/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2013 RackTop Systems.
*/
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>
#include <auth_attr.h>
#include <prof_attr.h>
#include <user_attr.h>
#include <project.h>
#include <secdb.h>
#include <pwd.h>
#include <unistd.h>
#include <priv.h>
#include <errno.h>
#include <ctype.h>
#include <nss.h>
#include "funcs.h"
#include "messages.h"
#include "userdefs.h"
typedef struct ua_key {
const char *key;
const char *(*check)(const char *);
const char *errstr;
char *newvalue;
} ua_key_t;
static const char *check_auth(const char *);
static const char *check_prof(const char *);
static const char *check_role(const char *);
static const char *check_proj(const char *);
static const char *check_privset(const char *);
static const char *check_type(const char *);
static const char *check_lock_after_retries(const char *);
static const char *check_label(const char *);
static const char *check_idlecmd(const char *);
static const char *check_idletime(const char *);
static const char *check_auditflags(const char *);
int nkeys;
/* First entry is always set correctly in main() */
};
/*
* Change a key, there are three different call sequences:
*
* key, value - key with option letter, value.
* NULL, value - -K key=value option.
*/
void
{
int i;
const char *res;
/* Bad value */
}
*value++ = '\0';
}
for (i = 0; i < NKEYS; i++) {
/* Can't set a value twice */
}
}
nkeys++;
return;
}
}
}
/*
* Add the keys to the argument vector.
*/
void
{
int i;
for (i = 0; i < NKEYS; i++) {
char *arg;
continue;
}
}
/*
* Propose a default value for a key and get the actual value back.
* If the proposed default value is NULL, return the actual value set.
* The key argument is the user_attr key.
*/
char *
{
int i;
for (i = 0; i < NKEYS; i++)
else
}
return (NULL);
}
char *
{
char *cmd;
++cmd;
else
/* get user type based on the program name */
strlen(CMD_PREFIX_USER)) == 0)
else
return (usertype);
}
int
{
return (1);
/* not a role */
return (0);
}
/*
* Verifies the provided list of authorizations are all valid.
*
* Returns NULL if all authorization names are valid.
* Otherwise, returns the invalid authorization name
*
*/
static const char *
{
char *authname;
char *tmp;
int have_grant = 0;
}
return (authname);
}
char *suffix;
char *authtoks;
/* Check if user has been granted this authorization */
return (authname);
/* Remove named object after slash */
*suffix = '\0';
/* Find the suffix */
return (authname);
/* Check for existence in auth_attr */
suffix++;
/* can't find the auth */
return (authname);
}
}
/* Check if user can delegate this authorization */
have_grant = 0;
!have_grant) {
have_grant = 1;
else
*suffix = '\0';
}
if (!have_grant)
return (authname);
}
}
return (NULL);
}
/*
* Verifies the provided list of profile names are valid.
*
* Returns NULL if all profile names are valid.
* Otherwise, returns the invalid profile name
*
*/
static const char *
{
char *profname;
char *tmp;
}
/* can't find the profile */
return (profname);
}
}
return (NULL);
}
/*
* Verifies the provided list of role names are valid.
*
* Returns NULL if all role names are valid.
* Otherwise, returns the invalid role name
*
*/
static const char *
{
char *rolename;
char *utype;
char *tmp;
}
/* can't find the rolename */
return (rolename);
}
/* Now, make sure it is a role */
/* no user type defined. not a role */
return (rolename);
}
return (rolename);
}
}
return (NULL);
}
static const char *
{
if (getprojidbyname(proj) < 0) {
return (proj);
} else {
return (NULL);
}
}
static const char *
{
const char *res;
return (res);
}
static const char *
{
return (type);
return (NULL);
}
static const char *
{
(*keyval != '\0')) {
return (keyval);
}
}
return (NULL);
}
static const char *
{
int err;
if (!is_system_labeled())
return (NULL);
if (err == -1)
return (labelstr);
return (NULL);
}
static const char *
{
return (cmd);
}
return (NULL);
}
static const char *
{
int c;
c = *up;
while (c != '\0') {
if (!isdigit(c))
return (time);
c = *++up;
}
return (NULL);
}
static const char *
{
char *flags;
/* if deleting audit_flags */
if (*auditflags == '\0') {
return (NULL);
}
}
"always mask \"%s\"", err);
return (auditerr);
}
"never mask \"%s\"", err);
return (auditerr);
}
return (auditerr);
}
return (NULL);
}