xref: /illumos-gate/usr/src/lib/libshare/nfs/libshare_nfs.c (revision 1be2e5dfebda7cac010af97aae7a3a1b45649aed)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 /*
30  * NFS specific functions
31  */
32 #include <stdio.h>
33 #include <string.h>
34 #include <ctype.h>
35 #include <stdlib.h>
36 #include <unistd.h>
37 #include <zone.h>
38 #include <errno.h>
39 #include <locale.h>
40 #include <signal.h>
41 #include "libshare.h"
42 #include "libshare_impl.h"
43 #include <nfs/export.h>
44 #include <pwd.h>
45 #include <limits.h>
46 #include <libscf.h>
47 #include "nfslog_config.h"
48 #include "nfslogtab.h"
49 #include "libshare_nfs.h"
50 #include <rpcsvc/daemon_utils.h>
51 #include <nfs/nfs.h>
52 #include <nfs/nfssys.h>
53 
54 /* should really be in some global place */
55 #define	DEF_WIN	30000
56 #define	OPT_CHUNK	1024
57 
58 int debug = 0;
59 
60 #define	NFS_SERVER_SVC	"svc:/network/nfs/server:default"
61 
62 /* internal functions */
63 static int nfs_init();
64 static void nfs_fini();
65 static int nfs_enable_share(sa_share_t);
66 static int nfs_disable_share(sa_share_t, char *);
67 static int nfs_validate_property(sa_property_t, sa_optionset_t);
68 static int nfs_validate_security_mode(char *);
69 static int nfs_is_security_opt(char *);
70 static int nfs_parse_legacy_options(sa_group_t, char *);
71 static char *nfs_format_options(sa_group_t, int);
72 static int nfs_set_proto_prop(sa_property_t);
73 static sa_protocol_properties_t nfs_get_proto_set();
74 static char *nfs_get_status();
75 static char *nfs_space_alias(char *);
76 static uint64_t nfs_features();
77 
78 /*
79  * ops vector that provides the protocol specific info and operations
80  * for share management.
81  */
82 
83 struct sa_plugin_ops sa_plugin_ops = {
84 	SA_PLUGIN_VERSION,
85 	"nfs",
86 	nfs_init,
87 	nfs_fini,
88 	nfs_enable_share,
89 	nfs_disable_share,
90 	nfs_validate_property,
91 	nfs_validate_security_mode,
92 	nfs_is_security_opt,
93 	nfs_parse_legacy_options,
94 	nfs_format_options,
95 	nfs_set_proto_prop,
96 	nfs_get_proto_set,
97 	nfs_get_status,
98 	nfs_space_alias,
99 	NULL,	/* update_legacy */
100 	NULL,	/* delete_legacy */
101 	NULL,	/* change_notify */
102 	NULL,	/* enable_resource */
103 	NULL,	/* disable_resource */
104 	nfs_features,
105 	NULL,	/* transient shares */
106 	NULL,	/* notify resource */
107 	NULL
108 };
109 
110 /*
111  * list of support services needed
112  * defines should come from head/rpcsvc/daemon_utils.h
113  */
114 
115 static char *service_list_default[] =
116 	{ STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NULL };
117 static char *service_list_logging[] =
118 	{ STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NFSLOGD, NULL };
119 
120 /*
121  * option definitions.  Make sure to keep the #define for the option
122  * index just before the entry it is the index for. Changing the order
123  * can cause breakage.  E.g OPT_RW is index 1 and must precede the
124  * line that includes the SHOPT_RW and OPT_RW entries.
125  */
126 
127 struct option_defs optdefs[] = {
128 #define	OPT_RO		0
129 	{SHOPT_RO, OPT_RO, OPT_TYPE_ACCLIST},
130 #define	OPT_RW		1
131 	{SHOPT_RW, OPT_RW, OPT_TYPE_ACCLIST},
132 #define	OPT_ROOT	2
133 	{SHOPT_ROOT, OPT_ROOT, OPT_TYPE_ACCLIST},
134 #define	OPT_SECURE	3
135 	{SHOPT_SECURE, OPT_SECURE, OPT_TYPE_DEPRECATED},
136 #define	OPT_ANON	4
137 	{SHOPT_ANON, OPT_ANON, OPT_TYPE_USER},
138 #define	OPT_WINDOW	5
139 	{SHOPT_WINDOW, OPT_WINDOW, OPT_TYPE_NUMBER},
140 #define	OPT_NOSUID	6
141 	{SHOPT_NOSUID, OPT_NOSUID, OPT_TYPE_BOOLEAN},
142 #define	OPT_ACLOK	7
143 	{SHOPT_ACLOK, OPT_ACLOK, OPT_TYPE_BOOLEAN},
144 #define	OPT_NOSUB	8
145 	{SHOPT_NOSUB, OPT_NOSUB, OPT_TYPE_BOOLEAN},
146 #define	OPT_SEC		9
147 	{SHOPT_SEC, OPT_SEC, OPT_TYPE_SECURITY},
148 #define	OPT_PUBLIC	10
149 	{SHOPT_PUBLIC, OPT_PUBLIC, OPT_TYPE_BOOLEAN, OPT_SHARE_ONLY},
150 #define	OPT_INDEX	11
151 	{SHOPT_INDEX, OPT_INDEX, OPT_TYPE_FILE},
152 #define	OPT_LOG		12
153 	{SHOPT_LOG, OPT_LOG, OPT_TYPE_LOGTAG},
154 #define	OPT_CKSUM	13
155 	{SHOPT_CKSUM, OPT_CKSUM, OPT_TYPE_STRINGSET},
156 #ifdef VOLATILE_FH_TEST	/* XXX added for testing volatile fh's only */
157 #define	OPT_VOLFH	14
158 	{SHOPT_VOLFH, OPT_VOLFH},
159 #endif /* VOLATILE_FH_TEST */
160 	NULL
161 };
162 
163 /*
164  * list of properties that are related to security flavors.
165  */
166 static char *seclist[] = {
167 	SHOPT_RO,
168 	SHOPT_RW,
169 	SHOPT_ROOT,
170 	SHOPT_WINDOW,
171 	NULL
172 };
173 
174 /* structure for list of securities */
175 struct securities {
176 	sa_security_t security;
177 	struct securities *next;
178 };
179 
180 /*
181  * findopt(name)
182  *
183  * Lookup option "name" in the option table and return the table
184  * index.
185  */
186 
187 static int
188 findopt(char *name)
189 {
190 	int i;
191 	if (name != NULL) {
192 		for (i = 0; optdefs[i].tag != NULL; i++) {
193 			if (strcmp(optdefs[i].tag, name) == 0)
194 				return (i);
195 		}
196 	}
197 	return (-1);
198 }
199 
200 /*
201  * gettype(name)
202  *
203  * Return the type of option "name".
204  */
205 
206 static int
207 gettype(char *name)
208 {
209 	int optdef;
210 
211 	optdef = findopt(name);
212 	if (optdef != -1)
213 		return (optdefs[optdef].type);
214 	return (OPT_TYPE_ANY);
215 }
216 
217 /*
218  * nfs_validate_security_mode(mode)
219  *
220  * is the specified mode string a valid one for use with NFS?
221  */
222 
223 static int
224 nfs_validate_security_mode(char *mode)
225 {
226 	seconfig_t secinfo;
227 	int err;
228 
229 	(void) memset(&secinfo, '\0', sizeof (secinfo));
230 	err = nfs_getseconfig_byname(mode, &secinfo);
231 	if (err == SC_NOERROR)
232 		return (1);
233 	return (0);
234 }
235 
236 /*
237  * nfs_is_security_opt(tok)
238  *
239  * check to see if tok represents an option that is only valid in some
240  * security flavor.
241  */
242 
243 static int
244 nfs_is_security_opt(char *tok)
245 {
246 	int i;
247 
248 	for (i = 0; seclist[i] != NULL; i++) {
249 		if (strcmp(tok, seclist[i]) == 0)
250 			return (1);
251 	}
252 	return (0);
253 }
254 
255 /*
256  * find_security(seclist, sec)
257  *
258  * Walk the current list of security flavors and return true if it is
259  * present, else return false.
260  */
261 
262 static int
263 find_security(struct securities *seclist, sa_security_t sec)
264 {
265 	while (seclist != NULL) {
266 		if (seclist->security == sec)
267 			return (1);
268 		seclist = seclist->next;
269 	}
270 	return (0);
271 }
272 
273 /*
274  * make_security_list(group, securitymodes, proto)
275  *	go through the list of securitymodes and add them to the
276  *	group's list of security optionsets. We also keep a list of
277  *	those optionsets so we don't have to find them later. All of
278  *	these will get copies of the same properties.
279  */
280 
281 static struct securities *
282 make_security_list(sa_group_t group, char *securitymodes, char *proto)
283 {
284 	char *tok, *next = NULL;
285 	struct securities *curp, *headp = NULL, *prev;
286 	sa_security_t check;
287 	int freetok = 0;
288 
289 	for (tok = securitymodes; tok != NULL; tok = next) {
290 		next = strchr(tok, ':');
291 		if (next != NULL)
292 			*next++ = '\0';
293 		if (strcmp(tok, "default") == 0) {
294 			/* resolve default into the real type */
295 			tok = nfs_space_alias(tok);
296 			freetok = 1;
297 		}
298 		check = sa_get_security(group, tok, proto);
299 
300 		/* add to the security list if it isn't there already */
301 		if (check == NULL || !find_security(headp, check)) {
302 			curp = (struct securities *)calloc(1,
303 			    sizeof (struct securities));
304 			if (curp != NULL) {
305 				if (check == NULL) {
306 					curp->security = sa_create_security(
307 					    group, tok, proto);
308 				} else {
309 					curp->security = check;
310 				}
311 				/*
312 				 * note that the first time through the loop,
313 				 * headp will be NULL and prev will be
314 				 * undefined.  Since headp is NULL, we set
315 				 * both it and prev to the curp (first
316 				 * structure to be allocated).
317 				 *
318 				 * later passes through the loop will have
319 				 * headp not being NULL and prev will be used
320 				 * to allocate at the end of the list.
321 				 */
322 				if (headp == NULL) {
323 					headp = curp;
324 					prev = curp;
325 				} else {
326 					prev->next = curp;
327 					prev = curp;
328 				}
329 			}
330 		}
331 
332 		if (freetok) {
333 			freetok = 0;
334 			sa_free_attr_string(tok);
335 		}
336 	}
337 	return (headp);
338 }
339 
340 static void
341 free_security_list(struct securities *sec)
342 {
343 	struct securities *next;
344 	if (sec != NULL) {
345 		for (next = sec->next; sec != NULL; sec = next) {
346 			next = sec->next;
347 			free(sec);
348 		}
349 	}
350 }
351 
352 /*
353  * nfs_alistcat(str1, str2, sep)
354  *
355  * concatenate str1 and str2 into a new string using sep as a separate
356  * character. If memory allocation fails, return NULL;
357  */
358 
359 static char *
360 nfs_alistcat(char *str1, char *str2, char sep)
361 {
362 	char *newstr;
363 	size_t len;
364 
365 	len = strlen(str1) + strlen(str2) + 2;
366 	newstr = (char *)malloc(len);
367 	if (newstr != NULL)
368 		(void) snprintf(newstr, len, "%s%c%s", str1, sep, str2);
369 	return (newstr);
370 }
371 
372 /*
373  * add_security_prop(sec, name, value, persist)
374  *
375  * Add the property to the securities structure. This accumulates
376  * properties for as part of parsing legacy options.
377  */
378 
379 static int
380 add_security_prop(struct securities *sec, char *name, char *value,
381 			int persist, int iszfs)
382 {
383 	sa_property_t prop;
384 	int ret = SA_OK;
385 
386 	for (; sec != NULL; sec = sec->next) {
387 		if (value == NULL) {
388 			if (strcmp(name, SHOPT_RW) == 0 ||
389 			    strcmp(name, SHOPT_RO) == 0)
390 				value = "*";
391 			else
392 				value = "true";
393 		}
394 
395 		/*
396 		 * Get the existing property, if it exists, so we can
397 		 * determine what to do with it. The ro/rw/root
398 		 * properties can be merged if multiple instances of
399 		 * these properies are given. For example, if "rw"
400 		 * exists with a value "host1" and a later token of
401 		 * rw="host2" is seen, the values are merged into a
402 		 * single rw="host1:host2".
403 		 */
404 		prop = sa_get_property(sec->security, name);
405 
406 		if (prop != NULL) {
407 			char *oldvalue;
408 			char *newvalue;
409 
410 			/*
411 			 * The security options of ro/rw/root might appear
412 			 * multiple times. If they do, the values need to be
413 			 * merged into an access list. If it was previously
414 			 * empty, the new value alone is added.
415 			 */
416 			oldvalue = sa_get_property_attr(prop, "value");
417 			if (oldvalue != NULL) {
418 				/*
419 				 * The general case is to concatenate the new
420 				 * value onto the old value for multiple
421 				 * rw(ro/root) properties. A special case
422 				 * exists when either the old or new is the
423 				 * "all" case. In the special case, if both
424 				 * are "all", then it is "all", else if one is
425 				 * an access-list, that replaces the "all".
426 				 */
427 				if (strcmp(oldvalue, "*") == 0) {
428 					/* Replace old value with new value. */
429 					newvalue = strdup(value);
430 				} else if (strcmp(value, "*") == 0) {
431 					/*
432 					 * Keep old value and ignore
433 					 * the new value.
434 					 */
435 					newvalue = NULL;
436 				} else {
437 					/*
438 					 * Make a new list of old plus new
439 					 * access-list.
440 					 */
441 					newvalue = nfs_alistcat(oldvalue,
442 					    value, ':');
443 				}
444 
445 				if (newvalue != NULL) {
446 					(void) sa_remove_property(prop);
447 					prop = sa_create_property(name,
448 					    newvalue);
449 					ret = sa_add_property(sec->security,
450 					    prop);
451 					free(newvalue);
452 				}
453 				if (oldvalue != NULL)
454 					sa_free_attr_string(oldvalue);
455 			}
456 		} else {
457 			prop = sa_create_property(name, value);
458 			ret = sa_add_property(sec->security, prop);
459 		}
460 		if (ret == SA_OK && !iszfs) {
461 			ret = sa_commit_properties(sec->security, !persist);
462 		}
463 	}
464 	return (ret);
465 }
466 
467 /*
468  * check to see if group/share is persistent.
469  */
470 static int
471 is_persistent(sa_group_t group)
472 {
473 	char *type;
474 	int persist = 1;
475 
476 	type = sa_get_group_attr(group, "type");
477 	if (type != NULL && strcmp(type, "persist") != 0)
478 		persist = 0;
479 	if (type != NULL)
480 		sa_free_attr_string(type);
481 	return (persist);
482 }
483 
484 /*
485  * invalid_security(options)
486  *
487  * search option string for any invalid sec= type.
488  * return true (1) if any are not valid else false (0)
489  */
490 static int
491 invalid_security(char *options)
492 {
493 	char *copy, *base, *token, *value;
494 	int ret = 0;
495 
496 	copy = strdup(options);
497 	token = base = copy;
498 	while (token != NULL && ret == 0) {
499 		token = strtok(base, ",");
500 		base = NULL;
501 		if (token != NULL) {
502 			value = strchr(token, '=');
503 			if (value != NULL)
504 				*value++ = '\0';
505 			if (strcmp(token, "sec") == 0) {
506 				/* HAVE security flavors so check them */
507 				char *tok, *next;
508 				for (next = NULL, tok = value; tok != NULL;
509 				    tok = next) {
510 					next = strchr(tok, ':');
511 					if (next != NULL)
512 						*next++ = '\0';
513 					ret = !nfs_validate_security_mode(tok);
514 					if (ret)
515 						break;
516 				}
517 			}
518 		}
519 	}
520 	if (copy != NULL)
521 		free(copy);
522 	return (ret);
523 }
524 
525 /*
526  * nfs_parse_legacy_options(group, options)
527  *
528  * Parse the old style options into internal format and store on the
529  * specified group.  Group could be a share for full legacy support.
530  */
531 
532 static int
533 nfs_parse_legacy_options(sa_group_t group, char *options)
534 {
535 	char *dup;
536 	char *base;
537 	char *token;
538 	sa_optionset_t optionset;
539 	struct securities *security_list = NULL;
540 	sa_property_t prop;
541 	int ret = SA_OK;
542 	int iszfs = 0;
543 	sa_group_t parent;
544 	int persist = 0;
545 	char *lasts;
546 
547 	/* do we have an existing optionset? */
548 	optionset = sa_get_optionset(group, "nfs");
549 	if (optionset == NULL) {
550 		/* didn't find existing optionset so create one */
551 		optionset = sa_create_optionset(group, "nfs");
552 	} else {
553 		/*
554 		 * Have an existing optionset . Ideally, we would need
555 		 * to compare options in order to detect errors. For
556 		 * now, we assume that the first optionset is the
557 		 * correct one and the others will be the same. An
558 		 * empty optionset is the same as no optionset so we
559 		 * don't want to exit in that case. Getting an empty
560 		 * optionset can occur with ZFS property checking.
561 		 */
562 		if (sa_get_property(optionset, NULL) != NULL)
563 			return (ret);
564 	}
565 
566 	if (strcmp(options, SHOPT_RW) == 0) {
567 		/*
568 		 * there is a special case of only the option "rw"
569 		 * being the default option. We don't have to do
570 		 * anything.
571 		 */
572 		return (ret);
573 	}
574 
575 	/*
576 	 * check if security types are present and validate them. If
577 	 * any are not legal, fail.
578 	 */
579 
580 	if (invalid_security(options)) {
581 		return (SA_INVALID_SECURITY);
582 	}
583 
584 	/*
585 	 * in order to not attempt to change ZFS properties unless
586 	 * absolutely necessary, we never do it in the legacy parsing.
587 	 */
588 	if (sa_is_share(group)) {
589 		char *zfs;
590 		parent = sa_get_parent_group(group);
591 		if (parent != NULL) {
592 			zfs = sa_get_group_attr(parent, "zfs");
593 			if (zfs != NULL) {
594 				sa_free_attr_string(zfs);
595 				iszfs++;
596 			}
597 		}
598 	} else {
599 		iszfs = sa_group_is_zfs(group);
600 	}
601 
602 	/* We need a copy of options for the next part. */
603 	dup = strdup(options);
604 	if (dup == NULL)
605 		return (SA_NO_MEMORY);
606 
607 	/*
608 	 * we need to step through each option in the string and then
609 	 * add either the option or the security option as needed. If
610 	 * this is not a persistent share, don't commit to the
611 	 * repository. If there is an error, we also want to abort the
612 	 * processing and report it.
613 	 */
614 	persist = is_persistent(group);
615 	base = dup;
616 	token = dup;
617 	lasts = NULL;
618 	while (token != NULL && ret == SA_OK) {
619 		ret = SA_OK;
620 		token = strtok_r(base, ",", &lasts);
621 		base = NULL;
622 		if (token != NULL) {
623 			char *value;
624 			/*
625 			 * if the option has a value, it will have an '=' to
626 			 * separate the name from the value. The following
627 			 * code will result in value != NULL and token
628 			 * pointing to just the name if there is a value.
629 			 */
630 			value = strchr(token, '=');
631 			if (value != NULL) {
632 				*value++ = '\0';
633 			}
634 			if (strcmp(token, "sec") == 0 ||
635 			    strcmp(token, "secure") == 0) {
636 				/*
637 				 * Once in security parsing, we only
638 				 * do security. We do need to move
639 				 * between the security node and the
640 				 * toplevel. The security tag goes on
641 				 * the root while the following ones
642 				 * go on the security.
643 				 */
644 				if (security_list != NULL) {
645 					/*
646 					 * have an old list so close it and
647 					 * start the new
648 					 */
649 					free_security_list(security_list);
650 				}
651 				if (strcmp(token, "secure") == 0) {
652 					value = "dh";
653 				} else {
654 					if (value == NULL) {
655 						ret = SA_SYNTAX_ERR;
656 						break;
657 					}
658 				}
659 				security_list = make_security_list(group,
660 				    value, "nfs");
661 			} else {
662 				/*
663 				 * Note that the "old" syntax allowed a
664 				 * default security model This must be
665 				 * accounted for and internally converted to
666 				 * "standard" security structure.
667 				 */
668 				if (nfs_is_security_opt(token)) {
669 					if (security_list == NULL) {
670 						/*
671 						 * need to have a
672 						 * security
673 						 * option. This will
674 						 * be "closed" when a
675 						 * defined "sec="
676 						 * option is
677 						 * seen. This is
678 						 * technically an
679 						 * error but will be
680 						 * allowed with
681 						 * warning.
682 						 */
683 						security_list =
684 						    make_security_list(group,
685 						    "default",
686 						    "nfs");
687 					}
688 					if (security_list != NULL) {
689 						ret = add_security_prop(
690 						    security_list, token,
691 						    value, persist, iszfs);
692 					} else {
693 						ret = SA_NO_MEMORY;
694 					}
695 				} else {
696 					/* regular options */
697 					if (value == NULL) {
698 						if (strcmp(token, SHOPT_RW) ==
699 						    0 || strcmp(token,
700 						    SHOPT_RO) == 0) {
701 							value = "*";
702 						} else {
703 							value = "global";
704 							if (strcmp(token,
705 							    SHOPT_LOG) != 0) {
706 								value = "true";
707 							}
708 						}
709 					}
710 					/*
711 					 * In all cases, create the
712 					 * property specified. If the
713 					 * value was NULL, the default
714 					 * value will have been
715 					 * substituted.
716 					 */
717 					prop = sa_create_property(token, value);
718 					ret =  sa_add_property(optionset, prop);
719 					if (ret != SA_OK)
720 						break;
721 
722 					if (!iszfs) {
723 						ret = sa_commit_properties(
724 						    optionset, !persist);
725 					}
726 				}
727 			}
728 		}
729 	}
730 	if (security_list != NULL)
731 		free_security_list(security_list);
732 
733 	free(dup);
734 	return (ret);
735 }
736 
737 /*
738  * is_a_number(number)
739  *
740  * is the string a number in one of the forms we want to use?
741  */
742 
743 static int
744 is_a_number(char *number)
745 {
746 	int ret = 1;
747 	int hex = 0;
748 
749 	if (strncmp(number, "0x", 2) == 0) {
750 		number += 2;
751 		hex = 1;
752 	} else if (*number == '-') {
753 		number++; /* skip the minus */
754 	}
755 	while (ret == 1 && *number != '\0') {
756 		if (hex) {
757 			ret = isxdigit(*number++);
758 		} else {
759 			ret = isdigit(*number++);
760 		}
761 	}
762 	return (ret);
763 }
764 
765 /*
766  * Look for the specified tag in the configuration file. If it is found,
767  * enable logging and set the logging configuration information for exp.
768  */
769 static void
770 configlog(struct exportdata *exp, char *tag)
771 {
772 	nfsl_config_t *configlist = NULL, *configp;
773 	int error = 0;
774 	char globaltag[] = DEFAULTTAG;
775 
776 	/*
777 	 * Sends config errors to stderr
778 	 */
779 	nfsl_errs_to_syslog = B_FALSE;
780 
781 	/*
782 	 * get the list of configuration settings
783 	 */
784 	error = nfsl_getconfig_list(&configlist);
785 	if (error) {
786 		(void) fprintf(stderr,
787 		    dgettext(TEXT_DOMAIN, "Cannot get log configuration: %s\n"),
788 		    strerror(error));
789 	}
790 
791 	if (tag == NULL)
792 		tag = globaltag;
793 	if ((configp = nfsl_findconfig(configlist, tag, &error)) == NULL) {
794 		nfsl_freeconfig_list(&configlist);
795 		(void) fprintf(stderr,
796 		    dgettext(TEXT_DOMAIN, "No tags matching \"%s\"\n"), tag);
797 		/* bad configuration */
798 		error = ENOENT;
799 		goto err;
800 	}
801 
802 	if ((exp->ex_tag = strdup(tag)) == NULL) {
803 		error = ENOMEM;
804 		goto out;
805 	}
806 	if ((exp->ex_log_buffer = strdup(configp->nc_bufferpath)) == NULL) {
807 		error = ENOMEM;
808 		goto out;
809 	}
810 	exp->ex_flags |= EX_LOG;
811 	if (configp->nc_rpclogpath != NULL)
812 		exp->ex_flags |= EX_LOG_ALLOPS;
813 out:
814 	if (configlist != NULL)
815 		nfsl_freeconfig_list(&configlist);
816 
817 err:
818 	if (error != 0) {
819 		if (exp->ex_flags != NULL)
820 			free(exp->ex_tag);
821 		if (exp->ex_log_buffer != NULL)
822 			free(exp->ex_log_buffer);
823 		(void) fprintf(stderr,
824 		    dgettext(TEXT_DOMAIN, "Cannot set log configuration: %s\n"),
825 		    strerror(error));
826 	}
827 }
828 
829 /*
830  * fill_export_from_optionset(export, optionset)
831  *
832  * In order to share, we need to set all the possible general options
833  * into the export structure. Share info will be filled in by the
834  * caller. Various property values get turned into structure specific
835  * values.
836  */
837 
838 static int
839 fill_export_from_optionset(struct exportdata *export, sa_optionset_t optionset)
840 {
841 	sa_property_t option;
842 	int ret = SA_OK;
843 
844 	for (option = sa_get_property(optionset, NULL);
845 	    option != NULL; option = sa_get_next_property(option)) {
846 		char *name;
847 		char *value;
848 		uint32_t val;
849 
850 		/*
851 		 * since options may be set/reset multiple times, always do an
852 		 * explicit set or clear of the option. This allows defaults
853 		 * to be set and then the protocol specific to override.
854 		 */
855 
856 		name = sa_get_property_attr(option, "type");
857 		value = sa_get_property_attr(option, "value");
858 		switch (findopt(name)) {
859 		case OPT_ANON:
860 			if (value != NULL && is_a_number(value)) {
861 				val = strtoul(value, NULL, 0);
862 			} else {
863 				struct passwd *pw;
864 				pw = getpwnam(value != NULL ? value : "nobody");
865 				if (pw != NULL) {
866 					val = pw->pw_uid;
867 				} else {
868 					val = UID_NOBODY;
869 				}
870 				endpwent();
871 			}
872 			export->ex_anon = val;
873 			break;
874 		case OPT_NOSUID:
875 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
876 			    strcmp(value, "1") == 0))
877 				export->ex_flags |= EX_NOSUID;
878 			else
879 				export->ex_flags &= ~EX_NOSUID;
880 			break;
881 		case OPT_ACLOK:
882 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
883 			    strcmp(value, "1") == 0))
884 				export->ex_flags |= EX_ACLOK;
885 			else
886 				export->ex_flags &= ~EX_ACLOK;
887 			break;
888 		case OPT_NOSUB:
889 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
890 			    strcmp(value, "1") == 0))
891 				export->ex_flags |= EX_NOSUB;
892 			else
893 				export->ex_flags &= ~EX_NOSUB;
894 			break;
895 		case OPT_PUBLIC:
896 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
897 			    strcmp(value, "1") == 0))
898 				export->ex_flags |= EX_PUBLIC;
899 			else
900 				export->ex_flags &= ~EX_PUBLIC;
901 			break;
902 		case OPT_INDEX:
903 			if (value != NULL && (strcmp(value, "..") == 0 ||
904 			    strchr(value, '/') != NULL)) {
905 				/* this is an error */
906 				(void) printf(dgettext(TEXT_DOMAIN,
907 				    "NFS: index=\"%s\" not valid;"
908 				    "must be a filename.\n"),
909 				    value);
910 				break;
911 			}
912 			if (value != NULL && *value != '\0' &&
913 			    strcmp(value, ".") != 0) {
914 				/* valid index file string */
915 				if (export->ex_index != NULL) {
916 					/* left over from "default" */
917 					free(export->ex_index);
918 				}
919 				/* remember to free */
920 				export->ex_index = strdup(value);
921 				if (export->ex_index == NULL) {
922 					(void) printf(dgettext(TEXT_DOMAIN,
923 					    "NFS: out of memory setting "
924 					    "index property\n"));
925 					break;
926 				}
927 				export->ex_flags |= EX_INDEX;
928 			}
929 			break;
930 		case OPT_LOG:
931 			if (value == NULL)
932 				value = strdup("global");
933 			if (value != NULL)
934 				configlog(export,
935 				    strlen(value) ? value : "global");
936 			break;
937 		default:
938 			/* have a syntactic error */
939 			(void) printf(dgettext(TEXT_DOMAIN,
940 			    "NFS: unrecognized option %s=%s\n"),
941 			    name, value != NULL ? value : "");
942 			break;
943 		}
944 		if (name != NULL)
945 			sa_free_attr_string(name);
946 		if (value != NULL)
947 			sa_free_attr_string(value);
948 	}
949 	return (ret);
950 }
951 
952 /*
953  * cleanup_export(export)
954  *
955  * Cleanup the allocated areas so we don't leak memory
956  */
957 
958 static void
959 cleanup_export(struct exportdata *export)
960 {
961 	int i;
962 
963 	if (export->ex_index != NULL)
964 		free(export->ex_index);
965 	if (export->ex_secinfo != NULL) {
966 		for (i = 0; i < export->ex_seccnt; i++)
967 			if (export->ex_secinfo[i].s_rootnames != NULL)
968 				free(export->ex_secinfo[i].s_rootnames);
969 		free(export->ex_secinfo);
970 	}
971 }
972 
973 /*
974  * Given a seconfig entry and a colon-separated
975  * list of names, allocate an array big enough
976  * to hold the root list, then convert each name to
977  * a principal name according to the security
978  * info and assign it to an array element.
979  * Return the array and its size.
980  */
981 static caddr_t *
982 get_rootnames(seconfig_t *sec, char *list, int *count)
983 {
984 	caddr_t *a;
985 	int c, i;
986 	char *host, *p;
987 
988 	/*
989 	 * Count the number of strings in the list.
990 	 * This is the number of colon separators + 1.
991 	 */
992 	c = 1;
993 	for (p = list; *p; p++)
994 		if (*p == ':')
995 			c++;
996 	*count = c;
997 
998 	a = (caddr_t *)malloc(c * sizeof (char *));
999 	if (a == NULL) {
1000 		(void) printf(dgettext(TEXT_DOMAIN,
1001 		    "get_rootnames: no memory\n"));
1002 	} else {
1003 		for (i = 0; i < c; i++) {
1004 			host = strtok(list, ":");
1005 			if (!nfs_get_root_principal(sec, host, &a[i])) {
1006 				free(a);
1007 				a = NULL;
1008 				break;
1009 			}
1010 			list = NULL;
1011 		}
1012 	}
1013 
1014 	return (a);
1015 }
1016 
1017 /*
1018  * fill_security_from_secopts(sp, secopts)
1019  *
1020  * Fill the secinfo structure from the secopts optionset.
1021  */
1022 
1023 static int
1024 fill_security_from_secopts(struct secinfo *sp, sa_security_t secopts)
1025 {
1026 	sa_property_t prop;
1027 	char *type;
1028 	int longform;
1029 	int err = SC_NOERROR;
1030 
1031 	type = sa_get_security_attr(secopts, "sectype");
1032 	if (type != NULL) {
1033 		/* named security type needs secinfo to be filled in */
1034 		err = nfs_getseconfig_byname(type, &sp->s_secinfo);
1035 		sa_free_attr_string(type);
1036 		if (err != SC_NOERROR)
1037 			return (err);
1038 	} else {
1039 		/* default case */
1040 		err = nfs_getseconfig_default(&sp->s_secinfo);
1041 		if (err != SC_NOERROR)
1042 			return (err);
1043 	}
1044 
1045 	err = SA_OK;
1046 	for (prop = sa_get_property(secopts, NULL);
1047 	    prop != NULL && err == SA_OK;
1048 	    prop = sa_get_next_property(prop)) {
1049 		char *name;
1050 		char *value;
1051 
1052 		name = sa_get_property_attr(prop, "type");
1053 		value = sa_get_property_attr(prop, "value");
1054 
1055 		longform = value != NULL && strcmp(value, "*") != 0;
1056 
1057 		switch (findopt(name)) {
1058 		case OPT_RO:
1059 			sp->s_flags |= longform ? M_ROL : M_RO;
1060 			break;
1061 		case OPT_RW:
1062 			sp->s_flags |= longform ? M_RWL : M_RW;
1063 			break;
1064 		case OPT_ROOT:
1065 			sp->s_flags |= M_ROOT;
1066 			/*
1067 			 * if we are using AUTH_UNIX, handle like other things
1068 			 * such as RO/RW
1069 			 */
1070 			if (sp->s_secinfo.sc_rpcnum == AUTH_UNIX)
1071 				continue;
1072 			/* not AUTH_UNIX */
1073 			if (value != NULL) {
1074 				sp->s_rootnames = get_rootnames(&sp->s_secinfo,
1075 				    value, &sp->s_rootcnt);
1076 				if (sp->s_rootnames == NULL) {
1077 					err = SA_BAD_VALUE;
1078 					(void) fprintf(stderr,
1079 					    dgettext(TEXT_DOMAIN,
1080 					    "Bad root list\n"));
1081 				}
1082 			}
1083 			break;
1084 		case OPT_WINDOW:
1085 			if (value != NULL) {
1086 				sp->s_window = atoi(value);
1087 				/* just in case */
1088 				if (sp->s_window < 0)
1089 					sp->s_window = DEF_WIN;
1090 			}
1091 			break;
1092 		default:
1093 			break;
1094 		}
1095 		if (name != NULL)
1096 			sa_free_attr_string(name);
1097 		if (value != NULL)
1098 			sa_free_attr_string(value);
1099 	}
1100 	/* if rw/ro options not set, use default of RW */
1101 	if ((sp->s_flags & NFS_RWMODES) == 0)
1102 		sp->s_flags |= M_RW;
1103 	return (err);
1104 }
1105 
1106 /*
1107  * This is for testing only
1108  * It displays the export structure that
1109  * goes into the kernel.
1110  */
1111 static void
1112 printarg(char *path, struct exportdata *ep)
1113 {
1114 	int i, j;
1115 	struct secinfo *sp;
1116 
1117 	if (debug == 0)
1118 		return;
1119 
1120 	(void) printf("%s:\n", path);
1121 	(void) printf("\tex_version = %d\n", ep->ex_version);
1122 	(void) printf("\tex_path = %s\n", ep->ex_path);
1123 	(void) printf("\tex_pathlen = %ld\n", (ulong_t)ep->ex_pathlen);
1124 	(void) printf("\tex_flags: (0x%02x) ", ep->ex_flags);
1125 	if (ep->ex_flags & EX_NOSUID)
1126 		(void) printf("NOSUID ");
1127 	if (ep->ex_flags & EX_ACLOK)
1128 		(void) printf("ACLOK ");
1129 	if (ep->ex_flags & EX_PUBLIC)
1130 		(void) printf("PUBLIC ");
1131 	if (ep->ex_flags & EX_NOSUB)
1132 		(void) printf("NOSUB ");
1133 	if (ep->ex_flags & EX_LOG)
1134 		(void) printf("LOG ");
1135 	if (ep->ex_flags & EX_LOG_ALLOPS)
1136 		(void) printf("LOG_ALLOPS ");
1137 	if (ep->ex_flags == 0)
1138 		(void) printf("(none)");
1139 	(void) 	printf("\n");
1140 	if (ep->ex_flags & EX_LOG) {
1141 		(void) printf("\tex_log_buffer = %s\n",
1142 		    (ep->ex_log_buffer ? ep->ex_log_buffer : "(NULL)"));
1143 		(void) printf("\tex_tag = %s\n",
1144 		    (ep->ex_tag ? ep->ex_tag : "(NULL)"));
1145 	}
1146 	(void) printf("\tex_anon = %d\n", ep->ex_anon);
1147 	(void) printf("\tex_seccnt = %d\n", ep->ex_seccnt);
1148 	(void) printf("\n");
1149 	for (i = 0; i < ep->ex_seccnt; i++) {
1150 		sp = &ep->ex_secinfo[i];
1151 		(void) printf("\t\ts_secinfo = %s\n", sp->s_secinfo.sc_name);
1152 		(void) printf("\t\ts_flags: (0x%02x) ", sp->s_flags);
1153 		if (sp->s_flags & M_ROOT) (void) printf("M_ROOT ");
1154 		if (sp->s_flags & M_RO) (void) printf("M_RO ");
1155 		if (sp->s_flags & M_ROL) (void) printf("M_ROL ");
1156 		if (sp->s_flags & M_RW) (void) printf("M_RW ");
1157 		if (sp->s_flags & M_RWL) (void) printf("M_RWL ");
1158 		if (sp->s_flags == 0) (void) printf("(none)");
1159 		(void) printf("\n");
1160 		(void) printf("\t\ts_window = %d\n", sp->s_window);
1161 		(void) printf("\t\ts_rootcnt = %d ", sp->s_rootcnt);
1162 		(void) fflush(stdout);
1163 		for (j = 0; j < sp->s_rootcnt; j++)
1164 			(void) printf("%s ", sp->s_rootnames[j] ?
1165 			    sp->s_rootnames[j] : "<null>");
1166 		(void) printf("\n\n");
1167 	}
1168 }
1169 
1170 /*
1171  * count_security(opts)
1172  *
1173  * Count the number of security types (flavors). The optionset has
1174  * been populated with the security flavors as a holding mechanism.
1175  * We later use this number to allocate data structures.
1176  */
1177 
1178 static int
1179 count_security(sa_optionset_t opts)
1180 {
1181 	int count = 0;
1182 	sa_property_t prop;
1183 	if (opts != NULL) {
1184 		for (prop = sa_get_property(opts, NULL); prop != NULL;
1185 		    prop = sa_get_next_property(prop)) {
1186 			count++;
1187 		}
1188 	}
1189 	return (count);
1190 }
1191 
1192 /*
1193  * nfs_sprint_option(rbuff, rbuffsize, incr, prop, sep)
1194  *
1195  * provides a mechanism to format NFS properties into legacy output
1196  * format. If the buffer would overflow, it is reallocated and grown
1197  * as appropriate. Special cases of converting internal form of values
1198  * to those used by "share" are done. this function does one property
1199  * at a time.
1200  */
1201 
1202 static int
1203 nfs_sprint_option(char **rbuff, size_t *rbuffsize, size_t incr,
1204 			sa_property_t prop, int sep)
1205 {
1206 	char *name;
1207 	char *value;
1208 	int curlen;
1209 	char *buff = *rbuff;
1210 	size_t buffsize = *rbuffsize;
1211 	int printed = B_FALSE;
1212 
1213 	name = sa_get_property_attr(prop, "type");
1214 	value = sa_get_property_attr(prop, "value");
1215 	if (buff != NULL)
1216 		curlen = strlen(buff);
1217 	else
1218 		curlen = 0;
1219 	if (name != NULL) {
1220 		int len;
1221 		len = strlen(name) + sep;
1222 
1223 		/*
1224 		 * A future RFE would be to replace this with more
1225 		 * generic code and to possibly handle more types.
1226 		 */
1227 		switch (gettype(name)) {
1228 		case OPT_TYPE_BOOLEAN:
1229 			/*
1230 			 * For NFS, boolean value of FALSE means it
1231 			 * doesn't show up in the option list at all.
1232 			 */
1233 			if (value != NULL && strcasecmp(value, "false") == 0)
1234 				goto skip;
1235 			if (value != NULL) {
1236 				sa_free_attr_string(value);
1237 				value = NULL;
1238 			}
1239 			break;
1240 		case OPT_TYPE_ACCLIST:
1241 			if (value != NULL && strcmp(value, "*") == 0) {
1242 				sa_free_attr_string(value);
1243 				value = NULL;
1244 			} else {
1245 				if (value != NULL)
1246 					len += 1 + strlen(value);
1247 			}
1248 			break;
1249 		case OPT_TYPE_LOGTAG:
1250 			if (value != NULL && strlen(value) == 0) {
1251 				sa_free_attr_string(value);
1252 				value = NULL;
1253 			} else {
1254 				if (value != NULL)
1255 					len += 1 + strlen(value);
1256 			}
1257 			break;
1258 		default:
1259 			if (value != NULL)
1260 				len += 1 + strlen(value);
1261 			break;
1262 		}
1263 		while (buffsize <= (curlen + len)) {
1264 			/* need more room */
1265 			buffsize += incr;
1266 			buff = realloc(buff, buffsize);
1267 			if (buff == NULL) {
1268 				/* realloc failed so free everything */
1269 				if (*rbuff != NULL)
1270 					free(*rbuff);
1271 			}
1272 			*rbuff = buff;
1273 			*rbuffsize = buffsize;
1274 			if (buff == NULL)
1275 				goto skip;
1276 
1277 		}
1278 
1279 		if (buff == NULL)
1280 			goto skip;
1281 
1282 		if (value == NULL) {
1283 			(void) snprintf(buff + curlen, buffsize - curlen,
1284 			    "%s%s", sep ? "," : "",
1285 			    name, value != NULL ? value : "");
1286 		} else {
1287 			(void) snprintf(buff + curlen, buffsize - curlen,
1288 			    "%s%s=%s", sep ? "," : "",
1289 			    name, value != NULL ? value : "");
1290 		}
1291 		printed = B_TRUE;
1292 	}
1293 skip:
1294 	if (name != NULL)
1295 		sa_free_attr_string(name);
1296 	if (value != NULL)
1297 		sa_free_attr_string(value);
1298 	return (printed);
1299 }
1300 
1301 /*
1302  * nfs_format_options(group, hier)
1303  *
1304  * format all the options on the group into an old-style option
1305  * string. If hier is non-zero, walk up the tree to get inherited
1306  * options.
1307  */
1308 
1309 static char *
1310 nfs_format_options(sa_group_t group, int hier)
1311 {
1312 	sa_optionset_t options = NULL;
1313 	sa_optionset_t secoptions = NULL;
1314 	sa_property_t prop, secprop;
1315 	sa_security_t security = NULL;
1316 	char *buff;
1317 	size_t buffsize;
1318 	char *sectype = NULL;
1319 	int sep = 0;
1320 
1321 
1322 	buff = malloc(OPT_CHUNK);
1323 	if (buff == NULL) {
1324 		return (NULL);
1325 	}
1326 
1327 	buff[0] = '\0';
1328 	buffsize = OPT_CHUNK;
1329 
1330 	/*
1331 	 * We may have a an optionset relative to this item. format
1332 	 * these if we find them and then add any security definitions.
1333 	 */
1334 
1335 	options = sa_get_derived_optionset(group, "nfs", hier);
1336 
1337 	/*
1338 	 * do the default set first but skip any option that is also
1339 	 * in the protocol specific optionset.
1340 	 */
1341 	if (options != NULL) {
1342 		for (prop = sa_get_property(options, NULL);
1343 		    prop != NULL; prop = sa_get_next_property(prop)) {
1344 			/*
1345 			 * use this one since we skipped any
1346 			 * of these that were also in
1347 			 * optdefault
1348 			 */
1349 			if (nfs_sprint_option(&buff, &buffsize, OPT_CHUNK,
1350 			    prop, sep))
1351 				sep = 1;
1352 			if (buff == NULL) {
1353 				/*
1354 				 * buff could become NULL if there
1355 				 * isn't enough memory for
1356 				 * nfs_sprint_option to realloc()
1357 				 * as necessary. We can't really
1358 				 * do anything about it at this
1359 				 * point so we return NULL.  The
1360 				 * caller should handle the
1361 				 * failure.
1362 				 */
1363 				if (options != NULL)
1364 					sa_free_derived_optionset(
1365 					    options);
1366 				return (buff);
1367 			}
1368 		}
1369 	}
1370 	secoptions = (sa_optionset_t)sa_get_all_security_types(group,
1371 	    "nfs", hier);
1372 	if (secoptions != NULL) {
1373 		for (secprop = sa_get_property(secoptions, NULL);
1374 		    secprop != NULL;
1375 		    secprop = sa_get_next_property(secprop)) {
1376 			sectype = sa_get_property_attr(secprop, "type");
1377 			security =
1378 			    (sa_security_t)sa_get_derived_security(
1379 			    group, sectype, "nfs", hier);
1380 			if (security != NULL) {
1381 				if (sectype != NULL) {
1382 					prop = sa_create_property(
1383 					    "sec", sectype);
1384 					if (prop == NULL)
1385 						goto err;
1386 					if (nfs_sprint_option(&buff,
1387 					    &buffsize, OPT_CHUNK, prop, sep))
1388 						sep = 1;
1389 					(void) sa_remove_property(prop);
1390 					if (buff == NULL)
1391 						goto err;
1392 				}
1393 				for (prop = sa_get_property(security,
1394 				    NULL); prop != NULL;
1395 				    prop = sa_get_next_property(prop)) {
1396 					if (nfs_sprint_option(&buff,
1397 					    &buffsize, OPT_CHUNK, prop, sep))
1398 						sep = 1;
1399 					if (buff == NULL)
1400 						goto err;
1401 				}
1402 				sa_free_derived_optionset(security);
1403 			}
1404 			if (sectype != NULL)
1405 				sa_free_attr_string(sectype);
1406 		}
1407 		sa_free_derived_optionset(secoptions);
1408 	}
1409 
1410 	if (options != NULL)
1411 		sa_free_derived_optionset(options);
1412 	return (buff);
1413 
1414 err:
1415 	/*
1416 	 * If we couldn't allocate memory for option printing, we need
1417 	 * to break out of the nested loops, cleanup and return NULL.
1418 	 */
1419 	if (secoptions != NULL)
1420 		sa_free_derived_optionset(secoptions);
1421 	if (security != NULL)
1422 		sa_free_derived_optionset(security);
1423 	if (sectype != NULL)
1424 		sa_free_attr_string(sectype);
1425 	if (options != NULL)
1426 		sa_free_derived_optionset(options);
1427 	return (buff);
1428 }
1429 
1430 /*
1431  * Append an entry to the nfslogtab file
1432  */
1433 static int
1434 nfslogtab_add(dir, buffer, tag)
1435 	char *dir, *buffer, *tag;
1436 {
1437 	FILE *f;
1438 	struct logtab_ent lep;
1439 	int error = 0;
1440 
1441 	/*
1442 	 * Open the file for update and create it if necessary.
1443 	 * This may leave the I/O offset at the end of the file,
1444 	 * so rewind back to the beginning of the file.
1445 	 */
1446 	f = fopen(NFSLOGTAB, "a+");
1447 	if (f == NULL) {
1448 		error = errno;
1449 		goto out;
1450 	}
1451 	rewind(f);
1452 
1453 	if (lockf(fileno(f), F_LOCK, 0L) < 0) {
1454 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1455 		    "share complete, however failed to lock %s "
1456 		    "for update: %s\n"), NFSLOGTAB, strerror(errno));
1457 		error = -1;
1458 		goto out;
1459 	}
1460 
1461 	if (logtab_deactivate_after_boot(f) == -1) {
1462 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1463 		    "share complete, however could not deactivate "
1464 		    "entries in %s\n"), NFSLOGTAB);
1465 		error = -1;
1466 		goto out;
1467 	}
1468 
1469 	/*
1470 	 * Remove entries matching buffer and sharepoint since we're
1471 	 * going to replace it with perhaps an entry with a new tag.
1472 	 */
1473 	if (logtab_rement(f, buffer, dir, NULL, -1)) {
1474 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1475 		    "share complete, however could not remove matching "
1476 		    "entries in %s\n"), NFSLOGTAB);
1477 		error = -1;
1478 		goto out;
1479 	}
1480 
1481 	/*
1482 	 * Deactivate all active entries matching this sharepoint
1483 	 */
1484 	if (logtab_deactivate(f, NULL, dir, NULL)) {
1485 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1486 		    "share complete, however could not deactivate matching "
1487 		    "entries in %s\n"), NFSLOGTAB);
1488 		error = -1;
1489 		goto out;
1490 	}
1491 
1492 	lep.le_buffer = buffer;
1493 	lep.le_path = dir;
1494 	lep.le_tag = tag;
1495 	lep.le_state = LES_ACTIVE;
1496 
1497 	/*
1498 	 * Add new sharepoint / buffer location to nfslogtab
1499 	 */
1500 	if (logtab_putent(f, &lep) < 0) {
1501 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1502 		    "share complete, however could not add %s to %s\n"),
1503 		    dir, NFSLOGTAB);
1504 		error = -1;
1505 	}
1506 
1507 out:
1508 	if (f != NULL)
1509 		(void) fclose(f);
1510 	return (error);
1511 }
1512 
1513 /*
1514  * Deactivate an entry from the nfslogtab file
1515  */
1516 static int
1517 nfslogtab_deactivate(path)
1518 	char *path;
1519 {
1520 	FILE *f;
1521 	int error = 0;
1522 
1523 	f = fopen(NFSLOGTAB, "r+");
1524 	if (f == NULL) {
1525 		error = errno;
1526 		goto out;
1527 	}
1528 	if (lockf(fileno(f), F_LOCK, 0L) < 0) {
1529 		error = errno;
1530 		(void)  fprintf(stderr, dgettext(TEXT_DOMAIN,
1531 		    "share complete, however could not lock %s for "
1532 		    "update: %s\n"), NFSLOGTAB, strerror(error));
1533 		goto out;
1534 	}
1535 	if (logtab_deactivate(f, NULL, path, NULL) == -1) {
1536 		error = -1;
1537 		(void) fprintf(stderr,
1538 		    dgettext(TEXT_DOMAIN,
1539 		    "share complete, however could not "
1540 		    "deactivate %s in %s\n"), path, NFSLOGTAB);
1541 		goto out;
1542 	}
1543 
1544 out:	if (f != NULL)
1545 		(void) fclose(f);
1546 
1547 	return (error);
1548 }
1549 
1550 /*
1551  * check_public(group, skipshare)
1552  *
1553  * Check the group for any shares that have the public property
1554  * enabled. We skip "skipshare" since that is the one we are
1555  * working with. This is a separate function to make handling
1556  * subgroups simpler. Returns true if there is a share with public.
1557  */
1558 static int
1559 check_public(sa_group_t group, sa_share_t skipshare)
1560 {
1561 	int exists = B_FALSE;
1562 	sa_share_t share;
1563 	sa_optionset_t opt;
1564 	sa_property_t prop;
1565 	char *shared;
1566 
1567 	for (share = sa_get_share(group, NULL); share != NULL;
1568 	    share = sa_get_next_share(share)) {
1569 		if (share == skipshare)
1570 			continue;
1571 
1572 		opt = sa_get_optionset(share, "nfs");
1573 		if (opt == NULL)
1574 			continue;
1575 		prop = sa_get_property(opt, "public");
1576 		if (prop == NULL)
1577 			continue;
1578 		shared = sa_get_share_attr(share, "shared");
1579 		if (shared != NULL) {
1580 			exists = strcmp(shared, "true") == 0;
1581 			sa_free_attr_string(shared);
1582 			if (exists == B_TRUE)
1583 				break;
1584 		}
1585 	}
1586 
1587 	return (exists);
1588 }
1589 
1590 /*
1591  * public_exists(share)
1592  *
1593  * check to see if public option is set on any other share than the
1594  * one specified. Need to check zfs sub-groups as well as the top
1595  * level groups.
1596  */
1597 static int
1598 public_exists(sa_share_t skipshare)
1599 {
1600 	sa_group_t group;
1601 	sa_handle_t handle;
1602 
1603 	group = sa_get_parent_group(skipshare);
1604 	if (group == NULL)
1605 		return (SA_NO_SUCH_GROUP);
1606 
1607 	handle = sa_find_group_handle(group);
1608 	if (handle == NULL)
1609 		return (SA_SYSTEM_ERR);
1610 
1611 	for (group = sa_get_group(handle, NULL); group != NULL;
1612 	    group = sa_get_next_group(group)) {
1613 		/* Walk any ZFS subgroups as well as all standard groups */
1614 		if (sa_group_is_zfs(group)) {
1615 			sa_group_t subgroup;
1616 			for (subgroup = sa_get_sub_group(group);
1617 			    subgroup != NULL;
1618 			    subgroup = sa_get_next_group(subgroup)) {
1619 				if (check_public(subgroup, skipshare))
1620 					return (B_TRUE);
1621 			}
1622 		} else {
1623 			if (check_public(group, skipshare))
1624 				return (B_TRUE);
1625 		}
1626 	}
1627 	return (B_FALSE);
1628 }
1629 
1630 /*
1631  * sa_enable_share at the protocol level, enable_share must tell the
1632  * implementation that it is to enable the share. This entails
1633  * converting the path and options into the appropriate ioctl
1634  * calls. It is assumed that all error checking of paths, etc. were
1635  * done earlier.
1636  */
1637 static int
1638 nfs_enable_share(sa_share_t share)
1639 {
1640 	struct exportdata export;
1641 	sa_optionset_t secoptlist;
1642 	struct secinfo *sp;
1643 	int num_secinfo;
1644 	sa_optionset_t opt;
1645 	sa_security_t sec;
1646 	sa_property_t prop;
1647 	char *path;
1648 	int err = SA_OK;
1649 	int i;
1650 	int iszfs;
1651 
1652 	/* Don't drop core if the NFS module isn't loaded. */
1653 	(void) signal(SIGSYS, SIG_IGN);
1654 
1655 	/* get the path since it is important in several places */
1656 	path = sa_get_share_attr(share, "path");
1657 	if (path == NULL)
1658 		return (SA_NO_SUCH_PATH);
1659 
1660 	iszfs = sa_path_is_zfs(path);
1661 	/*
1662 	 * find the optionsets and security sets.  There may not be
1663 	 * any or there could be one or two for each of optionset and
1664 	 * security may have multiple, one per security type per
1665 	 * protocol type.
1666 	 */
1667 	opt = sa_get_derived_optionset(share, "nfs", 1);
1668 	secoptlist = (sa_optionset_t)sa_get_all_security_types(share, "nfs", 1);
1669 	if (secoptlist != NULL)
1670 		num_secinfo = MAX(1, count_security(secoptlist));
1671 	else
1672 		num_secinfo = 1;
1673 
1674 	/*
1675 	 * walk through the options and fill in the structure
1676 	 * appropriately.
1677 	 */
1678 
1679 	(void) memset(&export, '\0', sizeof (export));
1680 
1681 	/*
1682 	 * do non-security options first since there is only one after
1683 	 * the derived group is constructed.
1684 	 */
1685 	export.ex_version = EX_CURRENT_VERSION;
1686 	export.ex_anon = UID_NOBODY; /* this is our default value */
1687 	export.ex_index = NULL;
1688 	export.ex_path = path;
1689 	export.ex_pathlen = strlen(path) + 1;
1690 
1691 	if (opt != NULL)
1692 		err = fill_export_from_optionset(&export, opt);
1693 
1694 	/*
1695 	 * check to see if "public" is set. If it is, then make sure
1696 	 * no other share has it set. If it is already used, fail.
1697 	 */
1698 
1699 	if (export.ex_flags & EX_PUBLIC && public_exists(share)) {
1700 		(void) printf(dgettext(TEXT_DOMAIN,
1701 		    "NFS: Cannot share more than one file "
1702 		    "system with 'public' property\n"));
1703 		err = SA_NOT_ALLOWED;
1704 		goto out;
1705 	}
1706 
1707 	sp = calloc(num_secinfo, sizeof (struct secinfo));
1708 	if (sp == NULL) {
1709 		err = SA_NO_MEMORY;
1710 		(void) printf(dgettext(TEXT_DOMAIN,
1711 		    "NFS: NFS: no memory for security\n"));
1712 		goto out;
1713 	}
1714 	export.ex_secinfo = sp;
1715 	/* get default secinfo */
1716 	export.ex_seccnt = num_secinfo;
1717 	/*
1718 	 * since we must have one security option defined, we
1719 	 * init to the default and then override as we find
1720 	 * defined security options. This handles the case
1721 	 * where we have no defined options but we need to set
1722 	 * up one.
1723 	 */
1724 	sp[0].s_window = DEF_WIN;
1725 	sp[0].s_rootnames = NULL;
1726 	/* setup a default in case no properties defined */
1727 	if (nfs_getseconfig_default(&sp[0].s_secinfo)) {
1728 		(void) printf(dgettext(TEXT_DOMAIN,
1729 		    "NFS: nfs_getseconfig_default: failed to "
1730 		    "get default security mode\n"));
1731 		err = SA_CONFIG_ERR;
1732 	}
1733 	if (secoptlist != NULL) {
1734 		for (i = 0, prop = sa_get_property(secoptlist, NULL);
1735 		    prop != NULL && i < num_secinfo;
1736 		    prop = sa_get_next_property(prop), i++) {
1737 			char *sectype;
1738 				sectype = sa_get_property_attr(prop, "type");
1739 			/*
1740 			 * if sectype is NULL, we probably
1741 			 * have a memory problem and can't get
1742 			 * the correct values. Rather than
1743 			 * exporting with incorrect security,
1744 			 * don't share it.
1745 			 */
1746 			if (sectype == NULL) {
1747 				err = SA_NO_MEMORY;
1748 				(void) printf(dgettext(TEXT_DOMAIN,
1749 				    "NFS: Cannot share %s: "
1750 				    "no memory\n"), path);
1751 				goto out;
1752 			}
1753 			sec = (sa_security_t)sa_get_derived_security(
1754 			    share, sectype, "nfs", 1);
1755 			sp[i].s_window = DEF_WIN;
1756 			sp[i].s_rootcnt = 0;
1757 			sp[i].s_rootnames = NULL;
1758 				(void) fill_security_from_secopts(&sp[i], sec);
1759 			if (sec != NULL)
1760 				sa_free_derived_security(sec);
1761 			if (sectype != NULL)
1762 				sa_free_attr_string(sectype);
1763 		}
1764 	}
1765 	/*
1766 	 * when we get here, we can do the exportfs system call and
1767 	 * initiate thinsg. We probably want to enable the nfs.server
1768 	 * service first if it isn't running within SMF.
1769 	 */
1770 	/* check nfs.server status and start if needed */
1771 	/* now add the share to the internal tables */
1772 	printarg(path, &export);
1773 	/*
1774 	 * call the exportfs system call which is implemented
1775 	 * via the nfssys() call as the EXPORTFS subfunction.
1776 	 */
1777 	if (iszfs) {
1778 		struct exportfs_args ea;
1779 		share_t sh;
1780 		char *str;
1781 		priv_set_t *priv_effective;
1782 		int privileged;
1783 
1784 		/*
1785 		 * If we aren't a privileged user
1786 		 * and NFS server service isn't running
1787 		 * then print out an error message
1788 		 * and return EPERM
1789 		 */
1790 
1791 		priv_effective = priv_allocset();
1792 		(void) getppriv(PRIV_EFFECTIVE, priv_effective);
1793 
1794 		privileged = (priv_isfullset(priv_effective) == B_TRUE);
1795 		priv_freeset(priv_effective);
1796 
1797 		if (!privileged &&
1798 		    (str = smf_get_state(NFS_SERVER_SVC)) != NULL) {
1799 			err = 0;
1800 			if (strcmp(str, SCF_STATE_STRING_ONLINE) != 0) {
1801 				(void) printf(dgettext(TEXT_DOMAIN,
1802 				    "NFS: Cannot share remote "
1803 				    "filesystem: %s\n"), path);
1804 				(void) printf(dgettext(TEXT_DOMAIN,
1805 				    "NFS: Service needs to be enabled "
1806 				    "by a privileged user\n"));
1807 				err = SA_SYSTEM_ERR;
1808 				errno = EPERM;
1809 			}
1810 			free(str);
1811 		}
1812 
1813 		if (err == 0) {
1814 			ea.dname = path;
1815 			ea.uex = &export;
1816 
1817 			sa_sharetab_fill_zfs(share, &sh, "nfs");
1818 			err = sa_share_zfs(share, path, &sh,
1819 			    &ea, ZFS_SHARE_NFS);
1820 			sa_emptyshare(&sh);
1821 		}
1822 	} else {
1823 		err = exportfs(path, &export);
1824 	}
1825 
1826 	if (err < 0) {
1827 		err = SA_SYSTEM_ERR;
1828 		switch (errno) {
1829 		case EREMOTE:
1830 			(void) printf(dgettext(TEXT_DOMAIN,
1831 			    "NFS: Cannot share filesystems "
1832 			    "in non-global zones: %s\n"), path);
1833 			err = SA_NOT_SUPPORTED;
1834 			break;
1835 		case EPERM:
1836 			if (getzoneid() != GLOBAL_ZONEID) {
1837 				(void) printf(dgettext(TEXT_DOMAIN,
1838 				    "NFS: Cannot share file systems "
1839 				    "in non-global zones: %s\n"), path);
1840 				err = SA_NOT_SUPPORTED;
1841 				break;
1842 			}
1843 			err = SA_NO_PERMISSION;
1844 			/* FALLTHROUGH */
1845 		default:
1846 			break;
1847 		}
1848 	} else {
1849 		/* update sharetab with an add/modify */
1850 		if (!iszfs) {
1851 			(void) sa_update_sharetab(share, "nfs");
1852 		}
1853 	}
1854 
1855 	if (err == SA_OK) {
1856 		/*
1857 		 * enable services as needed. This should probably be
1858 		 * done elsewhere in order to minimize the calls to
1859 		 * check services.
1860 		 */
1861 		/*
1862 		 * check to see if logging and other services need to
1863 		 * be triggered, but only if there wasn't an
1864 		 * error. This is probably where sharetab should be
1865 		 * updated with the NFS specific entry.
1866 		 */
1867 		if (export.ex_flags & EX_LOG) {
1868 			/* enable logging */
1869 			if (nfslogtab_add(path, export.ex_log_buffer,
1870 			    export.ex_tag) != 0) {
1871 				(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1872 				    "Could not enable logging for %s\n"),
1873 				    path);
1874 			}
1875 			_check_services(service_list_logging);
1876 		} else {
1877 			/*
1878 			 * don't have logging so remove it from file. It might
1879 			 * not be thre, but that doesn't matter.
1880 			 */
1881 			(void) nfslogtab_deactivate(path);
1882 			_check_services(service_list_default);
1883 		}
1884 	}
1885 
1886 out:
1887 	if (path != NULL)
1888 		free(path);
1889 
1890 	cleanup_export(&export);
1891 	if (opt != NULL)
1892 		sa_free_derived_optionset(opt);
1893 	if (secoptlist != NULL)
1894 		(void) sa_destroy_optionset(secoptlist);
1895 	return (err);
1896 }
1897 
1898 /*
1899  * nfs_disable_share(share)
1900  *
1901  * Unshare the specified share.  How much error checking should be
1902  * done? We only do basic errors for now.
1903  */
1904 static int
1905 nfs_disable_share(sa_share_t share, char *path)
1906 {
1907 	int err;
1908 	int ret = SA_OK;
1909 	int iszfs;
1910 
1911 
1912 	if (path != NULL) {
1913 		iszfs = sa_path_is_zfs(path);
1914 
1915 		if (iszfs) {
1916 			struct exportfs_args ea;
1917 			share_t sh = { 0 };
1918 
1919 			ea.dname = path;
1920 			ea.uex = NULL;
1921 			sh.sh_path = path;
1922 			sh.sh_fstype = "nfs";
1923 
1924 			err = sa_share_zfs(share, path, &sh,
1925 			    &ea, ZFS_UNSHARE_NFS);
1926 		} else
1927 			err = exportfs(path, NULL);
1928 		if (err < 0) {
1929 			/*
1930 			 * TBD: only an error in some
1931 			 * cases - need better analysis
1932 			 */
1933 
1934 			switch (errno) {
1935 			case EPERM:
1936 			case EACCES:
1937 				ret = SA_NO_PERMISSION;
1938 				if (getzoneid() != GLOBAL_ZONEID) {
1939 					ret = SA_NOT_SUPPORTED;
1940 				}
1941 				break;
1942 			case EINVAL:
1943 			case ENOENT:
1944 				ret = SA_NO_SUCH_PATH;
1945 			break;
1946 			default:
1947 				ret = SA_SYSTEM_ERR;
1948 			break;
1949 			}
1950 		}
1951 		if (ret == SA_OK || ret == SA_NO_SUCH_PATH) {
1952 			if (!iszfs)
1953 				(void) sa_delete_sharetab(path, "nfs");
1954 			/* just in case it was logged */
1955 			(void) nfslogtab_deactivate(path);
1956 		}
1957 	}
1958 	return (ret);
1959 }
1960 
1961 /*
1962  * check ro vs rw values.  Over time this may get beefed up.
1963  * for now it just does simple checks.
1964  */
1965 
1966 static int
1967 check_rorw(char *v1, char *v2)
1968 {
1969 	int ret = SA_OK;
1970 	if (strcmp(v1, v2) == 0)
1971 		ret = SA_VALUE_CONFLICT;
1972 	return (ret);
1973 }
1974 
1975 /*
1976  * nfs_validate_property(property, parent)
1977  *
1978  * Check that the property has a legitimate value for its type.
1979  */
1980 
1981 static int
1982 nfs_validate_property(sa_property_t property, sa_optionset_t parent)
1983 {
1984 	int ret = SA_OK;
1985 	char *propname;
1986 	char *other;
1987 	int optindex;
1988 	nfsl_config_t *configlist;
1989 	sa_group_t parent_group;
1990 	char *value;
1991 
1992 	propname = sa_get_property_attr(property, "type");
1993 
1994 	if ((optindex = findopt(propname)) < 0)
1995 		ret = SA_NO_SUCH_PROP;
1996 
1997 	/* need to validate value range here as well */
1998 
1999 	if (ret == SA_OK) {
2000 		parent_group = sa_get_parent_group((sa_share_t)parent);
2001 		if (optdefs[optindex].share && !sa_is_share(parent_group))
2002 			ret = SA_PROP_SHARE_ONLY;
2003 	}
2004 	if (ret == SA_OK) {
2005 		value = sa_get_property_attr(property, "value");
2006 		if (value != NULL) {
2007 			/* first basic type checking */
2008 			switch (optdefs[optindex].type) {
2009 			case OPT_TYPE_NUMBER:
2010 				/* check that the value is all digits */
2011 				if (!is_a_number(value))
2012 					ret = SA_BAD_VALUE;
2013 				break;
2014 			case OPT_TYPE_BOOLEAN:
2015 				if (strlen(value) == 0 ||
2016 				    strcasecmp(value, "true") == 0 ||
2017 				    strcmp(value, "1") == 0 ||
2018 				    strcasecmp(value, "false") == 0 ||
2019 				    strcmp(value, "0") == 0) {
2020 					ret = SA_OK;
2021 				} else {
2022 					ret = SA_BAD_VALUE;
2023 				}
2024 				break;
2025 			case OPT_TYPE_USER:
2026 				if (!is_a_number(value)) {
2027 					struct passwd *pw;
2028 					/*
2029 					 * in this case it would have to be a
2030 					 * user name
2031 					 */
2032 					pw = getpwnam(value);
2033 					if (pw == NULL)
2034 						ret = SA_BAD_VALUE;
2035 					endpwent();
2036 				} else {
2037 					uint64_t intval;
2038 					intval = strtoull(value, NULL, 0);
2039 					if (intval > UID_MAX && intval != ~0)
2040 						ret = SA_BAD_VALUE;
2041 				}
2042 				break;
2043 			case OPT_TYPE_FILE:
2044 				if (strcmp(value, "..") == 0 ||
2045 				    strchr(value, '/') != NULL) {
2046 					ret = SA_BAD_VALUE;
2047 				}
2048 				break;
2049 			case OPT_TYPE_ACCLIST:
2050 				/*
2051 				 * access list handling. Should eventually
2052 				 * validate that all the values make sense.
2053 				 * Also, ro and rw may have cross value
2054 				 * conflicts.
2055 				 */
2056 				if (strcmp(propname, SHOPT_RO) == 0)
2057 					other = SHOPT_RW;
2058 				else if (strcmp(propname, SHOPT_RW) == 0)
2059 					other = SHOPT_RO;
2060 				else
2061 					other = NULL;
2062 
2063 				if (other != NULL && parent != NULL) {
2064 					/* compare rw(ro) with ro(rw) */
2065 					sa_property_t oprop;
2066 					oprop = sa_get_property(parent, other);
2067 					if (oprop != NULL) {
2068 						/*
2069 						 * only potential
2070 						 * confusion if other
2071 						 * exists
2072 						 */
2073 						char *ovalue;
2074 						ovalue = sa_get_property_attr(
2075 						    oprop, "value");
2076 						if (ovalue != NULL) {
2077 							ret = check_rorw(value,
2078 							    ovalue);
2079 							sa_free_attr_string(
2080 							    ovalue);
2081 						}
2082 					}
2083 				}
2084 				break;
2085 			case OPT_TYPE_LOGTAG:
2086 				if (nfsl_getconfig_list(&configlist) == 0) {
2087 					int error;
2088 					if (value == NULL ||
2089 					    strlen(value) == 0) {
2090 						if (value != NULL)
2091 							sa_free_attr_string(
2092 							    value);
2093 						value = strdup("global");
2094 					}
2095 					if (value != NULL &&
2096 					    nfsl_findconfig(configlist, value,
2097 					    &error) == NULL) {
2098 						ret = SA_BAD_VALUE;
2099 					}
2100 					/* Must always free when done */
2101 					nfsl_freeconfig_list(&configlist);
2102 				} else {
2103 					ret = SA_CONFIG_ERR;
2104 				}
2105 				break;
2106 			case OPT_TYPE_STRING:
2107 				/* whatever is here should be ok */
2108 				break;
2109 			case OPT_TYPE_SECURITY:
2110 				/*
2111 				 * The "sec" property isn't used in the
2112 				 * non-legacy parts of sharemgr. We need to
2113 				 * reject it here. For legacy, it is pulled
2114 				 * out well before we get here.
2115 				 */
2116 				ret = SA_NO_SUCH_PROP;
2117 				break;
2118 			default:
2119 				break;
2120 			}
2121 
2122 			if (value != NULL)
2123 				sa_free_attr_string(value);
2124 
2125 			if (ret == SA_OK && optdefs[optindex].check != NULL) {
2126 				/* do the property specific check */
2127 				ret = optdefs[optindex].check(property);
2128 			}
2129 		}
2130 	}
2131 
2132 	if (propname != NULL)
2133 		sa_free_attr_string(propname);
2134 	return (ret);
2135 }
2136 
2137 /*
2138  * Protocol management functions
2139  *
2140  * Properties defined in the default files are defined in
2141  * proto_option_defs for parsing and validation. If "other" and
2142  * "compare" are set, then the value for this property should be
2143  * compared against the property specified in "other" using the
2144  * "compare" check (either <= or >=) in order to ensure that the
2145  * values are in the correct range.  E.g. setting server_versmin
2146  * higher than server_versmax should not be allowed.
2147  */
2148 
2149 struct proto_option_defs {
2150 	char *tag;
2151 	char *name;	/* display name -- remove protocol identifier */
2152 	int index;
2153 	int type;
2154 	union {
2155 	    int intval;
2156 	    char *string;
2157 	} defvalue;
2158 	uint32_t svcs;
2159 	int32_t minval;
2160 	int32_t maxval;
2161 	char *file;
2162 	char *other;
2163 	int compare;
2164 #define	OPT_CMP_GE	0
2165 #define	OPT_CMP_LE	1
2166 	int (*check)(char *);
2167 } proto_options[] = {
2168 #define	PROTO_OPT_NFSD_SERVERS			0
2169 	{"nfsd_servers",
2170 	    "servers", PROTO_OPT_NFSD_SERVERS, OPT_TYPE_NUMBER, 16, SVC_NFSD,
2171 	    1, INT32_MAX, NFSADMIN},
2172 #define	PROTO_OPT_LOCKD_LISTEN_BACKLOG		1
2173 	{"lockd_listen_backlog",
2174 	    "lockd_listen_backlog", PROTO_OPT_LOCKD_LISTEN_BACKLOG,
2175 	    OPT_TYPE_NUMBER, 32, SVC_LOCKD, 32, INT32_MAX, NFSADMIN},
2176 #define	PROTO_OPT_LOCKD_SERVERS			2
2177 	{"lockd_servers",
2178 	    "lockd_servers", PROTO_OPT_LOCKD_SERVERS, OPT_TYPE_NUMBER, 20,
2179 	    SVC_LOCKD, 1, INT32_MAX, NFSADMIN},
2180 #define	PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT	3
2181 	{"lockd_retransmit_timeout",
2182 	    "lockd_retransmit_timeout", PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT,
2183 	    OPT_TYPE_NUMBER, 5, SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2184 #define	PROTO_OPT_GRACE_PERIOD			4
2185 	{"grace_period",
2186 	    "grace_period", PROTO_OPT_GRACE_PERIOD, OPT_TYPE_NUMBER, 90,
2187 	    SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2188 #define	PROTO_OPT_NFS_SERVER_VERSMIN		5
2189 	{"nfs_server_versmin",
2190 	    "server_versmin", PROTO_OPT_NFS_SERVER_VERSMIN, OPT_TYPE_NUMBER,
2191 	    (int)NFS_VERSMIN_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN,
2192 	    NFS_VERSMAX, NFSADMIN, "server_versmax", OPT_CMP_LE},
2193 #define	PROTO_OPT_NFS_SERVER_VERSMAX		6
2194 	{"nfs_server_versmax",
2195 	    "server_versmax", PROTO_OPT_NFS_SERVER_VERSMAX, OPT_TYPE_NUMBER,
2196 	    (int)NFS_VERSMAX_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN,
2197 	    NFS_VERSMAX, NFSADMIN, "server_versmin", OPT_CMP_GE},
2198 #define	PROTO_OPT_NFS_CLIENT_VERSMIN		7
2199 	{"nfs_client_versmin",
2200 	    "client_versmin", PROTO_OPT_NFS_CLIENT_VERSMIN, OPT_TYPE_NUMBER,
2201 	    (int)NFS_VERSMIN_DEFAULT, NULL, NFS_VERSMIN, NFS_VERSMAX,
2202 	    NFSADMIN, "client_versmax", OPT_CMP_LE},
2203 #define	PROTO_OPT_NFS_CLIENT_VERSMAX		8
2204 	{"nfs_client_versmax",
2205 	    "client_versmax", PROTO_OPT_NFS_CLIENT_VERSMAX, OPT_TYPE_NUMBER,
2206 	    (int)NFS_VERSMAX_DEFAULT, NULL, NFS_VERSMIN, NFS_VERSMAX,
2207 	    NFSADMIN, "client_versmin", OPT_CMP_GE},
2208 #define	PROTO_OPT_NFS_SERVER_DELEGATION		9
2209 	{"nfs_server_delegation",
2210 	    "server_delegation", PROTO_OPT_NFS_SERVER_DELEGATION,
2211 	    OPT_TYPE_ONOFF, NFS_SERVER_DELEGATION_DEFAULT, SVC_NFSD, 0, 0,
2212 	    NFSADMIN},
2213 #define	PROTO_OPT_NFSMAPID_DOMAIN		10
2214 	{"nfsmapid_domain",
2215 	    "nfsmapid_domain", PROTO_OPT_NFSMAPID_DOMAIN, OPT_TYPE_DOMAIN,
2216 	    NULL, SVC_NFSMAPID, 0, 0, NFSADMIN},
2217 #define	PROTO_OPT_NFSD_MAX_CONNECTIONS		11
2218 	{"nfsd_max_connections",
2219 	    "max_connections", PROTO_OPT_NFSD_MAX_CONNECTIONS,
2220 	    OPT_TYPE_NUMBER, -1, SVC_NFSD, -1, INT32_MAX, NFSADMIN},
2221 #define	PROTO_OPT_NFSD_PROTOCOL			12
2222 	{"nfsd_protocol",
2223 	    "protocol", PROTO_OPT_NFSD_PROTOCOL, OPT_TYPE_PROTOCOL, 0,
2224 	    SVC_NFSD, 0, 0, NFSADMIN},
2225 #define	PROTO_OPT_NFSD_LISTEN_BACKLOG		13
2226 	{"nfsd_listen_backlog",
2227 	    "listen_backlog", PROTO_OPT_NFSD_LISTEN_BACKLOG,
2228 	    OPT_TYPE_NUMBER, 0,
2229 	    SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2230 	{NULL}
2231 };
2232 
2233 /*
2234  * the protoset holds the defined options so we don't have to read
2235  * them multiple times
2236  */
2237 static sa_protocol_properties_t protoset;
2238 
2239 static int
2240 findprotoopt(char *name, int whichname)
2241 {
2242 	int i;
2243 	for (i = 0; proto_options[i].tag != NULL; i++) {
2244 		if (whichname == 1) {
2245 			if (strcasecmp(proto_options[i].name, name) == 0)
2246 			return (i);
2247 		} else {
2248 			if (strcasecmp(proto_options[i].tag, name) == 0)
2249 				return (i);
2250 		}
2251 	}
2252 	return (-1);
2253 }
2254 
2255 /*
2256  * fixcaselower(str)
2257  *
2258  * convert a string to lower case (inplace).
2259  */
2260 
2261 static void
2262 fixcaselower(char *str)
2263 {
2264 	while (*str) {
2265 		*str = tolower(*str);
2266 		str++;
2267 	}
2268 }
2269 
2270 /*
2271  * fixcaseupper(str)
2272  *
2273  * convert a string to upper case (inplace).
2274  */
2275 
2276 static void
2277 fixcaseupper(char *str)
2278 {
2279 	while (*str) {
2280 		*str = toupper(*str);
2281 		str++;
2282 	}
2283 }
2284 
2285 /*
2286  * skipwhitespace(str)
2287  *
2288  * Skip leading white space. It is assumed that it is called with a
2289  * valid pointer.
2290  */
2291 
2292 static char *
2293 skipwhitespace(char *str)
2294 {
2295 	while (*str && isspace(*str))
2296 		str++;
2297 
2298 	return (str);
2299 }
2300 
2301 /*
2302  * extractprop()
2303  *
2304  * Extract the property and value out of the line and create the
2305  * property in the optionset.
2306  */
2307 static void
2308 extractprop(char *name, char *value)
2309 {
2310 	sa_property_t prop;
2311 	int index;
2312 	/*
2313 	 * Remove any leading
2314 	 * white space.
2315 	 */
2316 	name = skipwhitespace(name);
2317 
2318 	index = findprotoopt(name, 0);
2319 	if (index >= 0) {
2320 		fixcaselower(name);
2321 		prop = sa_create_property(proto_options[index].name, value);
2322 		if (prop != NULL)
2323 			(void) sa_add_protocol_property(protoset, prop);
2324 	}
2325 }
2326 
2327 /*
2328  * initprotofromdefault()
2329  *
2330  * read the default file(s) and add the defined values to the
2331  * protoset.  Note that default values are known from the built in
2332  * table in case the file doesn't have a definition.
2333  */
2334 
2335 static int
2336 initprotofromdefault()
2337 {
2338 	FILE *nfs;
2339 	char buff[BUFSIZ];
2340 	char *name;
2341 	char *value;
2342 
2343 	protoset = sa_create_protocol_properties("nfs");
2344 
2345 	if (protoset != NULL) {
2346 		nfs = fopen(NFSADMIN, "r");
2347 		if (nfs != NULL) {
2348 			while (fgets(buff, sizeof (buff), nfs) != NULL) {
2349 				switch (buff[0]) {
2350 				case '\n':
2351 				case '#':
2352 					/* skip */
2353 					break;
2354 				default:
2355 					name = buff;
2356 					buff[strlen(buff) - 1] = '\0';
2357 					value = strchr(name, '=');
2358 					if (value != NULL) {
2359 						*value++ = '\0';
2360 						extractprop(name, value);
2361 					}
2362 				}
2363 			}
2364 			if (nfs != NULL)
2365 				(void) fclose(nfs);
2366 		}
2367 	}
2368 	if (protoset == NULL)
2369 		return (SA_NO_MEMORY);
2370 	return (SA_OK);
2371 }
2372 
2373 /*
2374  * add_defaults()
2375  *
2376  * Add the default values for any property not defined in the parsing
2377  * of the default files. Values are set according to their defined
2378  * types.
2379  */
2380 
2381 static void
2382 add_defaults()
2383 {
2384 	int i;
2385 	char number[MAXDIGITS];
2386 
2387 	for (i = 0; proto_options[i].tag != NULL; i++) {
2388 		sa_property_t prop;
2389 		prop = sa_get_protocol_property(protoset,
2390 		    proto_options[i].name);
2391 		if (prop == NULL) {
2392 			/* add the default value */
2393 			switch (proto_options[i].type) {
2394 			case OPT_TYPE_NUMBER:
2395 				(void) snprintf(number, sizeof (number), "%d",
2396 				    proto_options[i].defvalue.intval);
2397 				prop = sa_create_property(proto_options[i].name,
2398 				    number);
2399 				break;
2400 
2401 			case OPT_TYPE_BOOLEAN:
2402 				prop = sa_create_property(proto_options[i].name,
2403 				    proto_options[i].defvalue.intval ?
2404 				    "true" : "false");
2405 				break;
2406 
2407 			case OPT_TYPE_ONOFF:
2408 				prop = sa_create_property(proto_options[i].name,
2409 				    proto_options[i].defvalue.intval ?
2410 				    "on" : "off");
2411 				break;
2412 
2413 			default:
2414 				/* treat as strings of zero length */
2415 				prop = sa_create_property(proto_options[i].name,
2416 				    "");
2417 				break;
2418 			}
2419 			if (prop != NULL)
2420 				(void) sa_add_protocol_property(protoset, prop);
2421 		}
2422 	}
2423 }
2424 
2425 static void
2426 free_protoprops()
2427 {
2428 	if (protoset != NULL) {
2429 		xmlFreeNode(protoset);
2430 		protoset = NULL;
2431 	}
2432 }
2433 
2434 /*
2435  * nfs_init()
2436  *
2437  * Initialize the NFS plugin.
2438  */
2439 
2440 static int
2441 nfs_init()
2442 {
2443 	int ret = SA_OK;
2444 
2445 	if (sa_plugin_ops.sa_init != nfs_init)
2446 		(void) printf(dgettext(TEXT_DOMAIN,
2447 		    "NFS plugin not properly initialized\n"));
2448 
2449 	ret = initprotofromdefault();
2450 	if (ret == SA_OK)
2451 		add_defaults();
2452 
2453 	return (ret);
2454 }
2455 
2456 /*
2457  * nfs_fini()
2458  *
2459  * uninitialize the NFS plugin. Want to avoid memory leaks.
2460  */
2461 
2462 static void
2463 nfs_fini()
2464 {
2465 	free_protoprops();
2466 }
2467 
2468 /*
2469  * nfs_get_proto_set()
2470  *
2471  * Return an optionset with all the protocol specific properties in
2472  * it.
2473  */
2474 
2475 static sa_protocol_properties_t
2476 nfs_get_proto_set()
2477 {
2478 	return (protoset);
2479 }
2480 
2481 struct deffile {
2482 	struct deffile *next;
2483 	char *line;
2484 };
2485 
2486 /*
2487  * read_default_file(fname)
2488  *
2489  * Read the specified default file. We return a list of entries. This
2490  * get used for adding or removing values.
2491  */
2492 
2493 static struct deffile *
2494 read_default_file(char *fname)
2495 {
2496 	FILE *file;
2497 	struct deffile *defs = NULL;
2498 	struct deffile *newdef;
2499 	struct deffile *prevdef = NULL;
2500 	char buff[BUFSIZ * 2];
2501 
2502 	file = fopen(fname, "r");
2503 	if (file != NULL) {
2504 		while (fgets(buff, sizeof (buff), file) != NULL) {
2505 			newdef = (struct deffile *)calloc(1,
2506 			    sizeof (struct deffile));
2507 			if (newdef != NULL) {
2508 				/* Make sure we skip any leading whitespace. */
2509 				newdef->line = strdup(skipwhitespace(buff));
2510 				if (defs == NULL) {
2511 					prevdef = defs = newdef;
2512 				} else {
2513 					prevdef->next = newdef;
2514 					prevdef = newdef;
2515 				}
2516 			}
2517 		}
2518 	}
2519 	(void) fclose(file);
2520 	return (defs);
2521 }
2522 
2523 static void
2524 free_default_file(struct deffile *defs)
2525 {
2526 	struct deffile *curdefs = NULL;
2527 
2528 	while (defs != NULL) {
2529 		curdefs = defs;
2530 		defs = defs->next;
2531 		if (curdefs->line != NULL)
2532 			free(curdefs->line);
2533 		free(curdefs);
2534 	}
2535 }
2536 
2537 /*
2538  * write_default_file(fname, defs)
2539  *
2540  * Write the default file back.
2541  */
2542 
2543 static int
2544 write_default_file(char *fname, struct deffile *defs)
2545 {
2546 	FILE *file;
2547 	int ret = SA_OK;
2548 	sigset_t old, new;
2549 
2550 	file = fopen(fname, "w+");
2551 	if (file != NULL) {
2552 		(void) sigprocmask(SIG_BLOCK, NULL, &new);
2553 		(void) sigaddset(&new, SIGHUP);
2554 		(void) sigaddset(&new, SIGINT);
2555 		(void) sigaddset(&new, SIGQUIT);
2556 		(void) sigaddset(&new, SIGTSTP);
2557 		(void) sigprocmask(SIG_SETMASK, &new, &old);
2558 		while (defs != NULL) {
2559 			(void) fputs(defs->line, file);
2560 			defs = defs->next;
2561 		}
2562 		(void) fsync(fileno(file));
2563 		(void) sigprocmask(SIG_SETMASK, &old, NULL);
2564 		(void) fclose(file);
2565 	} else {
2566 		switch (errno) {
2567 		case EPERM:
2568 		case EACCES:
2569 			ret = SA_NO_PERMISSION;
2570 			break;
2571 		default:
2572 			ret = SA_SYSTEM_ERR;
2573 		}
2574 	}
2575 	return (ret);
2576 }
2577 
2578 
2579 /*
2580  * set_default_file_value(tag, value)
2581  *
2582  * Set the default file value for tag to value. Then rewrite the file.
2583  * tag and value are always set.  The caller must ensure this.
2584  */
2585 
2586 #define	MAX_STRING_LENGTH	256
2587 static int
2588 set_default_file_value(char *tag, char *value)
2589 {
2590 	int ret = SA_OK;
2591 	struct deffile *root;
2592 	struct deffile *defs;
2593 	struct deffile *prev;
2594 	char string[MAX_STRING_LENGTH];
2595 	int len;
2596 	int update = 0;
2597 
2598 	(void) snprintf(string, MAX_STRING_LENGTH, "%s=", tag);
2599 	len = strlen(string);
2600 
2601 	root = defs = read_default_file(NFSADMIN);
2602 	if (root == NULL) {
2603 		if (errno == EPERM || errno == EACCES)
2604 			ret = SA_NO_PERMISSION;
2605 		else
2606 			ret = SA_SYSTEM_ERR;
2607 	} else {
2608 		while (defs != NULL) {
2609 			if (defs->line != NULL &&
2610 			    strncasecmp(defs->line, string, len) == 0) {
2611 				/* replace with the new value */
2612 				free(defs->line);
2613 				fixcaseupper(tag);
2614 				(void) snprintf(string, sizeof (string),
2615 				    "%s=%s\n", tag, value);
2616 				string[MAX_STRING_LENGTH - 1] = '\0';
2617 				defs->line = strdup(string);
2618 				update = 1;
2619 				break;
2620 			}
2621 			defs = defs->next;
2622 		}
2623 		if (!update) {
2624 			defs = root;
2625 			/* didn't find, so see if it is a comment */
2626 			(void) snprintf(string, MAX_STRING_LENGTH, "#%s=", tag);
2627 			len = strlen(string);
2628 			while (defs != NULL) {
2629 				if (strncasecmp(defs->line, string, len) == 0) {
2630 					/* replace with the new value */
2631 					free(defs->line);
2632 					fixcaseupper(tag);
2633 					(void) snprintf(string, sizeof (string),
2634 					    "%s=%s\n", tag, value);
2635 					string[MAX_STRING_LENGTH - 1] = '\0';
2636 					defs->line = strdup(string);
2637 					update = 1;
2638 					break;
2639 				}
2640 				defs = defs->next;
2641 			}
2642 		}
2643 		if (!update) {
2644 			fixcaseupper(tag);
2645 			(void) snprintf(string, sizeof (string), "%s=%s\n",
2646 			    tag, value);
2647 			prev = root;
2648 			while (prev->next != NULL)
2649 				prev = prev->next;
2650 			defs = malloc(sizeof (struct deffile));
2651 			prev->next = defs;
2652 			if (defs != NULL) {
2653 				defs->next = NULL;
2654 				defs->line = strdup(string);
2655 			}
2656 		}
2657 		if (update) {
2658 			ret = write_default_file(NFSADMIN, root);
2659 		}
2660 		free_default_file(root);
2661 	}
2662 	return (ret);
2663 }
2664 
2665 /*
2666  * service_in_state(service, chkstate)
2667  *
2668  * Want to know if the specified service is in the desired state
2669  * (chkstate) or not. Return true (1) if it is and false (0) if it
2670  * isn't.
2671  */
2672 static int
2673 service_in_state(char *service, const char *chkstate)
2674 {
2675 	char *state;
2676 	int ret = B_FALSE;
2677 
2678 	state = smf_get_state(service);
2679 	if (state != NULL) {
2680 		/* got the state so get the equality for the return value */
2681 		ret = strcmp(state, chkstate) == 0 ? B_TRUE : B_FALSE;
2682 		free(state);
2683 	}
2684 	return (ret);
2685 }
2686 
2687 /*
2688  * restart_service(svcs)
2689  *
2690  * Walk through the bit mask of services that need to be restarted in
2691  * order to use the new property values. Some properties affect
2692  * multiple daemons. Should only restart a service if it is currently
2693  * enabled (online).
2694  */
2695 
2696 static void
2697 restart_service(uint32_t svcs)
2698 {
2699 	uint32_t mask;
2700 	int ret;
2701 	char *service;
2702 
2703 	for (mask = 1; svcs != 0; mask <<= 1) {
2704 		switch (svcs & mask) {
2705 		case SVC_LOCKD:
2706 			service = LOCKD;
2707 			break;
2708 		case SVC_STATD:
2709 			service = STATD;
2710 			break;
2711 		case SVC_NFSD:
2712 			service = NFSD;
2713 			break;
2714 		case SVC_MOUNTD:
2715 			service = MOUNTD;
2716 			break;
2717 		case SVC_NFS4CBD:
2718 			service = NFS4CBD;
2719 			break;
2720 		case SVC_NFSMAPID:
2721 			service = NFSMAPID;
2722 			break;
2723 		case SVC_RQUOTAD:
2724 			service = RQUOTAD;
2725 			break;
2726 		case SVC_NFSLOGD:
2727 			service = NFSLOGD;
2728 			break;
2729 		default:
2730 			continue;
2731 		}
2732 
2733 		/*
2734 		 * Only attempt to restart the service if it is
2735 		 * currently running. In the future, it may be
2736 		 * desirable to use smf_refresh_instance if the NFS
2737 		 * services ever implement the refresh method.
2738 		 */
2739 		if (service_in_state(service, SCF_STATE_STRING_ONLINE)) {
2740 			ret = smf_restart_instance(service);
2741 			/*
2742 			 * There are only a few SMF errors at this point, but
2743 			 * it is also possible that a bad value may have put
2744 			 * the service into maintenance if there wasn't an
2745 			 * SMF level error.
2746 			 */
2747 			if (ret != 0) {
2748 				(void) fprintf(stderr,
2749 				    dgettext(TEXT_DOMAIN,
2750 				    "%s failed to restart: %s\n"),
2751 				    scf_strerror(scf_error()));
2752 			} else {
2753 				/*
2754 				 * Check whether it has gone to "maintenance"
2755 				 * mode or not. Maintenance implies something
2756 				 * went wrong.
2757 				 */
2758 				if (service_in_state(service,
2759 				    SCF_STATE_STRING_MAINT)) {
2760 					(void) fprintf(stderr,
2761 					    dgettext(TEXT_DOMAIN,
2762 					    "%s failed to restart\n"),
2763 					    service);
2764 				}
2765 			}
2766 		}
2767 		svcs &= ~mask;
2768 	}
2769 }
2770 
2771 /*
2772  * nfs_minmax_check(name, value)
2773  *
2774  * Verify that the value for the property specified by index is valid
2775  * relative to the opposite value in the case of a min/max variable.
2776  * Currently, server_minvers/server_maxvers and
2777  * client_minvers/client_maxvers are the only ones to check.
2778  */
2779 
2780 static int
2781 nfs_minmax_check(int index, int value)
2782 {
2783 	int val;
2784 	char *pval;
2785 	sa_property_t prop;
2786 	sa_optionset_t opts;
2787 	int ret = B_TRUE;
2788 
2789 	if (proto_options[index].other != NULL) {
2790 		/* have a property to compare against */
2791 		opts = nfs_get_proto_set();
2792 		prop = sa_get_property(opts, proto_options[index].other);
2793 		/*
2794 		 * If we don't find the property, assume default
2795 		 * values which will work since the max will be at the
2796 		 * max and the min at the min.
2797 		 */
2798 		if (prop != NULL) {
2799 			pval = sa_get_property_attr(prop, "value");
2800 			if (pval != NULL) {
2801 				val = strtoul(pval, NULL, 0);
2802 				if (proto_options[index].compare ==
2803 				    OPT_CMP_LE) {
2804 					ret = value <= val ? B_TRUE : B_FALSE;
2805 				} else if (proto_options[index].compare ==
2806 				    OPT_CMP_GE) {
2807 					ret = value >= val ? B_TRUE : B_FALSE;
2808 				}
2809 			}
2810 		}
2811 	}
2812 	return (ret);
2813 }
2814 
2815 /*
2816  * nfs_validate_proto_prop(index, name, value)
2817  *
2818  * Verify that the property specified by name can take the new
2819  * value. This is a sanity check to prevent bad values getting into
2820  * the default files. All values need to be checked against what is
2821  * allowed by their defined type. If a type isn't explicitly defined
2822  * here, it is treated as a string.
2823  *
2824  * Note that OPT_TYPE_NUMBER will additionally check that the value is
2825  * within the range specified and potentially against another property
2826  * value as well as specified in the proto_options members other and
2827  * compare.
2828  */
2829 
2830 static int
2831 nfs_validate_proto_prop(int index, char *name, char *value)
2832 {
2833 	int ret = SA_OK;
2834 	char *cp;
2835 #ifdef lint
2836 	name = name;
2837 #endif
2838 
2839 	switch (proto_options[index].type) {
2840 	case OPT_TYPE_NUMBER:
2841 		if (!is_a_number(value))
2842 			ret = SA_BAD_VALUE;
2843 		else {
2844 			int val;
2845 			val = strtoul(value, NULL, 0);
2846 			if (val < proto_options[index].minval ||
2847 			    val > proto_options[index].maxval)
2848 				ret = SA_BAD_VALUE;
2849 			/*
2850 			 * For server_versmin/server_versmax and
2851 			 * client_versmin/client_versmax, the value of the
2852 			 * min(max) should be checked to be correct relative
2853 			 * to the current max(min).
2854 			 */
2855 			if (!nfs_minmax_check(index, val)) {
2856 				ret = SA_BAD_VALUE;
2857 			}
2858 		}
2859 		break;
2860 
2861 	case OPT_TYPE_DOMAIN:
2862 		/*
2863 		 * needs to be a qualified domain so will have at
2864 		 * least one period and other characters on either
2865 		 * side of it.  A zero length string is also allowed
2866 		 * and is the way to turn off the override.
2867 		 */
2868 		if (strlen(value) == 0)
2869 			break;
2870 		cp = strchr(value, '.');
2871 		if (cp == NULL || cp == value || strchr(value, '@') != NULL)
2872 			ret = SA_BAD_VALUE;
2873 		break;
2874 
2875 	case OPT_TYPE_BOOLEAN:
2876 		if (strlen(value) == 0 ||
2877 		    strcasecmp(value, "true") == 0 ||
2878 		    strcmp(value, "1") == 0 ||
2879 		    strcasecmp(value, "false") == 0 ||
2880 		    strcmp(value, "0") == 0) {
2881 			ret = SA_OK;
2882 		} else {
2883 			ret = SA_BAD_VALUE;
2884 		}
2885 		break;
2886 
2887 	case OPT_TYPE_ONOFF:
2888 		if (strcasecmp(value, "on") != 0 &&
2889 		    strcasecmp(value, "off") != 0) {
2890 			ret = SA_BAD_VALUE;
2891 		}
2892 		break;
2893 
2894 	case OPT_TYPE_PROTOCOL:
2895 		if (strcasecmp(value, "all") != 0 &&
2896 		    strcasecmp(value, "tcp") != 0 &&
2897 		    strcasecmp(value, "udp") != 0)
2898 			ret = SA_BAD_VALUE;
2899 		break;
2900 
2901 	default:
2902 		/* treat as a string */
2903 		break;
2904 	}
2905 	return (ret);
2906 }
2907 
2908 /*
2909  * nfs_set_proto_prop(prop)
2910  *
2911  * check that prop is valid.
2912  */
2913 
2914 static int
2915 nfs_set_proto_prop(sa_property_t prop)
2916 {
2917 	int ret = SA_OK;
2918 	char *name;
2919 	char *value;
2920 
2921 	name = sa_get_property_attr(prop, "type");
2922 	value = sa_get_property_attr(prop, "value");
2923 	if (name != NULL && value != NULL) {
2924 		int index = findprotoopt(name, 1);
2925 		if (index >= 0) {
2926 			/* should test for valid value */
2927 			ret = nfs_validate_proto_prop(index, name, value);
2928 			if (ret == SA_OK)
2929 				ret = set_default_file_value(
2930 				    proto_options[index].tag, value);
2931 			if (ret == SA_OK)
2932 				restart_service(proto_options[index].svcs);
2933 		}
2934 	}
2935 	if (name != NULL)
2936 		sa_free_attr_string(name);
2937 	if (value != NULL)
2938 		sa_free_attr_string(value);
2939 	return (ret);
2940 }
2941 
2942 /*
2943  * nfs_get_status()
2944  *
2945  * What is the current status of the nfsd? We use the SMF state here.
2946  * Caller must free the returned value.
2947  */
2948 
2949 static char *
2950 nfs_get_status()
2951 {
2952 	char *state;
2953 	state = smf_get_state(NFSD);
2954 	return (state != NULL ? state : strdup("-"));
2955 }
2956 
2957 /*
2958  * nfs_space_alias(alias)
2959  *
2960  * Lookup the space (security) name. If it is default, convert to the
2961  * real name.
2962  */
2963 
2964 static char *
2965 nfs_space_alias(char *space)
2966 {
2967 	char *name = space;
2968 	seconfig_t secconf;
2969 
2970 	/*
2971 	 * Only the space named "default" is special. If it is used,
2972 	 * the default needs to be looked up and the real name used.
2973 	 * This is normally "sys" but could be changed.  We always
2974 	 * change defautl to the real name.
2975 	 */
2976 	if (strcmp(space, "default") == 0 &&
2977 	    nfs_getseconfig_default(&secconf) == 0) {
2978 		if (nfs_getseconfig_bynumber(secconf.sc_nfsnum, &secconf) == 0)
2979 			name = secconf.sc_name;
2980 	}
2981 	return (strdup(name));
2982 }
2983 
2984 /*
2985  * nfs_features()
2986  *
2987  * Return a mask of the features required.
2988  */
2989 
2990 static uint64_t
2991 nfs_features()
2992 {
2993 	return ((uint64_t)SA_FEATURE_DFSTAB);
2994 }
2995