16185db85Sdougm /* 26185db85Sdougm * CDDL HEADER START 36185db85Sdougm * 46185db85Sdougm * The contents of this file are subject to the terms of the 56185db85Sdougm * Common Development and Distribution License (the "License"). 66185db85Sdougm * You may not use this file except in compliance with the License. 76185db85Sdougm * 86185db85Sdougm * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 96185db85Sdougm * or http://www.opensolaris.org/os/licensing. 106185db85Sdougm * See the License for the specific language governing permissions 116185db85Sdougm * and limitations under the License. 126185db85Sdougm * 136185db85Sdougm * When distributing Covered Code, include this CDDL HEADER in each 146185db85Sdougm * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 156185db85Sdougm * If applicable, add the following below this CDDL HEADER, with the 166185db85Sdougm * fields enclosed by brackets "[]" replaced with your own identifying 176185db85Sdougm * information: Portions Copyright [yyyy] [name of copyright owner] 186185db85Sdougm * 196185db85Sdougm * CDDL HEADER END 206185db85Sdougm */ 216185db85Sdougm 226185db85Sdougm /* 23f345c0beSdougm * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 246185db85Sdougm * Use is subject to license terms. 256185db85Sdougm */ 266185db85Sdougm 276185db85Sdougm #pragma ident "%Z%%M% %I% %E% SMI" 286185db85Sdougm 296185db85Sdougm #include <sys/types.h> 306185db85Sdougm #include <sys/stat.h> 316185db85Sdougm #include <fcntl.h> 326185db85Sdougm #include <stdlib.h> 336185db85Sdougm #include <stdio.h> 346185db85Sdougm #include <string.h> 356185db85Sdougm #include <ctype.h> 366185db85Sdougm #include <unistd.h> 376185db85Sdougm #include <getopt.h> 386185db85Sdougm #include <utmpx.h> 396185db85Sdougm #include <pwd.h> 406185db85Sdougm #include <auth_attr.h> 416185db85Sdougm #include <secdb.h> 426185db85Sdougm #include <sys/param.h> 436185db85Sdougm #include <sys/stat.h> 446185db85Sdougm #include <errno.h> 456185db85Sdougm 466185db85Sdougm #include <libshare.h> 476185db85Sdougm #include "sharemgr.h" 486185db85Sdougm #include <libscf.h> 496185db85Sdougm #include <libxml/tree.h> 506185db85Sdougm #include <libintl.h> 516185db85Sdougm 526185db85Sdougm static char *sa_get_usage(sa_usage_t); 536185db85Sdougm 546185db85Sdougm /* 556185db85Sdougm * Implementation of the common sub-commands supported by sharemgr. 566185db85Sdougm * A number of helper functions are also included. 576185db85Sdougm */ 586185db85Sdougm 596185db85Sdougm /* 606185db85Sdougm * has_protocol(group, proto) 616185db85Sdougm * If the group has an optionset with the specified protocol, 626185db85Sdougm * return true (1) otherwise false (0). 636185db85Sdougm */ 646185db85Sdougm static int 656185db85Sdougm has_protocol(sa_group_t group, char *protocol) 666185db85Sdougm { 676185db85Sdougm sa_optionset_t optionset; 686185db85Sdougm int result = 0; 696185db85Sdougm 706185db85Sdougm optionset = sa_get_optionset(group, protocol); 716185db85Sdougm if (optionset != NULL) { 726185db85Sdougm result++; 736185db85Sdougm } 746185db85Sdougm return (result); 756185db85Sdougm } 766185db85Sdougm 776185db85Sdougm /* 786185db85Sdougm * add_list(list, item) 796185db85Sdougm * Adds a new list member that points to item to the list. 806185db85Sdougm * If list is NULL, it starts a new list. The function returns 816185db85Sdougm * the first member of the list. 826185db85Sdougm */ 836185db85Sdougm struct list * 846185db85Sdougm add_list(struct list *listp, void *item, void *data) 856185db85Sdougm { 866185db85Sdougm struct list *new, *tmp; 876185db85Sdougm 886185db85Sdougm new = malloc(sizeof (struct list)); 896185db85Sdougm if (new != NULL) { 906185db85Sdougm new->next = NULL; 916185db85Sdougm new->item = item; 926185db85Sdougm new->itemdata = data; 936185db85Sdougm } else { 946185db85Sdougm return (listp); 956185db85Sdougm } 966185db85Sdougm 976185db85Sdougm if (listp == NULL) 986185db85Sdougm return (new); 996185db85Sdougm 1006185db85Sdougm for (tmp = listp; tmp->next != NULL; tmp = tmp->next) { 1016185db85Sdougm /* get to end of list */ 1026185db85Sdougm } 1036185db85Sdougm tmp->next = new; 1046185db85Sdougm return (listp); 1056185db85Sdougm } 1066185db85Sdougm 1076185db85Sdougm /* 1086185db85Sdougm * free_list(list) 1096185db85Sdougm * Given a list, free all the members of the list; 1106185db85Sdougm */ 1116185db85Sdougm static void 1126185db85Sdougm free_list(struct list *listp) 1136185db85Sdougm { 1146185db85Sdougm struct list *tmp; 1156185db85Sdougm while (listp != NULL) { 1166185db85Sdougm tmp = listp; 1176185db85Sdougm listp = listp->next; 1186185db85Sdougm free(tmp); 1196185db85Sdougm } 1206185db85Sdougm } 1216185db85Sdougm 1226185db85Sdougm /* 1236185db85Sdougm * check_authorization(instname, which) 1246185db85Sdougm * 1256185db85Sdougm * Checks to see if the specific type of authorization in which is 1266185db85Sdougm * enabled for the user in this SMF service instance. 1276185db85Sdougm */ 1286185db85Sdougm 1296185db85Sdougm static int 1306185db85Sdougm check_authorization(char *instname, int which) 1316185db85Sdougm { 1326185db85Sdougm scf_handle_t *handle = NULL; 1336185db85Sdougm scf_simple_prop_t *prop = NULL; 1346185db85Sdougm char svcstring[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 1356185db85Sdougm char *authstr = NULL; 1366185db85Sdougm ssize_t numauths; 1376185db85Sdougm int ret = 1; 1386185db85Sdougm uid_t uid; 1396185db85Sdougm struct passwd *pw = NULL; 1406185db85Sdougm 1416185db85Sdougm uid = getuid(); 1426185db85Sdougm pw = getpwuid(uid); 1436185db85Sdougm if (pw == NULL) 1446185db85Sdougm ret = 0; 1456185db85Sdougm 1466185db85Sdougm if (ret == 1) { 1476185db85Sdougm /* since names are restricted to SA_MAX_NAME_LEN won't overflow */ 1486185db85Sdougm (void) snprintf(svcstring, sizeof (svcstring), 1496185db85Sdougm "%s:%s", SA_SVC_FMRI_BASE, instname); 1506185db85Sdougm handle = scf_handle_create(SCF_VERSION); 1516185db85Sdougm if (handle != NULL) { 1526185db85Sdougm if (scf_handle_bind(handle) == 0) { 1536185db85Sdougm switch (which) { 1546185db85Sdougm case SVC_SET: 1556185db85Sdougm prop = scf_simple_prop_get(handle, svcstring, 1566185db85Sdougm "general", 1576185db85Sdougm SVC_AUTH_VALUE); 1586185db85Sdougm break; 1596185db85Sdougm case SVC_ACTION: 1606185db85Sdougm prop = scf_simple_prop_get(handle, svcstring, 1616185db85Sdougm "general", 1626185db85Sdougm SVC_AUTH_ACTION); 1636185db85Sdougm break; 1646185db85Sdougm } 1656185db85Sdougm } 1666185db85Sdougm } 1676185db85Sdougm } 1686185db85Sdougm /* make sure we have an authorization string property */ 1696185db85Sdougm if (prop != NULL) { 1706185db85Sdougm int i; 1716185db85Sdougm numauths = scf_simple_prop_numvalues(prop); 1726185db85Sdougm for (ret = 0, i = 0; i < numauths; i++) { 1736185db85Sdougm authstr = scf_simple_prop_next_astring(prop); 1746185db85Sdougm if (authstr != NULL) { 1756185db85Sdougm /* check if this user has one of the strings */ 1766185db85Sdougm if (chkauthattr(authstr, pw->pw_name)) { 1776185db85Sdougm ret = 1; 1786185db85Sdougm break; 1796185db85Sdougm } 1806185db85Sdougm } 1816185db85Sdougm } 1826185db85Sdougm endauthattr(); 1836185db85Sdougm scf_simple_prop_free(prop); 1846185db85Sdougm } else { 1856185db85Sdougm /* no authorization string defined */ 1866185db85Sdougm ret = 0; 1876185db85Sdougm } 1886185db85Sdougm if (handle != NULL) 1896185db85Sdougm scf_handle_destroy(handle); 1906185db85Sdougm return (ret); 1916185db85Sdougm } 1926185db85Sdougm 1936185db85Sdougm /* 1946185db85Sdougm * check_authorizations(instname, flags) 1956185db85Sdougm * 1966185db85Sdougm * check all the needed authorizations for the user in this service 1976185db85Sdougm * instance. Return value of 1(true) or 0(false) indicates whether 1986185db85Sdougm * there are authorizations for the user or not. 1996185db85Sdougm */ 2006185db85Sdougm 2016185db85Sdougm static int 2026185db85Sdougm check_authorizations(char *instname, int flags) 2036185db85Sdougm { 2046185db85Sdougm int ret1 = 0; 2056185db85Sdougm int ret2 = 0; 2066185db85Sdougm int ret; 2076185db85Sdougm 2086185db85Sdougm if (flags & SVC_SET) 2096185db85Sdougm ret1 = check_authorization(instname, SVC_SET); 2106185db85Sdougm if (flags & SVC_ACTION) 2116185db85Sdougm ret2 = check_authorization(instname, SVC_ACTION); 2126185db85Sdougm switch (flags) { 2136185db85Sdougm case SVC_ACTION: 2146185db85Sdougm ret = ret2; 2156185db85Sdougm break; 2166185db85Sdougm case SVC_SET: 2176185db85Sdougm ret = ret1; 2186185db85Sdougm break; 2196185db85Sdougm case SVC_ACTION|SVC_SET: 2206185db85Sdougm ret = ret1 & ret2; 2216185db85Sdougm break; 2226185db85Sdougm default: 2236185db85Sdougm /* if not flags set, we assume we don't need authorizations */ 2246185db85Sdougm ret = 1; 2256185db85Sdougm } 2266185db85Sdougm return (ret); 2276185db85Sdougm } 2286185db85Sdougm 2296185db85Sdougm /* 2307d968cb8Sdougm * enable_group(group, updateproto) 2317d968cb8Sdougm * 2327d968cb8Sdougm * enable all the shares in the specified group. This is a helper for 2337d968cb8Sdougm * enable_all_groups in order to simplify regular and subgroup (zfs) 2347d968cb8Sdougm * disabling. Group has already been checked for non-NULL. 2356185db85Sdougm */ 2367d968cb8Sdougm 2377d968cb8Sdougm static void 2387d968cb8Sdougm enable_group(sa_group_t group, char *updateproto) 2396185db85Sdougm { 2406185db85Sdougm sa_share_t share; 2417d968cb8Sdougm 2427d968cb8Sdougm for (share = sa_get_share(group, NULL); 2437d968cb8Sdougm share != NULL; 2447d968cb8Sdougm share = sa_get_next_share(share)) { 2457d968cb8Sdougm if (updateproto != NULL) 2467d968cb8Sdougm (void) sa_update_legacy(share, updateproto); 2477d968cb8Sdougm (void) sa_enable_share(share, NULL); 2487d968cb8Sdougm } 2497d968cb8Sdougm } 2507d968cb8Sdougm 2517d968cb8Sdougm /* 2527d968cb8Sdougm * enable_all_groups(list, setstate, online, updateproto) 2537d968cb8Sdougm * Given a list of groups, enable each one found. If updateproto 2547d968cb8Sdougm * is not NULL, then update all the shares for the protocol that 2557d968cb8Sdougm * was passed in. 2567d968cb8Sdougm */ 2577d968cb8Sdougm static int 258*549ec3ffSdougm enable_all_groups(sa_handle_t handle, struct list *work, int setstate, 259*549ec3ffSdougm int online, char *updateproto) 2607d968cb8Sdougm { 2616185db85Sdougm int ret = SA_OK; 2626185db85Sdougm char instance[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 2636185db85Sdougm char *state; 2646185db85Sdougm char *name; 2656185db85Sdougm char *zfs = NULL; 2666185db85Sdougm sa_group_t group; 2677d968cb8Sdougm sa_group_t subgroup; 2686185db85Sdougm 2696185db85Sdougm while (work != NULL && ret == SA_OK) { 2706185db85Sdougm group = (sa_group_t)work->item; 2716185db85Sdougm /* if itemdata != NULL then a single share */ 2726185db85Sdougm if (work->itemdata != NULL) { 2736185db85Sdougm ret = sa_enable_share((sa_share_t)work->itemdata, NULL); 2746185db85Sdougm } 2756185db85Sdougm if (setstate) 2766185db85Sdougm ret = sa_set_group_attr(group, "state", 2776185db85Sdougm "enabled"); 2786185db85Sdougm if (ret == SA_OK) { 2796185db85Sdougm /* if itemdata == NULL then the whole group */ 2806185db85Sdougm if (work->itemdata == NULL) { 2817d968cb8Sdougm zfs = sa_get_group_attr(group, "zfs"); 2827d968cb8Sdougm /* 2837d968cb8Sdougm * if the share is managed by ZFS, don't 2847d968cb8Sdougm * update any of the protocols since ZFS is 2857d968cb8Sdougm * handling this. updateproto will contain 2867d968cb8Sdougm * the name of the protocol that we want to 2877d968cb8Sdougm * update legacy files for. 2887d968cb8Sdougm */ 2897d968cb8Sdougm enable_group(group, zfs == NULL ? updateproto : NULL); 2907d968cb8Sdougm for (subgroup = sa_get_sub_group(group); subgroup != NULL; 2917d968cb8Sdougm subgroup = sa_get_next_group(subgroup)) { 2927d968cb8Sdougm /* never update legacy for ZFS subgroups */ 2937d968cb8Sdougm enable_group(subgroup, NULL); 2946185db85Sdougm } 2956185db85Sdougm } 2966185db85Sdougm if (online) { 2976185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 2987d968cb8Sdougm name = sa_get_group_attr(group, "name"); 2996185db85Sdougm if (name != NULL) { 3006185db85Sdougm if (zfs == NULL) { 3016185db85Sdougm (void) snprintf(instance, sizeof (instance), 3026185db85Sdougm "%s:%s", 3036185db85Sdougm SA_SVC_FMRI_BASE, name); 3046185db85Sdougm state = smf_get_state(instance); 3056185db85Sdougm if (state == NULL || 3066185db85Sdougm strcmp(state, "online") != 0) { 3076185db85Sdougm (void) smf_enable_instance(instance, 0); 3086185db85Sdougm free(state); 3096185db85Sdougm } 3106185db85Sdougm } else { 3116185db85Sdougm sa_free_attr_string(zfs); 3126185db85Sdougm zfs = NULL; 3136185db85Sdougm } 3146185db85Sdougm if (name != NULL) 3156185db85Sdougm sa_free_attr_string(name); 3166185db85Sdougm } 3176185db85Sdougm } 3186185db85Sdougm work = work->next; 3196185db85Sdougm } 3206185db85Sdougm } 3216185db85Sdougm if (ret == SA_OK) { 322*549ec3ffSdougm ret = sa_update_config(handle); 3236185db85Sdougm } 3246185db85Sdougm return (ret); 3256185db85Sdougm } 3266185db85Sdougm 3276185db85Sdougm /* 3286185db85Sdougm * chk_opt(optlistp, security, proto) 3296185db85Sdougm * 3306185db85Sdougm * Do a sanity check on the optlist provided for the protocol. This 3316185db85Sdougm * is a syntax check and verification that the property is either a 3326185db85Sdougm * general or specific to a names optionset. 3336185db85Sdougm */ 3346185db85Sdougm 3356185db85Sdougm static int 3366185db85Sdougm chk_opt(struct options *optlistp, int security, char *proto) 3376185db85Sdougm { 3386185db85Sdougm struct options *optlist; 3396185db85Sdougm char *sep = ""; 3406185db85Sdougm int notfirst = 0; 3416185db85Sdougm int ret; 3426185db85Sdougm 3436185db85Sdougm for (optlist = optlistp; optlist != NULL; optlist = optlist->next) { 3446185db85Sdougm char *optname; 3456185db85Sdougm 3466185db85Sdougm optname = optlist->optname; 3476185db85Sdougm ret = OPT_ADD_OK; 3486185db85Sdougm /* extract property/value pair */ 3496185db85Sdougm if (sa_is_security(optname, proto)) { 3506185db85Sdougm if (!security) 3516185db85Sdougm ret = OPT_ADD_SECURITY; 3526185db85Sdougm } else { 3536185db85Sdougm if (security) 3546185db85Sdougm ret = OPT_ADD_PROPERTY; 3556185db85Sdougm } 3566185db85Sdougm if (ret != OPT_ADD_OK) { 3576185db85Sdougm if (notfirst == 0) 3586185db85Sdougm (void) printf(gettext("Property syntax error: ")); 3596185db85Sdougm switch (ret) { 3606185db85Sdougm case OPT_ADD_SYNTAX: 3616185db85Sdougm (void) printf(gettext("%ssyntax error: %s"), 3626185db85Sdougm sep, optname); 3636185db85Sdougm sep = ", "; 3646185db85Sdougm break; 3656185db85Sdougm case OPT_ADD_SECURITY: 3666185db85Sdougm (void) printf(gettext("%s%s requires -S"), 3676185db85Sdougm optname, sep); 3686185db85Sdougm sep = ", "; 3696185db85Sdougm break; 3706185db85Sdougm case OPT_ADD_PROPERTY: 3716185db85Sdougm (void) printf(gettext("%s%s not supported with -S"), 3726185db85Sdougm optname, sep); 3736185db85Sdougm sep = ", "; 3746185db85Sdougm break; 3756185db85Sdougm } 3766185db85Sdougm notfirst++; 3776185db85Sdougm } 3786185db85Sdougm } 3796185db85Sdougm if (notfirst) { 3806185db85Sdougm (void) printf("\n"); 3816185db85Sdougm ret = SA_SYNTAX_ERR; 3826185db85Sdougm } 3836185db85Sdougm return (ret); 3846185db85Sdougm } 3856185db85Sdougm 3866185db85Sdougm /* 3876185db85Sdougm * free_opt(optlist) 3886185db85Sdougm * Free the specified option list. 3896185db85Sdougm */ 3906185db85Sdougm static void 3916185db85Sdougm free_opt(struct options *optlist) 3926185db85Sdougm { 3936185db85Sdougm struct options *nextopt; 3946185db85Sdougm while (optlist != NULL) { 3956185db85Sdougm nextopt = optlist->next; 3966185db85Sdougm free(optlist); 3976185db85Sdougm optlist = nextopt; 3986185db85Sdougm } 3996185db85Sdougm } 4006185db85Sdougm 4016185db85Sdougm /* 4026185db85Sdougm * check property list for valid properties 4036185db85Sdougm * A null value is a remove which is always valid. 4046185db85Sdougm */ 4056185db85Sdougm static int 4066185db85Sdougm valid_options(struct options *optlist, char *proto, void *object, char *sec) 4076185db85Sdougm { 4086185db85Sdougm int ret = SA_OK; 4096185db85Sdougm struct options *cur; 4106185db85Sdougm sa_property_t prop; 4116185db85Sdougm sa_optionset_t parent = NULL; 4126185db85Sdougm 4136185db85Sdougm if (object != NULL) { 4146185db85Sdougm if (sec == NULL) 4156185db85Sdougm parent = sa_get_optionset(object, proto); 4166185db85Sdougm else 4176185db85Sdougm parent = sa_get_security(object, sec, proto); 4186185db85Sdougm } 4196185db85Sdougm 4206185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 4216185db85Sdougm if (cur->optvalue != NULL) { 4226185db85Sdougm prop = sa_create_property(cur->optname, cur->optvalue); 4236185db85Sdougm if (prop == NULL) 4246185db85Sdougm ret = SA_NO_MEMORY; 4256185db85Sdougm if (ret != SA_OK || 4266185db85Sdougm (ret = sa_valid_property(parent, proto, prop)) != SA_OK) { 4276185db85Sdougm (void) printf(gettext("Could not add property %s: %s\n"), 4286185db85Sdougm cur->optname, 4296185db85Sdougm sa_errorstr(ret)); 4306185db85Sdougm } 4316185db85Sdougm (void) sa_remove_property(prop); 4326185db85Sdougm } 4336185db85Sdougm } 4346185db85Sdougm return (ret); 4356185db85Sdougm } 4366185db85Sdougm 4376185db85Sdougm /* 4386185db85Sdougm * add_optionset(group, optlist, protocol, *err) 4396185db85Sdougm * Add the options in optlist to an optionset and then add the optionset 4406185db85Sdougm * to the group. 4416185db85Sdougm * 4426185db85Sdougm * The return value indicates if there was a "change" while errors are 4436185db85Sdougm * returned via the *err parameters. 4446185db85Sdougm */ 4456185db85Sdougm static int 4466185db85Sdougm add_optionset(sa_group_t group, struct options *optlist, char *proto, int *err) 4476185db85Sdougm { 4486185db85Sdougm sa_optionset_t optionset; 4496185db85Sdougm int ret = SA_OK; 4506185db85Sdougm int result = 0; 4516185db85Sdougm 4526185db85Sdougm optionset = sa_get_optionset(group, proto); 4536185db85Sdougm if (optionset == NULL) { 4546185db85Sdougm optionset = sa_create_optionset(group, proto); 4556185db85Sdougm result = 1; /* adding a protocol is a change */ 4566185db85Sdougm } 4576185db85Sdougm if (optionset != NULL) { 4586185db85Sdougm while (optlist != NULL) { 4596185db85Sdougm sa_property_t prop; 4606185db85Sdougm prop = sa_get_property(optionset, optlist->optname); 4616185db85Sdougm if (prop == NULL) { 4626185db85Sdougm /* 4636185db85Sdougm * add the property, but only if it is 4646185db85Sdougm * a non-NULL or non-zero length value 4656185db85Sdougm */ 4666185db85Sdougm if (optlist->optvalue != NULL) { 4676185db85Sdougm prop = sa_create_property(optlist->optname, 4686185db85Sdougm optlist->optvalue); 4696185db85Sdougm if (prop != NULL) { 4706185db85Sdougm ret = sa_valid_property(optionset, proto, prop); 4716185db85Sdougm if (ret != SA_OK) { 4726185db85Sdougm (void) sa_remove_property(prop); 4736185db85Sdougm (void) printf(gettext("Could not add property " 4746185db85Sdougm "%s: %s\n"), 4756185db85Sdougm optlist->optname, 4766185db85Sdougm sa_errorstr(ret)); 4776185db85Sdougm } 4786185db85Sdougm } 4796185db85Sdougm if (ret == SA_OK) { 4806185db85Sdougm ret = sa_add_property(optionset, prop); 4816185db85Sdougm if (ret != SA_OK) { 4826185db85Sdougm (void) printf(gettext("Could not add property" 4836185db85Sdougm " %s: %s\n"), 4846185db85Sdougm optlist->optname, 4856185db85Sdougm sa_errorstr(ret)); 4866185db85Sdougm } else { 4876185db85Sdougm /* there was a change */ 4886185db85Sdougm result = 1; 4896185db85Sdougm } 4906185db85Sdougm } 4916185db85Sdougm } 4926185db85Sdougm } else { 4936185db85Sdougm ret = sa_update_property(prop, optlist->optvalue); 4946185db85Sdougm /* should check to see if value changed */ 4956185db85Sdougm if (ret != SA_OK) { 4966185db85Sdougm (void) printf(gettext("Could not update " 4976185db85Sdougm "property %s: %s\n"), 4986185db85Sdougm optlist->optname, 4996185db85Sdougm sa_errorstr(ret)); 5006185db85Sdougm } else { 5016185db85Sdougm result = 1; 5026185db85Sdougm } 5036185db85Sdougm } 5046185db85Sdougm optlist = optlist->next; 5056185db85Sdougm } 5066185db85Sdougm ret = sa_commit_properties(optionset, 0); 5076185db85Sdougm } 5086185db85Sdougm if (err != NULL) 5096185db85Sdougm *err = ret; 5106185db85Sdougm return (result); 5116185db85Sdougm } 5126185db85Sdougm 5136185db85Sdougm /* 5146185db85Sdougm * sa_create(flags, argc, argv) 5156185db85Sdougm * create a new group 5166185db85Sdougm * this may or may not have a protocol associated with it. 5176185db85Sdougm * No protocol means "all" protocols in this case. 5186185db85Sdougm */ 5196185db85Sdougm static int 520*549ec3ffSdougm sa_create(sa_handle_t handle, int flags, int argc, char *argv[]) 5216185db85Sdougm { 5226185db85Sdougm char *groupname; 5236185db85Sdougm 5246185db85Sdougm sa_group_t group; 5256185db85Sdougm int verbose = 0; 5266185db85Sdougm int dryrun = 0; 5276185db85Sdougm int c; 5286185db85Sdougm char *protocol = NULL; 5296185db85Sdougm int ret = SA_OK; 5306185db85Sdougm struct options *optlist = NULL; 5316185db85Sdougm int err = 0; 5326185db85Sdougm int auth; 5336185db85Sdougm 5346185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:")) != EOF) { 5356185db85Sdougm switch (c) { 5366185db85Sdougm case 'v': 5376185db85Sdougm verbose++; 5386185db85Sdougm break; 5396185db85Sdougm case 'n': 5406185db85Sdougm dryrun++; 5416185db85Sdougm break; 5426185db85Sdougm case 'P': 5436185db85Sdougm protocol = optarg; 5446185db85Sdougm if (!sa_valid_protocol(protocol)) { 5456185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 5466185db85Sdougm protocol); 5476185db85Sdougm return (SA_INVALID_PROTOCOL); 5486185db85Sdougm } 5496185db85Sdougm break; 5506185db85Sdougm case 'p': 5516185db85Sdougm ret = add_opt(&optlist, optarg, 0); 5526185db85Sdougm switch (ret) { 5536185db85Sdougm case OPT_ADD_SYNTAX: 5546185db85Sdougm (void) printf(gettext("Property syntax error for " 5556185db85Sdougm "property: %s\n"), 5566185db85Sdougm optarg); 5576185db85Sdougm return (SA_SYNTAX_ERR); 5586185db85Sdougm case OPT_ADD_SECURITY: 5596185db85Sdougm (void) printf(gettext("Security properties need " 5606185db85Sdougm "to be set with set-security: %s\n"), 5616185db85Sdougm optarg); 5626185db85Sdougm return (SA_SYNTAX_ERR); 5636185db85Sdougm default: 5646185db85Sdougm break; 5656185db85Sdougm } 5666185db85Sdougm 5676185db85Sdougm break; 5686185db85Sdougm default: 5696185db85Sdougm case 'h': 5706185db85Sdougm case '?': 5716185db85Sdougm (void) printf(gettext("usage: %s\n"), 5726185db85Sdougm sa_get_usage(USAGE_CREATE)); 5736185db85Sdougm return (0); 5746185db85Sdougm } 5756185db85Sdougm } 5766185db85Sdougm 5776185db85Sdougm if (optind >= argc) { 5786185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_CREATE)); 5796185db85Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 5806185db85Sdougm return (SA_BAD_PATH); 5816185db85Sdougm } 5826185db85Sdougm 5836185db85Sdougm if ((optind + 1) < argc) { 5846185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_CREATE)); 5856185db85Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 5866185db85Sdougm return (SA_SYNTAX_ERR); 5876185db85Sdougm } 5886185db85Sdougm 5896185db85Sdougm if (protocol == NULL && optlist != NULL) { 5906185db85Sdougm /* lookup default protocol */ 5916185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_CREATE)); 5926185db85Sdougm (void) printf(gettext("\tprotocol must be specified " 5936185db85Sdougm "with properties\n")); 5946185db85Sdougm return (SA_INVALID_PROTOCOL); 5956185db85Sdougm } 5966185db85Sdougm 5976185db85Sdougm if (optlist != NULL) 5986185db85Sdougm ret = chk_opt(optlist, 0, protocol); 5996185db85Sdougm if (ret == OPT_ADD_SECURITY) { 6006185db85Sdougm (void) printf(gettext("Security properties not " 6016185db85Sdougm "supported with create\n")); 6026185db85Sdougm return (SA_SYNTAX_ERR); 6036185db85Sdougm } 6046185db85Sdougm 6056185db85Sdougm /* 6066185db85Sdougm * if a group already exists, we can only add a new protocol 6076185db85Sdougm * to it and not create a new one or add the same protocol 6086185db85Sdougm * again. 6096185db85Sdougm */ 6106185db85Sdougm 6116185db85Sdougm groupname = argv[optind]; 6126185db85Sdougm 6136185db85Sdougm auth = check_authorizations(groupname, flags); 6146185db85Sdougm 615*549ec3ffSdougm group = sa_get_group(handle, groupname); 6166185db85Sdougm if (group != NULL) { 6176185db85Sdougm /* group exists so must be a protocol add */ 6186185db85Sdougm if (protocol != NULL) { 6196185db85Sdougm if (has_protocol(group, protocol)) { 6206185db85Sdougm (void) printf(gettext("Group \"%s\" already exists" 6216185db85Sdougm " with protocol %s\n"), 6226185db85Sdougm groupname, protocol); 6236185db85Sdougm ret = SA_DUPLICATE_NAME; 6246185db85Sdougm } 6256185db85Sdougm } else { 6266185db85Sdougm /* must add new protocol */ 6276185db85Sdougm (void) printf(gettext("Group already exists and no protocol" 6286185db85Sdougm " specified.\n")); 6296185db85Sdougm ret = SA_DUPLICATE_NAME; 6306185db85Sdougm } 6316185db85Sdougm } else { 6326185db85Sdougm /* 6336185db85Sdougm * is it a valid name? Must comply with SMF instance 6346185db85Sdougm * name restrictions. 6356185db85Sdougm */ 6366185db85Sdougm if (!sa_valid_group_name(groupname)) { 6376185db85Sdougm ret = SA_INVALID_NAME; 6386185db85Sdougm (void) printf(gettext("Invalid group name: %s\n"), groupname); 6396185db85Sdougm } 6406185db85Sdougm } 6416185db85Sdougm if (ret == SA_OK) { 6426185db85Sdougm /* check protocol vs optlist */ 6436185db85Sdougm if (optlist != NULL) { 6446185db85Sdougm /* check options, if any, for validity */ 6456185db85Sdougm ret = valid_options(optlist, protocol, group, NULL); 6466185db85Sdougm } 6476185db85Sdougm } 6486185db85Sdougm if (ret == SA_OK && !dryrun) { 6496185db85Sdougm if (group == NULL) { 650*549ec3ffSdougm group = sa_create_group(handle, (char *)groupname, &err); 6516185db85Sdougm } 6526185db85Sdougm if (group != NULL) { 6536185db85Sdougm sa_optionset_t optionset; 6546185db85Sdougm if (optlist != NULL) { 6556185db85Sdougm (void) add_optionset(group, optlist, protocol, &ret); 6566185db85Sdougm } else if (protocol != NULL) { 6576185db85Sdougm optionset = sa_create_optionset(group, protocol); 6586185db85Sdougm if (optionset == NULL) 6596185db85Sdougm ret = SA_NO_MEMORY; 6606185db85Sdougm } else if (protocol == NULL) { 6616185db85Sdougm char **protolist; 6626185db85Sdougm int numprotos, i; 6636185db85Sdougm numprotos = sa_get_protocols(&protolist); 6646185db85Sdougm for (i = 0; i < numprotos; i++) { 6656185db85Sdougm optionset = sa_create_optionset(group, protolist[i]); 6666185db85Sdougm } 6676185db85Sdougm if (protolist != NULL) 6686185db85Sdougm free(protolist); 6696185db85Sdougm } 6706185db85Sdougm /* 6716185db85Sdougm * we have a group and legal additions 6726185db85Sdougm */ 6736185db85Sdougm if (ret == SA_OK) { 6746185db85Sdougm /* 6756185db85Sdougm * commit to configuration for protocols that 6766185db85Sdougm * need to do block updates. For NFS, this 6776185db85Sdougm * doesn't do anything but it will be run for 6786185db85Sdougm * all protocols that implement the 6796185db85Sdougm * appropriate plugin. 6806185db85Sdougm */ 681*549ec3ffSdougm ret = sa_update_config(handle); 6826185db85Sdougm } else { 6836185db85Sdougm if (group != NULL) 6846185db85Sdougm (void) sa_remove_group(group); 6856185db85Sdougm } 6866185db85Sdougm } else { 6876185db85Sdougm ret = err; 6886185db85Sdougm (void) printf(gettext("Could not create group: %s\n"), 6896185db85Sdougm sa_errorstr(ret)); 6906185db85Sdougm } 6916185db85Sdougm } 6926185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 6936185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 6946185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 6956185db85Sdougm ret = SA_NO_PERMISSION; 6966185db85Sdougm } 6976185db85Sdougm free_opt(optlist); 6986185db85Sdougm return (ret); 6996185db85Sdougm } 7006185db85Sdougm 7016185db85Sdougm /* 7026185db85Sdougm * group_status(group) 7036185db85Sdougm * 7046185db85Sdougm * return the current status (enabled/disabled) of the group. 7056185db85Sdougm */ 7066185db85Sdougm 7076185db85Sdougm static char * 7086185db85Sdougm group_status(sa_group_t group) 7096185db85Sdougm { 7106185db85Sdougm char *state; 7116185db85Sdougm int enabled = 0; 7126185db85Sdougm 7136185db85Sdougm state = sa_get_group_attr(group, "state"); 7146185db85Sdougm if (state != NULL) { 7156185db85Sdougm if (strcmp(state, "enabled") == 0) { 7166185db85Sdougm enabled = 1; 7176185db85Sdougm } 7186185db85Sdougm sa_free_attr_string(state); 7196185db85Sdougm } 7206185db85Sdougm return (enabled ? gettext("enabled") : gettext("disabled")); 7216185db85Sdougm } 7226185db85Sdougm 7236185db85Sdougm /* 7246185db85Sdougm * sa_delete(flags, argc, argv) 7256185db85Sdougm * 7266185db85Sdougm * Delete a group. 7276185db85Sdougm */ 7286185db85Sdougm 7296185db85Sdougm static int 730*549ec3ffSdougm sa_delete(sa_handle_t handle, int flags, int argc, char *argv[]) 7316185db85Sdougm { 7326185db85Sdougm char *groupname; 7336185db85Sdougm sa_group_t group; 7346185db85Sdougm sa_share_t share; 7356185db85Sdougm int verbose = 0; 7366185db85Sdougm int dryrun = 0; 7376185db85Sdougm int force = 0; 7386185db85Sdougm int c; 7396185db85Sdougm char *protocol = NULL; 7406185db85Sdougm char *sectype = NULL; 7416185db85Sdougm int ret = SA_OK; 7426185db85Sdougm int auth; 7436185db85Sdougm 7446185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:fS:")) != EOF) { 7456185db85Sdougm switch (c) { 7466185db85Sdougm case 'v': 7476185db85Sdougm verbose++; 7486185db85Sdougm break; 7496185db85Sdougm case 'n': 7506185db85Sdougm dryrun++; 7516185db85Sdougm break; 7526185db85Sdougm case 'P': 7536185db85Sdougm protocol = optarg; 7546185db85Sdougm if (!sa_valid_protocol(protocol)) { 7556185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 7566185db85Sdougm protocol); 7576185db85Sdougm return (SA_INVALID_PROTOCOL); 7586185db85Sdougm } 7596185db85Sdougm break; 7606185db85Sdougm case 'S': 7616185db85Sdougm sectype = optarg; 7626185db85Sdougm break; 7636185db85Sdougm case 'f': 7646185db85Sdougm force++; 7656185db85Sdougm break; 7666185db85Sdougm default: 7676185db85Sdougm case 'h': 7686185db85Sdougm case '?': 7696185db85Sdougm (void) printf(gettext("usage: %s\n"), 7706185db85Sdougm sa_get_usage(USAGE_DELETE)); 7716185db85Sdougm return (0); 7726185db85Sdougm } 7736185db85Sdougm } 7746185db85Sdougm 7756185db85Sdougm if (optind >= argc) { 7766185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_DELETE)); 7776185db85Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 7786185db85Sdougm return (SA_SYNTAX_ERR); 7796185db85Sdougm } 7806185db85Sdougm 7816185db85Sdougm if ((optind + 1) < argc) { 7826185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_DELETE)); 7836185db85Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 7846185db85Sdougm return (SA_SYNTAX_ERR); 7856185db85Sdougm } 7866185db85Sdougm 7876185db85Sdougm if (sectype != NULL && protocol == NULL) { 7886185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_DELETE)); 7896185db85Sdougm (void) printf(gettext("\tsecurity requires protocol to be " 7906185db85Sdougm "specified.\n")); 7916185db85Sdougm return (SA_SYNTAX_ERR); 7926185db85Sdougm } 7936185db85Sdougm 7946185db85Sdougm /* 7956185db85Sdougm * Determine if the group already exists since it must in 7966185db85Sdougm * order to be removed. 7976185db85Sdougm * 7986185db85Sdougm * We can delete when: 7996185db85Sdougm * 8006185db85Sdougm * - group is empty 8016185db85Sdougm * - force flag is set 8026185db85Sdougm * - if protocol specified, only delete the protocol 8036185db85Sdougm */ 8046185db85Sdougm 8056185db85Sdougm groupname = argv[optind]; 806*549ec3ffSdougm group = sa_get_group(handle, groupname); 8076185db85Sdougm if (group == NULL) { 8086185db85Sdougm ret = SA_NO_SUCH_GROUP; 8096185db85Sdougm } else { 8106185db85Sdougm auth = check_authorizations(groupname, flags); 8116185db85Sdougm if (protocol == NULL) { 8126185db85Sdougm share = sa_get_share(group, NULL); 8136185db85Sdougm if (share != NULL) 8146185db85Sdougm ret = SA_BUSY; 8156185db85Sdougm if (share == NULL || (share != NULL && force == 1)) { 8166185db85Sdougm ret = SA_OK; 8176185db85Sdougm if (!dryrun) { 8186185db85Sdougm while (share != NULL) { 8196185db85Sdougm sa_share_t next_share; 8206185db85Sdougm next_share = sa_get_next_share(share); 8216185db85Sdougm /* 8226185db85Sdougm * need to do the disable of each 8236185db85Sdougm * share, but don't actually do 8246185db85Sdougm * anything on a dryrun. 8256185db85Sdougm */ 8266185db85Sdougm ret = sa_disable_share(share, NULL); 8276185db85Sdougm ret = sa_remove_share(share); 8286185db85Sdougm share = next_share; 8296185db85Sdougm } 8306185db85Sdougm ret = sa_remove_group(group); 8316185db85Sdougm } 8326185db85Sdougm } 8336185db85Sdougm /* commit to configuration if not a dryrun */ 8346185db85Sdougm if (!dryrun && ret == SA_OK) { 835*549ec3ffSdougm ret = sa_update_config(handle); 8366185db85Sdougm } 8376185db85Sdougm } else { 8386185db85Sdougm /* a protocol delete */ 8396185db85Sdougm sa_optionset_t optionset; 8406185db85Sdougm sa_security_t security; 8416185db85Sdougm if (sectype != NULL) { 8426185db85Sdougm /* only delete specified security */ 8436185db85Sdougm security = sa_get_security(group, sectype, protocol); 8446185db85Sdougm if (security != NULL && !dryrun) { 8456185db85Sdougm ret = sa_destroy_security(security); 8466185db85Sdougm } else { 8476185db85Sdougm ret = SA_INVALID_PROTOCOL; 8486185db85Sdougm } 8496185db85Sdougm } else { 8506185db85Sdougm optionset = sa_get_optionset(group, protocol); 8516185db85Sdougm if (optionset != NULL && !dryrun) { 8526185db85Sdougm /* have an optionset with protocol to delete */ 8536185db85Sdougm ret = sa_destroy_optionset(optionset); 8546185db85Sdougm /* 8556185db85Sdougm * now find all security sets for the protocol 8566185db85Sdougm * and remove them. Don't remove other 8576185db85Sdougm * protocols. 8586185db85Sdougm */ 8596185db85Sdougm for (security = sa_get_security(group, NULL, NULL); 8606185db85Sdougm ret == SA_OK && security != NULL; 8616185db85Sdougm security = sa_get_next_security(security)) { 8626185db85Sdougm char *secprot; 8636185db85Sdougm 8646185db85Sdougm secprot = sa_get_security_attr(security, "type"); 8656185db85Sdougm if (secprot != NULL && 8666185db85Sdougm strcmp(secprot, protocol) == 0) 8676185db85Sdougm ret = sa_destroy_security(security); 8686185db85Sdougm if (secprot != NULL) 8696185db85Sdougm sa_free_attr_string(secprot); 8706185db85Sdougm } 8716185db85Sdougm } else { 8726185db85Sdougm if (!dryrun) 8736185db85Sdougm ret = SA_INVALID_PROTOCOL; 8746185db85Sdougm } 8756185db85Sdougm } 8766185db85Sdougm } 8776185db85Sdougm } 8786185db85Sdougm if (ret != SA_OK) { 8796185db85Sdougm (void) printf(gettext("Could not delete group: %s\n"), 8806185db85Sdougm sa_errorstr(ret)); 8816185db85Sdougm } else if (dryrun && !auth && verbose) { 8826185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 8836185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 8846185db85Sdougm } 8856185db85Sdougm return (ret); 8866185db85Sdougm } 8876185db85Sdougm 8886185db85Sdougm /* 8896185db85Sdougm * strndupr(*buff, str, buffsize) 8906185db85Sdougm * 8916185db85Sdougm * used with small strings to duplicate and possibly increase the 8926185db85Sdougm * buffer size of a string. 8936185db85Sdougm */ 8946185db85Sdougm static char * 8956185db85Sdougm strndupr(char *buff, char *str, int *buffsize) 8966185db85Sdougm { 8976185db85Sdougm int limit; 8986185db85Sdougm char *orig_buff = buff; 8996185db85Sdougm 9006185db85Sdougm if (buff == NULL) { 9016185db85Sdougm buff = (char *)malloc(64); 9026185db85Sdougm if (buff == NULL) 9036185db85Sdougm return (NULL); 9046185db85Sdougm *buffsize = 64; 9056185db85Sdougm buff[0] = '\0'; 9066185db85Sdougm } 9076185db85Sdougm limit = strlen(buff) + strlen(str) + 1; 9086185db85Sdougm if (limit > *buffsize) { 9096185db85Sdougm limit = *buffsize = *buffsize + ((limit / 64) + 64); 9106185db85Sdougm buff = realloc(buff, limit); 9116185db85Sdougm } 9126185db85Sdougm if (buff != NULL) { 9136185db85Sdougm (void) strcat(buff, str); 9146185db85Sdougm } else { 9156185db85Sdougm /* if it fails, fail it hard */ 9166185db85Sdougm if (orig_buff != NULL) 9176185db85Sdougm free(orig_buff); 9186185db85Sdougm } 9196185db85Sdougm return (buff); 9206185db85Sdougm } 9216185db85Sdougm 9226185db85Sdougm /* 9236185db85Sdougm * group_proto(group) 9246185db85Sdougm * 9256185db85Sdougm * return a string of all the protocols (space separated) associated 9266185db85Sdougm * with this group. 9276185db85Sdougm */ 9286185db85Sdougm 9296185db85Sdougm static char * 9306185db85Sdougm group_proto(sa_group_t group) 9316185db85Sdougm { 9326185db85Sdougm sa_optionset_t optionset; 9336185db85Sdougm char *proto; 9346185db85Sdougm char *buff = NULL; 9356185db85Sdougm int buffsize = 0; 9366185db85Sdougm int addspace = 0; 9376185db85Sdougm /* 9386185db85Sdougm * get the protocol list by finding the optionsets on this 9396185db85Sdougm * group and extracting the type value. The initial call to 9406185db85Sdougm * strndupr() initailizes buff. 9416185db85Sdougm */ 9426185db85Sdougm buff = strndupr(buff, "", &buffsize); 9436185db85Sdougm if (buff != NULL) { 9446185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 9456185db85Sdougm optionset != NULL && buff != NULL; 9466185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 9476185db85Sdougm /* 9486185db85Sdougm * extract out the protocol type from this optionset 9496185db85Sdougm * and append it to the buffer "buff". strndupr() will 9506185db85Sdougm * reallocate space as necessay. 9516185db85Sdougm */ 9526185db85Sdougm proto = sa_get_optionset_attr(optionset, "type"); 9536185db85Sdougm if (proto != NULL) { 9546185db85Sdougm if (addspace++) 9556185db85Sdougm buff = strndupr(buff, " ", &buffsize); 9566185db85Sdougm buff = strndupr(buff, proto, &buffsize); 9576185db85Sdougm sa_free_attr_string(proto); 9586185db85Sdougm } 9596185db85Sdougm } 9606185db85Sdougm } 9616185db85Sdougm return (buff); 9626185db85Sdougm } 9636185db85Sdougm 9646185db85Sdougm /* 9656185db85Sdougm * sa_list(flags, argc, argv) 9666185db85Sdougm * 9676185db85Sdougm * implements the "list" subcommand to list groups and optionally 9686185db85Sdougm * their state and protocols. 9696185db85Sdougm */ 9706185db85Sdougm 9716185db85Sdougm static int 972*549ec3ffSdougm sa_list(sa_handle_t handle, int flags, int argc, char *argv[]) 9736185db85Sdougm { 9746185db85Sdougm sa_group_t group; 9756185db85Sdougm int verbose = 0; 9766185db85Sdougm int c; 9776185db85Sdougm char *protocol = NULL; 9786185db85Sdougm #ifdef lint 9796185db85Sdougm flags = flags; 9806185db85Sdougm #endif 9816185db85Sdougm 9826185db85Sdougm while ((c = getopt(argc, argv, "?hvP:")) != EOF) { 9836185db85Sdougm switch (c) { 9846185db85Sdougm case 'v': 9856185db85Sdougm verbose++; 9866185db85Sdougm break; 9876185db85Sdougm case 'P': 9886185db85Sdougm protocol = optarg; 9896185db85Sdougm if (!sa_valid_protocol(protocol)) { 9906185db85Sdougm (void) printf(gettext("Invalid protocol specified:" 9916185db85Sdougm "%s\n"), 9926185db85Sdougm protocol); 9936185db85Sdougm return (SA_INVALID_PROTOCOL); 9946185db85Sdougm } 9956185db85Sdougm break; 9966185db85Sdougm default: 9976185db85Sdougm case 'h': 9986185db85Sdougm case '?': 9996185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_LIST)); 10006185db85Sdougm return (0); 10016185db85Sdougm } 10026185db85Sdougm } 10036185db85Sdougm 1004*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 10056185db85Sdougm group = sa_get_next_group(group)) { 10066185db85Sdougm char *name; 10076185db85Sdougm char *proto; 10086185db85Sdougm if (protocol == NULL || has_protocol(group, protocol)) { 10096185db85Sdougm name = sa_get_group_attr(group, "name"); 10106185db85Sdougm if (name != NULL && (verbose > 1 || name[0] != '#')) { 10116185db85Sdougm (void) printf("%s", (char *)name); 10126185db85Sdougm if (verbose) { 10136185db85Sdougm /* 10146185db85Sdougm * need the list of protocols 10156185db85Sdougm * and current status once 10166185db85Sdougm * available. 10176185db85Sdougm */ 10186185db85Sdougm (void) printf("\t%s", group_status(group)); 10196185db85Sdougm proto = group_proto(group); 10206185db85Sdougm if (proto != NULL) { 10216185db85Sdougm (void) printf("\t%s", (char *)proto); 10226185db85Sdougm free(proto); 10236185db85Sdougm } 10246185db85Sdougm } 10256185db85Sdougm (void) printf("\n"); 10266185db85Sdougm } 10276185db85Sdougm if (name != NULL) 10286185db85Sdougm sa_free_attr_string(name); 10296185db85Sdougm } 10306185db85Sdougm } 10316185db85Sdougm return (0); 10326185db85Sdougm } 10336185db85Sdougm 10346185db85Sdougm /* 10356185db85Sdougm * out_properties(optionset, proto, sec) 10366185db85Sdougm * 10376185db85Sdougm * Format the properties and encode the protocol and optional named 10386185db85Sdougm * optionset into the string. 10396185db85Sdougm * 10406185db85Sdougm * format is protocol[:name]=(property-list) 10416185db85Sdougm */ 10426185db85Sdougm 10436185db85Sdougm static void 10446185db85Sdougm out_properties(sa_optionset_t optionset, char *proto, char *sec) 10456185db85Sdougm { 10466185db85Sdougm char *type; 10476185db85Sdougm char *value; 10486185db85Sdougm int spacer; 10496185db85Sdougm sa_property_t prop; 10506185db85Sdougm 10516185db85Sdougm if (sec == NULL) { 10526185db85Sdougm (void) printf(" %s=(", proto ? proto : gettext("all")); 10536185db85Sdougm } else { 10546185db85Sdougm (void) printf(" %s:%s=(", proto ? proto : gettext("all"), sec); 10556185db85Sdougm } 10566185db85Sdougm 10576185db85Sdougm for (spacer = 0, prop = sa_get_property(optionset, NULL); 10586185db85Sdougm prop != NULL; prop = sa_get_next_property(prop)) { 10596185db85Sdougm 10606185db85Sdougm /* 10616185db85Sdougm * extract the property name/value and output with 10626185db85Sdougm * appropriate spacing. I.e. no prefixed space the 10636185db85Sdougm * first time through but a space on subsequent 10646185db85Sdougm * properties. 10656185db85Sdougm */ 10666185db85Sdougm type = sa_get_property_attr(prop, "type"); 10676185db85Sdougm value = sa_get_property_attr(prop, "value"); 10686185db85Sdougm if (type != NULL) { 10696185db85Sdougm (void) printf("%s%s=", spacer ? " " : "", type); 10706185db85Sdougm spacer = 1; 10716185db85Sdougm if (value != NULL) 10726185db85Sdougm (void) printf("\"%s\"", value); 10736185db85Sdougm else 10746185db85Sdougm (void) printf("\"\""); 10756185db85Sdougm } 10766185db85Sdougm if (type != NULL) 10776185db85Sdougm sa_free_attr_string(type); 10786185db85Sdougm if (value != NULL) 10796185db85Sdougm sa_free_attr_string(value); 10806185db85Sdougm } 10816185db85Sdougm (void) printf(")"); 10826185db85Sdougm } 10836185db85Sdougm 10846185db85Sdougm /* 10856185db85Sdougm * show_properties(group, protocol, prefix) 10866185db85Sdougm * 10876185db85Sdougm * print the properties for a group. If protocol is NULL, do all 10886185db85Sdougm * protocols otherwise only the specified protocol. All security 10896185db85Sdougm * (named groups specific to the protocol) are included. 10906185db85Sdougm * 10916185db85Sdougm * The "prefix" is always applied. The caller knows whether it wants 10926185db85Sdougm * some type of prefix string (white space) or not. Once the prefix 10936185db85Sdougm * has been output, it is reduced to the zero length string for the 10946185db85Sdougm * remainder of the property output. 10956185db85Sdougm */ 10966185db85Sdougm 10976185db85Sdougm static void 10986185db85Sdougm show_properties(sa_group_t group, char *protocol, char *prefix) 10996185db85Sdougm { 11006185db85Sdougm sa_optionset_t optionset; 11016185db85Sdougm sa_security_t security; 11026185db85Sdougm char *value; 11036185db85Sdougm char *secvalue; 11046185db85Sdougm 11056185db85Sdougm if (protocol != NULL) { 11066185db85Sdougm optionset = sa_get_optionset(group, protocol); 11076185db85Sdougm if (optionset != NULL) { 11086185db85Sdougm (void) printf("%s", prefix); 11096185db85Sdougm prefix = ""; 11106185db85Sdougm out_properties(optionset, protocol, NULL); 11116185db85Sdougm } 11126185db85Sdougm security = sa_get_security(group, protocol, NULL); 11136185db85Sdougm if (security != NULL) { 11146185db85Sdougm (void) printf("%s", prefix); 11156185db85Sdougm prefix = ""; 11166185db85Sdougm out_properties(security, protocol, NULL); 11176185db85Sdougm } 11186185db85Sdougm } else { 11196185db85Sdougm for (optionset = sa_get_optionset(group, protocol); 11206185db85Sdougm optionset != NULL; 11216185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 11226185db85Sdougm 11236185db85Sdougm value = sa_get_optionset_attr(optionset, "type"); 11246185db85Sdougm (void) printf("%s", prefix); 11256185db85Sdougm prefix = ""; 11266185db85Sdougm out_properties(optionset, value, 0); 11276185db85Sdougm if (value != NULL) 11286185db85Sdougm sa_free_attr_string(value); 11296185db85Sdougm } 11306185db85Sdougm for (security = sa_get_security(group, NULL, protocol); 11316185db85Sdougm security != NULL; 11326185db85Sdougm security = sa_get_next_security(security)) { 11336185db85Sdougm 11346185db85Sdougm value = sa_get_security_attr(security, "type"); 11356185db85Sdougm secvalue = sa_get_security_attr(security, "sectype"); 11366185db85Sdougm (void) printf("%s", prefix); 11376185db85Sdougm prefix = ""; 11386185db85Sdougm out_properties(security, value, secvalue); 11396185db85Sdougm if (value != NULL) 11406185db85Sdougm sa_free_attr_string(value); 11416185db85Sdougm if (secvalue != NULL) 11426185db85Sdougm sa_free_attr_string(secvalue); 11436185db85Sdougm } 11446185db85Sdougm } 11456185db85Sdougm } 11466185db85Sdougm 11476185db85Sdougm /* 11486185db85Sdougm * show_group(group, verbose, properties, proto, subgroup) 11496185db85Sdougm * 11506185db85Sdougm * helper function to show the contents of a group. 11516185db85Sdougm */ 11526185db85Sdougm 11536185db85Sdougm static void 11546185db85Sdougm show_group(sa_group_t group, int verbose, int properties, char *proto, 11556185db85Sdougm char *subgroup) 11566185db85Sdougm { 11576185db85Sdougm sa_share_t share; 11586185db85Sdougm char *groupname; 11596185db85Sdougm char *sharepath; 11606185db85Sdougm char *resource; 11616185db85Sdougm char *description; 11626185db85Sdougm char *type; 11636185db85Sdougm char *zfs = NULL; 11646185db85Sdougm int iszfs = 0; 11656185db85Sdougm 11666185db85Sdougm groupname = sa_get_group_attr(group, "name"); 11676185db85Sdougm if (groupname != NULL) { 11686185db85Sdougm if (proto != NULL && !has_protocol(group, proto)) { 11696185db85Sdougm sa_free_attr_string(groupname); 11706185db85Sdougm return; 11716185db85Sdougm } 11726185db85Sdougm /* 11736185db85Sdougm * check to see if the group is managed by ZFS. If 11746185db85Sdougm * there is an attribute, then it is. A non-NULL zfs 11756185db85Sdougm * variable will trigger the different way to display 11766185db85Sdougm * and will remove the transient property indicator 11776185db85Sdougm * from the output. 11786185db85Sdougm */ 11796185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 11806185db85Sdougm if (zfs != NULL) { 11816185db85Sdougm iszfs = 1; 11826185db85Sdougm sa_free_attr_string(zfs); 11836185db85Sdougm } 11846185db85Sdougm share = sa_get_share(group, NULL); 11856185db85Sdougm if (subgroup == NULL) 11866185db85Sdougm (void) printf("%s", groupname); 11876185db85Sdougm else 11886185db85Sdougm (void) printf(" %s/%s", subgroup, groupname); 11896185db85Sdougm if (properties) { 11906185db85Sdougm show_properties(group, proto, ""); 11916185db85Sdougm } 11926185db85Sdougm (void) printf("\n"); 11936185db85Sdougm if (strcmp(groupname, "zfs") == 0) { 11946185db85Sdougm sa_group_t zgroup; 11956185db85Sdougm 11966185db85Sdougm for (zgroup = sa_get_sub_group(group); zgroup != NULL; 11976185db85Sdougm zgroup = sa_get_next_group(zgroup)) { 11986185db85Sdougm show_group(zgroup, verbose, properties, proto, "zfs"); 11996185db85Sdougm } 12006185db85Sdougm sa_free_attr_string(groupname); 12016185db85Sdougm return; 12026185db85Sdougm } 12036185db85Sdougm /* 12046185db85Sdougm * have a group, so list the contents. Resource and 12056185db85Sdougm * description are only listed if verbose is set. 12066185db85Sdougm */ 12076185db85Sdougm for (share = sa_get_share(group, NULL); share != NULL; 12086185db85Sdougm share = sa_get_next_share(share)) { 12096185db85Sdougm sharepath = sa_get_share_attr(share, "path"); 12106185db85Sdougm if (sharepath != NULL) { 12116185db85Sdougm if (verbose) { 12126185db85Sdougm resource = sa_get_share_attr(share, "resource"); 12136185db85Sdougm description = sa_get_share_description(share); 12146185db85Sdougm type = sa_get_share_attr(share, "type"); 12156185db85Sdougm if (type != NULL && !iszfs && 12166185db85Sdougm strcmp(type, "transient") == 0) 12176185db85Sdougm (void) printf("\t* "); 12186185db85Sdougm else 12196185db85Sdougm (void) printf("\t "); 12206185db85Sdougm if (resource != NULL && strlen(resource) > 0) { 12216185db85Sdougm (void) printf("%s=%s", resource, sharepath); 12226185db85Sdougm } else { 12236185db85Sdougm (void) printf("%s", sharepath); 12246185db85Sdougm } 12256185db85Sdougm if (resource != NULL) 12266185db85Sdougm sa_free_attr_string(resource); 12276185db85Sdougm if (properties) 12286185db85Sdougm show_properties(share, NULL, "\t"); 12296185db85Sdougm if (description != NULL) { 12306185db85Sdougm if (strlen(description) > 0) { 12316185db85Sdougm (void) printf("\t\"%s\"", description); 12326185db85Sdougm } 12336185db85Sdougm sa_free_share_description(description); 12346185db85Sdougm } 12356185db85Sdougm if (type != NULL) 12366185db85Sdougm sa_free_attr_string(type); 12376185db85Sdougm } else { 12386185db85Sdougm (void) printf("\t%s", sharepath); 12396185db85Sdougm if (properties) 12406185db85Sdougm show_properties(share, NULL, "\t"); 12416185db85Sdougm } 12426185db85Sdougm (void) printf("\n"); 12436185db85Sdougm sa_free_attr_string(sharepath); 12446185db85Sdougm } 12456185db85Sdougm } 12466185db85Sdougm } 12476185db85Sdougm if (groupname != NULL) { 12486185db85Sdougm sa_free_attr_string(groupname); 12496185db85Sdougm } 12506185db85Sdougm } 12516185db85Sdougm 12526185db85Sdougm /* 12536185db85Sdougm * show_group_xml_init() 12546185db85Sdougm * 12556185db85Sdougm * Create an XML document that will be used to display config info via 12566185db85Sdougm * XML format. 12576185db85Sdougm */ 12586185db85Sdougm 12596185db85Sdougm xmlDocPtr 12606185db85Sdougm show_group_xml_init() 12616185db85Sdougm { 12626185db85Sdougm xmlDocPtr doc; 12636185db85Sdougm xmlNodePtr root; 12646185db85Sdougm 12656185db85Sdougm doc = xmlNewDoc((xmlChar *)"1.0"); 12666185db85Sdougm if (doc != NULL) { 12676185db85Sdougm root = xmlNewNode(NULL, (xmlChar *)"sharecfg"); 12686185db85Sdougm if (root != NULL) 12696185db85Sdougm xmlDocSetRootElement(doc, root); 12706185db85Sdougm } 12716185db85Sdougm return (doc); 12726185db85Sdougm } 12736185db85Sdougm 12746185db85Sdougm /* 12756185db85Sdougm * show_group_xml(doc, group) 12766185db85Sdougm * 12776185db85Sdougm * Copy the group info into the XML doc. 12786185db85Sdougm */ 12796185db85Sdougm 12806185db85Sdougm static void 12816185db85Sdougm show_group_xml(xmlDocPtr doc, sa_group_t group) 12826185db85Sdougm { 12836185db85Sdougm xmlNodePtr node; 12846185db85Sdougm xmlNodePtr root; 12856185db85Sdougm 12866185db85Sdougm root = xmlDocGetRootElement(doc); 12876185db85Sdougm node = xmlCopyNode((xmlNodePtr)group, 1); 12886185db85Sdougm if (node != NULL && root != NULL) { 12896185db85Sdougm xmlAddChild(root, node); 12906185db85Sdougm /* 12916185db85Sdougm * In the future, we may have interally used tags that 12926185db85Sdougm * should not appear in the XML output. Remove 12936185db85Sdougm * anything we don't want to show here. 12946185db85Sdougm */ 12956185db85Sdougm } 12966185db85Sdougm } 12976185db85Sdougm 12986185db85Sdougm /* 12996185db85Sdougm * sa_show(flags, argc, argv) 13006185db85Sdougm * 13016185db85Sdougm * Implements the show subcommand. 13026185db85Sdougm */ 13036185db85Sdougm 13046185db85Sdougm int 1305*549ec3ffSdougm sa_show(sa_handle_t handle, int flags, int argc, char *argv[]) 13066185db85Sdougm { 13076185db85Sdougm sa_group_t group; 13086185db85Sdougm int verbose = 0; 13096185db85Sdougm int properties = 0; 13106185db85Sdougm int c; 13116185db85Sdougm int ret = SA_OK; 13126185db85Sdougm char *protocol = NULL; 13136185db85Sdougm int xml = 0; 13146185db85Sdougm xmlDocPtr doc; 13156185db85Sdougm #ifdef lint 13166185db85Sdougm flags = flags; 13176185db85Sdougm #endif 13186185db85Sdougm 13196185db85Sdougm while ((c = getopt(argc, argv, "?hvP:px")) != EOF) { 13206185db85Sdougm switch (c) { 13216185db85Sdougm case 'v': 13226185db85Sdougm verbose++; 13236185db85Sdougm break; 13246185db85Sdougm case 'p': 13256185db85Sdougm properties++; 13266185db85Sdougm break; 13276185db85Sdougm case 'P': 13286185db85Sdougm protocol = optarg; 13296185db85Sdougm if (!sa_valid_protocol(protocol)) { 13306185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 13316185db85Sdougm protocol); 13326185db85Sdougm return (SA_INVALID_PROTOCOL); 13336185db85Sdougm } 13346185db85Sdougm break; 13356185db85Sdougm case 'x': 13366185db85Sdougm xml++; 13376185db85Sdougm break; 13386185db85Sdougm default: 13396185db85Sdougm case 'h': 13406185db85Sdougm case '?': 13416185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_SHOW)); 13426185db85Sdougm return (0); 13436185db85Sdougm } 13446185db85Sdougm } 13456185db85Sdougm 13466185db85Sdougm if (xml) { 13476185db85Sdougm doc = show_group_xml_init(); 13486185db85Sdougm if (doc == NULL) 13496185db85Sdougm ret = SA_NO_MEMORY; 13506185db85Sdougm } 13516185db85Sdougm 13526185db85Sdougm if (optind == argc) { 13536185db85Sdougm /* no group specified so go through them all */ 1354*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 13556185db85Sdougm group = sa_get_next_group(group)) { 13566185db85Sdougm /* 13576185db85Sdougm * have a group so check if one we want and then list 13586185db85Sdougm * contents with appropriate options. 13596185db85Sdougm */ 13606185db85Sdougm if (xml) 13616185db85Sdougm show_group_xml(doc, group); 13626185db85Sdougm else 13636185db85Sdougm show_group(group, verbose, properties, protocol, NULL); 13646185db85Sdougm } 13656185db85Sdougm } else { 13666185db85Sdougm /* have a specified list of groups */ 13676185db85Sdougm for (; optind < argc; optind++) { 1368*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 13696185db85Sdougm if (group != NULL) { 13706185db85Sdougm if (xml) 13716185db85Sdougm show_group_xml(doc, group); 13726185db85Sdougm else 13736185db85Sdougm show_group(group, verbose, properties, protocol, NULL); 13746185db85Sdougm } else { 13756185db85Sdougm (void) printf(gettext("%s: not found\n"), argv[optind]); 13766185db85Sdougm ret = SA_NO_SUCH_GROUP; 13776185db85Sdougm } 13786185db85Sdougm } 13796185db85Sdougm } 13806185db85Sdougm if (xml && ret == SA_OK) { 13816185db85Sdougm xmlDocFormatDump(stdout, doc, 1); 13826185db85Sdougm xmlFreeDoc(doc); 13836185db85Sdougm } 13846185db85Sdougm return (ret); 13856185db85Sdougm 13866185db85Sdougm } 13876185db85Sdougm 13886185db85Sdougm /* 13896185db85Sdougm * enable_share(group, share, update_legacy) 13906185db85Sdougm * 13916185db85Sdougm * helper function to enable a share if the group is enabled. 13926185db85Sdougm */ 13936185db85Sdougm 13946185db85Sdougm static int 1395*549ec3ffSdougm enable_share(sa_handle_t handle, sa_group_t group, sa_share_t share, 1396*549ec3ffSdougm int update_legacy) 13976185db85Sdougm { 13986185db85Sdougm char *value; 13996185db85Sdougm int enabled; 14006185db85Sdougm sa_optionset_t optionset; 14016185db85Sdougm int ret = SA_OK; 14026185db85Sdougm char *zfs = NULL; 14036185db85Sdougm int iszfs = 0; 14046185db85Sdougm 14056185db85Sdougm /* 14066185db85Sdougm * need to enable this share if the group is enabled but not 14076185db85Sdougm * otherwise. The enable is also done on each protocol 14086185db85Sdougm * represented in the group. 14096185db85Sdougm */ 14106185db85Sdougm value = sa_get_group_attr(group, "state"); 14116185db85Sdougm enabled = value != NULL && strcmp(value, "enabled") == 0; 14126185db85Sdougm if (value != NULL) 14136185db85Sdougm sa_free_attr_string(value); 14146185db85Sdougm /* remove legacy config if necessary */ 14156185db85Sdougm if (update_legacy) 14166185db85Sdougm ret = sa_delete_legacy(share); 14176185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 14186185db85Sdougm if (zfs != NULL) { 14196185db85Sdougm iszfs++; 14206185db85Sdougm sa_free_attr_string(zfs); 14216185db85Sdougm } 14226185db85Sdougm 14236185db85Sdougm /* 14246185db85Sdougm * Step through each optionset at the group level and 14256185db85Sdougm * enable the share based on the protocol type. This 14266185db85Sdougm * works because protocols must be set on the group 14276185db85Sdougm * for the protocol to be enabled. 14286185db85Sdougm */ 14296185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 14306185db85Sdougm optionset != NULL && ret == SA_OK; 14316185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 14326185db85Sdougm value = sa_get_optionset_attr(optionset, "type"); 14336185db85Sdougm if (value != NULL) { 14346185db85Sdougm if (enabled) 14356185db85Sdougm ret = sa_enable_share(share, value); 14366185db85Sdougm if (update_legacy && !iszfs) 14376185db85Sdougm (void) sa_update_legacy(share, value); 14386185db85Sdougm sa_free_attr_string(value); 14396185db85Sdougm } 14406185db85Sdougm } 14416185db85Sdougm if (ret == SA_OK) 1442*549ec3ffSdougm (void) sa_update_config(handle); 14436185db85Sdougm return (ret); 14446185db85Sdougm } 14456185db85Sdougm 14466185db85Sdougm /* 14476185db85Sdougm * sa_addshare(flags, argc, argv) 14486185db85Sdougm * 14496185db85Sdougm * implements add-share subcommand. 14506185db85Sdougm */ 14516185db85Sdougm 14526185db85Sdougm int 1453*549ec3ffSdougm sa_addshare(sa_handle_t handle, int flags, int argc, char *argv[]) 14546185db85Sdougm { 14556185db85Sdougm int verbose = 0; 14566185db85Sdougm int dryrun = 0; 14576185db85Sdougm int c; 14586185db85Sdougm int ret = SA_OK; 14596185db85Sdougm sa_group_t group; 14606185db85Sdougm sa_share_t share; 14616185db85Sdougm char *sharepath = NULL; 14626185db85Sdougm char *description = NULL; 14636185db85Sdougm char *resource = NULL; 14646185db85Sdougm int persist = SA_SHARE_PERMANENT; /* default to persist */ 14656185db85Sdougm int auth; 14666185db85Sdougm char dir[MAXPATHLEN]; 14676185db85Sdougm 14686185db85Sdougm while ((c = getopt(argc, argv, "?hvns:d:r:t")) != EOF) { 14696185db85Sdougm switch (c) { 14706185db85Sdougm case 'n': 14716185db85Sdougm dryrun++; 14726185db85Sdougm break; 14736185db85Sdougm case 'v': 14746185db85Sdougm verbose++; 14756185db85Sdougm break; 14766185db85Sdougm case 'd': 14776185db85Sdougm description = optarg; 14786185db85Sdougm break; 14796185db85Sdougm case 'r': 14806185db85Sdougm resource = optarg; 14816185db85Sdougm break; 14826185db85Sdougm case 's': 14836185db85Sdougm /* 14846185db85Sdougm * save share path into group. Currently limit 14856185db85Sdougm * to one share per command. 14866185db85Sdougm */ 14876185db85Sdougm if (sharepath != NULL) { 14886185db85Sdougm (void) printf(gettext("Adding multiple shares not" 14896185db85Sdougm "supported\n")); 14906185db85Sdougm return (1); 14916185db85Sdougm } 14926185db85Sdougm sharepath = optarg; 14936185db85Sdougm break; 14946185db85Sdougm case 't': 14956185db85Sdougm persist = SA_SHARE_TRANSIENT; 14966185db85Sdougm break; 14976185db85Sdougm default: 14986185db85Sdougm case 'h': 14996185db85Sdougm case '?': 15006185db85Sdougm (void) printf(gettext("usage: %s\n"), 15016185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 15026185db85Sdougm return (0); 15036185db85Sdougm } 15046185db85Sdougm } 15056185db85Sdougm 15066185db85Sdougm if (optind >= argc) { 15076185db85Sdougm (void) printf(gettext("usage: %s\n"), 15086185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 15096185db85Sdougm if (dryrun || sharepath != NULL || description != NULL || 15106185db85Sdougm resource != NULL || verbose || persist) { 15116185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 15126185db85Sdougm ret = SA_NO_SUCH_GROUP; 15136185db85Sdougm } else { 15146185db85Sdougm ret = SA_OK; 15156185db85Sdougm } 15166185db85Sdougm } else { 15176185db85Sdougm if (sharepath == NULL) { 15186185db85Sdougm (void) printf(gettext("usage: %s\n"), 15196185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 15206185db85Sdougm (void) printf(gettext("\t-s sharepath must be specified\n")); 15216185db85Sdougm ret = SA_BAD_PATH; 15226185db85Sdougm } 15236185db85Sdougm if (ret == SA_OK) { 15246185db85Sdougm if (realpath(sharepath, dir) == NULL) { 15256185db85Sdougm ret = SA_BAD_PATH; 15266185db85Sdougm (void) printf(gettext("Path is not valid: %s\n"), 15276185db85Sdougm sharepath); 15286185db85Sdougm } else { 15296185db85Sdougm sharepath = dir; 15306185db85Sdougm } 15316185db85Sdougm } 15326185db85Sdougm if (ret == SA_OK && resource != NULL) { 15336185db85Sdougm /* check for valid syntax */ 15346185db85Sdougm if (strpbrk(resource, " \t/") != NULL) { 15356185db85Sdougm (void) printf(gettext("usage: %s\n"), 15366185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 15376185db85Sdougm (void) printf(gettext("\tresource must not contain white" 15386185db85Sdougm "space or '/' characters\n")); 15396185db85Sdougm ret = SA_BAD_PATH; 15406185db85Sdougm } 15416185db85Sdougm } 15426185db85Sdougm if (ret == SA_OK) { 1543*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 15446185db85Sdougm if (group != NULL) { 15456185db85Sdougm auth = check_authorizations(argv[optind], flags); 1546*549ec3ffSdougm share = sa_find_share(handle, sharepath); 15476185db85Sdougm if (share != NULL) { 15486185db85Sdougm group = sa_get_parent_group(share); 15496185db85Sdougm if (group != NULL) { 15506185db85Sdougm char *groupname; 15516185db85Sdougm groupname = sa_get_group_attr(group, "name"); 15526185db85Sdougm if (groupname != NULL) { 15536185db85Sdougm (void) printf(gettext("Share path already " 15546185db85Sdougm "shared in group " 15556185db85Sdougm "\"%s\": %s\n"), 15566185db85Sdougm groupname, sharepath); 15576185db85Sdougm sa_free_attr_string(groupname); 15586185db85Sdougm } else { 15596185db85Sdougm (void) printf(gettext("Share path already" 15606185db85Sdougm "shared: %s\n"), 15616185db85Sdougm groupname, sharepath); 15626185db85Sdougm } 15636185db85Sdougm } else { 15646185db85Sdougm (void) printf(gettext("Share path %s already " 15656185db85Sdougm "shared\n"), 15666185db85Sdougm sharepath); 15676185db85Sdougm } 15686185db85Sdougm ret = SA_DUPLICATE_NAME; 15696185db85Sdougm } else { 15706185db85Sdougm /* 15716185db85Sdougm * need to check that resource name is unique 1572f345c0beSdougm * at some point. Path checking should use the 1573f345c0beSdougm * "normal" rules which don't check the repository. 15746185db85Sdougm */ 15756185db85Sdougm if (dryrun) 1576f345c0beSdougm ret = sa_check_path(group, sharepath, 1577f345c0beSdougm SA_CHECK_NORMAL); 15786185db85Sdougm else 15796185db85Sdougm share = sa_add_share(group, sharepath, 15806185db85Sdougm persist, &ret); 15816185db85Sdougm if (!dryrun && share == NULL) { 15826185db85Sdougm (void) printf(gettext("Could not add share: " 15836185db85Sdougm "%s\n"), 15846185db85Sdougm sa_errorstr(ret)); 15856185db85Sdougm } else { 15866185db85Sdougm if (!dryrun && ret == SA_OK) { 15876185db85Sdougm if (resource != NULL) { 15886185db85Sdougm if (strpbrk(resource, " \t/") == NULL) { 15896185db85Sdougm ret = sa_set_share_attr(share, 15906185db85Sdougm "resource", 15916185db85Sdougm resource); 15926185db85Sdougm } 15936185db85Sdougm } 15946185db85Sdougm if (ret == SA_OK && description != NULL) { 15956185db85Sdougm ret = sa_set_share_description(share, 15966185db85Sdougm description); 15976185db85Sdougm } 15986185db85Sdougm if (ret == SA_OK) { 15996185db85Sdougm /* now enable the share(s) */ 1600*549ec3ffSdougm ret = enable_share(handle, group, share, 1); 1601*549ec3ffSdougm ret = sa_update_config(handle); 16026185db85Sdougm } 16036185db85Sdougm switch (ret) { 16046185db85Sdougm case SA_DUPLICATE_NAME: 16056185db85Sdougm (void) printf(gettext("Resource name in" 16066185db85Sdougm "use: %s\n"), 16076185db85Sdougm resource); 16086185db85Sdougm break; 16096185db85Sdougm default: 16106185db85Sdougm (void) printf(gettext("Could not set " 16116185db85Sdougm "attribute: %s\n"), 16126185db85Sdougm sa_errorstr(ret)); 16136185db85Sdougm break; 16146185db85Sdougm case SA_OK: 16156185db85Sdougm break; 16166185db85Sdougm } 16176185db85Sdougm } else if (dryrun && ret == SA_OK && 16186185db85Sdougm !auth && verbose) { 16196185db85Sdougm (void) printf(gettext("Command would fail: " 16206185db85Sdougm "%s\n"), 16216185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 16226185db85Sdougm ret = SA_NO_PERMISSION; 16236185db85Sdougm } 16246185db85Sdougm } 16256185db85Sdougm } 16266185db85Sdougm } else { 16276185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 16286185db85Sdougm argv[optind]); 16296185db85Sdougm ret = SA_NO_SUCH_GROUP; 16306185db85Sdougm } 16316185db85Sdougm } 16326185db85Sdougm } 16336185db85Sdougm return (ret); 16346185db85Sdougm } 16356185db85Sdougm 16366185db85Sdougm /* 16376185db85Sdougm * sa_moveshare(flags, argc, argv) 16386185db85Sdougm * 16396185db85Sdougm * implements move-share subcommand. 16406185db85Sdougm */ 16416185db85Sdougm 16426185db85Sdougm int 1643*549ec3ffSdougm sa_moveshare(sa_handle_t handle, int flags, int argc, char *argv[]) 16446185db85Sdougm { 16456185db85Sdougm int verbose = 0; 16466185db85Sdougm int dryrun = 0; 16476185db85Sdougm int c; 16486185db85Sdougm int ret = SA_OK; 16496185db85Sdougm sa_group_t group; 16506185db85Sdougm sa_share_t share; 16516185db85Sdougm char *sharepath = NULL; 16526185db85Sdougm int authsrc = 0, authdst = 0; 16536185db85Sdougm 16546185db85Sdougm while ((c = getopt(argc, argv, "?hvns:")) != EOF) { 16556185db85Sdougm switch (c) { 16566185db85Sdougm case 'n': 16576185db85Sdougm dryrun++; 16586185db85Sdougm break; 16596185db85Sdougm case 'v': 16606185db85Sdougm verbose++; 16616185db85Sdougm break; 16626185db85Sdougm case 's': 16636185db85Sdougm /* 16646185db85Sdougm * remove share path from group. Currently limit 16656185db85Sdougm * to one share per command. 16666185db85Sdougm */ 16676185db85Sdougm if (sharepath != NULL) { 16686185db85Sdougm (void) printf(gettext("Moving multiple shares not" 16696185db85Sdougm "supported\n")); 16706185db85Sdougm return (SA_BAD_PATH); 16716185db85Sdougm } 16726185db85Sdougm sharepath = optarg; 16736185db85Sdougm break; 16746185db85Sdougm default: 16756185db85Sdougm case 'h': 16766185db85Sdougm case '?': 16776185db85Sdougm (void) printf(gettext("usage: %s\n"), 16786185db85Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 16796185db85Sdougm return (0); 16806185db85Sdougm } 16816185db85Sdougm } 16826185db85Sdougm 16836185db85Sdougm if (optind >= argc || sharepath == NULL) { 16846185db85Sdougm (void) printf(gettext("usage: %s\n"), 16856185db85Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 16866185db85Sdougm if (dryrun || verbose || sharepath != NULL) { 16876185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 16886185db85Sdougm ret = SA_NO_SUCH_GROUP; 16896185db85Sdougm } else { 16906185db85Sdougm if (sharepath == NULL) { 16916185db85Sdougm ret = SA_SYNTAX_ERR; 16926185db85Sdougm (void) printf(gettext("\tsharepath must be specified\n")); 16936185db85Sdougm } else 16946185db85Sdougm ret = SA_OK; 16956185db85Sdougm } 16966185db85Sdougm } else { 16976185db85Sdougm if (sharepath == NULL) { 16986185db85Sdougm (void) printf(gettext("sharepath must be specified with " 16996185db85Sdougm "the -s option\n")); 17006185db85Sdougm ret = SA_BAD_PATH; 17016185db85Sdougm } else { 1702*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 17036185db85Sdougm if (group != NULL) { 1704*549ec3ffSdougm share = sa_find_share(handle, sharepath); 17056185db85Sdougm authdst = check_authorizations(argv[optind], flags); 17066185db85Sdougm if (share == NULL) { 17076185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 17086185db85Sdougm sharepath); 17096185db85Sdougm ret = SA_NO_SUCH_PATH; 17106185db85Sdougm } else { 17116185db85Sdougm sa_group_t parent; 17126185db85Sdougm char *zfsold; 17136185db85Sdougm char *zfsnew; 17146185db85Sdougm 17156185db85Sdougm parent = sa_get_parent_group(share); 17166185db85Sdougm if (parent != NULL) { 17176185db85Sdougm char *pname; 17186185db85Sdougm pname = sa_get_group_attr(parent, "name"); 17196185db85Sdougm if (pname != NULL) { 17206185db85Sdougm authsrc = check_authorizations(pname, flags); 17216185db85Sdougm sa_free_attr_string(pname); 17226185db85Sdougm } 17236185db85Sdougm zfsold = sa_get_group_attr(parent, "zfs"); 17246185db85Sdougm zfsnew = sa_get_group_attr(group, "zfs"); 17256185db85Sdougm if ((zfsold != NULL && zfsnew == NULL) || 17266185db85Sdougm (zfsold == NULL && zfsnew != NULL)) { 17276185db85Sdougm ret = SA_NOT_ALLOWED; 17286185db85Sdougm } 17296185db85Sdougm if (zfsold != NULL) 17306185db85Sdougm sa_free_attr_string(zfsold); 17316185db85Sdougm if (zfsnew != NULL) 17326185db85Sdougm sa_free_attr_string(zfsnew); 17336185db85Sdougm } 17346185db85Sdougm if (!dryrun && ret == SA_OK) { 17356185db85Sdougm ret = sa_move_share(group, share); 17366185db85Sdougm } 17376185db85Sdougm if (ret == SA_OK && parent != group && !dryrun) { 17386185db85Sdougm char *oldstate; 1739*549ec3ffSdougm ret = sa_update_config(handle); 17406185db85Sdougm /* 17416185db85Sdougm * note that the share may need to be 17426185db85Sdougm * "unshared" if the new group is 17436185db85Sdougm * disabled and the old was enabled or 17446185db85Sdougm * it may need to be share to update 17456185db85Sdougm * if the new group is enabled. 17466185db85Sdougm */ 17476185db85Sdougm oldstate = sa_get_group_attr(parent, "state"); 17486185db85Sdougm /* enable_share determines what to do */ 17496185db85Sdougm if (strcmp(oldstate, "enabled") == 0) { 17506185db85Sdougm (void) sa_disable_share(share, NULL); 17516185db85Sdougm } 1752*549ec3ffSdougm (void) enable_share(handle, group, share, 1); 17536185db85Sdougm if (oldstate != NULL) 17546185db85Sdougm sa_free_attr_string(oldstate); 17556185db85Sdougm } 17566185db85Sdougm if (ret != SA_OK) { 17576185db85Sdougm (void) printf(gettext("Could not move share: %s\n"), 17586185db85Sdougm sa_errorstr(ret)); 17596185db85Sdougm } 17606185db85Sdougm if (dryrun && ret == SA_OK && !(authsrc & authdst) && 17616185db85Sdougm verbose) { 17626185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 17636185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 17646185db85Sdougm } 17656185db85Sdougm } 17666185db85Sdougm } else { 17676185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 17686185db85Sdougm argv[optind]); 17696185db85Sdougm ret = SA_NO_SUCH_GROUP; 17706185db85Sdougm } 17716185db85Sdougm } 17726185db85Sdougm } 17736185db85Sdougm return (ret); 17746185db85Sdougm } 17756185db85Sdougm 17766185db85Sdougm /* 17776185db85Sdougm * sa_removeshare(flags, argc, argv) 17786185db85Sdougm * 17796185db85Sdougm * implements remove-share subcommand. 17806185db85Sdougm */ 17816185db85Sdougm 17826185db85Sdougm int 1783*549ec3ffSdougm sa_removeshare(sa_handle_t handle, int flags, int argc, char *argv[]) 17846185db85Sdougm { 17856185db85Sdougm int verbose = 0; 17866185db85Sdougm int dryrun = 0; 17876185db85Sdougm int force = 0; 17886185db85Sdougm int c; 17896185db85Sdougm int ret = SA_OK; 17906185db85Sdougm sa_group_t group; 17916185db85Sdougm sa_share_t share; 17926185db85Sdougm char *sharepath = NULL; 17936185db85Sdougm char dir[MAXPATHLEN]; 17946185db85Sdougm int auth; 17956185db85Sdougm 17966185db85Sdougm while ((c = getopt(argc, argv, "?hfns:v")) != EOF) { 17976185db85Sdougm switch (c) { 17986185db85Sdougm case 'n': 17996185db85Sdougm dryrun++; 18006185db85Sdougm break; 18016185db85Sdougm case 'v': 18026185db85Sdougm verbose++; 18036185db85Sdougm break; 18046185db85Sdougm case 'f': 18056185db85Sdougm force++; 18066185db85Sdougm break; 18076185db85Sdougm case 's': 18086185db85Sdougm /* 18096185db85Sdougm * remove share path from group. Currently limit 18106185db85Sdougm * to one share per command. 18116185db85Sdougm */ 18126185db85Sdougm if (sharepath != NULL) { 18136185db85Sdougm (void) printf(gettext("Removing multiple shares not" 18146185db85Sdougm "supported\n")); 18156185db85Sdougm return (SA_SYNTAX_ERR); 18166185db85Sdougm } 18176185db85Sdougm sharepath = optarg; 18186185db85Sdougm break; 18196185db85Sdougm default: 18206185db85Sdougm case 'h': 18216185db85Sdougm case '?': 18226185db85Sdougm (void) printf(gettext("usage: %s\n"), 18236185db85Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 18246185db85Sdougm return (0); 18256185db85Sdougm } 18266185db85Sdougm } 18276185db85Sdougm 18286185db85Sdougm if (optind >= argc || sharepath == NULL) { 18296185db85Sdougm if (sharepath == NULL) { 18306185db85Sdougm (void) printf(gettext("usage: %s\n"), 18316185db85Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 18326185db85Sdougm (void) printf(gettext("\t-s sharepath must be specified\n")); 18336185db85Sdougm ret = SA_BAD_PATH; 18346185db85Sdougm } else { 18356185db85Sdougm ret = SA_OK; 18366185db85Sdougm } 18376185db85Sdougm } 18386185db85Sdougm if (ret == SA_OK) { 18396185db85Sdougm if (optind < argc) { 18406185db85Sdougm if ((optind + 1) < argc) { 18416185db85Sdougm (void) printf(gettext("Extraneous group(s) at end of " 18426185db85Sdougm "command\n")); 18436185db85Sdougm ret = SA_SYNTAX_ERR; 18446185db85Sdougm } else { 1845*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 18466185db85Sdougm if (group == NULL) { 18476185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 18486185db85Sdougm argv[optind]); 18496185db85Sdougm ret = SA_NO_SUCH_GROUP; 18506185db85Sdougm } 18516185db85Sdougm } 18526185db85Sdougm } else { 18536185db85Sdougm group = NULL; 18546185db85Sdougm } 1855a99982a7Sdougm 1856a99982a7Sdougm /* 1857a99982a7Sdougm * Lookup the path in the internal configuration. Care 1858a99982a7Sdougm * must be taken to handle the case where the 1859a99982a7Sdougm * underlying path has been removed since we need to 1860a99982a7Sdougm * be able to deal with that as well. 1861a99982a7Sdougm */ 18626185db85Sdougm if (ret == SA_OK) { 18636185db85Sdougm if (group != NULL) 18646185db85Sdougm share = sa_get_share(group, sharepath); 18656185db85Sdougm else 1866*549ec3ffSdougm share = sa_find_share(handle, sharepath); 1867a99982a7Sdougm /* 1868a99982a7Sdougm * If we didn't find the share with the provided path, 1869a99982a7Sdougm * it may be a symlink so attempt to resolve it using 1870a99982a7Sdougm * realpath and try again. Realpath will resolve any 1871a99982a7Sdougm * symlinks and place them in "dir". Note that 1872a99982a7Sdougm * sharepath is only used for the lookup the first 1873a99982a7Sdougm * time and later for error messages. dir will be used 1874a99982a7Sdougm * on the second attempt. Once a share is found, all 1875a99982a7Sdougm * operations are based off of the share variable. 1876a99982a7Sdougm */ 1877a99982a7Sdougm if (share == NULL) { 1878a99982a7Sdougm if (realpath(sharepath, dir) == NULL) { 1879a99982a7Sdougm ret = SA_BAD_PATH; 1880a99982a7Sdougm (void) printf(gettext("Path is not valid: %s\n"), 1881a99982a7Sdougm sharepath); 1882a99982a7Sdougm } else { 1883a99982a7Sdougm if (group != NULL) 1884a99982a7Sdougm share = sa_get_share(group, dir); 1885a99982a7Sdougm else 1886*549ec3ffSdougm share = sa_find_share(handle, dir); 1887a99982a7Sdougm } 1888a99982a7Sdougm } 1889a99982a7Sdougm } 1890a99982a7Sdougm 1891a99982a7Sdougm /* 1892a99982a7Sdougm * If there hasn't been an error, there was likely a 1893a99982a7Sdougm * path found. If not, give the appropriate error 1894a99982a7Sdougm * message and set the return error. If it was found, 1895a99982a7Sdougm * then disable the share and then remove it from the 1896a99982a7Sdougm * configuration. 1897a99982a7Sdougm */ 1898a99982a7Sdougm if (ret == SA_OK) { 18996185db85Sdougm if (share == NULL) { 19006185db85Sdougm if (group != NULL) 19016185db85Sdougm (void) printf(gettext("Share not found in group %s:" 19026185db85Sdougm " %s\n"), 19036185db85Sdougm argv[optind], sharepath); 19046185db85Sdougm else 19056185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 19066185db85Sdougm sharepath); 19076185db85Sdougm ret = SA_NO_SUCH_PATH; 19086185db85Sdougm } else { 19096185db85Sdougm if (group == NULL) 19106185db85Sdougm group = sa_get_parent_group(share); 19116185db85Sdougm if (!dryrun) { 19126185db85Sdougm if (ret == SA_OK) { 19136185db85Sdougm ret = sa_disable_share(share, NULL); 19146185db85Sdougm /* 19156185db85Sdougm * we don't care if it fails since it 1916a99982a7Sdougm * could be disabled already. Some 1917a99982a7Sdougm * unexpected errors could occur that 1918a99982a7Sdougm * prevent removal, so also check for 1919a99982a7Sdougm * force being set. 19206185db85Sdougm */ 19216185db85Sdougm if (ret == SA_OK || ret == SA_NO_SUCH_PATH || 1922a99982a7Sdougm ret == SA_NOT_SUPPORTED || 1923a99982a7Sdougm ret == SA_SYSTEM_ERR || force) { 19246185db85Sdougm ret = sa_remove_share(share); 19256185db85Sdougm } 19266185db85Sdougm if (ret == SA_OK) 1927*549ec3ffSdougm ret = sa_update_config(handle); 19286185db85Sdougm } 19296185db85Sdougm if (ret != SA_OK) { 19306185db85Sdougm (void) printf(gettext("Could not remove share:" 19316185db85Sdougm " %s\n"), 19326185db85Sdougm sa_errorstr(ret)); 19336185db85Sdougm } 19346185db85Sdougm } else if (ret == SA_OK) { 19356185db85Sdougm char *pname; 19366185db85Sdougm pname = sa_get_group_attr(group, "name"); 19376185db85Sdougm if (pname != NULL) { 19386185db85Sdougm auth = check_authorizations(pname, flags); 19396185db85Sdougm sa_free_attr_string(pname); 19406185db85Sdougm } 19416185db85Sdougm if (!auth && verbose) { 19426185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 19436185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 19446185db85Sdougm } 19456185db85Sdougm } 19466185db85Sdougm } 19476185db85Sdougm } 19486185db85Sdougm } 19496185db85Sdougm return (ret); 19506185db85Sdougm } 19516185db85Sdougm 19526185db85Sdougm /* 19536185db85Sdougm * sa_set_share(flags, argc, argv) 19546185db85Sdougm * 19556185db85Sdougm * implements set-share subcommand. 19566185db85Sdougm */ 19576185db85Sdougm 19586185db85Sdougm int 1959*549ec3ffSdougm sa_set_share(sa_handle_t handle, int flags, int argc, char *argv[]) 19606185db85Sdougm { 19616185db85Sdougm int dryrun = 0; 19626185db85Sdougm int c; 19636185db85Sdougm int ret = SA_OK; 19646185db85Sdougm sa_group_t group, sharegroup; 19656185db85Sdougm sa_share_t share; 19666185db85Sdougm char *sharepath = NULL; 19676185db85Sdougm char *description = NULL; 19686185db85Sdougm char *resource = NULL; 19696185db85Sdougm int auth; 19706185db85Sdougm int verbose = 0; 19716185db85Sdougm 19726185db85Sdougm while ((c = getopt(argc, argv, "?hnd:r:s:")) != EOF) { 19736185db85Sdougm switch (c) { 19746185db85Sdougm case 'n': 19756185db85Sdougm dryrun++; 19766185db85Sdougm break; 19776185db85Sdougm case 'd': 19786185db85Sdougm description = optarg; 19796185db85Sdougm break; 19806185db85Sdougm case 'r': 19816185db85Sdougm resource = optarg; 19826185db85Sdougm break; 19836185db85Sdougm case 'v': 19846185db85Sdougm verbose++; 19856185db85Sdougm break; 19866185db85Sdougm case 's': 19876185db85Sdougm /* 19886185db85Sdougm * save share path into group. Currently limit 19896185db85Sdougm * to one share per command. 19906185db85Sdougm */ 19916185db85Sdougm if (sharepath != NULL) { 19926185db85Sdougm (void) printf(gettext("Updating multiple shares not" 19936185db85Sdougm "supported\n")); 19946185db85Sdougm return (SA_BAD_PATH); 19956185db85Sdougm } 19966185db85Sdougm sharepath = optarg; 19976185db85Sdougm break; 19986185db85Sdougm default: 19996185db85Sdougm case 'h': 20006185db85Sdougm case '?': 20016185db85Sdougm (void) printf(gettext("usage: %s\n"), 20026185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 20036185db85Sdougm return (SA_OK); 20046185db85Sdougm } 20056185db85Sdougm } 20066185db85Sdougm if (optind >= argc || sharepath == NULL) { 20076185db85Sdougm if (sharepath == NULL) { 20086185db85Sdougm (void) printf(gettext("usage: %s\n"), 20096185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 20106185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 20116185db85Sdougm ret = SA_BAD_PATH; 20126185db85Sdougm } else { 20136185db85Sdougm ret = SA_OK; 20146185db85Sdougm } 20156185db85Sdougm } 20166185db85Sdougm if ((optind + 1) < argc) { 20176185db85Sdougm (void) printf(gettext("usage: %s\n"), 20186185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 20196185db85Sdougm (void) printf(gettext("\tExtraneous group(s) at end\n")); 20206185db85Sdougm ret = SA_SYNTAX_ERR; 20216185db85Sdougm } 20226185db85Sdougm if (ret == SA_OK) { 20236185db85Sdougm char *groupname; 20246185db85Sdougm if (optind < argc) { 20256185db85Sdougm groupname = argv[optind]; 2026*549ec3ffSdougm group = sa_get_group(handle, groupname); 20276185db85Sdougm } else { 20286185db85Sdougm group = NULL; 20296185db85Sdougm groupname = NULL; 20306185db85Sdougm } 2031*549ec3ffSdougm share = sa_find_share(handle, sharepath); 20326185db85Sdougm if (share != NULL) { 20336185db85Sdougm sharegroup = sa_get_parent_group(share); 20346185db85Sdougm if (group != NULL && group != sharegroup) { 20356185db85Sdougm (void) printf(gettext("Group \"%s\" does not contain " 20366185db85Sdougm "share %s\n"), 20376185db85Sdougm argv[optind], sharepath); 20386185db85Sdougm ret = SA_BAD_PATH; 20396185db85Sdougm } else { 20406185db85Sdougm int delgroupname = 0; 20416185db85Sdougm if (groupname == NULL) { 20426185db85Sdougm groupname = sa_get_group_attr(sharegroup, "name"); 20436185db85Sdougm delgroupname = 1; 20446185db85Sdougm } 20456185db85Sdougm if (groupname != NULL) { 20466185db85Sdougm auth = check_authorizations(groupname, flags); 20476185db85Sdougm if (delgroupname) { 20486185db85Sdougm sa_free_attr_string(groupname); 20496185db85Sdougm groupname = NULL; 20506185db85Sdougm } 20516185db85Sdougm } else { 20526185db85Sdougm ret = SA_NO_MEMORY; 20536185db85Sdougm } 20546185db85Sdougm if (resource != NULL) { 20556185db85Sdougm if (strpbrk(resource, " \t/") == NULL) { 20566185db85Sdougm if (!dryrun) { 20576185db85Sdougm ret = sa_set_share_attr(share, "resource", 20586185db85Sdougm resource); 20596185db85Sdougm } else { 20606185db85Sdougm sa_share_t resshare; 20616185db85Sdougm resshare = sa_get_resource(sharegroup, 20626185db85Sdougm resource); 20636185db85Sdougm if (resshare != NULL && resshare != share) 20646185db85Sdougm ret = SA_DUPLICATE_NAME; 20656185db85Sdougm } 20666185db85Sdougm } else { 20676185db85Sdougm ret = SA_BAD_PATH; 20686185db85Sdougm (void) printf(gettext("Resource must not contain " 20696185db85Sdougm "white space or '/'\n")); 20706185db85Sdougm } 20716185db85Sdougm } 20726185db85Sdougm if (ret == SA_OK && description != NULL) { 20736185db85Sdougm ret = sa_set_share_description(share, description); 20746185db85Sdougm } 20756185db85Sdougm } 20766185db85Sdougm if (!dryrun && ret == SA_OK) { 2077*549ec3ffSdougm ret = sa_update_config(handle); 20786185db85Sdougm } 20796185db85Sdougm switch (ret) { 20806185db85Sdougm case SA_DUPLICATE_NAME: 20816185db85Sdougm (void) printf(gettext("Resource name in use: %s\n"), 20826185db85Sdougm resource); 20836185db85Sdougm break; 20846185db85Sdougm default: 20856185db85Sdougm (void) printf(gettext("Could not set attribute: %s\n"), 20866185db85Sdougm sa_errorstr(ret)); 20876185db85Sdougm break; 20886185db85Sdougm case SA_OK: 20896185db85Sdougm if (dryrun && !auth && verbose) { 20906185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 20916185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 20926185db85Sdougm } 20936185db85Sdougm break; 20946185db85Sdougm } 20956185db85Sdougm } else { 20966185db85Sdougm (void) printf(gettext("Share path \"%s\" not found\n"), 20976185db85Sdougm sharepath); 20986185db85Sdougm ret = SA_NO_SUCH_PATH; 20996185db85Sdougm } 21006185db85Sdougm } 21016185db85Sdougm return (ret); 21026185db85Sdougm } 21036185db85Sdougm 21046185db85Sdougm /* 21056185db85Sdougm * add_security(group, sectype, optlist, proto, *err) 21066185db85Sdougm * 21076185db85Sdougm * Helper function to add a security option (named optionset) to the 21086185db85Sdougm * group. 21096185db85Sdougm */ 21106185db85Sdougm 21116185db85Sdougm static int 21126185db85Sdougm add_security(sa_group_t group, char *sectype, 21136185db85Sdougm struct options *optlist, char *proto, int *err) 21146185db85Sdougm { 21156185db85Sdougm sa_security_t security; 21166185db85Sdougm int ret = SA_OK; 21176185db85Sdougm int result = 0; 21186185db85Sdougm 21196185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 21206185db85Sdougm security = sa_get_security(group, sectype, proto); 21216185db85Sdougm if (security == NULL) { 21226185db85Sdougm security = sa_create_security(group, sectype, proto); 21236185db85Sdougm } 21246185db85Sdougm if (sectype != NULL) 21256185db85Sdougm sa_free_attr_string(sectype); 21266185db85Sdougm if (security != NULL) { 21276185db85Sdougm while (optlist != NULL) { 21286185db85Sdougm sa_property_t prop; 21296185db85Sdougm prop = sa_get_property(security, optlist->optname); 21306185db85Sdougm if (prop == NULL) { 21316185db85Sdougm /* 21326185db85Sdougm * add the property, but only if it is 21336185db85Sdougm * a non-NULL or non-zero length value 21346185db85Sdougm */ 21356185db85Sdougm if (optlist->optvalue != NULL) { 21366185db85Sdougm prop = sa_create_property(optlist->optname, 21376185db85Sdougm optlist->optvalue); 21386185db85Sdougm if (prop != NULL) { 21396185db85Sdougm ret = sa_valid_property(security, proto, prop); 21406185db85Sdougm if (ret != SA_OK) { 21416185db85Sdougm (void) sa_remove_property(prop); 21426185db85Sdougm (void) printf(gettext("Could not add " 21436185db85Sdougm "property %s: %s\n"), 21446185db85Sdougm optlist->optname, 21456185db85Sdougm sa_errorstr(ret)); 21466185db85Sdougm } 21476185db85Sdougm if (ret == SA_OK) { 21486185db85Sdougm ret = sa_add_property(security, prop); 21496185db85Sdougm if (ret != SA_OK) { 21506185db85Sdougm (void) printf(gettext("Could not add " 21516185db85Sdougm "property (%s=%s): %s\n"), 21526185db85Sdougm optlist->optname, 21536185db85Sdougm optlist->optvalue, 21546185db85Sdougm sa_errorstr(ret)); 21556185db85Sdougm } else { 21566185db85Sdougm result = 1; 21576185db85Sdougm } 21586185db85Sdougm } 21596185db85Sdougm } 21606185db85Sdougm } 21616185db85Sdougm } else { 21626185db85Sdougm ret = sa_update_property(prop, optlist->optvalue); 21636185db85Sdougm result = 1; /* should check if really changed */ 21646185db85Sdougm } 21656185db85Sdougm optlist = optlist->next; 21666185db85Sdougm } 21676185db85Sdougm /* 21686185db85Sdougm * when done, properties may have all been removed but 21696185db85Sdougm * we need to keep the security type itself until 21706185db85Sdougm * explicitly removed. 21716185db85Sdougm */ 21726185db85Sdougm if (result) 21736185db85Sdougm ret = sa_commit_properties(security, 0); 21746185db85Sdougm } 21756185db85Sdougm *err = ret; 21766185db85Sdougm return (result); 21776185db85Sdougm } 21786185db85Sdougm 21796185db85Sdougm /* 21806185db85Sdougm * basic_set(groupname, optlist, protocol, sharepath, dryrun) 21816185db85Sdougm * 21826185db85Sdougm * This function implements "set" when a name space (-S) is not 21836185db85Sdougm * specified. It is a basic set. Options and other CLI parsing has 21846185db85Sdougm * already been done. 21856185db85Sdougm */ 21866185db85Sdougm 21876185db85Sdougm static int 2188*549ec3ffSdougm basic_set(sa_handle_t handle, char *groupname, struct options *optlist, 2189*549ec3ffSdougm char *protocol, char *sharepath, int dryrun) 21906185db85Sdougm { 21916185db85Sdougm sa_group_t group; 21926185db85Sdougm int ret = SA_OK; 21936185db85Sdougm int change = 0; 21946185db85Sdougm struct list *worklist = NULL; 21956185db85Sdougm 2196*549ec3ffSdougm group = sa_get_group(handle, groupname); 21976185db85Sdougm if (group != NULL) { 21986185db85Sdougm sa_share_t share = NULL; 21996185db85Sdougm if (sharepath != NULL) { 22006185db85Sdougm share = sa_get_share(group, sharepath); 22016185db85Sdougm if (share == NULL) { 22026185db85Sdougm (void) printf(gettext("Share does not exist in group %s\n"), 22036185db85Sdougm groupname, sharepath); 22046185db85Sdougm ret = SA_NO_SUCH_PATH; 22056185db85Sdougm } 22066185db85Sdougm } 22076185db85Sdougm if (ret == SA_OK) { 22086185db85Sdougm /* group must exist */ 22096185db85Sdougm ret = valid_options(optlist, protocol, 22106185db85Sdougm share == NULL ? group : share, NULL); 22116185db85Sdougm if (ret == SA_OK && !dryrun) { 22126185db85Sdougm if (share != NULL) 22136185db85Sdougm change |= add_optionset(share, optlist, protocol, 22146185db85Sdougm &ret); 22156185db85Sdougm else 22166185db85Sdougm change |= add_optionset(group, optlist, protocol, 22176185db85Sdougm &ret); 22186185db85Sdougm if (ret == SA_OK && change) { 22196185db85Sdougm worklist = add_list(worklist, group, share); 22206185db85Sdougm } 22216185db85Sdougm } 22226185db85Sdougm } 22236185db85Sdougm free_opt(optlist); 22246185db85Sdougm } else { 22256185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 22266185db85Sdougm ret = SA_NO_SUCH_GROUP; 22276185db85Sdougm } 22286185db85Sdougm /* 22296185db85Sdougm * we have a group and potentially legal additions 22306185db85Sdougm */ 22316185db85Sdougm 22326185db85Sdougm /* commit to configuration if not a dryrun */ 22336185db85Sdougm if (!dryrun && ret == SA_OK) { 22346185db85Sdougm if (change && worklist != NULL) { 22356185db85Sdougm /* properties changed, so update all shares */ 2236*549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 0, protocol); 22376185db85Sdougm } 22386185db85Sdougm } 22396185db85Sdougm if (worklist != NULL) 22406185db85Sdougm free_list(worklist); 22416185db85Sdougm return (ret); 22426185db85Sdougm } 22436185db85Sdougm 22446185db85Sdougm /* 22456185db85Sdougm * space_set(groupname, optlist, protocol, sharepath, dryrun) 22466185db85Sdougm * 22476185db85Sdougm * This function implements "set" when a name space (-S) is 22486185db85Sdougm * specified. It is a namespace set. Options and other CLI parsing has 22496185db85Sdougm * already been done. 22506185db85Sdougm */ 22516185db85Sdougm 22526185db85Sdougm static int 2253*549ec3ffSdougm space_set(sa_handle_t handle, char *groupname, struct options *optlist, 2254*549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 22556185db85Sdougm { 22566185db85Sdougm sa_group_t group; 22576185db85Sdougm int ret = SA_OK; 22586185db85Sdougm int change = 0; 22596185db85Sdougm struct list *worklist = NULL; 22606185db85Sdougm 22616185db85Sdougm /* 22626185db85Sdougm * make sure protcol and sectype are valid 22636185db85Sdougm */ 22646185db85Sdougm 22656185db85Sdougm if (sa_proto_valid_space(protocol, sectype) == 0) { 22666185db85Sdougm (void) printf(gettext("Option space \"%s\" not valid " 22676185db85Sdougm "for protocol.\n"), 22686185db85Sdougm sectype); 22696185db85Sdougm return (SA_INVALID_SECURITY); 22706185db85Sdougm } 22716185db85Sdougm 2272*549ec3ffSdougm group = sa_get_group(handle, groupname); 22736185db85Sdougm if (group != NULL) { 22746185db85Sdougm sa_share_t share = NULL; 22756185db85Sdougm if (sharepath != NULL) { 22766185db85Sdougm share = sa_get_share(group, sharepath); 22776185db85Sdougm if (share == NULL) { 22786185db85Sdougm (void) printf(gettext("Share does not exist in group %s\n"), 22796185db85Sdougm groupname, sharepath); 22806185db85Sdougm ret = SA_NO_SUCH_PATH; 22816185db85Sdougm } 22826185db85Sdougm } 22836185db85Sdougm if (ret == SA_OK) { 22846185db85Sdougm /* group must exist */ 22856185db85Sdougm ret = valid_options(optlist, protocol, 22866185db85Sdougm share == NULL ? group : share, sectype); 22876185db85Sdougm if (ret == SA_OK && !dryrun) { 22886185db85Sdougm if (share != NULL) 22896185db85Sdougm change = add_security(share, sectype, optlist, 22906185db85Sdougm protocol, 22916185db85Sdougm &ret); 22926185db85Sdougm else 22936185db85Sdougm change = add_security(group, sectype, optlist, 22946185db85Sdougm protocol, 22956185db85Sdougm &ret); 22966185db85Sdougm if (ret != SA_OK) 22976185db85Sdougm (void) printf(gettext("Could not set property: %s\n"), 22986185db85Sdougm sa_errorstr(ret)); 22996185db85Sdougm } 23006185db85Sdougm if (ret == SA_OK && change) 23016185db85Sdougm worklist = add_list(worklist, group, share); 23026185db85Sdougm } 23036185db85Sdougm free_opt(optlist); 23046185db85Sdougm } else { 23056185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 23066185db85Sdougm ret = SA_NO_SUCH_GROUP; 23076185db85Sdougm } 23086185db85Sdougm /* 23096185db85Sdougm * we have a group and potentially legal additions 23106185db85Sdougm */ 23116185db85Sdougm 23126185db85Sdougm /* commit to configuration if not a dryrun */ 23136185db85Sdougm if (!dryrun && ret == 0) { 23146185db85Sdougm if (change && worklist != NULL) { 23156185db85Sdougm /* properties changed, so update all shares */ 2316*549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 0, protocol); 23176185db85Sdougm } 2318*549ec3ffSdougm ret = sa_update_config(handle); 23196185db85Sdougm } 23206185db85Sdougm if (worklist != NULL) 23216185db85Sdougm free_list(worklist); 23226185db85Sdougm return (ret); 23236185db85Sdougm } 23246185db85Sdougm 23256185db85Sdougm /* 23266185db85Sdougm * sa_set(flags, argc, argv) 23276185db85Sdougm * 23286185db85Sdougm * Implements the set subcommand. It keys off of -S to determine which 23296185db85Sdougm * set of operations to actually do. 23306185db85Sdougm */ 23316185db85Sdougm 23326185db85Sdougm int 2333*549ec3ffSdougm sa_set(sa_handle_t handle, int flags, int argc, char *argv[]) 23346185db85Sdougm { 23356185db85Sdougm char *groupname; 23366185db85Sdougm int verbose = 0; 23376185db85Sdougm int dryrun = 0; 23386185db85Sdougm int c; 23396185db85Sdougm char *protocol = NULL; 23406185db85Sdougm int ret = SA_OK; 23416185db85Sdougm struct options *optlist = NULL; 23426185db85Sdougm char *sharepath = NULL; 23436185db85Sdougm char *optset = NULL; 23446185db85Sdougm int auth; 23456185db85Sdougm 23466185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:s:S:")) != EOF) { 23476185db85Sdougm switch (c) { 23486185db85Sdougm case 'v': 23496185db85Sdougm verbose++; 23506185db85Sdougm break; 23516185db85Sdougm case 'n': 23526185db85Sdougm dryrun++; 23536185db85Sdougm break; 23546185db85Sdougm case 'P': 23556185db85Sdougm protocol = optarg; 23566185db85Sdougm if (!sa_valid_protocol(protocol)) { 23576185db85Sdougm (void) printf(gettext("Invalid protocol specified:" 23586185db85Sdougm "%s\n"), 23596185db85Sdougm protocol); 23606185db85Sdougm return (SA_INVALID_PROTOCOL); 23616185db85Sdougm } 23626185db85Sdougm break; 23636185db85Sdougm case 'p': 23646185db85Sdougm ret = add_opt(&optlist, optarg, 0); 23656185db85Sdougm switch (ret) { 23666185db85Sdougm case OPT_ADD_SYNTAX: 23676185db85Sdougm (void) printf(gettext("Property syntax error: %s\n"), 23686185db85Sdougm optarg); 23696185db85Sdougm return (SA_SYNTAX_ERR); 23706185db85Sdougm case OPT_ADD_MEMORY: 23716185db85Sdougm (void) printf(gettext("No memory to set property: %s\n"), 23726185db85Sdougm optarg); 23736185db85Sdougm return (SA_NO_MEMORY); 23746185db85Sdougm default: 23756185db85Sdougm break; 23766185db85Sdougm } 23776185db85Sdougm break; 23786185db85Sdougm case 's': 23796185db85Sdougm sharepath = optarg; 23806185db85Sdougm break; 23816185db85Sdougm case 'S': 23826185db85Sdougm optset = optarg; 23836185db85Sdougm break; 23846185db85Sdougm default: 23856185db85Sdougm case 'h': 23866185db85Sdougm case '?': 23876185db85Sdougm (void) printf(gettext("usage: %s\n"), 23886185db85Sdougm sa_get_usage(USAGE_SET)); 23896185db85Sdougm return (SA_OK); 23906185db85Sdougm } 23916185db85Sdougm } 23926185db85Sdougm 23936185db85Sdougm if (optlist != NULL) 23946185db85Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 23956185db85Sdougm 23966185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 23976185db85Sdougm protocol == NULL || 23986185db85Sdougm ret != OPT_ADD_OK) { 23996185db85Sdougm char *sep = "\t"; 24006185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_SET)); 24016185db85Sdougm if (optind >= argc) { 24026185db85Sdougm (void) printf(gettext("%sgroup must be specified"), sep); 24036185db85Sdougm sep = ", "; 24046185db85Sdougm } 24056185db85Sdougm if (optlist == NULL) { 24066185db85Sdougm (void) printf(gettext("%sat least one property must be" 24076185db85Sdougm " specified"), sep); 24086185db85Sdougm sep = ", "; 24096185db85Sdougm } 24106185db85Sdougm if (protocol == NULL) { 24116185db85Sdougm (void) printf(gettext("%sprotocol must be specified"), sep); 24126185db85Sdougm sep = ", "; 24136185db85Sdougm } 24146185db85Sdougm (void) printf("\n"); 24156185db85Sdougm ret = SA_SYNTAX_ERR; 24166185db85Sdougm } else { 24176185db85Sdougm /* 24186185db85Sdougm * if a group already exists, we can only add a new 24196185db85Sdougm * protocol to it and not create a new one or add the 24206185db85Sdougm * same protocol again. 24216185db85Sdougm */ 24226185db85Sdougm 24236185db85Sdougm groupname = argv[optind]; 24246185db85Sdougm auth = check_authorizations(groupname, flags); 24256185db85Sdougm if (optset == NULL) 2426*549ec3ffSdougm ret = basic_set(handle, groupname, optlist, protocol, 24276185db85Sdougm sharepath, dryrun); 24286185db85Sdougm else 2429*549ec3ffSdougm ret = space_set(handle, groupname, optlist, protocol, 24306185db85Sdougm sharepath, dryrun, optset); 24316185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 24326185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 24336185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 24346185db85Sdougm } 24356185db85Sdougm } 24366185db85Sdougm return (ret); 24376185db85Sdougm } 24386185db85Sdougm 24396185db85Sdougm /* 24406185db85Sdougm * remove_options(group, optlist, proto, *err) 24416185db85Sdougm * 24426185db85Sdougm * helper function to actually remove options from a group after all 24436185db85Sdougm * preprocessing is done. 24446185db85Sdougm */ 24456185db85Sdougm 24466185db85Sdougm static int 24476185db85Sdougm remove_options(sa_group_t group, struct options *optlist, 24486185db85Sdougm char *proto, int *err) 24496185db85Sdougm { 24506185db85Sdougm struct options *cur; 24516185db85Sdougm sa_optionset_t optionset; 24526185db85Sdougm sa_property_t prop; 24536185db85Sdougm int change = 0; 24546185db85Sdougm int ret = SA_OK; 24556185db85Sdougm 24566185db85Sdougm optionset = sa_get_optionset(group, proto); 24576185db85Sdougm if (optionset != NULL) { 24586185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 24596185db85Sdougm prop = sa_get_property(optionset, cur->optname); 24606185db85Sdougm if (prop != NULL) { 24616185db85Sdougm ret = sa_remove_property(prop); 24626185db85Sdougm if (ret != SA_OK) 24636185db85Sdougm break; 24646185db85Sdougm change = 1; 24656185db85Sdougm } 24666185db85Sdougm } 24676185db85Sdougm } 24686185db85Sdougm if (ret == SA_OK && change) 24696185db85Sdougm ret = sa_commit_properties(optionset, 0); 24706185db85Sdougm 24716185db85Sdougm if (err != NULL) 24726185db85Sdougm *err = ret; 24736185db85Sdougm return (change); 24746185db85Sdougm } 24756185db85Sdougm 24766185db85Sdougm /* 24776185db85Sdougm * valid_unset(group, optlist, proto) 24786185db85Sdougm * 24796185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 24806185db85Sdougm * error if a property doesn't exist. 24816185db85Sdougm */ 24826185db85Sdougm 24836185db85Sdougm static int 24846185db85Sdougm valid_unset(sa_group_t group, struct options *optlist, char *proto) 24856185db85Sdougm { 24866185db85Sdougm struct options *cur; 24876185db85Sdougm sa_optionset_t optionset; 24886185db85Sdougm sa_property_t prop; 24896185db85Sdougm int ret = SA_OK; 24906185db85Sdougm 24916185db85Sdougm optionset = sa_get_optionset(group, proto); 24926185db85Sdougm if (optionset != NULL) { 24936185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 24946185db85Sdougm prop = sa_get_property(optionset, cur->optname); 24956185db85Sdougm if (prop == NULL) { 24966185db85Sdougm (void) printf(gettext("Could not unset property %s:" 24976185db85Sdougm " not set\n"), 24986185db85Sdougm cur->optname); 24996185db85Sdougm ret = SA_NO_SUCH_PROP; 25006185db85Sdougm } 25016185db85Sdougm } 25026185db85Sdougm } 25036185db85Sdougm return (ret); 25046185db85Sdougm } 25056185db85Sdougm 25066185db85Sdougm /* 25076185db85Sdougm * valid_unset_security(group, optlist, proto) 25086185db85Sdougm * 25096185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 25106185db85Sdougm * error if a property doesn't exist. 25116185db85Sdougm */ 25126185db85Sdougm 25136185db85Sdougm static int 25146185db85Sdougm valid_unset_security(sa_group_t group, struct options *optlist, char *proto, 25156185db85Sdougm char *sectype) 25166185db85Sdougm { 25176185db85Sdougm struct options *cur; 25186185db85Sdougm sa_security_t security; 25196185db85Sdougm sa_property_t prop; 25206185db85Sdougm int ret = SA_OK; 25216185db85Sdougm char *sec; 25226185db85Sdougm 25236185db85Sdougm sec = sa_proto_space_alias(proto, sectype); 25246185db85Sdougm security = sa_get_security(group, sec, proto); 25256185db85Sdougm if (security != NULL) { 25266185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 25276185db85Sdougm prop = sa_get_property(security, cur->optname); 25286185db85Sdougm if (prop == NULL) { 25296185db85Sdougm (void) printf(gettext("Could not unset property %s:" 25306185db85Sdougm " not set\n"), 25316185db85Sdougm cur->optname); 25326185db85Sdougm ret = SA_NO_SUCH_PROP; 25336185db85Sdougm } 25346185db85Sdougm } 25356185db85Sdougm } else { 25366185db85Sdougm (void) printf(gettext("Could not unset %s: space not defined\n"), 25376185db85Sdougm sectype); 25386185db85Sdougm ret = SA_NO_SUCH_SECURITY; 25396185db85Sdougm } 25406185db85Sdougm if (sec != NULL) 25416185db85Sdougm sa_free_attr_string(sec); 25426185db85Sdougm return (ret); 25436185db85Sdougm } 25446185db85Sdougm 25456185db85Sdougm /* 25466185db85Sdougm * remove_security(group, optlist, proto) 25476185db85Sdougm * 25486185db85Sdougm * Remove the properties since they were checked as valid. 25496185db85Sdougm */ 25506185db85Sdougm 25516185db85Sdougm static int 25526185db85Sdougm remove_security(sa_group_t group, char *sectype, 25536185db85Sdougm struct options *optlist, char *proto, int *err) 25546185db85Sdougm { 25556185db85Sdougm sa_security_t security; 25566185db85Sdougm int ret = SA_OK; 25576185db85Sdougm int change = 0; 25586185db85Sdougm 25596185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 25606185db85Sdougm security = sa_get_security(group, sectype, proto); 25616185db85Sdougm if (sectype != NULL) 25626185db85Sdougm sa_free_attr_string(sectype); 25636185db85Sdougm 25646185db85Sdougm if (security != NULL) { 25656185db85Sdougm while (optlist != NULL) { 25666185db85Sdougm sa_property_t prop; 25676185db85Sdougm prop = sa_get_property(security, optlist->optname); 25686185db85Sdougm if (prop != NULL) { 25696185db85Sdougm ret = sa_remove_property(prop); 25706185db85Sdougm if (ret != SA_OK) 25716185db85Sdougm break; 25726185db85Sdougm change = 1; 25736185db85Sdougm } 25746185db85Sdougm optlist = optlist->next; 25756185db85Sdougm } 25766185db85Sdougm /* 25776185db85Sdougm * when done, properties may have all been removed but 25786185db85Sdougm * we need to keep the security type itself until 25796185db85Sdougm * explicitly removed. 25806185db85Sdougm */ 25816185db85Sdougm if (ret == SA_OK && change) 25826185db85Sdougm ret = sa_commit_properties(security, 0); 25836185db85Sdougm } else { 25846185db85Sdougm ret = SA_NO_SUCH_PROP; 25856185db85Sdougm } 25866185db85Sdougm if (err != NULL) 25876185db85Sdougm *err = ret; 25886185db85Sdougm return (change); 25896185db85Sdougm } 25906185db85Sdougm 25916185db85Sdougm /* 25926185db85Sdougm * basic_unset(groupname, optlist, protocol, sharepath, dryrun) 25936185db85Sdougm * 25946185db85Sdougm * unset non-named optionset properties. 25956185db85Sdougm */ 25966185db85Sdougm 25976185db85Sdougm static int 2598*549ec3ffSdougm basic_unset(sa_handle_t handle, char *groupname, struct options *optlist, 2599*549ec3ffSdougm char *protocol, char *sharepath, int dryrun) 26006185db85Sdougm { 26016185db85Sdougm sa_group_t group; 26026185db85Sdougm int ret = SA_OK; 26036185db85Sdougm int change = 0; 26046185db85Sdougm struct list *worklist = NULL; 26056185db85Sdougm 2606*549ec3ffSdougm group = sa_get_group(handle, groupname); 26076185db85Sdougm if (group != NULL) { 26086185db85Sdougm sa_share_t share = NULL; 26096185db85Sdougm if (sharepath != NULL) { 26106185db85Sdougm share = sa_get_share(group, sharepath); 26116185db85Sdougm if (share == NULL) { 26126185db85Sdougm (void) printf(gettext("Share does not exist in group %s\n"), 26136185db85Sdougm groupname, sharepath); 26146185db85Sdougm ret = SA_NO_SUCH_PATH; 26156185db85Sdougm } 26166185db85Sdougm } 26176185db85Sdougm if (ret == SA_OK) { 26186185db85Sdougm /* group must exist */ 26196185db85Sdougm ret = valid_unset(share != NULL ? share : group, 26206185db85Sdougm optlist, protocol); 26216185db85Sdougm if (ret == SA_OK && !dryrun) { 26226185db85Sdougm if (share != NULL) { 26236185db85Sdougm sa_optionset_t optionset; 26246185db85Sdougm sa_property_t prop; 26256185db85Sdougm change |= remove_options(share, optlist, protocol, 26266185db85Sdougm &ret); 26276185db85Sdougm /* if a share optionset is empty, remove it */ 26286185db85Sdougm optionset = sa_get_optionset((sa_share_t)share, 26296185db85Sdougm protocol); 26306185db85Sdougm if (optionset != NULL) { 26316185db85Sdougm prop = sa_get_property(optionset, NULL); 26326185db85Sdougm if (prop == NULL) 26336185db85Sdougm (void) sa_destroy_optionset(optionset); 26346185db85Sdougm } 26356185db85Sdougm } else { 26366185db85Sdougm change |= remove_options(group, optlist, protocol, 26376185db85Sdougm &ret); 26386185db85Sdougm } 26396185db85Sdougm if (ret == SA_OK && change) 26406185db85Sdougm worklist = add_list(worklist, group, share); 26416185db85Sdougm if (ret != SA_OK) 26426185db85Sdougm (void) printf(gettext("Could not remove properties:" 26436185db85Sdougm "%s\n"), 26446185db85Sdougm sa_errorstr(ret)); 26456185db85Sdougm } 26466185db85Sdougm } else { 26476185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 26486185db85Sdougm ret = SA_NO_SUCH_GROUP; 26496185db85Sdougm } 26506185db85Sdougm free_opt(optlist); 26516185db85Sdougm } 26526185db85Sdougm 26536185db85Sdougm /* 26546185db85Sdougm * we have a group and potentially legal additions 26556185db85Sdougm */ 26566185db85Sdougm /* commit to configuration if not a dryrun */ 26576185db85Sdougm if (!dryrun && ret == SA_OK) { 26586185db85Sdougm if (change && worklist != NULL) { 26596185db85Sdougm /* properties changed, so update all shares */ 2660*549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 0, protocol); 26616185db85Sdougm } 26626185db85Sdougm } 26636185db85Sdougm if (worklist != NULL) 26646185db85Sdougm free_list(worklist); 26656185db85Sdougm return (ret); 26666185db85Sdougm } 26676185db85Sdougm 26686185db85Sdougm /* 26696185db85Sdougm * space_unset(groupname, optlist, protocol, sharepath, dryrun) 26706185db85Sdougm * 26716185db85Sdougm * unset named optionset properties. 26726185db85Sdougm */ 26736185db85Sdougm static int 2674*549ec3ffSdougm space_unset(sa_handle_t handle, char *groupname, struct options *optlist, 2675*549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 26766185db85Sdougm { 26776185db85Sdougm sa_group_t group; 26786185db85Sdougm int ret = SA_OK; 26796185db85Sdougm int change = 0; 26806185db85Sdougm struct list *worklist = NULL; 26816185db85Sdougm 2682*549ec3ffSdougm group = sa_get_group(handle, groupname); 26836185db85Sdougm if (group != NULL) { 26846185db85Sdougm sa_share_t share = NULL; 26856185db85Sdougm if (sharepath != NULL) { 26866185db85Sdougm share = sa_get_share(group, sharepath); 26876185db85Sdougm if (share == NULL) { 26886185db85Sdougm (void) printf(gettext("Share does not exist in group %s\n"), 26896185db85Sdougm groupname, sharepath); 26906185db85Sdougm ret = SA_NO_SUCH_PATH; 26916185db85Sdougm } 26926185db85Sdougm } 26936185db85Sdougm if (ret == SA_OK) { 26946185db85Sdougm ret = valid_unset_security(share != NULL ? share : group, 26956185db85Sdougm optlist, protocol, sectype); 26966185db85Sdougm if (ret == SA_OK && !dryrun) { 26976185db85Sdougm if (optlist != NULL) { 26986185db85Sdougm if (share != NULL) { 26996185db85Sdougm sa_security_t optionset; 27006185db85Sdougm sa_property_t prop; 27016185db85Sdougm change = remove_security(share, sectype, 27026185db85Sdougm optlist, protocol, 27036185db85Sdougm &ret); 27046185db85Sdougm /* if a share security is empty, remove it */ 27056185db85Sdougm optionset = sa_get_security((sa_group_t)share, 27066185db85Sdougm sectype, 27076185db85Sdougm protocol); 27086185db85Sdougm if (optionset != NULL) { 27096185db85Sdougm prop = sa_get_property(optionset, NULL); 27106185db85Sdougm if (prop == NULL) 27116185db85Sdougm ret = sa_destroy_security(optionset); 27126185db85Sdougm } 27136185db85Sdougm } else { 27146185db85Sdougm change = remove_security(group, sectype, 27156185db85Sdougm optlist, protocol, 27166185db85Sdougm &ret); 27176185db85Sdougm } 27186185db85Sdougm } else { 27196185db85Sdougm sa_security_t security; 27206185db85Sdougm char *sec; 27216185db85Sdougm sec = sa_proto_space_alias(protocol, sectype); 27226185db85Sdougm security = sa_get_security(group, sec, protocol); 27236185db85Sdougm if (sec != NULL) 27246185db85Sdougm sa_free_attr_string(sec); 27256185db85Sdougm if (security != NULL) { 27266185db85Sdougm ret = sa_destroy_security(security); 27276185db85Sdougm if (ret == SA_OK) 27286185db85Sdougm change = 1; 27296185db85Sdougm } else { 27306185db85Sdougm ret = SA_NO_SUCH_PROP; 27316185db85Sdougm } 27326185db85Sdougm } 27336185db85Sdougm if (ret != SA_OK) 27346185db85Sdougm (void) printf(gettext("Could not unset property: %s\n"), 27356185db85Sdougm sa_errorstr(ret)); 27366185db85Sdougm } 27376185db85Sdougm 27386185db85Sdougm if (ret == SA_OK && change) 27396185db85Sdougm worklist = add_list(worklist, group, 0); 27406185db85Sdougm } 27416185db85Sdougm } else { 27426185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 27436185db85Sdougm ret = SA_NO_SUCH_GROUP; 27446185db85Sdougm } 27456185db85Sdougm free_opt(optlist); 27466185db85Sdougm /* 27476185db85Sdougm * we have a group and potentially legal additions 27486185db85Sdougm */ 27496185db85Sdougm 27506185db85Sdougm /* commit to configuration if not a dryrun */ 27516185db85Sdougm if (!dryrun && ret == 0) { 27526185db85Sdougm if (change && worklist != NULL) { 27536185db85Sdougm /* properties changed, so update all shares */ 2754*549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 0, protocol); 27556185db85Sdougm } 2756*549ec3ffSdougm ret = sa_update_config(handle); 27576185db85Sdougm } 27586185db85Sdougm if (worklist != NULL) 27596185db85Sdougm free_list(worklist); 27606185db85Sdougm return (ret); 27616185db85Sdougm } 27626185db85Sdougm 27636185db85Sdougm /* 27646185db85Sdougm * sa_unset(flags, argc, argv) 27656185db85Sdougm * 27666185db85Sdougm * implements the unset subcommand. Parsing done here and then basic 27676185db85Sdougm * or space versions of the real code are called. 27686185db85Sdougm */ 27696185db85Sdougm 27706185db85Sdougm int 2771*549ec3ffSdougm sa_unset(sa_handle_t handle, int flags, int argc, char *argv[]) 27726185db85Sdougm { 27736185db85Sdougm char *groupname; 27746185db85Sdougm int verbose = 0; 27756185db85Sdougm int dryrun = 0; 27766185db85Sdougm int c; 27776185db85Sdougm char *protocol = NULL; 27786185db85Sdougm int ret = SA_OK; 27796185db85Sdougm struct options *optlist = NULL; 27806185db85Sdougm char *sharepath = NULL; 27816185db85Sdougm char *optset = NULL; 27826185db85Sdougm int auth; 27836185db85Sdougm 27846185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:s:S:")) != EOF) { 27856185db85Sdougm switch (c) { 27866185db85Sdougm case 'v': 27876185db85Sdougm verbose++; 27886185db85Sdougm break; 27896185db85Sdougm case 'n': 27906185db85Sdougm dryrun++; 27916185db85Sdougm break; 27926185db85Sdougm case 'P': 27936185db85Sdougm protocol = optarg; 27946185db85Sdougm if (!sa_valid_protocol(protocol)) { 27956185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 27966185db85Sdougm protocol); 27976185db85Sdougm return (SA_INVALID_PROTOCOL); 27986185db85Sdougm } 27996185db85Sdougm break; 28006185db85Sdougm case 'p': 28016185db85Sdougm ret = add_opt(&optlist, optarg, 1); 28026185db85Sdougm switch (ret) { 28036185db85Sdougm case OPT_ADD_SYNTAX: 28046185db85Sdougm (void) printf(gettext("Property syntax error for " 28056185db85Sdougm "property %s\n"), 28066185db85Sdougm optarg); 28076185db85Sdougm return (SA_SYNTAX_ERR); 28086185db85Sdougm case OPT_ADD_PROPERTY: 28096185db85Sdougm (void) printf(gettext("Properties need to be set" 28106185db85Sdougm " with set command: %s\n"), 28116185db85Sdougm optarg); 28126185db85Sdougm return (SA_SYNTAX_ERR); 28136185db85Sdougm default: 28146185db85Sdougm break; 28156185db85Sdougm } 28166185db85Sdougm break; 28176185db85Sdougm case 's': 28186185db85Sdougm sharepath = optarg; 28196185db85Sdougm break; 28206185db85Sdougm case 'S': 28216185db85Sdougm optset = optarg; 28226185db85Sdougm break; 28236185db85Sdougm default: 28246185db85Sdougm case 'h': 28256185db85Sdougm case '?': 28266185db85Sdougm (void) printf(gettext("usage: %s\n"), 28276185db85Sdougm sa_get_usage(USAGE_UNSET)); 28286185db85Sdougm return (SA_OK); 28296185db85Sdougm } 28306185db85Sdougm } 28316185db85Sdougm 28326185db85Sdougm if (optlist != NULL) 28336185db85Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 28346185db85Sdougm 28356185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 28366185db85Sdougm protocol == NULL) { 28376185db85Sdougm char *sep = "\t"; 28386185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_UNSET)); 28396185db85Sdougm if (optind >= argc) { 28406185db85Sdougm (void) printf(gettext("%sgroup must be specified"), sep); 28416185db85Sdougm sep = ", "; 28426185db85Sdougm } 28436185db85Sdougm if (optlist == NULL) { 28446185db85Sdougm (void) printf(gettext("%sat least one property must be " 28456185db85Sdougm "specified"), 28466185db85Sdougm sep); 28476185db85Sdougm sep = ", "; 28486185db85Sdougm } 28496185db85Sdougm if (protocol == NULL) { 28506185db85Sdougm (void) printf(gettext("%sprotocol must be specified"), sep); 28516185db85Sdougm sep = ", "; 28526185db85Sdougm } 28536185db85Sdougm (void) printf("\n"); 28546185db85Sdougm ret = SA_SYNTAX_ERR; 28556185db85Sdougm } else { 28566185db85Sdougm 28576185db85Sdougm /* 28586185db85Sdougm * if a group already exists, we can only add a new 28596185db85Sdougm * protocol to it and not create a new one or add the 28606185db85Sdougm * same protocol again. 28616185db85Sdougm */ 28626185db85Sdougm 28636185db85Sdougm groupname = argv[optind]; 28646185db85Sdougm auth = check_authorizations(groupname, flags); 28656185db85Sdougm if (optset == NULL) 2866*549ec3ffSdougm ret = basic_unset(handle, groupname, optlist, protocol, 28676185db85Sdougm sharepath, dryrun); 28686185db85Sdougm else 2869*549ec3ffSdougm ret = space_unset(handle, groupname, optlist, protocol, 28706185db85Sdougm sharepath, dryrun, optset); 28716185db85Sdougm 28726185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 28736185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 28746185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 28756185db85Sdougm } 28766185db85Sdougm } 28776185db85Sdougm return (ret); 28786185db85Sdougm } 28796185db85Sdougm 28806185db85Sdougm /* 28816185db85Sdougm * sa_enable_group(flags, argc, argv) 28826185db85Sdougm * 28836185db85Sdougm * Implements the enable subcommand 28846185db85Sdougm */ 28856185db85Sdougm 28866185db85Sdougm int 2887*549ec3ffSdougm sa_enable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 28886185db85Sdougm { 28896185db85Sdougm int verbose = 0; 28906185db85Sdougm int dryrun = 0; 28916185db85Sdougm int all = 0; 28926185db85Sdougm int c; 28936185db85Sdougm int ret = SA_OK; 28946185db85Sdougm char *protocol = NULL; 28956185db85Sdougm char *state; 28966185db85Sdougm struct list *worklist = NULL; 28976185db85Sdougm int auth = 1; 28986185db85Sdougm 28996185db85Sdougm while ((c = getopt(argc, argv, "?havnP:")) != EOF) { 29006185db85Sdougm switch (c) { 29016185db85Sdougm case 'a': 29026185db85Sdougm all = 1; 29036185db85Sdougm break; 29046185db85Sdougm case 'n': 29056185db85Sdougm dryrun++; 29066185db85Sdougm break; 29076185db85Sdougm case 'P': 29086185db85Sdougm protocol = optarg; 29096185db85Sdougm if (!sa_valid_protocol(protocol)) { 29106185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 29116185db85Sdougm protocol); 29126185db85Sdougm return (SA_INVALID_PROTOCOL); 29136185db85Sdougm } 29146185db85Sdougm break; 29156185db85Sdougm case 'v': 29166185db85Sdougm verbose++; 29176185db85Sdougm break; 29186185db85Sdougm default: 29196185db85Sdougm case 'h': 29206185db85Sdougm case '?': 29216185db85Sdougm (void) printf(gettext("usage: %s\n"), 29226185db85Sdougm sa_get_usage(USAGE_ENABLE)); 29236185db85Sdougm return (0); 29246185db85Sdougm } 29256185db85Sdougm } 29266185db85Sdougm 29276185db85Sdougm if (optind == argc && !all) { 29286185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_ENABLE)); 29296185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 29306185db85Sdougm ret = SA_NO_SUCH_PATH; 29316185db85Sdougm } else { 29326185db85Sdougm sa_group_t group; 29336185db85Sdougm if (!all) { 29346185db85Sdougm while (optind < argc) { 2935*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 29366185db85Sdougm if (group != NULL) { 29376185db85Sdougm auth &= check_authorizations(argv[optind], flags); 29386185db85Sdougm state = sa_get_group_attr(group, "state"); 29396185db85Sdougm if (state != NULL && 29406185db85Sdougm strcmp(state, "enabled") == 0) { 29416185db85Sdougm /* already enabled */ 29426185db85Sdougm if (verbose) 29436185db85Sdougm (void) printf(gettext("Group \"%s\" is already " 29446185db85Sdougm "enabled\n"), 29456185db85Sdougm argv[optind]); 29466185db85Sdougm ret = SA_BUSY; /* already enabled */ 29476185db85Sdougm } else { 29486185db85Sdougm worklist = add_list(worklist, group, 0); 29496185db85Sdougm if (verbose) 29506185db85Sdougm (void) printf(gettext("Enabling group " 29516185db85Sdougm "\"%s\"\n"), 29526185db85Sdougm argv[optind]); 29536185db85Sdougm } 29546185db85Sdougm if (state != NULL) 29556185db85Sdougm sa_free_attr_string(state); 29566185db85Sdougm } else { 29576185db85Sdougm ret = SA_NO_SUCH_GROUP; 29586185db85Sdougm } 29596185db85Sdougm optind++; 29606185db85Sdougm } 29616185db85Sdougm } else { 2962*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 29636185db85Sdougm group = sa_get_next_group(group)) { 29646185db85Sdougm worklist = add_list(worklist, group, 0); 29656185db85Sdougm } 29666185db85Sdougm } 29676185db85Sdougm if (!dryrun && ret == SA_OK) { 2968*549ec3ffSdougm ret = enable_all_groups(handle, worklist, 1, 0, NULL); 29696185db85Sdougm } 29706185db85Sdougm if (ret != SA_OK && ret != SA_BUSY) 29716185db85Sdougm (void) printf(gettext("Could not enable group: %s\n"), 29726185db85Sdougm sa_errorstr(ret)); 29736185db85Sdougm if (ret == SA_BUSY) 29746185db85Sdougm ret = SA_OK; 29756185db85Sdougm } 29766185db85Sdougm if (worklist != NULL) 29776185db85Sdougm free_list(worklist); 29786185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 29796185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 29806185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 29816185db85Sdougm } 29826185db85Sdougm return (ret); 29836185db85Sdougm } 29846185db85Sdougm 29856185db85Sdougm /* 29866185db85Sdougm * disable_group(group, setstate) 29876185db85Sdougm * 29886185db85Sdougm * disable all the shares in the specified group honoring the setstate 29896185db85Sdougm * argument. This is a helper for disable_all_groups in order to 29906185db85Sdougm * simplify regular and subgroup (zfs) disabling. Group has already 29916185db85Sdougm * been checked for non-NULL. 29926185db85Sdougm */ 29936185db85Sdougm 29946185db85Sdougm static int 29956185db85Sdougm disable_group(sa_group_t group) 29966185db85Sdougm { 29976185db85Sdougm sa_share_t share; 29986185db85Sdougm int ret = SA_OK; 29996185db85Sdougm 30006185db85Sdougm for (share = sa_get_share(group, NULL); 30016185db85Sdougm share != NULL && ret == SA_OK; 30026185db85Sdougm share = sa_get_next_share(share)) { 30036185db85Sdougm ret = sa_disable_share(share, NULL); 30046185db85Sdougm if (ret == SA_NO_SUCH_PATH) { 30056185db85Sdougm /* 30066185db85Sdougm * this is OK since the path is gone. we can't 30076185db85Sdougm * re-share it anyway so no error. 30086185db85Sdougm */ 30096185db85Sdougm ret = SA_OK; 30106185db85Sdougm } 30116185db85Sdougm } 30126185db85Sdougm return (ret); 30136185db85Sdougm } 30146185db85Sdougm 30156185db85Sdougm 30166185db85Sdougm /* 30176185db85Sdougm * disable_all_groups(work, setstate) 30186185db85Sdougm * 30196185db85Sdougm * helper function that disables the shares in the list of groups 30206185db85Sdougm * provided. It optionally marks the group as disabled. Used by both 30216185db85Sdougm * enable and start subcommands. 30226185db85Sdougm */ 30236185db85Sdougm 30246185db85Sdougm static int 3025*549ec3ffSdougm disable_all_groups(sa_handle_t handle, struct list *work, int setstate) 30266185db85Sdougm { 30276185db85Sdougm int ret = SA_OK; 30286185db85Sdougm sa_group_t subgroup, group; 30296185db85Sdougm 30306185db85Sdougm while (work != NULL && ret == SA_OK) { 30316185db85Sdougm group = (sa_group_t)work->item; 30326185db85Sdougm if (setstate) 30336185db85Sdougm ret = sa_set_group_attr(group, "state", "disabled"); 30346185db85Sdougm if (ret == SA_OK) { 30356185db85Sdougm char *name; 30366185db85Sdougm name = sa_get_group_attr(group, "name"); 30376185db85Sdougm if (name != NULL && strcmp(name, "zfs") == 0) { 30386185db85Sdougm /* need to get the sub-groups for stopping */ 30396185db85Sdougm for (subgroup = sa_get_sub_group(group); subgroup != NULL; 30406185db85Sdougm subgroup = sa_get_next_group(subgroup)) { 30416185db85Sdougm ret = disable_group(subgroup); 30426185db85Sdougm } 30436185db85Sdougm } else { 30446185db85Sdougm ret = disable_group(group); 30456185db85Sdougm } 30466185db85Sdougm /* 30476185db85Sdougm * we don't want to "disable" since it won't come 30486185db85Sdougm * up after a reboot. The SMF framework should do 30496185db85Sdougm * the right thing. On enable we do want to do 30506185db85Sdougm * something. 30516185db85Sdougm */ 30526185db85Sdougm } 30536185db85Sdougm work = work->next; 30546185db85Sdougm } 30556185db85Sdougm if (ret == SA_OK) 3056*549ec3ffSdougm ret = sa_update_config(handle); 30576185db85Sdougm return (ret); 30586185db85Sdougm } 30596185db85Sdougm 30606185db85Sdougm /* 30616185db85Sdougm * sa_disable_group(flags, argc, argv) 30626185db85Sdougm * 30636185db85Sdougm * Implements the disable subcommand 30646185db85Sdougm */ 30656185db85Sdougm 30666185db85Sdougm int 3067*549ec3ffSdougm sa_disable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 30686185db85Sdougm { 30696185db85Sdougm int verbose = 0; 30706185db85Sdougm int dryrun = 0; 30716185db85Sdougm int all = 0; 30726185db85Sdougm int c; 30736185db85Sdougm int ret = SA_OK; 30746185db85Sdougm char *protocol; 30756185db85Sdougm char *state; 30766185db85Sdougm struct list *worklist = NULL; 30776185db85Sdougm int auth = 1; 30786185db85Sdougm 30796185db85Sdougm while ((c = getopt(argc, argv, "?havn")) != EOF) { 30806185db85Sdougm switch (c) { 30816185db85Sdougm case 'a': 30826185db85Sdougm all = 1; 30836185db85Sdougm break; 30846185db85Sdougm case 'n': 30856185db85Sdougm dryrun++; 30866185db85Sdougm break; 30876185db85Sdougm case 'P': 30886185db85Sdougm protocol = optarg; 30896185db85Sdougm if (!sa_valid_protocol(protocol)) { 30906185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 30916185db85Sdougm protocol); 30926185db85Sdougm return (SA_INVALID_PROTOCOL); 30936185db85Sdougm } 30946185db85Sdougm break; 30956185db85Sdougm case 'v': 30966185db85Sdougm verbose++; 30976185db85Sdougm break; 30986185db85Sdougm default: 30996185db85Sdougm case 'h': 31006185db85Sdougm case '?': 31016185db85Sdougm (void) printf(gettext("usage: %s\n"), 31026185db85Sdougm sa_get_usage(USAGE_DISABLE)); 31036185db85Sdougm return (0); 31046185db85Sdougm } 31056185db85Sdougm } 31066185db85Sdougm 31076185db85Sdougm if (optind == argc && !all) { 31086185db85Sdougm (void) printf(gettext("usage: %s\n"), 31096185db85Sdougm sa_get_usage(USAGE_DISABLE)); 31106185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 31116185db85Sdougm ret = SA_NO_SUCH_PATH; 31126185db85Sdougm } else { 31136185db85Sdougm sa_group_t group; 31146185db85Sdougm if (!all) { 31156185db85Sdougm while (optind < argc) { 3116*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 31176185db85Sdougm if (group != NULL) { 31186185db85Sdougm auth &= check_authorizations(argv[optind], flags); 31196185db85Sdougm state = sa_get_group_attr(group, "state"); 31206185db85Sdougm if (state == NULL || 31216185db85Sdougm strcmp(state, "disabled") == 0) { 31226185db85Sdougm /* already disabled */ 31236185db85Sdougm if (verbose) 31246185db85Sdougm (void) printf(gettext("Group \"%s\" is " 31256185db85Sdougm "already disabled\n"), 31266185db85Sdougm argv[optind]); 31276185db85Sdougm ret = SA_BUSY; /* already disable */ 31286185db85Sdougm } else { 31296185db85Sdougm worklist = add_list(worklist, group, 0); 31306185db85Sdougm if (verbose) 31316185db85Sdougm (void) printf(gettext("Disabling group " 31326185db85Sdougm "\"%s\"\n"), 31336185db85Sdougm argv[optind]); 31346185db85Sdougm } 31356185db85Sdougm if (state != NULL) 31366185db85Sdougm sa_free_attr_string(state); 31376185db85Sdougm } else { 31386185db85Sdougm ret = SA_NO_SUCH_GROUP; 31396185db85Sdougm } 31406185db85Sdougm optind++; 31416185db85Sdougm } 31426185db85Sdougm } else { 3143*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 31446185db85Sdougm group = sa_get_next_group(group)) { 31456185db85Sdougm worklist = add_list(worklist, group, 0); 31466185db85Sdougm } 31476185db85Sdougm } 31486185db85Sdougm if (ret == SA_OK && !dryrun) { 3149*549ec3ffSdougm ret = disable_all_groups(handle, worklist, 1); 31506185db85Sdougm } 31516185db85Sdougm if (ret != SA_OK && ret != SA_BUSY) 31526185db85Sdougm (void) printf(gettext("Could not disable group: %s\n"), 31536185db85Sdougm sa_errorstr(ret)); 31546185db85Sdougm if (ret == SA_BUSY) 31556185db85Sdougm ret = SA_OK; 31566185db85Sdougm } 31576185db85Sdougm if (worklist != NULL) 31586185db85Sdougm free_list(worklist); 31596185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 31606185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 31616185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 31626185db85Sdougm } 31636185db85Sdougm return (ret); 31646185db85Sdougm } 31656185db85Sdougm 31666185db85Sdougm /* 31676185db85Sdougm * check_sharetab() 31686185db85Sdougm * 31696185db85Sdougm * Checks to see if the /etc/dfs/sharetab file is stale (exists from 31706185db85Sdougm * before the current boot). If it is, truncate it since nothing is 31716185db85Sdougm * really shared. 31726185db85Sdougm */ 31736185db85Sdougm 31746185db85Sdougm static void 31756185db85Sdougm check_sharetab() 31766185db85Sdougm { 31776185db85Sdougm int fd; 31786185db85Sdougm struct utmpx *utmpxp; 31796185db85Sdougm struct stat st; 31806185db85Sdougm 31816185db85Sdougm fd = open(SA_LEGACY_SHARETAB, O_RDWR); 31826185db85Sdougm if (fd >= 0) { 31836185db85Sdougm /* 31846185db85Sdougm * Attempt to get a lock on the file. Whgen we get 31856185db85Sdougm * one, then check to see if it is older than the boot 31866185db85Sdougm * time. Truncate if older than boot. 31876185db85Sdougm */ 31886185db85Sdougm (void) lockf(fd, F_LOCK, 0); 31896185db85Sdougm if ((fstat(fd, &st) == 0) && /* does sharetab exist? */ 31906185db85Sdougm (utmpxp = getutxent()) != NULL && /* does utmpx exist? */ 31916185db85Sdougm (utmpxp->ut_xtime > st.st_mtime)) /* sharetab older? */ 31926185db85Sdougm (void) ftruncate(fd, 0); 31936185db85Sdougm 31946185db85Sdougm (void) lockf(fd, F_ULOCK, 0); 31956185db85Sdougm (void) close(fd); 31966185db85Sdougm endutxent(); 31976185db85Sdougm } 31986185db85Sdougm } 31996185db85Sdougm 32006185db85Sdougm /* 32016185db85Sdougm * sa_start_group(flags, argc, argv) 32026185db85Sdougm * 32036185db85Sdougm * Implements the start command. 32046185db85Sdougm * This is similar to enable except it doesn't change the state 32056185db85Sdougm * of the group(s) and only enables shares if the group is already 32066185db85Sdougm * enabled. 32076185db85Sdougm */ 32086185db85Sdougm 32096185db85Sdougm int 3210*549ec3ffSdougm sa_start_group(sa_handle_t handle, int flags, int argc, char *argv[]) 32116185db85Sdougm { 32126185db85Sdougm int verbose = 0; 32136185db85Sdougm int all = 0; 32146185db85Sdougm int c; 32156185db85Sdougm int ret = SMF_EXIT_OK; 32166185db85Sdougm char *protocol = NULL; 32176185db85Sdougm char *state; 32186185db85Sdougm struct list *worklist = NULL; 32196185db85Sdougm #ifdef lint 32206185db85Sdougm flags = flags; 32216185db85Sdougm #endif 32226185db85Sdougm 32236185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 32246185db85Sdougm switch (c) { 32256185db85Sdougm case 'a': 32266185db85Sdougm all = 1; 32276185db85Sdougm break; 32286185db85Sdougm case 'P': 32296185db85Sdougm protocol = optarg; 32306185db85Sdougm if (!sa_valid_protocol(protocol)) { 32316185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 32326185db85Sdougm protocol); 32336185db85Sdougm return (SA_INVALID_PROTOCOL); 32346185db85Sdougm } 32356185db85Sdougm break; 32366185db85Sdougm case 'v': 32376185db85Sdougm verbose++; 32386185db85Sdougm break; 32396185db85Sdougm default: 32406185db85Sdougm case 'h': 32416185db85Sdougm case '?': 32426185db85Sdougm (void) printf(gettext("usage: %s\n"), 32436185db85Sdougm sa_get_usage(USAGE_START)); 32446185db85Sdougm return (SA_OK); 32456185db85Sdougm } 32466185db85Sdougm } 32476185db85Sdougm 32486185db85Sdougm if (optind == argc && !all) { 32496185db85Sdougm (void) printf(gettext("usage: %s\n"), 32506185db85Sdougm sa_get_usage(USAGE_START)); 32516185db85Sdougm ret = SMF_EXIT_ERR_FATAL; 32526185db85Sdougm } else { 32536185db85Sdougm sa_group_t group; 32546185db85Sdougm 32556185db85Sdougm check_sharetab(); 32566185db85Sdougm 32576185db85Sdougm if (!all) { 32586185db85Sdougm while (optind < argc) { 3259*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 32606185db85Sdougm if (group != NULL) { 32616185db85Sdougm state = sa_get_group_attr(group, "state"); 32626185db85Sdougm if (state == NULL || 32636185db85Sdougm strcmp(state, "enabled") == 0) { 32646185db85Sdougm worklist = add_list(worklist, group, 0); 32656185db85Sdougm if (verbose) 32666185db85Sdougm (void) printf(gettext("Starting group " 32676185db85Sdougm "\"%s\"\n"), 32686185db85Sdougm argv[optind]); 32696185db85Sdougm } else { 32706185db85Sdougm /* 32716185db85Sdougm * determine if there are any 32726185db85Sdougm * protocols. if there aren't any, 32736185db85Sdougm * then there isn't anything to do in 32746185db85Sdougm * any case so no error. 32756185db85Sdougm */ 32766185db85Sdougm if (sa_get_optionset(group, protocol) != NULL) { 32776185db85Sdougm ret = SMF_EXIT_OK; 32786185db85Sdougm } 32796185db85Sdougm } 32806185db85Sdougm if (state != NULL) 32816185db85Sdougm sa_free_attr_string(state); 32826185db85Sdougm } 32836185db85Sdougm optind++; 32846185db85Sdougm } 32856185db85Sdougm } else { 3286*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 32876185db85Sdougm group = sa_get_next_group(group)) { 32886185db85Sdougm state = sa_get_group_attr(group, "state"); 32896185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 32906185db85Sdougm worklist = add_list(worklist, group, 0); 32916185db85Sdougm if (state != NULL) 32926185db85Sdougm sa_free_attr_string(state); 32936185db85Sdougm } 32946185db85Sdougm } 3295*549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 1, NULL); 32966185db85Sdougm } 32976185db85Sdougm if (worklist != NULL) 32986185db85Sdougm free_list(worklist); 32996185db85Sdougm return (ret); 33006185db85Sdougm } 33016185db85Sdougm 33026185db85Sdougm /* 33036185db85Sdougm * sa_stop_group(flags, argc, argv) 33046185db85Sdougm * 33056185db85Sdougm * Implements the stop command. 33066185db85Sdougm * This is similar to disable except it doesn't change the state 33076185db85Sdougm * of the group(s) and only disables shares if the group is already 33086185db85Sdougm * enabled. 33096185db85Sdougm */ 33106185db85Sdougm 33116185db85Sdougm int 3312*549ec3ffSdougm sa_stop_group(sa_handle_t handle, int flags, int argc, char *argv[]) 33136185db85Sdougm { 33146185db85Sdougm int verbose = 0; 33156185db85Sdougm int all = 0; 33166185db85Sdougm int c; 33176185db85Sdougm int ret = SMF_EXIT_OK; 33186185db85Sdougm char *protocol = NULL; 33196185db85Sdougm char *state; 33206185db85Sdougm struct list *worklist = NULL; 33216185db85Sdougm #ifdef lint 33226185db85Sdougm flags = flags; 33236185db85Sdougm #endif 33246185db85Sdougm 33256185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 33266185db85Sdougm switch (c) { 33276185db85Sdougm case 'a': 33286185db85Sdougm all = 1; 33296185db85Sdougm break; 33306185db85Sdougm case 'P': 33316185db85Sdougm protocol = optarg; 33326185db85Sdougm if (!sa_valid_protocol(protocol)) { 33336185db85Sdougm (void) printf(gettext("Invalid protocol specified: %s\n"), 33346185db85Sdougm protocol); 33356185db85Sdougm return (SA_INVALID_PROTOCOL); 33366185db85Sdougm } 33376185db85Sdougm break; 33386185db85Sdougm case 'v': 33396185db85Sdougm verbose++; 33406185db85Sdougm break; 33416185db85Sdougm default: 33426185db85Sdougm case 'h': 33436185db85Sdougm case '?': 33446185db85Sdougm (void) printf(gettext("usage: %s\n"), 33456185db85Sdougm sa_get_usage(USAGE_STOP)); 33466185db85Sdougm return (0); 33476185db85Sdougm } 33486185db85Sdougm } 33496185db85Sdougm 33506185db85Sdougm if (optind == argc && !all) { 33516185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_STOP)); 33526185db85Sdougm ret = SMF_EXIT_ERR_FATAL; 33536185db85Sdougm } else { 33546185db85Sdougm sa_group_t group; 33556185db85Sdougm if (!all) { 33566185db85Sdougm while (optind < argc) { 3357*549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 33586185db85Sdougm if (group != NULL) { 33596185db85Sdougm state = sa_get_group_attr(group, "state"); 33606185db85Sdougm if (state == NULL || 33616185db85Sdougm strcmp(state, "enabled") == 0) { 33626185db85Sdougm worklist = add_list(worklist, group, 0); 33636185db85Sdougm if (verbose) 33646185db85Sdougm (void) printf(gettext("Stopping group " 33656185db85Sdougm "\"%s\"\n"), 33666185db85Sdougm argv[optind]); 33676185db85Sdougm } else { 33686185db85Sdougm ret = SMF_EXIT_OK; 33696185db85Sdougm } 33706185db85Sdougm if (state != NULL) 33716185db85Sdougm sa_free_attr_string(state); 33726185db85Sdougm } 33736185db85Sdougm optind++; 33746185db85Sdougm } 33756185db85Sdougm } else { 3376*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 33776185db85Sdougm group = sa_get_next_group(group)) { 33786185db85Sdougm state = sa_get_group_attr(group, "state"); 33796185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 33806185db85Sdougm worklist = add_list(worklist, group, 0); 33816185db85Sdougm if (state != NULL) 33826185db85Sdougm sa_free_attr_string(state); 33836185db85Sdougm } 33846185db85Sdougm } 3385*549ec3ffSdougm (void) disable_all_groups(handle, worklist, 0); 3386*549ec3ffSdougm ret = sa_update_config(handle); 33876185db85Sdougm } 33886185db85Sdougm if (worklist != NULL) 33896185db85Sdougm free_list(worklist); 33906185db85Sdougm return (ret); 33916185db85Sdougm } 33926185db85Sdougm 33936185db85Sdougm /* 33946185db85Sdougm * remove_all_options(share, proto) 33956185db85Sdougm * 33966185db85Sdougm * Removes all options on a share. 33976185db85Sdougm */ 33986185db85Sdougm 33996185db85Sdougm static void 34006185db85Sdougm remove_all_options(sa_share_t share, char *proto) 34016185db85Sdougm { 34026185db85Sdougm sa_optionset_t optionset; 34036185db85Sdougm sa_security_t security; 34046185db85Sdougm sa_security_t prevsec = NULL; 34056185db85Sdougm 34066185db85Sdougm optionset = sa_get_optionset(share, proto); 34076185db85Sdougm if (optionset != NULL) 34086185db85Sdougm (void) sa_destroy_optionset(optionset); 34096185db85Sdougm for (security = sa_get_security(share, NULL, NULL); 34106185db85Sdougm security != NULL; 34116185db85Sdougm security = sa_get_next_security(security)) { 34126185db85Sdougm char *type; 34136185db85Sdougm /* 34146185db85Sdougm * we walk through the list. prevsec keeps the 34156185db85Sdougm * previous security so we can delete it without 34166185db85Sdougm * destroying the list. 34176185db85Sdougm */ 34186185db85Sdougm if (prevsec != NULL) { 34196185db85Sdougm /* remove the previously seen security */ 34206185db85Sdougm (void) sa_destroy_security(prevsec); 34216185db85Sdougm /* set to NULL so we don't try multiple times */ 34226185db85Sdougm prevsec = NULL; 34236185db85Sdougm } 34246185db85Sdougm type = sa_get_security_attr(security, "type"); 34256185db85Sdougm if (type != NULL) { 34266185db85Sdougm /* 34276185db85Sdougm * if the security matches the specified protocol, we 34286185db85Sdougm * want to remove it. prevsec holds it until either 34296185db85Sdougm * the next pass or we fall out of the loop. 34306185db85Sdougm */ 34316185db85Sdougm if (strcmp(type, proto) == 0) 34326185db85Sdougm prevsec = security; 34336185db85Sdougm sa_free_attr_string(type); 34346185db85Sdougm } 34356185db85Sdougm } 34366185db85Sdougm /* in case there is one left */ 34376185db85Sdougm if (prevsec != NULL) 34386185db85Sdougm (void) sa_destroy_security(prevsec); 34396185db85Sdougm } 34406185db85Sdougm 34416185db85Sdougm 34426185db85Sdougm /* 34436185db85Sdougm * for legacy support, we need to handle the old syntax. This is what 34446185db85Sdougm * we get if sharemgr is called with the name "share" rather than 34456185db85Sdougm * sharemgr. 34466185db85Sdougm */ 34476185db85Sdougm 34486185db85Sdougm static int 34496185db85Sdougm format_legacy_path(char *buff, int buffsize, char *proto, char *cmd) 34506185db85Sdougm { 34516185db85Sdougm int err; 34526185db85Sdougm 34536185db85Sdougm err = snprintf(buff, buffsize, "/usr/lib/fs/%s/%s", proto, cmd); 34546185db85Sdougm if (err > buffsize) 34556185db85Sdougm return (-1); 34566185db85Sdougm return (0); 34576185db85Sdougm } 34586185db85Sdougm 34596185db85Sdougm 34606185db85Sdougm /* 34616185db85Sdougm * check_legacy_cmd(proto, cmd) 34626185db85Sdougm * 34636185db85Sdougm * Check to see if the cmd exists in /usr/lib/fs/<proto>/<cmd> and is 34646185db85Sdougm * executable. 34656185db85Sdougm */ 34666185db85Sdougm 34676185db85Sdougm static int 34686185db85Sdougm check_legacy_cmd(char *path) 34696185db85Sdougm { 34706185db85Sdougm struct stat st; 34716185db85Sdougm int ret = 0; 34726185db85Sdougm 34736185db85Sdougm if (stat(path, &st) == 0) { 34746185db85Sdougm if (S_ISREG(st.st_mode) && st.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) 34756185db85Sdougm ret = 1; 34766185db85Sdougm } 34776185db85Sdougm return (ret); 34786185db85Sdougm } 34796185db85Sdougm 34806185db85Sdougm /* 34816185db85Sdougm * run_legacy_command(proto, cmd, argv) 34826185db85Sdougm * 34836185db85Sdougm * we know the command exists, so attempt to execute it with all the 34846185db85Sdougm * arguments. This implements full legacy share support for those 34856185db85Sdougm * protocols that don't have plugin providers. 34866185db85Sdougm */ 34876185db85Sdougm 34886185db85Sdougm static int 34896185db85Sdougm run_legacy_command(char *path, char *argv[]) 34906185db85Sdougm { 34916185db85Sdougm int ret; 34926185db85Sdougm 34936185db85Sdougm ret = execv(path, argv); 34946185db85Sdougm if (ret < 0) { 34956185db85Sdougm switch (errno) { 34966185db85Sdougm case EACCES: 34976185db85Sdougm ret = SA_NO_PERMISSION; 34986185db85Sdougm break; 34996185db85Sdougm default: 35006185db85Sdougm ret = SA_SYSTEM_ERR; 35016185db85Sdougm break; 35026185db85Sdougm } 35036185db85Sdougm } 35046185db85Sdougm return (ret); 35056185db85Sdougm } 35066185db85Sdougm 35076185db85Sdougm /* 3508f345c0beSdougm * out_share(out, group, proto) 35096185db85Sdougm * 35106185db85Sdougm * Display the share information in the format that the "share" 35116185db85Sdougm * command has traditionally used. 35126185db85Sdougm */ 35136185db85Sdougm 35146185db85Sdougm static void 3515f345c0beSdougm out_share(FILE *out, sa_group_t group, char *proto) 35166185db85Sdougm { 35176185db85Sdougm sa_share_t share; 35186185db85Sdougm char resfmt[128]; 35196185db85Sdougm 35206185db85Sdougm for (share = sa_get_share(group, NULL); share != NULL; 35216185db85Sdougm share = sa_get_next_share(share)) { 35226185db85Sdougm char *path; 35236185db85Sdougm char *type; 35246185db85Sdougm char *resource; 35256185db85Sdougm char *description; 35266185db85Sdougm char *groupname; 35276185db85Sdougm char *sharedstate; 35286185db85Sdougm int shared = 1; 35296185db85Sdougm char *soptions; 35306185db85Sdougm 35316185db85Sdougm sharedstate = sa_get_share_attr(share, "shared"); 35326185db85Sdougm path = sa_get_share_attr(share, "path"); 35336185db85Sdougm type = sa_get_share_attr(share, "type"); 35346185db85Sdougm resource = sa_get_share_attr(share, "resource"); 35356185db85Sdougm groupname = sa_get_group_attr(group, "name"); 35366185db85Sdougm 35376185db85Sdougm if (groupname != NULL && strcmp(groupname, "default") == 0) { 35386185db85Sdougm sa_free_attr_string(groupname); 35396185db85Sdougm groupname = NULL; 35406185db85Sdougm } 35416185db85Sdougm description = sa_get_share_description(share); 3542f345c0beSdougm 3543f345c0beSdougm /* want the sharetab version if it exists */ 3544f345c0beSdougm soptions = sa_get_share_attr(share, "shareopts"); 35456185db85Sdougm 35466185db85Sdougm if (sharedstate == NULL) 35476185db85Sdougm shared = 0; 35486185db85Sdougm 3549f345c0beSdougm if (soptions == NULL) 35506185db85Sdougm soptions = sa_proto_legacy_format(proto, share, 1); 35516185db85Sdougm 35526185db85Sdougm if (shared) { 3553f345c0beSdougm /* only active shares go here */ 35546185db85Sdougm (void) snprintf(resfmt, sizeof (resfmt), "%s%s%s", 35556185db85Sdougm resource != NULL ? resource : "-", 35566185db85Sdougm groupname != NULL ? "@" : "", 35576185db85Sdougm groupname != NULL ? groupname : ""); 35586185db85Sdougm (void) fprintf(out, "%-14.14s %s %s \"%s\" \n", 35596185db85Sdougm resfmt, 35606185db85Sdougm path, 35616185db85Sdougm (soptions != NULL && strlen(soptions) > 0) ? 35626185db85Sdougm soptions : "rw", 35636185db85Sdougm (description != NULL) ? description : ""); 35646185db85Sdougm } 35656185db85Sdougm 35666185db85Sdougm if (path != NULL) 35676185db85Sdougm sa_free_attr_string(path); 35686185db85Sdougm if (type != NULL) 35696185db85Sdougm sa_free_attr_string(type); 35706185db85Sdougm if (resource != NULL) 35716185db85Sdougm sa_free_attr_string(resource); 35726185db85Sdougm if (groupname != NULL) 35736185db85Sdougm sa_free_attr_string(groupname); 35746185db85Sdougm if (description != NULL) 35756185db85Sdougm sa_free_share_description(description); 35766185db85Sdougm if (sharedstate != NULL) 35776185db85Sdougm sa_free_attr_string(sharedstate); 3578f345c0beSdougm if (soptions != NULL) 35796185db85Sdougm sa_format_free(soptions); 35806185db85Sdougm } 35816185db85Sdougm } 35826185db85Sdougm 35836185db85Sdougm /* 35846185db85Sdougm * output_legacy_file(out, proto) 35856185db85Sdougm * 35866185db85Sdougm * Walk all of the groups for the specified protocol and call 35876185db85Sdougm * out_share() to format and write in the format displayed by the 35886185db85Sdougm * "share" command with no arguments. 35896185db85Sdougm */ 35906185db85Sdougm 35916185db85Sdougm static void 3592*549ec3ffSdougm output_legacy_file(FILE *out, char *proto, sa_handle_t handle) 35936185db85Sdougm { 35946185db85Sdougm sa_group_t group; 35956185db85Sdougm 3596*549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 35976185db85Sdougm group = sa_get_next_group(group)) { 35986185db85Sdougm char *options; 35996185db85Sdougm char *zfs; 36006185db85Sdougm 36016185db85Sdougm /* 36026185db85Sdougm * get default options preformated, being careful to 36036185db85Sdougm * handle legacy shares differently from new style 36046185db85Sdougm * shares. Legacy share have options on the share. 36056185db85Sdougm */ 36066185db85Sdougm 36076185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 36086185db85Sdougm if (zfs != NULL) { 36096185db85Sdougm sa_group_t zgroup; 36106185db85Sdougm sa_free_attr_string(zfs); 36116185db85Sdougm options = sa_proto_legacy_format(proto, group, 1); 36126185db85Sdougm for (zgroup = sa_get_sub_group(group); zgroup != NULL; 36136185db85Sdougm zgroup = sa_get_next_group(zgroup)) { 36146185db85Sdougm 36156185db85Sdougm /* got a group, so display it */ 3616f345c0beSdougm out_share(out, zgroup, proto); 36176185db85Sdougm } 36186185db85Sdougm } else { 36196185db85Sdougm options = sa_proto_legacy_format(proto, group, 1); 3620f345c0beSdougm out_share(out, group, proto); 36216185db85Sdougm } 36226185db85Sdougm if (options != NULL) 36236185db85Sdougm free(options); 36246185db85Sdougm } 36256185db85Sdougm } 36266185db85Sdougm 36276185db85Sdougm int 3628*549ec3ffSdougm sa_legacy_share(sa_handle_t handle, int flags, int argc, char *argv[]) 36296185db85Sdougm { 36306185db85Sdougm char *protocol = "nfs"; 36316185db85Sdougm char *options = NULL; 36326185db85Sdougm char *description = NULL; 36336185db85Sdougm char *groupname = NULL; 36346185db85Sdougm char *sharepath = NULL; 36356185db85Sdougm char *resource = NULL; 36366185db85Sdougm char *groupstatus = NULL; 36376185db85Sdougm int persist = SA_SHARE_TRANSIENT; 36386185db85Sdougm int argsused = 0; 36396185db85Sdougm int c; 36406185db85Sdougm int ret = SA_OK; 36416185db85Sdougm int zfs = 0; 36426185db85Sdougm int true_legacy = 0; 36436185db85Sdougm int curtype = SA_SHARE_TRANSIENT; 36446185db85Sdougm char cmd[MAXPATHLEN]; 36456185db85Sdougm #ifdef lint 36466185db85Sdougm flags = flags; 36476185db85Sdougm #endif 36486185db85Sdougm 36496185db85Sdougm while ((c = getopt(argc, argv, "?hF:d:o:p")) != EOF) { 36506185db85Sdougm switch (c) { 36516185db85Sdougm case 'd': 36526185db85Sdougm description = optarg; 36536185db85Sdougm argsused++; 36546185db85Sdougm break; 36556185db85Sdougm case 'F': 36566185db85Sdougm protocol = optarg; 36576185db85Sdougm if (!sa_valid_protocol(protocol)) { 36586185db85Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 36596185db85Sdougm protocol, "share") == 0 && check_legacy_cmd(cmd)) { 36606185db85Sdougm true_legacy++; 36616185db85Sdougm } else { 36626185db85Sdougm (void) fprintf(stderr, 36636185db85Sdougm gettext("Invalid protocol specified:" 36646185db85Sdougm "%s\n"), 36656185db85Sdougm protocol); 36666185db85Sdougm return (SA_INVALID_PROTOCOL); 36676185db85Sdougm } 36686185db85Sdougm } 36696185db85Sdougm break; 36706185db85Sdougm case 'o': 36716185db85Sdougm options = optarg; 36726185db85Sdougm argsused++; 36736185db85Sdougm break; 36746185db85Sdougm case 'p': 36756185db85Sdougm persist = SA_SHARE_PERMANENT; 36766185db85Sdougm argsused++; 36776185db85Sdougm break; 36786185db85Sdougm case 'h': 36796185db85Sdougm case '?': 36806185db85Sdougm default: 36816185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 36826185db85Sdougm sa_get_usage(USAGE_SHARE)); 36836185db85Sdougm return (SA_OK); 36846185db85Sdougm } 36856185db85Sdougm } 36866185db85Sdougm 36876185db85Sdougm /* have the info so construct what is needed */ 36886185db85Sdougm if (!argsused && optind == argc) { 36896185db85Sdougm /* display current info in share format */ 3690*549ec3ffSdougm (void) output_legacy_file(stdout, "nfs", handle); 36916185db85Sdougm } else { 36926185db85Sdougm sa_group_t group = NULL; 36936185db85Sdougm sa_share_t share; 36946185db85Sdougm char dir[MAXPATHLEN]; 36956185db85Sdougm 36966185db85Sdougm /* we are modifying the configuration */ 36976185db85Sdougm if (optind == argc) { 36986185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 36996185db85Sdougm sa_get_usage(USAGE_SHARE)); 37006185db85Sdougm return (SA_LEGACY_ERR); 37016185db85Sdougm } 37026185db85Sdougm 37036185db85Sdougm if (true_legacy) { 37046185db85Sdougm /* if still using legacy share/unshare, exec it */ 37056185db85Sdougm ret = run_legacy_command(cmd, argv); 37066185db85Sdougm return (ret); 37076185db85Sdougm } 37086185db85Sdougm 37096185db85Sdougm sharepath = argv[optind++]; 37106185db85Sdougm if (optind < argc) { 37116185db85Sdougm resource = argv[optind]; 37126185db85Sdougm groupname = strchr(resource, '@'); 37136185db85Sdougm if (groupname != NULL) 37146185db85Sdougm *groupname++ = '\0'; 37156185db85Sdougm } 37166185db85Sdougm if (realpath(sharepath, dir) == NULL) 37176185db85Sdougm ret = SA_BAD_PATH; 37186185db85Sdougm else 37196185db85Sdougm sharepath = dir; 37206185db85Sdougm if (ret == SA_OK) { 3721*549ec3ffSdougm share = sa_find_share(handle, sharepath); 37226185db85Sdougm } else { 37236185db85Sdougm share = NULL; 37246185db85Sdougm } 37256185db85Sdougm if (groupname != NULL) { 37266185db85Sdougm ret = SA_NOT_ALLOWED; 37276185db85Sdougm } else if (ret == SA_OK) { 37286185db85Sdougm char *legacygroup = "default"; 37296185db85Sdougm /* 37306185db85Sdougm * the legacy group is always present and zfs groups 37316185db85Sdougm * come and go. zfs shares may be in sub-groups and 37326185db85Sdougm * the zfs share will already be in that group so it 37336185db85Sdougm * isn't an error. 37346185db85Sdougm */ 37356185db85Sdougm if (share != NULL) { 37366185db85Sdougm /* 37376185db85Sdougm * if the share exists, then make sure it is one we 37386185db85Sdougm * want to handle. 37396185db85Sdougm */ 37406185db85Sdougm group = sa_get_parent_group(share); 37416185db85Sdougm } else { 3742*549ec3ffSdougm group = sa_get_group(handle, legacygroup); 37436185db85Sdougm } 37446185db85Sdougm if (group != NULL) { 37456185db85Sdougm groupstatus = group_status(group); 37466185db85Sdougm if (share == NULL) { 37476185db85Sdougm share = sa_add_share(group, sharepath, persist, &ret); 37486185db85Sdougm if (share == NULL && ret == SA_DUPLICATE_NAME) { 37496185db85Sdougm /* could be a ZFS path being started */ 3750*549ec3ffSdougm if (sa_zfs_is_shared(handle, sharepath)) { 37516185db85Sdougm ret = SA_OK; 3752*549ec3ffSdougm group = sa_get_group(handle, "zfs"); 37536185db85Sdougm if (group == NULL) { 37546185db85Sdougm /* this shouldn't happen */ 37556185db85Sdougm ret = SA_CONFIG_ERR; 37566185db85Sdougm } 37576185db85Sdougm if (group != NULL) { 37586185db85Sdougm share = sa_add_share(group, sharepath, 37596185db85Sdougm persist, &ret); 37606185db85Sdougm } 37616185db85Sdougm } 37626185db85Sdougm } 37636185db85Sdougm } else { 376493a6f655Sdougm char *type; 37656185db85Sdougm /* 37666185db85Sdougm * may want to change persist state, but the 376793a6f655Sdougm * important thing is to change options. We 376893a6f655Sdougm * need to change them regardless of the 376993a6f655Sdougm * source. 37706185db85Sdougm */ 3771*549ec3ffSdougm if (sa_zfs_is_shared(handle, sharepath)) { 377293a6f655Sdougm zfs = 1; 377393a6f655Sdougm } 37746185db85Sdougm remove_all_options(share, protocol); 37756185db85Sdougm type = sa_get_share_attr(share, "type"); 37766185db85Sdougm if (type != NULL && 37776185db85Sdougm strcmp(type, "transient") != 0) { 37786185db85Sdougm curtype = SA_SHARE_PERMANENT; 37796185db85Sdougm } 37806185db85Sdougm if (type != NULL) 37816185db85Sdougm sa_free_attr_string(type); 37826185db85Sdougm if (curtype != persist) { 37836185db85Sdougm (void) sa_set_share_attr(share, "type", 37846185db85Sdougm persist == SA_SHARE_PERMANENT ? 37856185db85Sdougm "persist" : "transient"); 37866185db85Sdougm } 37876185db85Sdougm } 37886185db85Sdougm /* have a group to hold this share path */ 37896185db85Sdougm if (ret == SA_OK && options != NULL && 37906185db85Sdougm strlen(options) > 0) { 37916185db85Sdougm ret = sa_parse_legacy_options(share, 37926185db85Sdougm options, 37936185db85Sdougm protocol); 37946185db85Sdougm } 379593a6f655Sdougm if (!zfs) { 379693a6f655Sdougm /* 379793a6f655Sdougm * zfs shares never have resource or 379893a6f655Sdougm * description and we can't store the values 379993a6f655Sdougm * so don't try. 380093a6f655Sdougm */ 38016185db85Sdougm if (ret == SA_OK && description != NULL) 38026185db85Sdougm ret = sa_set_share_description(share, description); 38036185db85Sdougm if (ret == SA_OK && resource != NULL) 38046185db85Sdougm ret = sa_set_share_attr(share, "resource", 38056185db85Sdougm resource); 38066185db85Sdougm } 38076185db85Sdougm if (ret == SA_OK) { 38086185db85Sdougm if (strcmp(groupstatus, "enabled") == 0) 38096185db85Sdougm ret = sa_enable_share(share, protocol); 38106185db85Sdougm if (ret == SA_OK && persist == SA_SHARE_PERMANENT) { 38116185db85Sdougm (void) sa_update_legacy(share, protocol); 38126185db85Sdougm } 38136185db85Sdougm if (ret == SA_OK) 3814*549ec3ffSdougm ret = sa_update_config(handle); 38156185db85Sdougm } 38166185db85Sdougm } else { 38176185db85Sdougm ret = SA_SYSTEM_ERR; 38186185db85Sdougm } 38196185db85Sdougm } 38206185db85Sdougm } 38216185db85Sdougm if (ret != SA_OK) { 38226185db85Sdougm (void) fprintf(stderr, gettext("Could not share: %s: %s\n"), 38236185db85Sdougm sharepath, sa_errorstr(ret)); 38246185db85Sdougm ret = SA_LEGACY_ERR; 38256185db85Sdougm 38266185db85Sdougm } 38276185db85Sdougm return (ret); 38286185db85Sdougm } 38296185db85Sdougm 38306185db85Sdougm /* 38316185db85Sdougm * sa_legacy_unshare(flags, argc, argv) 38326185db85Sdougm * 38336185db85Sdougm * Implements the original unshare command. 38346185db85Sdougm */ 38356185db85Sdougm 38366185db85Sdougm int 3837*549ec3ffSdougm sa_legacy_unshare(sa_handle_t handle, int flags, int argc, char *argv[]) 38386185db85Sdougm { 38396185db85Sdougm char *protocol = "nfs"; /* for now */ 38406185db85Sdougm char *options = NULL; 38416185db85Sdougm char *sharepath = NULL; 38426185db85Sdougm int persist = SA_SHARE_TRANSIENT; 38436185db85Sdougm int argsused = 0; 38446185db85Sdougm int c; 38456185db85Sdougm int ret = SA_OK; 38466185db85Sdougm int true_legacy = 0; 38476185db85Sdougm char cmd[MAXPATHLEN]; 38486185db85Sdougm #ifdef lint 38496185db85Sdougm flags = flags; 38506185db85Sdougm options = options; 38516185db85Sdougm #endif 38526185db85Sdougm 38536185db85Sdougm while ((c = getopt(argc, argv, "?hF:o:p")) != EOF) { 38546185db85Sdougm switch (c) { 38556185db85Sdougm case 'h': 38566185db85Sdougm case '?': 38576185db85Sdougm break; 38586185db85Sdougm case 'F': 38596185db85Sdougm protocol = optarg; 38606185db85Sdougm if (!sa_valid_protocol(protocol)) { 38616185db85Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 38626185db85Sdougm protocol, "unshare") == 0 && 38636185db85Sdougm check_legacy_cmd(cmd)) { 38646185db85Sdougm true_legacy++; 38656185db85Sdougm } else { 38666185db85Sdougm (void) printf(gettext("Invalid file system name\n")); 38676185db85Sdougm return (SA_INVALID_PROTOCOL); 38686185db85Sdougm } 38696185db85Sdougm } 38706185db85Sdougm break; 38716185db85Sdougm case 'o': 38726185db85Sdougm options = optarg; 38736185db85Sdougm argsused++; 38746185db85Sdougm break; 38756185db85Sdougm case 'p': 38766185db85Sdougm persist = SA_SHARE_PERMANENT; 38776185db85Sdougm argsused++; 38786185db85Sdougm break; 38796185db85Sdougm default: 38806185db85Sdougm (void) printf(gettext("usage: %s\n"), 38816185db85Sdougm sa_get_usage(USAGE_UNSHARE)); 38826185db85Sdougm return (SA_OK); 38836185db85Sdougm } 38846185db85Sdougm } 38856185db85Sdougm 38866185db85Sdougm /* have the info so construct what is needed */ 38876185db85Sdougm if (optind == argc || (optind + 1) < argc) { 38886185db85Sdougm ret = SA_SYNTAX_ERR; 38896185db85Sdougm } else { 38906185db85Sdougm sa_share_t share; 38916185db85Sdougm char dir[MAXPATHLEN]; 38926185db85Sdougm if (true_legacy) { 38936185db85Sdougm /* if still using legacy share/unshare, exec it */ 38946185db85Sdougm ret = run_legacy_command(cmd, argv); 38956185db85Sdougm return (ret); 38966185db85Sdougm } 3897a99982a7Sdougm /* 3898a99982a7Sdougm * Find the path in the internal configuration. If it 3899a99982a7Sdougm * isn't found, attempt to resolve the path via 3900a99982a7Sdougm * realpath() and try again. 3901a99982a7Sdougm */ 39026185db85Sdougm sharepath = argv[optind++]; 3903*549ec3ffSdougm share = sa_find_share(handle, sharepath); 3904a99982a7Sdougm if (share == NULL) { 39056185db85Sdougm if (realpath(sharepath, dir) == NULL) { 39066185db85Sdougm ret = SA_NO_SUCH_PATH; 39076185db85Sdougm } else { 3908*549ec3ffSdougm share = sa_find_share(handle, dir); 3909a99982a7Sdougm } 3910a99982a7Sdougm } 39116185db85Sdougm if (share != NULL) { 39126185db85Sdougm ret = sa_disable_share(share, protocol); 3913a99982a7Sdougm /* 3914a99982a7Sdougm * Errors are ok and removal should still occur. The 3915a99982a7Sdougm * legacy unshare is more forgiving of errors than the 3916a99982a7Sdougm * remove-share subcommand which may need the force 3917a99982a7Sdougm * flag set for some error conditions. That is, the 3918a99982a7Sdougm * "unshare" command will always unshare if it can 3919a99982a7Sdougm * while "remove-share" might require the force option. 3920a99982a7Sdougm */ 3921a99982a7Sdougm if (persist == SA_SHARE_PERMANENT) { 39226185db85Sdougm ret = sa_remove_share(share); 3923a99982a7Sdougm if (ret == SA_OK) 3924*549ec3ffSdougm ret = sa_update_config(handle); 39256185db85Sdougm } 39266185db85Sdougm } else { 39276185db85Sdougm ret = SA_NOT_SHARED; 39286185db85Sdougm } 39296185db85Sdougm } 39306185db85Sdougm switch (ret) { 39316185db85Sdougm default: 39326185db85Sdougm (void) printf("%s: %s\n", sharepath, sa_errorstr(ret)); 39336185db85Sdougm ret = SA_LEGACY_ERR; 39346185db85Sdougm break; 39356185db85Sdougm case SA_SYNTAX_ERR: 39366185db85Sdougm (void) printf(gettext("usage: %s\n"), 39376185db85Sdougm sa_get_usage(USAGE_UNSHARE)); 39386185db85Sdougm break; 39396185db85Sdougm case SA_OK: 39406185db85Sdougm break; 39416185db85Sdougm } 39426185db85Sdougm return (ret); 39436185db85Sdougm } 39446185db85Sdougm 39456185db85Sdougm /* 39466185db85Sdougm * common commands that implement the sub-commands used by all 39476185db85Sdougm * protcols. The entries are found via the lookup command 39486185db85Sdougm */ 39496185db85Sdougm 39506185db85Sdougm static sa_command_t commands[] = { 39516185db85Sdougm {"add-share", 0, sa_addshare, USAGE_ADD_SHARE, SVC_SET}, 39526185db85Sdougm {"create", 0, sa_create, USAGE_CREATE, SVC_SET|SVC_ACTION}, 39536185db85Sdougm {"delete", 0, sa_delete, USAGE_DELETE, SVC_SET|SVC_ACTION}, 39546185db85Sdougm {"disable", 0, sa_disable_group, USAGE_DISABLE, SVC_SET|SVC_ACTION}, 39556185db85Sdougm {"enable", 0, sa_enable_group, USAGE_ENABLE, SVC_SET|SVC_ACTION}, 39566185db85Sdougm {"list", 0, sa_list, USAGE_LIST}, 39576185db85Sdougm {"move-share", 0, sa_moveshare, USAGE_MOVE_SHARE, SVC_SET}, 39586185db85Sdougm {"remove-share", 0, sa_removeshare, USAGE_REMOVE_SHARE, SVC_SET}, 39596185db85Sdougm {"set", 0, sa_set, USAGE_SET, SVC_SET}, 39606185db85Sdougm {"set-share", 0, sa_set_share, USAGE_SET_SHARE, SVC_SET}, 39616185db85Sdougm {"show", 0, sa_show, USAGE_SHOW}, 39626185db85Sdougm {"share", 0, sa_legacy_share, USAGE_SHARE, SVC_SET|SVC_ACTION}, 39636185db85Sdougm {"start", CMD_NODISPLAY, sa_start_group, USAGE_START, 39646185db85Sdougm SVC_SET|SVC_ACTION}, 39656185db85Sdougm {"stop", CMD_NODISPLAY, sa_stop_group, USAGE_STOP, SVC_SET|SVC_ACTION}, 39666185db85Sdougm {"unset", 0, sa_unset, USAGE_UNSET, SVC_SET}, 39676185db85Sdougm {"unshare", 0, sa_legacy_unshare, USAGE_UNSHARE, SVC_SET|SVC_ACTION}, 39686185db85Sdougm {NULL, 0, NULL, NULL} 39696185db85Sdougm }; 39706185db85Sdougm 39716185db85Sdougm static char * 39726185db85Sdougm sa_get_usage(sa_usage_t index) 39736185db85Sdougm { 39746185db85Sdougm char *ret = NULL; 39756185db85Sdougm switch (index) { 39766185db85Sdougm case USAGE_ADD_SHARE: 39776185db85Sdougm ret = gettext("add-share [-nth] [-r resource-name] " 39786185db85Sdougm "[-d \"description text\"] -s sharepath group"); 39796185db85Sdougm break; 39806185db85Sdougm case USAGE_CREATE: 39816185db85Sdougm ret = gettext("create [-nvh] [-P proto [-p property=value]] group"); 39826185db85Sdougm break; 39836185db85Sdougm case USAGE_DELETE: 39846185db85Sdougm ret = gettext("delete [-nvh] [-P proto] [-f] group"); 39856185db85Sdougm break; 39866185db85Sdougm case USAGE_DISABLE: 39876185db85Sdougm ret = gettext("disable [-nvh] {-a | group ...}"); 39886185db85Sdougm break; 39896185db85Sdougm case USAGE_ENABLE: 39906185db85Sdougm ret = gettext("enable [-nvh] {-a | group ...}"); 39916185db85Sdougm break; 39926185db85Sdougm case USAGE_LIST: 39936185db85Sdougm ret = gettext("list [-vh] [-P proto]"); 39946185db85Sdougm break; 39956185db85Sdougm case USAGE_MOVE_SHARE: 39966185db85Sdougm ret = gettext("move-share [-nvh] -s sharepath destination-group"); 39976185db85Sdougm break; 39986185db85Sdougm case USAGE_REMOVE_SHARE: 39996185db85Sdougm ret = gettext("remove-share [-fnvh] -s sharepath group"); 40006185db85Sdougm break; 40016185db85Sdougm case USAGE_SET: 40026185db85Sdougm ret = gettext("set [-nvh] -P proto [-S optspace] " 40036185db85Sdougm "[-p property=value]* [-s sharepath] group"); 40046185db85Sdougm break; 40056185db85Sdougm case USAGE_SET_SECURITY: 40066185db85Sdougm ret = gettext("set-security [-nvh] -P proto -S security-type " 40076185db85Sdougm "[-p property=value]* group"); 40086185db85Sdougm break; 40096185db85Sdougm case USAGE_SET_SHARE: 40106185db85Sdougm ret = gettext("set-share [-nh] [-r resource] " 40116185db85Sdougm "[-d \"description text\"] -s sharepath group"); 40126185db85Sdougm break; 40136185db85Sdougm case USAGE_SHOW: 40146185db85Sdougm ret = gettext("show [-pvxh] [-P proto] [group ...]"); 40156185db85Sdougm break; 40166185db85Sdougm case USAGE_SHARE: 40176185db85Sdougm ret = gettext("share [-F fstype] [-p] [-o optionlist]" 40186185db85Sdougm "[-d description] [pathname [resourcename]]"); 40196185db85Sdougm break; 40206185db85Sdougm case USAGE_START: 40216185db85Sdougm ret = gettext("start [-vh] [-P proto] {-a | group ...}"); 40226185db85Sdougm break; 40236185db85Sdougm case USAGE_STOP: 40246185db85Sdougm ret = gettext("stop [-vh] [-P proto] {-a | group ...}"); 40256185db85Sdougm break; 40266185db85Sdougm case USAGE_UNSET: 40276185db85Sdougm ret = gettext("unset [-nvh] -P proto [-S optspace] " 40286185db85Sdougm "[-p property]* group"); 40296185db85Sdougm break; 40306185db85Sdougm case USAGE_UNSET_SECURITY: 40316185db85Sdougm ret = gettext("unset-security [-nvh] -P proto -S security-type " 40326185db85Sdougm "[-p property]* group"); 40336185db85Sdougm break; 40346185db85Sdougm case USAGE_UNSHARE: 40356185db85Sdougm ret = gettext("unshare [-F fstype] [-p] [-o optionlist] sharepath"); 40366185db85Sdougm break; 40376185db85Sdougm } 40386185db85Sdougm return (ret); 40396185db85Sdougm } 40406185db85Sdougm 40416185db85Sdougm /* 40426185db85Sdougm * sa_lookup(cmd, proto) 40436185db85Sdougm * 40446185db85Sdougm * Lookup the sub-command. proto isn't currently used, but it may 40456185db85Sdougm * eventually provide a way to provide protocol specific sub-commands. 40466185db85Sdougm */ 40476185db85Sdougm 40486185db85Sdougm sa_command_t * 40496185db85Sdougm sa_lookup(char *cmd, char *proto) 40506185db85Sdougm { 40516185db85Sdougm int i; 40526185db85Sdougm size_t len; 40536185db85Sdougm #ifdef lint 40546185db85Sdougm proto = proto; 40556185db85Sdougm #endif 40566185db85Sdougm 40576185db85Sdougm len = strlen(cmd); 40586185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 40596185db85Sdougm if (strncmp(cmd, commands[i].cmdname, len) == 0) 40606185db85Sdougm return (&commands[i]); 40616185db85Sdougm } 40626185db85Sdougm return (NULL); 40636185db85Sdougm } 40646185db85Sdougm 40656185db85Sdougm void 40666185db85Sdougm sub_command_help(char *proto) 40676185db85Sdougm { 40686185db85Sdougm int i; 40696185db85Sdougm #ifdef lint 40706185db85Sdougm proto = proto; 40716185db85Sdougm #endif 40726185db85Sdougm 40736185db85Sdougm (void) printf(gettext("\tsub-commands:\n")); 40746185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 40756185db85Sdougm if (!(commands[i].flags & (CMD_ALIAS|CMD_NODISPLAY))) 40766185db85Sdougm (void) printf("\t%s\n", 40776185db85Sdougm sa_get_usage((sa_usage_t)commands[i].cmdidx)); 40786185db85Sdougm } 40796185db85Sdougm } 4080