scfutil.c revision a335142544257a204dde1839676940d0e0432d06
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/* helper functions for using libscf with sharemgr */
#include <libscf.h>
#include "libshare.h"
#include "libshare_impl.h"
#include "scfutil.h"
#include <string.h>
#include <errno.h>
#include <signal.h>
extern struct sa_proto_plugin *sap_proto_list;
/*
* The SMF facility uses some properties that must exist. We want to
* skip over these when processing protocol options.
*/
static char *skip_props[] = {
"modify_authorization",
"action_authorization",
"value_authorization",
};
/*
* sa_scf_fini(handle)
*
* must be called when done. Called with the handle allocated in
* sa_scf_init(), it cleans up the state and frees any SCF resources
* still in use. Called by sa_fini().
*/
void
{
int unbind = 0;
unbind = 1;
}
if (unbind)
}
}
}
/*
* sa_scf_init()
*
* must be called before using any of the SCF functions. Called by
* sa_init() during the API setup.
*/
{
if (scf_max_name_len <= 0)
/* make sure we have sufficient SMF running */
goto err;
goto err;
}
char **protolist;
int numprotos, i;
"default", NULL);
for (i = 0; i < numprotos; i++) {
(void) sa_create_optionset(defgrp,
protolist[i]);
}
}
}
} else {
goto err;
}
} else {
goto err;
}
} else {
(void) printf("libshare could not access SMF repository: %s\n",
scf_strerror(scf_error()));
}
}
return (handle);
err:
(void) sa_scf_fini(handle);
(void) printf("libshare SMF initialization problem: %s\n",
scf_strerror(scf_error()));
return (NULL);
}
/*
* get_scf_limit(name)
*
* Since we use scf_limit a lot and do the same check and return the
* same value if it fails, implement as a function for code
* simplification. Basically, if name isn't found, return MAXPATHLEN
* (1024) so we have a reasonable default buffer size.
*/
static ssize_t
{
vallen = MAXPATHLEN;
return (vallen);
}
/*
* skip_property(name)
*
* internal function to check to see if a property is an SMF magic
* property that needs to be skipped.
*/
static int
skip_property(char *name)
{
int i;
for (i = 0; skip_props[i] != NULL; i++)
return (1);
return (0);
}
/*
* generate_unique_sharename(sharename)
*
* Shares are represented in SMF as property groups. Due to share
* paths containing characters that are not allowed in SMF names and
* the need to be unique, we use UUIDs to construct a unique name.
*/
static void
{
}
/*
* valid_protocol(proto)
*
* check to see if the specified protocol is a valid one for the
* general sharemgr facility. We determine this by checking which
* plugin protocols were found.
*/
static int
valid_protocol(char *proto)
{
struct sa_proto_plugin *plugin;
return (1);
return (0);
}
/*
* sa_extract_pgroup(root, handle, pg, nodetype, proto, sectype)
*
* extract the name property group and create the specified type of
* node on the provided group. type will be optionset or security.
*/
static int
{
char *name;
char *valuestr;
/*
* have node to work with so iterate over the properties
* in the pg and create option sub nodes.
*/
/*
* want to iterate through the properties and add them
* to the base optionset.
*/
/* now iterate the properties in the group */
/* have a property */
scf_max_name_len) > 0) {
/* some properties are part of the framework */
if (skip_property(name))
continue;
vallen) >= 0) {
valuestr);
/*
* since in SMF, don't
* recurse. Use xmlAddChild
* directly, instead.
*/
(xmlNodePtr) saprop);
}
}
}
}
}
}
} else {
ret = SA_NO_MEMORY;
}
/* cleanup to avoid memory leaks */
}
return (ret);
}
/*
* sa_extract_attrs(root, handle, instance)
*
* local function to extract the actual attributes/properties from the
* property group of the service instance. These are the well known
* attributes of "state" and "zfs". If additional attributes are
* added, they should be added here.
*/
static void
{
char *valuestr;
/*
* have a property group with desired name so now get
* the known attributes.
*/
/* found the property so get the value */
}
}
}
/* found the property so get the value */
}
}
}
}
}
/*
* list of known share attributes.
*/
static char *share_attr[] = {
"path",
"id",
"resource",
NULL,
};
static int
is_share_attr(char *name)
{
int i;
for (i = 0; share_attr[i] != NULL; i++)
return (1);
return (0);
}
/*
* sa_share_from_pgroup
*
* extract the share definition from the share property group. We do
* some sanity checking to avoid bad data.
*
* Since this is only constructing the internal data structures, we
* don't use the sa_* functions most of the time.
*/
void
{
char *name;
char *valuestr;
int have_path = 0;
/*
* While preliminary check (starts with 'S') passed before
* getting here. Need to make sure it is in ID syntax
* (Snnnnnn). Note that shares with properties have similar
* pgroups.
*/
return;
} else {
return;
}
/*
* construct the share XML node. It is similar to sa_add_share
* but never changes the repository. Also, there won't be any
* ZFS or transient shares. Root will be the group it is
* associated with.
*/
/*
* make sure the UUID part of the property group is
* stored in the share "id" property. We use this
* later.
*/
}
/* iterate over the share pg properties */
scf_max_name_len) > 0) {
vallen) >= 0) {
}
}
}
/*
* check that we have the "path" property in
* name. The string in name will always be nul
* terminated if scf_property_get_name()
* succeeded.
*/
have_path = 1;
if (is_share_attr(name)) {
/*
* if a share attr, then simple -
* usually path and resource name
*/
} else {
/* we have a description node */
(xmlChar *)"description",
NULL);
}
}
}
}
}
}
/*
* a share without a path is broken so we want to not include
* these. They shouldn't happen but if you kill a sharemgr in
* the process of creating a share, it could happen. They
* should be harmless. It is also possible that another
* sharemgr is running and in the process of creating a share.
*/
}
}
/*
* find_share_by_id(shareid)
*
* Search all shares in all groups until we find the share represented
* by "id".
*/
static sa_share_t
{
int done = 0;
done++;
break;
}
}
}
}
return (share);
}
/*
* sa_share_props_from_pgroup(root, handle, pg, id)
*
* extract share properties from the SMF property group. More sanity
* checks are done and the share object is created. We ignore some
* errors that could exist in the repository and only worry about
* property groups that validate in naming.
*/
static int
{
char *name;
char *valuestr;
char *proto;
/*
* While preliminary check (starts with 'S') passed before
* getting here. Need to make sure it is in ID syntax
* (Snnnnnn). Note that shares with properties have similar
* pgroups. If the pg name is more than SA_SHARE_PG_LEN
* versions.
*/
return (ret);
*proto++ = '\0';
return (ret);
/*
* probably a legal optionset so check a few more
* syntax points below.
*/
if (*proto == '\0') {
/* not a valid proto (null) */
return (ret);
}
*sectype++ = '\0';
if (!valid_protocol(proto))
return (ret);
}
} else {
/*
* it is ok to not have what we thought since someone might
* have added a name via SMF.
*/
return (ret);
}
/*
* to get here, we have a valid protocol and possibly a
* security. We now have to find the share that it is really
* associated with. The "id" portion of the pgroup name will
* match.
*/
return (SA_BAD_PATH);
else {
}
/* now find the properties */
/* iterate over the share pg properties */
scf_max_name_len) > 0) {
vallen) >= 0) {
}
}
} else {
ret = SA_SYSTEM_ERR;
}
(xmlNodePtr)prop);
else
ret = SA_NO_MEMORY;
}
}
} else {
ret = SA_SYSTEM_ERR;
}
}
} else {
ret = SA_NO_MEMORY;
}
return (ret);
}
/*
* sa_extract_group(root, handle, instance)
*
* get the config info for this instance of a group and create the XML
* subtree from it.
*/
static int
{
char *buff;
char *proto;
char *sectype;
int have_shares = 0;
int has_proto = 0;
int is_default = 0;
int err;
scf_max_name_len) > 0) {
is_default++;
/*
* Iterate through all the property groups
* looking for those with security or
* optionset prefixes. The names of the
* matching pgroups are parsed to get the
* protocol, and for security, the sectype.
* Syntax is as follows:
* optionset | optionset_<proto>
* security_default | security_<proto>_<sectype>
* "operation" is handled by
* sa_extract_attrs().
*/
/* have a pgroup so sort it out */
if (ret > 0) {
if (buff[0] == SA_SHARE_PG_PREFIX[0]) {
buff);
have_shares++;
0) {
char *nodetype = "optionset";
/* have an optionset */
*proto++ = '\0';
*sectype++ = '\0';
nodetype = "security";
}
}
has_proto++;
"security", 8) == 0) {
/*
* have a security (note that
* this should change in the
* future)
*/
*proto++ = '\0';
*sectype++ = '\0';
}
"security", proto,
sectype);
has_proto++;
}
/* ignore everything else */
}
}
} else {
ret = SA_NO_MEMORY;
}
/*
* Make sure we have a valid default group.
* On first boot, default won't have any
* protocols defined and won't be enabled (but
* should be).
*/
if (is_default) {
"state");
char **protos;
int numprotos;
int i;
/* set attribute to enabled */
"state",
"enabled");
/* we can assume no protocols */
for (i = 0; i < numprotos; i++)
protos[i]);
if (numprotos > 0)
} else {
}
}
/* do a second pass if shares were found */
if (have_shares &&
/*
* have a pgroup so see if it is a
* share optionset
*/
if (err > 0) {
if (buff[0] == SA_SHARE_PG_PREFIX[0]) {
}
}
}
}
}
}
}
}
return (ret);
}
/*
* sa_extract_defaults(root, handle, instance)
*
* local function to find the default properties that live in the
* default instance's "operation" proprerty group.
*/
static void
{
char *valuestr;
"legacy-timestamp", prop) == 0) {
/* found the property so get the value */
NULL);
(xmlChar *)SA_LEGACY_DFSTAB);
}
}
}
}
}
}
/*
* sa_get_config(handle, root, doc, sahandlec)
*
* instances. These become group names. Then add the XML structure
* below the groups based on property groups and properties.
*/
int
{
instance)) > 0) {
sizeof (buff)) > 0) {
sahandle);
}
}
}
}
/* always cleanup these */
return (ret);
}
/*
* sa_get_instance(handle, instance)
*
* get the instance of the group service. This is actually the
* specific group name. The instance is needed for all property and
* control operations.
*/
int
{
return (SA_NO_SUCH_GROUP);
}
return (SA_OK);
}
/*
* sa_create_instance(handle, instname)
*
* Create a new SMF service instance. There can only be one with a
* given name.
*/
int
{
char instance[SA_GROUP_INST_LEN];
/* better error returns need to be added based on real error */
if (scf_error() == SCF_ERROR_PERMISSION_DENIED)
else
} else {
/* have the service created, so enable it */
(void) smf_enable_instance(instance, 0);
}
return (ret);
}
/*
* sa_delete_instance(handle, instname)
*
* When a group goes away, we also remove the service instance.
*/
int
{
int ret;
} else {
/* need better analysis */
}
}
return (ret);
}
/*
* sa_create_pgroup(handle, pgroup)
*
* create a new property group
*/
int
{
/*
* only create a handle if it doesn't exist. It is ok to exist
* since the pg handle will be set as a side effect.
*/
}
/*
* if the pgroup exists, we are done. If it doesn't, then we
* need to actually add one to the service instance.
*/
/* doesn't exist so create one */
switch (scf_error()) {
break;
default:
ret = SA_SYSTEM_ERR;
break;
}
}
}
return (ret);
}
/*
* sa_delete_pgroup(handle, pgroup)
*
* remove the property group from the current instance of the service,
* but only if it actually exists.
*/
int
{
/*
* only delete if it does exist.
*/
/* does exist so delete it */
ret = SA_SYSTEM_ERR;
}
} else {
ret = SA_SYSTEM_ERR;
}
if (ret == SA_SYSTEM_ERR &&
scf_error() == SCF_ERROR_PERMISSION_DENIED) {
}
return (ret);
}
/*
* sa_start_transaction(handle, pgroup)
*
* Start an SMF transaction so we can deal with properties. it would
* be nice to not have to expose this, but we have to in order to
* optimize.
*
* Basic model is to hold the transaction in the handle and allow
* transaction (or abort). There may eventually be a need to handle
* other types of transaction mechanisms but we don't do that now.
*
* An sa_start_transaction must be followed by either an
* sa_end_transaction or sa_abort_transaction before another
* sa_start_transaction can be done.
*/
int
{
/*
* lookup the property group and create it if it doesn't already
* exist.
*/
ret = SA_SYSTEM_ERR;
}
}
} else {
ret = SA_SYSTEM_ERR;
}
}
}
if (ret == SA_SYSTEM_ERR &&
scf_error() == SCF_ERROR_PERMISSION_DENIED) {
}
return (ret);
}
/*
* sa_end_transaction(handle)
*
* Commit the changes that were added to the transaction in the
* handle. Do all necessary cleanup.
*/
int
{
ret = SA_SYSTEM_ERR;
} else {
ret = SA_SYSTEM_ERR;
}
return (ret);
}
/*
* sa_abort_transaction(handle)
*
* Abort the changes that were added to the transaction in the
* handle. Do all necessary cleanup.
*/
void
{
}
}
/*
* sa_set_property(handle, prop, value)
*
* set a property transaction entry into the pending SMF transaction.
*/
int
{
/*
* properties must be set in transactions and don't take
*/
SCF_TYPE_ASTRING) == 0 ||
SCF_TYPE_ASTRING) == 0) {
ret = SA_SYSTEM_ERR;
}
/* the value is in the transaction */
} else {
/* value couldn't be constructed */
ret = SA_SYSTEM_ERR;
}
/* the entry is in the transaction */
} else {
ret = SA_SYSTEM_ERR;
}
} else {
ret = SA_SYSTEM_ERR;
}
if (ret == SA_SYSTEM_ERR) {
switch (scf_error()) {
break;
}
}
/*
* cleanup if there were any errors that didn't leave these
* values where they would be cleaned up later.
*/
return (ret);
}
/*
* sa_commit_share(handle, group, share)
*
* commit this share to the repository.
* properties are added if they exist but can be added later.
* Need to add to dfstab and sharetab, if appropriate.
*/
int
{
char *groupname;
char *name;
char *resource;
char *description;
char *sharename;
char *propstring;
/*
* don't commit in the zfs group. We do commit legacy
* through the ZFS configuration rather than SMF.
*/
/*
* adding to the ZFS group will result in the sharenfs
* property being set but we don't want to do anything
* SMF related at this point.
*/
return (ret);
}
}
if (propstring == NULL)
ret = SA_NO_MEMORY;
/* slipped by */
char shname[SA_SHARE_UUID_BUFLEN];
}
/*
* have a share name allocated so create a pgroup for
* it. It may already exist, but that is OK. In order
* to avoid creating a share pgroup that doesn't have
* a path property, block signals around the critical
* region of creating the share pgroup and props.
*/
/*
* now start the transaction for the
* properties that define this share. They may
* exist so attempt to update before create.
*/
}
/* there needs to be a path for a share to exist */
} else {
ret = SA_NO_MEMORY;
}
}
}
}
if (description != NULL) {
}
}
/* make sure we cleanup the transaction */
} else {
}
}
}
if (ret == SA_SYSTEM_ERR) {
if (err == SCF_ERROR_PERMISSION_DENIED)
}
if (propstring != NULL)
return (ret);
}
/*
* sa_delete_share(handle, group, share)
*
* remove the specified share from the group (and service instance).
*/
int
{
char *propstring;
if (propstring == NULL)
ret = SA_NO_MEMORY;
/* if a share has properties, remove them */
char *proto;
} else {
ret = SA_NO_MEMORY;
}
}
/*
* if a share has security/negotiable
* properties, remove them.
*/
char *proto;
char *sectype;
} else {
ret = SA_NO_MEMORY;
}
}
}
} else {
ret = SA_CONFIG_ERR;
}
}
if (propstring != NULL)
return (ret);
}