xref: /titanic_52/usr/src/cmd/profiles/profiles.c (revision 52244c0958bdf281ca42932b449f644b4decfdc2)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <unistd.h>
28 #include <pwd.h>
29 #include <string.h>
30 #include <libintl.h>
31 #include <locale.h>
32 #include <deflt.h>
33 #include <user_attr.h>
34 #include <prof_attr.h>
35 #include <exec_attr.h>
36 #include <auth_attr.h>
37 
38 
39 #define	EXIT_OK		0
40 #define	EXIT_FATAL	1
41 #define	EXIT_NON_FATAL	2
42 
43 #define	TMP_BUF_LEN	2048		/* size of temp string buffer */
44 
45 #define	PRINT_DEFAULT	0x0000
46 #define	PRINT_NAME	0x0010
47 #define	PRINT_LONG	0x0020
48 
49 #ifndef TEXT_DOMAIN			/* Should be defined by cc -D */
50 #define	TEXT_DOMAIN	"SYS_TEST"
51 #endif
52 
53 static void usage();
54 static int show_profs(char *, int);
55 static void print_profs_long(execattr_t *);
56 static void print_profile_privs(kva_t *);
57 
58 static char *progname = "profiles";
59 
60 int
61 main(int argc, char *argv[])
62 {
63 	extern int	optind;
64 	int		c;
65 	int		status = EXIT_OK;
66 	int		print_flag = PRINT_DEFAULT;
67 
68 	(void) setlocale(LC_ALL, "");
69 	(void) textdomain(TEXT_DOMAIN);
70 
71 	while ((c = getopt(argc, argv, "l")) != EOF) {
72 		switch (c) {
73 		case 'l':
74 			print_flag |= PRINT_LONG;
75 			break;
76 		default:
77 			usage();
78 			return (EXIT_FATAL);
79 		}
80 	}
81 	argc -= optind;
82 	argv += optind;
83 
84 	if (*argv == NULL) {
85 		status = show_profs(NULL, print_flag);
86 	} else {
87 		do {
88 			(void) printf("%s:\n", *argv);
89 			status = show_profs((char *)*argv,
90 			    (print_flag | PRINT_NAME));
91 			if (status == EXIT_FATAL) {
92 				break;
93 			}
94 			if (argv[1] != NULL) {
95 				/* seperate users with empty line */
96 				(void) printf("\n");
97 			}
98 		} while (*++argv);
99 	}
100 	status = (status == EXIT_OK) ? status : EXIT_FATAL;
101 
102 	return (status);
103 }
104 
105 static int
106 show_profs_callback(const char *prof, kva_t *pa, void *pflag, void *vcnt)
107 {
108 	char *indent = "";
109 	const int *print_flag = pflag;
110 	int *pcnt = vcnt;
111 
112 	(*pcnt)++;
113 
114 	if ((*print_flag) & PRINT_NAME) {
115 		indent = "          ";
116 	}
117 
118 	(void) printf("%s%s", indent, prof);
119 	print_profile_privs(pa);
120 	(void) printf("\n");
121 
122 	return (0);
123 }
124 
125 static int
126 show_profs(char *username, int print_flag)
127 {
128 	int		status = EXIT_OK;
129 	struct passwd	*pw;
130 	execattr_t	*exec;
131 
132 	if (username == NULL) {
133 		if ((pw = getpwuid(getuid())) == NULL) {
134 			status = EXIT_NON_FATAL;
135 			(void) fprintf(stderr, "%s: ", progname);
136 			(void) fprintf(stderr, gettext("No passwd entry\n"));
137 			return (status);
138 		}
139 		username = pw->pw_name;
140 	} else if (getpwnam(username) == NULL) {
141 		status = EXIT_NON_FATAL;
142 		(void) fprintf(stderr, "%s: %s: ", progname, username);
143 		(void) fprintf(stderr, gettext("No such user\n"));
144 		return (status);
145 	}
146 
147 	if (print_flag & PRINT_LONG) {
148 		exec = getexecuser(username, KV_COMMAND, NULL,
149 		    GET_ALL|__SEARCH_ALL_POLS);
150 		if (exec != NULL) {
151 			print_profs_long(exec);
152 			free_execattr(exec);
153 		} else {
154 			status = EXIT_NON_FATAL;
155 		}
156 	} else {
157 		int cnt = 0;
158 		(void) _enum_profs(username, show_profs_callback, &print_flag,
159 		    &cnt);
160 
161 		if (cnt == 0)
162 			status = EXIT_NON_FATAL;
163 	}
164 
165 	if (status == EXIT_NON_FATAL) {
166 		(void) fprintf(stderr, "%s: %s: ", progname, username);
167 		(void) fprintf(stderr, gettext("No profiles\n"));
168 	}
169 
170 	return (status);
171 }
172 
173 /*
174  * print extended profile information.
175  *
176  * output is "pretty printed" like
177  *   [6spaces]Profile Name1[ possible profile privileges]
178  *   [10spaces  ]execname1 [skip to ATTR_COL]exec1 attributes1
179  *   [      spaces to ATTR_COL              ]exec1 attributes2
180  *   [10spaces  ]execname2 [skip to ATTR_COL]exec2 attributes1
181  *   [      spaces to ATTR_COL              ]exec2 attributes2
182  *   [6spaces]Profile Name2[ possible profile privileges]
183  *   etc
184  */
185 /*
186  * ATTR_COL is based on
187  *   10 leading spaces +
188  *   25 positions for the executable +
189  *    1 space seperating the execname from the attributes
190  * so attribute printing starts at column 37 (36 whitespaces)
191  *
192  *  25 spaces for the execname seems reasonable since currently
193  *  less than 3% of the shipped exec_attr would overflow this
194  */
195 #define	ATTR_COL	37
196 
197 static void
198 print_profs_long(execattr_t *exec)
199 {
200 	char	*curprofile;
201 	int	len;
202 	kv_t	*kv_pair;
203 	char	*key;
204 	char	*val;
205 	int	i;
206 
207 	for (curprofile = ""; exec != NULL; exec = exec->next) {
208 		/* print profile name if it is a new one */
209 		if (strcmp(curprofile, exec->name) != 0) {
210 			profattr_t *pa;
211 			curprofile = exec->name;
212 
213 			(void) printf("      %s", curprofile);
214 
215 			pa = getprofnam(curprofile);
216 			if (pa != NULL) {
217 				print_profile_privs(pa->attr);
218 				free_profattr(pa);
219 			}
220 			(void) printf("\n");
221 		}
222 		len = printf("          %s ", exec->id);
223 
224 		if ((exec->attr == NULL || exec->attr->data == NULL)) {
225 			(void) printf("\n");
226 			continue;
227 		}
228 
229 		/*
230 		 * if printing the name of the executable got us past the
231 		 * ATTR_COLth column, skip to ATTR_COL on a new line to
232 		 * print the attribues.
233 		 * else, just skip to ATTR_COL column.
234 		 */
235 		if (len >= ATTR_COL)
236 			(void) printf("\n%*s", ATTR_COL, " ");
237 		else
238 			(void) printf("%*s", ATTR_COL-len, " ");
239 		len = ATTR_COL;
240 
241 		/* print all attributes of this profile */
242 		kv_pair = exec->attr->data;
243 		for (i = 0; i < exec->attr->length; i++) {
244 			key = kv_pair[i].key;
245 			val = kv_pair[i].value;
246 			if (key == NULL || val == NULL)
247 				break;
248 			/* align subsequent attributes on the same column */
249 			if (i > 0)
250 				(void) printf("%*s", len, " ");
251 			(void) printf("%s=%s\n", key, val);
252 		}
253 	}
254 }
255 
256 static void
257 usage()
258 {
259 	(void) fprintf(stderr,
260 	    gettext("  usage: profiles [-l] [user1 user2 ...]\n"));
261 }
262 
263 static void
264 print_profile_privs(kva_t *attr)
265 {
266 	char *privs;
267 
268 	if (attr) {
269 		privs = kva_match(attr, PROFATTR_PRIVS_KW);
270 		if (privs)
271 			(void) printf(" privs=%s", privs);
272 	}
273 }
274