[1563] in Moira
acl.gen KERBEROS support
daemon@ATHENA.MIT.EDU (Garry Zacheiss)
Thu Jun 1 19:42:54 2000
Message-Id: <200006012342.TAA28025@sweet-transvestite.mit.edu>
To: moiradev@MIT.EDU
Date: Thu, 01 Jun 2000 19:42:50 -0400
From: Garry Zacheiss <zacheiss@MIT.EDU>
This implements support for type KERBEROS members on access
files, passwd files, and group files. It should work equally well for
fully qualified and non-qualified KERBEROS entries, and will only output
KERBEROS entries corresponding to valid users so it won't try to produce
passwd entries for rcmd.euterpe, etc.
Index: acl.pc
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/gen/acl.pc,v
retrieving revision 1.2
diff -c -r1.2 acl.pc
*** acl.pc 2000/01/24 03:42:11 1.2
--- acl.pc 2000/06/01 23:39:07
***************
*** 132,137 ****
--- 132,139 ----
{
struct save_queue *sq = get_acl("LIST", lid, merge_access_bits);
struct imember *m;
+ char *name, *lasts = NULL;
+ int i = 0;
while (sq_remove_data(sq, &m))
{
***************
*** 143,148 ****
--- 145,163 ----
else
fprintf(out, "%-10s rl\n", m->name);
}
+ else if (m->type == 'K')
+ {
+ name = strtok_r(m->name, "@", &lasts);
+ EXEC SQL SELECT count(login) INTO :i FROM users
+ WHERE login = :name;
+ if (i == 1)
+ {
+ if (*(m->tag))
+ fprintf(out, "%-10s %s\n", m->name, m->tag);
+ else
+ fprintf(out, "%-10s rl\n", m->name);
+ }
+ }
freeimember(m);
}
sq_destroy(sq);
***************
*** 250,257 ****
char shell[USERS_SHELL_SIZE], fullname[USERS_FULLNAME_SIZE];
char nickname[USERS_NICKNAME_SIZE], oa[USERS_OFFICE_ADDR_SIZE];
char op[USERS_OFFICE_PHONE_SIZE], hp[USERS_HOME_PHONE_SIZE];
! int uid;
! char *name;
EXEC SQL END DECLARE SECTION;
while (sq_remove_data(sq, &m))
--- 265,272 ----
char shell[USERS_SHELL_SIZE], fullname[USERS_FULLNAME_SIZE];
char nickname[USERS_NICKNAME_SIZE], oa[USERS_OFFICE_ADDR_SIZE];
char op[USERS_OFFICE_PHONE_SIZE], hp[USERS_HOME_PHONE_SIZE];
! int uid, i = 0;
! char *name, *n, *lasts = NULL;
EXEC SQL END DECLARE SECTION;
while (sq_remove_data(sq, &m))
***************
*** 279,284 ****
--- 294,326 ----
fprintf(out, "%s:*:%d:101:%s,%s,%s,%s,%s:/mit/%s:%s\n",
name, uid, fullname, nickname, oa, op, hp, name, shell);
break;
+
+ case 'K':
+ name = strtok_r(m->name, "@", &lasts);
+
+ EXEC SQL SELECT count(login) INTO :i FROM users WHERE
+ login = :name;
+ if (i == 1)
+ {
+ EXEC SQL SELECT unix_uid, shell, fullname, nickname,
+ office_addr, office_phone, home_phone
+ INTO :uid, :shell, :fullname, :nickname, :oa, :op, :hp
+ FROM users
+ WHERE login = :name AND status != 3;
+ if (sqlca.sqlcode)
+ continue;
+
+ strtrim(shell);
+ strtrim(fullname);
+ strtrim(nickname);
+ strtrim(op);
+ strtrim(oa);
+ strtrim(hp);
+
+ fprintf(out, "%s:*:%d:101:%s,%s,%s,%s,%s:/mit/%s:%s\n",
+ name, uid, fullname, nickname, oa, op, hp, name, shell);
+ }
+ break;
}
freeimember(m);
}
***************
*** 291,302 ****
void dump_group_file(FILE *out, int id)
{
EXEC SQL BEGIN DECLARE SECTION;
! int lid = id, mid, gid, grouplist;
char mtype[IMEMBERS_MEMBER_TYPE_SIZE], name[LIST_NAME_SIZE];
EXEC SQL END DECLARE SECTION;
struct save_queue *sq;
struct imember *m;
! char *maybecomma, *s;
EXEC SQL DECLARE csr_grp CURSOR FOR
SELECT member_type, member_id FROM imembers
--- 333,344 ----
void dump_group_file(FILE *out, int id)
{
EXEC SQL BEGIN DECLARE SECTION;
! int lid = id, mid, gid, grouplist, i = 0;
char mtype[IMEMBERS_MEMBER_TYPE_SIZE], name[LIST_NAME_SIZE];
EXEC SQL END DECLARE SECTION;
struct save_queue *sq;
struct imember *m;
! char *maybecomma, *s, *n, *lasts = NULL;
EXEC SQL DECLARE csr_grp CURSOR FOR
SELECT member_type, member_id FROM imembers
***************
*** 329,334 ****
--- 371,387 ----
{
fprintf(out, "%s%s", maybecomma, m->name);
maybecomma = ",";
+ }
+ else if (m->type == 'K')
+ {
+ n = strtok_r(m->name, "@", &lasts);
+ EXEC SQL SELECT count(login) INTO :i FROM users
+ WHERE login = :n;
+ if (i == 1)
+ {
+ fprintf(out, "%s%s", maybecomma, n);
+ maybecomma = ",";
+ }
}
freeimember(m);
}
