1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* helper functions for using libscf with sharemgr */ 28 29 #include <libscf.h> 30 #include <libxml/parser.h> 31 #include <libxml/tree.h> 32 #include "libshare.h" 33 #include "libshare_impl.h" 34 #include "scfutil.h" 35 #include <string.h> 36 #include <ctype.h> 37 #include <errno.h> 38 #include <uuid/uuid.h> 39 #include <sys/param.h> 40 #include <signal.h> 41 #include <sys/time.h> 42 #include <libintl.h> 43 44 ssize_t scf_max_name_len; 45 extern struct sa_proto_plugin *sap_proto_list; 46 extern sa_handle_impl_t get_handle_for_root(xmlNodePtr); 47 static void set_transaction_tstamp(sa_handle_impl_t); 48 /* 49 * The SMF facility uses some properties that must exist. We want to 50 * skip over these when processing protocol options. 51 */ 52 static char *skip_props[] = { 53 "modify_authorization", 54 "action_authorization", 55 "value_authorization", 56 NULL 57 }; 58 59 /* 60 * sa_scf_fini(handle) 61 * 62 * Must be called when done. Called with the handle allocated in 63 * sa_scf_init(), it cleans up the state and frees any SCF resources 64 * still in use. Called by sa_fini(). 65 */ 66 67 void 68 sa_scf_fini(scfutilhandle_t *handle) 69 { 70 if (handle != NULL) { 71 int unbind = 0; 72 if (handle->scope != NULL) { 73 unbind = 1; 74 scf_scope_destroy(handle->scope); 75 } 76 if (handle->instance != NULL) 77 scf_instance_destroy(handle->instance); 78 if (handle->service != NULL) 79 scf_service_destroy(handle->service); 80 if (handle->pg != NULL) 81 scf_pg_destroy(handle->pg); 82 if (handle->handle != NULL) { 83 handle->scf_state = SCH_STATE_UNINIT; 84 if (unbind) 85 (void) scf_handle_unbind(handle->handle); 86 scf_handle_destroy(handle->handle); 87 } 88 free(handle); 89 } 90 } 91 92 /* 93 * sa_scf_init() 94 * 95 * Must be called before using any of the SCF functions. Called by 96 * sa_init() during the API setup. 97 */ 98 99 scfutilhandle_t * 100 sa_scf_init(sa_handle_impl_t ihandle) 101 { 102 scfutilhandle_t *handle; 103 104 scf_max_name_len = scf_limit(SCF_LIMIT_MAX_NAME_LENGTH); 105 if (scf_max_name_len <= 0) 106 scf_max_name_len = SA_MAX_NAME_LEN + 1; 107 108 handle = calloc(1, sizeof (scfutilhandle_t)); 109 if (handle == NULL) 110 return (handle); 111 112 ihandle->scfhandle = handle; 113 handle->scf_state = SCH_STATE_INITIALIZING; 114 handle->handle = scf_handle_create(SCF_VERSION); 115 if (handle->handle == NULL) { 116 free(handle); 117 handle = NULL; 118 (void) printf("libshare could not access SMF repository: %s\n", 119 scf_strerror(scf_error())); 120 return (handle); 121 } 122 if (scf_handle_bind(handle->handle) != 0) 123 goto err; 124 125 handle->scope = scf_scope_create(handle->handle); 126 handle->service = scf_service_create(handle->handle); 127 handle->pg = scf_pg_create(handle->handle); 128 129 /* Make sure we have sufficient SMF running */ 130 handle->instance = scf_instance_create(handle->handle); 131 if (handle->scope == NULL || handle->service == NULL || 132 handle->pg == NULL || handle->instance == NULL) 133 goto err; 134 if (scf_handle_get_scope(handle->handle, 135 SCF_SCOPE_LOCAL, handle->scope) != 0) 136 goto err; 137 if (scf_scope_get_service(handle->scope, 138 SA_GROUP_SVC_NAME, handle->service) != 0) 139 goto err; 140 141 handle->scf_state = SCH_STATE_INIT; 142 if (sa_get_instance(handle, "default") != SA_OK) { 143 sa_group_t defgrp; 144 defgrp = sa_create_group((sa_handle_t)ihandle, "default", NULL); 145 /* Only NFS enabled for "default" group. */ 146 if (defgrp != NULL) 147 (void) sa_create_optionset(defgrp, "nfs"); 148 } 149 150 return (handle); 151 152 /* Error handling/unwinding */ 153 err: 154 (void) sa_scf_fini(handle); 155 (void) printf("libshare SMF initialization problem: %s\n", 156 scf_strerror(scf_error())); 157 return (NULL); 158 } 159 160 /* 161 * get_scf_limit(name) 162 * 163 * Since we use scf_limit a lot and do the same check and return the 164 * same value if it fails, implement as a function for code 165 * simplification. Basically, if name isn't found, return MAXPATHLEN 166 * (1024) so we have a reasonable default buffer size. 167 */ 168 static ssize_t 169 get_scf_limit(uint32_t name) 170 { 171 ssize_t vallen; 172 173 vallen = scf_limit(name); 174 if (vallen == (ssize_t)-1) 175 vallen = MAXPATHLEN; 176 return (vallen); 177 } 178 179 /* 180 * skip_property(name) 181 * 182 * Internal function to check to see if a property is an SMF magic 183 * property that needs to be skipped. 184 */ 185 static int 186 skip_property(char *name) 187 { 188 int i; 189 190 for (i = 0; skip_props[i] != NULL; i++) 191 if (strcmp(name, skip_props[i]) == 0) 192 return (1); 193 return (0); 194 } 195 196 /* 197 * generate_unique_sharename(sharename) 198 * 199 * Shares are represented in SMF as property groups. Due to share 200 * paths containing characters that are not allowed in SMF names and 201 * the need to be unique, we use UUIDs to construct a unique name. 202 */ 203 204 static void 205 generate_unique_sharename(char *sharename) 206 { 207 uuid_t uuid; 208 209 uuid_generate(uuid); 210 (void) strcpy(sharename, "S-"); 211 uuid_unparse(uuid, sharename + 2); 212 } 213 214 /* 215 * valid_protocol(proto) 216 * 217 * Check to see if the specified protocol is a valid one for the 218 * general sharemgr facility. We determine this by checking which 219 * plugin protocols were found. 220 */ 221 222 static int 223 valid_protocol(char *proto) 224 { 225 struct sa_proto_plugin *plugin; 226 for (plugin = sap_proto_list; plugin != NULL; 227 plugin = plugin->plugin_next) 228 if (strcmp(proto, plugin->plugin_ops->sa_protocol) == 0) 229 return (1); 230 return (0); 231 } 232 233 /* 234 * sa_extract_pgroup(root, handle, pg, nodetype, proto, sectype) 235 * 236 * Extract the name property group and create the specified type of 237 * node on the provided group. type will be optionset or security. 238 */ 239 240 static int 241 sa_extract_pgroup(xmlNodePtr root, scfutilhandle_t *handle, 242 scf_propertygroup_t *pg, 243 char *nodetype, char *proto, char *sectype) 244 { 245 xmlNodePtr node; 246 scf_iter_t *iter; 247 scf_property_t *prop; 248 scf_value_t *value; 249 char *name; 250 char *valuestr; 251 ssize_t vallen; 252 int ret = SA_OK; 253 254 vallen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 255 256 node = xmlNewChild(root, NULL, (xmlChar *)nodetype, NULL); 257 if (node == NULL) 258 return (ret); 259 260 if (proto != NULL) 261 (void) xmlSetProp(node, (xmlChar *)"type", (xmlChar *)proto); 262 if (sectype != NULL) 263 (void) xmlSetProp(node, (xmlChar *)"sectype", 264 (xmlChar *)sectype); 265 /* 266 * Have node to work with so iterate over the properties 267 * in the pg and create option sub nodes. 268 */ 269 iter = scf_iter_create(handle->handle); 270 value = scf_value_create(handle->handle); 271 prop = scf_property_create(handle->handle); 272 name = malloc(scf_max_name_len); 273 valuestr = malloc(vallen); 274 /* 275 * Want to iterate through the properties and add them 276 * to the base optionset. 277 */ 278 if (iter == NULL || value == NULL || prop == NULL || 279 valuestr == NULL || name == NULL) { 280 ret = SA_NO_MEMORY; 281 goto out; 282 } 283 if (scf_iter_pg_properties(iter, pg) == 0) { 284 /* Now iterate the properties in the group */ 285 while (scf_iter_next_property(iter, prop) > 0) { 286 /* have a property */ 287 if (scf_property_get_name(prop, name, 288 scf_max_name_len) > 0) { 289 sa_property_t saprop; 290 /* Some properties are part of the framework */ 291 if (skip_property(name)) 292 continue; 293 if (scf_property_get_value(prop, value) != 0) 294 continue; 295 if (scf_value_get_astring(value, valuestr, 296 vallen) < 0) 297 continue; 298 saprop = sa_create_property(name, valuestr); 299 if (saprop != NULL) { 300 /* 301 * Since in SMF, don't 302 * recurse. Use xmlAddChild 303 * directly, instead. 304 */ 305 (void) xmlAddChild(node, 306 (xmlNodePtr) saprop); 307 } 308 } 309 } 310 } 311 out: 312 /* cleanup to avoid memory leaks */ 313 if (value != NULL) 314 scf_value_destroy(value); 315 if (iter != NULL) 316 scf_iter_destroy(iter); 317 if (prop != NULL) 318 scf_property_destroy(prop); 319 if (name != NULL) 320 free(name); 321 if (valuestr != NULL) 322 free(valuestr); 323 324 return (ret); 325 } 326 327 /* 328 * sa_extract_attrs(root, handle, instance) 329 * 330 * Local function to extract the actual attributes/properties from the 331 * property group of the service instance. These are the well known 332 * attributes of "state" and "zfs". If additional attributes are 333 * added, they should be added here. 334 */ 335 336 static void 337 sa_extract_attrs(xmlNodePtr root, scfutilhandle_t *handle, 338 scf_instance_t *instance) 339 { 340 scf_property_t *prop; 341 scf_value_t *value; 342 char *valuestr; 343 ssize_t vallen; 344 345 vallen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 346 prop = scf_property_create(handle->handle); 347 value = scf_value_create(handle->handle); 348 valuestr = malloc(vallen); 349 if (prop == NULL || value == NULL || valuestr == NULL || 350 scf_instance_get_pg(instance, "operation", handle->pg) != 0) { 351 goto out; 352 } 353 /* 354 * Have a property group with desired name so now get 355 * the known attributes. 356 */ 357 if (scf_pg_get_property(handle->pg, "state", prop) == 0) { 358 /* Found the property so get the value */ 359 if (scf_property_get_value(prop, value) == 0) { 360 if (scf_value_get_astring(value, valuestr, 361 vallen) >= 0) { 362 (void) xmlSetProp(root, (xmlChar *)"state", 363 (xmlChar *)valuestr); 364 } 365 } 366 } 367 if (scf_pg_get_property(handle->pg, "zfs", prop) == 0) { 368 /* Found the property so get the value */ 369 if (scf_property_get_value(prop, value) == 0) { 370 if (scf_value_get_astring(value, valuestr, 371 vallen) > 0) { 372 (void) xmlSetProp(root, (xmlChar *)"zfs", 373 (xmlChar *)valuestr); 374 } 375 } 376 } 377 out: 378 if (valuestr != NULL) 379 free(valuestr); 380 if (value != NULL) 381 scf_value_destroy(value); 382 if (prop != NULL) 383 scf_property_destroy(prop); 384 } 385 386 /* 387 * List of known share attributes. 388 */ 389 390 static char *share_attr[] = { 391 "path", 392 "id", 393 "drive-letter", 394 "exclude", 395 NULL, 396 }; 397 398 static int 399 is_share_attr(char *name) 400 { 401 int i; 402 for (i = 0; share_attr[i] != NULL; i++) 403 if (strcmp(name, share_attr[i]) == 0) 404 return (1); 405 return (0); 406 } 407 408 /* 409 * _sa_make_resource(node, valuestr) 410 * 411 * Make a resource node on the share node. The valusestr will either 412 * be old format (SMF acceptable string) or new format (pretty much an 413 * arbitrary string with "nnn:" prefixing in order to persist 414 * mapping). The input valuestr will get modified in place. This is 415 * only used in SMF repository parsing. A possible third field will be 416 * a "description" string. 417 */ 418 419 static void 420 _sa_make_resource(xmlNodePtr node, char *valuestr) 421 { 422 char *idx; 423 char *name; 424 char *description = NULL; 425 426 idx = valuestr; 427 name = strchr(valuestr, ':'); 428 if (name == NULL) { 429 /* this is old form so give an index of "0" */ 430 idx = "0"; 431 name = valuestr; 432 } else { 433 /* NUL the ':' and move past it */ 434 *name++ = '\0'; 435 /* There could also be a description string */ 436 description = strchr(name, ':'); 437 if (description != NULL) 438 *description++ = '\0'; 439 } 440 node = xmlNewChild(node, NULL, (xmlChar *)"resource", NULL); 441 if (node != NULL) { 442 (void) xmlSetProp(node, (xmlChar *)"name", (xmlChar *)name); 443 (void) xmlSetProp(node, (xmlChar *)"id", (xmlChar *)idx); 444 /* SMF values are always persistent */ 445 (void) xmlSetProp(node, (xmlChar *)"type", 446 (xmlChar *)"persist"); 447 if (description != NULL && strlen(description) > 0) { 448 (void) xmlNewChild(node, NULL, (xmlChar *)"description", 449 (xmlChar *)description); 450 } 451 } 452 } 453 454 455 /* 456 * sa_share_from_pgroup 457 * 458 * Extract the share definition from the share property group. We do 459 * some sanity checking to avoid bad data. 460 * 461 * Since this is only constructing the internal data structures, we 462 * don't use the sa_* functions most of the time. 463 */ 464 void 465 sa_share_from_pgroup(xmlNodePtr root, scfutilhandle_t *handle, 466 scf_propertygroup_t *pg, char *id) 467 { 468 xmlNodePtr node; 469 char *name; 470 scf_iter_t *iter; 471 scf_property_t *prop; 472 scf_value_t *value; 473 ssize_t vallen; 474 char *valuestr; 475 int ret = SA_OK; 476 int have_path = 0; 477 478 /* 479 * While preliminary check (starts with 'S') passed before 480 * getting here. Need to make sure it is in ID syntax 481 * (Snnnnnn). Note that shares with properties have similar 482 * pgroups. 483 */ 484 vallen = strlen(id); 485 if (*id == SA_SHARE_PG_PREFIX[0] && vallen == SA_SHARE_PG_LEN) { 486 uuid_t uuid; 487 if (strncmp(id, SA_SHARE_PG_PREFIX, 488 SA_SHARE_PG_PREFIXLEN) != 0 || 489 uuid_parse(id + 2, uuid) < 0) 490 return; 491 } else { 492 return; 493 } 494 495 vallen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 496 497 iter = scf_iter_create(handle->handle); 498 value = scf_value_create(handle->handle); 499 prop = scf_property_create(handle->handle); 500 name = malloc(scf_max_name_len); 501 valuestr = malloc(vallen); 502 503 /* 504 * Construct the share XML node. It is similar to sa_add_share 505 * but never changes the repository. Also, there won't be any 506 * ZFS or transient shares. Root will be the group it is 507 * associated with. 508 */ 509 node = xmlNewChild(root, NULL, (xmlChar *)"share", NULL); 510 if (node != NULL) { 511 /* 512 * Make sure the UUID part of the property group is 513 * stored in the share "id" property. We use this 514 * later. 515 */ 516 (void) xmlSetProp(node, (xmlChar *)"id", (xmlChar *)id); 517 (void) xmlSetProp(node, (xmlChar *)"type", 518 (xmlChar *)"persist"); 519 } 520 521 if (iter == NULL || value == NULL || prop == NULL || name == NULL) 522 goto out; 523 524 /* Iterate over the share pg properties */ 525 if (scf_iter_pg_properties(iter, pg) != 0) 526 goto out; 527 528 while (scf_iter_next_property(iter, prop) > 0) { 529 ret = SA_SYSTEM_ERR; /* assume the worst */ 530 if (scf_property_get_name(prop, name, scf_max_name_len) > 0) { 531 if (scf_property_get_value(prop, value) == 0) { 532 if (scf_value_get_astring(value, valuestr, 533 vallen) >= 0) { 534 ret = SA_OK; 535 } 536 } else if (strcmp(name, "resource") == 0) { 537 ret = SA_OK; 538 } 539 } 540 if (ret != SA_OK) 541 continue; 542 /* 543 * Check that we have the "path" property in 544 * name. The string in name will always be nul 545 * terminated if scf_property_get_name() 546 * succeeded. 547 */ 548 if (strcmp(name, "path") == 0) 549 have_path = 1; 550 if (is_share_attr(name)) { 551 /* 552 * If a share attr, then simple - 553 * usually path and id name 554 */ 555 (void) xmlSetProp(node, (xmlChar *)name, 556 (xmlChar *)valuestr); 557 } else if (strcmp(name, "resource") == 0) { 558 /* 559 * Resource names handled differently since 560 * there can be multiple on each share. The 561 * "resource" id must be preserved since this 562 * will be used by some protocols in mapping 563 * "property spaces" to names and is always 564 * used to create SMF property groups specific 565 * to resources. CIFS needs this. The first 566 * value is present so add and then loop for 567 * any additional. Since this is new and 568 * previous values may exist, handle 569 * conversions. 570 */ 571 scf_iter_t *viter; 572 viter = scf_iter_create(handle->handle); 573 if (viter != NULL && 574 scf_iter_property_values(viter, prop) == 0) { 575 while (scf_iter_next_value(viter, value) > 0) { 576 /* Have a value so process it */ 577 if (scf_value_get_ustring(value, 578 valuestr, vallen) >= 0) { 579 /* have a ustring */ 580 _sa_make_resource(node, 581 valuestr); 582 } else if (scf_value_get_astring(value, 583 valuestr, vallen) >= 0) { 584 /* have an astring */ 585 _sa_make_resource(node, 586 valuestr); 587 } 588 } 589 scf_iter_destroy(viter); 590 } 591 } else { 592 if (strcmp(name, "description") == 0) { 593 /* We have a description node */ 594 xmlNodePtr desc; 595 desc = xmlNewChild(node, NULL, 596 (xmlChar *)"description", NULL); 597 if (desc != NULL) 598 xmlNodeSetContent(desc, 599 (xmlChar *)valuestr); 600 } 601 } 602 } 603 out: 604 /* 605 * A share without a path is broken so we want to not include 606 * these. They shouldn't happen but if you kill a sharemgr in 607 * the process of creating a share, it could happen. They 608 * should be harmless. It is also possible that another 609 * sharemgr is running and in the process of creating a share. 610 */ 611 if (have_path == 0 && node != NULL) { 612 xmlUnlinkNode(node); 613 xmlFreeNode(node); 614 } 615 if (name != NULL) 616 free(name); 617 if (valuestr != NULL) 618 free(valuestr); 619 if (value != NULL) 620 scf_value_destroy(value); 621 if (iter != NULL) 622 scf_iter_destroy(iter); 623 if (prop != NULL) 624 scf_property_destroy(prop); 625 } 626 627 /* 628 * find_share_by_id(shareid) 629 * 630 * Search all shares in all groups until we find the share represented 631 * by "id". 632 */ 633 634 static sa_share_t 635 find_share_by_id(sa_handle_t handle, char *shareid) 636 { 637 sa_group_t group; 638 sa_share_t share = NULL; 639 char *id = NULL; 640 int done = 0; 641 642 for (group = sa_get_group(handle, NULL); 643 group != NULL && !done; 644 group = sa_get_next_group(group)) { 645 for (share = sa_get_share(group, NULL); 646 share != NULL; 647 share = sa_get_next_share(share)) { 648 id = sa_get_share_attr(share, "id"); 649 if (id != NULL && strcmp(id, shareid) == 0) { 650 sa_free_attr_string(id); 651 id = NULL; 652 done++; 653 break; 654 } 655 if (id != NULL) { 656 sa_free_attr_string(id); 657 id = NULL; 658 } 659 } 660 } 661 return (share); 662 } 663 664 /* 665 * find_resource_by_index(share, index) 666 * 667 * Search the resource records on the share for the id index. 668 */ 669 static sa_resource_t 670 find_resource_by_index(sa_share_t share, char *index) 671 { 672 sa_resource_t resource; 673 sa_resource_t found = NULL; 674 char *id; 675 676 for (resource = sa_get_share_resource(share, NULL); 677 resource != NULL && found == NULL; 678 resource = sa_get_next_resource(resource)) { 679 id = (char *)xmlGetProp((xmlNodePtr)resource, (xmlChar *)"id"); 680 if (id != NULL) { 681 if (strcmp(id, index) == 0) { 682 /* found it so save in "found" */ 683 found = resource; 684 } 685 sa_free_attr_string(id); 686 } 687 } 688 return (found); 689 } 690 691 /* 692 * sa_share_props_from_pgroup(root, handle, pg, id, sahandle) 693 * 694 * Extract share properties from the SMF property group. More sanity 695 * checks are done and the share object is created. We ignore some 696 * errors that could exist in the repository and only worry about 697 * property groups that validate in naming. 698 */ 699 700 static int 701 sa_share_props_from_pgroup(xmlNodePtr root, scfutilhandle_t *handle, 702 scf_propertygroup_t *pg, char *id, sa_handle_t sahandle) 703 { 704 xmlNodePtr node; 705 char *name = NULL; 706 scf_iter_t *iter = NULL; 707 scf_property_t *prop = NULL; 708 scf_value_t *value = NULL; 709 ssize_t vallen; 710 char *valuestr = NULL; 711 int ret = SA_OK; 712 char *sectype = NULL; 713 char *proto; 714 sa_share_t share; 715 uuid_t uuid; 716 717 /* 718 * While preliminary check (starts with 'S') passed before 719 * getting here. Need to make sure it is in ID syntax 720 * (Snnnnnn). Note that shares with properties have similar 721 * pgroups. If the pg name is more than SA_SHARE_PG_LEN 722 * characters, it is likely one of the protocol/security 723 * versions. 724 */ 725 vallen = strlen(id); 726 if (*id != SA_SHARE_PG_PREFIX[0] || vallen <= SA_SHARE_PG_LEN) { 727 /* 728 * It is ok to not have what we thought since someone might 729 * have added a name via SMF. 730 */ 731 return (ret); 732 } 733 if (strncmp(id, SA_SHARE_PG_PREFIX, SA_SHARE_PG_PREFIXLEN) == 0) { 734 proto = strchr(id, '_'); 735 if (proto == NULL) 736 return (ret); 737 *proto++ = '\0'; 738 if (uuid_parse(id + SA_SHARE_PG_PREFIXLEN, uuid) < 0) 739 return (ret); 740 /* 741 * probably a legal optionset so check a few more 742 * syntax points below. 743 */ 744 if (*proto == '\0') { 745 /* not a valid proto (null) */ 746 return (ret); 747 } 748 749 sectype = strchr(proto, '_'); 750 if (sectype != NULL) 751 *sectype++ = '\0'; 752 if (!valid_protocol(proto)) 753 return (ret); 754 } 755 756 /* 757 * To get here, we have a valid protocol and possibly a 758 * security. We now have to find the share that it is really 759 * associated with. The "id" portion of the pgroup name will 760 * match. 761 */ 762 763 share = find_share_by_id(sahandle, id); 764 if (share == NULL) 765 return (SA_BAD_PATH); 766 767 root = (xmlNodePtr)share; 768 769 vallen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 770 771 if (sectype == NULL) 772 node = xmlNewChild(root, NULL, (xmlChar *)"optionset", NULL); 773 else { 774 if (isdigit((int)*sectype)) { 775 sa_resource_t resource; 776 /* 777 * If sectype[0] is a digit, then it is an index into 778 * the resource names. We need to find a resource 779 * record and then get the properties into an 780 * optionset. The optionset becomes the "node" and the 781 * rest is hung off of the share. 782 */ 783 resource = find_resource_by_index(share, sectype); 784 if (resource != NULL) { 785 node = xmlNewChild(resource, NULL, 786 (xmlChar *)"optionset", NULL); 787 } else { 788 /* This shouldn't happen. */ 789 ret = SA_SYSTEM_ERR; 790 goto out; 791 } 792 } else { 793 /* 794 * If not a digit, then it is a security type 795 * (alternate option space). Security types start with 796 * an alphabetic. 797 */ 798 node = xmlNewChild(root, NULL, (xmlChar *)"security", 799 NULL); 800 if (node != NULL) 801 (void) xmlSetProp(node, (xmlChar *)"sectype", 802 (xmlChar *)sectype); 803 } 804 } 805 if (node == NULL) { 806 ret = SA_NO_MEMORY; 807 goto out; 808 } 809 810 (void) xmlSetProp(node, (xmlChar *)"type", (xmlChar *)proto); 811 /* now find the properties */ 812 iter = scf_iter_create(handle->handle); 813 value = scf_value_create(handle->handle); 814 prop = scf_property_create(handle->handle); 815 name = malloc(scf_max_name_len); 816 valuestr = malloc(vallen); 817 818 if (iter == NULL || value == NULL || prop == NULL || name == NULL) 819 goto out; 820 821 /* iterate over the share pg properties */ 822 if (scf_iter_pg_properties(iter, pg) == 0) { 823 while (scf_iter_next_property(iter, prop) > 0) { 824 ret = SA_SYSTEM_ERR; /* assume the worst */ 825 if (scf_property_get_name(prop, name, 826 scf_max_name_len) > 0) { 827 if (scf_property_get_value(prop, value) == 0) { 828 if (scf_value_get_astring(value, 829 valuestr, vallen) >= 0) { 830 ret = SA_OK; 831 } 832 } 833 } else { 834 ret = SA_SYSTEM_ERR; 835 } 836 if (ret == SA_OK) { 837 sa_property_t prop; 838 prop = sa_create_property(name, valuestr); 839 if (prop != NULL) 840 prop = (sa_property_t)xmlAddChild(node, 841 (xmlNodePtr)prop); 842 else 843 ret = SA_NO_MEMORY; 844 } 845 } 846 } else { 847 ret = SA_SYSTEM_ERR; 848 } 849 out: 850 if (iter != NULL) 851 scf_iter_destroy(iter); 852 if (value != NULL) 853 scf_value_destroy(value); 854 if (prop != NULL) 855 scf_property_destroy(prop); 856 if (name != NULL) 857 free(name); 858 if (valuestr != NULL) 859 free(valuestr); 860 return (ret); 861 } 862 863 /* 864 * sa_extract_group(root, handle, instance) 865 * 866 * Get the config info for this instance of a group and create the XML 867 * subtree from it. 868 */ 869 870 static int 871 sa_extract_group(xmlNodePtr root, scfutilhandle_t *handle, 872 scf_instance_t *instance, sa_handle_t sahandle) 873 { 874 char *buff; 875 xmlNodePtr node; 876 scf_iter_t *iter; 877 char *proto; 878 char *sectype; 879 boolean_t have_shares = B_FALSE; 880 boolean_t is_default = B_FALSE; 881 boolean_t is_nfs = B_FALSE; 882 int ret = SA_OK; 883 int err; 884 885 buff = malloc(scf_max_name_len); 886 if (buff == NULL) 887 return (SA_NO_MEMORY); 888 889 iter = scf_iter_create(handle->handle); 890 if (iter == NULL) { 891 ret = SA_NO_MEMORY; 892 goto out; 893 } 894 895 if (scf_instance_get_name(instance, buff, scf_max_name_len) > 0) { 896 node = xmlNewChild(root, NULL, (xmlChar *)"group", NULL); 897 if (node == NULL) { 898 ret = SA_NO_MEMORY; 899 goto out; 900 } 901 (void) xmlSetProp(node, (xmlChar *)"name", (xmlChar *)buff); 902 if (strcmp(buff, "default") == 0) 903 is_default = B_TRUE; 904 905 sa_extract_attrs(node, handle, instance); 906 /* 907 * Iterate through all the property groups 908 * looking for those with security or 909 * optionset prefixes. The names of the 910 * matching pgroups are parsed to get the 911 * protocol, and for security, the sectype. 912 * Syntax is as follows: 913 * optionset | optionset_<proto> 914 * security_default | security_<proto>_<sectype> 915 * "operation" is handled by 916 * sa_extract_attrs(). 917 */ 918 if (scf_iter_instance_pgs(iter, instance) != 0) { 919 ret = SA_NO_MEMORY; 920 goto out; 921 } 922 while (scf_iter_next_pg(iter, handle->pg) > 0) { 923 /* Have a pgroup so sort it out */ 924 ret = scf_pg_get_name(handle->pg, buff, 925 scf_max_name_len); 926 if (ret <= 0) 927 continue; 928 is_nfs = B_FALSE; 929 930 if (buff[0] == SA_SHARE_PG_PREFIX[0]) { 931 sa_share_from_pgroup(node, handle, 932 handle->pg, buff); 933 have_shares = B_TRUE; 934 } else if (strncmp(buff, "optionset", 9) == 0) { 935 char *nodetype = "optionset"; 936 /* Have an optionset */ 937 sectype = NULL; 938 proto = strchr(buff, '_'); 939 if (proto != NULL) { 940 *proto++ = '\0'; 941 sectype = strchr(proto, '_'); 942 if (sectype != NULL) { 943 *sectype++ = '\0'; 944 nodetype = "security"; 945 } 946 is_nfs = strcmp(proto, "nfs") == 0; 947 } else if (strlen(buff) > 9) { 948 /* 949 * This can only occur if 950 * someone has made changes 951 * via an SMF command. Since 952 * this would be an unknown 953 * syntax, we just ignore it. 954 */ 955 continue; 956 } 957 /* 958 * If the group is not "default" or is 959 * "default" and is_nfs, then extract the 960 * pgroup. If it is_default and !is_nfs, 961 * then we have an error and should remove 962 * the extraneous protocols. We don't care 963 * about errors on scf_pg_delete since we 964 * might not have permission during an 965 * extract only. 966 */ 967 if (!is_default || is_nfs) { 968 ret = sa_extract_pgroup(node, handle, 969 handle->pg, nodetype, proto, 970 sectype); 971 } else { 972 err = scf_pg_delete(handle->pg); 973 if (err == 0) 974 (void) fprintf(stderr, 975 dgettext(TEXT_DOMAIN, 976 "Removed protocol \"%s\" " 977 "from group \"default\"\n"), 978 proto); 979 } 980 } else if (strncmp(buff, "security", 8) == 0) { 981 /* 982 * Have a security (note that 983 * this should change in the 984 * future) 985 */ 986 proto = strchr(buff, '_'); 987 sectype = NULL; 988 if (proto != NULL) { 989 *proto++ = '\0'; 990 sectype = strchr(proto, '_'); 991 if (sectype != NULL) 992 *sectype++ = '\0'; 993 if (strcmp(proto, "default") == 0) 994 proto = NULL; 995 } 996 ret = sa_extract_pgroup(node, handle, 997 handle->pg, "security", proto, sectype); 998 } 999 /* Ignore everything else */ 1000 } 1001 /* 1002 * Make sure we have a valid default group. 1003 * On first boot, default won't have any 1004 * protocols defined and won't be enabled (but 1005 * should be). "default" only has NFS enabled on it. 1006 */ 1007 if (is_default) { 1008 char *state = sa_get_group_attr((sa_group_t)node, 1009 "state"); 1010 1011 if (state == NULL) { 1012 /* set attribute to enabled */ 1013 (void) sa_set_group_attr((sa_group_t)node, 1014 "state", "enabled"); 1015 (void) sa_create_optionset((sa_group_t)node, 1016 "nfs"); 1017 } else { 1018 sa_free_attr_string(state); 1019 } 1020 } 1021 /* Do a second pass if shares were found */ 1022 if (have_shares && scf_iter_instance_pgs(iter, instance) == 0) { 1023 while (scf_iter_next_pg(iter, handle->pg) > 0) { 1024 /* 1025 * Have a pgroup so see if it is a 1026 * share optionset 1027 */ 1028 err = scf_pg_get_name(handle->pg, buff, 1029 scf_max_name_len); 1030 if (err <= 0) 1031 continue; 1032 if (buff[0] == SA_SHARE_PG_PREFIX[0]) { 1033 ret = sa_share_props_from_pgroup(node, 1034 handle, handle->pg, buff, 1035 sahandle); 1036 } 1037 } 1038 } 1039 } 1040 out: 1041 if (iter != NULL) 1042 scf_iter_destroy(iter); 1043 if (buff != NULL) 1044 free(buff); 1045 return (ret); 1046 } 1047 1048 /* 1049 * sa_extract_defaults(root, handle, instance) 1050 * 1051 * Local function to find the default properties that live in the 1052 * default instance's "operation" property group. 1053 */ 1054 1055 static void 1056 sa_extract_defaults(xmlNodePtr root, scfutilhandle_t *handle, 1057 scf_instance_t *instance) 1058 { 1059 xmlNodePtr node; 1060 scf_property_t *prop; 1061 scf_value_t *value; 1062 char *valuestr; 1063 ssize_t vallen; 1064 1065 vallen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 1066 prop = scf_property_create(handle->handle); 1067 value = scf_value_create(handle->handle); 1068 valuestr = malloc(vallen); 1069 1070 if (prop == NULL || value == NULL || vallen == 0 || 1071 scf_instance_get_pg(instance, "operation", handle->pg) != 0) 1072 goto out; 1073 1074 if (scf_pg_get_property(handle->pg, "legacy-timestamp", prop) != 0) 1075 goto out; 1076 1077 /* Found the property so get the value */ 1078 if (scf_property_get_value(prop, value) == 0) { 1079 if (scf_value_get_astring(value, valuestr, vallen) > 0) { 1080 node = xmlNewChild(root, NULL, (xmlChar *)"legacy", 1081 NULL); 1082 if (node != NULL) { 1083 (void) xmlSetProp(node, (xmlChar *)"timestamp", 1084 (xmlChar *)valuestr); 1085 (void) xmlSetProp(node, (xmlChar *)"path", 1086 (xmlChar *)SA_LEGACY_DFSTAB); 1087 } 1088 } 1089 } 1090 out: 1091 if (valuestr != NULL) 1092 free(valuestr); 1093 if (value != NULL) 1094 scf_value_destroy(value); 1095 if (prop != NULL) 1096 scf_property_destroy(prop); 1097 } 1098 1099 1100 /* 1101 * sa_get_config(handle, root, doc, sahandle) 1102 * 1103 * Walk the SMF repository for /network/shares/group and find all the 1104 * instances. These become group names. Then add the XML structure 1105 * below the groups based on property groups and properties. 1106 */ 1107 int 1108 sa_get_config(scfutilhandle_t *handle, xmlNodePtr root, sa_handle_t sahandle) 1109 { 1110 int ret = SA_OK; 1111 scf_instance_t *instance; 1112 scf_iter_t *iter; 1113 char buff[BUFSIZ * 2]; 1114 1115 instance = scf_instance_create(handle->handle); 1116 iter = scf_iter_create(handle->handle); 1117 if (instance != NULL && iter != NULL) { 1118 if ((ret = scf_iter_service_instances(iter, 1119 handle->service)) == 0) { 1120 while ((ret = scf_iter_next_instance(iter, 1121 instance)) > 0) { 1122 if (scf_instance_get_name(instance, buff, 1123 sizeof (buff)) > 0) { 1124 if (strcmp(buff, "default") == 0) 1125 sa_extract_defaults(root, 1126 handle, instance); 1127 ret = sa_extract_group(root, handle, 1128 instance, sahandle); 1129 } 1130 } 1131 } 1132 } 1133 1134 /* Always cleanup these */ 1135 if (instance != NULL) 1136 scf_instance_destroy(instance); 1137 if (iter != NULL) 1138 scf_iter_destroy(iter); 1139 return (ret); 1140 } 1141 1142 /* 1143 * sa_get_instance(handle, instance) 1144 * 1145 * Get the instance of the group service. This is actually the 1146 * specific group name. The instance is needed for all property and 1147 * control operations. 1148 */ 1149 1150 int 1151 sa_get_instance(scfutilhandle_t *handle, char *instname) 1152 { 1153 if (scf_service_get_instance(handle->service, instname, 1154 handle->instance) != 0) { 1155 return (SA_NO_SUCH_GROUP); 1156 } 1157 return (SA_OK); 1158 } 1159 1160 /* 1161 * sa_create_instance(handle, instname) 1162 * 1163 * Create a new SMF service instance. There can only be one with a 1164 * given name. 1165 */ 1166 1167 int 1168 sa_create_instance(scfutilhandle_t *handle, char *instname) 1169 { 1170 int ret = SA_OK; 1171 char instance[SA_GROUP_INST_LEN]; 1172 if (scf_service_add_instance(handle->service, instname, 1173 handle->instance) != 0) { 1174 /* better error returns need to be added based on real error */ 1175 if (scf_error() == SCF_ERROR_PERMISSION_DENIED) 1176 ret = SA_NO_PERMISSION; 1177 else 1178 ret = SA_DUPLICATE_NAME; 1179 } else { 1180 /* have the service created, so enable it */ 1181 (void) snprintf(instance, sizeof (instance), "%s:%s", 1182 SA_SVC_FMRI_BASE, instname); 1183 (void) smf_enable_instance(instance, 0); 1184 } 1185 return (ret); 1186 } 1187 1188 /* 1189 * sa_delete_instance(handle, instname) 1190 * 1191 * When a group goes away, we also remove the service instance. 1192 */ 1193 1194 int 1195 sa_delete_instance(scfutilhandle_t *handle, char *instname) 1196 { 1197 int ret; 1198 1199 if (strcmp(instname, "default") == 0) { 1200 ret = SA_NO_PERMISSION; 1201 } else { 1202 if ((ret = sa_get_instance(handle, instname)) == SA_OK) { 1203 if (scf_instance_delete(handle->instance) != 0) 1204 /* need better analysis */ 1205 ret = SA_NO_PERMISSION; 1206 } 1207 } 1208 return (ret); 1209 } 1210 1211 /* 1212 * sa_create_pgroup(handle, pgroup) 1213 * 1214 * create a new property group 1215 */ 1216 1217 int 1218 sa_create_pgroup(scfutilhandle_t *handle, char *pgroup) 1219 { 1220 int ret = SA_OK; 1221 int persist = 0; 1222 1223 /* 1224 * Only create a handle if it doesn't exist. It is ok to exist 1225 * since the pg handle will be set as a side effect. 1226 */ 1227 if (handle->pg == NULL) 1228 handle->pg = scf_pg_create(handle->handle); 1229 1230 /* 1231 * Special case for a non-persistent property group. This is 1232 * internal use only. 1233 */ 1234 if (*pgroup == '*') { 1235 persist = SCF_PG_FLAG_NONPERSISTENT; 1236 pgroup++; 1237 } 1238 1239 /* 1240 * If the pgroup exists, we are done. If it doesn't, then we 1241 * need to actually add one to the service instance. 1242 */ 1243 if (scf_instance_get_pg(handle->instance, 1244 pgroup, handle->pg) != 0) { 1245 1246 /* Doesn't exist so create one */ 1247 if (scf_instance_add_pg(handle->instance, pgroup, 1248 SCF_GROUP_APPLICATION, persist, handle->pg) != 0) { 1249 switch (scf_error()) { 1250 case SCF_ERROR_PERMISSION_DENIED: 1251 ret = SA_NO_PERMISSION; 1252 break; 1253 default: 1254 ret = SA_SYSTEM_ERR; 1255 break; 1256 } 1257 } 1258 } 1259 return (ret); 1260 } 1261 1262 /* 1263 * sa_delete_pgroup(handle, pgroup) 1264 * 1265 * Remove the property group from the current instance of the service, 1266 * but only if it actually exists. 1267 */ 1268 1269 int 1270 sa_delete_pgroup(scfutilhandle_t *handle, char *pgroup) 1271 { 1272 int ret = SA_OK; 1273 /* 1274 * Only delete if it does exist. 1275 */ 1276 if (scf_instance_get_pg(handle->instance, pgroup, handle->pg) == 0) { 1277 /* does exist so delete it */ 1278 if (scf_pg_delete(handle->pg) != 0) 1279 ret = SA_SYSTEM_ERR; 1280 } else { 1281 ret = SA_SYSTEM_ERR; 1282 } 1283 if (ret == SA_SYSTEM_ERR && 1284 scf_error() == SCF_ERROR_PERMISSION_DENIED) { 1285 ret = SA_NO_PERMISSION; 1286 } 1287 return (ret); 1288 } 1289 1290 /* 1291 * sa_start_transaction(handle, pgroup) 1292 * 1293 * Start an SMF transaction so we can deal with properties. it would 1294 * be nice to not have to expose this, but we have to in order to 1295 * optimize. 1296 * 1297 * Basic model is to hold the transaction in the handle and allow 1298 * property adds/deletes/updates to be added then close the 1299 * transaction (or abort). There may eventually be a need to handle 1300 * other types of transaction mechanisms but we don't do that now. 1301 * 1302 * An sa_start_transaction must be followed by either an 1303 * sa_end_transaction or sa_abort_transaction before another 1304 * sa_start_transaction can be done. 1305 */ 1306 1307 int 1308 sa_start_transaction(scfutilhandle_t *handle, char *propgroup) 1309 { 1310 int ret = SA_OK; 1311 /* 1312 * Lookup the property group and create it if it doesn't already 1313 * exist. 1314 */ 1315 if (handle == NULL) 1316 return (SA_CONFIG_ERR); 1317 1318 if (handle->scf_state == SCH_STATE_INIT) { 1319 ret = sa_create_pgroup(handle, propgroup); 1320 if (ret == SA_OK) { 1321 handle->trans = scf_transaction_create(handle->handle); 1322 if (handle->trans != NULL) { 1323 if (scf_transaction_start(handle->trans, 1324 handle->pg) != 0) { 1325 ret = SA_SYSTEM_ERR; 1326 } 1327 if (ret != SA_OK) { 1328 scf_transaction_destroy(handle->trans); 1329 handle->trans = NULL; 1330 } 1331 } else { 1332 ret = SA_SYSTEM_ERR; 1333 } 1334 } 1335 } 1336 if (ret == SA_SYSTEM_ERR && 1337 scf_error() == SCF_ERROR_PERMISSION_DENIED) { 1338 ret = SA_NO_PERMISSION; 1339 } 1340 return (ret); 1341 } 1342 1343 1344 /* 1345 * sa_end_transaction(scfhandle, sahandle) 1346 * 1347 * Commit the changes that were added to the transaction in the 1348 * handle. Do all necessary cleanup. 1349 */ 1350 1351 int 1352 sa_end_transaction(scfutilhandle_t *handle, sa_handle_impl_t sahandle) 1353 { 1354 int ret = SA_OK; 1355 1356 if (handle == NULL || handle->trans == NULL || sahandle == NULL) { 1357 ret = SA_SYSTEM_ERR; 1358 } else { 1359 if (scf_transaction_commit(handle->trans) < 0) 1360 ret = SA_SYSTEM_ERR; 1361 scf_transaction_destroy_children(handle->trans); 1362 scf_transaction_destroy(handle->trans); 1363 if (ret == SA_OK) 1364 set_transaction_tstamp(sahandle); 1365 handle->trans = NULL; 1366 } 1367 return (ret); 1368 } 1369 1370 /* 1371 * sa_abort_transaction(handle) 1372 * 1373 * Abort the changes that were added to the transaction in the 1374 * handle. Do all necessary cleanup. 1375 */ 1376 1377 void 1378 sa_abort_transaction(scfutilhandle_t *handle) 1379 { 1380 if (handle->trans != NULL) { 1381 scf_transaction_reset_all(handle->trans); 1382 scf_transaction_destroy_children(handle->trans); 1383 scf_transaction_destroy(handle->trans); 1384 handle->trans = NULL; 1385 } 1386 } 1387 1388 /* 1389 * set_transaction_tstamp(sahandle) 1390 * 1391 * After a successful transaction commit, update the timestamp of the 1392 * last transaction. This lets us detect changes from other processes. 1393 */ 1394 static void 1395 set_transaction_tstamp(sa_handle_impl_t sahandle) 1396 { 1397 char tstring[32]; 1398 struct timeval tv; 1399 scfutilhandle_t *scfhandle; 1400 1401 if (sahandle == NULL || sahandle->scfhandle == NULL) 1402 return; 1403 1404 scfhandle = sahandle->scfhandle; 1405 1406 if (sa_get_instance(scfhandle, "default") != SA_OK) 1407 return; 1408 1409 if (gettimeofday(&tv, NULL) != 0) 1410 return; 1411 1412 if (sa_start_transaction(scfhandle, "*state") != SA_OK) 1413 return; 1414 1415 sahandle->tstrans = TSTAMP((*(timestruc_t *)&tv)); 1416 (void) snprintf(tstring, sizeof (tstring), "%lld", sahandle->tstrans); 1417 if (sa_set_property(sahandle->scfhandle, "lastupdate", tstring) == 1418 SA_OK) { 1419 /* 1420 * While best if it succeeds, a failure doesn't cause 1421 * problems and we will ignore it anyway. 1422 */ 1423 (void) scf_transaction_commit(scfhandle->trans); 1424 scf_transaction_destroy_children(scfhandle->trans); 1425 scf_transaction_destroy(scfhandle->trans); 1426 } else { 1427 sa_abort_transaction(scfhandle); 1428 } 1429 } 1430 1431 /* 1432 * sa_set_property(handle, prop, value) 1433 * 1434 * Set a property transaction entry into the pending SMF transaction. 1435 */ 1436 1437 int 1438 sa_set_property(scfutilhandle_t *handle, char *propname, char *valstr) 1439 { 1440 int ret = SA_OK; 1441 scf_value_t *value; 1442 scf_transaction_entry_t *entry; 1443 /* 1444 * Properties must be set in transactions and don't take 1445 * effect until the transaction has been ended/committed. 1446 */ 1447 value = scf_value_create(handle->handle); 1448 entry = scf_entry_create(handle->handle); 1449 if (value != NULL && entry != NULL) { 1450 if (scf_transaction_property_change(handle->trans, entry, 1451 propname, SCF_TYPE_ASTRING) == 0 || 1452 scf_transaction_property_new(handle->trans, entry, 1453 propname, SCF_TYPE_ASTRING) == 0) { 1454 if (scf_value_set_astring(value, valstr) == 0) { 1455 if (scf_entry_add_value(entry, value) != 0) { 1456 ret = SA_SYSTEM_ERR; 1457 scf_value_destroy(value); 1458 } 1459 /* The value is in the transaction */ 1460 value = NULL; 1461 } else { 1462 /* Value couldn't be constructed */ 1463 ret = SA_SYSTEM_ERR; 1464 } 1465 /* The entry is in the transaction */ 1466 entry = NULL; 1467 } else { 1468 ret = SA_SYSTEM_ERR; 1469 } 1470 } else { 1471 ret = SA_SYSTEM_ERR; 1472 } 1473 if (ret == SA_SYSTEM_ERR) { 1474 switch (scf_error()) { 1475 case SCF_ERROR_PERMISSION_DENIED: 1476 ret = SA_NO_PERMISSION; 1477 break; 1478 } 1479 } 1480 /* 1481 * Cleanup if there were any errors that didn't leave these 1482 * values where they would be cleaned up later. 1483 */ 1484 if (value != NULL) 1485 scf_value_destroy(value); 1486 if (entry != NULL) 1487 scf_entry_destroy(entry); 1488 return (ret); 1489 } 1490 1491 /* 1492 * check_resource(share) 1493 * 1494 * Check to see if share has any persistent resources. We don't want 1495 * to save if they are all transient. 1496 */ 1497 static int 1498 check_resource(sa_share_t share) 1499 { 1500 sa_resource_t resource; 1501 int ret = B_FALSE; 1502 1503 for (resource = sa_get_share_resource(share, NULL); 1504 resource != NULL && ret == B_FALSE; 1505 resource = sa_get_next_resource(resource)) { 1506 char *type; 1507 type = sa_get_resource_attr(resource, "type"); 1508 if (type != NULL) { 1509 if (strcmp(type, "transient") != 0) { 1510 ret = B_TRUE; 1511 } 1512 sa_free_attr_string(type); 1513 } 1514 } 1515 return (ret); 1516 } 1517 1518 /* 1519 * sa_set_resource_property(handle, prop, value) 1520 * 1521 * set a property transaction entry into the pending SMF 1522 * transaction. We don't want to include any transient resources 1523 */ 1524 1525 static int 1526 sa_set_resource_property(scfutilhandle_t *handle, sa_share_t share) 1527 { 1528 int ret = SA_OK; 1529 scf_value_t *value; 1530 scf_transaction_entry_t *entry; 1531 sa_resource_t resource; 1532 char *valstr; 1533 char *idstr; 1534 char *description; 1535 char *propstr = NULL; 1536 size_t strsize; 1537 1538 /* don't bother if no persistent resources */ 1539 if (check_resource(share) == B_FALSE) 1540 return (ret); 1541 1542 /* 1543 * properties must be set in transactions and don't take 1544 * effect until the transaction has been ended/committed. 1545 */ 1546 entry = scf_entry_create(handle->handle); 1547 if (entry == NULL) 1548 return (SA_SYSTEM_ERR); 1549 1550 if (scf_transaction_property_change(handle->trans, entry, 1551 "resource", SCF_TYPE_ASTRING) != 0 && 1552 scf_transaction_property_new(handle->trans, entry, 1553 "resource", SCF_TYPE_ASTRING) != 0) { 1554 scf_entry_destroy(entry); 1555 return (SA_SYSTEM_ERR); 1556 1557 } 1558 for (resource = sa_get_share_resource(share, NULL); 1559 resource != NULL; 1560 resource = sa_get_next_resource(resource)) { 1561 value = scf_value_create(handle->handle); 1562 if (value == NULL) { 1563 ret = SA_NO_MEMORY; 1564 break; 1565 } 1566 /* Get size of complete string */ 1567 valstr = sa_get_resource_attr(resource, "name"); 1568 idstr = sa_get_resource_attr(resource, "id"); 1569 description = sa_get_resource_description(resource); 1570 strsize = (valstr != NULL) ? strlen(valstr) : 0; 1571 strsize += (idstr != NULL) ? strlen(idstr) : 0; 1572 strsize += (description != NULL) ? strlen(description) : 0; 1573 if (strsize > 0) { 1574 strsize += 3; /* add nul and ':' */ 1575 propstr = (char *)malloc(strsize); 1576 if (propstr == NULL) { 1577 scf_value_destroy(value); 1578 ret = SA_NO_MEMORY; 1579 goto err; 1580 } 1581 if (idstr == NULL) 1582 (void) snprintf(propstr, strsize, "%s", 1583 valstr ? valstr : ""); 1584 else 1585 (void) snprintf(propstr, strsize, "%s:%s:%s", 1586 idstr, valstr ? valstr : "", 1587 description ? description : ""); 1588 if (scf_value_set_astring(value, propstr) != 0) { 1589 ret = SA_SYSTEM_ERR; 1590 free(propstr); 1591 scf_value_destroy(value); 1592 break; 1593 } 1594 if (scf_entry_add_value(entry, value) != 0) { 1595 ret = SA_SYSTEM_ERR; 1596 free(propstr); 1597 scf_value_destroy(value); 1598 break; 1599 } 1600 /* the value is in the transaction */ 1601 value = NULL; 1602 free(propstr); 1603 } 1604 err: 1605 if (valstr != NULL) { 1606 sa_free_attr_string(valstr); 1607 valstr = NULL; 1608 } 1609 if (idstr != NULL) { 1610 sa_free_attr_string(idstr); 1611 idstr = NULL; 1612 } 1613 if (description != NULL) { 1614 sa_free_share_description(description); 1615 description = NULL; 1616 } 1617 } 1618 /* the entry is in the transaction */ 1619 entry = NULL; 1620 1621 if (valstr != NULL) 1622 sa_free_attr_string(valstr); 1623 if (idstr != NULL) 1624 sa_free_attr_string(idstr); 1625 if (description != NULL) 1626 sa_free_share_description(description); 1627 1628 if (ret == SA_SYSTEM_ERR) { 1629 switch (scf_error()) { 1630 case SCF_ERROR_PERMISSION_DENIED: 1631 ret = SA_NO_PERMISSION; 1632 break; 1633 } 1634 } 1635 /* 1636 * cleanup if there were any errors that didn't leave 1637 * these values where they would be cleaned up later. 1638 */ 1639 if (entry != NULL) 1640 scf_entry_destroy(entry); 1641 1642 return (ret); 1643 } 1644 1645 /* 1646 * sa_commit_share(handle, group, share) 1647 * 1648 * Commit this share to the repository. 1649 * properties are added if they exist but can be added later. 1650 * Need to add to dfstab and sharetab, if appropriate. 1651 */ 1652 int 1653 sa_commit_share(scfutilhandle_t *handle, sa_group_t group, sa_share_t share) 1654 { 1655 int ret = SA_OK; 1656 char *groupname; 1657 char *name; 1658 char *description; 1659 char *sharename; 1660 ssize_t proplen; 1661 char *propstring; 1662 1663 /* 1664 * Don't commit in the zfs group. We do commit legacy 1665 * (default) and all other groups/shares. ZFS is handled 1666 * through the ZFS configuration rather than SMF. 1667 */ 1668 1669 groupname = sa_get_group_attr(group, "name"); 1670 if (groupname != NULL) { 1671 if (strcmp(groupname, "zfs") == 0) { 1672 /* 1673 * Adding to the ZFS group will result in the sharenfs 1674 * property being set but we don't want to do anything 1675 * SMF related at this point. 1676 */ 1677 sa_free_attr_string(groupname); 1678 return (ret); 1679 } 1680 } 1681 1682 proplen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 1683 propstring = malloc(proplen); 1684 if (propstring == NULL) 1685 ret = SA_NO_MEMORY; 1686 1687 if (groupname != NULL && ret == SA_OK) { 1688 ret = sa_get_instance(handle, groupname); 1689 sa_free_attr_string(groupname); 1690 groupname = NULL; 1691 sharename = sa_get_share_attr(share, "id"); 1692 if (sharename == NULL) { 1693 /* slipped by */ 1694 char shname[SA_SHARE_UUID_BUFLEN]; 1695 generate_unique_sharename(shname); 1696 (void) xmlSetProp((xmlNodePtr)share, (xmlChar *)"id", 1697 (xmlChar *)shname); 1698 sharename = strdup(shname); 1699 } 1700 if (sharename != NULL) { 1701 sigset_t old, new; 1702 /* 1703 * Have a share name allocated so create a pgroup for 1704 * it. It may already exist, but that is OK. In order 1705 * to avoid creating a share pgroup that doesn't have 1706 * a path property, block signals around the critical 1707 * region of creating the share pgroup and props. 1708 */ 1709 (void) sigprocmask(SIG_BLOCK, NULL, &new); 1710 (void) sigaddset(&new, SIGHUP); 1711 (void) sigaddset(&new, SIGINT); 1712 (void) sigaddset(&new, SIGQUIT); 1713 (void) sigaddset(&new, SIGTSTP); 1714 (void) sigprocmask(SIG_SETMASK, &new, &old); 1715 1716 ret = sa_create_pgroup(handle, sharename); 1717 if (ret == SA_OK) { 1718 /* 1719 * Now start the transaction for the 1720 * properties that define this share. They may 1721 * exist so attempt to update before create. 1722 */ 1723 ret = sa_start_transaction(handle, sharename); 1724 } 1725 if (ret == SA_OK) { 1726 name = sa_get_share_attr(share, "path"); 1727 if (name != NULL) { 1728 /* 1729 * There needs to be a path 1730 * for a share to exist. 1731 */ 1732 ret = sa_set_property(handle, "path", 1733 name); 1734 sa_free_attr_string(name); 1735 } else { 1736 ret = SA_NO_MEMORY; 1737 } 1738 } 1739 if (ret == SA_OK) { 1740 name = sa_get_share_attr(share, "drive-letter"); 1741 if (name != NULL) { 1742 /* A drive letter may exist for SMB */ 1743 ret = sa_set_property(handle, 1744 "drive-letter", name); 1745 sa_free_attr_string(name); 1746 } 1747 } 1748 if (ret == SA_OK) { 1749 name = sa_get_share_attr(share, "exclude"); 1750 if (name != NULL) { 1751 /* 1752 * In special cases need to 1753 * exclude proto enable. 1754 */ 1755 ret = sa_set_property(handle, 1756 "exclude", name); 1757 sa_free_attr_string(name); 1758 } 1759 } 1760 if (ret == SA_OK) { 1761 /* 1762 * If there are resource names, bundle them up 1763 * and save appropriately. 1764 */ 1765 ret = sa_set_resource_property(handle, share); 1766 } 1767 1768 if (ret == SA_OK) { 1769 description = sa_get_share_description(share); 1770 if (description != NULL) { 1771 ret = sa_set_property(handle, 1772 "description", 1773 description); 1774 sa_free_share_description(description); 1775 } 1776 } 1777 /* Make sure we cleanup the transaction */ 1778 if (ret == SA_OK) { 1779 sa_handle_impl_t sahandle; 1780 sahandle = (sa_handle_impl_t) 1781 sa_find_group_handle(group); 1782 if (sahandle != NULL) 1783 ret = sa_end_transaction(handle, 1784 sahandle); 1785 else 1786 ret = SA_SYSTEM_ERR; 1787 } else { 1788 sa_abort_transaction(handle); 1789 } 1790 1791 (void) sigprocmask(SIG_SETMASK, &old, NULL); 1792 1793 free(sharename); 1794 } 1795 } 1796 if (ret == SA_SYSTEM_ERR) { 1797 int err = scf_error(); 1798 if (err == SCF_ERROR_PERMISSION_DENIED) 1799 ret = SA_NO_PERMISSION; 1800 } 1801 if (propstring != NULL) 1802 free(propstring); 1803 if (groupname != NULL) 1804 sa_free_attr_string(groupname); 1805 1806 return (ret); 1807 } 1808 1809 /* 1810 * remove_resources(handle, share, shareid) 1811 * 1812 * If the share has resources, remove all of them and their 1813 * optionsets. 1814 */ 1815 static int 1816 remove_resources(scfutilhandle_t *handle, sa_share_t share, char *shareid) 1817 { 1818 sa_resource_t resource; 1819 sa_optionset_t opt; 1820 char *proto; 1821 char *id; 1822 ssize_t proplen; 1823 char *propstring; 1824 int ret = SA_OK; 1825 1826 proplen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 1827 propstring = malloc(proplen); 1828 if (propstring == NULL) 1829 return (SA_NO_MEMORY); 1830 1831 for (resource = sa_get_share_resource(share, NULL); 1832 resource != NULL; resource = sa_get_next_resource(resource)) { 1833 id = sa_get_resource_attr(resource, "id"); 1834 if (id == NULL) 1835 continue; 1836 for (opt = sa_get_optionset(resource, NULL); 1837 opt != NULL; opt = sa_get_next_optionset(resource)) { 1838 proto = sa_get_optionset_attr(opt, "type"); 1839 if (proto != NULL) { 1840 (void) snprintf(propstring, proplen, 1841 "%s_%s_%s", shareid, proto, id); 1842 ret = sa_delete_pgroup(handle, propstring); 1843 sa_free_attr_string(proto); 1844 } 1845 } 1846 sa_free_attr_string(id); 1847 } 1848 free(propstring); 1849 return (ret); 1850 } 1851 1852 /* 1853 * sa_delete_share(handle, group, share) 1854 * 1855 * Remove the specified share from the group (and service instance). 1856 */ 1857 1858 int 1859 sa_delete_share(scfutilhandle_t *handle, sa_group_t group, sa_share_t share) 1860 { 1861 int ret = SA_OK; 1862 char *groupname = NULL; 1863 char *shareid = NULL; 1864 sa_optionset_t opt; 1865 sa_security_t sec; 1866 ssize_t proplen; 1867 char *propstring; 1868 1869 proplen = get_scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); 1870 propstring = malloc(proplen); 1871 if (propstring == NULL) 1872 ret = SA_NO_MEMORY; 1873 1874 if (ret == SA_OK) { 1875 groupname = sa_get_group_attr(group, "name"); 1876 shareid = sa_get_share_attr(share, "id"); 1877 if (groupname == NULL || shareid == NULL) { 1878 ret = SA_CONFIG_ERR; 1879 goto out; 1880 } 1881 ret = sa_get_instance(handle, groupname); 1882 if (ret == SA_OK) { 1883 /* If a share has resources, remove them */ 1884 ret = remove_resources(handle, share, shareid); 1885 /* If a share has properties, remove them */ 1886 ret = sa_delete_pgroup(handle, shareid); 1887 for (opt = sa_get_optionset(share, NULL); 1888 opt != NULL; 1889 opt = sa_get_next_optionset(opt)) { 1890 char *proto; 1891 proto = sa_get_optionset_attr(opt, "type"); 1892 if (proto != NULL) { 1893 (void) snprintf(propstring, 1894 proplen, "%s_%s", shareid, 1895 proto); 1896 ret = sa_delete_pgroup(handle, 1897 propstring); 1898 sa_free_attr_string(proto); 1899 } else { 1900 ret = SA_NO_MEMORY; 1901 } 1902 } 1903 /* 1904 * If a share has security/negotiable 1905 * properties, remove them. 1906 */ 1907 for (sec = sa_get_security(share, NULL, NULL); 1908 sec != NULL; 1909 sec = sa_get_next_security(sec)) { 1910 char *proto; 1911 char *sectype; 1912 proto = sa_get_security_attr(sec, "type"); 1913 sectype = sa_get_security_attr(sec, "sectype"); 1914 if (proto != NULL && sectype != NULL) { 1915 (void) snprintf(propstring, proplen, 1916 "%s_%s_%s", shareid, proto, 1917 sectype); 1918 ret = sa_delete_pgroup(handle, 1919 propstring); 1920 } else { 1921 ret = SA_NO_MEMORY; 1922 } 1923 if (proto != NULL) 1924 sa_free_attr_string(proto); 1925 if (sectype != NULL) 1926 sa_free_attr_string(sectype); 1927 } 1928 } 1929 } 1930 out: 1931 if (groupname != NULL) 1932 sa_free_attr_string(groupname); 1933 if (shareid != NULL) 1934 sa_free_attr_string(shareid); 1935 if (propstring != NULL) 1936 free(propstring); 1937 1938 return (ret); 1939 } 1940