add a principal to the principal warning list 1057c478bd9Sstevel@tonic-gate */ 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate bool_t 1087c478bd9Sstevel@tonic-gate kwarn_add_warning_1_svc(kwarn_add_warning_arg *argp, 1097c478bd9Sstevel@tonic-gate kwarn_add_warning_res *res, 1107c478bd9Sstevel@tonic-gate struct svc_req *rqstp) 1117c478bd9Sstevel@tonic-gate { 1127c478bd9Sstevel@tonic-gate cred_warning_list_t *cred_warning; 1137c478bd9Sstevel@tonic-gate config_entry_list_t *config_entry; 1147c478bd9Sstevel@tonic-gate 1157c478bd9Sstevel@tonic-gate if (kwarnd_debug) { 1167c478bd9Sstevel@tonic-gate printf("kwarn_add_warning_1_svc start; cWlist=%p\n", 1177c478bd9Sstevel@tonic-gate cred_warning_list); 1187c478bd9Sstevel@tonic-gate 1197c478bd9Sstevel@tonic-gate printf("kwarn_add_warning_1_svc: principal %s", 1207c478bd9Sstevel@tonic-gate argp->warning_name); 1217c478bd9Sstevel@tonic-gate printf(" exp time: %d\n", argp->cred_exp_time); 1227c478bd9Sstevel@tonic-gate } 1237c478bd9Sstevel@tonic-gate 1247c478bd9Sstevel@tonic-gate /* 1257c478bd9Sstevel@tonic-gate * if there is no entry in the config file that matches the principal to 1267c478bd9Sstevel@tonic-gate * be added to the warning list, return true because we are not going to 1277c478bd9Sstevel@tonic-gate * send a warning for this principal. 1287c478bd9Sstevel@tonic-gate */ 1297c478bd9Sstevel@tonic-gate 1307c478bd9Sstevel@tonic-gate if ((config_entry = find_warning_info(argp->warning_name)) == NULL) { 1317c478bd9Sstevel@tonic-gate if (kwarnd_debug) 1327c478bd9Sstevel@tonic-gate printf( 1337c478bd9Sstevel@tonic-gate "kwarn_add_warning_1_svc find_warn_info: fails, cWlist=%p\n", 1347c478bd9Sstevel@tonic-gate cred_warning_list); 1357c478bd9Sstevel@tonic-gate 1367c478bd9Sstevel@tonic-gate return (TRUE); 1377c478bd9Sstevel@tonic-gate } 1387c478bd9Sstevel@tonic-gate 1397c478bd9Sstevel@tonic-gate /* 1407c478bd9Sstevel@tonic-gate * see if a warning has already been created for this principal, if so 1417c478bd9Sstevel@tonic-gate * update the warning time. 1427c478bd9Sstevel@tonic-gate */ 1437c478bd9Sstevel@tonic-gate 1447c478bd9Sstevel@tonic-gate rw_wrlock(&cred_lock); 1457c478bd9Sstevel@tonic-gate if (cred_warning = find_cred_warning(argp->warning_name)) { 1467c478bd9Sstevel@tonic-gate rw_unlock(&cred_lock); 1477c478bd9Sstevel@tonic-gate mutex_lock(&cred_warning->cwm); 1487c478bd9Sstevel@tonic-gate cred_warning->cred_exp_time = argp->cred_exp_time; 1497c478bd9Sstevel@tonic-gate cred_warning->cred_warn_time = argp->cred_exp_time 1507c478bd9Sstevel@tonic-gate - config_entry->seconds_to_warn; 1517c478bd9Sstevel@tonic-gate mutex_unlock(&cred_warning->cwm); 1527c478bd9Sstevel@tonic-gate } else { 1537c478bd9Sstevel@tonic-gate cred_warning = (cred_warning_list_t *)malloc( 1547c478bd9Sstevel@tonic-gate sizeof (*cred_warning_list)); 1557c478bd9Sstevel@tonic-gate if (cred_warning == NULL) { 1567c478bd9Sstevel@tonic-gate rw_unlock(&cred_lock); 1577c478bd9Sstevel@tonic-gate res->status = 1; 1587c478bd9Sstevel@tonic-gate return (FALSE); 1597c478bd9Sstevel@tonic-gate } 1607c478bd9Sstevel@tonic-gate (void) memset((char *)cred_warning, 0, 1617c478bd9Sstevel@tonic-gate sizeof (*cred_warning_list)); 1627c478bd9Sstevel@tonic-gate cred_warning->cred_exp_time = argp->cred_exp_time; 1637c478bd9Sstevel@tonic-gate cred_warning->cred_warn_time = argp->cred_exp_time 1647c478bd9Sstevel@tonic-gate - config_entry->seconds_to_warn; 1657c478bd9Sstevel@tonic-gate cred_warning->warn_name = strdup(argp->warning_name); 1667c478bd9Sstevel@tonic-gate if (cred_warning->warn_name == NULL) { 1677c478bd9Sstevel@tonic-gate free(cred_warning); 1687c478bd9Sstevel@tonic-gate rw_unlock(&cred_lock); 1697c478bd9Sstevel@tonic-gate res->status = 1; 1707c478bd9Sstevel@tonic-gate return (FALSE); 1717c478bd9Sstevel@tonic-gate } 1727c478bd9Sstevel@tonic-gate mutex_init(&cred_warning->cwm, USYNC_THREAD, NULL); 1737c478bd9Sstevel@tonic-gate cred_warning->next = cred_warning_list; 1747c478bd9Sstevel@tonic-gate cred_warning_list = cred_warning; 1757c478bd9Sstevel@tonic-gate rw_unlock(&cred_lock); 1767c478bd9Sstevel@tonic-gate } 1777c478bd9Sstevel@tonic-gate res->status = 0; 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate if (kwarnd_debug) 1807c478bd9Sstevel@tonic-gate printf( 1817c478bd9Sstevel@tonic-gate "kwarn_add_warning_1_svc end: returns true; cWlist=%p\n", 1827c478bd9Sstevel@tonic-gate cred_warning_list); 1837c478bd9Sstevel@tonic-gate 1847c478bd9Sstevel@tonic-gate return (TRUE); 1857c478bd9Sstevel@tonic-gate } 1867c478bd9Sstevel@tonic-gate 1877c478bd9Sstevel@tonic-gate /* 1887c478bd9Sstevel@tonic-gate * delete a warning request for a given principal 1897c478bd9Sstevel@tonic-gate */ 1907c478bd9Sstevel@tonic-gate 1917c478bd9Sstevel@tonic-gate bool_t 1927c478bd9Sstevel@tonic-gate kwarn_del_warning_1_svc(kwarn_del_warning_arg *argp, 1937c478bd9Sstevel@tonic-gate kwarn_del_warning_res *res, 1947c478bd9Sstevel@tonic-gate struct svc_req *rqstp) 1957c478bd9Sstevel@tonic-gate { 1967c478bd9Sstevel@tonic-gate if (kwarnd_debug) 1977c478bd9Sstevel@tonic-gate printf(gettext("delete principal %s requested\n"), 1987c478bd9Sstevel@tonic-gate argp->warning_name); 1997c478bd9Sstevel@tonic-gate 2007c478bd9Sstevel@tonic-gate if (del_warning_pvt(argp->warning_name) == TRUE) { 2017c478bd9Sstevel@tonic-gate res->status = 0; 2027c478bd9Sstevel@tonic-gate 2037c478bd9Sstevel@tonic-gate if (kwarnd_debug) 2047c478bd9Sstevel@tonic-gate printf(gettext("delete principal %s completed\n"), 2057c478bd9Sstevel@tonic-gate argp->warning_name); 2067c478bd9Sstevel@tonic-gate 2077c478bd9Sstevel@tonic-gate return (TRUE); 2087c478bd9Sstevel@tonic-gate } else { 2097c478bd9Sstevel@tonic-gate res->status = 1; 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate if (kwarnd_debug) 2127c478bd9Sstevel@tonic-gate printf(gettext("delete principal %s failed\n"), 2137c478bd9Sstevel@tonic-gate argp->warning_name); 2147c478bd9Sstevel@tonic-gate 2157c478bd9Sstevel@tonic-gate return (TRUE); 2167c478bd9Sstevel@tonic-gate } 2177c478bd9Sstevel@tonic-gate } 2187c478bd9Sstevel@tonic-gate 2197c478bd9Sstevel@tonic-gate static bool_t 2207c478bd9Sstevel@tonic-gate del_warning_pvt(char *warning_name) 2217c478bd9Sstevel@tonic-gate { 2227c478bd9Sstevel@tonic-gate cred_warning_list_t *cred_warning, *prev; 2237c478bd9Sstevel@tonic-gate rw_wrlock(&cred_lock); 2247c478bd9Sstevel@tonic-gate for (prev = NULL, cred_warning = cred_warning_list; 2257c478bd9Sstevel@tonic-gate cred_warning != NULL; prev = cred_warning, 2267c478bd9Sstevel@tonic-gate cred_warning = cred_warning->next) { 2277c478bd9Sstevel@tonic-gate if (strcmp(cred_warning->warn_name, warning_name) == 0) { 2287c478bd9Sstevel@tonic-gate if (!prev) 2297c478bd9Sstevel@tonic-gate cred_warning_list = cred_warning->next; 2307c478bd9Sstevel@tonic-gate else 2317c478bd9Sstevel@tonic-gate prev->next = cred_warning->next; 2327c478bd9Sstevel@tonic-gate 2337c478bd9Sstevel@tonic-gate free(cred_warning->warn_name); 2347c478bd9Sstevel@tonic-gate free(cred_warning); 2357c478bd9Sstevel@tonic-gate rw_unlock(&cred_lock); 2367c478bd9Sstevel@tonic-gate return (TRUE); 2377c478bd9Sstevel@tonic-gate } 2387c478bd9Sstevel@tonic-gate } 2397c478bd9Sstevel@tonic-gate rw_unlock(&cred_lock); 2407c478bd9Sstevel@tonic-gate return (FALSE); 2417c478bd9Sstevel@tonic-gate } 2427c478bd9Sstevel@tonic-gate 2437c478bd9Sstevel@tonic-gate /* 2447c478bd9Sstevel@tonic-gate * load the warn.conf file into the config_entry list. 2457c478bd9Sstevel@tonic-gate */ 2467c478bd9Sstevel@tonic-gate 2477c478bd9Sstevel@tonic-gate bool_t 2487c478bd9Sstevel@tonic-gate loadConfigFile(void) 2497c478bd9Sstevel@tonic-gate { 2507c478bd9Sstevel@tonic-gate char buffer[BUFSIZ]; 2517c478bd9Sstevel@tonic-gate FILE *cfgfile; 2527c478bd9Sstevel@tonic-gate bool_t retval = TRUE; 2537c478bd9Sstevel@tonic-gate 2547c478bd9Sstevel@tonic-gate if ((cfgfile = fopen(CONF_FILENAME, "r")) == NULL) { 2557c478bd9Sstevel@tonic-gate syslog(LOG_ERR, gettext( 2567c478bd9Sstevel@tonic-gate "could not open config file \"%s\"\n"), 2577c478bd9Sstevel@tonic-gate CONF_FILENAME); 2587c478bd9Sstevel@tonic-gate syslog(LOG_ERR, gettext( 2597c478bd9Sstevel@tonic-gate "using default options \"%s\"\n"), 2607c478bd9Sstevel@tonic-gate DEFAULT_CONFIG); 2617c478bd9Sstevel@tonic-gate retval = parseConfigLine(DEFAULT_CONFIG); 2627c478bd9Sstevel@tonic-gate } else { 2637c478bd9Sstevel@tonic-gate (void) memset(buffer, 0, sizeof (buffer)); 2647c478bd9Sstevel@tonic-gate while ((fgets(buffer, BUFSIZ, cfgfile) != NULL) && 2657c478bd9Sstevel@tonic-gate (retval == TRUE)) 2667c478bd9Sstevel@tonic-gate retval = parseConfigLine(buffer); 2677c478bd9Sstevel@tonic-gate fclose(cfgfile); 2687c478bd9Sstevel@tonic-gate } 2697c478bd9Sstevel@tonic-gate return (retval); 2707c478bd9Sstevel@tonic-gate } 2717c478bd9Sstevel@tonic-gate 2727c478bd9Sstevel@tonic-gate /* 2737c478bd9Sstevel@tonic-gate * Return TRUE if we get a valid opt and update flags appro. 2747c478bd9Sstevel@tonic-gate */ 2757c478bd9Sstevel@tonic-gate static bool_t 2767c478bd9Sstevel@tonic-gate cmp_renew_opts(char *opt, 2777c478bd9Sstevel@tonic-gate int *log_success, /* out */ 2787c478bd9Sstevel@tonic-gate int *log_failure) /* out */ 2797c478bd9Sstevel@tonic-gate { 2807c478bd9Sstevel@tonic-gate 2817c478bd9Sstevel@tonic-gate if (strncasecmp(opt, "log", 2827c478bd9Sstevel@tonic-gate sizeof ("log")) == 0) { 2837c478bd9Sstevel@tonic-gate *log_success = *log_failure = 1; 2847c478bd9Sstevel@tonic-gate } else if (strncasecmp(opt, "log-success", 2857c478bd9Sstevel@tonic-gate sizeof ("log-success")) == 0) { 2867c478bd9Sstevel@tonic-gate *log_success = 1; 2877c478bd9Sstevel@tonic-gate } else if (strncasecmp(opt, "log-failure", 2887c478bd9Sstevel@tonic-gate sizeof ("log-failure")) == 0) { 2897c478bd9Sstevel@tonic-gate *log_failure = 1; 2907c478bd9Sstevel@tonic-gate } else { 2917c478bd9Sstevel@tonic-gate if (kwarnd_debug) 2927c478bd9Sstevel@tonic-gate printf("cmp_renew_opts: renew bad opt=`%s'\n", 2937c478bd9Sstevel@tonic-gate opt ? opt : "null"); 2947c478bd9Sstevel@tonic-gate return (FALSE); 2957c478bd9Sstevel@tonic-gate } 2967c478bd9Sstevel@tonic-gate 2977c478bd9Sstevel@tonic-gate return (TRUE); 2987c478bd9Sstevel@tonic-gate } 2997c478bd9Sstevel@tonic-gate 3007c478bd9Sstevel@tonic-gate /* 3017c478bd9Sstevel@tonic-gate * Make the config_entry item for the config_entry_list, based on 3027c478bd9Sstevel@tonic-gate * buffer. The formats are 3037c478bd9Sstevel@tonic-gate * 3047c478bd9Sstevel@tonic-gate * <principal> [renew[:<opt1,...optN>]] syslog|terminal <time> 3057c478bd9Sstevel@tonic-gate * <principal> [renew[:<opt1,...optN>]] mail <time> <e-mail address> 3067c478bd9Sstevel@tonic-gate * 3077c478bd9Sstevel@tonic-gate * where renew opts will be: 3087c478bd9Sstevel@tonic-gate * 3097c478bd9Sstevel@tonic-gate * log-success 3107c478bd9Sstevel@tonic-gate * - Log the result of the renew attempt on success using 3117c478bd9Sstevel@tonic-gate * the specified method (syslog|terminal|mail) 3127c478bd9Sstevel@tonic-gate * 3137c478bd9Sstevel@tonic-gate * log-failure 3147c478bd9Sstevel@tonic-gate * - Log the result of the renew attempt on failure using 3157c478bd9Sstevel@tonic-gate * the specified method (syslog|terminal|mail) 3167c478bd9Sstevel@tonic-gate * 3177c478bd9Sstevel@tonic-gate * log 3187c478bd9Sstevel@tonic-gate * - Same as specifing both log-failure and log-success 3197c478bd9Sstevel@tonic-gate * 3207c478bd9Sstevel@tonic-gate * Note if no log options are given, there will be no logging. 3217c478bd9Sstevel@tonic-gate * 3227c478bd9Sstevel@tonic-gate */ 3237c478bd9Sstevel@tonic-gate 3247c478bd9Sstevel@tonic-gate static bool_t 3257c478bd9Sstevel@tonic-gate parseConfigLine(char *buffer) 3267c478bd9Sstevel@tonic-gate { 3277c478bd9Sstevel@tonic-gate char *principal, *send_to, *emailid, *ends, *tm; 3287c478bd9Sstevel@tonic-gate char *exptime; 3297c478bd9Sstevel@tonic-gate int time_mode; 3307c478bd9Sstevel@tonic-gate time_t etime; 3317c478bd9Sstevel@tonic-gate config_entry_list_t *config_entry; 3327c478bd9Sstevel@tonic-gate int renew = 0; 3337c478bd9Sstevel@tonic-gate int log_success = 0; 3347c478bd9Sstevel@tonic-gate int log_failure = 0; 3357c478bd9Sstevel@tonic-gate 3367c478bd9Sstevel@tonic-gate /* ignore comments */ 3377c478bd9Sstevel@tonic-gate if (*buffer == '#') 3387c478bd9Sstevel@tonic-gate return (TRUE); 3397c478bd9Sstevel@tonic-gate 3407c478bd9Sstevel@tonic-gate if (kwarnd_debug) 3417c478bd9Sstevel@tonic-gate printf("parseconf: buffer=%s", buffer); 3427c478bd9Sstevel@tonic-gate 3437c478bd9Sstevel@tonic-gate /* find end of principal */ 3447c478bd9Sstevel@tonic-gate principal = buffer; 3457c478bd9Sstevel@tonic-gate for (send_to = buffer; *send_to && !isspace(*send_to); 3467c478bd9Sstevel@tonic-gate send_to++); 3477c478bd9Sstevel@tonic-gate 3487c478bd9Sstevel@tonic-gate /* find first non whitespace after principal (start of send_to) */ 3497c478bd9Sstevel@tonic-gate if (*send_to) { 3507c478bd9Sstevel@tonic-gate *send_to = '\0'; 3517c478bd9Sstevel@tonic-gate send_to++; 3527c478bd9Sstevel@tonic-gate while (*send_to && isspace(*send_to)) 3537c478bd9Sstevel@tonic-gate send_to++; 3547c478bd9Sstevel@tonic-gate } 3557c478bd9Sstevel@tonic-gate 3567c478bd9Sstevel@tonic-gate /* if no send_to, continue, bad entry */ 3577c478bd9Sstevel@tonic-gate if (! *send_to) 3587c478bd9Sstevel@tonic-gate return (TRUE); 3597c478bd9Sstevel@tonic-gate 3607c478bd9Sstevel@tonic-gate /* find end of send_to */ 3617c478bd9Sstevel@tonic-gate for (ends = send_to; *ends && !isspace(*ends); 3627c478bd9Sstevel@tonic-gate ends++); 3637c478bd9Sstevel@tonic-gate if (*ends) 3647c478bd9Sstevel@tonic-gate *ends = '\0'; 3657c478bd9Sstevel@tonic-gate 3667c478bd9Sstevel@tonic-gate 3677c478bd9Sstevel@tonic-gate if (strchr(send_to, ':')) { 3687c478bd9Sstevel@tonic-gate /* we've got renew opts */ 3697c478bd9Sstevel@tonic-gate char *st = NULL, *op = NULL; 3707c478bd9Sstevel@tonic-gate 3717c478bd9Sstevel@tonic-gate op = strdup(send_to); 3727c478bd9Sstevel@tonic-gate if (!op) 3737c478bd9Sstevel@tonic-gate return (FALSE); 3747c478bd9Sstevel@tonic-gate st = strchr(op, ':'); 3757c478bd9Sstevel@tonic-gate *st = '\0'; 3767c478bd9Sstevel@tonic-gate 3777c478bd9Sstevel@tonic-gate if (strncasecmp(op, "renew", sizeof ("renew")) == 0) { 3787c478bd9Sstevel@tonic-gate renew = 1; 3797c478bd9Sstevel@tonic-gate } else { 3807c478bd9Sstevel@tonic-gate free(op); 3817c478bd9Sstevel@tonic-gate /* got a ':' but not preceeded w/renew, badent, skip */ 3827c478bd9Sstevel@tonic-gate if (kwarnd_debug) 3837c478bd9Sstevel@tonic-gate printf("parseconf: colon badent, skip\n"); 3847c478bd9Sstevel@tonic-gate return (TRUE); 3857c478bd9Sstevel@tonic-gate } 3867c478bd9Sstevel@tonic-gate free(op); 3877c478bd9Sstevel@tonic-gate op = NULL; 3887c478bd9Sstevel@tonic-gate 3897c478bd9Sstevel@tonic-gate st++; 3907c478bd9Sstevel@tonic-gate if (!st || !*st || isspace(*st)) { 3917c478bd9Sstevel@tonic-gate if (kwarnd_debug) 3927c478bd9Sstevel@tonic-gate printf("parseconf: st badent, skip\n"); 3937c478bd9Sstevel@tonic-gate /* bad ent, skip */ 3947c478bd9Sstevel@tonic-gate return (TRUE); 3957c478bd9Sstevel@tonic-gate } 3967c478bd9Sstevel@tonic-gate if (renew && strchr(st, ',')) { 3977c478bd9Sstevel@tonic-gate while (1) { 3987c478bd9Sstevel@tonic-gate /* loop thru comma seperated list-o-opts */ 3997c478bd9Sstevel@tonic-gate char *comma = NULL, *c = NULL, *l = NULL; 4007c478bd9Sstevel@tonic-gate 4017c478bd9Sstevel@tonic-gate if (st && (comma = strchr(st, ','))) { 4027c478bd9Sstevel@tonic-gate l = strdup(st); 4037c478bd9Sstevel@tonic-gate if (!l) 4047c478bd9Sstevel@tonic-gate return (FALSE); 4057c478bd9Sstevel@tonic-gate c = strchr(l, ','); 4067c478bd9Sstevel@tonic-gate *c = '\0'; 4077c478bd9Sstevel@tonic-gate if (!cmp_renew_opts(l, &log_success, 4087c478bd9Sstevel@tonic-gate &log_failure)) { 4097c478bd9Sstevel@tonic-gate free(l); 4107c478bd9Sstevel@tonic-gate /* badent, skip */ 4117c478bd9Sstevel@tonic-gate return (TRUE); 4127c478bd9Sstevel@tonic-gate } 4137c478bd9Sstevel@tonic-gate free(l); 4147c478bd9Sstevel@tonic-gate l = NULL; 4157c478bd9Sstevel@tonic-gate 4167c478bd9Sstevel@tonic-gate st = comma; 4177c478bd9Sstevel@tonic-gate st++; 4187c478bd9Sstevel@tonic-gate } else { 4197c478bd9Sstevel@tonic-gate if (st) { 4207c478bd9Sstevel@tonic-gate if (!cmp_renew_opts(st, 4217c478bd9Sstevel@tonic-gate &log_success, 4227c478bd9Sstevel@tonic-gate &log_failure)) { 4237c478bd9Sstevel@tonic-gate /* badent, skip */ 4247c478bd9Sstevel@tonic-gate return (TRUE); 4257c478bd9Sstevel@tonic-gate } 4267c478bd9Sstevel@tonic-gate } 4277c478bd9Sstevel@tonic-gate break; 4287c478bd9Sstevel@tonic-gate } 4297c478bd9Sstevel@tonic-gate } /* while */ 4307c478bd9Sstevel@tonic-gate } else if (st) { 4317c478bd9Sstevel@tonic-gate /* we just have one opt */ 4327c478bd9Sstevel@tonic-gate if (!cmp_renew_opts(st, &log_success, &log_failure)) { 4337c478bd9Sstevel@tonic-gate /* badent, skip */ 4347c478bd9Sstevel@tonic-gate return (TRUE); 4357c478bd9Sstevel@tonic-gate } 4367c478bd9Sstevel@tonic-gate } 4377c478bd9Sstevel@tonic-gate 4387c478bd9Sstevel@tonic-gate /* if send_to is "renew", note it and refind send_to */ 4397c478bd9Sstevel@tonic-gate } else if (strncasecmp(send_to, "renew", 4407c478bd9Sstevel@tonic-gate sizeof ("renew")) == 0) { 4417c478bd9Sstevel@tonic-gate renew = 1; 4427c478bd9Sstevel@tonic-gate 4437c478bd9Sstevel@tonic-gate } 4447c478bd9Sstevel@tonic-gate 4457c478bd9Sstevel@tonic-gate if (kwarnd_debug) { 4467c478bd9Sstevel@tonic-gate printf("parseconf: renew=%d, log failure=%d, log success=%d\n", 4477c478bd9Sstevel@tonic-gate renew, log_failure, log_success); 4487c478bd9Sstevel@tonic-gate } 4497c478bd9Sstevel@tonic-gate 4507c478bd9Sstevel@tonic-gate if (renew) { 4517c478bd9Sstevel@tonic-gate /* find first non whitespace after send_to (start of exptime) */ 4527c478bd9Sstevel@tonic-gate for (send_to = ends+1; *send_to && isspace(*send_to); 4537c478bd9Sstevel@tonic-gate send_to++); 4547c478bd9Sstevel@tonic-gate 4557c478bd9Sstevel@tonic-gate /* if no send_to, continue, bad entry */ 4567c478bd9Sstevel@tonic-gate if (! *send_to) { 4577c478bd9Sstevel@tonic-gate if (kwarnd_debug) 4587c478bd9Sstevel@tonic-gate printf("parseconf: no send_to, badent, skip\n"); 4597c478bd9Sstevel@tonic-gate return (TRUE); 4607c478bd9Sstevel@tonic-gate } 4617c478bd9Sstevel@tonic-gate 4627c478bd9Sstevel@tonic-gate /* find end of send_to */ 4637c478bd9Sstevel@tonic-gate for (ends = send_to; *ends && !isspace(*ends); 4647c478bd9Sstevel@tonic-gate ends++); 4657c478bd9Sstevel@tonic-gate if (*ends) 4667c478bd9Sstevel@tonic-gate *ends = '\0'; 4677c478bd9Sstevel@tonic-gate } 4687c478bd9Sstevel@tonic-gate 4697c478bd9Sstevel@tonic-gate 4707c478bd9Sstevel@tonic-gate /* find first non whitespace after send_to (start of exptime) */ 4717c478bd9Sstevel@tonic-gate for (exptime = ends+1; *exptime && isspace(*exptime); 4727c478bd9Sstevel@tonic-gate exptime++); 4737c478bd9Sstevel@tonic-gate 4747c478bd9Sstevel@tonic-gate /* if no exptime, continue, bad entry */ 4757c478bd9Sstevel@tonic-gate if (! *exptime) { 4767c478bd9Sstevel@tonic-gate if (kwarnd_debug) 4777c478bd9Sstevel@tonic-gate printf("parseconf: no exptime, badent, skip\n"); 4787c478bd9Sstevel@tonic-gate return (TRUE); 4797c478bd9Sstevel@tonic-gate } 4807c478bd9Sstevel@tonic-gate 4817c478bd9Sstevel@tonic-gate /* find end of exptime */ 4827c478bd9Sstevel@tonic-gate for (ends = exptime; *ends && !isspace(*ends); ends++); 4837c478bd9Sstevel@tonic-gate 4847c478bd9Sstevel@tonic-gate tm = ends - 1; 4857c478bd9Sstevel@tonic-gate if (*tm == 's') 4867c478bd9Sstevel@tonic-gate time_mode = 1; 4877c478bd9Sstevel@tonic-gate else if (*tm == 'm') 4887c478bd9Sstevel@tonic-gate time_mode = 2; 4897c478bd9Sstevel@tonic-gate else if (*tm == 'h') 4907c478bd9Sstevel@tonic-gate time_mode = 3; 4917c478bd9Sstevel@tonic-gate else 4927c478bd9Sstevel@tonic-gate time_mode = 1; 4937c478bd9Sstevel@tonic-gate 4947c478bd9Sstevel@tonic-gate if (*tm) 4957c478bd9Sstevel@tonic-gate *tm = '\0'; 4967c478bd9Sstevel@tonic-gate 4977c478bd9Sstevel@tonic-gate if (kwarnd_debug) { 4987c478bd9Sstevel@tonic-gate printf("parseconf: send_to = '%s', exptime='%s'\n", 4997c478bd9Sstevel@tonic-gate send_to, exptime); 5007c478bd9Sstevel@tonic-gate } 5017c478bd9Sstevel@tonic-gate 5027c478bd9Sstevel@tonic-gate /* find first non whitespace after exptime (start of emailid) */ 5037c478bd9Sstevel@tonic-gate for (emailid = ends+1; *emailid && isspace(*emailid); emailid++); 5047c478bd9Sstevel@tonic-gate 5057c478bd9Sstevel@tonic-gate /* find end of emailid */ 5067c478bd9Sstevel@tonic-gate if (*emailid) { 5077c478bd9Sstevel@tonic-gate for (ends = emailid; *ends && !isspace(*ends); 5087c478bd9Sstevel@tonic-gate ends++); 5097c478bd9Sstevel@tonic-gate 5107c478bd9Sstevel@tonic-gate if (*ends) 5117c478bd9Sstevel@tonic-gate *ends = '\0'; 5127c478bd9Sstevel@tonic-gate } 5137c478bd9Sstevel@tonic-gate 5147c478bd9Sstevel@tonic-gate /* if send to mail and no mail address, bad entry */ 5157c478bd9Sstevel@tonic-gate if ((strcmp(send_to, "mail") == 0) && (!*emailid)) { 5167c478bd9Sstevel@tonic-gate if (kwarnd_debug) 5177c478bd9Sstevel@tonic-gate printf("parseconf: returns true; no mail addr\n"); 5187c478bd9Sstevel@tonic-gate 5197c478bd9Sstevel@tonic-gate syslog(LOG_ERR, gettext("missing mail address" 5207c478bd9Sstevel@tonic-gate " in config entry: \n%s %s %s " 5217c478bd9Sstevel@tonic-gate " cannot mail warning"), principal, 5227c478bd9Sstevel@tonic-gate send_to, exptime); 5237c478bd9Sstevel@tonic-gate return (TRUE); 5247c478bd9Sstevel@tonic-gate } 5257c478bd9Sstevel@tonic-gate 5267c478bd9Sstevel@tonic-gate /* create an entry */ 5277c478bd9Sstevel@tonic-gate config_entry = (config_entry_list_t *) 5287c478bd9Sstevel@tonic-gate malloc(sizeof (*config_entry_list)); 5297c478bd9Sstevel@tonic-gate if (config_entry == NULL) 5307c478bd9Sstevel@tonic-gate return (FALSE); 5317c478bd9Sstevel@tonic-gate (void) memset(config_entry, 0, sizeof (*config_entry_list)); 5327c478bd9Sstevel@tonic-gate config_entry->principal = strdup(principal); 5337c478bd9Sstevel@tonic-gate if (config_entry->principal == NULL) 5347c478bd9Sstevel@tonic-gate return (FALSE); 5357c478bd9Sstevel@tonic-gate config_entry->where_to = strdup(send_to); 5367c478bd9Sstevel@tonic-gate if (config_entry->where_to == NULL) 5377c478bd9Sstevel@tonic-gate return (FALSE); 5387c478bd9Sstevel@tonic-gate etime = atol(exptime); 5397c478bd9Sstevel@tonic-gate if (time_mode == 1) 5407c478bd9Sstevel@tonic-gate config_entry->seconds_to_warn = etime; 5417c478bd9Sstevel@tonic-gate else if (time_mode == 2) 5427c478bd9Sstevel@tonic-gate config_entry->seconds_to_warn = etime * 60; 5437c478bd9Sstevel@tonic-gate else if (time_mode == 3) 5447c478bd9Sstevel@tonic-gate config_entry->seconds_to_warn = etime * 60 * 60; 5457c478bd9Sstevel@tonic-gate 5467c478bd9Sstevel@tonic-gate if (*emailid) { 5477c478bd9Sstevel@tonic-gate config_entry->email = strdup(emailid); 5487c478bd9Sstevel@tonic-gate if (config_entry->email == NULL) 5497c478bd9Sstevel@tonic-gate return (FALSE); 5507c478bd9Sstevel@tonic-gate } 5517c478bd9Sstevel@tonic-gate 5527c478bd9Sstevel@tonic-gate config_entry->renew = renew; 5537c478bd9Sstevel@tonic-gate config_entry->log_success = log_success; 5547c478bd9Sstevel@tonic-gate config_entry->log_failure = log_failure; 5557c478bd9Sstevel@tonic-gate config_entry->next = config_entry_list; 5567c478bd9Sstevel@tonic-gate config_entry_list = config_entry; 5577c478bd9Sstevel@tonic-gate if (kwarnd_debug) 5587c478bd9Sstevel@tonic-gate printf("parseconf: returns true; celist=%p\n", 5597c478bd9Sstevel@tonic-gate config_entry_list); 5607c478bd9Sstevel@tonic-gate 5617c478bd9Sstevel@tonic-gate return (TRUE); 5627c478bd9Sstevel@tonic-gate } 5637c478bd9Sstevel@tonic-gate 5647c478bd9Sstevel@tonic-gate /* 5657c478bd9Sstevel@tonic-gate * find a specific warn.conf entry. 5667c478bd9Sstevel@tonic-gate */ 5677c478bd9Sstevel@tonic-gate 5687c478bd9Sstevel@tonic-gate static config_entry_list_t * 5697c478bd9Sstevel@tonic-gate find_warning_info(char *principal) 5707c478bd9Sstevel@tonic-gate { 5717c478bd9Sstevel@tonic-gate config_entry_list_t *config_entry; 5727c478bd9Sstevel@tonic-gate /* look for a specific entry */ 5737c478bd9Sstevel@tonic-gate for (config_entry = config_entry_list; config_entry; 5747c478bd9Sstevel@tonic-gate config_entry = config_entry->next) { 5757c478bd9Sstevel@tonic-gate if (strcmp(config_entry->principal, principal) == 0) { 5767c478bd9Sstevel@tonic-gate return (config_entry); 5777c478bd9Sstevel@tonic-gate } 5787c478bd9Sstevel@tonic-gate } 5797c478bd9Sstevel@tonic-gate /* look for a wild card entry */ 5807c478bd9Sstevel@tonic-gate for (config_entry = config_entry_list; config_entry; 5817c478bd9Sstevel@tonic-gate config_entry = config_entry->next) { 5827c478bd9Sstevel@tonic-gate if (strcmp(config_entry->principal, "*") == 0) { 5837c478bd9Sstevel@tonic-gate return (config_entry); 5847c478bd9Sstevel@tonic-gate } 5857c478bd9Sstevel@tonic-gate } 5867c478bd9Sstevel@tonic-gate /* nothing found */ 5877c478bd9Sstevel@tonic-gate return (NULL); 5887c478bd9Sstevel@tonic-gate 5897c478bd9Sstevel@tonic-gate } 5907c478bd9Sstevel@tonic-gate 5917c478bd9Sstevel@tonic-gate /* 5927c478bd9Sstevel@tonic-gate * create a pipe, fork and exec a command, 5937c478bd9Sstevel@tonic-gate */ 5947c478bd9Sstevel@tonic-gate static FILE * 5957c478bd9Sstevel@tonic-gate safe_popen_w(char *path_to_cmd, char **argv) 5967c478bd9Sstevel@tonic-gate { 5977c478bd9Sstevel@tonic-gate 5987c478bd9Sstevel@tonic-gate int fd[2]; 5997c478bd9Sstevel@tonic-gate FILE *fp; 6007c478bd9Sstevel@tonic-gate char *envp[2]; 6017c478bd9Sstevel@tonic-gate 6027c478bd9Sstevel@tonic-gate if (pipe(fd) == -1) 6037c478bd9Sstevel@tonic-gate return (NULL); 6047c478bd9Sstevel@tonic-gate 6057c478bd9Sstevel@tonic-gate 6067c478bd9Sstevel@tonic-gate switch (fork()) { 6077c478bd9Sstevel@tonic-gate case -1: 6087c478bd9Sstevel@tonic-gate (void) close(fd[0]); 6097c478bd9Sstevel@tonic-gate (void) close(fd[1]); 6107c478bd9Sstevel@tonic-gate return (NULL); 6117c478bd9Sstevel@tonic-gate 6127c478bd9Sstevel@tonic-gate case 0: 6137c478bd9Sstevel@tonic-gate close(fd[1]); 6147c478bd9Sstevel@tonic-gate /* fd[0] is the end we read from */ 6157c478bd9Sstevel@tonic-gate if (fd[0] != 0) { 6167c478bd9Sstevel@tonic-gate close(0); 6177c478bd9Sstevel@tonic-gate dup(fd[0]); 6187c478bd9Sstevel@tonic-gate } 6197c478bd9Sstevel@tonic-gate close(1); 6207c478bd9Sstevel@tonic-gate close(2); 6217c478bd9Sstevel@tonic-gate envp[0] = "PATH=/usr/bin"; 6227c478bd9Sstevel@tonic-gate envp[1] = NULL; 6237c478bd9Sstevel@tonic-gate #ifdef DEBUG 6247c478bd9Sstevel@tonic-gate { 6257c478bd9Sstevel@tonic-gate int fd; 6267c478bd9Sstevel@tonic-gate fd = open("/tmp/kwarn.out", O_WRONLY|O_TRUNC|O_CREAT, 6277c478bd9Sstevel@tonic-gate 0666); 6287c478bd9Sstevel@tonic-gate if (fd != 1) 6297c478bd9Sstevel@tonic-gate dup(fd); 6307c478bd9Sstevel@tonic-gate if (fd != 2) 6317c478bd9Sstevel@tonic-gate dup(fd); 6327c478bd9Sstevel@tonic-gate } 6337c478bd9Sstevel@tonic-gate #endif 6347c478bd9Sstevel@tonic-gate (void) execve(path_to_cmd, argv, envp); 6357c478bd9Sstevel@tonic-gate syslog(LOG_ERR, "warnd: %m"); 6367c478bd9Sstevel@tonic-gate _exit(1); 6377c478bd9Sstevel@tonic-gate 6387c478bd9Sstevel@tonic-gate default: 6397c478bd9Sstevel@tonic-gate close(fd[0]); 6407c478bd9Sstevel@tonic-gate /* fd[1] is the end we write to */ 6417c478bd9Sstevel@tonic-gate 6427c478bd9Sstevel@tonic-gate fp = fdopen(fd[1], "w"); 6437c478bd9Sstevel@tonic-gate 6447c478bd9Sstevel@tonic-gate if (fp == NULL) { 6457c478bd9Sstevel@tonic-gate (void) close(fd[1]); 6467c478bd9Sstevel@tonic-gate return (NULL); 6477c478bd9Sstevel@tonic-gate } 6487c478bd9Sstevel@tonic-gate return (fp); 6497c478bd9Sstevel@tonic-gate } 6507c478bd9Sstevel@tonic-gate } 6517c478bd9Sstevel@tonic-gate 6527c478bd9Sstevel@tonic-gate 6537c478bd9Sstevel@tonic-gate static uid_t gssd_uid; 6547c478bd9Sstevel@tonic-gate 6557c478bd9Sstevel@tonic-gate void 6567c478bd9Sstevel@tonic-gate set_warnd_uid(uid_t uid) 6577c478bd9Sstevel@tonic-gate { 6587c478bd9Sstevel@tonic-gate 6597c478bd9Sstevel@tonic-gate /* 6607c478bd9Sstevel@tonic-gate * set the value of gssd_uid, so it can be retrieved when getuid() 6617c478bd9Sstevel@tonic-gate * is called by the underlying mechanism libraries 6627c478bd9Sstevel@tonic-gate */ 6637c478bd9Sstevel@tonic-gate if (kwarnd_debug) 6647c478bd9Sstevel@tonic-gate printf("set_warnd_uid called with uid = %d\n", uid); 6657c478bd9Sstevel@tonic-gate 6667c478bd9Sstevel@tonic-gate gssd_uid = uid; 6677c478bd9Sstevel@tonic-gate } 6687c478bd9Sstevel@tonic-gate 6697c478bd9Sstevel@tonic-gate uid_t 6707c478bd9Sstevel@tonic-gate getuid(void) 6717c478bd9Sstevel@tonic-gate 6727c478bd9Sstevel@tonic-gate { 6737c478bd9Sstevel@tonic-gate 6747c478bd9Sstevel@tonic-gate /* 6757c478bd9Sstevel@tonic-gate * return the value set when one of the gssd procedures was 6767c478bd9Sstevel@tonic-gate * entered. This is the value of the uid under which the 6777c478bd9Sstevel@tonic-gate * underlying mechanism library must operate in order to 6787c478bd9Sstevel@tonic-gate * get the user's credentials. This call is necessary since 6797c478bd9Sstevel@tonic-gate * gssd runs as root and credentials are many times stored 6807c478bd9Sstevel@tonic-gate * in files and directories specific to the user 6817c478bd9Sstevel@tonic-gate */ 6827c478bd9Sstevel@tonic-gate if (kwarnd_debug) 6837c478bd9Sstevel@tonic-gate printf("getuid called and returning gsssd_uid = %d\n", 6847c478bd9Sstevel@tonic-gate gssd_uid); 6857c478bd9Sstevel@tonic-gate 6867c478bd9Sstevel@tonic-gate return (gssd_uid); 6877c478bd9Sstevel@tonic-gate } 6887c478bd9Sstevel@tonic-gate 6897c478bd9Sstevel@tonic-gate 6907c478bd9Sstevel@tonic-gate static bool_t 6917c478bd9Sstevel@tonic-gate getpruid(char *pr, uid_t *uid) 6927c478bd9Sstevel@tonic-gate { 6937c478bd9Sstevel@tonic-gate char *rcp1 = NULL, *rcp2 = NULL, *rcp3 = NULL; 6947c478bd9Sstevel@tonic-gate struct passwd *pw; 6957c478bd9Sstevel@tonic-gate 6967c478bd9Sstevel@tonic-gate rcp1 = strdup(pr); 6977c478bd9Sstevel@tonic-gate if (!rcp1) 6987c478bd9Sstevel@tonic-gate return (FALSE); 6997c478bd9Sstevel@tonic-gate rcp2 = strtok(rcp1, "@"); 7007c478bd9Sstevel@tonic-gate rcp3 = strtok(rcp2, "/"); 7017c478bd9Sstevel@tonic-gate 7027c478bd9Sstevel@tonic-gate if (rcp3) { 7037c478bd9Sstevel@tonic-gate pw = getpwnam(rcp3); 7047c478bd9Sstevel@tonic-gate *uid = pw->pw_uid; 7057c478bd9Sstevel@tonic-gate free(rcp1); 7067c478bd9Sstevel@tonic-gate return (TRUE); 7077c478bd9Sstevel@tonic-gate } 7087c478bd9Sstevel@tonic-gate 7097c478bd9Sstevel@tonic-gate free(rcp1); 7107c478bd9Sstevel@tonic-gate return (FALSE); 7117c478bd9Sstevel@tonic-gate } 7127c478bd9Sstevel@tonic-gate 7137c478bd9Sstevel@tonic-gate 7147c478bd9Sstevel@tonic-gate static krb5_error_code 7157c478bd9Sstevel@tonic-gate renew_creds( 7167c478bd9Sstevel@tonic-gate char *princ, 7177c478bd9Sstevel@tonic-gate time_t *new_exp_time) /* out */ 7187c478bd9Sstevel@tonic-gate { 7197c478bd9Sstevel@tonic-gate krb5_creds my_creds; 7207c478bd9Sstevel@tonic-gate krb5_error_code code = 0; 7217c478bd9Sstevel@tonic-gate struct k5_data k5; 7227c478bd9Sstevel@tonic-gate char *progname = "warnd"; 7237c478bd9Sstevel@tonic-gate 7247c478bd9Sstevel@tonic-gate uid_t saved_u = getuid(); 7257c478bd9Sstevel@tonic-gate uid_t u; 7267c478bd9Sstevel@tonic-gate 7277c478bd9Sstevel@tonic-gate if (kwarnd_debug) 7287c478bd9Sstevel@tonic-gate printf("renew start: uid=%d\n", getuid()); 7297c478bd9Sstevel@tonic-gate 7307c478bd9Sstevel@tonic-gate if (!getpruid(princ, &u)) { 7317c478bd9Sstevel@tonic-gate if (kwarnd_debug) 7327c478bd9Sstevel@tonic-gate printf("renew: getpruid failed, princ='%s'\n", 7337c478bd9Sstevel@tonic-gate princ ? princ : "<null>"); 7347c478bd9Sstevel@tonic-gate 7357c478bd9Sstevel@tonic-gate return (-1); /* better err num? */ 7367c478bd9Sstevel@tonic-gate } 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate set_warnd_uid(u); 7397c478bd9Sstevel@tonic-gate 7407c478bd9Sstevel@tonic-gate (void) memset(&my_creds, 0, sizeof (my_creds)); 7417c478bd9Sstevel@tonic-gate (void) memset(&k5, 0, sizeof (k5)); 7427c478bd9Sstevel@tonic-gate 7437c478bd9Sstevel@tonic-gate if (code = krb5_init_context(&k5.ctx)) { 7447c478bd9Sstevel@tonic-gate com_err(progname, code, 7457c478bd9Sstevel@tonic-gate gettext("while initializing Kerberos 5 library")); 7467c478bd9Sstevel@tonic-gate goto out; 7477c478bd9Sstevel@tonic-gate } 7487c478bd9Sstevel@tonic-gate 7497c478bd9Sstevel@tonic-gate if ((code = krb5_cc_default(k5.ctx, &k5.cc))) { 7507c478bd9Sstevel@tonic-gate com_err(progname, code, 7517c478bd9Sstevel@tonic-gate gettext("while getting default ccache")); 7527c478bd9Sstevel@tonic-gate goto out; 7537c478bd9Sstevel@tonic-gate 7547c478bd9Sstevel@tonic-gate } 7557c478bd9Sstevel@tonic-gate 7567c478bd9Sstevel@tonic-gate if ((code = krb5_parse_name(k5.ctx, princ, 7577c478bd9Sstevel@tonic-gate &k5.me))) { 7587c478bd9Sstevel@tonic-gate com_err(progname, code, gettext("when parsing name %s"), 7597c478bd9Sstevel@tonic-gate princ); 7607c478bd9Sstevel@tonic-gate goto out; 7617c478bd9Sstevel@tonic-gate } 7627c478bd9Sstevel@tonic-gate 7637c478bd9Sstevel@tonic-gate if ((code = krb5_get_renewed_creds(k5.ctx, &my_creds, k5.me, k5.cc, 7647c478bd9Sstevel@tonic-gate NULL))) { 7657c478bd9Sstevel@tonic-gate com_err(progname, code, gettext("while renewing creds")); 7667c478bd9Sstevel@tonic-gate goto out; 7677c478bd9Sstevel@tonic-gate } 7687c478bd9Sstevel@tonic-gate 7697c478bd9Sstevel@tonic-gate if (code = krb5_cc_initialize(k5.ctx, k5.cc, k5.me)) { 7707c478bd9Sstevel@tonic-gate com_err(progname, code, gettext("when initializing cache %s"), 7717c478bd9Sstevel@tonic-gate "defcc"); 7727c478bd9Sstevel@tonic-gate goto out; 7737c478bd9Sstevel@tonic-gate } 7747c478bd9Sstevel@tonic-gate 7757c478bd9Sstevel@tonic-gate if (code = krb5_cc_store_cred(k5.ctx, k5.cc, &my_creds)) { 7767c478bd9Sstevel@tonic-gate com_err(progname, code, gettext("while storing credentials")); 7777c478bd9Sstevel@tonic-gate goto out; 7787c478bd9Sstevel@tonic-gate } 7797c478bd9Sstevel@tonic-gate 7807c478bd9Sstevel@tonic-gate /* "return" new expire time */ 7817c478bd9Sstevel@tonic-gate *new_exp_time = my_creds.times.endtime; 7827c478bd9Sstevel@tonic-gate 7837c478bd9Sstevel@tonic-gate out: 7847c478bd9Sstevel@tonic-gate krb5_free_cred_contents(k5.ctx, &my_creds); 7857c478bd9Sstevel@tonic-gate 7867c478bd9Sstevel@tonic-gate if (k5.name) 7877c478bd9Sstevel@tonic-gate krb5_free_unparsed_name(k5.ctx, k5.name); 7887c478bd9Sstevel@tonic-gate if (k5.me) 7897c478bd9Sstevel@tonic-gate krb5_free_principal(k5.ctx, k5.me); 7907c478bd9Sstevel@tonic-gate if (k5.cc) 7917c478bd9Sstevel@tonic-gate krb5_cc_close(k5.ctx, k5.cc); 7927c478bd9Sstevel@tonic-gate if (k5.ctx) 7937c478bd9Sstevel@tonic-gate krb5_free_context(k5.ctx); 7947c478bd9Sstevel@tonic-gate 7957c478bd9Sstevel@tonic-gate set_warnd_uid(saved_u); 7967c478bd9Sstevel@tonic-gate 7977c478bd9Sstevel@tonic-gate if (kwarnd_debug) 7987c478bd9Sstevel@tonic-gate printf("renew end: code=%s, uid=%d\n", error_message(code), 7997c478bd9Sstevel@tonic-gate getuid()); 8007c478bd9Sstevel@tonic-gate 8017c478bd9Sstevel@tonic-gate return (code); 8027c478bd9Sstevel@tonic-gate } 8037c478bd9Sstevel@tonic-gate 8047c478bd9Sstevel@tonic-gate static bool_t 8057c478bd9Sstevel@tonic-gate loggedon(char *name) 8067c478bd9Sstevel@tonic-gate { 8077c478bd9Sstevel@tonic-gate register struct utmpx *ubuf; 8087c478bd9Sstevel@tonic-gate char *rcp1 = NULL, *rcp2 = NULL, *rcp3 = NULL; 8097c478bd9Sstevel@tonic-gate 8107c478bd9Sstevel@tonic-gate /* 8117c478bd9Sstevel@tonic-gate * strip any realm or instance from principal so we can match 8127c478bd9Sstevel@tonic-gate * against unix userid. 8137c478bd9Sstevel@tonic-gate */ 8147c478bd9Sstevel@tonic-gate rcp1 = strdup(name); 8157c478bd9Sstevel@tonic-gate if (!rcp1) 8167c478bd9Sstevel@tonic-gate return (FALSE); 8177c478bd9Sstevel@tonic-gate rcp2 = strtok(rcp1, "@"); 8187c478bd9Sstevel@tonic-gate rcp3 = strtok(rcp2, "/"); 8197c478bd9Sstevel@tonic-gate 8207c478bd9Sstevel@tonic-gate /* 8217c478bd9Sstevel@tonic-gate * Scan through the "utmpx" file for the 8227c478bd9Sstevel@tonic-gate * entry for the person we want to send to. 8237c478bd9Sstevel@tonic-gate */ 8247c478bd9Sstevel@tonic-gate 8257c478bd9Sstevel@tonic-gate setutxent(); 8267c478bd9Sstevel@tonic-gate while ((ubuf = getutxent()) != NULL) { 8277c478bd9Sstevel@tonic-gate if (ubuf->ut_type == USER_PROCESS) { 8287c478bd9Sstevel@tonic-gate if (strncmp(rcp3, ubuf->ut_user, 8297c478bd9Sstevel@tonic-gate sizeof (ubuf->ut_user)) == 0) { 8307c478bd9Sstevel@tonic-gate free(rcp1); 8317c478bd9Sstevel@tonic-gate endutxent(); 8327c478bd9Sstevel@tonic-gate return (TRUE); 8337c478bd9Sstevel@tonic-gate 8347c478bd9Sstevel@tonic-gate } 8357c478bd9Sstevel@tonic-gate } 8367c478bd9Sstevel@tonic-gate } 8377c478bd9Sstevel@tonic-gate free(rcp1); 8387c478bd9Sstevel@tonic-gate endutxent(); 8397c478bd9Sstevel@tonic-gate 8407c478bd9Sstevel@tonic-gate if (kwarnd_debug) 8417c478bd9Sstevel@tonic-gate printf("loggedon: returning false for user `%s'\n", rcp1); 8427c478bd9Sstevel@tonic-gate 8437c478bd9Sstevel@tonic-gate return (FALSE); 8447c478bd9Sstevel@tonic-gate } 8457c478bd9Sstevel@tonic-gate 8467c478bd9Sstevel@tonic-gate /* 8477c478bd9Sstevel@tonic-gate * main loop to check the cred warning list and send the warnings 8487c478bd9Sstevel@tonic-gate * the appropriate location based on warn.conf or auto-renew creds. 8497c478bd9Sstevel@tonic-gate */ 8507c478bd9Sstevel@tonic-gate 8517c478bd9Sstevel@tonic-gate void 8527c478bd9Sstevel@tonic-gate kwarnd_check_warning_list(void) 8537c478bd9Sstevel@tonic-gate { /* func */ 8547c478bd9Sstevel@tonic-gate cred_warning_list_t *cw; /* cred warning */ 8557c478bd9Sstevel@tonic-gate config_entry_list_t *ce; /* config entry */ 8567c478bd9Sstevel@tonic-gate time_t now; 8577c478bd9Sstevel@tonic-gate int minutes; 8587c478bd9Sstevel@tonic-gate char buff[256]; 8597c478bd9Sstevel@tonic-gate char cmdline[256]; 8607c478bd9Sstevel@tonic-gate FILE *fp; 8617c478bd9Sstevel@tonic-gate char *subj = "Kerberos credentials expiring"; 8627c478bd9Sstevel@tonic-gate char *renew_subj = "Kerberos credentials renewed"; 8637c478bd9Sstevel@tonic-gate 8647c478bd9Sstevel@tonic-gate if (kwarnd_debug) 8657c478bd9Sstevel@tonic-gate printf("check list: start: getuid=%d, cw list=%p\n", getuid(), 8667c478bd9Sstevel@tonic-gate cred_warning_list); 8677c478bd9Sstevel@tonic-gate 8687c478bd9Sstevel@tonic-gate while (1) { 8697c478bd9Sstevel@tonic-gate (void) poll(NULL, NULL, 60000); 8707c478bd9Sstevel@tonic-gate 8717c478bd9Sstevel@tonic-gate for (cw = cred_warning_list; 8727c478bd9Sstevel@tonic-gate cw != NULL; 8737c478bd9Sstevel@tonic-gate cw = cw->next) { 8747c478bd9Sstevel@tonic-gate int send_msg = 0; 8757c478bd9Sstevel@tonic-gate 8767c478bd9Sstevel@tonic-gate time(&now); 8777c478bd9Sstevel@tonic-gate if (now >= cw->cred_warn_time) { 8787c478bd9Sstevel@tonic-gate int renew_attempted = 0; 8797c478bd9Sstevel@tonic-gate int renew_failed = 0; 8807c478bd9Sstevel@tonic-gate int renew_tooclose = 0; 8817c478bd9Sstevel@tonic-gate 8827c478bd9Sstevel@tonic-gate if (kwarnd_debug) 8837c478bd9Sstevel@tonic-gate printf("checklist: now >= warn_t\n"); 8847c478bd9Sstevel@tonic-gate 8857c478bd9Sstevel@tonic-gate ce = find_warning_info(cw->warn_name); 8867c478bd9Sstevel@tonic-gate minutes = (cw->cred_exp_time - 8877c478bd9Sstevel@tonic-gate now + 59) / 60; 8887c478bd9Sstevel@tonic-gate 8897c478bd9Sstevel@tonic-gate if (kwarnd_debug) 8907c478bd9Sstevel@tonic-gate printf("checklist: where_to=%s\n", 8917c478bd9Sstevel@tonic-gate ce->where_to ? 8927c478bd9Sstevel@tonic-gate ce->where_to : "null"); 8937c478bd9Sstevel@tonic-gate 8947c478bd9Sstevel@tonic-gate if (ce->renew && 8957c478bd9Sstevel@tonic-gate loggedon(cw->warn_name)) { 8967c478bd9Sstevel@tonic-gate krb5_error_code code; 8977c478bd9Sstevel@tonic-gate time_t new_exp_time; 8987c478bd9Sstevel@tonic-gate 8997c478bd9Sstevel@tonic-gate renew_attempted = 1; 9007c478bd9Sstevel@tonic-gate code = renew_creds( 9017c478bd9Sstevel@tonic-gate cw->warn_name, 9027c478bd9Sstevel@tonic-gate &new_exp_time); 9037c478bd9Sstevel@tonic-gate if (!code) { 9047c478bd9Sstevel@tonic-gate /* krb5 api renew success */ 9057c478bd9Sstevel@tonic-gate 9067c478bd9Sstevel@tonic-gate /* 9077c478bd9Sstevel@tonic-gate * So we had api success 9087c478bd9Sstevel@tonic-gate * but the new exp time 9097c478bd9Sstevel@tonic-gate * is same as current one 9107c478bd9Sstevel@tonic-gate * so we are too close 9117c478bd9Sstevel@tonic-gate * to Renewable_life time. 9127c478bd9Sstevel@tonic-gate */ 9137c478bd9Sstevel@tonic-gate if (cw->cred_exp_time 9147c478bd9Sstevel@tonic-gate == new_exp_time) { 9157c478bd9Sstevel@tonic-gate renew_tooclose = 1; 9167c478bd9Sstevel@tonic-gate if (kwarnd_debug) 9177c478bd9Sstevel@tonic-gate printf( 9187c478bd9Sstevel@tonic-gate "checklist: new expire time same as old expire time\n"); 9197c478bd9Sstevel@tonic-gate 9207c478bd9Sstevel@tonic-gate if (ce->log_failure) { 9217c478bd9Sstevel@tonic-gate send_msg = 1; 9227c478bd9Sstevel@tonic-gate snprintf(buff, 9237c478bd9Sstevel@tonic-gate sizeof (buff), 9247c478bd9Sstevel@tonic-gate gettext("%s:\r\nYour kerberos" 9257c478bd9Sstevel@tonic-gate " credentials have not been renewed" 9267c478bd9Sstevel@tonic-gate " (too close to Renewable_life).\r\n" 9277c478bd9Sstevel@tonic-gate "Please run kinit(1).\r\n"), 9287c478bd9Sstevel@tonic-gate cw->warn_name); 9297c478bd9Sstevel@tonic-gate } 9307c478bd9Sstevel@tonic-gate } else { 9317c478bd9Sstevel@tonic-gate /* update times */ 9327c478bd9Sstevel@tonic-gate cw->cred_exp_time = 9337c478bd9Sstevel@tonic-gate new_exp_time; 9347c478bd9Sstevel@tonic-gate cw->cred_warn_time = 9357c478bd9Sstevel@tonic-gate new_exp_time - 9367c478bd9Sstevel@tonic-gate ce->seconds_to_warn; 9377c478bd9Sstevel@tonic-gate } 9387c478bd9Sstevel@tonic-gate 9397c478bd9Sstevel@tonic-gate if (kwarnd_debug) 9407c478bd9Sstevel@tonic-gate printf( 9417c478bd9Sstevel@tonic-gate "check list: new_w_t=%d\n", 9427c478bd9Sstevel@tonic-gate cw->cred_warn_time); 9437c478bd9Sstevel@tonic-gate 9447c478bd9Sstevel@tonic-gate if (!renew_tooclose && 9457c478bd9Sstevel@tonic-gate ce->log_success) { 9467c478bd9Sstevel@tonic-gate if (kwarnd_debug) 9477c478bd9Sstevel@tonic-gate printf( 9487c478bd9Sstevel@tonic-gate "check list: log success\n"); 9497c478bd9Sstevel@tonic-gate 9507c478bd9Sstevel@tonic-gate send_msg = 1; 9517c478bd9Sstevel@tonic-gate snprintf(buff, 9527c478bd9Sstevel@tonic-gate sizeof (buff), 9537c478bd9Sstevel@tonic-gate gettext("%s:\r\nYour kerberos" 9547c478bd9Sstevel@tonic-gate " credentials have been renewed.\r\n"), 9557c478bd9Sstevel@tonic-gate cw->warn_name); 9567c478bd9Sstevel@tonic-gate } 9577c478bd9Sstevel@tonic-gate 9587c478bd9Sstevel@tonic-gate } /* !(code) */ 9597c478bd9Sstevel@tonic-gate 9607c478bd9Sstevel@tonic-gate if (!renew_tooclose && code && 9617c478bd9Sstevel@tonic-gate ce->log_failure) { 9627c478bd9Sstevel@tonic-gate if (kwarnd_debug) 9637c478bd9Sstevel@tonic-gate printf( 9647c478bd9Sstevel@tonic-gate "check list: log FAIL\n"); 9657c478bd9Sstevel@tonic-gate 9667c478bd9Sstevel@tonic-gate send_msg = 1; 9677c478bd9Sstevel@tonic-gate snprintf(buff, 9687c478bd9Sstevel@tonic-gate sizeof (buff), 9697c478bd9Sstevel@tonic-gate gettext("%s:\r\nYour kerberos" 9707c478bd9Sstevel@tonic-gate " credentials failed to be renewed (%s).\r\n"), 9717c478bd9Sstevel@tonic-gate cw->warn_name, 9727c478bd9Sstevel@tonic-gate error_message(code)); 9737c478bd9Sstevel@tonic-gate } 9747c478bd9Sstevel@tonic-gate renew_failed = code ? 1 : 0; 9757c478bd9Sstevel@tonic-gate 9767c478bd9Sstevel@tonic-gate } else if (minutes > 0) { 9777c478bd9Sstevel@tonic-gate send_msg = 1; 9787c478bd9Sstevel@tonic-gate snprintf(buff, sizeof (buff), 9797c478bd9Sstevel@tonic-gate gettext("%s:\r\nyour kerberos" 9807c478bd9Sstevel@tonic-gate " credentials expire in less than" 9817c478bd9Sstevel@tonic-gate " %d minutes.\r\n"), 9827c478bd9Sstevel@tonic-gate cw->warn_name, 9837c478bd9Sstevel@tonic-gate minutes); 9847c478bd9Sstevel@tonic-gate } else { 9857c478bd9Sstevel@tonic-gate send_msg = 1; 9867c478bd9Sstevel@tonic-gate snprintf(buff, sizeof (buff), 9877c478bd9Sstevel@tonic-gate gettext("%s:\r\nyour kerberos" 9887c478bd9Sstevel@tonic-gate " credentials have expired.\r\n"), 9897c478bd9Sstevel@tonic-gate cw->warn_name); 9907c478bd9Sstevel@tonic-gate } 9917c478bd9Sstevel@tonic-gate 9927c478bd9Sstevel@tonic-gate if (kwarnd_debug) 9937c478bd9Sstevel@tonic-gate printf("checklist: send_msg=%d\n", 9947c478bd9Sstevel@tonic-gate send_msg); 9957c478bd9Sstevel@tonic-gate if (!send_msg) 9967c478bd9Sstevel@tonic-gate goto del_warning; 9977c478bd9Sstevel@tonic-gate 9987c478bd9Sstevel@tonic-gate if (strncmp(ce->where_to, 9997c478bd9Sstevel@tonic-gate "mail", sizeof ("mail")) == 0) { 10007c478bd9Sstevel@tonic-gate char *argv[3]; 10017c478bd9Sstevel@tonic-gate 10027c478bd9Sstevel@tonic-gate argv[0] = MAIL; 10037c478bd9Sstevel@tonic-gate (void) snprintf(cmdline, 10047c478bd9Sstevel@tonic-gate sizeof (cmdline), 10057c478bd9Sstevel@tonic-gate "%s", 10067c478bd9Sstevel@tonic-gate ce->email); 10077c478bd9Sstevel@tonic-gate argv[1] = cmdline; 10087c478bd9Sstevel@tonic-gate argv[2] = NULL; 10097c478bd9Sstevel@tonic-gate 10107c478bd9Sstevel@tonic-gate fp = safe_popen_w(MAILPATH, argv); 10117c478bd9Sstevel@tonic-gate 10127c478bd9Sstevel@tonic-gate if (fp) { 10137c478bd9Sstevel@tonic-gate 10147c478bd9Sstevel@tonic-gate (void) fprintf(fp, 10157c478bd9Sstevel@tonic-gate "To: %s\nSubject: %s\n\n%s\n", 10167c478bd9Sstevel@tonic-gate ce->email, 10177c478bd9Sstevel@tonic-gate renew_attempted 10187c478bd9Sstevel@tonic-gate ? renew_subj : subj, 10197c478bd9Sstevel@tonic-gate buff); 10207c478bd9Sstevel@tonic-gate 10217c478bd9Sstevel@tonic-gate fclose(fp); 10227c478bd9Sstevel@tonic-gate } else { 10237c478bd9Sstevel@tonic-gate syslog(LOG_ERR, 10247c478bd9Sstevel@tonic-gate gettext("could not fork " 10257c478bd9Sstevel@tonic-gate "mail program to e-mail " 10267c478bd9Sstevel@tonic-gate "warning to %s\n"), 10277c478bd9Sstevel@tonic-gate cmdline); 10287c478bd9Sstevel@tonic-gate } 10297c478bd9Sstevel@tonic-gate 10307c478bd9Sstevel@tonic-gate } else if (strncmp(ce->where_to, 10317c478bd9Sstevel@tonic-gate "terminal", 10327c478bd9Sstevel@tonic-gate sizeof ("terminal")) == 0) { 10337c478bd9Sstevel@tonic-gate 10347c478bd9Sstevel@tonic-gate warn_send(cw->warn_name, 10357c478bd9Sstevel@tonic-gate buff); 10367c478bd9Sstevel@tonic-gate 10377c478bd9Sstevel@tonic-gate } else if (send_msg && strncmp(ce->where_to, 10387c478bd9Sstevel@tonic-gate "syslog", 10397c478bd9Sstevel@tonic-gate sizeof ("syslog")) == 0) { 10407c478bd9Sstevel@tonic-gate syslog(LOG_NOTICE|LOG_AUTH, 10417c478bd9Sstevel@tonic-gate "%s", 10427c478bd9Sstevel@tonic-gate buff); 10437c478bd9Sstevel@tonic-gate #if 0 10447c478bd9Sstevel@tonic-gate } else if (strncmp(ce->where_to, 10457c478bd9Sstevel@tonic-gate "snmp", 10467c478bd9Sstevel@tonic-gate sizeof ("snmp")) == 0) { 10477c478bd9Sstevel@tonic-gate #endif 10487c478bd9Sstevel@tonic-gate } else { 10497c478bd9Sstevel@tonic-gate if (kwarnd_debug) 10507c478bd9Sstevel@tonic-gate printf( 10517c478bd9Sstevel@tonic-gate "unknown msg method=`%s'\n", 10527c478bd9Sstevel@tonic-gate ce->where_to); 10537c478bd9Sstevel@tonic-gate 10547c478bd9Sstevel@tonic-gate exit(1); 10557c478bd9Sstevel@tonic-gate } 10567c478bd9Sstevel@tonic-gate 10577c478bd9Sstevel@tonic-gate del_warning: 10587c478bd9Sstevel@tonic-gate if (!renew_attempted || renew_failed || 10597c478bd9Sstevel@tonic-gate renew_tooclose) { 10607c478bd9Sstevel@tonic-gate if (del_warning_pvt(cw->warn_name) 10617c478bd9Sstevel@tonic-gate == TRUE) { 10627c478bd9Sstevel@tonic-gate 10637c478bd9Sstevel@tonic-gate if (kwarnd_debug) 10647c478bd9Sstevel@tonic-gate printf( 10657c478bd9Sstevel@tonic-gate "check list: del warn succ\n"); 10667c478bd9Sstevel@tonic-gate 10677c478bd9Sstevel@tonic-gate break; 10687c478bd9Sstevel@tonic-gate } else { 10697c478bd9Sstevel@tonic-gate if (kwarnd_debug) 10707c478bd9Sstevel@tonic-gate printf( 10717c478bd9Sstevel@tonic-gate "could not delete warning\n"); 10727c478bd9Sstevel@tonic-gate 10737c478bd9Sstevel@tonic-gate syslog(LOG_ERR, gettext( 10747c478bd9Sstevel@tonic-gate "could not delete warning")); 10757c478bd9Sstevel@tonic-gate 10767c478bd9Sstevel@tonic-gate exit(1); 10777c478bd9Sstevel@tonic-gate } 10787c478bd9Sstevel@tonic-gate } 10797c478bd9Sstevel@tonic-gate 10807c478bd9Sstevel@tonic-gate } /* if (now) */ 10817c478bd9Sstevel@tonic-gate } /* for */ 10827c478bd9Sstevel@tonic-gate } /* while */ 10837c478bd9Sstevel@tonic-gate } /* func */ 1084