xref: /titanic_52/usr/src/head/nss_dbdefs.h (revision 29949e866e40b95795203f3ee46f44a197c946e4)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  *
26  * Database-speficic definitions for the getXXXbyYYY routines
27  * (e.g getpwuid_r(), ether_ntohost()) that use the name-service switch.
28  * Database-independent definitions are in <nss_common.h>
29  *
30  * Ideally, this is the only switch header file one would add things
31  * to in order to support a new database.
32  *
33  * NOTE:  The interfaces documented in this file may change in a minor
34  *	  release.  It is intended that in the future a stronger committment
35  *	  will be made to these interface definitions which will guarantee
36  *	  them across minor releases.
37  */
38 
39 #ifndef _NSS_DBDEFS_H
40 #define	_NSS_DBDEFS_H
41 
42 #pragma ident	"%Z%%M%	%I%	%E% SMI"
43 
44 #include <errno.h>
45 #include <netdb.h>		/* MAXALIASES, MAXADDRS */
46 #include <limits.h>		/* LOGNAME_MAX */
47 #include <nss_common.h>
48 
49 #ifdef	__cplusplus
50 extern "C" {
51 #endif
52 
53 #ifndef	NSS_INCLUDE_UNSAFE
54 #define	NSS_INCLUDE_UNSAFE	1	/* Build old, MT-unsafe interfaces, */
55 #endif	/* NSS_INCLUDE_UNSAFE */	/*  e.g. getpwnam (c.f. getpwnam_r) */
56 
57 /*
58  * Names of the well-known databases.
59  */
60 
61 #define	NSS_DBNAM_ALIASES	"aliases"	/* E-mail aliases, that is */
62 #define	NSS_DBNAM_AUTOMOUNT	"automount"
63 #define	NSS_DBNAM_BOOTPARAMS	"bootparams"
64 #define	NSS_DBNAM_ETHERS	"ethers"
65 #define	NSS_DBNAM_GROUP		"group"
66 #define	NSS_DBNAM_HOSTS		"hosts"
67 #define	NSS_DBNAM_IPNODES	"ipnodes"
68 #define	NSS_DBNAM_NETGROUP	"netgroup"
69 #define	NSS_DBNAM_NETMASKS	"netmasks"
70 #define	NSS_DBNAM_NETWORKS	"networks"
71 #define	NSS_DBNAM_PASSWD	"passwd"
72 #define	NSS_DBNAM_PRINTERS	"printers"
73 #define	NSS_DBNAM_PROJECT	"project"
74 #define	NSS_DBNAM_PROTOCOLS	"protocols"
75 #define	NSS_DBNAM_PUBLICKEY	"publickey"
76 #define	NSS_DBNAM_RPC		"rpc"
77 #define	NSS_DBNAM_SERVICES	"services"
78 #define	NSS_DBNAM_AUDITUSER	"audit_user"
79 #define	NSS_DBNAM_AUTHATTR	"auth_attr"
80 #define	NSS_DBNAM_EXECATTR	"exec_attr"
81 #define	NSS_DBNAM_PROFATTR	"prof_attr"
82 #define	NSS_DBNAM_USERATTR	"user_attr"
83 
84 /* getspnam() et al use the "passwd" config entry but the "shadow" backend */
85 #define	NSS_DBNAM_SHADOW	"shadow"
86 
87 /* The "compat" backend gets config entries for these pseudo-databases */
88 #define	NSS_DBNAM_PASSWD_COMPAT	"passwd_compat"
89 #define	NSS_DBNAM_GROUP_COMPAT	"group_compat"
90 
91 /*
92  * Default switch configuration, compiled into the front-ends.
93  *
94  * Absent good reasons to the contrary, this should be compatible with the
95  * default /etc/nsswitch.conf file.
96  */
97 #define	NSS_FILES_ONLY		"files"
98 #define	NSS_FILES_NS		"files nis"
99 #define	NSS_NS_FALLBACK		"nis [NOTFOUND=return] files"
100 #define	NSS_NS_ONLY		"nis"
101 
102 #define	NSS_DEFCONF_ALIASES	NSS_FILES_NS
103 #define	NSS_DEFCONF_AUTOMOUNT	NSS_FILES_NS
104 #define	NSS_DEFCONF_BOOTPARAMS	NSS_NS_FALLBACK
105 #define	NSS_DEFCONF_ETHERS	NSS_NS_FALLBACK
106 #define	NSS_DEFCONF_GROUP	NSS_FILES_NS
107 #define	NSS_DEFCONF_HOSTS	NSS_NS_FALLBACK
108 #define	NSS_DEFCONF_IPNODES	NSS_NS_FALLBACK
109 #define	NSS_DEFCONF_NETGROUP	NSS_NS_ONLY
110 #define	NSS_DEFCONF_NETMASKS	NSS_NS_FALLBACK
111 #define	NSS_DEFCONF_NETWORKS	NSS_NS_FALLBACK
112 #define	NSS_DEFCONF_PASSWD	NSS_FILES_NS
113 #define	NSS_DEFCONF_PRINTERS	"user files nis nisplus"
114 #define	NSS_DEFCONF_PROJECT	NSS_FILES_NS
115 #define	NSS_DEFCONF_PROTOCOLS	NSS_NS_FALLBACK
116 #define	NSS_DEFCONF_PUBLICKEY	NSS_FILES_NS
117 #define	NSS_DEFCONF_RPC		NSS_NS_FALLBACK
118 #define	NSS_DEFCONF_SERVICES	NSS_FILES_NS	/* speeds up byname() */
119 
120 #define	NSS_DEFCONF_GROUP_COMPAT	NSS_NS_ONLY
121 #define	NSS_DEFCONF_PASSWD_COMPAT	NSS_NS_ONLY
122 
123 #define	NSS_DEFCONF_ATTRDB	NSS_FILES_NS
124 
125 #define	NSS_DEFCONF_AUDITUSER	NSS_DEFCONF_PASSWD
126 #define	NSS_DEFCONF_USERATTR	NSS_DEFCONF_PASSWD
127 #define	NSS_DEFCONF_AUTHATTR	NSS_DEFCONF_ATTRDB
128 #define	NSS_DEFCONF_PROFATTR	NSS_DEFCONF_ATTRDB
129 #define	NSS_DEFCONF_EXECATTR	NSS_DEFCONF_PROFATTR
130 
131 /*
132  * Line-lengths that the "files" and "compat" backends will try to support.
133  * It may be reasonable (even advisable) to use smaller values than these.
134  */
135 
136 #define	NSS_BUFSIZ		1024
137 
138 #define	NSS_LINELEN_GROUP	((NSS_BUFSIZ) * 4)
139 #define	NSS_LINELEN_HOSTS	((NSS_BUFSIZ) * 8)
140 #define	NSS_LINELEN_IPNODES	((NSS_BUFSIZ) * 8)
141 #define	NSS_LINELEN_NETMASKS	NSS_BUFSIZ
142 #define	NSS_LINELEN_NETWORKS	NSS_BUFSIZ
143 #define	NSS_LINELEN_PASSWD	NSS_BUFSIZ
144 #define	NSS_LINELEN_PRINTERS	NSS_BUFSIZ
145 #define	NSS_LINELEN_PROJECT	((NSS_BUFSIZ) * 4)
146 #define	NSS_LINELEN_PROTOCOLS	NSS_BUFSIZ
147 #define	NSS_LINELEN_PUBLICKEY	NSS_BUFSIZ
148 #define	NSS_LINELEN_RPC		NSS_BUFSIZ
149 #define	NSS_LINELEN_SERVICES	NSS_BUFSIZ
150 #define	NSS_LINELEN_SHADOW	NSS_BUFSIZ
151 #define	NSS_LINELEN_ETHERS	NSS_BUFSIZ
152 #define	NSS_LINELEN_BOOTPARAMS	NSS_BUFSIZ
153 
154 #define	NSS_LINELEN_ATTRDB	NSS_BUFSIZ
155 
156 #define	NSS_LINELEN_AUDITUSER	NSS_LINELEN_ATTRDB
157 #define	NSS_LINELEN_AUTHATTR	NSS_LINELEN_ATTRDB
158 #define	NSS_LINELEN_EXECATTR	NSS_LINELEN_ATTRDB
159 #define	NSS_LINELEN_PROFATTR	NSS_LINELEN_ATTRDB
160 #define	NSS_LINELEN_USERATTR	NSS_LINELEN_ATTRDB
161 
162 #define	NSS_MMAPLEN_EXECATTR	NSS_LINELEN_EXECATTR * 8
163 
164 /*
165  * Reasonable defaults for 'buflen' values passed to _r functions.  The BSD
166  * and SunOS 4.x implementations of the getXXXbyYYY() functions used hard-
167  * coded array sizes;  the values here are meant to handle anything that
168  * those implementations handled.
169  * === These might more reasonably go in <pwd.h>, <netdb.h> et al
170  */
171 
172 #define	NSS_BUFLEN_GROUP	(NSS_LINELEN_GROUP + 800 * sizeof (char *))
173 #define	NSS_BUFLEN_HOSTS	\
174 	(NSS_LINELEN_HOSTS + (MAXALIASES + MAXADDRS + 2) * sizeof (char *))
175 #define	NSS_BUFLEN_IPNODES	\
176 	(NSS_LINELEN_IPNODES + (MAXALIASES + MAXADDRS + 2) * sizeof (char *))
177 #define	NSS_BUFLEN_NETGROUP	(MAXHOSTNAMELEN * 2 + LOGNAME_MAX + 3)
178 #define	NSS_BUFLEN_NETWORKS	NSS_LINELEN_NETWORKS	/* === ?  + 35 * 4 */
179 #define	NSS_BUFLEN_PASSWD	NSS_LINELEN_PASSWD
180 #define	NSS_BUFLEN_PROJECT	(NSS_LINELEN_PROJECT + 800 * sizeof (char *))
181 #define	NSS_BUFLEN_PROTOCOLS	NSS_LINELEN_PROTOCOLS	/* === ?  + 35 * 4 */
182 #define	NSS_BUFLEN_PUBLICKEY	NSS_LINELEN_PUBLICKEY
183 #define	NSS_BUFLEN_RPC		NSS_LINELEN_RPC		/* === ?  + 35 * 4 */
184 #define	NSS_BUFLEN_SERVICES	NSS_LINELEN_SERVICES	/* === ?  + 35 * 4 */
185 #define	NSS_BUFLEN_SHADOW	NSS_LINELEN_SHADOW
186 #define	NSS_BUFLEN_ETHERS	NSS_LINELEN_ETHERS
187 #define	NSS_BUFLEN_BOOTPARAMS	NSS_LINELEN_BOOTPARAMS
188 
189 #define	NSS_BUFLEN_ATTRDB	NSS_LINELEN_ATTRDB
190 
191 #define	NSS_BUFLEN_AUDITUSER	NSS_BUFLEN_ATTRDB
192 #define	NSS_BUFLEN_AUTHATTR	NSS_BUFLEN_ATTRDB
193 #define	NSS_BUFLEN_EXECATTR	NSS_BUFLEN_ATTRDB
194 #define	NSS_BUFLEN_PROFATTR	NSS_BUFLEN_ATTRDB
195 #define	NSS_BUFLEN_USERATTR	NSS_BUFLEN_ATTRDB
196 
197 
198 /*
199  * Arguments and results, passed between the frontends and backends for
200  * the well-known databases.  The getXbyY_r() and getXent_r() routines
201  * use a common format that is further described below;  other routines
202  * use their own formats.
203  */
204 
205 /*
206  * The initgroups() function [see initgroups(3c)] needs to find all the
207  *   groups to which a given user belongs.  To do this it calls
208  *   _getgroupsbymember(), which is part of the frontend for the "group"
209  *   database.
210  * We want the same effect as if we used getgrent_r() to enumerate the
211  *   entire groups database (possibly from multiple sources), but getgrent_r()
212  *   is too inefficient.  Most backends can do better if they know they're
213  *   meant to scan all groups;  hence there's a separate backend operation,
214  *   NSS_DBOP_GROUP_BYMEMBER, which uses the nss_groupsbymem struct.
215  * Note that the normal return-value from such a backend, even when it
216  *   successfully finds matching group entries, is NSS_NOTFOUND, because
217  *   this tells the switch engine to keep searching in any more sources.
218  *   In fact, the backends only return NSS_SUCCESS if they find enough
219  *   matching entries that the gid_array is completely filled, in which
220  *   case the switch engine should stop searching.
221  * If the force_slow_way field is set, the backend should eschew any cached
222  *   information (e.g. the YP netid.byname map or the NIS+ cred.org_dir table)
223  *   and should instead grind its way through the group map/table/whatever.
224  */
225 
226 struct nss_groupsbymem {			/* For _getgroupsbymember() */
227 /* in: */
228 	const char	*username;
229 	gid_t		*gid_array;
230 	int		maxgids;
231 	int		force_slow_way;
232 	/*
233 	 * The process_cstr() routine does the real work for any backend
234 	 * that can supply a group entry as a string in /etc/group format
235 	 */
236 #if defined(__STDC__)
237 	int		(*str2ent)	(const char		*instr,
238 					int			instr_len,
239 					void *ent, char *buffer, int buflen);
240 	nss_status_t	(*process_cstr)	(const char		*instr,
241 					int			instr_len,
242 					struct nss_groupsbymem *);
243 #else
244 	int		(*str2ent)();
245 	nss_status_t	(*process_cstr)();
246 #endif
247 
248 /* in_out: */
249 	int		numgids;
250 };
251 
252 /*
253  * The netgroup routines are handled as follows:
254  *
255  *   Policy decision:
256  *	If netgroup A refers to netgroup B, both must occur in the same
257  *	source (other choices give very confusing semantics).  This
258  *	assumption is deeply embedded in the frontend and backends.
259  *
260  *    -	setnetgrent(), despite its name, is really a getXXXbyYYY operation:
261  *	it takes a name and finds a netgroup with that name (see the
262  *	nss_setnetgrent_args struct below).  The "result" that it returns
263  *	to the frontend is an nss_backend_t for a pseudo-backend that allows
264  *	one to enumerate the members of that netgroup.
265  *
266  *    -	getnetgrent() calls the 'getXXXent' function in the pseudo-backend;
267  *	it doesn't go through the switch engine at all.  It uses the
268  *	nss_getnetgrent_args struct below.
269  *
270  *    -	innetgr() is implemented on top of __multi_innetgr(), which replaces
271  *	each (char *) argument of innetgr() with a counted vector of (char *).
272  *	The semantics are the same as an OR of the results of innetgr()
273  *	operations on each possible 4-tuple picked from the arguments, but
274  *	it's possible to implement some cases more efficiently.  This is
275  *	important for mountd, which used to read YP netgroup.byhost directly
276  *	in order to determine efficiently whether a given host belonged to any
277  *	one of a long list of netgroups.  Wildcarded arguments are indicated
278  *	by a count of zero.
279  *
280  *    -	__multi_innetgr() uses the nss_innetgr_args struct.  A backend whose
281  *	source contains at least one of the groups listed in the 'groups'
282  *	vector will return NSS_SUCCESS and will set the 'status' field to
283  *	indicate whether any 4-tuple was satisfied.  A backend will only
284  *	return NSS_NOTFOUND if the source contained none of the groups
285  *	listed in the 'groups' vector.
286  */
287 
288 enum nss_netgr_argn {		/* We need (machine, user, domain) triples */
289 	NSS_NETGR_MACHINE,
290 	NSS_NETGR_USER,
291 	NSS_NETGR_DOMAIN,
292 	NSS_NETGR_N
293 };
294 
295 enum nss_netgr_status {		/* Status from setnetgrent, multi_innetgr */
296 	NSS_NETGR_FOUND,
297 	NSS_NETGR_NO,
298 	NSS_NETGR_NOMEM
299 };
300 
301 struct nss_setnetgrent_args {
302 /* in: */
303 	const char		*netgroup;
304 /* out: */
305 	nss_backend_t		*iterator;	/* <==== Explain */
306 };
307 
308 struct nss_getnetgrent_args {
309 /* in: */
310 	char			*buffer;
311 	int			buflen;
312 /* out: */
313 	enum nss_netgr_status	status;
314 	char			*retp[NSS_NETGR_N];
315 };
316 
317 typedef unsigned	nss_innetgr_argc;    /* 0 means wildcard */
318 typedef char **		nss_innetgr_argv;    /* === Do we really need these? */
319 
320 struct nss_innetgr_1arg {
321 	nss_innetgr_argc	argc;
322 	nss_innetgr_argv	argv;
323 };
324 
325 struct nss_innetgr_args {
326 /* in: */
327 	struct nss_innetgr_1arg	arg[NSS_NETGR_N];
328 	struct nss_innetgr_1arg groups;
329 /* out: */
330 	enum nss_netgr_status	status;
331 };
332 
333 
334 /*
335  * nss_XbyY_buf_t -- structure containing the generic arguments passwd to
336  *   getXXXbyYYY_r() and getXXXent_r() routines.  The (void *) value points to
337  *   a struct of the appropriate type, e.g. struct passwd or struct hostent.
338  *
339  * The functions that allocate and free these structures do no locking at
340  * all, since the routines that use them are inherently MT-unsafe anyway.
341  */
342 
343 typedef struct {
344 	void		*result;	/* "result" parameter to getXbyY_r() */
345 	char		*buffer;	/* "buffer"     "             "      */
346 	int		buflen;		/* "buflen"     "             "      */
347 } nss_XbyY_buf_t;
348 
349 #if defined(__STDC__)
350 extern nss_XbyY_buf_t	*_nss_XbyY_buf_alloc(int struct_size, int buffer_size);
351 extern void		 _nss_XbyY_buf_free(nss_XbyY_buf_t *);
352 #else
353 extern nss_XbyY_buf_t	*_nss_XbyY_buf_alloc();
354 extern void		 _nss_XbyY_buf_free();
355 #endif
356 
357 #define	NSS_XbyY_ALLOC(bufpp, str_size, buf_size)		(\
358 	(*bufpp) == 0						\
359 	? (*bufpp) = _nss_XbyY_buf_alloc(str_size, buf_size)	\
360 	: (*bufpp))						\
361 
362 #define	NSS_XbyY_FREE(bufpp)	(_nss_XbyY_buf_free(*bufpp), (*bufpp) = 0)
363 
364 /*
365  * The nss_XbyY_args_t struct contains all the information passed between
366  * frontends and backends for the getXbyY_r() and getXent() routines,
367  * including an nss_XbyY_buf_t and the lookup key (unused for getXXXent_r).
368  *
369  * The (*str2ent)() member converts a single XXXent from ASCII text to the
370  * appropriate struct, storing any pointer data (strings, in_addrs, arrays
371  * of these) in the buffer.  The ASCII text is a counted string (*not* a
372  * zero-terminated string) whose length is specified by the instr_len
373  * parameter.  The text is found at the address specified by instr and
374  * the string is treated as readonly. buffer and instr must be non-
375  * intersecting memory areas.
376  *
377  * With the exception of passwd, shadow and group, the text form for these
378  * databases allows trailing comments and arbitrary whitespace.  The
379  * corresponding str2ent routine assumes that comments, leading whitespace
380  * and trailing whitespace have been stripped (and thus assumes that entries
381  * consisting only of these have been discarded).
382  *
383  * The text entries for "rpc" and for the databases described in <netdb.h>
384  * follow a common format (a canonical name with a possibly empty list
385  * of aliases, and some other value), albeit with minor variations.
386  * The function _nss_netdb_aliases() does most of the generic work involved
387  * in parsing and marshalling these into the buffer.
388  */
389 
390 union nss_XbyY_key {	/* No tag;  backend should know what to expect */
391 	uid_t		uid;
392 	gid_t		gid;
393 	projid_t	projid;
394 	const char	*name;
395 	int		number;
396 	struct {
397 		int	net;
398 		int		type;
399 	}	netaddr;
400 	struct {
401 		const char	*addr;
402 		int		len;
403 		int		type;
404 	}	hostaddr;
405 	struct {
406 		union {
407 			const char	*name;
408 			int		port;
409 		}		serv;
410 		const char	*proto;
411 	}	serv;
412 	void *ether;
413 	struct {
414 		const char	*name;
415 		const char	*keytype;
416 	} pkey;
417 	struct {
418 		const char	*name;
419 		int		af_family;
420 		int		flags;
421 	}	ipnode;
422 	void *attrp;	/* for the new attr databases */
423 };
424 
425 typedef struct nss_XbyY_args {
426 
427 /* IN */
428 	nss_XbyY_buf_t	buf;
429 	int		stayopen;
430 			/*
431 			 * Support for setXXXent(stayopen)
432 			 * Used only in hosts, protocols,
433 			 * networks, rpc, and services.
434 			 */
435 #if defined(__STDC__)
436 	int		(*str2ent)	(const char		*instr,
437 					int			instr_len,
438 					void *ent, char *buffer, int buflen);
439 #else
440 	int		(*str2ent)();
441 #endif
442 	union nss_XbyY_key key;
443 
444 /* OUT */
445 	void		*returnval;
446 	int		erange;
447 	int		h_errno;		/* For gethost*_r() */
448 	nss_status_t	status; /* from the backend last called */
449 } nss_XbyY_args_t;
450 
451 /* status returned by the str2ent parsing routines */
452 #define	NSS_STR_PARSE_SUCCESS 0
453 #define	NSS_STR_PARSE_PARSE 1
454 #define	NSS_STR_PARSE_ERANGE 2
455 
456 #define	NSS_XbyY_INIT(str, res, bufp, len, func)	(\
457 	(str)->buf.result = (res),			\
458 	(str)->buf.buffer = (bufp),			\
459 	(str)->buf.buflen = (len),			\
460 	(str)->stayopen  = 0,				\
461 	(str)->str2ent  = (func),			\
462 	(str)->returnval = 0,				\
463 	(str)->erange    = 0)
464 
465 #define	NSS_XbyY_FINI(str)				(\
466 	(str)->returnval == 0 && (str)->erange && (errno = ERANGE), \
467 	(str)->returnval)
468 
469 #if defined(__STDC__)
470 extern char		**_nss_netdb_aliases
471 	(const char *, int, char *, int);
472 #else
473 extern char		**_nss_netdb_aliases();
474 #endif
475 
476 /*
477  * nss_dbop_t values for searches with various keys;  values for
478  * destructor/endent/setent/getent are defined in <nss_common.h>
479  */
480 
481 #define	NSS_DBOP_GROUP_BYNAME		(NSS_DBOP_next_iter)
482 #define	NSS_DBOP_GROUP_BYGID		(NSS_DBOP_GROUP_BYNAME + 1)
483 #define	NSS_DBOP_GROUP_BYMEMBER		(NSS_DBOP_GROUP_BYGID  + 1)
484 
485 #define	NSS_DBOP_PASSWD_BYNAME		(NSS_DBOP_next_iter)
486 #define	NSS_DBOP_PASSWD_BYUID		(NSS_DBOP_PASSWD_BYNAME + 1)
487 
488 /* The "compat" backend requires that PASSWD_BYNAME == SHADOW_BYNAME */
489 /*   (it also requires that both use key.name to pass the username). */
490 #define	NSS_DBOP_SHADOW_BYNAME		(NSS_DBOP_PASSWD_BYNAME)
491 
492 #define	NSS_DBOP_PROJECT_BYNAME		(NSS_DBOP_next_iter)
493 #define	NSS_DBOP_PROJECT_BYID		(NSS_DBOP_PROJECT_BYNAME + 1)
494 
495 #define	NSS_DBOP_HOSTS_BYNAME		(NSS_DBOP_next_iter)
496 #define	NSS_DBOP_HOSTS_BYADDR		(NSS_DBOP_HOSTS_BYNAME + 1)
497 
498 #define	NSS_DBOP_IPNODES_BYNAME		(NSS_DBOP_next_iter)
499 #define	NSS_DBOP_IPNODES_BYADDR		(NSS_DBOP_IPNODES_BYNAME + 1)
500 
501 /*
502  * NSS_DBOP_NAME_2ADDR
503  * NSS_DBOP_ADDR_2NAME
504  *                                : are defines for ipv6 api's
505  */
506 
507 #define	NSS_DBOP_NAME_2ADDR		(NSS_DBOP_next_ipv6_iter)
508 #define	NSS_DBOP_ADDR_2NAME		(NSS_DBOP_NAME_2ADDR + 1)
509 
510 #define	NSS_DBOP_RPC_BYNAME		(NSS_DBOP_next_iter)
511 #define	NSS_DBOP_RPC_BYNUMBER		(NSS_DBOP_RPC_BYNAME + 1)
512 
513 #define	NSS_DBOP_NETWORKS_BYNAME		(NSS_DBOP_next_iter)
514 #define	NSS_DBOP_NETWORKS_BYADDR		(NSS_DBOP_NETWORKS_BYNAME + 1)
515 
516 #define	NSS_DBOP_SERVICES_BYNAME	(NSS_DBOP_next_iter)
517 #define	NSS_DBOP_SERVICES_BYPORT	(NSS_DBOP_SERVICES_BYNAME + 1)
518 
519 #define	NSS_DBOP_PROTOCOLS_BYNAME	(NSS_DBOP_next_iter)
520 #define	NSS_DBOP_PROTOCOLS_BYNUMBER	(NSS_DBOP_PROTOCOLS_BYNAME + 1)
521 
522 #define	NSS_DBOP_ETHERS_HOSTTON	(NSS_DBOP_next_noiter)
523 #define	NSS_DBOP_ETHERS_NTOHOST	(NSS_DBOP_ETHERS_HOSTTON + 1)
524 
525 #define	NSS_DBOP_BOOTPARAMS_BYNAME	(NSS_DBOP_next_noiter)
526 #define	NSS_DBOP_NETMASKS_BYNET	(NSS_DBOP_next_noiter)
527 
528 #define	NSS_DBOP_PRINTERS_BYNAME	(NSS_DBOP_next_iter)
529 
530 /*
531  * The "real" backend for netgroup (__multi_innetgr, setnetgrent)
532  */
533 #define	NSS_DBOP_NETGROUP_IN		(NSS_DBOP_next_iter)
534 #define	NSS_DBOP_NETGROUP_SET		(NSS_DBOP_NETGROUP_IN  + 1)
535 
536 /*
537  * The backend for getpublickey and getsecretkey (getkeys)
538  */
539 #define	NSS_DBOP_KEYS_BYNAME		(NSS_DBOP_next_iter)
540 
541 /*
542  * The pseudo-backend for netgroup (returned by setnetgrent) doesn't have
543  *   any getXXXbyYYY operations, just the usual destr/end/set/get ops,
544  *   so needs no definitions here.
545  */
546 
547 #define	NSS_DBOP_ATTRDB_BYNAME		(NSS_DBOP_next_iter)
548 
549 #define	NSS_DBOP_AUDITUSER_BYNAME	NSS_DBOP_ATTRDB_BYNAME
550 #define	NSS_DBOP_AUTHATTR_BYNAME	NSS_DBOP_ATTRDB_BYNAME
551 #define	NSS_DBOP_EXECATTR_BYNAME	NSS_DBOP_ATTRDB_BYNAME
552 #define	NSS_DBOP_EXECATTR_BYID		(NSS_DBOP_EXECATTR_BYNAME + 1)
553 #define	NSS_DBOP_EXECATTR_BYNAMEID	(NSS_DBOP_EXECATTR_BYID + 1)
554 #define	NSS_DBOP_PROFATTR_BYNAME	NSS_DBOP_ATTRDB_BYNAME
555 #define	NSS_DBOP_USERATTR_BYNAME	NSS_DBOP_ATTRDB_BYNAME
556 
557 /*
558  * Used all over in the switch code. The best home for it I can think of.
559  * Power-of-two alignments only.
560  */
561 #define	ROUND_DOWN(n, align)	(((uintptr_t)n) & ~((align) - 1l))
562 #define	ROUND_UP(n, align)	ROUND_DOWN(((uintptr_t)n) + (align) - 1l, \
563 				(align))
564 
565 #ifdef	__cplusplus
566 }
567 #endif
568 
569 #endif /* _NSS_DBDEFS_H */
570