xref: /titanic_41/usr/src/lib/libshare/nfs/libshare_nfs.c (revision 20c794b39650d115e17a15983b6b82e46238cf45)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 /*
30  * NFS specific functions
31  */
32 #include <stdio.h>
33 #include <string.h>
34 #include <ctype.h>
35 #include <stdlib.h>
36 #include <unistd.h>
37 #include <zone.h>
38 #include <errno.h>
39 #include <locale.h>
40 #include <signal.h>
41 #include "libshare.h"
42 #include "libshare_impl.h"
43 #include <nfs/export.h>
44 #include <pwd.h>
45 #include <limits.h>
46 #include <libscf.h>
47 #include "nfslog_config.h"
48 #include "nfslogtab.h"
49 #include "libshare_nfs.h"
50 #include <rpcsvc/daemon_utils.h>
51 #include <nfs/nfs.h>
52 #include <nfs/nfssys.h>
53 
54 /* should really be in some global place */
55 #define	DEF_WIN	30000
56 #define	OPT_CHUNK	1024
57 
58 int debug = 0;
59 
60 #define	NFS_SERVER_SVC	"svc:/network/nfs/server:default"
61 
62 /* internal functions */
63 static int nfs_init();
64 static void nfs_fini();
65 static int nfs_enable_share(sa_share_t);
66 static int nfs_disable_share(sa_share_t, char *);
67 static int nfs_validate_property(sa_property_t, sa_optionset_t);
68 static int nfs_validate_security_mode(char *);
69 static int nfs_is_security_opt(char *);
70 static int nfs_parse_legacy_options(sa_group_t, char *);
71 static char *nfs_format_options(sa_group_t, int);
72 static int nfs_set_proto_prop(sa_property_t);
73 static sa_protocol_properties_t nfs_get_proto_set();
74 static char *nfs_get_status();
75 static char *nfs_space_alias(char *);
76 
77 /*
78  * ops vector that provides the protocol specific info and operations
79  * for share management.
80  */
81 
82 struct sa_plugin_ops sa_plugin_ops = {
83 	SA_PLUGIN_VERSION,
84 	"nfs",
85 	nfs_init,
86 	nfs_fini,
87 	nfs_enable_share,
88 	nfs_disable_share,
89 	nfs_validate_property,
90 	nfs_validate_security_mode,
91 	nfs_is_security_opt,
92 	nfs_parse_legacy_options,
93 	nfs_format_options,
94 	nfs_set_proto_prop,
95 	nfs_get_proto_set,
96 	nfs_get_status,
97 	nfs_space_alias,
98 	NULL,
99 	NULL
100 };
101 
102 /*
103  * list of support services needed
104  * defines should come from head/rpcsvc/daemon_utils.h
105  */
106 
107 static char *service_list_default[] =
108 	{ STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NULL };
109 static char *service_list_logging[] =
110 	{ STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NFSLOGD, NULL };
111 
112 /*
113  * option definitions.  Make sure to keep the #define for the option
114  * index just before the entry it is the index for. Changing the order
115  * can cause breakage.  E.g OPT_RW is index 1 and must precede the
116  * line that includes the SHOPT_RW and OPT_RW entries.
117  */
118 
119 struct option_defs optdefs[] = {
120 #define	OPT_RO		0
121 	{SHOPT_RO, OPT_RO, OPT_TYPE_ACCLIST},
122 #define	OPT_RW		1
123 	{SHOPT_RW, OPT_RW, OPT_TYPE_ACCLIST},
124 #define	OPT_ROOT	2
125 	{SHOPT_ROOT, OPT_ROOT, OPT_TYPE_ACCLIST},
126 #define	OPT_SECURE	3
127 	{SHOPT_SECURE, OPT_SECURE, OPT_TYPE_DEPRECATED},
128 #define	OPT_ANON	4
129 	{SHOPT_ANON, OPT_ANON, OPT_TYPE_USER},
130 #define	OPT_WINDOW	5
131 	{SHOPT_WINDOW, OPT_WINDOW, OPT_TYPE_NUMBER},
132 #define	OPT_NOSUID	6
133 	{SHOPT_NOSUID, OPT_NOSUID, OPT_TYPE_BOOLEAN},
134 #define	OPT_ACLOK	7
135 	{SHOPT_ACLOK, OPT_ACLOK, OPT_TYPE_BOOLEAN},
136 #define	OPT_NOSUB	8
137 	{SHOPT_NOSUB, OPT_NOSUB, OPT_TYPE_BOOLEAN},
138 #define	OPT_SEC		9
139 	{SHOPT_SEC, OPT_SEC, OPT_TYPE_SECURITY},
140 #define	OPT_PUBLIC	10
141 	{SHOPT_PUBLIC, OPT_PUBLIC, OPT_TYPE_BOOLEAN, OPT_SHARE_ONLY},
142 #define	OPT_INDEX	11
143 	{SHOPT_INDEX, OPT_INDEX, OPT_TYPE_FILE},
144 #define	OPT_LOG		12
145 	{SHOPT_LOG, OPT_LOG, OPT_TYPE_LOGTAG},
146 #define	OPT_CKSUM	13
147 	{SHOPT_CKSUM, OPT_CKSUM, OPT_TYPE_STRINGSET},
148 #ifdef VOLATILE_FH_TEST	/* XXX added for testing volatile fh's only */
149 #define	OPT_VOLFH	14
150 	{SHOPT_VOLFH, OPT_VOLFH},
151 #endif /* VOLATILE_FH_TEST */
152 	NULL
153 };
154 
155 /*
156  * list of properties that are related to security flavors.
157  */
158 static char *seclist[] = {
159 	SHOPT_RO,
160 	SHOPT_RW,
161 	SHOPT_ROOT,
162 	SHOPT_WINDOW,
163 	NULL
164 };
165 
166 /* structure for list of securities */
167 struct securities {
168 	sa_security_t security;
169 	struct securities *next;
170 };
171 
172 /*
173  * findopt(name)
174  *
175  * Lookup option "name" in the option table and return the table
176  * index.
177  */
178 
179 static int
180 findopt(char *name)
181 {
182 	int i;
183 	if (name != NULL) {
184 		for (i = 0; optdefs[i].tag != NULL; i++) {
185 			if (strcmp(optdefs[i].tag, name) == 0)
186 				return (i);
187 		}
188 	}
189 	return (-1);
190 }
191 
192 /*
193  * gettype(name)
194  *
195  * Return the type of option "name".
196  */
197 
198 static int
199 gettype(char *name)
200 {
201 	int optdef;
202 
203 	optdef = findopt(name);
204 	if (optdef != -1)
205 		return (optdefs[optdef].type);
206 	return (OPT_TYPE_ANY);
207 }
208 
209 /*
210  * nfs_validate_security_mode(mode)
211  *
212  * is the specified mode string a valid one for use with NFS?
213  */
214 
215 static int
216 nfs_validate_security_mode(char *mode)
217 {
218 	seconfig_t secinfo;
219 	int err;
220 
221 	(void) memset(&secinfo, '\0', sizeof (secinfo));
222 	err = nfs_getseconfig_byname(mode, &secinfo);
223 	if (err == SC_NOERROR)
224 		return (1);
225 	return (0);
226 }
227 
228 /*
229  * nfs_is_security_opt(tok)
230  *
231  * check to see if tok represents an option that is only valid in some
232  * security flavor.
233  */
234 
235 static int
236 nfs_is_security_opt(char *tok)
237 {
238 	int i;
239 
240 	for (i = 0; seclist[i] != NULL; i++) {
241 		if (strcmp(tok, seclist[i]) == 0)
242 			return (1);
243 	}
244 	return (0);
245 }
246 
247 /*
248  * find_security(seclist, sec)
249  *
250  * Walk the current list of security flavors and return true if it is
251  * present, else return false.
252  */
253 
254 static int
255 find_security(struct securities *seclist, sa_security_t sec)
256 {
257 	while (seclist != NULL) {
258 		if (seclist->security == sec)
259 			return (1);
260 		seclist = seclist->next;
261 	}
262 	return (0);
263 }
264 
265 /*
266  * make_security_list(group, securitymodes, proto)
267  *	go through the list of securitymodes and add them to the
268  *	group's list of security optionsets. We also keep a list of
269  *	those optionsets so we don't have to find them later. All of
270  *	these will get copies of the same properties.
271  */
272 
273 static struct securities *
274 make_security_list(sa_group_t group, char *securitymodes, char *proto)
275 {
276 	char *tok, *next = NULL;
277 	struct securities *curp, *headp = NULL, *prev;
278 	sa_security_t check;
279 	int freetok = 0;
280 
281 	for (tok = securitymodes; tok != NULL; tok = next) {
282 		next = strchr(tok, ':');
283 		if (next != NULL)
284 			*next++ = '\0';
285 		if (strcmp(tok, "default") == 0) {
286 			/* resolve default into the real type */
287 			tok = nfs_space_alias(tok);
288 			freetok = 1;
289 		}
290 		check = sa_get_security(group, tok, proto);
291 
292 		/* add to the security list if it isn't there already */
293 		if (check == NULL || !find_security(headp, check)) {
294 			curp = (struct securities *)calloc(1,
295 			    sizeof (struct securities));
296 			if (curp != NULL) {
297 				if (check == NULL) {
298 					curp->security = sa_create_security(
299 					    group, tok, proto);
300 				} else {
301 					curp->security = check;
302 				}
303 				/*
304 				 * note that the first time through the loop,
305 				 * headp will be NULL and prev will be
306 				 * undefined.  Since headp is NULL, we set
307 				 * both it and prev to the curp (first
308 				 * structure to be allocated).
309 				 *
310 				 * later passes through the loop will have
311 				 * headp not being NULL and prev will be used
312 				 * to allocate at the end of the list.
313 				 */
314 				if (headp == NULL) {
315 					headp = curp;
316 					prev = curp;
317 				} else {
318 					prev->next = curp;
319 					prev = curp;
320 				}
321 			}
322 		}
323 
324 		if (freetok) {
325 			freetok = 0;
326 			sa_free_attr_string(tok);
327 		}
328 	}
329 	return (headp);
330 }
331 
332 static void
333 free_security_list(struct securities *sec)
334 {
335 	struct securities *next;
336 	if (sec != NULL) {
337 		for (next = sec->next; sec != NULL; sec = next) {
338 			next = sec->next;
339 			free(sec);
340 		}
341 	}
342 }
343 
344 /*
345  * nfs_alistcat(str1, str2, sep)
346  *
347  * concatenate str1 and str2 into a new string using sep as a separate
348  * character. If memory allocation fails, return NULL;
349  */
350 
351 static char *
352 nfs_alistcat(char *str1, char *str2, char sep)
353 {
354 	char *newstr;
355 	size_t len;
356 
357 	len = strlen(str1) + strlen(str2) + 2;
358 	newstr = (char *)malloc(len);
359 	if (newstr != NULL)
360 		(void) snprintf(newstr, len, "%s%c%s", str1, sep, str2);
361 	return (newstr);
362 }
363 
364 /*
365  * add_security_prop(sec, name, value, persist)
366  *
367  * Add the property to the securities structure. This accumulates
368  * properties for as part of parsing legacy options.
369  */
370 
371 static int
372 add_security_prop(struct securities *sec, char *name, char *value,
373 			int persist, int iszfs)
374 {
375 	sa_property_t prop;
376 	int ret = SA_OK;
377 
378 	for (; sec != NULL; sec = sec->next) {
379 		if (value == NULL) {
380 			if (strcmp(name, SHOPT_RW) == 0 ||
381 			    strcmp(name, SHOPT_RO) == 0)
382 				value = "*";
383 			else
384 				value = "true";
385 		}
386 
387 		/*
388 		 * Get the existing property, if it exists, so we can
389 		 * determine what to do with it. The ro/rw/root
390 		 * properties can be merged if multiple instances of
391 		 * these properies are given. For example, if "rw"
392 		 * exists with a value "host1" and a later token of
393 		 * rw="host2" is seen, the values are merged into a
394 		 * single rw="host1:host2".
395 		 */
396 		prop = sa_get_property(sec->security, name);
397 
398 		if (prop != NULL) {
399 			char *oldvalue;
400 			char *newvalue;
401 
402 			/*
403 			 * The security options of ro/rw/root might appear
404 			 * multiple times. If they do, the values need to be
405 			 * merged into an access list. If it was previously
406 			 * empty, the new value alone is added.
407 			 */
408 			oldvalue = sa_get_property_attr(prop, "value");
409 			if (oldvalue != NULL) {
410 				/*
411 				 * The general case is to concatenate the new
412 				 * value onto the old value for multiple
413 				 * rw(ro/root) properties. A special case
414 				 * exists when either the old or new is the
415 				 * "all" case. In the special case, if both
416 				 * are "all", then it is "all", else if one is
417 				 * an access-list, that replaces the "all".
418 				 */
419 				if (strcmp(oldvalue, "*") == 0) {
420 					/* Replace old value with new value. */
421 					newvalue = strdup(value);
422 				} else if (strcmp(value, "*") == 0) {
423 					/*
424 					 * Keep old value and ignore
425 					 * the new value.
426 					 */
427 					newvalue = NULL;
428 				} else {
429 					/*
430 					 * Make a new list of old plus new
431 					 * access-list.
432 					 */
433 					newvalue = nfs_alistcat(oldvalue,
434 					    value, ':');
435 				}
436 
437 				if (newvalue != NULL) {
438 					(void) sa_remove_property(prop);
439 					prop = sa_create_property(name,
440 					    newvalue);
441 					ret = sa_add_property(sec->security,
442 					    prop);
443 					free(newvalue);
444 				}
445 				if (oldvalue != NULL)
446 					sa_free_attr_string(oldvalue);
447 			}
448 		} else {
449 			prop = sa_create_property(name, value);
450 			ret = sa_add_property(sec->security, prop);
451 		}
452 		if (ret == SA_OK && !iszfs) {
453 			ret = sa_commit_properties(sec->security, !persist);
454 		}
455 	}
456 	return (ret);
457 }
458 
459 /*
460  * check to see if group/share is persistent.
461  */
462 static int
463 is_persistent(sa_group_t group)
464 {
465 	char *type;
466 	int persist = 1;
467 
468 	type = sa_get_group_attr(group, "type");
469 	if (type != NULL && strcmp(type, "persist") != 0)
470 		persist = 0;
471 	if (type != NULL)
472 		sa_free_attr_string(type);
473 	return (persist);
474 }
475 
476 /*
477  * invalid_security(options)
478  *
479  * search option string for any invalid sec= type.
480  * return true (1) if any are not valid else false (0)
481  */
482 static int
483 invalid_security(char *options)
484 {
485 	char *copy, *base, *token, *value;
486 	int ret = 0;
487 
488 	copy = strdup(options);
489 	token = base = copy;
490 	while (token != NULL && ret == 0) {
491 		token = strtok(base, ",");
492 		base = NULL;
493 		if (token != NULL) {
494 			value = strchr(token, '=');
495 			if (value != NULL)
496 				*value++ = '\0';
497 			if (strcmp(token, "sec") == 0) {
498 				/* HAVE security flavors so check them */
499 				char *tok, *next;
500 				for (next = NULL, tok = value; tok != NULL;
501 				    tok = next) {
502 					next = strchr(tok, ':');
503 					if (next != NULL)
504 						*next++ = '\0';
505 					ret = !nfs_validate_security_mode(tok);
506 					if (ret)
507 						break;
508 				}
509 			}
510 		}
511 	}
512 	if (copy != NULL)
513 		free(copy);
514 	return (ret);
515 }
516 
517 /*
518  * nfs_parse_legacy_options(group, options)
519  *
520  * Parse the old style options into internal format and store on the
521  * specified group.  Group could be a share for full legacy support.
522  */
523 
524 static int
525 nfs_parse_legacy_options(sa_group_t group, char *options)
526 {
527 	char *dup;
528 	char *base;
529 	char *token;
530 	sa_optionset_t optionset;
531 	struct securities *security_list = NULL;
532 	sa_property_t prop;
533 	int ret = SA_OK;
534 	int iszfs = 0;
535 	sa_group_t parent;
536 	int persist = 0;
537 	char *lasts;
538 
539 	/* do we have an existing optionset? */
540 	optionset = sa_get_optionset(group, "nfs");
541 	if (optionset == NULL) {
542 		/* didn't find existing optionset so create one */
543 		optionset = sa_create_optionset(group, "nfs");
544 	} else {
545 		/*
546 		 * have an existing optionset so we need to compare
547 		 * options in order to detect errors. For now, we
548 		 * assume that the first optionset is the correct one
549 		 * and the others will be the same. This needs to be
550 		 * fixed before the final code is ready.
551 		 */
552 		return (ret);
553 	}
554 
555 	if (strcmp(options, SHOPT_RW) == 0) {
556 		/*
557 		 * there is a special case of only the option "rw"
558 		 * being the default option. We don't have to do
559 		 * anything.
560 		 */
561 		return (ret);
562 	}
563 
564 	/*
565 	 * check if security types are present and validate them. If
566 	 * any are not legal, fail.
567 	 */
568 
569 	if (invalid_security(options)) {
570 		return (SA_INVALID_SECURITY);
571 	}
572 
573 	/*
574 	 * in order to not attempt to change ZFS properties unless
575 	 * absolutely necessary, we never do it in the legacy parsing.
576 	 */
577 	if (sa_is_share(group)) {
578 		char *zfs;
579 		parent = sa_get_parent_group(group);
580 		if (parent != NULL) {
581 			zfs = sa_get_group_attr(parent, "zfs");
582 			if (zfs != NULL) {
583 				sa_free_attr_string(zfs);
584 				iszfs++;
585 			}
586 		}
587 	} else {
588 		iszfs = sa_group_is_zfs(group);
589 	}
590 
591 	/* We need a copy of options for the next part. */
592 	dup = strdup(options);
593 	if (dup == NULL)
594 		return (SA_NO_MEMORY);
595 
596 	/*
597 	 * we need to step through each option in the string and then
598 	 * add either the option or the security option as needed. If
599 	 * this is not a persistent share, don't commit to the
600 	 * repository. If there is an error, we also want to abort the
601 	 * processing and report it.
602 	 */
603 	persist = is_persistent(group);
604 	base = dup;
605 	token = dup;
606 	lasts = NULL;
607 	while (token != NULL && ret == SA_OK) {
608 		ret = SA_OK;
609 		token = strtok_r(base, ",", &lasts);
610 		base = NULL;
611 		if (token != NULL) {
612 			char *value;
613 			/*
614 			 * if the option has a value, it will have an '=' to
615 			 * separate the name from the value. The following
616 			 * code will result in value != NULL and token
617 			 * pointing to just the name if there is a value.
618 			 */
619 			value = strchr(token, '=');
620 			if (value != NULL) {
621 				*value++ = '\0';
622 			}
623 			if (strcmp(token, "sec") == 0 ||
624 			    strcmp(token, "secure") == 0) {
625 				/*
626 				 * Once in security parsing, we only
627 				 * do security. We do need to move
628 				 * between the security node and the
629 				 * toplevel. The security tag goes on
630 				 * the root while the following ones
631 				 * go on the security.
632 				 */
633 				if (security_list != NULL) {
634 					/*
635 					 * have an old list so close it and
636 					 * start the new
637 					 */
638 					free_security_list(security_list);
639 				}
640 				if (strcmp(token, "secure") == 0) {
641 					value = "dh";
642 				} else {
643 					if (value == NULL) {
644 						ret = SA_SYNTAX_ERR;
645 						break;
646 					}
647 				}
648 				security_list = make_security_list(group,
649 				    value, "nfs");
650 			} else {
651 				/*
652 				 * Note that the "old" syntax allowed a
653 				 * default security model This must be
654 				 * accounted for and internally converted to
655 				 * "standard" security structure.
656 				 */
657 				if (nfs_is_security_opt(token)) {
658 					if (security_list == NULL) {
659 						/*
660 						 * need to have a
661 						 * security
662 						 * option. This will
663 						 * be "closed" when a
664 						 * defined "sec="
665 						 * option is
666 						 * seen. This is
667 						 * technically an
668 						 * error but will be
669 						 * allowed with
670 						 * warning.
671 						 */
672 						security_list =
673 						    make_security_list(group,
674 						    "default",
675 						    "nfs");
676 					}
677 					if (security_list != NULL) {
678 						ret = add_security_prop(
679 						    security_list, token,
680 						    value, persist, iszfs);
681 					} else {
682 						ret = SA_NO_MEMORY;
683 					}
684 				} else {
685 					/* regular options */
686 					if (value == NULL) {
687 						if (strcmp(token, SHOPT_RW) ==
688 						    0 || strcmp(token,
689 						    SHOPT_RO) == 0) {
690 							value = "*";
691 						} else {
692 							value = "global";
693 							if (strcmp(token,
694 							    SHOPT_LOG) != 0) {
695 								value = "true";
696 							}
697 						}
698 					}
699 					/*
700 					 * In all cases, create the
701 					 * property specified. If the
702 					 * value was NULL, the default
703 					 * value will have been
704 					 * substituted.
705 					 */
706 					prop = sa_create_property(token, value);
707 					ret =  sa_add_property(optionset, prop);
708 					if (ret != SA_OK)
709 						break;
710 
711 					if (!iszfs) {
712 						ret = sa_commit_properties(
713 						    optionset, !persist);
714 					}
715 				}
716 			}
717 		}
718 	}
719 	if (security_list != NULL)
720 		free_security_list(security_list);
721 
722 	free(dup);
723 	return (ret);
724 }
725 
726 /*
727  * is_a_number(number)
728  *
729  * is the string a number in one of the forms we want to use?
730  */
731 
732 static int
733 is_a_number(char *number)
734 {
735 	int ret = 1;
736 	int hex = 0;
737 
738 	if (strncmp(number, "0x", 2) == 0) {
739 		number += 2;
740 		hex = 1;
741 	} else if (*number == '-') {
742 		number++; /* skip the minus */
743 	}
744 	while (ret == 1 && *number != '\0') {
745 		if (hex) {
746 			ret = isxdigit(*number++);
747 		} else {
748 			ret = isdigit(*number++);
749 		}
750 	}
751 	return (ret);
752 }
753 
754 /*
755  * Look for the specified tag in the configuration file. If it is found,
756  * enable logging and set the logging configuration information for exp.
757  */
758 static void
759 configlog(struct exportdata *exp, char *tag)
760 {
761 	nfsl_config_t *configlist = NULL, *configp;
762 	int error = 0;
763 	char globaltag[] = DEFAULTTAG;
764 
765 	/*
766 	 * Sends config errors to stderr
767 	 */
768 	nfsl_errs_to_syslog = B_FALSE;
769 
770 	/*
771 	 * get the list of configuration settings
772 	 */
773 	error = nfsl_getconfig_list(&configlist);
774 	if (error) {
775 		(void) fprintf(stderr,
776 		    dgettext(TEXT_DOMAIN, "Cannot get log configuration: %s\n"),
777 		    strerror(error));
778 	}
779 
780 	if (tag == NULL)
781 		tag = globaltag;
782 	if ((configp = nfsl_findconfig(configlist, tag, &error)) == NULL) {
783 		nfsl_freeconfig_list(&configlist);
784 		(void) fprintf(stderr,
785 		    dgettext(TEXT_DOMAIN, "No tags matching \"%s\"\n"), tag);
786 		/* bad configuration */
787 		error = ENOENT;
788 		goto err;
789 	}
790 
791 	if ((exp->ex_tag = strdup(tag)) == NULL) {
792 		error = ENOMEM;
793 		goto out;
794 	}
795 	if ((exp->ex_log_buffer = strdup(configp->nc_bufferpath)) == NULL) {
796 		error = ENOMEM;
797 		goto out;
798 	}
799 	exp->ex_flags |= EX_LOG;
800 	if (configp->nc_rpclogpath != NULL)
801 		exp->ex_flags |= EX_LOG_ALLOPS;
802 out:
803 	if (configlist != NULL)
804 		nfsl_freeconfig_list(&configlist);
805 
806 err:
807 	if (error != 0) {
808 		if (exp->ex_flags != NULL)
809 			free(exp->ex_tag);
810 		if (exp->ex_log_buffer != NULL)
811 			free(exp->ex_log_buffer);
812 		(void) fprintf(stderr,
813 		    dgettext(TEXT_DOMAIN, "Cannot set log configuration: %s\n"),
814 		    strerror(error));
815 	}
816 }
817 
818 /*
819  * fill_export_from_optionset(export, optionset)
820  *
821  * In order to share, we need to set all the possible general options
822  * into the export structure. Share info will be filled in by the
823  * caller. Various property values get turned into structure specific
824  * values.
825  */
826 
827 static int
828 fill_export_from_optionset(struct exportdata *export, sa_optionset_t optionset)
829 {
830 	sa_property_t option;
831 	int ret = SA_OK;
832 
833 	for (option = sa_get_property(optionset, NULL);
834 	    option != NULL; option = sa_get_next_property(option)) {
835 		char *name;
836 		char *value;
837 		uint32_t val;
838 
839 		/*
840 		 * since options may be set/reset multiple times, always do an
841 		 * explicit set or clear of the option. This allows defaults
842 		 * to be set and then the protocol specifici to override.
843 		 */
844 
845 		name = sa_get_property_attr(option, "type");
846 		value = sa_get_property_attr(option, "value");
847 		switch (findopt(name)) {
848 		case OPT_ANON:
849 			if (value != NULL && is_a_number(value)) {
850 				val = strtoul(value, NULL, 0);
851 			} else {
852 				struct passwd *pw;
853 				pw = getpwnam(value != NULL ? value : "nobody");
854 				if (pw != NULL) {
855 					val = pw->pw_uid;
856 				} else {
857 					val = UID_NOBODY;
858 				}
859 				endpwent();
860 			}
861 			export->ex_anon = val;
862 			break;
863 		case OPT_NOSUID:
864 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
865 			    strcmp(value, "1") == 0))
866 				export->ex_flags |= EX_NOSUID;
867 			else
868 				export->ex_flags &= ~EX_NOSUID;
869 			break;
870 		case OPT_ACLOK:
871 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
872 			    strcmp(value, "1") == 0))
873 				export->ex_flags |= EX_ACLOK;
874 			else
875 				export->ex_flags &= ~EX_ACLOK;
876 			break;
877 		case OPT_NOSUB:
878 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
879 			    strcmp(value, "1") == 0))
880 				export->ex_flags |= EX_NOSUB;
881 			else
882 				export->ex_flags &= ~EX_NOSUB;
883 			break;
884 		case OPT_PUBLIC:
885 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
886 			    strcmp(value, "1") == 0))
887 				export->ex_flags |= EX_PUBLIC;
888 			else
889 				export->ex_flags &= ~EX_PUBLIC;
890 			break;
891 		case OPT_INDEX:
892 			if (value != NULL && (strcmp(value, "..") == 0 ||
893 			    strchr(value, '/') != NULL)) {
894 				/* this is an error */
895 				(void) printf(dgettext(TEXT_DOMAIN,
896 				    "NFS: index=\"%s\" not valid;"
897 				    "must be a filename.\n"),
898 				    value);
899 				break;
900 			}
901 			if (value != NULL && *value != '\0' &&
902 			    strcmp(value, ".") != 0) {
903 				/* valid index file string */
904 				if (export->ex_index != NULL) {
905 					/* left over from "default" */
906 					free(export->ex_index);
907 				}
908 				/* remember to free */
909 				export->ex_index = strdup(value);
910 				if (export->ex_index == NULL) {
911 					(void) printf(dgettext(TEXT_DOMAIN,
912 					    "NFS: out of memory setting "
913 					    "index property\n"));
914 					break;
915 				}
916 				export->ex_flags |= EX_INDEX;
917 			}
918 			break;
919 		case OPT_LOG:
920 			if (value == NULL)
921 				value = strdup("global");
922 			if (value != NULL)
923 				configlog(export,
924 				    strlen(value) ? value : "global");
925 			break;
926 		default:
927 			/* have a syntactic error */
928 			(void) printf(dgettext(TEXT_DOMAIN,
929 			    "NFS: unrecognized option %s=%s\n"),
930 			    name, value != NULL ? value : "");
931 			break;
932 		}
933 		if (name != NULL)
934 			sa_free_attr_string(name);
935 		if (value != NULL)
936 			sa_free_attr_string(value);
937 	}
938 	return (ret);
939 }
940 
941 /*
942  * cleanup_export(export)
943  *
944  * Cleanup the allocated areas so we don't leak memory
945  */
946 
947 static void
948 cleanup_export(struct exportdata *export)
949 {
950 	int i;
951 
952 	if (export->ex_index != NULL)
953 		free(export->ex_index);
954 	if (export->ex_secinfo != NULL) {
955 		for (i = 0; i < export->ex_seccnt; i++)
956 			if (export->ex_secinfo[i].s_rootnames != NULL)
957 				free(export->ex_secinfo[i].s_rootnames);
958 		free(export->ex_secinfo);
959 	}
960 }
961 
962 /*
963  * Given a seconfig entry and a colon-separated
964  * list of names, allocate an array big enough
965  * to hold the root list, then convert each name to
966  * a principal name according to the security
967  * info and assign it to an array element.
968  * Return the array and its size.
969  */
970 static caddr_t *
971 get_rootnames(seconfig_t *sec, char *list, int *count)
972 {
973 	caddr_t *a;
974 	int c, i;
975 	char *host, *p;
976 
977 	/*
978 	 * Count the number of strings in the list.
979 	 * This is the number of colon separators + 1.
980 	 */
981 	c = 1;
982 	for (p = list; *p; p++)
983 		if (*p == ':')
984 			c++;
985 	*count = c;
986 
987 	a = (caddr_t *)malloc(c * sizeof (char *));
988 	if (a == NULL) {
989 		(void) printf(dgettext(TEXT_DOMAIN,
990 		    "get_rootnames: no memory\n"));
991 	} else {
992 		for (i = 0; i < c; i++) {
993 			host = strtok(list, ":");
994 			if (!nfs_get_root_principal(sec, host, &a[i])) {
995 				free(a);
996 				a = NULL;
997 				break;
998 			}
999 			list = NULL;
1000 		}
1001 	}
1002 
1003 	return (a);
1004 }
1005 
1006 /*
1007  * fill_security_from_secopts(sp, secopts)
1008  *
1009  * Fill the secinfo structure from the secopts optionset.
1010  */
1011 
1012 static int
1013 fill_security_from_secopts(struct secinfo *sp, sa_security_t secopts)
1014 {
1015 	sa_property_t prop;
1016 	char *type;
1017 	int longform;
1018 	int err = SC_NOERROR;
1019 
1020 	type = sa_get_security_attr(secopts, "sectype");
1021 	if (type != NULL) {
1022 		/* named security type needs secinfo to be filled in */
1023 		err = nfs_getseconfig_byname(type, &sp->s_secinfo);
1024 		sa_free_attr_string(type);
1025 		if (err != SC_NOERROR)
1026 			return (err);
1027 	} else {
1028 		/* default case */
1029 		err = nfs_getseconfig_default(&sp->s_secinfo);
1030 		if (err != SC_NOERROR)
1031 			return (err);
1032 	}
1033 
1034 	err = SA_OK;
1035 	for (prop = sa_get_property(secopts, NULL);
1036 	    prop != NULL && err == SA_OK;
1037 	    prop = sa_get_next_property(prop)) {
1038 		char *name;
1039 		char *value;
1040 
1041 		name = sa_get_property_attr(prop, "type");
1042 		value = sa_get_property_attr(prop, "value");
1043 
1044 		longform = value != NULL && strcmp(value, "*") != 0;
1045 
1046 		switch (findopt(name)) {
1047 		case OPT_RO:
1048 			sp->s_flags |= longform ? M_ROL : M_RO;
1049 			break;
1050 		case OPT_RW:
1051 			sp->s_flags |= longform ? M_RWL : M_RW;
1052 			break;
1053 		case OPT_ROOT:
1054 			sp->s_flags |= M_ROOT;
1055 			/*
1056 			 * if we are using AUTH_UNIX, handle like other things
1057 			 * such as RO/RW
1058 			 */
1059 			if (sp->s_secinfo.sc_rpcnum == AUTH_UNIX)
1060 				continue;
1061 			/* not AUTH_UNIX */
1062 			if (value != NULL) {
1063 				sp->s_rootnames = get_rootnames(&sp->s_secinfo,
1064 				    value, &sp->s_rootcnt);
1065 				if (sp->s_rootnames == NULL) {
1066 					err = SA_BAD_VALUE;
1067 					(void) fprintf(stderr,
1068 					    dgettext(TEXT_DOMAIN,
1069 					    "Bad root list\n"));
1070 				}
1071 			}
1072 			break;
1073 		case OPT_WINDOW:
1074 			if (value != NULL) {
1075 				sp->s_window = atoi(value);
1076 				/* just in case */
1077 				if (sp->s_window < 0)
1078 					sp->s_window = DEF_WIN;
1079 			}
1080 			break;
1081 		default:
1082 			break;
1083 		}
1084 		if (name != NULL)
1085 			sa_free_attr_string(name);
1086 		if (value != NULL)
1087 			sa_free_attr_string(value);
1088 	}
1089 	/* if rw/ro options not set, use default of RW */
1090 	if ((sp->s_flags & NFS_RWMODES) == 0)
1091 		sp->s_flags |= M_RW;
1092 	return (err);
1093 }
1094 
1095 /*
1096  * This is for testing only
1097  * It displays the export structure that
1098  * goes into the kernel.
1099  */
1100 static void
1101 printarg(char *path, struct exportdata *ep)
1102 {
1103 	int i, j;
1104 	struct secinfo *sp;
1105 
1106 	if (debug == 0)
1107 		return;
1108 
1109 	(void) printf("%s:\n", path);
1110 	(void) printf("\tex_version = %d\n", ep->ex_version);
1111 	(void) printf("\tex_path = %s\n", ep->ex_path);
1112 	(void) printf("\tex_pathlen = %ld\n", (ulong_t)ep->ex_pathlen);
1113 	(void) printf("\tex_flags: (0x%02x) ", ep->ex_flags);
1114 	if (ep->ex_flags & EX_NOSUID)
1115 		(void) printf("NOSUID ");
1116 	if (ep->ex_flags & EX_ACLOK)
1117 		(void) printf("ACLOK ");
1118 	if (ep->ex_flags & EX_PUBLIC)
1119 		(void) printf("PUBLIC ");
1120 	if (ep->ex_flags & EX_NOSUB)
1121 		(void) printf("NOSUB ");
1122 	if (ep->ex_flags & EX_LOG)
1123 		(void) printf("LOG ");
1124 	if (ep->ex_flags & EX_LOG_ALLOPS)
1125 		(void) printf("LOG_ALLOPS ");
1126 	if (ep->ex_flags == 0)
1127 		(void) printf("(none)");
1128 	(void) 	printf("\n");
1129 	if (ep->ex_flags & EX_LOG) {
1130 		(void) printf("\tex_log_buffer = %s\n",
1131 		    (ep->ex_log_buffer ? ep->ex_log_buffer : "(NULL)"));
1132 		(void) printf("\tex_tag = %s\n",
1133 		    (ep->ex_tag ? ep->ex_tag : "(NULL)"));
1134 	}
1135 	(void) printf("\tex_anon = %d\n", ep->ex_anon);
1136 	(void) printf("\tex_seccnt = %d\n", ep->ex_seccnt);
1137 	(void) printf("\n");
1138 	for (i = 0; i < ep->ex_seccnt; i++) {
1139 		sp = &ep->ex_secinfo[i];
1140 		(void) printf("\t\ts_secinfo = %s\n", sp->s_secinfo.sc_name);
1141 		(void) printf("\t\ts_flags: (0x%02x) ", sp->s_flags);
1142 		if (sp->s_flags & M_ROOT) (void) printf("M_ROOT ");
1143 		if (sp->s_flags & M_RO) (void) printf("M_RO ");
1144 		if (sp->s_flags & M_ROL) (void) printf("M_ROL ");
1145 		if (sp->s_flags & M_RW) (void) printf("M_RW ");
1146 		if (sp->s_flags & M_RWL) (void) printf("M_RWL ");
1147 		if (sp->s_flags == 0) (void) printf("(none)");
1148 		(void) printf("\n");
1149 		(void) printf("\t\ts_window = %d\n", sp->s_window);
1150 		(void) printf("\t\ts_rootcnt = %d ", sp->s_rootcnt);
1151 		(void) fflush(stdout);
1152 		for (j = 0; j < sp->s_rootcnt; j++)
1153 			(void) printf("%s ", sp->s_rootnames[j] ?
1154 			    sp->s_rootnames[j] : "<null>");
1155 		(void) printf("\n\n");
1156 	}
1157 }
1158 
1159 /*
1160  * count_security(opts)
1161  *
1162  * Count the number of security types (flavors). The optionset has
1163  * been populated with the security flavors as a holding mechanism.
1164  * We later use this number to allocate data structures.
1165  */
1166 
1167 static int
1168 count_security(sa_optionset_t opts)
1169 {
1170 	int count = 0;
1171 	sa_property_t prop;
1172 	if (opts != NULL) {
1173 		for (prop = sa_get_property(opts, NULL); prop != NULL;
1174 		    prop = sa_get_next_property(prop)) {
1175 			count++;
1176 		}
1177 	}
1178 	return (count);
1179 }
1180 
1181 /*
1182  * nfs_sprint_option(rbuff, rbuffsize, incr, prop, sep)
1183  *
1184  * provides a mechanism to format NFS properties into legacy output
1185  * format. If the buffer would overflow, it is reallocated and grown
1186  * as appropriate. Special cases of converting internal form of values
1187  * to those used by "share" are done. this function does one property
1188  * at a time.
1189  */
1190 
1191 static int
1192 nfs_sprint_option(char **rbuff, size_t *rbuffsize, size_t incr,
1193 			sa_property_t prop, int sep)
1194 {
1195 	char *name;
1196 	char *value;
1197 	int curlen;
1198 	char *buff = *rbuff;
1199 	size_t buffsize = *rbuffsize;
1200 	int printed = B_FALSE;
1201 
1202 	name = sa_get_property_attr(prop, "type");
1203 	value = sa_get_property_attr(prop, "value");
1204 	if (buff != NULL)
1205 		curlen = strlen(buff);
1206 	else
1207 		curlen = 0;
1208 	if (name != NULL) {
1209 		int len;
1210 		len = strlen(name) + sep;
1211 
1212 		/*
1213 		 * A future RFE would be to replace this with more
1214 		 * generic code and to possibly handle more types.
1215 		 */
1216 		switch (gettype(name)) {
1217 		case OPT_TYPE_BOOLEAN:
1218 			/*
1219 			 * For NFS, boolean value of FALSE means it
1220 			 * doesn't show up in the option list at all.
1221 			 */
1222 			if (value != NULL && strcasecmp(value, "false") == 0)
1223 				goto skip;
1224 			if (value != NULL) {
1225 				sa_free_attr_string(value);
1226 				value = NULL;
1227 			}
1228 			break;
1229 		case OPT_TYPE_ACCLIST:
1230 			if (value != NULL && strcmp(value, "*") == 0) {
1231 				sa_free_attr_string(value);
1232 				value = NULL;
1233 			} else {
1234 				if (value != NULL)
1235 					len += 1 + strlen(value);
1236 			}
1237 			break;
1238 		case OPT_TYPE_LOGTAG:
1239 			if (value != NULL && strlen(value) == 0) {
1240 				sa_free_attr_string(value);
1241 				value = NULL;
1242 			} else {
1243 				if (value != NULL)
1244 					len += 1 + strlen(value);
1245 			}
1246 			break;
1247 		default:
1248 			if (value != NULL)
1249 				len += 1 + strlen(value);
1250 			break;
1251 		}
1252 		while (buffsize <= (curlen + len)) {
1253 			/* need more room */
1254 			buffsize += incr;
1255 			buff = realloc(buff, buffsize);
1256 			if (buff == NULL) {
1257 				/* realloc failed so free everything */
1258 				if (*rbuff != NULL)
1259 					free(*rbuff);
1260 			}
1261 			*rbuff = buff;
1262 			*rbuffsize = buffsize;
1263 			if (buff == NULL)
1264 				goto skip;
1265 
1266 		}
1267 
1268 		if (buff == NULL)
1269 			goto skip;
1270 
1271 		if (value == NULL) {
1272 			(void) snprintf(buff + curlen, buffsize - curlen,
1273 			    "%s%s", sep ? "," : "",
1274 			    name, value != NULL ? value : "");
1275 		} else {
1276 			(void) snprintf(buff + curlen, buffsize - curlen,
1277 			    "%s%s=%s", sep ? "," : "",
1278 			    name, value != NULL ? value : "");
1279 		}
1280 		printed = B_TRUE;
1281 	}
1282 skip:
1283 	if (name != NULL)
1284 		sa_free_attr_string(name);
1285 	if (value != NULL)
1286 		sa_free_attr_string(value);
1287 	return (printed);
1288 }
1289 
1290 /*
1291  * nfs_format_options(group, hier)
1292  *
1293  * format all the options on the group into an old-style option
1294  * string. If hier is non-zero, walk up the tree to get inherited
1295  * options.
1296  */
1297 
1298 static char *
1299 nfs_format_options(sa_group_t group, int hier)
1300 {
1301 	sa_optionset_t options = NULL;
1302 	sa_optionset_t secoptions = NULL;
1303 	sa_property_t prop, secprop;
1304 	sa_security_t security = NULL;
1305 	char *buff;
1306 	size_t buffsize;
1307 	char *sectype = NULL;
1308 	int sep = 0;
1309 
1310 
1311 	buff = malloc(OPT_CHUNK);
1312 	if (buff == NULL) {
1313 		return (NULL);
1314 	}
1315 
1316 	buff[0] = '\0';
1317 	buffsize = OPT_CHUNK;
1318 
1319 	/*
1320 	 * We may have a an optionset relative to this item. format
1321 	 * these if we find them and then add any security definitions.
1322 	 */
1323 
1324 	options = sa_get_derived_optionset(group, "nfs", hier);
1325 
1326 	/*
1327 	 * do the default set first but skip any option that is also
1328 	 * in the protocol specific optionset.
1329 	 */
1330 	if (options != NULL) {
1331 		for (prop = sa_get_property(options, NULL);
1332 		    prop != NULL; prop = sa_get_next_property(prop)) {
1333 			/*
1334 			 * use this one since we skipped any
1335 			 * of these that were also in
1336 			 * optdefault
1337 			 */
1338 			if (nfs_sprint_option(&buff, &buffsize, OPT_CHUNK,
1339 			    prop, sep))
1340 				sep = 1;
1341 			if (buff == NULL) {
1342 				/*
1343 				 * buff could become NULL if there
1344 				 * isn't enough memory for
1345 				 * nfs_sprint_option to realloc()
1346 				 * as necessary. We can't really
1347 				 * do anything about it at this
1348 				 * point so we return NULL.  The
1349 				 * caller should handle the
1350 				 * failure.
1351 				 */
1352 				if (options != NULL)
1353 					sa_free_derived_optionset(
1354 					    options);
1355 				return (buff);
1356 			}
1357 		}
1358 	}
1359 	secoptions = (sa_optionset_t)sa_get_all_security_types(group,
1360 	    "nfs", hier);
1361 	if (secoptions != NULL) {
1362 		for (secprop = sa_get_property(secoptions, NULL);
1363 		    secprop != NULL;
1364 		    secprop = sa_get_next_property(secprop)) {
1365 			sectype = sa_get_property_attr(secprop, "type");
1366 			security =
1367 			    (sa_security_t)sa_get_derived_security(
1368 			    group, sectype, "nfs", hier);
1369 			if (security != NULL) {
1370 				if (sectype != NULL) {
1371 					prop = sa_create_property(
1372 					    "sec", sectype);
1373 					if (prop == NULL)
1374 						goto err;
1375 					if (nfs_sprint_option(&buff,
1376 					    &buffsize, OPT_CHUNK, prop, sep))
1377 						sep = 1;
1378 					(void) sa_remove_property(prop);
1379 					if (buff == NULL)
1380 						goto err;
1381 				}
1382 				for (prop = sa_get_property(security,
1383 				    NULL); prop != NULL;
1384 				    prop = sa_get_next_property(prop)) {
1385 					if (nfs_sprint_option(&buff,
1386 					    &buffsize, OPT_CHUNK, prop, sep))
1387 						sep = 1;
1388 					if (buff == NULL)
1389 						goto err;
1390 				}
1391 				sa_free_derived_optionset(security);
1392 			}
1393 			if (sectype != NULL)
1394 				sa_free_attr_string(sectype);
1395 		}
1396 		sa_free_derived_optionset(secoptions);
1397 	}
1398 
1399 	if (options != NULL)
1400 		sa_free_derived_optionset(options);
1401 	return (buff);
1402 
1403 err:
1404 	/*
1405 	 * If we couldn't allocate memory for option printing, we need
1406 	 * to break out of the nested loops, cleanup and return NULL.
1407 	 */
1408 	if (secoptions != NULL)
1409 		sa_free_derived_optionset(secoptions);
1410 	if (security != NULL)
1411 		sa_free_derived_optionset(security);
1412 	if (sectype != NULL)
1413 		sa_free_attr_string(sectype);
1414 	if (options != NULL)
1415 		sa_free_derived_optionset(options);
1416 	return (buff);
1417 }
1418 
1419 /*
1420  * Append an entry to the nfslogtab file
1421  */
1422 static int
1423 nfslogtab_add(dir, buffer, tag)
1424 	char *dir, *buffer, *tag;
1425 {
1426 	FILE *f;
1427 	struct logtab_ent lep;
1428 	int error = 0;
1429 
1430 	/*
1431 	 * Open the file for update and create it if necessary.
1432 	 * This may leave the I/O offset at the end of the file,
1433 	 * so rewind back to the beginning of the file.
1434 	 */
1435 	f = fopen(NFSLOGTAB, "a+");
1436 	if (f == NULL) {
1437 		error = errno;
1438 		goto out;
1439 	}
1440 	rewind(f);
1441 
1442 	if (lockf(fileno(f), F_LOCK, 0L) < 0) {
1443 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1444 		    "share complete, however failed to lock %s "
1445 		    "for update: %s\n"), NFSLOGTAB, strerror(errno));
1446 		error = -1;
1447 		goto out;
1448 	}
1449 
1450 	if (logtab_deactivate_after_boot(f) == -1) {
1451 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1452 		    "share complete, however could not deactivate "
1453 		    "entries in %s\n"), NFSLOGTAB);
1454 		error = -1;
1455 		goto out;
1456 	}
1457 
1458 	/*
1459 	 * Remove entries matching buffer and sharepoint since we're
1460 	 * going to replace it with perhaps an entry with a new tag.
1461 	 */
1462 	if (logtab_rement(f, buffer, dir, NULL, -1)) {
1463 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1464 		    "share complete, however could not remove matching "
1465 		    "entries in %s\n"), NFSLOGTAB);
1466 		error = -1;
1467 		goto out;
1468 	}
1469 
1470 	/*
1471 	 * Deactivate all active entries matching this sharepoint
1472 	 */
1473 	if (logtab_deactivate(f, NULL, dir, NULL)) {
1474 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1475 		    "share complete, however could not deactivate matching "
1476 		    "entries in %s\n"), NFSLOGTAB);
1477 		error = -1;
1478 		goto out;
1479 	}
1480 
1481 	lep.le_buffer = buffer;
1482 	lep.le_path = dir;
1483 	lep.le_tag = tag;
1484 	lep.le_state = LES_ACTIVE;
1485 
1486 	/*
1487 	 * Add new sharepoint / buffer location to nfslogtab
1488 	 */
1489 	if (logtab_putent(f, &lep) < 0) {
1490 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1491 		    "share complete, however could not add %s to %s\n"),
1492 		    dir, NFSLOGTAB);
1493 		error = -1;
1494 	}
1495 
1496 out:
1497 	if (f != NULL)
1498 		(void) fclose(f);
1499 	return (error);
1500 }
1501 
1502 /*
1503  * Deactivate an entry from the nfslogtab file
1504  */
1505 static int
1506 nfslogtab_deactivate(path)
1507 	char *path;
1508 {
1509 	FILE *f;
1510 	int error = 0;
1511 
1512 	f = fopen(NFSLOGTAB, "r+");
1513 	if (f == NULL) {
1514 		error = errno;
1515 		goto out;
1516 	}
1517 	if (lockf(fileno(f), F_LOCK, 0L) < 0) {
1518 		error = errno;
1519 		(void)  fprintf(stderr, dgettext(TEXT_DOMAIN,
1520 		    "share complete, however could not lock %s for "
1521 		    "update: %s\n"), NFSLOGTAB, strerror(error));
1522 		goto out;
1523 	}
1524 	if (logtab_deactivate(f, NULL, path, NULL) == -1) {
1525 		error = -1;
1526 		(void) fprintf(stderr,
1527 		    dgettext(TEXT_DOMAIN,
1528 		    "share complete, however could not "
1529 		    "deactivate %s in %s\n"), path, NFSLOGTAB);
1530 		goto out;
1531 	}
1532 
1533 out:	if (f != NULL)
1534 		(void) fclose(f);
1535 
1536 	return (error);
1537 }
1538 
1539 /*
1540  * check_public(group, skipshare)
1541  *
1542  * Check the group for any shares that have the public property
1543  * enabled. We skip "skipshare" since that is the one we are
1544  * working with. This is a separate function to make handling
1545  * subgroups simpler. Returns true if there is a share with public.
1546  */
1547 static int
1548 check_public(sa_group_t group, sa_share_t skipshare)
1549 {
1550 	int exists = B_FALSE;
1551 	sa_share_t share;
1552 	sa_optionset_t opt;
1553 	sa_property_t prop;
1554 	char *shared;
1555 
1556 	for (share = sa_get_share(group, NULL); share != NULL;
1557 	    share = sa_get_next_share(share)) {
1558 		if (share == skipshare)
1559 			continue;
1560 
1561 		opt = sa_get_optionset(share, "nfs");
1562 		if (opt == NULL)
1563 			continue;
1564 		prop = sa_get_property(opt, "public");
1565 		if (prop == NULL)
1566 			continue;
1567 		shared = sa_get_share_attr(share, "shared");
1568 		if (shared != NULL) {
1569 			exists = strcmp(shared, "true") == 0;
1570 			sa_free_attr_string(shared);
1571 			if (exists == B_TRUE)
1572 				break;
1573 		}
1574 	}
1575 
1576 	return (exists);
1577 }
1578 
1579 /*
1580  * public_exists(share)
1581  *
1582  * check to see if public option is set on any other share than the
1583  * one specified. Need to check zfs sub-groups as well as the top
1584  * level groups.
1585  */
1586 static int
1587 public_exists(sa_share_t skipshare)
1588 {
1589 	sa_group_t group;
1590 	sa_handle_t handle;
1591 
1592 	group = sa_get_parent_group(skipshare);
1593 	if (group == NULL)
1594 		return (SA_NO_SUCH_GROUP);
1595 
1596 	handle = sa_find_group_handle(group);
1597 	if (handle == NULL)
1598 		return (SA_SYSTEM_ERR);
1599 
1600 	for (group = sa_get_group(handle, NULL); group != NULL;
1601 	    group = sa_get_next_group(group)) {
1602 		/* Walk any ZFS subgroups as well as all standard groups */
1603 		if (sa_group_is_zfs(group)) {
1604 			sa_group_t subgroup;
1605 			for (subgroup = sa_get_sub_group(group);
1606 			    subgroup != NULL;
1607 			    subgroup = sa_get_next_group(subgroup)) {
1608 				if (check_public(subgroup, skipshare))
1609 					return (B_TRUE);
1610 			}
1611 		} else {
1612 			if (check_public(group, skipshare))
1613 				return (B_TRUE);
1614 		}
1615 	}
1616 	return (B_FALSE);
1617 }
1618 
1619 /*
1620  * sa_enable_share at the protocol level, enable_share must tell the
1621  * implementation that it is to enable the share. This entails
1622  * converting the path and options into the appropriate ioctl
1623  * calls. It is assumed that all error checking of paths, etc. were
1624  * done earlier.
1625  */
1626 static int
1627 nfs_enable_share(sa_share_t share)
1628 {
1629 	struct exportdata export;
1630 	sa_optionset_t secoptlist;
1631 	struct secinfo *sp;
1632 	int num_secinfo;
1633 	sa_optionset_t opt;
1634 	sa_security_t sec;
1635 	sa_property_t prop;
1636 	char *path;
1637 	int err = SA_OK;
1638 	int i;
1639 	int iszfs;
1640 
1641 	/* Don't drop core if the NFS module isn't loaded. */
1642 	(void) signal(SIGSYS, SIG_IGN);
1643 
1644 	/* get the path since it is important in several places */
1645 	path = sa_get_share_attr(share, "path");
1646 	if (path == NULL)
1647 		return (SA_NO_SUCH_PATH);
1648 
1649 	iszfs = sa_path_is_zfs(path);
1650 	/*
1651 	 * find the optionsets and security sets.  There may not be
1652 	 * any or there could be one or two for each of optionset and
1653 	 * security may have multiple, one per security type per
1654 	 * protocol type.
1655 	 */
1656 	opt = sa_get_derived_optionset(share, "nfs", 1);
1657 	secoptlist = (sa_optionset_t)sa_get_all_security_types(share, "nfs", 1);
1658 	if (secoptlist != NULL)
1659 		num_secinfo = MAX(1, count_security(secoptlist));
1660 	else
1661 		num_secinfo = 1;
1662 
1663 	/*
1664 	 * walk through the options and fill in the structure
1665 	 * appropriately.
1666 	 */
1667 
1668 	(void) memset(&export, '\0', sizeof (export));
1669 
1670 	/*
1671 	 * do non-security options first since there is only one after
1672 	 * the derived group is constructed.
1673 	 */
1674 	export.ex_version = EX_CURRENT_VERSION;
1675 	export.ex_anon = UID_NOBODY; /* this is our default value */
1676 	export.ex_index = NULL;
1677 	export.ex_path = path;
1678 	export.ex_pathlen = strlen(path) + 1;
1679 
1680 	if (opt != NULL)
1681 		err = fill_export_from_optionset(&export, opt);
1682 
1683 	/*
1684 	 * check to see if "public" is set. If it is, then make sure
1685 	 * no other share has it set. If it is already used, fail.
1686 	 */
1687 
1688 	if (export.ex_flags & EX_PUBLIC && public_exists(share)) {
1689 		(void) printf(dgettext(TEXT_DOMAIN,
1690 		    "NFS: Cannot share more than one file "
1691 		    "system with 'public' property\n"));
1692 		err = SA_NOT_ALLOWED;
1693 		goto out;
1694 	}
1695 
1696 	sp = calloc(num_secinfo, sizeof (struct secinfo));
1697 	if (sp == NULL) {
1698 		err = SA_NO_MEMORY;
1699 		(void) printf(dgettext(TEXT_DOMAIN,
1700 		    "NFS: NFS: no memory for security\n"));
1701 		goto out;
1702 	}
1703 	export.ex_secinfo = sp;
1704 	/* get default secinfo */
1705 	export.ex_seccnt = num_secinfo;
1706 	/*
1707 	 * since we must have one security option defined, we
1708 	 * init to the default and then override as we find
1709 	 * defined security options. This handles the case
1710 	 * where we have no defined options but we need to set
1711 	 * up one.
1712 	 */
1713 	sp[0].s_window = DEF_WIN;
1714 	sp[0].s_rootnames = NULL;
1715 	/* setup a default in case no properties defined */
1716 	if (nfs_getseconfig_default(&sp[0].s_secinfo)) {
1717 		(void) printf(dgettext(TEXT_DOMAIN,
1718 		    "NFS: nfs_getseconfig_default: failed to "
1719 		    "get default security mode\n"));
1720 		err = SA_CONFIG_ERR;
1721 	}
1722 	if (secoptlist != NULL) {
1723 		for (i = 0, prop = sa_get_property(secoptlist, NULL);
1724 		    prop != NULL && i < num_secinfo;
1725 		    prop = sa_get_next_property(prop), i++) {
1726 			char *sectype;
1727 				sectype = sa_get_property_attr(prop, "type");
1728 			/*
1729 			 * if sectype is NULL, we probably
1730 			 * have a memory problem and can't get
1731 			 * the correct values. Rather than
1732 			 * exporting with incorrect security,
1733 			 * don't share it.
1734 			 */
1735 			if (sectype == NULL) {
1736 				err = SA_NO_MEMORY;
1737 				(void) printf(dgettext(TEXT_DOMAIN,
1738 				    "NFS: Cannot share %s: "
1739 				    "no memory\n"), path);
1740 				goto out;
1741 			}
1742 			sec = (sa_security_t)sa_get_derived_security(
1743 			    share, sectype, "nfs", 1);
1744 			sp[i].s_window = DEF_WIN;
1745 			sp[i].s_rootcnt = 0;
1746 			sp[i].s_rootnames = NULL;
1747 				(void) fill_security_from_secopts(&sp[i], sec);
1748 			if (sec != NULL)
1749 				sa_free_derived_security(sec);
1750 			if (sectype != NULL)
1751 				sa_free_attr_string(sectype);
1752 		}
1753 	}
1754 	/*
1755 	 * when we get here, we can do the exportfs system call and
1756 	 * initiate thinsg. We probably want to enable the nfs.server
1757 	 * service first if it isn't running within SMF.
1758 	 */
1759 	/* check nfs.server status and start if needed */
1760 	/* now add the share to the internal tables */
1761 	printarg(path, &export);
1762 	/*
1763 	 * call the exportfs system call which is implemented
1764 	 * via the nfssys() call as the EXPORTFS subfunction.
1765 	 */
1766 	if (iszfs) {
1767 		struct exportfs_args ea;
1768 		share_t sh;
1769 		char *str;
1770 		priv_set_t *priv_effective;
1771 		int privileged;
1772 
1773 		/*
1774 		 * If we aren't a privileged user
1775 		 * and NFS server service isn't running
1776 		 * then print out an error message
1777 		 * and return EPERM
1778 		 */
1779 
1780 		priv_effective = priv_allocset();
1781 		(void) getppriv(PRIV_EFFECTIVE, priv_effective);
1782 
1783 		privileged = (priv_isfullset(priv_effective) == B_TRUE);
1784 		priv_freeset(priv_effective);
1785 
1786 		if (!privileged &&
1787 		    (str = smf_get_state(NFS_SERVER_SVC)) != NULL) {
1788 			err = 0;
1789 			if (strcmp(str, SCF_STATE_STRING_ONLINE) != 0) {
1790 				(void) printf(dgettext(TEXT_DOMAIN,
1791 				    "NFS: Cannot share remote "
1792 				    "filesystem: %s\n"), path);
1793 				(void) printf(dgettext(TEXT_DOMAIN,
1794 				    "NFS: Service needs to be enabled "
1795 				    "by a privileged user\n"));
1796 				err = SA_SYSTEM_ERR;
1797 				errno = EPERM;
1798 			}
1799 			free(str);
1800 		}
1801 
1802 		if (err == 0) {
1803 			ea.dname = path;
1804 			ea.uex = &export;
1805 
1806 			sa_sharetab_fill_zfs(share, &sh, "nfs");
1807 			err = sa_share_zfs(share, path, &sh, &ea, B_TRUE);
1808 			sa_emptyshare(&sh);
1809 		}
1810 	} else {
1811 		err = exportfs(path, &export);
1812 	}
1813 
1814 	if (err < 0) {
1815 		err = SA_SYSTEM_ERR;
1816 		switch (errno) {
1817 		case EREMOTE:
1818 			(void) printf(dgettext(TEXT_DOMAIN,
1819 			    "NFS: Cannot share filesystems "
1820 			    "in non-global zones: %s\n"), path);
1821 			err = SA_NOT_SUPPORTED;
1822 			break;
1823 		case EPERM:
1824 			if (getzoneid() != GLOBAL_ZONEID) {
1825 				(void) printf(dgettext(TEXT_DOMAIN,
1826 				    "NFS: Cannot share file systems "
1827 				    "in non-global zones: %s\n"), path);
1828 				err = SA_NOT_SUPPORTED;
1829 				break;
1830 			}
1831 			err = SA_NO_PERMISSION;
1832 			/* FALLTHROUGH */
1833 		default:
1834 			break;
1835 		}
1836 	} else {
1837 		/* update sharetab with an add/modify */
1838 		if (!iszfs) {
1839 			(void) sa_update_sharetab(share, "nfs");
1840 		}
1841 	}
1842 
1843 	if (err == SA_OK) {
1844 		/*
1845 		 * enable services as needed. This should probably be
1846 		 * done elsewhere in order to minimize the calls to
1847 		 * check services.
1848 		 */
1849 		/*
1850 		 * check to see if logging and other services need to
1851 		 * be triggered, but only if there wasn't an
1852 		 * error. This is probably where sharetab should be
1853 		 * updated with the NFS specific entry.
1854 		 */
1855 		if (export.ex_flags & EX_LOG) {
1856 			/* enable logging */
1857 			if (nfslogtab_add(path, export.ex_log_buffer,
1858 			    export.ex_tag) != 0) {
1859 				(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1860 				    "Could not enable logging for %s\n"),
1861 				    path);
1862 			}
1863 			_check_services(service_list_logging);
1864 		} else {
1865 			/*
1866 			 * don't have logging so remove it from file. It might
1867 			 * not be thre, but that doesn't matter.
1868 			 */
1869 			(void) nfslogtab_deactivate(path);
1870 			_check_services(service_list_default);
1871 		}
1872 	}
1873 
1874 out:
1875 	if (path != NULL)
1876 		free(path);
1877 
1878 	cleanup_export(&export);
1879 	if (opt != NULL)
1880 		sa_free_derived_optionset(opt);
1881 	if (secoptlist != NULL)
1882 		(void) sa_destroy_optionset(secoptlist);
1883 	return (err);
1884 }
1885 
1886 /*
1887  * nfs_disable_share(share)
1888  *
1889  * Unshare the specified share.  How much error checking should be
1890  * done? We only do basic errors for now.
1891  */
1892 static int
1893 nfs_disable_share(sa_share_t share, char *path)
1894 {
1895 	int err;
1896 	int ret = SA_OK;
1897 	int iszfs;
1898 
1899 
1900 	if (path != NULL) {
1901 		iszfs = sa_path_is_zfs(path);
1902 
1903 		if (iszfs) {
1904 			struct exportfs_args ea;
1905 			share_t sh = { 0 };
1906 
1907 			ea.dname = path;
1908 			ea.uex = NULL;
1909 			sh.sh_path = path;
1910 			sh.sh_fstype = "nfs";
1911 
1912 			err = sa_share_zfs(share, path, &sh, &ea, B_FALSE);
1913 		} else
1914 			err = exportfs(path, NULL);
1915 		if (err < 0) {
1916 			/*
1917 			 * TBD: only an error in some
1918 			 * cases - need better analysis
1919 			 */
1920 
1921 			switch (errno) {
1922 			case EPERM:
1923 			case EACCES:
1924 				ret = SA_NO_PERMISSION;
1925 				if (getzoneid() != GLOBAL_ZONEID) {
1926 					ret = SA_NOT_SUPPORTED;
1927 				}
1928 				break;
1929 			case EINVAL:
1930 			case ENOENT:
1931 				ret = SA_NO_SUCH_PATH;
1932 			break;
1933 			default:
1934 				ret = SA_SYSTEM_ERR;
1935 			break;
1936 			}
1937 		}
1938 		if (ret == SA_OK || ret == SA_NO_SUCH_PATH) {
1939 			if (!iszfs)
1940 				(void) sa_delete_sharetab(path, "nfs");
1941 			/* just in case it was logged */
1942 			(void) nfslogtab_deactivate(path);
1943 		}
1944 	}
1945 	return (ret);
1946 }
1947 
1948 /*
1949  * check ro vs rw values.  Over time this may get beefed up.
1950  * for now it just does simple checks.
1951  */
1952 
1953 static int
1954 check_rorw(char *v1, char *v2)
1955 {
1956 	int ret = SA_OK;
1957 	if (strcmp(v1, v2) == 0)
1958 		ret = SA_VALUE_CONFLICT;
1959 	return (ret);
1960 }
1961 
1962 /*
1963  * nfs_validate_property(property, parent)
1964  *
1965  * Check that the property has a legitimate value for its type.
1966  */
1967 
1968 static int
1969 nfs_validate_property(sa_property_t property, sa_optionset_t parent)
1970 {
1971 	int ret = SA_OK;
1972 	char *propname;
1973 	char *other;
1974 	int optindex;
1975 	nfsl_config_t *configlist;
1976 	sa_group_t parent_group;
1977 	char *value;
1978 
1979 	propname = sa_get_property_attr(property, "type");
1980 
1981 	if ((optindex = findopt(propname)) < 0)
1982 		ret = SA_NO_SUCH_PROP;
1983 
1984 	/* need to validate value range here as well */
1985 
1986 	if (ret == SA_OK) {
1987 		parent_group = sa_get_parent_group((sa_share_t)parent);
1988 		if (optdefs[optindex].share && !sa_is_share(parent_group))
1989 			ret = SA_PROP_SHARE_ONLY;
1990 	}
1991 	if (ret == SA_OK) {
1992 		value = sa_get_property_attr(property, "value");
1993 		if (value != NULL) {
1994 			/* first basic type checking */
1995 			switch (optdefs[optindex].type) {
1996 			case OPT_TYPE_NUMBER:
1997 				/* check that the value is all digits */
1998 				if (!is_a_number(value))
1999 					ret = SA_BAD_VALUE;
2000 				break;
2001 			case OPT_TYPE_BOOLEAN:
2002 				if (strlen(value) == 0 ||
2003 				    strcasecmp(value, "true") == 0 ||
2004 				    strcmp(value, "1") == 0 ||
2005 				    strcasecmp(value, "false") == 0 ||
2006 				    strcmp(value, "0") == 0) {
2007 					ret = SA_OK;
2008 				} else {
2009 					ret = SA_BAD_VALUE;
2010 				}
2011 				break;
2012 			case OPT_TYPE_USER:
2013 				if (!is_a_number(value)) {
2014 					struct passwd *pw;
2015 					/*
2016 					 * in this case it would have to be a
2017 					 * user name
2018 					 */
2019 					pw = getpwnam(value);
2020 					if (pw == NULL)
2021 						ret = SA_BAD_VALUE;
2022 					endpwent();
2023 				} else {
2024 					uint64_t intval;
2025 					intval = strtoull(value, NULL, 0);
2026 					if (intval > UID_MAX && intval != ~0)
2027 						ret = SA_BAD_VALUE;
2028 				}
2029 				break;
2030 			case OPT_TYPE_FILE:
2031 				if (strcmp(value, "..") == 0 ||
2032 				    strchr(value, '/') != NULL) {
2033 					ret = SA_BAD_VALUE;
2034 				}
2035 				break;
2036 			case OPT_TYPE_ACCLIST:
2037 				/*
2038 				 * access list handling. Should eventually
2039 				 * validate that all the values make sense.
2040 				 * Also, ro and rw may have cross value
2041 				 * conflicts.
2042 				 */
2043 				if (strcmp(propname, SHOPT_RO) == 0)
2044 					other = SHOPT_RW;
2045 				else if (strcmp(propname, SHOPT_RW) == 0)
2046 					other = SHOPT_RO;
2047 				else
2048 					other = NULL;
2049 
2050 				if (other != NULL && parent != NULL) {
2051 					/* compare rw(ro) with ro(rw) */
2052 					sa_property_t oprop;
2053 					oprop = sa_get_property(parent, other);
2054 					if (oprop != NULL) {
2055 						/*
2056 						 * only potential
2057 						 * confusion if other
2058 						 * exists
2059 						 */
2060 						char *ovalue;
2061 						ovalue = sa_get_property_attr(
2062 						    oprop, "value");
2063 						if (ovalue != NULL) {
2064 							ret = check_rorw(value,
2065 							    ovalue);
2066 							sa_free_attr_string(
2067 							    ovalue);
2068 						}
2069 					}
2070 				}
2071 				break;
2072 			case OPT_TYPE_LOGTAG:
2073 				if (nfsl_getconfig_list(&configlist) == 0) {
2074 					int error;
2075 					if (value == NULL ||
2076 					    strlen(value) == 0) {
2077 						if (value != NULL)
2078 							sa_free_attr_string(
2079 							    value);
2080 						value = strdup("global");
2081 					}
2082 					if (value != NULL &&
2083 					    nfsl_findconfig(configlist, value,
2084 					    &error) == NULL) {
2085 						ret = SA_BAD_VALUE;
2086 					}
2087 					/* Must always free when done */
2088 					nfsl_freeconfig_list(&configlist);
2089 				} else {
2090 					ret = SA_CONFIG_ERR;
2091 				}
2092 				break;
2093 			case OPT_TYPE_STRING:
2094 				/* whatever is here should be ok */
2095 				break;
2096 			case OPT_TYPE_SECURITY:
2097 				/*
2098 				 * The "sec" property isn't used in the
2099 				 * non-legacy parts of sharemgr. We need to
2100 				 * reject it here. For legacy, it is pulled
2101 				 * out well before we get here.
2102 				 */
2103 				ret = SA_NO_SUCH_PROP;
2104 				break;
2105 			default:
2106 				break;
2107 			}
2108 
2109 			if (value != NULL)
2110 				sa_free_attr_string(value);
2111 
2112 			if (ret == SA_OK && optdefs[optindex].check != NULL) {
2113 				/* do the property specific check */
2114 				ret = optdefs[optindex].check(property);
2115 			}
2116 		}
2117 	}
2118 
2119 	if (propname != NULL)
2120 		sa_free_attr_string(propname);
2121 	return (ret);
2122 }
2123 
2124 /*
2125  * Protocol management functions
2126  *
2127  * Properties defined in the default files are defined in
2128  * proto_option_defs for parsing and validation. If "other" and
2129  * "compare" are set, then the value for this property should be
2130  * compared against the property specified in "other" using the
2131  * "compare" check (either <= or >=) in order to ensure that the
2132  * values are in the correct range.  E.g. setting server_versmin
2133  * higher than server_versmax should not be allowed.
2134  */
2135 
2136 struct proto_option_defs {
2137 	char *tag;
2138 	char *name;	/* display name -- remove protocol identifier */
2139 	int index;
2140 	int type;
2141 	union {
2142 	    int intval;
2143 	    char *string;
2144 	} defvalue;
2145 	uint32_t svcs;
2146 	int32_t minval;
2147 	int32_t maxval;
2148 	char *file;
2149 	char *other;
2150 	int compare;
2151 #define	OPT_CMP_GE	0
2152 #define	OPT_CMP_LE	1
2153 	int (*check)(char *);
2154 } proto_options[] = {
2155 #define	PROTO_OPT_NFSD_SERVERS			0
2156 	{"nfsd_servers",
2157 	    "servers", PROTO_OPT_NFSD_SERVERS, OPT_TYPE_NUMBER, 16, SVC_NFSD,
2158 	    1, INT32_MAX, NFSADMIN},
2159 #define	PROTO_OPT_LOCKD_LISTEN_BACKLOG		1
2160 	{"lockd_listen_backlog",
2161 	    "lockd_listen_backlog", PROTO_OPT_LOCKD_LISTEN_BACKLOG,
2162 	    OPT_TYPE_NUMBER, 32, SVC_LOCKD, 32, INT32_MAX, NFSADMIN},
2163 #define	PROTO_OPT_LOCKD_SERVERS			2
2164 	{"lockd_servers",
2165 	    "lockd_servers", PROTO_OPT_LOCKD_SERVERS, OPT_TYPE_NUMBER, 20,
2166 	    SVC_LOCKD, 1, INT32_MAX, NFSADMIN},
2167 #define	PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT	3
2168 	{"lockd_retransmit_timeout",
2169 	    "lockd_retransmit_timeout", PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT,
2170 	    OPT_TYPE_NUMBER, 5, SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2171 #define	PROTO_OPT_GRACE_PERIOD			4
2172 	{"grace_period",
2173 	    "grace_period", PROTO_OPT_GRACE_PERIOD, OPT_TYPE_NUMBER, 90,
2174 	    SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2175 #define	PROTO_OPT_NFS_SERVER_VERSMIN		5
2176 	{"nfs_server_versmin",
2177 	    "server_versmin", PROTO_OPT_NFS_SERVER_VERSMIN, OPT_TYPE_NUMBER,
2178 	    (int)NFS_VERSMIN_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN,
2179 	    NFS_VERSMAX, NFSADMIN, "server_versmax", OPT_CMP_LE},
2180 #define	PROTO_OPT_NFS_SERVER_VERSMAX		6
2181 	{"nfs_server_versmax",
2182 	    "server_versmax", PROTO_OPT_NFS_SERVER_VERSMAX, OPT_TYPE_NUMBER,
2183 	    (int)NFS_VERSMAX_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN,
2184 	    NFS_VERSMAX, NFSADMIN, "server_versmin", OPT_CMP_GE},
2185 #define	PROTO_OPT_NFS_CLIENT_VERSMIN		7
2186 	{"nfs_client_versmin",
2187 	    "client_versmin", PROTO_OPT_NFS_CLIENT_VERSMIN, OPT_TYPE_NUMBER,
2188 	    (int)NFS_VERSMIN_DEFAULT, NULL, NFS_VERSMIN, NFS_VERSMAX,
2189 	    NFSADMIN, "client_versmax", OPT_CMP_LE},
2190 #define	PROTO_OPT_NFS_CLIENT_VERSMAX		8
2191 	{"nfs_client_versmax",
2192 	    "client_versmax", PROTO_OPT_NFS_CLIENT_VERSMAX, OPT_TYPE_NUMBER,
2193 	    (int)NFS_VERSMAX_DEFAULT, NULL, NFS_VERSMIN, NFS_VERSMAX,
2194 	    NFSADMIN, "client_versmin", OPT_CMP_GE},
2195 #define	PROTO_OPT_NFS_SERVER_DELEGATION		9
2196 	{"nfs_server_delegation",
2197 	    "server_delegation", PROTO_OPT_NFS_SERVER_DELEGATION,
2198 	    OPT_TYPE_ONOFF, NFS_SERVER_DELEGATION_DEFAULT, SVC_NFSD, 0, 0,
2199 	    NFSADMIN},
2200 #define	PROTO_OPT_NFSMAPID_DOMAIN		10
2201 	{"nfsmapid_domain",
2202 	    "nfsmapid_domain", PROTO_OPT_NFSMAPID_DOMAIN, OPT_TYPE_DOMAIN,
2203 	    NULL, SVC_NFSMAPID, 0, 0, NFSADMIN},
2204 #define	PROTO_OPT_NFSD_MAX_CONNECTIONS		11
2205 	{"nfsd_max_connections",
2206 	    "max_connections", PROTO_OPT_NFSD_MAX_CONNECTIONS,
2207 	    OPT_TYPE_NUMBER, -1, SVC_NFSD, -1, INT32_MAX, NFSADMIN},
2208 #define	PROTO_OPT_NFSD_PROTOCOL			12
2209 	{"nfsd_protocol",
2210 	    "protocol", PROTO_OPT_NFSD_PROTOCOL, OPT_TYPE_PROTOCOL, 0,
2211 	    SVC_NFSD, 0, 0, NFSADMIN},
2212 #define	PROTO_OPT_NFSD_LISTEN_BACKLOG		13
2213 	{"nfsd_listen_backlog",
2214 	    "listen_backlog", PROTO_OPT_NFSD_LISTEN_BACKLOG,
2215 	    OPT_TYPE_NUMBER, 0,
2216 	    SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2217 	{NULL}
2218 };
2219 
2220 /*
2221  * the protoset holds the defined options so we don't have to read
2222  * them multiple times
2223  */
2224 static sa_protocol_properties_t protoset;
2225 
2226 static int
2227 findprotoopt(char *name, int whichname)
2228 {
2229 	int i;
2230 	for (i = 0; proto_options[i].tag != NULL; i++) {
2231 		if (whichname == 1) {
2232 			if (strcasecmp(proto_options[i].name, name) == 0)
2233 			return (i);
2234 		} else {
2235 			if (strcasecmp(proto_options[i].tag, name) == 0)
2236 				return (i);
2237 		}
2238 	}
2239 	return (-1);
2240 }
2241 
2242 /*
2243  * fixcaselower(str)
2244  *
2245  * convert a string to lower case (inplace).
2246  */
2247 
2248 static void
2249 fixcaselower(char *str)
2250 {
2251 	while (*str) {
2252 		*str = tolower(*str);
2253 		str++;
2254 	}
2255 }
2256 
2257 /*
2258  * fixcaseupper(str)
2259  *
2260  * convert a string to upper case (inplace).
2261  */
2262 
2263 static void
2264 fixcaseupper(char *str)
2265 {
2266 	while (*str) {
2267 		*str = toupper(*str);
2268 		str++;
2269 	}
2270 }
2271 
2272 /*
2273  * skipwhitespace(str)
2274  *
2275  * Skip leading white space. It is assumed that it is called with a
2276  * valid pointer.
2277  */
2278 
2279 static char *
2280 skipwhitespace(char *str)
2281 {
2282 	while (*str && isspace(*str))
2283 		str++;
2284 
2285 	return (str);
2286 }
2287 
2288 /*
2289  * extractprop()
2290  *
2291  * Extract the property and value out of the line and create the
2292  * property in the optionset.
2293  */
2294 static void
2295 extractprop(char *name, char *value)
2296 {
2297 	sa_property_t prop;
2298 	int index;
2299 	/*
2300 	 * Remove any leading
2301 	 * white space.
2302 	 */
2303 	name = skipwhitespace(name);
2304 
2305 	index = findprotoopt(name, 0);
2306 	if (index >= 0) {
2307 		fixcaselower(name);
2308 		prop = sa_create_property(proto_options[index].name, value);
2309 		if (prop != NULL)
2310 			(void) sa_add_protocol_property(protoset, prop);
2311 	}
2312 }
2313 
2314 /*
2315  * initprotofromdefault()
2316  *
2317  * read the default file(s) and add the defined values to the
2318  * protoset.  Note that default values are known from the built in
2319  * table in case the file doesn't have a definition.
2320  */
2321 
2322 static int
2323 initprotofromdefault()
2324 {
2325 	FILE *nfs;
2326 	char buff[BUFSIZ];
2327 	char *name;
2328 	char *value;
2329 
2330 	protoset = sa_create_protocol_properties("nfs");
2331 
2332 	if (protoset != NULL) {
2333 		nfs = fopen(NFSADMIN, "r");
2334 		if (nfs != NULL) {
2335 			while (fgets(buff, sizeof (buff), nfs) != NULL) {
2336 				switch (buff[0]) {
2337 				case '\n':
2338 				case '#':
2339 					/* skip */
2340 					break;
2341 				default:
2342 					name = buff;
2343 					buff[strlen(buff) - 1] = '\0';
2344 					value = strchr(name, '=');
2345 					if (value != NULL) {
2346 						*value++ = '\0';
2347 						extractprop(name, value);
2348 					}
2349 				}
2350 			}
2351 			if (nfs != NULL)
2352 				(void) fclose(nfs);
2353 		}
2354 	}
2355 	if (protoset == NULL)
2356 		return (SA_NO_MEMORY);
2357 	return (SA_OK);
2358 }
2359 
2360 /*
2361  * add_defaults()
2362  *
2363  * Add the default values for any property not defined in the parsing
2364  * of the default files. Values are set according to their defined
2365  * types.
2366  */
2367 
2368 static void
2369 add_defaults()
2370 {
2371 	int i;
2372 	char number[MAXDIGITS];
2373 
2374 	for (i = 0; proto_options[i].tag != NULL; i++) {
2375 		sa_property_t prop;
2376 		prop = sa_get_protocol_property(protoset,
2377 		    proto_options[i].name);
2378 		if (prop == NULL) {
2379 			/* add the default value */
2380 			switch (proto_options[i].type) {
2381 			case OPT_TYPE_NUMBER:
2382 				(void) snprintf(number, sizeof (number), "%d",
2383 				    proto_options[i].defvalue.intval);
2384 				prop = sa_create_property(proto_options[i].name,
2385 				    number);
2386 				break;
2387 
2388 			case OPT_TYPE_BOOLEAN:
2389 				prop = sa_create_property(proto_options[i].name,
2390 				    proto_options[i].defvalue.intval ?
2391 				    "true" : "false");
2392 				break;
2393 
2394 			case OPT_TYPE_ONOFF:
2395 				prop = sa_create_property(proto_options[i].name,
2396 				    proto_options[i].defvalue.intval ?
2397 				    "on" : "off");
2398 				break;
2399 
2400 			default:
2401 				/* treat as strings of zero length */
2402 				prop = sa_create_property(proto_options[i].name,
2403 				    "");
2404 				break;
2405 			}
2406 			if (prop != NULL)
2407 				(void) sa_add_protocol_property(protoset, prop);
2408 		}
2409 	}
2410 }
2411 
2412 static void
2413 free_protoprops()
2414 {
2415 	if (protoset != NULL) {
2416 		xmlFreeNode(protoset);
2417 		protoset = NULL;
2418 	}
2419 }
2420 
2421 /*
2422  * nfs_init()
2423  *
2424  * Initialize the NFS plugin.
2425  */
2426 
2427 static int
2428 nfs_init()
2429 {
2430 	int ret = SA_OK;
2431 
2432 	if (sa_plugin_ops.sa_init != nfs_init)
2433 		(void) printf(dgettext(TEXT_DOMAIN,
2434 		    "NFS plugin not properly initialized\n"));
2435 
2436 	ret = initprotofromdefault();
2437 	if (ret == SA_OK)
2438 		add_defaults();
2439 
2440 	return (ret);
2441 }
2442 
2443 /*
2444  * nfs_fini()
2445  *
2446  * uninitialize the NFS plugin. Want to avoid memory leaks.
2447  */
2448 
2449 static void
2450 nfs_fini()
2451 {
2452 	free_protoprops();
2453 }
2454 
2455 /*
2456  * nfs_get_proto_set()
2457  *
2458  * Return an optionset with all the protocol specific properties in
2459  * it.
2460  */
2461 
2462 static sa_protocol_properties_t
2463 nfs_get_proto_set()
2464 {
2465 	return (protoset);
2466 }
2467 
2468 struct deffile {
2469 	struct deffile *next;
2470 	char *line;
2471 };
2472 
2473 /*
2474  * read_default_file(fname)
2475  *
2476  * Read the specified default file. We return a list of entries. This
2477  * get used for adding or removing values.
2478  */
2479 
2480 static struct deffile *
2481 read_default_file(char *fname)
2482 {
2483 	FILE *file;
2484 	struct deffile *defs = NULL;
2485 	struct deffile *newdef;
2486 	struct deffile *prevdef = NULL;
2487 	char buff[BUFSIZ * 2];
2488 
2489 	file = fopen(fname, "r");
2490 	if (file != NULL) {
2491 		while (fgets(buff, sizeof (buff), file) != NULL) {
2492 			newdef = (struct deffile *)calloc(1,
2493 			    sizeof (struct deffile));
2494 			if (newdef != NULL) {
2495 				/* Make sure we skip any leading whitespace. */
2496 				newdef->line = strdup(skipwhitespace(buff));
2497 				if (defs == NULL) {
2498 					prevdef = defs = newdef;
2499 				} else {
2500 					prevdef->next = newdef;
2501 					prevdef = newdef;
2502 				}
2503 			}
2504 		}
2505 	}
2506 	(void) fclose(file);
2507 	return (defs);
2508 }
2509 
2510 static void
2511 free_default_file(struct deffile *defs)
2512 {
2513 	struct deffile *curdefs = NULL;
2514 
2515 	while (defs != NULL) {
2516 		curdefs = defs;
2517 		defs = defs->next;
2518 		if (curdefs->line != NULL)
2519 			free(curdefs->line);
2520 		free(curdefs);
2521 	}
2522 }
2523 
2524 /*
2525  * write_default_file(fname, defs)
2526  *
2527  * Write the default file back.
2528  */
2529 
2530 static int
2531 write_default_file(char *fname, struct deffile *defs)
2532 {
2533 	FILE *file;
2534 	int ret = SA_OK;
2535 	sigset_t old, new;
2536 
2537 	file = fopen(fname, "w+");
2538 	if (file != NULL) {
2539 		(void) sigprocmask(SIG_BLOCK, NULL, &new);
2540 		(void) sigaddset(&new, SIGHUP);
2541 		(void) sigaddset(&new, SIGINT);
2542 		(void) sigaddset(&new, SIGQUIT);
2543 		(void) sigaddset(&new, SIGTSTP);
2544 		(void) sigprocmask(SIG_SETMASK, &new, &old);
2545 		while (defs != NULL) {
2546 			(void) fputs(defs->line, file);
2547 			defs = defs->next;
2548 		}
2549 		(void) fsync(fileno(file));
2550 		(void) sigprocmask(SIG_SETMASK, &old, NULL);
2551 		(void) fclose(file);
2552 	} else {
2553 		switch (errno) {
2554 		case EPERM:
2555 		case EACCES:
2556 			ret = SA_NO_PERMISSION;
2557 			break;
2558 		default:
2559 			ret = SA_SYSTEM_ERR;
2560 		}
2561 	}
2562 	return (ret);
2563 }
2564 
2565 
2566 /*
2567  * set_default_file_value(tag, value)
2568  *
2569  * Set the default file value for tag to value. Then rewrite the file.
2570  * tag and value are always set.  The caller must ensure this.
2571  */
2572 
2573 #define	MAX_STRING_LENGTH	256
2574 static int
2575 set_default_file_value(char *tag, char *value)
2576 {
2577 	int ret = SA_OK;
2578 	struct deffile *root;
2579 	struct deffile *defs;
2580 	struct deffile *prev;
2581 	char string[MAX_STRING_LENGTH];
2582 	int len;
2583 	int update = 0;
2584 
2585 	(void) snprintf(string, MAX_STRING_LENGTH, "%s=", tag);
2586 	len = strlen(string);
2587 
2588 	root = defs = read_default_file(NFSADMIN);
2589 	if (root == NULL) {
2590 		if (errno == EPERM || errno == EACCES)
2591 			ret = SA_NO_PERMISSION;
2592 		else
2593 			ret = SA_SYSTEM_ERR;
2594 	} else {
2595 		while (defs != NULL) {
2596 			if (defs->line != NULL &&
2597 			    strncasecmp(defs->line, string, len) == 0) {
2598 				/* replace with the new value */
2599 				free(defs->line);
2600 				fixcaseupper(tag);
2601 				(void) snprintf(string, sizeof (string),
2602 				    "%s=%s\n", tag, value);
2603 				string[MAX_STRING_LENGTH - 1] = '\0';
2604 				defs->line = strdup(string);
2605 				update = 1;
2606 				break;
2607 			}
2608 			defs = defs->next;
2609 		}
2610 		if (!update) {
2611 			defs = root;
2612 			/* didn't find, so see if it is a comment */
2613 			(void) snprintf(string, MAX_STRING_LENGTH, "#%s=", tag);
2614 			len = strlen(string);
2615 			while (defs != NULL) {
2616 				if (strncasecmp(defs->line, string, len) == 0) {
2617 					/* replace with the new value */
2618 					free(defs->line);
2619 					fixcaseupper(tag);
2620 					(void) snprintf(string, sizeof (string),
2621 					    "%s=%s\n", tag, value);
2622 					string[MAX_STRING_LENGTH - 1] = '\0';
2623 					defs->line = strdup(string);
2624 					update = 1;
2625 					break;
2626 				}
2627 				defs = defs->next;
2628 			}
2629 		}
2630 		if (!update) {
2631 			fixcaseupper(tag);
2632 			(void) snprintf(string, sizeof (string), "%s=%s\n",
2633 			    tag, value);
2634 			prev = root;
2635 			while (prev->next != NULL)
2636 				prev = prev->next;
2637 			defs = malloc(sizeof (struct deffile));
2638 			prev->next = defs;
2639 			if (defs != NULL) {
2640 				defs->next = NULL;
2641 				defs->line = strdup(string);
2642 			}
2643 		}
2644 		if (update) {
2645 			ret = write_default_file(NFSADMIN, root);
2646 		}
2647 		free_default_file(root);
2648 	}
2649 	return (ret);
2650 }
2651 
2652 /*
2653  * service_in_state(service, chkstate)
2654  *
2655  * Want to know if the specified service is in the desired state
2656  * (chkstate) or not. Return true (1) if it is and false (0) if it
2657  * isn't.
2658  */
2659 static int
2660 service_in_state(char *service, const char *chkstate)
2661 {
2662 	char *state;
2663 	int ret = B_FALSE;
2664 
2665 	state = smf_get_state(service);
2666 	if (state != NULL) {
2667 		/* got the state so get the equality for the return value */
2668 		ret = strcmp(state, chkstate) == 0 ? B_TRUE : B_FALSE;
2669 		free(state);
2670 	}
2671 	return (ret);
2672 }
2673 
2674 /*
2675  * restart_service(svcs)
2676  *
2677  * Walk through the bit mask of services that need to be restarted in
2678  * order to use the new property values. Some properties affect
2679  * multiple daemons. Should only restart a service if it is currently
2680  * enabled (online).
2681  */
2682 
2683 static void
2684 restart_service(uint32_t svcs)
2685 {
2686 	uint32_t mask;
2687 	int ret;
2688 	char *service;
2689 
2690 	for (mask = 1; svcs != 0; mask <<= 1) {
2691 		switch (svcs & mask) {
2692 		case SVC_LOCKD:
2693 			service = LOCKD;
2694 			break;
2695 		case SVC_STATD:
2696 			service = STATD;
2697 			break;
2698 		case SVC_NFSD:
2699 			service = NFSD;
2700 			break;
2701 		case SVC_MOUNTD:
2702 			service = MOUNTD;
2703 			break;
2704 		case SVC_NFS4CBD:
2705 			service = NFS4CBD;
2706 			break;
2707 		case SVC_NFSMAPID:
2708 			service = NFSMAPID;
2709 			break;
2710 		case SVC_RQUOTAD:
2711 			service = RQUOTAD;
2712 			break;
2713 		case SVC_NFSLOGD:
2714 			service = NFSLOGD;
2715 			break;
2716 		default:
2717 			continue;
2718 		}
2719 
2720 		/*
2721 		 * Only attempt to restart the service if it is
2722 		 * currently running. In the future, it may be
2723 		 * desirable to use smf_refresh_instance if the NFS
2724 		 * services ever implement the refresh method.
2725 		 */
2726 		if (service_in_state(service, SCF_STATE_STRING_ONLINE)) {
2727 			ret = smf_restart_instance(service);
2728 			/*
2729 			 * There are only a few SMF errors at this point, but
2730 			 * it is also possible that a bad value may have put
2731 			 * the service into maintenance if there wasn't an
2732 			 * SMF level error.
2733 			 */
2734 			if (ret != 0) {
2735 				(void) fprintf(stderr,
2736 				    dgettext(TEXT_DOMAIN,
2737 				    "%s failed to restart: %s\n"),
2738 				    scf_strerror(scf_error()));
2739 			} else {
2740 				/*
2741 				 * Check whether it has gone to "maintenance"
2742 				 * mode or not. Maintenance implies something
2743 				 * went wrong.
2744 				 */
2745 				if (service_in_state(service,
2746 				    SCF_STATE_STRING_MAINT)) {
2747 					(void) fprintf(stderr,
2748 					    dgettext(TEXT_DOMAIN,
2749 					    "%s failed to restart\n"),
2750 					    service);
2751 				}
2752 			}
2753 		}
2754 		svcs &= ~mask;
2755 	}
2756 }
2757 
2758 /*
2759  * nfs_minmax_check(name, value)
2760  *
2761  * Verify that the value for the property specified by index is valid
2762  * relative to the opposite value in the case of a min/max variable.
2763  * Currently, server_minvers/server_maxvers and
2764  * client_minvers/client_maxvers are the only ones to check.
2765  */
2766 
2767 static int
2768 nfs_minmax_check(int index, int value)
2769 {
2770 	int val;
2771 	char *pval;
2772 	sa_property_t prop;
2773 	sa_optionset_t opts;
2774 	int ret = B_TRUE;
2775 
2776 	if (proto_options[index].other != NULL) {
2777 		/* have a property to compare against */
2778 		opts = nfs_get_proto_set();
2779 		prop = sa_get_property(opts, proto_options[index].other);
2780 		/*
2781 		 * If we don't find the property, assume default
2782 		 * values which will work since the max will be at the
2783 		 * max and the min at the min.
2784 		 */
2785 		if (prop != NULL) {
2786 			pval = sa_get_property_attr(prop, "value");
2787 			if (pval != NULL) {
2788 				val = strtoul(pval, NULL, 0);
2789 				if (proto_options[index].compare ==
2790 				    OPT_CMP_LE) {
2791 					ret = value <= val ? B_TRUE : B_FALSE;
2792 				} else if (proto_options[index].compare ==
2793 				    OPT_CMP_GE) {
2794 					ret = value >= val ? B_TRUE : B_FALSE;
2795 				}
2796 			}
2797 		}
2798 	}
2799 	return (ret);
2800 }
2801 
2802 /*
2803  * nfs_validate_proto_prop(index, name, value)
2804  *
2805  * Verify that the property specifed by name can take the new
2806  * value. This is a sanity check to prevent bad values getting into
2807  * the default files. All values need to be checked against what is
2808  * allowed by their defined type. If a type isn't explicitly defined
2809  * here, it is treated as a string.
2810  *
2811  * Note that OPT_TYPE_NUMBER will additionally check that the value is
2812  * within the range specified and potentially against another property
2813  * value as well as specified in the proto_options members other and
2814  * compare.
2815  */
2816 
2817 static int
2818 nfs_validate_proto_prop(int index, char *name, char *value)
2819 {
2820 	int ret = SA_OK;
2821 	char *cp;
2822 #ifdef lint
2823 	name = name;
2824 #endif
2825 
2826 	switch (proto_options[index].type) {
2827 	case OPT_TYPE_NUMBER:
2828 		if (!is_a_number(value))
2829 			ret = SA_BAD_VALUE;
2830 		else {
2831 			int val;
2832 			val = strtoul(value, NULL, 0);
2833 			if (val < proto_options[index].minval ||
2834 			    val > proto_options[index].maxval)
2835 				ret = SA_BAD_VALUE;
2836 			/*
2837 			 * For server_versmin/server_versmax and
2838 			 * client_versmin/client_versmax, the value of the
2839 			 * min(max) should be checked to be correct relative
2840 			 * to the current max(min).
2841 			 */
2842 			if (!nfs_minmax_check(index, val)) {
2843 				ret = SA_BAD_VALUE;
2844 			}
2845 		}
2846 		break;
2847 
2848 	case OPT_TYPE_DOMAIN:
2849 		/*
2850 		 * needs to be a qualified domain so will have at
2851 		 * least one period and other characters on either
2852 		 * side of it.  A zero length string is also allowed
2853 		 * and is the way to turn off the override.
2854 		 */
2855 		if (strlen(value) == 0)
2856 			break;
2857 		cp = strchr(value, '.');
2858 		if (cp == NULL || cp == value || strchr(value, '@') != NULL)
2859 			ret = SA_BAD_VALUE;
2860 		break;
2861 
2862 	case OPT_TYPE_BOOLEAN:
2863 		if (strlen(value) == 0 ||
2864 		    strcasecmp(value, "true") == 0 ||
2865 		    strcmp(value, "1") == 0 ||
2866 		    strcasecmp(value, "false") == 0 ||
2867 		    strcmp(value, "0") == 0) {
2868 			ret = SA_OK;
2869 		} else {
2870 			ret = SA_BAD_VALUE;
2871 		}
2872 		break;
2873 
2874 	case OPT_TYPE_ONOFF:
2875 		if (strcasecmp(value, "on") != 0 &&
2876 		    strcasecmp(value, "off") != 0) {
2877 			ret = SA_BAD_VALUE;
2878 		}
2879 		break;
2880 
2881 	case OPT_TYPE_PROTOCOL:
2882 		if (strcasecmp(value, "all") != 0 &&
2883 		    strcasecmp(value, "tcp") != 0 &&
2884 		    strcasecmp(value, "udp") != 0)
2885 			ret = SA_BAD_VALUE;
2886 		break;
2887 
2888 	default:
2889 		/* treat as a string */
2890 		break;
2891 	}
2892 	return (ret);
2893 }
2894 
2895 /*
2896  * nfs_set_proto_prop(prop)
2897  *
2898  * check that prop is valid.
2899  */
2900 
2901 static int
2902 nfs_set_proto_prop(sa_property_t prop)
2903 {
2904 	int ret = SA_OK;
2905 	char *name;
2906 	char *value;
2907 
2908 	name = sa_get_property_attr(prop, "type");
2909 	value = sa_get_property_attr(prop, "value");
2910 	if (name != NULL && value != NULL) {
2911 		int index = findprotoopt(name, 1);
2912 		if (index >= 0) {
2913 			/* should test for valid value */
2914 			ret = nfs_validate_proto_prop(index, name, value);
2915 			if (ret == SA_OK)
2916 				ret = set_default_file_value(
2917 				    proto_options[index].tag, value);
2918 			if (ret == SA_OK)
2919 				restart_service(proto_options[index].svcs);
2920 		}
2921 	}
2922 	if (name != NULL)
2923 		sa_free_attr_string(name);
2924 	if (value != NULL)
2925 		sa_free_attr_string(value);
2926 	return (ret);
2927 }
2928 
2929 /*
2930  * nfs_get_status()
2931  *
2932  * What is the current status of the nfsd? We use the SMF state here.
2933  * Caller must free the returned value.
2934  */
2935 
2936 static char *
2937 nfs_get_status()
2938 {
2939 	char *state;
2940 	state = smf_get_state(NFSD);
2941 	return (state != NULL ? state : strdup("-"));
2942 }
2943 
2944 /*
2945  * nfs_space_alias(alias)
2946  *
2947  * Lookup the space (security) name. If it is default, convert to the
2948  * real name.
2949  */
2950 
2951 static char *
2952 nfs_space_alias(char *space)
2953 {
2954 	char *name = space;
2955 	seconfig_t secconf;
2956 
2957 	/*
2958 	 * Only the space named "default" is special. If it is used,
2959 	 * the default needs to be looked up and the real name used.
2960 	 * This is normally "sys" but could be changed.  We always
2961 	 * change defautl to the real name.
2962 	 */
2963 	if (strcmp(space, "default") == 0 &&
2964 	    nfs_getseconfig_default(&secconf) == 0) {
2965 		if (nfs_getseconfig_bynumber(secconf.sc_nfsnum, &secconf) == 0)
2966 			name = secconf.sc_name;
2967 	}
2968 	return (strdup(name));
2969 }
2970