xref: /titanic_50/usr/src/lib/libzonecfg/common/libzonecfg.c (revision afefbcddfd8caf5f3b2da510d9439471ab225040)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <libsysevent.h>
30 #include <pthread.h>
31 #include <stdlib.h>
32 #include <errno.h>
33 #include <fnmatch.h>
34 #include <strings.h>
35 #include <unistd.h>
36 #include <sys/stat.h>
37 #include <assert.h>
38 #include <libgen.h>
39 #include <libintl.h>
40 #include <alloca.h>
41 #include <ctype.h>
42 #include <sys/mntio.h>
43 #include <sys/mnttab.h>
44 #include <sys/types.h>
45 #include <sys/nvpair.h>
46 
47 #include <arpa/inet.h>
48 #include <netdb.h>
49 
50 #include <priv.h>
51 
52 #include <libxml/xmlmemory.h>
53 #include <libxml/parser.h>
54 
55 #include <libdevinfo.h>
56 #include <uuid/uuid.h>
57 
58 #include <libzonecfg.h>
59 #include "zonecfg_impl.h"
60 
61 
62 #define	_PATH_TMPFILE	"/zonecfg.XXXXXX"
63 #define	ZONE_CB_RETRY_COUNT		10
64 #define	ZONE_EVENT_PING_SUBCLASS	"ping"
65 #define	ZONE_EVENT_PING_PUBLISHER	"solaris"
66 
67 /* Hard-code the DTD element/attribute/entity names just once, here. */
68 #define	DTD_ELEM_ATTR		(const xmlChar *) "attr"
69 #define	DTD_ELEM_COMMENT	(const xmlChar *) "comment"
70 #define	DTD_ELEM_DEVICE		(const xmlChar *) "device"
71 #define	DTD_ELEM_FS		(const xmlChar *) "filesystem"
72 #define	DTD_ELEM_FSOPTION	(const xmlChar *) "fsoption"
73 #define	DTD_ELEM_IPD		(const xmlChar *) "inherited-pkg-dir"
74 #define	DTD_ELEM_NET		(const xmlChar *) "network"
75 #define	DTD_ELEM_RCTL		(const xmlChar *) "rctl"
76 #define	DTD_ELEM_RCTLVALUE	(const xmlChar *) "rctl-value"
77 #define	DTD_ELEM_ZONE		(const xmlChar *) "zone"
78 #define	DTD_ELEM_DATASET	(const xmlChar *) "dataset"
79 
80 #define	DTD_ATTR_ACTION		(const xmlChar *) "action"
81 #define	DTD_ATTR_ADDRESS	(const xmlChar *) "address"
82 #define	DTD_ATTR_AUTOBOOT	(const xmlChar *) "autoboot"
83 #define	DTD_ATTR_DIR		(const xmlChar *) "directory"
84 #define	DTD_ATTR_LIMIT		(const xmlChar *) "limit"
85 #define	DTD_ATTR_MATCH		(const xmlChar *) "match"
86 #define	DTD_ATTR_NAME		(const xmlChar *) "name"
87 #define	DTD_ATTR_PHYSICAL	(const xmlChar *) "physical"
88 #define	DTD_ATTR_POOL		(const xmlChar *) "pool"
89 #define	DTD_ATTR_PRIV		(const xmlChar *) "priv"
90 #define	DTD_ATTR_RAW		(const xmlChar *) "raw"
91 #define	DTD_ATTR_SPECIAL	(const xmlChar *) "special"
92 #define	DTD_ATTR_TYPE		(const xmlChar *) "type"
93 #define	DTD_ATTR_VALUE		(const xmlChar *) "value"
94 #define	DTD_ATTR_ZONEPATH	(const xmlChar *) "zonepath"
95 
96 #define	DTD_ENTITY_BOOLEAN	"boolean"
97 #define	DTD_ENTITY_DEVPATH	"devpath"
98 #define	DTD_ENTITY_DRIVER	"driver"
99 #define	DTD_ENTITY_DRVMIN	"drv_min"
100 #define	DTD_ENTITY_FALSE	"false"
101 #define	DTD_ENTITY_INT		"int"
102 #define	DTD_ENTITY_STRING	"string"
103 #define	DTD_ENTITY_TRUE		"true"
104 #define	DTD_ENTITY_UINT		"uint"
105 
106 #define	DTD_ENTITY_BOOL_LEN	6	/* "false" */
107 
108 struct zone_dochandle {
109 	char		*zone_dh_rootdir;
110 	xmlDocPtr	zone_dh_doc;
111 	xmlNodePtr	zone_dh_cur;
112 	xmlNodePtr	zone_dh_top;
113 	boolean_t	zone_dh_newzone;
114 	boolean_t	zone_dh_snapshot;
115 	char		zone_dh_delete_name[ZONENAME_MAX];
116 };
117 
118 struct znotify {
119 	void * zn_private;
120 	evchan_t *zn_eventchan;
121 	int (*zn_callback)(const  char *zonename, zoneid_t zid,
122 	    const char *newstate, const char *oldstate, hrtime_t when, void *p);
123 	pthread_mutex_t zn_mutex;
124 	pthread_cond_t zn_cond;
125 	pthread_mutex_t zn_bigmutex;
126 	volatile enum {ZN_UNLOCKED, ZN_LOCKED, ZN_PING_INFLIGHT,
127 	    ZN_PING_RECEIVED} zn_state;
128 	char zn_subscriber_id[MAX_SUBID_LEN];
129 	volatile boolean_t zn_failed;
130 	int zn_failure_count;
131 };
132 
133 char *zonecfg_root = "";
134 
135 /*
136  * For functions which return int, which is most of the functions herein,
137  * the return values should be from the Z_foo set defined in <libzonecfg.h>.
138  * In some instances, we take pains mapping some libc errno values to Z_foo
139  * values from this set.
140  */
141 
142 /*
143  * Set the root (/) path for all zonecfg configuration files.  This is a
144  * private interface used by Live Upgrade extensions to access zone
145  * configuration inside mounted alternate boot environments.
146  */
147 void
148 zonecfg_set_root(const char *rootpath)
149 {
150 	if (*zonecfg_root != '\0')
151 		free(zonecfg_root);
152 	if (rootpath == NULL || rootpath[0] == '\0' || rootpath[1] == '\0' ||
153 	    (zonecfg_root = strdup(rootpath)) == NULL)
154 		zonecfg_root = "";
155 }
156 
157 const char *
158 zonecfg_get_root(void)
159 {
160 	return (zonecfg_root);
161 }
162 
163 boolean_t
164 zonecfg_in_alt_root(void)
165 {
166 	return (*zonecfg_root != '\0');
167 }
168 
169 /*
170  * Callers of the _file_path() functions are expected to have the second
171  * parameter be a (char foo[MAXPATHLEN]).
172  */
173 
174 static boolean_t
175 config_file_path(const char *zonename, char *answer)
176 {
177 	return (snprintf(answer, MAXPATHLEN, "%s%s/%s.xml", zonecfg_root,
178 	    ZONE_CONFIG_ROOT, zonename) < MAXPATHLEN);
179 }
180 
181 static boolean_t
182 snap_file_path(const char *zonename, char *answer)
183 {
184 	return (snprintf(answer, MAXPATHLEN, "%s%s/%s.snapshot.xml",
185 	    zonecfg_root, ZONE_SNAPSHOT_ROOT, zonename) < MAXPATHLEN);
186 }
187 
188 /*ARGSUSED*/
189 static void
190 zonecfg_error_func(void *ctx, const char *msg, ...)
191 {
192 	/*
193 	 * This function does nothing by design.  Its purpose is to prevent
194 	 * libxml from dumping unwanted messages to stdout/stderr.
195 	 */
196 }
197 
198 zone_dochandle_t
199 zonecfg_init_handle(void)
200 {
201 	zone_dochandle_t handle = calloc(1, sizeof (struct zone_dochandle));
202 	if (handle == NULL) {
203 		errno = Z_NOMEM;
204 		return (NULL);
205 	}
206 
207 	/* generic libxml initialization */
208 	xmlLineNumbersDefault(1);
209 	xmlLoadExtDtdDefaultValue |= XML_DETECT_IDS;
210 	xmlDoValidityCheckingDefaultValue = 1;
211 	(void) xmlKeepBlanksDefault(0);
212 	xmlGetWarningsDefaultValue = 0;
213 	xmlSetGenericErrorFunc(NULL, zonecfg_error_func);
214 
215 	return (handle);
216 }
217 
218 int
219 zonecfg_check_handle(zone_dochandle_t handle)
220 {
221 	if (handle == NULL || handle->zone_dh_doc == NULL)
222 		return (Z_BAD_HANDLE);
223 	return (Z_OK);
224 }
225 
226 void
227 zonecfg_fini_handle(zone_dochandle_t handle)
228 {
229 	if (zonecfg_check_handle(handle) == Z_OK)
230 		xmlFreeDoc(handle->zone_dh_doc);
231 	if (handle != NULL)
232 		free(handle);
233 }
234 
235 static int
236 zonecfg_destroy_impl(char *filename)
237 {
238 	if (unlink(filename) == -1) {
239 		if (errno == EACCES)
240 			return (Z_ACCES);
241 		if (errno == ENOENT)
242 			return (Z_NO_ZONE);
243 		return (Z_MISC_FS);
244 	}
245 	return (Z_OK);
246 }
247 
248 int
249 zonecfg_destroy(const char *zonename, boolean_t force)
250 {
251 	char path[MAXPATHLEN];
252 	struct zoneent ze;
253 	int err, state_err;
254 	zone_state_t state;
255 
256 	if (!config_file_path(zonename, path))
257 		return (Z_MISC_FS);
258 
259 	state_err = zone_get_state((char *)zonename, &state);
260 	err = access(path, W_OK);
261 
262 	/*
263 	 * If there is no file, and no index entry, reliably indicate that no
264 	 * such zone exists.
265 	 */
266 	if ((state_err == Z_NO_ZONE) && (err == -1) && (errno == ENOENT))
267 		return (Z_NO_ZONE);
268 
269 	/*
270 	 * Handle any other filesystem related errors (except if the XML
271 	 * file is missing, which we treat silently), unless we're forcing,
272 	 * in which case we plow on.
273 	 */
274 	if (err == -1 && errno != ENOENT) {
275 		if (errno == EACCES)
276 			return (Z_ACCES);
277 		else if (!force)
278 			return (Z_MISC_FS);
279 	}
280 
281 	if (state > ZONE_STATE_INSTALLED)
282 		return (Z_BAD_ZONE_STATE);
283 
284 	if (!force && state > ZONE_STATE_CONFIGURED)
285 		return (Z_BAD_ZONE_STATE);
286 
287 	/*
288 	 * Index deletion succeeds even if the entry doesn't exist.  So this
289 	 * will fail only if we've had some more severe problem.
290 	 */
291 	bzero(&ze, sizeof (ze));
292 	(void) strlcpy(ze.zone_name, zonename, sizeof (ze.zone_name));
293 	if ((err = putzoneent(&ze, PZE_REMOVE)) != Z_OK)
294 		if (!force)
295 			return (err);
296 
297 	err = zonecfg_destroy_impl(path);
298 
299 	/*
300 	 * Treat failure to find the XML file silently, since, well, it's
301 	 * gone, and with the index file cleaned up, we're done.
302 	 */
303 	if (err == Z_OK || err == Z_NO_ZONE)
304 		return (Z_OK);
305 	return (err);
306 }
307 
308 int
309 zonecfg_destroy_snapshot(const char *zonename)
310 {
311 	char path[MAXPATHLEN];
312 
313 	if (!snap_file_path(zonename, path))
314 		return (Z_MISC_FS);
315 	return (zonecfg_destroy_impl(path));
316 }
317 
318 static int
319 getroot(zone_dochandle_t handle, xmlNodePtr *root)
320 {
321 	if (zonecfg_check_handle(handle) == Z_BAD_HANDLE)
322 		return (Z_BAD_HANDLE);
323 
324 	*root = xmlDocGetRootElement(handle->zone_dh_doc);
325 
326 	if (*root == NULL)
327 		return (Z_EMPTY_DOCUMENT);
328 
329 	if (xmlStrcmp((*root)->name, DTD_ELEM_ZONE))
330 		return (Z_WRONG_DOC_TYPE);
331 
332 	return (Z_OK);
333 }
334 
335 static int
336 operation_prep(zone_dochandle_t handle)
337 {
338 	xmlNodePtr root;
339 	int err;
340 
341 	if ((err = getroot(handle, &root)) != 0)
342 		return (err);
343 
344 	handle->zone_dh_cur = root;
345 	handle->zone_dh_top = root;
346 	return (Z_OK);
347 }
348 
349 static int
350 getrootattr(zone_dochandle_t handle, const xmlChar *propname,
351     char *propval, size_t propsize)
352 {
353 	xmlNodePtr root;
354 	xmlChar *property;
355 	size_t srcsize;
356 	int err;
357 
358 	if ((err = getroot(handle, &root)) != 0)
359 		return (err);
360 
361 	if ((property = xmlGetProp(root, propname)) == NULL)
362 		return (Z_BAD_PROPERTY);
363 	srcsize = strlcpy(propval, (char *)property, propsize);
364 	xmlFree(property);
365 	if (srcsize >= propsize)
366 		return (Z_TOO_BIG);
367 	return (Z_OK);
368 }
369 
370 static int
371 setrootattr(zone_dochandle_t handle, const xmlChar *propname,
372     const char *propval)
373 {
374 	int err;
375 	xmlNodePtr root;
376 
377 	if (propval == NULL)
378 		return (Z_INVAL);
379 
380 	if ((err = getroot(handle, &root)) != Z_OK)
381 		return (err);
382 
383 	if (xmlSetProp(root, propname, (const xmlChar *) propval) == NULL)
384 		return (Z_INVAL);
385 	return (Z_OK);
386 }
387 
388 static void
389 addcomment(zone_dochandle_t handle, const char *comment)
390 {
391 	xmlNodePtr node;
392 	node = xmlNewComment((xmlChar *) comment);
393 
394 	if (node != NULL)
395 		(void) xmlAddPrevSibling(handle->zone_dh_top, node);
396 }
397 
398 static void
399 stripcomments(zone_dochandle_t handle)
400 {
401 	xmlDocPtr top;
402 	xmlNodePtr child, next;
403 
404 	top = handle->zone_dh_doc;
405 	for (child = top->xmlChildrenNode; child != NULL; child = next) {
406 		next = child->next;
407 		if (child->name == NULL)
408 			continue;
409 		if (xmlStrcmp(child->name, DTD_ELEM_COMMENT) == 0) {
410 			next = child->next;
411 			xmlUnlinkNode(child);
412 			xmlFreeNode(child);
413 		}
414 	}
415 }
416 
417 static int
418 zonecfg_get_handle_impl(const char *zonename, const char *filename,
419     zone_dochandle_t handle)
420 {
421 	xmlValidCtxtPtr cvp;
422 	struct stat statbuf;
423 	int valid;
424 
425 	if (zonename == NULL)
426 		return (Z_NO_ZONE);
427 	if ((handle->zone_dh_doc = xmlParseFile(filename)) == NULL) {
428 		/* distinguish file not found vs. found but not parsed */
429 		if (stat(filename, &statbuf) == 0)
430 			return (Z_INVALID_DOCUMENT);
431 		return (Z_NO_ZONE);
432 	}
433 	if ((cvp = xmlNewValidCtxt()) == NULL)
434 		return (Z_NOMEM);
435 	cvp->error = zonecfg_error_func;
436 	cvp->warning = zonecfg_error_func;
437 	valid = xmlValidateDocument(cvp, handle->zone_dh_doc);
438 	xmlFreeValidCtxt(cvp);
439 	if (valid == 0)
440 		return (Z_INVALID_DOCUMENT);
441 
442 	/* delete any comments such as inherited Sun copyright / ident str */
443 	stripcomments(handle);
444 	return (Z_OK);
445 }
446 
447 int
448 zonecfg_get_handle(const char *zonename, zone_dochandle_t handle)
449 {
450 	char path[MAXPATHLEN];
451 
452 	if (!config_file_path(zonename, path))
453 		return (Z_MISC_FS);
454 	handle->zone_dh_newzone = B_FALSE;
455 
456 	return (zonecfg_get_handle_impl(zonename, path, handle));
457 }
458 
459 int
460 zonecfg_get_snapshot_handle(const char *zonename, zone_dochandle_t handle)
461 {
462 	char path[MAXPATHLEN];
463 
464 	if (!snap_file_path(zonename, path))
465 		return (Z_MISC_FS);
466 	handle->zone_dh_newzone = B_FALSE;
467 	return (zonecfg_get_handle_impl(zonename, path, handle));
468 }
469 
470 int
471 zonecfg_get_template_handle(const char *template, const char *zonename,
472     zone_dochandle_t handle)
473 {
474 	char path[MAXPATHLEN];
475 	int err;
476 
477 	if (!config_file_path(template, path))
478 		return (Z_MISC_FS);
479 
480 	if ((err = zonecfg_get_handle_impl(template, path, handle)) != Z_OK)
481 		return (err);
482 	handle->zone_dh_newzone = B_TRUE;
483 	return (setrootattr(handle, DTD_ATTR_NAME, zonename));
484 }
485 
486 static boolean_t
487 is_renaming(zone_dochandle_t handle)
488 {
489 	if (handle->zone_dh_newzone)
490 		return (B_FALSE);
491 	if (strlen(handle->zone_dh_delete_name) > 0)
492 		return (B_TRUE);
493 	return (B_FALSE);
494 }
495 
496 static boolean_t
497 is_new(zone_dochandle_t handle)
498 {
499 	return (handle->zone_dh_newzone || handle->zone_dh_snapshot);
500 }
501 
502 static boolean_t
503 is_snapshot(zone_dochandle_t handle)
504 {
505 	return (handle->zone_dh_snapshot);
506 }
507 
508 /*
509  * It would be great to be able to use libc's ctype(3c) macros, but we
510  * can't, as they are locale sensitive, and it would break our limited thread
511  * safety if this routine had to change the app locale on the fly.
512  */
513 int
514 zonecfg_validate_zonename(const char *zone)
515 {
516 	int i;
517 
518 	if (strcmp(zone, GLOBAL_ZONENAME) == 0)
519 		return (Z_BOGUS_ZONE_NAME);
520 
521 	if (strlen(zone) >= ZONENAME_MAX)
522 		return (Z_BOGUS_ZONE_NAME);
523 
524 	if (!((zone[0] >= 'a' && zone[0] <= 'z') ||
525 	    (zone[0] >= 'A' && zone[0] <= 'Z') ||
526 	    (zone[0] >= '0' && zone[0] <= '9')))
527 		return (Z_BOGUS_ZONE_NAME);
528 
529 	for (i = 1; zone[i] != '\0'; i++) {
530 		if (!((zone[i] >= 'a' && zone[i] <= 'z') ||
531 		    (zone[i] >= 'A' && zone[i] <= 'Z') ||
532 		    (zone[i] >= '0' && zone[i] <= '9') ||
533 		    (zone[i] == '-') || (zone[i] == '_') || (zone[i] == '.')))
534 			return (Z_BOGUS_ZONE_NAME);
535 	}
536 
537 	return (Z_OK);
538 }
539 
540 /*
541  * Changing the zone name requires us to track both the old and new
542  * name of the zone until commit time.
543  */
544 int
545 zonecfg_get_name(zone_dochandle_t handle, char *name, size_t namesize)
546 {
547 	return (getrootattr(handle, DTD_ATTR_NAME, name, namesize));
548 }
549 
550 int
551 zonecfg_set_name(zone_dochandle_t handle, char *name)
552 {
553 	zone_state_t state;
554 	char curname[ZONENAME_MAX], old_delname[ZONENAME_MAX];
555 	int err;
556 
557 	if ((err = getrootattr(handle, DTD_ATTR_NAME, curname,
558 	    sizeof (curname))) != Z_OK)
559 		return (err);
560 
561 	if (strcmp(name, curname) == 0)
562 		return (Z_OK);
563 
564 	/*
565 	 * Switching zone names to one beginning with SUNW is not permitted.
566 	 */
567 	if (strncmp(name, "SUNW", 4) == 0)
568 		return (Z_BOGUS_ZONE_NAME);
569 
570 	if ((err = zonecfg_validate_zonename(name)) != Z_OK)
571 		return (err);
572 
573 	/*
574 	 * Setting the name back to the original name (effectively a revert of
575 	 * the name) is fine.  But if we carry on, we'll falsely identify the
576 	 * name as "in use," so special case here.
577 	 */
578 	if (strcmp(name, handle->zone_dh_delete_name) == 0) {
579 		err = setrootattr(handle, DTD_ATTR_NAME, name);
580 		handle->zone_dh_delete_name[0] = '\0';
581 		return (err);
582 	}
583 
584 	/* Check to see if new name chosen is already in use */
585 	if (zone_get_state(name, &state) != Z_NO_ZONE)
586 		return (Z_NAME_IN_USE);
587 
588 	/*
589 	 * If this isn't already "new" or in a renaming transition, then
590 	 * we're initiating a rename here; so stash the "delete name"
591 	 * (i.e. the name of the zone we'll be removing) for the rename.
592 	 */
593 	(void) strlcpy(old_delname, handle->zone_dh_delete_name,
594 	    sizeof (old_delname));
595 	if (!is_new(handle) && !is_renaming(handle)) {
596 		/*
597 		 * Name change is allowed only when the zone we're altering
598 		 * is not ready or running.
599 		 */
600 		err = zone_get_state(curname, &state);
601 		if (err == Z_OK) {
602 			if (state > ZONE_STATE_INSTALLED)
603 				return (Z_BAD_ZONE_STATE);
604 		} else if (err != Z_NO_ZONE) {
605 			return (err);
606 		}
607 
608 		(void) strlcpy(handle->zone_dh_delete_name, curname,
609 		    sizeof (handle->zone_dh_delete_name));
610 		assert(is_renaming(handle));
611 	} else if (is_renaming(handle)) {
612 		err = zone_get_state(handle->zone_dh_delete_name, &state);
613 		if (err == Z_OK) {
614 			if (state > ZONE_STATE_INSTALLED)
615 				return (Z_BAD_ZONE_STATE);
616 		} else if (err != Z_NO_ZONE) {
617 			return (err);
618 		}
619 	}
620 
621 	if ((err = setrootattr(handle, DTD_ATTR_NAME, name)) != Z_OK) {
622 		/*
623 		 * Restore the deletename to whatever it was at the
624 		 * top of the routine, since we've had a failure.
625 		 */
626 		(void) strlcpy(handle->zone_dh_delete_name, old_delname,
627 		    sizeof (handle->zone_dh_delete_name));
628 		return (err);
629 	}
630 
631 	return (Z_OK);
632 }
633 
634 int
635 zonecfg_get_zonepath(zone_dochandle_t handle, char *path, size_t pathsize)
636 {
637 	size_t len;
638 
639 	if ((len = strlcpy(path, zonecfg_root, pathsize)) >= pathsize)
640 		return (Z_TOO_BIG);
641 	return (getrootattr(handle, DTD_ATTR_ZONEPATH, path + len,
642 	    pathsize - len));
643 }
644 
645 int
646 zonecfg_set_zonepath(zone_dochandle_t handle, char *zonepath)
647 {
648 	return (setrootattr(handle, DTD_ATTR_ZONEPATH, zonepath));
649 }
650 
651 int
652 zonecfg_get_autoboot(zone_dochandle_t handle, boolean_t *autoboot)
653 {
654 	char autobootstr[DTD_ENTITY_BOOL_LEN];
655 	int ret;
656 
657 	if ((ret = getrootattr(handle, DTD_ATTR_AUTOBOOT, autobootstr,
658 	    sizeof (autobootstr))) != Z_OK)
659 		return (ret);
660 
661 	if (strcmp(autobootstr, DTD_ENTITY_TRUE) == 0)
662 		*autoboot = B_TRUE;
663 	else if (strcmp(autobootstr, DTD_ENTITY_FALSE) == 0)
664 		*autoboot = B_FALSE;
665 	else
666 		ret = Z_BAD_PROPERTY;
667 	return (ret);
668 }
669 
670 int
671 zonecfg_set_autoboot(zone_dochandle_t handle, boolean_t autoboot)
672 {
673 	return (setrootattr(handle, DTD_ATTR_AUTOBOOT,
674 	    autoboot ? DTD_ENTITY_TRUE : DTD_ENTITY_FALSE));
675 }
676 
677 int
678 zonecfg_get_pool(zone_dochandle_t handle, char *pool, size_t poolsize)
679 {
680 	return (getrootattr(handle, DTD_ATTR_POOL, pool, poolsize));
681 }
682 
683 int
684 zonecfg_set_pool(zone_dochandle_t handle, char *pool)
685 {
686 	return (setrootattr(handle, DTD_ATTR_POOL, pool));
687 }
688 
689 /*
690  * /etc/zones/index caches a vital piece of information which is also
691  * in the <zonename>.xml file: the path to the zone.  This is for performance,
692  * since we need to walk all zonepath's in order to be able to detect conflicts
693  * (see crosscheck_zonepaths() in the zoneadm command).
694  *
695  * An additional complexity is that when doing a rename, we'd like the entire
696  * index update operation (rename, and potential state changes) to be atomic.
697  * In general, the operation of this function should succeed or fail as
698  * a unit.
699  */
700 int
701 zonecfg_refresh_index_file(zone_dochandle_t handle)
702 {
703 	char name[ZONENAME_MAX], zonepath[MAXPATHLEN];
704 	struct zoneent ze;
705 	int err;
706 	int opcode;
707 	char *zn;
708 
709 	bzero(&ze, sizeof (ze));
710 	ze.zone_state = -1;	/* Preserve existing state in index */
711 
712 	if ((err = zonecfg_get_name(handle, name, sizeof (name))) != Z_OK)
713 		return (err);
714 	(void) strlcpy(ze.zone_name, name, sizeof (ze.zone_name));
715 
716 	if ((err = zonecfg_get_zonepath(handle, zonepath,
717 	    sizeof (zonepath))) != Z_OK)
718 		return (err);
719 	(void) strlcpy(ze.zone_path, zonepath, sizeof (ze.zone_path));
720 
721 	if (is_renaming(handle)) {
722 		opcode = PZE_MODIFY;
723 		(void) strlcpy(ze.zone_name, handle->zone_dh_delete_name,
724 		    sizeof (ze.zone_name));
725 		(void) strlcpy(ze.zone_newname, name, sizeof (ze.zone_newname));
726 	} else if (is_new(handle)) {
727 		FILE *cookie;
728 		/*
729 		 * Be tolerant of the zone already existing in the index file,
730 		 * since we might be forcibly overwriting an existing
731 		 * configuration with a new one (for example 'create -F'
732 		 * in zonecfg).
733 		 */
734 		opcode = PZE_ADD;
735 		cookie = setzoneent();
736 		while ((zn = getzoneent(cookie)) != NULL) {
737 			if (strcmp(zn, name) == 0) {
738 				opcode = PZE_MODIFY;
739 				free(zn);
740 				break;
741 			}
742 			free(zn);
743 		}
744 		endzoneent(cookie);
745 		ze.zone_state = ZONE_STATE_CONFIGURED;
746 	} else {
747 		opcode = PZE_MODIFY;
748 	}
749 
750 	if ((err = putzoneent(&ze, opcode)) != Z_OK)
751 		return (err);
752 
753 	return (Z_OK);
754 }
755 
756 /*
757  * The goal of this routine is to cause the index file update and the
758  * document save to happen as an atomic operation.  We do the document
759  * first, saving a backup copy using a hard link; if that succeeds, we go
760  * on to the index.  If that fails, we roll the document back into place.
761  *
762  * Strategy:
763  *
764  * New zone 'foo' configuration:
765  * 	Create tmpfile (zonecfg.xxxxxx)
766  * 	Write XML to tmpfile
767  * 	Rename tmpfile to xmlfile (zonecfg.xxxxxx -> foo.xml)
768  * 	Add entry to index file
769  * 	If it fails, delete foo.xml, leaving nothing behind.
770  *
771  * Save existing zone 'foo':
772  * 	Make backup of foo.xml -> .backup
773  * 	Create tmpfile (zonecfg.xxxxxx)
774  * 	Write XML to tmpfile
775  * 	Rename tmpfile to xmlfile (zonecfg.xxxxxx -> foo.xml)
776  * 	Modify index file as needed
777  * 	If it fails, recover from .backup -> foo.xml
778  *
779  * Rename 'foo' to 'bar':
780  * 	Create tmpfile (zonecfg.xxxxxx)
781  * 	Write XML to tmpfile
782  * 	Rename tmpfile to xmlfile (zonecfg.xxxxxx -> bar.xml)
783  * 	Add entry for 'bar' to index file, Remove entry for 'foo' (refresh)
784  * 	If it fails, delete bar.xml; foo.xml is left behind.
785  */
786 static int
787 zonecfg_save_impl(zone_dochandle_t handle, char *filename)
788 {
789 	char tmpfile[MAXPATHLEN];
790 	char bakdir[MAXPATHLEN], bakbase[MAXPATHLEN], bakfile[MAXPATHLEN];
791 	int tmpfd, err;
792 	xmlValidCtxt cvp = { NULL };
793 	boolean_t backup;
794 
795 	(void) strlcpy(tmpfile, filename, sizeof (tmpfile));
796 	(void) dirname(tmpfile);
797 	(void) strlcat(tmpfile, _PATH_TMPFILE, sizeof (tmpfile));
798 
799 	tmpfd = mkstemp(tmpfile);
800 	if (tmpfd == -1) {
801 		(void) unlink(tmpfile);
802 		return (Z_TEMP_FILE);
803 	}
804 	(void) close(tmpfd);
805 
806 	cvp.error = zonecfg_error_func;
807 	cvp.warning = zonecfg_error_func;
808 
809 	/*
810 	 * We do a final validation of the document-- but the library has
811 	 * malfunctioned if it fails to validate, so it's an assert.
812 	 */
813 	assert(xmlValidateDocument(&cvp, handle->zone_dh_doc) != 0);
814 
815 	if (xmlSaveFormatFile(tmpfile, handle->zone_dh_doc, 1) <= 0)
816 		goto err;
817 
818 	(void) chmod(tmpfile, 0644);
819 
820 	/*
821 	 * In the event we are doing a standard save, hard link a copy of the
822 	 * original file in .backup.<pid>.filename so we can restore it if
823 	 * something goes wrong.
824 	 */
825 	if (!is_new(handle) && !is_renaming(handle)) {
826 		backup = B_TRUE;
827 
828 		(void) strlcpy(bakdir, filename, sizeof (bakdir));
829 		(void) strlcpy(bakbase, filename, sizeof (bakbase));
830 		(void) snprintf(bakfile, sizeof (bakfile), "%s/.backup.%d.%s",
831 		    dirname(bakdir), getpid(), basename(bakbase));
832 
833 		if (link(filename, bakfile) == -1) {
834 			err = errno;
835 			(void) unlink(tmpfile);
836 			if (errno == EACCES)
837 				return (Z_ACCES);
838 			return (Z_MISC_FS);
839 		}
840 	}
841 
842 	/*
843 	 * Move the new document over top of the old.
844 	 * i.e.:   zonecfg.XXXXXX  ->  myzone.xml
845 	 */
846 	if (rename(tmpfile, filename) == -1) {
847 		err = errno;
848 		(void) unlink(tmpfile);
849 		if (backup)
850 			(void) unlink(bakfile);
851 		if (err == EACCES)
852 			return (Z_ACCES);
853 		return (Z_MISC_FS);
854 	}
855 
856 	/*
857 	 * If this is a snapshot, we're done-- don't add an index entry.
858 	 */
859 	if (is_snapshot(handle))
860 		return (Z_OK);
861 
862 	/* now update the index file to reflect whatever we just did */
863 	if ((err = zonecfg_refresh_index_file(handle)) != Z_OK) {
864 		if (backup) {
865 			/*
866 			 * Try to restore from our backup.
867 			 */
868 			(void) unlink(filename);
869 			(void) rename(bakfile, filename);
870 		} else {
871 			/*
872 			 * Either the zone is new, in which case we can delete
873 			 * new.xml, or we're doing a rename, so ditto.
874 			 */
875 			assert(is_new(handle) || is_renaming(handle));
876 			(void) unlink(filename);
877 		}
878 		return (Z_UPDATING_INDEX);
879 	}
880 
881 	if (backup)
882 		(void) unlink(bakfile);
883 
884 	return (Z_OK);
885 
886 err:
887 	(void) unlink(tmpfile);
888 	return (Z_SAVING_FILE);
889 }
890 
891 int
892 zonecfg_save(zone_dochandle_t handle)
893 {
894 	char zname[ZONENAME_MAX], path[MAXPATHLEN];
895 	char delpath[MAXPATHLEN];
896 	int err = Z_SAVING_FILE;
897 
898 	if (zonecfg_check_handle(handle) != Z_OK)
899 		return (Z_BAD_HANDLE);
900 
901 	/*
902 	 * We don't support saving snapshots at this time.
903 	 */
904 	if (handle->zone_dh_snapshot)
905 		return (Z_INVAL);
906 
907 	if ((err = zonecfg_get_name(handle, zname, sizeof (zname))) != Z_OK)
908 		return (err);
909 
910 	if (!config_file_path(zname, path))
911 		return (Z_MISC_FS);
912 
913 	addcomment(handle, "\n    DO NOT EDIT THIS "
914 	    "FILE.  Use zonecfg(1M) instead.\n");
915 
916 	err = zonecfg_save_impl(handle, path);
917 
918 	stripcomments(handle);
919 
920 	if (err != Z_OK)
921 		return (err);
922 
923 	handle->zone_dh_newzone = B_FALSE;
924 
925 	if (is_renaming(handle)) {
926 		if (config_file_path(handle->zone_dh_delete_name, delpath))
927 			(void) unlink(delpath);
928 		handle->zone_dh_delete_name[0] = '\0';
929 	}
930 
931 	return (Z_OK);
932 }
933 
934 /*
935  * Special case: if access(2) fails with ENOENT, then try again using
936  * ZONE_CONFIG_ROOT instead of config_file_path(zonename).  This is how we
937  * work around the case of a config file which has not been created yet:
938  * the user will need access to the directory so use that as a heuristic.
939  */
940 
941 int
942 zonecfg_access(const char *zonename, int amode)
943 {
944 	char path[MAXPATHLEN];
945 
946 	if (!config_file_path(zonename, path))
947 		return (Z_INVAL);
948 	if (access(path, amode) == 0)
949 		return (Z_OK);
950 	if (errno == ENOENT) {
951 		if (snprintf(path, sizeof (path), "%s%s", zonecfg_root,
952 		    ZONE_CONFIG_ROOT) >= sizeof (path))
953 			return (Z_INVAL);
954 		if (access(path, amode) == 0)
955 			return (Z_OK);
956 	}
957 	if (errno == EACCES)
958 		return (Z_ACCES);
959 	if (errno == EINVAL)
960 		return (Z_INVAL);
961 	return (Z_MISC_FS);
962 }
963 
964 int
965 zonecfg_create_snapshot(const char *zonename)
966 {
967 	zone_dochandle_t handle;
968 	char path[MAXPATHLEN], zonepath[MAXPATHLEN], rpath[MAXPATHLEN];
969 	int error = Z_OK, res;
970 
971 	if ((handle = zonecfg_init_handle()) == NULL) {
972 		return (Z_NOMEM);
973 	}
974 
975 	handle->zone_dh_newzone = B_TRUE;
976 	handle->zone_dh_snapshot = B_TRUE;
977 
978 	if ((error = zonecfg_get_handle(zonename, handle)) != Z_OK)
979 		goto out;
980 	if ((error = operation_prep(handle)) != Z_OK)
981 		goto out;
982 	error = zonecfg_get_zonepath(handle, zonepath, sizeof (zonepath));
983 	if (error != Z_OK)
984 		goto out;
985 	if ((res = resolvepath(zonepath, rpath, sizeof (rpath))) == -1) {
986 		error = Z_RESOLVED_PATH;
987 		goto out;
988 	}
989 	/*
990 	 * If the resolved path is not the same as the original path, then
991 	 * save the resolved path in the snapshot, thus preventing any
992 	 * potential problems down the line when zoneadmd goes to unmount
993 	 * file systems and depends on initial string matches with resolved
994 	 * paths.
995 	 */
996 	rpath[res] = '\0';
997 	if (strcmp(zonepath, rpath) != 0) {
998 		if ((error = zonecfg_set_zonepath(handle, rpath)) != Z_OK)
999 			goto out;
1000 	}
1001 	if (snprintf(path, sizeof (path), "%s%s", zonecfg_root,
1002 	    ZONE_SNAPSHOT_ROOT) >= sizeof (path)) {
1003 		error = Z_MISC_FS;
1004 		goto out;
1005 	}
1006 	if ((mkdir(path, S_IRWXU) == -1) && (errno != EEXIST)) {
1007 		error = Z_MISC_FS;
1008 		goto out;
1009 	}
1010 
1011 	if (!snap_file_path(zonename, path)) {
1012 		error = Z_MISC_FS;
1013 		goto out;
1014 	}
1015 
1016 	addcomment(handle, "\n    DO NOT EDIT THIS FILE.  "
1017 	    "It is a snapshot of running zone state.\n");
1018 
1019 	error = zonecfg_save_impl(handle, path);
1020 
1021 	stripcomments(handle);
1022 
1023 out:
1024 	zonecfg_fini_handle(handle);
1025 	return (error);
1026 }
1027 
1028 static int
1029 newprop(xmlNodePtr node, const xmlChar *attrname, char *src)
1030 {
1031 	xmlAttrPtr newattr;
1032 
1033 	newattr = xmlNewProp(node, attrname, (xmlChar *)src);
1034 	if (newattr == NULL) {
1035 		xmlUnlinkNode(node);
1036 		xmlFreeNode(node);
1037 		return (Z_BAD_PROPERTY);
1038 	}
1039 	return (Z_OK);
1040 }
1041 
1042 static int
1043 zonecfg_add_filesystem_core(zone_dochandle_t handle, struct zone_fstab *tabptr)
1044 {
1045 	xmlNodePtr newnode, cur = handle->zone_dh_cur, options_node;
1046 	zone_fsopt_t *ptr;
1047 	int err;
1048 
1049 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_FS, NULL);
1050 	if ((err = newprop(newnode, DTD_ATTR_SPECIAL,
1051 	    tabptr->zone_fs_special)) != Z_OK)
1052 		return (err);
1053 	if (tabptr->zone_fs_raw[0] != '\0' &&
1054 	    (err = newprop(newnode, DTD_ATTR_RAW, tabptr->zone_fs_raw)) != Z_OK)
1055 		return (err);
1056 	if ((err = newprop(newnode, DTD_ATTR_DIR, tabptr->zone_fs_dir)) != Z_OK)
1057 		return (err);
1058 	if ((err = newprop(newnode, DTD_ATTR_TYPE,
1059 	    tabptr->zone_fs_type)) != Z_OK)
1060 		return (err);
1061 	if (tabptr->zone_fs_options != NULL) {
1062 		for (ptr = tabptr->zone_fs_options; ptr != NULL;
1063 		    ptr = ptr->zone_fsopt_next) {
1064 			options_node = xmlNewTextChild(newnode, NULL,
1065 			    DTD_ELEM_FSOPTION, NULL);
1066 			if ((err = newprop(options_node, DTD_ATTR_NAME,
1067 			    ptr->zone_fsopt_opt)) != Z_OK)
1068 				return (err);
1069 		}
1070 	}
1071 	return (Z_OK);
1072 }
1073 
1074 int
1075 zonecfg_add_filesystem(zone_dochandle_t handle, struct zone_fstab *tabptr)
1076 {
1077 	int err;
1078 
1079 	if (tabptr == NULL)
1080 		return (Z_INVAL);
1081 
1082 	if ((err = operation_prep(handle)) != Z_OK)
1083 		return (err);
1084 
1085 	if ((err = zonecfg_add_filesystem_core(handle, tabptr)) != Z_OK)
1086 		return (err);
1087 
1088 	return (Z_OK);
1089 }
1090 
1091 static int
1092 zonecfg_add_ipd_core(zone_dochandle_t handle, struct zone_fstab *tabptr)
1093 {
1094 	xmlNodePtr newnode, cur = handle->zone_dh_cur;
1095 	int err;
1096 
1097 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_IPD, NULL);
1098 	if ((err = newprop(newnode, DTD_ATTR_DIR, tabptr->zone_fs_dir)) != Z_OK)
1099 		return (err);
1100 	return (Z_OK);
1101 }
1102 
1103 int
1104 zonecfg_add_ipd(zone_dochandle_t handle, struct zone_fstab *tabptr)
1105 {
1106 	int err;
1107 
1108 	if (tabptr == NULL)
1109 		return (Z_INVAL);
1110 
1111 	if ((err = operation_prep(handle)) != Z_OK)
1112 		return (err);
1113 
1114 	if ((err = zonecfg_add_ipd_core(handle, tabptr)) != Z_OK)
1115 		return (err);
1116 
1117 	return (Z_OK);
1118 }
1119 
1120 int
1121 zonecfg_add_fs_option(struct zone_fstab *tabptr, char *option)
1122 {
1123 	zone_fsopt_t *last, *old, *new;
1124 
1125 	last = tabptr->zone_fs_options;
1126 	for (old = last; old != NULL; old = old->zone_fsopt_next)
1127 		last = old;	/* walk to the end of the list */
1128 	new = (zone_fsopt_t *)malloc(sizeof (zone_fsopt_t));
1129 	if (new == NULL)
1130 		return (Z_NOMEM);
1131 	(void) strlcpy(new->zone_fsopt_opt, option,
1132 	    sizeof (new->zone_fsopt_opt));
1133 	new->zone_fsopt_next = NULL;
1134 	if (last == NULL)
1135 		tabptr->zone_fs_options = new;
1136 	else
1137 		last->zone_fsopt_next = new;
1138 	return (Z_OK);
1139 }
1140 
1141 int
1142 zonecfg_remove_fs_option(struct zone_fstab *tabptr, char *option)
1143 {
1144 	zone_fsopt_t *last, *this, *next;
1145 
1146 	last = tabptr->zone_fs_options;
1147 	for (this = last; this != NULL; this = this->zone_fsopt_next) {
1148 		if (strcmp(this->zone_fsopt_opt, option) == 0) {
1149 			next = this->zone_fsopt_next;
1150 			if (this == tabptr->zone_fs_options)
1151 				tabptr->zone_fs_options = next;
1152 			else
1153 				last->zone_fsopt_next = next;
1154 			free(this);
1155 			return (Z_OK);
1156 		} else
1157 			last = this;
1158 	}
1159 	return (Z_NO_PROPERTY_ID);
1160 }
1161 
1162 void
1163 zonecfg_free_fs_option_list(zone_fsopt_t *list)
1164 {
1165 	zone_fsopt_t *this, *next;
1166 
1167 	for (this = list; this != NULL; this = next) {
1168 		next = this->zone_fsopt_next;
1169 		free(this);
1170 	}
1171 }
1172 
1173 void
1174 zonecfg_free_rctl_value_list(struct zone_rctlvaltab *valtab)
1175 {
1176 	if (valtab == NULL)
1177 		return;
1178 	zonecfg_free_rctl_value_list(valtab->zone_rctlval_next);
1179 	free(valtab);
1180 }
1181 
1182 static boolean_t
1183 match_prop(xmlNodePtr cur, const xmlChar *attr, char *user_prop)
1184 {
1185 	xmlChar *gotten_prop;
1186 	int prop_result;
1187 
1188 	gotten_prop = xmlGetProp(cur, attr);
1189 	if (gotten_prop == NULL)	/* shouldn't happen */
1190 		return (B_FALSE);
1191 	prop_result = xmlStrcmp(gotten_prop, (const xmlChar *) user_prop);
1192 	xmlFree(gotten_prop);
1193 	return ((prop_result == 0));
1194 }
1195 
1196 static int
1197 zonecfg_delete_filesystem_core(zone_dochandle_t handle,
1198     struct zone_fstab *tabptr)
1199 {
1200 	xmlNodePtr cur = handle->zone_dh_cur;
1201 	boolean_t dir_match, spec_match, raw_match, type_match;
1202 
1203 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1204 		if (xmlStrcmp(cur->name, DTD_ELEM_FS))
1205 			continue;
1206 		dir_match = match_prop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir);
1207 		spec_match = match_prop(cur, DTD_ATTR_SPECIAL,
1208 		    tabptr->zone_fs_special);
1209 		raw_match = match_prop(cur, DTD_ATTR_RAW,
1210 		    tabptr->zone_fs_raw);
1211 		type_match = match_prop(cur, DTD_ATTR_TYPE,
1212 		    tabptr->zone_fs_type);
1213 		if (dir_match && spec_match && raw_match && type_match) {
1214 			xmlUnlinkNode(cur);
1215 			xmlFreeNode(cur);
1216 			return (Z_OK);
1217 		}
1218 	}
1219 	return (Z_NO_RESOURCE_ID);
1220 }
1221 
1222 int
1223 zonecfg_delete_filesystem(zone_dochandle_t handle, struct zone_fstab *tabptr)
1224 {
1225 	int err;
1226 
1227 	if (tabptr == NULL)
1228 		return (Z_INVAL);
1229 
1230 	if ((err = operation_prep(handle)) != Z_OK)
1231 		return (err);
1232 
1233 	if ((err = zonecfg_delete_filesystem_core(handle, tabptr)) != Z_OK)
1234 		return (err);
1235 
1236 	return (Z_OK);
1237 }
1238 
1239 int
1240 zonecfg_modify_filesystem(
1241 	zone_dochandle_t handle,
1242 	struct zone_fstab *oldtabptr,
1243 	struct zone_fstab *newtabptr)
1244 {
1245 	int err;
1246 
1247 	if (oldtabptr == NULL || newtabptr == NULL)
1248 		return (Z_INVAL);
1249 
1250 	if ((err = operation_prep(handle)) != Z_OK)
1251 		return (err);
1252 
1253 	if ((err = zonecfg_delete_filesystem_core(handle, oldtabptr)) != Z_OK)
1254 		return (err);
1255 
1256 	if ((err = zonecfg_add_filesystem_core(handle, newtabptr)) != Z_OK)
1257 		return (err);
1258 
1259 	return (Z_OK);
1260 }
1261 
1262 static int
1263 zonecfg_delete_ipd_core(zone_dochandle_t handle, struct zone_fstab *tabptr)
1264 {
1265 	xmlNodePtr cur = handle->zone_dh_cur;
1266 
1267 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1268 		if (xmlStrcmp(cur->name, DTD_ELEM_IPD))
1269 			continue;
1270 		if (match_prop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir)) {
1271 			xmlUnlinkNode(cur);
1272 			xmlFreeNode(cur);
1273 			return (Z_OK);
1274 		}
1275 	}
1276 	return (Z_NO_RESOURCE_ID);
1277 }
1278 
1279 int
1280 zonecfg_delete_ipd(zone_dochandle_t handle, struct zone_fstab *tabptr)
1281 {
1282 	int err;
1283 
1284 	if (tabptr == NULL)
1285 		return (Z_INVAL);
1286 
1287 	if ((err = operation_prep(handle)) != Z_OK)
1288 		return (err);
1289 
1290 	if ((err = zonecfg_delete_ipd_core(handle, tabptr)) != Z_OK)
1291 		return (err);
1292 
1293 	return (Z_OK);
1294 }
1295 
1296 int
1297 zonecfg_modify_ipd(zone_dochandle_t handle, struct zone_fstab *oldtabptr,
1298     struct zone_fstab *newtabptr)
1299 {
1300 	int err;
1301 
1302 	if (oldtabptr == NULL || newtabptr == NULL)
1303 		return (Z_INVAL);
1304 
1305 	if ((err = operation_prep(handle)) != Z_OK)
1306 		return (err);
1307 
1308 	if ((err = zonecfg_delete_ipd_core(handle, oldtabptr)) != Z_OK)
1309 		return (err);
1310 
1311 	if ((err = zonecfg_add_ipd_core(handle, newtabptr)) != Z_OK)
1312 		return (err);
1313 
1314 	return (Z_OK);
1315 }
1316 
1317 static int
1318 fetchprop(xmlNodePtr cur, const xmlChar *propname, char *dst, size_t dstsize)
1319 {
1320 	xmlChar *property;
1321 	size_t srcsize;
1322 
1323 	if ((property = xmlGetProp(cur, propname)) == NULL)
1324 		return (Z_BAD_PROPERTY);
1325 	srcsize = strlcpy(dst, (char *)property, dstsize);
1326 	xmlFree(property);
1327 	if (srcsize >= dstsize)
1328 		return (Z_TOO_BIG);
1329 	return (Z_OK);
1330 }
1331 
1332 int
1333 zonecfg_lookup_filesystem(
1334 	zone_dochandle_t handle,
1335 	struct zone_fstab *tabptr)
1336 {
1337 	xmlNodePtr cur, options, firstmatch;
1338 	int err;
1339 	char dirname[MAXPATHLEN], special[MAXPATHLEN], raw[MAXPATHLEN];
1340 	char type[FSTYPSZ];
1341 	char options_str[MAX_MNTOPT_STR];
1342 
1343 	if (tabptr == NULL)
1344 		return (Z_INVAL);
1345 
1346 	if ((err = operation_prep(handle)) != Z_OK)
1347 		return (err);
1348 
1349 	/*
1350 	 * Walk the list of children looking for matches on any properties
1351 	 * specified in the fstab parameter.  If more than one resource
1352 	 * matches, we return Z_INSUFFICIENT_SPEC; if none match, we return
1353 	 * Z_NO_RESOURCE_ID.
1354 	 */
1355 	cur = handle->zone_dh_cur;
1356 	firstmatch = NULL;
1357 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1358 		if (xmlStrcmp(cur->name, DTD_ELEM_FS))
1359 			continue;
1360 		if (strlen(tabptr->zone_fs_dir) > 0) {
1361 			if ((fetchprop(cur, DTD_ATTR_DIR, dirname,
1362 			    sizeof (dirname)) == Z_OK) &&
1363 			    (strcmp(tabptr->zone_fs_dir, dirname) == 0)) {
1364 				if (firstmatch == NULL)
1365 					firstmatch = cur;
1366 				else
1367 					return (Z_INSUFFICIENT_SPEC);
1368 			}
1369 		}
1370 		if (strlen(tabptr->zone_fs_special) > 0) {
1371 			if ((fetchprop(cur, DTD_ATTR_SPECIAL, special,
1372 			    sizeof (special)) == Z_OK)) {
1373 				if (strcmp(tabptr->zone_fs_special,
1374 				    special) == 0) {
1375 					if (firstmatch == NULL)
1376 						firstmatch = cur;
1377 					else if (firstmatch != cur)
1378 						return (Z_INSUFFICIENT_SPEC);
1379 				} else {
1380 					/*
1381 					 * If another property matched but this
1382 					 * one doesn't then reset firstmatch.
1383 					 */
1384 					if (firstmatch == cur)
1385 						firstmatch = NULL;
1386 				}
1387 			}
1388 		}
1389 		if (strlen(tabptr->zone_fs_raw) > 0) {
1390 			if ((fetchprop(cur, DTD_ATTR_RAW, raw,
1391 			    sizeof (raw)) == Z_OK)) {
1392 				if (strcmp(tabptr->zone_fs_raw, raw) == 0) {
1393 					if (firstmatch == NULL)
1394 						firstmatch = cur;
1395 					else if (firstmatch != cur)
1396 						return (Z_INSUFFICIENT_SPEC);
1397 				} else {
1398 					/*
1399 					 * If another property matched but this
1400 					 * one doesn't then reset firstmatch.
1401 					 */
1402 					if (firstmatch == cur)
1403 						firstmatch = NULL;
1404 				}
1405 			}
1406 		}
1407 		if (strlen(tabptr->zone_fs_type) > 0) {
1408 			if ((fetchprop(cur, DTD_ATTR_TYPE, type,
1409 			    sizeof (type)) == Z_OK)) {
1410 				if (strcmp(tabptr->zone_fs_type, type) == 0) {
1411 					if (firstmatch == NULL)
1412 						firstmatch = cur;
1413 					else if (firstmatch != cur)
1414 						return (Z_INSUFFICIENT_SPEC);
1415 				} else {
1416 					/*
1417 					 * If another property matched but this
1418 					 * one doesn't then reset firstmatch.
1419 					 */
1420 					if (firstmatch == cur)
1421 						firstmatch = NULL;
1422 				}
1423 			}
1424 		}
1425 	}
1426 
1427 	if (firstmatch == NULL)
1428 		return (Z_NO_RESOURCE_ID);
1429 
1430 	cur = firstmatch;
1431 
1432 	if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
1433 	    sizeof (tabptr->zone_fs_dir))) != Z_OK)
1434 		return (err);
1435 
1436 	if ((err = fetchprop(cur, DTD_ATTR_SPECIAL, tabptr->zone_fs_special,
1437 	    sizeof (tabptr->zone_fs_special))) != Z_OK)
1438 		return (err);
1439 
1440 	if ((err = fetchprop(cur, DTD_ATTR_RAW, tabptr->zone_fs_raw,
1441 	    sizeof (tabptr->zone_fs_raw))) != Z_OK)
1442 		return (err);
1443 
1444 	if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_fs_type,
1445 	    sizeof (tabptr->zone_fs_type))) != Z_OK)
1446 		return (err);
1447 
1448 	/* options are optional */
1449 	tabptr->zone_fs_options = NULL;
1450 	for (options = cur->xmlChildrenNode; options != NULL;
1451 	    options = options->next) {
1452 		if ((fetchprop(options, DTD_ATTR_NAME, options_str,
1453 		    sizeof (options_str)) != Z_OK))
1454 			break;
1455 		if (zonecfg_add_fs_option(tabptr, options_str) != Z_OK)
1456 			break;
1457 	}
1458 	return (Z_OK);
1459 }
1460 
1461 int
1462 zonecfg_lookup_ipd(zone_dochandle_t handle, struct zone_fstab *tabptr)
1463 {
1464 	xmlNodePtr cur, match;
1465 	int err;
1466 	char dirname[MAXPATHLEN];
1467 
1468 	if (tabptr == NULL)
1469 		return (Z_INVAL);
1470 
1471 	if ((err = operation_prep(handle)) != Z_OK)
1472 		return (err);
1473 
1474 	/*
1475 	 * General algorithm:
1476 	 * Walk the list of children looking for matches on any properties
1477 	 * specified in the fstab parameter.  If more than one resource
1478 	 * matches, we return Z_INSUFFICIENT_SPEC; if none match, we return
1479 	 * Z_NO_RESOURCE_ID.
1480 	 */
1481 	cur = handle->zone_dh_cur;
1482 	match = NULL;
1483 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1484 		if (xmlStrcmp(cur->name, DTD_ELEM_IPD))
1485 			continue;
1486 		if (strlen(tabptr->zone_fs_dir) > 0) {
1487 			if ((fetchprop(cur, DTD_ATTR_DIR, dirname,
1488 			    sizeof (dirname)) == Z_OK) &&
1489 			    (strcmp(tabptr->zone_fs_dir, dirname) == 0)) {
1490 				if (match == NULL)
1491 					match = cur;
1492 				else
1493 					return (Z_INSUFFICIENT_SPEC);
1494 			}
1495 		}
1496 	}
1497 
1498 	if (match == NULL)
1499 		return (Z_NO_RESOURCE_ID);
1500 
1501 	cur = match;
1502 
1503 	if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
1504 	    sizeof (tabptr->zone_fs_dir))) != Z_OK)
1505 		return (err);
1506 
1507 	return (Z_OK);
1508 }
1509 
1510 /*
1511  * Compare two IP addresses in string form.  Allow for the possibility that
1512  * one might have "/<prefix-length>" at the end: allow a match on just the
1513  * IP address (or host name) part.
1514  */
1515 
1516 boolean_t
1517 zonecfg_same_net_address(char *a1, char *a2)
1518 {
1519 	char *slashp, *slashp1, *slashp2;
1520 	int result;
1521 
1522 	if (strcmp(a1, a2) == 0)
1523 		return (B_TRUE);
1524 
1525 	/*
1526 	 * If neither has a slash or both do, they need to match to be
1527 	 * considered the same, but they did not match above, so fail.
1528 	 */
1529 	slashp1 = strchr(a1, '/');
1530 	slashp2 = strchr(a2, '/');
1531 	if ((slashp1 == NULL && slashp2 == NULL) ||
1532 	    (slashp1 != NULL && slashp2 != NULL))
1533 		return (B_FALSE);
1534 
1535 	/*
1536 	 * Only one had a slash: pick that one, zero out the slash, compare
1537 	 * the "address only" strings, restore the slash, and return the
1538 	 * result of the comparison.
1539 	 */
1540 	slashp = (slashp1 == NULL) ? slashp2 : slashp1;
1541 	*slashp = '\0';
1542 	result = strcmp(a1, a2);
1543 	*slashp = '/';
1544 	return ((result == 0));
1545 }
1546 
1547 int
1548 zonecfg_valid_net_address(char *address, struct lifreq *lifr)
1549 {
1550 	struct sockaddr_in *sin4;
1551 	struct sockaddr_in6 *sin6;
1552 	struct addrinfo hints, *result;
1553 	char *slashp = strchr(address, '/');
1554 
1555 	bzero(lifr, sizeof (struct lifreq));
1556 	sin4 = (struct sockaddr_in *)&lifr->lifr_addr;
1557 	sin6 = (struct sockaddr_in6 *)&lifr->lifr_addr;
1558 	if (slashp != NULL)
1559 		*slashp = '\0';
1560 	if (inet_pton(AF_INET, address, &sin4->sin_addr) == 1) {
1561 		sin4->sin_family = AF_INET;
1562 	} else if (inet_pton(AF_INET6, address, &sin6->sin6_addr) == 1) {
1563 		if (slashp == NULL)
1564 			return (Z_IPV6_ADDR_PREFIX_LEN);
1565 		sin6->sin6_family = AF_INET6;
1566 	} else {
1567 		/* "address" may be a host name */
1568 		(void) memset(&hints, 0, sizeof (hints));
1569 		hints.ai_family = PF_INET;
1570 		if (getaddrinfo(address, NULL, &hints, &result) != 0)
1571 			return (Z_BOGUS_ADDRESS);
1572 		sin4->sin_family = result->ai_family;
1573 
1574 		(void) memcpy(&sin4->sin_addr,
1575 		    /* LINTED E_BAD_PTR_CAST_ALIGN */
1576 		    &((struct sockaddr_in *)result->ai_addr)->sin_addr,
1577 		    sizeof (struct in_addr));
1578 
1579 		freeaddrinfo(result);
1580 	}
1581 	return (Z_OK);
1582 }
1583 
1584 int
1585 zonecfg_lookup_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
1586 {
1587 	xmlNodePtr cur, firstmatch;
1588 	int err;
1589 	char address[INET6_ADDRSTRLEN], physical[LIFNAMSIZ];
1590 
1591 	if (tabptr == NULL)
1592 		return (Z_INVAL);
1593 
1594 	if ((err = operation_prep(handle)) != Z_OK)
1595 		return (err);
1596 
1597 	cur = handle->zone_dh_cur;
1598 	firstmatch = NULL;
1599 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1600 		if (xmlStrcmp(cur->name, DTD_ELEM_NET))
1601 			continue;
1602 		if (strlen(tabptr->zone_nwif_physical) > 0) {
1603 			if ((fetchprop(cur, DTD_ATTR_PHYSICAL, physical,
1604 			    sizeof (physical)) == Z_OK) &&
1605 			    (strcmp(tabptr->zone_nwif_physical,
1606 			    physical) == 0)) {
1607 				if (firstmatch == NULL)
1608 					firstmatch = cur;
1609 				else
1610 					return (Z_INSUFFICIENT_SPEC);
1611 			}
1612 		}
1613 		if (strlen(tabptr->zone_nwif_address) > 0) {
1614 			if ((fetchprop(cur, DTD_ATTR_ADDRESS, address,
1615 			    sizeof (address)) == Z_OK)) {
1616 				if (zonecfg_same_net_address(
1617 				    tabptr->zone_nwif_address, address)) {
1618 					if (firstmatch == NULL)
1619 						firstmatch = cur;
1620 					else if (firstmatch != cur)
1621 						return (Z_INSUFFICIENT_SPEC);
1622 				} else {
1623 					/*
1624 					 * If another property matched but this
1625 					 * one doesn't then reset firstmatch.
1626 					 */
1627 					if (firstmatch == cur)
1628 						firstmatch = NULL;
1629 				}
1630 			}
1631 		}
1632 	}
1633 	if (firstmatch == NULL)
1634 		return (Z_NO_RESOURCE_ID);
1635 
1636 	cur = firstmatch;
1637 
1638 	if ((err = fetchprop(cur, DTD_ATTR_PHYSICAL, tabptr->zone_nwif_physical,
1639 	    sizeof (tabptr->zone_nwif_physical))) != Z_OK)
1640 		return (err);
1641 
1642 	if ((err = fetchprop(cur, DTD_ATTR_ADDRESS, tabptr->zone_nwif_address,
1643 	    sizeof (tabptr->zone_nwif_address))) != Z_OK)
1644 		return (err);
1645 
1646 	return (Z_OK);
1647 }
1648 
1649 static int
1650 zonecfg_add_nwif_core(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
1651 {
1652 	xmlNodePtr newnode, cur = handle->zone_dh_cur;
1653 	int err;
1654 
1655 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_NET, NULL);
1656 	if ((err = newprop(newnode, DTD_ATTR_ADDRESS,
1657 	    tabptr->zone_nwif_address)) != Z_OK)
1658 		return (err);
1659 	if ((err = newprop(newnode, DTD_ATTR_PHYSICAL,
1660 	    tabptr->zone_nwif_physical)) != Z_OK)
1661 		return (err);
1662 	return (Z_OK);
1663 }
1664 
1665 int
1666 zonecfg_add_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
1667 {
1668 	int err;
1669 
1670 	if (tabptr == NULL)
1671 		return (Z_INVAL);
1672 
1673 	if ((err = operation_prep(handle)) != Z_OK)
1674 		return (err);
1675 
1676 	if ((err = zonecfg_add_nwif_core(handle, tabptr)) != Z_OK)
1677 		return (err);
1678 
1679 	return (Z_OK);
1680 }
1681 
1682 static int
1683 zonecfg_delete_nwif_core(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
1684 {
1685 	xmlNodePtr cur = handle->zone_dh_cur;
1686 	boolean_t addr_match, phys_match;
1687 
1688 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1689 		if (xmlStrcmp(cur->name, DTD_ELEM_NET))
1690 			continue;
1691 
1692 		addr_match = match_prop(cur, DTD_ATTR_ADDRESS,
1693 		    tabptr->zone_nwif_address);
1694 		phys_match = match_prop(cur, DTD_ATTR_PHYSICAL,
1695 		    tabptr->zone_nwif_physical);
1696 
1697 		if (addr_match && phys_match) {
1698 			xmlUnlinkNode(cur);
1699 			xmlFreeNode(cur);
1700 			return (Z_OK);
1701 		}
1702 	}
1703 	return (Z_NO_RESOURCE_ID);
1704 }
1705 
1706 int
1707 zonecfg_delete_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
1708 {
1709 	int err;
1710 
1711 	if (tabptr == NULL)
1712 		return (Z_INVAL);
1713 
1714 	if ((err = operation_prep(handle)) != Z_OK)
1715 		return (err);
1716 
1717 	if ((err = zonecfg_delete_nwif_core(handle, tabptr)) != Z_OK)
1718 		return (err);
1719 
1720 	return (Z_OK);
1721 }
1722 
1723 int
1724 zonecfg_modify_nwif(
1725 	zone_dochandle_t handle,
1726 	struct zone_nwiftab *oldtabptr,
1727 	struct zone_nwiftab *newtabptr)
1728 {
1729 	int err;
1730 
1731 	if (oldtabptr == NULL || newtabptr == NULL)
1732 		return (Z_INVAL);
1733 
1734 	if ((err = operation_prep(handle)) != Z_OK)
1735 		return (err);
1736 
1737 	if ((err = zonecfg_delete_nwif_core(handle, oldtabptr)) != Z_OK)
1738 		return (err);
1739 
1740 	if ((err = zonecfg_add_nwif_core(handle, newtabptr)) != Z_OK)
1741 		return (err);
1742 
1743 	return (Z_OK);
1744 }
1745 
1746 int
1747 zonecfg_lookup_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
1748 {
1749 	xmlNodePtr cur, firstmatch;
1750 	int err;
1751 	char match[MAXPATHLEN];
1752 
1753 	if (tabptr == NULL)
1754 		return (Z_INVAL);
1755 
1756 	if ((err = operation_prep(handle)) != Z_OK)
1757 		return (err);
1758 
1759 	cur = handle->zone_dh_cur;
1760 	firstmatch = NULL;
1761 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1762 		if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
1763 			continue;
1764 		if (strlen(tabptr->zone_dev_match) == 0)
1765 			continue;
1766 
1767 		if ((fetchprop(cur, DTD_ATTR_MATCH, match,
1768 		    sizeof (match)) == Z_OK)) {
1769 			if (strcmp(tabptr->zone_dev_match,
1770 			    match) == 0) {
1771 				if (firstmatch == NULL)
1772 					firstmatch = cur;
1773 				else if (firstmatch != cur)
1774 					return (Z_INSUFFICIENT_SPEC);
1775 			} else {
1776 				/*
1777 				 * If another property matched but this
1778 				 * one doesn't then reset firstmatch.
1779 				 */
1780 				if (firstmatch == cur)
1781 					firstmatch = NULL;
1782 			}
1783 		}
1784 	}
1785 	if (firstmatch == NULL)
1786 		return (Z_NO_RESOURCE_ID);
1787 
1788 	cur = firstmatch;
1789 
1790 	if ((err = fetchprop(cur, DTD_ATTR_MATCH, tabptr->zone_dev_match,
1791 	    sizeof (tabptr->zone_dev_match))) != Z_OK)
1792 		return (err);
1793 
1794 	return (Z_OK);
1795 }
1796 
1797 static int
1798 zonecfg_add_dev_core(zone_dochandle_t handle, struct zone_devtab *tabptr)
1799 {
1800 	xmlNodePtr newnode, cur = handle->zone_dh_cur;
1801 	int err;
1802 
1803 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DEVICE, NULL);
1804 
1805 	if ((err = newprop(newnode, DTD_ATTR_MATCH,
1806 	    tabptr->zone_dev_match)) != Z_OK)
1807 		return (err);
1808 
1809 	return (Z_OK);
1810 }
1811 
1812 int
1813 zonecfg_add_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
1814 {
1815 	int err;
1816 
1817 	if (tabptr == NULL)
1818 		return (Z_INVAL);
1819 
1820 	if ((err = operation_prep(handle)) != Z_OK)
1821 		return (err);
1822 
1823 	if ((err = zonecfg_add_dev_core(handle, tabptr)) != Z_OK)
1824 		return (err);
1825 
1826 	return (Z_OK);
1827 }
1828 
1829 static int
1830 zonecfg_delete_dev_core(zone_dochandle_t handle, struct zone_devtab *tabptr)
1831 {
1832 	xmlNodePtr cur = handle->zone_dh_cur;
1833 	int match_match;
1834 
1835 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1836 		if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
1837 			continue;
1838 
1839 		match_match = match_prop(cur, DTD_ATTR_MATCH,
1840 		    tabptr->zone_dev_match);
1841 
1842 		if (match_match) {
1843 			xmlUnlinkNode(cur);
1844 			xmlFreeNode(cur);
1845 			return (Z_OK);
1846 		}
1847 	}
1848 	return (Z_NO_RESOURCE_ID);
1849 }
1850 
1851 int
1852 zonecfg_delete_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
1853 {
1854 	int err;
1855 
1856 	if (tabptr == NULL)
1857 		return (Z_INVAL);
1858 
1859 	if ((err = operation_prep(handle)) != Z_OK)
1860 		return (err);
1861 
1862 	if ((err = zonecfg_delete_dev_core(handle, tabptr)) != Z_OK)
1863 		return (err);
1864 
1865 	return (Z_OK);
1866 }
1867 
1868 int
1869 zonecfg_modify_dev(
1870 	zone_dochandle_t handle,
1871 	struct zone_devtab *oldtabptr,
1872 	struct zone_devtab *newtabptr)
1873 {
1874 	int err;
1875 
1876 	if (oldtabptr == NULL || newtabptr == NULL)
1877 		return (Z_INVAL);
1878 
1879 	if ((err = operation_prep(handle)) != Z_OK)
1880 		return (err);
1881 
1882 	if ((err = zonecfg_delete_dev_core(handle, oldtabptr)) != Z_OK)
1883 		return (err);
1884 
1885 	if ((err = zonecfg_add_dev_core(handle, newtabptr)) != Z_OK)
1886 		return (err);
1887 
1888 	return (Z_OK);
1889 }
1890 
1891 /*
1892  * This is the set of devices which must be present in every zone.  Users
1893  * can augment this list with additional device rules in their zone
1894  * configuration, but at present cannot remove any of the this set of
1895  * standard devices.  All matching is done by /dev pathname (the "/dev"
1896  * part is implicit.  Try to keep rules which match a large number of
1897  * devices (like the pts rule) first.
1898  */
1899 static const char *standard_devs[] = {
1900 	"pts/*",
1901 	"ptmx",
1902 	"random",
1903 	"urandom",
1904 	"poll",
1905 	"pool",
1906 	"kstat",
1907 	"zero",
1908 	"null",
1909 	"crypto",
1910 	"cryptoadm",
1911 	"ticots",
1912 	"ticotsord",
1913 	"ticlts",
1914 	"lo0",
1915 	"lo1",
1916 	"lo2",
1917 	"lo3",
1918 	"sad/user",
1919 	"tty",
1920 	"logindmux",
1921 	"log",
1922 	"conslog",
1923 	"arp",
1924 	"tcp",
1925 	"tcp6",
1926 	"udp",
1927 	"udp6",
1928 	"sysevent",
1929 #ifdef __sparc
1930 	"openprom",
1931 #endif
1932 	"cpu/self/cpuid",
1933 	"dtrace/helper",
1934 	"zfs",
1935 	NULL
1936 };
1937 
1938 /*
1939  * This function finds everything mounted under a zone's rootpath.
1940  * This returns the number of mounts under rootpath, or -1 on error.
1941  * callback is called once per mount found with the first argument
1942  * pointing to the  mount point.
1943  *
1944  * If the callback function returns non-zero zonecfg_find_mounts
1945  * aborts with an error.
1946  */
1947 
1948 int
1949 zonecfg_find_mounts(char *rootpath, int (*callback)(const char *, void *),
1950     void *priv) {
1951 	FILE *mnttab;
1952 	struct mnttab m;
1953 	size_t l;
1954 	int rv = 0;
1955 
1956 	assert(rootpath != NULL);
1957 
1958 	l = strlen(rootpath);
1959 
1960 	mnttab = fopen("/etc/mnttab", "r");
1961 
1962 	if (mnttab == NULL)
1963 		return (-1);
1964 
1965 	if (ioctl(fileno(mnttab), MNTIOC_SHOWHIDDEN, NULL) < 0)  {
1966 		rv = -1;
1967 		goto out;
1968 	}
1969 
1970 	while (!getmntent(mnttab, &m)) {
1971 		if ((strncmp(rootpath, m.mnt_mountp, l) == 0) &&
1972 		    (m.mnt_mountp[l] == '/')) {
1973 			rv++;
1974 			if (callback == NULL)
1975 				continue;
1976 			if (callback(m.mnt_mountp, priv)) {
1977 				rv = -1;
1978 				goto out;
1979 
1980 			}
1981 		}
1982 	}
1983 
1984 out:
1985 	(void) fclose(mnttab);
1986 	return (rv);
1987 }
1988 
1989 /*
1990  * This routine is used to determine if a given device should appear in the
1991  * zone represented by 'handle'.  First it consults the list of "standard"
1992  * zone devices.  Then it scans the user-supplied device entries.
1993  */
1994 int
1995 zonecfg_match_dev(zone_dochandle_t handle, char *devpath,
1996     struct zone_devtab *out_match)
1997 {
1998 	int err;
1999 	boolean_t found = B_FALSE;
2000 	char match[MAXPATHLEN];
2001 	const char **stdmatch;
2002 	xmlNodePtr cur;
2003 
2004 	if (handle == NULL || devpath == NULL)
2005 		return (Z_INVAL);
2006 
2007 	/*
2008 	 * Check the "standard" devices which we require to be present.
2009 	 */
2010 	for (stdmatch = &standard_devs[0]; *stdmatch != NULL; stdmatch++) {
2011 		/*
2012 		 * fnmatch gives us simple but powerful shell-style matching.
2013 		 */
2014 		if (fnmatch(*stdmatch, devpath, FNM_PATHNAME) == 0) {
2015 			if (!out_match)
2016 				return (Z_OK);
2017 			(void) snprintf(out_match->zone_dev_match,
2018 			    sizeof (out_match->zone_dev_match),
2019 			    "/dev/%s", *stdmatch);
2020 			return (Z_OK);
2021 		}
2022 	}
2023 
2024 	/*
2025 	 * We got no hits in the set of standard devices.  On to the user
2026 	 * supplied ones.
2027 	 */
2028 	if ((err = operation_prep(handle)) != Z_OK) {
2029 		handle->zone_dh_cur = NULL;
2030 		return (err);
2031 	}
2032 
2033 	cur = handle->zone_dh_cur;
2034 	cur = cur->xmlChildrenNode;
2035 	if (cur == NULL)
2036 		return (Z_NO_ENTRY);
2037 	handle->zone_dh_cur = cur;
2038 
2039 	for (; cur != NULL; cur = cur->next) {
2040 		char *m;
2041 		if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE) != 0)
2042 			continue;
2043 		if ((err = fetchprop(cur, DTD_ATTR_MATCH, match,
2044 		    sizeof (match))) != Z_OK) {
2045 			handle->zone_dh_cur = handle->zone_dh_top;
2046 			return (err);
2047 		}
2048 		m = match;
2049 		/*
2050 		 * fnmatch gives us simple but powerful shell-style matching;
2051 		 * but first, we need to strip out /dev/ from the matching rule.
2052 		 */
2053 		if (strncmp(m, "/dev/", 5) == 0)
2054 			m += 5;
2055 
2056 		if (fnmatch(m, devpath, FNM_PATHNAME) == 0) {
2057 			found = B_TRUE;
2058 			break;
2059 		}
2060 	}
2061 
2062 	if (!found)
2063 		return (Z_NO_ENTRY);
2064 
2065 	if (!out_match)
2066 		return (Z_OK);
2067 
2068 	(void) strlcpy(out_match->zone_dev_match, match,
2069 	    sizeof (out_match->zone_dev_match));
2070 	return (Z_OK);
2071 }
2072 
2073 int
2074 zonecfg_lookup_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2075 {
2076 	xmlNodePtr cur, firstmatch;
2077 	int err;
2078 	char name[MAXNAMELEN], type[MAXNAMELEN], value[MAXNAMELEN];
2079 
2080 	if (tabptr == NULL)
2081 		return (Z_INVAL);
2082 
2083 	if ((err = operation_prep(handle)) != Z_OK)
2084 		return (err);
2085 
2086 	cur = handle->zone_dh_cur;
2087 	firstmatch = NULL;
2088 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2089 		if (xmlStrcmp(cur->name, DTD_ELEM_ATTR))
2090 			continue;
2091 		if (strlen(tabptr->zone_attr_name) > 0) {
2092 			if ((fetchprop(cur, DTD_ATTR_NAME, name,
2093 			    sizeof (name)) == Z_OK) &&
2094 			    (strcmp(tabptr->zone_attr_name, name) == 0)) {
2095 				if (firstmatch == NULL)
2096 					firstmatch = cur;
2097 				else
2098 					return (Z_INSUFFICIENT_SPEC);
2099 			}
2100 		}
2101 		if (strlen(tabptr->zone_attr_type) > 0) {
2102 			if ((fetchprop(cur, DTD_ATTR_TYPE, type,
2103 			    sizeof (type)) == Z_OK)) {
2104 				if (strcmp(tabptr->zone_attr_type, type) == 0) {
2105 					if (firstmatch == NULL)
2106 						firstmatch = cur;
2107 					else if (firstmatch != cur)
2108 						return (Z_INSUFFICIENT_SPEC);
2109 				} else {
2110 					/*
2111 					 * If another property matched but this
2112 					 * one doesn't then reset firstmatch.
2113 					 */
2114 					if (firstmatch == cur)
2115 						firstmatch = NULL;
2116 				}
2117 			}
2118 		}
2119 		if (strlen(tabptr->zone_attr_value) > 0) {
2120 			if ((fetchprop(cur, DTD_ATTR_VALUE, value,
2121 			    sizeof (value)) == Z_OK)) {
2122 				if (strcmp(tabptr->zone_attr_value, value) ==
2123 				    0) {
2124 					if (firstmatch == NULL)
2125 						firstmatch = cur;
2126 					else if (firstmatch != cur)
2127 						return (Z_INSUFFICIENT_SPEC);
2128 				} else {
2129 					/*
2130 					 * If another property matched but this
2131 					 * one doesn't then reset firstmatch.
2132 					 */
2133 					if (firstmatch == cur)
2134 						firstmatch = NULL;
2135 				}
2136 			}
2137 		}
2138 	}
2139 	if (firstmatch == NULL)
2140 		return (Z_NO_RESOURCE_ID);
2141 
2142 	cur = firstmatch;
2143 
2144 	if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_attr_name,
2145 	    sizeof (tabptr->zone_attr_name))) != Z_OK)
2146 		return (err);
2147 
2148 	if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_attr_type,
2149 	    sizeof (tabptr->zone_attr_type))) != Z_OK)
2150 		return (err);
2151 
2152 	if ((err = fetchprop(cur, DTD_ATTR_VALUE, tabptr->zone_attr_value,
2153 	    sizeof (tabptr->zone_attr_value))) != Z_OK)
2154 		return (err);
2155 
2156 	return (Z_OK);
2157 }
2158 
2159 static int
2160 zonecfg_add_attr_core(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2161 {
2162 	xmlNodePtr newnode, cur = handle->zone_dh_cur;
2163 	int err;
2164 
2165 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_ATTR, NULL);
2166 	err = newprop(newnode, DTD_ATTR_NAME, tabptr->zone_attr_name);
2167 	if (err != Z_OK)
2168 		return (err);
2169 	err = newprop(newnode, DTD_ATTR_TYPE, tabptr->zone_attr_type);
2170 	if (err != Z_OK)
2171 		return (err);
2172 	err = newprop(newnode, DTD_ATTR_VALUE, tabptr->zone_attr_value);
2173 	if (err != Z_OK)
2174 		return (err);
2175 	return (Z_OK);
2176 }
2177 
2178 int
2179 zonecfg_add_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2180 {
2181 	int err;
2182 
2183 	if (tabptr == NULL)
2184 		return (Z_INVAL);
2185 
2186 	if ((err = operation_prep(handle)) != Z_OK)
2187 		return (err);
2188 
2189 	if ((err = zonecfg_add_attr_core(handle, tabptr)) != Z_OK)
2190 		return (err);
2191 
2192 	return (Z_OK);
2193 }
2194 
2195 static int
2196 zonecfg_delete_attr_core(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2197 {
2198 	xmlNodePtr cur = handle->zone_dh_cur;
2199 	int name_match, type_match, value_match;
2200 
2201 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2202 		if (xmlStrcmp(cur->name, DTD_ELEM_ATTR))
2203 			continue;
2204 
2205 		name_match = match_prop(cur, DTD_ATTR_NAME,
2206 		    tabptr->zone_attr_name);
2207 		type_match = match_prop(cur, DTD_ATTR_TYPE,
2208 		    tabptr->zone_attr_type);
2209 		value_match = match_prop(cur, DTD_ATTR_VALUE,
2210 		    tabptr->zone_attr_value);
2211 
2212 		if (name_match && type_match && value_match) {
2213 			xmlUnlinkNode(cur);
2214 			xmlFreeNode(cur);
2215 			return (Z_OK);
2216 		}
2217 	}
2218 	return (Z_NO_RESOURCE_ID);
2219 }
2220 
2221 int
2222 zonecfg_delete_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2223 {
2224 	int err;
2225 
2226 	if (tabptr == NULL)
2227 		return (Z_INVAL);
2228 
2229 	if ((err = operation_prep(handle)) != Z_OK)
2230 		return (err);
2231 
2232 	if ((err = zonecfg_delete_attr_core(handle, tabptr)) != Z_OK)
2233 		return (err);
2234 
2235 	return (Z_OK);
2236 }
2237 
2238 int
2239 zonecfg_modify_attr(
2240 	zone_dochandle_t handle,
2241 	struct zone_attrtab *oldtabptr,
2242 	struct zone_attrtab *newtabptr)
2243 {
2244 	int err;
2245 
2246 	if (oldtabptr == NULL || newtabptr == NULL)
2247 		return (Z_INVAL);
2248 
2249 	if ((err = operation_prep(handle)) != Z_OK)
2250 		return (err);
2251 
2252 	if ((err = zonecfg_delete_attr_core(handle, oldtabptr)) != Z_OK)
2253 		return (err);
2254 
2255 	if ((err = zonecfg_add_attr_core(handle, newtabptr)) != Z_OK)
2256 		return (err);
2257 
2258 	return (Z_OK);
2259 }
2260 
2261 int
2262 zonecfg_get_attr_boolean(const struct zone_attrtab *attr, boolean_t *value)
2263 {
2264 	if (attr == NULL)
2265 		return (Z_INVAL);
2266 
2267 	if (strcmp(attr->zone_attr_type, DTD_ENTITY_BOOLEAN) != 0)
2268 		return (Z_INVAL);
2269 
2270 	if (strcmp(attr->zone_attr_value, DTD_ENTITY_TRUE) == 0) {
2271 		*value = B_TRUE;
2272 		return (Z_OK);
2273 	}
2274 	if (strcmp(attr->zone_attr_value, DTD_ENTITY_FALSE) == 0) {
2275 		*value = B_FALSE;
2276 		return (Z_OK);
2277 	}
2278 	return (Z_INVAL);
2279 }
2280 
2281 int
2282 zonecfg_get_attr_int(const struct zone_attrtab *attr, int64_t *value)
2283 {
2284 	long long result;
2285 	char *endptr;
2286 
2287 	if (attr == NULL)
2288 		return (Z_INVAL);
2289 
2290 	if (strcmp(attr->zone_attr_type, DTD_ENTITY_INT) != 0)
2291 		return (Z_INVAL);
2292 
2293 	errno = 0;
2294 	result = strtoll(attr->zone_attr_value, &endptr, 10);
2295 	if (errno != 0 || *endptr != '\0')
2296 		return (Z_INVAL);
2297 	*value = result;
2298 	return (Z_OK);
2299 }
2300 
2301 int
2302 zonecfg_get_attr_string(const struct zone_attrtab *attr, char *value,
2303     size_t val_sz)
2304 {
2305 	if (attr == NULL)
2306 		return (Z_INVAL);
2307 
2308 	if (strcmp(attr->zone_attr_type, DTD_ENTITY_STRING) != 0)
2309 		return (Z_INVAL);
2310 
2311 	if (strlcpy(value, attr->zone_attr_value, val_sz) >= val_sz)
2312 		return (Z_TOO_BIG);
2313 	return (Z_OK);
2314 }
2315 
2316 int
2317 zonecfg_get_attr_uint(const struct zone_attrtab *attr, uint64_t *value)
2318 {
2319 	unsigned long long result;
2320 	long long neg_result;
2321 	char *endptr;
2322 
2323 	if (attr == NULL)
2324 		return (Z_INVAL);
2325 
2326 	if (strcmp(attr->zone_attr_type, DTD_ENTITY_UINT) != 0)
2327 		return (Z_INVAL);
2328 
2329 	errno = 0;
2330 	result = strtoull(attr->zone_attr_value, &endptr, 10);
2331 	if (errno != 0 || *endptr != '\0')
2332 		return (Z_INVAL);
2333 	errno = 0;
2334 	neg_result = strtoll(attr->zone_attr_value, &endptr, 10);
2335 	/*
2336 	 * Incredibly, strtoull("<negative number>", ...) will not fail but
2337 	 * return whatever (negative) number cast as a u_longlong_t, so we
2338 	 * need to look for this here.
2339 	 */
2340 	if (errno == 0 && neg_result < 0)
2341 		return (Z_INVAL);
2342 	*value = result;
2343 	return (Z_OK);
2344 }
2345 
2346 int
2347 zonecfg_lookup_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
2348 {
2349 	xmlNodePtr cur, val;
2350 	char savedname[MAXNAMELEN];
2351 	struct zone_rctlvaltab *valptr;
2352 	int err;
2353 
2354 	if (tabptr->zone_rctl_name == NULL ||
2355 	    strlen(tabptr->zone_rctl_name) == 0)
2356 		return (Z_INVAL);
2357 
2358 	if ((err = operation_prep(handle)) != Z_OK)
2359 		return (err);
2360 
2361 	cur = handle->zone_dh_cur;
2362 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2363 		if (xmlStrcmp(cur->name, DTD_ELEM_RCTL))
2364 			continue;
2365 		if ((fetchprop(cur, DTD_ATTR_NAME, savedname,
2366 		    sizeof (savedname)) == Z_OK) &&
2367 		    (strcmp(savedname, tabptr->zone_rctl_name) == 0)) {
2368 			tabptr->zone_rctl_valptr = NULL;
2369 			for (val = cur->xmlChildrenNode; val != NULL;
2370 			    val = val->next) {
2371 				valptr = (struct zone_rctlvaltab *)malloc(
2372 				    sizeof (struct zone_rctlvaltab));
2373 				if (valptr == NULL)
2374 					return (Z_NOMEM);
2375 				if ((fetchprop(val, DTD_ATTR_PRIV,
2376 				    valptr->zone_rctlval_priv,
2377 				    sizeof (valptr->zone_rctlval_priv)) !=
2378 				    Z_OK))
2379 					break;
2380 				if ((fetchprop(val, DTD_ATTR_LIMIT,
2381 				    valptr->zone_rctlval_limit,
2382 				    sizeof (valptr->zone_rctlval_limit)) !=
2383 				    Z_OK))
2384 					break;
2385 				if ((fetchprop(val, DTD_ATTR_ACTION,
2386 				    valptr->zone_rctlval_action,
2387 				    sizeof (valptr->zone_rctlval_action)) !=
2388 				    Z_OK))
2389 					break;
2390 				if (zonecfg_add_rctl_value(tabptr, valptr) !=
2391 				    Z_OK)
2392 					break;
2393 			}
2394 			return (Z_OK);
2395 		}
2396 	}
2397 	return (Z_NO_RESOURCE_ID);
2398 }
2399 
2400 static int
2401 zonecfg_add_rctl_core(zone_dochandle_t handle, struct zone_rctltab *tabptr)
2402 {
2403 	xmlNodePtr newnode, cur = handle->zone_dh_cur, valnode;
2404 	struct zone_rctlvaltab *valptr;
2405 	int err;
2406 
2407 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_RCTL, NULL);
2408 	err = newprop(newnode, DTD_ATTR_NAME, tabptr->zone_rctl_name);
2409 	if (err != Z_OK)
2410 		return (err);
2411 	for (valptr = tabptr->zone_rctl_valptr; valptr != NULL;
2412 	    valptr = valptr->zone_rctlval_next) {
2413 		valnode = xmlNewTextChild(newnode, NULL,
2414 		    DTD_ELEM_RCTLVALUE, NULL);
2415 		err = newprop(valnode, DTD_ATTR_PRIV,
2416 		    valptr->zone_rctlval_priv);
2417 		if (err != Z_OK)
2418 			return (err);
2419 		err = newprop(valnode, DTD_ATTR_LIMIT,
2420 		    valptr->zone_rctlval_limit);
2421 		if (err != Z_OK)
2422 			return (err);
2423 		err = newprop(valnode, DTD_ATTR_ACTION,
2424 		    valptr->zone_rctlval_action);
2425 		if (err != Z_OK)
2426 			return (err);
2427 	}
2428 	return (Z_OK);
2429 }
2430 
2431 int
2432 zonecfg_add_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
2433 {
2434 	int err;
2435 
2436 	if (tabptr == NULL || tabptr->zone_rctl_name == NULL)
2437 		return (Z_INVAL);
2438 
2439 	if ((err = operation_prep(handle)) != Z_OK)
2440 		return (err);
2441 
2442 	if ((err = zonecfg_add_rctl_core(handle, tabptr)) != Z_OK)
2443 		return (err);
2444 
2445 	return (Z_OK);
2446 }
2447 
2448 static int
2449 zonecfg_delete_rctl_core(zone_dochandle_t handle, struct zone_rctltab *tabptr)
2450 {
2451 	xmlNodePtr cur = handle->zone_dh_cur;
2452 	xmlChar *savedname;
2453 	int name_result;
2454 
2455 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2456 		if (xmlStrcmp(cur->name, DTD_ELEM_RCTL))
2457 			continue;
2458 
2459 		savedname = xmlGetProp(cur, DTD_ATTR_NAME);
2460 		if (savedname == NULL)	/* shouldn't happen */
2461 			continue;
2462 		name_result = xmlStrcmp(savedname,
2463 		    (const xmlChar *) tabptr->zone_rctl_name);
2464 		xmlFree(savedname);
2465 
2466 		if (name_result == 0) {
2467 			xmlUnlinkNode(cur);
2468 			xmlFreeNode(cur);
2469 			return (Z_OK);
2470 		}
2471 	}
2472 	return (Z_NO_RESOURCE_ID);
2473 }
2474 
2475 int
2476 zonecfg_delete_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
2477 {
2478 	int err;
2479 
2480 	if (tabptr == NULL || tabptr->zone_rctl_name == NULL)
2481 		return (Z_INVAL);
2482 
2483 	if ((err = operation_prep(handle)) != Z_OK)
2484 		return (err);
2485 
2486 	if ((err = zonecfg_delete_rctl_core(handle, tabptr)) != Z_OK)
2487 		return (err);
2488 
2489 	return (Z_OK);
2490 }
2491 
2492 int
2493 zonecfg_modify_rctl(
2494 	zone_dochandle_t handle,
2495 	struct zone_rctltab *oldtabptr,
2496 	struct zone_rctltab *newtabptr)
2497 {
2498 	int err;
2499 
2500 	if (oldtabptr == NULL || oldtabptr->zone_rctl_name == NULL ||
2501 	    newtabptr == NULL || newtabptr->zone_rctl_name == NULL)
2502 		return (Z_INVAL);
2503 
2504 	if ((err = operation_prep(handle)) != Z_OK)
2505 		return (err);
2506 
2507 	if ((err = zonecfg_delete_rctl_core(handle, oldtabptr)) != Z_OK)
2508 		return (err);
2509 
2510 	if ((err = zonecfg_add_rctl_core(handle, newtabptr)) != Z_OK)
2511 		return (err);
2512 
2513 	return (Z_OK);
2514 }
2515 
2516 int
2517 zonecfg_add_rctl_value(
2518 	struct zone_rctltab *tabptr,
2519 	struct zone_rctlvaltab *valtabptr)
2520 {
2521 	struct zone_rctlvaltab *last, *old, *new;
2522 	rctlblk_t *rctlblk = alloca(rctlblk_size());
2523 
2524 	last = tabptr->zone_rctl_valptr;
2525 	for (old = last; old != NULL; old = old->zone_rctlval_next)
2526 		last = old;	/* walk to the end of the list */
2527 	new = valtabptr;	/* alloc'd by caller */
2528 	new->zone_rctlval_next = NULL;
2529 	if (zonecfg_construct_rctlblk(valtabptr, rctlblk) != Z_OK)
2530 		return (Z_INVAL);
2531 	if (!zonecfg_valid_rctlblk(rctlblk))
2532 		return (Z_INVAL);
2533 	if (last == NULL)
2534 		tabptr->zone_rctl_valptr = new;
2535 	else
2536 		last->zone_rctlval_next = new;
2537 	return (Z_OK);
2538 }
2539 
2540 int
2541 zonecfg_remove_rctl_value(
2542 	struct zone_rctltab *tabptr,
2543 	struct zone_rctlvaltab *valtabptr)
2544 {
2545 	struct zone_rctlvaltab *last, *this, *next;
2546 
2547 	last = tabptr->zone_rctl_valptr;
2548 	for (this = last; this != NULL; this = this->zone_rctlval_next) {
2549 		if (strcmp(this->zone_rctlval_priv,
2550 		    valtabptr->zone_rctlval_priv) == 0 &&
2551 		    strcmp(this->zone_rctlval_limit,
2552 		    valtabptr->zone_rctlval_limit) == 0 &&
2553 		    strcmp(this->zone_rctlval_action,
2554 		    valtabptr->zone_rctlval_action) == 0) {
2555 			next = this->zone_rctlval_next;
2556 			if (this == tabptr->zone_rctl_valptr)
2557 				tabptr->zone_rctl_valptr = next;
2558 			else
2559 				last->zone_rctlval_next = next;
2560 			free(this);
2561 			return (Z_OK);
2562 		} else
2563 			last = this;
2564 	}
2565 	return (Z_NO_PROPERTY_ID);
2566 }
2567 
2568 char *
2569 zonecfg_strerror(int errnum)
2570 {
2571 	switch (errnum) {
2572 	case Z_OK:
2573 		return (dgettext(TEXT_DOMAIN, "OK"));
2574 	case Z_EMPTY_DOCUMENT:
2575 		return (dgettext(TEXT_DOMAIN, "Empty document"));
2576 	case Z_WRONG_DOC_TYPE:
2577 		return (dgettext(TEXT_DOMAIN, "Wrong document type"));
2578 	case Z_BAD_PROPERTY:
2579 		return (dgettext(TEXT_DOMAIN, "Bad document property"));
2580 	case Z_TEMP_FILE:
2581 		return (dgettext(TEXT_DOMAIN,
2582 		    "Problem creating temporary file"));
2583 	case Z_SAVING_FILE:
2584 		return (dgettext(TEXT_DOMAIN, "Problem saving file"));
2585 	case Z_NO_ENTRY:
2586 		return (dgettext(TEXT_DOMAIN, "No such entry"));
2587 	case Z_BOGUS_ZONE_NAME:
2588 		return (dgettext(TEXT_DOMAIN, "Bogus zone name"));
2589 	case Z_REQD_RESOURCE_MISSING:
2590 		return (dgettext(TEXT_DOMAIN, "Required resource missing"));
2591 	case Z_REQD_PROPERTY_MISSING:
2592 		return (dgettext(TEXT_DOMAIN, "Required property missing"));
2593 	case Z_BAD_HANDLE:
2594 		return (dgettext(TEXT_DOMAIN, "Bad handle"));
2595 	case Z_NOMEM:
2596 		return (dgettext(TEXT_DOMAIN, "Out of memory"));
2597 	case Z_INVAL:
2598 		return (dgettext(TEXT_DOMAIN, "Invalid argument"));
2599 	case Z_ACCES:
2600 		return (dgettext(TEXT_DOMAIN, "Permission denied"));
2601 	case Z_TOO_BIG:
2602 		return (dgettext(TEXT_DOMAIN, "Argument list too long"));
2603 	case Z_MISC_FS:
2604 		return (dgettext(TEXT_DOMAIN,
2605 		    "Miscellaneous file system error"));
2606 	case Z_NO_ZONE:
2607 		return (dgettext(TEXT_DOMAIN, "No such zone configured"));
2608 	case Z_NO_RESOURCE_TYPE:
2609 		return (dgettext(TEXT_DOMAIN, "No such resource type"));
2610 	case Z_NO_RESOURCE_ID:
2611 		return (dgettext(TEXT_DOMAIN, "No such resource with that id"));
2612 	case Z_NO_PROPERTY_TYPE:
2613 		return (dgettext(TEXT_DOMAIN, "No such property type"));
2614 	case Z_NO_PROPERTY_ID:
2615 		return (dgettext(TEXT_DOMAIN, "No such property with that id"));
2616 	case Z_BAD_ZONE_STATE:
2617 		return (dgettext(TEXT_DOMAIN,
2618 		    "Zone state is invalid for the requested operation"));
2619 	case Z_INVALID_DOCUMENT:
2620 		return (dgettext(TEXT_DOMAIN, "Invalid document"));
2621 	case Z_NAME_IN_USE:
2622 		return (dgettext(TEXT_DOMAIN, "Zone name already in use"));
2623 	case Z_NO_SUCH_ID:
2624 		return (dgettext(TEXT_DOMAIN, "No such zone ID"));
2625 	case Z_UPDATING_INDEX:
2626 		return (dgettext(TEXT_DOMAIN, "Problem updating index file"));
2627 	case Z_LOCKING_FILE:
2628 		return (dgettext(TEXT_DOMAIN, "Locking index file"));
2629 	case Z_UNLOCKING_FILE:
2630 		return (dgettext(TEXT_DOMAIN, "Unlocking index file"));
2631 	case Z_INSUFFICIENT_SPEC:
2632 		return (dgettext(TEXT_DOMAIN, "Insufficient specification"));
2633 	case Z_RESOLVED_PATH:
2634 		return (dgettext(TEXT_DOMAIN, "Resolved path mismatch"));
2635 	case Z_IPV6_ADDR_PREFIX_LEN:
2636 		return (dgettext(TEXT_DOMAIN,
2637 		    "IPv6 address missing required prefix length"));
2638 	case Z_BOGUS_ADDRESS:
2639 		return (dgettext(TEXT_DOMAIN,
2640 		    "Neither an IPv4 nor an IPv6 address nor a host name"));
2641 	default:
2642 		return (dgettext(TEXT_DOMAIN, "Unknown error"));
2643 	}
2644 }
2645 
2646 /*
2647  * Note that the zonecfg_setXent() and zonecfg_endXent() calls are all the
2648  * same, as they just turn around and call zonecfg_setent() / zonecfg_endent().
2649  */
2650 
2651 static int
2652 zonecfg_setent(zone_dochandle_t handle)
2653 {
2654 	xmlNodePtr cur;
2655 	int err;
2656 
2657 	if (handle == NULL)
2658 		return (Z_INVAL);
2659 
2660 	if ((err = operation_prep(handle)) != Z_OK) {
2661 		handle->zone_dh_cur = NULL;
2662 		return (err);
2663 	}
2664 	cur = handle->zone_dh_cur;
2665 	cur = cur->xmlChildrenNode;
2666 	handle->zone_dh_cur = cur;
2667 	return (Z_OK);
2668 }
2669 
2670 static int
2671 zonecfg_endent(zone_dochandle_t handle)
2672 {
2673 	if (handle == NULL)
2674 		return (Z_INVAL);
2675 
2676 	handle->zone_dh_cur = handle->zone_dh_top;
2677 	return (Z_OK);
2678 }
2679 
2680 int
2681 zonecfg_setfsent(zone_dochandle_t handle)
2682 {
2683 	return (zonecfg_setent(handle));
2684 }
2685 
2686 int
2687 zonecfg_getfsent(zone_dochandle_t handle, struct zone_fstab *tabptr)
2688 {
2689 	xmlNodePtr cur, options;
2690 	char options_str[MAX_MNTOPT_STR];
2691 	int err;
2692 
2693 	if (handle == NULL)
2694 		return (Z_INVAL);
2695 
2696 	if ((cur = handle->zone_dh_cur) == NULL)
2697 		return (Z_NO_ENTRY);
2698 
2699 	for (; cur != NULL; cur = cur->next)
2700 		if (!xmlStrcmp(cur->name, DTD_ELEM_FS))
2701 			break;
2702 	if (cur == NULL) {
2703 		handle->zone_dh_cur = handle->zone_dh_top;
2704 		return (Z_NO_ENTRY);
2705 	}
2706 
2707 	if ((err = fetchprop(cur, DTD_ATTR_SPECIAL, tabptr->zone_fs_special,
2708 	    sizeof (tabptr->zone_fs_special))) != Z_OK) {
2709 		handle->zone_dh_cur = handle->zone_dh_top;
2710 		return (err);
2711 	}
2712 
2713 	if ((err = fetchprop(cur, DTD_ATTR_RAW, tabptr->zone_fs_raw,
2714 	    sizeof (tabptr->zone_fs_raw))) != Z_OK) {
2715 		handle->zone_dh_cur = handle->zone_dh_top;
2716 		return (err);
2717 	}
2718 
2719 	if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
2720 	    sizeof (tabptr->zone_fs_dir))) != Z_OK) {
2721 		handle->zone_dh_cur = handle->zone_dh_top;
2722 		return (err);
2723 	}
2724 
2725 	if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_fs_type,
2726 	    sizeof (tabptr->zone_fs_type))) != Z_OK) {
2727 		handle->zone_dh_cur = handle->zone_dh_top;
2728 		return (err);
2729 	}
2730 
2731 	/* OK for options to be NULL */
2732 	tabptr->zone_fs_options = NULL;
2733 	for (options = cur->xmlChildrenNode; options != NULL;
2734 	    options = options->next) {
2735 		if (fetchprop(options, DTD_ATTR_NAME, options_str,
2736 		    sizeof (options_str)) != Z_OK)
2737 			break;
2738 		if (zonecfg_add_fs_option(tabptr, options_str) != Z_OK)
2739 			break;
2740 	}
2741 
2742 	handle->zone_dh_cur = cur->next;
2743 	return (Z_OK);
2744 }
2745 
2746 int
2747 zonecfg_endfsent(zone_dochandle_t handle)
2748 {
2749 	return (zonecfg_endent(handle));
2750 }
2751 
2752 int
2753 zonecfg_setipdent(zone_dochandle_t handle)
2754 {
2755 	return (zonecfg_setent(handle));
2756 }
2757 
2758 int
2759 zonecfg_getipdent(zone_dochandle_t handle, struct zone_fstab *tabptr)
2760 {
2761 	xmlNodePtr cur;
2762 	int err;
2763 
2764 	if (handle == NULL)
2765 		return (Z_INVAL);
2766 
2767 	if ((cur = handle->zone_dh_cur) == NULL)
2768 		return (Z_NO_ENTRY);
2769 
2770 	for (; cur != NULL; cur = cur->next)
2771 		if (!xmlStrcmp(cur->name, DTD_ELEM_IPD))
2772 			break;
2773 	if (cur == NULL) {
2774 		handle->zone_dh_cur = handle->zone_dh_top;
2775 		return (Z_NO_ENTRY);
2776 	}
2777 
2778 	if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
2779 	    sizeof (tabptr->zone_fs_dir))) != Z_OK) {
2780 		handle->zone_dh_cur = handle->zone_dh_top;
2781 		return (err);
2782 	}
2783 
2784 	handle->zone_dh_cur = cur->next;
2785 	return (Z_OK);
2786 }
2787 
2788 int
2789 zonecfg_endipdent(zone_dochandle_t handle)
2790 {
2791 	return (zonecfg_endent(handle));
2792 }
2793 
2794 int
2795 zonecfg_setnwifent(zone_dochandle_t handle)
2796 {
2797 	return (zonecfg_setent(handle));
2798 }
2799 
2800 int
2801 zonecfg_getnwifent(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2802 {
2803 	xmlNodePtr cur;
2804 	int err;
2805 
2806 	if (handle == NULL)
2807 		return (Z_INVAL);
2808 
2809 	if ((cur = handle->zone_dh_cur) == NULL)
2810 		return (Z_NO_ENTRY);
2811 
2812 	for (; cur != NULL; cur = cur->next)
2813 		if (!xmlStrcmp(cur->name, DTD_ELEM_NET))
2814 			break;
2815 	if (cur == NULL) {
2816 		handle->zone_dh_cur = handle->zone_dh_top;
2817 		return (Z_NO_ENTRY);
2818 	}
2819 
2820 	if ((err = fetchprop(cur, DTD_ATTR_ADDRESS, tabptr->zone_nwif_address,
2821 	    sizeof (tabptr->zone_nwif_address))) != Z_OK) {
2822 		handle->zone_dh_cur = handle->zone_dh_top;
2823 		return (err);
2824 	}
2825 
2826 	if ((err = fetchprop(cur, DTD_ATTR_PHYSICAL, tabptr->zone_nwif_physical,
2827 	    sizeof (tabptr->zone_nwif_physical))) != Z_OK) {
2828 		handle->zone_dh_cur = handle->zone_dh_top;
2829 		return (err);
2830 	}
2831 
2832 	handle->zone_dh_cur = cur->next;
2833 	return (Z_OK);
2834 }
2835 
2836 int
2837 zonecfg_endnwifent(zone_dochandle_t handle)
2838 {
2839 	return (zonecfg_endent(handle));
2840 }
2841 
2842 int
2843 zonecfg_setdevent(zone_dochandle_t handle)
2844 {
2845 	return (zonecfg_setent(handle));
2846 }
2847 
2848 int
2849 zonecfg_getdevent(zone_dochandle_t handle, struct zone_devtab *tabptr)
2850 {
2851 	xmlNodePtr cur;
2852 	int err;
2853 
2854 	if (handle == NULL)
2855 		return (Z_INVAL);
2856 
2857 	if ((cur = handle->zone_dh_cur) == NULL)
2858 		return (Z_NO_ENTRY);
2859 
2860 	for (; cur != NULL; cur = cur->next)
2861 		if (!xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
2862 			break;
2863 	if (cur == NULL) {
2864 		handle->zone_dh_cur = handle->zone_dh_top;
2865 		return (Z_NO_ENTRY);
2866 	}
2867 
2868 	if ((err = fetchprop(cur, DTD_ATTR_MATCH, tabptr->zone_dev_match,
2869 	    sizeof (tabptr->zone_dev_match))) != Z_OK) {
2870 		handle->zone_dh_cur = handle->zone_dh_top;
2871 		return (err);
2872 	}
2873 
2874 	handle->zone_dh_cur = cur->next;
2875 	return (Z_OK);
2876 }
2877 
2878 int
2879 zonecfg_enddevent(zone_dochandle_t handle)
2880 {
2881 	return (zonecfg_endent(handle));
2882 }
2883 
2884 int
2885 zonecfg_setrctlent(zone_dochandle_t handle)
2886 {
2887 	return (zonecfg_setent(handle));
2888 }
2889 
2890 int
2891 zonecfg_getrctlent(zone_dochandle_t handle, struct zone_rctltab *tabptr)
2892 {
2893 	xmlNodePtr cur, val;
2894 	struct zone_rctlvaltab *valptr;
2895 	int err;
2896 
2897 	if (handle == NULL)
2898 		return (Z_INVAL);
2899 
2900 	if ((cur = handle->zone_dh_cur) == NULL)
2901 		return (Z_NO_ENTRY);
2902 
2903 	for (; cur != NULL; cur = cur->next)
2904 		if (!xmlStrcmp(cur->name, DTD_ELEM_RCTL))
2905 			break;
2906 	if (cur == NULL) {
2907 		handle->zone_dh_cur = handle->zone_dh_top;
2908 		return (Z_NO_ENTRY);
2909 	}
2910 
2911 	if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_rctl_name,
2912 	    sizeof (tabptr->zone_rctl_name))) != Z_OK) {
2913 		handle->zone_dh_cur = handle->zone_dh_top;
2914 		return (err);
2915 	}
2916 
2917 	tabptr->zone_rctl_valptr = NULL;
2918 	for (val = cur->xmlChildrenNode; val != NULL; val = val->next) {
2919 		valptr = (struct zone_rctlvaltab *)malloc(
2920 		    sizeof (struct zone_rctlvaltab));
2921 		if (valptr == NULL)
2922 			return (Z_NOMEM);
2923 		if (fetchprop(val, DTD_ATTR_PRIV, valptr->zone_rctlval_priv,
2924 		    sizeof (valptr->zone_rctlval_priv)) != Z_OK)
2925 			break;
2926 		if (fetchprop(val, DTD_ATTR_LIMIT, valptr->zone_rctlval_limit,
2927 		    sizeof (valptr->zone_rctlval_limit)) != Z_OK)
2928 			break;
2929 		if (fetchprop(val, DTD_ATTR_ACTION, valptr->zone_rctlval_action,
2930 		    sizeof (valptr->zone_rctlval_action)) != Z_OK)
2931 			break;
2932 		if (zonecfg_add_rctl_value(tabptr, valptr) != Z_OK)
2933 			break;
2934 	}
2935 
2936 	handle->zone_dh_cur = cur->next;
2937 	return (Z_OK);
2938 }
2939 
2940 int
2941 zonecfg_endrctlent(zone_dochandle_t handle)
2942 {
2943 	return (zonecfg_endent(handle));
2944 }
2945 
2946 int
2947 zonecfg_setattrent(zone_dochandle_t handle)
2948 {
2949 	return (zonecfg_setent(handle));
2950 }
2951 
2952 int
2953 zonecfg_getattrent(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2954 {
2955 	xmlNodePtr cur;
2956 	int err;
2957 
2958 	if (handle == NULL)
2959 		return (Z_INVAL);
2960 
2961 	if ((cur = handle->zone_dh_cur) == NULL)
2962 		return (Z_NO_ENTRY);
2963 
2964 	for (; cur != NULL; cur = cur->next)
2965 		if (!xmlStrcmp(cur->name, DTD_ELEM_ATTR))
2966 			break;
2967 	if (cur == NULL) {
2968 		handle->zone_dh_cur = handle->zone_dh_top;
2969 		return (Z_NO_ENTRY);
2970 	}
2971 
2972 	if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_attr_name,
2973 	    sizeof (tabptr->zone_attr_name))) != Z_OK) {
2974 		handle->zone_dh_cur = handle->zone_dh_top;
2975 		return (err);
2976 	}
2977 
2978 	if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_attr_type,
2979 	    sizeof (tabptr->zone_attr_type))) != Z_OK) {
2980 		handle->zone_dh_cur = handle->zone_dh_top;
2981 		return (err);
2982 	}
2983 
2984 	if ((err = fetchprop(cur, DTD_ATTR_VALUE, tabptr->zone_attr_value,
2985 	    sizeof (tabptr->zone_attr_value))) != Z_OK) {
2986 		handle->zone_dh_cur = handle->zone_dh_top;
2987 		return (err);
2988 	}
2989 
2990 	handle->zone_dh_cur = cur->next;
2991 	return (Z_OK);
2992 }
2993 
2994 int
2995 zonecfg_endattrent(zone_dochandle_t handle)
2996 {
2997 	return (zonecfg_endent(handle));
2998 }
2999 
3000 /* This will ultimately be configurable. */
3001 static const char *priv_list[] = {
3002 	PRIV_FILE_CHOWN,
3003 	PRIV_FILE_CHOWN_SELF,
3004 	PRIV_FILE_DAC_EXECUTE,
3005 	PRIV_FILE_DAC_READ,
3006 	PRIV_FILE_DAC_SEARCH,
3007 	PRIV_FILE_DAC_WRITE,
3008 	PRIV_FILE_OWNER,
3009 	PRIV_FILE_SETID,
3010 	PRIV_IPC_DAC_READ,
3011 	PRIV_IPC_DAC_WRITE,
3012 	PRIV_IPC_OWNER,
3013 	PRIV_NET_ICMPACCESS,
3014 	PRIV_NET_PRIVADDR,
3015 	PRIV_PROC_CHROOT,
3016 	PRIV_SYS_AUDIT,
3017 	PRIV_PROC_AUDIT,
3018 	PRIV_PROC_OWNER,
3019 	PRIV_PROC_SETID,
3020 	PRIV_PROC_TASKID,
3021 	PRIV_SYS_ACCT,
3022 	PRIV_SYS_ADMIN,
3023 	PRIV_SYS_MOUNT,
3024 	PRIV_SYS_NFS,
3025 	PRIV_SYS_RESOURCE,
3026 	PRIV_CONTRACT_EVENT,
3027 	PRIV_CONTRACT_OBSERVER,
3028 	NULL
3029 };
3030 
3031 int
3032 zonecfg_get_privset(priv_set_t *privs)
3033 {
3034 	const char **strp;
3035 	priv_set_t *basic = priv_str_to_set("basic", ",", NULL);
3036 
3037 	if (basic == NULL)
3038 		return (Z_INVAL);
3039 
3040 	priv_union(basic, privs);
3041 	priv_freeset(basic);
3042 
3043 	for (strp = priv_list; *strp != NULL; strp++) {
3044 		if (priv_addset(privs, *strp) != 0) {
3045 			return (Z_INVAL);
3046 		}
3047 	}
3048 	return (Z_OK);
3049 }
3050 
3051 int
3052 zone_get_zonepath(char *zone_name, char *zonepath, size_t rp_sz)
3053 {
3054 	zone_dochandle_t handle;
3055 	boolean_t found = B_FALSE;
3056 	struct zoneent *ze;
3057 	FILE *cookie;
3058 	int err;
3059 	char *cp;
3060 
3061 	if (zone_name == NULL)
3062 		return (Z_INVAL);
3063 
3064 	(void) strlcpy(zonepath, zonecfg_root, rp_sz);
3065 	cp = zonepath + strlen(zonepath);
3066 	while (cp > zonepath && cp[-1] == '/')
3067 		*--cp = '\0';
3068 
3069 	if (strcmp(zone_name, GLOBAL_ZONENAME) == 0) {
3070 		if (zonepath[0] == '\0')
3071 			(void) strlcpy(zonepath, "/", rp_sz);
3072 		return (Z_OK);
3073 	}
3074 
3075 	/*
3076 	 * First check the index file.  Because older versions did not have
3077 	 * a copy of the zone path, allow for it to be zero length, in which
3078 	 * case we ignore this result and fall back to the XML files.
3079 	 */
3080 	cookie = setzoneent();
3081 	while ((ze = getzoneent_private(cookie)) != NULL) {
3082 		if (strcmp(ze->zone_name, zone_name) == 0) {
3083 			found = B_TRUE;
3084 			if (ze->zone_path[0] != '\0')
3085 				(void) strlcpy(cp, ze->zone_path,
3086 				    rp_sz - (cp - zonepath));
3087 		}
3088 		free(ze);
3089 		if (found)
3090 			break;
3091 	}
3092 	endzoneent(cookie);
3093 	if (found && *cp != '\0')
3094 		return (Z_OK);
3095 
3096 	/* Fall back to the XML files. */
3097 	if ((handle = zonecfg_init_handle()) == NULL)
3098 		return (Z_NOMEM);
3099 
3100 	/*
3101 	 * Check the snapshot first: if a zone is running, its zonepath
3102 	 * may have changed.
3103 	 */
3104 	if (zonecfg_get_snapshot_handle(zone_name, handle) != Z_OK) {
3105 		if ((err = zonecfg_get_handle(zone_name, handle)) != Z_OK)
3106 			return (err);
3107 	}
3108 	err = zonecfg_get_zonepath(handle, zonepath, rp_sz);
3109 	zonecfg_fini_handle(handle);
3110 	return (err);
3111 }
3112 
3113 int
3114 zone_get_rootpath(char *zone_name, char *rootpath, size_t rp_sz)
3115 {
3116 	int err;
3117 
3118 	/* This function makes sense for non-global zones only. */
3119 	if (strcmp(zone_name, GLOBAL_ZONENAME) == 0)
3120 		return (Z_BOGUS_ZONE_NAME);
3121 	if ((err = zone_get_zonepath(zone_name, rootpath, rp_sz)) != Z_OK)
3122 		return (err);
3123 	if (strlcat(rootpath, "/root", rp_sz) >= rp_sz)
3124 		return (Z_TOO_BIG);
3125 	return (Z_OK);
3126 }
3127 
3128 static zone_state_t
3129 kernel_state_to_user_state(zoneid_t zoneid, zone_status_t kernel_state)
3130 {
3131 	char zoneroot[MAXPATHLEN];
3132 	size_t zlen;
3133 
3134 	assert(kernel_state <= ZONE_MAX_STATE);
3135 	switch (kernel_state) {
3136 		case ZONE_IS_UNINITIALIZED:
3137 			return (ZONE_STATE_READY);
3138 		case ZONE_IS_READY:
3139 			/*
3140 			 * If the zone's root is mounted on $ZONEPATH/lu, then
3141 			 * it's a mounted scratch zone.
3142 			 */
3143 			if (zone_getattr(zoneid, ZONE_ATTR_ROOT, zoneroot,
3144 			    sizeof (zoneroot)) >= 0) {
3145 				zlen = strlen(zoneroot);
3146 				if (zlen > 3 &&
3147 				    strcmp(zoneroot + zlen - 3, "/lu") == 0)
3148 					return (ZONE_STATE_MOUNTED);
3149 			}
3150 			return (ZONE_STATE_READY);
3151 		case ZONE_IS_BOOTING:
3152 		case ZONE_IS_RUNNING:
3153 			return (ZONE_STATE_RUNNING);
3154 		case ZONE_IS_SHUTTING_DOWN:
3155 		case ZONE_IS_EMPTY:
3156 			return (ZONE_STATE_SHUTTING_DOWN);
3157 		case ZONE_IS_DOWN:
3158 		case ZONE_IS_DYING:
3159 		case ZONE_IS_DEAD:
3160 		default:
3161 			return (ZONE_STATE_DOWN);
3162 	}
3163 	/* NOTREACHED */
3164 }
3165 
3166 int
3167 zone_get_state(char *zone_name, zone_state_t *state_num)
3168 {
3169 	zone_status_t status;
3170 	zoneid_t zone_id;
3171 	struct zoneent *ze;
3172 	boolean_t found = B_FALSE;
3173 	FILE *cookie;
3174 	char kernzone[ZONENAME_MAX];
3175 	FILE *fp;
3176 
3177 	if (zone_name == NULL)
3178 		return (Z_INVAL);
3179 
3180 	/*
3181 	 * If we're looking at an alternate root, then we need to query the
3182 	 * kernel using the scratch zone name.
3183 	 */
3184 	zone_id = -1;
3185 	if (*zonecfg_root != '\0' && !zonecfg_is_scratch(zone_name)) {
3186 		if ((fp = zonecfg_open_scratch("", B_FALSE)) != NULL) {
3187 			if (zonecfg_find_scratch(fp, zone_name, zonecfg_root,
3188 			    kernzone, sizeof (kernzone)) == 0)
3189 				zone_id = getzoneidbyname(kernzone);
3190 			zonecfg_close_scratch(fp);
3191 		}
3192 	} else {
3193 		zone_id = getzoneidbyname(zone_name);
3194 	}
3195 
3196 	/* check to see if zone is running */
3197 	if (zone_id != -1 &&
3198 	    zone_getattr(zone_id, ZONE_ATTR_STATUS, &status,
3199 	    sizeof (status)) >= 0) {
3200 		*state_num = kernel_state_to_user_state(zone_id, status);
3201 		return (Z_OK);
3202 	}
3203 
3204 	cookie = setzoneent();
3205 	while ((ze = getzoneent_private(cookie)) != NULL) {
3206 		if (strcmp(ze->zone_name, zone_name) == 0) {
3207 			found = B_TRUE;
3208 			*state_num = ze->zone_state;
3209 		}
3210 		free(ze);
3211 		if (found)
3212 			break;
3213 	}
3214 	endzoneent(cookie);
3215 	return ((found) ? Z_OK : Z_NO_ZONE);
3216 }
3217 
3218 int
3219 zone_set_state(char *zone, zone_state_t state)
3220 {
3221 	struct zoneent ze;
3222 
3223 	if (state != ZONE_STATE_CONFIGURED && state != ZONE_STATE_INSTALLED &&
3224 	    state != ZONE_STATE_INCOMPLETE)
3225 		return (Z_INVAL);
3226 
3227 	bzero(&ze, sizeof (ze));
3228 	(void) strlcpy(ze.zone_name, zone, sizeof (ze.zone_name));
3229 	ze.zone_state = state;
3230 	(void) strlcpy(ze.zone_path, "", sizeof (ze.zone_path));
3231 	return (putzoneent(&ze, PZE_MODIFY));
3232 }
3233 
3234 /*
3235  * Get id (if any) for specified zone.  There are four possible outcomes:
3236  * - If the string corresponds to the numeric id of an active (booted)
3237  *   zone, sets *zip to the zone id and returns 0.
3238  * - If the string corresponds to the name of an active (booted) zone,
3239  *   sets *zip to the zone id and returns 0.
3240  * - If the string is a name in the configuration but is not booted,
3241  *   sets *zip to ZONE_ID_UNDEFINED and returns 0.
3242  * - Otherwise, leaves *zip unchanged and returns -1.
3243  *
3244  * This function acts as an auxiliary filter on the function of the same
3245  * name in libc; the linker binds to this version if libzonecfg exists,
3246  * and the libc version if it doesn't.  Any changes to this version of
3247  * the function should probably be reflected in the libc version as well.
3248  */
3249 int
3250 zone_get_id(const char *str, zoneid_t *zip)
3251 {
3252 	zone_dochandle_t hdl;
3253 	zoneid_t zoneid;
3254 	char *cp;
3255 	int err;
3256 
3257 	/* first try looking for active zone by id */
3258 	errno = 0;
3259 	zoneid = (zoneid_t)strtol(str, &cp, 0);
3260 	if (errno == 0 && cp != str && *cp == '\0' &&
3261 	    getzonenamebyid(zoneid, NULL, 0) != -1) {
3262 		*zip = zoneid;
3263 		return (0);
3264 	}
3265 
3266 	/* then look for active zone by name */
3267 	if ((zoneid = getzoneidbyname(str)) != -1) {
3268 		*zip = zoneid;
3269 		return (0);
3270 	}
3271 
3272 	/* if in global zone, try looking up name in configuration database */
3273 	if (getzoneid() != GLOBAL_ZONEID ||
3274 	    (hdl = zonecfg_init_handle()) == NULL)
3275 		return (-1);
3276 
3277 	if (zonecfg_get_handle(str, hdl) == Z_OK) {
3278 		/* zone exists but isn't active */
3279 		*zip = ZONE_ID_UNDEFINED;
3280 		err = 0;
3281 	} else {
3282 		err = -1;
3283 	}
3284 
3285 	zonecfg_fini_handle(hdl);
3286 	return (err);
3287 }
3288 
3289 char *
3290 zone_state_str(zone_state_t state_num)
3291 {
3292 	switch (state_num) {
3293 	case ZONE_STATE_CONFIGURED:
3294 		return (ZONE_STATE_STR_CONFIGURED);
3295 	case ZONE_STATE_INCOMPLETE:
3296 		return (ZONE_STATE_STR_INCOMPLETE);
3297 	case ZONE_STATE_INSTALLED:
3298 		return (ZONE_STATE_STR_INSTALLED);
3299 	case ZONE_STATE_READY:
3300 		return (ZONE_STATE_STR_READY);
3301 	case ZONE_STATE_MOUNTED:
3302 		return (ZONE_STATE_STR_MOUNTED);
3303 	case ZONE_STATE_RUNNING:
3304 		return (ZONE_STATE_STR_RUNNING);
3305 	case ZONE_STATE_SHUTTING_DOWN:
3306 		return (ZONE_STATE_STR_SHUTTING_DOWN);
3307 	case ZONE_STATE_DOWN:
3308 		return (ZONE_STATE_STR_DOWN);
3309 	default:
3310 		return ("unknown");
3311 	}
3312 }
3313 
3314 /*
3315  * Given a UUID value, find an associated zone name.  This is intended to be
3316  * used by callers who set up some 'default' name (corresponding to the
3317  * expected name for the zone) in the zonename buffer, and thus the function
3318  * doesn't touch this buffer on failure.
3319  */
3320 int
3321 zonecfg_get_name_by_uuid(const uuid_t uuid, char *zonename, size_t namelen)
3322 {
3323 	FILE *fp;
3324 	struct zoneent *ze;
3325 
3326 	/*
3327 	 * A small amount of subterfuge via casts is necessary here because
3328 	 * libuuid doesn't use const correctly, but we don't want to export
3329 	 * this brokenness to our clients.
3330 	 */
3331 	if (uuid_is_null(*(uuid_t *)&uuid))
3332 		return (Z_NO_ZONE);
3333 	if ((fp = setzoneent()) == NULL)
3334 		return (Z_NO_ZONE);
3335 	while ((ze = getzoneent_private(fp)) != NULL) {
3336 		if (uuid_compare(*(uuid_t *)&uuid, ze->zone_uuid) == 0)
3337 			break;
3338 		free(ze);
3339 	}
3340 	endzoneent(fp);
3341 	if (ze != NULL) {
3342 		(void) strlcpy(zonename, ze->zone_name, namelen);
3343 		free(ze);
3344 		return (Z_OK);
3345 	} else {
3346 		return (Z_NO_ZONE);
3347 	}
3348 }
3349 
3350 /*
3351  * Given a zone name, get its UUID.  Returns a "NULL" UUID value if the zone
3352  * exists but the file doesn't have a value set yet.  Returns an error if the
3353  * zone cannot be located.
3354  */
3355 int
3356 zonecfg_get_uuid(const char *zonename, uuid_t uuid)
3357 {
3358 	FILE *fp;
3359 	struct zoneent *ze;
3360 
3361 	if ((fp = setzoneent()) == NULL)
3362 		return (Z_NO_ZONE);
3363 	while ((ze = getzoneent_private(fp)) != NULL) {
3364 		if (strcmp(ze->zone_name, zonename) == 0)
3365 			break;
3366 		free(ze);
3367 	}
3368 	endzoneent(fp);
3369 	if (ze != NULL) {
3370 		uuid_copy(uuid, ze->zone_uuid);
3371 		free(ze);
3372 		return (Z_OK);
3373 	} else {
3374 		return (Z_NO_ZONE);
3375 	}
3376 }
3377 
3378 /*
3379  * File-system convenience functions.
3380  */
3381 boolean_t
3382 zonecfg_valid_fs_type(const char *type)
3383 {
3384 	/*
3385 	 * We already know which FS types don't work.
3386 	 */
3387 	if (strcmp(type, "proc") == 0 ||
3388 	    strcmp(type, "mntfs") == 0 ||
3389 	    strcmp(type, "autofs") == 0 ||
3390 	    strncmp(type, "nfs", sizeof ("nfs") - 1) == 0 ||
3391 	    strcmp(type, "cachefs") == 0)
3392 		return (B_FALSE);
3393 	/*
3394 	 * The caller may do more detailed verification to make sure other
3395 	 * aspects of this filesystem type make sense.
3396 	 */
3397 	return (B_TRUE);
3398 }
3399 
3400 /*
3401  * Generally uninteresting rctl convenience functions.
3402  */
3403 
3404 int
3405 zonecfg_construct_rctlblk(const struct zone_rctlvaltab *rctlval,
3406     rctlblk_t *rctlblk)
3407 {
3408 	unsigned long long ull;
3409 	char *endp;
3410 	rctl_priv_t priv;
3411 	rctl_qty_t limit;
3412 	uint_t action;
3413 
3414 	/* Get the privilege */
3415 	if (strcmp(rctlval->zone_rctlval_priv, "basic") == 0) {
3416 		priv = RCPRIV_BASIC;
3417 	} else if (strcmp(rctlval->zone_rctlval_priv, "privileged") == 0) {
3418 		priv = RCPRIV_PRIVILEGED;
3419 	} else {
3420 		/* Invalid privilege */
3421 		return (Z_INVAL);
3422 	}
3423 
3424 	/* deal with negative input; strtoull(3c) doesn't do what we want */
3425 	if (rctlval->zone_rctlval_limit[0] == '-')
3426 		return (Z_INVAL);
3427 	/* Get the limit */
3428 	errno = 0;
3429 	ull = strtoull(rctlval->zone_rctlval_limit, &endp, 0);
3430 	if (errno != 0 || *endp != '\0') {
3431 		/* parse failed */
3432 		return (Z_INVAL);
3433 	}
3434 	limit = (rctl_qty_t)ull;
3435 
3436 	/* Get the action */
3437 	if (strcmp(rctlval->zone_rctlval_action, "none") == 0) {
3438 		action = RCTL_LOCAL_NOACTION;
3439 	} else if (strcmp(rctlval->zone_rctlval_action, "signal") == 0) {
3440 		action = RCTL_LOCAL_SIGNAL;
3441 	} else if (strcmp(rctlval->zone_rctlval_action, "deny") == 0) {
3442 		action = RCTL_LOCAL_DENY;
3443 	} else {
3444 		/* Invalid Action */
3445 		return (Z_INVAL);
3446 	}
3447 	rctlblk_set_local_action(rctlblk, action, 0);
3448 	rctlblk_set_privilege(rctlblk, priv);
3449 	rctlblk_set_value(rctlblk, limit);
3450 	return (Z_OK);
3451 }
3452 
3453 static int
3454 rctl_check(const char *rctlname, void *arg)
3455 {
3456 	const char *attrname = arg;
3457 
3458 	/*
3459 	 * Returning 1 here is our signal to zonecfg_is_rctl() that it is
3460 	 * indeed an rctl name recognized by the system.
3461 	 */
3462 	return (strcmp(rctlname, attrname) == 0 ? 1 : 0);
3463 }
3464 
3465 boolean_t
3466 zonecfg_is_rctl(const char *name)
3467 {
3468 	return (rctl_walk(rctl_check, (void *)name) == 1);
3469 }
3470 
3471 boolean_t
3472 zonecfg_valid_rctlname(const char *name)
3473 {
3474 	const char *c;
3475 
3476 	if (strncmp(name, "zone.", sizeof ("zone.") - 1) != 0)
3477 		return (B_FALSE);
3478 	if (strlen(name) == sizeof ("zone.") - 1)
3479 		return (B_FALSE);
3480 	for (c = name + sizeof ("zone.") - 1; *c != '\0'; c++) {
3481 		if (!isalpha(*c) && *c != '-')
3482 			return (B_FALSE);
3483 	}
3484 	return (B_TRUE);
3485 }
3486 
3487 boolean_t
3488 zonecfg_valid_rctlblk(const rctlblk_t *rctlblk)
3489 {
3490 	rctl_priv_t priv = rctlblk_get_privilege((rctlblk_t *)rctlblk);
3491 	uint_t action = rctlblk_get_local_action((rctlblk_t *)rctlblk, NULL);
3492 
3493 	if (priv != RCPRIV_PRIVILEGED)
3494 		return (B_FALSE);
3495 	if (action != RCTL_LOCAL_NOACTION && action != RCTL_LOCAL_DENY)
3496 		return (B_FALSE);
3497 	return (B_TRUE);
3498 }
3499 
3500 boolean_t
3501 zonecfg_valid_rctl(const char *name, const rctlblk_t *rctlblk)
3502 {
3503 	rctlblk_t *current, *next;
3504 	rctl_qty_t limit = rctlblk_get_value((rctlblk_t *)rctlblk);
3505 	uint_t action = rctlblk_get_local_action((rctlblk_t *)rctlblk, NULL);
3506 	uint_t global_flags;
3507 
3508 	if (!zonecfg_valid_rctlblk(rctlblk))
3509 		return (B_FALSE);
3510 	if (!zonecfg_valid_rctlname(name))
3511 		return (B_FALSE);
3512 
3513 	current = alloca(rctlblk_size());
3514 	if (getrctl(name, NULL, current, RCTL_FIRST) != 0)
3515 		return (B_TRUE);	/* not an rctl on this system */
3516 	/*
3517 	 * Make sure the proposed value isn't greater than the current system
3518 	 * value.
3519 	 */
3520 	next = alloca(rctlblk_size());
3521 	while (rctlblk_get_privilege(current) != RCPRIV_SYSTEM) {
3522 		rctlblk_t *tmp;
3523 
3524 		if (getrctl(name, current, next, RCTL_NEXT) != 0)
3525 			return (B_FALSE);	/* shouldn't happen */
3526 		tmp = current;
3527 		current = next;
3528 		next = tmp;
3529 	}
3530 	if (limit > rctlblk_get_value(current))
3531 		return (B_FALSE);
3532 
3533 	/*
3534 	 * Make sure the proposed action is allowed.
3535 	 */
3536 	global_flags = rctlblk_get_global_flags(current);
3537 	if ((global_flags & RCTL_GLOBAL_DENY_NEVER) &&
3538 	    action == RCTL_LOCAL_DENY)
3539 		return (B_FALSE);
3540 	if ((global_flags & RCTL_GLOBAL_DENY_ALWAYS) &&
3541 	    action == RCTL_LOCAL_NOACTION)
3542 		return (B_FALSE);
3543 
3544 	return (B_TRUE);
3545 }
3546 
3547 /*
3548  * There is always a race condition between reading the initial copy of
3549  * a zones state and its state changing.  We address this by providing
3550  * zonecfg_notify_critical_enter and zonecfg_noticy_critical_exit functions.
3551  * When zonecfg_critical_enter is called, sets the state field to LOCKED
3552  * and aquires biglock. Biglock protects against other threads executing
3553  * critical_enter and the state field protects against state changes during
3554  * the critical period.
3555  *
3556  * If any state changes occur, zn_cb will set the failed field of the znotify
3557  * structure.  This will cause the critical_exit function to re-lock the
3558  * channel and return an error. Since evsnts may be delayed, the critical_exit
3559  * function "flushes" the queue by putting an event on the queue and waiting for
3560  * zn_cb to notify critical_exit that it received the ping event.
3561  */
3562 static const char *
3563 string_get_tok(const char *in, char delim, int num)
3564 {
3565 	int i = 0;
3566 
3567 	for (; i < num; in++) {
3568 		if (*in == delim)
3569 			i++;
3570 		if (*in == 0)
3571 			return (NULL);
3572 	}
3573 	return (in);
3574 }
3575 
3576 static boolean_t
3577 is_ping(sysevent_t *ev)
3578 {
3579 	if (strcmp(sysevent_get_subclass_name(ev),
3580 		ZONE_EVENT_PING_SUBCLASS) == 0) {
3581 		return (B_TRUE);
3582 	} else {
3583 		return (B_FALSE);
3584 	}
3585 }
3586 
3587 static boolean_t
3588 is_my_ping(sysevent_t *ev)
3589 {
3590 	const char *sender;
3591 	char mypid[sizeof (pid_t) * 3 + 1];
3592 
3593 	(void) snprintf(mypid, sizeof (mypid), "%i", getpid());
3594 	sender = string_get_tok(sysevent_get_pub(ev), ':', 3);
3595 	if (sender == NULL)
3596 		return (B_FALSE);
3597 	if (strcmp(sender, mypid) != 0)
3598 		return (B_FALSE);
3599 	return (B_TRUE);
3600 }
3601 
3602 static int
3603 do_callback(struct znotify *zevtchan, sysevent_t *ev)
3604 {
3605 	nvlist_t *l;
3606 	int zid;
3607 	char *zonename;
3608 	char *newstate;
3609 	char *oldstate;
3610 	int ret;
3611 	hrtime_t when;
3612 
3613 	if (strcmp(sysevent_get_subclass_name(ev),
3614 	    ZONE_EVENT_STATUS_SUBCLASS) == 0) {
3615 
3616 		if (sysevent_get_attr_list(ev, &l) != 0) {
3617 			if (errno == ENOMEM) {
3618 				zevtchan->zn_failure_count++;
3619 				return (EAGAIN);
3620 			}
3621 			return (0);
3622 		}
3623 		ret = 0;
3624 
3625 		if ((nvlist_lookup_string(l, ZONE_CB_NAME, &zonename) == 0) &&
3626 		    (nvlist_lookup_string(l, ZONE_CB_NEWSTATE, &newstate)
3627 			== 0) &&
3628 		    (nvlist_lookup_string(l, ZONE_CB_OLDSTATE, &oldstate)
3629 			== 0) &&
3630 		    (nvlist_lookup_uint64(l, ZONE_CB_TIMESTAMP,
3631 			    (uint64_t *)&when) == 0) &&
3632 		    (nvlist_lookup_int32(l, ZONE_CB_ZONEID, &zid) == 0)) {
3633 			ret = zevtchan->zn_callback(zonename, zid, newstate,
3634 			    oldstate, when, zevtchan->zn_private);
3635 		}
3636 
3637 		zevtchan->zn_failure_count = 0;
3638 		nvlist_free(l);
3639 		return (ret);
3640 	} else {
3641 		/*
3642 		 * We have received an event in an unknown subclass. Ignore.
3643 		 */
3644 		zevtchan->zn_failure_count = 0;
3645 		return (0);
3646 	}
3647 }
3648 
3649 static int
3650 zn_cb(sysevent_t *ev, void *p)
3651 {
3652 	struct znotify *zevtchan = p;
3653 	int error;
3654 
3655 	(void) pthread_mutex_lock(&(zevtchan->zn_mutex));
3656 
3657 	if (is_ping(ev) && !is_my_ping(ev)) {
3658 		(void) pthread_mutex_unlock((&zevtchan->zn_mutex));
3659 		return (0);
3660 	}
3661 
3662 	if (zevtchan->zn_state == ZN_LOCKED) {
3663 		assert(!is_ping(ev));
3664 		zevtchan->zn_failed = B_TRUE;
3665 		(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3666 		return (0);
3667 	}
3668 
3669 	if (zevtchan->zn_state == ZN_PING_INFLIGHT) {
3670 		if (is_ping(ev)) {
3671 			zevtchan->zn_state = ZN_PING_RECEIVED;
3672 			(void) pthread_cond_signal(&(zevtchan->zn_cond));
3673 			(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3674 			return (0);
3675 		} else {
3676 			zevtchan->zn_failed = B_TRUE;
3677 			(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3678 			return (0);
3679 		}
3680 	}
3681 
3682 	if (zevtchan->zn_state == ZN_UNLOCKED) {
3683 
3684 		error = do_callback(zevtchan, ev);
3685 		(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3686 		/*
3687 		 * Every ENOMEM failure causes do_callback to increment
3688 		 * zn_failure_count and every success causes it to
3689 		 * set zn_failure_count to zero.  If we got EAGAIN,
3690 		 * we will sleep for zn_failure_count seconds and return
3691 		 * EAGAIN to gpec to try again.
3692 		 *
3693 		 * After 55 seconds, or 10 try's we give up and drop the
3694 		 * event.
3695 		 */
3696 		if (error == EAGAIN) {
3697 			if (zevtchan->zn_failure_count > ZONE_CB_RETRY_COUNT) {
3698 				return (0);
3699 			}
3700 			(void) sleep(zevtchan->zn_failure_count);
3701 		}
3702 		return (error);
3703 	}
3704 
3705 	if (zevtchan->zn_state == ZN_PING_RECEIVED) {
3706 		(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3707 		return (0);
3708 	}
3709 
3710 	abort();
3711 	return (0);
3712 }
3713 
3714 void
3715 zonecfg_notify_critical_enter(void *h)
3716 {
3717 	struct znotify *zevtchan = h;
3718 
3719 	(void) pthread_mutex_lock(&(zevtchan->zn_bigmutex));
3720 	zevtchan->zn_state = ZN_LOCKED;
3721 }
3722 
3723 int
3724 zonecfg_notify_critical_exit(void * h)
3725 {
3726 
3727 	struct znotify *zevtchan = h;
3728 
3729 	if (zevtchan->zn_state == ZN_UNLOCKED)
3730 		return (0);
3731 
3732 	(void) pthread_mutex_lock(&(zevtchan->zn_mutex));
3733 	zevtchan->zn_state = ZN_PING_INFLIGHT;
3734 
3735 	sysevent_evc_publish(zevtchan->zn_eventchan, ZONE_EVENT_STATUS_CLASS,
3736 	    ZONE_EVENT_PING_SUBCLASS, ZONE_EVENT_PING_PUBLISHER,
3737 	    zevtchan->zn_subscriber_id, NULL, EVCH_SLEEP);
3738 
3739 	while (zevtchan->zn_state != ZN_PING_RECEIVED) {
3740 		(void) pthread_cond_wait(&(zevtchan->zn_cond),
3741 		    &(zevtchan->zn_mutex));
3742 	}
3743 
3744 	if (zevtchan->zn_failed == B_TRUE) {
3745 		zevtchan->zn_state = ZN_LOCKED;
3746 		zevtchan->zn_failed = B_FALSE;
3747 		(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3748 		return (1);
3749 	}
3750 
3751 	zevtchan->zn_state = ZN_UNLOCKED;
3752 	(void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
3753 	(void) pthread_mutex_unlock(&(zevtchan->zn_bigmutex));
3754 	return (0);
3755 }
3756 
3757 void
3758 zonecfg_notify_critical_abort(void *h)
3759 {
3760 	struct znotify *zevtchan = h;
3761 
3762 	zevtchan->zn_state = ZN_UNLOCKED;
3763 	zevtchan->zn_failed = B_FALSE;
3764 	/*
3765 	 * Don't do anything about zn_lock. If it is held, it could only be
3766 	 * held by zn_cb and it will be unlocked soon.
3767 	 */
3768 	(void) pthread_mutex_unlock(&(zevtchan->zn_bigmutex));
3769 }
3770 
3771 void *
3772 zonecfg_notify_bind(int(*func)(const char *zonename, zoneid_t zid,
3773     const char *newstate, const char *oldstate, hrtime_t when, void *p),
3774     void *p)
3775 {
3776 	struct znotify *zevtchan;
3777 	int i = 1;
3778 	int r;
3779 
3780 	zevtchan = malloc(sizeof (struct znotify));
3781 
3782 	if (zevtchan == NULL)
3783 		return (NULL);
3784 
3785 	zevtchan->zn_private = p;
3786 	zevtchan->zn_callback = func;
3787 	zevtchan->zn_state = ZN_UNLOCKED;
3788 	zevtchan->zn_failed = B_FALSE;
3789 
3790 	if (pthread_mutex_init(&(zevtchan->zn_mutex), NULL))
3791 		goto out2;
3792 	if (pthread_cond_init(&(zevtchan->zn_cond), NULL)) {
3793 		(void) pthread_mutex_destroy(&(zevtchan->zn_mutex));
3794 		goto out2;
3795 	}
3796 	if (pthread_mutex_init(&(zevtchan->zn_bigmutex), NULL)) {
3797 		(void) pthread_mutex_destroy(&(zevtchan->zn_mutex));
3798 		(void) pthread_cond_destroy(&(zevtchan->zn_cond));
3799 		goto out2;
3800 	}
3801 
3802 	if (sysevent_evc_bind(ZONE_EVENT_CHANNEL, &(zevtchan->zn_eventchan),
3803 		0) != 0)
3804 		goto out2;
3805 
3806 	do {
3807 		/*
3808 		 * At 4 digits the subscriber ID gets too long and we have
3809 		 * no chance of successfully registering.
3810 		 */
3811 		if (i > 999)
3812 			goto out;
3813 
3814 		(void) sprintf(zevtchan->zn_subscriber_id, "zone_%li_%i",
3815 		    getpid() % 999999l, i);
3816 
3817 		r = sysevent_evc_subscribe(zevtchan->zn_eventchan,
3818 		    zevtchan->zn_subscriber_id, ZONE_EVENT_STATUS_CLASS, zn_cb,
3819 		    zevtchan, 0);
3820 
3821 		i++;
3822 
3823 	} while (r);
3824 
3825 	return (zevtchan);
3826 out:
3827 	sysevent_evc_unbind(zevtchan->zn_eventchan);
3828 	(void) pthread_mutex_destroy(&zevtchan->zn_mutex);
3829 	(void) pthread_cond_destroy(&zevtchan->zn_cond);
3830 	(void) pthread_mutex_destroy(&(zevtchan->zn_bigmutex));
3831 out2:
3832 	free(zevtchan);
3833 
3834 	return (NULL);
3835 }
3836 
3837 void
3838 zonecfg_notify_unbind(void *handle)
3839 {
3840 
3841 	int ret;
3842 
3843 	sysevent_evc_unbind(((struct znotify *)handle)->zn_eventchan);
3844 	/*
3845 	 * Check that all evc threads have gone away. This should be
3846 	 * enforced by sysevent_evc_unbind.
3847 	 */
3848 	ret = pthread_mutex_trylock(&((struct znotify *)handle)->zn_mutex);
3849 
3850 	if (ret)
3851 		abort();
3852 
3853 	(void) pthread_mutex_unlock(&((struct znotify *)handle)->zn_mutex);
3854 	(void) pthread_mutex_destroy(&((struct znotify *)handle)->zn_mutex);
3855 	(void) pthread_cond_destroy(&((struct znotify *)handle)->zn_cond);
3856 	(void) pthread_mutex_destroy(&((struct znotify *)handle)->zn_bigmutex);
3857 
3858 	free(handle);
3859 }
3860 
3861 static int
3862 zonecfg_add_ds_core(zone_dochandle_t handle, struct zone_dstab *tabptr)
3863 {
3864 	xmlNodePtr newnode, cur = handle->zone_dh_cur;
3865 	int err;
3866 
3867 	newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DATASET, NULL);
3868 	if ((err = newprop(newnode, DTD_ATTR_NAME,
3869 	    tabptr->zone_dataset_name)) != Z_OK)
3870 		return (err);
3871 	return (Z_OK);
3872 }
3873 
3874 int
3875 zonecfg_add_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
3876 {
3877 	int err;
3878 
3879 	if (tabptr == NULL)
3880 		return (Z_INVAL);
3881 
3882 	if ((err = operation_prep(handle)) != Z_OK)
3883 		return (err);
3884 
3885 	if ((err = zonecfg_add_ds_core(handle, tabptr)) != Z_OK)
3886 		return (err);
3887 
3888 	return (Z_OK);
3889 }
3890 
3891 static int
3892 zonecfg_delete_ds_core(zone_dochandle_t handle, struct zone_dstab *tabptr)
3893 {
3894 	xmlNodePtr cur = handle->zone_dh_cur;
3895 
3896 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3897 		if (xmlStrcmp(cur->name, DTD_ELEM_DATASET))
3898 			continue;
3899 
3900 		if (match_prop(cur, DTD_ATTR_NAME,
3901 		    tabptr->zone_dataset_name)) {
3902 			xmlUnlinkNode(cur);
3903 			xmlFreeNode(cur);
3904 			return (Z_OK);
3905 		}
3906 	}
3907 	return (Z_NO_RESOURCE_ID);
3908 }
3909 
3910 int
3911 zonecfg_delete_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
3912 {
3913 	int err;
3914 
3915 	if (tabptr == NULL)
3916 		return (Z_INVAL);
3917 
3918 	if ((err = operation_prep(handle)) != Z_OK)
3919 		return (err);
3920 
3921 	if ((err = zonecfg_delete_ds_core(handle, tabptr)) != Z_OK)
3922 		return (err);
3923 
3924 	return (Z_OK);
3925 }
3926 
3927 int
3928 zonecfg_modify_ds(
3929 	zone_dochandle_t handle,
3930 	struct zone_dstab *oldtabptr,
3931 	struct zone_dstab *newtabptr)
3932 {
3933 	int err;
3934 
3935 	if (oldtabptr == NULL || newtabptr == NULL)
3936 		return (Z_INVAL);
3937 
3938 	if ((err = operation_prep(handle)) != Z_OK)
3939 		return (err);
3940 
3941 	if ((err = zonecfg_delete_ds_core(handle, oldtabptr)) != Z_OK)
3942 		return (err);
3943 
3944 	if ((err = zonecfg_add_ds_core(handle, newtabptr)) != Z_OK)
3945 		return (err);
3946 
3947 	return (Z_OK);
3948 }
3949 
3950 int
3951 zonecfg_lookup_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
3952 {
3953 	xmlNodePtr cur, firstmatch;
3954 	int err;
3955 	char dataset[MAXNAMELEN];
3956 
3957 	if (tabptr == NULL)
3958 		return (Z_INVAL);
3959 
3960 	if ((err = operation_prep(handle)) != Z_OK)
3961 		return (err);
3962 
3963 	cur = handle->zone_dh_cur;
3964 	firstmatch = NULL;
3965 	for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3966 		if (xmlStrcmp(cur->name, DTD_ELEM_DATASET))
3967 			continue;
3968 		if (strlen(tabptr->zone_dataset_name) > 0) {
3969 			if ((fetchprop(cur, DTD_ATTR_NAME, dataset,
3970 			    sizeof (dataset)) == Z_OK) &&
3971 			    (strcmp(tabptr->zone_dataset_name,
3972 			    dataset) == 0)) {
3973 				if (firstmatch == NULL)
3974 					firstmatch = cur;
3975 				else
3976 					return (Z_INSUFFICIENT_SPEC);
3977 			}
3978 		}
3979 	}
3980 	if (firstmatch == NULL)
3981 		return (Z_NO_RESOURCE_ID);
3982 
3983 	cur = firstmatch;
3984 
3985 	if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_dataset_name,
3986 	    sizeof (tabptr->zone_dataset_name))) != Z_OK)
3987 		return (err);
3988 
3989 	return (Z_OK);
3990 }
3991 
3992 int
3993 zonecfg_setdsent(zone_dochandle_t handle)
3994 {
3995 	return (zonecfg_setent(handle));
3996 }
3997 
3998 int
3999 zonecfg_getdsent(zone_dochandle_t handle, struct zone_dstab *tabptr)
4000 {
4001 	xmlNodePtr cur;
4002 	int err;
4003 
4004 	if (handle == NULL)
4005 		return (Z_INVAL);
4006 
4007 	if ((cur = handle->zone_dh_cur) == NULL)
4008 		return (Z_NO_ENTRY);
4009 
4010 	for (; cur != NULL; cur = cur->next)
4011 		if (!xmlStrcmp(cur->name, DTD_ELEM_DATASET))
4012 			break;
4013 	if (cur == NULL) {
4014 		handle->zone_dh_cur = handle->zone_dh_top;
4015 		return (Z_NO_ENTRY);
4016 	}
4017 
4018 	if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_dataset_name,
4019 	    sizeof (tabptr->zone_dataset_name))) != Z_OK) {
4020 		handle->zone_dh_cur = handle->zone_dh_top;
4021 		return (err);
4022 	}
4023 
4024 	handle->zone_dh_cur = cur->next;
4025 	return (Z_OK);
4026 }
4027 
4028 int
4029 zonecfg_enddsent(zone_dochandle_t handle)
4030 {
4031 	return (zonecfg_endent(handle));
4032 }
4033