16185db85Sdougm /* 26185db85Sdougm * CDDL HEADER START 36185db85Sdougm * 46185db85Sdougm * The contents of this file are subject to the terms of the 56185db85Sdougm * Common Development and Distribution License (the "License"). 66185db85Sdougm * You may not use this file except in compliance with the License. 76185db85Sdougm * 86185db85Sdougm * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 96185db85Sdougm * or http://www.opensolaris.org/os/licensing. 106185db85Sdougm * See the License for the specific language governing permissions 116185db85Sdougm * and limitations under the License. 126185db85Sdougm * 136185db85Sdougm * When distributing Covered Code, include this CDDL HEADER in each 146185db85Sdougm * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 156185db85Sdougm * If applicable, add the following below this CDDL HEADER, with the 166185db85Sdougm * fields enclosed by brackets "[]" replaced with your own identifying 176185db85Sdougm * information: Portions Copyright [yyyy] [name of copyright owner] 186185db85Sdougm * 196185db85Sdougm * CDDL HEADER END 206185db85Sdougm */ 216185db85Sdougm 226185db85Sdougm /* 23f345c0beSdougm * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 246185db85Sdougm * Use is subject to license terms. 256185db85Sdougm */ 266185db85Sdougm 276185db85Sdougm #pragma ident "%Z%%M% %I% %E% SMI" 286185db85Sdougm 296185db85Sdougm #include <sys/types.h> 306185db85Sdougm #include <sys/stat.h> 316185db85Sdougm #include <fcntl.h> 326185db85Sdougm #include <stdlib.h> 336185db85Sdougm #include <stdio.h> 346185db85Sdougm #include <string.h> 356185db85Sdougm #include <ctype.h> 366185db85Sdougm #include <unistd.h> 376185db85Sdougm #include <getopt.h> 386185db85Sdougm #include <utmpx.h> 396185db85Sdougm #include <pwd.h> 406185db85Sdougm #include <auth_attr.h> 416185db85Sdougm #include <secdb.h> 426185db85Sdougm #include <sys/param.h> 436185db85Sdougm #include <sys/stat.h> 446185db85Sdougm #include <errno.h> 456185db85Sdougm 466185db85Sdougm #include <libshare.h> 476185db85Sdougm #include "sharemgr.h" 486185db85Sdougm #include <libscf.h> 496185db85Sdougm #include <libxml/tree.h> 506185db85Sdougm #include <libintl.h> 516185db85Sdougm 526185db85Sdougm static char *sa_get_usage(sa_usage_t); 536185db85Sdougm 546185db85Sdougm /* 556185db85Sdougm * Implementation of the common sub-commands supported by sharemgr. 566185db85Sdougm * A number of helper functions are also included. 576185db85Sdougm */ 586185db85Sdougm 596185db85Sdougm /* 606185db85Sdougm * has_protocol(group, proto) 616185db85Sdougm * If the group has an optionset with the specified protocol, 626185db85Sdougm * return true (1) otherwise false (0). 636185db85Sdougm */ 646185db85Sdougm static int 656185db85Sdougm has_protocol(sa_group_t group, char *protocol) 666185db85Sdougm { 676185db85Sdougm sa_optionset_t optionset; 686185db85Sdougm int result = 0; 696185db85Sdougm 706185db85Sdougm optionset = sa_get_optionset(group, protocol); 716185db85Sdougm if (optionset != NULL) { 726185db85Sdougm result++; 736185db85Sdougm } 746185db85Sdougm return (result); 756185db85Sdougm } 766185db85Sdougm 776185db85Sdougm /* 786185db85Sdougm * add_list(list, item) 796185db85Sdougm * Adds a new list member that points to item to the list. 806185db85Sdougm * If list is NULL, it starts a new list. The function returns 816185db85Sdougm * the first member of the list. 826185db85Sdougm */ 836185db85Sdougm struct list * 846185db85Sdougm add_list(struct list *listp, void *item, void *data) 856185db85Sdougm { 866185db85Sdougm struct list *new, *tmp; 876185db85Sdougm 886185db85Sdougm new = malloc(sizeof (struct list)); 896185db85Sdougm if (new != NULL) { 906185db85Sdougm new->next = NULL; 916185db85Sdougm new->item = item; 926185db85Sdougm new->itemdata = data; 936185db85Sdougm } else { 946185db85Sdougm return (listp); 956185db85Sdougm } 966185db85Sdougm 976185db85Sdougm if (listp == NULL) 986185db85Sdougm return (new); 996185db85Sdougm 1006185db85Sdougm for (tmp = listp; tmp->next != NULL; tmp = tmp->next) { 1016185db85Sdougm /* get to end of list */ 1026185db85Sdougm } 1036185db85Sdougm tmp->next = new; 1046185db85Sdougm return (listp); 1056185db85Sdougm } 1066185db85Sdougm 1076185db85Sdougm /* 1086185db85Sdougm * free_list(list) 1096185db85Sdougm * Given a list, free all the members of the list; 1106185db85Sdougm */ 1116185db85Sdougm static void 1126185db85Sdougm free_list(struct list *listp) 1136185db85Sdougm { 1146185db85Sdougm struct list *tmp; 1156185db85Sdougm while (listp != NULL) { 1166185db85Sdougm tmp = listp; 1176185db85Sdougm listp = listp->next; 1186185db85Sdougm free(tmp); 1196185db85Sdougm } 1206185db85Sdougm } 1216185db85Sdougm 1226185db85Sdougm /* 1236185db85Sdougm * check_authorization(instname, which) 1246185db85Sdougm * 1256185db85Sdougm * Checks to see if the specific type of authorization in which is 1266185db85Sdougm * enabled for the user in this SMF service instance. 1276185db85Sdougm */ 1286185db85Sdougm 1296185db85Sdougm static int 1306185db85Sdougm check_authorization(char *instname, int which) 1316185db85Sdougm { 1326185db85Sdougm scf_handle_t *handle = NULL; 1336185db85Sdougm scf_simple_prop_t *prop = NULL; 1346185db85Sdougm char svcstring[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 1356185db85Sdougm char *authstr = NULL; 1366185db85Sdougm ssize_t numauths; 13725a68471Sdougm int ret = B_TRUE; 1386185db85Sdougm uid_t uid; 1396185db85Sdougm struct passwd *pw = NULL; 1406185db85Sdougm 1416185db85Sdougm uid = getuid(); 1426185db85Sdougm pw = getpwuid(uid); 14325a68471Sdougm if (pw == NULL) { 14425a68471Sdougm ret = B_FALSE; 14525a68471Sdougm } else { 14625a68471Sdougm /* 14725a68471Sdougm * Since names are restricted to SA_MAX_NAME_LEN won't 14825a68471Sdougm * overflow. 14925a68471Sdougm */ 15025a68471Sdougm (void) snprintf(svcstring, sizeof (svcstring), "%s:%s", 15125a68471Sdougm SA_SVC_FMRI_BASE, instname); 1526185db85Sdougm handle = scf_handle_create(SCF_VERSION); 1536185db85Sdougm if (handle != NULL) { 1546185db85Sdougm if (scf_handle_bind(handle) == 0) { 1556185db85Sdougm switch (which) { 1566185db85Sdougm case SVC_SET: 15725a68471Sdougm prop = scf_simple_prop_get(handle, 15825a68471Sdougm svcstring, "general", 1596185db85Sdougm SVC_AUTH_VALUE); 1606185db85Sdougm break; 1616185db85Sdougm case SVC_ACTION: 16225a68471Sdougm prop = scf_simple_prop_get(handle, 16325a68471Sdougm svcstring, "general", 1646185db85Sdougm SVC_AUTH_ACTION); 1656185db85Sdougm break; 1666185db85Sdougm } 1676185db85Sdougm } 1686185db85Sdougm } 1696185db85Sdougm } 1706185db85Sdougm /* make sure we have an authorization string property */ 1716185db85Sdougm if (prop != NULL) { 1726185db85Sdougm int i; 1736185db85Sdougm numauths = scf_simple_prop_numvalues(prop); 1746185db85Sdougm for (ret = 0, i = 0; i < numauths; i++) { 1756185db85Sdougm authstr = scf_simple_prop_next_astring(prop); 1766185db85Sdougm if (authstr != NULL) { 1776185db85Sdougm /* check if this user has one of the strings */ 1786185db85Sdougm if (chkauthattr(authstr, pw->pw_name)) { 1796185db85Sdougm ret = 1; 1806185db85Sdougm break; 1816185db85Sdougm } 1826185db85Sdougm } 1836185db85Sdougm } 1846185db85Sdougm endauthattr(); 1856185db85Sdougm scf_simple_prop_free(prop); 1866185db85Sdougm } else { 1876185db85Sdougm /* no authorization string defined */ 1886185db85Sdougm ret = 0; 1896185db85Sdougm } 1906185db85Sdougm if (handle != NULL) 1916185db85Sdougm scf_handle_destroy(handle); 1926185db85Sdougm return (ret); 1936185db85Sdougm } 1946185db85Sdougm 1956185db85Sdougm /* 1966185db85Sdougm * check_authorizations(instname, flags) 1976185db85Sdougm * 1986185db85Sdougm * check all the needed authorizations for the user in this service 1996185db85Sdougm * instance. Return value of 1(true) or 0(false) indicates whether 2006185db85Sdougm * there are authorizations for the user or not. 2016185db85Sdougm */ 2026185db85Sdougm 2036185db85Sdougm static int 2046185db85Sdougm check_authorizations(char *instname, int flags) 2056185db85Sdougm { 2066185db85Sdougm int ret1 = 0; 2076185db85Sdougm int ret2 = 0; 2086185db85Sdougm int ret; 2096185db85Sdougm 2106185db85Sdougm if (flags & SVC_SET) 2116185db85Sdougm ret1 = check_authorization(instname, SVC_SET); 2126185db85Sdougm if (flags & SVC_ACTION) 2136185db85Sdougm ret2 = check_authorization(instname, SVC_ACTION); 2146185db85Sdougm switch (flags) { 2156185db85Sdougm case SVC_ACTION: 2166185db85Sdougm ret = ret2; 2176185db85Sdougm break; 2186185db85Sdougm case SVC_SET: 2196185db85Sdougm ret = ret1; 2206185db85Sdougm break; 2216185db85Sdougm case SVC_ACTION|SVC_SET: 2226185db85Sdougm ret = ret1 & ret2; 2236185db85Sdougm break; 2246185db85Sdougm default: 2256185db85Sdougm /* if not flags set, we assume we don't need authorizations */ 2266185db85Sdougm ret = 1; 2276185db85Sdougm } 2286185db85Sdougm return (ret); 2296185db85Sdougm } 2306185db85Sdougm 2316185db85Sdougm /* 2327d968cb8Sdougm * enable_group(group, updateproto) 2337d968cb8Sdougm * 2347d968cb8Sdougm * enable all the shares in the specified group. This is a helper for 2357d968cb8Sdougm * enable_all_groups in order to simplify regular and subgroup (zfs) 2367d968cb8Sdougm * disabling. Group has already been checked for non-NULL. 2376185db85Sdougm */ 2387d968cb8Sdougm 2397d968cb8Sdougm static void 2407d968cb8Sdougm enable_group(sa_group_t group, char *updateproto) 2416185db85Sdougm { 2426185db85Sdougm sa_share_t share; 2437d968cb8Sdougm 2447d968cb8Sdougm for (share = sa_get_share(group, NULL); 2457d968cb8Sdougm share != NULL; 2467d968cb8Sdougm share = sa_get_next_share(share)) { 2477d968cb8Sdougm if (updateproto != NULL) 2487d968cb8Sdougm (void) sa_update_legacy(share, updateproto); 2497d968cb8Sdougm (void) sa_enable_share(share, NULL); 2507d968cb8Sdougm } 2517d968cb8Sdougm } 2527d968cb8Sdougm 2537d968cb8Sdougm /* 254330ef417Sdougm * isenabled(group) 255330ef417Sdougm * 256330ef417Sdougm * Returns B_TRUE if the group is enabled or B_FALSE if it isn't. 257330ef417Sdougm * Moved to separate function to reduce clutter in the code. 258330ef417Sdougm */ 259330ef417Sdougm 260330ef417Sdougm static int 261330ef417Sdougm isenabled(sa_group_t group) 262330ef417Sdougm { 263330ef417Sdougm char *state; 264330ef417Sdougm int ret = B_FALSE; 265330ef417Sdougm 266330ef417Sdougm if (group != NULL) { 267330ef417Sdougm state = sa_get_group_attr(group, "state"); 268330ef417Sdougm if (state != NULL) { 269330ef417Sdougm if (strcmp(state, "enabled") == 0) 270330ef417Sdougm ret = B_TRUE; 271330ef417Sdougm sa_free_attr_string(state); 272330ef417Sdougm } 273330ef417Sdougm } 274330ef417Sdougm return (ret); 275330ef417Sdougm } 276330ef417Sdougm 277330ef417Sdougm /* 2787d968cb8Sdougm * enable_all_groups(list, setstate, online, updateproto) 2797d968cb8Sdougm * Given a list of groups, enable each one found. If updateproto 2807d968cb8Sdougm * is not NULL, then update all the shares for the protocol that 2817d968cb8Sdougm * was passed in. 2827d968cb8Sdougm */ 2837d968cb8Sdougm static int 284549ec3ffSdougm enable_all_groups(sa_handle_t handle, struct list *work, int setstate, 285549ec3ffSdougm int online, char *updateproto) 2867d968cb8Sdougm { 287330ef417Sdougm int ret; 2886185db85Sdougm char instance[SA_MAX_NAME_LEN + sizeof (SA_SVC_FMRI_BASE) + 1]; 2896185db85Sdougm char *state; 2906185db85Sdougm char *name; 2916185db85Sdougm char *zfs = NULL; 2926185db85Sdougm sa_group_t group; 2937d968cb8Sdougm sa_group_t subgroup; 2946185db85Sdougm 295330ef417Sdougm for (ret = SA_OK; work != NULL; work = work->next) { 2966185db85Sdougm group = (sa_group_t)work->item; 297330ef417Sdougm 298330ef417Sdougm /* 299330ef417Sdougm * If setstate == TRUE, then make sure to set 300330ef417Sdougm * enabled. This needs to be done here in order for 301330ef417Sdougm * the isenabled check to succeed on a newly enabled 302330ef417Sdougm * group. 303330ef417Sdougm */ 304330ef417Sdougm if (setstate == B_TRUE) { 305330ef417Sdougm ret = sa_set_group_attr(group, "state", "enabled"); 306330ef417Sdougm if (ret != SA_OK) 307330ef417Sdougm break; 308330ef417Sdougm } 309330ef417Sdougm 310330ef417Sdougm /* 311330ef417Sdougm * Check to see if group is enabled. If it isn't, skip 312330ef417Sdougm * the rest. We don't want shares starting if the 313330ef417Sdougm * group is disabled. The properties may have been 314330ef417Sdougm * updated, but there won't be a change until the 315330ef417Sdougm * group is enabled. 316330ef417Sdougm */ 317330ef417Sdougm if (!isenabled(group)) 318330ef417Sdougm continue; 319330ef417Sdougm 3206185db85Sdougm /* if itemdata != NULL then a single share */ 3216185db85Sdougm if (work->itemdata != NULL) { 3226185db85Sdougm ret = sa_enable_share((sa_share_t)work->itemdata, NULL); 3236185db85Sdougm } 324330ef417Sdougm if (ret != SA_OK) 325330ef417Sdougm break; 326330ef417Sdougm 3276185db85Sdougm /* if itemdata == NULL then the whole group */ 3286185db85Sdougm if (work->itemdata == NULL) { 3297d968cb8Sdougm zfs = sa_get_group_attr(group, "zfs"); 3307d968cb8Sdougm /* 3317d968cb8Sdougm * if the share is managed by ZFS, don't 3327d968cb8Sdougm * update any of the protocols since ZFS is 3337d968cb8Sdougm * handling this. updateproto will contain 3347d968cb8Sdougm * the name of the protocol that we want to 3357d968cb8Sdougm * update legacy files for. 3367d968cb8Sdougm */ 3377d968cb8Sdougm enable_group(group, zfs == NULL ? updateproto : NULL); 33825a68471Sdougm for (subgroup = sa_get_sub_group(group); 33925a68471Sdougm subgroup != NULL; 3407d968cb8Sdougm subgroup = sa_get_next_group(subgroup)) { 3417d968cb8Sdougm /* never update legacy for ZFS subgroups */ 3427d968cb8Sdougm enable_group(subgroup, NULL); 3436185db85Sdougm } 3446185db85Sdougm } 3456185db85Sdougm if (online) { 3466185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 3477d968cb8Sdougm name = sa_get_group_attr(group, "name"); 3486185db85Sdougm if (name != NULL) { 3496185db85Sdougm if (zfs == NULL) { 35025a68471Sdougm (void) snprintf(instance, 35125a68471Sdougm sizeof (instance), "%s:%s", 3526185db85Sdougm SA_SVC_FMRI_BASE, name); 3536185db85Sdougm state = smf_get_state(instance); 3546185db85Sdougm if (state == NULL || 3556185db85Sdougm strcmp(state, "online") != 0) { 35625a68471Sdougm (void) smf_enable_instance( 35725a68471Sdougm instance, 0); 3586185db85Sdougm free(state); 3596185db85Sdougm } 3606185db85Sdougm } else { 3616185db85Sdougm sa_free_attr_string(zfs); 3626185db85Sdougm zfs = NULL; 3636185db85Sdougm } 3646185db85Sdougm if (name != NULL) 3656185db85Sdougm sa_free_attr_string(name); 3666185db85Sdougm } 3676185db85Sdougm } 3686185db85Sdougm } 3696185db85Sdougm if (ret == SA_OK) { 370549ec3ffSdougm ret = sa_update_config(handle); 3716185db85Sdougm } 3726185db85Sdougm return (ret); 3736185db85Sdougm } 3746185db85Sdougm 3756185db85Sdougm /* 3766185db85Sdougm * chk_opt(optlistp, security, proto) 3776185db85Sdougm * 3786185db85Sdougm * Do a sanity check on the optlist provided for the protocol. This 3796185db85Sdougm * is a syntax check and verification that the property is either a 3806185db85Sdougm * general or specific to a names optionset. 3816185db85Sdougm */ 3826185db85Sdougm 3836185db85Sdougm static int 3846185db85Sdougm chk_opt(struct options *optlistp, int security, char *proto) 3856185db85Sdougm { 3866185db85Sdougm struct options *optlist; 3876185db85Sdougm char *sep = ""; 3886185db85Sdougm int notfirst = 0; 3896185db85Sdougm int ret; 3906185db85Sdougm 3916185db85Sdougm for (optlist = optlistp; optlist != NULL; optlist = optlist->next) { 3926185db85Sdougm char *optname; 3936185db85Sdougm 3946185db85Sdougm optname = optlist->optname; 3956185db85Sdougm ret = OPT_ADD_OK; 3966185db85Sdougm /* extract property/value pair */ 3976185db85Sdougm if (sa_is_security(optname, proto)) { 3986185db85Sdougm if (!security) 3996185db85Sdougm ret = OPT_ADD_SECURITY; 4006185db85Sdougm } else { 4016185db85Sdougm if (security) 4026185db85Sdougm ret = OPT_ADD_PROPERTY; 4036185db85Sdougm } 4046185db85Sdougm if (ret != OPT_ADD_OK) { 4056185db85Sdougm if (notfirst == 0) 40625a68471Sdougm (void) printf( 40725a68471Sdougm gettext("Property syntax error: ")); 4086185db85Sdougm switch (ret) { 4096185db85Sdougm case OPT_ADD_SYNTAX: 4106185db85Sdougm (void) printf(gettext("%ssyntax error: %s"), 4116185db85Sdougm sep, optname); 4126185db85Sdougm sep = ", "; 4136185db85Sdougm break; 4146185db85Sdougm case OPT_ADD_SECURITY: 4156185db85Sdougm (void) printf(gettext("%s%s requires -S"), 4166185db85Sdougm optname, sep); 4176185db85Sdougm sep = ", "; 4186185db85Sdougm break; 4196185db85Sdougm case OPT_ADD_PROPERTY: 42025a68471Sdougm (void) printf( 42125a68471Sdougm gettext("%s%s not supported with -S"), 4226185db85Sdougm optname, sep); 4236185db85Sdougm sep = ", "; 4246185db85Sdougm break; 4256185db85Sdougm } 4266185db85Sdougm notfirst++; 4276185db85Sdougm } 4286185db85Sdougm } 4296185db85Sdougm if (notfirst) { 4306185db85Sdougm (void) printf("\n"); 4316185db85Sdougm ret = SA_SYNTAX_ERR; 4326185db85Sdougm } 4336185db85Sdougm return (ret); 4346185db85Sdougm } 4356185db85Sdougm 4366185db85Sdougm /* 4376185db85Sdougm * free_opt(optlist) 4386185db85Sdougm * Free the specified option list. 4396185db85Sdougm */ 4406185db85Sdougm static void 4416185db85Sdougm free_opt(struct options *optlist) 4426185db85Sdougm { 4436185db85Sdougm struct options *nextopt; 4446185db85Sdougm while (optlist != NULL) { 4456185db85Sdougm nextopt = optlist->next; 4466185db85Sdougm free(optlist); 4476185db85Sdougm optlist = nextopt; 4486185db85Sdougm } 4496185db85Sdougm } 4506185db85Sdougm 4516185db85Sdougm /* 4526185db85Sdougm * check property list for valid properties 4536185db85Sdougm * A null value is a remove which is always valid. 4546185db85Sdougm */ 4556185db85Sdougm static int 4566185db85Sdougm valid_options(struct options *optlist, char *proto, void *object, char *sec) 4576185db85Sdougm { 4586185db85Sdougm int ret = SA_OK; 4596185db85Sdougm struct options *cur; 4606185db85Sdougm sa_property_t prop; 4616185db85Sdougm sa_optionset_t parent = NULL; 4626185db85Sdougm 4636185db85Sdougm if (object != NULL) { 4646185db85Sdougm if (sec == NULL) 4656185db85Sdougm parent = sa_get_optionset(object, proto); 4666185db85Sdougm else 4676185db85Sdougm parent = sa_get_security(object, sec, proto); 4686185db85Sdougm } 4696185db85Sdougm 4706185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 47125a68471Sdougm if (cur->optvalue == NULL) 47225a68471Sdougm continue; 4736185db85Sdougm prop = sa_create_property(cur->optname, cur->optvalue); 4746185db85Sdougm if (prop == NULL) 4756185db85Sdougm ret = SA_NO_MEMORY; 4766185db85Sdougm if (ret != SA_OK || 4776185db85Sdougm (ret = sa_valid_property(parent, proto, prop)) != SA_OK) { 47825a68471Sdougm (void) printf( 47925a68471Sdougm gettext("Could not add property %s: %s\n"), 48025a68471Sdougm cur->optname, sa_errorstr(ret)); 4816185db85Sdougm } 4826185db85Sdougm (void) sa_remove_property(prop); 4836185db85Sdougm } 4846185db85Sdougm return (ret); 4856185db85Sdougm } 4866185db85Sdougm 4876185db85Sdougm /* 4886185db85Sdougm * add_optionset(group, optlist, protocol, *err) 4896185db85Sdougm * Add the options in optlist to an optionset and then add the optionset 4906185db85Sdougm * to the group. 4916185db85Sdougm * 4926185db85Sdougm * The return value indicates if there was a "change" while errors are 4936185db85Sdougm * returned via the *err parameters. 4946185db85Sdougm */ 4956185db85Sdougm static int 4966185db85Sdougm add_optionset(sa_group_t group, struct options *optlist, char *proto, int *err) 4976185db85Sdougm { 4986185db85Sdougm sa_optionset_t optionset; 4996185db85Sdougm int ret = SA_OK; 5006185db85Sdougm int result = 0; 5016185db85Sdougm 5026185db85Sdougm optionset = sa_get_optionset(group, proto); 5036185db85Sdougm if (optionset == NULL) { 5046185db85Sdougm optionset = sa_create_optionset(group, proto); 5056185db85Sdougm result = 1; /* adding a protocol is a change */ 5066185db85Sdougm } 50725a68471Sdougm if (optionset == NULL) { 50825a68471Sdougm ret = SA_NO_MEMORY; 50925a68471Sdougm goto out; 51025a68471Sdougm } 5116185db85Sdougm while (optlist != NULL) { 5126185db85Sdougm sa_property_t prop; 5136185db85Sdougm prop = sa_get_property(optionset, optlist->optname); 5146185db85Sdougm if (prop == NULL) { 5156185db85Sdougm /* 5166185db85Sdougm * add the property, but only if it is 5176185db85Sdougm * a non-NULL or non-zero length value 5186185db85Sdougm */ 5196185db85Sdougm if (optlist->optvalue != NULL) { 5206185db85Sdougm prop = sa_create_property(optlist->optname, 5216185db85Sdougm optlist->optvalue); 5226185db85Sdougm if (prop != NULL) { 52325a68471Sdougm ret = sa_valid_property(optionset, 52425a68471Sdougm proto, prop); 5256185db85Sdougm if (ret != SA_OK) { 5266185db85Sdougm (void) sa_remove_property(prop); 52725a68471Sdougm (void) printf(gettext("Could " 52825a68471Sdougm "not add property " 5296185db85Sdougm "%s: %s\n"), 5306185db85Sdougm optlist->optname, 5316185db85Sdougm sa_errorstr(ret)); 5326185db85Sdougm } 5336185db85Sdougm } 5346185db85Sdougm if (ret == SA_OK) { 5356185db85Sdougm ret = sa_add_property(optionset, prop); 5366185db85Sdougm if (ret != SA_OK) { 53725a68471Sdougm (void) printf(gettext( 53825a68471Sdougm "Could not add property " 5396185db85Sdougm "%s: %s\n"), 5406185db85Sdougm optlist->optname, 5416185db85Sdougm sa_errorstr(ret)); 5426185db85Sdougm } else { 5436185db85Sdougm /* there was a change */ 5446185db85Sdougm result = 1; 5456185db85Sdougm } 5466185db85Sdougm } 5476185db85Sdougm } 5486185db85Sdougm } else { 5496185db85Sdougm ret = sa_update_property(prop, optlist->optvalue); 5506185db85Sdougm /* should check to see if value changed */ 5516185db85Sdougm if (ret != SA_OK) { 5526185db85Sdougm (void) printf(gettext("Could not update " 55325a68471Sdougm "property %s: %s\n"), optlist->optname, 5546185db85Sdougm sa_errorstr(ret)); 5556185db85Sdougm } else { 5566185db85Sdougm result = 1; 5576185db85Sdougm } 5586185db85Sdougm } 5596185db85Sdougm optlist = optlist->next; 5606185db85Sdougm } 5616185db85Sdougm ret = sa_commit_properties(optionset, 0); 56225a68471Sdougm 56325a68471Sdougm out: 5646185db85Sdougm if (err != NULL) 5656185db85Sdougm *err = ret; 5666185db85Sdougm return (result); 5676185db85Sdougm } 5686185db85Sdougm 5696185db85Sdougm /* 5706185db85Sdougm * sa_create(flags, argc, argv) 5716185db85Sdougm * create a new group 5726185db85Sdougm * this may or may not have a protocol associated with it. 5736185db85Sdougm * No protocol means "all" protocols in this case. 5746185db85Sdougm */ 5756185db85Sdougm static int 576549ec3ffSdougm sa_create(sa_handle_t handle, int flags, int argc, char *argv[]) 5776185db85Sdougm { 5786185db85Sdougm char *groupname; 5796185db85Sdougm 5806185db85Sdougm sa_group_t group; 5816185db85Sdougm int verbose = 0; 5826185db85Sdougm int dryrun = 0; 5836185db85Sdougm int c; 5846185db85Sdougm char *protocol = NULL; 5856185db85Sdougm int ret = SA_OK; 5866185db85Sdougm struct options *optlist = NULL; 5876185db85Sdougm int err = 0; 5886185db85Sdougm int auth; 5896185db85Sdougm 5906185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:")) != EOF) { 5916185db85Sdougm switch (c) { 5926185db85Sdougm case 'v': 5936185db85Sdougm verbose++; 5946185db85Sdougm break; 5956185db85Sdougm case 'n': 5966185db85Sdougm dryrun++; 5976185db85Sdougm break; 5986185db85Sdougm case 'P': 5996185db85Sdougm protocol = optarg; 60025a68471Sdougm if (sa_valid_protocol(protocol)) 60125a68471Sdougm break; 60225a68471Sdougm (void) printf(gettext( 60325a68471Sdougm "Invalid protocol specified: %s\n"), protocol); 6046185db85Sdougm return (SA_INVALID_PROTOCOL); 6056185db85Sdougm break; 6066185db85Sdougm case 'p': 6076185db85Sdougm ret = add_opt(&optlist, optarg, 0); 6086185db85Sdougm switch (ret) { 6096185db85Sdougm case OPT_ADD_SYNTAX: 61025a68471Sdougm (void) printf(gettext( 61125a68471Sdougm "Property syntax error for property: %s\n"), 6126185db85Sdougm optarg); 6136185db85Sdougm return (SA_SYNTAX_ERR); 6146185db85Sdougm case OPT_ADD_SECURITY: 61525a68471Sdougm (void) printf(gettext( 61625a68471Sdougm "Security properties need " 6176185db85Sdougm "to be set with set-security: %s\n"), 6186185db85Sdougm optarg); 6196185db85Sdougm return (SA_SYNTAX_ERR); 6206185db85Sdougm default: 6216185db85Sdougm break; 6226185db85Sdougm } 6236185db85Sdougm break; 6246185db85Sdougm default: 6256185db85Sdougm case 'h': 6266185db85Sdougm case '?': 6276185db85Sdougm (void) printf(gettext("usage: %s\n"), 6286185db85Sdougm sa_get_usage(USAGE_CREATE)); 6296185db85Sdougm return (0); 6306185db85Sdougm } 6316185db85Sdougm } 6326185db85Sdougm 6336185db85Sdougm if (optind >= argc) { 63425a68471Sdougm (void) printf(gettext("usage: %s\n"), 63525a68471Sdougm sa_get_usage(USAGE_CREATE)); 6366185db85Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 6376185db85Sdougm return (SA_BAD_PATH); 6386185db85Sdougm } 6396185db85Sdougm 6406185db85Sdougm if ((optind + 1) < argc) { 64125a68471Sdougm (void) printf(gettext("usage: %s\n"), 64225a68471Sdougm sa_get_usage(USAGE_CREATE)); 6436185db85Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 6446185db85Sdougm return (SA_SYNTAX_ERR); 6456185db85Sdougm } 6466185db85Sdougm 6476185db85Sdougm if (protocol == NULL && optlist != NULL) { 6486185db85Sdougm /* lookup default protocol */ 64925a68471Sdougm (void) printf(gettext("usage: %s\n"), 65025a68471Sdougm sa_get_usage(USAGE_CREATE)); 6516185db85Sdougm (void) printf(gettext("\tprotocol must be specified " 6526185db85Sdougm "with properties\n")); 6536185db85Sdougm return (SA_INVALID_PROTOCOL); 6546185db85Sdougm } 6556185db85Sdougm 6566185db85Sdougm if (optlist != NULL) 6576185db85Sdougm ret = chk_opt(optlist, 0, protocol); 6586185db85Sdougm if (ret == OPT_ADD_SECURITY) { 6596185db85Sdougm (void) printf(gettext("Security properties not " 6606185db85Sdougm "supported with create\n")); 6616185db85Sdougm return (SA_SYNTAX_ERR); 6626185db85Sdougm } 6636185db85Sdougm 6646185db85Sdougm /* 66525a68471Sdougm * If a group already exists, we can only add a new protocol 6666185db85Sdougm * to it and not create a new one or add the same protocol 6676185db85Sdougm * again. 6686185db85Sdougm */ 6696185db85Sdougm 6706185db85Sdougm groupname = argv[optind]; 6716185db85Sdougm 6726185db85Sdougm auth = check_authorizations(groupname, flags); 6736185db85Sdougm 674549ec3ffSdougm group = sa_get_group(handle, groupname); 6756185db85Sdougm if (group != NULL) { 6766185db85Sdougm /* group exists so must be a protocol add */ 6776185db85Sdougm if (protocol != NULL) { 6786185db85Sdougm if (has_protocol(group, protocol)) { 67925a68471Sdougm (void) printf(gettext( 68025a68471Sdougm "Group \"%s\" already exists" 68125a68471Sdougm " with protocol %s\n"), groupname, 68225a68471Sdougm protocol); 6836185db85Sdougm ret = SA_DUPLICATE_NAME; 6846185db85Sdougm } 6856185db85Sdougm } else { 6866185db85Sdougm /* must add new protocol */ 68725a68471Sdougm (void) printf(gettext( 68825a68471Sdougm "Group already exists and no protocol " 6896185db85Sdougm "specified.\n")); 6906185db85Sdougm ret = SA_DUPLICATE_NAME; 6916185db85Sdougm } 6926185db85Sdougm } else { 6936185db85Sdougm /* 6946185db85Sdougm * is it a valid name? Must comply with SMF instance 6956185db85Sdougm * name restrictions. 6966185db85Sdougm */ 6976185db85Sdougm if (!sa_valid_group_name(groupname)) { 6986185db85Sdougm ret = SA_INVALID_NAME; 69925a68471Sdougm (void) printf(gettext("Invalid group name: %s\n"), 70025a68471Sdougm groupname); 7016185db85Sdougm } 7026185db85Sdougm } 7036185db85Sdougm if (ret == SA_OK) { 7046185db85Sdougm /* check protocol vs optlist */ 7056185db85Sdougm if (optlist != NULL) { 7066185db85Sdougm /* check options, if any, for validity */ 7076185db85Sdougm ret = valid_options(optlist, protocol, group, NULL); 7086185db85Sdougm } 7096185db85Sdougm } 7106185db85Sdougm if (ret == SA_OK && !dryrun) { 7116185db85Sdougm if (group == NULL) { 71225a68471Sdougm group = sa_create_group(handle, (char *)groupname, 71325a68471Sdougm &err); 7146185db85Sdougm } 7156185db85Sdougm if (group != NULL) { 7166185db85Sdougm sa_optionset_t optionset; 7176185db85Sdougm if (optlist != NULL) { 71825a68471Sdougm (void) add_optionset(group, optlist, protocol, 71925a68471Sdougm &ret); 7206185db85Sdougm } else if (protocol != NULL) { 72125a68471Sdougm optionset = sa_create_optionset(group, 72225a68471Sdougm protocol); 7236185db85Sdougm if (optionset == NULL) 7246185db85Sdougm ret = SA_NO_MEMORY; 7256185db85Sdougm } else if (protocol == NULL) { 7266185db85Sdougm char **protolist; 7276185db85Sdougm int numprotos, i; 7286185db85Sdougm numprotos = sa_get_protocols(&protolist); 7296185db85Sdougm for (i = 0; i < numprotos; i++) { 73025a68471Sdougm optionset = sa_create_optionset(group, 73125a68471Sdougm protolist[i]); 7326185db85Sdougm } 7336185db85Sdougm if (protolist != NULL) 7346185db85Sdougm free(protolist); 7356185db85Sdougm } 7366185db85Sdougm /* 73725a68471Sdougm * We have a group and legal additions 7386185db85Sdougm */ 7396185db85Sdougm if (ret == SA_OK) { 7406185db85Sdougm /* 74125a68471Sdougm * Commit to configuration for protocols that 7426185db85Sdougm * need to do block updates. For NFS, this 7436185db85Sdougm * doesn't do anything but it will be run for 7446185db85Sdougm * all protocols that implement the 7456185db85Sdougm * appropriate plugin. 7466185db85Sdougm */ 747549ec3ffSdougm ret = sa_update_config(handle); 7486185db85Sdougm } else { 7496185db85Sdougm if (group != NULL) 7506185db85Sdougm (void) sa_remove_group(group); 7516185db85Sdougm } 7526185db85Sdougm } else { 7536185db85Sdougm ret = err; 7546185db85Sdougm (void) printf(gettext("Could not create group: %s\n"), 7556185db85Sdougm sa_errorstr(ret)); 7566185db85Sdougm } 7576185db85Sdougm } 7586185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 7596185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 7606185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 7616185db85Sdougm ret = SA_NO_PERMISSION; 7626185db85Sdougm } 7636185db85Sdougm free_opt(optlist); 7646185db85Sdougm return (ret); 7656185db85Sdougm } 7666185db85Sdougm 7676185db85Sdougm /* 7686185db85Sdougm * group_status(group) 7696185db85Sdougm * 7706185db85Sdougm * return the current status (enabled/disabled) of the group. 7716185db85Sdougm */ 7726185db85Sdougm 7736185db85Sdougm static char * 7746185db85Sdougm group_status(sa_group_t group) 7756185db85Sdougm { 7766185db85Sdougm char *state; 7776185db85Sdougm int enabled = 0; 7786185db85Sdougm 7796185db85Sdougm state = sa_get_group_attr(group, "state"); 7806185db85Sdougm if (state != NULL) { 7816185db85Sdougm if (strcmp(state, "enabled") == 0) { 7826185db85Sdougm enabled = 1; 7836185db85Sdougm } 7846185db85Sdougm sa_free_attr_string(state); 7856185db85Sdougm } 7864db300d5Sdougm return (enabled ? "enabled" : "disabled"); 7876185db85Sdougm } 7886185db85Sdougm 7896185db85Sdougm /* 7906185db85Sdougm * sa_delete(flags, argc, argv) 7916185db85Sdougm * 7926185db85Sdougm * Delete a group. 7936185db85Sdougm */ 7946185db85Sdougm 7956185db85Sdougm static int 796549ec3ffSdougm sa_delete(sa_handle_t handle, int flags, int argc, char *argv[]) 7976185db85Sdougm { 7986185db85Sdougm char *groupname; 7996185db85Sdougm sa_group_t group; 8006185db85Sdougm sa_share_t share; 8016185db85Sdougm int verbose = 0; 8026185db85Sdougm int dryrun = 0; 8036185db85Sdougm int force = 0; 8046185db85Sdougm int c; 8056185db85Sdougm char *protocol = NULL; 8066185db85Sdougm char *sectype = NULL; 8076185db85Sdougm int ret = SA_OK; 8086185db85Sdougm int auth; 8096185db85Sdougm 8106185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:fS:")) != EOF) { 8116185db85Sdougm switch (c) { 8126185db85Sdougm case 'v': 8136185db85Sdougm verbose++; 8146185db85Sdougm break; 8156185db85Sdougm case 'n': 8166185db85Sdougm dryrun++; 8176185db85Sdougm break; 8186185db85Sdougm case 'P': 8196185db85Sdougm protocol = optarg; 8206185db85Sdougm if (!sa_valid_protocol(protocol)) { 82125a68471Sdougm (void) printf(gettext("Invalid protocol " 82225a68471Sdougm "specified: %s\n"), protocol); 8236185db85Sdougm return (SA_INVALID_PROTOCOL); 8246185db85Sdougm } 8256185db85Sdougm break; 8266185db85Sdougm case 'S': 8276185db85Sdougm sectype = optarg; 8286185db85Sdougm break; 8296185db85Sdougm case 'f': 8306185db85Sdougm force++; 8316185db85Sdougm break; 8326185db85Sdougm default: 8336185db85Sdougm case 'h': 8346185db85Sdougm case '?': 8356185db85Sdougm (void) printf(gettext("usage: %s\n"), 8366185db85Sdougm sa_get_usage(USAGE_DELETE)); 8376185db85Sdougm return (0); 8386185db85Sdougm } 8396185db85Sdougm } 8406185db85Sdougm 8416185db85Sdougm if (optind >= argc) { 84225a68471Sdougm (void) printf(gettext("usage: %s\n"), 84325a68471Sdougm sa_get_usage(USAGE_DELETE)); 8446185db85Sdougm (void) printf(gettext("\tgroup must be specified.\n")); 8456185db85Sdougm return (SA_SYNTAX_ERR); 8466185db85Sdougm } 8476185db85Sdougm 8486185db85Sdougm if ((optind + 1) < argc) { 84925a68471Sdougm (void) printf(gettext("usage: %s\n"), 85025a68471Sdougm sa_get_usage(USAGE_DELETE)); 8516185db85Sdougm (void) printf(gettext("\textraneous group(s) at end\n")); 8526185db85Sdougm return (SA_SYNTAX_ERR); 8536185db85Sdougm } 8546185db85Sdougm 8556185db85Sdougm if (sectype != NULL && protocol == NULL) { 85625a68471Sdougm (void) printf(gettext("usage: %s\n"), 85725a68471Sdougm sa_get_usage(USAGE_DELETE)); 8586185db85Sdougm (void) printf(gettext("\tsecurity requires protocol to be " 8596185db85Sdougm "specified.\n")); 8606185db85Sdougm return (SA_SYNTAX_ERR); 8616185db85Sdougm } 8626185db85Sdougm 8636185db85Sdougm /* 8646185db85Sdougm * Determine if the group already exists since it must in 8656185db85Sdougm * order to be removed. 8666185db85Sdougm * 8676185db85Sdougm * We can delete when: 8686185db85Sdougm * 8696185db85Sdougm * - group is empty 8706185db85Sdougm * - force flag is set 8716185db85Sdougm * - if protocol specified, only delete the protocol 8726185db85Sdougm */ 8736185db85Sdougm 8746185db85Sdougm groupname = argv[optind]; 875549ec3ffSdougm group = sa_get_group(handle, groupname); 8766185db85Sdougm if (group == NULL) { 8776185db85Sdougm ret = SA_NO_SUCH_GROUP; 87825a68471Sdougm goto done; 87925a68471Sdougm } 8806185db85Sdougm auth = check_authorizations(groupname, flags); 8816185db85Sdougm if (protocol == NULL) { 8826185db85Sdougm share = sa_get_share(group, NULL); 8836185db85Sdougm if (share != NULL) 8846185db85Sdougm ret = SA_BUSY; 8856185db85Sdougm if (share == NULL || (share != NULL && force == 1)) { 8866185db85Sdougm ret = SA_OK; 8876185db85Sdougm if (!dryrun) { 8886185db85Sdougm while (share != NULL) { 8896185db85Sdougm sa_share_t next_share; 8906185db85Sdougm next_share = sa_get_next_share(share); 8916185db85Sdougm /* 89225a68471Sdougm * need to do the disable of 89325a68471Sdougm * each share, but don't 89425a68471Sdougm * actually do anything on a 89525a68471Sdougm * dryrun. 8966185db85Sdougm */ 8976185db85Sdougm ret = sa_disable_share(share, NULL); 8986185db85Sdougm ret = sa_remove_share(share); 8996185db85Sdougm share = next_share; 9006185db85Sdougm } 9016185db85Sdougm ret = sa_remove_group(group); 9026185db85Sdougm } 9036185db85Sdougm } 90425a68471Sdougm /* Commit to configuration if not a dryrun */ 9056185db85Sdougm if (!dryrun && ret == SA_OK) { 906549ec3ffSdougm ret = sa_update_config(handle); 9076185db85Sdougm } 9086185db85Sdougm } else { 9096185db85Sdougm /* a protocol delete */ 9106185db85Sdougm sa_optionset_t optionset; 9116185db85Sdougm sa_security_t security; 9126185db85Sdougm if (sectype != NULL) { 9136185db85Sdougm /* only delete specified security */ 9146185db85Sdougm security = sa_get_security(group, sectype, protocol); 91525a68471Sdougm if (security != NULL && !dryrun) 9166185db85Sdougm ret = sa_destroy_security(security); 91725a68471Sdougm else 9186185db85Sdougm ret = SA_INVALID_PROTOCOL; 9196185db85Sdougm } else { 9206185db85Sdougm optionset = sa_get_optionset(group, protocol); 9216185db85Sdougm if (optionset != NULL && !dryrun) { 92225a68471Sdougm /* 92325a68471Sdougm * have an optionset with 92425a68471Sdougm * protocol to delete 92525a68471Sdougm */ 9266185db85Sdougm ret = sa_destroy_optionset(optionset); 9276185db85Sdougm /* 92825a68471Sdougm * Now find all security sets 92925a68471Sdougm * for the protocol and remove 93025a68471Sdougm * them. Don't remove other 9316185db85Sdougm * protocols. 9326185db85Sdougm */ 93325a68471Sdougm for (security = 93425a68471Sdougm sa_get_security(group, NULL, NULL); 9356185db85Sdougm ret == SA_OK && security != NULL; 9366185db85Sdougm security = sa_get_next_security(security)) { 9376185db85Sdougm char *secprot; 93825a68471Sdougm secprot = sa_get_security_attr(security, 93925a68471Sdougm "type"); 9406185db85Sdougm if (secprot != NULL && 9416185db85Sdougm strcmp(secprot, protocol) == 0) 94225a68471Sdougm ret = sa_destroy_security( 94325a68471Sdougm security); 9446185db85Sdougm if (secprot != NULL) 9456185db85Sdougm sa_free_attr_string(secprot); 9466185db85Sdougm } 9476185db85Sdougm } else { 9486185db85Sdougm if (!dryrun) 9496185db85Sdougm ret = SA_INVALID_PROTOCOL; 9506185db85Sdougm } 9516185db85Sdougm } 9526185db85Sdougm } 95325a68471Sdougm 95425a68471Sdougm done: 9556185db85Sdougm if (ret != SA_OK) { 9566185db85Sdougm (void) printf(gettext("Could not delete group: %s\n"), 9576185db85Sdougm sa_errorstr(ret)); 9586185db85Sdougm } else if (dryrun && !auth && verbose) { 9596185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 9606185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 9616185db85Sdougm } 9626185db85Sdougm return (ret); 9636185db85Sdougm } 9646185db85Sdougm 9656185db85Sdougm /* 9666185db85Sdougm * strndupr(*buff, str, buffsize) 9676185db85Sdougm * 9686185db85Sdougm * used with small strings to duplicate and possibly increase the 9696185db85Sdougm * buffer size of a string. 9706185db85Sdougm */ 9716185db85Sdougm static char * 9726185db85Sdougm strndupr(char *buff, char *str, int *buffsize) 9736185db85Sdougm { 9746185db85Sdougm int limit; 9756185db85Sdougm char *orig_buff = buff; 9766185db85Sdougm 9776185db85Sdougm if (buff == NULL) { 9786185db85Sdougm buff = (char *)malloc(64); 9796185db85Sdougm if (buff == NULL) 9806185db85Sdougm return (NULL); 9816185db85Sdougm *buffsize = 64; 9826185db85Sdougm buff[0] = '\0'; 9836185db85Sdougm } 9846185db85Sdougm limit = strlen(buff) + strlen(str) + 1; 9856185db85Sdougm if (limit > *buffsize) { 9866185db85Sdougm limit = *buffsize = *buffsize + ((limit / 64) + 64); 9876185db85Sdougm buff = realloc(buff, limit); 9886185db85Sdougm } 9896185db85Sdougm if (buff != NULL) { 9906185db85Sdougm (void) strcat(buff, str); 9916185db85Sdougm } else { 9926185db85Sdougm /* if it fails, fail it hard */ 9936185db85Sdougm if (orig_buff != NULL) 9946185db85Sdougm free(orig_buff); 9956185db85Sdougm } 9966185db85Sdougm return (buff); 9976185db85Sdougm } 9986185db85Sdougm 9996185db85Sdougm /* 10006185db85Sdougm * group_proto(group) 10016185db85Sdougm * 10026185db85Sdougm * return a string of all the protocols (space separated) associated 10036185db85Sdougm * with this group. 10046185db85Sdougm */ 10056185db85Sdougm 10066185db85Sdougm static char * 10076185db85Sdougm group_proto(sa_group_t group) 10086185db85Sdougm { 10096185db85Sdougm sa_optionset_t optionset; 10106185db85Sdougm char *proto; 10116185db85Sdougm char *buff = NULL; 10126185db85Sdougm int buffsize = 0; 10136185db85Sdougm int addspace = 0; 10146185db85Sdougm /* 10156185db85Sdougm * get the protocol list by finding the optionsets on this 10166185db85Sdougm * group and extracting the type value. The initial call to 10176185db85Sdougm * strndupr() initailizes buff. 10186185db85Sdougm */ 10196185db85Sdougm buff = strndupr(buff, "", &buffsize); 10206185db85Sdougm if (buff != NULL) { 10216185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 10226185db85Sdougm optionset != NULL && buff != NULL; 10236185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 10246185db85Sdougm /* 10256185db85Sdougm * extract out the protocol type from this optionset 10266185db85Sdougm * and append it to the buffer "buff". strndupr() will 10276185db85Sdougm * reallocate space as necessay. 10286185db85Sdougm */ 10296185db85Sdougm proto = sa_get_optionset_attr(optionset, "type"); 10306185db85Sdougm if (proto != NULL) { 10316185db85Sdougm if (addspace++) 10326185db85Sdougm buff = strndupr(buff, " ", &buffsize); 10336185db85Sdougm buff = strndupr(buff, proto, &buffsize); 10346185db85Sdougm sa_free_attr_string(proto); 10356185db85Sdougm } 10366185db85Sdougm } 10376185db85Sdougm } 10386185db85Sdougm return (buff); 10396185db85Sdougm } 10406185db85Sdougm 10416185db85Sdougm /* 10426185db85Sdougm * sa_list(flags, argc, argv) 10436185db85Sdougm * 10446185db85Sdougm * implements the "list" subcommand to list groups and optionally 10456185db85Sdougm * their state and protocols. 10466185db85Sdougm */ 10476185db85Sdougm 104825a68471Sdougm /*ARGSUSED*/ 10496185db85Sdougm static int 1050549ec3ffSdougm sa_list(sa_handle_t handle, int flags, int argc, char *argv[]) 10516185db85Sdougm { 10526185db85Sdougm sa_group_t group; 10536185db85Sdougm int verbose = 0; 10546185db85Sdougm int c; 10556185db85Sdougm char *protocol = NULL; 10566185db85Sdougm 10576185db85Sdougm while ((c = getopt(argc, argv, "?hvP:")) != EOF) { 10586185db85Sdougm switch (c) { 10596185db85Sdougm case 'v': 10606185db85Sdougm verbose++; 10616185db85Sdougm break; 10626185db85Sdougm case 'P': 10636185db85Sdougm protocol = optarg; 10646185db85Sdougm if (!sa_valid_protocol(protocol)) { 106525a68471Sdougm (void) printf(gettext( 106625a68471Sdougm "Invalid protocol specified: %s\n"), 10676185db85Sdougm protocol); 10686185db85Sdougm return (SA_INVALID_PROTOCOL); 10696185db85Sdougm } 10706185db85Sdougm break; 10716185db85Sdougm default: 10726185db85Sdougm case 'h': 10736185db85Sdougm case '?': 107425a68471Sdougm (void) printf(gettext("usage: %s\n"), 107525a68471Sdougm sa_get_usage(USAGE_LIST)); 10766185db85Sdougm return (0); 10776185db85Sdougm } 10786185db85Sdougm } 10796185db85Sdougm 108025a68471Sdougm for (group = sa_get_group(handle, NULL); 108125a68471Sdougm group != NULL; 10826185db85Sdougm group = sa_get_next_group(group)) { 10836185db85Sdougm char *name; 10846185db85Sdougm char *proto; 10856185db85Sdougm if (protocol == NULL || has_protocol(group, protocol)) { 10866185db85Sdougm name = sa_get_group_attr(group, "name"); 10876185db85Sdougm if (name != NULL && (verbose > 1 || name[0] != '#')) { 10886185db85Sdougm (void) printf("%s", (char *)name); 10896185db85Sdougm if (verbose) { 10906185db85Sdougm /* 109125a68471Sdougm * Need the list of protocols 109225a68471Sdougm * and current status once 109325a68471Sdougm * available. We do want to 109425a68471Sdougm * translate the 109525a68471Sdougm * enabled/disabled text here. 10966185db85Sdougm */ 10974db300d5Sdougm (void) printf("\t%s", isenabled(group) ? 10984db300d5Sdougm gettext("enabled") : 10994db300d5Sdougm gettext("disabled")); 11006185db85Sdougm proto = group_proto(group); 11016185db85Sdougm if (proto != NULL) { 110225a68471Sdougm (void) printf("\t%s", 110325a68471Sdougm (char *)proto); 11046185db85Sdougm free(proto); 11056185db85Sdougm } 11066185db85Sdougm } 11076185db85Sdougm (void) printf("\n"); 11086185db85Sdougm } 11096185db85Sdougm if (name != NULL) 11106185db85Sdougm sa_free_attr_string(name); 11116185db85Sdougm } 11126185db85Sdougm } 11136185db85Sdougm return (0); 11146185db85Sdougm } 11156185db85Sdougm 11166185db85Sdougm /* 11176185db85Sdougm * out_properties(optionset, proto, sec) 11186185db85Sdougm * 11196185db85Sdougm * Format the properties and encode the protocol and optional named 11206185db85Sdougm * optionset into the string. 11216185db85Sdougm * 11226185db85Sdougm * format is protocol[:name]=(property-list) 11236185db85Sdougm */ 11246185db85Sdougm 11256185db85Sdougm static void 11266185db85Sdougm out_properties(sa_optionset_t optionset, char *proto, char *sec) 11276185db85Sdougm { 11286185db85Sdougm char *type; 11296185db85Sdougm char *value; 11306185db85Sdougm int spacer; 11316185db85Sdougm sa_property_t prop; 11326185db85Sdougm 113325a68471Sdougm if (sec == NULL) 11346185db85Sdougm (void) printf(" %s=(", proto ? proto : gettext("all")); 113525a68471Sdougm else 11366185db85Sdougm (void) printf(" %s:%s=(", proto ? proto : gettext("all"), sec); 11376185db85Sdougm 11386185db85Sdougm for (spacer = 0, prop = sa_get_property(optionset, NULL); 113925a68471Sdougm prop != NULL; 114025a68471Sdougm prop = sa_get_next_property(prop)) { 11416185db85Sdougm 11426185db85Sdougm /* 11436185db85Sdougm * extract the property name/value and output with 11446185db85Sdougm * appropriate spacing. I.e. no prefixed space the 11456185db85Sdougm * first time through but a space on subsequent 11466185db85Sdougm * properties. 11476185db85Sdougm */ 11486185db85Sdougm type = sa_get_property_attr(prop, "type"); 11496185db85Sdougm value = sa_get_property_attr(prop, "value"); 11506185db85Sdougm if (type != NULL) { 11516185db85Sdougm (void) printf("%s%s=", spacer ? " " : "", type); 11526185db85Sdougm spacer = 1; 11536185db85Sdougm if (value != NULL) 11546185db85Sdougm (void) printf("\"%s\"", value); 11556185db85Sdougm else 11566185db85Sdougm (void) printf("\"\""); 11576185db85Sdougm } 11586185db85Sdougm if (type != NULL) 11596185db85Sdougm sa_free_attr_string(type); 11606185db85Sdougm if (value != NULL) 11616185db85Sdougm sa_free_attr_string(value); 11626185db85Sdougm } 11636185db85Sdougm (void) printf(")"); 11646185db85Sdougm } 11656185db85Sdougm 11666185db85Sdougm /* 11676185db85Sdougm * show_properties(group, protocol, prefix) 11686185db85Sdougm * 11696185db85Sdougm * print the properties for a group. If protocol is NULL, do all 11706185db85Sdougm * protocols otherwise only the specified protocol. All security 11716185db85Sdougm * (named groups specific to the protocol) are included. 11726185db85Sdougm * 11736185db85Sdougm * The "prefix" is always applied. The caller knows whether it wants 11746185db85Sdougm * some type of prefix string (white space) or not. Once the prefix 11756185db85Sdougm * has been output, it is reduced to the zero length string for the 11766185db85Sdougm * remainder of the property output. 11776185db85Sdougm */ 11786185db85Sdougm 11796185db85Sdougm static void 11806185db85Sdougm show_properties(sa_group_t group, char *protocol, char *prefix) 11816185db85Sdougm { 11826185db85Sdougm sa_optionset_t optionset; 11836185db85Sdougm sa_security_t security; 11846185db85Sdougm char *value; 11856185db85Sdougm char *secvalue; 11866185db85Sdougm 11876185db85Sdougm if (protocol != NULL) { 11886185db85Sdougm optionset = sa_get_optionset(group, protocol); 11896185db85Sdougm if (optionset != NULL) { 11906185db85Sdougm (void) printf("%s", prefix); 11916185db85Sdougm prefix = ""; 11926185db85Sdougm out_properties(optionset, protocol, NULL); 11936185db85Sdougm } 11946185db85Sdougm security = sa_get_security(group, protocol, NULL); 11956185db85Sdougm if (security != NULL) { 11966185db85Sdougm (void) printf("%s", prefix); 11976185db85Sdougm prefix = ""; 11986185db85Sdougm out_properties(security, protocol, NULL); 11996185db85Sdougm } 12006185db85Sdougm } else { 12016185db85Sdougm for (optionset = sa_get_optionset(group, protocol); 12026185db85Sdougm optionset != NULL; 12036185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 12046185db85Sdougm 12056185db85Sdougm value = sa_get_optionset_attr(optionset, "type"); 12066185db85Sdougm (void) printf("%s", prefix); 12076185db85Sdougm prefix = ""; 12086185db85Sdougm out_properties(optionset, value, 0); 12096185db85Sdougm if (value != NULL) 12106185db85Sdougm sa_free_attr_string(value); 12116185db85Sdougm } 12126185db85Sdougm for (security = sa_get_security(group, NULL, protocol); 12136185db85Sdougm security != NULL; 12146185db85Sdougm security = sa_get_next_security(security)) { 12156185db85Sdougm 12166185db85Sdougm value = sa_get_security_attr(security, "type"); 12176185db85Sdougm secvalue = sa_get_security_attr(security, "sectype"); 12186185db85Sdougm (void) printf("%s", prefix); 12196185db85Sdougm prefix = ""; 12206185db85Sdougm out_properties(security, value, secvalue); 12216185db85Sdougm if (value != NULL) 12226185db85Sdougm sa_free_attr_string(value); 12236185db85Sdougm if (secvalue != NULL) 12246185db85Sdougm sa_free_attr_string(secvalue); 12256185db85Sdougm } 12266185db85Sdougm } 12276185db85Sdougm } 12286185db85Sdougm 12296185db85Sdougm /* 12306185db85Sdougm * show_group(group, verbose, properties, proto, subgroup) 12316185db85Sdougm * 12326185db85Sdougm * helper function to show the contents of a group. 12336185db85Sdougm */ 12346185db85Sdougm 12356185db85Sdougm static void 12366185db85Sdougm show_group(sa_group_t group, int verbose, int properties, char *proto, 12376185db85Sdougm char *subgroup) 12386185db85Sdougm { 12396185db85Sdougm sa_share_t share; 12406185db85Sdougm char *groupname; 12416185db85Sdougm char *sharepath; 12426185db85Sdougm char *resource; 12436185db85Sdougm char *description; 12446185db85Sdougm char *type; 12456185db85Sdougm char *zfs = NULL; 12466185db85Sdougm int iszfs = 0; 12476185db85Sdougm 12486185db85Sdougm groupname = sa_get_group_attr(group, "name"); 12496185db85Sdougm if (groupname != NULL) { 12506185db85Sdougm if (proto != NULL && !has_protocol(group, proto)) { 12516185db85Sdougm sa_free_attr_string(groupname); 12526185db85Sdougm return; 12536185db85Sdougm } 12546185db85Sdougm /* 12556185db85Sdougm * check to see if the group is managed by ZFS. If 12566185db85Sdougm * there is an attribute, then it is. A non-NULL zfs 12576185db85Sdougm * variable will trigger the different way to display 12586185db85Sdougm * and will remove the transient property indicator 12596185db85Sdougm * from the output. 12606185db85Sdougm */ 12616185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 12626185db85Sdougm if (zfs != NULL) { 12636185db85Sdougm iszfs = 1; 12646185db85Sdougm sa_free_attr_string(zfs); 12656185db85Sdougm } 12666185db85Sdougm share = sa_get_share(group, NULL); 12676185db85Sdougm if (subgroup == NULL) 12686185db85Sdougm (void) printf("%s", groupname); 12696185db85Sdougm else 12706185db85Sdougm (void) printf(" %s/%s", subgroup, groupname); 127125a68471Sdougm if (properties) 12726185db85Sdougm show_properties(group, proto, ""); 12736185db85Sdougm (void) printf("\n"); 12746185db85Sdougm if (strcmp(groupname, "zfs") == 0) { 12756185db85Sdougm sa_group_t zgroup; 12766185db85Sdougm 127725a68471Sdougm for (zgroup = sa_get_sub_group(group); 127825a68471Sdougm zgroup != NULL; 12796185db85Sdougm zgroup = sa_get_next_group(zgroup)) { 128025a68471Sdougm show_group(zgroup, verbose, properties, proto, 128125a68471Sdougm "zfs"); 12826185db85Sdougm } 12836185db85Sdougm sa_free_attr_string(groupname); 12846185db85Sdougm return; 12856185db85Sdougm } 12866185db85Sdougm /* 128725a68471Sdougm * Have a group, so list the contents. Resource and 12886185db85Sdougm * description are only listed if verbose is set. 12896185db85Sdougm */ 129025a68471Sdougm for (share = sa_get_share(group, NULL); 129125a68471Sdougm share != NULL; 12926185db85Sdougm share = sa_get_next_share(share)) { 12936185db85Sdougm sharepath = sa_get_share_attr(share, "path"); 12946185db85Sdougm if (sharepath != NULL) { 12956185db85Sdougm if (verbose) { 129625a68471Sdougm resource = sa_get_share_attr(share, 129725a68471Sdougm "resource"); 129825a68471Sdougm description = 129925a68471Sdougm sa_get_share_description(share); 130025a68471Sdougm type = sa_get_share_attr(share, 130125a68471Sdougm "type"); 13026185db85Sdougm if (type != NULL && !iszfs && 13036185db85Sdougm strcmp(type, "transient") == 0) 13046185db85Sdougm (void) printf("\t* "); 13056185db85Sdougm else 13066185db85Sdougm (void) printf("\t "); 130725a68471Sdougm if (resource != NULL && 130825a68471Sdougm strlen(resource) > 0) { 130925a68471Sdougm (void) printf("%s=%s", 131025a68471Sdougm resource, sharepath); 13116185db85Sdougm } else { 13126185db85Sdougm (void) printf("%s", sharepath); 13136185db85Sdougm } 13146185db85Sdougm if (resource != NULL) 13156185db85Sdougm sa_free_attr_string(resource); 13166185db85Sdougm if (properties) 131725a68471Sdougm show_properties(share, NULL, 131825a68471Sdougm "\t"); 13196185db85Sdougm if (description != NULL) { 13206185db85Sdougm if (strlen(description) > 0) { 132125a68471Sdougm (void) printf( 132225a68471Sdougm "\t\"%s\"", 132325a68471Sdougm description); 13246185db85Sdougm } 132525a68471Sdougm sa_free_share_description( 132625a68471Sdougm description); 13276185db85Sdougm } 13286185db85Sdougm if (type != NULL) 13296185db85Sdougm sa_free_attr_string(type); 13306185db85Sdougm } else { 13316185db85Sdougm (void) printf("\t%s", sharepath); 13326185db85Sdougm if (properties) 133325a68471Sdougm show_properties(share, NULL, 133425a68471Sdougm "\t"); 13356185db85Sdougm } 13366185db85Sdougm (void) printf("\n"); 13376185db85Sdougm sa_free_attr_string(sharepath); 13386185db85Sdougm } 13396185db85Sdougm } 13406185db85Sdougm } 13416185db85Sdougm if (groupname != NULL) { 13426185db85Sdougm sa_free_attr_string(groupname); 13436185db85Sdougm } 13446185db85Sdougm } 13456185db85Sdougm 13466185db85Sdougm /* 13476185db85Sdougm * show_group_xml_init() 13486185db85Sdougm * 13496185db85Sdougm * Create an XML document that will be used to display config info via 13506185db85Sdougm * XML format. 13516185db85Sdougm */ 13526185db85Sdougm 13536185db85Sdougm xmlDocPtr 13546185db85Sdougm show_group_xml_init() 13556185db85Sdougm { 13566185db85Sdougm xmlDocPtr doc; 13576185db85Sdougm xmlNodePtr root; 13586185db85Sdougm 13596185db85Sdougm doc = xmlNewDoc((xmlChar *)"1.0"); 13606185db85Sdougm if (doc != NULL) { 13616185db85Sdougm root = xmlNewNode(NULL, (xmlChar *)"sharecfg"); 13626185db85Sdougm if (root != NULL) 13636185db85Sdougm xmlDocSetRootElement(doc, root); 13646185db85Sdougm } 13656185db85Sdougm return (doc); 13666185db85Sdougm } 13676185db85Sdougm 13686185db85Sdougm /* 13696185db85Sdougm * show_group_xml(doc, group) 13706185db85Sdougm * 13716185db85Sdougm * Copy the group info into the XML doc. 13726185db85Sdougm */ 13736185db85Sdougm 13746185db85Sdougm static void 13756185db85Sdougm show_group_xml(xmlDocPtr doc, sa_group_t group) 13766185db85Sdougm { 13776185db85Sdougm xmlNodePtr node; 13786185db85Sdougm xmlNodePtr root; 13796185db85Sdougm 13806185db85Sdougm root = xmlDocGetRootElement(doc); 13816185db85Sdougm node = xmlCopyNode((xmlNodePtr)group, 1); 13826185db85Sdougm if (node != NULL && root != NULL) { 13836185db85Sdougm xmlAddChild(root, node); 13846185db85Sdougm /* 13856185db85Sdougm * In the future, we may have interally used tags that 13866185db85Sdougm * should not appear in the XML output. Remove 13876185db85Sdougm * anything we don't want to show here. 13886185db85Sdougm */ 13896185db85Sdougm } 13906185db85Sdougm } 13916185db85Sdougm 13926185db85Sdougm /* 13936185db85Sdougm * sa_show(flags, argc, argv) 13946185db85Sdougm * 13956185db85Sdougm * Implements the show subcommand. 13966185db85Sdougm */ 13976185db85Sdougm 139825a68471Sdougm /*ARGSUSED*/ 13996185db85Sdougm int 1400549ec3ffSdougm sa_show(sa_handle_t handle, int flags, int argc, char *argv[]) 14016185db85Sdougm { 14026185db85Sdougm sa_group_t group; 14036185db85Sdougm int verbose = 0; 14046185db85Sdougm int properties = 0; 14056185db85Sdougm int c; 14066185db85Sdougm int ret = SA_OK; 14076185db85Sdougm char *protocol = NULL; 14086185db85Sdougm int xml = 0; 14096185db85Sdougm xmlDocPtr doc; 14106185db85Sdougm 14116185db85Sdougm while ((c = getopt(argc, argv, "?hvP:px")) != EOF) { 14126185db85Sdougm switch (c) { 14136185db85Sdougm case 'v': 14146185db85Sdougm verbose++; 14156185db85Sdougm break; 14166185db85Sdougm case 'p': 14176185db85Sdougm properties++; 14186185db85Sdougm break; 14196185db85Sdougm case 'P': 14206185db85Sdougm protocol = optarg; 14216185db85Sdougm if (!sa_valid_protocol(protocol)) { 142225a68471Sdougm (void) printf(gettext( 142325a68471Sdougm "Invalid protocol specified: %s\n"), 14246185db85Sdougm protocol); 14256185db85Sdougm return (SA_INVALID_PROTOCOL); 14266185db85Sdougm } 14276185db85Sdougm break; 14286185db85Sdougm case 'x': 14296185db85Sdougm xml++; 14306185db85Sdougm break; 14316185db85Sdougm default: 14326185db85Sdougm case 'h': 14336185db85Sdougm case '?': 143425a68471Sdougm (void) printf(gettext("usage: %s\n"), 143525a68471Sdougm sa_get_usage(USAGE_SHOW)); 14366185db85Sdougm return (0); 14376185db85Sdougm } 14386185db85Sdougm } 14396185db85Sdougm 14406185db85Sdougm if (xml) { 14416185db85Sdougm doc = show_group_xml_init(); 14426185db85Sdougm if (doc == NULL) 14436185db85Sdougm ret = SA_NO_MEMORY; 14446185db85Sdougm } 14456185db85Sdougm 14466185db85Sdougm if (optind == argc) { 144725a68471Sdougm /* No group specified so go through them all */ 144825a68471Sdougm for (group = sa_get_group(handle, NULL); 144925a68471Sdougm group != NULL; 14506185db85Sdougm group = sa_get_next_group(group)) { 14516185db85Sdougm /* 145225a68471Sdougm * Have a group so check if one we want and then list 14536185db85Sdougm * contents with appropriate options. 14546185db85Sdougm */ 14556185db85Sdougm if (xml) 14566185db85Sdougm show_group_xml(doc, group); 14576185db85Sdougm else 145825a68471Sdougm show_group(group, verbose, properties, protocol, 145925a68471Sdougm NULL); 14606185db85Sdougm } 14616185db85Sdougm } else { 146225a68471Sdougm /* Have a specified list of groups */ 14636185db85Sdougm for (; optind < argc; optind++) { 1464549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 14656185db85Sdougm if (group != NULL) { 14666185db85Sdougm if (xml) 14676185db85Sdougm show_group_xml(doc, group); 14686185db85Sdougm else 146925a68471Sdougm show_group(group, verbose, properties, 147025a68471Sdougm protocol, NULL); 14716185db85Sdougm } else { 147225a68471Sdougm (void) printf(gettext("%s: not found\n"), 147325a68471Sdougm argv[optind]); 14746185db85Sdougm ret = SA_NO_SUCH_GROUP; 14756185db85Sdougm } 14766185db85Sdougm } 14776185db85Sdougm } 14786185db85Sdougm if (xml && ret == SA_OK) { 14796185db85Sdougm xmlDocFormatDump(stdout, doc, 1); 14806185db85Sdougm xmlFreeDoc(doc); 14816185db85Sdougm } 14826185db85Sdougm return (ret); 14836185db85Sdougm 14846185db85Sdougm } 14856185db85Sdougm 14866185db85Sdougm /* 14876185db85Sdougm * enable_share(group, share, update_legacy) 14886185db85Sdougm * 14896185db85Sdougm * helper function to enable a share if the group is enabled. 14906185db85Sdougm */ 14916185db85Sdougm 14926185db85Sdougm static int 1493549ec3ffSdougm enable_share(sa_handle_t handle, sa_group_t group, sa_share_t share, 1494549ec3ffSdougm int update_legacy) 14956185db85Sdougm { 14966185db85Sdougm char *value; 14976185db85Sdougm int enabled; 14986185db85Sdougm sa_optionset_t optionset; 14996185db85Sdougm int ret = SA_OK; 15006185db85Sdougm char *zfs = NULL; 15016185db85Sdougm int iszfs = 0; 15026185db85Sdougm 15036185db85Sdougm /* 15046185db85Sdougm * need to enable this share if the group is enabled but not 15056185db85Sdougm * otherwise. The enable is also done on each protocol 15066185db85Sdougm * represented in the group. 15076185db85Sdougm */ 15086185db85Sdougm value = sa_get_group_attr(group, "state"); 15096185db85Sdougm enabled = value != NULL && strcmp(value, "enabled") == 0; 15106185db85Sdougm if (value != NULL) 15116185db85Sdougm sa_free_attr_string(value); 15126185db85Sdougm /* remove legacy config if necessary */ 15136185db85Sdougm if (update_legacy) 15146185db85Sdougm ret = sa_delete_legacy(share); 15156185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 15166185db85Sdougm if (zfs != NULL) { 15176185db85Sdougm iszfs++; 15186185db85Sdougm sa_free_attr_string(zfs); 15196185db85Sdougm } 15206185db85Sdougm 15216185db85Sdougm /* 15226185db85Sdougm * Step through each optionset at the group level and 15236185db85Sdougm * enable the share based on the protocol type. This 15246185db85Sdougm * works because protocols must be set on the group 15256185db85Sdougm * for the protocol to be enabled. 15266185db85Sdougm */ 15276185db85Sdougm for (optionset = sa_get_optionset(group, NULL); 15286185db85Sdougm optionset != NULL && ret == SA_OK; 15296185db85Sdougm optionset = sa_get_next_optionset(optionset)) { 15306185db85Sdougm value = sa_get_optionset_attr(optionset, "type"); 15316185db85Sdougm if (value != NULL) { 15326185db85Sdougm if (enabled) 15336185db85Sdougm ret = sa_enable_share(share, value); 15346185db85Sdougm if (update_legacy && !iszfs) 15356185db85Sdougm (void) sa_update_legacy(share, value); 15366185db85Sdougm sa_free_attr_string(value); 15376185db85Sdougm } 15386185db85Sdougm } 15396185db85Sdougm if (ret == SA_OK) 1540549ec3ffSdougm (void) sa_update_config(handle); 15416185db85Sdougm return (ret); 15426185db85Sdougm } 15436185db85Sdougm 15446185db85Sdougm /* 15456185db85Sdougm * sa_addshare(flags, argc, argv) 15466185db85Sdougm * 15476185db85Sdougm * implements add-share subcommand. 15486185db85Sdougm */ 15496185db85Sdougm 15506185db85Sdougm int 1551549ec3ffSdougm sa_addshare(sa_handle_t handle, int flags, int argc, char *argv[]) 15526185db85Sdougm { 15536185db85Sdougm int verbose = 0; 15546185db85Sdougm int dryrun = 0; 15556185db85Sdougm int c; 15566185db85Sdougm int ret = SA_OK; 15576185db85Sdougm sa_group_t group; 15586185db85Sdougm sa_share_t share; 15596185db85Sdougm char *sharepath = NULL; 15606185db85Sdougm char *description = NULL; 15616185db85Sdougm char *resource = NULL; 15626185db85Sdougm int persist = SA_SHARE_PERMANENT; /* default to persist */ 15636185db85Sdougm int auth; 15646185db85Sdougm char dir[MAXPATHLEN]; 15656185db85Sdougm 15666185db85Sdougm while ((c = getopt(argc, argv, "?hvns:d:r:t")) != EOF) { 15676185db85Sdougm switch (c) { 15686185db85Sdougm case 'n': 15696185db85Sdougm dryrun++; 15706185db85Sdougm break; 15716185db85Sdougm case 'v': 15726185db85Sdougm verbose++; 15736185db85Sdougm break; 15746185db85Sdougm case 'd': 15756185db85Sdougm description = optarg; 15766185db85Sdougm break; 15776185db85Sdougm case 'r': 15786185db85Sdougm resource = optarg; 15796185db85Sdougm break; 15806185db85Sdougm case 's': 15816185db85Sdougm /* 158225a68471Sdougm * Save share path into group. Currently limit 15836185db85Sdougm * to one share per command. 15846185db85Sdougm */ 15856185db85Sdougm if (sharepath != NULL) { 158625a68471Sdougm (void) printf(gettext( 158725a68471Sdougm "Adding multiple shares not supported\n")); 15886185db85Sdougm return (1); 15896185db85Sdougm } 15906185db85Sdougm sharepath = optarg; 15916185db85Sdougm break; 15926185db85Sdougm case 't': 15936185db85Sdougm persist = SA_SHARE_TRANSIENT; 15946185db85Sdougm break; 15956185db85Sdougm default: 15966185db85Sdougm case 'h': 15976185db85Sdougm case '?': 15986185db85Sdougm (void) printf(gettext("usage: %s\n"), 15996185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 16006185db85Sdougm return (0); 16016185db85Sdougm } 16026185db85Sdougm } 16036185db85Sdougm 16046185db85Sdougm if (optind >= argc) { 16056185db85Sdougm (void) printf(gettext("usage: %s\n"), 16066185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 16076185db85Sdougm if (dryrun || sharepath != NULL || description != NULL || 16086185db85Sdougm resource != NULL || verbose || persist) { 16096185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 16106185db85Sdougm ret = SA_NO_SUCH_GROUP; 16116185db85Sdougm } else { 16126185db85Sdougm ret = SA_OK; 16136185db85Sdougm } 16146185db85Sdougm } else { 16156185db85Sdougm if (sharepath == NULL) { 16166185db85Sdougm (void) printf(gettext("usage: %s\n"), 16176185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 161825a68471Sdougm (void) printf(gettext( 161925a68471Sdougm "\t-s sharepath must be specified\n")); 162025a68471Sdougm return (SA_BAD_PATH); 16216185db85Sdougm } 16226185db85Sdougm if (realpath(sharepath, dir) == NULL) { 162325a68471Sdougm (void) printf(gettext( 162425a68471Sdougm "Path is not valid: %s\n"), sharepath); 162525a68471Sdougm return (SA_BAD_PATH); 16266185db85Sdougm } else { 16276185db85Sdougm sharepath = dir; 16286185db85Sdougm } 162925a68471Sdougm 163025a68471Sdougm /* Check for valid syntax */ 163125a68471Sdougm if (resource != NULL && strpbrk(resource, " \t/") != NULL) { 16326185db85Sdougm (void) printf(gettext("usage: %s\n"), 16336185db85Sdougm sa_get_usage(USAGE_ADD_SHARE)); 163425a68471Sdougm (void) printf(gettext( 163525a68471Sdougm "\tresource must not contain white" 16366185db85Sdougm "space or '/' characters\n")); 163725a68471Sdougm return (SA_BAD_PATH); 16386185db85Sdougm } 1639549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 164025a68471Sdougm if (group == NULL) { 164125a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 164225a68471Sdougm argv[optind]); 164325a68471Sdougm return (SA_NO_SUCH_GROUP); 164425a68471Sdougm } 16456185db85Sdougm auth = check_authorizations(argv[optind], flags); 1646549ec3ffSdougm share = sa_find_share(handle, sharepath); 16476185db85Sdougm if (share != NULL) { 16486185db85Sdougm group = sa_get_parent_group(share); 16496185db85Sdougm if (group != NULL) { 16506185db85Sdougm char *groupname; 165125a68471Sdougm groupname = sa_get_group_attr( 165225a68471Sdougm group, "name"); 16536185db85Sdougm if (groupname != NULL) { 165425a68471Sdougm (void) printf(gettext( 165525a68471Sdougm "Share path already " 16566185db85Sdougm "shared in group " 16576185db85Sdougm "\"%s\": %s\n"), 16586185db85Sdougm groupname, sharepath); 16596185db85Sdougm sa_free_attr_string(groupname); 16606185db85Sdougm } else { 166125a68471Sdougm (void) printf(gettext( 166225a68471Sdougm "Share path already" 16636185db85Sdougm "shared: %s\n"), 16646185db85Sdougm groupname, sharepath); 16656185db85Sdougm } 16666185db85Sdougm } else { 166725a68471Sdougm (void) printf(gettext( 166825a68471Sdougm "Share path %s already shared\n"), 16696185db85Sdougm sharepath); 16706185db85Sdougm } 167125a68471Sdougm return (SA_DUPLICATE_NAME); 16726185db85Sdougm } else { 16736185db85Sdougm /* 167425a68471Sdougm * Need to check that resource name is 167525a68471Sdougm * unique at some point. Path checking 167625a68471Sdougm * should use the "normal" rules which 167725a68471Sdougm * don't check the repository. 16786185db85Sdougm */ 16796185db85Sdougm if (dryrun) 1680f345c0beSdougm ret = sa_check_path(group, sharepath, 1681f345c0beSdougm SA_CHECK_NORMAL); 16826185db85Sdougm else 16836185db85Sdougm share = sa_add_share(group, sharepath, 16846185db85Sdougm persist, &ret); 16856185db85Sdougm if (!dryrun && share == NULL) { 168625a68471Sdougm (void) printf(gettext( 168725a68471Sdougm "Could not add share: %s\n"), 16886185db85Sdougm sa_errorstr(ret)); 16896185db85Sdougm } else { 16906185db85Sdougm if (!dryrun && ret == SA_OK) { 169125a68471Sdougm if (resource != NULL && 169225a68471Sdougm strpbrk(resource, " \t/") == NULL) { 16936185db85Sdougm ret = sa_set_share_attr(share, 169425a68471Sdougm "resource", resource); 16956185db85Sdougm } 169625a68471Sdougm if (ret == SA_OK && 169725a68471Sdougm description != NULL) { 169825a68471Sdougm ret = sa_set_share_description( 169925a68471Sdougm share, description); 17006185db85Sdougm } 17016185db85Sdougm if (ret == SA_OK) { 170225a68471Sdougm /* Now enable the share(s) */ 170325a68471Sdougm ret = enable_share(handle, 170425a68471Sdougm group, share, 1); 1705549ec3ffSdougm ret = sa_update_config(handle); 17066185db85Sdougm } 17076185db85Sdougm switch (ret) { 17086185db85Sdougm case SA_DUPLICATE_NAME: 170925a68471Sdougm (void) printf(gettext( 171025a68471Sdougm "Resource name in" 171125a68471Sdougm "use: %s\n"), resource); 17126185db85Sdougm break; 17136185db85Sdougm default: 171425a68471Sdougm (void) printf( 171525a68471Sdougm gettext("Could not set " 17166185db85Sdougm "attribute: %s\n"), 17176185db85Sdougm sa_errorstr(ret)); 17186185db85Sdougm break; 17196185db85Sdougm case SA_OK: 17206185db85Sdougm break; 17216185db85Sdougm } 172225a68471Sdougm } else if (dryrun && ret == SA_OK && !auth && 172325a68471Sdougm verbose) { 172425a68471Sdougm (void) printf(gettext( 172525a68471Sdougm "Command would fail: %s\n"), 17266185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 17276185db85Sdougm ret = SA_NO_PERMISSION; 17286185db85Sdougm } 17296185db85Sdougm } 17306185db85Sdougm } 17316185db85Sdougm } 17326185db85Sdougm return (ret); 17336185db85Sdougm } 17346185db85Sdougm 17356185db85Sdougm /* 17366185db85Sdougm * sa_moveshare(flags, argc, argv) 17376185db85Sdougm * 17386185db85Sdougm * implements move-share subcommand. 17396185db85Sdougm */ 17406185db85Sdougm 17416185db85Sdougm int 1742549ec3ffSdougm sa_moveshare(sa_handle_t handle, int flags, int argc, char *argv[]) 17436185db85Sdougm { 17446185db85Sdougm int verbose = 0; 17456185db85Sdougm int dryrun = 0; 17466185db85Sdougm int c; 17476185db85Sdougm int ret = SA_OK; 17486185db85Sdougm sa_group_t group; 17496185db85Sdougm sa_share_t share; 17506185db85Sdougm char *sharepath = NULL; 17516185db85Sdougm int authsrc = 0, authdst = 0; 17526185db85Sdougm 17536185db85Sdougm while ((c = getopt(argc, argv, "?hvns:")) != EOF) { 17546185db85Sdougm switch (c) { 17556185db85Sdougm case 'n': 17566185db85Sdougm dryrun++; 17576185db85Sdougm break; 17586185db85Sdougm case 'v': 17596185db85Sdougm verbose++; 17606185db85Sdougm break; 17616185db85Sdougm case 's': 17626185db85Sdougm /* 176325a68471Sdougm * Remove share path from group. Currently limit 17646185db85Sdougm * to one share per command. 17656185db85Sdougm */ 17666185db85Sdougm if (sharepath != NULL) { 176725a68471Sdougm (void) printf(gettext("Moving multiple shares" 176825a68471Sdougm "not supported\n")); 17696185db85Sdougm return (SA_BAD_PATH); 17706185db85Sdougm } 17716185db85Sdougm sharepath = optarg; 17726185db85Sdougm break; 17736185db85Sdougm default: 17746185db85Sdougm case 'h': 17756185db85Sdougm case '?': 17766185db85Sdougm (void) printf(gettext("usage: %s\n"), 17776185db85Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 17786185db85Sdougm return (0); 17796185db85Sdougm } 17806185db85Sdougm } 17816185db85Sdougm 17826185db85Sdougm if (optind >= argc || sharepath == NULL) { 17836185db85Sdougm (void) printf(gettext("usage: %s\n"), 17846185db85Sdougm sa_get_usage(USAGE_MOVE_SHARE)); 17856185db85Sdougm if (dryrun || verbose || sharepath != NULL) { 178625a68471Sdougm (void) printf(gettext( 178725a68471Sdougm "\tgroup must be specified\n")); 17886185db85Sdougm ret = SA_NO_SUCH_GROUP; 17896185db85Sdougm } else { 17906185db85Sdougm if (sharepath == NULL) { 17916185db85Sdougm ret = SA_SYNTAX_ERR; 179225a68471Sdougm (void) printf(gettext( 179325a68471Sdougm "\tsharepath must be specified\n")); 179425a68471Sdougm } else { 17956185db85Sdougm ret = SA_OK; 17966185db85Sdougm } 179725a68471Sdougm } 17986185db85Sdougm } else { 179925a68471Sdougm sa_group_t parent; 180025a68471Sdougm char *zfsold; 180125a68471Sdougm char *zfsnew; 180225a68471Sdougm 18036185db85Sdougm if (sharepath == NULL) { 180425a68471Sdougm (void) printf(gettext( 180525a68471Sdougm "sharepath must be specified with the -s " 180625a68471Sdougm "option\n")); 180725a68471Sdougm return (SA_BAD_PATH); 180825a68471Sdougm } 1809549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 181025a68471Sdougm if (group == NULL) { 181125a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 181225a68471Sdougm argv[optind]); 181325a68471Sdougm return (SA_NO_SUCH_GROUP); 181425a68471Sdougm } 1815549ec3ffSdougm share = sa_find_share(handle, sharepath); 18166185db85Sdougm authdst = check_authorizations(argv[optind], flags); 18176185db85Sdougm if (share == NULL) { 18186185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 18196185db85Sdougm sharepath); 182025a68471Sdougm return (SA_NO_SUCH_PATH); 182125a68471Sdougm } 18226185db85Sdougm 18236185db85Sdougm parent = sa_get_parent_group(share); 18246185db85Sdougm if (parent != NULL) { 18256185db85Sdougm char *pname; 18266185db85Sdougm pname = sa_get_group_attr(parent, "name"); 18276185db85Sdougm if (pname != NULL) { 18286185db85Sdougm authsrc = check_authorizations(pname, flags); 18296185db85Sdougm sa_free_attr_string(pname); 18306185db85Sdougm } 18316185db85Sdougm zfsold = sa_get_group_attr(parent, "zfs"); 18326185db85Sdougm zfsnew = sa_get_group_attr(group, "zfs"); 18336185db85Sdougm if ((zfsold != NULL && zfsnew == NULL) || 18346185db85Sdougm (zfsold == NULL && zfsnew != NULL)) { 18356185db85Sdougm ret = SA_NOT_ALLOWED; 18366185db85Sdougm } 18376185db85Sdougm if (zfsold != NULL) 18386185db85Sdougm sa_free_attr_string(zfsold); 18396185db85Sdougm if (zfsnew != NULL) 18406185db85Sdougm sa_free_attr_string(zfsnew); 18416185db85Sdougm } 184225a68471Sdougm if (!dryrun && ret == SA_OK) 18436185db85Sdougm ret = sa_move_share(group, share); 184425a68471Sdougm 18456185db85Sdougm if (ret == SA_OK && parent != group && !dryrun) { 18466185db85Sdougm char *oldstate; 1847549ec3ffSdougm ret = sa_update_config(handle); 18486185db85Sdougm /* 184925a68471Sdougm * Note that the share may need to be 18506185db85Sdougm * "unshared" if the new group is 18516185db85Sdougm * disabled and the old was enabled or 18526185db85Sdougm * it may need to be share to update 18536185db85Sdougm * if the new group is enabled. 18546185db85Sdougm */ 18556185db85Sdougm oldstate = sa_get_group_attr(parent, "state"); 185625a68471Sdougm 18576185db85Sdougm /* enable_share determines what to do */ 18586185db85Sdougm if (strcmp(oldstate, "enabled") == 0) { 18596185db85Sdougm (void) sa_disable_share(share, NULL); 18606185db85Sdougm } 1861549ec3ffSdougm (void) enable_share(handle, group, share, 1); 18626185db85Sdougm if (oldstate != NULL) 18636185db85Sdougm sa_free_attr_string(oldstate); 18646185db85Sdougm } 186525a68471Sdougm 186625a68471Sdougm if (ret != SA_OK) 18676185db85Sdougm (void) printf(gettext("Could not move share: %s\n"), 18686185db85Sdougm sa_errorstr(ret)); 186925a68471Sdougm 18706185db85Sdougm if (dryrun && ret == SA_OK && !(authsrc & authdst) && 18716185db85Sdougm verbose) { 18726185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 18736185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 18746185db85Sdougm } 18756185db85Sdougm } 18766185db85Sdougm return (ret); 18776185db85Sdougm } 18786185db85Sdougm 18796185db85Sdougm /* 18806185db85Sdougm * sa_removeshare(flags, argc, argv) 18816185db85Sdougm * 18826185db85Sdougm * implements remove-share subcommand. 18836185db85Sdougm */ 18846185db85Sdougm 18856185db85Sdougm int 1886549ec3ffSdougm sa_removeshare(sa_handle_t handle, int flags, int argc, char *argv[]) 18876185db85Sdougm { 18886185db85Sdougm int verbose = 0; 18896185db85Sdougm int dryrun = 0; 18906185db85Sdougm int force = 0; 18916185db85Sdougm int c; 18926185db85Sdougm int ret = SA_OK; 18936185db85Sdougm sa_group_t group; 18946185db85Sdougm sa_share_t share; 18956185db85Sdougm char *sharepath = NULL; 18966185db85Sdougm char dir[MAXPATHLEN]; 18976185db85Sdougm int auth; 18986185db85Sdougm 18996185db85Sdougm while ((c = getopt(argc, argv, "?hfns:v")) != EOF) { 19006185db85Sdougm switch (c) { 19016185db85Sdougm case 'n': 19026185db85Sdougm dryrun++; 19036185db85Sdougm break; 19046185db85Sdougm case 'v': 19056185db85Sdougm verbose++; 19066185db85Sdougm break; 19076185db85Sdougm case 'f': 19086185db85Sdougm force++; 19096185db85Sdougm break; 19106185db85Sdougm case 's': 19116185db85Sdougm /* 191225a68471Sdougm * Remove share path from group. Currently limit 19136185db85Sdougm * to one share per command. 19146185db85Sdougm */ 19156185db85Sdougm if (sharepath != NULL) { 191625a68471Sdougm (void) printf(gettext( 191725a68471Sdougm "Removing multiple shares not " 19186185db85Sdougm "supported\n")); 19196185db85Sdougm return (SA_SYNTAX_ERR); 19206185db85Sdougm } 19216185db85Sdougm sharepath = optarg; 19226185db85Sdougm break; 19236185db85Sdougm default: 19246185db85Sdougm case 'h': 19256185db85Sdougm case '?': 19266185db85Sdougm (void) printf(gettext("usage: %s\n"), 19276185db85Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 19286185db85Sdougm return (0); 19296185db85Sdougm } 19306185db85Sdougm } 19316185db85Sdougm 19326185db85Sdougm if (optind >= argc || sharepath == NULL) { 19336185db85Sdougm if (sharepath == NULL) { 19346185db85Sdougm (void) printf(gettext("usage: %s\n"), 19356185db85Sdougm sa_get_usage(USAGE_REMOVE_SHARE)); 193625a68471Sdougm (void) printf(gettext( 193725a68471Sdougm "\t-s sharepath must be specified\n")); 19386185db85Sdougm ret = SA_BAD_PATH; 19396185db85Sdougm } else { 19406185db85Sdougm ret = SA_OK; 19416185db85Sdougm } 19426185db85Sdougm } 194325a68471Sdougm if (ret != SA_OK) { 194425a68471Sdougm return (ret); 194525a68471Sdougm } 194625a68471Sdougm 19476185db85Sdougm if (optind < argc) { 19486185db85Sdougm if ((optind + 1) < argc) { 19496185db85Sdougm (void) printf(gettext("Extraneous group(s) at end of " 19506185db85Sdougm "command\n")); 19516185db85Sdougm ret = SA_SYNTAX_ERR; 19526185db85Sdougm } else { 1953549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 19546185db85Sdougm if (group == NULL) { 195525a68471Sdougm (void) printf(gettext( 195625a68471Sdougm "Group \"%s\" not found\n"), argv[optind]); 19576185db85Sdougm ret = SA_NO_SUCH_GROUP; 19586185db85Sdougm } 19596185db85Sdougm } 19606185db85Sdougm } else { 19616185db85Sdougm group = NULL; 19626185db85Sdougm } 1963a99982a7Sdougm 1964a99982a7Sdougm /* 1965a99982a7Sdougm * Lookup the path in the internal configuration. Care 1966a99982a7Sdougm * must be taken to handle the case where the 1967a99982a7Sdougm * underlying path has been removed since we need to 1968a99982a7Sdougm * be able to deal with that as well. 1969a99982a7Sdougm */ 19706185db85Sdougm if (ret == SA_OK) { 19716185db85Sdougm if (group != NULL) 19726185db85Sdougm share = sa_get_share(group, sharepath); 19736185db85Sdougm else 1974549ec3ffSdougm share = sa_find_share(handle, sharepath); 1975a99982a7Sdougm /* 1976a99982a7Sdougm * If we didn't find the share with the provided path, 1977a99982a7Sdougm * it may be a symlink so attempt to resolve it using 1978a99982a7Sdougm * realpath and try again. Realpath will resolve any 1979a99982a7Sdougm * symlinks and place them in "dir". Note that 1980a99982a7Sdougm * sharepath is only used for the lookup the first 1981a99982a7Sdougm * time and later for error messages. dir will be used 1982a99982a7Sdougm * on the second attempt. Once a share is found, all 1983a99982a7Sdougm * operations are based off of the share variable. 1984a99982a7Sdougm */ 1985a99982a7Sdougm if (share == NULL) { 1986a99982a7Sdougm if (realpath(sharepath, dir) == NULL) { 1987a99982a7Sdougm ret = SA_BAD_PATH; 198825a68471Sdougm (void) printf(gettext( 198925a68471Sdougm "Path is not valid: %s\n"), sharepath); 1990a99982a7Sdougm } else { 1991a99982a7Sdougm if (group != NULL) 1992a99982a7Sdougm share = sa_get_share(group, dir); 1993a99982a7Sdougm else 1994549ec3ffSdougm share = sa_find_share(handle, dir); 1995a99982a7Sdougm } 1996a99982a7Sdougm } 1997a99982a7Sdougm } 1998a99982a7Sdougm 1999a99982a7Sdougm /* 2000a99982a7Sdougm * If there hasn't been an error, there was likely a 2001a99982a7Sdougm * path found. If not, give the appropriate error 2002a99982a7Sdougm * message and set the return error. If it was found, 2003a99982a7Sdougm * then disable the share and then remove it from the 2004a99982a7Sdougm * configuration. 2005a99982a7Sdougm */ 200625a68471Sdougm if (ret != SA_OK) { 200725a68471Sdougm return (ret); 200825a68471Sdougm } 20096185db85Sdougm if (share == NULL) { 20106185db85Sdougm if (group != NULL) 20116185db85Sdougm (void) printf(gettext("Share not found in group %s:" 201225a68471Sdougm " %s\n"), argv[optind], sharepath); 20136185db85Sdougm else 20146185db85Sdougm (void) printf(gettext("Share not found: %s\n"), 20156185db85Sdougm sharepath); 20166185db85Sdougm ret = SA_NO_SUCH_PATH; 20176185db85Sdougm } else { 20186185db85Sdougm if (group == NULL) 20196185db85Sdougm group = sa_get_parent_group(share); 20206185db85Sdougm if (!dryrun) { 20216185db85Sdougm if (ret == SA_OK) { 20226185db85Sdougm ret = sa_disable_share(share, NULL); 20236185db85Sdougm /* 202425a68471Sdougm * We don't care if it fails since it 2025a99982a7Sdougm * could be disabled already. Some 2026a99982a7Sdougm * unexpected errors could occur that 2027a99982a7Sdougm * prevent removal, so also check for 2028a99982a7Sdougm * force being set. 20296185db85Sdougm */ 20306185db85Sdougm if (ret == SA_OK || ret == SA_NO_SUCH_PATH || 2031a99982a7Sdougm ret == SA_NOT_SUPPORTED || 2032a99982a7Sdougm ret == SA_SYSTEM_ERR || force) { 20336185db85Sdougm ret = sa_remove_share(share); 20346185db85Sdougm } 20356185db85Sdougm if (ret == SA_OK) 2036549ec3ffSdougm ret = sa_update_config(handle); 20376185db85Sdougm } 203825a68471Sdougm if (ret != SA_OK) 203925a68471Sdougm (void) printf(gettext( 204025a68471Sdougm "Could not remove share: %s\n"), 20416185db85Sdougm sa_errorstr(ret)); 204225a68471Sdougm 20436185db85Sdougm } else if (ret == SA_OK) { 20446185db85Sdougm char *pname; 20456185db85Sdougm pname = sa_get_group_attr(group, "name"); 20466185db85Sdougm if (pname != NULL) { 20476185db85Sdougm auth = check_authorizations(pname, flags); 20486185db85Sdougm sa_free_attr_string(pname); 20496185db85Sdougm } 20506185db85Sdougm if (!auth && verbose) { 205125a68471Sdougm (void) printf(gettext( 205225a68471Sdougm "Command would fail: %s\n"), 20536185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 20546185db85Sdougm } 20556185db85Sdougm } 20566185db85Sdougm } 20576185db85Sdougm return (ret); 20586185db85Sdougm } 20596185db85Sdougm 20606185db85Sdougm /* 20616185db85Sdougm * sa_set_share(flags, argc, argv) 20626185db85Sdougm * 20636185db85Sdougm * implements set-share subcommand. 20646185db85Sdougm */ 20656185db85Sdougm 20666185db85Sdougm int 2067549ec3ffSdougm sa_set_share(sa_handle_t handle, int flags, int argc, char *argv[]) 20686185db85Sdougm { 20696185db85Sdougm int dryrun = 0; 20706185db85Sdougm int c; 20716185db85Sdougm int ret = SA_OK; 20726185db85Sdougm sa_group_t group, sharegroup; 20736185db85Sdougm sa_share_t share; 20746185db85Sdougm char *sharepath = NULL; 20756185db85Sdougm char *description = NULL; 20766185db85Sdougm char *resource = NULL; 20776185db85Sdougm int auth; 20786185db85Sdougm int verbose = 0; 207925a68471Sdougm char *groupname; 20806185db85Sdougm 20816185db85Sdougm while ((c = getopt(argc, argv, "?hnd:r:s:")) != EOF) { 20826185db85Sdougm switch (c) { 20836185db85Sdougm case 'n': 20846185db85Sdougm dryrun++; 20856185db85Sdougm break; 20866185db85Sdougm case 'd': 20876185db85Sdougm description = optarg; 20886185db85Sdougm break; 20896185db85Sdougm case 'r': 20906185db85Sdougm resource = optarg; 20916185db85Sdougm break; 20926185db85Sdougm case 'v': 20936185db85Sdougm verbose++; 20946185db85Sdougm break; 20956185db85Sdougm case 's': 20966185db85Sdougm /* 209725a68471Sdougm * Save share path into group. Currently limit 20986185db85Sdougm * to one share per command. 20996185db85Sdougm */ 21006185db85Sdougm if (sharepath != NULL) { 210125a68471Sdougm (void) printf(gettext( 210225a68471Sdougm "Updating multiple shares not " 21036185db85Sdougm "supported\n")); 21046185db85Sdougm return (SA_BAD_PATH); 21056185db85Sdougm } 21066185db85Sdougm sharepath = optarg; 21076185db85Sdougm break; 21086185db85Sdougm default: 21096185db85Sdougm case 'h': 21106185db85Sdougm case '?': 21116185db85Sdougm (void) printf(gettext("usage: %s\n"), 21126185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 21136185db85Sdougm return (SA_OK); 21146185db85Sdougm } 21156185db85Sdougm } 211625a68471Sdougm 21176185db85Sdougm if (optind >= argc || sharepath == NULL) { 21186185db85Sdougm if (sharepath == NULL) { 21196185db85Sdougm (void) printf(gettext("usage: %s\n"), 21206185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 21216185db85Sdougm (void) printf(gettext("\tgroup must be specified\n")); 21226185db85Sdougm ret = SA_BAD_PATH; 21236185db85Sdougm } else { 21246185db85Sdougm ret = SA_OK; 21256185db85Sdougm } 21266185db85Sdougm } 21276185db85Sdougm if ((optind + 1) < argc) { 21286185db85Sdougm (void) printf(gettext("usage: %s\n"), 21296185db85Sdougm sa_get_usage(USAGE_SET_SHARE)); 21306185db85Sdougm (void) printf(gettext("\tExtraneous group(s) at end\n")); 21316185db85Sdougm ret = SA_SYNTAX_ERR; 21326185db85Sdougm } 213325a68471Sdougm 213425a68471Sdougm if (ret != SA_OK) 213525a68471Sdougm return (ret); 213625a68471Sdougm 21376185db85Sdougm if (optind < argc) { 21386185db85Sdougm groupname = argv[optind]; 2139549ec3ffSdougm group = sa_get_group(handle, groupname); 21406185db85Sdougm } else { 21416185db85Sdougm group = NULL; 21426185db85Sdougm groupname = NULL; 21436185db85Sdougm } 2144549ec3ffSdougm share = sa_find_share(handle, sharepath); 214525a68471Sdougm if (share == NULL) { 214625a68471Sdougm (void) printf(gettext("Share path \"%s\" not found\n"), 214725a68471Sdougm sharepath); 214825a68471Sdougm return (SA_NO_SUCH_PATH); 214925a68471Sdougm } 21506185db85Sdougm sharegroup = sa_get_parent_group(share); 21516185db85Sdougm if (group != NULL && group != sharegroup) { 21526185db85Sdougm (void) printf(gettext("Group \"%s\" does not contain " 215325a68471Sdougm "share %s\n"), argv[optind], sharepath); 21546185db85Sdougm ret = SA_BAD_PATH; 21556185db85Sdougm } else { 21566185db85Sdougm int delgroupname = 0; 21576185db85Sdougm if (groupname == NULL) { 21586185db85Sdougm groupname = sa_get_group_attr(sharegroup, "name"); 21596185db85Sdougm delgroupname = 1; 21606185db85Sdougm } 21616185db85Sdougm if (groupname != NULL) { 21626185db85Sdougm auth = check_authorizations(groupname, flags); 21636185db85Sdougm if (delgroupname) { 21646185db85Sdougm sa_free_attr_string(groupname); 21656185db85Sdougm groupname = NULL; 21666185db85Sdougm } 21676185db85Sdougm } else { 21686185db85Sdougm ret = SA_NO_MEMORY; 21696185db85Sdougm } 21706185db85Sdougm if (resource != NULL) { 21716185db85Sdougm if (strpbrk(resource, " \t/") == NULL) { 21726185db85Sdougm if (!dryrun) { 217325a68471Sdougm ret = sa_set_share_attr(share, 217425a68471Sdougm "resource", resource); 21756185db85Sdougm } else { 21766185db85Sdougm sa_share_t resshare; 21776185db85Sdougm resshare = sa_get_resource(sharegroup, 21786185db85Sdougm resource); 217925a68471Sdougm if (resshare != NULL && 218025a68471Sdougm resshare != share) 21816185db85Sdougm ret = SA_DUPLICATE_NAME; 21826185db85Sdougm } 21836185db85Sdougm } else { 21846185db85Sdougm ret = SA_BAD_PATH; 218525a68471Sdougm (void) printf(gettext("Resource must not " 218625a68471Sdougm "contain white space or '/'\n")); 21876185db85Sdougm } 21886185db85Sdougm } 218925a68471Sdougm if (ret == SA_OK && description != NULL) 21906185db85Sdougm ret = sa_set_share_description(share, description); 21916185db85Sdougm } 219225a68471Sdougm if (!dryrun && ret == SA_OK) 2193549ec3ffSdougm ret = sa_update_config(handle); 219425a68471Sdougm 21956185db85Sdougm switch (ret) { 21966185db85Sdougm case SA_DUPLICATE_NAME: 219725a68471Sdougm (void) printf(gettext("Resource name in use: %s\n"), resource); 21986185db85Sdougm break; 21996185db85Sdougm default: 22006185db85Sdougm (void) printf(gettext("Could not set attribute: %s\n"), 22016185db85Sdougm sa_errorstr(ret)); 22026185db85Sdougm break; 22036185db85Sdougm case SA_OK: 220425a68471Sdougm if (dryrun && !auth && verbose) 22056185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 22066185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 22076185db85Sdougm break; 22086185db85Sdougm } 220925a68471Sdougm 22106185db85Sdougm return (ret); 22116185db85Sdougm } 22126185db85Sdougm 22136185db85Sdougm /* 22146185db85Sdougm * add_security(group, sectype, optlist, proto, *err) 22156185db85Sdougm * 22166185db85Sdougm * Helper function to add a security option (named optionset) to the 22176185db85Sdougm * group. 22186185db85Sdougm */ 22196185db85Sdougm 22206185db85Sdougm static int 22216185db85Sdougm add_security(sa_group_t group, char *sectype, 22226185db85Sdougm struct options *optlist, char *proto, int *err) 22236185db85Sdougm { 22246185db85Sdougm sa_security_t security; 22256185db85Sdougm int ret = SA_OK; 22266185db85Sdougm int result = 0; 22276185db85Sdougm 22286185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 22296185db85Sdougm security = sa_get_security(group, sectype, proto); 223025a68471Sdougm if (security == NULL) 22316185db85Sdougm security = sa_create_security(group, sectype, proto); 223225a68471Sdougm 22336185db85Sdougm if (sectype != NULL) 22346185db85Sdougm sa_free_attr_string(sectype); 223525a68471Sdougm 223625a68471Sdougm if (security == NULL) 223725a68471Sdougm return (ret); 223825a68471Sdougm 22396185db85Sdougm while (optlist != NULL) { 22406185db85Sdougm sa_property_t prop; 22416185db85Sdougm prop = sa_get_property(security, optlist->optname); 22426185db85Sdougm if (prop == NULL) { 22436185db85Sdougm /* 224425a68471Sdougm * Add the property, but only if it is 22456185db85Sdougm * a non-NULL or non-zero length value 22466185db85Sdougm */ 22476185db85Sdougm if (optlist->optvalue != NULL) { 22486185db85Sdougm prop = sa_create_property(optlist->optname, 22496185db85Sdougm optlist->optvalue); 22506185db85Sdougm if (prop != NULL) { 225125a68471Sdougm ret = sa_valid_property(security, proto, 225225a68471Sdougm prop); 22536185db85Sdougm if (ret != SA_OK) { 22546185db85Sdougm (void) sa_remove_property(prop); 225525a68471Sdougm (void) printf(gettext( 225625a68471Sdougm "Could not add " 22576185db85Sdougm "property %s: %s\n"), 22586185db85Sdougm optlist->optname, 22596185db85Sdougm sa_errorstr(ret)); 22606185db85Sdougm } 22616185db85Sdougm if (ret == SA_OK) { 226225a68471Sdougm ret = sa_add_property(security, 226325a68471Sdougm prop); 22646185db85Sdougm if (ret != SA_OK) { 226525a68471Sdougm (void) printf(gettext( 226625a68471Sdougm "Could not add " 226725a68471Sdougm "property (%s=%s): " 226825a68471Sdougm "%s\n"), 22696185db85Sdougm optlist->optname, 22706185db85Sdougm optlist->optvalue, 22716185db85Sdougm sa_errorstr(ret)); 22726185db85Sdougm } else { 22736185db85Sdougm result = 1; 22746185db85Sdougm } 22756185db85Sdougm } 22766185db85Sdougm } 22776185db85Sdougm } 22786185db85Sdougm } else { 22796185db85Sdougm ret = sa_update_property(prop, optlist->optvalue); 22806185db85Sdougm result = 1; /* should check if really changed */ 22816185db85Sdougm } 22826185db85Sdougm optlist = optlist->next; 22836185db85Sdougm } 22846185db85Sdougm /* 228525a68471Sdougm * When done, properties may have all been removed but 22866185db85Sdougm * we need to keep the security type itself until 22876185db85Sdougm * explicitly removed. 22886185db85Sdougm */ 22896185db85Sdougm if (result) 22906185db85Sdougm ret = sa_commit_properties(security, 0); 22916185db85Sdougm *err = ret; 22926185db85Sdougm return (result); 22936185db85Sdougm } 22946185db85Sdougm 22956185db85Sdougm /* 2296*f8825440Sdougm * zfscheck(group, share) 2297*f8825440Sdougm * 2298*f8825440Sdougm * For the special case where a share was provided, make sure it is a 2299*f8825440Sdougm * compatible path for a ZFS property change. The only path 2300*f8825440Sdougm * acceptable is the path that defines the zfs sub-group (dataset with 2301*f8825440Sdougm * the sharenfs property set) and not one of the paths that inherited 2302*f8825440Sdougm * the NFS properties. Returns SA_OK if it is usable and 2303*f8825440Sdougm * SA_NOT_ALLOWED if it isn't. 2304*f8825440Sdougm * 2305*f8825440Sdougm * If group is not a ZFS group/subgroup, we assume OK since the check 2306*f8825440Sdougm * on return will catch errors for those cases. What we are looking 2307*f8825440Sdougm * for here is that the group is ZFS and the share is not the defining 2308*f8825440Sdougm * share. All else is SA_OK. 2309*f8825440Sdougm */ 2310*f8825440Sdougm 2311*f8825440Sdougm static int 2312*f8825440Sdougm zfscheck(sa_group_t group, sa_share_t share) 2313*f8825440Sdougm { 2314*f8825440Sdougm int ret = SA_OK; 2315*f8825440Sdougm char *attr; 2316*f8825440Sdougm 2317*f8825440Sdougm if (sa_group_is_zfs(group)) { 2318*f8825440Sdougm /* 2319*f8825440Sdougm * The group is a ZFS group. Does the share represent 2320*f8825440Sdougm * the dataset that defined the group? It is only OK 2321*f8825440Sdougm * if the attribute "subgroup" exists on the share and 2322*f8825440Sdougm * has a value of "true". 2323*f8825440Sdougm */ 2324*f8825440Sdougm 2325*f8825440Sdougm ret = SA_NOT_ALLOWED; 2326*f8825440Sdougm attr = sa_get_share_attr(share, "subgroup"); 2327*f8825440Sdougm if (attr != NULL) { 2328*f8825440Sdougm if (strcmp(attr, "true") == 0) 2329*f8825440Sdougm ret = SA_OK; 2330*f8825440Sdougm sa_free_attr_string(attr); 2331*f8825440Sdougm } 2332*f8825440Sdougm } 2333*f8825440Sdougm return (ret); 2334*f8825440Sdougm } 2335*f8825440Sdougm 2336*f8825440Sdougm /* 23376185db85Sdougm * basic_set(groupname, optlist, protocol, sharepath, dryrun) 23386185db85Sdougm * 23396185db85Sdougm * This function implements "set" when a name space (-S) is not 23406185db85Sdougm * specified. It is a basic set. Options and other CLI parsing has 23416185db85Sdougm * already been done. 23426185db85Sdougm */ 23436185db85Sdougm 23446185db85Sdougm static int 2345549ec3ffSdougm basic_set(sa_handle_t handle, char *groupname, struct options *optlist, 2346549ec3ffSdougm char *protocol, char *sharepath, int dryrun) 23476185db85Sdougm { 23486185db85Sdougm sa_group_t group; 23496185db85Sdougm int ret = SA_OK; 23506185db85Sdougm int change = 0; 23516185db85Sdougm struct list *worklist = NULL; 23526185db85Sdougm 2353549ec3ffSdougm group = sa_get_group(handle, groupname); 23546185db85Sdougm if (group != NULL) { 23556185db85Sdougm sa_share_t share = NULL; 23566185db85Sdougm if (sharepath != NULL) { 23576185db85Sdougm share = sa_get_share(group, sharepath); 23586185db85Sdougm if (share == NULL) { 235925a68471Sdougm (void) printf(gettext( 236025a68471Sdougm "Share does not exist in group %s\n"), 23616185db85Sdougm groupname, sharepath); 23626185db85Sdougm ret = SA_NO_SUCH_PATH; 2363*f8825440Sdougm } else { 2364*f8825440Sdougm /* if ZFS and OK, then only group */ 2365*f8825440Sdougm ret = zfscheck(group, share); 2366*f8825440Sdougm if (ret == SA_OK && 2367*f8825440Sdougm sa_group_is_zfs(group)) 2368*f8825440Sdougm share = NULL; 2369*f8825440Sdougm if (ret == SA_NOT_ALLOWED) 2370*f8825440Sdougm (void) printf(gettext( 2371*f8825440Sdougm "Properties on ZFS group shares " 2372*f8825440Sdougm "not supported: %s\n"), sharepath); 23736185db85Sdougm } 23746185db85Sdougm } 23756185db85Sdougm if (ret == SA_OK) { 23766185db85Sdougm /* group must exist */ 23776185db85Sdougm ret = valid_options(optlist, protocol, 23786185db85Sdougm share == NULL ? group : share, NULL); 23796185db85Sdougm if (ret == SA_OK && !dryrun) { 23806185db85Sdougm if (share != NULL) 238125a68471Sdougm change |= add_optionset(share, optlist, 238225a68471Sdougm protocol, &ret); 23836185db85Sdougm else 238425a68471Sdougm change |= add_optionset(group, optlist, 238525a68471Sdougm protocol, &ret); 238625a68471Sdougm if (ret == SA_OK && change) 238725a68471Sdougm worklist = add_list(worklist, group, 238825a68471Sdougm share); 23896185db85Sdougm } 23906185db85Sdougm } 23916185db85Sdougm free_opt(optlist); 23926185db85Sdougm } else { 23936185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 23946185db85Sdougm ret = SA_NO_SUCH_GROUP; 23956185db85Sdougm } 23966185db85Sdougm /* 23976185db85Sdougm * we have a group and potentially legal additions 23986185db85Sdougm */ 23996185db85Sdougm 240025a68471Sdougm /* 240125a68471Sdougm * Commit to configuration if not a dryrunp and properties 240225a68471Sdougm * have changed. 240325a68471Sdougm */ 240425a68471Sdougm if (!dryrun && ret == SA_OK && change && worklist != NULL) 24056185db85Sdougm /* properties changed, so update all shares */ 2406549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 0, protocol); 240725a68471Sdougm 24086185db85Sdougm if (worklist != NULL) 24096185db85Sdougm free_list(worklist); 24106185db85Sdougm return (ret); 24116185db85Sdougm } 24126185db85Sdougm 24136185db85Sdougm /* 24146185db85Sdougm * space_set(groupname, optlist, protocol, sharepath, dryrun) 24156185db85Sdougm * 24166185db85Sdougm * This function implements "set" when a name space (-S) is 24176185db85Sdougm * specified. It is a namespace set. Options and other CLI parsing has 24186185db85Sdougm * already been done. 24196185db85Sdougm */ 24206185db85Sdougm 24216185db85Sdougm static int 2422549ec3ffSdougm space_set(sa_handle_t handle, char *groupname, struct options *optlist, 2423549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 24246185db85Sdougm { 24256185db85Sdougm sa_group_t group; 24266185db85Sdougm int ret = SA_OK; 24276185db85Sdougm int change = 0; 24286185db85Sdougm struct list *worklist = NULL; 24296185db85Sdougm 24306185db85Sdougm /* 24316185db85Sdougm * make sure protcol and sectype are valid 24326185db85Sdougm */ 24336185db85Sdougm 24346185db85Sdougm if (sa_proto_valid_space(protocol, sectype) == 0) { 24356185db85Sdougm (void) printf(gettext("Option space \"%s\" not valid " 243625a68471Sdougm "for protocol.\n"), sectype); 24376185db85Sdougm return (SA_INVALID_SECURITY); 24386185db85Sdougm } 24396185db85Sdougm 2440549ec3ffSdougm group = sa_get_group(handle, groupname); 24416185db85Sdougm if (group != NULL) { 24426185db85Sdougm sa_share_t share = NULL; 24436185db85Sdougm if (sharepath != NULL) { 24446185db85Sdougm share = sa_get_share(group, sharepath); 24456185db85Sdougm if (share == NULL) { 244625a68471Sdougm (void) printf(gettext( 244725a68471Sdougm "Share does not exist in group %s\n"), 24486185db85Sdougm groupname, sharepath); 24496185db85Sdougm ret = SA_NO_SUCH_PATH; 2450*f8825440Sdougm } else { 2451*f8825440Sdougm /* if ZFS and OK, then only group */ 2452*f8825440Sdougm ret = zfscheck(group, share); 2453*f8825440Sdougm if (ret == SA_OK && 2454*f8825440Sdougm sa_group_is_zfs(group)) 2455*f8825440Sdougm share = NULL; 2456*f8825440Sdougm if (ret == SA_NOT_ALLOWED) 2457*f8825440Sdougm (void) printf(gettext( 2458*f8825440Sdougm "Properties on ZFS group shares " 2459*f8825440Sdougm "not supported: %s\n"), sharepath); 24606185db85Sdougm } 24616185db85Sdougm } 24626185db85Sdougm if (ret == SA_OK) { 24636185db85Sdougm /* group must exist */ 24646185db85Sdougm ret = valid_options(optlist, protocol, 24656185db85Sdougm share == NULL ? group : share, sectype); 24666185db85Sdougm if (ret == SA_OK && !dryrun) { 24676185db85Sdougm if (share != NULL) 246825a68471Sdougm change = add_security(share, sectype, 246925a68471Sdougm optlist, protocol, &ret); 24706185db85Sdougm else 247125a68471Sdougm change = add_security(group, sectype, 247225a68471Sdougm optlist, protocol, &ret); 24736185db85Sdougm if (ret != SA_OK) 247425a68471Sdougm (void) printf(gettext( 247525a68471Sdougm "Could not set property: %s\n"), 24766185db85Sdougm sa_errorstr(ret)); 24776185db85Sdougm } 24786185db85Sdougm if (ret == SA_OK && change) 24796185db85Sdougm worklist = add_list(worklist, group, share); 24806185db85Sdougm } 24816185db85Sdougm free_opt(optlist); 24826185db85Sdougm } else { 24836185db85Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 24846185db85Sdougm ret = SA_NO_SUCH_GROUP; 24856185db85Sdougm } 24866185db85Sdougm /* 24876185db85Sdougm * we have a group and potentially legal additions 24886185db85Sdougm */ 24896185db85Sdougm 249025a68471Sdougm /* Commit to configuration if not a dryrun */ 24916185db85Sdougm if (!dryrun && ret == 0) { 24926185db85Sdougm if (change && worklist != NULL) { 24936185db85Sdougm /* properties changed, so update all shares */ 249425a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 249525a68471Sdougm protocol); 24966185db85Sdougm } 2497549ec3ffSdougm ret = sa_update_config(handle); 24986185db85Sdougm } 24996185db85Sdougm if (worklist != NULL) 25006185db85Sdougm free_list(worklist); 25016185db85Sdougm return (ret); 25026185db85Sdougm } 25036185db85Sdougm 25046185db85Sdougm /* 25056185db85Sdougm * sa_set(flags, argc, argv) 25066185db85Sdougm * 25076185db85Sdougm * Implements the set subcommand. It keys off of -S to determine which 25086185db85Sdougm * set of operations to actually do. 25096185db85Sdougm */ 25106185db85Sdougm 25116185db85Sdougm int 2512549ec3ffSdougm sa_set(sa_handle_t handle, int flags, int argc, char *argv[]) 25136185db85Sdougm { 25146185db85Sdougm char *groupname; 25156185db85Sdougm int verbose = 0; 25166185db85Sdougm int dryrun = 0; 25176185db85Sdougm int c; 25186185db85Sdougm char *protocol = NULL; 25196185db85Sdougm int ret = SA_OK; 25206185db85Sdougm struct options *optlist = NULL; 25216185db85Sdougm char *sharepath = NULL; 25226185db85Sdougm char *optset = NULL; 25236185db85Sdougm int auth; 25246185db85Sdougm 25256185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:s:S:")) != EOF) { 25266185db85Sdougm switch (c) { 25276185db85Sdougm case 'v': 25286185db85Sdougm verbose++; 25296185db85Sdougm break; 25306185db85Sdougm case 'n': 25316185db85Sdougm dryrun++; 25326185db85Sdougm break; 25336185db85Sdougm case 'P': 25346185db85Sdougm protocol = optarg; 25356185db85Sdougm if (!sa_valid_protocol(protocol)) { 253625a68471Sdougm (void) printf(gettext( 253725a68471Sdougm "Invalid protocol specified: %s\n"), 25386185db85Sdougm protocol); 25396185db85Sdougm return (SA_INVALID_PROTOCOL); 25406185db85Sdougm } 25416185db85Sdougm break; 25426185db85Sdougm case 'p': 25436185db85Sdougm ret = add_opt(&optlist, optarg, 0); 25446185db85Sdougm switch (ret) { 25456185db85Sdougm case OPT_ADD_SYNTAX: 254625a68471Sdougm (void) printf(gettext("Property syntax error:" 254725a68471Sdougm " %s\n"), optarg); 25486185db85Sdougm return (SA_SYNTAX_ERR); 25496185db85Sdougm case OPT_ADD_MEMORY: 255025a68471Sdougm (void) printf(gettext("No memory to set " 255125a68471Sdougm "property: %s\n"), optarg); 25526185db85Sdougm return (SA_NO_MEMORY); 25536185db85Sdougm default: 25546185db85Sdougm break; 25556185db85Sdougm } 25566185db85Sdougm break; 25576185db85Sdougm case 's': 25586185db85Sdougm sharepath = optarg; 25596185db85Sdougm break; 25606185db85Sdougm case 'S': 25616185db85Sdougm optset = optarg; 25626185db85Sdougm break; 25636185db85Sdougm default: 25646185db85Sdougm case 'h': 25656185db85Sdougm case '?': 25666185db85Sdougm (void) printf(gettext("usage: %s\n"), 25676185db85Sdougm sa_get_usage(USAGE_SET)); 25686185db85Sdougm return (SA_OK); 25696185db85Sdougm } 25706185db85Sdougm } 25716185db85Sdougm 25726185db85Sdougm if (optlist != NULL) 25736185db85Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 25746185db85Sdougm 25756185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 257625a68471Sdougm protocol == NULL || ret != OPT_ADD_OK) { 25776185db85Sdougm char *sep = "\t"; 257825a68471Sdougm 25796185db85Sdougm (void) printf(gettext("usage: %s\n"), sa_get_usage(USAGE_SET)); 25806185db85Sdougm if (optind >= argc) { 258125a68471Sdougm (void) printf(gettext("%sgroup must be specified"), 258225a68471Sdougm sep); 25836185db85Sdougm sep = ", "; 25846185db85Sdougm } 25856185db85Sdougm if (optlist == NULL) { 25866185db85Sdougm (void) printf(gettext("%sat least one property must be" 25876185db85Sdougm " specified"), sep); 25886185db85Sdougm sep = ", "; 25896185db85Sdougm } 25906185db85Sdougm if (protocol == NULL) { 259125a68471Sdougm (void) printf(gettext("%sprotocol must be specified"), 259225a68471Sdougm sep); 25936185db85Sdougm sep = ", "; 25946185db85Sdougm } 25956185db85Sdougm (void) printf("\n"); 25966185db85Sdougm ret = SA_SYNTAX_ERR; 25976185db85Sdougm } else { 25986185db85Sdougm /* 2599*f8825440Sdougm * Group already exists so we can proceed after a few 2600*f8825440Sdougm * additional checks related to ZFS handling. 26016185db85Sdougm */ 26026185db85Sdougm 26036185db85Sdougm groupname = argv[optind]; 2604*f8825440Sdougm if (strcmp(groupname, "zfs") == 0) { 2605*f8825440Sdougm (void) printf(gettext("Changing properties for group " 2606*f8825440Sdougm "\"zfs\" not allowed\n")); 2607*f8825440Sdougm return (SA_NOT_ALLOWED); 2608*f8825440Sdougm } 2609*f8825440Sdougm 26106185db85Sdougm auth = check_authorizations(groupname, flags); 26116185db85Sdougm if (optset == NULL) 2612549ec3ffSdougm ret = basic_set(handle, groupname, optlist, protocol, 26136185db85Sdougm sharepath, dryrun); 26146185db85Sdougm else 2615549ec3ffSdougm ret = space_set(handle, groupname, optlist, protocol, 26166185db85Sdougm sharepath, dryrun, optset); 26176185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 26186185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 26196185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 26206185db85Sdougm } 26216185db85Sdougm } 26226185db85Sdougm return (ret); 26236185db85Sdougm } 26246185db85Sdougm 26256185db85Sdougm /* 26266185db85Sdougm * remove_options(group, optlist, proto, *err) 26276185db85Sdougm * 262825a68471Sdougm * Helper function to actually remove options from a group after all 26296185db85Sdougm * preprocessing is done. 26306185db85Sdougm */ 26316185db85Sdougm 26326185db85Sdougm static int 26336185db85Sdougm remove_options(sa_group_t group, struct options *optlist, 26346185db85Sdougm char *proto, int *err) 26356185db85Sdougm { 26366185db85Sdougm struct options *cur; 26376185db85Sdougm sa_optionset_t optionset; 26386185db85Sdougm sa_property_t prop; 26396185db85Sdougm int change = 0; 26406185db85Sdougm int ret = SA_OK; 26416185db85Sdougm 26426185db85Sdougm optionset = sa_get_optionset(group, proto); 26436185db85Sdougm if (optionset != NULL) { 26446185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 26456185db85Sdougm prop = sa_get_property(optionset, cur->optname); 26466185db85Sdougm if (prop != NULL) { 26476185db85Sdougm ret = sa_remove_property(prop); 26486185db85Sdougm if (ret != SA_OK) 26496185db85Sdougm break; 26506185db85Sdougm change = 1; 26516185db85Sdougm } 26526185db85Sdougm } 26536185db85Sdougm } 26546185db85Sdougm if (ret == SA_OK && change) 26556185db85Sdougm ret = sa_commit_properties(optionset, 0); 26566185db85Sdougm 26576185db85Sdougm if (err != NULL) 26586185db85Sdougm *err = ret; 26596185db85Sdougm return (change); 26606185db85Sdougm } 26616185db85Sdougm 26626185db85Sdougm /* 26636185db85Sdougm * valid_unset(group, optlist, proto) 26646185db85Sdougm * 26656185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 26666185db85Sdougm * error if a property doesn't exist. 26676185db85Sdougm */ 26686185db85Sdougm 26696185db85Sdougm static int 26706185db85Sdougm valid_unset(sa_group_t group, struct options *optlist, char *proto) 26716185db85Sdougm { 26726185db85Sdougm struct options *cur; 26736185db85Sdougm sa_optionset_t optionset; 26746185db85Sdougm sa_property_t prop; 26756185db85Sdougm int ret = SA_OK; 26766185db85Sdougm 26776185db85Sdougm optionset = sa_get_optionset(group, proto); 26786185db85Sdougm if (optionset != NULL) { 26796185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 26806185db85Sdougm prop = sa_get_property(optionset, cur->optname); 26816185db85Sdougm if (prop == NULL) { 268225a68471Sdougm (void) printf(gettext( 268325a68471Sdougm "Could not unset property %s: not set\n"), 26846185db85Sdougm cur->optname); 26856185db85Sdougm ret = SA_NO_SUCH_PROP; 26866185db85Sdougm } 26876185db85Sdougm } 26886185db85Sdougm } 26896185db85Sdougm return (ret); 26906185db85Sdougm } 26916185db85Sdougm 26926185db85Sdougm /* 26936185db85Sdougm * valid_unset_security(group, optlist, proto) 26946185db85Sdougm * 26956185db85Sdougm * Sanity check the optlist to make sure they can be removed. Issue an 26966185db85Sdougm * error if a property doesn't exist. 26976185db85Sdougm */ 26986185db85Sdougm 26996185db85Sdougm static int 27006185db85Sdougm valid_unset_security(sa_group_t group, struct options *optlist, char *proto, 27016185db85Sdougm char *sectype) 27026185db85Sdougm { 27036185db85Sdougm struct options *cur; 27046185db85Sdougm sa_security_t security; 27056185db85Sdougm sa_property_t prop; 27066185db85Sdougm int ret = SA_OK; 27076185db85Sdougm char *sec; 27086185db85Sdougm 27096185db85Sdougm sec = sa_proto_space_alias(proto, sectype); 27106185db85Sdougm security = sa_get_security(group, sec, proto); 27116185db85Sdougm if (security != NULL) { 27126185db85Sdougm for (cur = optlist; cur != NULL; cur = cur->next) { 27136185db85Sdougm prop = sa_get_property(security, cur->optname); 27146185db85Sdougm if (prop == NULL) { 271525a68471Sdougm (void) printf(gettext( 271625a68471Sdougm "Could not unset property %s: not set\n"), 27176185db85Sdougm cur->optname); 27186185db85Sdougm ret = SA_NO_SUCH_PROP; 27196185db85Sdougm } 27206185db85Sdougm } 27216185db85Sdougm } else { 272225a68471Sdougm (void) printf(gettext( 272325a68471Sdougm "Could not unset %s: space not defined\n"), sectype); 27246185db85Sdougm ret = SA_NO_SUCH_SECURITY; 27256185db85Sdougm } 27266185db85Sdougm if (sec != NULL) 27276185db85Sdougm sa_free_attr_string(sec); 27286185db85Sdougm return (ret); 27296185db85Sdougm } 27306185db85Sdougm 27316185db85Sdougm /* 27326185db85Sdougm * remove_security(group, optlist, proto) 27336185db85Sdougm * 27346185db85Sdougm * Remove the properties since they were checked as valid. 27356185db85Sdougm */ 27366185db85Sdougm 27376185db85Sdougm static int 27386185db85Sdougm remove_security(sa_group_t group, char *sectype, 27396185db85Sdougm struct options *optlist, char *proto, int *err) 27406185db85Sdougm { 27416185db85Sdougm sa_security_t security; 27426185db85Sdougm int ret = SA_OK; 27436185db85Sdougm int change = 0; 27446185db85Sdougm 27456185db85Sdougm sectype = sa_proto_space_alias(proto, sectype); 27466185db85Sdougm security = sa_get_security(group, sectype, proto); 27476185db85Sdougm if (sectype != NULL) 27486185db85Sdougm sa_free_attr_string(sectype); 27496185db85Sdougm 27506185db85Sdougm if (security != NULL) { 27516185db85Sdougm while (optlist != NULL) { 27526185db85Sdougm sa_property_t prop; 27536185db85Sdougm prop = sa_get_property(security, optlist->optname); 27546185db85Sdougm if (prop != NULL) { 27556185db85Sdougm ret = sa_remove_property(prop); 27566185db85Sdougm if (ret != SA_OK) 27576185db85Sdougm break; 27586185db85Sdougm change = 1; 27596185db85Sdougm } 27606185db85Sdougm optlist = optlist->next; 27616185db85Sdougm } 27626185db85Sdougm /* 27636185db85Sdougm * when done, properties may have all been removed but 27646185db85Sdougm * we need to keep the security type itself until 27656185db85Sdougm * explicitly removed. 27666185db85Sdougm */ 27676185db85Sdougm if (ret == SA_OK && change) 27686185db85Sdougm ret = sa_commit_properties(security, 0); 27696185db85Sdougm } else { 27706185db85Sdougm ret = SA_NO_SUCH_PROP; 27716185db85Sdougm } 27726185db85Sdougm if (err != NULL) 27736185db85Sdougm *err = ret; 27746185db85Sdougm return (change); 27756185db85Sdougm } 27766185db85Sdougm 27776185db85Sdougm /* 27786185db85Sdougm * basic_unset(groupname, optlist, protocol, sharepath, dryrun) 27796185db85Sdougm * 278025a68471Sdougm * Unset non-named optionset properties. 27816185db85Sdougm */ 27826185db85Sdougm 27836185db85Sdougm static int 2784549ec3ffSdougm basic_unset(sa_handle_t handle, char *groupname, struct options *optlist, 2785549ec3ffSdougm char *protocol, char *sharepath, int dryrun) 27866185db85Sdougm { 27876185db85Sdougm sa_group_t group; 27886185db85Sdougm int ret = SA_OK; 27896185db85Sdougm int change = 0; 27906185db85Sdougm struct list *worklist = NULL; 279125a68471Sdougm sa_share_t share = NULL; 27926185db85Sdougm 2793549ec3ffSdougm group = sa_get_group(handle, groupname); 279425a68471Sdougm if (group == NULL) 279525a68471Sdougm return (ret); 279625a68471Sdougm 27976185db85Sdougm if (sharepath != NULL) { 27986185db85Sdougm share = sa_get_share(group, sharepath); 27996185db85Sdougm if (share == NULL) { 280025a68471Sdougm (void) printf(gettext( 280125a68471Sdougm "Share does not exist in group %s\n"), 28026185db85Sdougm groupname, sharepath); 28036185db85Sdougm ret = SA_NO_SUCH_PATH; 28046185db85Sdougm } 28056185db85Sdougm } 28066185db85Sdougm if (ret == SA_OK) { 28076185db85Sdougm /* group must exist */ 28086185db85Sdougm ret = valid_unset(share != NULL ? share : group, 28096185db85Sdougm optlist, protocol); 28106185db85Sdougm if (ret == SA_OK && !dryrun) { 28116185db85Sdougm if (share != NULL) { 28126185db85Sdougm sa_optionset_t optionset; 28136185db85Sdougm sa_property_t prop; 281425a68471Sdougm change |= remove_options(share, optlist, 281525a68471Sdougm protocol, &ret); 281625a68471Sdougm /* 281725a68471Sdougm * If a share optionset is 281825a68471Sdougm * empty, remove it. 281925a68471Sdougm */ 28206185db85Sdougm optionset = sa_get_optionset((sa_share_t)share, 28216185db85Sdougm protocol); 28226185db85Sdougm if (optionset != NULL) { 28236185db85Sdougm prop = sa_get_property(optionset, NULL); 28246185db85Sdougm if (prop == NULL) 282525a68471Sdougm (void) sa_destroy_optionset( 282625a68471Sdougm optionset); 28276185db85Sdougm } 28286185db85Sdougm } else { 282925a68471Sdougm change |= remove_options(group, 283025a68471Sdougm optlist, protocol, &ret); 28316185db85Sdougm } 28326185db85Sdougm if (ret == SA_OK && change) 283325a68471Sdougm worklist = add_list(worklist, group, 283425a68471Sdougm share); 28356185db85Sdougm if (ret != SA_OK) 283625a68471Sdougm (void) printf(gettext( 283725a68471Sdougm "Could not remove properties: " 283825a68471Sdougm "%s\n"), sa_errorstr(ret)); 28396185db85Sdougm } 28406185db85Sdougm } else { 284125a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), 284225a68471Sdougm groupname); 28436185db85Sdougm ret = SA_NO_SUCH_GROUP; 28446185db85Sdougm } 28456185db85Sdougm free_opt(optlist); 28466185db85Sdougm 28476185db85Sdougm /* 284825a68471Sdougm * We have a group and potentially legal additions 284925a68471Sdougm * 285025a68471Sdougm * Commit to configuration if not a dryrun 28516185db85Sdougm */ 28526185db85Sdougm if (!dryrun && ret == SA_OK) { 28536185db85Sdougm if (change && worklist != NULL) { 28546185db85Sdougm /* properties changed, so update all shares */ 285525a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 285625a68471Sdougm protocol); 28576185db85Sdougm } 28586185db85Sdougm } 28596185db85Sdougm if (worklist != NULL) 28606185db85Sdougm free_list(worklist); 28616185db85Sdougm return (ret); 28626185db85Sdougm } 28636185db85Sdougm 28646185db85Sdougm /* 28656185db85Sdougm * space_unset(groupname, optlist, protocol, sharepath, dryrun) 28666185db85Sdougm * 286725a68471Sdougm * Unset named optionset properties. 28686185db85Sdougm */ 28696185db85Sdougm static int 2870549ec3ffSdougm space_unset(sa_handle_t handle, char *groupname, struct options *optlist, 2871549ec3ffSdougm char *protocol, char *sharepath, int dryrun, char *sectype) 28726185db85Sdougm { 28736185db85Sdougm sa_group_t group; 28746185db85Sdougm int ret = SA_OK; 28756185db85Sdougm int change = 0; 28766185db85Sdougm struct list *worklist = NULL; 287725a68471Sdougm sa_share_t share = NULL; 28786185db85Sdougm 2879549ec3ffSdougm group = sa_get_group(handle, groupname); 288025a68471Sdougm if (group == NULL) { 288125a68471Sdougm (void) printf(gettext("Group \"%s\" not found\n"), groupname); 288225a68471Sdougm return (SA_NO_SUCH_GROUP); 288325a68471Sdougm } 28846185db85Sdougm if (sharepath != NULL) { 28856185db85Sdougm share = sa_get_share(group, sharepath); 28866185db85Sdougm if (share == NULL) { 288725a68471Sdougm (void) printf(gettext( 288825a68471Sdougm "Share does not exist in group %s\n"), 28896185db85Sdougm groupname, sharepath); 289025a68471Sdougm return (SA_NO_SUCH_PATH); 28916185db85Sdougm } 28926185db85Sdougm } 289325a68471Sdougm ret = valid_unset_security(share != NULL ? share : group, optlist, 289425a68471Sdougm protocol, sectype); 289525a68471Sdougm 28966185db85Sdougm if (ret == SA_OK && !dryrun) { 28976185db85Sdougm if (optlist != NULL) { 28986185db85Sdougm if (share != NULL) { 28996185db85Sdougm sa_security_t optionset; 29006185db85Sdougm sa_property_t prop; 290125a68471Sdougm change = remove_security(share, 290225a68471Sdougm sectype, optlist, protocol, &ret); 290325a68471Sdougm 290425a68471Sdougm /* If a share security is empty, remove it */ 29056185db85Sdougm optionset = sa_get_security((sa_group_t)share, 290625a68471Sdougm sectype, protocol); 29076185db85Sdougm if (optionset != NULL) { 290825a68471Sdougm prop = sa_get_property(optionset, 290925a68471Sdougm NULL); 29106185db85Sdougm if (prop == NULL) 291125a68471Sdougm ret = sa_destroy_security( 291225a68471Sdougm optionset); 29136185db85Sdougm } 29146185db85Sdougm } else { 29156185db85Sdougm change = remove_security(group, sectype, 291625a68471Sdougm optlist, protocol, &ret); 29176185db85Sdougm } 29186185db85Sdougm } else { 29196185db85Sdougm sa_security_t security; 29206185db85Sdougm char *sec; 29216185db85Sdougm sec = sa_proto_space_alias(protocol, sectype); 29226185db85Sdougm security = sa_get_security(group, sec, protocol); 29236185db85Sdougm if (sec != NULL) 29246185db85Sdougm sa_free_attr_string(sec); 29256185db85Sdougm if (security != NULL) { 29266185db85Sdougm ret = sa_destroy_security(security); 29276185db85Sdougm if (ret == SA_OK) 29286185db85Sdougm change = 1; 29296185db85Sdougm } else { 29306185db85Sdougm ret = SA_NO_SUCH_PROP; 29316185db85Sdougm } 29326185db85Sdougm } 29336185db85Sdougm if (ret != SA_OK) 29346185db85Sdougm (void) printf(gettext("Could not unset property: %s\n"), 29356185db85Sdougm sa_errorstr(ret)); 29366185db85Sdougm } 29376185db85Sdougm 29386185db85Sdougm if (ret == SA_OK && change) 29396185db85Sdougm worklist = add_list(worklist, group, 0); 294025a68471Sdougm 29416185db85Sdougm free_opt(optlist); 29426185db85Sdougm /* 294325a68471Sdougm * We have a group and potentially legal additions 29446185db85Sdougm */ 29456185db85Sdougm 294625a68471Sdougm /* Commit to configuration if not a dryrun */ 29476185db85Sdougm if (!dryrun && ret == 0) { 29486185db85Sdougm /* properties changed, so update all shares */ 294925a68471Sdougm if (change && worklist != NULL) 295025a68471Sdougm (void) enable_all_groups(handle, worklist, 0, 0, 295125a68471Sdougm protocol); 2952549ec3ffSdougm ret = sa_update_config(handle); 29536185db85Sdougm } 29546185db85Sdougm if (worklist != NULL) 29556185db85Sdougm free_list(worklist); 29566185db85Sdougm return (ret); 29576185db85Sdougm } 29586185db85Sdougm 29596185db85Sdougm /* 29606185db85Sdougm * sa_unset(flags, argc, argv) 29616185db85Sdougm * 296225a68471Sdougm * Implements the unset subcommand. Parsing done here and then basic 29636185db85Sdougm * or space versions of the real code are called. 29646185db85Sdougm */ 29656185db85Sdougm 29666185db85Sdougm int 2967549ec3ffSdougm sa_unset(sa_handle_t handle, int flags, int argc, char *argv[]) 29686185db85Sdougm { 29696185db85Sdougm char *groupname; 29706185db85Sdougm int verbose = 0; 29716185db85Sdougm int dryrun = 0; 29726185db85Sdougm int c; 29736185db85Sdougm char *protocol = NULL; 29746185db85Sdougm int ret = SA_OK; 29756185db85Sdougm struct options *optlist = NULL; 29766185db85Sdougm char *sharepath = NULL; 29776185db85Sdougm char *optset = NULL; 29786185db85Sdougm int auth; 29796185db85Sdougm 29806185db85Sdougm while ((c = getopt(argc, argv, "?hvnP:p:s:S:")) != EOF) { 29816185db85Sdougm switch (c) { 29826185db85Sdougm case 'v': 29836185db85Sdougm verbose++; 29846185db85Sdougm break; 29856185db85Sdougm case 'n': 29866185db85Sdougm dryrun++; 29876185db85Sdougm break; 29886185db85Sdougm case 'P': 29896185db85Sdougm protocol = optarg; 29906185db85Sdougm if (!sa_valid_protocol(protocol)) { 299125a68471Sdougm (void) printf(gettext( 299225a68471Sdougm "Invalid protocol specified: %s\n"), 29936185db85Sdougm protocol); 29946185db85Sdougm return (SA_INVALID_PROTOCOL); 29956185db85Sdougm } 29966185db85Sdougm break; 29976185db85Sdougm case 'p': 29986185db85Sdougm ret = add_opt(&optlist, optarg, 1); 29996185db85Sdougm switch (ret) { 30006185db85Sdougm case OPT_ADD_SYNTAX: 300125a68471Sdougm (void) printf(gettext("Property syntax error " 300225a68471Sdougm "for property %s\n"), optarg); 30036185db85Sdougm return (SA_SYNTAX_ERR); 300425a68471Sdougm 30056185db85Sdougm case OPT_ADD_PROPERTY: 300625a68471Sdougm (void) printf(gettext("Properties need to be " 300725a68471Sdougm "set with set command: %s\n"), optarg); 30086185db85Sdougm return (SA_SYNTAX_ERR); 300925a68471Sdougm 30106185db85Sdougm default: 30116185db85Sdougm break; 30126185db85Sdougm } 30136185db85Sdougm break; 30146185db85Sdougm case 's': 30156185db85Sdougm sharepath = optarg; 30166185db85Sdougm break; 30176185db85Sdougm case 'S': 30186185db85Sdougm optset = optarg; 30196185db85Sdougm break; 30206185db85Sdougm default: 30216185db85Sdougm case 'h': 30226185db85Sdougm case '?': 30236185db85Sdougm (void) printf(gettext("usage: %s\n"), 30246185db85Sdougm sa_get_usage(USAGE_UNSET)); 30256185db85Sdougm return (SA_OK); 30266185db85Sdougm } 30276185db85Sdougm } 30286185db85Sdougm 30296185db85Sdougm if (optlist != NULL) 30306185db85Sdougm ret = chk_opt(optlist, optset != NULL, protocol); 30316185db85Sdougm 30326185db85Sdougm if (optind >= argc || (optlist == NULL && optset == NULL) || 30336185db85Sdougm protocol == NULL) { 30346185db85Sdougm char *sep = "\t"; 303525a68471Sdougm (void) printf(gettext("usage: %s\n"), 303625a68471Sdougm sa_get_usage(USAGE_UNSET)); 30376185db85Sdougm if (optind >= argc) { 303825a68471Sdougm (void) printf(gettext("%sgroup must be specified"), 30396185db85Sdougm sep); 30406185db85Sdougm sep = ", "; 30416185db85Sdougm } 304225a68471Sdougm if (optlist == NULL) { 304325a68471Sdougm (void) printf(gettext("%sat least one property must " 304425a68471Sdougm "be specified"), sep); 304525a68471Sdougm sep = ", "; 304625a68471Sdougm } 30476185db85Sdougm if (protocol == NULL) { 304825a68471Sdougm (void) printf(gettext("%sprotocol must be specified"), 304925a68471Sdougm sep); 30506185db85Sdougm sep = ", "; 30516185db85Sdougm } 30526185db85Sdougm (void) printf("\n"); 30536185db85Sdougm ret = SA_SYNTAX_ERR; 30546185db85Sdougm } else { 30556185db85Sdougm 30566185db85Sdougm /* 305725a68471Sdougm * If a group already exists, we can only add a new 30586185db85Sdougm * protocol to it and not create a new one or add the 30596185db85Sdougm * same protocol again. 30606185db85Sdougm */ 30616185db85Sdougm 30626185db85Sdougm groupname = argv[optind]; 30636185db85Sdougm auth = check_authorizations(groupname, flags); 30646185db85Sdougm if (optset == NULL) 3065549ec3ffSdougm ret = basic_unset(handle, groupname, optlist, protocol, 30666185db85Sdougm sharepath, dryrun); 30676185db85Sdougm else 3068549ec3ffSdougm ret = space_unset(handle, groupname, optlist, protocol, 30696185db85Sdougm sharepath, dryrun, optset); 30706185db85Sdougm 307125a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) 30726185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 30736185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 30746185db85Sdougm } 30756185db85Sdougm return (ret); 30766185db85Sdougm } 30776185db85Sdougm 30786185db85Sdougm /* 30796185db85Sdougm * sa_enable_group(flags, argc, argv) 30806185db85Sdougm * 30816185db85Sdougm * Implements the enable subcommand 30826185db85Sdougm */ 30836185db85Sdougm 30846185db85Sdougm int 3085549ec3ffSdougm sa_enable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 30866185db85Sdougm { 30876185db85Sdougm int verbose = 0; 30886185db85Sdougm int dryrun = 0; 30896185db85Sdougm int all = 0; 30906185db85Sdougm int c; 30916185db85Sdougm int ret = SA_OK; 30926185db85Sdougm char *protocol = NULL; 30936185db85Sdougm char *state; 30946185db85Sdougm struct list *worklist = NULL; 30956185db85Sdougm int auth = 1; 309625a68471Sdougm sa_group_t group; 30976185db85Sdougm 30986185db85Sdougm while ((c = getopt(argc, argv, "?havnP:")) != EOF) { 30996185db85Sdougm switch (c) { 31006185db85Sdougm case 'a': 31016185db85Sdougm all = 1; 31026185db85Sdougm break; 31036185db85Sdougm case 'n': 31046185db85Sdougm dryrun++; 31056185db85Sdougm break; 31066185db85Sdougm case 'P': 31076185db85Sdougm protocol = optarg; 31086185db85Sdougm if (!sa_valid_protocol(protocol)) { 310925a68471Sdougm (void) printf(gettext( 311025a68471Sdougm "Invalid protocol specified: %s\n"), 31116185db85Sdougm protocol); 31126185db85Sdougm return (SA_INVALID_PROTOCOL); 31136185db85Sdougm } 31146185db85Sdougm break; 31156185db85Sdougm case 'v': 31166185db85Sdougm verbose++; 31176185db85Sdougm break; 31186185db85Sdougm default: 31196185db85Sdougm case 'h': 31206185db85Sdougm case '?': 31216185db85Sdougm (void) printf(gettext("usage: %s\n"), 31226185db85Sdougm sa_get_usage(USAGE_ENABLE)); 31236185db85Sdougm return (0); 31246185db85Sdougm } 31256185db85Sdougm } 31266185db85Sdougm 31276185db85Sdougm if (optind == argc && !all) { 312825a68471Sdougm (void) printf(gettext("usage: %s\n"), 312925a68471Sdougm sa_get_usage(USAGE_ENABLE)); 31306185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 313125a68471Sdougm return (SA_NO_SUCH_PATH); 313225a68471Sdougm } 31336185db85Sdougm if (!all) { 31346185db85Sdougm while (optind < argc) { 3135549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 31366185db85Sdougm if (group != NULL) { 313725a68471Sdougm auth &= check_authorizations(argv[optind], 313825a68471Sdougm flags); 31396185db85Sdougm state = sa_get_group_attr(group, "state"); 31406185db85Sdougm if (state != NULL && 31416185db85Sdougm strcmp(state, "enabled") == 0) { 31426185db85Sdougm /* already enabled */ 31436185db85Sdougm if (verbose) 314425a68471Sdougm (void) printf(gettext( 314525a68471Sdougm "Group \"%s\" is already " 31466185db85Sdougm "enabled\n"), 31476185db85Sdougm argv[optind]); 31486185db85Sdougm ret = SA_BUSY; /* already enabled */ 31496185db85Sdougm } else { 315025a68471Sdougm worklist = add_list(worklist, group, 315125a68471Sdougm 0); 31526185db85Sdougm if (verbose) 315325a68471Sdougm (void) printf(gettext( 315425a68471Sdougm "Enabling group \"%s\"\n"), 31556185db85Sdougm argv[optind]); 31566185db85Sdougm } 31576185db85Sdougm if (state != NULL) 31586185db85Sdougm sa_free_attr_string(state); 31596185db85Sdougm } else { 31606185db85Sdougm ret = SA_NO_SUCH_GROUP; 31616185db85Sdougm } 31626185db85Sdougm optind++; 31636185db85Sdougm } 31646185db85Sdougm } else { 316525a68471Sdougm for (group = sa_get_group(handle, NULL); 316625a68471Sdougm group != NULL; 31676185db85Sdougm group = sa_get_next_group(group)) { 31686185db85Sdougm worklist = add_list(worklist, group, 0); 31696185db85Sdougm } 31706185db85Sdougm } 317125a68471Sdougm if (!dryrun && ret == SA_OK) 3172549ec3ffSdougm ret = enable_all_groups(handle, worklist, 1, 0, NULL); 317325a68471Sdougm 31746185db85Sdougm if (ret != SA_OK && ret != SA_BUSY) 31756185db85Sdougm (void) printf(gettext("Could not enable group: %s\n"), 31766185db85Sdougm sa_errorstr(ret)); 31776185db85Sdougm if (ret == SA_BUSY) 31786185db85Sdougm ret = SA_OK; 317925a68471Sdougm 31806185db85Sdougm if (worklist != NULL) 31816185db85Sdougm free_list(worklist); 31826185db85Sdougm if (dryrun && ret == SA_OK && !auth && verbose) { 31836185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 31846185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 31856185db85Sdougm } 31866185db85Sdougm return (ret); 31876185db85Sdougm } 31886185db85Sdougm 31896185db85Sdougm /* 31906185db85Sdougm * disable_group(group, setstate) 31916185db85Sdougm * 319225a68471Sdougm * Disable all the shares in the specified group honoring the setstate 31936185db85Sdougm * argument. This is a helper for disable_all_groups in order to 31946185db85Sdougm * simplify regular and subgroup (zfs) disabling. Group has already 31956185db85Sdougm * been checked for non-NULL. 31966185db85Sdougm */ 31976185db85Sdougm 31986185db85Sdougm static int 31996185db85Sdougm disable_group(sa_group_t group) 32006185db85Sdougm { 32016185db85Sdougm sa_share_t share; 32026185db85Sdougm int ret = SA_OK; 32036185db85Sdougm 32046185db85Sdougm for (share = sa_get_share(group, NULL); 32056185db85Sdougm share != NULL && ret == SA_OK; 32066185db85Sdougm share = sa_get_next_share(share)) { 32076185db85Sdougm ret = sa_disable_share(share, NULL); 32086185db85Sdougm if (ret == SA_NO_SUCH_PATH) { 32096185db85Sdougm /* 32106185db85Sdougm * this is OK since the path is gone. we can't 32116185db85Sdougm * re-share it anyway so no error. 32126185db85Sdougm */ 32136185db85Sdougm ret = SA_OK; 32146185db85Sdougm } 32156185db85Sdougm } 32166185db85Sdougm return (ret); 32176185db85Sdougm } 32186185db85Sdougm 32196185db85Sdougm 32206185db85Sdougm /* 32216185db85Sdougm * disable_all_groups(work, setstate) 32226185db85Sdougm * 32236185db85Sdougm * helper function that disables the shares in the list of groups 32246185db85Sdougm * provided. It optionally marks the group as disabled. Used by both 32256185db85Sdougm * enable and start subcommands. 32266185db85Sdougm */ 32276185db85Sdougm 32286185db85Sdougm static int 3229549ec3ffSdougm disable_all_groups(sa_handle_t handle, struct list *work, int setstate) 32306185db85Sdougm { 32316185db85Sdougm int ret = SA_OK; 32326185db85Sdougm sa_group_t subgroup, group; 32336185db85Sdougm 32346185db85Sdougm while (work != NULL && ret == SA_OK) { 32356185db85Sdougm group = (sa_group_t)work->item; 32366185db85Sdougm if (setstate) 32376185db85Sdougm ret = sa_set_group_attr(group, "state", "disabled"); 32386185db85Sdougm if (ret == SA_OK) { 32396185db85Sdougm char *name; 32406185db85Sdougm name = sa_get_group_attr(group, "name"); 32416185db85Sdougm if (name != NULL && strcmp(name, "zfs") == 0) { 32426185db85Sdougm /* need to get the sub-groups for stopping */ 324325a68471Sdougm for (subgroup = sa_get_sub_group(group); 324425a68471Sdougm subgroup != NULL; 32456185db85Sdougm subgroup = sa_get_next_group(subgroup)) { 32466185db85Sdougm ret = disable_group(subgroup); 32476185db85Sdougm } 32486185db85Sdougm } else { 32496185db85Sdougm ret = disable_group(group); 32506185db85Sdougm } 32516185db85Sdougm /* 325225a68471Sdougm * We don't want to "disable" since it won't come 32536185db85Sdougm * up after a reboot. The SMF framework should do 32546185db85Sdougm * the right thing. On enable we do want to do 32556185db85Sdougm * something. 32566185db85Sdougm */ 32576185db85Sdougm } 32586185db85Sdougm work = work->next; 32596185db85Sdougm } 32606185db85Sdougm if (ret == SA_OK) 3261549ec3ffSdougm ret = sa_update_config(handle); 32626185db85Sdougm return (ret); 32636185db85Sdougm } 32646185db85Sdougm 32656185db85Sdougm /* 32666185db85Sdougm * sa_disable_group(flags, argc, argv) 32676185db85Sdougm * 32686185db85Sdougm * Implements the disable subcommand 32696185db85Sdougm */ 32706185db85Sdougm 32716185db85Sdougm int 3272549ec3ffSdougm sa_disable_group(sa_handle_t handle, int flags, int argc, char *argv[]) 32736185db85Sdougm { 32746185db85Sdougm int verbose = 0; 32756185db85Sdougm int dryrun = 0; 32766185db85Sdougm int all = 0; 32776185db85Sdougm int c; 32786185db85Sdougm int ret = SA_OK; 32796185db85Sdougm char *protocol; 32806185db85Sdougm char *state; 32816185db85Sdougm struct list *worklist = NULL; 328225a68471Sdougm sa_group_t group; 32836185db85Sdougm int auth = 1; 32846185db85Sdougm 32856185db85Sdougm while ((c = getopt(argc, argv, "?havn")) != EOF) { 32866185db85Sdougm switch (c) { 32876185db85Sdougm case 'a': 32886185db85Sdougm all = 1; 32896185db85Sdougm break; 32906185db85Sdougm case 'n': 32916185db85Sdougm dryrun++; 32926185db85Sdougm break; 32936185db85Sdougm case 'P': 32946185db85Sdougm protocol = optarg; 32956185db85Sdougm if (!sa_valid_protocol(protocol)) { 329625a68471Sdougm (void) printf(gettext( 329725a68471Sdougm "Invalid protocol specified: %s\n"), 32986185db85Sdougm protocol); 32996185db85Sdougm return (SA_INVALID_PROTOCOL); 33006185db85Sdougm } 33016185db85Sdougm break; 33026185db85Sdougm case 'v': 33036185db85Sdougm verbose++; 33046185db85Sdougm break; 33056185db85Sdougm default: 33066185db85Sdougm case 'h': 33076185db85Sdougm case '?': 33086185db85Sdougm (void) printf(gettext("usage: %s\n"), 33096185db85Sdougm sa_get_usage(USAGE_DISABLE)); 33106185db85Sdougm return (0); 33116185db85Sdougm } 33126185db85Sdougm } 33136185db85Sdougm 33146185db85Sdougm if (optind == argc && !all) { 33156185db85Sdougm (void) printf(gettext("usage: %s\n"), 33166185db85Sdougm sa_get_usage(USAGE_DISABLE)); 33176185db85Sdougm (void) printf(gettext("\tmust specify group\n")); 331825a68471Sdougm return (SA_NO_SUCH_PATH); 331925a68471Sdougm } 33206185db85Sdougm if (!all) { 33216185db85Sdougm while (optind < argc) { 3322549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 33236185db85Sdougm if (group != NULL) { 332425a68471Sdougm auth &= check_authorizations(argv[optind], 332525a68471Sdougm flags); 33266185db85Sdougm state = sa_get_group_attr(group, "state"); 33276185db85Sdougm if (state == NULL || 33286185db85Sdougm strcmp(state, "disabled") == 0) { 33296185db85Sdougm /* already disabled */ 33306185db85Sdougm if (verbose) 333125a68471Sdougm (void) printf(gettext( 333225a68471Sdougm "Group \"%s\" is " 33336185db85Sdougm "already disabled\n"), 33346185db85Sdougm argv[optind]); 33356185db85Sdougm ret = SA_BUSY; /* already disable */ 33366185db85Sdougm } else { 33376185db85Sdougm worklist = add_list(worklist, group, 0); 33386185db85Sdougm if (verbose) 333925a68471Sdougm (void) printf(gettext( 334025a68471Sdougm "Disabling group " 334125a68471Sdougm "\"%s\"\n"), argv[optind]); 33426185db85Sdougm } 33436185db85Sdougm if (state != NULL) 33446185db85Sdougm sa_free_attr_string(state); 33456185db85Sdougm } else { 33466185db85Sdougm ret = SA_NO_SUCH_GROUP; 33476185db85Sdougm } 33486185db85Sdougm optind++; 33496185db85Sdougm } 33506185db85Sdougm } else { 335125a68471Sdougm for (group = sa_get_group(handle, NULL); 335225a68471Sdougm group != NULL; 335325a68471Sdougm group = sa_get_next_group(group)) 33546185db85Sdougm worklist = add_list(worklist, group, 0); 33556185db85Sdougm } 335625a68471Sdougm 335725a68471Sdougm if (ret == SA_OK && !dryrun) 3358549ec3ffSdougm ret = disable_all_groups(handle, worklist, 1); 33596185db85Sdougm if (ret != SA_OK && ret != SA_BUSY) 33606185db85Sdougm (void) printf(gettext("Could not disable group: %s\n"), 33616185db85Sdougm sa_errorstr(ret)); 33626185db85Sdougm if (ret == SA_BUSY) 33636185db85Sdougm ret = SA_OK; 33646185db85Sdougm if (worklist != NULL) 33656185db85Sdougm free_list(worklist); 336625a68471Sdougm if (dryrun && ret == SA_OK && !auth && verbose) 33676185db85Sdougm (void) printf(gettext("Command would fail: %s\n"), 33686185db85Sdougm sa_errorstr(SA_NO_PERMISSION)); 33696185db85Sdougm return (ret); 33706185db85Sdougm } 33716185db85Sdougm 33726185db85Sdougm /* 33736185db85Sdougm * sa_start_group(flags, argc, argv) 33746185db85Sdougm * 33756185db85Sdougm * Implements the start command. 33766185db85Sdougm * This is similar to enable except it doesn't change the state 33776185db85Sdougm * of the group(s) and only enables shares if the group is already 33786185db85Sdougm * enabled. 33796185db85Sdougm */ 338025a68471Sdougm /*ARGSUSED*/ 33816185db85Sdougm int 3382549ec3ffSdougm sa_start_group(sa_handle_t handle, int flags, int argc, char *argv[]) 33836185db85Sdougm { 33846185db85Sdougm int verbose = 0; 33856185db85Sdougm int all = 0; 33866185db85Sdougm int c; 33876185db85Sdougm int ret = SMF_EXIT_OK; 33886185db85Sdougm char *protocol = NULL; 33896185db85Sdougm char *state; 33906185db85Sdougm struct list *worklist = NULL; 339125a68471Sdougm sa_group_t group; 33926185db85Sdougm 33936185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 33946185db85Sdougm switch (c) { 33956185db85Sdougm case 'a': 33966185db85Sdougm all = 1; 33976185db85Sdougm break; 33986185db85Sdougm case 'P': 33996185db85Sdougm protocol = optarg; 34006185db85Sdougm if (!sa_valid_protocol(protocol)) { 340125a68471Sdougm (void) printf(gettext( 340225a68471Sdougm "Invalid protocol specified: %s\n"), 34036185db85Sdougm protocol); 34046185db85Sdougm return (SA_INVALID_PROTOCOL); 34056185db85Sdougm } 34066185db85Sdougm break; 34076185db85Sdougm case 'v': 34086185db85Sdougm verbose++; 34096185db85Sdougm break; 34106185db85Sdougm default: 34116185db85Sdougm case 'h': 34126185db85Sdougm case '?': 34136185db85Sdougm (void) printf(gettext("usage: %s\n"), 34146185db85Sdougm sa_get_usage(USAGE_START)); 34156185db85Sdougm return (SA_OK); 34166185db85Sdougm } 34176185db85Sdougm } 34186185db85Sdougm 34196185db85Sdougm if (optind == argc && !all) { 34206185db85Sdougm (void) printf(gettext("usage: %s\n"), 34216185db85Sdougm sa_get_usage(USAGE_START)); 342225a68471Sdougm return (SMF_EXIT_ERR_FATAL); 342325a68471Sdougm } 34246185db85Sdougm 34256185db85Sdougm if (!all) { 34266185db85Sdougm while (optind < argc) { 3427549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 34286185db85Sdougm if (group != NULL) { 34296185db85Sdougm state = sa_get_group_attr(group, "state"); 34306185db85Sdougm if (state == NULL || 34316185db85Sdougm strcmp(state, "enabled") == 0) { 34326185db85Sdougm worklist = add_list(worklist, group, 0); 34336185db85Sdougm if (verbose) 343425a68471Sdougm (void) printf(gettext( 343525a68471Sdougm "Starting group \"%s\"\n"), 34366185db85Sdougm argv[optind]); 34376185db85Sdougm } else { 34386185db85Sdougm /* 343925a68471Sdougm * Determine if there are any 34406185db85Sdougm * protocols. if there aren't any, 34416185db85Sdougm * then there isn't anything to do in 34426185db85Sdougm * any case so no error. 34436185db85Sdougm */ 344425a68471Sdougm if (sa_get_optionset(group, 344525a68471Sdougm protocol) != NULL) { 34466185db85Sdougm ret = SMF_EXIT_OK; 34476185db85Sdougm } 34486185db85Sdougm } 34496185db85Sdougm if (state != NULL) 34506185db85Sdougm sa_free_attr_string(state); 34516185db85Sdougm } 34526185db85Sdougm optind++; 34536185db85Sdougm } 34546185db85Sdougm } else { 3455549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 34566185db85Sdougm group = sa_get_next_group(group)) { 34576185db85Sdougm state = sa_get_group_attr(group, "state"); 34586185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 34596185db85Sdougm worklist = add_list(worklist, group, 0); 34606185db85Sdougm if (state != NULL) 34616185db85Sdougm sa_free_attr_string(state); 34626185db85Sdougm } 34636185db85Sdougm } 346425a68471Sdougm 3465549ec3ffSdougm (void) enable_all_groups(handle, worklist, 0, 1, NULL); 346625a68471Sdougm 34676185db85Sdougm if (worklist != NULL) 34686185db85Sdougm free_list(worklist); 34696185db85Sdougm return (ret); 34706185db85Sdougm } 34716185db85Sdougm 34726185db85Sdougm /* 34736185db85Sdougm * sa_stop_group(flags, argc, argv) 34746185db85Sdougm * 34756185db85Sdougm * Implements the stop command. 34766185db85Sdougm * This is similar to disable except it doesn't change the state 34776185db85Sdougm * of the group(s) and only disables shares if the group is already 34786185db85Sdougm * enabled. 34796185db85Sdougm */ 348025a68471Sdougm /*ARGSUSED*/ 34816185db85Sdougm int 3482549ec3ffSdougm sa_stop_group(sa_handle_t handle, int flags, int argc, char *argv[]) 34836185db85Sdougm { 34846185db85Sdougm int verbose = 0; 34856185db85Sdougm int all = 0; 34866185db85Sdougm int c; 34876185db85Sdougm int ret = SMF_EXIT_OK; 34886185db85Sdougm char *protocol = NULL; 34896185db85Sdougm char *state; 34906185db85Sdougm struct list *worklist = NULL; 349125a68471Sdougm sa_group_t group; 34926185db85Sdougm 34936185db85Sdougm while ((c = getopt(argc, argv, "?havP:")) != EOF) { 34946185db85Sdougm switch (c) { 34956185db85Sdougm case 'a': 34966185db85Sdougm all = 1; 34976185db85Sdougm break; 34986185db85Sdougm case 'P': 34996185db85Sdougm protocol = optarg; 35006185db85Sdougm if (!sa_valid_protocol(protocol)) { 350125a68471Sdougm (void) printf(gettext( 350225a68471Sdougm "Invalid protocol specified: %s\n"), 35036185db85Sdougm protocol); 35046185db85Sdougm return (SA_INVALID_PROTOCOL); 35056185db85Sdougm } 35066185db85Sdougm break; 35076185db85Sdougm case 'v': 35086185db85Sdougm verbose++; 35096185db85Sdougm break; 35106185db85Sdougm default: 35116185db85Sdougm case 'h': 35126185db85Sdougm case '?': 35136185db85Sdougm (void) printf(gettext("usage: %s\n"), 35146185db85Sdougm sa_get_usage(USAGE_STOP)); 35156185db85Sdougm return (0); 35166185db85Sdougm } 35176185db85Sdougm } 35186185db85Sdougm 35196185db85Sdougm if (optind == argc && !all) { 352025a68471Sdougm (void) printf(gettext("usage: %s\n"), 352125a68471Sdougm sa_get_usage(USAGE_STOP)); 352225a68471Sdougm return (SMF_EXIT_ERR_FATAL); 352325a68471Sdougm } else if (!all) { 35246185db85Sdougm while (optind < argc) { 3525549ec3ffSdougm group = sa_get_group(handle, argv[optind]); 35266185db85Sdougm if (group != NULL) { 35276185db85Sdougm state = sa_get_group_attr(group, "state"); 35286185db85Sdougm if (state == NULL || 35296185db85Sdougm strcmp(state, "enabled") == 0) { 35306185db85Sdougm worklist = add_list(worklist, group, 0); 35316185db85Sdougm if (verbose) 353225a68471Sdougm (void) printf(gettext( 353325a68471Sdougm "Stopping group \"%s\"\n"), 35346185db85Sdougm argv[optind]); 35356185db85Sdougm } else { 35366185db85Sdougm ret = SMF_EXIT_OK; 35376185db85Sdougm } 35386185db85Sdougm if (state != NULL) 35396185db85Sdougm sa_free_attr_string(state); 35406185db85Sdougm } 35416185db85Sdougm optind++; 35426185db85Sdougm } 35436185db85Sdougm } else { 3544549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 35456185db85Sdougm group = sa_get_next_group(group)) { 35466185db85Sdougm state = sa_get_group_attr(group, "state"); 35476185db85Sdougm if (state == NULL || strcmp(state, "enabled") == 0) 35486185db85Sdougm worklist = add_list(worklist, group, 0); 35496185db85Sdougm if (state != NULL) 35506185db85Sdougm sa_free_attr_string(state); 35516185db85Sdougm } 35526185db85Sdougm } 355325a68471Sdougm 3554549ec3ffSdougm (void) disable_all_groups(handle, worklist, 0); 3555549ec3ffSdougm ret = sa_update_config(handle); 355625a68471Sdougm 35576185db85Sdougm if (worklist != NULL) 35586185db85Sdougm free_list(worklist); 35596185db85Sdougm return (ret); 35606185db85Sdougm } 35616185db85Sdougm 35626185db85Sdougm /* 35636185db85Sdougm * remove_all_options(share, proto) 35646185db85Sdougm * 35656185db85Sdougm * Removes all options on a share. 35666185db85Sdougm */ 35676185db85Sdougm 35686185db85Sdougm static void 35696185db85Sdougm remove_all_options(sa_share_t share, char *proto) 35706185db85Sdougm { 35716185db85Sdougm sa_optionset_t optionset; 35726185db85Sdougm sa_security_t security; 35736185db85Sdougm sa_security_t prevsec = NULL; 35746185db85Sdougm 35756185db85Sdougm optionset = sa_get_optionset(share, proto); 35766185db85Sdougm if (optionset != NULL) 35776185db85Sdougm (void) sa_destroy_optionset(optionset); 35786185db85Sdougm for (security = sa_get_security(share, NULL, NULL); 35796185db85Sdougm security != NULL; 35806185db85Sdougm security = sa_get_next_security(security)) { 35816185db85Sdougm char *type; 35826185db85Sdougm /* 358325a68471Sdougm * We walk through the list. prevsec keeps the 35846185db85Sdougm * previous security so we can delete it without 35856185db85Sdougm * destroying the list. 35866185db85Sdougm */ 35876185db85Sdougm if (prevsec != NULL) { 35886185db85Sdougm /* remove the previously seen security */ 35896185db85Sdougm (void) sa_destroy_security(prevsec); 35906185db85Sdougm /* set to NULL so we don't try multiple times */ 35916185db85Sdougm prevsec = NULL; 35926185db85Sdougm } 35936185db85Sdougm type = sa_get_security_attr(security, "type"); 35946185db85Sdougm if (type != NULL) { 35956185db85Sdougm /* 35966185db85Sdougm * if the security matches the specified protocol, we 35976185db85Sdougm * want to remove it. prevsec holds it until either 35986185db85Sdougm * the next pass or we fall out of the loop. 35996185db85Sdougm */ 36006185db85Sdougm if (strcmp(type, proto) == 0) 36016185db85Sdougm prevsec = security; 36026185db85Sdougm sa_free_attr_string(type); 36036185db85Sdougm } 36046185db85Sdougm } 36056185db85Sdougm /* in case there is one left */ 36066185db85Sdougm if (prevsec != NULL) 36076185db85Sdougm (void) sa_destroy_security(prevsec); 36086185db85Sdougm } 36096185db85Sdougm 36106185db85Sdougm 36116185db85Sdougm /* 36126185db85Sdougm * for legacy support, we need to handle the old syntax. This is what 36136185db85Sdougm * we get if sharemgr is called with the name "share" rather than 36146185db85Sdougm * sharemgr. 36156185db85Sdougm */ 36166185db85Sdougm 36176185db85Sdougm static int 36186185db85Sdougm format_legacy_path(char *buff, int buffsize, char *proto, char *cmd) 36196185db85Sdougm { 36206185db85Sdougm int err; 36216185db85Sdougm 36226185db85Sdougm err = snprintf(buff, buffsize, "/usr/lib/fs/%s/%s", proto, cmd); 36236185db85Sdougm if (err > buffsize) 36246185db85Sdougm return (-1); 36256185db85Sdougm return (0); 36266185db85Sdougm } 36276185db85Sdougm 36286185db85Sdougm 36296185db85Sdougm /* 36306185db85Sdougm * check_legacy_cmd(proto, cmd) 36316185db85Sdougm * 36326185db85Sdougm * Check to see if the cmd exists in /usr/lib/fs/<proto>/<cmd> and is 36336185db85Sdougm * executable. 36346185db85Sdougm */ 36356185db85Sdougm 36366185db85Sdougm static int 36376185db85Sdougm check_legacy_cmd(char *path) 36386185db85Sdougm { 36396185db85Sdougm struct stat st; 36406185db85Sdougm int ret = 0; 36416185db85Sdougm 36426185db85Sdougm if (stat(path, &st) == 0) { 364325a68471Sdougm if (S_ISREG(st.st_mode) && 364425a68471Sdougm st.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) 36456185db85Sdougm ret = 1; 36466185db85Sdougm } 36476185db85Sdougm return (ret); 36486185db85Sdougm } 36496185db85Sdougm 36506185db85Sdougm /* 36516185db85Sdougm * run_legacy_command(proto, cmd, argv) 36526185db85Sdougm * 365325a68471Sdougm * We know the command exists, so attempt to execute it with all the 36546185db85Sdougm * arguments. This implements full legacy share support for those 36556185db85Sdougm * protocols that don't have plugin providers. 36566185db85Sdougm */ 36576185db85Sdougm 36586185db85Sdougm static int 36596185db85Sdougm run_legacy_command(char *path, char *argv[]) 36606185db85Sdougm { 36616185db85Sdougm int ret; 36626185db85Sdougm 36636185db85Sdougm ret = execv(path, argv); 36646185db85Sdougm if (ret < 0) { 36656185db85Sdougm switch (errno) { 36666185db85Sdougm case EACCES: 36676185db85Sdougm ret = SA_NO_PERMISSION; 36686185db85Sdougm break; 36696185db85Sdougm default: 36706185db85Sdougm ret = SA_SYSTEM_ERR; 36716185db85Sdougm break; 36726185db85Sdougm } 36736185db85Sdougm } 36746185db85Sdougm return (ret); 36756185db85Sdougm } 36766185db85Sdougm 36776185db85Sdougm /* 3678f345c0beSdougm * out_share(out, group, proto) 36796185db85Sdougm * 36806185db85Sdougm * Display the share information in the format that the "share" 36816185db85Sdougm * command has traditionally used. 36826185db85Sdougm */ 36836185db85Sdougm 36846185db85Sdougm static void 3685f345c0beSdougm out_share(FILE *out, sa_group_t group, char *proto) 36866185db85Sdougm { 36876185db85Sdougm sa_share_t share; 36886185db85Sdougm char resfmt[128]; 36896185db85Sdougm 369025a68471Sdougm for (share = sa_get_share(group, NULL); 369125a68471Sdougm share != NULL; 36926185db85Sdougm share = sa_get_next_share(share)) { 36936185db85Sdougm char *path; 36946185db85Sdougm char *type; 36956185db85Sdougm char *resource; 36966185db85Sdougm char *description; 36976185db85Sdougm char *groupname; 36986185db85Sdougm char *sharedstate; 36996185db85Sdougm int shared = 1; 37006185db85Sdougm char *soptions; 37016185db85Sdougm 37026185db85Sdougm sharedstate = sa_get_share_attr(share, "shared"); 37036185db85Sdougm path = sa_get_share_attr(share, "path"); 37046185db85Sdougm type = sa_get_share_attr(share, "type"); 37056185db85Sdougm resource = sa_get_share_attr(share, "resource"); 37066185db85Sdougm groupname = sa_get_group_attr(group, "name"); 37076185db85Sdougm 37086185db85Sdougm if (groupname != NULL && strcmp(groupname, "default") == 0) { 37096185db85Sdougm sa_free_attr_string(groupname); 37106185db85Sdougm groupname = NULL; 37116185db85Sdougm } 37126185db85Sdougm description = sa_get_share_description(share); 3713f345c0beSdougm 371425a68471Sdougm /* Want the sharetab version if it exists */ 3715f345c0beSdougm soptions = sa_get_share_attr(share, "shareopts"); 37166185db85Sdougm 37176185db85Sdougm if (sharedstate == NULL) 37186185db85Sdougm shared = 0; 37196185db85Sdougm 3720f345c0beSdougm if (soptions == NULL) 37216185db85Sdougm soptions = sa_proto_legacy_format(proto, share, 1); 37226185db85Sdougm 37236185db85Sdougm if (shared) { 3724f345c0beSdougm /* only active shares go here */ 37256185db85Sdougm (void) snprintf(resfmt, sizeof (resfmt), "%s%s%s", 37266185db85Sdougm resource != NULL ? resource : "-", 37276185db85Sdougm groupname != NULL ? "@" : "", 37286185db85Sdougm groupname != NULL ? groupname : ""); 37296185db85Sdougm (void) fprintf(out, "%-14.14s %s %s \"%s\" \n", 373025a68471Sdougm resfmt, path, 37316185db85Sdougm (soptions != NULL && strlen(soptions) > 0) ? 37326185db85Sdougm soptions : "rw", 37336185db85Sdougm (description != NULL) ? description : ""); 37346185db85Sdougm } 37356185db85Sdougm 37366185db85Sdougm if (path != NULL) 37376185db85Sdougm sa_free_attr_string(path); 37386185db85Sdougm if (type != NULL) 37396185db85Sdougm sa_free_attr_string(type); 37406185db85Sdougm if (resource != NULL) 37416185db85Sdougm sa_free_attr_string(resource); 37426185db85Sdougm if (groupname != NULL) 37436185db85Sdougm sa_free_attr_string(groupname); 37446185db85Sdougm if (description != NULL) 37456185db85Sdougm sa_free_share_description(description); 37466185db85Sdougm if (sharedstate != NULL) 37476185db85Sdougm sa_free_attr_string(sharedstate); 3748f345c0beSdougm if (soptions != NULL) 37496185db85Sdougm sa_format_free(soptions); 37506185db85Sdougm } 37516185db85Sdougm } 37526185db85Sdougm 37536185db85Sdougm /* 37546185db85Sdougm * output_legacy_file(out, proto) 37556185db85Sdougm * 37566185db85Sdougm * Walk all of the groups for the specified protocol and call 37576185db85Sdougm * out_share() to format and write in the format displayed by the 37586185db85Sdougm * "share" command with no arguments. 37596185db85Sdougm */ 37606185db85Sdougm 37616185db85Sdougm static void 3762549ec3ffSdougm output_legacy_file(FILE *out, char *proto, sa_handle_t handle) 37636185db85Sdougm { 37646185db85Sdougm sa_group_t group; 37656185db85Sdougm 3766549ec3ffSdougm for (group = sa_get_group(handle, NULL); group != NULL; 37676185db85Sdougm group = sa_get_next_group(group)) { 37686185db85Sdougm char *options; 37696185db85Sdougm char *zfs; 37706185db85Sdougm 37716185db85Sdougm /* 377225a68471Sdougm * Get default options preformated, being careful to 37736185db85Sdougm * handle legacy shares differently from new style 37746185db85Sdougm * shares. Legacy share have options on the share. 37756185db85Sdougm */ 37766185db85Sdougm 37776185db85Sdougm zfs = sa_get_group_attr(group, "zfs"); 37786185db85Sdougm if (zfs != NULL) { 37796185db85Sdougm sa_group_t zgroup; 37806185db85Sdougm sa_free_attr_string(zfs); 37816185db85Sdougm options = sa_proto_legacy_format(proto, group, 1); 378225a68471Sdougm for (zgroup = sa_get_sub_group(group); 378325a68471Sdougm zgroup != NULL; 37846185db85Sdougm zgroup = sa_get_next_group(zgroup)) { 37856185db85Sdougm 37866185db85Sdougm /* got a group, so display it */ 3787f345c0beSdougm out_share(out, zgroup, proto); 37886185db85Sdougm } 37896185db85Sdougm } else { 37906185db85Sdougm options = sa_proto_legacy_format(proto, group, 1); 3791f345c0beSdougm out_share(out, group, proto); 37926185db85Sdougm } 37936185db85Sdougm if (options != NULL) 37946185db85Sdougm free(options); 37956185db85Sdougm } 37966185db85Sdougm } 37976185db85Sdougm 379825a68471Sdougm /*ARGSUSED*/ 37996185db85Sdougm int 3800549ec3ffSdougm sa_legacy_share(sa_handle_t handle, int flags, int argc, char *argv[]) 38016185db85Sdougm { 38026185db85Sdougm char *protocol = "nfs"; 38036185db85Sdougm char *options = NULL; 38046185db85Sdougm char *description = NULL; 38056185db85Sdougm char *groupname = NULL; 38066185db85Sdougm char *sharepath = NULL; 38076185db85Sdougm char *resource = NULL; 38086185db85Sdougm char *groupstatus = NULL; 38096185db85Sdougm int persist = SA_SHARE_TRANSIENT; 38106185db85Sdougm int argsused = 0; 38116185db85Sdougm int c; 38126185db85Sdougm int ret = SA_OK; 38136185db85Sdougm int zfs = 0; 38146185db85Sdougm int true_legacy = 0; 38156185db85Sdougm int curtype = SA_SHARE_TRANSIENT; 38166185db85Sdougm char cmd[MAXPATHLEN]; 381725a68471Sdougm sa_group_t group = NULL; 381825a68471Sdougm sa_share_t share; 381925a68471Sdougm char dir[MAXPATHLEN]; 38206185db85Sdougm 38216185db85Sdougm while ((c = getopt(argc, argv, "?hF:d:o:p")) != EOF) { 38226185db85Sdougm switch (c) { 38236185db85Sdougm case 'd': 38246185db85Sdougm description = optarg; 38256185db85Sdougm argsused++; 38266185db85Sdougm break; 38276185db85Sdougm case 'F': 38286185db85Sdougm protocol = optarg; 38296185db85Sdougm if (!sa_valid_protocol(protocol)) { 38306185db85Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 383125a68471Sdougm protocol, "share") == 0 && 383225a68471Sdougm check_legacy_cmd(cmd)) { 38336185db85Sdougm true_legacy++; 38346185db85Sdougm } else { 383525a68471Sdougm (void) fprintf(stderr, gettext( 383625a68471Sdougm "Invalid protocol specified: " 383725a68471Sdougm "%s\n"), protocol); 38386185db85Sdougm return (SA_INVALID_PROTOCOL); 38396185db85Sdougm } 38406185db85Sdougm } 38416185db85Sdougm break; 38426185db85Sdougm case 'o': 38436185db85Sdougm options = optarg; 38446185db85Sdougm argsused++; 38456185db85Sdougm break; 38466185db85Sdougm case 'p': 38476185db85Sdougm persist = SA_SHARE_PERMANENT; 38486185db85Sdougm argsused++; 38496185db85Sdougm break; 38506185db85Sdougm case 'h': 38516185db85Sdougm case '?': 38526185db85Sdougm default: 38536185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 38546185db85Sdougm sa_get_usage(USAGE_SHARE)); 38556185db85Sdougm return (SA_OK); 38566185db85Sdougm } 38576185db85Sdougm } 38586185db85Sdougm 385925a68471Sdougm /* Have the info so construct what is needed */ 38606185db85Sdougm if (!argsused && optind == argc) { 38616185db85Sdougm /* display current info in share format */ 3862549ec3ffSdougm (void) output_legacy_file(stdout, "nfs", handle); 386325a68471Sdougm return (ret); 386425a68471Sdougm } 38656185db85Sdougm 386625a68471Sdougm /* We are modifying the configuration */ 38676185db85Sdougm if (optind == argc) { 38686185db85Sdougm (void) fprintf(stderr, gettext("usage: %s\n"), 38696185db85Sdougm sa_get_usage(USAGE_SHARE)); 38706185db85Sdougm return (SA_LEGACY_ERR); 38716185db85Sdougm } 38726185db85Sdougm if (true_legacy) { 387325a68471Sdougm /* If still using legacy share/unshare, exec it */ 38746185db85Sdougm ret = run_legacy_command(cmd, argv); 38756185db85Sdougm return (ret); 38766185db85Sdougm } 38776185db85Sdougm 38786185db85Sdougm sharepath = argv[optind++]; 38796185db85Sdougm if (optind < argc) { 38806185db85Sdougm resource = argv[optind]; 38816185db85Sdougm groupname = strchr(resource, '@'); 38826185db85Sdougm if (groupname != NULL) 38836185db85Sdougm *groupname++ = '\0'; 38846185db85Sdougm } 38856185db85Sdougm if (realpath(sharepath, dir) == NULL) 38866185db85Sdougm ret = SA_BAD_PATH; 38876185db85Sdougm else 38886185db85Sdougm sharepath = dir; 388925a68471Sdougm if (ret == SA_OK) 3890549ec3ffSdougm share = sa_find_share(handle, sharepath); 389125a68471Sdougm else 38926185db85Sdougm share = NULL; 389325a68471Sdougm 38946185db85Sdougm if (groupname != NULL) { 38956185db85Sdougm ret = SA_NOT_ALLOWED; 38966185db85Sdougm } else if (ret == SA_OK) { 38976185db85Sdougm char *legacygroup = "default"; 38986185db85Sdougm /* 389925a68471Sdougm * The legacy group is always present and zfs groups 39006185db85Sdougm * come and go. zfs shares may be in sub-groups and 39016185db85Sdougm * the zfs share will already be in that group so it 39026185db85Sdougm * isn't an error. 39036185db85Sdougm */ 39046185db85Sdougm /* 390525a68471Sdougm * If the share exists (not NULL), then make sure it 390625a68471Sdougm * is one we want to handle by getting the parent 390725a68471Sdougm * group. 39086185db85Sdougm */ 390925a68471Sdougm if (share != NULL) 39106185db85Sdougm group = sa_get_parent_group(share); 391125a68471Sdougm else 3912549ec3ffSdougm group = sa_get_group(handle, legacygroup); 391325a68471Sdougm 39146185db85Sdougm if (group != NULL) { 39156185db85Sdougm groupstatus = group_status(group); 39166185db85Sdougm if (share == NULL) { 39176185db85Sdougm share = sa_add_share(group, sharepath, 39186185db85Sdougm persist, &ret); 391925a68471Sdougm if (share == NULL && 392025a68471Sdougm ret == SA_DUPLICATE_NAME) { 392125a68471Sdougm /* 392225a68471Sdougm * Could be a ZFS path being started 392325a68471Sdougm */ 392425a68471Sdougm if (sa_zfs_is_shared(handle, 392525a68471Sdougm sharepath)) { 392625a68471Sdougm ret = SA_OK; 392725a68471Sdougm group = sa_get_group(handle, 392825a68471Sdougm "zfs"); 392925a68471Sdougm if (group == NULL) { 393025a68471Sdougm /* 393125a68471Sdougm * This shouldn't 393225a68471Sdougm * happen. 393325a68471Sdougm */ 393425a68471Sdougm ret = SA_CONFIG_ERR; 393525a68471Sdougm } else { 393625a68471Sdougm share = sa_add_share( 393725a68471Sdougm group, sharepath, 393825a68471Sdougm persist, &ret); 39396185db85Sdougm } 39406185db85Sdougm } 39416185db85Sdougm } 39426185db85Sdougm } else { 394393a6f655Sdougm char *type; 39446185db85Sdougm /* 394525a68471Sdougm * May want to change persist state, but the 394693a6f655Sdougm * important thing is to change options. We 394793a6f655Sdougm * need to change them regardless of the 394893a6f655Sdougm * source. 39496185db85Sdougm */ 3950549ec3ffSdougm if (sa_zfs_is_shared(handle, sharepath)) { 395193a6f655Sdougm zfs = 1; 395293a6f655Sdougm } 39536185db85Sdougm remove_all_options(share, protocol); 39546185db85Sdougm type = sa_get_share_attr(share, "type"); 39556185db85Sdougm if (type != NULL && 39566185db85Sdougm strcmp(type, "transient") != 0) { 39576185db85Sdougm curtype = SA_SHARE_PERMANENT; 39586185db85Sdougm } 39596185db85Sdougm if (type != NULL) 39606185db85Sdougm sa_free_attr_string(type); 39616185db85Sdougm if (curtype != persist) { 39626185db85Sdougm (void) sa_set_share_attr(share, "type", 39636185db85Sdougm persist == SA_SHARE_PERMANENT ? 39646185db85Sdougm "persist" : "transient"); 39656185db85Sdougm } 39666185db85Sdougm } 396725a68471Sdougm /* Have a group to hold this share path */ 39686185db85Sdougm if (ret == SA_OK && options != NULL && 39696185db85Sdougm strlen(options) > 0) { 39706185db85Sdougm ret = sa_parse_legacy_options(share, 39716185db85Sdougm options, 39726185db85Sdougm protocol); 39736185db85Sdougm } 397493a6f655Sdougm if (!zfs) { 397593a6f655Sdougm /* 397625a68471Sdougm * ZFS shares never have resource or 397793a6f655Sdougm * description and we can't store the values 397893a6f655Sdougm * so don't try. 397993a6f655Sdougm */ 39806185db85Sdougm if (ret == SA_OK && description != NULL) 398125a68471Sdougm ret = sa_set_share_description(share, 398225a68471Sdougm description); 39836185db85Sdougm if (ret == SA_OK && resource != NULL) 398425a68471Sdougm ret = sa_set_share_attr(share, 398525a68471Sdougm "resource", resource); 39866185db85Sdougm } 39876185db85Sdougm if (ret == SA_OK) { 39886185db85Sdougm if (strcmp(groupstatus, "enabled") == 0) 39896185db85Sdougm ret = sa_enable_share(share, protocol); 399025a68471Sdougm if (ret == SA_OK && 399125a68471Sdougm persist == SA_SHARE_PERMANENT) { 399225a68471Sdougm (void) sa_update_legacy(share, 399325a68471Sdougm protocol); 39946185db85Sdougm } 39956185db85Sdougm if (ret == SA_OK) 3996549ec3ffSdougm ret = sa_update_config(handle); 39976185db85Sdougm } 39986185db85Sdougm } else { 39996185db85Sdougm ret = SA_SYSTEM_ERR; 40006185db85Sdougm } 40016185db85Sdougm } 40026185db85Sdougm if (ret != SA_OK) { 40036185db85Sdougm (void) fprintf(stderr, gettext("Could not share: %s: %s\n"), 40046185db85Sdougm sharepath, sa_errorstr(ret)); 40056185db85Sdougm ret = SA_LEGACY_ERR; 40066185db85Sdougm 40076185db85Sdougm } 40086185db85Sdougm return (ret); 40096185db85Sdougm } 40106185db85Sdougm 40116185db85Sdougm /* 40126185db85Sdougm * sa_legacy_unshare(flags, argc, argv) 40136185db85Sdougm * 40146185db85Sdougm * Implements the original unshare command. 40156185db85Sdougm */ 401625a68471Sdougm /*ARGSUSED*/ 40176185db85Sdougm int 4018549ec3ffSdougm sa_legacy_unshare(sa_handle_t handle, int flags, int argc, char *argv[]) 40196185db85Sdougm { 40206185db85Sdougm char *protocol = "nfs"; /* for now */ 40216185db85Sdougm char *options = NULL; 40226185db85Sdougm char *sharepath = NULL; 40236185db85Sdougm int persist = SA_SHARE_TRANSIENT; 40246185db85Sdougm int argsused = 0; 40256185db85Sdougm int c; 40266185db85Sdougm int ret = SA_OK; 40276185db85Sdougm int true_legacy = 0; 40286185db85Sdougm char cmd[MAXPATHLEN]; 40296185db85Sdougm 40306185db85Sdougm while ((c = getopt(argc, argv, "?hF:o:p")) != EOF) { 40316185db85Sdougm switch (c) { 40326185db85Sdougm case 'h': 40336185db85Sdougm case '?': 40346185db85Sdougm break; 40356185db85Sdougm case 'F': 40366185db85Sdougm protocol = optarg; 40376185db85Sdougm if (!sa_valid_protocol(protocol)) { 40386185db85Sdougm if (format_legacy_path(cmd, MAXPATHLEN, 40396185db85Sdougm protocol, "unshare") == 0 && 40406185db85Sdougm check_legacy_cmd(cmd)) { 40416185db85Sdougm true_legacy++; 40426185db85Sdougm } else { 404325a68471Sdougm (void) printf(gettext( 404425a68471Sdougm "Invalid file system name\n")); 40456185db85Sdougm return (SA_INVALID_PROTOCOL); 40466185db85Sdougm } 40476185db85Sdougm } 40486185db85Sdougm break; 40496185db85Sdougm case 'o': 40506185db85Sdougm options = optarg; 40516185db85Sdougm argsused++; 40526185db85Sdougm break; 40536185db85Sdougm case 'p': 40546185db85Sdougm persist = SA_SHARE_PERMANENT; 40556185db85Sdougm argsused++; 40566185db85Sdougm break; 40576185db85Sdougm default: 40586185db85Sdougm (void) printf(gettext("usage: %s\n"), 40596185db85Sdougm sa_get_usage(USAGE_UNSHARE)); 40606185db85Sdougm return (SA_OK); 40616185db85Sdougm } 40626185db85Sdougm } 40636185db85Sdougm 406425a68471Sdougm /* Have the info so construct what is needed */ 406525a68471Sdougm if (optind == argc || (optind + 1) < argc || options != NULL) { 40666185db85Sdougm ret = SA_SYNTAX_ERR; 40676185db85Sdougm } else { 40686185db85Sdougm sa_share_t share; 40696185db85Sdougm char dir[MAXPATHLEN]; 40706185db85Sdougm if (true_legacy) { 40716185db85Sdougm /* if still using legacy share/unshare, exec it */ 40726185db85Sdougm ret = run_legacy_command(cmd, argv); 40736185db85Sdougm return (ret); 40746185db85Sdougm } 4075a99982a7Sdougm /* 4076a99982a7Sdougm * Find the path in the internal configuration. If it 4077a99982a7Sdougm * isn't found, attempt to resolve the path via 4078a99982a7Sdougm * realpath() and try again. 4079a99982a7Sdougm */ 40806185db85Sdougm sharepath = argv[optind++]; 4081549ec3ffSdougm share = sa_find_share(handle, sharepath); 4082a99982a7Sdougm if (share == NULL) { 40836185db85Sdougm if (realpath(sharepath, dir) == NULL) { 40846185db85Sdougm ret = SA_NO_SUCH_PATH; 40856185db85Sdougm } else { 4086549ec3ffSdougm share = sa_find_share(handle, dir); 4087a99982a7Sdougm } 4088a99982a7Sdougm } 40896185db85Sdougm if (share != NULL) { 40906185db85Sdougm ret = sa_disable_share(share, protocol); 4091a99982a7Sdougm /* 4092a99982a7Sdougm * Errors are ok and removal should still occur. The 4093a99982a7Sdougm * legacy unshare is more forgiving of errors than the 4094a99982a7Sdougm * remove-share subcommand which may need the force 4095a99982a7Sdougm * flag set for some error conditions. That is, the 4096a99982a7Sdougm * "unshare" command will always unshare if it can 4097a99982a7Sdougm * while "remove-share" might require the force option. 4098a99982a7Sdougm */ 4099a99982a7Sdougm if (persist == SA_SHARE_PERMANENT) { 41006185db85Sdougm ret = sa_remove_share(share); 4101a99982a7Sdougm if (ret == SA_OK) 4102549ec3ffSdougm ret = sa_update_config(handle); 41036185db85Sdougm } 41046185db85Sdougm } else { 41056185db85Sdougm ret = SA_NOT_SHARED; 41066185db85Sdougm } 41076185db85Sdougm } 41086185db85Sdougm switch (ret) { 41096185db85Sdougm default: 41106185db85Sdougm (void) printf("%s: %s\n", sharepath, sa_errorstr(ret)); 41116185db85Sdougm ret = SA_LEGACY_ERR; 41126185db85Sdougm break; 41136185db85Sdougm case SA_SYNTAX_ERR: 41146185db85Sdougm (void) printf(gettext("usage: %s\n"), 41156185db85Sdougm sa_get_usage(USAGE_UNSHARE)); 41166185db85Sdougm break; 41176185db85Sdougm case SA_OK: 41186185db85Sdougm break; 41196185db85Sdougm } 41206185db85Sdougm return (ret); 41216185db85Sdougm } 41226185db85Sdougm 41236185db85Sdougm /* 412425a68471Sdougm * Common commands that implement the sub-commands used by all 41256185db85Sdougm * protcols. The entries are found via the lookup command 41266185db85Sdougm */ 41276185db85Sdougm 41286185db85Sdougm static sa_command_t commands[] = { 41296185db85Sdougm {"add-share", 0, sa_addshare, USAGE_ADD_SHARE, SVC_SET}, 41306185db85Sdougm {"create", 0, sa_create, USAGE_CREATE, SVC_SET|SVC_ACTION}, 41316185db85Sdougm {"delete", 0, sa_delete, USAGE_DELETE, SVC_SET|SVC_ACTION}, 41326185db85Sdougm {"disable", 0, sa_disable_group, USAGE_DISABLE, SVC_SET|SVC_ACTION}, 41336185db85Sdougm {"enable", 0, sa_enable_group, USAGE_ENABLE, SVC_SET|SVC_ACTION}, 41346185db85Sdougm {"list", 0, sa_list, USAGE_LIST}, 41356185db85Sdougm {"move-share", 0, sa_moveshare, USAGE_MOVE_SHARE, SVC_SET}, 41366185db85Sdougm {"remove-share", 0, sa_removeshare, USAGE_REMOVE_SHARE, SVC_SET}, 41376185db85Sdougm {"set", 0, sa_set, USAGE_SET, SVC_SET}, 41386185db85Sdougm {"set-share", 0, sa_set_share, USAGE_SET_SHARE, SVC_SET}, 41396185db85Sdougm {"show", 0, sa_show, USAGE_SHOW}, 41406185db85Sdougm {"share", 0, sa_legacy_share, USAGE_SHARE, SVC_SET|SVC_ACTION}, 41416185db85Sdougm {"start", CMD_NODISPLAY, sa_start_group, USAGE_START, 41426185db85Sdougm SVC_SET|SVC_ACTION}, 41436185db85Sdougm {"stop", CMD_NODISPLAY, sa_stop_group, USAGE_STOP, SVC_SET|SVC_ACTION}, 41446185db85Sdougm {"unset", 0, sa_unset, USAGE_UNSET, SVC_SET}, 41456185db85Sdougm {"unshare", 0, sa_legacy_unshare, USAGE_UNSHARE, SVC_SET|SVC_ACTION}, 41466185db85Sdougm {NULL, 0, NULL, NULL} 41476185db85Sdougm }; 41486185db85Sdougm 41496185db85Sdougm static char * 41506185db85Sdougm sa_get_usage(sa_usage_t index) 41516185db85Sdougm { 41526185db85Sdougm char *ret = NULL; 41536185db85Sdougm switch (index) { 41546185db85Sdougm case USAGE_ADD_SHARE: 41556185db85Sdougm ret = gettext("add-share [-nth] [-r resource-name] " 41566185db85Sdougm "[-d \"description text\"] -s sharepath group"); 41576185db85Sdougm break; 41586185db85Sdougm case USAGE_CREATE: 415925a68471Sdougm ret = gettext( 416025a68471Sdougm "create [-nvh] [-P proto [-p property=value]] group"); 41616185db85Sdougm break; 41626185db85Sdougm case USAGE_DELETE: 41636185db85Sdougm ret = gettext("delete [-nvh] [-P proto] [-f] group"); 41646185db85Sdougm break; 41656185db85Sdougm case USAGE_DISABLE: 41666185db85Sdougm ret = gettext("disable [-nvh] {-a | group ...}"); 41676185db85Sdougm break; 41686185db85Sdougm case USAGE_ENABLE: 41696185db85Sdougm ret = gettext("enable [-nvh] {-a | group ...}"); 41706185db85Sdougm break; 41716185db85Sdougm case USAGE_LIST: 41726185db85Sdougm ret = gettext("list [-vh] [-P proto]"); 41736185db85Sdougm break; 41746185db85Sdougm case USAGE_MOVE_SHARE: 417525a68471Sdougm ret = gettext( 417625a68471Sdougm "move-share [-nvh] -s sharepath destination-group"); 41776185db85Sdougm break; 41786185db85Sdougm case USAGE_REMOVE_SHARE: 41796185db85Sdougm ret = gettext("remove-share [-fnvh] -s sharepath group"); 41806185db85Sdougm break; 41816185db85Sdougm case USAGE_SET: 41826185db85Sdougm ret = gettext("set [-nvh] -P proto [-S optspace] " 41836185db85Sdougm "[-p property=value]* [-s sharepath] group"); 41846185db85Sdougm break; 41856185db85Sdougm case USAGE_SET_SECURITY: 41866185db85Sdougm ret = gettext("set-security [-nvh] -P proto -S security-type " 41876185db85Sdougm "[-p property=value]* group"); 41886185db85Sdougm break; 41896185db85Sdougm case USAGE_SET_SHARE: 41906185db85Sdougm ret = gettext("set-share [-nh] [-r resource] " 41916185db85Sdougm "[-d \"description text\"] -s sharepath group"); 41926185db85Sdougm break; 41936185db85Sdougm case USAGE_SHOW: 41946185db85Sdougm ret = gettext("show [-pvxh] [-P proto] [group ...]"); 41956185db85Sdougm break; 41966185db85Sdougm case USAGE_SHARE: 41976185db85Sdougm ret = gettext("share [-F fstype] [-p] [-o optionlist]" 41986185db85Sdougm "[-d description] [pathname [resourcename]]"); 41996185db85Sdougm break; 42006185db85Sdougm case USAGE_START: 42016185db85Sdougm ret = gettext("start [-vh] [-P proto] {-a | group ...}"); 42026185db85Sdougm break; 42036185db85Sdougm case USAGE_STOP: 42046185db85Sdougm ret = gettext("stop [-vh] [-P proto] {-a | group ...}"); 42056185db85Sdougm break; 42066185db85Sdougm case USAGE_UNSET: 42076185db85Sdougm ret = gettext("unset [-nvh] -P proto [-S optspace] " 42086185db85Sdougm "[-p property]* group"); 42096185db85Sdougm break; 42106185db85Sdougm case USAGE_UNSET_SECURITY: 42116185db85Sdougm ret = gettext("unset-security [-nvh] -P proto -S security-type" 42126185db85Sdougm " [-p property]* group"); 42136185db85Sdougm break; 42146185db85Sdougm case USAGE_UNSHARE: 421525a68471Sdougm ret = gettext( 421625a68471Sdougm "unshare [-F fstype] [-p] sharepath"); 42176185db85Sdougm break; 42186185db85Sdougm } 42196185db85Sdougm return (ret); 42206185db85Sdougm } 42216185db85Sdougm 42226185db85Sdougm /* 42236185db85Sdougm * sa_lookup(cmd, proto) 42246185db85Sdougm * 42256185db85Sdougm * Lookup the sub-command. proto isn't currently used, but it may 42266185db85Sdougm * eventually provide a way to provide protocol specific sub-commands. 42276185db85Sdougm */ 422825a68471Sdougm /*ARGSUSED*/ 42296185db85Sdougm sa_command_t * 42306185db85Sdougm sa_lookup(char *cmd, char *proto) 42316185db85Sdougm { 42326185db85Sdougm int i; 42336185db85Sdougm size_t len; 42346185db85Sdougm 42356185db85Sdougm len = strlen(cmd); 42366185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 42376185db85Sdougm if (strncmp(cmd, commands[i].cmdname, len) == 0) 42386185db85Sdougm return (&commands[i]); 42396185db85Sdougm } 42406185db85Sdougm return (NULL); 42416185db85Sdougm } 42426185db85Sdougm 424325a68471Sdougm /*ARGSUSED*/ 42446185db85Sdougm void 42456185db85Sdougm sub_command_help(char *proto) 42466185db85Sdougm { 42476185db85Sdougm int i; 42486185db85Sdougm 42496185db85Sdougm (void) printf(gettext("\tsub-commands:\n")); 42506185db85Sdougm for (i = 0; commands[i].cmdname != NULL; i++) { 42516185db85Sdougm if (!(commands[i].flags & (CMD_ALIAS|CMD_NODISPLAY))) 42526185db85Sdougm (void) printf("\t%s\n", 42536185db85Sdougm sa_get_usage((sa_usage_t)commands[i].cmdidx)); 42546185db85Sdougm } 42556185db85Sdougm } 4256