xref: /titanic_44/usr/src/lib/libshare/nfs/libshare_nfs.c (revision b9bc7f7832704fda46b4d6b04f3f7be1227dc644)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 /*
30  * NFS specific functions
31  */
32 #include <stdio.h>
33 #include <string.h>
34 #include <ctype.h>
35 #include <stdlib.h>
36 #include <unistd.h>
37 #include <zone.h>
38 #include <errno.h>
39 #include <locale.h>
40 #include <signal.h>
41 #include "libshare.h"
42 #include "libshare_impl.h"
43 #include <nfs/export.h>
44 #include <pwd.h>
45 #include <limits.h>
46 #include <libscf.h>
47 #include "nfslog_config.h"
48 #include "nfslogtab.h"
49 #include "libshare_nfs.h"
50 #include <rpcsvc/daemon_utils.h>
51 #include <nfs/nfs.h>
52 #include <nfs/nfssys.h>
53 
54 /* should really be in some global place */
55 #define	DEF_WIN	30000
56 #define	OPT_CHUNK	1024
57 
58 int debug = 0;
59 
60 #define	NFS_SERVER_SVC	"svc:/network/nfs/server:default"
61 
62 /* internal functions */
63 static int nfs_init();
64 static void nfs_fini();
65 static int nfs_enable_share(sa_share_t);
66 static int nfs_disable_share(sa_share_t, char *);
67 static int nfs_validate_property(sa_property_t, sa_optionset_t);
68 static int nfs_validate_security_mode(char *);
69 static int nfs_is_security_opt(char *);
70 static int nfs_parse_legacy_options(sa_group_t, char *);
71 static char *nfs_format_options(sa_group_t, int);
72 static int nfs_set_proto_prop(sa_property_t);
73 static sa_protocol_properties_t nfs_get_proto_set();
74 static char *nfs_get_status();
75 static char *nfs_space_alias(char *);
76 static uint64_t nfs_features();
77 
78 /*
79  * ops vector that provides the protocol specific info and operations
80  * for share management.
81  */
82 
83 struct sa_plugin_ops sa_plugin_ops = {
84 	SA_PLUGIN_VERSION,
85 	"nfs",
86 	nfs_init,
87 	nfs_fini,
88 	nfs_enable_share,
89 	nfs_disable_share,
90 	nfs_validate_property,
91 	nfs_validate_security_mode,
92 	nfs_is_security_opt,
93 	nfs_parse_legacy_options,
94 	nfs_format_options,
95 	nfs_set_proto_prop,
96 	nfs_get_proto_set,
97 	nfs_get_status,
98 	nfs_space_alias,
99 	NULL,	/* update_legacy */
100 	NULL,	/* delete_legacy */
101 	NULL,	/* change_notify */
102 	NULL,	/* enable_resource */
103 	NULL,	/* disable_resource */
104 	nfs_features,
105 	NULL,	/* transient shares */
106 	NULL,	/* notify resource */
107 	NULL
108 };
109 
110 /*
111  * list of support services needed
112  * defines should come from head/rpcsvc/daemon_utils.h
113  */
114 
115 static char *service_list_default[] =
116 	{ STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NULL };
117 static char *service_list_logging[] =
118 	{ STATD, LOCKD, MOUNTD, NFSD, NFSMAPID, RQUOTAD, NFSLOGD, NULL };
119 
120 /*
121  * option definitions.  Make sure to keep the #define for the option
122  * index just before the entry it is the index for. Changing the order
123  * can cause breakage.  E.g OPT_RW is index 1 and must precede the
124  * line that includes the SHOPT_RW and OPT_RW entries.
125  */
126 
127 struct option_defs optdefs[] = {
128 #define	OPT_RO		0
129 	{SHOPT_RO, OPT_RO, OPT_TYPE_ACCLIST},
130 #define	OPT_RW		1
131 	{SHOPT_RW, OPT_RW, OPT_TYPE_ACCLIST},
132 #define	OPT_ROOT	2
133 	{SHOPT_ROOT, OPT_ROOT, OPT_TYPE_ACCLIST},
134 #define	OPT_SECURE	3
135 	{SHOPT_SECURE, OPT_SECURE, OPT_TYPE_DEPRECATED},
136 #define	OPT_ANON	4
137 	{SHOPT_ANON, OPT_ANON, OPT_TYPE_USER},
138 #define	OPT_WINDOW	5
139 	{SHOPT_WINDOW, OPT_WINDOW, OPT_TYPE_NUMBER},
140 #define	OPT_NOSUID	6
141 	{SHOPT_NOSUID, OPT_NOSUID, OPT_TYPE_BOOLEAN},
142 #define	OPT_ACLOK	7
143 	{SHOPT_ACLOK, OPT_ACLOK, OPT_TYPE_BOOLEAN},
144 #define	OPT_NOSUB	8
145 	{SHOPT_NOSUB, OPT_NOSUB, OPT_TYPE_BOOLEAN},
146 #define	OPT_SEC		9
147 	{SHOPT_SEC, OPT_SEC, OPT_TYPE_SECURITY},
148 #define	OPT_PUBLIC	10
149 	{SHOPT_PUBLIC, OPT_PUBLIC, OPT_TYPE_BOOLEAN, OPT_SHARE_ONLY},
150 #define	OPT_INDEX	11
151 	{SHOPT_INDEX, OPT_INDEX, OPT_TYPE_FILE},
152 #define	OPT_LOG		12
153 	{SHOPT_LOG, OPT_LOG, OPT_TYPE_LOGTAG},
154 #define	OPT_CKSUM	13
155 	{SHOPT_CKSUM, OPT_CKSUM, OPT_TYPE_STRINGSET},
156 #ifdef VOLATILE_FH_TEST	/* XXX added for testing volatile fh's only */
157 #define	OPT_VOLFH	14
158 	{SHOPT_VOLFH, OPT_VOLFH},
159 #endif /* VOLATILE_FH_TEST */
160 	NULL
161 };
162 
163 /*
164  * list of properties that are related to security flavors.
165  */
166 static char *seclist[] = {
167 	SHOPT_RO,
168 	SHOPT_RW,
169 	SHOPT_ROOT,
170 	SHOPT_WINDOW,
171 	NULL
172 };
173 
174 /* structure for list of securities */
175 struct securities {
176 	sa_security_t security;
177 	struct securities *next;
178 };
179 
180 /*
181  * findopt(name)
182  *
183  * Lookup option "name" in the option table and return the table
184  * index.
185  */
186 
187 static int
188 findopt(char *name)
189 {
190 	int i;
191 	if (name != NULL) {
192 		for (i = 0; optdefs[i].tag != NULL; i++) {
193 			if (strcmp(optdefs[i].tag, name) == 0)
194 				return (i);
195 		}
196 	}
197 	return (-1);
198 }
199 
200 /*
201  * gettype(name)
202  *
203  * Return the type of option "name".
204  */
205 
206 static int
207 gettype(char *name)
208 {
209 	int optdef;
210 
211 	optdef = findopt(name);
212 	if (optdef != -1)
213 		return (optdefs[optdef].type);
214 	return (OPT_TYPE_ANY);
215 }
216 
217 /*
218  * nfs_validate_security_mode(mode)
219  *
220  * is the specified mode string a valid one for use with NFS?
221  */
222 
223 static int
224 nfs_validate_security_mode(char *mode)
225 {
226 	seconfig_t secinfo;
227 	int err;
228 
229 	(void) memset(&secinfo, '\0', sizeof (secinfo));
230 	err = nfs_getseconfig_byname(mode, &secinfo);
231 	if (err == SC_NOERROR)
232 		return (1);
233 	return (0);
234 }
235 
236 /*
237  * nfs_is_security_opt(tok)
238  *
239  * check to see if tok represents an option that is only valid in some
240  * security flavor.
241  */
242 
243 static int
244 nfs_is_security_opt(char *tok)
245 {
246 	int i;
247 
248 	for (i = 0; seclist[i] != NULL; i++) {
249 		if (strcmp(tok, seclist[i]) == 0)
250 			return (1);
251 	}
252 	return (0);
253 }
254 
255 /*
256  * find_security(seclist, sec)
257  *
258  * Walk the current list of security flavors and return true if it is
259  * present, else return false.
260  */
261 
262 static int
263 find_security(struct securities *seclist, sa_security_t sec)
264 {
265 	while (seclist != NULL) {
266 		if (seclist->security == sec)
267 			return (1);
268 		seclist = seclist->next;
269 	}
270 	return (0);
271 }
272 
273 /*
274  * make_security_list(group, securitymodes, proto)
275  *	go through the list of securitymodes and add them to the
276  *	group's list of security optionsets. We also keep a list of
277  *	those optionsets so we don't have to find them later. All of
278  *	these will get copies of the same properties.
279  */
280 
281 static struct securities *
282 make_security_list(sa_group_t group, char *securitymodes, char *proto)
283 {
284 	char *tok, *next = NULL;
285 	struct securities *curp, *headp = NULL, *prev;
286 	sa_security_t check;
287 	int freetok = 0;
288 
289 	for (tok = securitymodes; tok != NULL; tok = next) {
290 		next = strchr(tok, ':');
291 		if (next != NULL)
292 			*next++ = '\0';
293 		if (strcmp(tok, "default") == 0) {
294 			/* resolve default into the real type */
295 			tok = nfs_space_alias(tok);
296 			freetok = 1;
297 		}
298 		check = sa_get_security(group, tok, proto);
299 
300 		/* add to the security list if it isn't there already */
301 		if (check == NULL || !find_security(headp, check)) {
302 			curp = (struct securities *)calloc(1,
303 			    sizeof (struct securities));
304 			if (curp != NULL) {
305 				if (check == NULL) {
306 					curp->security = sa_create_security(
307 					    group, tok, proto);
308 				} else {
309 					curp->security = check;
310 				}
311 				/*
312 				 * note that the first time through the loop,
313 				 * headp will be NULL and prev will be
314 				 * undefined.  Since headp is NULL, we set
315 				 * both it and prev to the curp (first
316 				 * structure to be allocated).
317 				 *
318 				 * later passes through the loop will have
319 				 * headp not being NULL and prev will be used
320 				 * to allocate at the end of the list.
321 				 */
322 				if (headp == NULL) {
323 					headp = curp;
324 					prev = curp;
325 				} else {
326 					prev->next = curp;
327 					prev = curp;
328 				}
329 			}
330 		}
331 
332 		if (freetok) {
333 			freetok = 0;
334 			sa_free_attr_string(tok);
335 		}
336 	}
337 	return (headp);
338 }
339 
340 static void
341 free_security_list(struct securities *sec)
342 {
343 	struct securities *next;
344 	if (sec != NULL) {
345 		for (next = sec->next; sec != NULL; sec = next) {
346 			next = sec->next;
347 			free(sec);
348 		}
349 	}
350 }
351 
352 /*
353  * nfs_alistcat(str1, str2, sep)
354  *
355  * concatenate str1 and str2 into a new string using sep as a separate
356  * character. If memory allocation fails, return NULL;
357  */
358 
359 static char *
360 nfs_alistcat(char *str1, char *str2, char sep)
361 {
362 	char *newstr;
363 	size_t len;
364 
365 	len = strlen(str1) + strlen(str2) + 2;
366 	newstr = (char *)malloc(len);
367 	if (newstr != NULL)
368 		(void) snprintf(newstr, len, "%s%c%s", str1, sep, str2);
369 	return (newstr);
370 }
371 
372 /*
373  * add_security_prop(sec, name, value, persist)
374  *
375  * Add the property to the securities structure. This accumulates
376  * properties for as part of parsing legacy options.
377  */
378 
379 static int
380 add_security_prop(struct securities *sec, char *name, char *value,
381 			int persist, int iszfs)
382 {
383 	sa_property_t prop;
384 	int ret = SA_OK;
385 
386 	for (; sec != NULL; sec = sec->next) {
387 		if (value == NULL) {
388 			if (strcmp(name, SHOPT_RW) == 0 ||
389 			    strcmp(name, SHOPT_RO) == 0)
390 				value = "*";
391 			else
392 				value = "true";
393 		}
394 
395 		/*
396 		 * Get the existing property, if it exists, so we can
397 		 * determine what to do with it. The ro/rw/root
398 		 * properties can be merged if multiple instances of
399 		 * these properies are given. For example, if "rw"
400 		 * exists with a value "host1" and a later token of
401 		 * rw="host2" is seen, the values are merged into a
402 		 * single rw="host1:host2".
403 		 */
404 		prop = sa_get_property(sec->security, name);
405 
406 		if (prop != NULL) {
407 			char *oldvalue;
408 			char *newvalue;
409 
410 			/*
411 			 * The security options of ro/rw/root might appear
412 			 * multiple times. If they do, the values need to be
413 			 * merged into an access list. If it was previously
414 			 * empty, the new value alone is added.
415 			 */
416 			oldvalue = sa_get_property_attr(prop, "value");
417 			if (oldvalue != NULL) {
418 				/*
419 				 * The general case is to concatenate the new
420 				 * value onto the old value for multiple
421 				 * rw(ro/root) properties. A special case
422 				 * exists when either the old or new is the
423 				 * "all" case. In the special case, if both
424 				 * are "all", then it is "all", else if one is
425 				 * an access-list, that replaces the "all".
426 				 */
427 				if (strcmp(oldvalue, "*") == 0) {
428 					/* Replace old value with new value. */
429 					newvalue = strdup(value);
430 				} else if (strcmp(value, "*") == 0 ||
431 				    strcmp(oldvalue, value) == 0) {
432 					/*
433 					 * Keep old value and ignore
434 					 * the new value.
435 					 */
436 					newvalue = NULL;
437 				} else {
438 					/*
439 					 * Make a new list of old plus new
440 					 * access-list.
441 					 */
442 					newvalue = nfs_alistcat(oldvalue,
443 					    value, ':');
444 				}
445 
446 				if (newvalue != NULL) {
447 					(void) sa_remove_property(prop);
448 					prop = sa_create_property(name,
449 					    newvalue);
450 					ret = sa_add_property(sec->security,
451 					    prop);
452 					free(newvalue);
453 				}
454 				if (oldvalue != NULL)
455 					sa_free_attr_string(oldvalue);
456 			}
457 		} else {
458 			prop = sa_create_property(name, value);
459 			ret = sa_add_property(sec->security, prop);
460 		}
461 		if (ret == SA_OK && !iszfs) {
462 			ret = sa_commit_properties(sec->security, !persist);
463 		}
464 	}
465 	return (ret);
466 }
467 
468 /*
469  * check to see if group/share is persistent.
470  */
471 static int
472 is_persistent(sa_group_t group)
473 {
474 	char *type;
475 	int persist = 1;
476 
477 	type = sa_get_group_attr(group, "type");
478 	if (type != NULL && strcmp(type, "persist") != 0)
479 		persist = 0;
480 	if (type != NULL)
481 		sa_free_attr_string(type);
482 	return (persist);
483 }
484 
485 /*
486  * invalid_security(options)
487  *
488  * search option string for any invalid sec= type.
489  * return true (1) if any are not valid else false (0)
490  */
491 static int
492 invalid_security(char *options)
493 {
494 	char *copy, *base, *token, *value;
495 	int ret = 0;
496 
497 	copy = strdup(options);
498 	token = base = copy;
499 	while (token != NULL && ret == 0) {
500 		token = strtok(base, ",");
501 		base = NULL;
502 		if (token != NULL) {
503 			value = strchr(token, '=');
504 			if (value != NULL)
505 				*value++ = '\0';
506 			if (strcmp(token, "sec") == 0) {
507 				/* HAVE security flavors so check them */
508 				char *tok, *next;
509 				for (next = NULL, tok = value; tok != NULL;
510 				    tok = next) {
511 					next = strchr(tok, ':');
512 					if (next != NULL)
513 						*next++ = '\0';
514 					ret = !nfs_validate_security_mode(tok);
515 					if (ret)
516 						break;
517 				}
518 			}
519 		}
520 	}
521 	if (copy != NULL)
522 		free(copy);
523 	return (ret);
524 }
525 
526 /*
527  * nfs_parse_legacy_options(group, options)
528  *
529  * Parse the old style options into internal format and store on the
530  * specified group.  Group could be a share for full legacy support.
531  */
532 
533 static int
534 nfs_parse_legacy_options(sa_group_t group, char *options)
535 {
536 	char *dup;
537 	char *base;
538 	char *token;
539 	sa_optionset_t optionset;
540 	struct securities *security_list = NULL;
541 	sa_property_t prop;
542 	int ret = SA_OK;
543 	int iszfs = 0;
544 	sa_group_t parent;
545 	int persist = 0;
546 	char *lasts;
547 
548 	/* do we have an existing optionset? */
549 	optionset = sa_get_optionset(group, "nfs");
550 	if (optionset == NULL) {
551 		/* didn't find existing optionset so create one */
552 		optionset = sa_create_optionset(group, "nfs");
553 	} else {
554 		/*
555 		 * Have an existing optionset . Ideally, we would need
556 		 * to compare options in order to detect errors. For
557 		 * now, we assume that the first optionset is the
558 		 * correct one and the others will be the same. An
559 		 * empty optionset is the same as no optionset so we
560 		 * don't want to exit in that case. Getting an empty
561 		 * optionset can occur with ZFS property checking.
562 		 */
563 		if (sa_get_property(optionset, NULL) != NULL)
564 			return (ret);
565 	}
566 
567 	if (strcmp(options, SHOPT_RW) == 0) {
568 		/*
569 		 * there is a special case of only the option "rw"
570 		 * being the default option. We don't have to do
571 		 * anything.
572 		 */
573 		return (ret);
574 	}
575 
576 	/*
577 	 * check if security types are present and validate them. If
578 	 * any are not legal, fail.
579 	 */
580 
581 	if (invalid_security(options)) {
582 		return (SA_INVALID_SECURITY);
583 	}
584 
585 	/*
586 	 * in order to not attempt to change ZFS properties unless
587 	 * absolutely necessary, we never do it in the legacy parsing.
588 	 */
589 	if (sa_is_share(group)) {
590 		char *zfs;
591 		parent = sa_get_parent_group(group);
592 		if (parent != NULL) {
593 			zfs = sa_get_group_attr(parent, "zfs");
594 			if (zfs != NULL) {
595 				sa_free_attr_string(zfs);
596 				iszfs++;
597 			}
598 		}
599 	} else {
600 		iszfs = sa_group_is_zfs(group);
601 	}
602 
603 	/* We need a copy of options for the next part. */
604 	dup = strdup(options);
605 	if (dup == NULL)
606 		return (SA_NO_MEMORY);
607 
608 	/*
609 	 * we need to step through each option in the string and then
610 	 * add either the option or the security option as needed. If
611 	 * this is not a persistent share, don't commit to the
612 	 * repository. If there is an error, we also want to abort the
613 	 * processing and report it.
614 	 */
615 	persist = is_persistent(group);
616 	base = dup;
617 	token = dup;
618 	lasts = NULL;
619 	while (token != NULL && ret == SA_OK) {
620 		ret = SA_OK;
621 		token = strtok_r(base, ",", &lasts);
622 		base = NULL;
623 		if (token != NULL) {
624 			char *value;
625 			/*
626 			 * if the option has a value, it will have an '=' to
627 			 * separate the name from the value. The following
628 			 * code will result in value != NULL and token
629 			 * pointing to just the name if there is a value.
630 			 */
631 			value = strchr(token, '=');
632 			if (value != NULL) {
633 				*value++ = '\0';
634 			}
635 			if (strcmp(token, "sec") == 0 ||
636 			    strcmp(token, "secure") == 0) {
637 				/*
638 				 * Once in security parsing, we only
639 				 * do security. We do need to move
640 				 * between the security node and the
641 				 * toplevel. The security tag goes on
642 				 * the root while the following ones
643 				 * go on the security.
644 				 */
645 				if (security_list != NULL) {
646 					/*
647 					 * have an old list so close it and
648 					 * start the new
649 					 */
650 					free_security_list(security_list);
651 				}
652 				if (strcmp(token, "secure") == 0) {
653 					value = "dh";
654 				} else {
655 					if (value == NULL) {
656 						ret = SA_SYNTAX_ERR;
657 						break;
658 					}
659 				}
660 				security_list = make_security_list(group,
661 				    value, "nfs");
662 			} else {
663 				/*
664 				 * Note that the "old" syntax allowed a
665 				 * default security model This must be
666 				 * accounted for and internally converted to
667 				 * "standard" security structure.
668 				 */
669 				if (nfs_is_security_opt(token)) {
670 					if (security_list == NULL) {
671 						/*
672 						 * need to have a
673 						 * security
674 						 * option. This will
675 						 * be "closed" when a
676 						 * defined "sec="
677 						 * option is
678 						 * seen. This is
679 						 * technically an
680 						 * error but will be
681 						 * allowed with
682 						 * warning.
683 						 */
684 						security_list =
685 						    make_security_list(group,
686 						    "default",
687 						    "nfs");
688 					}
689 					if (security_list != NULL) {
690 						ret = add_security_prop(
691 						    security_list, token,
692 						    value, persist, iszfs);
693 					} else {
694 						ret = SA_NO_MEMORY;
695 					}
696 				} else {
697 					/* regular options */
698 					if (value == NULL) {
699 						if (strcmp(token, SHOPT_RW) ==
700 						    0 || strcmp(token,
701 						    SHOPT_RO) == 0) {
702 							value = "*";
703 						} else {
704 							value = "global";
705 							if (strcmp(token,
706 							    SHOPT_LOG) != 0) {
707 								value = "true";
708 							}
709 						}
710 					}
711 					/*
712 					 * In all cases, create the
713 					 * property specified. If the
714 					 * value was NULL, the default
715 					 * value will have been
716 					 * substituted.
717 					 */
718 					prop = sa_create_property(token, value);
719 					ret =  sa_add_property(optionset, prop);
720 					if (ret != SA_OK)
721 						break;
722 
723 					if (!iszfs) {
724 						ret = sa_commit_properties(
725 						    optionset, !persist);
726 					}
727 				}
728 			}
729 		}
730 	}
731 	if (security_list != NULL)
732 		free_security_list(security_list);
733 
734 	free(dup);
735 	return (ret);
736 }
737 
738 /*
739  * is_a_number(number)
740  *
741  * is the string a number in one of the forms we want to use?
742  */
743 
744 static int
745 is_a_number(char *number)
746 {
747 	int ret = 1;
748 	int hex = 0;
749 
750 	if (strncmp(number, "0x", 2) == 0) {
751 		number += 2;
752 		hex = 1;
753 	} else if (*number == '-') {
754 		number++; /* skip the minus */
755 	}
756 	while (ret == 1 && *number != '\0') {
757 		if (hex) {
758 			ret = isxdigit(*number++);
759 		} else {
760 			ret = isdigit(*number++);
761 		}
762 	}
763 	return (ret);
764 }
765 
766 /*
767  * Look for the specified tag in the configuration file. If it is found,
768  * enable logging and set the logging configuration information for exp.
769  */
770 static void
771 configlog(struct exportdata *exp, char *tag)
772 {
773 	nfsl_config_t *configlist = NULL, *configp;
774 	int error = 0;
775 	char globaltag[] = DEFAULTTAG;
776 
777 	/*
778 	 * Sends config errors to stderr
779 	 */
780 	nfsl_errs_to_syslog = B_FALSE;
781 
782 	/*
783 	 * get the list of configuration settings
784 	 */
785 	error = nfsl_getconfig_list(&configlist);
786 	if (error) {
787 		(void) fprintf(stderr,
788 		    dgettext(TEXT_DOMAIN, "Cannot get log configuration: %s\n"),
789 		    strerror(error));
790 	}
791 
792 	if (tag == NULL)
793 		tag = globaltag;
794 	if ((configp = nfsl_findconfig(configlist, tag, &error)) == NULL) {
795 		nfsl_freeconfig_list(&configlist);
796 		(void) fprintf(stderr,
797 		    dgettext(TEXT_DOMAIN, "No tags matching \"%s\"\n"), tag);
798 		/* bad configuration */
799 		error = ENOENT;
800 		goto err;
801 	}
802 
803 	if ((exp->ex_tag = strdup(tag)) == NULL) {
804 		error = ENOMEM;
805 		goto out;
806 	}
807 	if ((exp->ex_log_buffer = strdup(configp->nc_bufferpath)) == NULL) {
808 		error = ENOMEM;
809 		goto out;
810 	}
811 	exp->ex_flags |= EX_LOG;
812 	if (configp->nc_rpclogpath != NULL)
813 		exp->ex_flags |= EX_LOG_ALLOPS;
814 out:
815 	if (configlist != NULL)
816 		nfsl_freeconfig_list(&configlist);
817 
818 err:
819 	if (error != 0) {
820 		if (exp->ex_flags != NULL)
821 			free(exp->ex_tag);
822 		if (exp->ex_log_buffer != NULL)
823 			free(exp->ex_log_buffer);
824 		(void) fprintf(stderr,
825 		    dgettext(TEXT_DOMAIN, "Cannot set log configuration: %s\n"),
826 		    strerror(error));
827 	}
828 }
829 
830 /*
831  * fill_export_from_optionset(export, optionset)
832  *
833  * In order to share, we need to set all the possible general options
834  * into the export structure. Share info will be filled in by the
835  * caller. Various property values get turned into structure specific
836  * values.
837  */
838 
839 static int
840 fill_export_from_optionset(struct exportdata *export, sa_optionset_t optionset)
841 {
842 	sa_property_t option;
843 	int ret = SA_OK;
844 
845 	for (option = sa_get_property(optionset, NULL);
846 	    option != NULL; option = sa_get_next_property(option)) {
847 		char *name;
848 		char *value;
849 		uint32_t val;
850 
851 		/*
852 		 * since options may be set/reset multiple times, always do an
853 		 * explicit set or clear of the option. This allows defaults
854 		 * to be set and then the protocol specific to override.
855 		 */
856 
857 		name = sa_get_property_attr(option, "type");
858 		value = sa_get_property_attr(option, "value");
859 		switch (findopt(name)) {
860 		case OPT_ANON:
861 			if (value != NULL && is_a_number(value)) {
862 				val = strtoul(value, NULL, 0);
863 			} else {
864 				struct passwd *pw;
865 				pw = getpwnam(value != NULL ? value : "nobody");
866 				if (pw != NULL) {
867 					val = pw->pw_uid;
868 				} else {
869 					val = UID_NOBODY;
870 				}
871 				endpwent();
872 			}
873 			export->ex_anon = val;
874 			break;
875 		case OPT_NOSUID:
876 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
877 			    strcmp(value, "1") == 0))
878 				export->ex_flags |= EX_NOSUID;
879 			else
880 				export->ex_flags &= ~EX_NOSUID;
881 			break;
882 		case OPT_ACLOK:
883 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
884 			    strcmp(value, "1") == 0))
885 				export->ex_flags |= EX_ACLOK;
886 			else
887 				export->ex_flags &= ~EX_ACLOK;
888 			break;
889 		case OPT_NOSUB:
890 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
891 			    strcmp(value, "1") == 0))
892 				export->ex_flags |= EX_NOSUB;
893 			else
894 				export->ex_flags &= ~EX_NOSUB;
895 			break;
896 		case OPT_PUBLIC:
897 			if (value != NULL && (strcasecmp(value, "true") == 0 ||
898 			    strcmp(value, "1") == 0))
899 				export->ex_flags |= EX_PUBLIC;
900 			else
901 				export->ex_flags &= ~EX_PUBLIC;
902 			break;
903 		case OPT_INDEX:
904 			if (value != NULL && (strcmp(value, "..") == 0 ||
905 			    strchr(value, '/') != NULL)) {
906 				/* this is an error */
907 				(void) printf(dgettext(TEXT_DOMAIN,
908 				    "NFS: index=\"%s\" not valid;"
909 				    "must be a filename.\n"),
910 				    value);
911 				break;
912 			}
913 			if (value != NULL && *value != '\0' &&
914 			    strcmp(value, ".") != 0) {
915 				/* valid index file string */
916 				if (export->ex_index != NULL) {
917 					/* left over from "default" */
918 					free(export->ex_index);
919 				}
920 				/* remember to free */
921 				export->ex_index = strdup(value);
922 				if (export->ex_index == NULL) {
923 					(void) printf(dgettext(TEXT_DOMAIN,
924 					    "NFS: out of memory setting "
925 					    "index property\n"));
926 					break;
927 				}
928 				export->ex_flags |= EX_INDEX;
929 			}
930 			break;
931 		case OPT_LOG:
932 			if (value == NULL)
933 				value = strdup("global");
934 			if (value != NULL)
935 				configlog(export,
936 				    strlen(value) ? value : "global");
937 			break;
938 		default:
939 			/* have a syntactic error */
940 			(void) printf(dgettext(TEXT_DOMAIN,
941 			    "NFS: unrecognized option %s=%s\n"),
942 			    name, value != NULL ? value : "");
943 			break;
944 		}
945 		if (name != NULL)
946 			sa_free_attr_string(name);
947 		if (value != NULL)
948 			sa_free_attr_string(value);
949 	}
950 	return (ret);
951 }
952 
953 /*
954  * cleanup_export(export)
955  *
956  * Cleanup the allocated areas so we don't leak memory
957  */
958 
959 static void
960 cleanup_export(struct exportdata *export)
961 {
962 	int i;
963 
964 	if (export->ex_index != NULL)
965 		free(export->ex_index);
966 	if (export->ex_secinfo != NULL) {
967 		for (i = 0; i < export->ex_seccnt; i++)
968 			if (export->ex_secinfo[i].s_rootnames != NULL)
969 				free(export->ex_secinfo[i].s_rootnames);
970 		free(export->ex_secinfo);
971 	}
972 }
973 
974 /*
975  * Given a seconfig entry and a colon-separated
976  * list of names, allocate an array big enough
977  * to hold the root list, then convert each name to
978  * a principal name according to the security
979  * info and assign it to an array element.
980  * Return the array and its size.
981  */
982 static caddr_t *
983 get_rootnames(seconfig_t *sec, char *list, int *count)
984 {
985 	caddr_t *a;
986 	int c, i;
987 	char *host, *p;
988 
989 	/*
990 	 * Count the number of strings in the list.
991 	 * This is the number of colon separators + 1.
992 	 */
993 	c = 1;
994 	for (p = list; *p; p++)
995 		if (*p == ':')
996 			c++;
997 	*count = c;
998 
999 	a = (caddr_t *)malloc(c * sizeof (char *));
1000 	if (a == NULL) {
1001 		(void) printf(dgettext(TEXT_DOMAIN,
1002 		    "get_rootnames: no memory\n"));
1003 	} else {
1004 		for (i = 0; i < c; i++) {
1005 			host = strtok(list, ":");
1006 			if (!nfs_get_root_principal(sec, host, &a[i])) {
1007 				free(a);
1008 				a = NULL;
1009 				break;
1010 			}
1011 			list = NULL;
1012 		}
1013 	}
1014 
1015 	return (a);
1016 }
1017 
1018 /*
1019  * fill_security_from_secopts(sp, secopts)
1020  *
1021  * Fill the secinfo structure from the secopts optionset.
1022  */
1023 
1024 static int
1025 fill_security_from_secopts(struct secinfo *sp, sa_security_t secopts)
1026 {
1027 	sa_property_t prop;
1028 	char *type;
1029 	int longform;
1030 	int err = SC_NOERROR;
1031 
1032 	type = sa_get_security_attr(secopts, "sectype");
1033 	if (type != NULL) {
1034 		/* named security type needs secinfo to be filled in */
1035 		err = nfs_getseconfig_byname(type, &sp->s_secinfo);
1036 		sa_free_attr_string(type);
1037 		if (err != SC_NOERROR)
1038 			return (err);
1039 	} else {
1040 		/* default case */
1041 		err = nfs_getseconfig_default(&sp->s_secinfo);
1042 		if (err != SC_NOERROR)
1043 			return (err);
1044 	}
1045 
1046 	err = SA_OK;
1047 	for (prop = sa_get_property(secopts, NULL);
1048 	    prop != NULL && err == SA_OK;
1049 	    prop = sa_get_next_property(prop)) {
1050 		char *name;
1051 		char *value;
1052 
1053 		name = sa_get_property_attr(prop, "type");
1054 		value = sa_get_property_attr(prop, "value");
1055 
1056 		longform = value != NULL && strcmp(value, "*") != 0;
1057 
1058 		switch (findopt(name)) {
1059 		case OPT_RO:
1060 			sp->s_flags |= longform ? M_ROL : M_RO;
1061 			break;
1062 		case OPT_RW:
1063 			sp->s_flags |= longform ? M_RWL : M_RW;
1064 			break;
1065 		case OPT_ROOT:
1066 			sp->s_flags |= M_ROOT;
1067 			/*
1068 			 * if we are using AUTH_UNIX, handle like other things
1069 			 * such as RO/RW
1070 			 */
1071 			if (sp->s_secinfo.sc_rpcnum == AUTH_UNIX)
1072 				continue;
1073 			/* not AUTH_UNIX */
1074 			if (value != NULL) {
1075 				sp->s_rootnames = get_rootnames(&sp->s_secinfo,
1076 				    value, &sp->s_rootcnt);
1077 				if (sp->s_rootnames == NULL) {
1078 					err = SA_BAD_VALUE;
1079 					(void) fprintf(stderr,
1080 					    dgettext(TEXT_DOMAIN,
1081 					    "Bad root list\n"));
1082 				}
1083 			}
1084 			break;
1085 		case OPT_WINDOW:
1086 			if (value != NULL) {
1087 				sp->s_window = atoi(value);
1088 				/* just in case */
1089 				if (sp->s_window < 0)
1090 					sp->s_window = DEF_WIN;
1091 			}
1092 			break;
1093 		default:
1094 			break;
1095 		}
1096 		if (name != NULL)
1097 			sa_free_attr_string(name);
1098 		if (value != NULL)
1099 			sa_free_attr_string(value);
1100 	}
1101 	/* if rw/ro options not set, use default of RW */
1102 	if ((sp->s_flags & NFS_RWMODES) == 0)
1103 		sp->s_flags |= M_RW;
1104 	return (err);
1105 }
1106 
1107 /*
1108  * This is for testing only
1109  * It displays the export structure that
1110  * goes into the kernel.
1111  */
1112 static void
1113 printarg(char *path, struct exportdata *ep)
1114 {
1115 	int i, j;
1116 	struct secinfo *sp;
1117 
1118 	if (debug == 0)
1119 		return;
1120 
1121 	(void) printf("%s:\n", path);
1122 	(void) printf("\tex_version = %d\n", ep->ex_version);
1123 	(void) printf("\tex_path = %s\n", ep->ex_path);
1124 	(void) printf("\tex_pathlen = %ld\n", (ulong_t)ep->ex_pathlen);
1125 	(void) printf("\tex_flags: (0x%02x) ", ep->ex_flags);
1126 	if (ep->ex_flags & EX_NOSUID)
1127 		(void) printf("NOSUID ");
1128 	if (ep->ex_flags & EX_ACLOK)
1129 		(void) printf("ACLOK ");
1130 	if (ep->ex_flags & EX_PUBLIC)
1131 		(void) printf("PUBLIC ");
1132 	if (ep->ex_flags & EX_NOSUB)
1133 		(void) printf("NOSUB ");
1134 	if (ep->ex_flags & EX_LOG)
1135 		(void) printf("LOG ");
1136 	if (ep->ex_flags & EX_LOG_ALLOPS)
1137 		(void) printf("LOG_ALLOPS ");
1138 	if (ep->ex_flags == 0)
1139 		(void) printf("(none)");
1140 	(void) 	printf("\n");
1141 	if (ep->ex_flags & EX_LOG) {
1142 		(void) printf("\tex_log_buffer = %s\n",
1143 		    (ep->ex_log_buffer ? ep->ex_log_buffer : "(NULL)"));
1144 		(void) printf("\tex_tag = %s\n",
1145 		    (ep->ex_tag ? ep->ex_tag : "(NULL)"));
1146 	}
1147 	(void) printf("\tex_anon = %d\n", ep->ex_anon);
1148 	(void) printf("\tex_seccnt = %d\n", ep->ex_seccnt);
1149 	(void) printf("\n");
1150 	for (i = 0; i < ep->ex_seccnt; i++) {
1151 		sp = &ep->ex_secinfo[i];
1152 		(void) printf("\t\ts_secinfo = %s\n", sp->s_secinfo.sc_name);
1153 		(void) printf("\t\ts_flags: (0x%02x) ", sp->s_flags);
1154 		if (sp->s_flags & M_ROOT) (void) printf("M_ROOT ");
1155 		if (sp->s_flags & M_RO) (void) printf("M_RO ");
1156 		if (sp->s_flags & M_ROL) (void) printf("M_ROL ");
1157 		if (sp->s_flags & M_RW) (void) printf("M_RW ");
1158 		if (sp->s_flags & M_RWL) (void) printf("M_RWL ");
1159 		if (sp->s_flags == 0) (void) printf("(none)");
1160 		(void) printf("\n");
1161 		(void) printf("\t\ts_window = %d\n", sp->s_window);
1162 		(void) printf("\t\ts_rootcnt = %d ", sp->s_rootcnt);
1163 		(void) fflush(stdout);
1164 		for (j = 0; j < sp->s_rootcnt; j++)
1165 			(void) printf("%s ", sp->s_rootnames[j] ?
1166 			    sp->s_rootnames[j] : "<null>");
1167 		(void) printf("\n\n");
1168 	}
1169 }
1170 
1171 /*
1172  * count_security(opts)
1173  *
1174  * Count the number of security types (flavors). The optionset has
1175  * been populated with the security flavors as a holding mechanism.
1176  * We later use this number to allocate data structures.
1177  */
1178 
1179 static int
1180 count_security(sa_optionset_t opts)
1181 {
1182 	int count = 0;
1183 	sa_property_t prop;
1184 	if (opts != NULL) {
1185 		for (prop = sa_get_property(opts, NULL); prop != NULL;
1186 		    prop = sa_get_next_property(prop)) {
1187 			count++;
1188 		}
1189 	}
1190 	return (count);
1191 }
1192 
1193 /*
1194  * nfs_sprint_option(rbuff, rbuffsize, incr, prop, sep)
1195  *
1196  * provides a mechanism to format NFS properties into legacy output
1197  * format. If the buffer would overflow, it is reallocated and grown
1198  * as appropriate. Special cases of converting internal form of values
1199  * to those used by "share" are done. this function does one property
1200  * at a time.
1201  */
1202 
1203 static int
1204 nfs_sprint_option(char **rbuff, size_t *rbuffsize, size_t incr,
1205 			sa_property_t prop, int sep)
1206 {
1207 	char *name;
1208 	char *value;
1209 	int curlen;
1210 	char *buff = *rbuff;
1211 	size_t buffsize = *rbuffsize;
1212 	int printed = B_FALSE;
1213 
1214 	name = sa_get_property_attr(prop, "type");
1215 	value = sa_get_property_attr(prop, "value");
1216 	if (buff != NULL)
1217 		curlen = strlen(buff);
1218 	else
1219 		curlen = 0;
1220 	if (name != NULL) {
1221 		int len;
1222 		len = strlen(name) + sep;
1223 
1224 		/*
1225 		 * A future RFE would be to replace this with more
1226 		 * generic code and to possibly handle more types.
1227 		 */
1228 		switch (gettype(name)) {
1229 		case OPT_TYPE_BOOLEAN:
1230 			/*
1231 			 * For NFS, boolean value of FALSE means it
1232 			 * doesn't show up in the option list at all.
1233 			 */
1234 			if (value != NULL && strcasecmp(value, "false") == 0)
1235 				goto skip;
1236 			if (value != NULL) {
1237 				sa_free_attr_string(value);
1238 				value = NULL;
1239 			}
1240 			break;
1241 		case OPT_TYPE_ACCLIST:
1242 			if (value != NULL && strcmp(value, "*") == 0) {
1243 				sa_free_attr_string(value);
1244 				value = NULL;
1245 			} else {
1246 				if (value != NULL)
1247 					len += 1 + strlen(value);
1248 			}
1249 			break;
1250 		case OPT_TYPE_LOGTAG:
1251 			if (value != NULL && strlen(value) == 0) {
1252 				sa_free_attr_string(value);
1253 				value = NULL;
1254 			} else {
1255 				if (value != NULL)
1256 					len += 1 + strlen(value);
1257 			}
1258 			break;
1259 		default:
1260 			if (value != NULL)
1261 				len += 1 + strlen(value);
1262 			break;
1263 		}
1264 		while (buffsize <= (curlen + len)) {
1265 			/* need more room */
1266 			buffsize += incr;
1267 			buff = realloc(buff, buffsize);
1268 			if (buff == NULL) {
1269 				/* realloc failed so free everything */
1270 				if (*rbuff != NULL)
1271 					free(*rbuff);
1272 			}
1273 			*rbuff = buff;
1274 			*rbuffsize = buffsize;
1275 			if (buff == NULL)
1276 				goto skip;
1277 
1278 		}
1279 
1280 		if (buff == NULL)
1281 			goto skip;
1282 
1283 		if (value == NULL) {
1284 			(void) snprintf(buff + curlen, buffsize - curlen,
1285 			    "%s%s", sep ? "," : "",
1286 			    name, value != NULL ? value : "");
1287 		} else {
1288 			(void) snprintf(buff + curlen, buffsize - curlen,
1289 			    "%s%s=%s", sep ? "," : "",
1290 			    name, value != NULL ? value : "");
1291 		}
1292 		printed = B_TRUE;
1293 	}
1294 skip:
1295 	if (name != NULL)
1296 		sa_free_attr_string(name);
1297 	if (value != NULL)
1298 		sa_free_attr_string(value);
1299 	return (printed);
1300 }
1301 
1302 /*
1303  * nfs_format_options(group, hier)
1304  *
1305  * format all the options on the group into an old-style option
1306  * string. If hier is non-zero, walk up the tree to get inherited
1307  * options.
1308  */
1309 
1310 static char *
1311 nfs_format_options(sa_group_t group, int hier)
1312 {
1313 	sa_optionset_t options = NULL;
1314 	sa_optionset_t secoptions = NULL;
1315 	sa_property_t prop, secprop;
1316 	sa_security_t security = NULL;
1317 	char *buff;
1318 	size_t buffsize;
1319 	char *sectype = NULL;
1320 	int sep = 0;
1321 
1322 
1323 	buff = malloc(OPT_CHUNK);
1324 	if (buff == NULL) {
1325 		return (NULL);
1326 	}
1327 
1328 	buff[0] = '\0';
1329 	buffsize = OPT_CHUNK;
1330 
1331 	/*
1332 	 * We may have a an optionset relative to this item. format
1333 	 * these if we find them and then add any security definitions.
1334 	 */
1335 
1336 	options = sa_get_derived_optionset(group, "nfs", hier);
1337 
1338 	/*
1339 	 * do the default set first but skip any option that is also
1340 	 * in the protocol specific optionset.
1341 	 */
1342 	if (options != NULL) {
1343 		for (prop = sa_get_property(options, NULL);
1344 		    prop != NULL; prop = sa_get_next_property(prop)) {
1345 			/*
1346 			 * use this one since we skipped any
1347 			 * of these that were also in
1348 			 * optdefault
1349 			 */
1350 			if (nfs_sprint_option(&buff, &buffsize, OPT_CHUNK,
1351 			    prop, sep))
1352 				sep = 1;
1353 			if (buff == NULL) {
1354 				/*
1355 				 * buff could become NULL if there
1356 				 * isn't enough memory for
1357 				 * nfs_sprint_option to realloc()
1358 				 * as necessary. We can't really
1359 				 * do anything about it at this
1360 				 * point so we return NULL.  The
1361 				 * caller should handle the
1362 				 * failure.
1363 				 */
1364 				if (options != NULL)
1365 					sa_free_derived_optionset(
1366 					    options);
1367 				return (buff);
1368 			}
1369 		}
1370 	}
1371 	secoptions = (sa_optionset_t)sa_get_all_security_types(group,
1372 	    "nfs", hier);
1373 	if (secoptions != NULL) {
1374 		for (secprop = sa_get_property(secoptions, NULL);
1375 		    secprop != NULL;
1376 		    secprop = sa_get_next_property(secprop)) {
1377 			sectype = sa_get_property_attr(secprop, "type");
1378 			security =
1379 			    (sa_security_t)sa_get_derived_security(
1380 			    group, sectype, "nfs", hier);
1381 			if (security != NULL) {
1382 				if (sectype != NULL) {
1383 					prop = sa_create_property(
1384 					    "sec", sectype);
1385 					if (prop == NULL)
1386 						goto err;
1387 					if (nfs_sprint_option(&buff,
1388 					    &buffsize, OPT_CHUNK, prop, sep))
1389 						sep = 1;
1390 					(void) sa_remove_property(prop);
1391 					if (buff == NULL)
1392 						goto err;
1393 				}
1394 				for (prop = sa_get_property(security,
1395 				    NULL); prop != NULL;
1396 				    prop = sa_get_next_property(prop)) {
1397 					if (nfs_sprint_option(&buff,
1398 					    &buffsize, OPT_CHUNK, prop, sep))
1399 						sep = 1;
1400 					if (buff == NULL)
1401 						goto err;
1402 				}
1403 				sa_free_derived_optionset(security);
1404 			}
1405 			if (sectype != NULL)
1406 				sa_free_attr_string(sectype);
1407 		}
1408 		sa_free_derived_optionset(secoptions);
1409 	}
1410 
1411 	if (options != NULL)
1412 		sa_free_derived_optionset(options);
1413 	return (buff);
1414 
1415 err:
1416 	/*
1417 	 * If we couldn't allocate memory for option printing, we need
1418 	 * to break out of the nested loops, cleanup and return NULL.
1419 	 */
1420 	if (secoptions != NULL)
1421 		sa_free_derived_optionset(secoptions);
1422 	if (security != NULL)
1423 		sa_free_derived_optionset(security);
1424 	if (sectype != NULL)
1425 		sa_free_attr_string(sectype);
1426 	if (options != NULL)
1427 		sa_free_derived_optionset(options);
1428 	return (buff);
1429 }
1430 
1431 /*
1432  * Append an entry to the nfslogtab file
1433  */
1434 static int
1435 nfslogtab_add(dir, buffer, tag)
1436 	char *dir, *buffer, *tag;
1437 {
1438 	FILE *f;
1439 	struct logtab_ent lep;
1440 	int error = 0;
1441 
1442 	/*
1443 	 * Open the file for update and create it if necessary.
1444 	 * This may leave the I/O offset at the end of the file,
1445 	 * so rewind back to the beginning of the file.
1446 	 */
1447 	f = fopen(NFSLOGTAB, "a+");
1448 	if (f == NULL) {
1449 		error = errno;
1450 		goto out;
1451 	}
1452 	rewind(f);
1453 
1454 	if (lockf(fileno(f), F_LOCK, 0L) < 0) {
1455 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1456 		    "share complete, however failed to lock %s "
1457 		    "for update: %s\n"), NFSLOGTAB, strerror(errno));
1458 		error = -1;
1459 		goto out;
1460 	}
1461 
1462 	if (logtab_deactivate_after_boot(f) == -1) {
1463 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1464 		    "share complete, however could not deactivate "
1465 		    "entries in %s\n"), NFSLOGTAB);
1466 		error = -1;
1467 		goto out;
1468 	}
1469 
1470 	/*
1471 	 * Remove entries matching buffer and sharepoint since we're
1472 	 * going to replace it with perhaps an entry with a new tag.
1473 	 */
1474 	if (logtab_rement(f, buffer, dir, NULL, -1)) {
1475 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1476 		    "share complete, however could not remove matching "
1477 		    "entries in %s\n"), NFSLOGTAB);
1478 		error = -1;
1479 		goto out;
1480 	}
1481 
1482 	/*
1483 	 * Deactivate all active entries matching this sharepoint
1484 	 */
1485 	if (logtab_deactivate(f, NULL, dir, NULL)) {
1486 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1487 		    "share complete, however could not deactivate matching "
1488 		    "entries in %s\n"), NFSLOGTAB);
1489 		error = -1;
1490 		goto out;
1491 	}
1492 
1493 	lep.le_buffer = buffer;
1494 	lep.le_path = dir;
1495 	lep.le_tag = tag;
1496 	lep.le_state = LES_ACTIVE;
1497 
1498 	/*
1499 	 * Add new sharepoint / buffer location to nfslogtab
1500 	 */
1501 	if (logtab_putent(f, &lep) < 0) {
1502 		(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1503 		    "share complete, however could not add %s to %s\n"),
1504 		    dir, NFSLOGTAB);
1505 		error = -1;
1506 	}
1507 
1508 out:
1509 	if (f != NULL)
1510 		(void) fclose(f);
1511 	return (error);
1512 }
1513 
1514 /*
1515  * Deactivate an entry from the nfslogtab file
1516  */
1517 static int
1518 nfslogtab_deactivate(path)
1519 	char *path;
1520 {
1521 	FILE *f;
1522 	int error = 0;
1523 
1524 	f = fopen(NFSLOGTAB, "r+");
1525 	if (f == NULL) {
1526 		error = errno;
1527 		goto out;
1528 	}
1529 	if (lockf(fileno(f), F_LOCK, 0L) < 0) {
1530 		error = errno;
1531 		(void)  fprintf(stderr, dgettext(TEXT_DOMAIN,
1532 		    "share complete, however could not lock %s for "
1533 		    "update: %s\n"), NFSLOGTAB, strerror(error));
1534 		goto out;
1535 	}
1536 	if (logtab_deactivate(f, NULL, path, NULL) == -1) {
1537 		error = -1;
1538 		(void) fprintf(stderr,
1539 		    dgettext(TEXT_DOMAIN,
1540 		    "share complete, however could not "
1541 		    "deactivate %s in %s\n"), path, NFSLOGTAB);
1542 		goto out;
1543 	}
1544 
1545 out:	if (f != NULL)
1546 		(void) fclose(f);
1547 
1548 	return (error);
1549 }
1550 
1551 /*
1552  * check_public(group, skipshare)
1553  *
1554  * Check the group for any shares that have the public property
1555  * enabled. We skip "skipshare" since that is the one we are
1556  * working with. This is a separate function to make handling
1557  * subgroups simpler. Returns true if there is a share with public.
1558  */
1559 static int
1560 check_public(sa_group_t group, sa_share_t skipshare)
1561 {
1562 	int exists = B_FALSE;
1563 	sa_share_t share;
1564 	sa_optionset_t opt;
1565 	sa_property_t prop;
1566 	char *shared;
1567 
1568 	for (share = sa_get_share(group, NULL); share != NULL;
1569 	    share = sa_get_next_share(share)) {
1570 		if (share == skipshare)
1571 			continue;
1572 
1573 		opt = sa_get_optionset(share, "nfs");
1574 		if (opt == NULL)
1575 			continue;
1576 		prop = sa_get_property(opt, "public");
1577 		if (prop == NULL)
1578 			continue;
1579 		shared = sa_get_share_attr(share, "shared");
1580 		if (shared != NULL) {
1581 			exists = strcmp(shared, "true") == 0;
1582 			sa_free_attr_string(shared);
1583 			if (exists == B_TRUE)
1584 				break;
1585 		}
1586 	}
1587 
1588 	return (exists);
1589 }
1590 
1591 /*
1592  * public_exists(share)
1593  *
1594  * check to see if public option is set on any other share than the
1595  * one specified. Need to check zfs sub-groups as well as the top
1596  * level groups.
1597  */
1598 static int
1599 public_exists(sa_share_t skipshare)
1600 {
1601 	sa_group_t group;
1602 	sa_handle_t handle;
1603 
1604 	group = sa_get_parent_group(skipshare);
1605 	if (group == NULL)
1606 		return (SA_NO_SUCH_GROUP);
1607 
1608 	handle = sa_find_group_handle(group);
1609 	if (handle == NULL)
1610 		return (SA_SYSTEM_ERR);
1611 
1612 	for (group = sa_get_group(handle, NULL); group != NULL;
1613 	    group = sa_get_next_group(group)) {
1614 		/* Walk any ZFS subgroups as well as all standard groups */
1615 		if (sa_group_is_zfs(group)) {
1616 			sa_group_t subgroup;
1617 			for (subgroup = sa_get_sub_group(group);
1618 			    subgroup != NULL;
1619 			    subgroup = sa_get_next_group(subgroup)) {
1620 				if (check_public(subgroup, skipshare))
1621 					return (B_TRUE);
1622 			}
1623 		} else {
1624 			if (check_public(group, skipshare))
1625 				return (B_TRUE);
1626 		}
1627 	}
1628 	return (B_FALSE);
1629 }
1630 
1631 /*
1632  * sa_enable_share at the protocol level, enable_share must tell the
1633  * implementation that it is to enable the share. This entails
1634  * converting the path and options into the appropriate ioctl
1635  * calls. It is assumed that all error checking of paths, etc. were
1636  * done earlier.
1637  */
1638 static int
1639 nfs_enable_share(sa_share_t share)
1640 {
1641 	struct exportdata export;
1642 	sa_optionset_t secoptlist;
1643 	struct secinfo *sp;
1644 	int num_secinfo;
1645 	sa_optionset_t opt;
1646 	sa_security_t sec;
1647 	sa_property_t prop;
1648 	char *path;
1649 	int err = SA_OK;
1650 	int i;
1651 	int iszfs;
1652 
1653 	/* Don't drop core if the NFS module isn't loaded. */
1654 	(void) signal(SIGSYS, SIG_IGN);
1655 
1656 	/* get the path since it is important in several places */
1657 	path = sa_get_share_attr(share, "path");
1658 	if (path == NULL)
1659 		return (SA_NO_SUCH_PATH);
1660 
1661 	iszfs = sa_path_is_zfs(path);
1662 	/*
1663 	 * find the optionsets and security sets.  There may not be
1664 	 * any or there could be one or two for each of optionset and
1665 	 * security may have multiple, one per security type per
1666 	 * protocol type.
1667 	 */
1668 	opt = sa_get_derived_optionset(share, "nfs", 1);
1669 	secoptlist = (sa_optionset_t)sa_get_all_security_types(share, "nfs", 1);
1670 	if (secoptlist != NULL)
1671 		num_secinfo = MAX(1, count_security(secoptlist));
1672 	else
1673 		num_secinfo = 1;
1674 
1675 	/*
1676 	 * walk through the options and fill in the structure
1677 	 * appropriately.
1678 	 */
1679 
1680 	(void) memset(&export, '\0', sizeof (export));
1681 
1682 	/*
1683 	 * do non-security options first since there is only one after
1684 	 * the derived group is constructed.
1685 	 */
1686 	export.ex_version = EX_CURRENT_VERSION;
1687 	export.ex_anon = UID_NOBODY; /* this is our default value */
1688 	export.ex_index = NULL;
1689 	export.ex_path = path;
1690 	export.ex_pathlen = strlen(path) + 1;
1691 
1692 	if (opt != NULL)
1693 		err = fill_export_from_optionset(&export, opt);
1694 
1695 	/*
1696 	 * check to see if "public" is set. If it is, then make sure
1697 	 * no other share has it set. If it is already used, fail.
1698 	 */
1699 
1700 	if (export.ex_flags & EX_PUBLIC && public_exists(share)) {
1701 		(void) printf(dgettext(TEXT_DOMAIN,
1702 		    "NFS: Cannot share more than one file "
1703 		    "system with 'public' property\n"));
1704 		err = SA_NOT_ALLOWED;
1705 		goto out;
1706 	}
1707 
1708 	sp = calloc(num_secinfo, sizeof (struct secinfo));
1709 	if (sp == NULL) {
1710 		err = SA_NO_MEMORY;
1711 		(void) printf(dgettext(TEXT_DOMAIN,
1712 		    "NFS: NFS: no memory for security\n"));
1713 		goto out;
1714 	}
1715 	export.ex_secinfo = sp;
1716 	/* get default secinfo */
1717 	export.ex_seccnt = num_secinfo;
1718 	/*
1719 	 * since we must have one security option defined, we
1720 	 * init to the default and then override as we find
1721 	 * defined security options. This handles the case
1722 	 * where we have no defined options but we need to set
1723 	 * up one.
1724 	 */
1725 	sp[0].s_window = DEF_WIN;
1726 	sp[0].s_rootnames = NULL;
1727 	/* setup a default in case no properties defined */
1728 	if (nfs_getseconfig_default(&sp[0].s_secinfo)) {
1729 		(void) printf(dgettext(TEXT_DOMAIN,
1730 		    "NFS: nfs_getseconfig_default: failed to "
1731 		    "get default security mode\n"));
1732 		err = SA_CONFIG_ERR;
1733 	}
1734 	if (secoptlist != NULL) {
1735 		for (i = 0, prop = sa_get_property(secoptlist, NULL);
1736 		    prop != NULL && i < num_secinfo;
1737 		    prop = sa_get_next_property(prop), i++) {
1738 			char *sectype;
1739 				sectype = sa_get_property_attr(prop, "type");
1740 			/*
1741 			 * if sectype is NULL, we probably
1742 			 * have a memory problem and can't get
1743 			 * the correct values. Rather than
1744 			 * exporting with incorrect security,
1745 			 * don't share it.
1746 			 */
1747 			if (sectype == NULL) {
1748 				err = SA_NO_MEMORY;
1749 				(void) printf(dgettext(TEXT_DOMAIN,
1750 				    "NFS: Cannot share %s: "
1751 				    "no memory\n"), path);
1752 				goto out;
1753 			}
1754 			sec = (sa_security_t)sa_get_derived_security(
1755 			    share, sectype, "nfs", 1);
1756 			sp[i].s_window = DEF_WIN;
1757 			sp[i].s_rootcnt = 0;
1758 			sp[i].s_rootnames = NULL;
1759 				(void) fill_security_from_secopts(&sp[i], sec);
1760 			if (sec != NULL)
1761 				sa_free_derived_security(sec);
1762 			if (sectype != NULL)
1763 				sa_free_attr_string(sectype);
1764 		}
1765 	}
1766 	/*
1767 	 * when we get here, we can do the exportfs system call and
1768 	 * initiate thinsg. We probably want to enable the nfs.server
1769 	 * service first if it isn't running within SMF.
1770 	 */
1771 	/* check nfs.server status and start if needed */
1772 	/* now add the share to the internal tables */
1773 	printarg(path, &export);
1774 	/*
1775 	 * call the exportfs system call which is implemented
1776 	 * via the nfssys() call as the EXPORTFS subfunction.
1777 	 */
1778 	if (iszfs) {
1779 		struct exportfs_args ea;
1780 		share_t sh;
1781 		char *str;
1782 		priv_set_t *priv_effective;
1783 		int privileged;
1784 
1785 		/*
1786 		 * If we aren't a privileged user
1787 		 * and NFS server service isn't running
1788 		 * then print out an error message
1789 		 * and return EPERM
1790 		 */
1791 
1792 		priv_effective = priv_allocset();
1793 		(void) getppriv(PRIV_EFFECTIVE, priv_effective);
1794 
1795 		privileged = (priv_isfullset(priv_effective) == B_TRUE);
1796 		priv_freeset(priv_effective);
1797 
1798 		if (!privileged &&
1799 		    (str = smf_get_state(NFS_SERVER_SVC)) != NULL) {
1800 			err = 0;
1801 			if (strcmp(str, SCF_STATE_STRING_ONLINE) != 0) {
1802 				(void) printf(dgettext(TEXT_DOMAIN,
1803 				    "NFS: Cannot share remote "
1804 				    "filesystem: %s\n"), path);
1805 				(void) printf(dgettext(TEXT_DOMAIN,
1806 				    "NFS: Service needs to be enabled "
1807 				    "by a privileged user\n"));
1808 				err = SA_SYSTEM_ERR;
1809 				errno = EPERM;
1810 			}
1811 			free(str);
1812 		}
1813 
1814 		if (err == 0) {
1815 			ea.dname = path;
1816 			ea.uex = &export;
1817 
1818 			sa_sharetab_fill_zfs(share, &sh, "nfs");
1819 			err = sa_share_zfs(share, path, &sh,
1820 			    &ea, ZFS_SHARE_NFS);
1821 			sa_emptyshare(&sh);
1822 		}
1823 	} else {
1824 		err = exportfs(path, &export);
1825 	}
1826 
1827 	if (err < 0) {
1828 		err = SA_SYSTEM_ERR;
1829 		switch (errno) {
1830 		case EREMOTE:
1831 			(void) printf(dgettext(TEXT_DOMAIN,
1832 			    "NFS: Cannot share filesystems "
1833 			    "in non-global zones: %s\n"), path);
1834 			err = SA_NOT_SUPPORTED;
1835 			break;
1836 		case EPERM:
1837 			if (getzoneid() != GLOBAL_ZONEID) {
1838 				(void) printf(dgettext(TEXT_DOMAIN,
1839 				    "NFS: Cannot share file systems "
1840 				    "in non-global zones: %s\n"), path);
1841 				err = SA_NOT_SUPPORTED;
1842 				break;
1843 			}
1844 			err = SA_NO_PERMISSION;
1845 			/* FALLTHROUGH */
1846 		default:
1847 			break;
1848 		}
1849 	} else {
1850 		/* update sharetab with an add/modify */
1851 		if (!iszfs) {
1852 			(void) sa_update_sharetab(share, "nfs");
1853 		}
1854 	}
1855 
1856 	if (err == SA_OK) {
1857 		/*
1858 		 * enable services as needed. This should probably be
1859 		 * done elsewhere in order to minimize the calls to
1860 		 * check services.
1861 		 */
1862 		/*
1863 		 * check to see if logging and other services need to
1864 		 * be triggered, but only if there wasn't an
1865 		 * error. This is probably where sharetab should be
1866 		 * updated with the NFS specific entry.
1867 		 */
1868 		if (export.ex_flags & EX_LOG) {
1869 			/* enable logging */
1870 			if (nfslogtab_add(path, export.ex_log_buffer,
1871 			    export.ex_tag) != 0) {
1872 				(void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1873 				    "Could not enable logging for %s\n"),
1874 				    path);
1875 			}
1876 			_check_services(service_list_logging);
1877 		} else {
1878 			/*
1879 			 * don't have logging so remove it from file. It might
1880 			 * not be thre, but that doesn't matter.
1881 			 */
1882 			(void) nfslogtab_deactivate(path);
1883 			_check_services(service_list_default);
1884 		}
1885 	}
1886 
1887 out:
1888 	if (path != NULL)
1889 		free(path);
1890 
1891 	cleanup_export(&export);
1892 	if (opt != NULL)
1893 		sa_free_derived_optionset(opt);
1894 	if (secoptlist != NULL)
1895 		(void) sa_destroy_optionset(secoptlist);
1896 	return (err);
1897 }
1898 
1899 /*
1900  * nfs_disable_share(share)
1901  *
1902  * Unshare the specified share.  How much error checking should be
1903  * done? We only do basic errors for now.
1904  */
1905 static int
1906 nfs_disable_share(sa_share_t share, char *path)
1907 {
1908 	int err;
1909 	int ret = SA_OK;
1910 	int iszfs;
1911 
1912 
1913 	if (path != NULL) {
1914 		iszfs = sa_path_is_zfs(path);
1915 
1916 		if (iszfs) {
1917 			struct exportfs_args ea;
1918 			share_t sh = { 0 };
1919 
1920 			ea.dname = path;
1921 			ea.uex = NULL;
1922 			sh.sh_path = path;
1923 			sh.sh_fstype = "nfs";
1924 
1925 			err = sa_share_zfs(share, path, &sh,
1926 			    &ea, ZFS_UNSHARE_NFS);
1927 		} else
1928 			err = exportfs(path, NULL);
1929 		if (err < 0) {
1930 			/*
1931 			 * TBD: only an error in some
1932 			 * cases - need better analysis
1933 			 */
1934 
1935 			switch (errno) {
1936 			case EPERM:
1937 			case EACCES:
1938 				ret = SA_NO_PERMISSION;
1939 				if (getzoneid() != GLOBAL_ZONEID) {
1940 					ret = SA_NOT_SUPPORTED;
1941 				}
1942 				break;
1943 			case EINVAL:
1944 			case ENOENT:
1945 				ret = SA_NO_SUCH_PATH;
1946 			break;
1947 			default:
1948 				ret = SA_SYSTEM_ERR;
1949 			break;
1950 			}
1951 		}
1952 		if (ret == SA_OK || ret == SA_NO_SUCH_PATH) {
1953 			if (!iszfs)
1954 				(void) sa_delete_sharetab(path, "nfs");
1955 			/* just in case it was logged */
1956 			(void) nfslogtab_deactivate(path);
1957 		}
1958 	}
1959 	return (ret);
1960 }
1961 
1962 /*
1963  * check ro vs rw values.  Over time this may get beefed up.
1964  * for now it just does simple checks.
1965  */
1966 
1967 static int
1968 check_rorw(char *v1, char *v2)
1969 {
1970 	int ret = SA_OK;
1971 	if (strcmp(v1, v2) == 0)
1972 		ret = SA_VALUE_CONFLICT;
1973 	return (ret);
1974 }
1975 
1976 /*
1977  * nfs_validate_property(property, parent)
1978  *
1979  * Check that the property has a legitimate value for its type.
1980  */
1981 
1982 static int
1983 nfs_validate_property(sa_property_t property, sa_optionset_t parent)
1984 {
1985 	int ret = SA_OK;
1986 	char *propname;
1987 	char *other;
1988 	int optindex;
1989 	nfsl_config_t *configlist;
1990 	sa_group_t parent_group;
1991 	char *value;
1992 
1993 	propname = sa_get_property_attr(property, "type");
1994 
1995 	if ((optindex = findopt(propname)) < 0)
1996 		ret = SA_NO_SUCH_PROP;
1997 
1998 	/* need to validate value range here as well */
1999 
2000 	if (ret == SA_OK) {
2001 		parent_group = sa_get_parent_group((sa_share_t)parent);
2002 		if (optdefs[optindex].share && !sa_is_share(parent_group))
2003 			ret = SA_PROP_SHARE_ONLY;
2004 	}
2005 	if (ret == SA_OK) {
2006 		value = sa_get_property_attr(property, "value");
2007 		if (value != NULL) {
2008 			/* first basic type checking */
2009 			switch (optdefs[optindex].type) {
2010 			case OPT_TYPE_NUMBER:
2011 				/* check that the value is all digits */
2012 				if (!is_a_number(value))
2013 					ret = SA_BAD_VALUE;
2014 				break;
2015 			case OPT_TYPE_BOOLEAN:
2016 				if (strlen(value) == 0 ||
2017 				    strcasecmp(value, "true") == 0 ||
2018 				    strcmp(value, "1") == 0 ||
2019 				    strcasecmp(value, "false") == 0 ||
2020 				    strcmp(value, "0") == 0) {
2021 					ret = SA_OK;
2022 				} else {
2023 					ret = SA_BAD_VALUE;
2024 				}
2025 				break;
2026 			case OPT_TYPE_USER:
2027 				if (!is_a_number(value)) {
2028 					struct passwd *pw;
2029 					/*
2030 					 * in this case it would have to be a
2031 					 * user name
2032 					 */
2033 					pw = getpwnam(value);
2034 					if (pw == NULL)
2035 						ret = SA_BAD_VALUE;
2036 					endpwent();
2037 				} else {
2038 					uint64_t intval;
2039 					intval = strtoull(value, NULL, 0);
2040 					if (intval > UID_MAX && intval != ~0)
2041 						ret = SA_BAD_VALUE;
2042 				}
2043 				break;
2044 			case OPT_TYPE_FILE:
2045 				if (strcmp(value, "..") == 0 ||
2046 				    strchr(value, '/') != NULL) {
2047 					ret = SA_BAD_VALUE;
2048 				}
2049 				break;
2050 			case OPT_TYPE_ACCLIST:
2051 				/*
2052 				 * access list handling. Should eventually
2053 				 * validate that all the values make sense.
2054 				 * Also, ro and rw may have cross value
2055 				 * conflicts.
2056 				 */
2057 				if (strcmp(propname, SHOPT_RO) == 0)
2058 					other = SHOPT_RW;
2059 				else if (strcmp(propname, SHOPT_RW) == 0)
2060 					other = SHOPT_RO;
2061 				else
2062 					other = NULL;
2063 
2064 				if (other != NULL && parent != NULL) {
2065 					/* compare rw(ro) with ro(rw) */
2066 					sa_property_t oprop;
2067 					oprop = sa_get_property(parent, other);
2068 					if (oprop != NULL) {
2069 						/*
2070 						 * only potential
2071 						 * confusion if other
2072 						 * exists
2073 						 */
2074 						char *ovalue;
2075 						ovalue = sa_get_property_attr(
2076 						    oprop, "value");
2077 						if (ovalue != NULL) {
2078 							ret = check_rorw(value,
2079 							    ovalue);
2080 							sa_free_attr_string(
2081 							    ovalue);
2082 						}
2083 					}
2084 				}
2085 				break;
2086 			case OPT_TYPE_LOGTAG:
2087 				if (nfsl_getconfig_list(&configlist) == 0) {
2088 					int error;
2089 					if (value == NULL ||
2090 					    strlen(value) == 0) {
2091 						if (value != NULL)
2092 							sa_free_attr_string(
2093 							    value);
2094 						value = strdup("global");
2095 					}
2096 					if (value != NULL &&
2097 					    nfsl_findconfig(configlist, value,
2098 					    &error) == NULL) {
2099 						ret = SA_BAD_VALUE;
2100 					}
2101 					/* Must always free when done */
2102 					nfsl_freeconfig_list(&configlist);
2103 				} else {
2104 					ret = SA_CONFIG_ERR;
2105 				}
2106 				break;
2107 			case OPT_TYPE_STRING:
2108 				/* whatever is here should be ok */
2109 				break;
2110 			case OPT_TYPE_SECURITY:
2111 				/*
2112 				 * The "sec" property isn't used in the
2113 				 * non-legacy parts of sharemgr. We need to
2114 				 * reject it here. For legacy, it is pulled
2115 				 * out well before we get here.
2116 				 */
2117 				ret = SA_NO_SUCH_PROP;
2118 				break;
2119 			default:
2120 				break;
2121 			}
2122 
2123 			if (value != NULL)
2124 				sa_free_attr_string(value);
2125 
2126 			if (ret == SA_OK && optdefs[optindex].check != NULL) {
2127 				/* do the property specific check */
2128 				ret = optdefs[optindex].check(property);
2129 			}
2130 		}
2131 	}
2132 
2133 	if (propname != NULL)
2134 		sa_free_attr_string(propname);
2135 	return (ret);
2136 }
2137 
2138 /*
2139  * Protocol management functions
2140  *
2141  * Properties defined in the default files are defined in
2142  * proto_option_defs for parsing and validation. If "other" and
2143  * "compare" are set, then the value for this property should be
2144  * compared against the property specified in "other" using the
2145  * "compare" check (either <= or >=) in order to ensure that the
2146  * values are in the correct range.  E.g. setting server_versmin
2147  * higher than server_versmax should not be allowed.
2148  */
2149 
2150 struct proto_option_defs {
2151 	char *tag;
2152 	char *name;	/* display name -- remove protocol identifier */
2153 	int index;
2154 	int type;
2155 	union {
2156 	    int intval;
2157 	    char *string;
2158 	} defvalue;
2159 	uint32_t svcs;
2160 	int32_t minval;
2161 	int32_t maxval;
2162 	char *file;
2163 	char *other;
2164 	int compare;
2165 #define	OPT_CMP_GE	0
2166 #define	OPT_CMP_LE	1
2167 	int (*check)(char *);
2168 } proto_options[] = {
2169 #define	PROTO_OPT_NFSD_SERVERS			0
2170 	{"nfsd_servers",
2171 	    "servers", PROTO_OPT_NFSD_SERVERS, OPT_TYPE_NUMBER, 16, SVC_NFSD,
2172 	    1, INT32_MAX, NFSADMIN},
2173 #define	PROTO_OPT_LOCKD_LISTEN_BACKLOG		1
2174 	{"lockd_listen_backlog",
2175 	    "lockd_listen_backlog", PROTO_OPT_LOCKD_LISTEN_BACKLOG,
2176 	    OPT_TYPE_NUMBER, 32, SVC_LOCKD, 32, INT32_MAX, NFSADMIN},
2177 #define	PROTO_OPT_LOCKD_SERVERS			2
2178 	{"lockd_servers",
2179 	    "lockd_servers", PROTO_OPT_LOCKD_SERVERS, OPT_TYPE_NUMBER, 20,
2180 	    SVC_LOCKD, 1, INT32_MAX, NFSADMIN},
2181 #define	PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT	3
2182 	{"lockd_retransmit_timeout",
2183 	    "lockd_retransmit_timeout", PROTO_OPT_LOCKD_RETRANSMIT_TIMEOUT,
2184 	    OPT_TYPE_NUMBER, 5, SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2185 #define	PROTO_OPT_GRACE_PERIOD			4
2186 	{"grace_period",
2187 	    "grace_period", PROTO_OPT_GRACE_PERIOD, OPT_TYPE_NUMBER, 90,
2188 	    SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2189 #define	PROTO_OPT_NFS_SERVER_VERSMIN		5
2190 	{"nfs_server_versmin",
2191 	    "server_versmin", PROTO_OPT_NFS_SERVER_VERSMIN, OPT_TYPE_NUMBER,
2192 	    (int)NFS_VERSMIN_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN,
2193 	    NFS_VERSMAX, NFSADMIN, "server_versmax", OPT_CMP_LE},
2194 #define	PROTO_OPT_NFS_SERVER_VERSMAX		6
2195 	{"nfs_server_versmax",
2196 	    "server_versmax", PROTO_OPT_NFS_SERVER_VERSMAX, OPT_TYPE_NUMBER,
2197 	    (int)NFS_VERSMAX_DEFAULT, SVC_NFSD|SVC_MOUNTD, NFS_VERSMIN,
2198 	    NFS_VERSMAX, NFSADMIN, "server_versmin", OPT_CMP_GE},
2199 #define	PROTO_OPT_NFS_CLIENT_VERSMIN		7
2200 	{"nfs_client_versmin",
2201 	    "client_versmin", PROTO_OPT_NFS_CLIENT_VERSMIN, OPT_TYPE_NUMBER,
2202 	    (int)NFS_VERSMIN_DEFAULT, NULL, NFS_VERSMIN, NFS_VERSMAX,
2203 	    NFSADMIN, "client_versmax", OPT_CMP_LE},
2204 #define	PROTO_OPT_NFS_CLIENT_VERSMAX		8
2205 	{"nfs_client_versmax",
2206 	    "client_versmax", PROTO_OPT_NFS_CLIENT_VERSMAX, OPT_TYPE_NUMBER,
2207 	    (int)NFS_VERSMAX_DEFAULT, NULL, NFS_VERSMIN, NFS_VERSMAX,
2208 	    NFSADMIN, "client_versmin", OPT_CMP_GE},
2209 #define	PROTO_OPT_NFS_SERVER_DELEGATION		9
2210 	{"nfs_server_delegation",
2211 	    "server_delegation", PROTO_OPT_NFS_SERVER_DELEGATION,
2212 	    OPT_TYPE_ONOFF, NFS_SERVER_DELEGATION_DEFAULT, SVC_NFSD, 0, 0,
2213 	    NFSADMIN},
2214 #define	PROTO_OPT_NFSMAPID_DOMAIN		10
2215 	{"nfsmapid_domain",
2216 	    "nfsmapid_domain", PROTO_OPT_NFSMAPID_DOMAIN, OPT_TYPE_DOMAIN,
2217 	    NULL, SVC_NFSMAPID, 0, 0, NFSADMIN},
2218 #define	PROTO_OPT_NFSD_MAX_CONNECTIONS		11
2219 	{"nfsd_max_connections",
2220 	    "max_connections", PROTO_OPT_NFSD_MAX_CONNECTIONS,
2221 	    OPT_TYPE_NUMBER, -1, SVC_NFSD, -1, INT32_MAX, NFSADMIN},
2222 #define	PROTO_OPT_NFSD_PROTOCOL			12
2223 	{"nfsd_protocol",
2224 	    "protocol", PROTO_OPT_NFSD_PROTOCOL, OPT_TYPE_PROTOCOL, 0,
2225 	    SVC_NFSD, 0, 0, NFSADMIN},
2226 #define	PROTO_OPT_NFSD_LISTEN_BACKLOG		13
2227 	{"nfsd_listen_backlog",
2228 	    "listen_backlog", PROTO_OPT_NFSD_LISTEN_BACKLOG,
2229 	    OPT_TYPE_NUMBER, 0,
2230 	    SVC_LOCKD, 0, INT32_MAX, NFSADMIN},
2231 	{NULL}
2232 };
2233 
2234 /*
2235  * the protoset holds the defined options so we don't have to read
2236  * them multiple times
2237  */
2238 static sa_protocol_properties_t protoset;
2239 
2240 static int
2241 findprotoopt(char *name, int whichname)
2242 {
2243 	int i;
2244 	for (i = 0; proto_options[i].tag != NULL; i++) {
2245 		if (whichname == 1) {
2246 			if (strcasecmp(proto_options[i].name, name) == 0)
2247 			return (i);
2248 		} else {
2249 			if (strcasecmp(proto_options[i].tag, name) == 0)
2250 				return (i);
2251 		}
2252 	}
2253 	return (-1);
2254 }
2255 
2256 /*
2257  * fixcaselower(str)
2258  *
2259  * convert a string to lower case (inplace).
2260  */
2261 
2262 static void
2263 fixcaselower(char *str)
2264 {
2265 	while (*str) {
2266 		*str = tolower(*str);
2267 		str++;
2268 	}
2269 }
2270 
2271 /*
2272  * fixcaseupper(str)
2273  *
2274  * convert a string to upper case (inplace).
2275  */
2276 
2277 static void
2278 fixcaseupper(char *str)
2279 {
2280 	while (*str) {
2281 		*str = toupper(*str);
2282 		str++;
2283 	}
2284 }
2285 
2286 /*
2287  * skipwhitespace(str)
2288  *
2289  * Skip leading white space. It is assumed that it is called with a
2290  * valid pointer.
2291  */
2292 
2293 static char *
2294 skipwhitespace(char *str)
2295 {
2296 	while (*str && isspace(*str))
2297 		str++;
2298 
2299 	return (str);
2300 }
2301 
2302 /*
2303  * extractprop()
2304  *
2305  * Extract the property and value out of the line and create the
2306  * property in the optionset.
2307  */
2308 static void
2309 extractprop(char *name, char *value)
2310 {
2311 	sa_property_t prop;
2312 	int index;
2313 	/*
2314 	 * Remove any leading
2315 	 * white space.
2316 	 */
2317 	name = skipwhitespace(name);
2318 
2319 	index = findprotoopt(name, 0);
2320 	if (index >= 0) {
2321 		fixcaselower(name);
2322 		prop = sa_create_property(proto_options[index].name, value);
2323 		if (prop != NULL)
2324 			(void) sa_add_protocol_property(protoset, prop);
2325 	}
2326 }
2327 
2328 /*
2329  * initprotofromdefault()
2330  *
2331  * read the default file(s) and add the defined values to the
2332  * protoset.  Note that default values are known from the built in
2333  * table in case the file doesn't have a definition.
2334  */
2335 
2336 static int
2337 initprotofromdefault()
2338 {
2339 	FILE *nfs;
2340 	char buff[BUFSIZ];
2341 	char *name;
2342 	char *value;
2343 
2344 	protoset = sa_create_protocol_properties("nfs");
2345 
2346 	if (protoset != NULL) {
2347 		nfs = fopen(NFSADMIN, "r");
2348 		if (nfs != NULL) {
2349 			while (fgets(buff, sizeof (buff), nfs) != NULL) {
2350 				switch (buff[0]) {
2351 				case '\n':
2352 				case '#':
2353 					/* skip */
2354 					break;
2355 				default:
2356 					name = buff;
2357 					buff[strlen(buff) - 1] = '\0';
2358 					value = strchr(name, '=');
2359 					if (value != NULL) {
2360 						*value++ = '\0';
2361 						extractprop(name, value);
2362 					}
2363 				}
2364 			}
2365 			if (nfs != NULL)
2366 				(void) fclose(nfs);
2367 		}
2368 	}
2369 	if (protoset == NULL)
2370 		return (SA_NO_MEMORY);
2371 	return (SA_OK);
2372 }
2373 
2374 /*
2375  * add_defaults()
2376  *
2377  * Add the default values for any property not defined in the parsing
2378  * of the default files. Values are set according to their defined
2379  * types.
2380  */
2381 
2382 static void
2383 add_defaults()
2384 {
2385 	int i;
2386 	char number[MAXDIGITS];
2387 
2388 	for (i = 0; proto_options[i].tag != NULL; i++) {
2389 		sa_property_t prop;
2390 		prop = sa_get_protocol_property(protoset,
2391 		    proto_options[i].name);
2392 		if (prop == NULL) {
2393 			/* add the default value */
2394 			switch (proto_options[i].type) {
2395 			case OPT_TYPE_NUMBER:
2396 				(void) snprintf(number, sizeof (number), "%d",
2397 				    proto_options[i].defvalue.intval);
2398 				prop = sa_create_property(proto_options[i].name,
2399 				    number);
2400 				break;
2401 
2402 			case OPT_TYPE_BOOLEAN:
2403 				prop = sa_create_property(proto_options[i].name,
2404 				    proto_options[i].defvalue.intval ?
2405 				    "true" : "false");
2406 				break;
2407 
2408 			case OPT_TYPE_ONOFF:
2409 				prop = sa_create_property(proto_options[i].name,
2410 				    proto_options[i].defvalue.intval ?
2411 				    "on" : "off");
2412 				break;
2413 
2414 			default:
2415 				/* treat as strings of zero length */
2416 				prop = sa_create_property(proto_options[i].name,
2417 				    "");
2418 				break;
2419 			}
2420 			if (prop != NULL)
2421 				(void) sa_add_protocol_property(protoset, prop);
2422 		}
2423 	}
2424 }
2425 
2426 static void
2427 free_protoprops()
2428 {
2429 	if (protoset != NULL) {
2430 		xmlFreeNode(protoset);
2431 		protoset = NULL;
2432 	}
2433 }
2434 
2435 /*
2436  * nfs_init()
2437  *
2438  * Initialize the NFS plugin.
2439  */
2440 
2441 static int
2442 nfs_init()
2443 {
2444 	int ret = SA_OK;
2445 
2446 	if (sa_plugin_ops.sa_init != nfs_init)
2447 		(void) printf(dgettext(TEXT_DOMAIN,
2448 		    "NFS plugin not properly initialized\n"));
2449 
2450 	ret = initprotofromdefault();
2451 	if (ret == SA_OK)
2452 		add_defaults();
2453 
2454 	return (ret);
2455 }
2456 
2457 /*
2458  * nfs_fini()
2459  *
2460  * uninitialize the NFS plugin. Want to avoid memory leaks.
2461  */
2462 
2463 static void
2464 nfs_fini()
2465 {
2466 	free_protoprops();
2467 }
2468 
2469 /*
2470  * nfs_get_proto_set()
2471  *
2472  * Return an optionset with all the protocol specific properties in
2473  * it.
2474  */
2475 
2476 static sa_protocol_properties_t
2477 nfs_get_proto_set()
2478 {
2479 	return (protoset);
2480 }
2481 
2482 struct deffile {
2483 	struct deffile *next;
2484 	char *line;
2485 };
2486 
2487 /*
2488  * read_default_file(fname)
2489  *
2490  * Read the specified default file. We return a list of entries. This
2491  * get used for adding or removing values.
2492  */
2493 
2494 static struct deffile *
2495 read_default_file(char *fname)
2496 {
2497 	FILE *file;
2498 	struct deffile *defs = NULL;
2499 	struct deffile *newdef;
2500 	struct deffile *prevdef = NULL;
2501 	char buff[BUFSIZ * 2];
2502 
2503 	file = fopen(fname, "r");
2504 	if (file != NULL) {
2505 		while (fgets(buff, sizeof (buff), file) != NULL) {
2506 			newdef = (struct deffile *)calloc(1,
2507 			    sizeof (struct deffile));
2508 			if (newdef != NULL) {
2509 				/* Make sure we skip any leading whitespace. */
2510 				newdef->line = strdup(skipwhitespace(buff));
2511 				if (defs == NULL) {
2512 					prevdef = defs = newdef;
2513 				} else {
2514 					prevdef->next = newdef;
2515 					prevdef = newdef;
2516 				}
2517 			}
2518 		}
2519 	}
2520 	(void) fclose(file);
2521 	return (defs);
2522 }
2523 
2524 static void
2525 free_default_file(struct deffile *defs)
2526 {
2527 	struct deffile *curdefs = NULL;
2528 
2529 	while (defs != NULL) {
2530 		curdefs = defs;
2531 		defs = defs->next;
2532 		if (curdefs->line != NULL)
2533 			free(curdefs->line);
2534 		free(curdefs);
2535 	}
2536 }
2537 
2538 /*
2539  * write_default_file(fname, defs)
2540  *
2541  * Write the default file back.
2542  */
2543 
2544 static int
2545 write_default_file(char *fname, struct deffile *defs)
2546 {
2547 	FILE *file;
2548 	int ret = SA_OK;
2549 	sigset_t old, new;
2550 
2551 	file = fopen(fname, "w+");
2552 	if (file != NULL) {
2553 		(void) sigprocmask(SIG_BLOCK, NULL, &new);
2554 		(void) sigaddset(&new, SIGHUP);
2555 		(void) sigaddset(&new, SIGINT);
2556 		(void) sigaddset(&new, SIGQUIT);
2557 		(void) sigaddset(&new, SIGTSTP);
2558 		(void) sigprocmask(SIG_SETMASK, &new, &old);
2559 		while (defs != NULL) {
2560 			(void) fputs(defs->line, file);
2561 			defs = defs->next;
2562 		}
2563 		(void) fsync(fileno(file));
2564 		(void) sigprocmask(SIG_SETMASK, &old, NULL);
2565 		(void) fclose(file);
2566 	} else {
2567 		switch (errno) {
2568 		case EPERM:
2569 		case EACCES:
2570 			ret = SA_NO_PERMISSION;
2571 			break;
2572 		default:
2573 			ret = SA_SYSTEM_ERR;
2574 		}
2575 	}
2576 	return (ret);
2577 }
2578 
2579 
2580 /*
2581  * set_default_file_value(tag, value)
2582  *
2583  * Set the default file value for tag to value. Then rewrite the file.
2584  * tag and value are always set.  The caller must ensure this.
2585  */
2586 
2587 #define	MAX_STRING_LENGTH	256
2588 static int
2589 set_default_file_value(char *tag, char *value)
2590 {
2591 	int ret = SA_OK;
2592 	struct deffile *root;
2593 	struct deffile *defs;
2594 	struct deffile *prev;
2595 	char string[MAX_STRING_LENGTH];
2596 	int len;
2597 	int update = 0;
2598 
2599 	(void) snprintf(string, MAX_STRING_LENGTH, "%s=", tag);
2600 	len = strlen(string);
2601 
2602 	root = defs = read_default_file(NFSADMIN);
2603 	if (root == NULL) {
2604 		if (errno == EPERM || errno == EACCES)
2605 			ret = SA_NO_PERMISSION;
2606 		else
2607 			ret = SA_SYSTEM_ERR;
2608 	} else {
2609 		while (defs != NULL) {
2610 			if (defs->line != NULL &&
2611 			    strncasecmp(defs->line, string, len) == 0) {
2612 				/* replace with the new value */
2613 				free(defs->line);
2614 				fixcaseupper(tag);
2615 				(void) snprintf(string, sizeof (string),
2616 				    "%s=%s\n", tag, value);
2617 				string[MAX_STRING_LENGTH - 1] = '\0';
2618 				defs->line = strdup(string);
2619 				update = 1;
2620 				break;
2621 			}
2622 			defs = defs->next;
2623 		}
2624 		if (!update) {
2625 			defs = root;
2626 			/* didn't find, so see if it is a comment */
2627 			(void) snprintf(string, MAX_STRING_LENGTH, "#%s=", tag);
2628 			len = strlen(string);
2629 			while (defs != NULL) {
2630 				if (strncasecmp(defs->line, string, len) == 0) {
2631 					/* replace with the new value */
2632 					free(defs->line);
2633 					fixcaseupper(tag);
2634 					(void) snprintf(string, sizeof (string),
2635 					    "%s=%s\n", tag, value);
2636 					string[MAX_STRING_LENGTH - 1] = '\0';
2637 					defs->line = strdup(string);
2638 					update = 1;
2639 					break;
2640 				}
2641 				defs = defs->next;
2642 			}
2643 		}
2644 		if (!update) {
2645 			fixcaseupper(tag);
2646 			(void) snprintf(string, sizeof (string), "%s=%s\n",
2647 			    tag, value);
2648 			prev = root;
2649 			while (prev->next != NULL)
2650 				prev = prev->next;
2651 			defs = malloc(sizeof (struct deffile));
2652 			prev->next = defs;
2653 			if (defs != NULL) {
2654 				defs->next = NULL;
2655 				defs->line = strdup(string);
2656 			}
2657 		}
2658 		if (update) {
2659 			ret = write_default_file(NFSADMIN, root);
2660 		}
2661 		free_default_file(root);
2662 	}
2663 	return (ret);
2664 }
2665 
2666 /*
2667  * service_in_state(service, chkstate)
2668  *
2669  * Want to know if the specified service is in the desired state
2670  * (chkstate) or not. Return true (1) if it is and false (0) if it
2671  * isn't.
2672  */
2673 static int
2674 service_in_state(char *service, const char *chkstate)
2675 {
2676 	char *state;
2677 	int ret = B_FALSE;
2678 
2679 	state = smf_get_state(service);
2680 	if (state != NULL) {
2681 		/* got the state so get the equality for the return value */
2682 		ret = strcmp(state, chkstate) == 0 ? B_TRUE : B_FALSE;
2683 		free(state);
2684 	}
2685 	return (ret);
2686 }
2687 
2688 /*
2689  * restart_service(svcs)
2690  *
2691  * Walk through the bit mask of services that need to be restarted in
2692  * order to use the new property values. Some properties affect
2693  * multiple daemons. Should only restart a service if it is currently
2694  * enabled (online).
2695  */
2696 
2697 static void
2698 restart_service(uint32_t svcs)
2699 {
2700 	uint32_t mask;
2701 	int ret;
2702 	char *service;
2703 
2704 	for (mask = 1; svcs != 0; mask <<= 1) {
2705 		switch (svcs & mask) {
2706 		case SVC_LOCKD:
2707 			service = LOCKD;
2708 			break;
2709 		case SVC_STATD:
2710 			service = STATD;
2711 			break;
2712 		case SVC_NFSD:
2713 			service = NFSD;
2714 			break;
2715 		case SVC_MOUNTD:
2716 			service = MOUNTD;
2717 			break;
2718 		case SVC_NFS4CBD:
2719 			service = NFS4CBD;
2720 			break;
2721 		case SVC_NFSMAPID:
2722 			service = NFSMAPID;
2723 			break;
2724 		case SVC_RQUOTAD:
2725 			service = RQUOTAD;
2726 			break;
2727 		case SVC_NFSLOGD:
2728 			service = NFSLOGD;
2729 			break;
2730 		default:
2731 			continue;
2732 		}
2733 
2734 		/*
2735 		 * Only attempt to restart the service if it is
2736 		 * currently running. In the future, it may be
2737 		 * desirable to use smf_refresh_instance if the NFS
2738 		 * services ever implement the refresh method.
2739 		 */
2740 		if (service_in_state(service, SCF_STATE_STRING_ONLINE)) {
2741 			ret = smf_restart_instance(service);
2742 			/*
2743 			 * There are only a few SMF errors at this point, but
2744 			 * it is also possible that a bad value may have put
2745 			 * the service into maintenance if there wasn't an
2746 			 * SMF level error.
2747 			 */
2748 			if (ret != 0) {
2749 				(void) fprintf(stderr,
2750 				    dgettext(TEXT_DOMAIN,
2751 				    "%s failed to restart: %s\n"),
2752 				    scf_strerror(scf_error()));
2753 			} else {
2754 				/*
2755 				 * Check whether it has gone to "maintenance"
2756 				 * mode or not. Maintenance implies something
2757 				 * went wrong.
2758 				 */
2759 				if (service_in_state(service,
2760 				    SCF_STATE_STRING_MAINT)) {
2761 					(void) fprintf(stderr,
2762 					    dgettext(TEXT_DOMAIN,
2763 					    "%s failed to restart\n"),
2764 					    service);
2765 				}
2766 			}
2767 		}
2768 		svcs &= ~mask;
2769 	}
2770 }
2771 
2772 /*
2773  * nfs_minmax_check(name, value)
2774  *
2775  * Verify that the value for the property specified by index is valid
2776  * relative to the opposite value in the case of a min/max variable.
2777  * Currently, server_minvers/server_maxvers and
2778  * client_minvers/client_maxvers are the only ones to check.
2779  */
2780 
2781 static int
2782 nfs_minmax_check(int index, int value)
2783 {
2784 	int val;
2785 	char *pval;
2786 	sa_property_t prop;
2787 	sa_optionset_t opts;
2788 	int ret = B_TRUE;
2789 
2790 	if (proto_options[index].other != NULL) {
2791 		/* have a property to compare against */
2792 		opts = nfs_get_proto_set();
2793 		prop = sa_get_property(opts, proto_options[index].other);
2794 		/*
2795 		 * If we don't find the property, assume default
2796 		 * values which will work since the max will be at the
2797 		 * max and the min at the min.
2798 		 */
2799 		if (prop != NULL) {
2800 			pval = sa_get_property_attr(prop, "value");
2801 			if (pval != NULL) {
2802 				val = strtoul(pval, NULL, 0);
2803 				if (proto_options[index].compare ==
2804 				    OPT_CMP_LE) {
2805 					ret = value <= val ? B_TRUE : B_FALSE;
2806 				} else if (proto_options[index].compare ==
2807 				    OPT_CMP_GE) {
2808 					ret = value >= val ? B_TRUE : B_FALSE;
2809 				}
2810 			}
2811 		}
2812 	}
2813 	return (ret);
2814 }
2815 
2816 /*
2817  * nfs_validate_proto_prop(index, name, value)
2818  *
2819  * Verify that the property specified by name can take the new
2820  * value. This is a sanity check to prevent bad values getting into
2821  * the default files. All values need to be checked against what is
2822  * allowed by their defined type. If a type isn't explicitly defined
2823  * here, it is treated as a string.
2824  *
2825  * Note that OPT_TYPE_NUMBER will additionally check that the value is
2826  * within the range specified and potentially against another property
2827  * value as well as specified in the proto_options members other and
2828  * compare.
2829  */
2830 
2831 static int
2832 nfs_validate_proto_prop(int index, char *name, char *value)
2833 {
2834 	int ret = SA_OK;
2835 	char *cp;
2836 #ifdef lint
2837 	name = name;
2838 #endif
2839 
2840 	switch (proto_options[index].type) {
2841 	case OPT_TYPE_NUMBER:
2842 		if (!is_a_number(value))
2843 			ret = SA_BAD_VALUE;
2844 		else {
2845 			int val;
2846 			val = strtoul(value, NULL, 0);
2847 			if (val < proto_options[index].minval ||
2848 			    val > proto_options[index].maxval)
2849 				ret = SA_BAD_VALUE;
2850 			/*
2851 			 * For server_versmin/server_versmax and
2852 			 * client_versmin/client_versmax, the value of the
2853 			 * min(max) should be checked to be correct relative
2854 			 * to the current max(min).
2855 			 */
2856 			if (!nfs_minmax_check(index, val)) {
2857 				ret = SA_BAD_VALUE;
2858 			}
2859 		}
2860 		break;
2861 
2862 	case OPT_TYPE_DOMAIN:
2863 		/*
2864 		 * needs to be a qualified domain so will have at
2865 		 * least one period and other characters on either
2866 		 * side of it.  A zero length string is also allowed
2867 		 * and is the way to turn off the override.
2868 		 */
2869 		if (strlen(value) == 0)
2870 			break;
2871 		cp = strchr(value, '.');
2872 		if (cp == NULL || cp == value || strchr(value, '@') != NULL)
2873 			ret = SA_BAD_VALUE;
2874 		break;
2875 
2876 	case OPT_TYPE_BOOLEAN:
2877 		if (strlen(value) == 0 ||
2878 		    strcasecmp(value, "true") == 0 ||
2879 		    strcmp(value, "1") == 0 ||
2880 		    strcasecmp(value, "false") == 0 ||
2881 		    strcmp(value, "0") == 0) {
2882 			ret = SA_OK;
2883 		} else {
2884 			ret = SA_BAD_VALUE;
2885 		}
2886 		break;
2887 
2888 	case OPT_TYPE_ONOFF:
2889 		if (strcasecmp(value, "on") != 0 &&
2890 		    strcasecmp(value, "off") != 0) {
2891 			ret = SA_BAD_VALUE;
2892 		}
2893 		break;
2894 
2895 	case OPT_TYPE_PROTOCOL:
2896 		if (strcasecmp(value, "all") != 0 &&
2897 		    strcasecmp(value, "tcp") != 0 &&
2898 		    strcasecmp(value, "udp") != 0)
2899 			ret = SA_BAD_VALUE;
2900 		break;
2901 
2902 	default:
2903 		/* treat as a string */
2904 		break;
2905 	}
2906 	return (ret);
2907 }
2908 
2909 /*
2910  * nfs_set_proto_prop(prop)
2911  *
2912  * check that prop is valid.
2913  */
2914 
2915 static int
2916 nfs_set_proto_prop(sa_property_t prop)
2917 {
2918 	int ret = SA_OK;
2919 	char *name;
2920 	char *value;
2921 
2922 	name = sa_get_property_attr(prop, "type");
2923 	value = sa_get_property_attr(prop, "value");
2924 	if (name != NULL && value != NULL) {
2925 		int index = findprotoopt(name, 1);
2926 		if (index >= 0) {
2927 			/* should test for valid value */
2928 			ret = nfs_validate_proto_prop(index, name, value);
2929 			if (ret == SA_OK)
2930 				ret = set_default_file_value(
2931 				    proto_options[index].tag, value);
2932 			if (ret == SA_OK)
2933 				restart_service(proto_options[index].svcs);
2934 		}
2935 	}
2936 	if (name != NULL)
2937 		sa_free_attr_string(name);
2938 	if (value != NULL)
2939 		sa_free_attr_string(value);
2940 	return (ret);
2941 }
2942 
2943 /*
2944  * nfs_get_status()
2945  *
2946  * What is the current status of the nfsd? We use the SMF state here.
2947  * Caller must free the returned value.
2948  */
2949 
2950 static char *
2951 nfs_get_status()
2952 {
2953 	char *state;
2954 	state = smf_get_state(NFSD);
2955 	return (state != NULL ? state : strdup("-"));
2956 }
2957 
2958 /*
2959  * nfs_space_alias(alias)
2960  *
2961  * Lookup the space (security) name. If it is default, convert to the
2962  * real name.
2963  */
2964 
2965 static char *
2966 nfs_space_alias(char *space)
2967 {
2968 	char *name = space;
2969 	seconfig_t secconf;
2970 
2971 	/*
2972 	 * Only the space named "default" is special. If it is used,
2973 	 * the default needs to be looked up and the real name used.
2974 	 * This is normally "sys" but could be changed.  We always
2975 	 * change defautl to the real name.
2976 	 */
2977 	if (strcmp(space, "default") == 0 &&
2978 	    nfs_getseconfig_default(&secconf) == 0) {
2979 		if (nfs_getseconfig_bynumber(secconf.sc_nfsnum, &secconf) == 0)
2980 			name = secconf.sc_name;
2981 	}
2982 	return (strdup(name));
2983 }
2984 
2985 /*
2986  * nfs_features()
2987  *
2988  * Return a mask of the features required.
2989  */
2990 
2991 static uint64_t
2992 nfs_features()
2993 {
2994 	return ((uint64_t)SA_FEATURE_DFSTAB);
2995 }
2996