xref: /titanic_51/usr/src/cmd/idmap/idmapd/init.c (revision c5c4113dfcabb1eed3d4bdf7609de5170027a794) 
1*c5c4113dSnw141292 /*
2*c5c4113dSnw141292  * CDDL HEADER START
3*c5c4113dSnw141292  *
4*c5c4113dSnw141292  * The contents of this file are subject to the terms of the
5*c5c4113dSnw141292  * Common Development and Distribution License (the "License").
6*c5c4113dSnw141292  * You may not use this file except in compliance with the License.
7*c5c4113dSnw141292  *
8*c5c4113dSnw141292  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*c5c4113dSnw141292  * or http://www.opensolaris.org/os/licensing.
10*c5c4113dSnw141292  * See the License for the specific language governing permissions
11*c5c4113dSnw141292  * and limitations under the License.
12*c5c4113dSnw141292  *
13*c5c4113dSnw141292  * When distributing Covered Code, include this CDDL HEADER in each
14*c5c4113dSnw141292  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*c5c4113dSnw141292  * If applicable, add the following below this CDDL HEADER, with the
16*c5c4113dSnw141292  * fields enclosed by brackets "[]" replaced with your own identifying
17*c5c4113dSnw141292  * information: Portions Copyright [yyyy] [name of copyright owner]
18*c5c4113dSnw141292  *
19*c5c4113dSnw141292  * CDDL HEADER END
20*c5c4113dSnw141292  */
21*c5c4113dSnw141292 /*
22*c5c4113dSnw141292  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23*c5c4113dSnw141292  * Use is subject to license terms.
24*c5c4113dSnw141292  */
25*c5c4113dSnw141292 
26*c5c4113dSnw141292 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27*c5c4113dSnw141292 
28*c5c4113dSnw141292 /*
29*c5c4113dSnw141292  * Initialization routines
30*c5c4113dSnw141292  */
31*c5c4113dSnw141292 
32*c5c4113dSnw141292 #include "idmapd.h"
33*c5c4113dSnw141292 #include <signal.h>
34*c5c4113dSnw141292 #include <thread.h>
35*c5c4113dSnw141292 #include <string.h>
36*c5c4113dSnw141292 #include <errno.h>
37*c5c4113dSnw141292 #include <assert.h>
38*c5c4113dSnw141292 #include <unistd.h>
39*c5c4113dSnw141292 #include <sys/types.h>
40*c5c4113dSnw141292 #include <sys/stat.h>
41*c5c4113dSnw141292 
42*c5c4113dSnw141292 static const char *me = "idmapd";
43*c5c4113dSnw141292 
44*c5c4113dSnw141292 int
45*c5c4113dSnw141292 init_mapping_system() {
46*c5c4113dSnw141292 	if (rwlock_init(&_idmapdstate.rwlk_cfg, USYNC_THREAD, NULL) != 0)
47*c5c4113dSnw141292 		return (-1);
48*c5c4113dSnw141292 	if (load_config() < 0)
49*c5c4113dSnw141292 		return (-1);
50*c5c4113dSnw141292 	if (init_dbs() < 0) {
51*c5c4113dSnw141292 		fini_mapping_system();
52*c5c4113dSnw141292 		return (-1);
53*c5c4113dSnw141292 	}
54*c5c4113dSnw141292 	return (0);
55*c5c4113dSnw141292 }
56*c5c4113dSnw141292 
57*c5c4113dSnw141292 void
58*c5c4113dSnw141292 fini_mapping_system() {
59*c5c4113dSnw141292 	fini_dbs();
60*c5c4113dSnw141292 }
61*c5c4113dSnw141292 
62*c5c4113dSnw141292 int
63*c5c4113dSnw141292 load_config() {
64*c5c4113dSnw141292 	if ((_idmapdstate.cfg = idmap_cfg_init()) == NULL) {
65*c5c4113dSnw141292 		idmapdlog(LOG_ERR, "%s: config init failed - %s",
66*c5c4113dSnw141292 			me, CHECK_NULL(idmap_cfg_error()));
67*c5c4113dSnw141292 		return (-1);
68*c5c4113dSnw141292 	}
69*c5c4113dSnw141292 	if (_idmapdstate.ad != NULL)
70*c5c4113dSnw141292 		idmap_ad_free(&_idmapdstate.ad);
71*c5c4113dSnw141292 	if (idmap_cfg_load(_idmapdstate.cfg) < 0) {
72*c5c4113dSnw141292 		idmapdlog(LOG_ERR, "%s: config load failed - %s",
73*c5c4113dSnw141292 			me, CHECK_NULL(idmap_cfg_error()));
74*c5c4113dSnw141292 		return (-1);
75*c5c4113dSnw141292 	}
76*c5c4113dSnw141292 	if (_idmapdstate.cfg->pgcfg.mapping_domain == NULL ||
77*c5c4113dSnw141292 	    _idmapdstate.cfg->pgcfg.mapping_domain[0] == '\0') {
78*c5c4113dSnw141292 		idmapdlog(LOG_ERR, "%s: Joined AD domain not configured; name "
79*c5c4113dSnw141292 			"based and ephemeral mapping will not function", me);
80*c5c4113dSnw141292 	} else if (idmap_ad_alloc(&_idmapdstate.ad,
81*c5c4113dSnw141292 		    _idmapdstate.cfg->pgcfg.mapping_domain,
82*c5c4113dSnw141292 		    IDMAP_AD_GLOBAL_CATALOG) != 0) {
83*c5c4113dSnw141292 		idmapdlog(LOG_ERR, "%s: could not initialize AD context",
84*c5c4113dSnw141292 			me);
85*c5c4113dSnw141292 		return (-1);
86*c5c4113dSnw141292 	}
87*c5c4113dSnw141292 	if (_idmapdstate.cfg->pgcfg.global_catalog == NULL ||
88*c5c4113dSnw141292 	    _idmapdstate.cfg->pgcfg.global_catalog[0] == '\0') {
89*c5c4113dSnw141292 		idmapdlog(LOG_ERR, "%s: Global catalog DSnot configured; name "
90*c5c4113dSnw141292 			"based and ephemeral mapping will not function", me);
91*c5c4113dSnw141292 	} else if (idmap_add_ds(_idmapdstate.ad,
92*c5c4113dSnw141292 		    _idmapdstate.cfg->pgcfg.global_catalog, 0) != 0) {
93*c5c4113dSnw141292 		idmapdlog(LOG_ERR, "%s: could not initialize AD DS context",
94*c5c4113dSnw141292 			me);
95*c5c4113dSnw141292 		return (-1);
96*c5c4113dSnw141292 	}
97*c5c4113dSnw141292 	return (0);
98*c5c4113dSnw141292 }
99*c5c4113dSnw141292 
100*c5c4113dSnw141292 void
101*c5c4113dSnw141292 print_idmapdstate() {
102*c5c4113dSnw141292 	RDLOCK_CONFIG();
103*c5c4113dSnw141292 
104*c5c4113dSnw141292 	if (_idmapdstate.daemon_mode == FALSE) {
105*c5c4113dSnw141292 		(void) fprintf(stderr, "%s: daemon_mode=%s\n",
106*c5c4113dSnw141292 			me, _idmapdstate.daemon_mode == TRUE?"true":"false");
107*c5c4113dSnw141292 		(void) fprintf(stderr, "%s: hostname=%s\n",
108*c5c4113dSnw141292 			me, _idmapdstate.hostname);
109*c5c4113dSnw141292 		(void) fprintf(stderr, "%s; name service domain=%s\n", me,
110*c5c4113dSnw141292 			_idmapdstate.domainname);
111*c5c4113dSnw141292 
112*c5c4113dSnw141292 		(void) fprintf(stderr, "%s: config=%s\n", me,
113*c5c4113dSnw141292 			_idmapdstate.cfg?"not null":"null");
114*c5c4113dSnw141292 	}
115*c5c4113dSnw141292 	if (_idmapdstate.cfg == NULL || _idmapdstate.daemon_mode == TRUE)
116*c5c4113dSnw141292 		goto out;
117*c5c4113dSnw141292 	(void) fprintf(stderr, "%s: list_size_limit=%llu\n", me,
118*c5c4113dSnw141292 		_idmapdstate.cfg->pgcfg.list_size_limit);
119*c5c4113dSnw141292 	(void) fprintf(stderr, "%s: mapping_domain=%s\n", me,
120*c5c4113dSnw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.mapping_domain));
121*c5c4113dSnw141292 	(void) fprintf(stderr, "%s: machine_sid=%s\n", me,
122*c5c4113dSnw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.machine_sid));
123*c5c4113dSnw141292 	(void) fprintf(stderr, "%s: global_catalog=%s\n", me,
124*c5c4113dSnw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.global_catalog));
125*c5c4113dSnw141292 	(void) fprintf(stderr, "%s: domain_controller=%s\n", me,
126*c5c4113dSnw141292 		CHECK_NULL(_idmapdstate.cfg->pgcfg.domain_controller));
127*c5c4113dSnw141292 out:
128*c5c4113dSnw141292 	UNLOCK_CONFIG();
129*c5c4113dSnw141292 }
130*c5c4113dSnw141292 
131*c5c4113dSnw141292 int
132*c5c4113dSnw141292 create_directory(const char *path, uid_t uid, gid_t gid) {
133*c5c4113dSnw141292 	int	rc;
134*c5c4113dSnw141292 
135*c5c4113dSnw141292 	if ((rc = mkdir(path, 0700)) < 0 && errno != EEXIST) {
136*c5c4113dSnw141292 		idmapdlog(LOG_ERR,
137*c5c4113dSnw141292 			"%s: Error creating directory %s (%s)",
138*c5c4113dSnw141292 			me, path, strerror(errno));
139*c5c4113dSnw141292 		return (-1);
140*c5c4113dSnw141292 	}
141*c5c4113dSnw141292 
142*c5c4113dSnw141292 	if (lchown(path, uid, gid) < 0) {
143*c5c4113dSnw141292 		idmapdlog(LOG_ERR,
144*c5c4113dSnw141292 			"%s: Error creating directory %s (%s)",
145*c5c4113dSnw141292 			me, path, strerror(errno));
146*c5c4113dSnw141292 		if (rc == 0)
147*c5c4113dSnw141292 			(void) rmdir(path);
148*c5c4113dSnw141292 		return (-1);
149*c5c4113dSnw141292 	}
150*c5c4113dSnw141292 	return (0);
151*c5c4113dSnw141292 }
152