16185db85Sdougm /* 26185db85Sdougm * CDDL HEADER START 36185db85Sdougm * 46185db85Sdougm * The contents of this file are subject to the terms of the 56185db85Sdougm * Common Development and Distribution License (the "License"). 66185db85Sdougm * You may not use this file except in compliance with the License. 76185db85Sdougm * 86185db85Sdougm * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 96185db85Sdougm * or http://www.opensolaris.org/os/licensing. 106185db85Sdougm * See the License for the specific language governing permissions 116185db85Sdougm * and limitations under the License. 126185db85Sdougm * 136185db85Sdougm * When distributing Covered Code, include this CDDL HEADER in each 146185db85Sdougm * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 156185db85Sdougm * If applicable, add the following below this CDDL HEADER, with the 166185db85Sdougm * fields enclosed by brackets "[]" replaced with your own identifying 176185db85Sdougm * information: Portions Copyright [yyyy] [name of copyright owner] 186185db85Sdougm * 196185db85Sdougm * CDDL HEADER END 206185db85Sdougm */ 216185db85Sdougm 226185db85Sdougm /* 23dc20a302Sas200622 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 246185db85Sdougm * Use is subject to license terms. 256185db85Sdougm */ 266185db85Sdougm 276185db85Sdougm #pragma ident "%Z%%M% %I% %E% SMI" 286185db85Sdougm 296185db85Sdougm #include <sys/types.h> 306185db85Sdougm #include <sys/stat.h> 316185db85Sdougm #include <fcntl.h> 326185db85Sdougm #include <stdlib.h> 336185db85Sdougm #include <stdio.h> 346185db85Sdougm #include <string.h> 356185db85Sdougm #include <ctype.h> 366185db85Sdougm #include <unistd.h> 376185db85Sdougm #include <getopt.h> 386185db85Sdougm #include <utmpx.h> 396185db85Sdougm #include <pwd.h> 406185db85Sdougm #include <auth_attr.h> 416185db85Sdougm #include <secdb.h> 426185db85Sdougm #include <sys/param.h> 436185db85Sdougm #include <sys/stat.h> 446185db85Sdougm #include <errno.h> 456185db85Sdougm 466185db85Sdougm #include <libshare.h> 476185db85Sdougm #include "sharemgr.h" 486185db85Sdougm #include <libscf.h> 496185db85Sdougm #include <libxml/tree.h> 506185db85Sdougm #include <libintl.h> 51da6c28aaSamw #include <assert.h> 52da6c28aaSamw #include <iconv.h> 53da6c28aaSamw #include <langinfo.h> 54da6c28aaSamw #include <dirent.h> 556185db85Sdougm 566185db85Sdougm static char *sa_get_usage(sa_usage_t); 576185db85Sdougm 586185db85Sdougm /* 596185db85Sdougm * Implementation of the common sub-commands supported by sharemgr. 606185db85Sdougm * A number of helper functions are also included. 616185db85Sdougm */ 626185db85Sdougm 636185db85Sdougm /* 646185db85Sdougm * has_protocol(group, proto) 656185db85Sdougm * If the group has an optionset with the specified protocol, 666185db85Sdougm * return true (1) otherwise false (0). 676185db85Sdougm */ 686185db85Sdougm static int 696185db85Sdougm has_protocol(sa_group_t group, char *protocol) 706185db85Sdougm { 716185db85Sdougm sa_optionset_t optionset; 726185db85Sdougm int result = 0; 736185db85Sdougm 746185db85Sdougm optionset = sa_get_optionset(group, protocol); 756185db85Sdougm if (optionset != NULL) { 766185db85Sdougm result++; 776185db85Sdougm } 786185db85Sdougm return (result); 796185db85Sdougm } 806185db85Sdougm 816185db85Sdougm /* 82da6c28aaSamw * validresource(name) 83da6c28aaSamw * 84da6c28aaSamw * Check that name only has valid characters in it. The current valid 85da6c28aaSamw * set are the printable characters but not including: 86da6c28aaSamw * " / \ [ ] : | < > + ; , ? * = \t 87da6c28aaSamw * Note that space is included and there is a maximum length. 88da6c28aaSamw */ 89da6c28aaSamw static int 90da6c28aaSamw validresource(const char *name) 91da6c28aaSamw { 92da6c28aaSamw const char *cp; 93da6c28aaSamw size_t len; 94da6c28aaSamw 95da6c28aaSamw if (name == NULL) 96da6c28aaSamw return (B_FALSE); 97da6c28aaSamw 98da6c28aaSamw len = strlen(name); 99da6c28aaSamw if (len == 0 || len > SA_MAX_RESOURCE_NAME) 100da6c28aaSamw return (B_FALSE); 101da6c28aaSamw 102da6c28aaSamw if (strpbrk(name, "\"/\\[]:|<>+;,?*=\t") != NULL) { 103da6c28aaSamw return (B_FALSE); 104da6c28aaSamw } 105da6c28aaSamw 106da6c28aaSamw for (cp = name; *cp != '\0'; cp++) 107da6c28aaSamw if (iscntrl(*cp)) 108da6c28aaSamw return (B_FALSE); 109da6c28aaSamw 110da6c28aaSamw return (B_TRUE); 111da6c28aaSamw } 112da6c28aaSamw 113da6c28aaSamw /* 114da6c28aaSamw * conv_to_utf8(input) 115da6c28aaSamw * 116da6c28aaSamw * Convert the input string to utf8 from the current locale. If the 117da6c28aaSamw * conversion fails, use the current locale, it is likely close 118da6c28aaSamw * enough. For example, the "C" locale is a subset of utf-8. The 119da6c28aaSamw * return value may be a new string or the original input string. 120da6c28aaSamw */ 121da6c28aaSamw 122da6c28aaSamw static char * 123da6c28aaSamw conv_to_utf8(char *input) 124da6c28aaSamw { 125da6c28aaSamw iconv_t cd; 12655bf511dSas200622 char *inval = input; 127da6c28aaSamw char *output = input; 128da6c28aaSamw char *outleft; 129da6c28aaSamw char *curlocale; 130da6c28aaSamw size_t bytesleft; 131da6c28aaSamw size_t size; 132da6c28aaSamw size_t osize; 133da6c28aaSamw static int warned = 0; 134da6c28aaSamw 135da6c28aaSamw curlocale = nl_langinfo(CODESET); 136da6c28aaSamw if (curlocale == NULL) 137da6c28aaSamw curlocale = "C"; 138da6c28aaSamw cd = iconv_open("UTF-8", curlocale); 139da6c28aaSamw if (cd != NULL && cd != (iconv_t)-1) { 140da6c28aaSamw size = strlen(input); 141da6c28aaSamw /* Assume worst case of characters expanding to 4 bytes. */ 142da6c28aaSamw bytesleft = size * 4; 143da6c28aaSamw output = calloc(bytesleft, 1); 144da6c28aaSamw if (output != NULL) { 145da6c28aaSamw outleft = output; 14655bf511dSas200622 /* inval can be modified on return */ 14755bf511dSas200622 osize = iconv(cd, (const char **)&inval, &size, 148da6c28aaSamw &outleft, &bytesleft); 149da6c28aaSamw if (osize == (size_t)-1 || size != 0) { 150da6c28aaSamw free(output); 151da6c28aaSamw output = input; 152da6c28aaSamw } 15355bf511dSas200622 } else { 15455bf511dSas200622 /* Need to return something. */ 15555bf511dSas200622 output = input; 156da6c28aaSamw } 157da6c28aaSamw (void) iconv_close(cd); 158da6c28aaSamw } else { 159da6c28aaSamw if (!warned) 160da6c28aaSamw (void) fprintf(stderr, 161da6c28aaSamw gettext("Cannot convert to UTF-8 from %s\n"), 162da6c28aaSamw curlocale ? curlocale : gettext("unknown")); 163da6c28aaSamw warned = 1; 164da6c28aaSamw } 165da6c28aaSamw return (output); 166da6c28aaSamw } 167da6c28aaSamw 168da6c28aaSamw /* 169da6c28aaSamw * conv_from(input) 170da6c28aaSamw * 171da6c28aaSamw * Convert the input string from utf8 to current locale. If the 172da6c28aaSamw * conversion isn't supported, just use as is. The return value may be 173da6c28aaSamw * a new string or the original input string. 174da6c28aaSamw */ 175da6c28aaSamw 176da6c28aaSamw static char * 177da6c28aaSamw conv_from_utf8(char *input) 178da6c28aaSamw { 179da6c28aaSamw iconv_t cd; 180da6c28aaSamw char *output = input; 18155bf511dSas200622 char *inval = input; 182da6c28aaSamw char *outleft; 183da6c28aaSamw char *curlocale; 184da6c28aaSamw size_t bytesleft; 185da6c28aaSamw size_t size; 186da6c28aaSamw size_t osize; 187da6c28aaSamw static int warned = 0; 188da6c28aaSamw 189da6c28aaSamw curlocale = nl_langinfo(CODESET); 190da6c28aaSamw if (curlocale == NULL) 191da6c28aaSamw curlocale = "C"; 192da6c28aaSamw cd = iconv_open(curlocale, "UTF-8"); 193da6c28aaSamw if (cd != NULL && cd != (iconv_t)-1) { 194da6c28aaSamw size = strlen(input); 195da6c28aaSamw /* Assume worst case of characters expanding to 4 bytes. */ 196da6c28aaSamw bytesleft = size * 4; 197da6c28aaSamw output = calloc(bytesleft, 1); 198da6c28aaSamw if (output != NULL) { 199da6c28aaSamw outleft = output; 20055bf511dSas200622 osize = iconv(cd, (const char **)&inval, &size, 201da6c28aaSamw &outleft, &bytesleft); 20255bf511dSas200622 if (osize == (size_t)-1 || size != 0) 203da6c28aaSamw output = input; 20455bf511dSas200622 } else { 20555bf511dSas200622 /* Need to return something. */ 20655bf511dSas200622 output = input; 207da6c28aaSamw } 208da6c28aaSamw (void) iconv_close(cd); 209da6c28aaSamw } else { 210da6c28aaSamw if (!warned) 211da6c28aaSamw (void) fprintf(stderr, 212da6c28aaSamw gettext("Cannot convert to %s from UTF-8\n"), 213da6c28aaSamw curlocale ? curlocale : gettext("unknown")); 214da6c28aaSamw warned = 1; 215da6c28aaSamw } 216da6c28aaSamw return (output); 217da6c28aaSamw } 218da6c28aaSamw 219573b0c00Sdougm /* 220573b0c00Sdougm * print_rsrc_desc(resource, sharedesc) 221573b0c00Sdougm * 222573b0c00Sdougm * Print the resource description string after converting from UTF8 to 223573b0c00Sdougm * the current locale. If sharedesc is not NULL and there is no 224573b0c00Sdougm * description on the resource, use sharedesc. sharedesc will already 225573b0c00Sdougm * be converted to UTF8. 226573b0c00Sdougm */ 227573b0c00Sdougm 228da6c28aaSamw static void 229573b0c00Sdougm print_rsrc_desc(sa_resource_t resource, char *sharedesc) 230da6c28aaSamw { 231da6c28aaSamw char *description; 232da6c28aaSamw char *desc; 233da6c28aaSamw 234573b0c00Sdougm if (resource == NULL) 235573b0c00Sdougm return; 236573b0c00Sdougm 237da6c28aaSamw description = sa_get_resource_description(resource); 238da6c28aaSamw if (description != NULL) { 239da6c28aaSamw desc = conv_from_utf8(description); 240da6c28aaSamw if (desc != description) { 241da6c28aaSamw sa_free_share_description(description); 242da6c28aaSamw description = desc; 243da6c28aaSamw } 244573b0c00Sdougm } else if (sharedesc != NULL) { 245573b0c00Sdougm description = strdup(sharedesc); 246573b0c00Sdougm } 247573b0c00Sdougm if (description != NULL) { 248da6c28aaSamw (void) printf("\t\"%s\"", description); 249da6c28aaSamw sa_free_share_description(description); 250da6c28aaSamw } 251da6c28aaSamw } 252da6c28aaSamw 253573b0c00Sdougm /* 254573b0c00Sdougm * set_resource_desc(share, description) 255573b0c00Sdougm * 256573b0c00Sdougm * Set the share description value after converting the description 257573b0c00Sdougm * string to UTF8 from the current locale. 258573b0c00Sdougm */ 259573b0c00Sdougm 260573b0c00Sdougm static int 261573b0c00Sdougm set_resource_desc(sa_share_t share, char *description) 262573b0c00Sdougm { 263573b0c00Sdougm char *desc; 264573b0c00Sdougm int ret; 265573b0c00Sdougm 266573b0c00Sdougm desc = conv_to_utf8(description); 267573b0c00Sdougm ret = sa_set_resource_description(share, desc); 268573b0c00Sdougm if (description != desc) 269573b0c00Sdougm sa_free_share_description(desc); 270573b0c00Sdougm return (ret); 271573b0c00Sdougm } 272573b0c00Sdougm 273573b0c00Sdougm /* 274573b0c00Sdougm * set_share_desc(share, description) 275573b0c00Sdougm * 276573b0c00Sdougm * Set the resource description value after converting the description 277573b0c00Sdougm * string to UTF8 from the current locale. 278573b0c00Sdougm */ 279573b0c00Sdougm 280da6c28aaSamw static int 281da6c28aaSamw set_share_desc(sa_share_t share, char *description) 282da6c28aaSamw { 283da6c28aaSamw char *desc; 284da6c28aaSamw int ret; 285da6c28aaSamw 286da6c28aaSamw desc = conv_to_utf8(description); 287da6c28aaSamw ret = sa_set_share_description(share, desc); 288da6c28aaSamw if (description != desc) 289da6c28aaSamw sa_free_share_description(desc); 290da6c28aaSamw return (ret); 291da6c28aaSamw } 292da6c28aaSamw 293da6c28aaSamw /* 294da6c28aaSamw * add_list(list, item, data, proto) 295da6c28aaSamw * Adds a new list member that points holds item in the list. 2966185db85Sdougm * If list is NULL, it starts a new list. The function returns 2976185db85Sdougm * the first member of the list. 2986185db85Sdougm */ 2996185db85Sdougm struct list * 300da6c28aaSamw add_list(struct list *listp, void *item, void *data, char *proto) 3016185db85Sdougm { 3026185db85Sdougm struct list *new, *tmp; 3036185db85Sdougm 3046185db85Sdougm new = malloc(sizeof (struct list)); 3056185db85Sdougm if (new != NULL) { 3066185db85Sdougm new->next = NULL; 3076185db85Sdougm new->item = item; 3086185db85Sdougm new->itemdata = data; 309da6c28aaSamw new->proto = proto; 3106185db85Sdougm } else { 3116185db85Sdougm return (listp); 3126185db85Sdougm } 3136185db85Sdougm 3146185db85Sdougm if (listp == NULL) 3156185db85Sdougm return (new); 3166185db85Sdougm 3176185db85Sdougm for (tmp = listp; tmp->next != NULL; tmp = tmp->next) { 3186185db85Sdougm /* get to end of list */ 3196185db85Sdougm } 3206185db85Sdougm tmp->next = new; 3216185db85Sdougm return (listp); 3226185db85Sdougm } 3236185db85Sdougm 3246185db85Sdougm /* 3256185db85Sdougm * free_list(list) 3266185db85Sdougm * Given a list, free all the members of the list; 3276185db85Sdougm */ 3286185db85Sdougm static void 3296185db85Sdougm free_list(struct list *listp) 3306185db85Sdougm { 3316185db85Sdougm struct list *tmp; 3326185db85Sdougm while (listp != NULL) { 3336185db85Sdougm tmp = listp; 3346185db85Sdougm listp = listp->next; 3356185db85Sdougm free(tmp); 3366185db85Sdougm } 3376185db85Sdougm } 3386185db85Sdougm 3396185db85Sdougm /* 3406185db85Sdougm * check_authorization(instname, which) 3416185db85Sdougm * 3426185db85Sdougm * Checks to see if the specific type of authorization in which is 3436185db85Sdougm * enabled for the user in this SMF service instance. 3446185db85Sdougm */ 3456185db85Sdougm 3466185db85Sdougm static int 3476185db85Sdougm check_authorization(char *instname, int which) 3486185db85Sdougm { 3496185db85Sdougm scf_handle_t *handle = NULL; 3506185db85Sdougm scf_simple_prop_t *prop = NULL; 3516185db85Sdougm char svcstring[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 3526185db85Sdougm char *authstr = NULL; 3536185db85Sdougm ssize_t numauths; 35425a68471Sdougm int ret = B_TRUE; 3556185db85Sdougm uid_t uid; 3566185db85Sdougm struct passwd *pw = NULL; 3576185db85Sdougm 3586185db85Sdougm uid = getuid(); 3596185db85Sdougm pw = getpwuid(uid); 36025a68471Sdougm if (pw == NULL) { 36125a68471Sdougm ret = B_FALSE; 36225a68471Sdougm } else { 36325a68471Sdougm /* 36425a68471Sdougm * Since names are restricted to SA_MAX_NAME_LEN won't 36525a68471Sdougm * overflow. 36625a68471Sdougm */ 36725a68471Sdougm (void) snprintf(svcstring, sizeof (svcstring), "%s:%s", 36825a68471Sdougm SA_SVC_FMRI_BASE, instname); 3696185db85Sdougm handle = scf_handle_create(SCF_VERSION); 3706185db85Sdougm if (handle != NULL) { 3716185db85Sdougm if (scf_handle_bind(handle) == 0) { 3726185db85Sdougm switch (which) { 3736185db85Sdougm case SVC_SET: 37425a68471Sdougm prop = scf_simple_prop_get(handle, 37525a68471Sdougm svcstring, "general", 3766185db85Sdougm SVC_AUTH_VALUE); 3776185db85Sdougm break; 3786185db85Sdougm case SVC_ACTION: 37925a68471Sdougm prop = scf_simple_prop_get(handle, 38025a68471Sdougm svcstring, "general", 3816185db85Sdougm SVC_AUTH_ACTION); 3826185db85Sdougm break; 3836185db85Sdougm } 3846185db85Sdougm } 3856185db85Sdougm } 3866185db85Sdougm } 3876185db85Sdougm /* make sure we have an authorization string property */ 3886185db85Sdougm if (prop != NULL) { 3896185db85Sdougm int i; 3906185db85Sdougm numauths = scf_simple_prop_numvalues(prop); 3916185db85Sdougm for (ret = 0, i = 0; i < numauths; i++) { 3926185db85Sdougm authstr = scf_simple_prop_next_astring(prop); 3936185db85Sdougm if (authstr != NULL) { 3946185db85Sdougm /* check if this user has one of the strings */ 3956185db85Sdougm if (chkauthattr(authstr, pw->pw_name)) { 3966185db85Sdougm ret = 1; 3976185db85Sdougm break; 3986185db85Sdougm } 3996185db85Sdougm } 4006185db85Sdougm } 4016185db85Sdougm endauthattr(); 4026185db85Sdougm scf_simple_prop_free(prop); 4036185db85Sdougm } else { 4046185db85Sdougm /* no authorization string defined */ 4056185db85Sdougm ret = 0; 4066185db85Sdougm } 4076185db85Sdougm if (handle != NULL) 4086185db85Sdougm scf_handle_destroy(handle); 4096185db85Sdougm return (ret); 4106185db85Sdougm } 4116185db85Sdougm 4126185db85Sdougm /* 4136185db85Sdougm * check_authorizations(instname, flags) 4146185db85Sdougm * 4156185db85Sdougm * check all the needed authorizations for the user in this service 4166185db85Sdougm * instance. Return value of 1(true) or 0(false) indicates whether 4176185db85Sdougm * there are authorizations for the user or not. 4186185db85Sdougm */ 4196185db85Sdougm 4206185db85Sdougm static int 4216185db85Sdougm check_authorizations(char *instname, int flags) 4226185db85Sdougm { 4236185db85Sdougm int ret1 = 0; 4246185db85Sdougm int ret2 = 0; 4256185db85Sdougm int ret; 4266185db85Sdougm 4276185db85Sdougm if (flags & SVC_SET) 4286185db85Sdougm ret1 = check_authorization(instname, SVC_SET); 4296185db85Sdougm if (flags & SVC_ACTION) 4306185db85Sdougm ret2 = check_authorization(instname, SVC_ACTION); 4316185db85Sdougm switch (flags) { 4326185db85Sdougm case SVC_ACTION: 4336185db85Sdougm ret = ret2; 4346185db85Sdougm break; 4356185db85Sdougm case SVC_SET: 4366185db85Sdougm ret = ret1; 4376185db85Sdougm break; 4386185db85Sdougm case SVC_ACTION|SVC_SET: 4396185db85Sdougm ret = ret1 & ret2; 4406185db85Sdougm break; 4416185db85Sdougm default: 4426185db85Sdougm /* if not flags set, we assume we don't need authorizations */ 4436185db85Sdougm ret = 1; 4446185db85Sdougm } 4456185db85Sdougm return (ret); 4466185db85Sdougm } 4476185db85Sdougm 4486185db85Sdougm /* 449da6c28aaSamw * notify_or_enable_share(share, protocol) 450da6c28aaSamw * 451da6c28aaSamw * Since some protocols don't want an "enable" when properties change, 452da6c28aaSamw * this function will use the protocol specific notify function 453da6c28aaSamw * first. If that fails, it will then attempt to use the 454da6c28aaSamw * sa_enable_share(). "protocol" is the protocol that was specified 455da6c28aaSamw * on the command line. 456da6c28aaSamw */ 457da6c28aaSamw static void 458da6c28aaSamw notify_or_enable_share(sa_share_t share, char *protocol) 459da6c28aaSamw { 460da6c28aaSamw sa_group_t group; 461da6c28aaSamw sa_optionset_t opt; 462da6c28aaSamw int ret = SA_OK; 463da6c28aaSamw char *path; 464da6c28aaSamw char *groupproto; 465da6c28aaSamw sa_share_t parent = share; 466da6c28aaSamw 467da6c28aaSamw /* If really a resource, get parent share */ 468da6c28aaSamw if (!sa_is_share(share)) { 469da6c28aaSamw parent = sa_get_resource_parent((sa_resource_t)share); 470da6c28aaSamw } 471da6c28aaSamw 472da6c28aaSamw /* 473da6c28aaSamw * Now that we've got a share in "parent", make sure it has a path. 474da6c28aaSamw */ 475da6c28aaSamw path = sa_get_share_attr(parent, "path"); 476da6c28aaSamw if (path == NULL) 477da6c28aaSamw return; 478da6c28aaSamw 479da6c28aaSamw group = sa_get_parent_group(parent); 480da6c28aaSamw 481da6c28aaSamw if (group == NULL) { 482da6c28aaSamw sa_free_attr_string(path); 483da6c28aaSamw return; 484da6c28aaSamw } 485da6c28aaSamw for (opt = sa_get_optionset(group, NULL); 486da6c28aaSamw opt != NULL; 487da6c28aaSamw opt = sa_get_next_optionset(opt)) { 488da6c28aaSamw groupproto = sa_get_optionset_attr(opt, "type"); 489da6c28aaSamw if (groupproto == NULL || 490da6c28aaSamw (protocol != NULL && strcmp(groupproto, protocol) != 0)) { 491da6c28aaSamw sa_free_attr_string(groupproto); 492da6c28aaSamw continue; 493da6c28aaSamw } 494da6c28aaSamw if (sa_is_share(share)) { 495da6c28aaSamw if ((ret = sa_proto_change_notify(share, 496da6c28aaSamw groupproto)) != SA_OK) { 497da6c28aaSamw ret = sa_enable_share(share, groupproto); 498da6c28aaSamw if (ret != SA_OK) { 499da6c28aaSamw (void) printf( 500da6c28aaSamw gettext("Could not reenable" 501da6c28aaSamw " share %s: %s\n"), 502da6c28aaSamw path, sa_errorstr(ret)); 503da6c28aaSamw } 504da6c28aaSamw } 505da6c28aaSamw } else { 506da6c28aaSamw /* Must be a resource */ 507da6c28aaSamw if ((ret = sa_proto_notify_resource(share, 508da6c28aaSamw groupproto)) != SA_OK) { 509da6c28aaSamw ret = sa_enable_resource(share, groupproto); 510da6c28aaSamw if (ret != SA_OK) { 511da6c28aaSamw (void) printf( 512da6c28aaSamw gettext("Could not " 513da6c28aaSamw "reenable resource %s: " 514da6c28aaSamw "%s\n"), path, 515da6c28aaSamw sa_errorstr(ret)); 516da6c28aaSamw } 517da6c28aaSamw } 518da6c28aaSamw } 519da6c28aaSamw sa_free_attr_string(groupproto); 520da6c28aaSamw } 521da6c28aaSamw sa_free_attr_string(path); 522da6c28aaSamw } 523da6c28aaSamw 524da6c28aaSamw /* 525da6c28aaSamw * enable_group(group, updateproto, notify, proto) 5267d968cb8Sdougm * 5277d968cb8Sdougm * enable all the shares in the specified group. This is a helper for 5287d968cb8Sdougm * enable_all_groups in order to simplify regular and subgroup (zfs) 529da6c28aaSamw * enabling. Group has already been checked for non-NULL. If notify 530da6c28aaSamw * is non-zero, attempt to use the notify interface rather than 531da6c28aaSamw * enable. 5326185db85Sdougm */ 5337d968cb8Sdougm static void 534da6c28aaSamw enable_group(sa_group_t group, char *updateproto, int notify, char *proto) 5356185db85Sdougm { 5366185db85Sdougm sa_share_t share; 5377d968cb8Sdougm 5387d968cb8Sdougm for (share = sa_get_share(group, NULL); 5397d968cb8Sdougm share != NULL; 5407d968cb8Sdougm share = sa_get_next_share(share)) { 5417d968cb8Sdougm if (updateproto != NULL) 5427d968cb8Sdougm (void) sa_update_legacy(share, updateproto); 543da6c28aaSamw if (notify) 544da6c28aaSamw notify_or_enable_share(share, proto); 545da6c28aaSamw else 546da6c28aaSamw (void) sa_enable_share(share, proto); 5477d968cb8Sdougm } 5487d968cb8Sdougm } 5497d968cb8Sdougm 5507d968cb8Sdougm /* 551330ef417Sdougm * isenabled(group) 552330ef417Sdougm * 553330ef417Sdougm * Returns B_TRUE if the group is enabled or B_FALSE if it isn't. 554330ef417Sdougm * Moved to separate function to reduce clutter in the code. 555330ef417Sdougm */ 556330ef417Sdougm 557330ef417Sdougm static int 558330ef417Sdougm isenabled(sa_group_t group) 559330ef417Sdougm { 560330ef417Sdougm char *state; 561330ef417Sdougm int ret = B_FALSE; 562330ef417Sdougm 563330ef417Sdougm if (group != NULL) { 564330ef417Sdougm state = sa_get_group_attr(group, "state"); 565330ef417Sdougm if (state != NULL) { 566da6c28aaSamw 567330ef417Sdougm if (strcmp(state, "enabled") == 0) 568330ef417Sdougm ret = B_TRUE; 569330ef417Sdougm sa_free_attr_string(state); 570330ef417Sdougm } 571330ef417Sdougm } 572330ef417Sdougm return (ret); 573330ef417Sdougm } 574330ef417Sdougm 575330ef417Sdougm /* 5767d968cb8Sdougm * enable_all_groups(list, setstate, online, updateproto) 577da6c28aaSamw * 578da6c28aaSamw * Given a list of groups, enable each one found. If updateproto is 579da6c28aaSamw * not NULL, then update all the shares for the protocol that was 580da6c28aaSamw * passed in. If enable is non-zero, tell enable_group to try the 581da6c28aaSamw * notify interface since this is a property change. 5827d968cb8Sdougm */ 5837d968cb8Sdougm static int 584549ec3ffSdougm enable_all_groups(sa_handle_t handle, struct list *work, int setstate, 585da6c28aaSamw int online, char *updateproto, int enable) 5867d968cb8Sdougm { 587330ef417Sdougm int ret; 5886185db85Sdougm char instance[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 5896185db85Sdougm char *state; 5906185db85Sdougm char *name; 5916185db85Sdougm char *zfs = NULL; 5926185db85Sdougm sa_group_t group; 5937d968cb8Sdougm sa_group_t subgroup; 5946185db85Sdougm 595330ef417Sdougm for (ret = SA_OK; work != NULL; work = work->next) { 5966185db85Sdougm group = (sa_group_t)work->item; 597330ef417Sdougm 598330ef417Sdougm /* 599330ef417Sdougm * If setstate == TRUE, then make sure to set 600330ef417Sdougm * enabled. This needs to be done here in order for 601330ef417Sdougm * the isenabled check to succeed on a newly enabled 602330ef417Sdougm * group. 603330ef417Sdougm */ 604330ef417Sdougm if (setstate == B_TRUE) { 605330ef417Sdougm ret = sa_set_group_attr(group, "state", "enabled"); 606330ef417Sdougm if (ret != SA_OK) 607330ef417Sdougm break; 608330ef417Sdougm } 609330ef417Sdougm 610330ef417Sdougm /* 611330ef417Sdougm * Check to see if group is enabled. If it isn't, skip 612330ef417Sdougm * the rest. We don't want shares starting if the 613330ef417Sdougm * group is disabled. The properties may have been 614330ef417Sdougm * updated, but there won't be a change until the 615330ef417Sdougm * group is enabled. 616330ef417Sdougm */ 617330ef417Sdougm if (!isenabled(group)) 618330ef417Sdougm continue; 619330ef417Sdougm 6206185db85Sdougm /* if itemdata != NULL then a single share */ 6216185db85Sdougm if (work->itemdata != NULL) { 622da6c28aaSamw if (enable) { 623da6c28aaSamw if (work->itemdata != NULL) 624da6c28aaSamw notify_or_enable_share(work->itemdata, 625da6c28aaSamw updateproto); 626da6c28aaSamw else 627da6c28aaSamw ret = SA_CONFIG_ERR; 628da6c28aaSamw } else { 629da6c28aaSamw if (sa_is_share(work->itemdata)) { 630da6c28aaSamw ret = sa_enable_share( 631da6c28aaSamw (sa_share_t)work->itemdata, 632da6c28aaSamw updateproto); 633da6c28aaSamw } else { 634da6c28aaSamw ret = sa_enable_resource( 635da6c28aaSamw (sa_resource_t)work->itemdata, 636da6c28aaSamw updateproto); 637da6c28aaSamw } 638da6c28aaSamw } 6396185db85Sdougm } 640330ef417Sdougm if (ret != SA_OK) 641330ef417Sdougm break; 642330ef417Sdougm 6436185db85Sdougm /* if itemdata == NULL then the whole group */ 6446185db85Sdougm if (work->itemdata == NULL) { 6457d968cb8Sdougm zfs = sa_get_group_attr(group, "zfs"); 6467d968cb8Sdougm /* 647da6c28aaSamw * If the share is managed by ZFS, don't 6487d968cb8Sdougm * update any of the protocols since ZFS is 649da6c28aaSamw * handling this. Updateproto will contain 6507d968cb8Sdougm * the name of the protocol that we want to 6517d968cb8Sdougm * update legacy files for. 6527d968cb8Sdougm */ 653da6c28aaSamw enable_group(group, zfs == NULL ? updateproto : NULL, 654da6c28aaSamw enable, work->proto); 65525a68471Sdougm for (subgroup = sa_get_sub_group(group); 65625a68471Sdougm subgroup != NULL; 6577d968cb8Sdougm subgroup = sa_get_next_group(subgroup)) { 6587d968cb8Sdougm /* never update legacy for ZFS subgroups */ 659da6c28aaSamw enable_group(subgroup, NULL, enable, 660da6c28aaSamw work->proto); 6616185db85Sdougm } 6626185db85Sdougm } 6636185db85Sdougm if (online) { 6646185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 6657d968cb8Sdougm name = sa_get_group_attr(group, "name"); 6666185db85Sdougm if (name != NULL) { 6676185db85Sdougm if (zfs == NULL) { 66825a68471Sdougm (void) snprintf(instance, 66925a68471Sdougm sizeof (instance), "%s:%s", 6706185db85Sdougm SA_SVC_FMRI_BASE, name); 6716185db85Sdougm state = smf_get_state(instance); 6726185db85Sdougm if (state == NULL || 6736185db85Sdougm strcmp(state, "online") != 0) { 67425a68471Sdougm (void) smf_enable_instance( 67525a68471Sdougm instance, 0); 6766185db85Sdougm free(state); 6776185db85Sdougm } 6786185db85Sdougm } else { 6796185db85Sdougm sa_free_attr_string(zfs); 6806185db85Sdougm zfs = NULL; 6816185db85Sdougm } 6826185db85Sdougm if (name != NULL) 6836185db85Sdougm sa_free_attr_string(name); 6846185db85Sdougm } 6856185db85Sdougm } 6866185db85Sdougm } 6876185db85Sdougm if (ret == SA_OK) { 688549ec3ffSdougm ret = sa_update_config(handle); 6896185db85Sdougm } 6906185db85Sdougm return (ret); 6916185db85Sdougm } 6926185db85Sdougm 6936185db85Sdougm /* 6946185db85Sdougm * chk_opt(optlistp, security, proto) 6956185db85Sdougm * 6966185db85Sdougm * Do a sanity check on the optlist provided for the protocol. This 6976185db85Sdougm * is a syntax check and verification that the property is either a 6986185db85Sdougm * general or specific to a names optionset. 6996185db85Sdougm */ 7006185db85Sdougm 7016185db85Sdougm static int 7026185db85Sdougm chk_opt(struct options *optlistp, int security, char *proto) 7036185db85Sdougm { 7046185db85Sdougm struct options *optlist; 7056185db85Sdougm char *sep = ""; 7066185db85Sdougm int notfirst = 0; 7076185db85Sdougm int ret; 7086185db85Sdougm 7096185db85Sdougm for (optlist = optlistp; optlist != NULL; optlist = optlist->next) { 7106185db85Sdougm char *optname; 7116185db85Sdougm 7126185db85Sdougm optname = optlist->optname; 7136185db85Sdougm ret = OPT_ADD_OK; 7146185db85Sdougm /* extract property/value pair */ 7156185db85Sdougm if (sa_is_security(optname, proto)) { 7166185db85Sdougm if (!security) 7176185db85Sdougm ret = OPT_ADD_SECURITY; 7186185db85Sdougm } else { 7196185db85Sdougm if (security) 7206185db85Sdougm ret = OPT_ADD_PROPERTY; 7216185db85Sdougm } 7226185db85Sdougm if (ret != OPT_ADD_OK) { 7236185db85Sdougm if (notfirst == 0) 72425a68471Sdougm (void) printf( 72525a68471Sdougm gettext("Property syntax error: ")); 7266185db85Sdougm switch (ret) { 7276185db85Sdougm case OPT_ADD_SYNTAX: 7286185db85Sdougm (void) printf(gettext("%ssyntax error: %s"), 7296185db85Sdougm sep, optname); 7306185db85Sdougm sep = ", "; 7316185db85Sdougm break; 7326185db85Sdougm case OPT_ADD_SECURITY: 7336185db85Sdougm (void) printf(gettext("%s%s requires -S"), 7346185db85Sdougm optname, sep); 7356185db85Sdougm sep = ", "; 7366185db85Sdougm break; 7376185db85Sdougm case OPT_ADD_PROPERTY: 73825a68471Sdougm (void) printf( 73925a68471Sdougm gettext("%s%s not supported with -S"), 7406185db85Sdougm optname, sep); 7416185db85Sdougm sep = ", "; 7426185db85Sdougm break; 7436185db85Sdougm } 7446185db85Sdougm notfirst++; 7456185db85Sdougm } 7466185db85Sdougm } 7476185db85Sdougm if (notfirst) { 7486185db85Sdougm (void) printf("\n"); 7496185db85Sdougm ret = SA_SYNTAX_ERR; 7506185db85Sdougm } 7516185db85Sdougm return (ret); 7526185db85Sdougm } 7536185db85Sdougm 7546185db85Sdougm /* 7556185db85Sdougm * free_opt(optlist) 7566185db85Sdougm * Free the specified option list. 7576185db85Sdougm */ 7586185db85Sdougm static void 7596185db85Sdougm free_opt(struct options *optlist) 7606185db85Sdougm { 7616185db85Sdougm struct options *nextopt; 7626185db85Sdougm while (optlist != NULL) { 7636185db85Sdougm nextopt = optlist->next; 7646185db85Sdougm free(optlist); 7656185db85Sdougm optlist = nextopt; 7666185db85Sdougm } 7676185db85Sdougm } 7686185db85Sdougm 7696185db85Sdougm /* 7706185db85Sdougm * check property list for valid properties 7716185db85Sdougm * A null value is a remove which is always valid. 7726185db85Sdougm */ 7736185db85Sdougm static int 7746185db85Sdougm valid_options(struct options *optlist, char *proto, void *object, char *sec) 7756185db85Sdougm { 7766185db85Sdougm int ret = SA_OK; 7776185db85Sdougm struct options *cur; 7786185db85Sdougm sa_property_t prop; 7796185db85Sdougm sa_optionset_t parent = NULL; 7806185db85Sdougm 7816185db85Sdougm if (object != NULL) { 7826185db85Sdougm if (sec == NULL) 7836185db85Sdougm parent = sa_get_optionset(object, proto); 7846185db85Sdougm else 7856185db85Sdougm parent = sa_get_security(object, sec, proto); 7866185db85Sdougm } 7876185db85Sdougm 7886185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 78925a68471Sdougm if (cur->optvalue == NULL) 79025a68471Sdougm continue; 7916185db85Sdougm prop = sa_create_property(cur->optname, cur->optvalue); 7926185db85Sdougm if (prop == NULL) 7936185db85Sdougm ret = SA_NO_MEMORY; 7946185db85Sdougm if (ret != SA_OK || 7956185db85Sdougm (ret = sa_valid_property(parent, proto, prop)) != SA_OK) { 79625a68471Sdougm (void) printf( 79725a68471Sdougm gettext("Could not add property %s: %s\n"), 79825a68471Sdougm cur->optname, sa_errorstr(ret)); 7996185db85Sdougm } 8006185db85Sdougm (void) sa_remove_property(prop); 8016185db85Sdougm } 8026185db85Sdougm return (ret); 8036185db85Sdougm } 8046185db85Sdougm 8056185db85Sdougm /* 8066185db85Sdougm * add_optionset(group, optlist, protocol, *err) 8076185db85Sdougm * Add the options in optlist to an optionset and then add the optionset 8086185db85Sdougm * to the group. 8096185db85Sdougm * 8106185db85Sdougm * The return value indicates if there was a "change" while errors are 8116185db85Sdougm * returned via the *err parameters. 8126185db85Sdougm */ 8136185db85Sdougm static int 8146185db85Sdougm add_optionset(sa_group_t group, struct options *optlist, char *proto, int *err) 8156185db85Sdougm { 8166185db85Sdougm sa_optionset_t optionset; 8176185db85Sdougm int ret = SA_OK; 818da6c28aaSamw int result = B_FALSE; 8196185db85Sdougm 8206185db85Sdougm optionset = sa_get_optionset(group, proto); 8216185db85Sdougm if (optionset == NULL) { 8226185db85Sdougm optionset = sa_create_optionset(group, proto); 823da6c28aaSamw if (optionset == NULL) 824da6c28aaSamw ret = SA_NO_MEMORY; 825da6c28aaSamw result = B_TRUE; /* adding a protocol is a change */ 8266185db85Sdougm } 82725a68471Sdougm if (optionset == NULL) { 82825a68471Sdougm ret = SA_NO_MEMORY; 82925a68471Sdougm goto out; 83025a68471Sdougm } 8316185db85Sdougm while (optlist != NULL) { 8326185db85Sdougm sa_property_t prop; 8336185db85Sdougm prop = sa_get_property(optionset, optlist->optname); 8346185db85Sdougm if (prop == NULL) { 8356185db85Sdougm /* 8366185db85Sdougm * add the property, but only if it is 8376185db85Sdougm * a non-NULL or non-zero length value 8386185db85Sdougm */ 8396185db85Sdougm if (optlist->optvalue != NULL) { 8406185db85Sdougm prop = sa_create_property(optlist->optname, 8416185db85Sdougm optlist->optvalue); 8426185db85Sdougm if (prop != NULL) { 84325a68471Sdougm ret = sa_valid_property(optionset, 84425a68471Sdougm proto, prop); 8456185db85Sdougm if (ret != SA_OK) { 8466185db85Sdougm (void) sa_remove_property(prop); 84725a68471Sdougm (void) printf(gettext("Could " 84825a68471Sdougm "not add property " 8496185db85Sdougm "%s: %s\n"), 8506185db85Sdougm optlist->optname, 8516185db85Sdougm sa_errorstr(ret)); 8526185db85Sdougm } 8536185db85Sdougm } 8546185db85Sdougm if (ret == SA_OK) { 8556185db85Sdougm ret = sa_add_property(optionset, prop); 8566185db85Sdougm if (ret != SA_OK) { 85725a68471Sdougm (void) printf(gettext( 85825a68471Sdougm "Could not add property " 8596185db85Sdougm "%s: %s\n"), 8606185db85Sdougm optlist->optname, 8616185db85Sdougm sa_errorstr(ret)); 8626185db85Sdougm } else { 8636185db85Sdougm /* there was a change */ 864da6c28aaSamw result = B_TRUE; 8656185db85Sdougm } 8666185db85Sdougm } 8676185db85Sdougm } 8686185db85Sdougm } else { 8696185db85Sdougm ret = sa_update_property(prop, optlist->optvalue); 8706185db85Sdougm /* should check to see if value changed */ 8716185db85Sdougm if (ret != SA_OK) { 8726185db85Sdougm (void) printf(gettext("Could not update " 87325a68471Sdougm "property %s: %s\n"), optlist->optname, 8746185db85Sdougm sa_errorstr(ret)); 8756185db85Sdougm } else { 876da6c28aaSamw result = B_TRUE; 8776185db85Sdougm } 8786185db85Sdougm } 8796185db85Sdougm optlist = optlist->next; 8806185db85Sdougm } 8816185db85Sdougm ret = sa_commit_properties(optionset, 0); 88225a68471Sdougm 88325a68471Sdougm out: 8846185db85Sdougm if (err != NULL) 8856185db85Sdougm *err = ret; 8866185db85Sdougm return (result); 8876185db85Sdougm } 8886185db85Sdougm 8896185db85Sdougm /* 890da6c28aaSamw * resource_compliant(group) 891da6c28aaSamw * 892da6c28aaSamw * Go through all the shares in the group. Assume compliant, but if 893da6c28aaSamw * any share doesn't have at least one resource name, it isn't 894da6c28aaSamw * compliant. 895da6c28aaSamw */ 896da6c28aaSamw static int 897da6c28aaSamw resource_compliant(sa_group_t group) 898da6c28aaSamw { 899da6c28aaSamw sa_share_t share; 900da6c28aaSamw 901da6c28aaSamw for (share = sa_get_share(group, NULL); share != NULL; 902da6c28aaSamw share = sa_get_next_share(share)) { 903da6c28aaSamw if (sa_get_share_resource(share, NULL) == NULL) { 904da6c28aaSamw return (B_FALSE); 905da6c28aaSamw } 906da6c28aaSamw } 907da6c28aaSamw return (B_TRUE); 908da6c28aaSamw } 909da6c28aaSamw 910da6c28aaSamw /* 911da6c28aaSamw * fix_path(path) 912da6c28aaSamw * 913da6c28aaSamw * change all illegal characters to something else. For now, all get 914da6c28aaSamw * converted to '_' and the leading '/' is stripped off. This is used 915da6c28aaSamw * to construct an resource name (SMB share name) that is valid. 916da6c28aaSamw * Caller must pass a valid path. 917da6c28aaSamw */ 918da6c28aaSamw static void 919da6c28aaSamw fix_path(char *path) 920da6c28aaSamw { 921da6c28aaSamw char *cp; 922da6c28aaSamw size_t len; 923da6c28aaSamw 924da6c28aaSamw assert(path != NULL); 925da6c28aaSamw 926da6c28aaSamw /* make sure we are appropriate length */ 927da6c28aaSamw cp = path + 1; /* skip leading slash */ 928da6c28aaSamw while (cp != NULL && strlen(cp) > SA_MAX_RESOURCE_NAME) { 929da6c28aaSamw cp = strchr(cp, '/'); 930da6c28aaSamw if (cp != NULL) 931da6c28aaSamw cp++; 932da6c28aaSamw } 933da6c28aaSamw /* two cases - cp == NULL and cp is substring of path */ 934da6c28aaSamw if (cp == NULL) { 935da6c28aaSamw /* just take last SA_MAX_RESOURCE_NAME chars */ 936da6c28aaSamw len = 1 + strlen(path) - SA_MAX_RESOURCE_NAME; 937da6c28aaSamw (void) memmove(path, path + len, SA_MAX_RESOURCE_NAME); 938da6c28aaSamw path[SA_MAX_RESOURCE_NAME] = '\0'; 939da6c28aaSamw } else { 940da6c28aaSamw len = strlen(cp) + 1; 941da6c28aaSamw (void) memmove(path, cp, len); 942da6c28aaSamw } 943da6c28aaSamw 944da6c28aaSamw /* 945da6c28aaSamw * Don't want any of the characters that are not allowed 946da6c28aaSamw * in and SMB share name. Replace them with '_'. 947da6c28aaSamw */ 948da6c28aaSamw while (*path) { 949da6c28aaSamw switch (*path) { 950da6c28aaSamw case '/': 951da6c28aaSamw case '"': 952da6c28aaSamw case '\\': 953da6c28aaSamw case '[': 954da6c28aaSamw case ']': 955da6c28aaSamw case ':': 956da6c28aaSamw case '|': 957da6c28aaSamw case '<': 958da6c28aaSamw case '>': 959da6c28aaSamw case '+': 960da6c28aaSamw case ';': 961da6c28aaSamw case ',': 962da6c28aaSamw case '?': 963da6c28aaSamw case '*': 964da6c28aaSamw case '=': 965da6c28aaSamw case '\t': 966da6c28aaSamw *path = '_'; 967da6c28aaSamw break; 968da6c28aaSamw } 969da6c28aaSamw path++; 970da6c28aaSamw } 971da6c28aaSamw } 972da6c28aaSamw 973da6c28aaSamw /* 974da6c28aaSamw * name_adjust(path, count) 975da6c28aaSamw * 976da6c28aaSamw * Add a ~<count> in place of last few characters. The total number of 977da6c28aaSamw * characters is dependent on count. 978da6c28aaSamw */ 979da6c28aaSamw #define MAX_MANGLE_NUMBER 10000 980da6c28aaSamw 981da6c28aaSamw static int 982da6c28aaSamw name_adjust(char *path, int count) 983da6c28aaSamw { 984da6c28aaSamw size_t len; 985da6c28aaSamw 986da6c28aaSamw len = strlen(path) - 2; 987da6c28aaSamw if (count > 10) 988da6c28aaSamw len--; 989da6c28aaSamw if (count > 100) 990da6c28aaSamw len--; 991da6c28aaSamw if (count > 1000) 992da6c28aaSamw len--; 993da6c28aaSamw if (len > 0) 994da6c28aaSamw (void) sprintf(path + len, "~%d", count); 995da6c28aaSamw else 996da6c28aaSamw return (SA_BAD_VALUE); 997da6c28aaSamw 998da6c28aaSamw return (SA_OK); 999da6c28aaSamw } 1000da6c28aaSamw 1001da6c28aaSamw /* 1002da6c28aaSamw * make_resources(group) 1003da6c28aaSamw * 1004da6c28aaSamw * Go through all the shares in the group and make them have resource 1005da6c28aaSamw * names. 1006da6c28aaSamw */ 1007da6c28aaSamw static void 1008da6c28aaSamw make_resources(sa_group_t group) 1009da6c28aaSamw { 1010da6c28aaSamw sa_share_t share; 1011da6c28aaSamw int count; 1012da6c28aaSamw int err = SA_OK; 1013da6c28aaSamw 1014da6c28aaSamw for (share = sa_get_share(group, NULL); share != NULL; 1015da6c28aaSamw share = sa_get_next_share(share)) { 1016da6c28aaSamw /* Skip those with resources */ 1017da6c28aaSamw if (sa_get_share_resource(share, NULL) == NULL) { 1018da6c28aaSamw char *path; 1019da6c28aaSamw path = sa_get_share_attr(share, "path"); 1020da6c28aaSamw if (path == NULL) 1021da6c28aaSamw continue; 1022da6c28aaSamw fix_path(path); 1023da6c28aaSamw count = 0; /* reset for next resource */ 1024da6c28aaSamw while (sa_add_resource(share, path, 1025da6c28aaSamw SA_SHARE_PERMANENT, &err) == NULL && 1026da6c28aaSamw err == SA_DUPLICATE_NAME) { 1027da6c28aaSamw int ret; 1028da6c28aaSamw ret = name_adjust(path, count); 1029da6c28aaSamw count++; 1030da6c28aaSamw if (ret != SA_OK || 1031da6c28aaSamw count >= MAX_MANGLE_NUMBER) { 1032da6c28aaSamw (void) printf(gettext( 1033da6c28aaSamw "Cannot create resource name for" 1034da6c28aaSamw " path: %s\n"), path); 1035da6c28aaSamw break; 1036da6c28aaSamw } 1037da6c28aaSamw } 1038da6c28aaSamw sa_free_attr_string(path); 1039da6c28aaSamw } 1040da6c28aaSamw } 1041da6c28aaSamw } 1042da6c28aaSamw 1043da6c28aaSamw /* 10446185db85Sdougm * sa_create(flags, argc, argv) 10456185db85Sdougm * create a new group 10466185db85Sdougm * this may or may not have a protocol associated with it. 10476185db85Sdougm * No protocol means "all" protocols in this case. 10486185db85Sdougm */ 10496185db85Sdougm static int 1050549ec3ffSdougm sa_create(sa_handle_t handle, int flags, int argc, char *argv[]) 10516185db85Sdougm { 10526185db85Sdougm char *groupname; 10536185db85Sdougm 10546185db85Sdougm sa_group_t group; 1055da6c28aaSamw int force = 0; 10566185db85Sdougm int verbose = 0; 10576185db85Sdougm int dryrun = 0; 10586185db85Sdougm int c; 10596185db85Sdougm char *protocol = NULL; 10606185db85Sdougm int ret = SA_OK; 10616185db85Sdougm struct options *optlist = NULL; 1062*e7bab347Sdougm int err = SA_OK; 10636185db85Sdougm int auth; 10646185db85Sdougm 1065da6c28aaSamw while ((c = getopt(argc, argv, "?fhvnP:p:")) != EOF) { 10666185db85Sdougm switch (c) { 1067da6c28aaSamw case 'f': 1068da6c28aaSamw force++; 1069da6c28aaSamw break; 10706185db85Sdougm case 'v': 10716185db85Sdougm verbose++; 10726185db85Sdougm break; 10736185db85Sdougm case 'n': 10746185db85Sdougm dryrun++; 10756185db85Sdougm break; 10766185db85Sdougm case 'P': 1077da6c28aaSamw if (protocol != NULL) { 1078da6c28aaSamw (void) printf(gettext("Specifying " 1079da6c28aaSamw "multiple protocols " 1080da6c28aaSamw "not supported: %s\n"), protocol); 1081da6c28aaSamw return (SA_SYNTAX_ERR); 1082da6c28aaSamw } 10836185db85Sdougm protocol = optarg; 108425a68471Sdougm if (sa_valid_protocol(protocol)) 108525a68471Sdougm break; 108625a68471Sdougm (void) printf(gettext( 108725a68471Sdougm "Invalid protocol specified: %s\n"), protocol); 10886185db85Sdougm return (SA_INVALID_PROTOCOL); 10896185db85Sdougm break; 10906185db85Sdougm case 'p': 10916185db85Sdougm ret = add_opt(&optlist, optarg, 0); 10926185db85Sdougm switch (ret) { 10936185db85Sdougm case OPT_ADD_SYNTAX: 109425a68471Sdougm (void) printf(gettext( 109525a68471Sdougm "Property syntax error for property: %s\n"), 10966185db85Sdougm optarg); 10976185db85Sdougm return (SA_SYNTAX_ERR); 10986185db85Sdougm case OPT_ADD_SECURITY: 109925a68471Sdougm (void) printf(gettext( 110025a68471Sdougm "Security properties need " 11016185db85Sdougm "to be set with set-security: %s\n"), 11026185db85Sdougm optarg); 11036185db85Sdougm return (SA_SYNTAX_ERR); 11046185db85Sdougm default: 11056185db85Sdougm break; 11066185db85Sdougm } 11076185db85Sdougm break; 1108*e7bab347Sdougm case 'h': 1109*e7bab347Sdougm /* optopt on valid arg isn't defined */ 1110*e7bab347Sdougm optopt = c; 1111*e7bab347Sdougm /*FALLTHROUGH*/ 1112*e7bab347Sdougm case '?': 11136185db85Sdougm default: 1114*e7bab347Sdougm /* 1115*e7bab347Sdougm * Since a bad option gets to here, sort it 1116*e7bab347Sdougm * out and return a syntax error return value 1117*e7bab347Sdougm * if necessary. 1118*e7bab347Sdougm */ 1119*e7bab347Sdougm switch (optopt) { 1120*e7bab347Sdougm default: 1121*e7bab347Sdougm err = SA_SYNTAX_ERR; 1122*e7bab347Sdougm break; 11236185db85Sdougm case 'h': 11246185db85Sdougm case '?': 1125*e7bab347Sdougm break; 1126*e7bab347Sdougm } 11276185db85Sdougm (void) printf(gettext("usage: %s\n"), 11286185db85Sdougm sa_get_usage(USAGE_CREATE)); 1129*e7bab347Sdougm return (err); 11306185db85Sdougm } 11316185db85Sdougm } 11326185db85Sdougm 11336185db85Sdougm if (optind >= argc) { 113425a68471Sdougm (void) printf(gettext("usage: %s\n"), 113525a68471Sdougm sa_get_usage(USAGE_CREATE)); 11366185db85Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 11376185db85Sdougm return (SA_BAD_PATH); 11386185db85Sdougm } 11396185db85Sdougm 11406185db85Sdougm if ((optind + 1) < argc) { 114125a68471Sdougm (void) printf(gettext("usage: %s\n"), 114225a68471Sdougm sa_get_usage(USAGE_CREATE)); 11436185db85Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 11446185db85Sdougm return (SA_SYNTAX_ERR); 11456185db85Sdougm } 11466185db85Sdougm 11476185db85Sdougm if (protocol == NULL && optlist != NULL) { 11486185db85Sdougm /* lookup default protocol */ 114925a68471Sdougm (void) printf(gettext("usage: %s\n"), 115025a68471Sdougm sa_get_usage(USAGE_CREATE)); 11516185db85Sdougm (void) printf(gettext("\tprotocol must be specified " 11526185db85Sdougm "with properties\n")); 11536185db85Sdougm return (SA_INVALID_PROTOCOL); 11546185db85Sdougm } 11556185db85Sdougm 11566185db85Sdougm if (optlist != NULL) 11576185db85Sdougm ret = chk_opt(optlist, 0, protocol); 11586185db85Sdougm if (ret == OPT_ADD_SECURITY) { 11596185db85Sdougm (void) printf(gettext("Security properties not " 11606185db85Sdougm "supported with create\n")); 11616185db85Sdougm return (SA_SYNTAX_ERR); 11626185db85Sdougm } 11636185db85Sdougm 11646185db85Sdougm /* 116525a68471Sdougm * If a group already exists, we can only add a new protocol 11666185db85Sdougm * to it and not create a new one or add the same protocol 11676185db85Sdougm * again. 11686185db85Sdougm */ 11696185db85Sdougm 11706185db85Sdougm groupname = argv[optind]; 11716185db85Sdougm 11726185db85Sdougm auth = check_authorizations(groupname, flags); 11736185db85Sdougm 1174549ec3ffSdougm group = sa_get_group(handle, groupname); 11756185db85Sdougm if (group != NULL) { 11766185db85Sdougm /* group exists so must be a protocol add */ 11776185db85Sdougm if (protocol != NULL) { 11786185db85Sdougm if (has_protocol(group, protocol)) { 117925a68471Sdougm (void) printf(gettext( 118025a68471Sdougm "Group \"%s\" already exists" 118125a68471Sdougm " with protocol %s\n"), groupname, 118225a68471Sdougm protocol); 11836185db85Sdougm ret = SA_DUPLICATE_NAME; 11841f29d134Sdougm } else if (strcmp(groupname, "default") == 0 && 11851f29d134Sdougm strcmp(protocol, "nfs") != 0) { 11861f29d134Sdougm (void) printf(gettext( 11871f29d134Sdougm "Group \"%s\" only allows protocol " 11881f29d134Sdougm "\"%s\"\n"), groupname, "nfs"); 11891f29d134Sdougm ret = SA_INVALID_PROTOCOL; 11906185db85Sdougm } 11916185db85Sdougm } else { 11926185db85Sdougm /* must add new protocol */ 119325a68471Sdougm (void) printf(gettext( 119425a68471Sdougm "Group already exists and no protocol " 11956185db85Sdougm "specified.\n")); 11966185db85Sdougm ret = SA_DUPLICATE_NAME; 11976185db85Sdougm } 11986185db85Sdougm } else { 11996185db85Sdougm /* 12006185db85Sdougm * is it a valid name? Must comply with SMF instance 12016185db85Sdougm * name restrictions. 12026185db85Sdougm */ 12036185db85Sdougm if (!sa_valid_group_name(groupname)) { 12046185db85Sdougm ret = SA_INVALID_NAME; 120525a68471Sdougm (void) printf(gettext("Invalid group name: %s\n"), 120625a68471Sdougm groupname); 12076185db85Sdougm } 12086185db85Sdougm } 12096185db85Sdougm if (ret == SA_OK) { 12106185db85Sdougm /* check protocol vs optlist */ 12116185db85Sdougm if (optlist != NULL) { 12126185db85Sdougm /* check options, if any, for validity */ 12136185db85Sdougm ret = valid_options(optlist, protocol, group, NULL); 12146185db85Sdougm } 12156185db85Sdougm } 12166185db85Sdougm if (ret == SA_OK && !dryrun) { 12176185db85Sdougm if (group == NULL) { 121825a68471Sdougm group = sa_create_group(handle, (char *)groupname, 121925a68471Sdougm &err); 12206185db85Sdougm } 12216185db85Sdougm if (group != NULL) { 12226185db85Sdougm sa_optionset_t optionset; 1223da6c28aaSamw /* 1224da6c28aaSamw * First check to see if the new protocol is one that 1225da6c28aaSamw * requires resource names and make sure we are 1226da6c28aaSamw * compliant before proceeding. 1227da6c28aaSamw */ 1228da6c28aaSamw if (protocol != NULL) { 1229da6c28aaSamw uint64_t features; 1230da6c28aaSamw 1231da6c28aaSamw features = sa_proto_get_featureset(protocol); 1232da6c28aaSamw if ((features & SA_FEATURE_RESOURCE) && 1233da6c28aaSamw !resource_compliant(group)) { 1234da6c28aaSamw if (force) { 1235da6c28aaSamw make_resources(group); 1236da6c28aaSamw } else { 1237da6c28aaSamw ret = SA_RESOURCE_REQUIRED; 1238da6c28aaSamw (void) printf( 1239da6c28aaSamw gettext("Protocol " 1240da6c28aaSamw "requires resource " 1241da6c28aaSamw "names to be " 1242da6c28aaSamw "set: %s\n"), 1243da6c28aaSamw protocol); 1244da6c28aaSamw goto err; 1245da6c28aaSamw } 1246da6c28aaSamw } 1247da6c28aaSamw } 12486185db85Sdougm if (optlist != NULL) { 124925a68471Sdougm (void) add_optionset(group, optlist, protocol, 125025a68471Sdougm &ret); 12516185db85Sdougm } else if (protocol != NULL) { 125225a68471Sdougm optionset = sa_create_optionset(group, 125325a68471Sdougm protocol); 12546185db85Sdougm if (optionset == NULL) 12556185db85Sdougm ret = SA_NO_MEMORY; 12566185db85Sdougm } else if (protocol == NULL) { 12576185db85Sdougm char **protolist; 12586185db85Sdougm int numprotos, i; 12596185db85Sdougm numprotos = sa_get_protocols(&protolist); 12606185db85Sdougm for (i = 0; i < numprotos; i++) { 126125a68471Sdougm optionset = sa_create_optionset(group, 126225a68471Sdougm protolist[i]); 12636185db85Sdougm } 12646185db85Sdougm if (protolist != NULL) 12656185db85Sdougm free(protolist); 12666185db85Sdougm } 12676185db85Sdougm /* 126825a68471Sdougm * We have a group and legal additions 12696185db85Sdougm */ 12706185db85Sdougm if (ret == SA_OK) { 12716185db85Sdougm /* 127225a68471Sdougm * Commit to configuration for protocols that 12736185db85Sdougm * need to do block updates. For NFS, this 12746185db85Sdougm * doesn't do anything but it will be run for 12756185db85Sdougm * all protocols that implement the 12766185db85Sdougm * appropriate plugin. 12776185db85Sdougm */ 1278549ec3ffSdougm ret = sa_update_config(handle); 12796185db85Sdougm } else { 12806185db85Sdougm if (group != NULL) 12816185db85Sdougm (void) sa_remove_group(group); 12826185db85Sdougm } 12836185db85Sdougm } else { 12846185db85Sdougm ret = err; 12856185db85Sdougm (void) printf(gettext("Could not create group: %s\n"), 12866185db85Sdougm sa_errorstr(ret)); 12876185db85Sdougm } 12886185db85Sdougm } 12896185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 12906185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 12916185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 12926185db85Sdougm ret = SA_NO_PERMISSION; 12936185db85Sdougm } 1294da6c28aaSamw err: 12956185db85Sdougm free_opt(optlist); 12966185db85Sdougm return (ret); 12976185db85Sdougm } 12986185db85Sdougm 12996185db85Sdougm /* 13006185db85Sdougm * group_status(group) 13016185db85Sdougm * 13026185db85Sdougm * return the current status (enabled/disabled) of the group. 13036185db85Sdougm */ 13046185db85Sdougm 13056185db85Sdougm static char * 13066185db85Sdougm group_status(sa_group_t group) 13076185db85Sdougm { 13086185db85Sdougm char *state; 13096185db85Sdougm int enabled = 0; 13106185db85Sdougm 13116185db85Sdougm state = sa_get_group_attr(group, "state"); 13126185db85Sdougm if (state != NULL) { 13136185db85Sdougm if (strcmp(state, "enabled") == 0) { 13146185db85Sdougm enabled = 1; 13156185db85Sdougm } 13166185db85Sdougm sa_free_attr_string(state); 13176185db85Sdougm } 13184db300d5Sdougm return (enabled ? "enabled" : "disabled"); 13196185db85Sdougm } 13206185db85Sdougm 13216185db85Sdougm /* 13226185db85Sdougm * sa_delete(flags, argc, argv) 13236185db85Sdougm * 13246185db85Sdougm * Delete a group. 13256185db85Sdougm */ 13266185db85Sdougm 13276185db85Sdougm static int 1328549ec3ffSdougm sa_delete(sa_handle_t handle, int flags, int argc, char *argv[]) 13296185db85Sdougm { 13306185db85Sdougm char *groupname; 13316185db85Sdougm sa_group_t group; 13326185db85Sdougm sa_share_t share; 13336185db85Sdougm int verbose = 0; 13346185db85Sdougm int dryrun = 0; 13356185db85Sdougm int force = 0; 13366185db85Sdougm int c; 13376185db85Sdougm char *protocol = NULL; 13386185db85Sdougm char *sectype = NULL; 13396185db85Sdougm int ret = SA_OK; 13406185db85Sdougm int auth; 13416185db85Sdougm 13426185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:fS:")) != EOF) { 13436185db85Sdougm switch (c) { 13446185db85Sdougm case 'v': 13456185db85Sdougm verbose++; 13466185db85Sdougm break; 13476185db85Sdougm case 'n': 13486185db85Sdougm dryrun++; 13496185db85Sdougm break; 13506185db85Sdougm case 'P': 1351da6c28aaSamw if (protocol != NULL) { 1352da6c28aaSamw (void) printf(gettext("Specifying " 1353da6c28aaSamw "multiple protocols " 1354da6c28aaSamw "not supported: %s\n"), protocol); 1355da6c28aaSamw return (SA_SYNTAX_ERR); 1356da6c28aaSamw } 13576185db85Sdougm protocol = optarg; 13586185db85Sdougm if (!sa_valid_protocol(protocol)) { 135925a68471Sdougm (void) printf(gettext("Invalid protocol " 136025a68471Sdougm "specified: %s\n"), protocol); 13616185db85Sdougm return (SA_INVALID_PROTOCOL); 13626185db85Sdougm } 13636185db85Sdougm break; 13646185db85Sdougm case 'S': 1365da6c28aaSamw if (sectype != NULL) { 1366da6c28aaSamw (void) printf(gettext("Specifying " 1367da6c28aaSamw "multiple property " 1368da6c28aaSamw "spaces not supported: %s\n"), sectype); 1369da6c28aaSamw return (SA_SYNTAX_ERR); 1370da6c28aaSamw } 13716185db85Sdougm sectype = optarg; 13726185db85Sdougm break; 13736185db85Sdougm case 'f': 13746185db85Sdougm force++; 13756185db85Sdougm break; 1376*e7bab347Sdougm case 'h': 1377*e7bab347Sdougm /* optopt on valid arg isn't defined */ 1378*e7bab347Sdougm optopt = c; 1379*e7bab347Sdougm /*FALLTHROUGH*/ 1380*e7bab347Sdougm case '?': 13816185db85Sdougm default: 1382*e7bab347Sdougm /* 1383*e7bab347Sdougm * Since a bad option gets to here, sort it 1384*e7bab347Sdougm * out and return a syntax error return value 1385*e7bab347Sdougm * if necessary. 1386*e7bab347Sdougm */ 1387*e7bab347Sdougm switch (optopt) { 1388*e7bab347Sdougm default: 1389*e7bab347Sdougm ret = SA_SYNTAX_ERR; 1390*e7bab347Sdougm break; 13916185db85Sdougm case 'h': 13926185db85Sdougm case '?': 1393*e7bab347Sdougm break; 1394*e7bab347Sdougm } 13956185db85Sdougm (void) printf(gettext("usage: %s\n"), 13966185db85Sdougm sa_get_usage(USAGE_DELETE)); 1397*e7bab347Sdougm return (ret); 13986185db85Sdougm } 13996185db85Sdougm } 14006185db85Sdougm 14016185db85Sdougm if (optind >= argc) { 140225a68471Sdougm (void) printf(gettext("usage: %s\n"), 140325a68471Sdougm sa_get_usage(USAGE_DELETE)); 14046185db85Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 14056185db85Sdougm return (SA_SYNTAX_ERR); 14066185db85Sdougm } 14076185db85Sdougm 14086185db85Sdougm if ((optind + 1) < argc) { 140925a68471Sdougm (void) printf(gettext("usage: %s\n"), 141025a68471Sdougm sa_get_usage(USAGE_DELETE)); 14116185db85Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 14126185db85Sdougm return (SA_SYNTAX_ERR); 14136185db85Sdougm } 14146185db85Sdougm 14156185db85Sdougm if (sectype != NULL && protocol == NULL) { 141625a68471Sdougm (void) printf(gettext("usage: %s\n"), 141725a68471Sdougm sa_get_usage(USAGE_DELETE)); 14186185db85Sdougm (void) printf(gettext("\tsecurity requires protocol to be " 14196185db85Sdougm "specified.\n")); 14206185db85Sdougm return (SA_SYNTAX_ERR); 14216185db85Sdougm } 14226185db85Sdougm 14236185db85Sdougm /* 14246185db85Sdougm * Determine if the group already exists since it must in 14256185db85Sdougm * order to be removed. 14266185db85Sdougm * 14276185db85Sdougm * We can delete when: 14286185db85Sdougm * 14296185db85Sdougm * - group is empty 14306185db85Sdougm * - force flag is set 14316185db85Sdougm * - if protocol specified, only delete the protocol 14326185db85Sdougm */ 14336185db85Sdougm 14346185db85Sdougm groupname = argv[optind]; 1435549ec3ffSdougm group = sa_get_group(handle, groupname); 14366185db85Sdougm if (group == NULL) { 14376185db85Sdougm ret = SA_NO_SUCH_GROUP; 143825a68471Sdougm goto done; 143925a68471Sdougm } 14406185db85Sdougm auth = check_authorizations(groupname, flags); 14416185db85Sdougm if (protocol == NULL) { 14426185db85Sdougm share = sa_get_share(group, NULL); 14436185db85Sdougm if (share != NULL) 14446185db85Sdougm ret = SA_BUSY; 14456185db85Sdougm if (share == NULL || (share != NULL && force == 1)) { 14466185db85Sdougm ret = SA_OK; 14476185db85Sdougm if (!dryrun) { 14486185db85Sdougm while (share != NULL) { 14496185db85Sdougm sa_share_t next_share; 14506185db85Sdougm next_share = sa_get_next_share(share); 14516185db85Sdougm /* 145225a68471Sdougm * need to do the disable of 145325a68471Sdougm * each share, but don't 145425a68471Sdougm * actually do anything on a 145525a68471Sdougm * dryrun. 14566185db85Sdougm */ 14576185db85Sdougm ret = sa_disable_share(share, NULL); 14586185db85Sdougm ret = sa_remove_share(share); 14596185db85Sdougm share = next_share; 14606185db85Sdougm } 14616185db85Sdougm ret = sa_remove_group(group); 14626185db85Sdougm } 14636185db85Sdougm } 146425a68471Sdougm /* Commit to configuration if not a dryrun */ 14656185db85Sdougm if (!dryrun && ret == SA_OK) { 1466549ec3ffSdougm ret = sa_update_config(handle); 14676185db85Sdougm } 14686185db85Sdougm } else { 14696185db85Sdougm /* a protocol delete */ 14706185db85Sdougm sa_optionset_t optionset; 14716185db85Sdougm sa_security_t security; 14726185db85Sdougm if (sectype != NULL) { 14736185db85Sdougm /* only delete specified security */ 14746185db85Sdougm security = sa_get_security(group, sectype, protocol); 147525a68471Sdougm if (security != NULL && !dryrun) 14766185db85Sdougm ret = sa_destroy_security(security); 147725a68471Sdougm else 14786185db85Sdougm ret = SA_INVALID_PROTOCOL; 14796185db85Sdougm } else { 14806185db85Sdougm optionset = sa_get_optionset(group, protocol); 14816185db85Sdougm if (optionset != NULL && !dryrun) { 148225a68471Sdougm /* 148325a68471Sdougm * have an optionset with 148425a68471Sdougm * protocol to delete 148525a68471Sdougm */ 14866185db85Sdougm ret = sa_destroy_optionset(optionset); 14876185db85Sdougm /* 148825a68471Sdougm * Now find all security sets 148925a68471Sdougm * for the protocol and remove 149025a68471Sdougm * them. Don't remove other 14916185db85Sdougm * protocols. 14926185db85Sdougm */ 149325a68471Sdougm for (security = 149425a68471Sdougm sa_get_security(group, NULL, NULL); 14956185db85Sdougm ret == SA_OK && security != NULL; 14966185db85Sdougm security = sa_get_next_security(security)) { 14976185db85Sdougm char *secprot; 149825a68471Sdougm secprot = sa_get_security_attr(security, 149925a68471Sdougm "type"); 15006185db85Sdougm if (secprot != NULL && 15016185db85Sdougm strcmp(secprot, protocol) == 0) 150225a68471Sdougm ret = sa_destroy_security( 150325a68471Sdougm security); 15046185db85Sdougm if (secprot != NULL) 15056185db85Sdougm sa_free_attr_string(secprot); 15066185db85Sdougm } 15076185db85Sdougm } else { 15086185db85Sdougm if (!dryrun) 15096185db85Sdougm ret = SA_INVALID_PROTOCOL; 15106185db85Sdougm } 15116185db85Sdougm } 1512da6c28aaSamw /* 1513da6c28aaSamw * With the protocol items removed, make sure that all 1514da6c28aaSamw * the shares are updated in the legacy files, if 1515da6c28aaSamw * necessary. 1516da6c28aaSamw */ 1517da6c28aaSamw for (share = sa_get_share(group, NULL); 1518da6c28aaSamw share != NULL; 1519da6c28aaSamw share = sa_get_next_share(share)) { 1520da6c28aaSamw (void) sa_delete_legacy(share, protocol); 1521da6c28aaSamw } 15226185db85Sdougm } 152325a68471Sdougm 152425a68471Sdougm done: 15256185db85Sdougm if (ret != SA_OK) { 15266185db85Sdougm (void) printf(gettext("Could not delete group: %s\n"), 15276185db85Sdougm sa_errorstr(ret)); 15286185db85Sdougm } else if (dryrun && !auth && verbose) { 15296185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 15306185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 15316185db85Sdougm } 15326185db85Sdougm return (ret); 15336185db85Sdougm } 15346185db85Sdougm 15356185db85Sdougm /* 15366185db85Sdougm * strndupr(*buff, str, buffsize) 15376185db85Sdougm * 15386185db85Sdougm * used with small strings to duplicate and possibly increase the 15396185db85Sdougm * buffer size of a string. 15406185db85Sdougm */ 15416185db85Sdougm static char * 15426185db85Sdougm strndupr(char *buff, char *str, int *buffsize) 15436185db85Sdougm { 15446185db85Sdougm int limit; 15456185db85Sdougm char *orig_buff = buff; 15466185db85Sdougm 15476185db85Sdougm if (buff == NULL) { 15486185db85Sdougm buff = (char *)malloc(64); 15496185db85Sdougm if (buff == NULL) 15506185db85Sdougm return (NULL); 15516185db85Sdougm *buffsize = 64; 15526185db85Sdougm buff[0] = '\0'; 15536185db85Sdougm } 15546185db85Sdougm limit = strlen(buff) + strlen(str) + 1; 15556185db85Sdougm if (limit > *buffsize) { 15566185db85Sdougm limit = *buffsize = *buffsize + ((limit / 64) + 64); 15576185db85Sdougm buff = realloc(buff, limit); 15586185db85Sdougm } 15596185db85Sdougm if (buff != NULL) { 15606185db85Sdougm (void) strcat(buff, str); 15616185db85Sdougm } else { 15626185db85Sdougm /* if it fails, fail it hard */ 15636185db85Sdougm if (orig_buff != NULL) 15646185db85Sdougm free(orig_buff); 15656185db85Sdougm } 15666185db85Sdougm return (buff); 15676185db85Sdougm } 15686185db85Sdougm 15696185db85Sdougm /* 15706185db85Sdougm * group_proto(group) 15716185db85Sdougm * 15726185db85Sdougm * return a string of all the protocols (space separated) associated 15736185db85Sdougm * with this group. 15746185db85Sdougm */ 15756185db85Sdougm 15766185db85Sdougm static char * 15776185db85Sdougm group_proto(sa_group_t group) 15786185db85Sdougm { 15796185db85Sdougm sa_optionset_t optionset; 15806185db85Sdougm char *proto; 15816185db85Sdougm char *buff = NULL; 15826185db85Sdougm int buffsize = 0; 15836185db85Sdougm int addspace = 0; 15846185db85Sdougm /* 15856185db85Sdougm * get the protocol list by finding the optionsets on this 15866185db85Sdougm * group and extracting the type value. The initial call to 15876185db85Sdougm * strndupr() initailizes buff. 15886185db85Sdougm */ 15896185db85Sdougm buff = strndupr(buff, "", &buffsize); 15906185db85Sdougm if (buff != NULL) { 15916185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 15926185db85Sdougm optionset != NULL && buff != NULL; 15936185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 15946185db85Sdougm /* 15956185db85Sdougm * extract out the protocol type from this optionset 15966185db85Sdougm * and append it to the buffer "buff". strndupr() will 15976185db85Sdougm * reallocate space as necessay. 15986185db85Sdougm */ 15996185db85Sdougm proto = sa_get_optionset_attr(optionset, "type"); 16006185db85Sdougm if (proto != NULL) { 16016185db85Sdougm if (addspace++) 16026185db85Sdougm buff = strndupr(buff, " ", &buffsize); 16036185db85Sdougm buff = strndupr(buff, proto, &buffsize); 16046185db85Sdougm sa_free_attr_string(proto); 16056185db85Sdougm } 16066185db85Sdougm } 16076185db85Sdougm } 16086185db85Sdougm return (buff); 16096185db85Sdougm } 16106185db85Sdougm 16116185db85Sdougm /* 16126185db85Sdougm * sa_list(flags, argc, argv) 16136185db85Sdougm * 16146185db85Sdougm * implements the "list" subcommand to list groups and optionally 16156185db85Sdougm * their state and protocols. 16166185db85Sdougm */ 16176185db85Sdougm 16186185db85Sdougm static int 1619549ec3ffSdougm sa_list(sa_handle_t handle, int flags, int argc, char *argv[]) 16206185db85Sdougm { 16216185db85Sdougm sa_group_t group; 16226185db85Sdougm int verbose = 0; 16236185db85Sdougm int c; 16246185db85Sdougm char *protocol = NULL; 1625*e7bab347Sdougm int ret = SA_OK; 1626da6c28aaSamw #ifdef lint 1627da6c28aaSamw flags = flags; 1628da6c28aaSamw #endif 16296185db85Sdougm 16306185db85Sdougm while ((c = getopt(argc, argv, "?hvP:")) != EOF) { 16316185db85Sdougm switch (c) { 16326185db85Sdougm case 'v': 16336185db85Sdougm verbose++; 16346185db85Sdougm break; 16356185db85Sdougm case 'P': 1636da6c28aaSamw if (protocol != NULL) { 1637da6c28aaSamw (void) printf(gettext( 1638da6c28aaSamw "Specifying multiple protocols " 1639da6c28aaSamw "not supported: %s\n"), 1640da6c28aaSamw protocol); 1641da6c28aaSamw return (SA_SYNTAX_ERR); 1642da6c28aaSamw } 16436185db85Sdougm protocol = optarg; 16446185db85Sdougm if (!sa_valid_protocol(protocol)) { 164525a68471Sdougm (void) printf(gettext( 164625a68471Sdougm "Invalid protocol specified: %s\n"), 16476185db85Sdougm protocol); 16486185db85Sdougm return (SA_INVALID_PROTOCOL); 16496185db85Sdougm } 16506185db85Sdougm break; 1651*e7bab347Sdougm case 'h': 1652*e7bab347Sdougm /* optopt on valid arg isn't defined */ 1653*e7bab347Sdougm optopt = c; 1654*e7bab347Sdougm /*FALLTHROUGH*/ 1655*e7bab347Sdougm case '?': 16566185db85Sdougm default: 1657*e7bab347Sdougm /* 1658*e7bab347Sdougm * Since a bad option gets to here, sort it 1659*e7bab347Sdougm * out and return a syntax error return value 1660*e7bab347Sdougm * if necessary. 1661*e7bab347Sdougm */ 1662*e7bab347Sdougm switch (optopt) { 1663*e7bab347Sdougm default: 1664*e7bab347Sdougm ret = SA_SYNTAX_ERR; 1665*e7bab347Sdougm break; 16666185db85Sdougm case 'h': 16676185db85Sdougm case '?': 1668*e7bab347Sdougm break; 1669*e7bab347Sdougm } 167025a68471Sdougm (void) printf(gettext("usage: %s\n"), 167125a68471Sdougm sa_get_usage(USAGE_LIST)); 1672*e7bab347Sdougm return (ret); 16736185db85Sdougm } 16746185db85Sdougm } 16756185db85Sdougm 1676573b0c00Sdougm if (optind != argc) { 1677573b0c00Sdougm (void) printf(gettext("usage: %s\n"), 1678573b0c00Sdougm sa_get_usage(USAGE_LIST)); 1679573b0c00Sdougm return (SA_SYNTAX_ERR); 1680573b0c00Sdougm } 1681573b0c00Sdougm 168225a68471Sdougm for (group = sa_get_group(handle, NULL); 168325a68471Sdougm group != NULL; 16846185db85Sdougm group = sa_get_next_group(group)) { 16856185db85Sdougm char *name; 16866185db85Sdougm char *proto; 16876185db85Sdougm if (protocol == NULL || has_protocol(group, protocol)) { 16886185db85Sdougm name = sa_get_group_attr(group, "name"); 16896185db85Sdougm if (name != NULL && (verbose > 1 || name[0] != '#')) { 16906185db85Sdougm (void) printf("%s", (char *)name); 16916185db85Sdougm if (verbose) { 16926185db85Sdougm /* 169325a68471Sdougm * Need the list of protocols 169425a68471Sdougm * and current status once 169525a68471Sdougm * available. We do want to 169625a68471Sdougm * translate the 169725a68471Sdougm * enabled/disabled text here. 16986185db85Sdougm */ 16994db300d5Sdougm (void) printf("\t%s", isenabled(group) ? 17004db300d5Sdougm gettext("enabled") : 17014db300d5Sdougm gettext("disabled")); 17026185db85Sdougm proto = group_proto(group); 17036185db85Sdougm if (proto != NULL) { 170425a68471Sdougm (void) printf("\t%s", 170525a68471Sdougm (char *)proto); 17066185db85Sdougm free(proto); 17076185db85Sdougm } 17086185db85Sdougm } 17096185db85Sdougm (void) printf("\n"); 17106185db85Sdougm } 17116185db85Sdougm if (name != NULL) 17126185db85Sdougm sa_free_attr_string(name); 17136185db85Sdougm } 17146185db85Sdougm } 17156185db85Sdougm return (0); 17166185db85Sdougm } 17176185db85Sdougm 17186185db85Sdougm /* 17196185db85Sdougm * out_properties(optionset, proto, sec) 17206185db85Sdougm * 17216185db85Sdougm * Format the properties and encode the protocol and optional named 17226185db85Sdougm * optionset into the string. 17236185db85Sdougm * 17246185db85Sdougm * format is protocol[:name]=(property-list) 17256185db85Sdougm */ 17266185db85Sdougm 17276185db85Sdougm static void 17286185db85Sdougm out_properties(sa_optionset_t optionset, char *proto, char *sec) 17296185db85Sdougm { 17306185db85Sdougm char *type; 17316185db85Sdougm char *value; 17326185db85Sdougm int spacer; 17336185db85Sdougm sa_property_t prop; 17346185db85Sdougm 173525a68471Sdougm if (sec == NULL) 17366185db85Sdougm (void) printf(" %s=(", proto ? proto : gettext("all")); 173725a68471Sdougm else 17386185db85Sdougm (void) printf(" %s:%s=(", proto ? proto : gettext("all"), sec); 17396185db85Sdougm 17406185db85Sdougm for (spacer = 0, prop = sa_get_property(optionset, NULL); 174125a68471Sdougm prop != NULL; 174225a68471Sdougm prop = sa_get_next_property(prop)) { 17436185db85Sdougm 17446185db85Sdougm /* 17456185db85Sdougm * extract the property name/value and output with 17466185db85Sdougm * appropriate spacing. I.e. no prefixed space the 17476185db85Sdougm * first time through but a space on subsequent 17486185db85Sdougm * properties. 17496185db85Sdougm */ 17506185db85Sdougm type = sa_get_property_attr(prop, "type"); 17516185db85Sdougm value = sa_get_property_attr(prop, "value"); 17526185db85Sdougm if (type != NULL) { 17536185db85Sdougm (void) printf("%s%s=", spacer ? " " : "", type); 17546185db85Sdougm spacer = 1; 17556185db85Sdougm if (value != NULL) 17566185db85Sdougm (void) printf("\"%s\"", value); 17576185db85Sdougm else 17586185db85Sdougm (void) printf("\"\""); 17596185db85Sdougm } 17606185db85Sdougm if (type != NULL) 17616185db85Sdougm sa_free_attr_string(type); 17626185db85Sdougm if (value != NULL) 17636185db85Sdougm sa_free_attr_string(value); 17646185db85Sdougm } 17656185db85Sdougm (void) printf(")"); 17666185db85Sdougm } 17676185db85Sdougm 17686185db85Sdougm /* 17696185db85Sdougm * show_properties(group, protocol, prefix) 17706185db85Sdougm * 17716185db85Sdougm * print the properties for a group. If protocol is NULL, do all 17726185db85Sdougm * protocols otherwise only the specified protocol. All security 17736185db85Sdougm * (named groups specific to the protocol) are included. 17746185db85Sdougm * 17756185db85Sdougm * The "prefix" is always applied. The caller knows whether it wants 17766185db85Sdougm * some type of prefix string (white space) or not. Once the prefix 17776185db85Sdougm * has been output, it is reduced to the zero length string for the 17786185db85Sdougm * remainder of the property output. 17796185db85Sdougm */ 17806185db85Sdougm 17816185db85Sdougm static void 17826185db85Sdougm show_properties(sa_group_t group, char *protocol, char *prefix) 17836185db85Sdougm { 17846185db85Sdougm sa_optionset_t optionset; 17856185db85Sdougm sa_security_t security; 17866185db85Sdougm char *value; 17876185db85Sdougm char *secvalue; 17886185db85Sdougm 17896185db85Sdougm if (protocol != NULL) { 17906185db85Sdougm optionset = sa_get_optionset(group, protocol); 17916185db85Sdougm if (optionset != NULL) { 17926185db85Sdougm (void) printf("%s", prefix); 17936185db85Sdougm prefix = ""; 17946185db85Sdougm out_properties(optionset, protocol, NULL); 17956185db85Sdougm } 17966185db85Sdougm security = sa_get_security(group, protocol, NULL); 17976185db85Sdougm if (security != NULL) { 17986185db85Sdougm (void) printf("%s", prefix); 17996185db85Sdougm prefix = ""; 18006185db85Sdougm out_properties(security, protocol, NULL); 18016185db85Sdougm } 18026185db85Sdougm } else { 18036185db85Sdougm for (optionset = sa_get_optionset(group, protocol); 18046185db85Sdougm optionset != NULL; 18056185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 18066185db85Sdougm 18076185db85Sdougm value = sa_get_optionset_attr(optionset, "type"); 18086185db85Sdougm (void) printf("%s", prefix); 18096185db85Sdougm prefix = ""; 18106185db85Sdougm out_properties(optionset, value, 0); 18116185db85Sdougm if (value != NULL) 18126185db85Sdougm sa_free_attr_string(value); 18136185db85Sdougm } 18146185db85Sdougm for (security = sa_get_security(group, NULL, protocol); 18156185db85Sdougm security != NULL; 18166185db85Sdougm security = sa_get_next_security(security)) { 18176185db85Sdougm 18186185db85Sdougm value = sa_get_security_attr(security, "type"); 18196185db85Sdougm secvalue = sa_get_security_attr(security, "sectype"); 18206185db85Sdougm (void) printf("%s", prefix); 18216185db85Sdougm prefix = ""; 18226185db85Sdougm out_properties(security, value, secvalue); 18236185db85Sdougm if (value != NULL) 18246185db85Sdougm sa_free_attr_string(value); 18256185db85Sdougm if (secvalue != NULL) 18266185db85Sdougm sa_free_attr_string(secvalue); 18276185db85Sdougm } 18286185db85Sdougm } 18296185db85Sdougm } 18306185db85Sdougm 18316185db85Sdougm /* 1832da6c28aaSamw * get_resource(share) 1833da6c28aaSamw * 1834da6c28aaSamw * Get the first resource name, if any, and fix string to be in 1835da6c28aaSamw * current locale and have quotes if it has embedded spaces. Return 1836da6c28aaSamw * an attr string that must be freed. 1837da6c28aaSamw */ 1838da6c28aaSamw 1839da6c28aaSamw static char * 1840da6c28aaSamw get_resource(sa_share_t share) 1841da6c28aaSamw { 1842da6c28aaSamw sa_resource_t resource; 1843da6c28aaSamw char *resstring = NULL; 1844da6c28aaSamw char *retstring; 1845da6c28aaSamw 1846da6c28aaSamw if ((resource = sa_get_share_resource(share, NULL)) != NULL) { 1847da6c28aaSamw resstring = sa_get_resource_attr(resource, "name"); 1848da6c28aaSamw if (resstring != NULL) { 1849da6c28aaSamw char *cp; 1850da6c28aaSamw int len; 1851da6c28aaSamw 1852da6c28aaSamw retstring = conv_from_utf8(resstring); 1853da6c28aaSamw if (retstring != resstring) { 1854da6c28aaSamw sa_free_attr_string(resstring); 1855da6c28aaSamw resstring = retstring; 1856da6c28aaSamw } 1857da6c28aaSamw if (strpbrk(resstring, " ") != NULL) { 1858da6c28aaSamw /* account for quotes */ 1859da6c28aaSamw len = strlen(resstring) + 3; 1860da6c28aaSamw cp = calloc(len, sizeof (char)); 1861da6c28aaSamw if (cp != NULL) { 1862da6c28aaSamw (void) snprintf(cp, len, 1863da6c28aaSamw "\"%s\"", resstring); 1864da6c28aaSamw sa_free_attr_string(resstring); 1865da6c28aaSamw resstring = cp; 1866da6c28aaSamw } else { 1867da6c28aaSamw sa_free_attr_string(resstring); 1868da6c28aaSamw resstring = NULL; 1869da6c28aaSamw } 1870da6c28aaSamw } 1871da6c28aaSamw } 1872da6c28aaSamw } 1873da6c28aaSamw return (resstring); 1874da6c28aaSamw } 1875da6c28aaSamw 1876da6c28aaSamw /* 1877da6c28aaSamw * has_resource_with_opt(share) 1878da6c28aaSamw * 1879da6c28aaSamw * Check to see if the share has any resource names with optionsets 1880da6c28aaSamw * set. Also indicate if multiple resource names since the syntax 1881da6c28aaSamw * would be about the same. 1882da6c28aaSamw */ 1883da6c28aaSamw static int 1884da6c28aaSamw has_resource_with_opt(sa_share_t share) 1885da6c28aaSamw { 1886da6c28aaSamw sa_resource_t resource; 1887da6c28aaSamw int ret = B_FALSE; 1888da6c28aaSamw 1889da6c28aaSamw for (resource = sa_get_share_resource(share, NULL); 1890da6c28aaSamw resource != NULL; 1891da6c28aaSamw resource = sa_get_next_resource(resource)) { 1892da6c28aaSamw 1893da6c28aaSamw if (sa_get_optionset(resource, NULL) != NULL) { 1894da6c28aaSamw ret = B_TRUE; 1895da6c28aaSamw break; 1896da6c28aaSamw } 1897da6c28aaSamw } 1898da6c28aaSamw return (ret); 1899da6c28aaSamw } 1900da6c28aaSamw 1901da6c28aaSamw /* 1902da6c28aaSamw * has_multiple_resource(share) 1903da6c28aaSamw * 1904573b0c00Sdougm * Check to see if the share has multiple resource names since 1905573b0c00Sdougm * the syntax would be about the same. 1906da6c28aaSamw */ 1907573b0c00Sdougm static boolean_t 1908da6c28aaSamw has_multiple_resource(sa_share_t share) 1909da6c28aaSamw { 1910da6c28aaSamw sa_resource_t resource; 1911da6c28aaSamw int num; 1912da6c28aaSamw 1913da6c28aaSamw for (num = 0, resource = sa_get_share_resource(share, NULL); 1914da6c28aaSamw resource != NULL; 1915da6c28aaSamw resource = sa_get_next_resource(resource)) { 1916da6c28aaSamw num++; 1917da6c28aaSamw if (num > 1) 1918da6c28aaSamw return (B_TRUE); 1919da6c28aaSamw } 1920da6c28aaSamw return (B_FALSE); 1921da6c28aaSamw } 1922da6c28aaSamw 1923da6c28aaSamw /* 1924da6c28aaSamw * show_share(share, verbose, properties, proto, iszfs, sharepath) 1925da6c28aaSamw * 1926da6c28aaSamw * print out the share information. With the addition of resource as a 1927da6c28aaSamw * full object that can have multiple instances below the share, we 1928da6c28aaSamw * need to display that as well. 1929da6c28aaSamw */ 1930da6c28aaSamw 1931da6c28aaSamw static void 1932da6c28aaSamw show_share(sa_share_t share, int verbose, int properties, char *proto, 1933da6c28aaSamw int iszfs, char *sharepath) 1934da6c28aaSamw { 1935da6c28aaSamw char *drive; 1936da6c28aaSamw char *exclude; 1937da6c28aaSamw sa_resource_t resource = NULL; 1938da6c28aaSamw char *description; 1939da6c28aaSamw char *rsrcname; 1940da6c28aaSamw int rsrcwithopt; 1941573b0c00Sdougm boolean_t multiple; 1942da6c28aaSamw char *type; 1943da6c28aaSamw 1944da6c28aaSamw rsrcwithopt = has_resource_with_opt(share); 1945da6c28aaSamw 1946da6c28aaSamw if (verbose || (properties && rsrcwithopt)) { 1947da6c28aaSamw /* First, indicate if transient */ 1948da6c28aaSamw type = sa_get_share_attr(share, "type"); 1949da6c28aaSamw if (type != NULL && !iszfs && verbose && 1950da6c28aaSamw strcmp(type, "transient") == 0) 1951da6c28aaSamw (void) printf("\t* "); 1952da6c28aaSamw else 1953da6c28aaSamw (void) printf("\t "); 1954da6c28aaSamw 1955da6c28aaSamw if (type != NULL) 1956da6c28aaSamw sa_free_attr_string(type); 1957da6c28aaSamw 1958da6c28aaSamw /* 1959da6c28aaSamw * If we came in with verbose, we want to handle the case of 1960da6c28aaSamw * multiple resources as though they had properties set. 1961da6c28aaSamw */ 1962da6c28aaSamw multiple = has_multiple_resource(share); 1963da6c28aaSamw 1964573b0c00Sdougm /* 1965573b0c00Sdougm * if there is a description on the share and there 1966573b0c00Sdougm * are resources, treat as multiple resources in order 1967573b0c00Sdougm * to get all descriptions displayed. 1968573b0c00Sdougm */ 1969573b0c00Sdougm description = sa_get_share_description(share); 1970573b0c00Sdougm resource = sa_get_share_resource(share, NULL); 1971573b0c00Sdougm 1972573b0c00Sdougm if (description != NULL && resource != NULL) 1973573b0c00Sdougm multiple = B_TRUE; 1974573b0c00Sdougm 1975da6c28aaSamw /* Next, if not multiple follow old model */ 1976da6c28aaSamw if (!multiple && !rsrcwithopt) { 1977da6c28aaSamw rsrcname = get_resource(share); 1978da6c28aaSamw if (rsrcname != NULL && strlen(rsrcname) > 0) { 1979da6c28aaSamw (void) printf("%s=%s", rsrcname, sharepath); 1980da6c28aaSamw } else { 1981da6c28aaSamw (void) printf("%s", sharepath); 1982da6c28aaSamw } 1983da6c28aaSamw if (rsrcname != NULL) 1984da6c28aaSamw sa_free_attr_string(rsrcname); 1985573b0c00Sdougm /* Print the description string if there is one. */ 1986573b0c00Sdougm print_rsrc_desc(resource, description); 1987da6c28aaSamw } else { 1988da6c28aaSamw /* Treat as simple and then resources come later */ 1989da6c28aaSamw (void) printf("%s", sharepath); 1990da6c28aaSamw } 1991da6c28aaSamw drive = sa_get_share_attr(share, "drive-letter"); 1992da6c28aaSamw if (drive != NULL) { 1993da6c28aaSamw if (strlen(drive) > 0) 1994da6c28aaSamw (void) printf(gettext("\tdrive-letter=\"%s:\""), 1995da6c28aaSamw drive); 1996da6c28aaSamw sa_free_attr_string(drive); 1997da6c28aaSamw } 1998da6c28aaSamw if (properties) 1999da6c28aaSamw show_properties(share, proto, "\t"); 2000da6c28aaSamw exclude = sa_get_share_attr(share, "exclude"); 2001da6c28aaSamw if (exclude != NULL) { 2002da6c28aaSamw (void) printf(gettext("\tnot-shared-with=[%s]"), 2003da6c28aaSamw exclude); 2004da6c28aaSamw sa_free_attr_string(exclude); 2005da6c28aaSamw } 2006da6c28aaSamw 2007573b0c00Sdougm if (description != NULL) { 2008573b0c00Sdougm print_rsrc_desc((sa_resource_t)share, description); 2009573b0c00Sdougm } 2010da6c28aaSamw /* 2011da6c28aaSamw * If there are resource names with options, show them 2012da6c28aaSamw * here, with one line per resource. Resource specific 2013da6c28aaSamw * options are at the end of the line followed by 2014da6c28aaSamw * description, if any. 2015da6c28aaSamw */ 2016da6c28aaSamw if (rsrcwithopt || multiple) { 2017da6c28aaSamw for (resource = sa_get_share_resource(share, NULL); 2018da6c28aaSamw resource != NULL; 2019da6c28aaSamw resource = sa_get_next_resource(resource)) { 2020da6c28aaSamw int has_space; 2021da6c28aaSamw char *rsrc; 2022da6c28aaSamw 2023da6c28aaSamw (void) printf("\n\t\t "); 2024da6c28aaSamw rsrcname = sa_get_resource_attr(resource, 2025da6c28aaSamw "name"); 2026da6c28aaSamw if (rsrcname == NULL) 2027da6c28aaSamw continue; 2028da6c28aaSamw 2029da6c28aaSamw rsrc = conv_from_utf8(rsrcname); 2030da6c28aaSamw has_space = strpbrk(rsrc, " ") != NULL; 2031da6c28aaSamw 2032da6c28aaSamw if (has_space) 2033da6c28aaSamw (void) printf("\"%s\"=%s", rsrc, 2034da6c28aaSamw sharepath); 2035da6c28aaSamw else 2036da6c28aaSamw (void) printf("%s=%s", rsrc, 2037da6c28aaSamw sharepath); 2038da6c28aaSamw if (rsrc != rsrcname) 2039da6c28aaSamw sa_free_attr_string(rsrc); 2040da6c28aaSamw sa_free_attr_string(rsrcname); 2041da6c28aaSamw if (properties || rsrcwithopt) 2042da6c28aaSamw show_properties(resource, proto, "\t"); 2043da6c28aaSamw 2044da6c28aaSamw /* Get description string if any */ 2045573b0c00Sdougm print_rsrc_desc(resource, description); 2046da6c28aaSamw } 2047da6c28aaSamw } 2048573b0c00Sdougm if (description != NULL) 2049573b0c00Sdougm sa_free_share_description(description); 2050da6c28aaSamw } else { 2051da6c28aaSamw (void) printf("\t %s", sharepath); 2052da6c28aaSamw if (properties) 2053da6c28aaSamw show_properties(share, proto, "\t"); 2054da6c28aaSamw } 2055da6c28aaSamw (void) printf("\n"); 2056da6c28aaSamw } 2057da6c28aaSamw 2058da6c28aaSamw /* 20596185db85Sdougm * show_group(group, verbose, properties, proto, subgroup) 20606185db85Sdougm * 20616185db85Sdougm * helper function to show the contents of a group. 20626185db85Sdougm */ 20636185db85Sdougm 20646185db85Sdougm static void 20656185db85Sdougm show_group(sa_group_t group, int verbose, int properties, char *proto, 20666185db85Sdougm char *subgroup) 20676185db85Sdougm { 20686185db85Sdougm sa_share_t share; 20696185db85Sdougm char *groupname; 20706185db85Sdougm char *zfs = NULL; 20716185db85Sdougm int iszfs = 0; 2072da6c28aaSamw char *sharepath; 20736185db85Sdougm 20746185db85Sdougm groupname = sa_get_group_attr(group, "name"); 20756185db85Sdougm if (groupname != NULL) { 20766185db85Sdougm if (proto != NULL && !has_protocol(group, proto)) { 20776185db85Sdougm sa_free_attr_string(groupname); 20786185db85Sdougm return; 20796185db85Sdougm } 20806185db85Sdougm /* 20816185db85Sdougm * check to see if the group is managed by ZFS. If 20826185db85Sdougm * there is an attribute, then it is. A non-NULL zfs 20836185db85Sdougm * variable will trigger the different way to display 20846185db85Sdougm * and will remove the transient property indicator 20856185db85Sdougm * from the output. 20866185db85Sdougm */ 20876185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 20886185db85Sdougm if (zfs != NULL) { 20896185db85Sdougm iszfs = 1; 20906185db85Sdougm sa_free_attr_string(zfs); 20916185db85Sdougm } 20926185db85Sdougm share = sa_get_share(group, NULL); 20936185db85Sdougm if (subgroup == NULL) 20946185db85Sdougm (void) printf("%s", groupname); 20956185db85Sdougm else 20966185db85Sdougm (void) printf(" %s/%s", subgroup, groupname); 209725a68471Sdougm if (properties) 20986185db85Sdougm show_properties(group, proto, ""); 20996185db85Sdougm (void) printf("\n"); 21006185db85Sdougm if (strcmp(groupname, "zfs") == 0) { 21016185db85Sdougm sa_group_t zgroup; 21026185db85Sdougm 210325a68471Sdougm for (zgroup = sa_get_sub_group(group); 210425a68471Sdougm zgroup != NULL; 21056185db85Sdougm zgroup = sa_get_next_group(zgroup)) { 210625a68471Sdougm show_group(zgroup, verbose, properties, proto, 210725a68471Sdougm "zfs"); 21086185db85Sdougm } 21096185db85Sdougm sa_free_attr_string(groupname); 21106185db85Sdougm return; 21116185db85Sdougm } 21126185db85Sdougm /* 211325a68471Sdougm * Have a group, so list the contents. Resource and 21146185db85Sdougm * description are only listed if verbose is set. 21156185db85Sdougm */ 211625a68471Sdougm for (share = sa_get_share(group, NULL); 211725a68471Sdougm share != NULL; 21186185db85Sdougm share = sa_get_next_share(share)) { 21196185db85Sdougm sharepath = sa_get_share_attr(share, "path"); 21206185db85Sdougm if (sharepath != NULL) { 2121da6c28aaSamw show_share(share, verbose, properties, proto, 2122da6c28aaSamw iszfs, sharepath); 21236185db85Sdougm sa_free_attr_string(sharepath); 21246185db85Sdougm } 21256185db85Sdougm } 21266185db85Sdougm } 21276185db85Sdougm if (groupname != NULL) { 21286185db85Sdougm sa_free_attr_string(groupname); 21296185db85Sdougm } 21306185db85Sdougm } 21316185db85Sdougm 21326185db85Sdougm /* 21336185db85Sdougm * show_group_xml_init() 21346185db85Sdougm * 21356185db85Sdougm * Create an XML document that will be used to display config info via 21366185db85Sdougm * XML format. 21376185db85Sdougm */ 21386185db85Sdougm 21396185db85Sdougm xmlDocPtr 21406185db85Sdougm show_group_xml_init() 21416185db85Sdougm { 21426185db85Sdougm xmlDocPtr doc; 21436185db85Sdougm xmlNodePtr root; 21446185db85Sdougm 21456185db85Sdougm doc = xmlNewDoc((xmlChar *)"1.0"); 21466185db85Sdougm if (doc != NULL) { 21476185db85Sdougm root = xmlNewNode(NULL, (xmlChar *)"sharecfg"); 21486185db85Sdougm if (root != NULL) 21496185db85Sdougm xmlDocSetRootElement(doc, root); 21506185db85Sdougm } 21516185db85Sdougm return (doc); 21526185db85Sdougm } 21536185db85Sdougm 21546185db85Sdougm /* 21556185db85Sdougm * show_group_xml(doc, group) 21566185db85Sdougm * 21576185db85Sdougm * Copy the group info into the XML doc. 21586185db85Sdougm */ 21596185db85Sdougm 21606185db85Sdougm static void 21616185db85Sdougm show_group_xml(xmlDocPtr doc, sa_group_t group) 21626185db85Sdougm { 21636185db85Sdougm xmlNodePtr node; 21646185db85Sdougm xmlNodePtr root; 21656185db85Sdougm 21666185db85Sdougm root = xmlDocGetRootElement(doc); 21676185db85Sdougm node = xmlCopyNode((xmlNodePtr)group, 1); 21686185db85Sdougm if (node != NULL && root != NULL) { 21696185db85Sdougm xmlAddChild(root, node); 21706185db85Sdougm /* 21716185db85Sdougm * In the future, we may have interally used tags that 21726185db85Sdougm * should not appear in the XML output. Remove 21736185db85Sdougm * anything we don't want to show here. 21746185db85Sdougm */ 21756185db85Sdougm } 21766185db85Sdougm } 21776185db85Sdougm 21786185db85Sdougm /* 21796185db85Sdougm * sa_show(flags, argc, argv) 21806185db85Sdougm * 21816185db85Sdougm * Implements the show subcommand. 21826185db85Sdougm */ 21836185db85Sdougm 21846185db85Sdougm int 2185549ec3ffSdougm sa_show(sa_handle_t handle, int flags, int argc, char *argv[]) 21866185db85Sdougm { 21876185db85Sdougm sa_group_t group; 21886185db85Sdougm int verbose = 0; 21896185db85Sdougm int properties = 0; 21906185db85Sdougm int c; 21916185db85Sdougm int ret = SA_OK; 21926185db85Sdougm char *protocol = NULL; 21936185db85Sdougm int xml = 0; 21946185db85Sdougm xmlDocPtr doc; 2195da6c28aaSamw #ifdef lint 2196da6c28aaSamw flags = flags; 2197da6c28aaSamw #endif 21986185db85Sdougm 21996185db85Sdougm while ((c = getopt(argc, argv, "?hvP:px")) != EOF) { 22006185db85Sdougm switch (c) { 22016185db85Sdougm case 'v': 22026185db85Sdougm verbose++; 22036185db85Sdougm break; 22046185db85Sdougm case 'p': 22056185db85Sdougm properties++; 22066185db85Sdougm break; 22076185db85Sdougm case 'P': 2208da6c28aaSamw if (protocol != NULL) { 2209da6c28aaSamw (void) printf(gettext( 2210da6c28aaSamw "Specifying multiple protocols " 2211da6c28aaSamw "not supported: %s\n"), 2212da6c28aaSamw protocol); 2213da6c28aaSamw return (SA_SYNTAX_ERR); 2214da6c28aaSamw } 22156185db85Sdougm protocol = optarg; 22166185db85Sdougm if (!sa_valid_protocol(protocol)) { 221725a68471Sdougm (void) printf(gettext( 221825a68471Sdougm "Invalid protocol specified: %s\n"), 22196185db85Sdougm protocol); 22206185db85Sdougm return (SA_INVALID_PROTOCOL); 22216185db85Sdougm } 22226185db85Sdougm break; 22236185db85Sdougm case 'x': 22246185db85Sdougm xml++; 22256185db85Sdougm break; 2226*e7bab347Sdougm case 'h': 2227*e7bab347Sdougm /* optopt on valid arg isn't defined */ 2228*e7bab347Sdougm optopt = c; 2229*e7bab347Sdougm /*FALLTHROUGH*/ 2230*e7bab347Sdougm case '?': 22316185db85Sdougm default: 2232*e7bab347Sdougm /* 2233*e7bab347Sdougm * Since a bad option gets to here, sort it 2234*e7bab347Sdougm * out and return a syntax error return value 2235*e7bab347Sdougm * if necessary. 2236*e7bab347Sdougm */ 2237*e7bab347Sdougm switch (optopt) { 2238*e7bab347Sdougm default: 2239*e7bab347Sdougm ret = SA_SYNTAX_ERR; 2240*e7bab347Sdougm break; 22416185db85Sdougm case 'h': 22426185db85Sdougm case '?': 2243*e7bab347Sdougm break; 2244*e7bab347Sdougm } 224525a68471Sdougm (void) printf(gettext("usage: %s\n"), 224625a68471Sdougm sa_get_usage(USAGE_SHOW)); 2247*e7bab347Sdougm return (ret); 22486185db85Sdougm } 22496185db85Sdougm } 22506185db85Sdougm 22516185db85Sdougm if (xml) { 22526185db85Sdougm doc = show_group_xml_init(); 22536185db85Sdougm if (doc == NULL) 22546185db85Sdougm ret = SA_NO_MEMORY; 22556185db85Sdougm } 22566185db85Sdougm 22576185db85Sdougm if (optind == argc) { 225825a68471Sdougm /* No group specified so go through them all */ 225925a68471Sdougm for (group = sa_get_group(handle, NULL); 226025a68471Sdougm group != NULL; 22616185db85Sdougm group = sa_get_next_group(group)) { 22626185db85Sdougm /* 226325a68471Sdougm * Have a group so check if one we want and then list 22646185db85Sdougm * contents with appropriate options. 22656185db85Sdougm */ 22666185db85Sdougm if (xml) 22676185db85Sdougm show_group_xml(doc, group); 22686185db85Sdougm else 226925a68471Sdougm show_group(group, verbose, properties, protocol, 227025a68471Sdougm NULL); 22716185db85Sdougm } 22726185db85Sdougm } else { 227325a68471Sdougm /* Have a specified list of groups */ 22746185db85Sdougm for (; optind < argc; optind++) { 2275549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 22766185db85Sdougm if (group != NULL) { 22776185db85Sdougm if (xml) 22786185db85Sdougm show_group_xml(doc, group); 22796185db85Sdougm else 228025a68471Sdougm show_group(group, verbose, properties, 228125a68471Sdougm protocol, NULL); 22826185db85Sdougm } else { 228325a68471Sdougm (void) printf(gettext("%s: not found\n"), 228425a68471Sdougm argv[optind]); 22856185db85Sdougm ret = SA_NO_SUCH_GROUP; 22866185db85Sdougm } 22876185db85Sdougm } 22886185db85Sdougm } 22896185db85Sdougm if (xml && ret == SA_OK) { 22906185db85Sdougm xmlDocFormatDump(stdout, doc, 1); 22916185db85Sdougm xmlFreeDoc(doc); 22926185db85Sdougm } 22936185db85Sdougm return (ret); 22946185db85Sdougm 22956185db85Sdougm } 22966185db85Sdougm 22976185db85Sdougm /* 22986185db85Sdougm * enable_share(group, share, update_legacy) 22996185db85Sdougm * 23006185db85Sdougm * helper function to enable a share if the group is enabled. 23016185db85Sdougm */ 23026185db85Sdougm 23036185db85Sdougm static int 2304549ec3ffSdougm enable_share(sa_handle_t handle, sa_group_t group, sa_share_t share, 2305549ec3ffSdougm int update_legacy) 23066185db85Sdougm { 23076185db85Sdougm char *value; 23086185db85Sdougm int enabled; 23096185db85Sdougm sa_optionset_t optionset; 2310da6c28aaSamw int err; 23116185db85Sdougm int ret = SA_OK; 23126185db85Sdougm char *zfs = NULL; 23136185db85Sdougm int iszfs = 0; 2314da6c28aaSamw int isshare; 23156185db85Sdougm 23166185db85Sdougm /* 23176185db85Sdougm * need to enable this share if the group is enabled but not 23186185db85Sdougm * otherwise. The enable is also done on each protocol 23196185db85Sdougm * represented in the group. 23206185db85Sdougm */ 23216185db85Sdougm value = sa_get_group_attr(group, "state"); 23226185db85Sdougm enabled = value != NULL && strcmp(value, "enabled") == 0; 23236185db85Sdougm if (value != NULL) 23246185db85Sdougm sa_free_attr_string(value); 23256185db85Sdougm /* remove legacy config if necessary */ 23266185db85Sdougm if (update_legacy) 2327da6c28aaSamw ret = sa_delete_legacy(share, NULL); 23286185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 23296185db85Sdougm if (zfs != NULL) { 23306185db85Sdougm iszfs++; 23316185db85Sdougm sa_free_attr_string(zfs); 23326185db85Sdougm } 23336185db85Sdougm 23346185db85Sdougm /* 23356185db85Sdougm * Step through each optionset at the group level and 23366185db85Sdougm * enable the share based on the protocol type. This 23376185db85Sdougm * works because protocols must be set on the group 23386185db85Sdougm * for the protocol to be enabled. 23396185db85Sdougm */ 2340da6c28aaSamw isshare = sa_is_share(share); 23416185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 23426185db85Sdougm optionset != NULL && ret == SA_OK; 23436185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 23446185db85Sdougm value = sa_get_optionset_attr(optionset, "type"); 23456185db85Sdougm if (value != NULL) { 2346da6c28aaSamw if (enabled) { 2347da6c28aaSamw if (isshare) { 2348da6c28aaSamw err = sa_enable_share(share, value); 2349da6c28aaSamw } else { 2350da6c28aaSamw err = sa_enable_resource(share, value); 2351da6c28aaSamw if (err == SA_NOT_SUPPORTED) { 2352da6c28aaSamw sa_share_t parent; 2353da6c28aaSamw parent = sa_get_resource_parent( 2354da6c28aaSamw share); 2355da6c28aaSamw if (parent != NULL) 2356da6c28aaSamw err = sa_enable_share( 2357da6c28aaSamw parent, value); 2358da6c28aaSamw } 2359da6c28aaSamw } 2360da6c28aaSamw if (err != SA_OK) { 2361da6c28aaSamw ret = err; 2362da6c28aaSamw (void) printf(gettext( 2363da6c28aaSamw "Failed to enable share for " 2364da6c28aaSamw "\"%s\": %s\n"), 2365da6c28aaSamw value, sa_errorstr(ret)); 2366da6c28aaSamw } 2367da6c28aaSamw } 2368da6c28aaSamw /* 2369da6c28aaSamw * If we want to update the legacy, use a copy of 2370da6c28aaSamw * share so we can avoid breaking the loop we are in 2371da6c28aaSamw * since we might also need to go up the tree to the 2372da6c28aaSamw * parent. 2373da6c28aaSamw */ 2374da6c28aaSamw if (update_legacy && !iszfs) { 2375da6c28aaSamw sa_share_t update = share; 2376da6c28aaSamw if (!sa_is_share(share)) { 2377da6c28aaSamw update = sa_get_resource_parent(share); 2378da6c28aaSamw } 2379da6c28aaSamw (void) sa_update_legacy(update, value); 2380da6c28aaSamw } 23816185db85Sdougm sa_free_attr_string(value); 23826185db85Sdougm } 23836185db85Sdougm } 23846185db85Sdougm if (ret == SA_OK) 2385549ec3ffSdougm (void) sa_update_config(handle); 23866185db85Sdougm return (ret); 23876185db85Sdougm } 23886185db85Sdougm 23896185db85Sdougm /* 2390da6c28aaSamw * sa_require_resource(group) 2391da6c28aaSamw * 2392da6c28aaSamw * if any of the defined protocols on the group require resource 2393da6c28aaSamw * names, then all shares must have them. 2394da6c28aaSamw */ 2395da6c28aaSamw 2396da6c28aaSamw static int 2397da6c28aaSamw sa_require_resource(sa_group_t group) 2398da6c28aaSamw { 2399da6c28aaSamw sa_optionset_t optionset; 2400da6c28aaSamw 2401da6c28aaSamw for (optionset = sa_get_optionset(group, NULL); 2402da6c28aaSamw optionset != NULL; 2403da6c28aaSamw optionset = sa_get_next_optionset(optionset)) { 2404da6c28aaSamw char *proto; 2405da6c28aaSamw 2406da6c28aaSamw proto = sa_get_optionset_attr(optionset, "type"); 2407da6c28aaSamw if (proto != NULL) { 2408da6c28aaSamw uint64_t features; 2409da6c28aaSamw 2410da6c28aaSamw features = sa_proto_get_featureset(proto); 2411da6c28aaSamw if (features & SA_FEATURE_RESOURCE) { 2412da6c28aaSamw sa_free_attr_string(proto); 2413da6c28aaSamw return (B_TRUE); 2414da6c28aaSamw } 2415da6c28aaSamw sa_free_attr_string(proto); 2416da6c28aaSamw } 2417da6c28aaSamw } 2418da6c28aaSamw return (B_FALSE); 2419da6c28aaSamw } 2420da6c28aaSamw 2421da6c28aaSamw /* 24226185db85Sdougm * sa_addshare(flags, argc, argv) 24236185db85Sdougm * 24246185db85Sdougm * implements add-share subcommand. 24256185db85Sdougm */ 24266185db85Sdougm 2427da6c28aaSamw static int 2428549ec3ffSdougm sa_addshare(sa_handle_t handle, int flags, int argc, char *argv[]) 24296185db85Sdougm { 24306185db85Sdougm int verbose = 0; 24316185db85Sdougm int dryrun = 0; 24326185db85Sdougm int c; 24336185db85Sdougm int ret = SA_OK; 24346185db85Sdougm sa_group_t group; 24356185db85Sdougm sa_share_t share; 2436da6c28aaSamw sa_resource_t resource = NULL; 24376185db85Sdougm char *sharepath = NULL; 24386185db85Sdougm char *description = NULL; 2439da6c28aaSamw char *rsrcname = NULL; 2440da6c28aaSamw char *rsrc = NULL; 24416185db85Sdougm int persist = SA_SHARE_PERMANENT; /* default to persist */ 24426185db85Sdougm int auth; 24436185db85Sdougm char dir[MAXPATHLEN]; 24446185db85Sdougm 24456185db85Sdougm while ((c = getopt(argc, argv, "?hvns:d:r:t")) != EOF) { 24466185db85Sdougm switch (c) { 24476185db85Sdougm case 'n': 24486185db85Sdougm dryrun++; 24496185db85Sdougm break; 24506185db85Sdougm case 'v': 24516185db85Sdougm verbose++; 24526185db85Sdougm break; 24536185db85Sdougm case 'd': 24546185db85Sdougm description = optarg; 24556185db85Sdougm break; 24566185db85Sdougm case 'r': 2457da6c28aaSamw if (rsrcname != NULL) { 2458da6c28aaSamw (void) printf(gettext("Adding multiple " 2459da6c28aaSamw "resource names not" 2460da6c28aaSamw " supported\n")); 2461da6c28aaSamw return (SA_SYNTAX_ERR); 2462da6c28aaSamw } 2463da6c28aaSamw rsrcname = optarg; 24646185db85Sdougm break; 24656185db85Sdougm case 's': 24666185db85Sdougm /* 246725a68471Sdougm * Save share path into group. Currently limit 24686185db85Sdougm * to one share per command. 24696185db85Sdougm */ 24706185db85Sdougm if (sharepath != NULL) { 247125a68471Sdougm (void) printf(gettext( 247225a68471Sdougm "Adding multiple shares not supported\n")); 2473da6c28aaSamw return (SA_SYNTAX_ERR); 24746185db85Sdougm } 24756185db85Sdougm sharepath = optarg; 24766185db85Sdougm break; 24776185db85Sdougm case 't': 24786185db85Sdougm persist = SA_SHARE_TRANSIENT; 24796185db85Sdougm break; 2480*e7bab347Sdougm case 'h': 2481*e7bab347Sdougm /* optopt on valid arg isn't defined */ 2482*e7bab347Sdougm optopt = c; 2483*e7bab347Sdougm /*FALLTHROUGH*/ 2484*e7bab347Sdougm case '?': 24856185db85Sdougm default: 2486*e7bab347Sdougm /* 2487*e7bab347Sdougm * Since a bad option gets to here, sort it 2488*e7bab347Sdougm * out and return a syntax error return value 2489*e7bab347Sdougm * if necessary. 2490*e7bab347Sdougm */ 2491*e7bab347Sdougm switch (optopt) { 2492*e7bab347Sdougm default: 2493*e7bab347Sdougm ret = SA_SYNTAX_ERR; 2494*e7bab347Sdougm break; 24956185db85Sdougm case 'h': 24966185db85Sdougm case '?': 2497*e7bab347Sdougm break; 2498*e7bab347Sdougm } 24996185db85Sdougm (void) printf(gettext("usage: %s\n"), 25006185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 2501*e7bab347Sdougm return (ret); 25026185db85Sdougm } 25036185db85Sdougm } 25046185db85Sdougm 25056185db85Sdougm if (optind >= argc) { 25066185db85Sdougm (void) printf(gettext("usage: %s\n"), 25076185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 25086185db85Sdougm if (dryrun || sharepath != NULL || description != NULL || 2509da6c28aaSamw rsrcname != NULL || verbose || persist) { 25106185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 25116185db85Sdougm ret = SA_NO_SUCH_GROUP; 25126185db85Sdougm } else { 25136185db85Sdougm ret = SA_OK; 25146185db85Sdougm } 25156185db85Sdougm } else { 25166185db85Sdougm if (sharepath == NULL) { 25176185db85Sdougm (void) printf(gettext("usage: %s\n"), 25186185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 251925a68471Sdougm (void) printf(gettext( 252025a68471Sdougm "\t-s sharepath must be specified\n")); 2521da6c28aaSamw ret = SA_BAD_PATH; 25226185db85Sdougm } 2523da6c28aaSamw if (ret == SA_OK) { 25246185db85Sdougm if (realpath(sharepath, dir) == NULL) { 2525da6c28aaSamw ret = SA_BAD_PATH; 2526da6c28aaSamw (void) printf(gettext("Path " 2527da6c28aaSamw "is not valid: %s\n"), 2528da6c28aaSamw sharepath); 25296185db85Sdougm } else { 25306185db85Sdougm sharepath = dir; 25316185db85Sdougm } 2532da6c28aaSamw } 2533da6c28aaSamw if (ret == SA_OK && rsrcname != NULL) { 2534da6c28aaSamw /* check for valid syntax */ 2535da6c28aaSamw if (validresource(rsrcname)) { 2536da6c28aaSamw rsrc = conv_to_utf8(rsrcname); 2537da6c28aaSamw resource = sa_find_resource(handle, rsrc); 2538da6c28aaSamw if (resource != NULL) { 2539da6c28aaSamw /* 2540da6c28aaSamw * Resource names must be 2541da6c28aaSamw * unique in the system 2542da6c28aaSamw */ 2543da6c28aaSamw ret = SA_DUPLICATE_NAME; 25446185db85Sdougm (void) printf(gettext("usage: %s\n"), 25456185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 254625a68471Sdougm (void) printf(gettext( 2547da6c28aaSamw "\tresource names must be unique " 2548da6c28aaSamw "in the system\n")); 25496185db85Sdougm } 2550da6c28aaSamw } else { 2551da6c28aaSamw (void) printf(gettext("usage: %s\n"), 2552da6c28aaSamw sa_get_usage(USAGE_ADD_SHARE)); 2553da6c28aaSamw (void) printf(gettext( 2554da6c28aaSamw "\tresource names use restricted " 2555da6c28aaSamw "character set\n")); 2556da6c28aaSamw ret = SA_INVALID_NAME; 255725a68471Sdougm } 2558da6c28aaSamw } 2559da6c28aaSamw 2560da6c28aaSamw if (ret != SA_OK) { 2561da6c28aaSamw if (rsrc != NULL && rsrcname != rsrc) 2562da6c28aaSamw sa_free_attr_string(rsrc); 2563da6c28aaSamw return (ret); 2564da6c28aaSamw } 2565da6c28aaSamw 2566549ec3ffSdougm share = sa_find_share(handle, sharepath); 25676185db85Sdougm if (share != NULL) { 2568da6c28aaSamw if (rsrcname == NULL) { 25696185db85Sdougm /* 2570da6c28aaSamw * Can only have a duplicate share if a new 2571da6c28aaSamw * resource name is being added. 25726185db85Sdougm */ 2573da6c28aaSamw ret = SA_DUPLICATE_NAME; 2574da6c28aaSamw (void) printf(gettext("Share path already " 2575da6c28aaSamw "shared: %s\n"), sharepath); 2576da6c28aaSamw } 2577da6c28aaSamw } 2578da6c28aaSamw if (ret != SA_OK) 2579da6c28aaSamw return (ret); 2580da6c28aaSamw 2581da6c28aaSamw group = sa_get_group(handle, argv[optind]); 2582da6c28aaSamw if (group != NULL) { 2583da6c28aaSamw if (sa_require_resource(group) == B_TRUE && 2584da6c28aaSamw rsrcname == NULL) { 2585da6c28aaSamw (void) printf(gettext( 2586da6c28aaSamw "Resource name is required " 2587da6c28aaSamw "by at least one enabled protocol " 2588da6c28aaSamw "in group\n")); 2589da6c28aaSamw return (SA_RESOURCE_REQUIRED); 2590da6c28aaSamw } 2591da6c28aaSamw if (share == NULL && ret == SA_OK) { 25926185db85Sdougm if (dryrun) 2593f345c0beSdougm ret = sa_check_path(group, sharepath, 2594f345c0beSdougm SA_CHECK_NORMAL); 25956185db85Sdougm else 25966185db85Sdougm share = sa_add_share(group, sharepath, 25976185db85Sdougm persist, &ret); 2598da6c28aaSamw } 2599da6c28aaSamw /* 2600da6c28aaSamw * Make sure this isn't an attempt to put a resourced 2601da6c28aaSamw * share into a different group than it already is in. 2602da6c28aaSamw */ 2603da6c28aaSamw if (share != NULL) { 2604da6c28aaSamw sa_group_t parent; 2605da6c28aaSamw parent = sa_get_parent_group(share); 2606da6c28aaSamw if (parent != group) { 2607da6c28aaSamw ret = SA_DUPLICATE_NAME; 2608da6c28aaSamw (void) printf(gettext( 2609da6c28aaSamw "Share path already " 2610da6c28aaSamw "shared: %s\n"), sharepath); 2611da6c28aaSamw } 2612da6c28aaSamw } 26136185db85Sdougm if (!dryrun && share == NULL) { 261425a68471Sdougm (void) printf(gettext( 261525a68471Sdougm "Could not add share: %s\n"), 26166185db85Sdougm sa_errorstr(ret)); 26176185db85Sdougm } else { 2618da6c28aaSamw auth = check_authorizations(argv[optind], 2619da6c28aaSamw flags); 26206185db85Sdougm if (!dryrun && ret == SA_OK) { 2621da6c28aaSamw if (rsrcname != NULL) { 2622da6c28aaSamw resource = sa_add_resource( 2623da6c28aaSamw share, 2624da6c28aaSamw rsrc, 2625da6c28aaSamw SA_SHARE_PERMANENT, 2626da6c28aaSamw &ret); 26276185db85Sdougm } 262825a68471Sdougm if (ret == SA_OK && 262925a68471Sdougm description != NULL) { 2630573b0c00Sdougm if (resource != NULL) 2631573b0c00Sdougm ret = 2632573b0c00Sdougm set_resource_desc( 2633573b0c00Sdougm resource, 2634573b0c00Sdougm description); 2635573b0c00Sdougm else 2636da6c28aaSamw ret = 2637da6c28aaSamw set_share_desc( 2638da6c28aaSamw share, 2639da6c28aaSamw description); 2640da6c28aaSamw } 26416185db85Sdougm if (ret == SA_OK) { 2642da6c28aaSamw /* now enable the share(s) */ 2643da6c28aaSamw if (resource != NULL) { 2644da6c28aaSamw ret = enable_share( 2645da6c28aaSamw handle, 2646da6c28aaSamw group, 2647da6c28aaSamw resource, 2648da6c28aaSamw 1); 2649da6c28aaSamw } else { 2650da6c28aaSamw ret = enable_share( 2651da6c28aaSamw handle, 2652da6c28aaSamw group, 2653da6c28aaSamw share, 2654da6c28aaSamw 1); 2655da6c28aaSamw } 2656549ec3ffSdougm ret = sa_update_config(handle); 26576185db85Sdougm } 26586185db85Sdougm switch (ret) { 26596185db85Sdougm case SA_DUPLICATE_NAME: 266025a68471Sdougm (void) printf(gettext( 266125a68471Sdougm "Resource name in" 2662da6c28aaSamw "use: %s\n"), 2663da6c28aaSamw rsrcname); 26646185db85Sdougm break; 26656185db85Sdougm default: 2666da6c28aaSamw (void) printf(gettext( 2667da6c28aaSamw "Could not set " 26686185db85Sdougm "attribute: %s\n"), 26696185db85Sdougm sa_errorstr(ret)); 26706185db85Sdougm break; 26716185db85Sdougm case SA_OK: 26726185db85Sdougm break; 26736185db85Sdougm } 2674da6c28aaSamw } else if (dryrun && ret == SA_OK && 2675da6c28aaSamw !auth && verbose) { 267625a68471Sdougm (void) printf(gettext( 267725a68471Sdougm "Command would fail: %s\n"), 26786185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 26796185db85Sdougm ret = SA_NO_PERMISSION; 26806185db85Sdougm } 26816185db85Sdougm } 2682da6c28aaSamw } else { 2683da6c28aaSamw switch (ret) { 2684da6c28aaSamw default: 2685da6c28aaSamw (void) printf(gettext( 2686da6c28aaSamw "Group \"%s\" not found\n"), argv[optind]); 2687da6c28aaSamw ret = SA_NO_SUCH_GROUP; 2688da6c28aaSamw break; 2689da6c28aaSamw case SA_BAD_PATH: 2690da6c28aaSamw case SA_DUPLICATE_NAME: 2691da6c28aaSamw break; 2692da6c28aaSamw } 26936185db85Sdougm } 26946185db85Sdougm } 26956185db85Sdougm return (ret); 26966185db85Sdougm } 26976185db85Sdougm 26986185db85Sdougm /* 26996185db85Sdougm * sa_moveshare(flags, argc, argv) 27006185db85Sdougm * 27016185db85Sdougm * implements move-share subcommand. 27026185db85Sdougm */ 27036185db85Sdougm 27046185db85Sdougm int 2705549ec3ffSdougm sa_moveshare(sa_handle_t handle, int flags, int argc, char *argv[]) 27066185db85Sdougm { 27076185db85Sdougm int verbose = 0; 27086185db85Sdougm int dryrun = 0; 27096185db85Sdougm int c; 27106185db85Sdougm int ret = SA_OK; 27116185db85Sdougm sa_group_t group; 27126185db85Sdougm sa_share_t share; 2713da6c28aaSamw char *rsrcname = NULL; 27146185db85Sdougm char *sharepath = NULL; 27156185db85Sdougm int authsrc = 0, authdst = 0; 2716573b0c00Sdougm char dir[MAXPATHLEN]; 27176185db85Sdougm 2718da6c28aaSamw while ((c = getopt(argc, argv, "?hvnr:s:")) != EOF) { 27196185db85Sdougm switch (c) { 27206185db85Sdougm case 'n': 27216185db85Sdougm dryrun++; 27226185db85Sdougm break; 27236185db85Sdougm case 'v': 27246185db85Sdougm verbose++; 27256185db85Sdougm break; 2726da6c28aaSamw case 'r': 2727da6c28aaSamw if (rsrcname != NULL) { 2728da6c28aaSamw (void) printf(gettext( 2729da6c28aaSamw "Moving multiple resource names not" 2730da6c28aaSamw " supported\n")); 2731da6c28aaSamw return (SA_SYNTAX_ERR); 2732da6c28aaSamw } 2733da6c28aaSamw rsrcname = optarg; 2734da6c28aaSamw break; 27356185db85Sdougm case 's': 27366185db85Sdougm /* 273725a68471Sdougm * Remove share path from group. Currently limit 27386185db85Sdougm * to one share per command. 27396185db85Sdougm */ 27406185db85Sdougm if (sharepath != NULL) { 274125a68471Sdougm (void) printf(gettext("Moving multiple shares" 274225a68471Sdougm " not supported\n")); 2743da6c28aaSamw return (SA_SYNTAX_ERR); 27446185db85Sdougm } 27456185db85Sdougm sharepath = optarg; 27466185db85Sdougm break; 2747*e7bab347Sdougm case 'h': 2748*e7bab347Sdougm /* optopt on valid arg isn't defined */ 2749*e7bab347Sdougm optopt = c; 2750*e7bab347Sdougm /*FALLTHROUGH*/ 2751*e7bab347Sdougm case '?': 27526185db85Sdougm default: 2753*e7bab347Sdougm /* 2754*e7bab347Sdougm * Since a bad option gets to here, sort it 2755*e7bab347Sdougm * out and return a syntax error return value 2756*e7bab347Sdougm * if necessary. 2757*e7bab347Sdougm */ 2758*e7bab347Sdougm switch (optopt) { 2759*e7bab347Sdougm default: 2760*e7bab347Sdougm ret = SA_SYNTAX_ERR; 2761*e7bab347Sdougm break; 27626185db85Sdougm case 'h': 27636185db85Sdougm case '?': 2764*e7bab347Sdougm break; 2765*e7bab347Sdougm } 27666185db85Sdougm (void) printf(gettext("usage: %s\n"), 27676185db85Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 2768*e7bab347Sdougm return (ret); 27696185db85Sdougm } 27706185db85Sdougm } 27716185db85Sdougm 27726185db85Sdougm if (optind >= argc || sharepath == NULL) { 27736185db85Sdougm (void) printf(gettext("usage: %s\n"), 27746185db85Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 27756185db85Sdougm if (dryrun || verbose || sharepath != NULL) { 2776da6c28aaSamw (void) printf(gettext("\tgroup must be specified\n")); 27776185db85Sdougm ret = SA_NO_SUCH_GROUP; 27786185db85Sdougm } else { 27796185db85Sdougm if (sharepath == NULL) { 27806185db85Sdougm ret = SA_SYNTAX_ERR; 278125a68471Sdougm (void) printf(gettext( 278225a68471Sdougm "\tsharepath must be specified\n")); 278325a68471Sdougm } else { 27846185db85Sdougm ret = SA_OK; 27856185db85Sdougm } 278625a68471Sdougm } 27876185db85Sdougm } else { 278825a68471Sdougm sa_group_t parent; 278925a68471Sdougm char *zfsold; 279025a68471Sdougm char *zfsnew; 279125a68471Sdougm 27926185db85Sdougm if (sharepath == NULL) { 279325a68471Sdougm (void) printf(gettext( 279425a68471Sdougm "sharepath must be specified with the -s " 279525a68471Sdougm "option\n")); 279625a68471Sdougm return (SA_BAD_PATH); 279725a68471Sdougm } 2798549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 279925a68471Sdougm if (group == NULL) { 280025a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 280125a68471Sdougm argv[optind]); 280225a68471Sdougm return (SA_NO_SUCH_GROUP); 280325a68471Sdougm } 2804549ec3ffSdougm share = sa_find_share(handle, sharepath); 2805573b0c00Sdougm /* 2806573b0c00Sdougm * If a share wasn't found, it may have been a symlink 2807573b0c00Sdougm * or has a trailing '/'. Try again after resolving 2808573b0c00Sdougm * with realpath(). 2809573b0c00Sdougm */ 2810573b0c00Sdougm if (share == NULL) { 2811573b0c00Sdougm if (realpath(sharepath, dir) == NULL) { 2812573b0c00Sdougm (void) printf(gettext("Path " 2813573b0c00Sdougm "is not valid: %s\n"), 2814573b0c00Sdougm sharepath); 2815573b0c00Sdougm return (SA_BAD_PATH); 2816573b0c00Sdougm } 2817573b0c00Sdougm sharepath = dir; 2818573b0c00Sdougm share = sa_find_share(handle, sharepath); 2819573b0c00Sdougm } 28206185db85Sdougm if (share == NULL) { 28216185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 28226185db85Sdougm sharepath); 282325a68471Sdougm return (SA_NO_SUCH_PATH); 282425a68471Sdougm } 2825573b0c00Sdougm authdst = check_authorizations(argv[optind], flags); 28266185db85Sdougm 28276185db85Sdougm parent = sa_get_parent_group(share); 28286185db85Sdougm if (parent != NULL) { 28296185db85Sdougm char *pname; 28306185db85Sdougm pname = sa_get_group_attr(parent, "name"); 28316185db85Sdougm if (pname != NULL) { 28326185db85Sdougm authsrc = check_authorizations(pname, flags); 28336185db85Sdougm sa_free_attr_string(pname); 28346185db85Sdougm } 28356185db85Sdougm zfsold = sa_get_group_attr(parent, "zfs"); 28366185db85Sdougm zfsnew = sa_get_group_attr(group, "zfs"); 28376185db85Sdougm if ((zfsold != NULL && zfsnew == NULL) || 28386185db85Sdougm (zfsold == NULL && zfsnew != NULL)) { 28396185db85Sdougm ret = SA_NOT_ALLOWED; 28406185db85Sdougm } 28416185db85Sdougm if (zfsold != NULL) 28426185db85Sdougm sa_free_attr_string(zfsold); 28436185db85Sdougm if (zfsnew != NULL) 28446185db85Sdougm sa_free_attr_string(zfsnew); 28456185db85Sdougm } 284625a68471Sdougm 28476185db85Sdougm if (ret == SA_OK && parent != group && !dryrun) { 28486185db85Sdougm char *oldstate; 28496185db85Sdougm /* 285025a68471Sdougm * Note that the share may need to be 2851da6c28aaSamw * "unshared" if the new group is disabled and 2852da6c28aaSamw * the old was enabled or it may need to be 2853da6c28aaSamw * share to update if the new group is 2854da6c28aaSamw * enabled. We disable before the move and 2855da6c28aaSamw * will have to enable after the move in order 2856da6c28aaSamw * to cleanup entries for protocols that 2857da6c28aaSamw * aren't in the new group. 28586185db85Sdougm */ 28596185db85Sdougm oldstate = sa_get_group_attr(parent, "state"); 286025a68471Sdougm 28616185db85Sdougm /* enable_share determines what to do */ 2862da6c28aaSamw if (strcmp(oldstate, "enabled") == 0) 28636185db85Sdougm (void) sa_disable_share(share, NULL); 2864da6c28aaSamw 28656185db85Sdougm if (oldstate != NULL) 28666185db85Sdougm sa_free_attr_string(oldstate); 28676185db85Sdougm } 286825a68471Sdougm 2869da6c28aaSamw if (!dryrun && ret == SA_OK) 2870da6c28aaSamw ret = sa_move_share(group, share); 2871da6c28aaSamw 2872da6c28aaSamw /* 2873da6c28aaSamw * Reenable and update any config information. 2874da6c28aaSamw */ 2875da6c28aaSamw if (ret == SA_OK && parent != group && !dryrun) { 2876da6c28aaSamw ret = sa_update_config(handle); 2877da6c28aaSamw 2878da6c28aaSamw (void) enable_share(handle, group, share, 1); 2879da6c28aaSamw } 2880da6c28aaSamw 288125a68471Sdougm if (ret != SA_OK) 28826185db85Sdougm (void) printf(gettext("Could not move share: %s\n"), 28836185db85Sdougm sa_errorstr(ret)); 288425a68471Sdougm 28856185db85Sdougm if (dryrun && ret == SA_OK && !(authsrc & authdst) && 28866185db85Sdougm verbose) { 28876185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 28886185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 28896185db85Sdougm } 28906185db85Sdougm } 28916185db85Sdougm return (ret); 28926185db85Sdougm } 28936185db85Sdougm 28946185db85Sdougm /* 28956185db85Sdougm * sa_removeshare(flags, argc, argv) 28966185db85Sdougm * 28976185db85Sdougm * implements remove-share subcommand. 28986185db85Sdougm */ 28996185db85Sdougm 29006185db85Sdougm int 2901549ec3ffSdougm sa_removeshare(sa_handle_t handle, int flags, int argc, char *argv[]) 29026185db85Sdougm { 29036185db85Sdougm int verbose = 0; 29046185db85Sdougm int dryrun = 0; 29056185db85Sdougm int force = 0; 29066185db85Sdougm int c; 29076185db85Sdougm int ret = SA_OK; 29086185db85Sdougm sa_group_t group; 2909da6c28aaSamw sa_resource_t resource = NULL; 2910da6c28aaSamw sa_share_t share = NULL; 2911da6c28aaSamw char *rsrcname = NULL; 29126185db85Sdougm char *sharepath = NULL; 29136185db85Sdougm char dir[MAXPATHLEN]; 29146185db85Sdougm int auth; 29156185db85Sdougm 2916da6c28aaSamw while ((c = getopt(argc, argv, "?hfnr:s:v")) != EOF) { 29176185db85Sdougm switch (c) { 29186185db85Sdougm case 'n': 29196185db85Sdougm dryrun++; 29206185db85Sdougm break; 29216185db85Sdougm case 'v': 29226185db85Sdougm verbose++; 29236185db85Sdougm break; 29246185db85Sdougm case 'f': 29256185db85Sdougm force++; 29266185db85Sdougm break; 29276185db85Sdougm case 's': 29286185db85Sdougm /* 292925a68471Sdougm * Remove share path from group. Currently limit 29306185db85Sdougm * to one share per command. 29316185db85Sdougm */ 29326185db85Sdougm if (sharepath != NULL) { 293325a68471Sdougm (void) printf(gettext( 293425a68471Sdougm "Removing multiple shares not " 29356185db85Sdougm "supported\n")); 29366185db85Sdougm return (SA_SYNTAX_ERR); 29376185db85Sdougm } 29386185db85Sdougm sharepath = optarg; 29396185db85Sdougm break; 2940da6c28aaSamw case 'r': 2941da6c28aaSamw /* 2942da6c28aaSamw * Remove share from group if last resource or remove 2943da6c28aaSamw * resource from share if multiple resources. 2944da6c28aaSamw */ 2945da6c28aaSamw if (rsrcname != NULL) { 2946da6c28aaSamw (void) printf(gettext( 2947da6c28aaSamw "Removing multiple resource names not " 2948da6c28aaSamw "supported\n")); 2949da6c28aaSamw return (SA_SYNTAX_ERR); 2950da6c28aaSamw } 2951da6c28aaSamw rsrcname = optarg; 2952da6c28aaSamw break; 2953*e7bab347Sdougm case 'h': 2954*e7bab347Sdougm /* optopt on valid arg isn't defined */ 2955*e7bab347Sdougm optopt = c; 2956*e7bab347Sdougm /*FALLTHROUGH*/ 2957*e7bab347Sdougm case '?': 29586185db85Sdougm default: 2959*e7bab347Sdougm /* 2960*e7bab347Sdougm * Since a bad option gets to here, sort it 2961*e7bab347Sdougm * out and return a syntax error return value 2962*e7bab347Sdougm * if necessary. 2963*e7bab347Sdougm */ 2964*e7bab347Sdougm switch (optopt) { 2965*e7bab347Sdougm default: 2966*e7bab347Sdougm ret = SA_SYNTAX_ERR; 2967*e7bab347Sdougm break; 29686185db85Sdougm case 'h': 29696185db85Sdougm case '?': 2970*e7bab347Sdougm break; 2971*e7bab347Sdougm } 29726185db85Sdougm (void) printf(gettext("usage: %s\n"), 29736185db85Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 2974*e7bab347Sdougm return (ret); 29756185db85Sdougm } 29766185db85Sdougm } 29776185db85Sdougm 2978da6c28aaSamw if (optind >= argc || (rsrcname == NULL && sharepath == NULL)) { 2979da6c28aaSamw if (sharepath == NULL && rsrcname == NULL) { 29806185db85Sdougm (void) printf(gettext("usage: %s\n"), 29816185db85Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 2982da6c28aaSamw (void) printf(gettext("\t-s sharepath or -r resource" 2983da6c28aaSamw " must be specified\n")); 29846185db85Sdougm ret = SA_BAD_PATH; 29856185db85Sdougm } else { 29866185db85Sdougm ret = SA_OK; 29876185db85Sdougm } 29886185db85Sdougm } 298925a68471Sdougm if (ret != SA_OK) { 299025a68471Sdougm return (ret); 299125a68471Sdougm } 299225a68471Sdougm 29936185db85Sdougm if (optind < argc) { 29946185db85Sdougm if ((optind + 1) < argc) { 29956185db85Sdougm (void) printf(gettext("Extraneous group(s) at end of " 29966185db85Sdougm "command\n")); 29976185db85Sdougm ret = SA_SYNTAX_ERR; 29986185db85Sdougm } else { 2999549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 30006185db85Sdougm if (group == NULL) { 300125a68471Sdougm (void) printf(gettext( 300225a68471Sdougm "Group \"%s\" not found\n"), argv[optind]); 30036185db85Sdougm ret = SA_NO_SUCH_GROUP; 30046185db85Sdougm } 30056185db85Sdougm } 30066185db85Sdougm } else { 30076185db85Sdougm group = NULL; 30086185db85Sdougm } 3009a99982a7Sdougm 3010da6c28aaSamw if (rsrcname != NULL) { 3011da6c28aaSamw resource = sa_find_resource(handle, rsrcname); 3012da6c28aaSamw if (resource == NULL) { 3013da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 3014da6c28aaSamw (void) printf(gettext( 3015da6c28aaSamw "Resource name not found for share: %s\n"), 3016da6c28aaSamw rsrcname); 3017da6c28aaSamw } 3018da6c28aaSamw } 3019da6c28aaSamw 3020a99982a7Sdougm /* 3021a99982a7Sdougm * Lookup the path in the internal configuration. Care 3022a99982a7Sdougm * must be taken to handle the case where the 3023a99982a7Sdougm * underlying path has been removed since we need to 3024a99982a7Sdougm * be able to deal with that as well. 3025a99982a7Sdougm */ 30266185db85Sdougm if (ret == SA_OK) { 3027da6c28aaSamw if (sharepath != NULL) { 30286185db85Sdougm if (group != NULL) 30296185db85Sdougm share = sa_get_share(group, sharepath); 30306185db85Sdougm else 3031549ec3ffSdougm share = sa_find_share(handle, sharepath); 3032da6c28aaSamw } 3033da6c28aaSamw 3034da6c28aaSamw if (resource != NULL) { 3035da6c28aaSamw sa_share_t rsrcshare; 3036da6c28aaSamw rsrcshare = sa_get_resource_parent(resource); 3037da6c28aaSamw if (share == NULL) 3038da6c28aaSamw share = rsrcshare; 3039da6c28aaSamw else if (share != rsrcshare) { 3040da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 3041da6c28aaSamw (void) printf(gettext( 3042da6c28aaSamw "Bad resource name for share: %s\n"), 3043da6c28aaSamw rsrcname); 3044da6c28aaSamw share = NULL; 3045da6c28aaSamw } 3046da6c28aaSamw } 3047da6c28aaSamw 3048a99982a7Sdougm /* 3049a99982a7Sdougm * If we didn't find the share with the provided path, 3050a99982a7Sdougm * it may be a symlink so attempt to resolve it using 3051a99982a7Sdougm * realpath and try again. Realpath will resolve any 3052a99982a7Sdougm * symlinks and place them in "dir". Note that 3053a99982a7Sdougm * sharepath is only used for the lookup the first 3054a99982a7Sdougm * time and later for error messages. dir will be used 3055a99982a7Sdougm * on the second attempt. Once a share is found, all 3056a99982a7Sdougm * operations are based off of the share variable. 3057a99982a7Sdougm */ 3058a99982a7Sdougm if (share == NULL) { 3059a99982a7Sdougm if (realpath(sharepath, dir) == NULL) { 3060a99982a7Sdougm ret = SA_BAD_PATH; 306125a68471Sdougm (void) printf(gettext( 306225a68471Sdougm "Path is not valid: %s\n"), sharepath); 3063a99982a7Sdougm } else { 3064a99982a7Sdougm if (group != NULL) 3065a99982a7Sdougm share = sa_get_share(group, dir); 3066a99982a7Sdougm else 3067549ec3ffSdougm share = sa_find_share(handle, dir); 3068a99982a7Sdougm } 3069a99982a7Sdougm } 3070a99982a7Sdougm } 3071a99982a7Sdougm 3072a99982a7Sdougm /* 3073a99982a7Sdougm * If there hasn't been an error, there was likely a 3074a99982a7Sdougm * path found. If not, give the appropriate error 3075a99982a7Sdougm * message and set the return error. If it was found, 3076a99982a7Sdougm * then disable the share and then remove it from the 3077a99982a7Sdougm * configuration. 3078a99982a7Sdougm */ 307925a68471Sdougm if (ret != SA_OK) { 308025a68471Sdougm return (ret); 308125a68471Sdougm } 30826185db85Sdougm if (share == NULL) { 30836185db85Sdougm if (group != NULL) 30846185db85Sdougm (void) printf(gettext("Share not found in group %s:" 308525a68471Sdougm " %s\n"), argv[optind], sharepath); 30866185db85Sdougm else 30876185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 30886185db85Sdougm sharepath); 30896185db85Sdougm ret = SA_NO_SUCH_PATH; 30906185db85Sdougm } else { 30916185db85Sdougm if (group == NULL) 30926185db85Sdougm group = sa_get_parent_group(share); 30936185db85Sdougm if (!dryrun) { 30946185db85Sdougm if (ret == SA_OK) { 3095da6c28aaSamw if (resource != NULL) 3096da6c28aaSamw ret = sa_disable_resource(resource, 3097da6c28aaSamw NULL); 3098da6c28aaSamw else 30996185db85Sdougm ret = sa_disable_share(share, NULL); 31006185db85Sdougm /* 310125a68471Sdougm * We don't care if it fails since it 3102a99982a7Sdougm * could be disabled already. Some 3103a99982a7Sdougm * unexpected errors could occur that 3104a99982a7Sdougm * prevent removal, so also check for 3105a99982a7Sdougm * force being set. 31066185db85Sdougm */ 3107da6c28aaSamw if ((ret == SA_OK || ret == SA_NO_SUCH_PATH || 3108a99982a7Sdougm ret == SA_NOT_SUPPORTED || 3109da6c28aaSamw ret == SA_SYSTEM_ERR || force) && 3110da6c28aaSamw resource == NULL) 31116185db85Sdougm ret = sa_remove_share(share); 3112da6c28aaSamw 3113da6c28aaSamw if ((ret == SA_OK || ret == SA_NO_SUCH_PATH || 3114da6c28aaSamw ret == SA_NOT_SUPPORTED || 3115da6c28aaSamw ret == SA_SYSTEM_ERR || force) && 3116da6c28aaSamw resource != NULL) { 3117da6c28aaSamw ret = sa_remove_resource(resource); 3118da6c28aaSamw if (ret == SA_OK) { 3119da6c28aaSamw /* 3120da6c28aaSamw * If this was the 3121da6c28aaSamw * last one, remove 3122da6c28aaSamw * the share as well. 3123da6c28aaSamw */ 3124da6c28aaSamw resource = 3125da6c28aaSamw sa_get_share_resource( 3126da6c28aaSamw share, NULL); 3127da6c28aaSamw if (resource == NULL) 3128da6c28aaSamw ret = sa_remove_share( 3129da6c28aaSamw share); 3130da6c28aaSamw } 31316185db85Sdougm } 31326185db85Sdougm if (ret == SA_OK) 3133549ec3ffSdougm ret = sa_update_config(handle); 31346185db85Sdougm } 313525a68471Sdougm if (ret != SA_OK) 3136da6c28aaSamw (void) printf(gettext("Could not remove share:" 3137da6c28aaSamw " %s\n"), sa_errorstr(ret)); 31386185db85Sdougm } else if (ret == SA_OK) { 31396185db85Sdougm char *pname; 31406185db85Sdougm pname = sa_get_group_attr(group, "name"); 31416185db85Sdougm if (pname != NULL) { 31426185db85Sdougm auth = check_authorizations(pname, flags); 31436185db85Sdougm sa_free_attr_string(pname); 31446185db85Sdougm } 31456185db85Sdougm if (!auth && verbose) { 314625a68471Sdougm (void) printf(gettext( 314725a68471Sdougm "Command would fail: %s\n"), 31486185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 31496185db85Sdougm } 31506185db85Sdougm } 31516185db85Sdougm } 31526185db85Sdougm return (ret); 31536185db85Sdougm } 31546185db85Sdougm 31556185db85Sdougm /* 31566185db85Sdougm * sa_set_share(flags, argc, argv) 31576185db85Sdougm * 31586185db85Sdougm * implements set-share subcommand. 31596185db85Sdougm */ 31606185db85Sdougm 31616185db85Sdougm int 3162549ec3ffSdougm sa_set_share(sa_handle_t handle, int flags, int argc, char *argv[]) 31636185db85Sdougm { 31646185db85Sdougm int dryrun = 0; 31656185db85Sdougm int c; 31666185db85Sdougm int ret = SA_OK; 31676185db85Sdougm sa_group_t group, sharegroup; 3168dc20a302Sas200622 sa_share_t share = NULL; 3169da6c28aaSamw sa_resource_t resource = NULL; 31706185db85Sdougm char *sharepath = NULL; 31716185db85Sdougm char *description = NULL; 3172da6c28aaSamw char *rsrcname = NULL; 3173da6c28aaSamw char *rsrc = NULL; 3174da6c28aaSamw char *newname = NULL; 3175da6c28aaSamw char *newrsrc; 3176da6c28aaSamw char *groupname = NULL; 31776185db85Sdougm int auth; 31786185db85Sdougm int verbose = 0; 31796185db85Sdougm 31806185db85Sdougm while ((c = getopt(argc, argv, "?hnd:r:s:")) != EOF) { 31816185db85Sdougm switch (c) { 31826185db85Sdougm case 'n': 31836185db85Sdougm dryrun++; 31846185db85Sdougm break; 31856185db85Sdougm case 'd': 31866185db85Sdougm description = optarg; 31876185db85Sdougm break; 31886185db85Sdougm case 'v': 31896185db85Sdougm verbose++; 31906185db85Sdougm break; 3191da6c28aaSamw case 'r': 3192da6c28aaSamw /* 3193da6c28aaSamw * Update share by resource name 3194da6c28aaSamw */ 3195da6c28aaSamw if (rsrcname != NULL) { 3196da6c28aaSamw (void) printf(gettext( 3197da6c28aaSamw "Updating multiple resource names not " 3198da6c28aaSamw "supported\n")); 3199da6c28aaSamw return (SA_SYNTAX_ERR); 3200da6c28aaSamw } 3201da6c28aaSamw rsrcname = optarg; 3202da6c28aaSamw break; 32036185db85Sdougm case 's': 32046185db85Sdougm /* 320525a68471Sdougm * Save share path into group. Currently limit 32066185db85Sdougm * to one share per command. 32076185db85Sdougm */ 32086185db85Sdougm if (sharepath != NULL) { 320925a68471Sdougm (void) printf(gettext( 321025a68471Sdougm "Updating multiple shares not " 32116185db85Sdougm "supported\n")); 3212da6c28aaSamw return (SA_SYNTAX_ERR); 32136185db85Sdougm } 32146185db85Sdougm sharepath = optarg; 32156185db85Sdougm break; 3216*e7bab347Sdougm case 'h': 3217*e7bab347Sdougm /* optopt on valid arg isn't defined */ 3218*e7bab347Sdougm optopt = c; 3219*e7bab347Sdougm /*FALLTHROUGH*/ 3220*e7bab347Sdougm case '?': 32216185db85Sdougm default: 3222*e7bab347Sdougm /* 3223*e7bab347Sdougm * Since a bad option gets to here, sort it 3224*e7bab347Sdougm * out and return a syntax error return value 3225*e7bab347Sdougm * if necessary. 3226*e7bab347Sdougm */ 3227*e7bab347Sdougm switch (optopt) { 3228*e7bab347Sdougm default: 3229*e7bab347Sdougm ret = SA_SYNTAX_ERR; 3230*e7bab347Sdougm break; 32316185db85Sdougm case 'h': 32326185db85Sdougm case '?': 3233*e7bab347Sdougm break; 3234*e7bab347Sdougm } 32356185db85Sdougm (void) printf(gettext("usage: %s\n"), 32366185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 3237*e7bab347Sdougm return (ret); 32386185db85Sdougm } 32396185db85Sdougm } 324025a68471Sdougm 3241da6c28aaSamw if (optind >= argc && sharepath == NULL && rsrcname == NULL) { 32426185db85Sdougm if (sharepath == NULL) { 32436185db85Sdougm (void) printf(gettext("usage: %s\n"), 32446185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 32456185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 32466185db85Sdougm ret = SA_BAD_PATH; 32476185db85Sdougm } else { 32486185db85Sdougm ret = SA_OK; 32496185db85Sdougm } 32506185db85Sdougm } 32516185db85Sdougm if ((optind + 1) < argc) { 32526185db85Sdougm (void) printf(gettext("usage: %s\n"), 32536185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 32546185db85Sdougm (void) printf(gettext("\tExtraneous group(s) at end\n")); 32556185db85Sdougm ret = SA_SYNTAX_ERR; 32566185db85Sdougm } 325725a68471Sdougm 3258da6c28aaSamw /* 3259da6c28aaSamw * Must have at least one of sharepath and rsrcrname. 3260da6c28aaSamw * It is a syntax error to be missing both. 3261da6c28aaSamw */ 3262da6c28aaSamw if (sharepath == NULL && rsrcname == NULL) { 3263da6c28aaSamw (void) printf(gettext("usage: %s\n"), 3264da6c28aaSamw sa_get_usage(USAGE_SET_SHARE)); 3265da6c28aaSamw ret = SA_SYNTAX_ERR; 3266da6c28aaSamw } 3267da6c28aaSamw 326825a68471Sdougm if (ret != SA_OK) 326925a68471Sdougm return (ret); 327025a68471Sdougm 32716185db85Sdougm if (optind < argc) { 32726185db85Sdougm groupname = argv[optind]; 3273549ec3ffSdougm group = sa_get_group(handle, groupname); 32746185db85Sdougm } else { 32756185db85Sdougm group = NULL; 32766185db85Sdougm groupname = NULL; 32776185db85Sdougm } 3278da6c28aaSamw if (rsrcname != NULL) { 3279da6c28aaSamw /* 3280da6c28aaSamw * If rsrcname exists, split rename syntax and then 3281da6c28aaSamw * convert to utf 8 if no errors. 3282da6c28aaSamw */ 3283da6c28aaSamw newname = strchr(rsrcname, '='); 3284da6c28aaSamw if (newname != NULL) { 3285da6c28aaSamw *newname++ = '\0'; 328625a68471Sdougm } 3287da6c28aaSamw if (!validresource(rsrcname)) { 3288da6c28aaSamw ret = SA_INVALID_NAME; 3289da6c28aaSamw (void) printf(gettext("Invalid resource name: " 3290da6c28aaSamw "\"%s\"\n"), rsrcname); 3291da6c28aaSamw } else { 3292da6c28aaSamw rsrc = conv_to_utf8(rsrcname); 3293da6c28aaSamw } 3294da6c28aaSamw if (newname != NULL) { 3295da6c28aaSamw if (!validresource(newname)) { 3296da6c28aaSamw ret = SA_INVALID_NAME; 3297da6c28aaSamw (void) printf(gettext("Invalid resource name: " 3298da6c28aaSamw "%s\n"), newname); 3299da6c28aaSamw } else { 3300da6c28aaSamw newrsrc = conv_to_utf8(newname); 3301da6c28aaSamw } 3302da6c28aaSamw } 3303da6c28aaSamw } 3304da6c28aaSamw 3305da6c28aaSamw if (ret != SA_OK) { 3306da6c28aaSamw if (rsrcname != NULL && rsrcname != rsrc) 3307da6c28aaSamw sa_free_attr_string(rsrc); 3308da6c28aaSamw if (newname != NULL && newname != newrsrc) 3309da6c28aaSamw sa_free_attr_string(newrsrc); 3310da6c28aaSamw return (ret); 3311da6c28aaSamw } 3312da6c28aaSamw 3313da6c28aaSamw if (sharepath != NULL) { 3314da6c28aaSamw share = sa_find_share(handle, sharepath); 3315da6c28aaSamw } else if (rsrcname != NULL) { 3316da6c28aaSamw resource = sa_find_resource(handle, rsrc); 3317dc20a302Sas200622 if (resource != NULL) 3318da6c28aaSamw share = sa_get_resource_parent(resource); 3319dc20a302Sas200622 else 3320dc20a302Sas200622 ret = SA_NO_SUCH_RESOURCE; 3321da6c28aaSamw } 3322da6c28aaSamw if (share != NULL) { 33236185db85Sdougm sharegroup = sa_get_parent_group(share); 33246185db85Sdougm if (group != NULL && group != sharegroup) { 33256185db85Sdougm (void) printf(gettext("Group \"%s\" does not contain " 3326da6c28aaSamw "share %s\n"), 3327da6c28aaSamw argv[optind], sharepath); 33286185db85Sdougm ret = SA_BAD_PATH; 33296185db85Sdougm } else { 33306185db85Sdougm int delgroupname = 0; 33316185db85Sdougm if (groupname == NULL) { 3332da6c28aaSamw groupname = sa_get_group_attr(sharegroup, 3333da6c28aaSamw "name"); 33346185db85Sdougm delgroupname = 1; 33356185db85Sdougm } 33366185db85Sdougm if (groupname != NULL) { 33376185db85Sdougm auth = check_authorizations(groupname, flags); 33386185db85Sdougm if (delgroupname) { 33396185db85Sdougm sa_free_attr_string(groupname); 33406185db85Sdougm groupname = NULL; 33416185db85Sdougm } 33426185db85Sdougm } else { 33436185db85Sdougm ret = SA_NO_MEMORY; 33446185db85Sdougm } 3345da6c28aaSamw if (rsrcname != NULL) { 3346da6c28aaSamw resource = sa_find_resource(handle, rsrc); 33476185db85Sdougm if (!dryrun) { 3348da6c28aaSamw if (newname != NULL && 3349da6c28aaSamw resource != NULL) 3350da6c28aaSamw ret = sa_rename_resource( 3351da6c28aaSamw resource, newrsrc); 3352da6c28aaSamw else if (newname != NULL) 3353da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 3354da6c28aaSamw if (newname != NULL && 3355da6c28aaSamw newname != newrsrc) 3356da6c28aaSamw sa_free_attr_string(newrsrc); 33576185db85Sdougm } 3358da6c28aaSamw if (rsrc != rsrcname) 3359da6c28aaSamw sa_free_attr_string(rsrc); 33606185db85Sdougm } 336125a68471Sdougm 3362da6c28aaSamw /* 3363da6c28aaSamw * If the user has set a description, it will be 3364da6c28aaSamw * on the resource if -r was used otherwise it 3365da6c28aaSamw * must be on the share. 3366da6c28aaSamw */ 3367cbfb650aScp160787 if (!dryrun && ret == SA_OK && description != NULL) { 3368cbfb650aScp160787 char *desc; 3369cbfb650aScp160787 desc = conv_to_utf8(description); 3370da6c28aaSamw if (resource != NULL) 3371cbfb650aScp160787 ret = sa_set_resource_description( 3372cbfb650aScp160787 resource, desc); 3373da6c28aaSamw else 3374cbfb650aScp160787 ret = sa_set_share_description(share, 3375cbfb650aScp160787 desc); 3376cbfb650aScp160787 if (desc != description) 3377cbfb650aScp160787 sa_free_share_description(desc); 3378da6c28aaSamw } 3379da6c28aaSamw } 3380da6c28aaSamw if (!dryrun && ret == SA_OK) { 3381da6c28aaSamw if (resource != NULL) 3382da6c28aaSamw (void) sa_enable_resource(resource, NULL); 3383da6c28aaSamw ret = sa_update_config(handle); 3384da6c28aaSamw } 33856185db85Sdougm switch (ret) { 33866185db85Sdougm case SA_DUPLICATE_NAME: 3387da6c28aaSamw (void) printf(gettext("Resource name in use: %s\n"), 3388da6c28aaSamw rsrcname); 33896185db85Sdougm break; 33906185db85Sdougm default: 3391da6c28aaSamw (void) printf(gettext("Could not set: %s\n"), 33926185db85Sdougm sa_errorstr(ret)); 33936185db85Sdougm break; 33946185db85Sdougm case SA_OK: 3395da6c28aaSamw if (dryrun && !auth && verbose) { 3396da6c28aaSamw (void) printf(gettext( 3397da6c28aaSamw "Command would fail: %s\n"), 33986185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 3399da6c28aaSamw } 34006185db85Sdougm break; 34016185db85Sdougm } 3402da6c28aaSamw } else { 3403dc20a302Sas200622 switch (ret) { 3404dc20a302Sas200622 case SA_NO_SUCH_RESOURCE: 3405dc20a302Sas200622 (void) printf(gettext("Resource \"%s\" not found\n"), 3406dc20a302Sas200622 rsrcname); 3407dc20a302Sas200622 break; 3408dc20a302Sas200622 default: 3409dc20a302Sas200622 if (sharepath != NULL) { 3410dc20a302Sas200622 (void) printf( 3411dc20a302Sas200622 gettext("Share path \"%s\" not found\n"), 3412da6c28aaSamw sharepath); 3413da6c28aaSamw ret = SA_NO_SUCH_PATH; 3414dc20a302Sas200622 } else { 3415dc20a302Sas200622 (void) printf(gettext("Set failed: %s\n"), 3416dc20a302Sas200622 sa_errorstr(ret)); 3417dc20a302Sas200622 } 3418dc20a302Sas200622 } 3419da6c28aaSamw } 342025a68471Sdougm 34216185db85Sdougm return (ret); 34226185db85Sdougm } 34236185db85Sdougm 34246185db85Sdougm /* 34256185db85Sdougm * add_security(group, sectype, optlist, proto, *err) 34266185db85Sdougm * 34276185db85Sdougm * Helper function to add a security option (named optionset) to the 34286185db85Sdougm * group. 34296185db85Sdougm */ 34306185db85Sdougm 34316185db85Sdougm static int 34326185db85Sdougm add_security(sa_group_t group, char *sectype, 34336185db85Sdougm struct options *optlist, char *proto, int *err) 34346185db85Sdougm { 34356185db85Sdougm sa_security_t security; 34366185db85Sdougm int ret = SA_OK; 34376185db85Sdougm int result = 0; 34386185db85Sdougm 34396185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 34406185db85Sdougm security = sa_get_security(group, sectype, proto); 344125a68471Sdougm if (security == NULL) 34426185db85Sdougm security = sa_create_security(group, sectype, proto); 344325a68471Sdougm 34446185db85Sdougm if (sectype != NULL) 34456185db85Sdougm sa_free_attr_string(sectype); 344625a68471Sdougm 344725a68471Sdougm if (security == NULL) 344825a68471Sdougm return (ret); 344925a68471Sdougm 34506185db85Sdougm while (optlist != NULL) { 34516185db85Sdougm sa_property_t prop; 34526185db85Sdougm prop = sa_get_property(security, optlist->optname); 34536185db85Sdougm if (prop == NULL) { 34546185db85Sdougm /* 345525a68471Sdougm * Add the property, but only if it is 34566185db85Sdougm * a non-NULL or non-zero length value 34576185db85Sdougm */ 34586185db85Sdougm if (optlist->optvalue != NULL) { 34596185db85Sdougm prop = sa_create_property(optlist->optname, 34606185db85Sdougm optlist->optvalue); 34616185db85Sdougm if (prop != NULL) { 3462da6c28aaSamw ret = sa_valid_property(security, 3463da6c28aaSamw proto, prop); 34646185db85Sdougm if (ret != SA_OK) { 34656185db85Sdougm (void) sa_remove_property(prop); 346625a68471Sdougm (void) printf(gettext( 346725a68471Sdougm "Could not add " 34686185db85Sdougm "property %s: %s\n"), 34696185db85Sdougm optlist->optname, 34706185db85Sdougm sa_errorstr(ret)); 34716185db85Sdougm } 34726185db85Sdougm if (ret == SA_OK) { 347325a68471Sdougm ret = sa_add_property(security, 347425a68471Sdougm prop); 34756185db85Sdougm if (ret != SA_OK) { 347625a68471Sdougm (void) printf(gettext( 347725a68471Sdougm "Could not add " 347825a68471Sdougm "property (%s=%s):" 347925a68471Sdougm " %s\n"), 34806185db85Sdougm optlist->optname, 34816185db85Sdougm optlist->optvalue, 34826185db85Sdougm sa_errorstr(ret)); 34836185db85Sdougm } else { 34846185db85Sdougm result = 1; 34856185db85Sdougm } 34866185db85Sdougm } 34876185db85Sdougm } 34886185db85Sdougm } 34896185db85Sdougm } else { 34906185db85Sdougm ret = sa_update_property(prop, optlist->optvalue); 34916185db85Sdougm result = 1; /* should check if really changed */ 34926185db85Sdougm } 34936185db85Sdougm optlist = optlist->next; 34946185db85Sdougm } 34956185db85Sdougm /* 349625a68471Sdougm * When done, properties may have all been removed but 34976185db85Sdougm * we need to keep the security type itself until 34986185db85Sdougm * explicitly removed. 34996185db85Sdougm */ 35006185db85Sdougm if (result) 35016185db85Sdougm ret = sa_commit_properties(security, 0); 35026185db85Sdougm *err = ret; 35036185db85Sdougm return (result); 35046185db85Sdougm } 35056185db85Sdougm 35066185db85Sdougm /* 3507f8825440Sdougm * zfscheck(group, share) 3508f8825440Sdougm * 3509f8825440Sdougm * For the special case where a share was provided, make sure it is a 3510f8825440Sdougm * compatible path for a ZFS property change. The only path 3511f8825440Sdougm * acceptable is the path that defines the zfs sub-group (dataset with 3512f8825440Sdougm * the sharenfs property set) and not one of the paths that inherited 3513f8825440Sdougm * the NFS properties. Returns SA_OK if it is usable and 3514f8825440Sdougm * SA_NOT_ALLOWED if it isn't. 3515f8825440Sdougm * 3516f8825440Sdougm * If group is not a ZFS group/subgroup, we assume OK since the check 3517f8825440Sdougm * on return will catch errors for those cases. What we are looking 3518f8825440Sdougm * for here is that the group is ZFS and the share is not the defining 3519f8825440Sdougm * share. All else is SA_OK. 3520f8825440Sdougm */ 3521f8825440Sdougm 3522f8825440Sdougm static int 3523f8825440Sdougm zfscheck(sa_group_t group, sa_share_t share) 3524f8825440Sdougm { 3525f8825440Sdougm int ret = SA_OK; 3526f8825440Sdougm char *attr; 3527f8825440Sdougm 3528f8825440Sdougm if (sa_group_is_zfs(group)) { 3529f8825440Sdougm /* 3530f8825440Sdougm * The group is a ZFS group. Does the share represent 3531f8825440Sdougm * the dataset that defined the group? It is only OK 3532f8825440Sdougm * if the attribute "subgroup" exists on the share and 3533f8825440Sdougm * has a value of "true". 3534f8825440Sdougm */ 3535f8825440Sdougm 3536f8825440Sdougm ret = SA_NOT_ALLOWED; 3537f8825440Sdougm attr = sa_get_share_attr(share, "subgroup"); 3538f8825440Sdougm if (attr != NULL) { 3539f8825440Sdougm if (strcmp(attr, "true") == 0) 3540f8825440Sdougm ret = SA_OK; 3541f8825440Sdougm sa_free_attr_string(attr); 3542f8825440Sdougm } 3543f8825440Sdougm } 3544f8825440Sdougm return (ret); 3545f8825440Sdougm } 3546f8825440Sdougm 3547f8825440Sdougm /* 3548da6c28aaSamw * basic_set(groupname, optlist, protocol, sharepath, rsrcname, dryrun) 35496185db85Sdougm * 35506185db85Sdougm * This function implements "set" when a name space (-S) is not 35516185db85Sdougm * specified. It is a basic set. Options and other CLI parsing has 35526185db85Sdougm * already been done. 3553da6c28aaSamw * 3554da6c28aaSamw * "rsrcname" is a "resource name". If it is non-NULL, it must match 3555da6c28aaSamw * the sharepath if present or group if present, otherwise it is used 3556da6c28aaSamw * to set options. 3557da6c28aaSamw * 3558da6c28aaSamw * Resource names may take options if the protocol supports it. If the 3559da6c28aaSamw * protocol doesn't support resource level options, rsrcname is just 3560da6c28aaSamw * an alias for the share. 35616185db85Sdougm */ 35626185db85Sdougm 35636185db85Sdougm static int 3564549ec3ffSdougm basic_set(sa_handle_t handle, char *groupname, struct options *optlist, 3565da6c28aaSamw char *protocol, char *sharepath, char *rsrcname, int dryrun) 35666185db85Sdougm { 35676185db85Sdougm sa_group_t group; 35686185db85Sdougm int ret = SA_OK; 35696185db85Sdougm int change = 0; 35706185db85Sdougm struct list *worklist = NULL; 35716185db85Sdougm 3572549ec3ffSdougm group = sa_get_group(handle, groupname); 35736185db85Sdougm if (group != NULL) { 35746185db85Sdougm sa_share_t share = NULL; 3575da6c28aaSamw sa_resource_t resource = NULL; 3576da6c28aaSamw 3577da6c28aaSamw /* 3578da6c28aaSamw * If there is a sharepath, make sure it belongs to 3579da6c28aaSamw * the group. 3580da6c28aaSamw */ 35816185db85Sdougm if (sharepath != NULL) { 35826185db85Sdougm share = sa_get_share(group, sharepath); 35836185db85Sdougm if (share == NULL) { 358425a68471Sdougm (void) printf(gettext( 358525a68471Sdougm "Share does not exist in group %s\n"), 35866185db85Sdougm groupname, sharepath); 35876185db85Sdougm ret = SA_NO_SUCH_PATH; 3588f8825440Sdougm } else { 3589f8825440Sdougm /* if ZFS and OK, then only group */ 3590f8825440Sdougm ret = zfscheck(group, share); 3591f8825440Sdougm if (ret == SA_OK && 3592f8825440Sdougm sa_group_is_zfs(group)) 3593f8825440Sdougm share = NULL; 3594f8825440Sdougm if (ret == SA_NOT_ALLOWED) 3595f8825440Sdougm (void) printf(gettext( 3596f8825440Sdougm "Properties on ZFS group shares " 3597f8825440Sdougm "not supported: %s\n"), sharepath); 35986185db85Sdougm } 35996185db85Sdougm } 3600da6c28aaSamw 3601da6c28aaSamw /* 3602da6c28aaSamw * If a resource name exists, make sure it belongs to 3603da6c28aaSamw * the share if present else it belongs to the 3604da6c28aaSamw * group. Also check the protocol to see if it 3605da6c28aaSamw * supports resource level properties or not. If not, 3606da6c28aaSamw * use share only. 3607da6c28aaSamw */ 3608da6c28aaSamw if (rsrcname != NULL) { 3609da6c28aaSamw if (share != NULL) { 3610da6c28aaSamw resource = sa_get_share_resource(share, 3611da6c28aaSamw rsrcname); 3612da6c28aaSamw if (resource == NULL) 3613da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 3614da6c28aaSamw } else { 3615da6c28aaSamw resource = sa_get_resource(group, rsrcname); 3616da6c28aaSamw if (resource != NULL) 3617da6c28aaSamw share = sa_get_resource_parent( 3618da6c28aaSamw resource); 3619da6c28aaSamw else 3620da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 3621da6c28aaSamw } 3622da6c28aaSamw if (ret == SA_OK && resource != NULL) { 3623da6c28aaSamw uint64_t features; 3624da6c28aaSamw /* 3625da6c28aaSamw * Check to see if the resource can take 3626da6c28aaSamw * properties. If so, stick the resource into 3627da6c28aaSamw * "share" so it will all just work. 3628da6c28aaSamw */ 3629da6c28aaSamw features = sa_proto_get_featureset(protocol); 3630da6c28aaSamw if (features & SA_FEATURE_RESOURCE) 3631da6c28aaSamw share = (sa_share_t)resource; 3632da6c28aaSamw } 3633da6c28aaSamw } 3634da6c28aaSamw 36356185db85Sdougm if (ret == SA_OK) { 36366185db85Sdougm /* group must exist */ 36376185db85Sdougm ret = valid_options(optlist, protocol, 36386185db85Sdougm share == NULL ? group : share, NULL); 36396185db85Sdougm if (ret == SA_OK && !dryrun) { 36406185db85Sdougm if (share != NULL) 364125a68471Sdougm change |= add_optionset(share, optlist, 364225a68471Sdougm protocol, &ret); 36436185db85Sdougm else 364425a68471Sdougm change |= add_optionset(group, optlist, 364525a68471Sdougm protocol, &ret); 364625a68471Sdougm if (ret == SA_OK && change) 364725a68471Sdougm worklist = add_list(worklist, group, 3648da6c28aaSamw share, protocol); 36496185db85Sdougm } 36506185db85Sdougm } 36516185db85Sdougm free_opt(optlist); 36526185db85Sdougm } else { 36536185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 36546185db85Sdougm ret = SA_NO_SUCH_GROUP; 36556185db85Sdougm } 36566185db85Sdougm /* 36576185db85Sdougm * we have a group and potentially legal additions 36586185db85Sdougm */ 36596185db85Sdougm 366025a68471Sdougm /* 366125a68471Sdougm * Commit to configuration if not a dryrunp and properties 366225a68471Sdougm * have changed. 366325a68471Sdougm */ 366425a68471Sdougm if (!dryrun && ret == SA_OK && change && worklist != NULL) 36656185db85Sdougm /* properties changed, so update all shares */ 3666da6c28aaSamw (void) enable_all_groups(handle, worklist, 0, 0, protocol, 3667da6c28aaSamw B_TRUE); 366825a68471Sdougm 36696185db85Sdougm if (worklist != NULL) 36706185db85Sdougm free_list(worklist); 36716185db85Sdougm return (ret); 36726185db85Sdougm } 36736185db85Sdougm 36746185db85Sdougm /* 36756185db85Sdougm * space_set(groupname, optlist, protocol, sharepath, dryrun) 36766185db85Sdougm * 36776185db85Sdougm * This function implements "set" when a name space (-S) is 36786185db85Sdougm * specified. It is a namespace set. Options and other CLI parsing has 36796185db85Sdougm * already been done. 36806185db85Sdougm */ 36816185db85Sdougm 36826185db85Sdougm static int 3683549ec3ffSdougm space_set(sa_handle_t handle, char *groupname, struct options *optlist, 3684549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 36856185db85Sdougm { 36866185db85Sdougm sa_group_t group; 36876185db85Sdougm int ret = SA_OK; 36886185db85Sdougm int change = 0; 36896185db85Sdougm struct list *worklist = NULL; 36906185db85Sdougm 36916185db85Sdougm /* 36926185db85Sdougm * make sure protcol and sectype are valid 36936185db85Sdougm */ 36946185db85Sdougm 36956185db85Sdougm if (sa_proto_valid_space(protocol, sectype) == 0) { 36966185db85Sdougm (void) printf(gettext("Option space \"%s\" not valid " 369725a68471Sdougm "for protocol.\n"), sectype); 36986185db85Sdougm return (SA_INVALID_SECURITY); 36996185db85Sdougm } 37006185db85Sdougm 3701549ec3ffSdougm group = sa_get_group(handle, groupname); 37026185db85Sdougm if (group != NULL) { 37036185db85Sdougm sa_share_t share = NULL; 37046185db85Sdougm if (sharepath != NULL) { 37056185db85Sdougm share = sa_get_share(group, sharepath); 37066185db85Sdougm if (share == NULL) { 370725a68471Sdougm (void) printf(gettext( 370825a68471Sdougm "Share does not exist in group %s\n"), 37096185db85Sdougm groupname, sharepath); 37106185db85Sdougm ret = SA_NO_SUCH_PATH; 3711f8825440Sdougm } else { 3712f8825440Sdougm /* if ZFS and OK, then only group */ 3713f8825440Sdougm ret = zfscheck(group, share); 3714f8825440Sdougm if (ret == SA_OK && 3715f8825440Sdougm sa_group_is_zfs(group)) 3716f8825440Sdougm share = NULL; 3717f8825440Sdougm if (ret == SA_NOT_ALLOWED) 3718f8825440Sdougm (void) printf(gettext( 3719f8825440Sdougm "Properties on ZFS group shares " 3720f8825440Sdougm "not supported: %s\n"), sharepath); 37216185db85Sdougm } 37226185db85Sdougm } 37236185db85Sdougm if (ret == SA_OK) { 37246185db85Sdougm /* group must exist */ 37256185db85Sdougm ret = valid_options(optlist, protocol, 37266185db85Sdougm share == NULL ? group : share, sectype); 37276185db85Sdougm if (ret == SA_OK && !dryrun) { 37286185db85Sdougm if (share != NULL) 372925a68471Sdougm change = add_security(share, sectype, 373025a68471Sdougm optlist, protocol, &ret); 37316185db85Sdougm else 373225a68471Sdougm change = add_security(group, sectype, 373325a68471Sdougm optlist, protocol, &ret); 37346185db85Sdougm if (ret != SA_OK) 373525a68471Sdougm (void) printf(gettext( 373625a68471Sdougm "Could not set property: %s\n"), 37376185db85Sdougm sa_errorstr(ret)); 37386185db85Sdougm } 37396185db85Sdougm if (ret == SA_OK && change) 3740da6c28aaSamw worklist = add_list(worklist, group, share, 3741da6c28aaSamw protocol); 37426185db85Sdougm } 37436185db85Sdougm free_opt(optlist); 37446185db85Sdougm } else { 37456185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 37466185db85Sdougm ret = SA_NO_SUCH_GROUP; 37476185db85Sdougm } 3748da6c28aaSamw 37496185db85Sdougm /* 3750da6c28aaSamw * We have a group and potentially legal additions. 37516185db85Sdougm */ 37526185db85Sdougm 375325a68471Sdougm /* Commit to configuration if not a dryrun */ 37546185db85Sdougm if (!dryrun && ret == 0) { 37556185db85Sdougm if (change && worklist != NULL) { 37566185db85Sdougm /* properties changed, so update all shares */ 375725a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 3758da6c28aaSamw protocol, B_TRUE); 37596185db85Sdougm } 3760549ec3ffSdougm ret = sa_update_config(handle); 37616185db85Sdougm } 37626185db85Sdougm if (worklist != NULL) 37636185db85Sdougm free_list(worklist); 37646185db85Sdougm return (ret); 37656185db85Sdougm } 37666185db85Sdougm 37676185db85Sdougm /* 37686185db85Sdougm * sa_set(flags, argc, argv) 37696185db85Sdougm * 37706185db85Sdougm * Implements the set subcommand. It keys off of -S to determine which 37716185db85Sdougm * set of operations to actually do. 37726185db85Sdougm */ 37736185db85Sdougm 37746185db85Sdougm int 3775549ec3ffSdougm sa_set(sa_handle_t handle, int flags, int argc, char *argv[]) 37766185db85Sdougm { 37776185db85Sdougm char *groupname; 37786185db85Sdougm int verbose = 0; 37796185db85Sdougm int dryrun = 0; 37806185db85Sdougm int c; 37816185db85Sdougm char *protocol = NULL; 37826185db85Sdougm int ret = SA_OK; 37836185db85Sdougm struct options *optlist = NULL; 3784da6c28aaSamw char *rsrcname = NULL; 37856185db85Sdougm char *sharepath = NULL; 37866185db85Sdougm char *optset = NULL; 37876185db85Sdougm int auth; 37886185db85Sdougm 3789da6c28aaSamw while ((c = getopt(argc, argv, "?hvnP:p:r:s:S:")) != EOF) { 37906185db85Sdougm switch (c) { 37916185db85Sdougm case 'v': 37926185db85Sdougm verbose++; 37936185db85Sdougm break; 37946185db85Sdougm case 'n': 37956185db85Sdougm dryrun++; 37966185db85Sdougm break; 37976185db85Sdougm case 'P': 3798da6c28aaSamw if (protocol != NULL) { 3799da6c28aaSamw (void) printf(gettext( 3800da6c28aaSamw "Specifying multiple protocols " 3801da6c28aaSamw "not supported: %s\n"), protocol); 3802da6c28aaSamw return (SA_SYNTAX_ERR); 3803da6c28aaSamw } 38046185db85Sdougm protocol = optarg; 38056185db85Sdougm if (!sa_valid_protocol(protocol)) { 380625a68471Sdougm (void) printf(gettext( 380725a68471Sdougm "Invalid protocol specified: %s\n"), 38086185db85Sdougm protocol); 38096185db85Sdougm return (SA_INVALID_PROTOCOL); 38106185db85Sdougm } 38116185db85Sdougm break; 38126185db85Sdougm case 'p': 38136185db85Sdougm ret = add_opt(&optlist, optarg, 0); 38146185db85Sdougm switch (ret) { 38156185db85Sdougm case OPT_ADD_SYNTAX: 381625a68471Sdougm (void) printf(gettext("Property syntax error:" 381725a68471Sdougm " %s\n"), optarg); 38186185db85Sdougm return (SA_SYNTAX_ERR); 38196185db85Sdougm case OPT_ADD_MEMORY: 382025a68471Sdougm (void) printf(gettext("No memory to set " 382125a68471Sdougm "property: %s\n"), optarg); 38226185db85Sdougm return (SA_NO_MEMORY); 38236185db85Sdougm default: 38246185db85Sdougm break; 38256185db85Sdougm } 38266185db85Sdougm break; 3827da6c28aaSamw case 'r': 3828da6c28aaSamw if (rsrcname != NULL) { 3829da6c28aaSamw (void) printf(gettext( 3830da6c28aaSamw "Setting multiple resource names not" 3831da6c28aaSamw " supported\n")); 3832da6c28aaSamw return (SA_SYNTAX_ERR); 3833da6c28aaSamw } 3834da6c28aaSamw rsrcname = optarg; 3835da6c28aaSamw break; 38366185db85Sdougm case 's': 3837da6c28aaSamw if (sharepath != NULL) { 3838da6c28aaSamw (void) printf(gettext( 3839da6c28aaSamw "Setting multiple shares not supported\n")); 3840da6c28aaSamw return (SA_SYNTAX_ERR); 3841da6c28aaSamw } 38426185db85Sdougm sharepath = optarg; 38436185db85Sdougm break; 38446185db85Sdougm case 'S': 3845da6c28aaSamw if (optset != NULL) { 3846da6c28aaSamw (void) printf(gettext( 3847da6c28aaSamw "Specifying multiple property " 3848da6c28aaSamw "spaces not supported: %s\n"), optset); 3849da6c28aaSamw return (SA_SYNTAX_ERR); 3850da6c28aaSamw } 38516185db85Sdougm optset = optarg; 38526185db85Sdougm break; 3853*e7bab347Sdougm case 'h': 3854*e7bab347Sdougm /* optopt on valid arg isn't defined */ 3855*e7bab347Sdougm optopt = c; 3856*e7bab347Sdougm /*FALLTHROUGH*/ 3857*e7bab347Sdougm case '?': 38586185db85Sdougm default: 3859*e7bab347Sdougm /* 3860*e7bab347Sdougm * Since a bad option gets to here, sort it 3861*e7bab347Sdougm * out and return a syntax error return value 3862*e7bab347Sdougm * if necessary. 3863*e7bab347Sdougm */ 3864*e7bab347Sdougm switch (optopt) { 3865*e7bab347Sdougm default: 3866*e7bab347Sdougm ret = SA_SYNTAX_ERR; 3867*e7bab347Sdougm break; 38686185db85Sdougm case 'h': 38696185db85Sdougm case '?': 3870*e7bab347Sdougm break; 3871*e7bab347Sdougm } 38726185db85Sdougm (void) printf(gettext("usage: %s\n"), 38736185db85Sdougm sa_get_usage(USAGE_SET)); 3874*e7bab347Sdougm return (ret); 38756185db85Sdougm } 38766185db85Sdougm } 38776185db85Sdougm 38786185db85Sdougm if (optlist != NULL) 38796185db85Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 38806185db85Sdougm 38816185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 388225a68471Sdougm protocol == NULL || ret != OPT_ADD_OK) { 38836185db85Sdougm char *sep = "\t"; 388425a68471Sdougm 38856185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_SET)); 38866185db85Sdougm if (optind >= argc) { 388725a68471Sdougm (void) printf(gettext("%sgroup must be specified"), 388825a68471Sdougm sep); 38896185db85Sdougm sep = ", "; 38906185db85Sdougm } 38916185db85Sdougm if (optlist == NULL) { 38926185db85Sdougm (void) printf(gettext("%sat least one property must be" 38936185db85Sdougm " specified"), sep); 38946185db85Sdougm sep = ", "; 38956185db85Sdougm } 38966185db85Sdougm if (protocol == NULL) { 389725a68471Sdougm (void) printf(gettext("%sprotocol must be specified"), 389825a68471Sdougm sep); 38996185db85Sdougm sep = ", "; 39006185db85Sdougm } 39016185db85Sdougm (void) printf("\n"); 39026185db85Sdougm ret = SA_SYNTAX_ERR; 39036185db85Sdougm } else { 39046185db85Sdougm /* 3905f8825440Sdougm * Group already exists so we can proceed after a few 3906f8825440Sdougm * additional checks related to ZFS handling. 39076185db85Sdougm */ 39086185db85Sdougm 39096185db85Sdougm groupname = argv[optind]; 3910f8825440Sdougm if (strcmp(groupname, "zfs") == 0) { 3911f8825440Sdougm (void) printf(gettext("Changing properties for group " 3912f8825440Sdougm "\"zfs\" not allowed\n")); 3913f8825440Sdougm return (SA_NOT_ALLOWED); 3914f8825440Sdougm } 3915f8825440Sdougm 39166185db85Sdougm auth = check_authorizations(groupname, flags); 39176185db85Sdougm if (optset == NULL) 3918549ec3ffSdougm ret = basic_set(handle, groupname, optlist, protocol, 3919da6c28aaSamw sharepath, rsrcname, dryrun); 39206185db85Sdougm else 3921549ec3ffSdougm ret = space_set(handle, groupname, optlist, protocol, 39226185db85Sdougm sharepath, dryrun, optset); 39236185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 39246185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 39256185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 39266185db85Sdougm } 39276185db85Sdougm } 39286185db85Sdougm return (ret); 39296185db85Sdougm } 39306185db85Sdougm 39316185db85Sdougm /* 39326185db85Sdougm * remove_options(group, optlist, proto, *err) 39336185db85Sdougm * 393425a68471Sdougm * Helper function to actually remove options from a group after all 39356185db85Sdougm * preprocessing is done. 39366185db85Sdougm */ 39376185db85Sdougm 39386185db85Sdougm static int 39396185db85Sdougm remove_options(sa_group_t group, struct options *optlist, 39406185db85Sdougm char *proto, int *err) 39416185db85Sdougm { 39426185db85Sdougm struct options *cur; 39436185db85Sdougm sa_optionset_t optionset; 39446185db85Sdougm sa_property_t prop; 39456185db85Sdougm int change = 0; 39466185db85Sdougm int ret = SA_OK; 39476185db85Sdougm 39486185db85Sdougm optionset = sa_get_optionset(group, proto); 39496185db85Sdougm if (optionset != NULL) { 39506185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 39516185db85Sdougm prop = sa_get_property(optionset, cur->optname); 39526185db85Sdougm if (prop != NULL) { 39536185db85Sdougm ret = sa_remove_property(prop); 39546185db85Sdougm if (ret != SA_OK) 39556185db85Sdougm break; 39566185db85Sdougm change = 1; 39576185db85Sdougm } 39586185db85Sdougm } 39596185db85Sdougm } 39606185db85Sdougm if (ret == SA_OK && change) 39616185db85Sdougm ret = sa_commit_properties(optionset, 0); 39626185db85Sdougm 39636185db85Sdougm if (err != NULL) 39646185db85Sdougm *err = ret; 39656185db85Sdougm return (change); 39666185db85Sdougm } 39676185db85Sdougm 39686185db85Sdougm /* 39696185db85Sdougm * valid_unset(group, optlist, proto) 39706185db85Sdougm * 39716185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 39726185db85Sdougm * error if a property doesn't exist. 39736185db85Sdougm */ 39746185db85Sdougm 39756185db85Sdougm static int 39766185db85Sdougm valid_unset(sa_group_t group, struct options *optlist, char *proto) 39776185db85Sdougm { 39786185db85Sdougm struct options *cur; 39796185db85Sdougm sa_optionset_t optionset; 39806185db85Sdougm sa_property_t prop; 39816185db85Sdougm int ret = SA_OK; 39826185db85Sdougm 39836185db85Sdougm optionset = sa_get_optionset(group, proto); 39846185db85Sdougm if (optionset != NULL) { 39856185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 39866185db85Sdougm prop = sa_get_property(optionset, cur->optname); 39876185db85Sdougm if (prop == NULL) { 398825a68471Sdougm (void) printf(gettext( 398925a68471Sdougm "Could not unset property %s: not set\n"), 39906185db85Sdougm cur->optname); 39916185db85Sdougm ret = SA_NO_SUCH_PROP; 39926185db85Sdougm } 39936185db85Sdougm } 39946185db85Sdougm } 39956185db85Sdougm return (ret); 39966185db85Sdougm } 39976185db85Sdougm 39986185db85Sdougm /* 39996185db85Sdougm * valid_unset_security(group, optlist, proto) 40006185db85Sdougm * 40016185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 40026185db85Sdougm * error if a property doesn't exist. 40036185db85Sdougm */ 40046185db85Sdougm 40056185db85Sdougm static int 40066185db85Sdougm valid_unset_security(sa_group_t group, struct options *optlist, char *proto, 40076185db85Sdougm char *sectype) 40086185db85Sdougm { 40096185db85Sdougm struct options *cur; 40106185db85Sdougm sa_security_t security; 40116185db85Sdougm sa_property_t prop; 40126185db85Sdougm int ret = SA_OK; 40136185db85Sdougm char *sec; 40146185db85Sdougm 40156185db85Sdougm sec = sa_proto_space_alias(proto, sectype); 40166185db85Sdougm security = sa_get_security(group, sec, proto); 40176185db85Sdougm if (security != NULL) { 40186185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 40196185db85Sdougm prop = sa_get_property(security, cur->optname); 40206185db85Sdougm if (prop == NULL) { 402125a68471Sdougm (void) printf(gettext( 402225a68471Sdougm "Could not unset property %s: not set\n"), 40236185db85Sdougm cur->optname); 40246185db85Sdougm ret = SA_NO_SUCH_PROP; 40256185db85Sdougm } 40266185db85Sdougm } 40276185db85Sdougm } else { 402825a68471Sdougm (void) printf(gettext( 402925a68471Sdougm "Could not unset %s: space not defined\n"), sectype); 40306185db85Sdougm ret = SA_NO_SUCH_SECURITY; 40316185db85Sdougm } 40326185db85Sdougm if (sec != NULL) 40336185db85Sdougm sa_free_attr_string(sec); 40346185db85Sdougm return (ret); 40356185db85Sdougm } 40366185db85Sdougm 40376185db85Sdougm /* 40386185db85Sdougm * remove_security(group, optlist, proto) 40396185db85Sdougm * 40406185db85Sdougm * Remove the properties since they were checked as valid. 40416185db85Sdougm */ 40426185db85Sdougm 40436185db85Sdougm static int 40446185db85Sdougm remove_security(sa_group_t group, char *sectype, 40456185db85Sdougm struct options *optlist, char *proto, int *err) 40466185db85Sdougm { 40476185db85Sdougm sa_security_t security; 40486185db85Sdougm int ret = SA_OK; 40496185db85Sdougm int change = 0; 40506185db85Sdougm 40516185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 40526185db85Sdougm security = sa_get_security(group, sectype, proto); 40536185db85Sdougm if (sectype != NULL) 40546185db85Sdougm sa_free_attr_string(sectype); 40556185db85Sdougm 40566185db85Sdougm if (security != NULL) { 40576185db85Sdougm while (optlist != NULL) { 40586185db85Sdougm sa_property_t prop; 40596185db85Sdougm prop = sa_get_property(security, optlist->optname); 40606185db85Sdougm if (prop != NULL) { 40616185db85Sdougm ret = sa_remove_property(prop); 40626185db85Sdougm if (ret != SA_OK) 40636185db85Sdougm break; 40646185db85Sdougm change = 1; 40656185db85Sdougm } 40666185db85Sdougm optlist = optlist->next; 40676185db85Sdougm } 40686185db85Sdougm /* 40696185db85Sdougm * when done, properties may have all been removed but 40706185db85Sdougm * we need to keep the security type itself until 40716185db85Sdougm * explicitly removed. 40726185db85Sdougm */ 40736185db85Sdougm if (ret == SA_OK && change) 40746185db85Sdougm ret = sa_commit_properties(security, 0); 40756185db85Sdougm } else { 40766185db85Sdougm ret = SA_NO_SUCH_PROP; 40776185db85Sdougm } 40786185db85Sdougm if (err != NULL) 40796185db85Sdougm *err = ret; 40806185db85Sdougm return (change); 40816185db85Sdougm } 40826185db85Sdougm 40836185db85Sdougm /* 4084da6c28aaSamw * basic_unset(groupname, optlist, protocol, sharepath, rsrcname, dryrun) 40856185db85Sdougm * 408625a68471Sdougm * Unset non-named optionset properties. 40876185db85Sdougm */ 40886185db85Sdougm 40896185db85Sdougm static int 4090549ec3ffSdougm basic_unset(sa_handle_t handle, char *groupname, struct options *optlist, 4091da6c28aaSamw char *protocol, char *sharepath, char *rsrcname, int dryrun) 40926185db85Sdougm { 40936185db85Sdougm sa_group_t group; 40946185db85Sdougm int ret = SA_OK; 40956185db85Sdougm int change = 0; 40966185db85Sdougm struct list *worklist = NULL; 409725a68471Sdougm sa_share_t share = NULL; 4098da6c28aaSamw sa_resource_t resource = NULL; 40996185db85Sdougm 4100549ec3ffSdougm group = sa_get_group(handle, groupname); 410125a68471Sdougm if (group == NULL) 410225a68471Sdougm return (ret); 410325a68471Sdougm 4104da6c28aaSamw /* 4105da6c28aaSamw * If there is a sharepath, make sure it belongs to 4106da6c28aaSamw * the group. 4107da6c28aaSamw */ 41086185db85Sdougm if (sharepath != NULL) { 41096185db85Sdougm share = sa_get_share(group, sharepath); 41106185db85Sdougm if (share == NULL) { 411125a68471Sdougm (void) printf(gettext( 411225a68471Sdougm "Share does not exist in group %s\n"), 41136185db85Sdougm groupname, sharepath); 41146185db85Sdougm ret = SA_NO_SUCH_PATH; 41156185db85Sdougm } 41166185db85Sdougm } 4117da6c28aaSamw /* 4118da6c28aaSamw * If a resource name exists, make sure it belongs to 4119da6c28aaSamw * the share if present else it belongs to the 4120da6c28aaSamw * group. Also check the protocol to see if it 4121da6c28aaSamw * supports resource level properties or not. If not, 4122da6c28aaSamw * use share only. 4123da6c28aaSamw */ 4124da6c28aaSamw if (rsrcname != NULL) { 4125da6c28aaSamw if (share != NULL) { 4126da6c28aaSamw resource = sa_get_share_resource(share, rsrcname); 4127da6c28aaSamw if (resource == NULL) 4128da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 4129da6c28aaSamw } else { 4130da6c28aaSamw resource = sa_get_resource(group, rsrcname); 4131da6c28aaSamw if (resource != NULL) { 4132da6c28aaSamw share = sa_get_resource_parent(resource); 4133da6c28aaSamw } else { 4134da6c28aaSamw ret = SA_NO_SUCH_RESOURCE; 4135da6c28aaSamw } 4136da6c28aaSamw } 4137da6c28aaSamw if (ret == SA_OK && resource != NULL) { 4138da6c28aaSamw uint64_t features; 4139da6c28aaSamw /* 4140da6c28aaSamw * Check to see if the resource can take 4141da6c28aaSamw * properties. If so, stick the resource into 4142da6c28aaSamw * "share" so it will all just work. 4143da6c28aaSamw */ 4144da6c28aaSamw features = sa_proto_get_featureset(protocol); 4145da6c28aaSamw if (features & SA_FEATURE_RESOURCE) 4146da6c28aaSamw share = (sa_share_t)resource; 4147da6c28aaSamw } 4148da6c28aaSamw } 4149da6c28aaSamw 41506185db85Sdougm if (ret == SA_OK) { 41516185db85Sdougm /* group must exist */ 41526185db85Sdougm ret = valid_unset(share != NULL ? share : group, 41536185db85Sdougm optlist, protocol); 41546185db85Sdougm if (ret == SA_OK && !dryrun) { 41556185db85Sdougm if (share != NULL) { 41566185db85Sdougm sa_optionset_t optionset; 41576185db85Sdougm sa_property_t prop; 415825a68471Sdougm change |= remove_options(share, optlist, 415925a68471Sdougm protocol, &ret); 416025a68471Sdougm /* 416125a68471Sdougm * If a share optionset is 416225a68471Sdougm * empty, remove it. 416325a68471Sdougm */ 41646185db85Sdougm optionset = sa_get_optionset((sa_share_t)share, 41656185db85Sdougm protocol); 41666185db85Sdougm if (optionset != NULL) { 41676185db85Sdougm prop = sa_get_property(optionset, NULL); 41686185db85Sdougm if (prop == NULL) 416925a68471Sdougm (void) sa_destroy_optionset( 417025a68471Sdougm optionset); 41716185db85Sdougm } 41726185db85Sdougm } else { 417325a68471Sdougm change |= remove_options(group, 417425a68471Sdougm optlist, protocol, &ret); 41756185db85Sdougm } 41766185db85Sdougm if (ret == SA_OK && change) 4177da6c28aaSamw worklist = add_list(worklist, group, share, 4178da6c28aaSamw protocol); 41796185db85Sdougm if (ret != SA_OK) 418025a68471Sdougm (void) printf(gettext( 418125a68471Sdougm "Could not remove properties: " 418225a68471Sdougm "%s\n"), sa_errorstr(ret)); 41836185db85Sdougm } 41846185db85Sdougm } else { 4185da6c28aaSamw (void) printf(gettext("Group \"%s\" not found\n"), groupname); 41866185db85Sdougm ret = SA_NO_SUCH_GROUP; 41876185db85Sdougm } 41886185db85Sdougm free_opt(optlist); 41896185db85Sdougm 41906185db85Sdougm /* 419125a68471Sdougm * We have a group and potentially legal additions 419225a68471Sdougm * 419325a68471Sdougm * Commit to configuration if not a dryrun 41946185db85Sdougm */ 41956185db85Sdougm if (!dryrun && ret == SA_OK) { 41966185db85Sdougm if (change && worklist != NULL) { 41976185db85Sdougm /* properties changed, so update all shares */ 419825a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 4199da6c28aaSamw protocol, B_TRUE); 42006185db85Sdougm } 42016185db85Sdougm } 42026185db85Sdougm if (worklist != NULL) 42036185db85Sdougm free_list(worklist); 42046185db85Sdougm return (ret); 42056185db85Sdougm } 42066185db85Sdougm 42076185db85Sdougm /* 42086185db85Sdougm * space_unset(groupname, optlist, protocol, sharepath, dryrun) 42096185db85Sdougm * 421025a68471Sdougm * Unset named optionset properties. 42116185db85Sdougm */ 42126185db85Sdougm static int 4213549ec3ffSdougm space_unset(sa_handle_t handle, char *groupname, struct options *optlist, 4214549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 42156185db85Sdougm { 42166185db85Sdougm sa_group_t group; 42176185db85Sdougm int ret = SA_OK; 42186185db85Sdougm int change = 0; 42196185db85Sdougm struct list *worklist = NULL; 422025a68471Sdougm sa_share_t share = NULL; 42216185db85Sdougm 4222549ec3ffSdougm group = sa_get_group(handle, groupname); 422325a68471Sdougm if (group == NULL) { 422425a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 422525a68471Sdougm return (SA_NO_SUCH_GROUP); 422625a68471Sdougm } 42276185db85Sdougm if (sharepath != NULL) { 42286185db85Sdougm share = sa_get_share(group, sharepath); 42296185db85Sdougm if (share == NULL) { 423025a68471Sdougm (void) printf(gettext( 423125a68471Sdougm "Share does not exist in group %s\n"), 42326185db85Sdougm groupname, sharepath); 423325a68471Sdougm return (SA_NO_SUCH_PATH); 42346185db85Sdougm } 42356185db85Sdougm } 4236da6c28aaSamw ret = valid_unset_security(share != NULL ? share : group, 4237da6c28aaSamw optlist, protocol, sectype); 423825a68471Sdougm 42396185db85Sdougm if (ret == SA_OK && !dryrun) { 42406185db85Sdougm if (optlist != NULL) { 42416185db85Sdougm if (share != NULL) { 42426185db85Sdougm sa_security_t optionset; 42436185db85Sdougm sa_property_t prop; 424425a68471Sdougm change = remove_security(share, 424525a68471Sdougm sectype, optlist, protocol, &ret); 424625a68471Sdougm 424725a68471Sdougm /* If a share security is empty, remove it */ 42486185db85Sdougm optionset = sa_get_security((sa_group_t)share, 424925a68471Sdougm sectype, protocol); 42506185db85Sdougm if (optionset != NULL) { 425125a68471Sdougm prop = sa_get_property(optionset, 425225a68471Sdougm NULL); 42536185db85Sdougm if (prop == NULL) 425425a68471Sdougm ret = sa_destroy_security( 425525a68471Sdougm optionset); 42566185db85Sdougm } 42576185db85Sdougm } else { 42586185db85Sdougm change = remove_security(group, sectype, 425925a68471Sdougm optlist, protocol, &ret); 42606185db85Sdougm } 42616185db85Sdougm } else { 42626185db85Sdougm sa_security_t security; 42636185db85Sdougm char *sec; 42646185db85Sdougm sec = sa_proto_space_alias(protocol, sectype); 42656185db85Sdougm security = sa_get_security(group, sec, protocol); 42666185db85Sdougm if (sec != NULL) 42676185db85Sdougm sa_free_attr_string(sec); 42686185db85Sdougm if (security != NULL) { 42696185db85Sdougm ret = sa_destroy_security(security); 42706185db85Sdougm if (ret == SA_OK) 42716185db85Sdougm change = 1; 42726185db85Sdougm } else { 42736185db85Sdougm ret = SA_NO_SUCH_PROP; 42746185db85Sdougm } 42756185db85Sdougm } 42766185db85Sdougm if (ret != SA_OK) 42776185db85Sdougm (void) printf(gettext("Could not unset property: %s\n"), 42786185db85Sdougm sa_errorstr(ret)); 42796185db85Sdougm } 42806185db85Sdougm 42816185db85Sdougm if (ret == SA_OK && change) 4282da6c28aaSamw worklist = add_list(worklist, group, 0, protocol); 428325a68471Sdougm 42846185db85Sdougm free_opt(optlist); 42856185db85Sdougm /* 428625a68471Sdougm * We have a group and potentially legal additions 42876185db85Sdougm */ 42886185db85Sdougm 428925a68471Sdougm /* Commit to configuration if not a dryrun */ 42906185db85Sdougm if (!dryrun && ret == 0) { 42916185db85Sdougm /* properties changed, so update all shares */ 429225a68471Sdougm if (change && worklist != NULL) 429325a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 4294da6c28aaSamw protocol, B_TRUE); 4295549ec3ffSdougm ret = sa_update_config(handle); 42966185db85Sdougm } 42976185db85Sdougm if (worklist != NULL) 42986185db85Sdougm free_list(worklist); 42996185db85Sdougm return (ret); 43006185db85Sdougm } 43016185db85Sdougm 43026185db85Sdougm /* 43036185db85Sdougm * sa_unset(flags, argc, argv) 43046185db85Sdougm * 430525a68471Sdougm * Implements the unset subcommand. Parsing done here and then basic 43066185db85Sdougm * or space versions of the real code are called. 43076185db85Sdougm */ 43086185db85Sdougm 43096185db85Sdougm int 4310549ec3ffSdougm sa_unset(sa_handle_t handle, int flags, int argc, char *argv[]) 43116185db85Sdougm { 43126185db85Sdougm char *groupname; 43136185db85Sdougm int verbose = 0; 43146185db85Sdougm int dryrun = 0; 43156185db85Sdougm int c; 43166185db85Sdougm char *protocol = NULL; 43176185db85Sdougm int ret = SA_OK; 43186185db85Sdougm struct options *optlist = NULL; 4319da6c28aaSamw char *rsrcname = NULL; 43206185db85Sdougm char *sharepath = NULL; 43216185db85Sdougm char *optset = NULL; 43226185db85Sdougm int auth; 43236185db85Sdougm 4324da6c28aaSamw while ((c = getopt(argc, argv, "?hvnP:p:r:s:S:")) != EOF) { 43256185db85Sdougm switch (c) { 43266185db85Sdougm case 'v': 43276185db85Sdougm verbose++; 43286185db85Sdougm break; 43296185db85Sdougm case 'n': 43306185db85Sdougm dryrun++; 43316185db85Sdougm break; 43326185db85Sdougm case 'P': 4333da6c28aaSamw if (protocol != NULL) { 4334da6c28aaSamw (void) printf(gettext( 4335da6c28aaSamw "Specifying multiple protocols " 4336da6c28aaSamw "not supported: %s\n"), protocol); 4337da6c28aaSamw return (SA_SYNTAX_ERR); 4338da6c28aaSamw } 43396185db85Sdougm protocol = optarg; 43406185db85Sdougm if (!sa_valid_protocol(protocol)) { 434125a68471Sdougm (void) printf(gettext( 434225a68471Sdougm "Invalid protocol specified: %s\n"), 43436185db85Sdougm protocol); 43446185db85Sdougm return (SA_INVALID_PROTOCOL); 43456185db85Sdougm } 43466185db85Sdougm break; 43476185db85Sdougm case 'p': 43486185db85Sdougm ret = add_opt(&optlist, optarg, 1); 43496185db85Sdougm switch (ret) { 43506185db85Sdougm case OPT_ADD_SYNTAX: 435125a68471Sdougm (void) printf(gettext("Property syntax error " 435225a68471Sdougm "for property %s\n"), optarg); 43536185db85Sdougm return (SA_SYNTAX_ERR); 435425a68471Sdougm 43556185db85Sdougm case OPT_ADD_PROPERTY: 435625a68471Sdougm (void) printf(gettext("Properties need to be " 435725a68471Sdougm "set with set command: %s\n"), optarg); 43586185db85Sdougm return (SA_SYNTAX_ERR); 435925a68471Sdougm 43606185db85Sdougm default: 43616185db85Sdougm break; 43626185db85Sdougm } 43636185db85Sdougm break; 4364da6c28aaSamw case 'r': 4365da6c28aaSamw /* 4366da6c28aaSamw * Unset properties on resource if applicable or on 4367da6c28aaSamw * share if resource for this protocol doesn't use 4368da6c28aaSamw * resources. 4369da6c28aaSamw */ 4370da6c28aaSamw if (rsrcname != NULL) { 4371da6c28aaSamw (void) printf(gettext( 4372da6c28aaSamw "Unsetting multiple resource " 4373da6c28aaSamw "names not supported\n")); 4374da6c28aaSamw return (SA_SYNTAX_ERR); 4375da6c28aaSamw } 4376da6c28aaSamw rsrcname = optarg; 4377da6c28aaSamw break; 43786185db85Sdougm case 's': 4379da6c28aaSamw if (sharepath != NULL) { 4380da6c28aaSamw (void) printf(gettext( 4381da6c28aaSamw "Adding multiple shares not supported\n")); 4382da6c28aaSamw return (SA_SYNTAX_ERR); 4383da6c28aaSamw } 43846185db85Sdougm sharepath = optarg; 43856185db85Sdougm break; 43866185db85Sdougm case 'S': 4387da6c28aaSamw if (optset != NULL) { 4388da6c28aaSamw (void) printf(gettext( 4389da6c28aaSamw "Specifying multiple property " 4390da6c28aaSamw "spaces not supported: %s\n"), optset); 4391da6c28aaSamw return (SA_SYNTAX_ERR); 4392da6c28aaSamw } 43936185db85Sdougm optset = optarg; 43946185db85Sdougm break; 4395*e7bab347Sdougm case 'h': 4396*e7bab347Sdougm /* optopt on valid arg isn't defined */ 4397*e7bab347Sdougm optopt = c; 4398*e7bab347Sdougm /*FALLTHROUGH*/ 4399*e7bab347Sdougm case '?': 44006185db85Sdougm default: 4401*e7bab347Sdougm /* 4402*e7bab347Sdougm * Since a bad option gets to here, sort it 4403*e7bab347Sdougm * out and return a syntax error return value 4404*e7bab347Sdougm * if necessary. 4405*e7bab347Sdougm */ 4406*e7bab347Sdougm switch (optopt) { 4407*e7bab347Sdougm default: 4408*e7bab347Sdougm ret = SA_SYNTAX_ERR; 4409*e7bab347Sdougm break; 44106185db85Sdougm case 'h': 44116185db85Sdougm case '?': 4412*e7bab347Sdougm break; 4413*e7bab347Sdougm } 44146185db85Sdougm (void) printf(gettext("usage: %s\n"), 44156185db85Sdougm sa_get_usage(USAGE_UNSET)); 4416*e7bab347Sdougm return (ret); 44176185db85Sdougm } 44186185db85Sdougm } 44196185db85Sdougm 44206185db85Sdougm if (optlist != NULL) 44216185db85Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 44226185db85Sdougm 44236185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 44246185db85Sdougm protocol == NULL) { 44256185db85Sdougm char *sep = "\t"; 442625a68471Sdougm (void) printf(gettext("usage: %s\n"), 442725a68471Sdougm sa_get_usage(USAGE_UNSET)); 44286185db85Sdougm if (optind >= argc) { 442925a68471Sdougm (void) printf(gettext("%sgroup must be specified"), 44306185db85Sdougm sep); 44316185db85Sdougm sep = ", "; 44326185db85Sdougm } 443325a68471Sdougm if (optlist == NULL) { 443425a68471Sdougm (void) printf(gettext("%sat least one property must " 443525a68471Sdougm "be specified"), sep); 443625a68471Sdougm sep = ", "; 443725a68471Sdougm } 44386185db85Sdougm if (protocol == NULL) { 443925a68471Sdougm (void) printf(gettext("%sprotocol must be specified"), 444025a68471Sdougm sep); 44416185db85Sdougm sep = ", "; 44426185db85Sdougm } 44436185db85Sdougm (void) printf("\n"); 44446185db85Sdougm ret = SA_SYNTAX_ERR; 44456185db85Sdougm } else { 44466185db85Sdougm 44476185db85Sdougm /* 444825a68471Sdougm * If a group already exists, we can only add a new 44496185db85Sdougm * protocol to it and not create a new one or add the 44506185db85Sdougm * same protocol again. 44516185db85Sdougm */ 44526185db85Sdougm 44536185db85Sdougm groupname = argv[optind]; 44546185db85Sdougm auth = check_authorizations(groupname, flags); 44556185db85Sdougm if (optset == NULL) 4456549ec3ffSdougm ret = basic_unset(handle, groupname, optlist, protocol, 4457da6c28aaSamw sharepath, rsrcname, dryrun); 44586185db85Sdougm else 4459549ec3ffSdougm ret = space_unset(handle, groupname, optlist, protocol, 44606185db85Sdougm sharepath, dryrun, optset); 44616185db85Sdougm 446225a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) 44636185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 44646185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 44656185db85Sdougm } 44666185db85Sdougm return (ret); 44676185db85Sdougm } 44686185db85Sdougm 44696185db85Sdougm /* 44706185db85Sdougm * sa_enable_group(flags, argc, argv) 44716185db85Sdougm * 44726185db85Sdougm * Implements the enable subcommand 44736185db85Sdougm */ 44746185db85Sdougm 44756185db85Sdougm int 4476549ec3ffSdougm sa_enable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 44776185db85Sdougm { 44786185db85Sdougm int verbose = 0; 44796185db85Sdougm int dryrun = 0; 44806185db85Sdougm int all = 0; 44816185db85Sdougm int c; 44826185db85Sdougm int ret = SA_OK; 44836185db85Sdougm char *protocol = NULL; 44846185db85Sdougm char *state; 44856185db85Sdougm struct list *worklist = NULL; 44866185db85Sdougm int auth = 1; 448725a68471Sdougm sa_group_t group; 44886185db85Sdougm 44896185db85Sdougm while ((c = getopt(argc, argv, "?havnP:")) != EOF) { 44906185db85Sdougm switch (c) { 44916185db85Sdougm case 'a': 44926185db85Sdougm all = 1; 44936185db85Sdougm break; 44946185db85Sdougm case 'n': 44956185db85Sdougm dryrun++; 44966185db85Sdougm break; 44976185db85Sdougm case 'P': 4498da6c28aaSamw if (protocol != NULL) { 4499da6c28aaSamw (void) printf(gettext( 4500da6c28aaSamw "Specifying multiple protocols " 4501da6c28aaSamw "not supported: %s\n"), protocol); 4502da6c28aaSamw return (SA_SYNTAX_ERR); 4503da6c28aaSamw } 45046185db85Sdougm protocol = optarg; 45056185db85Sdougm if (!sa_valid_protocol(protocol)) { 450625a68471Sdougm (void) printf(gettext( 450725a68471Sdougm "Invalid protocol specified: %s\n"), 45086185db85Sdougm protocol); 45096185db85Sdougm return (SA_INVALID_PROTOCOL); 45106185db85Sdougm } 45116185db85Sdougm break; 45126185db85Sdougm case 'v': 45136185db85Sdougm verbose++; 45146185db85Sdougm break; 4515*e7bab347Sdougm case 'h': 4516*e7bab347Sdougm /* optopt on valid arg isn't defined */ 4517*e7bab347Sdougm optopt = c; 4518*e7bab347Sdougm /*FALLTHROUGH*/ 4519*e7bab347Sdougm case '?': 45206185db85Sdougm default: 4521*e7bab347Sdougm /* 4522*e7bab347Sdougm * Since a bad option gets to here, sort it 4523*e7bab347Sdougm * out and return a syntax error return value 4524*e7bab347Sdougm * if necessary. 4525*e7bab347Sdougm */ 4526*e7bab347Sdougm switch (optopt) { 4527*e7bab347Sdougm default: 4528*e7bab347Sdougm ret = SA_SYNTAX_ERR; 4529*e7bab347Sdougm break; 45306185db85Sdougm case 'h': 45316185db85Sdougm case '?': 45326185db85Sdougm (void) printf(gettext("usage: %s\n"), 45336185db85Sdougm sa_get_usage(USAGE_ENABLE)); 4534*e7bab347Sdougm return (ret); 4535*e7bab347Sdougm } 45366185db85Sdougm } 45376185db85Sdougm } 45386185db85Sdougm 45396185db85Sdougm if (optind == argc && !all) { 454025a68471Sdougm (void) printf(gettext("usage: %s\n"), 454125a68471Sdougm sa_get_usage(USAGE_ENABLE)); 45426185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 454325a68471Sdougm return (SA_NO_SUCH_PATH); 454425a68471Sdougm } 45456185db85Sdougm if (!all) { 45466185db85Sdougm while (optind < argc) { 4547549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 45486185db85Sdougm if (group != NULL) { 454925a68471Sdougm auth &= check_authorizations(argv[optind], 455025a68471Sdougm flags); 45516185db85Sdougm state = sa_get_group_attr(group, "state"); 45526185db85Sdougm if (state != NULL && 45536185db85Sdougm strcmp(state, "enabled") == 0) { 45546185db85Sdougm /* already enabled */ 45556185db85Sdougm if (verbose) 455625a68471Sdougm (void) printf(gettext( 455725a68471Sdougm "Group \"%s\" is already " 45586185db85Sdougm "enabled\n"), 45596185db85Sdougm argv[optind]); 45606185db85Sdougm ret = SA_BUSY; /* already enabled */ 45616185db85Sdougm } else { 456225a68471Sdougm worklist = add_list(worklist, group, 4563da6c28aaSamw 0, protocol); 45646185db85Sdougm if (verbose) 456525a68471Sdougm (void) printf(gettext( 456625a68471Sdougm "Enabling group \"%s\"\n"), 45676185db85Sdougm argv[optind]); 45686185db85Sdougm } 45696185db85Sdougm if (state != NULL) 45706185db85Sdougm sa_free_attr_string(state); 45716185db85Sdougm } else { 45726185db85Sdougm ret = SA_NO_SUCH_GROUP; 45736185db85Sdougm } 45746185db85Sdougm optind++; 45756185db85Sdougm } 45766185db85Sdougm } else { 457725a68471Sdougm for (group = sa_get_group(handle, NULL); 457825a68471Sdougm group != NULL; 45796185db85Sdougm group = sa_get_next_group(group)) { 4580da6c28aaSamw worklist = add_list(worklist, group, 0, protocol); 45816185db85Sdougm } 45826185db85Sdougm } 458325a68471Sdougm if (!dryrun && ret == SA_OK) 4584da6c28aaSamw ret = enable_all_groups(handle, worklist, 1, 0, NULL, B_FALSE); 458525a68471Sdougm 45866185db85Sdougm if (ret != SA_OK && ret != SA_BUSY) 45876185db85Sdougm (void) printf(gettext("Could not enable group: %s\n"), 45886185db85Sdougm sa_errorstr(ret)); 45896185db85Sdougm if (ret == SA_BUSY) 45906185db85Sdougm ret = SA_OK; 459125a68471Sdougm 45926185db85Sdougm if (worklist != NULL) 45936185db85Sdougm free_list(worklist); 45946185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 45956185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 45966185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 45976185db85Sdougm } 45986185db85Sdougm return (ret); 45996185db85Sdougm } 46006185db85Sdougm 46016185db85Sdougm /* 4602da6c28aaSamw * disable_group(group, proto) 46036185db85Sdougm * 4604da6c28aaSamw * Disable all the shares in the specified group.. This is a helper 4605da6c28aaSamw * for disable_all_groups in order to simplify regular and subgroup 4606da6c28aaSamw * (zfs) disabling. Group has already been checked for non-NULL. 46076185db85Sdougm */ 46086185db85Sdougm 46096185db85Sdougm static int 4610da6c28aaSamw disable_group(sa_group_t group, char *proto) 46116185db85Sdougm { 46126185db85Sdougm sa_share_t share; 46136185db85Sdougm int ret = SA_OK; 46146185db85Sdougm 4615da6c28aaSamw /* 4616da6c28aaSamw * If the protocol isn't enabled, skip it and treat as 4617da6c28aaSamw * successful. 4618da6c28aaSamw */ 4619da6c28aaSamw if (!has_protocol(group, proto)) 4620da6c28aaSamw return (ret); 4621da6c28aaSamw 46226185db85Sdougm for (share = sa_get_share(group, NULL); 46236185db85Sdougm share != NULL && ret == SA_OK; 46246185db85Sdougm share = sa_get_next_share(share)) { 4625da6c28aaSamw ret = sa_disable_share(share, proto); 46266185db85Sdougm if (ret == SA_NO_SUCH_PATH) { 46276185db85Sdougm /* 46286185db85Sdougm * this is OK since the path is gone. we can't 46296185db85Sdougm * re-share it anyway so no error. 46306185db85Sdougm */ 46316185db85Sdougm ret = SA_OK; 46326185db85Sdougm } 46336185db85Sdougm } 46346185db85Sdougm return (ret); 46356185db85Sdougm } 46366185db85Sdougm 46376185db85Sdougm /* 46386185db85Sdougm * disable_all_groups(work, setstate) 46396185db85Sdougm * 46406185db85Sdougm * helper function that disables the shares in the list of groups 46416185db85Sdougm * provided. It optionally marks the group as disabled. Used by both 46426185db85Sdougm * enable and start subcommands. 46436185db85Sdougm */ 46446185db85Sdougm 46456185db85Sdougm static int 4646549ec3ffSdougm disable_all_groups(sa_handle_t handle, struct list *work, int setstate) 46476185db85Sdougm { 46486185db85Sdougm int ret = SA_OK; 46496185db85Sdougm sa_group_t subgroup, group; 46506185db85Sdougm 46516185db85Sdougm while (work != NULL && ret == SA_OK) { 46526185db85Sdougm group = (sa_group_t)work->item; 46536185db85Sdougm if (setstate) 46546185db85Sdougm ret = sa_set_group_attr(group, "state", "disabled"); 46556185db85Sdougm if (ret == SA_OK) { 46566185db85Sdougm char *name; 46576185db85Sdougm name = sa_get_group_attr(group, "name"); 46586185db85Sdougm if (name != NULL && strcmp(name, "zfs") == 0) { 46596185db85Sdougm /* need to get the sub-groups for stopping */ 466025a68471Sdougm for (subgroup = sa_get_sub_group(group); 466125a68471Sdougm subgroup != NULL; 46626185db85Sdougm subgroup = sa_get_next_group(subgroup)) { 4663da6c28aaSamw ret = disable_group(subgroup, 4664da6c28aaSamw work->proto); 46656185db85Sdougm } 46666185db85Sdougm } else { 4667da6c28aaSamw ret = disable_group(group, work->proto); 46686185db85Sdougm } 46696185db85Sdougm /* 467025a68471Sdougm * We don't want to "disable" since it won't come 46716185db85Sdougm * up after a reboot. The SMF framework should do 46726185db85Sdougm * the right thing. On enable we do want to do 46736185db85Sdougm * something. 46746185db85Sdougm */ 46756185db85Sdougm } 46766185db85Sdougm work = work->next; 46776185db85Sdougm } 46786185db85Sdougm if (ret == SA_OK) 4679549ec3ffSdougm ret = sa_update_config(handle); 46806185db85Sdougm return (ret); 46816185db85Sdougm } 46826185db85Sdougm 46836185db85Sdougm /* 46846185db85Sdougm * sa_disable_group(flags, argc, argv) 46856185db85Sdougm * 46866185db85Sdougm * Implements the disable subcommand 46876185db85Sdougm */ 46886185db85Sdougm 46896185db85Sdougm int 4690549ec3ffSdougm sa_disable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 46916185db85Sdougm { 46926185db85Sdougm int verbose = 0; 46936185db85Sdougm int dryrun = 0; 46946185db85Sdougm int all = 0; 46956185db85Sdougm int c; 46966185db85Sdougm int ret = SA_OK; 4697da6c28aaSamw char *protocol = NULL; 46986185db85Sdougm char *state; 46996185db85Sdougm struct list *worklist = NULL; 470025a68471Sdougm sa_group_t group; 47016185db85Sdougm int auth = 1; 47026185db85Sdougm 47036185db85Sdougm while ((c = getopt(argc, argv, "?havn")) != EOF) { 47046185db85Sdougm switch (c) { 47056185db85Sdougm case 'a': 47066185db85Sdougm all = 1; 47076185db85Sdougm break; 47086185db85Sdougm case 'n': 47096185db85Sdougm dryrun++; 47106185db85Sdougm break; 47116185db85Sdougm case 'P': 4712da6c28aaSamw if (protocol != NULL) { 4713da6c28aaSamw (void) printf(gettext( 4714da6c28aaSamw "Specifying multiple protocols " 4715da6c28aaSamw "not supported: %s\n"), protocol); 4716da6c28aaSamw return (SA_SYNTAX_ERR); 4717da6c28aaSamw } 47186185db85Sdougm protocol = optarg; 47196185db85Sdougm if (!sa_valid_protocol(protocol)) { 472025a68471Sdougm (void) printf(gettext( 472125a68471Sdougm "Invalid protocol specified: %s\n"), 47226185db85Sdougm protocol); 47236185db85Sdougm return (SA_INVALID_PROTOCOL); 47246185db85Sdougm } 47256185db85Sdougm break; 47266185db85Sdougm case 'v': 47276185db85Sdougm verbose++; 47286185db85Sdougm break; 4729*e7bab347Sdougm case 'h': 4730*e7bab347Sdougm /* optopt on valid arg isn't defined */ 4731*e7bab347Sdougm optopt = c; 4732*e7bab347Sdougm /*FALLTHROUGH*/ 4733*e7bab347Sdougm case '?': 47346185db85Sdougm default: 4735*e7bab347Sdougm /* 4736*e7bab347Sdougm * Since a bad option gets to here, sort it 4737*e7bab347Sdougm * out and return a syntax error return value 4738*e7bab347Sdougm * if necessary. 4739*e7bab347Sdougm */ 4740*e7bab347Sdougm switch (optopt) { 4741*e7bab347Sdougm default: 4742*e7bab347Sdougm ret = SA_SYNTAX_ERR; 4743*e7bab347Sdougm break; 47446185db85Sdougm case 'h': 47456185db85Sdougm case '?': 4746*e7bab347Sdougm break; 4747*e7bab347Sdougm } 47486185db85Sdougm (void) printf(gettext("usage: %s\n"), 47496185db85Sdougm sa_get_usage(USAGE_DISABLE)); 4750*e7bab347Sdougm return (ret); 47516185db85Sdougm } 47526185db85Sdougm } 47536185db85Sdougm 47546185db85Sdougm if (optind == argc && !all) { 47556185db85Sdougm (void) printf(gettext("usage: %s\n"), 47566185db85Sdougm sa_get_usage(USAGE_DISABLE)); 47576185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 475825a68471Sdougm return (SA_NO_SUCH_PATH); 475925a68471Sdougm } 47606185db85Sdougm if (!all) { 47616185db85Sdougm while (optind < argc) { 4762549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 47636185db85Sdougm if (group != NULL) { 476425a68471Sdougm auth &= check_authorizations(argv[optind], 476525a68471Sdougm flags); 47666185db85Sdougm state = sa_get_group_attr(group, "state"); 47676185db85Sdougm if (state == NULL || 47686185db85Sdougm strcmp(state, "disabled") == 0) { 47696185db85Sdougm /* already disabled */ 47706185db85Sdougm if (verbose) 477125a68471Sdougm (void) printf(gettext( 477225a68471Sdougm "Group \"%s\" is " 47736185db85Sdougm "already disabled\n"), 47746185db85Sdougm argv[optind]); 4775da6c28aaSamw ret = SA_BUSY; /* already disabled */ 47766185db85Sdougm } else { 4777da6c28aaSamw worklist = add_list(worklist, group, 0, 4778da6c28aaSamw protocol); 47796185db85Sdougm if (verbose) 478025a68471Sdougm (void) printf(gettext( 478125a68471Sdougm "Disabling group " 478225a68471Sdougm "\"%s\"\n"), argv[optind]); 47836185db85Sdougm } 47846185db85Sdougm if (state != NULL) 47856185db85Sdougm sa_free_attr_string(state); 47866185db85Sdougm } else { 47876185db85Sdougm ret = SA_NO_SUCH_GROUP; 47886185db85Sdougm } 47896185db85Sdougm optind++; 47906185db85Sdougm } 47916185db85Sdougm } else { 479225a68471Sdougm for (group = sa_get_group(handle, NULL); 479325a68471Sdougm group != NULL; 479425a68471Sdougm group = sa_get_next_group(group)) 4795da6c28aaSamw worklist = add_list(worklist, group, 0, protocol); 47966185db85Sdougm } 479725a68471Sdougm 479825a68471Sdougm if (ret == SA_OK && !dryrun) 4799549ec3ffSdougm ret = disable_all_groups(handle, worklist, 1); 48006185db85Sdougm if (ret != SA_OK && ret != SA_BUSY) 48016185db85Sdougm (void) printf(gettext("Could not disable group: %s\n"), 48026185db85Sdougm sa_errorstr(ret)); 48036185db85Sdougm if (ret == SA_BUSY) 48046185db85Sdougm ret = SA_OK; 48056185db85Sdougm if (worklist != NULL) 48066185db85Sdougm free_list(worklist); 480725a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) 48086185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 48096185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 48106185db85Sdougm return (ret); 48116185db85Sdougm } 48126185db85Sdougm 48136185db85Sdougm /* 48146185db85Sdougm * sa_start_group(flags, argc, argv) 48156185db85Sdougm * 48166185db85Sdougm * Implements the start command. 48176185db85Sdougm * This is similar to enable except it doesn't change the state 48186185db85Sdougm * of the group(s) and only enables shares if the group is already 48196185db85Sdougm * enabled. 48206185db85Sdougm */ 4821da6c28aaSamw 48226185db85Sdougm int 4823549ec3ffSdougm sa_start_group(sa_handle_t handle, int flags, int argc, char *argv[]) 48246185db85Sdougm { 48256185db85Sdougm int verbose = 0; 48266185db85Sdougm int all = 0; 48276185db85Sdougm int c; 48286185db85Sdougm int ret = SMF_EXIT_OK; 48296185db85Sdougm char *protocol = NULL; 48306185db85Sdougm char *state; 48316185db85Sdougm struct list *worklist = NULL; 483225a68471Sdougm sa_group_t group; 4833da6c28aaSamw #ifdef lint 4834da6c28aaSamw flags = flags; 4835da6c28aaSamw #endif 48366185db85Sdougm 48376185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 48386185db85Sdougm switch (c) { 48396185db85Sdougm case 'a': 48406185db85Sdougm all = 1; 48416185db85Sdougm break; 48426185db85Sdougm case 'P': 4843da6c28aaSamw if (protocol != NULL) { 4844da6c28aaSamw (void) printf(gettext( 4845da6c28aaSamw "Specifying multiple protocols " 4846da6c28aaSamw "not supported: %s\n"), protocol); 4847da6c28aaSamw return (SA_SYNTAX_ERR); 4848da6c28aaSamw } 48496185db85Sdougm protocol = optarg; 48506185db85Sdougm if (!sa_valid_protocol(protocol)) { 485125a68471Sdougm (void) printf(gettext( 485225a68471Sdougm "Invalid protocol specified: %s\n"), 48536185db85Sdougm protocol); 48546185db85Sdougm return (SA_INVALID_PROTOCOL); 48556185db85Sdougm } 48566185db85Sdougm break; 48576185db85Sdougm case 'v': 48586185db85Sdougm verbose++; 48596185db85Sdougm break; 4860*e7bab347Sdougm case 'h': 4861*e7bab347Sdougm /* optopt on valid arg isn't defined */ 4862*e7bab347Sdougm optopt = c; 4863*e7bab347Sdougm /*FALLTHROUGH*/ 4864*e7bab347Sdougm case '?': 48656185db85Sdougm default: 4866*e7bab347Sdougm /* 4867*e7bab347Sdougm * Since a bad option gets to here, sort it 4868*e7bab347Sdougm * out and return a syntax error return value 4869*e7bab347Sdougm * if necessary. 4870*e7bab347Sdougm */ 4871*e7bab347Sdougm ret = SA_OK; 4872*e7bab347Sdougm switch (optopt) { 4873*e7bab347Sdougm default: 4874*e7bab347Sdougm ret = SA_SYNTAX_ERR; 4875*e7bab347Sdougm break; 48766185db85Sdougm case 'h': 48776185db85Sdougm case '?': 4878*e7bab347Sdougm break; 4879*e7bab347Sdougm } 48806185db85Sdougm (void) printf(gettext("usage: %s\n"), 48816185db85Sdougm sa_get_usage(USAGE_START)); 4882*e7bab347Sdougm return (ret); 48836185db85Sdougm } 48846185db85Sdougm } 48856185db85Sdougm 48866185db85Sdougm if (optind == argc && !all) { 48876185db85Sdougm (void) printf(gettext("usage: %s\n"), 48886185db85Sdougm sa_get_usage(USAGE_START)); 488925a68471Sdougm return (SMF_EXIT_ERR_FATAL); 489025a68471Sdougm } 48916185db85Sdougm 48926185db85Sdougm if (!all) { 48936185db85Sdougm while (optind < argc) { 4894549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 48956185db85Sdougm if (group != NULL) { 48966185db85Sdougm state = sa_get_group_attr(group, "state"); 48976185db85Sdougm if (state == NULL || 48986185db85Sdougm strcmp(state, "enabled") == 0) { 4899da6c28aaSamw worklist = add_list(worklist, group, 0, 4900da6c28aaSamw protocol); 49016185db85Sdougm if (verbose) 490225a68471Sdougm (void) printf(gettext( 490325a68471Sdougm "Starting group \"%s\"\n"), 49046185db85Sdougm argv[optind]); 49056185db85Sdougm } else { 49066185db85Sdougm /* 490725a68471Sdougm * Determine if there are any 4908da6c28aaSamw * protocols. If there aren't any, 49096185db85Sdougm * then there isn't anything to do in 49106185db85Sdougm * any case so no error. 49116185db85Sdougm */ 491225a68471Sdougm if (sa_get_optionset(group, 491325a68471Sdougm protocol) != NULL) { 49146185db85Sdougm ret = SMF_EXIT_OK; 49156185db85Sdougm } 49166185db85Sdougm } 49176185db85Sdougm if (state != NULL) 49186185db85Sdougm sa_free_attr_string(state); 49196185db85Sdougm } 49206185db85Sdougm optind++; 49216185db85Sdougm } 49226185db85Sdougm } else { 4923da6c28aaSamw for (group = sa_get_group(handle, NULL); 4924da6c28aaSamw group != NULL; 49256185db85Sdougm group = sa_get_next_group(group)) { 49266185db85Sdougm state = sa_get_group_attr(group, "state"); 49276185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 4928da6c28aaSamw worklist = add_list(worklist, group, 0, 4929da6c28aaSamw protocol); 49306185db85Sdougm if (state != NULL) 49316185db85Sdougm sa_free_attr_string(state); 49326185db85Sdougm } 49336185db85Sdougm } 493425a68471Sdougm 4935da6c28aaSamw (void) enable_all_groups(handle, worklist, 0, 1, protocol, B_FALSE); 493625a68471Sdougm 49376185db85Sdougm if (worklist != NULL) 49386185db85Sdougm free_list(worklist); 49396185db85Sdougm return (ret); 49406185db85Sdougm } 49416185db85Sdougm 49426185db85Sdougm /* 49436185db85Sdougm * sa_stop_group(flags, argc, argv) 49446185db85Sdougm * 49456185db85Sdougm * Implements the stop command. 49466185db85Sdougm * This is similar to disable except it doesn't change the state 49476185db85Sdougm * of the group(s) and only disables shares if the group is already 49486185db85Sdougm * enabled. 49496185db85Sdougm */ 49506185db85Sdougm int 4951549ec3ffSdougm sa_stop_group(sa_handle_t handle, int flags, int argc, char *argv[]) 49526185db85Sdougm { 49536185db85Sdougm int verbose = 0; 49546185db85Sdougm int all = 0; 49556185db85Sdougm int c; 49566185db85Sdougm int ret = SMF_EXIT_OK; 49576185db85Sdougm char *protocol = NULL; 49586185db85Sdougm char *state; 49596185db85Sdougm struct list *worklist = NULL; 496025a68471Sdougm sa_group_t group; 4961da6c28aaSamw #ifdef lint 4962da6c28aaSamw flags = flags; 4963da6c28aaSamw #endif 49646185db85Sdougm 49656185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 49666185db85Sdougm switch (c) { 49676185db85Sdougm case 'a': 49686185db85Sdougm all = 1; 49696185db85Sdougm break; 49706185db85Sdougm case 'P': 4971da6c28aaSamw if (protocol != NULL) { 4972da6c28aaSamw (void) printf(gettext( 4973da6c28aaSamw "Specifying multiple protocols " 4974da6c28aaSamw "not supported: %s\n"), protocol); 4975da6c28aaSamw return (SA_SYNTAX_ERR); 4976da6c28aaSamw } 49776185db85Sdougm protocol = optarg; 49786185db85Sdougm if (!sa_valid_protocol(protocol)) { 497925a68471Sdougm (void) printf(gettext( 498025a68471Sdougm "Invalid protocol specified: %s\n"), 49816185db85Sdougm protocol); 49826185db85Sdougm return (SA_INVALID_PROTOCOL); 49836185db85Sdougm } 49846185db85Sdougm break; 49856185db85Sdougm case 'v': 49866185db85Sdougm verbose++; 49876185db85Sdougm break; 4988*e7bab347Sdougm case 'h': 4989*e7bab347Sdougm /* optopt on valid arg isn't defined */ 4990*e7bab347Sdougm optopt = c; 4991*e7bab347Sdougm /*FALLTHROUGH*/ 4992*e7bab347Sdougm case '?': 49936185db85Sdougm default: 4994*e7bab347Sdougm /* 4995*e7bab347Sdougm * Since a bad option gets to here, sort it 4996*e7bab347Sdougm * out and return a syntax error return value 4997*e7bab347Sdougm * if necessary. 4998*e7bab347Sdougm */ 4999*e7bab347Sdougm ret = SA_OK; 5000*e7bab347Sdougm switch (optopt) { 5001*e7bab347Sdougm default: 5002*e7bab347Sdougm ret = SA_SYNTAX_ERR; 5003*e7bab347Sdougm break; 50046185db85Sdougm case 'h': 50056185db85Sdougm case '?': 5006*e7bab347Sdougm break; 5007*e7bab347Sdougm } 50086185db85Sdougm (void) printf(gettext("usage: %s\n"), 50096185db85Sdougm sa_get_usage(USAGE_STOP)); 5010*e7bab347Sdougm return (ret); 50116185db85Sdougm } 50126185db85Sdougm } 50136185db85Sdougm 50146185db85Sdougm if (optind == argc && !all) { 501525a68471Sdougm (void) printf(gettext("usage: %s\n"), 501625a68471Sdougm sa_get_usage(USAGE_STOP)); 501725a68471Sdougm return (SMF_EXIT_ERR_FATAL); 501825a68471Sdougm } else if (!all) { 50196185db85Sdougm while (optind < argc) { 5020549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 50216185db85Sdougm if (group != NULL) { 50226185db85Sdougm state = sa_get_group_attr(group, "state"); 50236185db85Sdougm if (state == NULL || 50246185db85Sdougm strcmp(state, "enabled") == 0) { 5025da6c28aaSamw worklist = add_list(worklist, group, 0, 5026da6c28aaSamw protocol); 50276185db85Sdougm if (verbose) 502825a68471Sdougm (void) printf(gettext( 502925a68471Sdougm "Stopping group \"%s\"\n"), 50306185db85Sdougm argv[optind]); 50316185db85Sdougm } else { 50326185db85Sdougm ret = SMF_EXIT_OK; 50336185db85Sdougm } 50346185db85Sdougm if (state != NULL) 50356185db85Sdougm sa_free_attr_string(state); 50366185db85Sdougm } 50376185db85Sdougm optind++; 50386185db85Sdougm } 50396185db85Sdougm } else { 5040da6c28aaSamw for (group = sa_get_group(handle, NULL); 5041da6c28aaSamw group != NULL; 50426185db85Sdougm group = sa_get_next_group(group)) { 50436185db85Sdougm state = sa_get_group_attr(group, "state"); 50446185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 5045da6c28aaSamw worklist = add_list(worklist, group, 0, 5046da6c28aaSamw protocol); 50476185db85Sdougm if (state != NULL) 50486185db85Sdougm sa_free_attr_string(state); 50496185db85Sdougm } 50506185db85Sdougm } 5051549ec3ffSdougm (void) disable_all_groups(handle, worklist, 0); 5052549ec3ffSdougm ret = sa_update_config(handle); 505325a68471Sdougm 50546185db85Sdougm if (worklist != NULL) 50556185db85Sdougm free_list(worklist); 50566185db85Sdougm return (ret); 50576185db85Sdougm } 50586185db85Sdougm 50596185db85Sdougm /* 50606185db85Sdougm * remove_all_options(share, proto) 50616185db85Sdougm * 50626185db85Sdougm * Removes all options on a share. 50636185db85Sdougm */ 50646185db85Sdougm 50656185db85Sdougm static void 50666185db85Sdougm remove_all_options(sa_share_t share, char *proto) 50676185db85Sdougm { 50686185db85Sdougm sa_optionset_t optionset; 50696185db85Sdougm sa_security_t security; 50706185db85Sdougm sa_security_t prevsec = NULL; 50716185db85Sdougm 50726185db85Sdougm optionset = sa_get_optionset(share, proto); 50736185db85Sdougm if (optionset != NULL) 50746185db85Sdougm (void) sa_destroy_optionset(optionset); 50756185db85Sdougm for (security = sa_get_security(share, NULL, NULL); 50766185db85Sdougm security != NULL; 50776185db85Sdougm security = sa_get_next_security(security)) { 50786185db85Sdougm char *type; 50796185db85Sdougm /* 508025a68471Sdougm * We walk through the list. prevsec keeps the 50816185db85Sdougm * previous security so we can delete it without 50826185db85Sdougm * destroying the list. 50836185db85Sdougm */ 50846185db85Sdougm if (prevsec != NULL) { 50856185db85Sdougm /* remove the previously seen security */ 50866185db85Sdougm (void) sa_destroy_security(prevsec); 50876185db85Sdougm /* set to NULL so we don't try multiple times */ 50886185db85Sdougm prevsec = NULL; 50896185db85Sdougm } 50906185db85Sdougm type = sa_get_security_attr(security, "type"); 50916185db85Sdougm if (type != NULL) { 50926185db85Sdougm /* 50936185db85Sdougm * if the security matches the specified protocol, we 50946185db85Sdougm * want to remove it. prevsec holds it until either 50956185db85Sdougm * the next pass or we fall out of the loop. 50966185db85Sdougm */ 50976185db85Sdougm if (strcmp(type, proto) == 0) 50986185db85Sdougm prevsec = security; 50996185db85Sdougm sa_free_attr_string(type); 51006185db85Sdougm } 51016185db85Sdougm } 51026185db85Sdougm /* in case there is one left */ 51036185db85Sdougm if (prevsec != NULL) 51046185db85Sdougm (void) sa_destroy_security(prevsec); 51056185db85Sdougm } 51066185db85Sdougm 51076185db85Sdougm 51086185db85Sdougm /* 51096185db85Sdougm * for legacy support, we need to handle the old syntax. This is what 51106185db85Sdougm * we get if sharemgr is called with the name "share" rather than 51116185db85Sdougm * sharemgr. 51126185db85Sdougm */ 51136185db85Sdougm 51146185db85Sdougm static int 51156185db85Sdougm format_legacy_path(char *buff, int buffsize, char *proto, char *cmd) 51166185db85Sdougm { 51176185db85Sdougm int err; 51186185db85Sdougm 51196185db85Sdougm err = snprintf(buff, buffsize, "/usr/lib/fs/%s/%s", proto, cmd); 51206185db85Sdougm if (err > buffsize) 51216185db85Sdougm return (-1); 51226185db85Sdougm return (0); 51236185db85Sdougm } 51246185db85Sdougm 51256185db85Sdougm 51266185db85Sdougm /* 51276185db85Sdougm * check_legacy_cmd(proto, cmd) 51286185db85Sdougm * 51296185db85Sdougm * Check to see if the cmd exists in /usr/lib/fs/<proto>/<cmd> and is 51306185db85Sdougm * executable. 51316185db85Sdougm */ 51326185db85Sdougm 51336185db85Sdougm static int 51346185db85Sdougm check_legacy_cmd(char *path) 51356185db85Sdougm { 51366185db85Sdougm struct stat st; 51376185db85Sdougm int ret = 0; 51386185db85Sdougm 51396185db85Sdougm if (stat(path, &st) == 0) { 514025a68471Sdougm if (S_ISREG(st.st_mode) && 514125a68471Sdougm st.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) 51426185db85Sdougm ret = 1; 51436185db85Sdougm } 51446185db85Sdougm return (ret); 51456185db85Sdougm } 51466185db85Sdougm 51476185db85Sdougm /* 51486185db85Sdougm * run_legacy_command(proto, cmd, argv) 51496185db85Sdougm * 515025a68471Sdougm * We know the command exists, so attempt to execute it with all the 51516185db85Sdougm * arguments. This implements full legacy share support for those 51526185db85Sdougm * protocols that don't have plugin providers. 51536185db85Sdougm */ 51546185db85Sdougm 51556185db85Sdougm static int 51566185db85Sdougm run_legacy_command(char *path, char *argv[]) 51576185db85Sdougm { 51586185db85Sdougm int ret; 51596185db85Sdougm 51606185db85Sdougm ret = execv(path, argv); 51616185db85Sdougm if (ret < 0) { 51626185db85Sdougm switch (errno) { 51636185db85Sdougm case EACCES: 51646185db85Sdougm ret = SA_NO_PERMISSION; 51656185db85Sdougm break; 51666185db85Sdougm default: 51676185db85Sdougm ret = SA_SYSTEM_ERR; 51686185db85Sdougm break; 51696185db85Sdougm } 51706185db85Sdougm } 51716185db85Sdougm return (ret); 51726185db85Sdougm } 51736185db85Sdougm 51746185db85Sdougm /* 5175f345c0beSdougm * out_share(out, group, proto) 51766185db85Sdougm * 51776185db85Sdougm * Display the share information in the format that the "share" 51786185db85Sdougm * command has traditionally used. 51796185db85Sdougm */ 51806185db85Sdougm 51816185db85Sdougm static void 5182f345c0beSdougm out_share(FILE *out, sa_group_t group, char *proto) 51836185db85Sdougm { 51846185db85Sdougm sa_share_t share; 51856185db85Sdougm char resfmt[128]; 5186da6c28aaSamw char *defprop; 5187da6c28aaSamw 5188da6c28aaSamw /* 5189da6c28aaSamw * The original share command defaulted to displaying NFS 5190da6c28aaSamw * shares or allowed a protocol to be specified. We want to 5191da6c28aaSamw * skip those shares that are not the specified protocol. 5192da6c28aaSamw */ 5193da6c28aaSamw if (proto != NULL && sa_get_optionset(group, proto) == NULL) 5194da6c28aaSamw return; 5195da6c28aaSamw 5196da6c28aaSamw if (proto == NULL) 5197da6c28aaSamw proto = "nfs"; 5198da6c28aaSamw 5199da6c28aaSamw /* 5200da6c28aaSamw * get the default property string. NFS uses "rw" but 5201da6c28aaSamw * everything else will use "". 5202da6c28aaSamw */ 5203da6c28aaSamw if (proto != NULL && strcmp(proto, "nfs") != 0) 5204da6c28aaSamw defprop = "\"\""; 5205da6c28aaSamw else 5206da6c28aaSamw defprop = "rw"; 52076185db85Sdougm 520825a68471Sdougm for (share = sa_get_share(group, NULL); 520925a68471Sdougm share != NULL; 52106185db85Sdougm share = sa_get_next_share(share)) { 52116185db85Sdougm char *path; 52126185db85Sdougm char *type; 52136185db85Sdougm char *resource; 52146185db85Sdougm char *description; 52156185db85Sdougm char *groupname; 52166185db85Sdougm char *sharedstate; 52176185db85Sdougm int shared = 1; 52186185db85Sdougm char *soptions; 5219da6c28aaSamw char shareopts[MAXNAMLEN]; 52206185db85Sdougm 52216185db85Sdougm sharedstate = sa_get_share_attr(share, "shared"); 52226185db85Sdougm path = sa_get_share_attr(share, "path"); 52236185db85Sdougm type = sa_get_share_attr(share, "type"); 5224da6c28aaSamw resource = get_resource(share); 52256185db85Sdougm groupname = sa_get_group_attr(group, "name"); 52266185db85Sdougm 52276185db85Sdougm if (groupname != NULL && strcmp(groupname, "default") == 0) { 52286185db85Sdougm sa_free_attr_string(groupname); 52296185db85Sdougm groupname = NULL; 52306185db85Sdougm } 52316185db85Sdougm description = sa_get_share_description(share); 5232f345c0beSdougm 5233da6c28aaSamw /* 5234da6c28aaSamw * Want the sharetab version if it exists, defaulting 5235da6c28aaSamw * to NFS if no protocol specified. 5236da6c28aaSamw */ 5237da6c28aaSamw (void) snprintf(shareopts, MAXNAMLEN, "shareopts-%s", proto); 5238da6c28aaSamw soptions = sa_get_share_attr(share, shareopts); 52396185db85Sdougm 52406185db85Sdougm if (sharedstate == NULL) 52416185db85Sdougm shared = 0; 52426185db85Sdougm 5243f345c0beSdougm if (soptions == NULL) 52446185db85Sdougm soptions = sa_proto_legacy_format(proto, share, 1); 52456185db85Sdougm 52466185db85Sdougm if (shared) { 5247f345c0beSdougm /* only active shares go here */ 52486185db85Sdougm (void) snprintf(resfmt, sizeof (resfmt), "%s%s%s", 52496185db85Sdougm resource != NULL ? resource : "-", 52506185db85Sdougm groupname != NULL ? "@" : "", 52516185db85Sdougm groupname != NULL ? groupname : ""); 52526185db85Sdougm (void) fprintf(out, "%-14.14s %s %s \"%s\" \n", 525325a68471Sdougm resfmt, path, 52546185db85Sdougm (soptions != NULL && strlen(soptions) > 0) ? 5255da6c28aaSamw soptions : defprop, 52566185db85Sdougm (description != NULL) ? description : ""); 52576185db85Sdougm } 52586185db85Sdougm 52596185db85Sdougm if (path != NULL) 52606185db85Sdougm sa_free_attr_string(path); 52616185db85Sdougm if (type != NULL) 52626185db85Sdougm sa_free_attr_string(type); 52636185db85Sdougm if (resource != NULL) 52646185db85Sdougm sa_free_attr_string(resource); 52656185db85Sdougm if (groupname != NULL) 52666185db85Sdougm sa_free_attr_string(groupname); 52676185db85Sdougm if (description != NULL) 52686185db85Sdougm sa_free_share_description(description); 52696185db85Sdougm if (sharedstate != NULL) 52706185db85Sdougm sa_free_attr_string(sharedstate); 5271f345c0beSdougm if (soptions != NULL) 52726185db85Sdougm sa_format_free(soptions); 52736185db85Sdougm } 52746185db85Sdougm } 52756185db85Sdougm 52766185db85Sdougm /* 52776185db85Sdougm * output_legacy_file(out, proto) 52786185db85Sdougm * 52796185db85Sdougm * Walk all of the groups for the specified protocol and call 52806185db85Sdougm * out_share() to format and write in the format displayed by the 52816185db85Sdougm * "share" command with no arguments. 52826185db85Sdougm */ 52836185db85Sdougm 52846185db85Sdougm static void 5285549ec3ffSdougm output_legacy_file(FILE *out, char *proto, sa_handle_t handle) 52866185db85Sdougm { 52876185db85Sdougm sa_group_t group; 52886185db85Sdougm 5289da6c28aaSamw for (group = sa_get_group(handle, NULL); 5290da6c28aaSamw group != NULL; 52916185db85Sdougm group = sa_get_next_group(group)) { 52926185db85Sdougm char *zfs; 52936185db85Sdougm 52946185db85Sdougm /* 5295da6c28aaSamw * Go through all the groups and ZFS 5296da6c28aaSamw * sub-groups. out_share() will format the shares in 5297da6c28aaSamw * the group appropriately. 52986185db85Sdougm */ 52996185db85Sdougm 53006185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 53016185db85Sdougm if (zfs != NULL) { 53026185db85Sdougm sa_group_t zgroup; 53036185db85Sdougm sa_free_attr_string(zfs); 530425a68471Sdougm for (zgroup = sa_get_sub_group(group); 530525a68471Sdougm zgroup != NULL; 53066185db85Sdougm zgroup = sa_get_next_group(zgroup)) { 53076185db85Sdougm 53086185db85Sdougm /* got a group, so display it */ 5309f345c0beSdougm out_share(out, zgroup, proto); 53106185db85Sdougm } 53116185db85Sdougm } else { 5312f345c0beSdougm out_share(out, group, proto); 53136185db85Sdougm } 53146185db85Sdougm } 53156185db85Sdougm } 53166185db85Sdougm 53176185db85Sdougm int 5318549ec3ffSdougm sa_legacy_share(sa_handle_t handle, int flags, int argc, char *argv[]) 53196185db85Sdougm { 53206185db85Sdougm char *protocol = "nfs"; 53216185db85Sdougm char *options = NULL; 53226185db85Sdougm char *description = NULL; 53236185db85Sdougm char *groupname = NULL; 53246185db85Sdougm char *sharepath = NULL; 53256185db85Sdougm char *resource = NULL; 53266185db85Sdougm char *groupstatus = NULL; 53276185db85Sdougm int persist = SA_SHARE_TRANSIENT; 53286185db85Sdougm int argsused = 0; 53296185db85Sdougm int c; 53306185db85Sdougm int ret = SA_OK; 53316185db85Sdougm int zfs = 0; 53326185db85Sdougm int true_legacy = 0; 53336185db85Sdougm int curtype = SA_SHARE_TRANSIENT; 53346185db85Sdougm char cmd[MAXPATHLEN]; 533525a68471Sdougm sa_group_t group = NULL; 5336da6c28aaSamw sa_resource_t rsrc = NULL; 533725a68471Sdougm sa_share_t share; 533825a68471Sdougm char dir[MAXPATHLEN]; 5339da6c28aaSamw uint64_t features; 5340da6c28aaSamw #ifdef lint 5341da6c28aaSamw flags = flags; 5342da6c28aaSamw #endif 53436185db85Sdougm 53446185db85Sdougm while ((c = getopt(argc, argv, "?hF:d:o:p")) != EOF) { 53456185db85Sdougm switch (c) { 53466185db85Sdougm case 'd': 53476185db85Sdougm description = optarg; 53486185db85Sdougm argsused++; 53496185db85Sdougm break; 53506185db85Sdougm case 'F': 53516185db85Sdougm protocol = optarg; 53526185db85Sdougm if (!sa_valid_protocol(protocol)) { 53536185db85Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 535425a68471Sdougm protocol, "share") == 0 && 535525a68471Sdougm check_legacy_cmd(cmd)) { 53566185db85Sdougm true_legacy++; 53576185db85Sdougm } else { 535825a68471Sdougm (void) fprintf(stderr, gettext( 535925a68471Sdougm "Invalid protocol specified: " 536025a68471Sdougm "%s\n"), protocol); 53616185db85Sdougm return (SA_INVALID_PROTOCOL); 53626185db85Sdougm } 53636185db85Sdougm } 53646185db85Sdougm break; 53656185db85Sdougm case 'o': 53666185db85Sdougm options = optarg; 53676185db85Sdougm argsused++; 53686185db85Sdougm break; 53696185db85Sdougm case 'p': 53706185db85Sdougm persist = SA_SHARE_PERMANENT; 53716185db85Sdougm argsused++; 53726185db85Sdougm break; 53736185db85Sdougm case 'h': 5374*e7bab347Sdougm /* optopt on valid arg isn't defined */ 5375*e7bab347Sdougm optopt = c; 5376*e7bab347Sdougm /*FALLTHROUGH*/ 53776185db85Sdougm case '?': 53786185db85Sdougm default: 5379*e7bab347Sdougm /* 5380*e7bab347Sdougm * Since a bad option gets to here, sort it 5381*e7bab347Sdougm * out and return a syntax error return value 5382*e7bab347Sdougm * if necessary. 5383*e7bab347Sdougm */ 5384*e7bab347Sdougm switch (optopt) { 5385*e7bab347Sdougm default: 5386*e7bab347Sdougm ret = SA_LEGACY_ERR; 5387*e7bab347Sdougm break; 5388*e7bab347Sdougm case 'h': 5389*e7bab347Sdougm case '?': 5390*e7bab347Sdougm break; 5391*e7bab347Sdougm } 53926185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 53936185db85Sdougm sa_get_usage(USAGE_SHARE)); 5394*e7bab347Sdougm return (ret); 53956185db85Sdougm } 53966185db85Sdougm } 53976185db85Sdougm 539825a68471Sdougm /* Have the info so construct what is needed */ 53996185db85Sdougm if (!argsused && optind == argc) { 54006185db85Sdougm /* display current info in share format */ 5401da6c28aaSamw (void) output_legacy_file(stdout, protocol, handle); 540225a68471Sdougm return (ret); 540325a68471Sdougm } 54046185db85Sdougm 540525a68471Sdougm /* We are modifying the configuration */ 54066185db85Sdougm if (optind == argc) { 54076185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 54086185db85Sdougm sa_get_usage(USAGE_SHARE)); 54096185db85Sdougm return (SA_LEGACY_ERR); 54106185db85Sdougm } 54116185db85Sdougm if (true_legacy) { 541225a68471Sdougm /* If still using legacy share/unshare, exec it */ 54136185db85Sdougm ret = run_legacy_command(cmd, argv); 54146185db85Sdougm return (ret); 54156185db85Sdougm } 54166185db85Sdougm 54176185db85Sdougm sharepath = argv[optind++]; 54186185db85Sdougm if (optind < argc) { 54196185db85Sdougm resource = argv[optind]; 54206185db85Sdougm groupname = strchr(resource, '@'); 54216185db85Sdougm if (groupname != NULL) 54226185db85Sdougm *groupname++ = '\0'; 54236185db85Sdougm } 54246185db85Sdougm if (realpath(sharepath, dir) == NULL) 54256185db85Sdougm ret = SA_BAD_PATH; 54266185db85Sdougm else 54276185db85Sdougm sharepath = dir; 542825a68471Sdougm if (ret == SA_OK) 5429549ec3ffSdougm share = sa_find_share(handle, sharepath); 543025a68471Sdougm else 54316185db85Sdougm share = NULL; 543225a68471Sdougm 5433da6c28aaSamw features = sa_proto_get_featureset(protocol); 5434da6c28aaSamw 54356185db85Sdougm if (groupname != NULL) { 54366185db85Sdougm ret = SA_NOT_ALLOWED; 54376185db85Sdougm } else if (ret == SA_OK) { 5438da6c28aaSamw char *legacygroup; 54396185db85Sdougm /* 544025a68471Sdougm * The legacy group is always present and zfs groups 54416185db85Sdougm * come and go. zfs shares may be in sub-groups and 54426185db85Sdougm * the zfs share will already be in that group so it 5443da6c28aaSamw * isn't an error. If the protocol is "smb", the group 5444da6c28aaSamw * "smb" is used when "default" would otherwise be 5445da6c28aaSamw * used. "default" is NFS only and "smb" is SMB only. 54466185db85Sdougm */ 5447da6c28aaSamw if (strcmp(protocol, "smb") == 0) 5448da6c28aaSamw legacygroup = "smb"; 5449da6c28aaSamw else 5450da6c28aaSamw legacygroup = "default"; 5451da6c28aaSamw 54526185db85Sdougm /* 545325a68471Sdougm * If the share exists (not NULL), then make sure it 545425a68471Sdougm * is one we want to handle by getting the parent 545525a68471Sdougm * group. 54566185db85Sdougm */ 5457da6c28aaSamw if (share != NULL) { 54586185db85Sdougm group = sa_get_parent_group(share); 5459da6c28aaSamw } else { 5460549ec3ffSdougm group = sa_get_group(handle, legacygroup); 5461da6c28aaSamw if (group == NULL && strcmp(legacygroup, "smb") == 0) { 5462da6c28aaSamw /* 5463da6c28aaSamw * This group may not exist, so create 5464da6c28aaSamw * as necessary. It only contains the 5465da6c28aaSamw * "smb" protocol. 5466da6c28aaSamw */ 5467da6c28aaSamw group = sa_create_group(handle, legacygroup, 5468da6c28aaSamw &ret); 5469da6c28aaSamw if (group != NULL) 5470da6c28aaSamw (void) sa_create_optionset(group, 5471da6c28aaSamw protocol); 5472da6c28aaSamw } 5473da6c28aaSamw } 547425a68471Sdougm 5475da6c28aaSamw if (group == NULL) { 5476da6c28aaSamw ret = SA_SYSTEM_ERR; 5477da6c28aaSamw goto err; 5478da6c28aaSamw } 5479da6c28aaSamw 54806185db85Sdougm groupstatus = group_status(group); 54816185db85Sdougm if (share == NULL) { 54826185db85Sdougm share = sa_add_share(group, sharepath, 54836185db85Sdougm persist, &ret); 548425a68471Sdougm if (share == NULL && 548525a68471Sdougm ret == SA_DUPLICATE_NAME) { 548625a68471Sdougm /* 548725a68471Sdougm * Could be a ZFS path being started 548825a68471Sdougm */ 548925a68471Sdougm if (sa_zfs_is_shared(handle, 549025a68471Sdougm sharepath)) { 549125a68471Sdougm ret = SA_OK; 549225a68471Sdougm group = sa_get_group(handle, 549325a68471Sdougm "zfs"); 549425a68471Sdougm if (group == NULL) { 549525a68471Sdougm /* 549625a68471Sdougm * This shouldn't 549725a68471Sdougm * happen. 549825a68471Sdougm */ 549925a68471Sdougm ret = SA_CONFIG_ERR; 550025a68471Sdougm } else { 550125a68471Sdougm share = sa_add_share( 550225a68471Sdougm group, sharepath, 550325a68471Sdougm persist, &ret); 55046185db85Sdougm } 55056185db85Sdougm } 55066185db85Sdougm } 55076185db85Sdougm } else { 550893a6f655Sdougm char *type; 55096185db85Sdougm /* 551025a68471Sdougm * May want to change persist state, but the 551193a6f655Sdougm * important thing is to change options. We 551293a6f655Sdougm * need to change them regardless of the 551393a6f655Sdougm * source. 55146185db85Sdougm */ 5515da6c28aaSamw 5516549ec3ffSdougm if (sa_zfs_is_shared(handle, sharepath)) { 551793a6f655Sdougm zfs = 1; 551893a6f655Sdougm } 55196185db85Sdougm remove_all_options(share, protocol); 55206185db85Sdougm type = sa_get_share_attr(share, "type"); 55216185db85Sdougm if (type != NULL && 55226185db85Sdougm strcmp(type, "transient") != 0) { 55236185db85Sdougm curtype = SA_SHARE_PERMANENT; 55246185db85Sdougm } 55256185db85Sdougm if (type != NULL) 55266185db85Sdougm sa_free_attr_string(type); 55276185db85Sdougm if (curtype != persist) { 55286185db85Sdougm (void) sa_set_share_attr(share, "type", 55296185db85Sdougm persist == SA_SHARE_PERMANENT ? 55306185db85Sdougm "persist" : "transient"); 55316185db85Sdougm } 55326185db85Sdougm } 5533da6c28aaSamw 5534da6c28aaSamw /* 5535da6c28aaSamw * If there is a resource name, we may 5536da6c28aaSamw * actually care about it if this is share for 5537da6c28aaSamw * a protocol that uses resource level sharing 5538da6c28aaSamw * (SMB). We need to find the resource and, if 5539da6c28aaSamw * it exists, make sure it belongs to the 5540da6c28aaSamw * current share. If it doesn't exist, attempt 5541da6c28aaSamw * to create it. 5542da6c28aaSamw */ 5543da6c28aaSamw 5544da6c28aaSamw if (ret == SA_OK && resource != NULL) { 5545da6c28aaSamw rsrc = sa_find_resource(handle, resource); 5546da6c28aaSamw if (rsrc != NULL) { 5547da6c28aaSamw if (share != sa_get_resource_parent(rsrc)) 5548da6c28aaSamw ret = SA_DUPLICATE_NAME; 5549da6c28aaSamw } else { 5550da6c28aaSamw rsrc = sa_add_resource(share, resource, 5551da6c28aaSamw persist, &ret); 5552da6c28aaSamw } 5553da6c28aaSamw if (features & SA_FEATURE_RESOURCE) 5554da6c28aaSamw share = rsrc; 5555da6c28aaSamw } 5556da6c28aaSamw 555725a68471Sdougm /* Have a group to hold this share path */ 55586185db85Sdougm if (ret == SA_OK && options != NULL && 55596185db85Sdougm strlen(options) > 0) { 55606185db85Sdougm ret = sa_parse_legacy_options(share, 55616185db85Sdougm options, 55626185db85Sdougm protocol); 55636185db85Sdougm } 556493a6f655Sdougm if (!zfs) { 556593a6f655Sdougm /* 5566da6c28aaSamw * ZFS shares never have a description 5567da6c28aaSamw * and we can't store the values so 5568da6c28aaSamw * don't try. 556993a6f655Sdougm */ 55706185db85Sdougm if (ret == SA_OK && description != NULL) 557125a68471Sdougm ret = sa_set_share_description(share, 557225a68471Sdougm description); 55736185db85Sdougm } 5574da6c28aaSamw if (ret == SA_OK && 5575da6c28aaSamw strcmp(groupstatus, "enabled") == 0) { 5576da6c28aaSamw if (rsrc != share) 55776185db85Sdougm ret = sa_enable_share(share, protocol); 5578da6c28aaSamw else 5579da6c28aaSamw ret = sa_enable_resource(rsrc, 5580da6c28aaSamw protocol); 558125a68471Sdougm if (ret == SA_OK && 558225a68471Sdougm persist == SA_SHARE_PERMANENT) { 558325a68471Sdougm (void) sa_update_legacy(share, 558425a68471Sdougm protocol); 55856185db85Sdougm } 55866185db85Sdougm if (ret == SA_OK) 5587549ec3ffSdougm ret = sa_update_config(handle); 55886185db85Sdougm } 55896185db85Sdougm } 5590da6c28aaSamw err: 55916185db85Sdougm if (ret != SA_OK) { 55926185db85Sdougm (void) fprintf(stderr, gettext("Could not share: %s: %s\n"), 55936185db85Sdougm sharepath, sa_errorstr(ret)); 55946185db85Sdougm ret = SA_LEGACY_ERR; 55956185db85Sdougm } 55966185db85Sdougm return (ret); 55976185db85Sdougm } 55986185db85Sdougm 55996185db85Sdougm /* 56006185db85Sdougm * sa_legacy_unshare(flags, argc, argv) 56016185db85Sdougm * 56026185db85Sdougm * Implements the original unshare command. 56036185db85Sdougm */ 56046185db85Sdougm int 5605549ec3ffSdougm sa_legacy_unshare(sa_handle_t handle, int flags, int argc, char *argv[]) 56066185db85Sdougm { 56076185db85Sdougm char *protocol = "nfs"; /* for now */ 56086185db85Sdougm char *options = NULL; 56096185db85Sdougm char *sharepath = NULL; 56106185db85Sdougm int persist = SA_SHARE_TRANSIENT; 56116185db85Sdougm int argsused = 0; 56126185db85Sdougm int c; 56136185db85Sdougm int ret = SA_OK; 56146185db85Sdougm int true_legacy = 0; 5615da6c28aaSamw uint64_t features = 0; 5616da6c28aaSamw sa_resource_t resource = NULL; 56176185db85Sdougm char cmd[MAXPATHLEN]; 5618da6c28aaSamw #ifdef lint 5619da6c28aaSamw flags = flags; 5620da6c28aaSamw options = options; 5621da6c28aaSamw #endif 56226185db85Sdougm 56236185db85Sdougm while ((c = getopt(argc, argv, "?hF:o:p")) != EOF) { 56246185db85Sdougm switch (c) { 56256185db85Sdougm case 'F': 56266185db85Sdougm protocol = optarg; 56276185db85Sdougm if (!sa_valid_protocol(protocol)) { 56286185db85Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 56296185db85Sdougm protocol, "unshare") == 0 && 56306185db85Sdougm check_legacy_cmd(cmd)) { 56316185db85Sdougm true_legacy++; 56326185db85Sdougm } else { 563325a68471Sdougm (void) printf(gettext( 563425a68471Sdougm "Invalid file system name\n")); 56356185db85Sdougm return (SA_INVALID_PROTOCOL); 56366185db85Sdougm } 56376185db85Sdougm } 56386185db85Sdougm break; 56396185db85Sdougm case 'o': 56406185db85Sdougm options = optarg; 56416185db85Sdougm argsused++; 56426185db85Sdougm break; 56436185db85Sdougm case 'p': 56446185db85Sdougm persist = SA_SHARE_PERMANENT; 56456185db85Sdougm argsused++; 56466185db85Sdougm break; 5647*e7bab347Sdougm case 'h': 5648*e7bab347Sdougm /* optopt on valid arg isn't defined */ 5649*e7bab347Sdougm optopt = c; 5650*e7bab347Sdougm /*FALLTHROUGH*/ 5651*e7bab347Sdougm case '?': 56526185db85Sdougm default: 5653*e7bab347Sdougm /* 5654*e7bab347Sdougm * Since a bad option gets to here, sort it 5655*e7bab347Sdougm * out and return a syntax error return value 5656*e7bab347Sdougm * if necessary. 5657*e7bab347Sdougm */ 5658*e7bab347Sdougm switch (optopt) { 5659*e7bab347Sdougm default: 5660*e7bab347Sdougm ret = SA_LEGACY_ERR; 5661*e7bab347Sdougm break; 5662*e7bab347Sdougm case 'h': 5663*e7bab347Sdougm case '?': 5664*e7bab347Sdougm break; 5665*e7bab347Sdougm } 56666185db85Sdougm (void) printf(gettext("usage: %s\n"), 56676185db85Sdougm sa_get_usage(USAGE_UNSHARE)); 5668*e7bab347Sdougm return (ret); 56696185db85Sdougm } 56706185db85Sdougm } 56716185db85Sdougm 567225a68471Sdougm /* Have the info so construct what is needed */ 567325a68471Sdougm if (optind == argc || (optind + 1) < argc || options != NULL) { 56746185db85Sdougm ret = SA_SYNTAX_ERR; 56756185db85Sdougm } else { 56766185db85Sdougm sa_share_t share; 56776185db85Sdougm char dir[MAXPATHLEN]; 56786185db85Sdougm if (true_legacy) { 56796185db85Sdougm /* if still using legacy share/unshare, exec it */ 56806185db85Sdougm ret = run_legacy_command(cmd, argv); 56816185db85Sdougm return (ret); 56826185db85Sdougm } 5683a99982a7Sdougm /* 5684a99982a7Sdougm * Find the path in the internal configuration. If it 5685a99982a7Sdougm * isn't found, attempt to resolve the path via 5686a99982a7Sdougm * realpath() and try again. 5687a99982a7Sdougm */ 56886185db85Sdougm sharepath = argv[optind++]; 5689549ec3ffSdougm share = sa_find_share(handle, sharepath); 5690a99982a7Sdougm if (share == NULL) { 56916185db85Sdougm if (realpath(sharepath, dir) == NULL) { 56926185db85Sdougm ret = SA_NO_SUCH_PATH; 56936185db85Sdougm } else { 5694549ec3ffSdougm share = sa_find_share(handle, dir); 5695a99982a7Sdougm } 5696a99982a7Sdougm } 5697da6c28aaSamw if (share == NULL) { 5698da6c28aaSamw /* Could be a resource name so check that next */ 5699da6c28aaSamw features = sa_proto_get_featureset(protocol); 5700da6c28aaSamw resource = sa_find_resource(handle, sharepath); 5701da6c28aaSamw if (resource != NULL) { 5702da6c28aaSamw share = sa_get_resource_parent(resource); 5703da6c28aaSamw if (features & SA_FEATURE_RESOURCE) 5704da6c28aaSamw (void) sa_disable_resource(resource, 5705da6c28aaSamw protocol); 5706da6c28aaSamw if (persist == SA_SHARE_PERMANENT) { 5707da6c28aaSamw ret = sa_remove_resource(resource); 5708da6c28aaSamw if (ret == SA_OK) 5709da6c28aaSamw ret = sa_update_config(handle); 5710da6c28aaSamw } 5711da6c28aaSamw /* 5712da6c28aaSamw * If we still have a resource on the 5713da6c28aaSamw * share, we don't disable the share 5714da6c28aaSamw * itself. IF there aren't anymore, we 5715da6c28aaSamw * need to remove the share. The 5716da6c28aaSamw * removal will be done in the next 5717da6c28aaSamw * section if appropriate. 5718da6c28aaSamw */ 5719da6c28aaSamw resource = sa_get_share_resource(share, NULL); 5720da6c28aaSamw if (resource != NULL) 5721da6c28aaSamw share = NULL; 5722da6c28aaSamw } else if (ret == SA_OK) { 5723da6c28aaSamw /* Didn't find path and no resource */ 5724da6c28aaSamw ret = SA_BAD_PATH; 5725da6c28aaSamw } 5726da6c28aaSamw } 5727da6c28aaSamw if (share != NULL && resource == NULL) { 57286185db85Sdougm ret = sa_disable_share(share, protocol); 5729a99982a7Sdougm /* 5730a99982a7Sdougm * Errors are ok and removal should still occur. The 5731a99982a7Sdougm * legacy unshare is more forgiving of errors than the 5732a99982a7Sdougm * remove-share subcommand which may need the force 5733a99982a7Sdougm * flag set for some error conditions. That is, the 5734a99982a7Sdougm * "unshare" command will always unshare if it can 5735a99982a7Sdougm * while "remove-share" might require the force option. 5736a99982a7Sdougm */ 5737a99982a7Sdougm if (persist == SA_SHARE_PERMANENT) { 57386185db85Sdougm ret = sa_remove_share(share); 5739a99982a7Sdougm if (ret == SA_OK) 5740549ec3ffSdougm ret = sa_update_config(handle); 57416185db85Sdougm } 5742da6c28aaSamw } else if (ret == SA_OK && share == NULL && resource == NULL) { 5743da6c28aaSamw /* 5744da6c28aaSamw * If both share and resource are NULL, then 5745da6c28aaSamw * share not found. If one or the other was 5746da6c28aaSamw * found or there was an earlier error, we 5747da6c28aaSamw * assume it was handled earlier. 5748da6c28aaSamw */ 57496185db85Sdougm ret = SA_NOT_SHARED; 57506185db85Sdougm } 57516185db85Sdougm } 57526185db85Sdougm switch (ret) { 57536185db85Sdougm default: 57546185db85Sdougm (void) printf("%s: %s\n", sharepath, sa_errorstr(ret)); 57556185db85Sdougm ret = SA_LEGACY_ERR; 57566185db85Sdougm break; 57576185db85Sdougm case SA_SYNTAX_ERR: 57586185db85Sdougm (void) printf(gettext("usage: %s\n"), 57596185db85Sdougm sa_get_usage(USAGE_UNSHARE)); 57606185db85Sdougm break; 57616185db85Sdougm case SA_OK: 57626185db85Sdougm break; 57636185db85Sdougm } 57646185db85Sdougm return (ret); 57656185db85Sdougm } 57666185db85Sdougm 57676185db85Sdougm /* 576825a68471Sdougm * Common commands that implement the sub-commands used by all 5769da6c28aaSamw * protocols. The entries are found via the lookup command 57706185db85Sdougm */ 57716185db85Sdougm 57726185db85Sdougm static sa_command_t commands[] = { 57736185db85Sdougm {"add-share", 0, sa_addshare, USAGE_ADD_SHARE, SVC_SET}, 57746185db85Sdougm {"create", 0, sa_create, USAGE_CREATE, SVC_SET|SVC_ACTION}, 57756185db85Sdougm {"delete", 0, sa_delete, USAGE_DELETE, SVC_SET|SVC_ACTION}, 57766185db85Sdougm {"disable", 0, sa_disable_group, USAGE_DISABLE, SVC_SET|SVC_ACTION}, 57776185db85Sdougm {"enable", 0, sa_enable_group, USAGE_ENABLE, SVC_SET|SVC_ACTION}, 57786185db85Sdougm {"list", 0, sa_list, USAGE_LIST}, 57796185db85Sdougm {"move-share", 0, sa_moveshare, USAGE_MOVE_SHARE, SVC_SET}, 57806185db85Sdougm {"remove-share", 0, sa_removeshare, USAGE_REMOVE_SHARE, SVC_SET}, 57816185db85Sdougm {"set", 0, sa_set, USAGE_SET, SVC_SET}, 57826185db85Sdougm {"set-share", 0, sa_set_share, USAGE_SET_SHARE, SVC_SET}, 57836185db85Sdougm {"show", 0, sa_show, USAGE_SHOW}, 57846185db85Sdougm {"share", 0, sa_legacy_share, USAGE_SHARE, SVC_SET|SVC_ACTION}, 57856185db85Sdougm {"start", CMD_NODISPLAY, sa_start_group, USAGE_START, 57866185db85Sdougm SVC_SET|SVC_ACTION}, 57876185db85Sdougm {"stop", CMD_NODISPLAY, sa_stop_group, USAGE_STOP, SVC_SET|SVC_ACTION}, 57886185db85Sdougm {"unset", 0, sa_unset, USAGE_UNSET, SVC_SET}, 57896185db85Sdougm {"unshare", 0, sa_legacy_unshare, USAGE_UNSHARE, SVC_SET|SVC_ACTION}, 57906185db85Sdougm {NULL, 0, NULL, NULL} 57916185db85Sdougm }; 57926185db85Sdougm 57936185db85Sdougm static char * 57946185db85Sdougm sa_get_usage(sa_usage_t index) 57956185db85Sdougm { 57966185db85Sdougm char *ret = NULL; 57976185db85Sdougm switch (index) { 57986185db85Sdougm case USAGE_ADD_SHARE: 57996185db85Sdougm ret = gettext("add-share [-nth] [-r resource-name] " 58006185db85Sdougm "[-d \"description text\"] -s sharepath group"); 58016185db85Sdougm break; 58026185db85Sdougm case USAGE_CREATE: 580325a68471Sdougm ret = gettext( 580425a68471Sdougm "create [-nvh] [-P proto [-p property=value]] group"); 58056185db85Sdougm break; 58066185db85Sdougm case USAGE_DELETE: 58076185db85Sdougm ret = gettext("delete [-nvh] [-P proto] [-f] group"); 58086185db85Sdougm break; 58096185db85Sdougm case USAGE_DISABLE: 58106185db85Sdougm ret = gettext("disable [-nvh] {-a | group ...}"); 58116185db85Sdougm break; 58126185db85Sdougm case USAGE_ENABLE: 58136185db85Sdougm ret = gettext("enable [-nvh] {-a | group ...}"); 58146185db85Sdougm break; 58156185db85Sdougm case USAGE_LIST: 58166185db85Sdougm ret = gettext("list [-vh] [-P proto]"); 58176185db85Sdougm break; 58186185db85Sdougm case USAGE_MOVE_SHARE: 581925a68471Sdougm ret = gettext( 582025a68471Sdougm "move-share [-nvh] -s sharepath destination-group"); 58216185db85Sdougm break; 58226185db85Sdougm case USAGE_REMOVE_SHARE: 5823da6c28aaSamw ret = gettext( 5824da6c28aaSamw "remove-share [-fnvh] {-s sharepath | -r resource} " 5825da6c28aaSamw "group"); 58266185db85Sdougm break; 58276185db85Sdougm case USAGE_SET: 58286185db85Sdougm ret = gettext("set [-nvh] -P proto [-S optspace] " 5829da6c28aaSamw "[-p property=value]* [-s sharepath] [-r resource]] " 5830da6c28aaSamw "group"); 58316185db85Sdougm break; 58326185db85Sdougm case USAGE_SET_SECURITY: 58336185db85Sdougm ret = gettext("set-security [-nvh] -P proto -S security-type " 58346185db85Sdougm "[-p property=value]* group"); 58356185db85Sdougm break; 58366185db85Sdougm case USAGE_SET_SHARE: 58376185db85Sdougm ret = gettext("set-share [-nh] [-r resource] " 58386185db85Sdougm "[-d \"description text\"] -s sharepath group"); 58396185db85Sdougm break; 58406185db85Sdougm case USAGE_SHOW: 58416185db85Sdougm ret = gettext("show [-pvxh] [-P proto] [group ...]"); 58426185db85Sdougm break; 58436185db85Sdougm case USAGE_SHARE: 58446185db85Sdougm ret = gettext("share [-F fstype] [-p] [-o optionlist]" 58456185db85Sdougm "[-d description] [pathname [resourcename]]"); 58466185db85Sdougm break; 58476185db85Sdougm case USAGE_START: 58486185db85Sdougm ret = gettext("start [-vh] [-P proto] {-a | group ...}"); 58496185db85Sdougm break; 58506185db85Sdougm case USAGE_STOP: 58516185db85Sdougm ret = gettext("stop [-vh] [-P proto] {-a | group ...}"); 58526185db85Sdougm break; 58536185db85Sdougm case USAGE_UNSET: 58546185db85Sdougm ret = gettext("unset [-nvh] -P proto [-S optspace] " 58556185db85Sdougm "[-p property]* group"); 58566185db85Sdougm break; 58576185db85Sdougm case USAGE_UNSET_SECURITY: 5858da6c28aaSamw ret = gettext("unset-security [-nvh] -P proto " 5859da6c28aaSamw "-S security-type [-p property]* group"); 58606185db85Sdougm break; 58616185db85Sdougm case USAGE_UNSHARE: 586225a68471Sdougm ret = gettext( 5863da6c28aaSamw "unshare [-F fstype] [-p] [-o optionlist] sharepath"); 58646185db85Sdougm break; 58656185db85Sdougm } 58666185db85Sdougm return (ret); 58676185db85Sdougm } 58686185db85Sdougm 58696185db85Sdougm /* 58706185db85Sdougm * sa_lookup(cmd, proto) 58716185db85Sdougm * 58726185db85Sdougm * Lookup the sub-command. proto isn't currently used, but it may 58736185db85Sdougm * eventually provide a way to provide protocol specific sub-commands. 58746185db85Sdougm */ 58756185db85Sdougm sa_command_t * 58766185db85Sdougm sa_lookup(char *cmd, char *proto) 58776185db85Sdougm { 58786185db85Sdougm int i; 58796185db85Sdougm size_t len; 5880da6c28aaSamw #ifdef lint 5881da6c28aaSamw proto = proto; 5882da6c28aaSamw #endif 58836185db85Sdougm 58846185db85Sdougm len = strlen(cmd); 58856185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 58866185db85Sdougm if (strncmp(cmd, commands[i].cmdname, len) == 0) 58876185db85Sdougm return (&commands[i]); 58886185db85Sdougm } 58896185db85Sdougm return (NULL); 58906185db85Sdougm } 58916185db85Sdougm 58926185db85Sdougm void 58936185db85Sdougm sub_command_help(char *proto) 58946185db85Sdougm { 58956185db85Sdougm int i; 5896da6c28aaSamw #ifdef lint 5897da6c28aaSamw proto = proto; 5898da6c28aaSamw #endif 58996185db85Sdougm 59006185db85Sdougm (void) printf(gettext("\tsub-commands:\n")); 59016185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 59026185db85Sdougm if (!(commands[i].flags & (CMD_ALIAS|CMD_NODISPLAY))) 59036185db85Sdougm (void) printf("\t%s\n", 59046185db85Sdougm sa_get_usage((sa_usage_t)commands[i].cmdidx)); 59056185db85Sdougm } 59066185db85Sdougm } 5907