/* $NetBSD: homedir.c,v 1.3 2025/09/05 21:16:32 christos Exp $ */
/* homedir.c - create/remove user home directories */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software .
*
* Copyright 2009-2024 The OpenLDAP Foundation.
* Portions copyright 2009-2010 Symas Corporation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* .
*/
/* ACKNOWLEDGEMENTS:
* This work was initially developed by Emily Backes at Symas
* Corp. for inclusion in OpenLDAP Software.
*/
#include
__RCSID("$NetBSD: homedir.c,v 1.3 2025/09/05 21:16:32 christos Exp $");
#include "portable.h"
#ifdef SLAPD_OVER_HOMEDIR
#define _FILE_OFFSET_BITS 64
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include "slap.h"
#include "slap-config.h"
#define DEFAULT_MIN_UID ( 100 )
#define DEFAULT_SKEL ( LDAP_DIRSEP "etc" LDAP_DIRSEP "skel" )
typedef struct homedir_regexp {
char *match;
char *replace;
regex_t compiled;
struct homedir_regexp *next;
} homedir_regexp;
typedef enum {
DEL_IGNORE,
DEL_DELETE,
DEL_ARCHIVE
} delete_style;
typedef struct homedir_data {
char *skeleton_path;
unsigned min_uid;
AttributeDescription *home_ad;
AttributeDescription *uidn_ad;
AttributeDescription *gidn_ad;
homedir_regexp *regexps;
delete_style style;
char *archive_path;
} homedir_data;
typedef struct homedir_cb_data {
slap_overinst *on;
Entry *entry;
} homedir_cb_data;
typedef struct name_list {
char *name;
struct stat st;
struct name_list *next;
} name_list;
typedef struct name_list_list {
name_list *list;
struct name_list_list *next;
} name_list_list;
typedef enum {
TRAVERSE_CB_CONTINUE,
TRAVERSE_CB_DONE,
TRAVERSE_CB_FAIL
} traverse_cb_ret;
/* private, file info, context */
typedef traverse_cb_ret (*traverse_cb_func)(
void *,
const char *,
const struct stat *,
void * );
typedef struct traverse_cb {
traverse_cb_func pre_func;
traverse_cb_func post_func;
void *pre_private;
void *post_private;
} traverse_cb;
typedef struct copy_private {
int source_prefix_len;
const char *dest_prefix;
int dest_prefix_len;
uid_t uidn;
gid_t gidn;
} copy_private;
typedef struct chown_private {
uid_t old_uidn;
uid_t new_uidn;
gid_t old_gidn;
gid_t new_gidn;
} chown_private;
typedef struct ustar_header {
char name[100];
char mode[8];
char uid[8];
char gid[8];
char size[12];
char mtime[12];
char checksum[8];
char typeflag[1];
char linkname[100];
char magic[6];
char version[2];
char uname[32];
char gname[32];
char devmajor[8];
char devminor[8];
char prefix[155];
char pad[12];
} ustar_header;
typedef struct tar_private {
FILE *file;
const char *name;
} tar_private;
/* FIXME: This mutex really needs to be executable-global, but this
* will have to do for now.
*/
static ldap_pvt_thread_mutex_t readdir_mutex;
static ConfigDriver homedir_regexp_cfg;
static ConfigDriver homedir_style_cfg;
static slap_overinst homedir;
static ConfigTable homedircfg[] = {
{ "homedir-skeleton-path", "pathname", 2, 2, 0,
ARG_STRING|ARG_OFFSET,
(void *)offsetof(homedir_data, skeleton_path),
"( OLcfgCtAt:8.1 "
"NAME 'olcSkeletonPath' "
"DESC 'Pathname for home directory skeleton template' "
"SYNTAX OMsDirectoryString "
"SINGLE-VALUE )",
NULL, { .v_string = DEFAULT_SKEL }
},
{ "homedir-min-uidnumber", "uid number", 2, 2, 0,
ARG_UINT|ARG_OFFSET,
(void *)offsetof(homedir_data, min_uid),
"( OLcfgCtAt:8.2 "
"NAME 'olcMinimumUidNumber' "
"DESC 'Minimum uidNumber attribute to consider' "
"SYNTAX OMsInteger "
"SINGLE-VALUE )",
NULL, { .v_uint = DEFAULT_MIN_UID }
},
{ "homedir-regexp", "regexp> bi;
homedir_data *data = (homedir_data *)on->on_bi.bi_private;
int rc = ARG_BAD_CONF;
assert( data != NULL );
switch ( c->op ) {
case SLAP_CONFIG_EMIT: {
int i;
homedir_regexp *r;
struct berval bv;
char buf[4096];
bv.bv_val = buf;
for ( i = 0, r = data->regexps; r != NULL; ++i, r = r->next ) {
bv.bv_len = snprintf( buf, sizeof(buf), "{%d}%s %s", i,
r->match, r->replace );
if ( bv.bv_len >= sizeof(buf) ) {
Debug( LDAP_DEBUG_ANY, "homedir_regexp_cfg: "
"emit serialization failed: size %lu\n",
(unsigned long)bv.bv_len );
return ARG_BAD_CONF;
}
value_add_one( &c->rvalue_vals, &bv );
}
rc = 0;
} break;
case LDAP_MOD_DELETE:
if ( c->valx < 0 ) { /* delete all values */
homedir_regexp *r, *rnext;
for ( r = data->regexps; r != NULL; r = rnext ) {
rnext = r->next;
ch_free( r->match );
ch_free( r->replace );
regfree( &r->compiled );
ch_free( r );
}
data->regexps = NULL;
rc = 0;
} else { /* delete value by index*/
homedir_regexp **rp, *r;
int i;
for ( i = 0, rp = &data->regexps; i < c->valx;
++i, rp = &(*rp)->next )
;
r = *rp;
*rp = r->next;
ch_free( r->match );
ch_free( r->replace );
regfree( &r->compiled );
ch_free( r );
rc = 0;
}
break;
case LDAP_MOD_ADD: /* fallthrough */
case SLAP_CONFIG_ADD: { /* add values */
char *match = c->argv[1];
char *replace = c->argv[2];
regex_t compiled;
homedir_regexp **rp, *r;
memset( &compiled, 0, sizeof(compiled) );
rc = regcomp( &compiled, match, REG_EXTENDED );
if ( rc ) {
regerror( rc, &compiled, c->cr_msg, sizeof(c->cr_msg) );
regfree( &compiled );
return ARG_BAD_CONF;
}
r = ch_calloc( 1, sizeof(homedir_regexp) );
r->match = strdup( match );
r->replace = strdup( replace );
r->compiled = compiled;
if ( c->valx == -1 ) { /* append */
for ( rp = &data->regexps; ( *rp ) != NULL;
rp = &(*rp)->next )
;
*rp = r;
} else { /* insert at valx */
int i;
for ( i = 0, rp = &data->regexps; i < c->valx;
rp = &(*rp)->next, ++i )
;
r->next = *rp;
*rp = r;
}
rc = 0;
break;
}
default:
abort();
}
return rc;
}
static int
homedir_style_cfg( ConfigArgs *c )
{
slap_overinst *on = (slap_overinst *)c->bi;
homedir_data *data = (homedir_data *)on->on_bi.bi_private;
int rc = ARG_BAD_CONF;
struct berval bv;
assert( data != NULL );
switch ( c->op ) {
case SLAP_CONFIG_EMIT:
bv.bv_val = data->style == DEL_IGNORE ? "IGNORE" :
data->style == DEL_DELETE ? "DELETE" :
"ARCHIVE";
bv.bv_len = strlen( bv.bv_val );
rc = value_add_one( &c->rvalue_vals, &bv );
if ( rc != 0 ) return ARG_BAD_CONF;
break;
case LDAP_MOD_DELETE:
data->style = DEL_IGNORE;
rc = 0;
break;
case LDAP_MOD_ADD: /* fallthrough */
case SLAP_CONFIG_ADD: /* add values */
if ( strcasecmp( c->argv[1], "IGNORE" ) == 0 )
data->style = DEL_IGNORE;
else if ( strcasecmp( c->argv[1], "DELETE" ) == 0 )
data->style = DEL_DELETE;
else if ( strcasecmp( c->argv[1], "ARCHIVE" ) == 0 )
data->style = DEL_ARCHIVE;
else {
Debug( LDAP_DEBUG_ANY, "homedir_style_cfg: "
"unrecognized style keyword\n" );
return ARG_BAD_CONF;
}
rc = 0;
break;
default:
abort();
}
return rc;
}
#define HOMEDIR_NULLWRAP(x) ( ( x ) == NULL ? "unknown" : (x) )
static void
report_errno( const char *parent_func, const char *func, const char *filename )
{
int save_errno = errno;
char ebuf[1024];
Debug( LDAP_DEBUG_ANY, "homedir: "
"%s: %s: \"%s\": %d (%s)\n",
HOMEDIR_NULLWRAP(parent_func), HOMEDIR_NULLWRAP(func),
HOMEDIR_NULLWRAP(filename), save_errno,
AC_STRERROR_R( save_errno, ebuf, sizeof(ebuf) ) );
}
static int
copy_link(
const char *dest_file,
const char *source_file,
const struct stat *st,
uid_t uidn,
gid_t gidn,
void *ctx )
{
char *buf = NULL;
int rc;
assert( dest_file != NULL );
assert( source_file != NULL );
assert( st != NULL );
assert( (st->st_mode & S_IFMT) == S_IFLNK );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_link: %s to %s\n",
source_file, dest_file );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_link: %s uid %ld gid %ld\n",
dest_file, (long)uidn, (long)gidn );
/* calloc +1 for terminator */
buf = ber_memcalloc_x( 1, st->st_size + 1, ctx );
if ( buf == NULL ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"copy_link: alloc failed\n" );
return 1;
}
rc = readlink( source_file, buf, st->st_size );
if ( rc == -1 ) {
report_errno( "copy_link", "readlink", source_file );
goto fail;
}
rc = symlink( buf, dest_file );
if ( rc ) {
report_errno( "copy_link", "symlink", dest_file );
goto fail;
}
rc = lchown( dest_file, uidn, gidn );
if ( rc ) {
report_errno( "copy_link", "lchown", dest_file );
goto fail;
}
goto out;
fail:
rc = 1;
out:
if ( buf != NULL ) ber_memfree_x( buf, ctx );
return rc;
}
static int
copy_blocks(
FILE *source,
FILE *dest,
const char *source_file,
const char *dest_file )
{
char buf[4096];
size_t nread = 0;
int done = 0;
while ( !done ) {
nread = fread( buf, 1, sizeof(buf), source );
if ( nread == 0 ) {
if ( feof( source ) ) {
done = 1;
} else if ( ferror( source ) ) {
if ( source_file != NULL )
Debug( LDAP_DEBUG_ANY, "homedir: "
"read error on %s\n",
source_file );
goto fail;
}
} else {
size_t nwritten = 0;
nwritten = fwrite( buf, 1, nread, dest );
if ( nwritten < nread ) {
if ( dest_file != NULL )
Debug( LDAP_DEBUG_ANY, "homedir: "
"write error on %s\n",
dest_file );
goto fail;
}
}
}
return 0;
fail:
return 1;
}
static int
copy_file(
const char *dest_file,
const char *source_file,
uid_t uid,
gid_t gid,
int mode )
{
FILE *source = NULL;
FILE *dest = NULL;
int rc;
assert( dest_file != NULL );
assert( source_file != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_file: %s to %s mode 0%o\n",
source_file, dest_file, mode );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_file: %s uid %ld gid %ld\n",
dest_file, (long)uid, (long)gid );
source = fopen( source_file, "rb" );
if ( source == NULL ) {
report_errno( "copy_file", "fopen", source_file );
goto fail;
}
dest = fopen( dest_file, "wb" );
if ( dest == NULL ) {
report_errno( "copy_file", "fopen", dest_file );
goto fail;
}
rc = copy_blocks( source, dest, source_file, dest_file );
if ( rc != 0 ) goto fail;
fclose( source );
source = NULL;
rc = fclose( dest );
dest = NULL;
if ( rc != 0 ) {
report_errno( "copy_file", "fclose", dest_file );
goto fail;
}
/* set owner/permission */
rc = lchown( dest_file, uid, gid );
if ( rc != 0 ) {
report_errno( "copy_file", "lchown", dest_file );
goto fail;
}
rc = chmod( dest_file, mode );
if ( rc != 0 ) {
report_errno( "copy_file", "chmod", dest_file );
goto fail;
}
rc = 0;
goto out;
fail:
rc = 1;
out:
if ( source != NULL ) fclose( source );
if ( dest != NULL ) fclose( dest );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_file: %s to %s exit %d\n",
source_file, dest_file, rc );
return rc;
}
static void
free_name_list( name_list *names, void *ctx )
{
name_list *next;
while ( names != NULL ) {
next = names->next;
if ( names->name != NULL ) ber_memfree_x( names->name, ctx );
ber_memfree_x( names, ctx );
names = next;
}
}
static int
grab_names( const char *dir_path, name_list **names, void *ctx )
{
int locked = 0;
DIR *dir = NULL;
struct dirent *entry = NULL;
name_list **tail = NULL;
int dir_path_len = 0;
int rc = 0;
assert( dir_path != NULL );
assert( names != NULL );
assert( *names == NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"grab_names: %s\n", dir_path );
tail = names;
dir_path_len = strlen( dir_path );
ldap_pvt_thread_mutex_lock( &readdir_mutex );
locked = 1;
dir = opendir( dir_path );
if ( dir == NULL ) {
report_errno( "grab_names", "opendir", dir_path );
goto fail;
}
while ( ( entry = readdir( dir ) ) != NULL ) {
/* no d_namelen in ac/dirent.h */
int d_namelen = strlen( entry->d_name );
int full_len;
/* Skip . and .. */
if ( ( d_namelen == 1 && entry->d_name[0] == '.' ) ||
( d_namelen == 2 && entry->d_name[0] == '.' &&
entry->d_name[1] == '.' ) ) {
continue;
}
*tail = ber_memcalloc_x( 1, sizeof(**tail), ctx );
if ( *tail == NULL ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"grab_names: list alloc failed\n" );
goto fail;
}
(*tail)->next = NULL;
/* +1 for dirsep, +1 for term */
full_len = dir_path_len + 1 + d_namelen + 1;
(*tail)->name = ber_memalloc_x( full_len, ctx );
if ( (*tail)->name == NULL ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"grab_names: name alloc failed\n" );
goto fail;
}
snprintf( (*tail)->name, full_len, "%s" LDAP_DIRSEP "%s",
dir_path, entry->d_name );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"grab_names: found \"%s\"\n",
(*tail)->name );
rc = lstat( (*tail)->name, &(*tail)->st );
if ( rc ) {
report_errno( "grab_names", "lstat", (*tail)->name );
goto fail;
}
tail = &(*tail)->next;
}
closedir( dir );
ldap_pvt_thread_mutex_unlock( &readdir_mutex );
locked = 0;
dir = NULL;
goto success;
success:
rc = 0;
goto out;
fail:
rc = 1;
goto out;
out:
if ( dir != NULL ) closedir( dir );
if ( locked ) ldap_pvt_thread_mutex_unlock( &readdir_mutex );
if ( rc != 0 && *names != NULL ) {
free_name_list( *names, ctx );
*names = NULL;
}
Debug( LDAP_DEBUG_TRACE, "homedir: "
"grab_names: %s exit %d\n",
dir_path, rc );
return rc;
}
static int
traverse( const char *path, const traverse_cb *cb, void *ctx )
{
name_list *next_name = NULL;
name_list_list *dir_stack = NULL;
name_list_list *next_dir;
int rc = 0;
assert( path != NULL );
assert( cb != NULL );
assert( cb->pre_func || cb->post_func );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse: %s\n", path );
dir_stack = ber_memcalloc_x( 1, sizeof(*dir_stack), ctx );
if ( dir_stack == NULL ) goto alloc_fail;
dir_stack->next = NULL;
dir_stack->list = ber_memcalloc_x( 1, sizeof(name_list), ctx );
if ( dir_stack->list == NULL ) goto alloc_fail;
rc = lstat( path, &dir_stack->list->st );
if ( rc != 0 ) {
report_errno( "traverse", "lstat", path );
goto fail;
}
dir_stack->list->next = NULL;
dir_stack->list->name = ber_strdup_x( path, ctx );
if ( dir_stack->list->name == NULL ) goto alloc_fail;
while ( dir_stack != NULL ) {
while ( dir_stack->list != NULL ) {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse: top of loop with \"%s\"\n",
dir_stack->list->name );
if ( cb->pre_func != NULL ) {
traverse_cb_ret cb_rc;
cb_rc = cb->pre_func( cb->pre_private, dir_stack->list->name,
&dir_stack->list->st, ctx );
if ( cb_rc == TRAVERSE_CB_DONE ) goto cb_done;
if ( cb_rc == TRAVERSE_CB_FAIL ) goto cb_fail;
}
if ( (dir_stack->list->st.st_mode & S_IFMT) == S_IFDIR ) {
/* push dir onto stack */
next_dir = dir_stack;
dir_stack = ber_memalloc_x( sizeof(*dir_stack), ctx );
if ( dir_stack == NULL ) {
dir_stack = next_dir;
goto alloc_fail;
}
dir_stack->list = NULL;
dir_stack->next = next_dir;
rc = grab_names(
dir_stack->next->list->name, &dir_stack->list, ctx );
if ( rc != 0 ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"traverse: grab_names %s failed\n",
dir_stack->next->list->name );
goto fail;
}
} else {
/* just a file */
if ( cb->post_func != NULL ) {
traverse_cb_ret cb_rc;
cb_rc = cb->post_func( cb->post_private,
dir_stack->list->name, &dir_stack->list->st, ctx );
if ( cb_rc == TRAVERSE_CB_DONE ) goto cb_done;
if ( cb_rc == TRAVERSE_CB_FAIL ) goto cb_fail;
}
next_name = dir_stack->list->next;
ber_memfree_x( dir_stack->list->name, ctx );
ber_memfree_x( dir_stack->list, ctx );
dir_stack->list = next_name;
}
}
/* Time to pop a directory off the stack */
next_dir = dir_stack->next;
ber_memfree_x( dir_stack, ctx );
dir_stack = next_dir;
if ( dir_stack != NULL ) {
if ( cb->post_func != NULL ) {
traverse_cb_ret cb_rc;
cb_rc = cb->post_func( cb->post_private, dir_stack->list->name,
&dir_stack->list->st, ctx );
if ( cb_rc == TRAVERSE_CB_DONE ) goto cb_done;
if ( cb_rc == TRAVERSE_CB_FAIL ) goto cb_fail;
}
next_name = dir_stack->list->next;
ber_memfree_x( dir_stack->list->name, ctx );
ber_memfree_x( dir_stack->list, ctx );
dir_stack->list = next_name;
}
}
goto success;
cb_done:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse: cb signaled completion\n" );
success:
rc = 0;
goto out;
cb_fail:
Debug( LDAP_DEBUG_ANY, "homedir: "
"traverse: cb signaled failure\n" );
goto fail;
alloc_fail:
Debug( LDAP_DEBUG_ANY, "homedir: "
"traverse: allocation failed\n" );
fail:
rc = 1;
goto out;
out:
while ( dir_stack != NULL ) {
free_name_list( dir_stack->list, ctx );
next_dir = dir_stack->next;
ber_memfree_x( dir_stack, ctx );
dir_stack = next_dir;
}
return rc;
}
static traverse_cb_ret
traverse_copy_pre(
void *private,
const char *name,
const struct stat *st,
void *ctx )
{
copy_private *cp = private;
char *dest_name = NULL;
int source_name_len;
int dest_name_len;
int rc;
assert( private != NULL );
assert( name != NULL );
assert( st != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_copy_pre: %s entering\n",
name );
assert( cp->source_prefix_len >= 0 );
assert( cp->dest_prefix != NULL );
assert( cp->dest_prefix_len > 1 );
source_name_len = strlen( name );
assert( source_name_len >= cp->source_prefix_len );
/* +1 for terminator */
dest_name_len =
source_name_len + cp->dest_prefix_len - cp->source_prefix_len + 1;
dest_name = ber_memalloc_x( dest_name_len, ctx );
if ( dest_name == NULL ) goto alloc_fail;
snprintf( dest_name, dest_name_len, "%s%s", cp->dest_prefix,
name + cp->source_prefix_len );
switch ( st->st_mode & S_IFMT ) {
case S_IFDIR:
rc = mkdir( dest_name, st->st_mode & 06775 );
if ( rc ) {
int save_errno = errno;
switch ( save_errno ) {
case EEXIST:
/* directory already present; nothing to do */
goto exists;
break;
case ENOENT:
/* FIXME: should mkdir -p here */
/* fallthrough for now */
default:
report_errno( "traverse_copy_pre", "mkdir", dest_name );
goto fail;
}
}
rc = lchown( dest_name, cp->uidn, cp->gidn );
if ( rc ) {
report_errno( "traverse_copy_pre", "lchown", dest_name );
goto fail;
}
rc = chmod( dest_name, st->st_mode & 07777 );
if ( rc ) {
report_errno( "traverse_copy_pre", "chmod", dest_name );
goto fail;
}
break;
case S_IFREG:
rc = copy_file(
dest_name, name, cp->uidn, cp->gidn, st->st_mode & 07777 );
if ( rc ) goto fail;
break;
case S_IFIFO:
rc = mkfifo( dest_name, 0700 );
if ( rc ) {
report_errno( "traverse_copy_pre", "mkfifo", dest_name );
goto fail;
}
rc = lchown( dest_name, cp->uidn, cp->gidn );
if ( rc ) {
report_errno( "traverse_copy_pre", "lchown", dest_name );
goto fail;
}
rc = chmod( dest_name, st->st_mode & 07777 );
if ( rc ) {
report_errno( "traverse_copy_pre", "chmod", dest_name );
goto fail;
}
break;
case S_IFLNK:
rc = copy_link( dest_name, name, st, cp->uidn, cp->gidn, ctx );
if ( rc ) goto fail;
break;
default:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_copy_pre: skipping special: %s\n",
name );
}
goto success;
alloc_fail:
Debug( LDAP_DEBUG_ANY, "homedir: "
"traverse_copy_pre: allocation failed\n" );
fail:
rc = TRAVERSE_CB_FAIL;
goto out;
exists:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_copy_pre: \"%s\" already exists,"
" skipping the rest\n",
dest_name );
rc = TRAVERSE_CB_DONE;
goto out;
success:
rc = TRAVERSE_CB_CONTINUE;
out:
if ( dest_name != NULL ) ber_memfree_x( dest_name, ctx );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_copy_pre: exit %d\n", rc );
return rc;
}
static int
copy_tree(
const char *dest_path,
const char *source_path,
uid_t uidn,
gid_t gidn,
void *ctx )
{
traverse_cb cb;
copy_private cp;
int rc;
assert( dest_path != NULL );
assert( source_path != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_tree: %s to %s entering\n",
source_path, dest_path );
cb.pre_func = traverse_copy_pre;
cb.post_func = NULL;
cb.pre_private = &cp;
cb.post_private = NULL;
cp.source_prefix_len = strlen( source_path );
cp.dest_prefix = dest_path;
cp.dest_prefix_len = strlen( dest_path );
cp.uidn = uidn;
cp.gidn = gidn;
if ( cp.source_prefix_len <= cp.dest_prefix_len &&
strncmp( source_path, dest_path, cp.source_prefix_len ) == 0 &&
( cp.source_prefix_len == cp.dest_prefix_len ||
dest_path[cp.source_prefix_len] == LDAP_DIRSEP[0] ) ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"copy_tree: aborting: %s contains %s\n",
source_path, dest_path );
return 1;
}
rc = traverse( source_path, &cb, ctx );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"copy_tree: %s exit %d\n", source_path,
rc );
return rc;
}
static int
homedir_provision(
const char *dest_path,
const char *skel_path,
uid_t uidn,
gid_t gidn,
void *ctx )
{
int rc;
assert( dest_path != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_provision: %s from skeleton %s\n",
dest_path, skel_path == NULL ? "(none)" : skel_path );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_provision: %s uidn %ld gidn %ld\n",
dest_path, (long)uidn, (long)gidn );
if ( skel_path == NULL ) {
rc = mkdir( dest_path, 0700 );
if ( rc ) {
int save_errno = errno;
switch ( save_errno ) {
case EEXIST:
/* directory already present; nothing to do */
/* but down chown either */
rc = 0;
goto out;
break;
default:
report_errno( "provision_homedir", "mkdir", dest_path );
goto fail;
}
}
rc = lchown( dest_path, uidn, gidn );
if ( rc ) {
report_errno( "provision_homedir", "lchown", dest_path );
goto fail;
}
} else {
rc = copy_tree( dest_path, skel_path, uidn, gidn, ctx );
}
goto out;
fail:
rc = 1;
goto out;
out:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_provision: %s to %s exit %d\n",
skel_path, dest_path, rc );
return rc;
}
/* traverse func for rm -rf */
static traverse_cb_ret
traverse_remove_post(
void *private,
const char *name,
const struct stat *st,
void *ctx )
{
int rc;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_remove_post: %s entering\n",
name );
if ( (st->st_mode & S_IFMT) == S_IFDIR ) {
rc = rmdir( name );
if ( rc != 0 ) {
report_errno( "traverse_remove_post", "rmdir", name );
goto fail;
}
} else {
rc = unlink( name );
if ( rc != 0 ) {
report_errno( "traverse_remove_post", "unlink", name );
goto fail;
}
}
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_remove_post: %s exit continue\n",
name );
return TRAVERSE_CB_CONTINUE;
fail:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_remove_post: %s exit failure\n",
name );
return TRAVERSE_CB_FAIL;
}
static int
delete_tree( const char *path, void *ctx )
{
const static traverse_cb cb = { NULL, traverse_remove_post, NULL, NULL };
int rc;
assert( path != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"delete_tree: %s entering\n", path );
rc = traverse( path, &cb, ctx );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"delete_tree: %s exit %d\n", path, rc );
return rc;
}
static int
get_tar_name(
const char *path,
const char *tar_path,
char *tar_name,
int name_size )
{
int rc = 0;
const char *ch;
int fd = -1;
int counter = 0;
time_t now;
assert( path != NULL );
assert( tar_path != NULL );
assert( tar_name != NULL );
for ( ch = path + strlen( path );
*ch != LDAP_DIRSEP[0] && ch > path;
--ch )
;
if ( ch <= path || strlen( ch ) < 2 ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"get_tar_name: unable to construct a tar name from input "
"path \"%s\"\n",
path );
goto fail;
}
++ch; /* skip past sep */
time( &now );
while ( fd < 0 ) {
snprintf( tar_name, name_size, "%s" LDAP_DIRSEP "%s-%ld-%d.tar",
tar_path, ch, (long)now, counter );
fd = open( tar_name, O_WRONLY|O_CREAT|O_EXCL, 0600 );
if ( fd < 0 ) {
int save_errno = errno;
if ( save_errno != EEXIST ) {
report_errno( "get_tar_name", "open", tar_name );
goto fail;
}
++counter;
}
}
rc = 0;
goto out;
fail:
rc = 1;
*tar_name = '\0';
out:
if ( fd >= 0 ) close( fd );
return rc;
}
/* traverse func for rechown */
static traverse_cb_ret
traverse_chown_pre(
void *private,
const char *name,
const struct stat *st,
void *ctx )
{
int rc;
chown_private *cp = private;
uid_t set_uidn = -1;
gid_t set_gidn = -1;
assert( private != NULL );
assert( name != NULL );
assert( st != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_chown_pre: %s entering\n",
name );
if ( st->st_uid == cp->old_uidn ) set_uidn = cp->new_uidn;
if ( st->st_gid == cp->old_gidn ) set_gidn = cp->new_gidn;
if ( set_uidn != (uid_t)-1 || set_gidn != (gid_t)-1 ) {
rc = lchown( name, set_uidn, set_gidn );
if ( rc ) {
report_errno( "traverse_chown_pre", "lchown", name );
goto fail;
}
}
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_chown_pre: %s exit continue\n",
name );
return TRAVERSE_CB_CONTINUE;
fail:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_chown_pre: %s exit failure\n",
name );
return TRAVERSE_CB_FAIL;
}
static int
chown_tree(
const char *path,
uid_t old_uidn,
uid_t new_uidn,
gid_t old_gidn,
gid_t new_gidn,
void *ctx )
{
traverse_cb cb;
chown_private cp;
int rc;
assert( path != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"chown_tree: %s entering\n", path );
cb.pre_func = traverse_chown_pre;
cb.post_func = NULL;
cb.pre_private = &cp;
cb.post_private = NULL;
cp.old_uidn = old_uidn;
cp.new_uidn = new_uidn;
cp.old_gidn = old_gidn;
cp.new_gidn = new_gidn;
rc = traverse( path, &cb, ctx );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"chown_tree: %s exit %d\n", path, rc );
return rc;
}
static int
homedir_rename( const char *source_path, const char *dest_path )
{
int rc = 0;
assert( source_path != NULL );
assert( dest_path != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_rename: %s to %s\n",
source_path, dest_path );
rc = rename( source_path, dest_path );
if ( rc != 0 ) {
char ebuf[1024];
int save_errno = errno;
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_rename: rename(\"%s\", \"%s\"): (%s)\n",
source_path, dest_path,
AC_STRERROR_R( save_errno, ebuf, sizeof(ebuf) ) );
}
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_rename: %s to %s exit %d\n",
source_path, dest_path, rc );
return rc;
}
/* FIXME: This assumes ASCII; needs fixing for z/OS */
static int
tar_set_header( ustar_header *tar, const struct stat *st, const char *name )
{
int name_len;
int rc;
const char *ch, *end;
assert( tar != NULL );
assert( st != NULL );
assert( name != NULL );
assert( sizeof(*tar) == 512 );
assert( sizeof(tar->name) == 100 );
assert( sizeof(tar->prefix) == 155 );
assert( sizeof(tar->checksum) == 8 );
memset( tar, 0, sizeof(*tar) );
assert( name[0] == LDAP_DIRSEP[0] );
name += 1; /* skip leading / */
name_len = strlen( name );
/* fits in tar->name? */
/* Yes, name and prefix do not need a trailing nul. */
if ( name_len <= 100 ) {
strncpy( tar->name, name, 100 );
/* try fit in tar->name + tar->prefix */
} else {
/* try to find something to stick into tar->name */
for ( ch = name + name_len - 100, end = name + name_len;
ch < end && *ch != LDAP_DIRSEP[0];
++ch )
;
if ( end - ch > 0 ) /* +1 skip past sep */
ch++;
else {
/* reset; name too long for UStar */
Debug( LDAP_DEBUG_ANY, "homedir: "
"tar_set_header: name too long: \"%s\"\n",
name );
ch = name + name_len - 100;
}
strncpy( tar->name, ch + 1, 100 );
{
int prefix_len = ( ch - 1 ) - name;
if ( prefix_len > 155 ) prefix_len = 155;
strncpy( tar->prefix, name, prefix_len );
}
}
snprintf( tar->mode, 8, "%06lo ", (long)st->st_mode & 07777 );
snprintf( tar->uid, 8, "%06lo ", (long)st->st_uid );
snprintf( tar->gid, 8, "%06lo ", (long)st->st_gid );
snprintf( tar->mtime, 12, "%010lo ", (long)st->st_mtime );
snprintf( tar->size, 12, "%010lo ", (long)0 );
switch ( st->st_mode & S_IFMT ) {
case S_IFREG:
tar->typeflag[0] = '0';
snprintf( tar->size, 12, "%010lo ", (long)st->st_size );
break;
case S_IFLNK:
tar->typeflag[0] = '2';
rc = readlink( name - 1, tar->linkname, 99 );
if ( rc == -1 ) {
report_errno( "tar_set_header", "readlink", name );
goto fail;
}
break;
case S_IFCHR:
tar->typeflag[0] = '3';
/* FIXME: this is probably wrong but shouldn't likely be an issue */
snprintf( tar->devmajor, 8, "%06lo ", (long)st->st_rdev >> 16 );
snprintf( tar->devminor, 8, "%06lo ", (long)st->st_rdev & 0xffff );
break;
case S_IFBLK:
tar->typeflag[0] = '4';
/* FIXME: this is probably wrong but shouldn't likely be an issue */
snprintf( tar->devmajor, 8, "%06lo ", (long)st->st_rdev >> 16 );
snprintf( tar->devminor, 8, "%06lo ", (long)st->st_rdev & 0xffff );
break;
case S_IFDIR:
tar->typeflag[0] = '5';
break;
case S_IFIFO:
tar->typeflag[0] = '6';
break;
default:
goto fail;
}
snprintf( tar->magic, 6, "ustar" );
tar->version[0] = '0';
tar->version[1] = '0';
{
unsigned char *uch = (unsigned char *)tar;
unsigned char *uend = uch + 512;
unsigned long sum = 0;
memset( &tar->checksum, ' ', sizeof(tar->checksum) );
for ( ; uch < uend; ++uch )
sum += *uch;
/* zero-padded, six octal digits, followed by NUL then space (!) */
/* Yes, that's terminated exactly reverse of the others. */
snprintf( tar->checksum, sizeof(tar->checksum) - 1, "%06lo", sum );
}
return 0;
fail:
return 1;
}
static traverse_cb_ret
traverse_tar_pre(
void *private,
const char *name,
const struct stat *st,
void *ctx )
{
int rc;
traverse_cb_ret cbrc;
tar_private *tp = private;
ustar_header tar;
FILE *source = NULL;
assert( private != NULL );
assert( name != NULL );
assert( st != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_tar_pre: %s entering\n", name );
switch ( st->st_mode & S_IFMT ) {
case S_IFREG:
if ( sizeof(st->st_size) > 4 && ( st->st_size >> 33 ) >= 1 ) {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_tar_pre: %s is larger than 8GiB POSIX UStar "
"file size limit\n",
name );
goto fail;
}
/* fallthrough */
case S_IFDIR:
case S_IFLNK:
case S_IFIFO:
case S_IFCHR:
case S_IFBLK:
rc = tar_set_header( &tar, st, name );
if ( rc ) goto fail;
break;
default:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_tar_pre: skipping \"%s\" mode %o\n",
name, st->st_mode );
goto done;
}
rc = fwrite( &tar, 1, 512, tp->file );
if ( rc != 512 ) {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_tar_pre: write error in tar header\n" );
goto fail;
}
if ( (st->st_mode & S_IFMT) == S_IFREG ) {
source = fopen( name, "rb" );
if ( source == NULL ) {
report_errno( "traverse_tar_pre", "fopen", name );
goto fail;
}
rc = copy_blocks( source, tp->file, name, tp->name );
if ( rc != 0 ) goto fail;
fclose( source );
source = NULL;
}
{ /* advance to end of record */
off_t pos = ftello( tp->file );
if ( pos == -1 ) {
report_errno( "traverse_tar_pre", "ftello", tp->name );
goto fail;
}
pos += ( 512 - ( pos % 512 ) ) % 512;
rc = fseeko( tp->file, pos, SEEK_SET );
if ( rc != 0 ) {
report_errno( "traverse_tar_pre", "fseeko", tp->name );
goto fail;
}
}
done:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_tar_pre: %s exit continue\n",
name );
cbrc = TRAVERSE_CB_CONTINUE;
goto out;
fail:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"traverse_tar_pre: %s exit failure\n",
name );
cbrc = TRAVERSE_CB_FAIL;
out:
if ( source != NULL ) fclose( source );
return cbrc;
}
static int
tar_tree( const char *path, const char *tar_name, void *ctx )
{
traverse_cb cb;
tar_private tp;
int rc;
assert( path != NULL );
assert( tar_name != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"tar_tree: %s into %s entering\n", path,
tar_name );
cb.pre_func = traverse_tar_pre;
cb.post_func = NULL;
cb.pre_private = &tp;
cb.post_private = NULL;
tp.name = tar_name;
tp.file = fopen( tar_name, "wb" );
if ( tp.file == NULL ) {
report_errno( "tar_tree", "fopen", tar_name );
goto fail;
}
rc = traverse( path, &cb, ctx );
if ( rc != 0 ) goto fail;
{
off_t pos = ftello( tp.file );
if ( pos == -1 ) {
report_errno( "tar_tree", "ftello", tp.name );
goto fail;
}
pos += 1024; /* two zero records */
pos += ( 10240 - ( pos % 10240 ) ) % 10240;
rc = ftruncate( fileno( tp.file ), pos );
if ( rc != 0 ) {
report_errno( "tar_tree", "ftrunctate", tp.name );
goto fail;
}
}
rc = fclose( tp.file );
tp.file = NULL;
if ( rc != 0 ) {
report_errno( "tar_tree", "fclose", tp.name );
goto fail;
}
goto out;
fail:
rc = 1;
out:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"tar_tree: %s exit %d\n", path, rc );
if ( tp.file != NULL ) fclose( tp.file );
return rc;
}
static int
homedir_deprovision( const homedir_data *data, const char *path, void *ctx )
{
int rc = 0;
char tar_name[1024];
assert( data != NULL );
assert( path != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_deprovision: %s entering\n",
path );
switch ( data->style ) {
case DEL_IGNORE:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_deprovision: style is ignore\n" );
break;
case DEL_ARCHIVE:
if ( data->archive_path == NULL ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_deprovision: archive path not set\n" );
goto fail;
}
rc = get_tar_name( path, data->archive_path, tar_name, 1024 );
if ( rc != 0 ) goto fail;
rc = tar_tree( path, tar_name, ctx );
if ( rc != 0 ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_deprovision: archive failed, not deleting\n" );
goto fail;
}
/* fall-through */
case DEL_DELETE:
rc = delete_tree( path, ctx );
break;
default:
abort();
}
rc = 0;
goto out;
fail:
rc = 1;
out:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_deprovision: %s leaving\n",
path );
return rc;
}
/* FIXME: This assumes ASCII; needs fixing for z/OS */
/* FIXME: This should also be in a slapd library function somewhere */
#define MAX_MATCHES ( 10 )
static int
homedir_match(
const homedir_regexp *r,
const char *homedir,
char *result,
size_t result_size )
{
int rc;
int n;
regmatch_t matches[MAX_MATCHES];
char *resc, *repc;
assert( r != NULL );
assert( homedir != NULL );
assert( result_size > 1 );
memset( matches, 0, sizeof(matches) );
rc = regexec( &r->compiled, homedir, MAX_MATCHES, matches, 0 );
if ( rc ) {
if ( rc != REG_NOMATCH ) {
char msg[256];
regerror( rc, &r->compiled, msg, sizeof(msg) );
Debug( LDAP_DEBUG_ANY, "homedir_match: "
"%s\n", msg );
}
return rc;
}
for ( resc = result, repc = r->replace;
result_size > 1 && *repc != '\0';
++repc, ++resc, --result_size ) {
switch ( *repc ) {
case '$':
++repc;
n = ( *repc ) - '0';
if ( n < 0 || n > ( MAX_MATCHES - 1 ) ||
matches[n].rm_so < 0 ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"invalid regex term expansion in \"%s\" "
"at char %ld, n is %d\n",
r->replace, (long)( repc - r->replace ), n );
return 1;
}
{
size_t match_len = matches[n].rm_eo - matches[n].rm_so;
const char *match_start = homedir + matches[n].rm_so;
if ( match_len >= result_size ) goto too_long;
memcpy( resc, match_start, match_len );
result_size -= match_len;
resc += match_len - 1;
}
break;
case '\\':
++repc;
/* fallthrough */
default:
*resc = *repc;
}
}
*resc = '\0';
if ( *repc != '\0' ) goto too_long;
return 0;
too_long:
Debug( LDAP_DEBUG_ANY, "homedir: "
"regex expansion of %s too long\n",
r->replace );
*result = '\0';
return 1;
}
/* Sift through an entry for interesting values
* return 0 on success and set vars
* return 1 if homedir is not present or not valid
* sets presence if any homedir attributes are noticed
*/
static int
harvest_values(
const homedir_data *data,
const Entry *e,
char *home_buf,
int home_buf_size,
uid_t *uidn,
gid_t *gidn,
int *presence )
{
Attribute *a;
char *homedir = NULL;
assert( data != NULL );
assert( e != NULL );
assert( home_buf != NULL );
assert( home_buf_size > 1 );
assert( uidn != NULL );
assert( gidn != NULL );
assert( presence != NULL );
*presence = 0;
if ( e == NULL ) return 1;
*uidn = 0;
*gidn = 0;
for ( a = e->e_attrs; a->a_next != NULL; a = a->a_next ) {
if ( a->a_desc == data->home_ad ) {
homedir = a->a_vals[0].bv_val;
*presence = 1;
} else if ( a->a_desc == data->uidn_ad ) {
*uidn = (uid_t)strtol( a->a_vals[0].bv_val, NULL, 10 );
*presence = 1;
} else if ( a->a_desc == data->gidn_ad ) {
*gidn = (gid_t)strtol( a->a_vals[0].bv_val, NULL, 10 );
*presence = 1;
}
}
if ( homedir != NULL ) {
homedir_regexp *r;
for ( r = data->regexps; r != NULL; r = r->next ) {
int rc = homedir_match( r, homedir, home_buf, home_buf_size );
if ( rc == 0 ) return 0;
}
}
return 1;
}
static int
homedir_mod_cleanup( Operation *op, SlapReply *rs )
{
slap_callback *cb = NULL;
slap_callback **cbp = NULL;
homedir_cb_data *cb_data = NULL;
Entry *e = NULL;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_cleanup: entering\n" );
for ( cbp = &op->o_callback;
*cbp != NULL && (*cbp)->sc_cleanup != homedir_mod_cleanup;
cbp = &(*cbp)->sc_next )
;
if ( *cbp == NULL ) goto out;
cb = *cbp;
cb_data = (homedir_cb_data *)cb->sc_private;
e = cb_data->entry;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_cleanup: found <%s>\n",
e->e_nname.bv_val );
entry_free( e );
op->o_tmpfree( cb_data, op->o_tmpmemctx );
*cbp = cb->sc_next;
op->o_tmpfree( cb, op->o_tmpmemctx );
out:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_cleanup: leaving\n" );
return SLAP_CB_CONTINUE;
}
static int
homedir_mod_response( Operation *op, SlapReply *rs )
{
slap_overinst *on = NULL;
homedir_data *data = NULL;
slap_callback *cb = NULL;
homedir_cb_data *cb_data = NULL;
Entry *e = NULL;
int rc = SLAP_CB_CONTINUE;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: entering\n" );
if ( rs->sr_err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: op was not successful\n" );
goto out;
}
/* Retrieve stashed entry */
for ( cb = op->o_callback;
cb != NULL && cb->sc_cleanup != homedir_mod_cleanup;
cb = cb->sc_next )
;
if ( cb == NULL ) goto out;
cb_data = (homedir_cb_data *)cb->sc_private;
e = cb_data->entry;
on = cb_data->on;
data = on->on_bi.bi_private;
assert( e != NULL );
assert( data != NULL );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: found <%s>\n",
e->e_nname.bv_val );
switch ( op->o_tag ) {
case LDAP_REQ_DELETE: {
char home_buf[1024];
uid_t uidn = 0;
gid_t gidn = 0;
int presence;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: successful delete found\n" );
rc = harvest_values( data, e, home_buf, sizeof(home_buf), &uidn,
&gidn, &presence );
if ( rc == 0 && uidn >= data->min_uid ) {
homedir_deprovision( data, home_buf, op->o_tmpmemctx );
} else {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: skipping\n" );
}
rc = SLAP_CB_CONTINUE;
break;
}
case LDAP_REQ_MODIFY:
case LDAP_REQ_MODRDN: {
Operation nop = *op;
Entry *old_entry = e;
Entry *new_entry = NULL;
Entry *etmp;
char old_home[1024];
char new_home[1024];
uid_t old_uidn, new_uidn;
uid_t old_gidn, new_gidn;
int old_valid = 0;
int new_valid = 0;
int old_presence, new_presence;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: successful modify/modrdn found\n" );
/* retrieve the revised entry */
nop.o_bd = on->on_info->oi_origdb;
rc = overlay_entry_get_ov(
&nop, &op->o_req_ndn, NULL, NULL, 0, &etmp, on );
if ( etmp != NULL ) {
new_entry = entry_dup( etmp );
overlay_entry_release_ov( &nop, etmp, 0, on );
}
if ( rc || new_entry == NULL ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_mod_response: unable to get revised <%s>\n",
op->o_req_ndn.bv_val );
if ( new_entry != NULL ) {
entry_free( new_entry );
new_entry = NULL;
}
}
/* analyze old and new */
rc = harvest_values( data, old_entry, old_home, 1024, &old_uidn,
&old_gidn, &old_presence );
if ( rc == 0 && old_uidn >= data->min_uid ) old_valid = 1;
if ( new_entry != NULL ) {
rc = harvest_values( data, new_entry, new_home, 1024, &new_uidn,
&new_gidn, &new_presence );
if ( rc == 0 && new_uidn >= data->min_uid ) new_valid = 1;
entry_free( new_entry );
new_entry = NULL;
}
if ( new_valid && !old_valid ) { /* like an add */
if ( old_presence )
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: old entry is now valid\n" );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: treating like an add\n" );
homedir_provision( new_home, data->skeleton_path, new_uidn,
new_gidn, op->o_tmpmemctx );
} else if ( old_valid && !new_valid &&
!new_presence ) { /* like a del */
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: treating like a del\n" );
homedir_deprovision( data, old_home, op->o_tmpmemctx );
} else if ( new_valid && old_valid ) { /* change */
int did_something = 0;
if ( strcmp( old_home, new_home ) != 0 ) {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: treating like a rename\n" );
homedir_rename( old_home, new_home );
did_something = 1;
}
if ( old_uidn != new_uidn || old_gidn != new_gidn ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_mod_response: rechowning\n" );
chown_tree( new_home, old_uidn, new_uidn, old_gidn,
new_gidn, op->o_tmpmemctx );
did_something = 1;
}
if ( !did_something ) {
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: nothing to do\n" );
}
} else if ( old_presence || new_presence ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_mod_response: <%s> values present "
"but invalid; ignoring\n",
op->o_req_ndn.bv_val );
}
rc = SLAP_CB_CONTINUE;
break;
}
default:
rc = SLAP_CB_CONTINUE;
}
out:
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_mod_response: leaving\n" );
return rc;
}
static int
homedir_op_mod( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
slap_callback *cb = NULL;
homedir_cb_data *cb_data = NULL;
Entry *e = NULL;
Entry *se = NULL;
Operation nop = *op;
int rc;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_op_mod: entering\n" );
/* retrieve the entry */
nop.o_bd = on->on_info->oi_origdb;
rc = overlay_entry_get_ov( &nop, &op->o_req_ndn, NULL, NULL, 0, &e, on );
if ( e != NULL ) {
se = entry_dup( e );
overlay_entry_release_ov( &nop, e, 0, on );
e = se;
}
if ( rc || e == NULL ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"homedir_op_mod: unable to get <%s>\n",
op->o_req_ndn.bv_val );
goto out;
}
/* Allocate the callback to hold the entry */
cb = op->o_tmpalloc( sizeof(slap_callback), op->o_tmpmemctx );
cb_data = op->o_tmpalloc( sizeof(homedir_cb_data), op->o_tmpmemctx );
cb->sc_cleanup = homedir_mod_cleanup;
cb->sc_response = homedir_mod_response;
cb->sc_private = cb_data;
cb_data->entry = e;
e = NULL;
cb_data->on = on;
cb->sc_next = op->o_callback;
op->o_callback = cb;
out:
if ( e != NULL ) entry_free( e );
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_op_mod: leaving\n" );
return SLAP_CB_CONTINUE;
}
static int
homedir_response( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
homedir_data *data = on->on_bi.bi_private;
Debug( LDAP_DEBUG_TRACE, "homedir: "
"homedir_response: entering\n" );
if ( rs->sr_err != LDAP_SUCCESS || data == NULL ) return SLAP_CB_CONTINUE;
switch ( op->o_tag ) {
case LDAP_REQ_ADD: { /* Check for new homedir */
char home_buf[1024];
uid_t uidn = 0;
gid_t gidn = 0;
int rc, presence;
rc = harvest_values( data, op->ora_e, home_buf, sizeof(home_buf),
&uidn, &gidn, &presence );
if ( rc == 0 && uidn >= data->min_uid ) {
homedir_provision( home_buf, data->skeleton_path, uidn, gidn,
op->o_tmpmemctx );
}
return SLAP_CB_CONTINUE;
}
default:
return SLAP_CB_CONTINUE;
}
return SLAP_CB_CONTINUE;
}
static int
homedir_db_init( BackendDB *be, ConfigReply *cr )
{
slap_overinst *on = (slap_overinst *)be->bd_info;
homedir_data *data = ch_calloc( 1, sizeof(homedir_data) );
const char *text;
if ( slap_str2ad( "homeDirectory", &data->home_ad, &text ) ||
slap_str2ad( "uidNumber", &data->uidn_ad, &text ) ||
slap_str2ad( "gidNumber", &data->gidn_ad, &text ) ) {
Debug( LDAP_DEBUG_ANY, "homedir: "
"nis schema not available\n" );
return 1;
}
data->skeleton_path = strdup( DEFAULT_SKEL );
data->min_uid = DEFAULT_MIN_UID;
data->archive_path = NULL;
on->on_bi.bi_private = data;
return 0;
}
static int
homedir_db_destroy( BackendDB *be, ConfigReply *cr )
{
slap_overinst *on = (slap_overinst *)be->bd_info;
homedir_data *data = on->on_bi.bi_private;
homedir_regexp *r, *rnext;
if ( data != NULL ) {
for ( r = data->regexps; r != NULL; r = rnext ) {
rnext = r->next;
ch_free( r->match );
ch_free( r->replace );
regfree( &r->compiled );
ch_free( r );
}
data->regexps = NULL;
if ( data->skeleton_path != NULL ) ch_free( data->skeleton_path );
if ( data->archive_path != NULL ) ch_free( data->archive_path );
ch_free( data );
}
return 0;
}
int
homedir_initialize()
{
int rc;
assert( ' ' == 32 ); /* Lots of ASCII requirements for now */
memset( &homedir, 0, sizeof(homedir) );
homedir.on_bi.bi_type = "homedir";
homedir.on_bi.bi_db_init = homedir_db_init;
homedir.on_bi.bi_db_destroy = homedir_db_destroy;
homedir.on_bi.bi_op_delete = homedir_op_mod;
homedir.on_bi.bi_op_modify = homedir_op_mod;
homedir.on_response = homedir_response;
homedir.on_bi.bi_cf_ocs = homedirocs;
rc = config_register_schema( homedircfg, homedirocs );
if ( rc ) return rc;
ldap_pvt_thread_mutex_init( &readdir_mutex );
return overlay_register( &homedir );
}
int
homedir_terminate()
{
ldap_pvt_thread_mutex_destroy( &readdir_mutex );
return 0;
}
#if SLAPD_OVER_HOMEDIR == SLAPD_MOD_DYNAMIC && defined(PIC)
int
init_module( int argc, char *argv[] )
{
return homedir_initialize();
}
int
term_module()
{
return homedir_terminate();
}
#endif
#endif /* SLAPD_OVER_HOMEDIR */