Print this page
3347 zonecfg(1M) is confused about selection
Split |
Close |
Expand all |
Collapse all |
--- old/usr/src/lib/libzonecfg/common/libzonecfg.c
+++ new/usr/src/lib/libzonecfg/common/libzonecfg.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 + * Copyright 2014 Gary Mills
23 24 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24 25 */
25 26
26 27 #include <libsysevent.h>
27 28 #include <pthread.h>
28 29 #include <stdlib.h>
29 30 #include <errno.h>
30 31 #include <fnmatch.h>
31 32 #include <strings.h>
32 33 #include <unistd.h>
33 34 #include <assert.h>
34 35 #include <libgen.h>
35 36 #include <libintl.h>
36 37 #include <alloca.h>
37 38 #include <ctype.h>
38 39 #include <sys/acl.h>
39 40 #include <sys/stat.h>
40 41 #include <sys/brand.h>
41 42 #include <sys/mntio.h>
42 43 #include <sys/mnttab.h>
43 44 #include <sys/nvpair.h>
44 45 #include <sys/types.h>
45 46 #include <sys/sockio.h>
46 47 #include <sys/systeminfo.h>
47 48 #include <ftw.h>
48 49 #include <pool.h>
49 50 #include <libscf.h>
50 51 #include <libproc.h>
51 52 #include <sys/priocntl.h>
52 53 #include <libuutil.h>
53 54 #include <wait.h>
54 55 #include <bsm/adt.h>
55 56 #include <auth_attr.h>
56 57 #include <auth_list.h>
57 58 #include <secdb.h>
58 59 #include <user_attr.h>
59 60 #include <prof_attr.h>
60 61
61 62 #include <arpa/inet.h>
62 63 #include <netdb.h>
63 64
64 65 #include <libxml/xmlmemory.h>
65 66 #include <libxml/parser.h>
66 67
67 68 #include <libdevinfo.h>
68 69 #include <uuid/uuid.h>
69 70 #include <dirent.h>
70 71 #include <libbrand.h>
71 72
72 73 #include <libzonecfg.h>
73 74 #include "zonecfg_impl.h"
74 75
75 76 #define _PATH_TMPFILE "/zonecfg.XXXXXX"
76 77 #define ZONE_CB_RETRY_COUNT 10
77 78 #define ZONE_EVENT_PING_SUBCLASS "ping"
78 79 #define ZONE_EVENT_PING_PUBLISHER "solaris"
79 80
80 81 /* Hard-code the DTD element/attribute/entity names just once, here. */
81 82 #define DTD_ELEM_ATTR (const xmlChar *) "attr"
82 83 #define DTD_ELEM_COMMENT (const xmlChar *) "comment"
83 84 #define DTD_ELEM_DEVICE (const xmlChar *) "device"
84 85 #define DTD_ELEM_FS (const xmlChar *) "filesystem"
85 86 #define DTD_ELEM_FSOPTION (const xmlChar *) "fsoption"
86 87 #define DTD_ELEM_NET (const xmlChar *) "network"
87 88 #define DTD_ELEM_RCTL (const xmlChar *) "rctl"
88 89 #define DTD_ELEM_RCTLVALUE (const xmlChar *) "rctl-value"
89 90 #define DTD_ELEM_ZONE (const xmlChar *) "zone"
90 91 #define DTD_ELEM_DATASET (const xmlChar *) "dataset"
91 92 #define DTD_ELEM_TMPPOOL (const xmlChar *) "tmp_pool"
92 93 #define DTD_ELEM_PSET (const xmlChar *) "pset"
93 94 #define DTD_ELEM_MCAP (const xmlChar *) "mcap"
94 95 #define DTD_ELEM_PACKAGE (const xmlChar *) "package"
95 96 #define DTD_ELEM_OBSOLETES (const xmlChar *) "obsoletes"
96 97 #define DTD_ELEM_DEV_PERM (const xmlChar *) "dev-perm"
97 98 #define DTD_ELEM_ADMIN (const xmlChar *) "admin"
98 99
99 100 #define DTD_ATTR_ACTION (const xmlChar *) "action"
100 101 #define DTD_ATTR_ADDRESS (const xmlChar *) "address"
101 102 #define DTD_ATTR_ALLOWED_ADDRESS (const xmlChar *) "allowed-address"
102 103 #define DTD_ATTR_AUTOBOOT (const xmlChar *) "autoboot"
103 104 #define DTD_ATTR_IPTYPE (const xmlChar *) "ip-type"
104 105 #define DTD_ATTR_DEFROUTER (const xmlChar *) "defrouter"
105 106 #define DTD_ATTR_DIR (const xmlChar *) "directory"
106 107 #define DTD_ATTR_LIMIT (const xmlChar *) "limit"
107 108 #define DTD_ATTR_LIMITPRIV (const xmlChar *) "limitpriv"
108 109 #define DTD_ATTR_BOOTARGS (const xmlChar *) "bootargs"
109 110 #define DTD_ATTR_SCHED (const xmlChar *) "scheduling-class"
110 111 #define DTD_ATTR_MATCH (const xmlChar *) "match"
111 112 #define DTD_ATTR_NAME (const xmlChar *) "name"
112 113 #define DTD_ATTR_PHYSICAL (const xmlChar *) "physical"
113 114 #define DTD_ATTR_POOL (const xmlChar *) "pool"
114 115 #define DTD_ATTR_PRIV (const xmlChar *) "priv"
115 116 #define DTD_ATTR_RAW (const xmlChar *) "raw"
116 117 #define DTD_ATTR_SPECIAL (const xmlChar *) "special"
117 118 #define DTD_ATTR_TYPE (const xmlChar *) "type"
118 119 #define DTD_ATTR_VALUE (const xmlChar *) "value"
119 120 #define DTD_ATTR_ZONEPATH (const xmlChar *) "zonepath"
120 121 #define DTD_ATTR_NCPU_MIN (const xmlChar *) "ncpu_min"
121 122 #define DTD_ATTR_NCPU_MAX (const xmlChar *) "ncpu_max"
122 123 #define DTD_ATTR_IMPORTANCE (const xmlChar *) "importance"
123 124 #define DTD_ATTR_PHYSCAP (const xmlChar *) "physcap"
124 125 #define DTD_ATTR_VERSION (const xmlChar *) "version"
125 126 #define DTD_ATTR_ID (const xmlChar *) "id"
126 127 #define DTD_ATTR_UID (const xmlChar *) "uid"
127 128 #define DTD_ATTR_GID (const xmlChar *) "gid"
128 129 #define DTD_ATTR_MODE (const xmlChar *) "mode"
129 130 #define DTD_ATTR_ACL (const xmlChar *) "acl"
130 131 #define DTD_ATTR_BRAND (const xmlChar *) "brand"
131 132 #define DTD_ATTR_HOSTID (const xmlChar *) "hostid"
132 133 #define DTD_ATTR_USER (const xmlChar *) "user"
133 134 #define DTD_ATTR_AUTHS (const xmlChar *) "auths"
134 135 #define DTD_ATTR_FS_ALLOWED (const xmlChar *) "fs-allowed"
135 136
136 137 #define DTD_ENTITY_BOOLEAN "boolean"
137 138 #define DTD_ENTITY_DEVPATH "devpath"
138 139 #define DTD_ENTITY_DRIVER "driver"
139 140 #define DTD_ENTITY_DRVMIN "drv_min"
140 141 #define DTD_ENTITY_FALSE "false"
141 142 #define DTD_ENTITY_INT "int"
142 143 #define DTD_ENTITY_STRING "string"
143 144 #define DTD_ENTITY_TRUE "true"
144 145 #define DTD_ENTITY_UINT "uint"
145 146
146 147 #define DTD_ENTITY_BOOL_LEN 6 /* "false" */
147 148
148 149 #define ATTACH_FORCED "SUNWattached.xml"
149 150
150 151 #define TMP_POOL_NAME "SUNWtmp_%s"
151 152 #define MAX_TMP_POOL_NAME (ZONENAME_MAX + 9)
152 153 #define RCAP_SERVICE "system/rcap:default"
153 154 #define POOLD_SERVICE "system/pools/dynamic:default"
154 155
155 156 /*
156 157 * rctl alias definitions
157 158 *
158 159 * This holds the alias, the full rctl name, the default priv value, action
159 160 * and lower limit. The functions that handle rctl aliases step through
160 161 * this table, matching on the alias, and using the full values for setting
161 162 * the rctl entry as well the limit for validation.
162 163 */
163 164 static struct alias {
164 165 char *shortname;
165 166 char *realname;
166 167 char *priv;
167 168 char *action;
168 169 uint64_t low_limit;
169 170 } aliases[] = {
170 171 {ALIAS_MAXLWPS, "zone.max-lwps", "privileged", "deny", 100},
171 172 {ALIAS_MAXSHMMEM, "zone.max-shm-memory", "privileged", "deny", 0},
172 173 {ALIAS_MAXSHMIDS, "zone.max-shm-ids", "privileged", "deny", 0},
173 174 {ALIAS_MAXMSGIDS, "zone.max-msg-ids", "privileged", "deny", 0},
174 175 {ALIAS_MAXSEMIDS, "zone.max-sem-ids", "privileged", "deny", 0},
175 176 {ALIAS_MAXLOCKEDMEM, "zone.max-locked-memory", "privileged", "deny", 0},
176 177 {ALIAS_MAXSWAP, "zone.max-swap", "privileged", "deny", 0},
177 178 {ALIAS_SHARES, "zone.cpu-shares", "privileged", "none", 0},
178 179 {ALIAS_CPUCAP, "zone.cpu-cap", "privileged", "deny", 0},
179 180 {ALIAS_MAXPROCS, "zone.max-processes", "privileged", "deny", 100},
180 181 {NULL, NULL, NULL, NULL, 0}
181 182 };
182 183
183 184 /*
184 185 * Structure for applying rctls to a running zone. It allows important
185 186 * process values to be passed together easily.
186 187 */
187 188 typedef struct pr_info_handle {
188 189 struct ps_prochandle *pr;
189 190 pid_t pid;
190 191 } pr_info_handle_t;
191 192
192 193 struct zone_dochandle {
193 194 char *zone_dh_rootdir;
194 195 xmlDocPtr zone_dh_doc;
195 196 xmlNodePtr zone_dh_cur;
196 197 xmlNodePtr zone_dh_top;
197 198 boolean_t zone_dh_newzone;
198 199 boolean_t zone_dh_snapshot;
199 200 boolean_t zone_dh_sw_inv;
200 201 zone_userauths_t *zone_dh_userauths;
201 202 char zone_dh_delete_name[ZONENAME_MAX];
202 203 };
203 204
204 205 struct znotify {
205 206 void * zn_private;
206 207 evchan_t *zn_eventchan;
207 208 int (*zn_callback)(const char *zonename, zoneid_t zid,
208 209 const char *newstate, const char *oldstate, hrtime_t when, void *p);
209 210 pthread_mutex_t zn_mutex;
210 211 pthread_cond_t zn_cond;
211 212 pthread_mutex_t zn_bigmutex;
212 213 volatile enum {ZN_UNLOCKED, ZN_LOCKED, ZN_PING_INFLIGHT,
213 214 ZN_PING_RECEIVED} zn_state;
214 215 char zn_subscriber_id[MAX_SUBID_LEN];
215 216 volatile boolean_t zn_failed;
216 217 int zn_failure_count;
217 218 };
218 219
219 220 /* used to track nested zone-lock operations */
220 221 static int zone_lock_cnt = 0;
221 222
222 223 /* used to communicate lock status to children */
223 224 #define LOCK_ENV_VAR "_ZONEADM_LOCK_HELD"
224 225 static char zoneadm_lock_held[] = LOCK_ENV_VAR"=1";
225 226 static char zoneadm_lock_not_held[] = LOCK_ENV_VAR"=0";
226 227
227 228 char *zonecfg_root = "";
228 229
229 230 /*
230 231 * For functions which return int, which is most of the functions herein,
231 232 * the return values should be from the Z_foo set defined in <libzonecfg.h>.
232 233 * In some instances, we take pains mapping some libc errno values to Z_foo
233 234 * values from this set.
234 235 */
235 236
236 237 /*
237 238 * Set the root (/) path for all zonecfg configuration files. This is a
238 239 * private interface used by Live Upgrade extensions to access zone
239 240 * configuration inside mounted alternate boot environments.
240 241 * This interface is also used by zoneadm mount and unmount subcommands.
241 242 */
242 243 void
243 244 zonecfg_set_root(const char *rootpath)
244 245 {
245 246 if (*zonecfg_root != '\0')
246 247 free(zonecfg_root);
247 248 if (rootpath == NULL || rootpath[0] == '\0' || rootpath[1] == '\0' ||
248 249 (zonecfg_root = strdup(rootpath)) == NULL)
249 250 zonecfg_root = "";
250 251 }
251 252
252 253 const char *
253 254 zonecfg_get_root(void)
254 255 {
255 256 return (zonecfg_root);
256 257 }
257 258
258 259 boolean_t
259 260 zonecfg_in_alt_root(void)
260 261 {
261 262 return (*zonecfg_root != '\0');
262 263 }
263 264
264 265 /*
265 266 * Callers of the _file_path() functions are expected to have the second
266 267 * parameter be a (char foo[MAXPATHLEN]).
267 268 */
268 269
269 270 static boolean_t
270 271 config_file_path(const char *zonename, char *answer)
271 272 {
272 273 return (snprintf(answer, MAXPATHLEN, "%s%s/%s.xml", zonecfg_root,
273 274 ZONE_CONFIG_ROOT, zonename) < MAXPATHLEN);
274 275 }
275 276
276 277 static boolean_t
277 278 snap_file_path(const char *zonename, char *answer)
278 279 {
279 280 return (snprintf(answer, MAXPATHLEN, "%s%s/%s.snapshot.xml",
280 281 zonecfg_root, ZONE_SNAPSHOT_ROOT, zonename) < MAXPATHLEN);
281 282 }
282 283
283 284 /*ARGSUSED*/
284 285 static void
285 286 zonecfg_error_func(void *ctx, const char *msg, ...)
286 287 {
287 288 /*
288 289 * This function does nothing by design. Its purpose is to prevent
289 290 * libxml from dumping unwanted messages to stdout/stderr.
290 291 */
291 292 }
292 293
293 294 zone_dochandle_t
294 295 zonecfg_init_handle(void)
295 296 {
296 297 zone_dochandle_t handle = calloc(1, sizeof (struct zone_dochandle));
297 298 if (handle == NULL) {
298 299 errno = Z_NOMEM;
299 300 return (NULL);
300 301 }
301 302
302 303 /* generic libxml initialization */
303 304 (void) xmlLineNumbersDefault(1);
304 305 xmlLoadExtDtdDefaultValue |= XML_DETECT_IDS;
305 306 xmlDoValidityCheckingDefaultValue = 1;
306 307 (void) xmlKeepBlanksDefault(0);
307 308 xmlGetWarningsDefaultValue = 0;
308 309 xmlSetGenericErrorFunc(NULL, zonecfg_error_func);
309 310
310 311 return (handle);
311 312 }
312 313
313 314 int
314 315 zonecfg_check_handle(zone_dochandle_t handle)
315 316 {
316 317 if (handle == NULL || handle->zone_dh_doc == NULL)
317 318 return (Z_BAD_HANDLE);
318 319 return (Z_OK);
319 320 }
320 321
321 322 void
322 323 zonecfg_fini_handle(zone_dochandle_t handle)
323 324 {
324 325 if (zonecfg_check_handle(handle) == Z_OK)
325 326 xmlFreeDoc(handle->zone_dh_doc);
326 327 if (handle != NULL)
327 328 free(handle);
328 329 }
329 330
330 331 static int
331 332 zonecfg_destroy_impl(char *filename)
332 333 {
333 334 if (unlink(filename) == -1) {
334 335 if (errno == EACCES)
335 336 return (Z_ACCES);
336 337 if (errno == ENOENT)
337 338 return (Z_NO_ZONE);
338 339 return (Z_MISC_FS);
339 340 }
340 341 return (Z_OK);
341 342 }
342 343
343 344 int
344 345 zonecfg_destroy(const char *zonename, boolean_t force)
345 346 {
346 347 char path[MAXPATHLEN];
347 348 struct zoneent ze;
348 349 int err, state_err;
349 350 zone_state_t state;
350 351
351 352 if (!config_file_path(zonename, path))
352 353 return (Z_MISC_FS);
353 354
354 355 state_err = zone_get_state((char *)zonename, &state);
355 356 err = access(path, W_OK);
356 357
357 358 /*
358 359 * If there is no file, and no index entry, reliably indicate that no
359 360 * such zone exists.
360 361 */
361 362 if ((state_err == Z_NO_ZONE) && (err == -1) && (errno == ENOENT))
362 363 return (Z_NO_ZONE);
363 364
364 365 /*
365 366 * Handle any other filesystem related errors (except if the XML
366 367 * file is missing, which we treat silently), unless we're forcing,
367 368 * in which case we plow on.
368 369 */
369 370 if (err == -1 && errno != ENOENT) {
370 371 if (errno == EACCES)
371 372 return (Z_ACCES);
372 373 else if (!force)
373 374 return (Z_MISC_FS);
374 375 }
375 376
376 377 if (state > ZONE_STATE_INSTALLED)
377 378 return (Z_BAD_ZONE_STATE);
378 379
379 380 if (!force && state > ZONE_STATE_CONFIGURED)
380 381 return (Z_BAD_ZONE_STATE);
381 382
382 383 /*
383 384 * Index deletion succeeds even if the entry doesn't exist. So this
384 385 * will fail only if we've had some more severe problem.
385 386 */
386 387 bzero(&ze, sizeof (ze));
387 388 (void) strlcpy(ze.zone_name, zonename, sizeof (ze.zone_name));
388 389 if ((err = putzoneent(&ze, PZE_REMOVE)) != Z_OK)
389 390 if (!force)
390 391 return (err);
391 392
392 393 err = zonecfg_destroy_impl(path);
393 394
394 395 /*
395 396 * Treat failure to find the XML file silently, since, well, it's
396 397 * gone, and with the index file cleaned up, we're done.
397 398 */
398 399 if (err == Z_OK || err == Z_NO_ZONE)
399 400 return (Z_OK);
400 401 return (err);
401 402 }
402 403
403 404 int
404 405 zonecfg_destroy_snapshot(const char *zonename)
405 406 {
406 407 char path[MAXPATHLEN];
407 408
408 409 if (!snap_file_path(zonename, path))
409 410 return (Z_MISC_FS);
410 411 return (zonecfg_destroy_impl(path));
411 412 }
412 413
413 414 static int
414 415 getroot(zone_dochandle_t handle, xmlNodePtr *root)
415 416 {
416 417 if (zonecfg_check_handle(handle) == Z_BAD_HANDLE)
417 418 return (Z_BAD_HANDLE);
418 419
419 420 *root = xmlDocGetRootElement(handle->zone_dh_doc);
420 421
421 422 if (*root == NULL)
422 423 return (Z_EMPTY_DOCUMENT);
423 424
424 425 if (xmlStrcmp((*root)->name, DTD_ELEM_ZONE))
425 426 return (Z_WRONG_DOC_TYPE);
426 427
427 428 return (Z_OK);
428 429 }
429 430
430 431 static int
431 432 operation_prep(zone_dochandle_t handle)
432 433 {
433 434 xmlNodePtr root;
434 435 int err;
435 436
436 437 if ((err = getroot(handle, &root)) != 0)
437 438 return (err);
438 439
439 440 handle->zone_dh_cur = root;
440 441 handle->zone_dh_top = root;
441 442 return (Z_OK);
442 443 }
443 444
444 445 static int
445 446 fetchprop(xmlNodePtr cur, const xmlChar *propname, char *dst, size_t dstsize)
446 447 {
447 448 xmlChar *property;
448 449 size_t srcsize;
449 450
450 451 if ((property = xmlGetProp(cur, propname)) == NULL)
451 452 return (Z_BAD_PROPERTY);
452 453 srcsize = strlcpy(dst, (char *)property, dstsize);
453 454 xmlFree(property);
454 455 if (srcsize >= dstsize)
455 456 return (Z_TOO_BIG);
456 457 return (Z_OK);
457 458 }
458 459
459 460 static int
460 461 fetch_alloc_prop(xmlNodePtr cur, const xmlChar *propname, char **dst)
461 462 {
462 463 xmlChar *property;
463 464
464 465 if ((property = xmlGetProp(cur, propname)) == NULL)
465 466 return (Z_BAD_PROPERTY);
466 467 if ((*dst = strdup((char *)property)) == NULL) {
467 468 xmlFree(property);
468 469 return (Z_NOMEM);
469 470 }
470 471 xmlFree(property);
471 472 return (Z_OK);
472 473 }
473 474
474 475 static int
475 476 getrootattr(zone_dochandle_t handle, const xmlChar *propname,
476 477 char *propval, size_t propsize)
477 478 {
478 479 xmlNodePtr root;
479 480 int err;
480 481
481 482 if ((err = getroot(handle, &root)) != 0)
482 483 return (err);
483 484
484 485 return (fetchprop(root, propname, propval, propsize));
485 486 }
486 487
487 488 static int
488 489 get_alloc_rootattr(zone_dochandle_t handle, const xmlChar *propname,
489 490 char **propval)
490 491 {
491 492 xmlNodePtr root;
492 493 int err;
493 494
494 495 if ((err = getroot(handle, &root)) != 0)
495 496 return (err);
496 497
497 498 return (fetch_alloc_prop(root, propname, propval));
498 499 }
499 500
500 501 static int
501 502 setrootattr(zone_dochandle_t handle, const xmlChar *propname,
502 503 const char *propval)
503 504 {
504 505 int err;
505 506 xmlNodePtr root;
506 507
507 508 if ((err = getroot(handle, &root)) != Z_OK)
508 509 return (err);
509 510
510 511 /*
511 512 * If we get a null propval remove the property (ignore return since it
512 513 * may not be set to begin with).
513 514 */
514 515 if (propval == NULL) {
515 516 (void) xmlUnsetProp(root, propname);
516 517 } else {
517 518 if (xmlSetProp(root, propname, (const xmlChar *) propval)
518 519 == NULL)
519 520 return (Z_INVAL);
520 521 }
521 522 return (Z_OK);
522 523 }
523 524
524 525 static void
525 526 addcomment(zone_dochandle_t handle, const char *comment)
526 527 {
527 528 xmlNodePtr node;
528 529 node = xmlNewComment((xmlChar *) comment);
529 530
530 531 if (node != NULL)
531 532 (void) xmlAddPrevSibling(handle->zone_dh_top, node);
532 533 }
533 534
534 535 static void
535 536 stripcomments(zone_dochandle_t handle)
536 537 {
537 538 xmlDocPtr top;
538 539 xmlNodePtr child, next;
539 540
540 541 top = handle->zone_dh_doc;
541 542 for (child = top->xmlChildrenNode; child != NULL; child = next) {
542 543 next = child->next;
543 544 if (child->name == NULL)
544 545 continue;
545 546 if (xmlStrcmp(child->name, DTD_ELEM_COMMENT) == 0) {
546 547 next = child->next;
547 548 xmlUnlinkNode(child);
548 549 xmlFreeNode(child);
549 550 }
550 551 }
551 552 }
552 553
553 554 static void
554 555 strip_sw_inv(zone_dochandle_t handle)
555 556 {
556 557 xmlNodePtr root, child, next;
557 558
558 559 root = xmlDocGetRootElement(handle->zone_dh_doc);
559 560 for (child = root->xmlChildrenNode; child != NULL; child = next) {
560 561 next = child->next;
561 562 if (child->name == NULL)
562 563 continue;
563 564 if (xmlStrcmp(child->name, DTD_ELEM_PACKAGE) == 0) {
564 565 next = child->next;
565 566 xmlUnlinkNode(child);
566 567 xmlFreeNode(child);
567 568 }
568 569 }
569 570 }
570 571
571 572 static int
572 573 zonecfg_get_handle_impl(const char *zonename, const char *filename,
573 574 zone_dochandle_t handle)
574 575 {
575 576 xmlValidCtxtPtr cvp;
576 577 struct stat statbuf;
577 578 int valid;
578 579
579 580 if (zonename == NULL)
580 581 return (Z_NO_ZONE);
581 582
582 583 if ((handle->zone_dh_doc = xmlParseFile(filename)) == NULL) {
583 584 /* distinguish file not found vs. found but not parsed */
584 585 if (stat(filename, &statbuf) == 0)
585 586 return (Z_INVALID_DOCUMENT);
586 587 return (Z_NO_ZONE);
587 588 }
588 589 if ((cvp = xmlNewValidCtxt()) == NULL)
589 590 return (Z_NOMEM);
590 591 cvp->error = zonecfg_error_func;
591 592 cvp->warning = zonecfg_error_func;
592 593 valid = xmlValidateDocument(cvp, handle->zone_dh_doc);
593 594 xmlFreeValidCtxt(cvp);
594 595 if (valid == 0)
595 596 return (Z_INVALID_DOCUMENT);
596 597
597 598 /* delete any comments such as inherited Sun copyright / ident str */
598 599 stripcomments(handle);
599 600 return (Z_OK);
600 601 }
601 602
602 603 int
603 604 zonecfg_get_handle(const char *zonename, zone_dochandle_t handle)
604 605 {
605 606 char path[MAXPATHLEN];
606 607
607 608 if (!config_file_path(zonename, path))
608 609 return (Z_MISC_FS);
609 610 handle->zone_dh_newzone = B_FALSE;
610 611
611 612 return (zonecfg_get_handle_impl(zonename, path, handle));
612 613 }
613 614
614 615 int
615 616 zonecfg_get_attach_handle(const char *path, const char *fname,
616 617 const char *zonename, boolean_t preserve_sw, zone_dochandle_t handle)
617 618 {
618 619 char migpath[MAXPATHLEN];
619 620 int err;
620 621 struct stat buf;
621 622
622 623 if (snprintf(migpath, sizeof (migpath), "%s/root", path) >=
623 624 sizeof (migpath))
624 625 return (Z_NOMEM);
625 626
626 627 if (stat(migpath, &buf) == -1 || !S_ISDIR(buf.st_mode))
627 628 return (Z_NO_ZONE);
628 629
629 630 if (snprintf(migpath, sizeof (migpath), "%s/%s", path, fname) >=
630 631 sizeof (migpath))
631 632 return (Z_NOMEM);
632 633
633 634 if ((err = zonecfg_get_handle_impl(zonename, migpath, handle)) != Z_OK)
634 635 return (err);
635 636
636 637 if (!preserve_sw)
637 638 strip_sw_inv(handle);
638 639
639 640 handle->zone_dh_newzone = B_TRUE;
640 641 if ((err = setrootattr(handle, DTD_ATTR_ZONEPATH, path)) != Z_OK)
641 642 return (err);
642 643
643 644 return (setrootattr(handle, DTD_ATTR_NAME, zonename));
644 645 }
645 646
646 647 int
647 648 zonecfg_get_snapshot_handle(const char *zonename, zone_dochandle_t handle)
648 649 {
649 650 char path[MAXPATHLEN];
650 651
651 652 if (!snap_file_path(zonename, path))
652 653 return (Z_MISC_FS);
653 654 handle->zone_dh_newzone = B_FALSE;
654 655 return (zonecfg_get_handle_impl(zonename, path, handle));
655 656 }
656 657
657 658 int
658 659 zonecfg_get_template_handle(const char *template, const char *zonename,
659 660 zone_dochandle_t handle)
660 661 {
661 662 char path[MAXPATHLEN];
662 663 int err;
663 664
664 665 if (!config_file_path(template, path))
665 666 return (Z_MISC_FS);
666 667
667 668 if ((err = zonecfg_get_handle_impl(template, path, handle)) != Z_OK)
668 669 return (err);
669 670 handle->zone_dh_newzone = B_TRUE;
670 671 return (setrootattr(handle, DTD_ATTR_NAME, zonename));
671 672 }
672 673
673 674 int
674 675 zonecfg_get_xml_handle(const char *path, zone_dochandle_t handle)
675 676 {
676 677 struct stat buf;
677 678 int err;
678 679
679 680 if (stat(path, &buf) == -1)
680 681 return (Z_MISC_FS);
681 682
682 683 if ((err = zonecfg_get_handle_impl("xml", path, handle)) != Z_OK)
683 684 return (err);
684 685 handle->zone_dh_newzone = B_TRUE;
685 686 return (Z_OK);
686 687 }
687 688
688 689 /*
689 690 * Initialize two handles from the manifest read on fd. The rem_handle
690 691 * is initialized from the input file, including the sw inventory. The
691 692 * local_handle is initialized with the same zone configuration but with
692 693 * no sw inventory.
693 694 */
694 695 int
695 696 zonecfg_attach_manifest(int fd, zone_dochandle_t local_handle,
696 697 zone_dochandle_t rem_handle)
697 698 {
698 699 xmlValidCtxtPtr cvp;
699 700 int valid;
700 701
701 702 /* load the manifest into the handle for the remote system */
702 703 if ((rem_handle->zone_dh_doc = xmlReadFd(fd, NULL, NULL, 0)) == NULL) {
703 704 return (Z_INVALID_DOCUMENT);
704 705 }
705 706 if ((cvp = xmlNewValidCtxt()) == NULL)
706 707 return (Z_NOMEM);
707 708 cvp->error = zonecfg_error_func;
708 709 cvp->warning = zonecfg_error_func;
709 710 valid = xmlValidateDocument(cvp, rem_handle->zone_dh_doc);
710 711 xmlFreeValidCtxt(cvp);
711 712 if (valid == 0)
712 713 return (Z_INVALID_DOCUMENT);
713 714
714 715 /* delete any comments such as inherited Sun copyright / ident str */
715 716 stripcomments(rem_handle);
716 717
717 718 rem_handle->zone_dh_newzone = B_TRUE;
718 719 rem_handle->zone_dh_sw_inv = B_TRUE;
719 720
720 721 /*
721 722 * Now use the remote system handle to generate a local system handle
722 723 * with an identical zones configuration but no sw inventory.
723 724 */
724 725 if ((local_handle->zone_dh_doc = xmlCopyDoc(rem_handle->zone_dh_doc,
725 726 1)) == NULL) {
726 727 return (Z_INVALID_DOCUMENT);
727 728 }
728 729
729 730 /*
730 731 * We need to re-run xmlValidateDocument on local_handle to properly
731 732 * update the in-core representation of the configuration.
732 733 */
733 734 if ((cvp = xmlNewValidCtxt()) == NULL)
734 735 return (Z_NOMEM);
735 736 cvp->error = zonecfg_error_func;
736 737 cvp->warning = zonecfg_error_func;
737 738 valid = xmlValidateDocument(cvp, local_handle->zone_dh_doc);
738 739 xmlFreeValidCtxt(cvp);
739 740 if (valid == 0)
740 741 return (Z_INVALID_DOCUMENT);
741 742
742 743 strip_sw_inv(local_handle);
743 744
744 745 local_handle->zone_dh_newzone = B_TRUE;
745 746 local_handle->zone_dh_sw_inv = B_FALSE;
746 747
747 748 return (Z_OK);
748 749 }
749 750
750 751 static boolean_t
751 752 is_renaming(zone_dochandle_t handle)
752 753 {
753 754 if (handle->zone_dh_newzone)
754 755 return (B_FALSE);
755 756 if (strlen(handle->zone_dh_delete_name) > 0)
756 757 return (B_TRUE);
757 758 return (B_FALSE);
758 759 }
759 760
760 761 static boolean_t
761 762 is_new(zone_dochandle_t handle)
762 763 {
763 764 return (handle->zone_dh_newzone || handle->zone_dh_snapshot);
764 765 }
765 766
766 767 static boolean_t
767 768 is_snapshot(zone_dochandle_t handle)
768 769 {
769 770 return (handle->zone_dh_snapshot);
770 771 }
771 772
772 773 /*
773 774 * It would be great to be able to use libc's ctype(3c) macros, but we
774 775 * can't, as they are locale sensitive, and it would break our limited thread
775 776 * safety if this routine had to change the app locale on the fly.
776 777 */
777 778 int
778 779 zonecfg_validate_zonename(const char *zone)
779 780 {
780 781 int i;
781 782
782 783 if (strcmp(zone, GLOBAL_ZONENAME) == 0)
783 784 return (Z_BOGUS_ZONE_NAME);
784 785
785 786 if (strlen(zone) >= ZONENAME_MAX)
786 787 return (Z_BOGUS_ZONE_NAME);
787 788
788 789 if (!((zone[0] >= 'a' && zone[0] <= 'z') ||
789 790 (zone[0] >= 'A' && zone[0] <= 'Z') ||
790 791 (zone[0] >= '0' && zone[0] <= '9')))
791 792 return (Z_BOGUS_ZONE_NAME);
792 793
793 794 for (i = 1; zone[i] != '\0'; i++) {
794 795 if (!((zone[i] >= 'a' && zone[i] <= 'z') ||
795 796 (zone[i] >= 'A' && zone[i] <= 'Z') ||
796 797 (zone[i] >= '0' && zone[i] <= '9') ||
797 798 (zone[i] == '-') || (zone[i] == '_') || (zone[i] == '.')))
798 799 return (Z_BOGUS_ZONE_NAME);
799 800 }
800 801
801 802 return (Z_OK);
802 803 }
803 804
804 805 /*
805 806 * Changing the zone name requires us to track both the old and new
806 807 * name of the zone until commit time.
807 808 */
808 809 int
809 810 zonecfg_get_name(zone_dochandle_t handle, char *name, size_t namesize)
810 811 {
811 812 return (getrootattr(handle, DTD_ATTR_NAME, name, namesize));
812 813 }
813 814
814 815 static int
815 816 insert_admins(zone_dochandle_t handle, char *zonename)
816 817 {
817 818 int err;
818 819 struct zone_admintab admintab;
819 820
820 821 if ((err = zonecfg_setadminent(handle)) != Z_OK) {
821 822 return (err);
822 823 }
823 824 while (zonecfg_getadminent(handle, &admintab) == Z_OK) {
824 825 err = zonecfg_insert_userauths(handle,
825 826 admintab.zone_admin_user, zonename);
826 827 if (err != Z_OK) {
827 828 (void) zonecfg_endadminent(handle);
828 829 return (err);
829 830 }
830 831 }
831 832 (void) zonecfg_endadminent(handle);
832 833 return (Z_OK);
833 834 }
834 835
835 836 int
836 837 zonecfg_set_name(zone_dochandle_t handle, char *name)
837 838 {
838 839 zone_state_t state;
839 840 char curname[ZONENAME_MAX], old_delname[ZONENAME_MAX];
840 841 int err;
841 842
842 843 if ((err = getrootattr(handle, DTD_ATTR_NAME, curname,
843 844 sizeof (curname))) != Z_OK)
844 845 return (err);
845 846
846 847 if (strcmp(name, curname) == 0)
847 848 return (Z_OK);
848 849
849 850 /*
850 851 * Switching zone names to one beginning with SUNW is not permitted.
851 852 */
852 853 if (strncmp(name, "SUNW", 4) == 0)
853 854 return (Z_BOGUS_ZONE_NAME);
854 855
855 856 if ((err = zonecfg_validate_zonename(name)) != Z_OK)
856 857 return (err);
857 858
858 859 /*
859 860 * Setting the name back to the original name (effectively a revert of
860 861 * the name) is fine. But if we carry on, we'll falsely identify the
861 862 * name as "in use," so special case here.
862 863 */
863 864 if (strcmp(name, handle->zone_dh_delete_name) == 0) {
864 865 err = setrootattr(handle, DTD_ATTR_NAME, name);
865 866 handle->zone_dh_delete_name[0] = '\0';
866 867 return (err);
867 868 }
868 869
869 870 /* Check to see if new name chosen is already in use */
870 871 if (zone_get_state(name, &state) != Z_NO_ZONE)
871 872 return (Z_NAME_IN_USE);
872 873
873 874 /*
874 875 * If this isn't already "new" or in a renaming transition, then
875 876 * we're initiating a rename here; so stash the "delete name"
876 877 * (i.e. the name of the zone we'll be removing) for the rename.
877 878 */
878 879 (void) strlcpy(old_delname, handle->zone_dh_delete_name,
879 880 sizeof (old_delname));
880 881 if (!is_new(handle) && !is_renaming(handle)) {
881 882 /*
882 883 * Name change is allowed only when the zone we're altering
883 884 * is not ready or running.
884 885 */
885 886 err = zone_get_state(curname, &state);
886 887 if (err == Z_OK) {
887 888 if (state > ZONE_STATE_INSTALLED)
888 889 return (Z_BAD_ZONE_STATE);
889 890 } else if (err != Z_NO_ZONE) {
890 891 return (err);
891 892 }
892 893
893 894 (void) strlcpy(handle->zone_dh_delete_name, curname,
894 895 sizeof (handle->zone_dh_delete_name));
895 896 assert(is_renaming(handle));
896 897 } else if (is_renaming(handle)) {
897 898 err = zone_get_state(handle->zone_dh_delete_name, &state);
898 899 if (err == Z_OK) {
899 900 if (state > ZONE_STATE_INSTALLED)
900 901 return (Z_BAD_ZONE_STATE);
901 902 } else if (err != Z_NO_ZONE) {
902 903 return (err);
903 904 }
904 905 }
905 906
906 907 if ((err = setrootattr(handle, DTD_ATTR_NAME, name)) != Z_OK) {
907 908 /*
908 909 * Restore the deletename to whatever it was at the
909 910 * top of the routine, since we've had a failure.
910 911 */
911 912 (void) strlcpy(handle->zone_dh_delete_name, old_delname,
912 913 sizeof (handle->zone_dh_delete_name));
913 914 return (err);
914 915 }
915 916
916 917 /*
917 918 * Record the old admins from the old zonename
918 919 * so that they can be deleted when the operation is committed.
919 920 */
920 921 if ((err = insert_admins(handle, curname)) != Z_OK)
921 922 return (err);
922 923 else
923 924 return (Z_OK);
924 925 }
925 926
926 927 int
927 928 zonecfg_get_zonepath(zone_dochandle_t handle, char *path, size_t pathsize)
928 929 {
929 930 size_t len;
930 931
931 932 if ((len = strlcpy(path, zonecfg_root, pathsize)) >= pathsize)
932 933 return (Z_TOO_BIG);
933 934 return (getrootattr(handle, DTD_ATTR_ZONEPATH, path + len,
934 935 pathsize - len));
935 936 }
936 937
937 938 int
938 939 zonecfg_set_zonepath(zone_dochandle_t handle, char *zonepath)
939 940 {
940 941 size_t len;
941 942 char *modpath, *copy_mp, *curr_mp; /* modified path ptrs */
942 943 char last_copied;
943 944 int ret;
944 945
945 946 /*
946 947 * Collapse multiple contiguous slashes and remove trailing slash.
947 948 */
948 949 modpath = strdup(zonepath);
949 950 if (modpath == NULL)
950 951 return (Z_NOMEM);
951 952 last_copied = '\0';
952 953 for (copy_mp = curr_mp = modpath; *curr_mp != '\0'; curr_mp++) {
953 954 if (*curr_mp != '/' || last_copied != '/') {
954 955 last_copied = *copy_mp = *curr_mp;
955 956 copy_mp++;
956 957 }
957 958 }
958 959 if (last_copied == '/')
959 960 copy_mp--;
960 961 *copy_mp = '\0';
961 962
962 963 /*
963 964 * The user deals in absolute paths in the running global zone, but the
964 965 * internal configuration files deal with boot environment relative
965 966 * paths. Strip out the alternate root when specified.
966 967 */
967 968 len = strlen(zonecfg_root);
968 969 if (strncmp(modpath, zonecfg_root, len) != 0 || modpath[len] != '/') {
969 970 free(modpath);
970 971 return (Z_BAD_PROPERTY);
971 972 }
972 973 curr_mp = modpath + len;
973 974 ret = setrootattr(handle, DTD_ATTR_ZONEPATH, curr_mp);
974 975 free(modpath);
975 976 return (ret);
976 977 }
977 978
978 979 static int
979 980 i_zonecfg_get_brand(zone_dochandle_t handle, char *brand, size_t brandsize,
980 981 boolean_t default_query)
981 982 {
982 983 int ret, sz;
983 984
984 985 ret = getrootattr(handle, DTD_ATTR_BRAND, brand, brandsize);
985 986
986 987 /*
987 988 * If the lookup failed, or succeeded in finding a non-null brand
988 989 * string then return.
989 990 */
990 991 if (ret != Z_OK || brand[0] != '\0')
991 992 return (ret);
992 993
993 994 if (!default_query) {
994 995 /* If the zone has no brand, it is the default brand. */
995 996 return (zonecfg_default_brand(brand, brandsize));
996 997 }
997 998
998 999 /* if SUNWdefault didn't specify a brand, fallback to "native" */
999 1000 sz = strlcpy(brand, NATIVE_BRAND_NAME, brandsize);
1000 1001 if (sz >= brandsize)
1001 1002 return (Z_TOO_BIG);
1002 1003 return (Z_OK);
1003 1004 }
1004 1005
1005 1006 int
1006 1007 zonecfg_get_brand(zone_dochandle_t handle, char *brand, size_t brandsize)
1007 1008 {
1008 1009 return (i_zonecfg_get_brand(handle, brand, brandsize, B_FALSE));
1009 1010 }
1010 1011
1011 1012 int
1012 1013 zonecfg_set_brand(zone_dochandle_t handle, char *brand)
1013 1014 {
1014 1015 return (setrootattr(handle, DTD_ATTR_BRAND, brand));
1015 1016 }
1016 1017
1017 1018 int
1018 1019 zonecfg_get_autoboot(zone_dochandle_t handle, boolean_t *autoboot)
1019 1020 {
1020 1021 char autobootstr[DTD_ENTITY_BOOL_LEN];
1021 1022 int ret;
1022 1023
1023 1024 if ((ret = getrootattr(handle, DTD_ATTR_AUTOBOOT, autobootstr,
1024 1025 sizeof (autobootstr))) != Z_OK)
1025 1026 return (ret);
1026 1027
1027 1028 if (strcmp(autobootstr, DTD_ENTITY_TRUE) == 0)
1028 1029 *autoboot = B_TRUE;
1029 1030 else if (strcmp(autobootstr, DTD_ENTITY_FALSE) == 0)
1030 1031 *autoboot = B_FALSE;
1031 1032 else
1032 1033 ret = Z_BAD_PROPERTY;
1033 1034 return (ret);
1034 1035 }
1035 1036
1036 1037 int
1037 1038 zonecfg_set_autoboot(zone_dochandle_t handle, boolean_t autoboot)
1038 1039 {
1039 1040 return (setrootattr(handle, DTD_ATTR_AUTOBOOT,
1040 1041 autoboot ? DTD_ENTITY_TRUE : DTD_ENTITY_FALSE));
1041 1042 }
1042 1043
1043 1044 int
1044 1045 zonecfg_get_pool(zone_dochandle_t handle, char *pool, size_t poolsize)
1045 1046 {
1046 1047 return (getrootattr(handle, DTD_ATTR_POOL, pool, poolsize));
1047 1048 }
1048 1049
1049 1050 int
1050 1051 zonecfg_set_pool(zone_dochandle_t handle, char *pool)
1051 1052 {
1052 1053 return (setrootattr(handle, DTD_ATTR_POOL, pool));
1053 1054 }
1054 1055
1055 1056 int
1056 1057 zonecfg_get_limitpriv(zone_dochandle_t handle, char **limitpriv)
1057 1058 {
1058 1059 return (get_alloc_rootattr(handle, DTD_ATTR_LIMITPRIV, limitpriv));
1059 1060 }
1060 1061
1061 1062 int
1062 1063 zonecfg_set_limitpriv(zone_dochandle_t handle, char *limitpriv)
1063 1064 {
1064 1065 return (setrootattr(handle, DTD_ATTR_LIMITPRIV, limitpriv));
1065 1066 }
1066 1067
1067 1068 int
1068 1069 zonecfg_get_bootargs(zone_dochandle_t handle, char *bargs, size_t bargssize)
1069 1070 {
1070 1071 return (getrootattr(handle, DTD_ATTR_BOOTARGS, bargs, bargssize));
1071 1072 }
1072 1073
1073 1074 int
1074 1075 zonecfg_set_bootargs(zone_dochandle_t handle, char *bargs)
1075 1076 {
1076 1077 return (setrootattr(handle, DTD_ATTR_BOOTARGS, bargs));
1077 1078 }
1078 1079
1079 1080 int
1080 1081 zonecfg_get_sched_class(zone_dochandle_t handle, char *sched, size_t schedsize)
1081 1082 {
1082 1083 return (getrootattr(handle, DTD_ATTR_SCHED, sched, schedsize));
1083 1084 }
1084 1085
1085 1086 int
1086 1087 zonecfg_set_sched(zone_dochandle_t handle, char *sched)
1087 1088 {
1088 1089 return (setrootattr(handle, DTD_ATTR_SCHED, sched));
1089 1090 }
1090 1091
1091 1092 /*
1092 1093 * /etc/zones/index caches a vital piece of information which is also
1093 1094 * in the <zonename>.xml file: the path to the zone. This is for performance,
1094 1095 * since we need to walk all zonepath's in order to be able to detect conflicts
1095 1096 * (see crosscheck_zonepaths() in the zoneadm command).
1096 1097 *
1097 1098 * An additional complexity is that when doing a rename, we'd like the entire
1098 1099 * index update operation (rename, and potential state changes) to be atomic.
1099 1100 * In general, the operation of this function should succeed or fail as
1100 1101 * a unit.
1101 1102 */
1102 1103 int
1103 1104 zonecfg_refresh_index_file(zone_dochandle_t handle)
1104 1105 {
1105 1106 char name[ZONENAME_MAX], zonepath[MAXPATHLEN];
1106 1107 struct zoneent ze;
1107 1108 int err;
1108 1109 int opcode;
1109 1110 char *zn;
1110 1111
1111 1112 bzero(&ze, sizeof (ze));
1112 1113 ze.zone_state = -1; /* Preserve existing state in index */
1113 1114
1114 1115 if ((err = zonecfg_get_name(handle, name, sizeof (name))) != Z_OK)
1115 1116 return (err);
1116 1117 (void) strlcpy(ze.zone_name, name, sizeof (ze.zone_name));
1117 1118
1118 1119 if ((err = zonecfg_get_zonepath(handle, zonepath,
1119 1120 sizeof (zonepath))) != Z_OK)
1120 1121 return (err);
1121 1122 (void) strlcpy(ze.zone_path, zonepath + strlen(zonecfg_root),
1122 1123 sizeof (ze.zone_path));
1123 1124
1124 1125 if (is_renaming(handle)) {
1125 1126 opcode = PZE_MODIFY;
1126 1127 (void) strlcpy(ze.zone_name, handle->zone_dh_delete_name,
1127 1128 sizeof (ze.zone_name));
1128 1129 (void) strlcpy(ze.zone_newname, name, sizeof (ze.zone_newname));
1129 1130 } else if (is_new(handle)) {
1130 1131 FILE *cookie;
1131 1132 /*
1132 1133 * Be tolerant of the zone already existing in the index file,
1133 1134 * since we might be forcibly overwriting an existing
1134 1135 * configuration with a new one (for example 'create -F'
1135 1136 * in zonecfg).
1136 1137 */
1137 1138 opcode = PZE_ADD;
1138 1139 cookie = setzoneent();
1139 1140 while ((zn = getzoneent(cookie)) != NULL) {
1140 1141 if (strcmp(zn, name) == 0) {
1141 1142 opcode = PZE_MODIFY;
1142 1143 free(zn);
1143 1144 break;
1144 1145 }
1145 1146 free(zn);
1146 1147 }
1147 1148 endzoneent(cookie);
1148 1149 ze.zone_state = ZONE_STATE_CONFIGURED;
1149 1150 } else {
1150 1151 opcode = PZE_MODIFY;
1151 1152 }
1152 1153
1153 1154 if ((err = putzoneent(&ze, opcode)) != Z_OK)
1154 1155 return (err);
1155 1156
1156 1157 return (Z_OK);
1157 1158 }
1158 1159
1159 1160 /*
1160 1161 * The goal of this routine is to cause the index file update and the
1161 1162 * document save to happen as an atomic operation. We do the document
1162 1163 * first, saving a backup copy using a hard link; if that succeeds, we go
1163 1164 * on to the index. If that fails, we roll the document back into place.
1164 1165 *
1165 1166 * Strategy:
1166 1167 *
1167 1168 * New zone 'foo' configuration:
1168 1169 * Create tmpfile (zonecfg.xxxxxx)
1169 1170 * Write XML to tmpfile
1170 1171 * Rename tmpfile to xmlfile (zonecfg.xxxxxx -> foo.xml)
1171 1172 * Add entry to index file
1172 1173 * If it fails, delete foo.xml, leaving nothing behind.
1173 1174 *
1174 1175 * Save existing zone 'foo':
1175 1176 * Make backup of foo.xml -> .backup
1176 1177 * Create tmpfile (zonecfg.xxxxxx)
1177 1178 * Write XML to tmpfile
1178 1179 * Rename tmpfile to xmlfile (zonecfg.xxxxxx -> foo.xml)
1179 1180 * Modify index file as needed
1180 1181 * If it fails, recover from .backup -> foo.xml
1181 1182 *
1182 1183 * Rename 'foo' to 'bar':
1183 1184 * Create tmpfile (zonecfg.xxxxxx)
1184 1185 * Write XML to tmpfile
1185 1186 * Rename tmpfile to xmlfile (zonecfg.xxxxxx -> bar.xml)
1186 1187 * Add entry for 'bar' to index file, Remove entry for 'foo' (refresh)
1187 1188 * If it fails, delete bar.xml; foo.xml is left behind.
1188 1189 */
1189 1190 static int
1190 1191 zonecfg_save_impl(zone_dochandle_t handle, char *filename)
1191 1192 {
1192 1193 char tmpfile[MAXPATHLEN];
1193 1194 char bakdir[MAXPATHLEN], bakbase[MAXPATHLEN], bakfile[MAXPATHLEN];
1194 1195 int tmpfd, err, valid;
1195 1196 xmlValidCtxt cvp = { NULL };
1196 1197 boolean_t backup;
1197 1198
1198 1199 (void) strlcpy(tmpfile, filename, sizeof (tmpfile));
1199 1200 (void) dirname(tmpfile);
1200 1201 (void) strlcat(tmpfile, _PATH_TMPFILE, sizeof (tmpfile));
1201 1202
1202 1203 tmpfd = mkstemp(tmpfile);
1203 1204 if (tmpfd == -1) {
1204 1205 (void) unlink(tmpfile);
1205 1206 return (Z_TEMP_FILE);
1206 1207 }
1207 1208 (void) close(tmpfd);
1208 1209
1209 1210 cvp.error = zonecfg_error_func;
1210 1211 cvp.warning = zonecfg_error_func;
1211 1212
1212 1213 /*
1213 1214 * We do a final validation of the document. Since the library has
1214 1215 * malfunctioned if it fails to validate, we follow-up with an
1215 1216 * assert() that the doc is valid.
1216 1217 */
1217 1218 valid = xmlValidateDocument(&cvp, handle->zone_dh_doc);
1218 1219 assert(valid != 0);
1219 1220
1220 1221 if (xmlSaveFormatFile(tmpfile, handle->zone_dh_doc, 1) <= 0)
1221 1222 goto err;
1222 1223
1223 1224 (void) chmod(tmpfile, 0644);
1224 1225
1225 1226 /*
1226 1227 * In the event we are doing a standard save, hard link a copy of the
1227 1228 * original file in .backup.<pid>.filename so we can restore it if
1228 1229 * something goes wrong.
1229 1230 */
1230 1231 if (!is_new(handle) && !is_renaming(handle)) {
1231 1232 backup = B_TRUE;
1232 1233
1233 1234 (void) strlcpy(bakdir, filename, sizeof (bakdir));
1234 1235 (void) strlcpy(bakbase, filename, sizeof (bakbase));
1235 1236 (void) snprintf(bakfile, sizeof (bakfile), "%s/.backup.%d.%s",
1236 1237 dirname(bakdir), getpid(), basename(bakbase));
1237 1238
1238 1239 if (link(filename, bakfile) == -1) {
1239 1240 err = errno;
1240 1241 (void) unlink(tmpfile);
1241 1242 if (errno == EACCES)
1242 1243 return (Z_ACCES);
1243 1244 return (Z_MISC_FS);
1244 1245 }
1245 1246 }
1246 1247
1247 1248 /*
1248 1249 * Move the new document over top of the old.
1249 1250 * i.e.: zonecfg.XXXXXX -> myzone.xml
1250 1251 */
1251 1252 if (rename(tmpfile, filename) == -1) {
1252 1253 err = errno;
1253 1254 (void) unlink(tmpfile);
1254 1255 if (backup)
1255 1256 (void) unlink(bakfile);
1256 1257 if (err == EACCES)
1257 1258 return (Z_ACCES);
1258 1259 return (Z_MISC_FS);
1259 1260 }
1260 1261
1261 1262 /*
1262 1263 * If this is a snapshot, we're done-- don't add an index entry.
1263 1264 */
1264 1265 if (is_snapshot(handle))
1265 1266 return (Z_OK);
1266 1267
1267 1268 /* now update the index file to reflect whatever we just did */
1268 1269 if ((err = zonecfg_refresh_index_file(handle)) != Z_OK) {
1269 1270 if (backup) {
1270 1271 /*
1271 1272 * Try to restore from our backup.
1272 1273 */
1273 1274 (void) unlink(filename);
1274 1275 (void) rename(bakfile, filename);
1275 1276 } else {
1276 1277 /*
1277 1278 * Either the zone is new, in which case we can delete
1278 1279 * new.xml, or we're doing a rename, so ditto.
1279 1280 */
1280 1281 assert(is_new(handle) || is_renaming(handle));
1281 1282 (void) unlink(filename);
1282 1283 }
1283 1284 return (Z_UPDATING_INDEX);
1284 1285 }
1285 1286
1286 1287 if (backup)
1287 1288 (void) unlink(bakfile);
1288 1289
1289 1290 return (Z_OK);
1290 1291
1291 1292 err:
1292 1293 (void) unlink(tmpfile);
1293 1294 return (Z_SAVING_FILE);
1294 1295 }
1295 1296
1296 1297 int
1297 1298 zonecfg_save(zone_dochandle_t handle)
1298 1299 {
1299 1300 char zname[ZONENAME_MAX], path[MAXPATHLEN];
1300 1301 char delpath[MAXPATHLEN];
1301 1302 int err = Z_SAVING_FILE;
1302 1303
1303 1304 if (zonecfg_check_handle(handle) != Z_OK)
1304 1305 return (Z_BAD_HANDLE);
1305 1306
1306 1307 /*
1307 1308 * We don't support saving snapshots or a tree containing a sw
1308 1309 * inventory at this time.
1309 1310 */
1310 1311 if (handle->zone_dh_snapshot || handle->zone_dh_sw_inv)
1311 1312 return (Z_INVAL);
1312 1313
1313 1314 if ((err = zonecfg_get_name(handle, zname, sizeof (zname))) != Z_OK)
1314 1315 return (err);
1315 1316
1316 1317 if (!config_file_path(zname, path))
1317 1318 return (Z_MISC_FS);
1318 1319
1319 1320 addcomment(handle, "\n DO NOT EDIT THIS "
1320 1321 "FILE. Use zonecfg(1M) instead.\n");
1321 1322
1322 1323 /*
1323 1324 * Update user_attr first so that it will be older
1324 1325 * than the config file.
1325 1326 */
1326 1327 (void) zonecfg_authorize_users(handle, zname);
1327 1328 err = zonecfg_save_impl(handle, path);
1328 1329
1329 1330 stripcomments(handle);
1330 1331
1331 1332 if (err != Z_OK)
1332 1333 return (err);
1333 1334
1334 1335 handle->zone_dh_newzone = B_FALSE;
1335 1336
1336 1337 if (is_renaming(handle)) {
1337 1338 if (config_file_path(handle->zone_dh_delete_name, delpath))
1338 1339 (void) unlink(delpath);
1339 1340 handle->zone_dh_delete_name[0] = '\0';
1340 1341 }
1341 1342
1342 1343 return (Z_OK);
1343 1344 }
1344 1345
1345 1346 int
1346 1347 zonecfg_verify_save(zone_dochandle_t handle, char *filename)
1347 1348 {
1348 1349 int valid;
1349 1350
1350 1351 xmlValidCtxt cvp = { NULL };
1351 1352
1352 1353 if (zonecfg_check_handle(handle) != Z_OK)
1353 1354 return (Z_BAD_HANDLE);
1354 1355
1355 1356 cvp.error = zonecfg_error_func;
1356 1357 cvp.warning = zonecfg_error_func;
1357 1358
1358 1359 /*
1359 1360 * We do a final validation of the document. Since the library has
1360 1361 * malfunctioned if it fails to validate, we follow-up with an
1361 1362 * assert() that the doc is valid.
1362 1363 */
1363 1364 valid = xmlValidateDocument(&cvp, handle->zone_dh_doc);
1364 1365 assert(valid != 0);
1365 1366
1366 1367 if (xmlSaveFormatFile(filename, handle->zone_dh_doc, 1) <= 0)
1367 1368 return (Z_SAVING_FILE);
1368 1369
1369 1370 return (Z_OK);
1370 1371 }
1371 1372
1372 1373 int
1373 1374 zonecfg_detach_save(zone_dochandle_t handle, uint_t flags)
1374 1375 {
1375 1376 char zname[ZONENAME_MAX];
1376 1377 char path[MAXPATHLEN];
1377 1378 char migpath[MAXPATHLEN];
1378 1379 xmlValidCtxt cvp = { NULL };
1379 1380 int err = Z_SAVING_FILE;
1380 1381 int valid;
1381 1382
1382 1383 if (zonecfg_check_handle(handle) != Z_OK)
1383 1384 return (Z_BAD_HANDLE);
1384 1385
1385 1386 if (flags & ZONE_DRY_RUN) {
1386 1387 (void) strlcpy(migpath, "-", sizeof (migpath));
1387 1388 } else {
1388 1389 if ((err = zonecfg_get_name(handle, zname, sizeof (zname)))
1389 1390 != Z_OK)
1390 1391 return (err);
1391 1392
1392 1393 if ((err = zone_get_zonepath(zname, path, sizeof (path)))
1393 1394 != Z_OK)
1394 1395 return (err);
1395 1396
1396 1397 if (snprintf(migpath, sizeof (migpath), "%s/%s", path,
1397 1398 ZONE_DETACHED) >= sizeof (migpath))
1398 1399 return (Z_NOMEM);
1399 1400 }
1400 1401
1401 1402 if ((err = operation_prep(handle)) != Z_OK)
1402 1403 return (err);
1403 1404
1404 1405 addcomment(handle, "\n DO NOT EDIT THIS FILE. "
1405 1406 "Use zonecfg(1M) and zoneadm(1M) attach.\n");
1406 1407
1407 1408 cvp.error = zonecfg_error_func;
1408 1409 cvp.warning = zonecfg_error_func;
1409 1410
1410 1411 /*
1411 1412 * We do a final validation of the document. Since the library has
1412 1413 * malfunctioned if it fails to validate, we follow-up with an
1413 1414 * assert() that the doc is valid.
1414 1415 */
1415 1416 valid = xmlValidateDocument(&cvp, handle->zone_dh_doc);
1416 1417 assert(valid != 0);
1417 1418
1418 1419 if (xmlSaveFormatFile(migpath, handle->zone_dh_doc, 1) <= 0)
1419 1420 return (Z_SAVING_FILE);
1420 1421
1421 1422 if (!(flags & ZONE_DRY_RUN))
1422 1423 (void) chmod(migpath, 0644);
1423 1424
1424 1425 stripcomments(handle);
1425 1426
1426 1427 handle->zone_dh_newzone = B_FALSE;
1427 1428
1428 1429 return (Z_OK);
1429 1430 }
1430 1431
1431 1432 boolean_t
1432 1433 zonecfg_detached(const char *path)
1433 1434 {
1434 1435 char migpath[MAXPATHLEN];
1435 1436 struct stat buf;
1436 1437
1437 1438 if (snprintf(migpath, sizeof (migpath), "%s/%s", path, ZONE_DETACHED) >=
1438 1439 sizeof (migpath))
1439 1440 return (B_FALSE);
1440 1441
1441 1442 if (stat(migpath, &buf) != -1)
1442 1443 return (B_TRUE);
1443 1444
1444 1445 return (B_FALSE);
1445 1446 }
1446 1447
1447 1448 void
1448 1449 zonecfg_rm_detached(zone_dochandle_t handle, boolean_t forced)
1449 1450 {
1450 1451 char zname[ZONENAME_MAX];
1451 1452 char path[MAXPATHLEN];
1452 1453 char detached[MAXPATHLEN];
1453 1454 char attached[MAXPATHLEN];
1454 1455
1455 1456 if (zonecfg_check_handle(handle) != Z_OK)
1456 1457 return;
1457 1458
1458 1459 if (zonecfg_get_name(handle, zname, sizeof (zname)) != Z_OK)
1459 1460 return;
1460 1461
1461 1462 if (zone_get_zonepath(zname, path, sizeof (path)) != Z_OK)
1462 1463 return;
1463 1464
1464 1465 (void) snprintf(detached, sizeof (detached), "%s/%s", path,
1465 1466 ZONE_DETACHED);
1466 1467 (void) snprintf(attached, sizeof (attached), "%s/%s", path,
1467 1468 ATTACH_FORCED);
1468 1469
1469 1470 if (forced) {
1470 1471 (void) rename(detached, attached);
1471 1472 } else {
1472 1473 (void) unlink(attached);
1473 1474 (void) unlink(detached);
1474 1475 }
1475 1476 }
1476 1477
1477 1478 /*
1478 1479 * Special case: if access(2) fails with ENOENT, then try again using
1479 1480 * ZONE_CONFIG_ROOT instead of config_file_path(zonename). This is how we
1480 1481 * work around the case of a config file which has not been created yet:
1481 1482 * the user will need access to the directory so use that as a heuristic.
1482 1483 */
1483 1484
1484 1485 int
1485 1486 zonecfg_access(const char *zonename, int amode)
1486 1487 {
1487 1488 char path[MAXPATHLEN];
1488 1489
1489 1490 if (!config_file_path(zonename, path))
1490 1491 return (Z_INVAL);
1491 1492 if (access(path, amode) == 0)
1492 1493 return (Z_OK);
1493 1494 if (errno == ENOENT) {
1494 1495 if (snprintf(path, sizeof (path), "%s%s", zonecfg_root,
1495 1496 ZONE_CONFIG_ROOT) >= sizeof (path))
1496 1497 return (Z_INVAL);
1497 1498 if (access(path, amode) == 0)
1498 1499 return (Z_OK);
1499 1500 }
1500 1501 if (errno == EACCES)
1501 1502 return (Z_ACCES);
1502 1503 if (errno == EINVAL)
1503 1504 return (Z_INVAL);
1504 1505 return (Z_MISC_FS);
1505 1506 }
1506 1507
1507 1508 int
1508 1509 zonecfg_create_snapshot(const char *zonename)
1509 1510 {
1510 1511 zone_dochandle_t handle;
1511 1512 char path[MAXPATHLEN], zonepath[MAXPATHLEN], rpath[MAXPATHLEN];
1512 1513 int error = Z_OK, res;
1513 1514
1514 1515 if ((handle = zonecfg_init_handle()) == NULL) {
1515 1516 return (Z_NOMEM);
1516 1517 }
1517 1518
1518 1519 handle->zone_dh_newzone = B_TRUE;
1519 1520 handle->zone_dh_snapshot = B_TRUE;
1520 1521
1521 1522 if ((error = zonecfg_get_handle(zonename, handle)) != Z_OK)
1522 1523 goto out;
1523 1524 if ((error = operation_prep(handle)) != Z_OK)
1524 1525 goto out;
1525 1526 error = zonecfg_get_zonepath(handle, zonepath, sizeof (zonepath));
1526 1527 if (error != Z_OK)
1527 1528 goto out;
1528 1529 if ((res = resolvepath(zonepath, rpath, sizeof (rpath))) == -1) {
1529 1530 error = Z_RESOLVED_PATH;
1530 1531 goto out;
1531 1532 }
1532 1533 /*
1533 1534 * If the resolved path is not the same as the original path, then
1534 1535 * save the resolved path in the snapshot, thus preventing any
1535 1536 * potential problems down the line when zoneadmd goes to unmount
1536 1537 * file systems and depends on initial string matches with resolved
1537 1538 * paths.
1538 1539 */
1539 1540 rpath[res] = '\0';
1540 1541 if (strcmp(zonepath, rpath) != 0) {
1541 1542 if ((error = zonecfg_set_zonepath(handle, rpath)) != Z_OK)
1542 1543 goto out;
1543 1544 }
1544 1545 if (snprintf(path, sizeof (path), "%s%s", zonecfg_root,
1545 1546 ZONE_SNAPSHOT_ROOT) >= sizeof (path)) {
1546 1547 error = Z_MISC_FS;
1547 1548 goto out;
1548 1549 }
1549 1550 if ((mkdir(path, S_IRWXU) == -1) && (errno != EEXIST)) {
1550 1551 error = Z_MISC_FS;
1551 1552 goto out;
1552 1553 }
1553 1554
1554 1555 if (!snap_file_path(zonename, path)) {
1555 1556 error = Z_MISC_FS;
1556 1557 goto out;
1557 1558 }
1558 1559
1559 1560 addcomment(handle, "\n DO NOT EDIT THIS FILE. "
1560 1561 "It is a snapshot of running zone state.\n");
1561 1562
1562 1563 error = zonecfg_save_impl(handle, path);
1563 1564
1564 1565 stripcomments(handle);
1565 1566
1566 1567 out:
1567 1568 zonecfg_fini_handle(handle);
1568 1569 return (error);
1569 1570 }
1570 1571
1571 1572 int
1572 1573 zonecfg_get_iptype(zone_dochandle_t handle, zone_iptype_t *iptypep)
1573 1574 {
1574 1575 char property[10]; /* 10 is big enough for "shared"/"exclusive" */
1575 1576 int err;
1576 1577
1577 1578 err = getrootattr(handle, DTD_ATTR_IPTYPE, property, sizeof (property));
1578 1579 if (err == Z_BAD_PROPERTY) {
1579 1580 /* Return default value */
1580 1581 *iptypep = ZS_SHARED;
1581 1582 return (Z_OK);
1582 1583 } else if (err != Z_OK) {
1583 1584 return (err);
1584 1585 }
1585 1586
1586 1587 if (strlen(property) == 0 ||
1587 1588 strcmp(property, "shared") == 0)
1588 1589 *iptypep = ZS_SHARED;
1589 1590 else if (strcmp(property, "exclusive") == 0)
1590 1591 *iptypep = ZS_EXCLUSIVE;
1591 1592 else
1592 1593 return (Z_INVAL);
1593 1594
1594 1595 return (Z_OK);
1595 1596 }
1596 1597
1597 1598 int
1598 1599 zonecfg_set_iptype(zone_dochandle_t handle, zone_iptype_t iptype)
1599 1600 {
1600 1601 xmlNodePtr cur;
1601 1602
1602 1603 if (handle == NULL)
1603 1604 return (Z_INVAL);
1604 1605
1605 1606 cur = xmlDocGetRootElement(handle->zone_dh_doc);
1606 1607 if (cur == NULL) {
1607 1608 return (Z_EMPTY_DOCUMENT);
1608 1609 }
1609 1610
1610 1611 if (xmlStrcmp(cur->name, DTD_ELEM_ZONE) != 0) {
1611 1612 return (Z_WRONG_DOC_TYPE);
1612 1613 }
1613 1614 switch (iptype) {
1614 1615 case ZS_SHARED:
1615 1616 /*
1616 1617 * Since "shared" is the default, we don't write it to the
1617 1618 * configuration file, so that it's easier to migrate those
1618 1619 * zones elsewhere, eg., to systems which are not IP-Instances
1619 1620 * aware.
1620 1621 * xmlUnsetProp only fails when the attribute doesn't exist,
1621 1622 * which we don't care.
1622 1623 */
1623 1624 (void) xmlUnsetProp(cur, DTD_ATTR_IPTYPE);
1624 1625 break;
1625 1626 case ZS_EXCLUSIVE:
1626 1627 if (xmlSetProp(cur, DTD_ATTR_IPTYPE,
1627 1628 (const xmlChar *) "exclusive") == NULL)
1628 1629 return (Z_INVAL);
1629 1630 break;
1630 1631 }
1631 1632 return (Z_OK);
1632 1633 }
1633 1634
1634 1635 static int
1635 1636 newprop(xmlNodePtr node, const xmlChar *attrname, char *src)
1636 1637 {
1637 1638 xmlAttrPtr newattr;
1638 1639
1639 1640 newattr = xmlNewProp(node, attrname, (xmlChar *)src);
1640 1641 if (newattr == NULL) {
1641 1642 xmlUnlinkNode(node);
1642 1643 xmlFreeNode(node);
1643 1644 return (Z_BAD_PROPERTY);
1644 1645 }
1645 1646 return (Z_OK);
1646 1647 }
1647 1648
1648 1649 static int
1649 1650 zonecfg_add_filesystem_core(zone_dochandle_t handle, struct zone_fstab *tabptr)
1650 1651 {
1651 1652 xmlNodePtr newnode, cur = handle->zone_dh_cur, options_node;
1652 1653 zone_fsopt_t *ptr;
1653 1654 int err;
1654 1655
1655 1656 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_FS, NULL);
1656 1657 if ((err = newprop(newnode, DTD_ATTR_SPECIAL,
1657 1658 tabptr->zone_fs_special)) != Z_OK)
1658 1659 return (err);
1659 1660 if (tabptr->zone_fs_raw[0] != '\0' &&
1660 1661 (err = newprop(newnode, DTD_ATTR_RAW, tabptr->zone_fs_raw)) != Z_OK)
1661 1662 return (err);
1662 1663 if ((err = newprop(newnode, DTD_ATTR_DIR, tabptr->zone_fs_dir)) != Z_OK)
1663 1664 return (err);
1664 1665 if ((err = newprop(newnode, DTD_ATTR_TYPE,
1665 1666 tabptr->zone_fs_type)) != Z_OK)
1666 1667 return (err);
1667 1668 if (tabptr->zone_fs_options != NULL) {
1668 1669 for (ptr = tabptr->zone_fs_options; ptr != NULL;
1669 1670 ptr = ptr->zone_fsopt_next) {
1670 1671 options_node = xmlNewTextChild(newnode, NULL,
1671 1672 DTD_ELEM_FSOPTION, NULL);
1672 1673 if ((err = newprop(options_node, DTD_ATTR_NAME,
1673 1674 ptr->zone_fsopt_opt)) != Z_OK)
1674 1675 return (err);
1675 1676 }
1676 1677 }
1677 1678 return (Z_OK);
1678 1679 }
1679 1680
1680 1681 int
1681 1682 zonecfg_add_filesystem(zone_dochandle_t handle, struct zone_fstab *tabptr)
1682 1683 {
1683 1684 int err;
1684 1685
1685 1686 if (tabptr == NULL)
1686 1687 return (Z_INVAL);
1687 1688
1688 1689 if ((err = operation_prep(handle)) != Z_OK)
1689 1690 return (err);
1690 1691
1691 1692 if ((err = zonecfg_add_filesystem_core(handle, tabptr)) != Z_OK)
1692 1693 return (err);
1693 1694
1694 1695 return (Z_OK);
1695 1696 }
1696 1697
1697 1698 int
1698 1699 zonecfg_add_fs_option(struct zone_fstab *tabptr, char *option)
1699 1700 {
1700 1701 zone_fsopt_t *last, *old, *new;
1701 1702
1702 1703 last = tabptr->zone_fs_options;
1703 1704 for (old = last; old != NULL; old = old->zone_fsopt_next)
1704 1705 last = old; /* walk to the end of the list */
1705 1706 new = (zone_fsopt_t *)malloc(sizeof (zone_fsopt_t));
1706 1707 if (new == NULL)
1707 1708 return (Z_NOMEM);
1708 1709 (void) strlcpy(new->zone_fsopt_opt, option,
1709 1710 sizeof (new->zone_fsopt_opt));
1710 1711 new->zone_fsopt_next = NULL;
1711 1712 if (last == NULL)
1712 1713 tabptr->zone_fs_options = new;
1713 1714 else
1714 1715 last->zone_fsopt_next = new;
1715 1716 return (Z_OK);
1716 1717 }
1717 1718
1718 1719 int
1719 1720 zonecfg_remove_fs_option(struct zone_fstab *tabptr, char *option)
1720 1721 {
1721 1722 zone_fsopt_t *last, *this, *next;
1722 1723
1723 1724 last = tabptr->zone_fs_options;
1724 1725 for (this = last; this != NULL; this = this->zone_fsopt_next) {
1725 1726 if (strcmp(this->zone_fsopt_opt, option) == 0) {
1726 1727 next = this->zone_fsopt_next;
1727 1728 if (this == tabptr->zone_fs_options)
1728 1729 tabptr->zone_fs_options = next;
1729 1730 else
1730 1731 last->zone_fsopt_next = next;
1731 1732 free(this);
1732 1733 return (Z_OK);
1733 1734 } else
1734 1735 last = this;
1735 1736 }
1736 1737 return (Z_NO_PROPERTY_ID);
1737 1738 }
1738 1739
1739 1740 void
1740 1741 zonecfg_free_fs_option_list(zone_fsopt_t *list)
1741 1742 {
1742 1743 zone_fsopt_t *this, *next;
1743 1744
1744 1745 for (this = list; this != NULL; this = next) {
1745 1746 next = this->zone_fsopt_next;
1746 1747 free(this);
1747 1748 }
1748 1749 }
1749 1750
1750 1751 void
1751 1752 zonecfg_free_rctl_value_list(struct zone_rctlvaltab *valtab)
1752 1753 {
1753 1754 if (valtab == NULL)
1754 1755 return;
1755 1756 zonecfg_free_rctl_value_list(valtab->zone_rctlval_next);
1756 1757 free(valtab);
1757 1758 }
1758 1759
1759 1760 static boolean_t
↓ open down ↓ |
1727 lines elided |
↑ open up ↑ |
1760 1761 match_prop(xmlNodePtr cur, const xmlChar *attr, char *user_prop)
1761 1762 {
1762 1763 xmlChar *gotten_prop;
1763 1764 int prop_result;
1764 1765
1765 1766 gotten_prop = xmlGetProp(cur, attr);
1766 1767 if (gotten_prop == NULL) /* shouldn't happen */
1767 1768 return (B_FALSE);
1768 1769 prop_result = xmlStrcmp(gotten_prop, (const xmlChar *) user_prop);
1769 1770 xmlFree(gotten_prop);
1770 - return ((prop_result == 0));
1771 + return ((prop_result == 0)); /* empty strings will match */
1771 1772 }
1772 1773
1773 1774 static int
1774 1775 zonecfg_delete_filesystem_core(zone_dochandle_t handle,
1775 1776 struct zone_fstab *tabptr)
1776 1777 {
1777 1778 xmlNodePtr cur = handle->zone_dh_cur;
1778 1779 boolean_t dir_match, spec_match, raw_match, type_match;
1779 1780
1780 1781 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1781 1782 if (xmlStrcmp(cur->name, DTD_ELEM_FS))
1782 1783 continue;
1783 1784 dir_match = match_prop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir);
1784 1785 spec_match = match_prop(cur, DTD_ATTR_SPECIAL,
1785 1786 tabptr->zone_fs_special);
1786 1787 raw_match = match_prop(cur, DTD_ATTR_RAW,
1787 1788 tabptr->zone_fs_raw);
1788 1789 type_match = match_prop(cur, DTD_ATTR_TYPE,
1789 1790 tabptr->zone_fs_type);
1790 1791 if (dir_match && spec_match && raw_match && type_match) {
1791 1792 xmlUnlinkNode(cur);
1792 1793 xmlFreeNode(cur);
1793 1794 return (Z_OK);
1794 1795 }
1795 1796 }
1796 1797 return (Z_NO_RESOURCE_ID);
1797 1798 }
1798 1799
1799 1800 int
1800 1801 zonecfg_delete_filesystem(zone_dochandle_t handle, struct zone_fstab *tabptr)
1801 1802 {
1802 1803 int err;
1803 1804
1804 1805 if (tabptr == NULL)
1805 1806 return (Z_INVAL);
1806 1807
1807 1808 if ((err = operation_prep(handle)) != Z_OK)
1808 1809 return (err);
1809 1810
1810 1811 if ((err = zonecfg_delete_filesystem_core(handle, tabptr)) != Z_OK)
1811 1812 return (err);
1812 1813
1813 1814 return (Z_OK);
1814 1815 }
1815 1816
1816 1817 int
1817 1818 zonecfg_modify_filesystem(
1818 1819 zone_dochandle_t handle,
1819 1820 struct zone_fstab *oldtabptr,
1820 1821 struct zone_fstab *newtabptr)
1821 1822 {
1822 1823 int err;
1823 1824
1824 1825 if (oldtabptr == NULL || newtabptr == NULL)
1825 1826 return (Z_INVAL);
1826 1827
1827 1828 if ((err = operation_prep(handle)) != Z_OK)
1828 1829 return (err);
1829 1830
1830 1831 if ((err = zonecfg_delete_filesystem_core(handle, oldtabptr)) != Z_OK)
1831 1832 return (err);
1832 1833
1833 1834 if ((err = zonecfg_add_filesystem_core(handle, newtabptr)) != Z_OK)
1834 1835 return (err);
1835 1836
1836 1837 return (Z_OK);
1837 1838 }
1838 1839
1839 1840 int
1840 1841 zonecfg_lookup_filesystem(
1841 1842 zone_dochandle_t handle,
1842 1843 struct zone_fstab *tabptr)
1843 1844 {
1844 1845 xmlNodePtr cur, options, firstmatch;
1845 1846 int err;
1846 1847 char dirname[MAXPATHLEN], special[MAXPATHLEN], raw[MAXPATHLEN];
1847 1848 char type[FSTYPSZ];
1848 1849 char options_str[MAX_MNTOPT_STR];
1849 1850
1850 1851 if (tabptr == NULL)
1851 1852 return (Z_INVAL);
1852 1853
1853 1854 if ((err = operation_prep(handle)) != Z_OK)
1854 1855 return (err);
1855 1856
1856 1857 /*
1857 1858 * Walk the list of children looking for matches on any properties
1858 1859 * specified in the fstab parameter. If more than one resource
1859 1860 * matches, we return Z_INSUFFICIENT_SPEC; if none match, we return
1860 1861 * Z_NO_RESOURCE_ID.
1861 1862 */
1862 1863 cur = handle->zone_dh_cur;
1863 1864 firstmatch = NULL;
1864 1865 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1865 1866 if (xmlStrcmp(cur->name, DTD_ELEM_FS))
1866 1867 continue;
1867 1868 if (strlen(tabptr->zone_fs_dir) > 0) {
1868 1869 if ((fetchprop(cur, DTD_ATTR_DIR, dirname,
1869 1870 sizeof (dirname)) == Z_OK) &&
1870 1871 (strcmp(tabptr->zone_fs_dir, dirname) == 0)) {
1871 1872 if (firstmatch == NULL)
1872 1873 firstmatch = cur;
1873 1874 else
1874 1875 return (Z_INSUFFICIENT_SPEC);
1875 1876 }
1876 1877 }
1877 1878 if (strlen(tabptr->zone_fs_special) > 0) {
1878 1879 if ((fetchprop(cur, DTD_ATTR_SPECIAL, special,
1879 1880 sizeof (special)) == Z_OK)) {
1880 1881 if (strcmp(tabptr->zone_fs_special,
1881 1882 special) == 0) {
1882 1883 if (firstmatch == NULL)
1883 1884 firstmatch = cur;
1884 1885 else if (firstmatch != cur)
1885 1886 return (Z_INSUFFICIENT_SPEC);
1886 1887 } else {
1887 1888 /*
1888 1889 * If another property matched but this
1889 1890 * one doesn't then reset firstmatch.
1890 1891 */
1891 1892 if (firstmatch == cur)
1892 1893 firstmatch = NULL;
1893 1894 }
1894 1895 }
1895 1896 }
1896 1897 if (strlen(tabptr->zone_fs_raw) > 0) {
1897 1898 if ((fetchprop(cur, DTD_ATTR_RAW, raw,
1898 1899 sizeof (raw)) == Z_OK)) {
1899 1900 if (strcmp(tabptr->zone_fs_raw, raw) == 0) {
1900 1901 if (firstmatch == NULL)
1901 1902 firstmatch = cur;
1902 1903 else if (firstmatch != cur)
1903 1904 return (Z_INSUFFICIENT_SPEC);
1904 1905 } else {
1905 1906 /*
1906 1907 * If another property matched but this
1907 1908 * one doesn't then reset firstmatch.
1908 1909 */
1909 1910 if (firstmatch == cur)
1910 1911 firstmatch = NULL;
1911 1912 }
1912 1913 }
1913 1914 }
1914 1915 if (strlen(tabptr->zone_fs_type) > 0) {
1915 1916 if ((fetchprop(cur, DTD_ATTR_TYPE, type,
1916 1917 sizeof (type)) == Z_OK)) {
1917 1918 if (strcmp(tabptr->zone_fs_type, type) == 0) {
1918 1919 if (firstmatch == NULL)
1919 1920 firstmatch = cur;
1920 1921 else if (firstmatch != cur)
1921 1922 return (Z_INSUFFICIENT_SPEC);
1922 1923 } else {
1923 1924 /*
1924 1925 * If another property matched but this
1925 1926 * one doesn't then reset firstmatch.
1926 1927 */
1927 1928 if (firstmatch == cur)
1928 1929 firstmatch = NULL;
1929 1930 }
1930 1931 }
1931 1932 }
1932 1933 }
1933 1934
1934 1935 if (firstmatch == NULL)
1935 1936 return (Z_NO_RESOURCE_ID);
1936 1937
1937 1938 cur = firstmatch;
1938 1939
1939 1940 if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
1940 1941 sizeof (tabptr->zone_fs_dir))) != Z_OK)
1941 1942 return (err);
1942 1943
1943 1944 if ((err = fetchprop(cur, DTD_ATTR_SPECIAL, tabptr->zone_fs_special,
1944 1945 sizeof (tabptr->zone_fs_special))) != Z_OK)
1945 1946 return (err);
1946 1947
1947 1948 if ((err = fetchprop(cur, DTD_ATTR_RAW, tabptr->zone_fs_raw,
1948 1949 sizeof (tabptr->zone_fs_raw))) != Z_OK)
1949 1950 return (err);
1950 1951
1951 1952 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_fs_type,
1952 1953 sizeof (tabptr->zone_fs_type))) != Z_OK)
1953 1954 return (err);
1954 1955
1955 1956 /* options are optional */
1956 1957 tabptr->zone_fs_options = NULL;
1957 1958 for (options = cur->xmlChildrenNode; options != NULL;
1958 1959 options = options->next) {
1959 1960 if ((fetchprop(options, DTD_ATTR_NAME, options_str,
1960 1961 sizeof (options_str)) != Z_OK))
1961 1962 break;
1962 1963 if (zonecfg_add_fs_option(tabptr, options_str) != Z_OK)
1963 1964 break;
1964 1965 }
1965 1966 return (Z_OK);
1966 1967 }
1967 1968
1968 1969 /*
1969 1970 * Compare two IP addresses in string form. Allow for the possibility that
1970 1971 * one might have "/<prefix-length>" at the end: allow a match on just the
1971 1972 * IP address (or host name) part.
1972 1973 */
1973 1974
1974 1975 boolean_t
1975 1976 zonecfg_same_net_address(char *a1, char *a2)
1976 1977 {
1977 1978 char *slashp, *slashp1, *slashp2;
1978 1979 int result;
1979 1980
1980 1981 if (strcmp(a1, a2) == 0)
1981 1982 return (B_TRUE);
1982 1983
1983 1984 /*
1984 1985 * If neither has a slash or both do, they need to match to be
1985 1986 * considered the same, but they did not match above, so fail.
1986 1987 */
1987 1988 slashp1 = strchr(a1, '/');
1988 1989 slashp2 = strchr(a2, '/');
1989 1990 if ((slashp1 == NULL && slashp2 == NULL) ||
1990 1991 (slashp1 != NULL && slashp2 != NULL))
1991 1992 return (B_FALSE);
1992 1993
1993 1994 /*
1994 1995 * Only one had a slash: pick that one, zero out the slash, compare
1995 1996 * the "address only" strings, restore the slash, and return the
1996 1997 * result of the comparison.
1997 1998 */
1998 1999 slashp = (slashp1 == NULL) ? slashp2 : slashp1;
1999 2000 *slashp = '\0';
2000 2001 result = strcmp(a1, a2);
2001 2002 *slashp = '/';
2002 2003 return ((result == 0));
2003 2004 }
2004 2005
2005 2006 int
2006 2007 zonecfg_valid_net_address(char *address, struct lifreq *lifr)
2007 2008 {
2008 2009 struct sockaddr_in *sin4;
2009 2010 struct sockaddr_in6 *sin6;
2010 2011 struct addrinfo hints, *result;
2011 2012 char *slashp = strchr(address, '/');
2012 2013
2013 2014 bzero(lifr, sizeof (struct lifreq));
2014 2015 sin4 = (struct sockaddr_in *)&lifr->lifr_addr;
2015 2016 sin6 = (struct sockaddr_in6 *)&lifr->lifr_addr;
2016 2017 if (slashp != NULL)
2017 2018 *slashp = '\0';
2018 2019 if (inet_pton(AF_INET, address, &sin4->sin_addr) == 1) {
2019 2020 sin4->sin_family = AF_INET;
2020 2021 } else if (inet_pton(AF_INET6, address, &sin6->sin6_addr) == 1) {
2021 2022 if (slashp == NULL)
2022 2023 return (Z_IPV6_ADDR_PREFIX_LEN);
2023 2024 sin6->sin6_family = AF_INET6;
2024 2025 } else {
2025 2026 /* "address" may be a host name */
2026 2027 (void) memset(&hints, 0, sizeof (hints));
2027 2028 hints.ai_family = PF_INET;
2028 2029 if (getaddrinfo(address, NULL, &hints, &result) != 0)
2029 2030 return (Z_BOGUS_ADDRESS);
2030 2031 sin4->sin_family = result->ai_family;
2031 2032
2032 2033 (void) memcpy(&sin4->sin_addr,
2033 2034 /* LINTED E_BAD_PTR_CAST_ALIGN */
2034 2035 &((struct sockaddr_in *)result->ai_addr)->sin_addr,
2035 2036 sizeof (struct in_addr));
2036 2037
2037 2038 freeaddrinfo(result);
2038 2039 }
2039 2040 return (Z_OK);
2040 2041 }
2041 2042
2042 2043 boolean_t
2043 2044 zonecfg_ifname_exists(sa_family_t af, char *ifname)
2044 2045 {
2045 2046 struct lifreq lifr;
2046 2047 int so;
2047 2048 int save_errno;
2048 2049
2049 2050 (void) memset(&lifr, 0, sizeof (lifr));
2050 2051 (void) strlcpy(lifr.lifr_name, ifname, sizeof (lifr.lifr_name));
2051 2052 lifr.lifr_addr.ss_family = af;
2052 2053 if ((so = socket(af, SOCK_DGRAM, 0)) < 0) {
2053 2054 /* Odd - can't tell if the ifname exists */
2054 2055 return (B_FALSE);
2055 2056 }
2056 2057 if (ioctl(so, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) {
2057 2058 save_errno = errno;
2058 2059 (void) close(so);
2059 2060 errno = save_errno;
2060 2061 return (B_FALSE);
2061 2062 }
2062 2063 (void) close(so);
2063 2064 return (B_TRUE);
2064 2065 }
2065 2066
2066 2067 /*
2067 2068 * Determines whether there is a net resource with the physical interface, IP
2068 2069 * address, and default router specified by 'tabptr' in the zone configuration
2069 2070 * to which 'handle' refers. 'tabptr' must have an interface, an address, a
2070 2071 * default router, or a combination of the three. This function returns Z_OK
2071 2072 * iff there is exactly one net resource matching the query specified by
2072 2073 * 'tabptr'. The function returns Z_INSUFFICIENT_SPEC if there are multiple
2073 2074 * matches or 'tabptr' does not specify a physical interface, address, or
2074 2075 * default router. The function returns Z_NO_RESOURCE_ID if are no matches.
2075 2076 *
2076 2077 * Errors might also be returned if the entry that exactly matches the
2077 2078 * query lacks critical network resource information.
2078 2079 *
2079 2080 * If there is a single match, then the matching entry's physical interface, IP
2080 2081 * address, and default router information are stored in 'tabptr'.
2081 2082 */
2082 2083 int
2083 2084 zonecfg_lookup_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2084 2085 {
2085 2086 xmlNodePtr cur;
2086 2087 xmlNodePtr firstmatch;
2087 2088 int err;
2088 2089 char address[INET6_ADDRSTRLEN];
2089 2090 char physical[LIFNAMSIZ];
2090 2091 size_t addrspec; /* nonzero if tabptr has IP addr */
2091 2092 size_t physspec; /* nonzero if tabptr has interface */
2092 2093 size_t defrouterspec; /* nonzero if tabptr has def. router */
2093 2094 size_t allowed_addrspec;
2094 2095 zone_iptype_t iptype;
2095 2096
2096 2097 if (tabptr == NULL)
2097 2098 return (Z_INVAL);
2098 2099
2099 2100 /*
2100 2101 * Determine the fields that will be searched. There must be at least
2101 2102 * one.
2102 2103 *
2103 2104 * zone_nwif_address, zone_nwif_physical, and zone_nwif_defrouter are
2104 2105 * arrays, so no NULL checks are necessary.
2105 2106 */
2106 2107 addrspec = strlen(tabptr->zone_nwif_address);
2107 2108 physspec = strlen(tabptr->zone_nwif_physical);
2108 2109 defrouterspec = strlen(tabptr->zone_nwif_defrouter);
2109 2110 allowed_addrspec = strlen(tabptr->zone_nwif_allowed_address);
2110 2111 if (addrspec != 0 && allowed_addrspec != 0)
2111 2112 return (Z_INVAL); /* can't specify both */
2112 2113 if (addrspec == 0 && physspec == 0 && defrouterspec == 0 &&
2113 2114 allowed_addrspec == 0)
2114 2115 return (Z_INSUFFICIENT_SPEC);
2115 2116
2116 2117 if ((err = operation_prep(handle)) != Z_OK)
2117 2118 return (err);
2118 2119
2119 2120 if ((err = zonecfg_get_iptype(handle, &iptype)) != Z_OK)
2120 2121 return (err);
2121 2122 /*
2122 2123 * Iterate over the configuration's elements and look for net elements
2123 2124 * that match the query.
2124 2125 */
2125 2126 firstmatch = NULL;
2126 2127 cur = handle->zone_dh_cur;
2127 2128 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2128 2129 /* Skip non-net elements */
2129 2130 if (xmlStrcmp(cur->name, DTD_ELEM_NET))
2130 2131 continue;
2131 2132
2132 2133 /*
2133 2134 * If any relevant fields don't match the query, then skip
2134 2135 * the current net element.
2135 2136 */
2136 2137 if (physspec != 0 && (fetchprop(cur, DTD_ATTR_PHYSICAL,
2137 2138 physical, sizeof (physical)) != Z_OK ||
2138 2139 strcmp(tabptr->zone_nwif_physical, physical) != 0))
2139 2140 continue;
2140 2141 if (iptype == ZS_SHARED && addrspec != 0 &&
2141 2142 (fetchprop(cur, DTD_ATTR_ADDRESS, address,
2142 2143 sizeof (address)) != Z_OK ||
2143 2144 !zonecfg_same_net_address(tabptr->zone_nwif_address,
2144 2145 address)))
2145 2146 continue;
2146 2147 if (iptype == ZS_EXCLUSIVE && allowed_addrspec != 0 &&
2147 2148 (fetchprop(cur, DTD_ATTR_ALLOWED_ADDRESS, address,
2148 2149 sizeof (address)) != Z_OK ||
2149 2150 !zonecfg_same_net_address(tabptr->zone_nwif_allowed_address,
2150 2151 address)))
2151 2152 continue;
2152 2153 if (defrouterspec != 0 && (fetchprop(cur, DTD_ATTR_DEFROUTER,
2153 2154 address, sizeof (address)) != Z_OK ||
2154 2155 !zonecfg_same_net_address(tabptr->zone_nwif_defrouter,
2155 2156 address)))
2156 2157 continue;
2157 2158
2158 2159 /*
2159 2160 * The current net element matches the query. Select it if
2160 2161 * it's the first match; otherwise, abort the search.
2161 2162 */
2162 2163 if (firstmatch == NULL)
2163 2164 firstmatch = cur;
2164 2165 else
2165 2166 return (Z_INSUFFICIENT_SPEC);
2166 2167 }
2167 2168 if (firstmatch == NULL)
2168 2169 return (Z_NO_RESOURCE_ID);
2169 2170
2170 2171 cur = firstmatch;
2171 2172
2172 2173 if ((err = fetchprop(cur, DTD_ATTR_PHYSICAL, tabptr->zone_nwif_physical,
2173 2174 sizeof (tabptr->zone_nwif_physical))) != Z_OK)
2174 2175 return (err);
2175 2176
2176 2177 if (iptype == ZS_SHARED &&
2177 2178 (err = fetchprop(cur, DTD_ATTR_ADDRESS, tabptr->zone_nwif_address,
2178 2179 sizeof (tabptr->zone_nwif_address))) != Z_OK)
2179 2180 return (err);
2180 2181
2181 2182 if (iptype == ZS_EXCLUSIVE &&
2182 2183 (err = fetchprop(cur, DTD_ATTR_ALLOWED_ADDRESS,
2183 2184 tabptr->zone_nwif_allowed_address,
2184 2185 sizeof (tabptr->zone_nwif_allowed_address))) != Z_OK)
2185 2186 return (err);
2186 2187
2187 2188 if ((err = fetchprop(cur, DTD_ATTR_DEFROUTER,
2188 2189 tabptr->zone_nwif_defrouter,
2189 2190 sizeof (tabptr->zone_nwif_defrouter))) != Z_OK)
2190 2191 return (err);
2191 2192
2192 2193 return (Z_OK);
2193 2194 }
2194 2195
2195 2196 static int
2196 2197 zonecfg_add_nwif_core(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2197 2198 {
2198 2199 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2199 2200 int err;
2200 2201
2201 2202 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_NET, NULL);
2202 2203 if (strlen(tabptr->zone_nwif_address) > 0 &&
2203 2204 (err = newprop(newnode, DTD_ATTR_ADDRESS,
2204 2205 tabptr->zone_nwif_address)) != Z_OK)
2205 2206 return (err);
2206 2207 if (strlen(tabptr->zone_nwif_allowed_address) > 0 &&
2207 2208 (err = newprop(newnode, DTD_ATTR_ALLOWED_ADDRESS,
2208 2209 tabptr->zone_nwif_allowed_address)) != Z_OK)
2209 2210 return (err);
2210 2211 if ((err = newprop(newnode, DTD_ATTR_PHYSICAL,
2211 2212 tabptr->zone_nwif_physical)) != Z_OK)
2212 2213 return (err);
2213 2214 /*
2214 2215 * Do not add this property when it is not set, for backwards
2215 2216 * compatibility and because it is optional.
2216 2217 */
2217 2218 if ((strlen(tabptr->zone_nwif_defrouter) > 0) &&
2218 2219 ((err = newprop(newnode, DTD_ATTR_DEFROUTER,
2219 2220 tabptr->zone_nwif_defrouter)) != Z_OK))
2220 2221 return (err);
2221 2222 return (Z_OK);
2222 2223 }
2223 2224
2224 2225 int
2225 2226 zonecfg_add_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2226 2227 {
2227 2228 int err;
2228 2229
2229 2230 if (tabptr == NULL)
2230 2231 return (Z_INVAL);
2231 2232
2232 2233 if ((err = operation_prep(handle)) != Z_OK)
2233 2234 return (err);
2234 2235
2235 2236 if ((err = zonecfg_add_nwif_core(handle, tabptr)) != Z_OK)
2236 2237 return (err);
2237 2238
2238 2239 return (Z_OK);
2239 2240 }
2240 2241
2241 2242 static int
2242 2243 zonecfg_delete_nwif_core(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2243 2244 {
2244 2245 xmlNodePtr cur = handle->zone_dh_cur;
2245 2246 boolean_t addr_match, phys_match, allowed_addr_match;
2246 2247
2247 2248 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
↓ open down ↓ |
467 lines elided |
↑ open up ↑ |
2248 2249 if (xmlStrcmp(cur->name, DTD_ELEM_NET))
2249 2250 continue;
2250 2251
2251 2252 addr_match = match_prop(cur, DTD_ATTR_ADDRESS,
2252 2253 tabptr->zone_nwif_address);
2253 2254 allowed_addr_match = match_prop(cur, DTD_ATTR_ALLOWED_ADDRESS,
2254 2255 tabptr->zone_nwif_allowed_address);
2255 2256 phys_match = match_prop(cur, DTD_ATTR_PHYSICAL,
2256 2257 tabptr->zone_nwif_physical);
2257 2258
2258 - if ((addr_match || allowed_addr_match) && phys_match) {
2259 + if (addr_match && allowed_addr_match && phys_match) {
2259 2260 xmlUnlinkNode(cur);
2260 2261 xmlFreeNode(cur);
2261 2262 return (Z_OK);
2262 2263 }
2263 2264 }
2264 2265 return (Z_NO_RESOURCE_ID);
2265 2266 }
2266 2267
2267 2268 int
2268 2269 zonecfg_delete_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2269 2270 {
2270 2271 int err;
2271 2272
2272 2273 if (tabptr == NULL)
2273 2274 return (Z_INVAL);
2274 2275
2275 2276 if ((err = operation_prep(handle)) != Z_OK)
2276 2277 return (err);
2277 2278
2278 2279 if ((err = zonecfg_delete_nwif_core(handle, tabptr)) != Z_OK)
2279 2280 return (err);
2280 2281
2281 2282 return (Z_OK);
2282 2283 }
2283 2284
2284 2285 int
2285 2286 zonecfg_modify_nwif(
2286 2287 zone_dochandle_t handle,
2287 2288 struct zone_nwiftab *oldtabptr,
2288 2289 struct zone_nwiftab *newtabptr)
2289 2290 {
2290 2291 int err;
2291 2292
2292 2293 if (oldtabptr == NULL || newtabptr == NULL)
2293 2294 return (Z_INVAL);
2294 2295
2295 2296 if ((err = operation_prep(handle)) != Z_OK)
2296 2297 return (err);
2297 2298
2298 2299 if ((err = zonecfg_delete_nwif_core(handle, oldtabptr)) != Z_OK)
2299 2300 return (err);
2300 2301
2301 2302 if ((err = zonecfg_add_nwif_core(handle, newtabptr)) != Z_OK)
2302 2303 return (err);
2303 2304
2304 2305 return (Z_OK);
2305 2306 }
2306 2307
2307 2308 /*
2308 2309 * Must be a comma-separated list of alpha-numeric file system names.
2309 2310 */
2310 2311 static int
2311 2312 zonecfg_valid_fs_allowed(const char *fsallowedp)
2312 2313 {
2313 2314 char tmp[ZONE_FS_ALLOWED_MAX];
2314 2315 char *cp = tmp;
2315 2316 char *p;
2316 2317
2317 2318 if (strlen(fsallowedp) > ZONE_FS_ALLOWED_MAX)
2318 2319 return (Z_TOO_BIG);
2319 2320
2320 2321 (void) strlcpy(tmp, fsallowedp, sizeof (tmp));
2321 2322
2322 2323 while (*cp != '\0') {
2323 2324 p = cp;
2324 2325 while (*p != '\0' && *p != ',') {
2325 2326 if (!isalnum(*p) && *p != '-')
2326 2327 return (Z_INVALID_PROPERTY);
2327 2328 p++;
2328 2329 }
2329 2330
2330 2331 if (*p == ',') {
2331 2332 if (p == cp)
2332 2333 return (Z_INVALID_PROPERTY);
2333 2334
2334 2335 p++;
2335 2336
2336 2337 if (*p == '\0')
2337 2338 return (Z_INVALID_PROPERTY);
2338 2339 }
2339 2340
2340 2341 cp = p;
2341 2342 }
2342 2343
2343 2344 return (Z_OK);
2344 2345 }
2345 2346
2346 2347 int
2347 2348 zonecfg_get_fs_allowed(zone_dochandle_t handle, char *bufp, size_t buflen)
2348 2349 {
2349 2350 int err;
2350 2351
2351 2352 if ((err = getrootattr(handle, DTD_ATTR_FS_ALLOWED,
2352 2353 bufp, buflen)) != Z_OK)
2353 2354 return (err);
2354 2355 if (bufp[0] == '\0')
2355 2356 return (Z_BAD_PROPERTY);
2356 2357 return (zonecfg_valid_fs_allowed(bufp));
2357 2358 }
2358 2359
2359 2360 int
2360 2361 zonecfg_set_fs_allowed(zone_dochandle_t handle, const char *bufp)
2361 2362 {
2362 2363 int err;
2363 2364
2364 2365 if (bufp == NULL || (err = zonecfg_valid_fs_allowed(bufp)) == Z_OK)
2365 2366 return (setrootattr(handle, DTD_ATTR_FS_ALLOWED, bufp));
2366 2367 return (err);
2367 2368 }
2368 2369
2369 2370 /*
2370 2371 * Determines if the specified string is a valid hostid string. This function
2371 2372 * returns Z_OK if the string is a valid hostid string. It returns Z_INVAL if
2372 2373 * 'hostidp' is NULL, Z_TOO_BIG if 'hostidp' refers to a string buffer
2373 2374 * containing a hex string with more than 8 digits, and Z_INVALID_PROPERTY if
2374 2375 * the string has an invalid format.
2375 2376 */
2376 2377 static int
2377 2378 zonecfg_valid_hostid(const char *hostidp)
2378 2379 {
2379 2380 char *currentp;
2380 2381 u_longlong_t hostidval;
2381 2382 size_t len;
2382 2383
2383 2384 if (hostidp == NULL)
2384 2385 return (Z_INVAL);
2385 2386
2386 2387 /* Empty strings and strings with whitespace are invalid. */
2387 2388 if (*hostidp == '\0')
2388 2389 return (Z_INVALID_PROPERTY);
2389 2390 for (currentp = (char *)hostidp; *currentp != '\0'; ++currentp) {
2390 2391 if (isspace(*currentp))
2391 2392 return (Z_INVALID_PROPERTY);
2392 2393 }
2393 2394 len = (size_t)(currentp - hostidp);
2394 2395
2395 2396 /*
2396 2397 * The caller might pass a hostid that is larger than the maximum
2397 2398 * unsigned 32-bit integral value. Check for this! Also, make sure
2398 2399 * that the whole string is converted (this helps us find illegal
2399 2400 * characters) and that the whole string fits within a buffer of size
2400 2401 * HW_HOSTID_LEN.
2401 2402 */
2402 2403 currentp = (char *)hostidp;
2403 2404 if (strncmp(hostidp, "0x", 2) == 0 || strncmp(hostidp, "0X", 2) == 0)
2404 2405 currentp += 2;
2405 2406 hostidval = strtoull(currentp, ¤tp, 16);
2406 2407 if ((size_t)(currentp - hostidp) >= HW_HOSTID_LEN)
2407 2408 return (Z_TOO_BIG);
2408 2409 if (hostidval > UINT_MAX || hostidval == HW_INVALID_HOSTID ||
2409 2410 currentp != hostidp + len)
2410 2411 return (Z_INVALID_PROPERTY);
2411 2412 return (Z_OK);
2412 2413 }
2413 2414
2414 2415 /*
2415 2416 * Gets the zone hostid string stored in the specified zone configuration
2416 2417 * document. This function returns Z_OK on success. Z_BAD_PROPERTY is returned
2417 2418 * if the config file doesn't specify a hostid or if the hostid is blank.
2418 2419 *
2419 2420 * Note that buflen should be at least HW_HOSTID_LEN.
2420 2421 */
2421 2422 int
2422 2423 zonecfg_get_hostid(zone_dochandle_t handle, char *bufp, size_t buflen)
2423 2424 {
2424 2425 int err;
2425 2426
2426 2427 if ((err = getrootattr(handle, DTD_ATTR_HOSTID, bufp, buflen)) != Z_OK)
2427 2428 return (err);
2428 2429 if (bufp[0] == '\0')
2429 2430 return (Z_BAD_PROPERTY);
2430 2431 return (zonecfg_valid_hostid(bufp));
2431 2432 }
2432 2433
2433 2434 /*
2434 2435 * Sets the hostid string in the specified zone config document to the given
2435 2436 * string value. If 'hostidp' is NULL, then the config document's hostid
2436 2437 * attribute is cleared. Non-NULL hostids are validated. This function returns
2437 2438 * Z_OK on success. Any other return value indicates failure.
2438 2439 */
2439 2440 int
2440 2441 zonecfg_set_hostid(zone_dochandle_t handle, const char *hostidp)
2441 2442 {
2442 2443 int err;
2443 2444
2444 2445 /*
2445 2446 * A NULL hostid string is interpreted as a request to clear the
2446 2447 * hostid.
2447 2448 */
2448 2449 if (hostidp == NULL || (err = zonecfg_valid_hostid(hostidp)) == Z_OK)
2449 2450 return (setrootattr(handle, DTD_ATTR_HOSTID, hostidp));
2450 2451 return (err);
2451 2452 }
2452 2453
2453 2454 int
2454 2455 zonecfg_lookup_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
2455 2456 {
2456 2457 xmlNodePtr cur, firstmatch;
2457 2458 int err;
2458 2459 char match[MAXPATHLEN];
2459 2460
2460 2461 if (tabptr == NULL)
2461 2462 return (Z_INVAL);
2462 2463
2463 2464 if ((err = operation_prep(handle)) != Z_OK)
2464 2465 return (err);
2465 2466
2466 2467 cur = handle->zone_dh_cur;
2467 2468 firstmatch = NULL;
2468 2469 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2469 2470 if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
2470 2471 continue;
2471 2472 if (strlen(tabptr->zone_dev_match) == 0)
2472 2473 continue;
2473 2474
2474 2475 if ((fetchprop(cur, DTD_ATTR_MATCH, match,
2475 2476 sizeof (match)) == Z_OK)) {
2476 2477 if (strcmp(tabptr->zone_dev_match,
2477 2478 match) == 0) {
2478 2479 if (firstmatch == NULL)
2479 2480 firstmatch = cur;
2480 2481 else if (firstmatch != cur)
2481 2482 return (Z_INSUFFICIENT_SPEC);
2482 2483 } else {
2483 2484 /*
2484 2485 * If another property matched but this
2485 2486 * one doesn't then reset firstmatch.
2486 2487 */
2487 2488 if (firstmatch == cur)
2488 2489 firstmatch = NULL;
2489 2490 }
2490 2491 }
2491 2492 }
2492 2493 if (firstmatch == NULL)
2493 2494 return (Z_NO_RESOURCE_ID);
2494 2495
2495 2496 cur = firstmatch;
2496 2497
2497 2498 if ((err = fetchprop(cur, DTD_ATTR_MATCH, tabptr->zone_dev_match,
2498 2499 sizeof (tabptr->zone_dev_match))) != Z_OK)
2499 2500 return (err);
2500 2501
2501 2502 return (Z_OK);
2502 2503 }
2503 2504
2504 2505 static int
2505 2506 zonecfg_add_dev_core(zone_dochandle_t handle, struct zone_devtab *tabptr)
2506 2507 {
2507 2508 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2508 2509 int err;
2509 2510
2510 2511 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DEVICE, NULL);
2511 2512
2512 2513 if ((err = newprop(newnode, DTD_ATTR_MATCH,
2513 2514 tabptr->zone_dev_match)) != Z_OK)
2514 2515 return (err);
2515 2516
2516 2517 return (Z_OK);
2517 2518 }
2518 2519
2519 2520 int
2520 2521 zonecfg_add_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
2521 2522 {
2522 2523 int err;
2523 2524
2524 2525 if (tabptr == NULL)
2525 2526 return (Z_INVAL);
2526 2527
2527 2528 if ((err = operation_prep(handle)) != Z_OK)
2528 2529 return (err);
2529 2530
2530 2531 if ((err = zonecfg_add_dev_core(handle, tabptr)) != Z_OK)
2531 2532 return (err);
2532 2533
2533 2534 return (Z_OK);
2534 2535 }
2535 2536
2536 2537 static int
2537 2538 zonecfg_delete_dev_core(zone_dochandle_t handle, struct zone_devtab *tabptr)
2538 2539 {
2539 2540 xmlNodePtr cur = handle->zone_dh_cur;
2540 2541 int match_match;
2541 2542
2542 2543 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2543 2544 if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
2544 2545 continue;
2545 2546
2546 2547 match_match = match_prop(cur, DTD_ATTR_MATCH,
2547 2548 tabptr->zone_dev_match);
2548 2549
2549 2550 if (match_match) {
2550 2551 xmlUnlinkNode(cur);
2551 2552 xmlFreeNode(cur);
2552 2553 return (Z_OK);
2553 2554 }
2554 2555 }
2555 2556 return (Z_NO_RESOURCE_ID);
2556 2557 }
2557 2558
2558 2559 int
2559 2560 zonecfg_delete_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
2560 2561 {
2561 2562 int err;
2562 2563
2563 2564 if (tabptr == NULL)
2564 2565 return (Z_INVAL);
2565 2566
2566 2567 if ((err = operation_prep(handle)) != Z_OK)
2567 2568 return (err);
2568 2569
2569 2570 if ((err = zonecfg_delete_dev_core(handle, tabptr)) != Z_OK)
2570 2571 return (err);
2571 2572
2572 2573 return (Z_OK);
2573 2574 }
2574 2575
2575 2576 int
2576 2577 zonecfg_modify_dev(
2577 2578 zone_dochandle_t handle,
2578 2579 struct zone_devtab *oldtabptr,
2579 2580 struct zone_devtab *newtabptr)
2580 2581 {
2581 2582 int err;
2582 2583
2583 2584 if (oldtabptr == NULL || newtabptr == NULL)
2584 2585 return (Z_INVAL);
2585 2586
2586 2587 if ((err = operation_prep(handle)) != Z_OK)
2587 2588 return (err);
2588 2589
2589 2590 if ((err = zonecfg_delete_dev_core(handle, oldtabptr)) != Z_OK)
2590 2591 return (err);
2591 2592
2592 2593 if ((err = zonecfg_add_dev_core(handle, newtabptr)) != Z_OK)
2593 2594 return (err);
2594 2595
2595 2596 return (Z_OK);
2596 2597 }
2597 2598
2598 2599 static int
2599 2600 zonecfg_add_auth_core(zone_dochandle_t handle, struct zone_admintab *tabptr,
2600 2601 char *zonename)
2601 2602 {
2602 2603 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2603 2604 int err;
2604 2605
2605 2606 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_ADMIN, NULL);
2606 2607 err = newprop(newnode, DTD_ATTR_USER, tabptr->zone_admin_user);
2607 2608 if (err != Z_OK)
2608 2609 return (err);
2609 2610 err = newprop(newnode, DTD_ATTR_AUTHS, tabptr->zone_admin_auths);
2610 2611 if (err != Z_OK)
2611 2612 return (err);
2612 2613 if ((err = zonecfg_remove_userauths(
2613 2614 handle, tabptr->zone_admin_user, zonename, B_FALSE)) != Z_OK)
2614 2615 return (err);
2615 2616 return (Z_OK);
2616 2617 }
2617 2618
2618 2619 int
2619 2620 zonecfg_add_admin(zone_dochandle_t handle, struct zone_admintab *tabptr,
2620 2621 char *zonename)
2621 2622 {
2622 2623 int err;
2623 2624
2624 2625 if (tabptr == NULL)
2625 2626 return (Z_INVAL);
2626 2627
2627 2628 if ((err = operation_prep(handle)) != Z_OK)
2628 2629 return (err);
2629 2630
2630 2631 if ((err = zonecfg_add_auth_core(handle, tabptr,
2631 2632 zonename)) != Z_OK)
2632 2633 return (err);
2633 2634
2634 2635 return (Z_OK);
2635 2636 }
2636 2637 static int
2637 2638 zonecfg_delete_auth_core(zone_dochandle_t handle, struct zone_admintab *tabptr,
2638 2639 char *zonename)
2639 2640 {
2640 2641 xmlNodePtr cur = handle->zone_dh_cur;
2641 2642 boolean_t auth_match;
2642 2643 int err;
2643 2644
2644 2645 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2645 2646 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
2646 2647 continue;
2647 2648 auth_match = match_prop(cur, DTD_ATTR_USER,
2648 2649 tabptr->zone_admin_user);
2649 2650 if (auth_match) {
2650 2651 if ((err = zonecfg_insert_userauths(
2651 2652 handle, tabptr->zone_admin_user,
2652 2653 zonename)) != Z_OK)
2653 2654 return (err);
2654 2655 xmlUnlinkNode(cur);
2655 2656 xmlFreeNode(cur);
2656 2657 return (Z_OK);
2657 2658 }
2658 2659 }
2659 2660 return (Z_NO_RESOURCE_ID);
2660 2661 }
2661 2662
2662 2663 int
2663 2664 zonecfg_delete_admin(zone_dochandle_t handle, struct zone_admintab *tabptr,
2664 2665 char *zonename)
2665 2666 {
2666 2667 int err;
2667 2668
2668 2669 if (tabptr == NULL)
2669 2670 return (Z_INVAL);
2670 2671
2671 2672 if ((err = operation_prep(handle)) != Z_OK)
2672 2673 return (err);
2673 2674
2674 2675 if ((err = zonecfg_delete_auth_core(handle, tabptr, zonename)) != Z_OK)
2675 2676 return (err);
2676 2677
2677 2678 return (Z_OK);
2678 2679 }
2679 2680
2680 2681 int
2681 2682 zonecfg_modify_admin(zone_dochandle_t handle, struct zone_admintab *oldtabptr,
2682 2683 struct zone_admintab *newtabptr, char *zonename)
2683 2684 {
2684 2685 int err;
2685 2686
2686 2687 if (oldtabptr == NULL || newtabptr == NULL)
2687 2688 return (Z_INVAL);
2688 2689
2689 2690 if ((err = operation_prep(handle)) != Z_OK)
2690 2691 return (err);
2691 2692
2692 2693 if ((err = zonecfg_delete_auth_core(handle, oldtabptr, zonename))
2693 2694 != Z_OK)
2694 2695 return (err);
2695 2696
2696 2697 if ((err = zonecfg_add_auth_core(handle, newtabptr,
2697 2698 zonename)) != Z_OK)
2698 2699 return (err);
2699 2700
2700 2701 return (Z_OK);
2701 2702 }
2702 2703
2703 2704 int
2704 2705 zonecfg_lookup_admin(zone_dochandle_t handle, struct zone_admintab *tabptr)
2705 2706 {
2706 2707 xmlNodePtr cur, firstmatch;
2707 2708 int err;
2708 2709 char user[MAXUSERNAME];
2709 2710
2710 2711 if (tabptr == NULL)
2711 2712 return (Z_INVAL);
2712 2713
2713 2714 if ((err = operation_prep(handle)) != Z_OK)
2714 2715 return (err);
2715 2716
2716 2717 cur = handle->zone_dh_cur;
2717 2718 firstmatch = NULL;
2718 2719 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2719 2720 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
2720 2721 continue;
2721 2722 if (strlen(tabptr->zone_admin_user) > 0) {
2722 2723 if ((fetchprop(cur, DTD_ATTR_USER, user,
2723 2724 sizeof (user)) == Z_OK) &&
2724 2725 (strcmp(tabptr->zone_admin_user, user) == 0)) {
2725 2726 if (firstmatch == NULL)
2726 2727 firstmatch = cur;
2727 2728 else
2728 2729 return (Z_INSUFFICIENT_SPEC);
2729 2730 }
2730 2731 }
2731 2732 }
2732 2733 if (firstmatch == NULL)
2733 2734 return (Z_NO_RESOURCE_ID);
2734 2735
2735 2736 cur = firstmatch;
2736 2737
2737 2738 if ((err = fetchprop(cur, DTD_ATTR_USER, tabptr->zone_admin_user,
2738 2739 sizeof (tabptr->zone_admin_user))) != Z_OK)
2739 2740 return (err);
2740 2741
2741 2742 if ((err = fetchprop(cur, DTD_ATTR_AUTHS, tabptr->zone_admin_auths,
2742 2743 sizeof (tabptr->zone_admin_auths))) != Z_OK)
2743 2744 return (err);
2744 2745
2745 2746 return (Z_OK);
2746 2747 }
2747 2748
2748 2749
2749 2750 /* Lock to serialize all devwalks */
2750 2751 static pthread_mutex_t zonecfg_devwalk_lock = PTHREAD_MUTEX_INITIALIZER;
2751 2752 /*
2752 2753 * Global variables used to pass data from zonecfg_dev_manifest to the nftw
2753 2754 * call-back (zonecfg_devwalk_cb). g_devwalk_data is really the void*
2754 2755 * parameter and g_devwalk_cb is really the *cb parameter from
2755 2756 * zonecfg_dev_manifest.
2756 2757 */
2757 2758 typedef struct __g_devwalk_data *g_devwalk_data_t;
2758 2759 static g_devwalk_data_t g_devwalk_data;
2759 2760 static int (*g_devwalk_cb)(const char *, uid_t, gid_t, mode_t, const char *,
2760 2761 void *);
2761 2762 static size_t g_devwalk_skip_prefix;
2762 2763
2763 2764 /*
2764 2765 * zonecfg_dev_manifest call-back function used during detach to generate the
2765 2766 * dev info in the manifest.
2766 2767 */
2767 2768 static int
2768 2769 get_detach_dev_entry(const char *name, uid_t uid, gid_t gid, mode_t mode,
2769 2770 const char *acl, void *hdl)
2770 2771 {
2771 2772 zone_dochandle_t handle = (zone_dochandle_t)hdl;
2772 2773 xmlNodePtr newnode;
2773 2774 xmlNodePtr cur;
2774 2775 int err;
2775 2776 char buf[128];
2776 2777
2777 2778 if ((err = operation_prep(handle)) != Z_OK)
2778 2779 return (err);
2779 2780
2780 2781 cur = handle->zone_dh_cur;
2781 2782 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DEV_PERM, NULL);
2782 2783 if ((err = newprop(newnode, DTD_ATTR_NAME, (char *)name)) != Z_OK)
2783 2784 return (err);
2784 2785 (void) snprintf(buf, sizeof (buf), "%lu", uid);
2785 2786 if ((err = newprop(newnode, DTD_ATTR_UID, buf)) != Z_OK)
2786 2787 return (err);
2787 2788 (void) snprintf(buf, sizeof (buf), "%lu", gid);
2788 2789 if ((err = newprop(newnode, DTD_ATTR_GID, buf)) != Z_OK)
2789 2790 return (err);
2790 2791 (void) snprintf(buf, sizeof (buf), "%o", mode);
2791 2792 if ((err = newprop(newnode, DTD_ATTR_MODE, buf)) != Z_OK)
2792 2793 return (err);
2793 2794 if ((err = newprop(newnode, DTD_ATTR_ACL, (char *)acl)) != Z_OK)
2794 2795 return (err);
2795 2796 return (Z_OK);
2796 2797 }
2797 2798
2798 2799 /*
2799 2800 * This is the nftw call-back function used by zonecfg_dev_manifest. It is
2800 2801 * responsible for calling the actual call-back.
2801 2802 */
2802 2803 /* ARGSUSED2 */
2803 2804 static int
2804 2805 zonecfg_devwalk_cb(const char *path, const struct stat *st, int f,
2805 2806 struct FTW *ftw)
2806 2807 {
2807 2808 acl_t *acl;
2808 2809 char *acl_txt = NULL;
2809 2810
2810 2811 /* skip all but character and block devices */
2811 2812 if (!S_ISBLK(st->st_mode) && !S_ISCHR(st->st_mode))
2812 2813 return (0);
2813 2814
2814 2815 if ((acl_get(path, ACL_NO_TRIVIAL, &acl) == 0) &&
2815 2816 acl != NULL) {
2816 2817 acl_txt = acl_totext(acl, ACL_NORESOLVE);
2817 2818 acl_free(acl);
2818 2819 }
2819 2820
2820 2821 if (strlen(path) <= g_devwalk_skip_prefix)
2821 2822 return (0);
2822 2823
2823 2824 g_devwalk_cb(path + g_devwalk_skip_prefix, st->st_uid, st->st_gid,
2824 2825 st->st_mode & S_IAMB, acl_txt != NULL ? acl_txt : "",
2825 2826 g_devwalk_data);
2826 2827 free(acl_txt);
2827 2828 return (0);
2828 2829 }
2829 2830
2830 2831 /*
2831 2832 * Walk the dev tree for the zone specified by hdl and call the
2832 2833 * get_detach_dev_entry call-back function for each entry in the tree. The
2833 2834 * call-back will be passed the name, uid, gid, mode, acl string and the
2834 2835 * handle input parameter for each dev entry.
2835 2836 *
2836 2837 * Data is passed to get_detach_dev_entry through the global variables
2837 2838 * g_devwalk_data, *g_devwalk_cb, and g_devwalk_skip_prefix. The
2838 2839 * zonecfg_devwalk_cb function will actually call get_detach_dev_entry.
2839 2840 */
2840 2841 int
2841 2842 zonecfg_dev_manifest(zone_dochandle_t hdl)
2842 2843 {
2843 2844 char path[MAXPATHLEN];
2844 2845 int ret;
2845 2846
2846 2847 if ((ret = zonecfg_get_zonepath(hdl, path, sizeof (path))) != Z_OK)
2847 2848 return (ret);
2848 2849
2849 2850 if (strlcat(path, "/dev", sizeof (path)) >= sizeof (path))
2850 2851 return (Z_TOO_BIG);
2851 2852
2852 2853 /*
2853 2854 * We have to serialize all devwalks in the same process
2854 2855 * (which should be fine), since nftw() is so badly designed.
2855 2856 */
2856 2857 (void) pthread_mutex_lock(&zonecfg_devwalk_lock);
2857 2858
2858 2859 g_devwalk_skip_prefix = strlen(path) + 1;
2859 2860 g_devwalk_data = (g_devwalk_data_t)hdl;
2860 2861 g_devwalk_cb = get_detach_dev_entry;
2861 2862 (void) nftw(path, zonecfg_devwalk_cb, 0, FTW_PHYS);
2862 2863
2863 2864 (void) pthread_mutex_unlock(&zonecfg_devwalk_lock);
2864 2865 return (Z_OK);
2865 2866 }
2866 2867
2867 2868 /*
2868 2869 * Update the owner, group, mode and acl on the specified dev (inpath) for
2869 2870 * the zone (hdl). This function can be used to fix up the dev tree after
2870 2871 * attaching a migrated zone.
2871 2872 */
2872 2873 int
2873 2874 zonecfg_devperms_apply(zone_dochandle_t hdl, const char *inpath, uid_t owner,
2874 2875 gid_t group, mode_t mode, const char *acltxt)
2875 2876 {
2876 2877 int ret;
2877 2878 char path[MAXPATHLEN];
2878 2879 struct stat st;
2879 2880 acl_t *aclp;
2880 2881
2881 2882 if ((ret = zonecfg_get_zonepath(hdl, path, sizeof (path))) != Z_OK)
2882 2883 return (ret);
2883 2884
2884 2885 if (strlcat(path, "/dev/", sizeof (path)) >= sizeof (path))
2885 2886 return (Z_TOO_BIG);
2886 2887 if (strlcat(path, inpath, sizeof (path)) >= sizeof (path))
2887 2888 return (Z_TOO_BIG);
2888 2889
2889 2890 if (stat(path, &st) == -1)
2890 2891 return (Z_INVAL);
2891 2892
2892 2893 /* make sure we're only touching device nodes */
2893 2894 if (!S_ISCHR(st.st_mode) && !S_ISBLK(st.st_mode))
2894 2895 return (Z_INVAL);
2895 2896
2896 2897 if (chown(path, owner, group) == -1)
2897 2898 return (Z_SYSTEM);
2898 2899
2899 2900 if (chmod(path, mode) == -1)
2900 2901 return (Z_SYSTEM);
2901 2902
2902 2903 if ((acltxt == NULL) || (strcmp(acltxt, "") == 0))
2903 2904 return (Z_OK);
2904 2905
2905 2906 if (acl_fromtext(acltxt, &aclp) != 0) {
2906 2907 errno = EINVAL;
2907 2908 return (Z_SYSTEM);
2908 2909 }
2909 2910
2910 2911 errno = 0;
2911 2912 if (acl_set(path, aclp) == -1) {
2912 2913 free(aclp);
2913 2914 return (Z_SYSTEM);
2914 2915 }
2915 2916
2916 2917 free(aclp);
2917 2918 return (Z_OK);
2918 2919 }
2919 2920
2920 2921 /*
2921 2922 * This function finds everything mounted under a zone's rootpath.
2922 2923 * This returns the number of mounts under rootpath, or -1 on error.
2923 2924 * callback is called once per mount found with the first argument
2924 2925 * pointing to a mnttab structure containing the mount's information.
2925 2926 *
2926 2927 * If the callback function returns non-zero zonecfg_find_mounts
2927 2928 * aborts with an error.
2928 2929 */
2929 2930 int
2930 2931 zonecfg_find_mounts(char *rootpath, int (*callback)(const struct mnttab *,
2931 2932 void *), void *priv) {
2932 2933 FILE *mnttab;
2933 2934 struct mnttab m;
2934 2935 size_t l;
2935 2936 int zfsl;
2936 2937 int rv = 0;
2937 2938 char zfs_path[MAXPATHLEN];
2938 2939
2939 2940 assert(rootpath != NULL);
2940 2941
2941 2942 if ((zfsl = snprintf(zfs_path, sizeof (zfs_path), "%s/.zfs/", rootpath))
2942 2943 >= sizeof (zfs_path))
2943 2944 return (-1);
2944 2945
2945 2946 l = strlen(rootpath);
2946 2947
2947 2948 mnttab = fopen("/etc/mnttab", "r");
2948 2949
2949 2950 if (mnttab == NULL)
2950 2951 return (-1);
2951 2952
2952 2953 if (ioctl(fileno(mnttab), MNTIOC_SHOWHIDDEN, NULL) < 0) {
2953 2954 rv = -1;
2954 2955 goto out;
2955 2956 }
2956 2957
2957 2958 while (!getmntent(mnttab, &m)) {
2958 2959 if ((strncmp(rootpath, m.mnt_mountp, l) == 0) &&
2959 2960 (m.mnt_mountp[l] == '/') &&
2960 2961 (strncmp(zfs_path, m.mnt_mountp, zfsl) != 0)) {
2961 2962 rv++;
2962 2963 if (callback == NULL)
2963 2964 continue;
2964 2965 if (callback(&m, priv)) {
2965 2966 rv = -1;
2966 2967 goto out;
2967 2968
2968 2969 }
2969 2970 }
2970 2971 }
2971 2972
2972 2973 out:
2973 2974 (void) fclose(mnttab);
2974 2975 return (rv);
2975 2976 }
2976 2977
2977 2978 int
2978 2979 zonecfg_lookup_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
2979 2980 {
2980 2981 xmlNodePtr cur, firstmatch;
2981 2982 int err;
2982 2983 char name[MAXNAMELEN], type[MAXNAMELEN], value[MAXNAMELEN];
2983 2984
2984 2985 if (tabptr == NULL)
2985 2986 return (Z_INVAL);
2986 2987
2987 2988 if ((err = operation_prep(handle)) != Z_OK)
2988 2989 return (err);
2989 2990
2990 2991 cur = handle->zone_dh_cur;
2991 2992 firstmatch = NULL;
2992 2993 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2993 2994 if (xmlStrcmp(cur->name, DTD_ELEM_ATTR))
2994 2995 continue;
2995 2996 if (strlen(tabptr->zone_attr_name) > 0) {
2996 2997 if ((fetchprop(cur, DTD_ATTR_NAME, name,
2997 2998 sizeof (name)) == Z_OK) &&
2998 2999 (strcmp(tabptr->zone_attr_name, name) == 0)) {
2999 3000 if (firstmatch == NULL)
3000 3001 firstmatch = cur;
3001 3002 else
3002 3003 return (Z_INSUFFICIENT_SPEC);
3003 3004 }
3004 3005 }
3005 3006 if (strlen(tabptr->zone_attr_type) > 0) {
3006 3007 if ((fetchprop(cur, DTD_ATTR_TYPE, type,
3007 3008 sizeof (type)) == Z_OK)) {
3008 3009 if (strcmp(tabptr->zone_attr_type, type) == 0) {
3009 3010 if (firstmatch == NULL)
3010 3011 firstmatch = cur;
3011 3012 else if (firstmatch != cur)
3012 3013 return (Z_INSUFFICIENT_SPEC);
3013 3014 } else {
3014 3015 /*
3015 3016 * If another property matched but this
3016 3017 * one doesn't then reset firstmatch.
3017 3018 */
3018 3019 if (firstmatch == cur)
3019 3020 firstmatch = NULL;
3020 3021 }
3021 3022 }
3022 3023 }
3023 3024 if (strlen(tabptr->zone_attr_value) > 0) {
3024 3025 if ((fetchprop(cur, DTD_ATTR_VALUE, value,
3025 3026 sizeof (value)) == Z_OK)) {
3026 3027 if (strcmp(tabptr->zone_attr_value, value) ==
3027 3028 0) {
3028 3029 if (firstmatch == NULL)
3029 3030 firstmatch = cur;
3030 3031 else if (firstmatch != cur)
3031 3032 return (Z_INSUFFICIENT_SPEC);
3032 3033 } else {
3033 3034 /*
3034 3035 * If another property matched but this
3035 3036 * one doesn't then reset firstmatch.
3036 3037 */
3037 3038 if (firstmatch == cur)
3038 3039 firstmatch = NULL;
3039 3040 }
3040 3041 }
3041 3042 }
3042 3043 }
3043 3044 if (firstmatch == NULL)
3044 3045 return (Z_NO_RESOURCE_ID);
3045 3046
3046 3047 cur = firstmatch;
3047 3048
3048 3049 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_attr_name,
3049 3050 sizeof (tabptr->zone_attr_name))) != Z_OK)
3050 3051 return (err);
3051 3052
3052 3053 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_attr_type,
3053 3054 sizeof (tabptr->zone_attr_type))) != Z_OK)
3054 3055 return (err);
3055 3056
3056 3057 if ((err = fetchprop(cur, DTD_ATTR_VALUE, tabptr->zone_attr_value,
3057 3058 sizeof (tabptr->zone_attr_value))) != Z_OK)
3058 3059 return (err);
3059 3060
3060 3061 return (Z_OK);
3061 3062 }
3062 3063
3063 3064 static int
3064 3065 zonecfg_add_attr_core(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3065 3066 {
3066 3067 xmlNodePtr newnode, cur = handle->zone_dh_cur;
3067 3068 int err;
3068 3069
3069 3070 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_ATTR, NULL);
3070 3071 err = newprop(newnode, DTD_ATTR_NAME, tabptr->zone_attr_name);
3071 3072 if (err != Z_OK)
3072 3073 return (err);
3073 3074 err = newprop(newnode, DTD_ATTR_TYPE, tabptr->zone_attr_type);
3074 3075 if (err != Z_OK)
3075 3076 return (err);
3076 3077 err = newprop(newnode, DTD_ATTR_VALUE, tabptr->zone_attr_value);
3077 3078 if (err != Z_OK)
3078 3079 return (err);
3079 3080 return (Z_OK);
3080 3081 }
3081 3082
3082 3083 int
3083 3084 zonecfg_add_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3084 3085 {
3085 3086 int err;
3086 3087
3087 3088 if (tabptr == NULL)
3088 3089 return (Z_INVAL);
3089 3090
3090 3091 if ((err = operation_prep(handle)) != Z_OK)
3091 3092 return (err);
3092 3093
3093 3094 if ((err = zonecfg_add_attr_core(handle, tabptr)) != Z_OK)
3094 3095 return (err);
3095 3096
3096 3097 return (Z_OK);
3097 3098 }
3098 3099
3099 3100 static int
3100 3101 zonecfg_delete_attr_core(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3101 3102 {
3102 3103 xmlNodePtr cur = handle->zone_dh_cur;
3103 3104 int name_match, type_match, value_match;
3104 3105
3105 3106 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3106 3107 if (xmlStrcmp(cur->name, DTD_ELEM_ATTR))
3107 3108 continue;
3108 3109
3109 3110 name_match = match_prop(cur, DTD_ATTR_NAME,
3110 3111 tabptr->zone_attr_name);
3111 3112 type_match = match_prop(cur, DTD_ATTR_TYPE,
3112 3113 tabptr->zone_attr_type);
3113 3114 value_match = match_prop(cur, DTD_ATTR_VALUE,
3114 3115 tabptr->zone_attr_value);
3115 3116
3116 3117 if (name_match && type_match && value_match) {
3117 3118 xmlUnlinkNode(cur);
3118 3119 xmlFreeNode(cur);
3119 3120 return (Z_OK);
3120 3121 }
3121 3122 }
3122 3123 return (Z_NO_RESOURCE_ID);
3123 3124 }
3124 3125
3125 3126 int
3126 3127 zonecfg_delete_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3127 3128 {
3128 3129 int err;
3129 3130
3130 3131 if (tabptr == NULL)
3131 3132 return (Z_INVAL);
3132 3133
3133 3134 if ((err = operation_prep(handle)) != Z_OK)
3134 3135 return (err);
3135 3136
3136 3137 if ((err = zonecfg_delete_attr_core(handle, tabptr)) != Z_OK)
3137 3138 return (err);
3138 3139
3139 3140 return (Z_OK);
3140 3141 }
3141 3142
3142 3143 int
3143 3144 zonecfg_modify_attr(
3144 3145 zone_dochandle_t handle,
3145 3146 struct zone_attrtab *oldtabptr,
3146 3147 struct zone_attrtab *newtabptr)
3147 3148 {
3148 3149 int err;
3149 3150
3150 3151 if (oldtabptr == NULL || newtabptr == NULL)
3151 3152 return (Z_INVAL);
3152 3153
3153 3154 if ((err = operation_prep(handle)) != Z_OK)
3154 3155 return (err);
3155 3156
3156 3157 if ((err = zonecfg_delete_attr_core(handle, oldtabptr)) != Z_OK)
3157 3158 return (err);
3158 3159
3159 3160 if ((err = zonecfg_add_attr_core(handle, newtabptr)) != Z_OK)
3160 3161 return (err);
3161 3162
3162 3163 return (Z_OK);
3163 3164 }
3164 3165
3165 3166 int
3166 3167 zonecfg_get_attr_boolean(const struct zone_attrtab *attr, boolean_t *value)
3167 3168 {
3168 3169 if (attr == NULL)
3169 3170 return (Z_INVAL);
3170 3171
3171 3172 if (strcmp(attr->zone_attr_type, DTD_ENTITY_BOOLEAN) != 0)
3172 3173 return (Z_INVAL);
3173 3174
3174 3175 if (strcmp(attr->zone_attr_value, DTD_ENTITY_TRUE) == 0) {
3175 3176 *value = B_TRUE;
3176 3177 return (Z_OK);
3177 3178 }
3178 3179 if (strcmp(attr->zone_attr_value, DTD_ENTITY_FALSE) == 0) {
3179 3180 *value = B_FALSE;
3180 3181 return (Z_OK);
3181 3182 }
3182 3183 return (Z_INVAL);
3183 3184 }
3184 3185
3185 3186 int
3186 3187 zonecfg_get_attr_int(const struct zone_attrtab *attr, int64_t *value)
3187 3188 {
3188 3189 long long result;
3189 3190 char *endptr;
3190 3191
3191 3192 if (attr == NULL)
3192 3193 return (Z_INVAL);
3193 3194
3194 3195 if (strcmp(attr->zone_attr_type, DTD_ENTITY_INT) != 0)
3195 3196 return (Z_INVAL);
3196 3197
3197 3198 errno = 0;
3198 3199 result = strtoll(attr->zone_attr_value, &endptr, 10);
3199 3200 if (errno != 0 || *endptr != '\0')
3200 3201 return (Z_INVAL);
3201 3202 *value = result;
3202 3203 return (Z_OK);
3203 3204 }
3204 3205
3205 3206 int
3206 3207 zonecfg_get_attr_string(const struct zone_attrtab *attr, char *value,
3207 3208 size_t val_sz)
3208 3209 {
3209 3210 if (attr == NULL)
3210 3211 return (Z_INVAL);
3211 3212
3212 3213 if (strcmp(attr->zone_attr_type, DTD_ENTITY_STRING) != 0)
3213 3214 return (Z_INVAL);
3214 3215
3215 3216 if (strlcpy(value, attr->zone_attr_value, val_sz) >= val_sz)
3216 3217 return (Z_TOO_BIG);
3217 3218 return (Z_OK);
3218 3219 }
3219 3220
3220 3221 int
3221 3222 zonecfg_get_attr_uint(const struct zone_attrtab *attr, uint64_t *value)
3222 3223 {
3223 3224 unsigned long long result;
3224 3225 long long neg_result;
3225 3226 char *endptr;
3226 3227
3227 3228 if (attr == NULL)
3228 3229 return (Z_INVAL);
3229 3230
3230 3231 if (strcmp(attr->zone_attr_type, DTD_ENTITY_UINT) != 0)
3231 3232 return (Z_INVAL);
3232 3233
3233 3234 errno = 0;
3234 3235 result = strtoull(attr->zone_attr_value, &endptr, 10);
3235 3236 if (errno != 0 || *endptr != '\0')
3236 3237 return (Z_INVAL);
3237 3238 errno = 0;
3238 3239 neg_result = strtoll(attr->zone_attr_value, &endptr, 10);
3239 3240 /*
3240 3241 * Incredibly, strtoull("<negative number>", ...) will not fail but
3241 3242 * return whatever (negative) number cast as a u_longlong_t, so we
3242 3243 * need to look for this here.
3243 3244 */
3244 3245 if (errno == 0 && neg_result < 0)
3245 3246 return (Z_INVAL);
3246 3247 *value = result;
3247 3248 return (Z_OK);
3248 3249 }
3249 3250
3250 3251 int
3251 3252 zonecfg_lookup_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3252 3253 {
3253 3254 xmlNodePtr cur, val;
3254 3255 char savedname[MAXNAMELEN];
3255 3256 struct zone_rctlvaltab *valptr;
3256 3257 int err;
3257 3258
3258 3259 if (strlen(tabptr->zone_rctl_name) == 0)
3259 3260 return (Z_INVAL);
3260 3261
3261 3262 if ((err = operation_prep(handle)) != Z_OK)
3262 3263 return (err);
3263 3264
3264 3265 cur = handle->zone_dh_cur;
3265 3266 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3266 3267 if (xmlStrcmp(cur->name, DTD_ELEM_RCTL))
3267 3268 continue;
3268 3269 if ((fetchprop(cur, DTD_ATTR_NAME, savedname,
3269 3270 sizeof (savedname)) == Z_OK) &&
3270 3271 (strcmp(savedname, tabptr->zone_rctl_name) == 0)) {
3271 3272 tabptr->zone_rctl_valptr = NULL;
3272 3273 for (val = cur->xmlChildrenNode; val != NULL;
3273 3274 val = val->next) {
3274 3275 valptr = (struct zone_rctlvaltab *)malloc(
3275 3276 sizeof (struct zone_rctlvaltab));
3276 3277 if (valptr == NULL)
3277 3278 return (Z_NOMEM);
3278 3279 if ((fetchprop(val, DTD_ATTR_PRIV,
3279 3280 valptr->zone_rctlval_priv,
3280 3281 sizeof (valptr->zone_rctlval_priv)) !=
3281 3282 Z_OK))
3282 3283 break;
3283 3284 if ((fetchprop(val, DTD_ATTR_LIMIT,
3284 3285 valptr->zone_rctlval_limit,
3285 3286 sizeof (valptr->zone_rctlval_limit)) !=
3286 3287 Z_OK))
3287 3288 break;
3288 3289 if ((fetchprop(val, DTD_ATTR_ACTION,
3289 3290 valptr->zone_rctlval_action,
3290 3291 sizeof (valptr->zone_rctlval_action)) !=
3291 3292 Z_OK))
3292 3293 break;
3293 3294 if (zonecfg_add_rctl_value(tabptr, valptr) !=
3294 3295 Z_OK)
3295 3296 break;
3296 3297 }
3297 3298 return (Z_OK);
3298 3299 }
3299 3300 }
3300 3301 return (Z_NO_RESOURCE_ID);
3301 3302 }
3302 3303
3303 3304 static int
3304 3305 zonecfg_add_rctl_core(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3305 3306 {
3306 3307 xmlNodePtr newnode, cur = handle->zone_dh_cur, valnode;
3307 3308 struct zone_rctlvaltab *valptr;
3308 3309 int err;
3309 3310
3310 3311 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_RCTL, NULL);
3311 3312 err = newprop(newnode, DTD_ATTR_NAME, tabptr->zone_rctl_name);
3312 3313 if (err != Z_OK)
3313 3314 return (err);
3314 3315 for (valptr = tabptr->zone_rctl_valptr; valptr != NULL;
3315 3316 valptr = valptr->zone_rctlval_next) {
3316 3317 valnode = xmlNewTextChild(newnode, NULL,
3317 3318 DTD_ELEM_RCTLVALUE, NULL);
3318 3319 err = newprop(valnode, DTD_ATTR_PRIV,
3319 3320 valptr->zone_rctlval_priv);
3320 3321 if (err != Z_OK)
3321 3322 return (err);
3322 3323 err = newprop(valnode, DTD_ATTR_LIMIT,
3323 3324 valptr->zone_rctlval_limit);
3324 3325 if (err != Z_OK)
3325 3326 return (err);
3326 3327 err = newprop(valnode, DTD_ATTR_ACTION,
3327 3328 valptr->zone_rctlval_action);
3328 3329 if (err != Z_OK)
3329 3330 return (err);
3330 3331 }
3331 3332 return (Z_OK);
3332 3333 }
3333 3334
3334 3335 int
3335 3336 zonecfg_add_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3336 3337 {
3337 3338 int err;
3338 3339
3339 3340 if (tabptr == NULL)
3340 3341 return (Z_INVAL);
3341 3342
3342 3343 if ((err = operation_prep(handle)) != Z_OK)
3343 3344 return (err);
3344 3345
3345 3346 if ((err = zonecfg_add_rctl_core(handle, tabptr)) != Z_OK)
3346 3347 return (err);
3347 3348
3348 3349 return (Z_OK);
3349 3350 }
3350 3351
3351 3352 static int
3352 3353 zonecfg_delete_rctl_core(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3353 3354 {
3354 3355 xmlNodePtr cur = handle->zone_dh_cur;
3355 3356 xmlChar *savedname;
3356 3357 int name_result;
3357 3358
3358 3359 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3359 3360 if (xmlStrcmp(cur->name, DTD_ELEM_RCTL))
3360 3361 continue;
3361 3362
3362 3363 savedname = xmlGetProp(cur, DTD_ATTR_NAME);
3363 3364 if (savedname == NULL) /* shouldn't happen */
3364 3365 continue;
3365 3366 name_result = xmlStrcmp(savedname,
3366 3367 (const xmlChar *) tabptr->zone_rctl_name);
3367 3368 xmlFree(savedname);
3368 3369
3369 3370 if (name_result == 0) {
3370 3371 xmlUnlinkNode(cur);
3371 3372 xmlFreeNode(cur);
3372 3373 return (Z_OK);
3373 3374 }
3374 3375 }
3375 3376 return (Z_NO_RESOURCE_ID);
3376 3377 }
3377 3378
3378 3379 int
3379 3380 zonecfg_delete_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3380 3381 {
3381 3382 int err;
3382 3383
3383 3384 if (tabptr == NULL)
3384 3385 return (Z_INVAL);
3385 3386
3386 3387 if ((err = operation_prep(handle)) != Z_OK)
3387 3388 return (err);
3388 3389
3389 3390 if ((err = zonecfg_delete_rctl_core(handle, tabptr)) != Z_OK)
3390 3391 return (err);
3391 3392
3392 3393 return (Z_OK);
3393 3394 }
3394 3395
3395 3396 int
3396 3397 zonecfg_modify_rctl(
3397 3398 zone_dochandle_t handle,
3398 3399 struct zone_rctltab *oldtabptr,
3399 3400 struct zone_rctltab *newtabptr)
3400 3401 {
3401 3402 int err;
3402 3403
3403 3404 if (oldtabptr == NULL || newtabptr == NULL)
3404 3405 return (Z_INVAL);
3405 3406
3406 3407 if ((err = operation_prep(handle)) != Z_OK)
3407 3408 return (err);
3408 3409
3409 3410 if ((err = zonecfg_delete_rctl_core(handle, oldtabptr)) != Z_OK)
3410 3411 return (err);
3411 3412
3412 3413 if ((err = zonecfg_add_rctl_core(handle, newtabptr)) != Z_OK)
3413 3414 return (err);
3414 3415
3415 3416 return (Z_OK);
3416 3417 }
3417 3418
3418 3419 int
3419 3420 zonecfg_add_rctl_value(
3420 3421 struct zone_rctltab *tabptr,
3421 3422 struct zone_rctlvaltab *valtabptr)
3422 3423 {
3423 3424 struct zone_rctlvaltab *last, *old, *new;
3424 3425 rctlblk_t *rctlblk = alloca(rctlblk_size());
3425 3426
3426 3427 last = tabptr->zone_rctl_valptr;
3427 3428 for (old = last; old != NULL; old = old->zone_rctlval_next)
3428 3429 last = old; /* walk to the end of the list */
3429 3430 new = valtabptr; /* alloc'd by caller */
3430 3431 new->zone_rctlval_next = NULL;
3431 3432 if (zonecfg_construct_rctlblk(valtabptr, rctlblk) != Z_OK)
3432 3433 return (Z_INVAL);
3433 3434 if (!zonecfg_valid_rctlblk(rctlblk))
3434 3435 return (Z_INVAL);
3435 3436 if (last == NULL)
3436 3437 tabptr->zone_rctl_valptr = new;
3437 3438 else
3438 3439 last->zone_rctlval_next = new;
3439 3440 return (Z_OK);
3440 3441 }
3441 3442
3442 3443 int
3443 3444 zonecfg_remove_rctl_value(
3444 3445 struct zone_rctltab *tabptr,
3445 3446 struct zone_rctlvaltab *valtabptr)
3446 3447 {
3447 3448 struct zone_rctlvaltab *last, *this, *next;
3448 3449
3449 3450 last = tabptr->zone_rctl_valptr;
3450 3451 for (this = last; this != NULL; this = this->zone_rctlval_next) {
3451 3452 if (strcmp(this->zone_rctlval_priv,
3452 3453 valtabptr->zone_rctlval_priv) == 0 &&
3453 3454 strcmp(this->zone_rctlval_limit,
3454 3455 valtabptr->zone_rctlval_limit) == 0 &&
3455 3456 strcmp(this->zone_rctlval_action,
3456 3457 valtabptr->zone_rctlval_action) == 0) {
3457 3458 next = this->zone_rctlval_next;
3458 3459 if (this == tabptr->zone_rctl_valptr)
3459 3460 tabptr->zone_rctl_valptr = next;
3460 3461 else
3461 3462 last->zone_rctlval_next = next;
3462 3463 free(this);
3463 3464 return (Z_OK);
3464 3465 } else
3465 3466 last = this;
3466 3467 }
3467 3468 return (Z_NO_PROPERTY_ID);
3468 3469 }
3469 3470
3470 3471 void
3471 3472 zonecfg_set_swinv(zone_dochandle_t handle)
3472 3473 {
3473 3474 handle->zone_dh_sw_inv = B_TRUE;
3474 3475 }
3475 3476
3476 3477 /*
3477 3478 * Add the pkg to the sw inventory on the handle.
3478 3479 */
3479 3480 int
3480 3481 zonecfg_add_pkg(zone_dochandle_t handle, char *name, char *version)
3481 3482 {
3482 3483 xmlNodePtr newnode;
3483 3484 xmlNodePtr cur;
3484 3485 int err;
3485 3486
3486 3487 if ((err = operation_prep(handle)) != Z_OK)
3487 3488 return (err);
3488 3489
3489 3490 cur = handle->zone_dh_cur;
3490 3491 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_PACKAGE, NULL);
3491 3492 if ((err = newprop(newnode, DTD_ATTR_NAME, name)) != Z_OK)
3492 3493 return (err);
3493 3494 if ((err = newprop(newnode, DTD_ATTR_VERSION, version)) != Z_OK)
3494 3495 return (err);
3495 3496 return (Z_OK);
3496 3497 }
3497 3498
3498 3499 char *
3499 3500 zonecfg_strerror(int errnum)
3500 3501 {
3501 3502 switch (errnum) {
3502 3503 case Z_OK:
3503 3504 return (dgettext(TEXT_DOMAIN, "OK"));
3504 3505 case Z_EMPTY_DOCUMENT:
3505 3506 return (dgettext(TEXT_DOMAIN, "Empty document"));
3506 3507 case Z_WRONG_DOC_TYPE:
3507 3508 return (dgettext(TEXT_DOMAIN, "Wrong document type"));
3508 3509 case Z_BAD_PROPERTY:
3509 3510 return (dgettext(TEXT_DOMAIN, "Bad document property"));
3510 3511 case Z_TEMP_FILE:
3511 3512 return (dgettext(TEXT_DOMAIN,
3512 3513 "Problem creating temporary file"));
3513 3514 case Z_SAVING_FILE:
3514 3515 return (dgettext(TEXT_DOMAIN, "Problem saving file"));
3515 3516 case Z_NO_ENTRY:
3516 3517 return (dgettext(TEXT_DOMAIN, "No such entry"));
3517 3518 case Z_BOGUS_ZONE_NAME:
3518 3519 return (dgettext(TEXT_DOMAIN, "Bogus zone name"));
3519 3520 case Z_REQD_RESOURCE_MISSING:
3520 3521 return (dgettext(TEXT_DOMAIN, "Required resource missing"));
3521 3522 case Z_REQD_PROPERTY_MISSING:
3522 3523 return (dgettext(TEXT_DOMAIN, "Required property missing"));
3523 3524 case Z_BAD_HANDLE:
3524 3525 return (dgettext(TEXT_DOMAIN, "Bad handle"));
3525 3526 case Z_NOMEM:
3526 3527 return (dgettext(TEXT_DOMAIN, "Out of memory"));
3527 3528 case Z_INVAL:
3528 3529 return (dgettext(TEXT_DOMAIN, "Invalid argument"));
3529 3530 case Z_ACCES:
3530 3531 return (dgettext(TEXT_DOMAIN, "Permission denied"));
3531 3532 case Z_TOO_BIG:
3532 3533 return (dgettext(TEXT_DOMAIN, "Argument list too long"));
3533 3534 case Z_MISC_FS:
3534 3535 return (dgettext(TEXT_DOMAIN,
3535 3536 "Miscellaneous file system error"));
3536 3537 case Z_NO_ZONE:
3537 3538 return (dgettext(TEXT_DOMAIN, "No such zone configured"));
3538 3539 case Z_NO_RESOURCE_TYPE:
3539 3540 return (dgettext(TEXT_DOMAIN, "No such resource type"));
3540 3541 case Z_NO_RESOURCE_ID:
3541 3542 return (dgettext(TEXT_DOMAIN, "No such resource with that id"));
3542 3543 case Z_NO_PROPERTY_TYPE:
3543 3544 return (dgettext(TEXT_DOMAIN, "No such property type"));
3544 3545 case Z_NO_PROPERTY_ID:
3545 3546 return (dgettext(TEXT_DOMAIN, "No such property with that id"));
3546 3547 case Z_BAD_ZONE_STATE:
3547 3548 return (dgettext(TEXT_DOMAIN,
3548 3549 "Zone state is invalid for the requested operation"));
3549 3550 case Z_INVALID_DOCUMENT:
3550 3551 return (dgettext(TEXT_DOMAIN, "Invalid document"));
3551 3552 case Z_NAME_IN_USE:
3552 3553 return (dgettext(TEXT_DOMAIN, "Zone name already in use"));
3553 3554 case Z_NO_SUCH_ID:
3554 3555 return (dgettext(TEXT_DOMAIN, "No such zone ID"));
3555 3556 case Z_UPDATING_INDEX:
3556 3557 return (dgettext(TEXT_DOMAIN, "Problem updating index file"));
3557 3558 case Z_LOCKING_FILE:
3558 3559 return (dgettext(TEXT_DOMAIN, "Locking index file"));
3559 3560 case Z_UNLOCKING_FILE:
3560 3561 return (dgettext(TEXT_DOMAIN, "Unlocking index file"));
3561 3562 case Z_INSUFFICIENT_SPEC:
3562 3563 return (dgettext(TEXT_DOMAIN, "Insufficient specification"));
3563 3564 case Z_RESOLVED_PATH:
3564 3565 return (dgettext(TEXT_DOMAIN, "Resolved path mismatch"));
3565 3566 case Z_IPV6_ADDR_PREFIX_LEN:
3566 3567 return (dgettext(TEXT_DOMAIN,
3567 3568 "IPv6 address missing required prefix length"));
3568 3569 case Z_BOGUS_ADDRESS:
3569 3570 return (dgettext(TEXT_DOMAIN,
3570 3571 "Neither an IPv4 nor an IPv6 address nor a host name"));
3571 3572 case Z_PRIV_PROHIBITED:
3572 3573 return (dgettext(TEXT_DOMAIN,
3573 3574 "Specified privilege is prohibited"));
3574 3575 case Z_PRIV_REQUIRED:
3575 3576 return (dgettext(TEXT_DOMAIN,
3576 3577 "Required privilege is missing"));
3577 3578 case Z_PRIV_UNKNOWN:
3578 3579 return (dgettext(TEXT_DOMAIN,
3579 3580 "Specified privilege is unknown"));
3580 3581 case Z_BRAND_ERROR:
3581 3582 return (dgettext(TEXT_DOMAIN,
3582 3583 "Brand-specific error"));
3583 3584 case Z_INCOMPATIBLE:
3584 3585 return (dgettext(TEXT_DOMAIN, "Incompatible settings"));
3585 3586 case Z_ALIAS_DISALLOW:
3586 3587 return (dgettext(TEXT_DOMAIN,
3587 3588 "An incompatible rctl already exists for this property"));
3588 3589 case Z_CLEAR_DISALLOW:
3589 3590 return (dgettext(TEXT_DOMAIN,
3590 3591 "Clearing this property is not allowed"));
3591 3592 case Z_POOL:
3592 3593 return (dgettext(TEXT_DOMAIN, "libpool(3LIB) error"));
3593 3594 case Z_POOLS_NOT_ACTIVE:
3594 3595 return (dgettext(TEXT_DOMAIN, "Pools facility not active; "
3595 3596 "zone will not be bound to pool"));
3596 3597 case Z_POOL_ENABLE:
3597 3598 return (dgettext(TEXT_DOMAIN,
3598 3599 "Could not enable pools facility"));
3599 3600 case Z_NO_POOL:
3600 3601 return (dgettext(TEXT_DOMAIN,
3601 3602 "Pool not found; using default pool"));
3602 3603 case Z_POOL_CREATE:
3603 3604 return (dgettext(TEXT_DOMAIN,
3604 3605 "Could not create a temporary pool"));
3605 3606 case Z_POOL_BIND:
3606 3607 return (dgettext(TEXT_DOMAIN, "Could not bind zone to pool"));
3607 3608 case Z_INVALID_PROPERTY:
3608 3609 return (dgettext(TEXT_DOMAIN, "Specified property is invalid"));
3609 3610 case Z_SYSTEM:
3610 3611 return (strerror(errno));
3611 3612 default:
3612 3613 return (dgettext(TEXT_DOMAIN, "Unknown error"));
3613 3614 }
3614 3615 }
3615 3616
3616 3617 /*
3617 3618 * Note that the zonecfg_setXent() and zonecfg_endXent() calls are all the
3618 3619 * same, as they just turn around and call zonecfg_setent() / zonecfg_endent().
3619 3620 */
3620 3621
3621 3622 static int
3622 3623 zonecfg_setent(zone_dochandle_t handle)
3623 3624 {
3624 3625 xmlNodePtr cur;
3625 3626 int err;
3626 3627
3627 3628 if (handle == NULL)
3628 3629 return (Z_INVAL);
3629 3630
3630 3631 if ((err = operation_prep(handle)) != Z_OK) {
3631 3632 handle->zone_dh_cur = NULL;
3632 3633 return (err);
3633 3634 }
3634 3635 cur = handle->zone_dh_cur;
3635 3636 cur = cur->xmlChildrenNode;
3636 3637 handle->zone_dh_cur = cur;
3637 3638 return (Z_OK);
3638 3639 }
3639 3640
3640 3641 static int
3641 3642 zonecfg_endent(zone_dochandle_t handle)
3642 3643 {
3643 3644 if (handle == NULL)
3644 3645 return (Z_INVAL);
3645 3646
3646 3647 handle->zone_dh_cur = handle->zone_dh_top;
3647 3648 return (Z_OK);
3648 3649 }
3649 3650
3650 3651 /*
3651 3652 * Do the work required to manipulate a process through libproc.
3652 3653 * If grab_process() returns no errors (0), then release_process()
3653 3654 * must eventually be called.
3654 3655 *
3655 3656 * Return values:
3656 3657 * 0 Successful creation of agent thread
3657 3658 * 1 Error grabbing
3658 3659 * 2 Error creating agent
3659 3660 */
3660 3661 static int
3661 3662 grab_process(pr_info_handle_t *p)
3662 3663 {
3663 3664 int ret;
3664 3665
3665 3666 if ((p->pr = Pgrab(p->pid, 0, &ret)) != NULL) {
3666 3667
3667 3668 if (Psetflags(p->pr, PR_RLC) != 0) {
3668 3669 Prelease(p->pr, 0);
3669 3670 return (1);
3670 3671 }
3671 3672 if (Pcreate_agent(p->pr) == 0) {
3672 3673 return (0);
3673 3674
3674 3675 } else {
3675 3676 Prelease(p->pr, 0);
3676 3677 return (2);
3677 3678 }
3678 3679 } else {
3679 3680 return (1);
3680 3681 }
3681 3682 }
3682 3683
3683 3684 /*
3684 3685 * Release the specified process. This destroys the agent
3685 3686 * and releases the process. If the process is NULL, nothing
3686 3687 * is done. This function should only be called if grab_process()
3687 3688 * has previously been called and returned success.
3688 3689 *
3689 3690 * This function is Pgrab-safe.
3690 3691 */
3691 3692 static void
3692 3693 release_process(struct ps_prochandle *Pr)
3693 3694 {
3694 3695 if (Pr == NULL)
3695 3696 return;
3696 3697
3697 3698 Pdestroy_agent(Pr);
3698 3699 Prelease(Pr, 0);
3699 3700 }
3700 3701
3701 3702 static boolean_t
3702 3703 grab_zone_proc(char *zonename, pr_info_handle_t *p)
3703 3704 {
3704 3705 DIR *dirp;
3705 3706 struct dirent *dentp;
3706 3707 zoneid_t zoneid;
3707 3708 int pid_self;
3708 3709 psinfo_t psinfo;
3709 3710
3710 3711 if (zone_get_id(zonename, &zoneid) != 0)
3711 3712 return (B_FALSE);
3712 3713
3713 3714 pid_self = getpid();
3714 3715
3715 3716 if ((dirp = opendir("/proc")) == NULL)
3716 3717 return (B_FALSE);
3717 3718
3718 3719 while (dentp = readdir(dirp)) {
3719 3720 p->pid = atoi(dentp->d_name);
3720 3721
3721 3722 /* Skip self */
3722 3723 if (p->pid == pid_self)
3723 3724 continue;
3724 3725
3725 3726 if (proc_get_psinfo(p->pid, &psinfo) != 0)
3726 3727 continue;
3727 3728
3728 3729 if (psinfo.pr_zoneid != zoneid)
3729 3730 continue;
3730 3731
3731 3732 /* attempt to grab process */
3732 3733 if (grab_process(p) != 0)
3733 3734 continue;
3734 3735
3735 3736 if (pr_getzoneid(p->pr) != zoneid) {
3736 3737 release_process(p->pr);
3737 3738 continue;
3738 3739 }
3739 3740
3740 3741 (void) closedir(dirp);
3741 3742 return (B_TRUE);
3742 3743 }
3743 3744
3744 3745 (void) closedir(dirp);
3745 3746 return (B_FALSE);
3746 3747 }
3747 3748
3748 3749 static boolean_t
3749 3750 get_priv_rctl(struct ps_prochandle *pr, char *name, rctlblk_t *rblk)
3750 3751 {
3751 3752 if (pr_getrctl(pr, name, NULL, rblk, RCTL_FIRST))
3752 3753 return (B_FALSE);
3753 3754
3754 3755 if (rctlblk_get_privilege(rblk) == RCPRIV_PRIVILEGED)
3755 3756 return (B_TRUE);
3756 3757
3757 3758 while (pr_getrctl(pr, name, rblk, rblk, RCTL_NEXT) == 0) {
3758 3759 if (rctlblk_get_privilege(rblk) == RCPRIV_PRIVILEGED)
3759 3760 return (B_TRUE);
3760 3761 }
3761 3762
3762 3763 return (B_FALSE);
3763 3764 }
3764 3765
3765 3766 /*
3766 3767 * Apply the current rctl settings to the specified, running zone.
3767 3768 */
3768 3769 int
3769 3770 zonecfg_apply_rctls(char *zone_name, zone_dochandle_t handle)
3770 3771 {
3771 3772 int err;
3772 3773 int res = Z_OK;
3773 3774 rctlblk_t *rblk;
3774 3775 pr_info_handle_t p;
3775 3776 struct zone_rctltab rctl;
3776 3777
3777 3778 if ((err = zonecfg_setrctlent(handle)) != Z_OK)
3778 3779 return (err);
3779 3780
3780 3781 if ((rblk = (rctlblk_t *)malloc(rctlblk_size())) == NULL) {
3781 3782 (void) zonecfg_endrctlent(handle);
3782 3783 return (Z_NOMEM);
3783 3784 }
3784 3785
3785 3786 if (!grab_zone_proc(zone_name, &p)) {
3786 3787 (void) zonecfg_endrctlent(handle);
3787 3788 free(rblk);
3788 3789 return (Z_SYSTEM);
3789 3790 }
3790 3791
3791 3792 while (zonecfg_getrctlent(handle, &rctl) == Z_OK) {
3792 3793 char *rname;
3793 3794 struct zone_rctlvaltab *valptr;
3794 3795
3795 3796 rname = rctl.zone_rctl_name;
3796 3797
3797 3798 /* first delete all current privileged settings for this rctl */
3798 3799 while (get_priv_rctl(p.pr, rname, rblk)) {
3799 3800 if (pr_setrctl(p.pr, rname, NULL, rblk, RCTL_DELETE) !=
3800 3801 0) {
3801 3802 res = Z_SYSTEM;
3802 3803 goto done;
3803 3804 }
3804 3805 }
3805 3806
3806 3807 /* now set each new value for the rctl */
3807 3808 for (valptr = rctl.zone_rctl_valptr; valptr != NULL;
3808 3809 valptr = valptr->zone_rctlval_next) {
3809 3810 if ((err = zonecfg_construct_rctlblk(valptr, rblk))
3810 3811 != Z_OK) {
3811 3812 res = errno = err;
3812 3813 goto done;
3813 3814 }
3814 3815
3815 3816 if (pr_setrctl(p.pr, rname, NULL, rblk, RCTL_INSERT)) {
3816 3817 res = Z_SYSTEM;
3817 3818 goto done;
3818 3819 }
3819 3820 }
3820 3821 }
3821 3822
3822 3823 done:
3823 3824 release_process(p.pr);
3824 3825 free(rblk);
3825 3826 (void) zonecfg_endrctlent(handle);
3826 3827
3827 3828 return (res);
3828 3829 }
3829 3830
3830 3831 static const xmlChar *
3831 3832 nm_to_dtd(char *nm)
3832 3833 {
3833 3834 if (strcmp(nm, "device") == 0)
3834 3835 return (DTD_ELEM_DEVICE);
3835 3836 if (strcmp(nm, "fs") == 0)
3836 3837 return (DTD_ELEM_FS);
3837 3838 if (strcmp(nm, "net") == 0)
3838 3839 return (DTD_ELEM_NET);
3839 3840 if (strcmp(nm, "attr") == 0)
3840 3841 return (DTD_ELEM_ATTR);
3841 3842 if (strcmp(nm, "rctl") == 0)
3842 3843 return (DTD_ELEM_RCTL);
3843 3844 if (strcmp(nm, "dataset") == 0)
3844 3845 return (DTD_ELEM_DATASET);
3845 3846 if (strcmp(nm, "admin") == 0)
3846 3847 return (DTD_ELEM_ADMIN);
3847 3848
3848 3849 return (NULL);
3849 3850 }
3850 3851
3851 3852 int
3852 3853 zonecfg_num_resources(zone_dochandle_t handle, char *rsrc)
3853 3854 {
3854 3855 int num = 0;
3855 3856 const xmlChar *dtd;
3856 3857 xmlNodePtr cur;
3857 3858
3858 3859 if ((dtd = nm_to_dtd(rsrc)) == NULL)
3859 3860 return (num);
3860 3861
3861 3862 if (zonecfg_setent(handle) != Z_OK)
3862 3863 return (num);
3863 3864
3864 3865 for (cur = handle->zone_dh_cur; cur != NULL; cur = cur->next)
3865 3866 if (xmlStrcmp(cur->name, dtd) == 0)
3866 3867 num++;
3867 3868
3868 3869 (void) zonecfg_endent(handle);
3869 3870
3870 3871 return (num);
3871 3872 }
3872 3873
3873 3874 int
3874 3875 zonecfg_del_all_resources(zone_dochandle_t handle, char *rsrc)
3875 3876 {
3876 3877 int err;
3877 3878 const xmlChar *dtd;
3878 3879 xmlNodePtr cur;
3879 3880
3880 3881 if ((dtd = nm_to_dtd(rsrc)) == NULL)
3881 3882 return (Z_NO_RESOURCE_TYPE);
3882 3883
3883 3884 if ((err = zonecfg_setent(handle)) != Z_OK)
3884 3885 return (err);
3885 3886
3886 3887 cur = handle->zone_dh_cur;
3887 3888 while (cur != NULL) {
3888 3889 xmlNodePtr tmp;
3889 3890
3890 3891 if (xmlStrcmp(cur->name, dtd)) {
3891 3892 cur = cur->next;
3892 3893 continue;
3893 3894 }
3894 3895
3895 3896 tmp = cur->next;
3896 3897 xmlUnlinkNode(cur);
3897 3898 xmlFreeNode(cur);
3898 3899 cur = tmp;
3899 3900 }
3900 3901
3901 3902 (void) zonecfg_endent(handle);
3902 3903 return (Z_OK);
3903 3904 }
3904 3905
3905 3906 static boolean_t
3906 3907 valid_uint(char *s, uint64_t *n)
3907 3908 {
3908 3909 char *endp;
3909 3910
3910 3911 /* strtoull accepts '-'?! so we want to flag that as an error */
3911 3912 if (strchr(s, '-') != NULL)
3912 3913 return (B_FALSE);
3913 3914
3914 3915 errno = 0;
3915 3916 *n = strtoull(s, &endp, 10);
3916 3917
3917 3918 if (errno != 0 || *endp != '\0')
3918 3919 return (B_FALSE);
3919 3920 return (B_TRUE);
3920 3921 }
3921 3922
3922 3923 /*
3923 3924 * Convert a string representing a number (possibly a fraction) into an integer.
3924 3925 * The string can have a modifier (K, M, G or T). The modifiers are treated
3925 3926 * as powers of two (not 10).
3926 3927 */
3927 3928 int
3928 3929 zonecfg_str_to_bytes(char *str, uint64_t *bytes)
3929 3930 {
3930 3931 long double val;
3931 3932 char *unitp;
3932 3933 uint64_t scale;
3933 3934
3934 3935 if ((val = strtold(str, &unitp)) < 0)
3935 3936 return (-1);
3936 3937
3937 3938 /* remove any leading white space from units string */
3938 3939 while (isspace(*unitp) != 0)
3939 3940 ++unitp;
3940 3941
3941 3942 /* if no units explicitly set, error */
3942 3943 if (unitp == NULL || *unitp == '\0') {
3943 3944 scale = 1;
3944 3945 } else {
3945 3946 int i;
3946 3947 char *units[] = {"K", "M", "G", "T", NULL};
3947 3948
3948 3949 scale = 1024;
3949 3950
3950 3951 /* update scale based on units */
3951 3952 for (i = 0; units[i] != NULL; i++) {
3952 3953 if (strcasecmp(unitp, units[i]) == 0)
3953 3954 break;
3954 3955 scale <<= 10;
3955 3956 }
3956 3957
3957 3958 if (units[i] == NULL)
3958 3959 return (-1);
3959 3960 }
3960 3961
3961 3962 *bytes = (uint64_t)(val * scale);
3962 3963 return (0);
3963 3964 }
3964 3965
3965 3966 boolean_t
3966 3967 zonecfg_valid_ncpus(char *lowstr, char *highstr)
3967 3968 {
3968 3969 uint64_t low, high;
3969 3970
3970 3971 if (!valid_uint(lowstr, &low) || !valid_uint(highstr, &high) ||
3971 3972 low < 1 || low > high)
3972 3973 return (B_FALSE);
3973 3974
3974 3975 return (B_TRUE);
3975 3976 }
3976 3977
3977 3978 boolean_t
3978 3979 zonecfg_valid_importance(char *impstr)
3979 3980 {
3980 3981 uint64_t num;
3981 3982
3982 3983 if (!valid_uint(impstr, &num))
3983 3984 return (B_FALSE);
3984 3985
3985 3986 return (B_TRUE);
3986 3987 }
3987 3988
3988 3989 boolean_t
3989 3990 zonecfg_valid_alias_limit(char *name, char *limitstr, uint64_t *limit)
3990 3991 {
3991 3992 int i;
3992 3993
3993 3994 for (i = 0; aliases[i].shortname != NULL; i++)
3994 3995 if (strcmp(name, aliases[i].shortname) == 0)
3995 3996 break;
3996 3997
3997 3998 if (aliases[i].shortname == NULL)
3998 3999 return (B_FALSE);
3999 4000
4000 4001 if (!valid_uint(limitstr, limit) || *limit < aliases[i].low_limit)
4001 4002 return (B_FALSE);
4002 4003
4003 4004 return (B_TRUE);
4004 4005 }
4005 4006
4006 4007 boolean_t
4007 4008 zonecfg_valid_memlimit(char *memstr, uint64_t *mem_val)
4008 4009 {
4009 4010 if (zonecfg_str_to_bytes(memstr, mem_val) != 0)
4010 4011 return (B_FALSE);
4011 4012
4012 4013 return (B_TRUE);
4013 4014 }
4014 4015
4015 4016 static int
4016 4017 zerr_pool(char *pool_err, int err_size, int res)
4017 4018 {
4018 4019 (void) strlcpy(pool_err, pool_strerror(pool_error()), err_size);
4019 4020 return (res);
4020 4021 }
4021 4022
4022 4023 static int
4023 4024 create_tmp_pset(char *pool_err, int err_size, pool_conf_t *pconf, pool_t *pool,
4024 4025 char *name, int min, int max)
4025 4026 {
4026 4027 pool_resource_t *res;
4027 4028 pool_elem_t *elem;
4028 4029 pool_value_t *val;
4029 4030
4030 4031 if ((res = pool_resource_create(pconf, "pset", name)) == NULL)
4031 4032 return (zerr_pool(pool_err, err_size, Z_POOL));
4032 4033
4033 4034 if (pool_associate(pconf, pool, res) != PO_SUCCESS)
4034 4035 return (zerr_pool(pool_err, err_size, Z_POOL));
4035 4036
4036 4037 if ((elem = pool_resource_to_elem(pconf, res)) == NULL)
4037 4038 return (zerr_pool(pool_err, err_size, Z_POOL));
4038 4039
4039 4040 if ((val = pool_value_alloc()) == NULL)
4040 4041 return (zerr_pool(pool_err, err_size, Z_POOL));
4041 4042
4042 4043 /* set the maximum number of cpus for the pset */
4043 4044 pool_value_set_uint64(val, (uint64_t)max);
4044 4045
4045 4046 if (pool_put_property(pconf, elem, "pset.max", val) != PO_SUCCESS) {
4046 4047 pool_value_free(val);
4047 4048 return (zerr_pool(pool_err, err_size, Z_POOL));
4048 4049 }
4049 4050
4050 4051 /* set the minimum number of cpus for the pset */
4051 4052 pool_value_set_uint64(val, (uint64_t)min);
4052 4053
4053 4054 if (pool_put_property(pconf, elem, "pset.min", val) != PO_SUCCESS) {
4054 4055 pool_value_free(val);
4055 4056 return (zerr_pool(pool_err, err_size, Z_POOL));
4056 4057 }
4057 4058
4058 4059 pool_value_free(val);
4059 4060
4060 4061 return (Z_OK);
4061 4062 }
4062 4063
4063 4064 static int
4064 4065 create_tmp_pool(char *pool_err, int err_size, pool_conf_t *pconf, char *name,
4065 4066 struct zone_psettab *pset_tab)
4066 4067 {
4067 4068 pool_t *pool;
4068 4069 int res = Z_OK;
4069 4070
4070 4071 /* create a temporary pool configuration */
4071 4072 if (pool_conf_open(pconf, NULL, PO_TEMP) != PO_SUCCESS) {
4072 4073 res = zerr_pool(pool_err, err_size, Z_POOL);
4073 4074 return (res);
4074 4075 }
4075 4076
4076 4077 if ((pool = pool_create(pconf, name)) == NULL) {
4077 4078 res = zerr_pool(pool_err, err_size, Z_POOL_CREATE);
4078 4079 goto done;
4079 4080 }
4080 4081
4081 4082 /* set pool importance */
4082 4083 if (pset_tab->zone_importance[0] != '\0') {
4083 4084 pool_elem_t *elem;
4084 4085 pool_value_t *val;
4085 4086
4086 4087 if ((elem = pool_to_elem(pconf, pool)) == NULL) {
4087 4088 res = zerr_pool(pool_err, err_size, Z_POOL);
4088 4089 goto done;
4089 4090 }
4090 4091
4091 4092 if ((val = pool_value_alloc()) == NULL) {
4092 4093 res = zerr_pool(pool_err, err_size, Z_POOL);
4093 4094 goto done;
4094 4095 }
4095 4096
4096 4097 pool_value_set_int64(val,
4097 4098 (int64_t)atoi(pset_tab->zone_importance));
4098 4099
4099 4100 if (pool_put_property(pconf, elem, "pool.importance", val)
4100 4101 != PO_SUCCESS) {
4101 4102 res = zerr_pool(pool_err, err_size, Z_POOL);
4102 4103 pool_value_free(val);
4103 4104 goto done;
4104 4105 }
4105 4106
4106 4107 pool_value_free(val);
4107 4108 }
4108 4109
4109 4110 if ((res = create_tmp_pset(pool_err, err_size, pconf, pool, name,
4110 4111 atoi(pset_tab->zone_ncpu_min),
4111 4112 atoi(pset_tab->zone_ncpu_max))) != Z_OK)
4112 4113 goto done;
4113 4114
4114 4115 /* validation */
4115 4116 if (pool_conf_status(pconf) == POF_INVALID) {
4116 4117 res = zerr_pool(pool_err, err_size, Z_POOL);
4117 4118 goto done;
4118 4119 }
4119 4120
4120 4121 /*
4121 4122 * This validation is the one we expect to fail if the user specified
4122 4123 * an invalid configuration (too many cpus) for this system.
4123 4124 */
4124 4125 if (pool_conf_validate(pconf, POV_RUNTIME) != PO_SUCCESS) {
4125 4126 res = zerr_pool(pool_err, err_size, Z_POOL_CREATE);
4126 4127 goto done;
4127 4128 }
4128 4129
4129 4130 /*
4130 4131 * Commit the dynamic configuration but not the pool configuration
4131 4132 * file.
4132 4133 */
4133 4134 if (pool_conf_commit(pconf, 1) != PO_SUCCESS)
4134 4135 res = zerr_pool(pool_err, err_size, Z_POOL);
4135 4136
4136 4137 done:
4137 4138 (void) pool_conf_close(pconf);
4138 4139 return (res);
4139 4140 }
4140 4141
4141 4142 static int
4142 4143 get_running_tmp_pset(pool_conf_t *pconf, pool_t *pool, pool_resource_t *pset,
4143 4144 struct zone_psettab *pset_tab)
4144 4145 {
4145 4146 int nfound = 0;
4146 4147 pool_elem_t *pe;
4147 4148 pool_value_t *pv = pool_value_alloc();
4148 4149 uint64_t val_uint;
4149 4150
4150 4151 if (pool != NULL) {
4151 4152 pe = pool_to_elem(pconf, pool);
4152 4153 if (pool_get_property(pconf, pe, "pool.importance", pv)
4153 4154 != POC_INVAL) {
4154 4155 int64_t val_int;
4155 4156
4156 4157 (void) pool_value_get_int64(pv, &val_int);
4157 4158 (void) snprintf(pset_tab->zone_importance,
4158 4159 sizeof (pset_tab->zone_importance), "%d", val_int);
4159 4160 nfound++;
4160 4161 }
4161 4162 }
4162 4163
4163 4164 if (pset != NULL) {
4164 4165 pe = pool_resource_to_elem(pconf, pset);
4165 4166 if (pool_get_property(pconf, pe, "pset.min", pv) != POC_INVAL) {
4166 4167 (void) pool_value_get_uint64(pv, &val_uint);
4167 4168 (void) snprintf(pset_tab->zone_ncpu_min,
4168 4169 sizeof (pset_tab->zone_ncpu_min), "%u", val_uint);
4169 4170 nfound++;
4170 4171 }
4171 4172
4172 4173 if (pool_get_property(pconf, pe, "pset.max", pv) != POC_INVAL) {
4173 4174 (void) pool_value_get_uint64(pv, &val_uint);
4174 4175 (void) snprintf(pset_tab->zone_ncpu_max,
4175 4176 sizeof (pset_tab->zone_ncpu_max), "%u", val_uint);
4176 4177 nfound++;
4177 4178 }
4178 4179 }
4179 4180
4180 4181 pool_value_free(pv);
4181 4182
4182 4183 if (nfound == 3)
4183 4184 return (PO_SUCCESS);
4184 4185
4185 4186 return (PO_FAIL);
4186 4187 }
4187 4188
4188 4189 /*
4189 4190 * Determine if a tmp pool is configured and if so, if the configuration is
4190 4191 * still valid or if it has been changed since the tmp pool was created.
4191 4192 * If the tmp pool configuration is no longer valid, delete the tmp pool.
4192 4193 *
4193 4194 * Set *valid=B_TRUE if there is an existing, valid tmp pool configuration.
4194 4195 */
4195 4196 static int
4196 4197 verify_del_tmp_pool(pool_conf_t *pconf, char *tmp_name, char *pool_err,
4197 4198 int err_size, struct zone_psettab *pset_tab, boolean_t *exists)
4198 4199 {
4199 4200 int res = Z_OK;
4200 4201 pool_t *pool;
4201 4202 pool_resource_t *pset;
4202 4203 struct zone_psettab pset_current;
4203 4204
4204 4205 *exists = B_FALSE;
4205 4206
4206 4207 if (pool_conf_open(pconf, pool_dynamic_location(), PO_RDWR)
4207 4208 != PO_SUCCESS) {
4208 4209 res = zerr_pool(pool_err, err_size, Z_POOL);
4209 4210 return (res);
4210 4211 }
4211 4212
4212 4213 pool = pool_get_pool(pconf, tmp_name);
4213 4214 pset = pool_get_resource(pconf, "pset", tmp_name);
4214 4215
4215 4216 if (pool == NULL && pset == NULL) {
4216 4217 /* no tmp pool configured */
4217 4218 goto done;
4218 4219 }
4219 4220
4220 4221 /*
4221 4222 * If an existing tmp pool for this zone is configured with the proper
4222 4223 * settings, then the tmp pool is valid.
4223 4224 */
4224 4225 if (get_running_tmp_pset(pconf, pool, pset, &pset_current)
4225 4226 == PO_SUCCESS &&
4226 4227 strcmp(pset_tab->zone_ncpu_min,
4227 4228 pset_current.zone_ncpu_min) == 0 &&
4228 4229 strcmp(pset_tab->zone_ncpu_max,
4229 4230 pset_current.zone_ncpu_max) == 0 &&
4230 4231 strcmp(pset_tab->zone_importance,
4231 4232 pset_current.zone_importance) == 0) {
4232 4233 *exists = B_TRUE;
4233 4234
4234 4235 } else {
4235 4236 /*
4236 4237 * An out-of-date tmp pool configuration exists. Delete it
4237 4238 * so that we can create the correct tmp pool config.
4238 4239 */
4239 4240 if (pset != NULL &&
4240 4241 pool_resource_destroy(pconf, pset) != PO_SUCCESS) {
4241 4242 res = zerr_pool(pool_err, err_size, Z_POOL);
4242 4243 goto done;
4243 4244 }
4244 4245
4245 4246 if (pool != NULL &&
4246 4247 pool_destroy(pconf, pool) != PO_SUCCESS) {
4247 4248 res = zerr_pool(pool_err, err_size, Z_POOL);
4248 4249 goto done;
4249 4250 }
4250 4251
4251 4252 /* commit dynamic config */
4252 4253 if (pool_conf_commit(pconf, 0) != PO_SUCCESS)
4253 4254 res = zerr_pool(pool_err, err_size, Z_POOL);
4254 4255 }
4255 4256
4256 4257 done:
4257 4258 (void) pool_conf_close(pconf);
4258 4259
4259 4260 return (res);
4260 4261 }
4261 4262
4262 4263 /*
4263 4264 * Destroy any existing tmp pool.
4264 4265 */
4265 4266 int
4266 4267 zonecfg_destroy_tmp_pool(char *zone_name, char *pool_err, int err_size)
4267 4268 {
4268 4269 int status;
4269 4270 int res = Z_OK;
4270 4271 pool_conf_t *pconf;
4271 4272 pool_t *pool;
4272 4273 pool_resource_t *pset;
4273 4274 char tmp_name[MAX_TMP_POOL_NAME];
4274 4275
4275 4276 /* if pools not enabled then nothing to do */
4276 4277 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED)
4277 4278 return (Z_OK);
4278 4279
4279 4280 if ((pconf = pool_conf_alloc()) == NULL)
4280 4281 return (zerr_pool(pool_err, err_size, Z_POOL));
4281 4282
4282 4283 (void) snprintf(tmp_name, sizeof (tmp_name), TMP_POOL_NAME, zone_name);
4283 4284
4284 4285 if (pool_conf_open(pconf, pool_dynamic_location(), PO_RDWR)
4285 4286 != PO_SUCCESS) {
4286 4287 res = zerr_pool(pool_err, err_size, Z_POOL);
4287 4288 pool_conf_free(pconf);
4288 4289 return (res);
4289 4290 }
4290 4291
4291 4292 pool = pool_get_pool(pconf, tmp_name);
4292 4293 pset = pool_get_resource(pconf, "pset", tmp_name);
4293 4294
4294 4295 if (pool == NULL && pset == NULL) {
4295 4296 /* nothing to destroy, we're done */
4296 4297 goto done;
4297 4298 }
4298 4299
4299 4300 if (pset != NULL && pool_resource_destroy(pconf, pset) != PO_SUCCESS) {
4300 4301 res = zerr_pool(pool_err, err_size, Z_POOL);
4301 4302 goto done;
4302 4303 }
4303 4304
4304 4305 if (pool != NULL && pool_destroy(pconf, pool) != PO_SUCCESS) {
4305 4306 res = zerr_pool(pool_err, err_size, Z_POOL);
4306 4307 goto done;
4307 4308 }
4308 4309
4309 4310 /* commit dynamic config */
4310 4311 if (pool_conf_commit(pconf, 0) != PO_SUCCESS)
4311 4312 res = zerr_pool(pool_err, err_size, Z_POOL);
4312 4313
4313 4314 done:
4314 4315 (void) pool_conf_close(pconf);
4315 4316 pool_conf_free(pconf);
4316 4317
4317 4318 return (res);
4318 4319 }
4319 4320
4320 4321 /*
4321 4322 * Attempt to bind to a tmp pool for this zone. If there is no tmp pool
4322 4323 * configured, we just return Z_OK.
4323 4324 *
4324 4325 * We either attempt to create the tmp pool for this zone or rebind to an
4325 4326 * existing tmp pool for this zone.
4326 4327 *
4327 4328 * Rebinding is used when a zone with a tmp pool reboots so that we don't have
4328 4329 * to recreate the tmp pool. To do this we need to be sure we work correctly
4329 4330 * for the following cases:
4330 4331 *
4331 4332 * - there is an existing, properly configured tmp pool.
4332 4333 * - zonecfg added tmp pool after zone was booted, must now create.
4333 4334 * - zonecfg updated tmp pool config after zone was booted, in this case
4334 4335 * we destroy the old tmp pool and create a new one.
4335 4336 */
4336 4337 int
4337 4338 zonecfg_bind_tmp_pool(zone_dochandle_t handle, zoneid_t zoneid, char *pool_err,
4338 4339 int err_size)
4339 4340 {
4340 4341 struct zone_psettab pset_tab;
4341 4342 int err;
4342 4343 int status;
4343 4344 pool_conf_t *pconf;
4344 4345 boolean_t exists;
4345 4346 char zone_name[ZONENAME_MAX];
4346 4347 char tmp_name[MAX_TMP_POOL_NAME];
4347 4348
4348 4349 (void) getzonenamebyid(zoneid, zone_name, sizeof (zone_name));
4349 4350
4350 4351 err = zonecfg_lookup_pset(handle, &pset_tab);
4351 4352
4352 4353 /* if no temporary pool configured, we're done */
4353 4354 if (err == Z_NO_ENTRY)
4354 4355 return (Z_OK);
4355 4356
4356 4357 /*
4357 4358 * importance might not have a value but we need to validate it here,
4358 4359 * so set the default.
4359 4360 */
4360 4361 if (pset_tab.zone_importance[0] == '\0')
4361 4362 (void) strlcpy(pset_tab.zone_importance, "1",
4362 4363 sizeof (pset_tab.zone_importance));
4363 4364
4364 4365 /* if pools not enabled, enable them now */
4365 4366 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED) {
4366 4367 if (pool_set_status(POOL_ENABLED) != PO_SUCCESS)
4367 4368 return (Z_POOL_ENABLE);
4368 4369 }
4369 4370
4370 4371 if ((pconf = pool_conf_alloc()) == NULL)
4371 4372 return (zerr_pool(pool_err, err_size, Z_POOL));
4372 4373
4373 4374 (void) snprintf(tmp_name, sizeof (tmp_name), TMP_POOL_NAME, zone_name);
4374 4375
4375 4376 /*
4376 4377 * Check if a valid tmp pool/pset already exists. If so, we just
4377 4378 * reuse it.
4378 4379 */
4379 4380 if ((err = verify_del_tmp_pool(pconf, tmp_name, pool_err, err_size,
4380 4381 &pset_tab, &exists)) != Z_OK) {
4381 4382 pool_conf_free(pconf);
4382 4383 return (err);
4383 4384 }
4384 4385
4385 4386 if (!exists)
4386 4387 err = create_tmp_pool(pool_err, err_size, pconf, tmp_name,
4387 4388 &pset_tab);
4388 4389
4389 4390 pool_conf_free(pconf);
4390 4391
4391 4392 if (err != Z_OK)
4392 4393 return (err);
4393 4394
4394 4395 /* Bind the zone to the pool. */
4395 4396 if (pool_set_binding(tmp_name, P_ZONEID, zoneid) != PO_SUCCESS)
4396 4397 return (zerr_pool(pool_err, err_size, Z_POOL_BIND));
4397 4398
4398 4399 return (Z_OK);
4399 4400 }
4400 4401
4401 4402 /*
4402 4403 * Attempt to bind to a permanent pool for this zone. If there is no
4403 4404 * permanent pool configured, we just return Z_OK.
4404 4405 */
4405 4406 int
4406 4407 zonecfg_bind_pool(zone_dochandle_t handle, zoneid_t zoneid, char *pool_err,
4407 4408 int err_size)
4408 4409 {
4409 4410 pool_conf_t *poolconf;
4410 4411 pool_t *pool;
4411 4412 char poolname[MAXPATHLEN];
4412 4413 int status;
4413 4414 int error;
4414 4415
4415 4416 /*
4416 4417 * Find the pool mentioned in the zone configuration, and bind to it.
4417 4418 */
4418 4419 error = zonecfg_get_pool(handle, poolname, sizeof (poolname));
4419 4420 if (error == Z_NO_ENTRY || (error == Z_OK && strlen(poolname) == 0)) {
4420 4421 /*
4421 4422 * The property is not set on the zone, so the pool
4422 4423 * should be bound to the default pool. But that's
4423 4424 * already done by the kernel, so we can just return.
4424 4425 */
4425 4426 return (Z_OK);
4426 4427 }
4427 4428 if (error != Z_OK) {
4428 4429 /*
4429 4430 * Not an error, even though it shouldn't be happening.
4430 4431 */
4431 4432 return (Z_OK);
4432 4433 }
4433 4434 /*
4434 4435 * Don't do anything if pools aren't enabled.
4435 4436 */
4436 4437 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED)
4437 4438 return (Z_POOLS_NOT_ACTIVE);
4438 4439
4439 4440 /*
4440 4441 * Try to provide a sane error message if the requested pool doesn't
4441 4442 * exist.
4442 4443 */
4443 4444 if ((poolconf = pool_conf_alloc()) == NULL)
4444 4445 return (zerr_pool(pool_err, err_size, Z_POOL));
4445 4446
4446 4447 if (pool_conf_open(poolconf, pool_dynamic_location(), PO_RDONLY) !=
4447 4448 PO_SUCCESS) {
4448 4449 pool_conf_free(poolconf);
4449 4450 return (zerr_pool(pool_err, err_size, Z_POOL));
4450 4451 }
4451 4452 pool = pool_get_pool(poolconf, poolname);
4452 4453 (void) pool_conf_close(poolconf);
4453 4454 pool_conf_free(poolconf);
4454 4455 if (pool == NULL)
4455 4456 return (Z_NO_POOL);
4456 4457
4457 4458 /*
4458 4459 * Bind the zone to the pool.
4459 4460 */
4460 4461 if (pool_set_binding(poolname, P_ZONEID, zoneid) != PO_SUCCESS) {
4461 4462 /* if bind fails, return poolname for the error msg */
4462 4463 (void) strlcpy(pool_err, poolname, err_size);
4463 4464 return (Z_POOL_BIND);
4464 4465 }
4465 4466
4466 4467 return (Z_OK);
4467 4468 }
4468 4469
4469 4470 int
4470 4471 zonecfg_get_poolname(zone_dochandle_t handle, char *zone, char *pool,
4471 4472 size_t poolsize)
4472 4473 {
4473 4474 int err;
4474 4475 struct zone_psettab pset_tab;
4475 4476
4476 4477 err = zonecfg_lookup_pset(handle, &pset_tab);
4477 4478 if ((err != Z_NO_ENTRY) && (err != Z_OK))
4478 4479 return (err);
4479 4480
4480 4481 /* pset was found so a temporary pool was created */
4481 4482 if (err == Z_OK) {
4482 4483 (void) snprintf(pool, poolsize, TMP_POOL_NAME, zone);
4483 4484 return (Z_OK);
4484 4485 }
4485 4486
4486 4487 /* lookup the poolname in zonecfg */
4487 4488 return (zonecfg_get_pool(handle, pool, poolsize));
4488 4489 }
4489 4490
4490 4491 static boolean_t
4491 4492 svc_enabled(char *svc_name)
4492 4493 {
4493 4494 scf_simple_prop_t *prop;
4494 4495 boolean_t found = B_FALSE;
4495 4496
4496 4497 prop = scf_simple_prop_get(NULL, svc_name, SCF_PG_GENERAL,
4497 4498 SCF_PROPERTY_ENABLED);
4498 4499
4499 4500 if (scf_simple_prop_numvalues(prop) == 1 &&
4500 4501 *scf_simple_prop_next_boolean(prop) != 0)
4501 4502 found = B_TRUE;
4502 4503
4503 4504 scf_simple_prop_free(prop);
4504 4505
4505 4506 return (found);
4506 4507 }
4507 4508
4508 4509 /*
4509 4510 * If the zone has capped-memory, make sure the rcap service is enabled.
4510 4511 */
4511 4512 int
4512 4513 zonecfg_enable_rcapd(char *err, int size)
4513 4514 {
4514 4515 if (!svc_enabled(RCAP_SERVICE) &&
4515 4516 smf_enable_instance(RCAP_SERVICE, 0) == -1) {
4516 4517 (void) strlcpy(err, scf_strerror(scf_error()), size);
4517 4518 return (Z_SYSTEM);
4518 4519 }
4519 4520
4520 4521 return (Z_OK);
4521 4522 }
4522 4523
4523 4524 /*
4524 4525 * Return true if pset has cpu range specified and poold is not enabled.
4525 4526 */
4526 4527 boolean_t
4527 4528 zonecfg_warn_poold(zone_dochandle_t handle)
4528 4529 {
4529 4530 struct zone_psettab pset_tab;
4530 4531 int min, max;
4531 4532 int err;
4532 4533
4533 4534 err = zonecfg_lookup_pset(handle, &pset_tab);
4534 4535
4535 4536 /* if no temporary pool configured, we're done */
4536 4537 if (err == Z_NO_ENTRY)
4537 4538 return (B_FALSE);
4538 4539
4539 4540 min = atoi(pset_tab.zone_ncpu_min);
4540 4541 max = atoi(pset_tab.zone_ncpu_max);
4541 4542
4542 4543 /* range not specified, no need for poold */
4543 4544 if (min == max)
4544 4545 return (B_FALSE);
4545 4546
4546 4547 /* we have a range, check if poold service is enabled */
4547 4548 if (svc_enabled(POOLD_SERVICE))
4548 4549 return (B_FALSE);
4549 4550
4550 4551 return (B_TRUE);
4551 4552 }
4552 4553
4553 4554 /*
4554 4555 * Retrieve the specified pool's thread scheduling class. 'poolname' must
4555 4556 * refer to the name of a configured resource pool. The thread scheduling
4556 4557 * class specified by the pool will be stored in the buffer to which 'class'
4557 4558 * points. 'clsize' is the byte size of the buffer to which 'class' points.
4558 4559 *
4559 4560 * This function returns Z_OK if it successfully stored the specified pool's
4560 4561 * thread scheduling class into the buffer to which 'class' points. It returns
4561 4562 * Z_NO_POOL if resource pools are not enabled, the function is unable to
4562 4563 * access the system's resource pools configuration, or the specified pool
4563 4564 * does not exist. The function returns Z_TOO_BIG if the buffer to which
4564 4565 * 'class' points is not large enough to contain the thread scheduling class'
4565 4566 * name. The function returns Z_NO_ENTRY if the pool does not specify a thread
4566 4567 * scheduling class.
4567 4568 */
4568 4569 static int
4569 4570 get_pool_sched_class(char *poolname, char *class, int clsize)
4570 4571 {
4571 4572 int status;
4572 4573 pool_conf_t *poolconf;
4573 4574 pool_t *pool;
4574 4575 pool_elem_t *pe;
4575 4576 pool_value_t *pv = pool_value_alloc();
4576 4577 const char *sched_str;
4577 4578
4578 4579 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED)
4579 4580 return (Z_NO_POOL);
4580 4581
4581 4582 if ((poolconf = pool_conf_alloc()) == NULL)
4582 4583 return (Z_NO_POOL);
4583 4584
4584 4585 if (pool_conf_open(poolconf, pool_dynamic_location(), PO_RDONLY) !=
4585 4586 PO_SUCCESS) {
4586 4587 pool_conf_free(poolconf);
4587 4588 return (Z_NO_POOL);
4588 4589 }
4589 4590
4590 4591 if ((pool = pool_get_pool(poolconf, poolname)) == NULL) {
4591 4592 (void) pool_conf_close(poolconf);
4592 4593 pool_conf_free(poolconf);
4593 4594 return (Z_NO_POOL);
4594 4595 }
4595 4596
4596 4597 pe = pool_to_elem(poolconf, pool);
4597 4598 if (pool_get_property(poolconf, pe, "pool.scheduler", pv) !=
4598 4599 POC_STRING) {
4599 4600 (void) pool_conf_close(poolconf);
4600 4601 pool_conf_free(poolconf);
4601 4602 return (Z_NO_ENTRY);
4602 4603 }
4603 4604 (void) pool_value_get_string(pv, &sched_str);
4604 4605 (void) pool_conf_close(poolconf);
4605 4606 pool_conf_free(poolconf);
4606 4607 if (strlcpy(class, sched_str, clsize) >= clsize)
4607 4608 return (Z_TOO_BIG);
4608 4609 return (Z_OK);
4609 4610 }
4610 4611
4611 4612 /*
4612 4613 * Get the default scheduling class for the zone. This will either be the
4613 4614 * class set on the zone's pool or the system default scheduling class.
4614 4615 */
4615 4616 int
4616 4617 zonecfg_get_dflt_sched_class(zone_dochandle_t handle, char *class, int clsize)
4617 4618 {
4618 4619 char poolname[MAXPATHLEN];
4619 4620
4620 4621 if (zonecfg_get_pool(handle, poolname, sizeof (poolname)) == Z_OK) {
4621 4622 /* check if the zone's pool specified a sched class */
4622 4623 if (get_pool_sched_class(poolname, class, clsize) == Z_OK)
4623 4624 return (Z_OK);
4624 4625 }
4625 4626
4626 4627 if (priocntl(0, 0, PC_GETDFLCL, class, (uint64_t)clsize) == -1)
4627 4628 return (Z_TOO_BIG);
4628 4629
4629 4630 return (Z_OK);
4630 4631 }
4631 4632
4632 4633 int
4633 4634 zonecfg_setfsent(zone_dochandle_t handle)
4634 4635 {
4635 4636 return (zonecfg_setent(handle));
4636 4637 }
4637 4638
4638 4639 int
4639 4640 zonecfg_getfsent(zone_dochandle_t handle, struct zone_fstab *tabptr)
4640 4641 {
4641 4642 xmlNodePtr cur, options;
4642 4643 char options_str[MAX_MNTOPT_STR];
4643 4644 int err;
4644 4645
4645 4646 if (handle == NULL)
4646 4647 return (Z_INVAL);
4647 4648
4648 4649 if ((cur = handle->zone_dh_cur) == NULL)
4649 4650 return (Z_NO_ENTRY);
4650 4651
4651 4652 for (; cur != NULL; cur = cur->next)
4652 4653 if (!xmlStrcmp(cur->name, DTD_ELEM_FS))
4653 4654 break;
4654 4655 if (cur == NULL) {
4655 4656 handle->zone_dh_cur = handle->zone_dh_top;
4656 4657 return (Z_NO_ENTRY);
4657 4658 }
4658 4659
4659 4660 if ((err = fetchprop(cur, DTD_ATTR_SPECIAL, tabptr->zone_fs_special,
4660 4661 sizeof (tabptr->zone_fs_special))) != Z_OK) {
4661 4662 handle->zone_dh_cur = handle->zone_dh_top;
4662 4663 return (err);
4663 4664 }
4664 4665
4665 4666 if ((err = fetchprop(cur, DTD_ATTR_RAW, tabptr->zone_fs_raw,
4666 4667 sizeof (tabptr->zone_fs_raw))) != Z_OK) {
4667 4668 handle->zone_dh_cur = handle->zone_dh_top;
4668 4669 return (err);
4669 4670 }
4670 4671
4671 4672 if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
4672 4673 sizeof (tabptr->zone_fs_dir))) != Z_OK) {
4673 4674 handle->zone_dh_cur = handle->zone_dh_top;
4674 4675 return (err);
4675 4676 }
4676 4677
4677 4678 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_fs_type,
4678 4679 sizeof (tabptr->zone_fs_type))) != Z_OK) {
4679 4680 handle->zone_dh_cur = handle->zone_dh_top;
4680 4681 return (err);
4681 4682 }
4682 4683
4683 4684 /* OK for options to be NULL */
4684 4685 tabptr->zone_fs_options = NULL;
4685 4686 for (options = cur->xmlChildrenNode; options != NULL;
4686 4687 options = options->next) {
4687 4688 if (fetchprop(options, DTD_ATTR_NAME, options_str,
4688 4689 sizeof (options_str)) != Z_OK)
4689 4690 break;
4690 4691 if (zonecfg_add_fs_option(tabptr, options_str) != Z_OK)
4691 4692 break;
4692 4693 }
4693 4694
4694 4695 handle->zone_dh_cur = cur->next;
4695 4696 return (Z_OK);
4696 4697 }
4697 4698
4698 4699 int
4699 4700 zonecfg_endfsent(zone_dochandle_t handle)
4700 4701 {
4701 4702 return (zonecfg_endent(handle));
4702 4703 }
4703 4704
4704 4705 int
4705 4706 zonecfg_setnwifent(zone_dochandle_t handle)
4706 4707 {
4707 4708 return (zonecfg_setent(handle));
4708 4709 }
4709 4710
4710 4711 int
4711 4712 zonecfg_getnwifent(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
4712 4713 {
4713 4714 xmlNodePtr cur;
4714 4715 int err;
4715 4716
4716 4717 if (handle == NULL)
4717 4718 return (Z_INVAL);
4718 4719
4719 4720 if ((cur = handle->zone_dh_cur) == NULL)
4720 4721 return (Z_NO_ENTRY);
4721 4722
4722 4723 for (; cur != NULL; cur = cur->next)
4723 4724 if (!xmlStrcmp(cur->name, DTD_ELEM_NET))
4724 4725 break;
4725 4726 if (cur == NULL) {
4726 4727 handle->zone_dh_cur = handle->zone_dh_top;
4727 4728 return (Z_NO_ENTRY);
4728 4729 }
4729 4730
4730 4731 if ((err = fetchprop(cur, DTD_ATTR_ADDRESS, tabptr->zone_nwif_address,
4731 4732 sizeof (tabptr->zone_nwif_address))) != Z_OK) {
4732 4733 handle->zone_dh_cur = handle->zone_dh_top;
4733 4734 return (err);
4734 4735 }
4735 4736
4736 4737 if ((err = fetchprop(cur, DTD_ATTR_ALLOWED_ADDRESS,
4737 4738 tabptr->zone_nwif_allowed_address,
4738 4739 sizeof (tabptr->zone_nwif_allowed_address))) != Z_OK) {
4739 4740 handle->zone_dh_cur = handle->zone_dh_top;
4740 4741 return (err);
4741 4742 }
4742 4743
4743 4744 if ((err = fetchprop(cur, DTD_ATTR_PHYSICAL, tabptr->zone_nwif_physical,
4744 4745 sizeof (tabptr->zone_nwif_physical))) != Z_OK) {
4745 4746 handle->zone_dh_cur = handle->zone_dh_top;
4746 4747 return (err);
4747 4748 }
4748 4749
4749 4750 if ((err = fetchprop(cur, DTD_ATTR_DEFROUTER,
4750 4751 tabptr->zone_nwif_defrouter,
4751 4752 sizeof (tabptr->zone_nwif_defrouter))) != Z_OK) {
4752 4753 handle->zone_dh_cur = handle->zone_dh_top;
4753 4754 return (err);
4754 4755 }
4755 4756
4756 4757 handle->zone_dh_cur = cur->next;
4757 4758 return (Z_OK);
4758 4759 }
4759 4760
4760 4761 int
4761 4762 zonecfg_endnwifent(zone_dochandle_t handle)
4762 4763 {
4763 4764 return (zonecfg_endent(handle));
4764 4765 }
4765 4766
4766 4767 int
4767 4768 zonecfg_setdevent(zone_dochandle_t handle)
4768 4769 {
4769 4770 return (zonecfg_setent(handle));
4770 4771 }
4771 4772
4772 4773 int
4773 4774 zonecfg_getdevent(zone_dochandle_t handle, struct zone_devtab *tabptr)
4774 4775 {
4775 4776 xmlNodePtr cur;
4776 4777 int err;
4777 4778
4778 4779 if (handle == NULL)
4779 4780 return (Z_INVAL);
4780 4781
4781 4782 if ((cur = handle->zone_dh_cur) == NULL)
4782 4783 return (Z_NO_ENTRY);
4783 4784
4784 4785 for (; cur != NULL; cur = cur->next)
4785 4786 if (!xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
4786 4787 break;
4787 4788 if (cur == NULL) {
4788 4789 handle->zone_dh_cur = handle->zone_dh_top;
4789 4790 return (Z_NO_ENTRY);
4790 4791 }
4791 4792
4792 4793 if ((err = fetchprop(cur, DTD_ATTR_MATCH, tabptr->zone_dev_match,
4793 4794 sizeof (tabptr->zone_dev_match))) != Z_OK) {
4794 4795 handle->zone_dh_cur = handle->zone_dh_top;
4795 4796 return (err);
4796 4797 }
4797 4798
4798 4799 handle->zone_dh_cur = cur->next;
4799 4800 return (Z_OK);
4800 4801 }
4801 4802
4802 4803 int
4803 4804 zonecfg_enddevent(zone_dochandle_t handle)
4804 4805 {
4805 4806 return (zonecfg_endent(handle));
4806 4807 }
4807 4808
4808 4809 int
4809 4810 zonecfg_setrctlent(zone_dochandle_t handle)
4810 4811 {
4811 4812 return (zonecfg_setent(handle));
4812 4813 }
4813 4814
4814 4815 int
4815 4816 zonecfg_getrctlent(zone_dochandle_t handle, struct zone_rctltab *tabptr)
4816 4817 {
4817 4818 xmlNodePtr cur, val;
4818 4819 struct zone_rctlvaltab *valptr;
4819 4820 int err;
4820 4821
4821 4822 if (handle == NULL)
4822 4823 return (Z_INVAL);
4823 4824
4824 4825 if ((cur = handle->zone_dh_cur) == NULL)
4825 4826 return (Z_NO_ENTRY);
4826 4827
4827 4828 for (; cur != NULL; cur = cur->next)
4828 4829 if (!xmlStrcmp(cur->name, DTD_ELEM_RCTL))
4829 4830 break;
4830 4831 if (cur == NULL) {
4831 4832 handle->zone_dh_cur = handle->zone_dh_top;
4832 4833 return (Z_NO_ENTRY);
4833 4834 }
4834 4835
4835 4836 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_rctl_name,
4836 4837 sizeof (tabptr->zone_rctl_name))) != Z_OK) {
4837 4838 handle->zone_dh_cur = handle->zone_dh_top;
4838 4839 return (err);
4839 4840 }
4840 4841
4841 4842 tabptr->zone_rctl_valptr = NULL;
4842 4843 for (val = cur->xmlChildrenNode; val != NULL; val = val->next) {
4843 4844 valptr = (struct zone_rctlvaltab *)malloc(
4844 4845 sizeof (struct zone_rctlvaltab));
4845 4846 if (valptr == NULL)
4846 4847 return (Z_NOMEM);
4847 4848 if (fetchprop(val, DTD_ATTR_PRIV, valptr->zone_rctlval_priv,
4848 4849 sizeof (valptr->zone_rctlval_priv)) != Z_OK)
4849 4850 break;
4850 4851 if (fetchprop(val, DTD_ATTR_LIMIT, valptr->zone_rctlval_limit,
4851 4852 sizeof (valptr->zone_rctlval_limit)) != Z_OK)
4852 4853 break;
4853 4854 if (fetchprop(val, DTD_ATTR_ACTION, valptr->zone_rctlval_action,
4854 4855 sizeof (valptr->zone_rctlval_action)) != Z_OK)
4855 4856 break;
4856 4857 if (zonecfg_add_rctl_value(tabptr, valptr) != Z_OK)
4857 4858 break;
4858 4859 }
4859 4860
4860 4861 handle->zone_dh_cur = cur->next;
4861 4862 return (Z_OK);
4862 4863 }
4863 4864
4864 4865 int
4865 4866 zonecfg_endrctlent(zone_dochandle_t handle)
4866 4867 {
4867 4868 return (zonecfg_endent(handle));
4868 4869 }
4869 4870
4870 4871 int
4871 4872 zonecfg_setattrent(zone_dochandle_t handle)
4872 4873 {
4873 4874 return (zonecfg_setent(handle));
4874 4875 }
4875 4876
4876 4877 int
4877 4878 zonecfg_getattrent(zone_dochandle_t handle, struct zone_attrtab *tabptr)
4878 4879 {
4879 4880 xmlNodePtr cur;
4880 4881 int err;
4881 4882
4882 4883 if (handle == NULL)
4883 4884 return (Z_INVAL);
4884 4885
4885 4886 if ((cur = handle->zone_dh_cur) == NULL)
4886 4887 return (Z_NO_ENTRY);
4887 4888
4888 4889 for (; cur != NULL; cur = cur->next)
4889 4890 if (!xmlStrcmp(cur->name, DTD_ELEM_ATTR))
4890 4891 break;
4891 4892 if (cur == NULL) {
4892 4893 handle->zone_dh_cur = handle->zone_dh_top;
4893 4894 return (Z_NO_ENTRY);
4894 4895 }
4895 4896
4896 4897 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_attr_name,
4897 4898 sizeof (tabptr->zone_attr_name))) != Z_OK) {
4898 4899 handle->zone_dh_cur = handle->zone_dh_top;
4899 4900 return (err);
4900 4901 }
4901 4902
4902 4903 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_attr_type,
4903 4904 sizeof (tabptr->zone_attr_type))) != Z_OK) {
4904 4905 handle->zone_dh_cur = handle->zone_dh_top;
4905 4906 return (err);
4906 4907 }
4907 4908
4908 4909 if ((err = fetchprop(cur, DTD_ATTR_VALUE, tabptr->zone_attr_value,
4909 4910 sizeof (tabptr->zone_attr_value))) != Z_OK) {
4910 4911 handle->zone_dh_cur = handle->zone_dh_top;
4911 4912 return (err);
4912 4913 }
4913 4914
4914 4915 handle->zone_dh_cur = cur->next;
4915 4916 return (Z_OK);
4916 4917 }
4917 4918
4918 4919 int
4919 4920 zonecfg_endattrent(zone_dochandle_t handle)
4920 4921 {
4921 4922 return (zonecfg_endent(handle));
4922 4923 }
4923 4924
4924 4925 int
4925 4926 zonecfg_setadminent(zone_dochandle_t handle)
4926 4927 {
4927 4928 return (zonecfg_setent(handle));
4928 4929 }
4929 4930
4930 4931 int
4931 4932 zonecfg_getadminent(zone_dochandle_t handle, struct zone_admintab *tabptr)
4932 4933 {
4933 4934 xmlNodePtr cur;
4934 4935 int err;
4935 4936
4936 4937 if (handle == NULL)
4937 4938 return (Z_INVAL);
4938 4939
4939 4940 if ((cur = handle->zone_dh_cur) == NULL)
4940 4941 return (Z_NO_ENTRY);
4941 4942
4942 4943 for (; cur != NULL; cur = cur->next)
4943 4944 if (!xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
4944 4945 break;
4945 4946 if (cur == NULL) {
4946 4947 handle->zone_dh_cur = handle->zone_dh_top;
4947 4948 return (Z_NO_ENTRY);
4948 4949 }
4949 4950
4950 4951 if ((err = fetchprop(cur, DTD_ATTR_USER, tabptr->zone_admin_user,
4951 4952 sizeof (tabptr->zone_admin_user))) != Z_OK) {
4952 4953 handle->zone_dh_cur = handle->zone_dh_top;
4953 4954 return (err);
4954 4955 }
4955 4956
4956 4957
4957 4958 if ((err = fetchprop(cur, DTD_ATTR_AUTHS, tabptr->zone_admin_auths,
4958 4959 sizeof (tabptr->zone_admin_auths))) != Z_OK) {
4959 4960 handle->zone_dh_cur = handle->zone_dh_top;
4960 4961 return (err);
4961 4962 }
4962 4963
4963 4964 handle->zone_dh_cur = cur->next;
4964 4965 return (Z_OK);
4965 4966 }
4966 4967
4967 4968 int
4968 4969 zonecfg_endadminent(zone_dochandle_t handle)
4969 4970 {
4970 4971 return (zonecfg_endent(handle));
4971 4972 }
4972 4973
4973 4974 /*
4974 4975 * The privileges available on the system and described in privileges(5)
4975 4976 * fall into four categories with respect to non-global zones:
4976 4977 *
4977 4978 * Default set of privileges considered safe for all non-global
4978 4979 * zones. These privileges are "safe" in the sense that a
4979 4980 * privileged process in the zone cannot affect processes in any
4980 4981 * other zone on the system.
4981 4982 *
4982 4983 * Set of privileges not currently permitted within a non-global
4983 4984 * zone. These privileges are considered by default, "unsafe,"
4984 4985 * and include ones which affect global resources (such as the
4985 4986 * system clock or physical memory) or are overly broad and cover
4986 4987 * more than one mechanism in the system. In other cases, there
4987 4988 * has not been sufficient virtualization in the parts of the
4988 4989 * system the privilege covers to allow its use within a
4989 4990 * non-global zone.
4990 4991 *
4991 4992 * Set of privileges required in order to get a zone booted and
4992 4993 * init(1M) started. These cannot be removed from the zone's
4993 4994 * privilege set.
4994 4995 *
4995 4996 * All other privileges are optional and are potentially useful for
4996 4997 * processes executing inside a non-global zone.
4997 4998 *
4998 4999 * When privileges are added to the system, a determination needs to be
4999 5000 * made as to which category the privilege belongs to. Ideally,
5000 5001 * privileges should be fine-grained enough and the mechanisms they cover
5001 5002 * virtualized enough so that they can be made available to non-global
5002 5003 * zones.
5003 5004 */
5004 5005
5005 5006 /*
5006 5007 * Define some of the tokens that priv_str_to_set(3C) recognizes. Since
5007 5008 * the privilege string separator can be any character, although it is
5008 5009 * usually a comma character, define these here as well in the event that
5009 5010 * they change or are augmented in the future.
5010 5011 */
5011 5012 #define BASIC_TOKEN "basic"
5012 5013 #define DEFAULT_TOKEN "default"
5013 5014 #define ZONE_TOKEN "zone"
5014 5015 #define TOKEN_PRIV_CHAR ','
5015 5016 #define TOKEN_PRIV_STR ","
5016 5017
5017 5018 typedef struct priv_node {
5018 5019 struct priv_node *pn_next; /* Next privilege */
5019 5020 char *pn_priv; /* Privileges name */
5020 5021 } priv_node_t;
5021 5022
5022 5023 /* Privileges lists can differ across brands */
5023 5024 typedef struct priv_lists {
5024 5025 /* Privileges considered safe for all non-global zones of a brand */
5025 5026 struct priv_node *pl_default;
5026 5027
5027 5028 /* Privileges not permitted for all non-global zones of a brand */
5028 5029 struct priv_node *pl_prohibited;
5029 5030
5030 5031 /* Privileges required for all non-global zones of a brand */
5031 5032 struct priv_node *pl_required;
5032 5033
5033 5034 /*
5034 5035 * ip-type of the zone these privileges lists apply to.
5035 5036 * It is used to pass ip-type to the callback function,
5036 5037 * priv_lists_cb, which has no way of getting the ip-type.
5037 5038 */
5038 5039 const char *pl_iptype;
5039 5040 } priv_lists_t;
5040 5041
5041 5042 static int
5042 5043 priv_lists_cb(void *data, priv_iter_t *priv_iter)
5043 5044 {
5044 5045 priv_lists_t *plp = (priv_lists_t *)data;
5045 5046 priv_node_t *pnp;
5046 5047
5047 5048 /* Skip this privilege if ip-type does not match */
5048 5049 if ((strcmp(priv_iter->pi_iptype, "all") != 0) &&
5049 5050 (strcmp(priv_iter->pi_iptype, plp->pl_iptype) != 0))
5050 5051 return (0);
5051 5052
5052 5053 /* Allocate a new priv list node. */
5053 5054 if ((pnp = malloc(sizeof (*pnp))) == NULL)
5054 5055 return (-1);
5055 5056 if ((pnp->pn_priv = strdup(priv_iter->pi_name)) == NULL) {
5056 5057 free(pnp);
5057 5058 return (-1);
5058 5059 }
5059 5060
5060 5061 /* Insert the new priv list node into the right list */
5061 5062 if (strcmp(priv_iter->pi_set, "default") == 0) {
5062 5063 pnp->pn_next = plp->pl_default;
5063 5064 plp->pl_default = pnp;
5064 5065 } else if (strcmp(priv_iter->pi_set, "prohibited") == 0) {
5065 5066 pnp->pn_next = plp->pl_prohibited;
5066 5067 plp->pl_prohibited = pnp;
5067 5068 } else if (strcmp(priv_iter->pi_set, "required") == 0) {
5068 5069 pnp->pn_next = plp->pl_required;
5069 5070 plp->pl_required = pnp;
5070 5071 } else {
5071 5072 free(pnp->pn_priv);
5072 5073 free(pnp);
5073 5074 return (-1);
5074 5075 }
5075 5076 return (0);
5076 5077 }
5077 5078
5078 5079 static void
5079 5080 priv_lists_destroy(priv_lists_t *plp)
5080 5081 {
5081 5082 priv_node_t *pnp;
5082 5083
5083 5084 assert(plp != NULL);
5084 5085
5085 5086 while ((pnp = plp->pl_default) != NULL) {
5086 5087 plp->pl_default = pnp->pn_next;
5087 5088 free(pnp->pn_priv);
5088 5089 free(pnp);
5089 5090 }
5090 5091 while ((pnp = plp->pl_prohibited) != NULL) {
5091 5092 plp->pl_prohibited = pnp->pn_next;
5092 5093 free(pnp->pn_priv);
5093 5094 free(pnp);
5094 5095 }
5095 5096 while ((pnp = plp->pl_required) != NULL) {
5096 5097 plp->pl_required = pnp->pn_next;
5097 5098 free(pnp->pn_priv);
5098 5099 free(pnp);
5099 5100 }
5100 5101 free(plp);
5101 5102 }
5102 5103
5103 5104 static int
5104 5105 priv_lists_create(zone_dochandle_t handle, char *brand, priv_lists_t **plpp,
5105 5106 const char *curr_iptype)
5106 5107 {
5107 5108 priv_lists_t *plp;
5108 5109 brand_handle_t bh;
5109 5110 char brand_str[MAXNAMELEN];
5110 5111
5111 5112 /* handle or brand must be set, but never both */
5112 5113 assert((handle != NULL) || (brand != NULL));
5113 5114 assert((handle == NULL) || (brand == NULL));
5114 5115
5115 5116 if (handle != NULL) {
5116 5117 brand = brand_str;
5117 5118 if (zonecfg_get_brand(handle, brand, sizeof (brand_str)) != 0)
5118 5119 return (Z_BRAND_ERROR);
5119 5120 }
5120 5121
5121 5122 if ((bh = brand_open(brand)) == NULL)
5122 5123 return (Z_BRAND_ERROR);
5123 5124
5124 5125 if ((plp = calloc(1, sizeof (priv_lists_t))) == NULL) {
5125 5126 brand_close(bh);
5126 5127 return (Z_NOMEM);
5127 5128 }
5128 5129
5129 5130 plp->pl_iptype = curr_iptype;
5130 5131
5131 5132 /* construct the privilege lists */
5132 5133 if (brand_config_iter_privilege(bh, priv_lists_cb, plp) != 0) {
5133 5134 priv_lists_destroy(plp);
5134 5135 brand_close(bh);
5135 5136 return (Z_BRAND_ERROR);
5136 5137 }
5137 5138
5138 5139 brand_close(bh);
5139 5140 *plpp = plp;
5140 5141 return (Z_OK);
5141 5142 }
5142 5143
5143 5144 static int
5144 5145 get_default_privset(priv_set_t *privs, priv_lists_t *plp)
5145 5146 {
5146 5147 priv_node_t *pnp;
5147 5148 priv_set_t *basic;
5148 5149
5149 5150 basic = priv_str_to_set(BASIC_TOKEN, TOKEN_PRIV_STR, NULL);
5150 5151 if (basic == NULL)
5151 5152 return (errno == ENOMEM ? Z_NOMEM : Z_INVAL);
5152 5153
5153 5154 priv_union(basic, privs);
5154 5155 priv_freeset(basic);
5155 5156
5156 5157 for (pnp = plp->pl_default; pnp != NULL; pnp = pnp->pn_next) {
5157 5158 if (priv_addset(privs, pnp->pn_priv) != 0)
5158 5159 return (Z_INVAL);
5159 5160 }
5160 5161
5161 5162 return (Z_OK);
5162 5163 }
5163 5164
5164 5165 int
5165 5166 zonecfg_default_brand(char *brand, size_t brandsize)
5166 5167 {
5167 5168 zone_dochandle_t handle;
5168 5169 int myzoneid = getzoneid();
5169 5170 int ret;
5170 5171
5171 5172 /*
5172 5173 * If we're running within a zone, then the default brand is the
5173 5174 * current zone's brand.
5174 5175 */
5175 5176 if (myzoneid != GLOBAL_ZONEID) {
5176 5177 ret = zone_getattr(myzoneid, ZONE_ATTR_BRAND, brand, brandsize);
5177 5178 if (ret < 0)
5178 5179 return ((errno == EFAULT) ? Z_TOO_BIG : Z_INVAL);
5179 5180 return (Z_OK);
5180 5181 }
5181 5182
5182 5183 if ((handle = zonecfg_init_handle()) == NULL)
5183 5184 return (Z_NOMEM);
5184 5185 if ((ret = zonecfg_get_handle("SUNWdefault", handle)) == Z_OK) {
5185 5186 ret = i_zonecfg_get_brand(handle, brand, brandsize, B_TRUE);
5186 5187 zonecfg_fini_handle(handle);
5187 5188 return (ret);
5188 5189 }
5189 5190 return (ret);
5190 5191 }
5191 5192
5192 5193 int
5193 5194 zonecfg_default_privset(priv_set_t *privs, const char *curr_iptype)
5194 5195 {
5195 5196 priv_lists_t *plp;
5196 5197 char buf[MAXNAMELEN];
5197 5198 int ret;
5198 5199
5199 5200 if ((ret = zonecfg_default_brand(buf, sizeof (buf))) != Z_OK)
5200 5201 return (ret);
5201 5202 if ((ret = priv_lists_create(NULL, buf, &plp, curr_iptype)) != Z_OK)
5202 5203 return (ret);
5203 5204 ret = get_default_privset(privs, plp);
5204 5205 priv_lists_destroy(plp);
5205 5206 return (ret);
5206 5207 }
5207 5208
5208 5209 void
5209 5210 append_priv_token(char *priv, char *str, size_t strlen)
5210 5211 {
5211 5212 if (*str != '\0')
5212 5213 (void) strlcat(str, TOKEN_PRIV_STR, strlen);
5213 5214 (void) strlcat(str, priv, strlen);
5214 5215 }
5215 5216
5216 5217 /*
5217 5218 * Verify that the supplied string is a valid privilege limit set for a
5218 5219 * non-global zone. This string must not only be acceptable to
5219 5220 * priv_str_to_set(3C) which parses it, but it also must resolve to a
5220 5221 * privilege set that includes certain required privileges and lacks
5221 5222 * certain prohibited privileges.
5222 5223 */
5223 5224 static int
5224 5225 verify_privset(char *privbuf, priv_set_t *privs, char **privname,
5225 5226 boolean_t add_default, priv_lists_t *plp)
5226 5227 {
5227 5228 priv_node_t *pnp;
5228 5229 char *tmp, *cp, *lasts;
5229 5230 size_t len;
5230 5231 priv_set_t *mergeset;
5231 5232 const char *token;
5232 5233
5233 5234 /*
5234 5235 * The verification of the privilege string occurs in several
5235 5236 * phases. In the first phase, the supplied string is scanned for
5236 5237 * the ZONE_TOKEN token which is not support as part of the
5237 5238 * "limitpriv" property.
5238 5239 *
5239 5240 * Duplicate the supplied privilege string since strtok_r(3C)
5240 5241 * tokenizes its input by null-terminating the tokens.
5241 5242 */
5242 5243 if ((tmp = strdup(privbuf)) == NULL)
5243 5244 return (Z_NOMEM);
5244 5245 for (cp = strtok_r(tmp, TOKEN_PRIV_STR, &lasts); cp != NULL;
5245 5246 cp = strtok_r(NULL, TOKEN_PRIV_STR, &lasts)) {
5246 5247 if (strcmp(cp, ZONE_TOKEN) == 0) {
5247 5248 free(tmp);
5248 5249 if ((*privname = strdup(ZONE_TOKEN)) == NULL)
5249 5250 return (Z_NOMEM);
5250 5251 else
5251 5252 return (Z_PRIV_UNKNOWN);
5252 5253 }
5253 5254 }
5254 5255 free(tmp);
5255 5256
5256 5257 if (add_default) {
5257 5258 /*
5258 5259 * If DEFAULT_TOKEN was specified, a string needs to be
5259 5260 * built containing the privileges from the default, safe
5260 5261 * set along with those of the "limitpriv" property.
5261 5262 */
5262 5263 len = strlen(privbuf) + sizeof (BASIC_TOKEN) + 2;
5263 5264
5264 5265 for (pnp = plp->pl_default; pnp != NULL; pnp = pnp->pn_next)
5265 5266 len += strlen(pnp->pn_priv) + 1;
5266 5267 tmp = alloca(len);
5267 5268 *tmp = '\0';
5268 5269
5269 5270 append_priv_token(BASIC_TOKEN, tmp, len);
5270 5271 for (pnp = plp->pl_default; pnp != NULL; pnp = pnp->pn_next)
5271 5272 append_priv_token(pnp->pn_priv, tmp, len);
5272 5273 (void) strlcat(tmp, TOKEN_PRIV_STR, len);
5273 5274 (void) strlcat(tmp, privbuf, len);
5274 5275 } else {
5275 5276 tmp = privbuf;
5276 5277 }
5277 5278
5278 5279
5279 5280 /*
5280 5281 * In the next phase, attempt to convert the merged privilege
5281 5282 * string into a privilege set. In the case of an error, either
5282 5283 * there was a memory allocation failure or there was an invalid
5283 5284 * privilege token in the string. In either case, return an
5284 5285 * appropriate error code but in the event of an invalid token,
5285 5286 * allocate a string containing its name and return that back to
5286 5287 * the caller.
5287 5288 */
5288 5289 mergeset = priv_str_to_set(tmp, TOKEN_PRIV_STR, &token);
5289 5290 if (mergeset == NULL) {
5290 5291 if (token == NULL)
5291 5292 return (Z_NOMEM);
5292 5293 if ((cp = strchr(token, TOKEN_PRIV_CHAR)) != NULL)
5293 5294 *cp = '\0';
5294 5295 if ((*privname = strdup(token)) == NULL)
5295 5296 return (Z_NOMEM);
5296 5297 else
5297 5298 return (Z_PRIV_UNKNOWN);
5298 5299 }
5299 5300
5300 5301 /*
5301 5302 * Next, verify that none of the prohibited zone privileges are
5302 5303 * present in the merged privilege set.
5303 5304 */
5304 5305 for (pnp = plp->pl_prohibited; pnp != NULL; pnp = pnp->pn_next) {
5305 5306 if (priv_ismember(mergeset, pnp->pn_priv)) {
5306 5307 priv_freeset(mergeset);
5307 5308 if ((*privname = strdup(pnp->pn_priv)) == NULL)
5308 5309 return (Z_NOMEM);
5309 5310 else
5310 5311 return (Z_PRIV_PROHIBITED);
5311 5312 }
5312 5313 }
5313 5314
5314 5315 /*
5315 5316 * Finally, verify that all of the required zone privileges are
5316 5317 * present in the merged privilege set.
5317 5318 */
5318 5319 for (pnp = plp->pl_required; pnp != NULL; pnp = pnp->pn_next) {
5319 5320 if (!priv_ismember(mergeset, pnp->pn_priv)) {
5320 5321 priv_freeset(mergeset);
5321 5322 if ((*privname = strdup(pnp->pn_priv)) == NULL)
5322 5323 return (Z_NOMEM);
5323 5324 else
5324 5325 return (Z_PRIV_REQUIRED);
5325 5326 }
5326 5327 }
5327 5328
5328 5329 priv_copyset(mergeset, privs);
5329 5330 priv_freeset(mergeset);
5330 5331 return (Z_OK);
5331 5332 }
5332 5333
5333 5334 /*
5334 5335 * Fill in the supplied privilege set with either the default, safe set of
5335 5336 * privileges suitable for a non-global zone, or one based on the
5336 5337 * "limitpriv" property in the zone's configuration.
5337 5338 *
5338 5339 * In the event of an invalid privilege specification in the
5339 5340 * configuration, a string is allocated and returned containing the
5340 5341 * "privilege" causing the issue. It is the caller's responsibility to
5341 5342 * free this memory when it is done with it.
5342 5343 */
5343 5344 int
5344 5345 zonecfg_get_privset(zone_dochandle_t handle, priv_set_t *privs,
5345 5346 char **privname)
5346 5347 {
5347 5348 priv_lists_t *plp;
5348 5349 char *cp, *limitpriv = NULL;
5349 5350 int err, limitlen;
5350 5351 zone_iptype_t iptype;
5351 5352 const char *curr_iptype;
5352 5353
5353 5354 /*
5354 5355 * Attempt to lookup the "limitpriv" property. If it does not
5355 5356 * exist or matches the string DEFAULT_TOKEN exactly, then the
5356 5357 * default, safe privilege set is returned.
5357 5358 */
5358 5359 if ((err = zonecfg_get_limitpriv(handle, &limitpriv)) != Z_OK)
5359 5360 return (err);
5360 5361
5361 5362 if ((err = zonecfg_get_iptype(handle, &iptype)) != Z_OK)
5362 5363 return (err);
5363 5364
5364 5365 switch (iptype) {
5365 5366 case ZS_SHARED:
5366 5367 curr_iptype = "shared";
5367 5368 break;
5368 5369 case ZS_EXCLUSIVE:
5369 5370 curr_iptype = "exclusive";
5370 5371 break;
5371 5372 }
5372 5373
5373 5374 if ((err = priv_lists_create(handle, NULL, &plp, curr_iptype)) != Z_OK)
5374 5375 return (err);
5375 5376
5376 5377 limitlen = strlen(limitpriv);
5377 5378 if (limitlen == 0 || strcmp(limitpriv, DEFAULT_TOKEN) == 0) {
5378 5379 free(limitpriv);
5379 5380 err = get_default_privset(privs, plp);
5380 5381 priv_lists_destroy(plp);
5381 5382 return (err);
5382 5383 }
5383 5384
5384 5385 /*
5385 5386 * Check if the string DEFAULT_TOKEN is the first token in a list
5386 5387 * of privileges.
5387 5388 */
5388 5389 cp = strchr(limitpriv, TOKEN_PRIV_CHAR);
5389 5390 if (cp != NULL &&
5390 5391 strncmp(limitpriv, DEFAULT_TOKEN, cp - limitpriv) == 0)
5391 5392 err = verify_privset(cp + 1, privs, privname, B_TRUE, plp);
5392 5393 else
5393 5394 err = verify_privset(limitpriv, privs, privname, B_FALSE, plp);
5394 5395
5395 5396 free(limitpriv);
5396 5397 priv_lists_destroy(plp);
5397 5398 return (err);
5398 5399 }
5399 5400
5400 5401 int
5401 5402 zone_get_zonepath(char *zone_name, char *zonepath, size_t rp_sz)
5402 5403 {
5403 5404 zone_dochandle_t handle;
5404 5405 boolean_t found = B_FALSE;
5405 5406 struct zoneent *ze;
5406 5407 FILE *cookie;
5407 5408 int err;
5408 5409 char *cp;
5409 5410
5410 5411 if (zone_name == NULL)
5411 5412 return (Z_INVAL);
5412 5413
5413 5414 (void) strlcpy(zonepath, zonecfg_root, rp_sz);
5414 5415 cp = zonepath + strlen(zonepath);
5415 5416 while (cp > zonepath && cp[-1] == '/')
5416 5417 *--cp = '\0';
5417 5418
5418 5419 if (strcmp(zone_name, GLOBAL_ZONENAME) == 0) {
5419 5420 if (zonepath[0] == '\0')
5420 5421 (void) strlcpy(zonepath, "/", rp_sz);
5421 5422 return (Z_OK);
5422 5423 }
5423 5424
5424 5425 /*
5425 5426 * First check the index file. Because older versions did not have
5426 5427 * a copy of the zone path, allow for it to be zero length, in which
5427 5428 * case we ignore this result and fall back to the XML files.
5428 5429 */
5429 5430 cookie = setzoneent();
5430 5431 while ((ze = getzoneent_private(cookie)) != NULL) {
5431 5432 if (strcmp(ze->zone_name, zone_name) == 0) {
5432 5433 found = B_TRUE;
5433 5434 if (ze->zone_path[0] != '\0')
5434 5435 (void) strlcpy(cp, ze->zone_path,
5435 5436 rp_sz - (cp - zonepath));
5436 5437 }
5437 5438 free(ze);
5438 5439 if (found)
5439 5440 break;
5440 5441 }
5441 5442 endzoneent(cookie);
5442 5443 if (found && *cp != '\0')
5443 5444 return (Z_OK);
5444 5445
5445 5446 /* Fall back to the XML files. */
5446 5447 if ((handle = zonecfg_init_handle()) == NULL)
5447 5448 return (Z_NOMEM);
5448 5449
5449 5450 /*
5450 5451 * Check the snapshot first: if a zone is running, its zonepath
5451 5452 * may have changed.
5452 5453 */
5453 5454 if (zonecfg_get_snapshot_handle(zone_name, handle) != Z_OK) {
5454 5455 if ((err = zonecfg_get_handle(zone_name, handle)) != Z_OK) {
5455 5456 zonecfg_fini_handle(handle);
5456 5457 return (err);
5457 5458 }
5458 5459 }
5459 5460 err = zonecfg_get_zonepath(handle, zonepath, rp_sz);
5460 5461 zonecfg_fini_handle(handle);
5461 5462 return (err);
5462 5463 }
5463 5464
5464 5465 int
5465 5466 zone_get_rootpath(char *zone_name, char *rootpath, size_t rp_sz)
5466 5467 {
5467 5468 int err;
5468 5469
5469 5470 /* This function makes sense for non-global zones only. */
5470 5471 if (strcmp(zone_name, GLOBAL_ZONENAME) == 0)
5471 5472 return (Z_BOGUS_ZONE_NAME);
5472 5473 if ((err = zone_get_zonepath(zone_name, rootpath, rp_sz)) != Z_OK)
5473 5474 return (err);
5474 5475 if (strlcat(rootpath, "/root", rp_sz) >= rp_sz)
5475 5476 return (Z_TOO_BIG);
5476 5477 return (Z_OK);
5477 5478 }
5478 5479
5479 5480 int
5480 5481 zone_get_brand(char *zone_name, char *brandname, size_t rp_sz)
5481 5482 {
5482 5483 int err;
5483 5484 zone_dochandle_t handle;
5484 5485 char myzone[MAXNAMELEN];
5485 5486 int myzoneid = getzoneid();
5486 5487
5487 5488 /*
5488 5489 * If we are not in the global zone, then we don't have the zone
5489 5490 * .xml files with the brand name available. Thus, we are going to
5490 5491 * have to ask the kernel for the information.
5491 5492 */
5492 5493 if (myzoneid != GLOBAL_ZONEID) {
5493 5494 if (is_system_labeled()) {
5494 5495 (void) strlcpy(brandname, NATIVE_BRAND_NAME, rp_sz);
5495 5496 return (Z_OK);
5496 5497 }
5497 5498 if (zone_getattr(myzoneid, ZONE_ATTR_NAME, myzone,
5498 5499 sizeof (myzone)) < 0)
5499 5500 return (Z_NO_ZONE);
5500 5501 if (!zonecfg_is_scratch(myzone)) {
5501 5502 if (strncmp(zone_name, myzone, MAXNAMELEN) != 0)
5502 5503 return (Z_NO_ZONE);
5503 5504 }
5504 5505 err = zone_getattr(myzoneid, ZONE_ATTR_BRAND, brandname, rp_sz);
5505 5506 if (err < 0)
5506 5507 return ((errno == EFAULT) ? Z_TOO_BIG : Z_INVAL);
5507 5508
5508 5509 return (Z_OK);
5509 5510 }
5510 5511
5511 5512 if (strcmp(zone_name, "global") == 0)
5512 5513 return (zonecfg_default_brand(brandname, rp_sz));
5513 5514
5514 5515 if ((handle = zonecfg_init_handle()) == NULL)
5515 5516 return (Z_NOMEM);
5516 5517
5517 5518 err = zonecfg_get_handle((char *)zone_name, handle);
5518 5519 if (err == Z_OK)
5519 5520 err = zonecfg_get_brand(handle, brandname, rp_sz);
5520 5521
5521 5522 zonecfg_fini_handle(handle);
5522 5523 return (err);
5523 5524 }
5524 5525
5525 5526 /*
5526 5527 * Return the appropriate root for the active /dev.
5527 5528 * For normal zone, the path is $ZONEPATH/root;
5528 5529 * for scratch zone, the dev path is $ZONEPATH/lu.
5529 5530 */
5530 5531 int
5531 5532 zone_get_devroot(char *zone_name, char *devroot, size_t rp_sz)
5532 5533 {
5533 5534 int err;
5534 5535 char *suffix;
5535 5536 zone_state_t state;
5536 5537
5537 5538 /* This function makes sense for non-global zones only. */
5538 5539 if (strcmp(zone_name, GLOBAL_ZONENAME) == 0)
5539 5540 return (Z_BOGUS_ZONE_NAME);
5540 5541 if ((err = zone_get_zonepath(zone_name, devroot, rp_sz)) != Z_OK)
5541 5542 return (err);
5542 5543
5543 5544 if (zone_get_state(zone_name, &state) == Z_OK &&
5544 5545 state == ZONE_STATE_MOUNTED)
5545 5546 suffix = "/lu";
5546 5547 else
5547 5548 suffix = "/root";
5548 5549 if (strlcat(devroot, suffix, rp_sz) >= rp_sz)
5549 5550 return (Z_TOO_BIG);
5550 5551 return (Z_OK);
5551 5552 }
5552 5553
5553 5554 static zone_state_t
5554 5555 kernel_state_to_user_state(zoneid_t zoneid, zone_status_t kernel_state)
5555 5556 {
5556 5557 char zoneroot[MAXPATHLEN];
5557 5558 size_t zlen;
5558 5559
5559 5560 assert(kernel_state <= ZONE_MAX_STATE);
5560 5561 switch (kernel_state) {
5561 5562 case ZONE_IS_UNINITIALIZED:
5562 5563 case ZONE_IS_INITIALIZED:
5563 5564 /* The kernel will not return these two states */
5564 5565 return (ZONE_STATE_READY);
5565 5566 case ZONE_IS_READY:
5566 5567 /*
5567 5568 * If the zone's root is mounted on $ZONEPATH/lu, then
5568 5569 * it's a mounted scratch zone.
5569 5570 */
5570 5571 if (zone_getattr(zoneid, ZONE_ATTR_ROOT, zoneroot,
5571 5572 sizeof (zoneroot)) >= 0) {
5572 5573 zlen = strlen(zoneroot);
5573 5574 if (zlen > 3 &&
5574 5575 strcmp(zoneroot + zlen - 3, "/lu") == 0)
5575 5576 return (ZONE_STATE_MOUNTED);
5576 5577 }
5577 5578 return (ZONE_STATE_READY);
5578 5579 case ZONE_IS_BOOTING:
5579 5580 case ZONE_IS_RUNNING:
5580 5581 return (ZONE_STATE_RUNNING);
5581 5582 case ZONE_IS_SHUTTING_DOWN:
5582 5583 case ZONE_IS_EMPTY:
5583 5584 return (ZONE_STATE_SHUTTING_DOWN);
5584 5585 case ZONE_IS_DOWN:
5585 5586 case ZONE_IS_DYING:
5586 5587 case ZONE_IS_DEAD:
5587 5588 default:
5588 5589 return (ZONE_STATE_DOWN);
5589 5590 }
5590 5591 /* NOTREACHED */
5591 5592 }
5592 5593
5593 5594 int
5594 5595 zone_get_state(char *zone_name, zone_state_t *state_num)
5595 5596 {
5596 5597 zone_status_t status;
5597 5598 zoneid_t zone_id;
5598 5599 struct zoneent *ze;
5599 5600 boolean_t found = B_FALSE;
5600 5601 FILE *cookie;
5601 5602 char kernzone[ZONENAME_MAX];
5602 5603 FILE *fp;
5603 5604
5604 5605 if (zone_name == NULL)
5605 5606 return (Z_INVAL);
5606 5607
5607 5608 /*
5608 5609 * If we're looking at an alternate root, then we need to query the
5609 5610 * kernel using the scratch zone name.
5610 5611 */
5611 5612 zone_id = -1;
5612 5613 if (*zonecfg_root != '\0' && !zonecfg_is_scratch(zone_name)) {
5613 5614 if ((fp = zonecfg_open_scratch("", B_FALSE)) != NULL) {
5614 5615 if (zonecfg_find_scratch(fp, zone_name, zonecfg_root,
5615 5616 kernzone, sizeof (kernzone)) == 0)
5616 5617 zone_id = getzoneidbyname(kernzone);
5617 5618 zonecfg_close_scratch(fp);
5618 5619 }
5619 5620 } else {
5620 5621 zone_id = getzoneidbyname(zone_name);
5621 5622 }
5622 5623
5623 5624 /* check to see if zone is running */
5624 5625 if (zone_id != -1 &&
5625 5626 zone_getattr(zone_id, ZONE_ATTR_STATUS, &status,
5626 5627 sizeof (status)) >= 0) {
5627 5628 *state_num = kernel_state_to_user_state(zone_id, status);
5628 5629 return (Z_OK);
5629 5630 }
5630 5631
5631 5632 cookie = setzoneent();
5632 5633 while ((ze = getzoneent_private(cookie)) != NULL) {
5633 5634 if (strcmp(ze->zone_name, zone_name) == 0) {
5634 5635 found = B_TRUE;
5635 5636 *state_num = ze->zone_state;
5636 5637 }
5637 5638 free(ze);
5638 5639 if (found)
5639 5640 break;
5640 5641 }
5641 5642 endzoneent(cookie);
5642 5643 return ((found) ? Z_OK : Z_NO_ZONE);
5643 5644 }
5644 5645
5645 5646 int
5646 5647 zone_set_state(char *zone, zone_state_t state)
5647 5648 {
5648 5649 struct zoneent ze;
5649 5650
5650 5651 if (state != ZONE_STATE_CONFIGURED && state != ZONE_STATE_INSTALLED &&
5651 5652 state != ZONE_STATE_INCOMPLETE)
5652 5653 return (Z_INVAL);
5653 5654
5654 5655 bzero(&ze, sizeof (ze));
5655 5656 (void) strlcpy(ze.zone_name, zone, sizeof (ze.zone_name));
5656 5657 ze.zone_state = state;
5657 5658 (void) strlcpy(ze.zone_path, "", sizeof (ze.zone_path));
5658 5659 return (putzoneent(&ze, PZE_MODIFY));
5659 5660 }
5660 5661
5661 5662 /*
5662 5663 * Get id (if any) for specified zone. There are four possible outcomes:
5663 5664 * - If the string corresponds to the numeric id of an active (booted)
5664 5665 * zone, sets *zip to the zone id and returns 0.
5665 5666 * - If the string corresponds to the name of an active (booted) zone,
5666 5667 * sets *zip to the zone id and returns 0.
5667 5668 * - If the string is a name in the configuration but is not booted,
5668 5669 * sets *zip to ZONE_ID_UNDEFINED and returns 0.
5669 5670 * - Otherwise, leaves *zip unchanged and returns -1.
5670 5671 *
5671 5672 * This function acts as an auxiliary filter on the function of the same
5672 5673 * name in libc; the linker binds to this version if libzonecfg exists,
5673 5674 * and the libc version if it doesn't. Any changes to this version of
5674 5675 * the function should probably be reflected in the libc version as well.
5675 5676 */
5676 5677 int
5677 5678 zone_get_id(const char *str, zoneid_t *zip)
5678 5679 {
5679 5680 zone_dochandle_t hdl;
5680 5681 zoneid_t zoneid;
5681 5682 char *cp;
5682 5683 int err;
5683 5684
5684 5685 /* first try looking for active zone by id */
5685 5686 errno = 0;
5686 5687 zoneid = (zoneid_t)strtol(str, &cp, 0);
5687 5688 if (errno == 0 && cp != str && *cp == '\0' &&
5688 5689 getzonenamebyid(zoneid, NULL, 0) != -1) {
5689 5690 *zip = zoneid;
5690 5691 return (0);
5691 5692 }
5692 5693
5693 5694 /* then look for active zone by name */
5694 5695 if ((zoneid = getzoneidbyname(str)) != -1) {
5695 5696 *zip = zoneid;
5696 5697 return (0);
5697 5698 }
5698 5699
5699 5700 /* if in global zone, try looking up name in configuration database */
5700 5701 if (getzoneid() != GLOBAL_ZONEID ||
5701 5702 (hdl = zonecfg_init_handle()) == NULL)
5702 5703 return (-1);
5703 5704
5704 5705 if (zonecfg_get_handle(str, hdl) == Z_OK) {
5705 5706 /* zone exists but isn't active */
5706 5707 *zip = ZONE_ID_UNDEFINED;
5707 5708 err = 0;
5708 5709 } else {
5709 5710 err = -1;
5710 5711 }
5711 5712
5712 5713 zonecfg_fini_handle(hdl);
5713 5714 return (err);
5714 5715 }
5715 5716
5716 5717 char *
5717 5718 zone_state_str(zone_state_t state_num)
5718 5719 {
5719 5720 switch (state_num) {
5720 5721 case ZONE_STATE_CONFIGURED:
5721 5722 return (ZONE_STATE_STR_CONFIGURED);
5722 5723 case ZONE_STATE_INCOMPLETE:
5723 5724 return (ZONE_STATE_STR_INCOMPLETE);
5724 5725 case ZONE_STATE_INSTALLED:
5725 5726 return (ZONE_STATE_STR_INSTALLED);
5726 5727 case ZONE_STATE_READY:
5727 5728 return (ZONE_STATE_STR_READY);
5728 5729 case ZONE_STATE_MOUNTED:
5729 5730 return (ZONE_STATE_STR_MOUNTED);
5730 5731 case ZONE_STATE_RUNNING:
5731 5732 return (ZONE_STATE_STR_RUNNING);
5732 5733 case ZONE_STATE_SHUTTING_DOWN:
5733 5734 return (ZONE_STATE_STR_SHUTTING_DOWN);
5734 5735 case ZONE_STATE_DOWN:
5735 5736 return (ZONE_STATE_STR_DOWN);
5736 5737 default:
5737 5738 return ("unknown");
5738 5739 }
5739 5740 }
5740 5741
5741 5742 /*
5742 5743 * Given a UUID value, find an associated zone name. This is intended to be
5743 5744 * used by callers who set up some 'default' name (corresponding to the
5744 5745 * expected name for the zone) in the zonename buffer, and thus the function
5745 5746 * doesn't touch this buffer on failure.
5746 5747 */
5747 5748 int
5748 5749 zonecfg_get_name_by_uuid(const uuid_t uuidin, char *zonename, size_t namelen)
5749 5750 {
5750 5751 FILE *fp;
5751 5752 struct zoneent *ze;
5752 5753 uchar_t *uuid;
5753 5754
5754 5755 /*
5755 5756 * A small amount of subterfuge via casts is necessary here because
5756 5757 * libuuid doesn't use const correctly, but we don't want to export
5757 5758 * this brokenness to our clients.
5758 5759 */
5759 5760 uuid = (uchar_t *)uuidin;
5760 5761 if (uuid_is_null(uuid))
5761 5762 return (Z_NO_ZONE);
5762 5763 if ((fp = setzoneent()) == NULL)
5763 5764 return (Z_NO_ZONE);
5764 5765 while ((ze = getzoneent_private(fp)) != NULL) {
5765 5766 if (uuid_compare(uuid, ze->zone_uuid) == 0)
5766 5767 break;
5767 5768 free(ze);
5768 5769 }
5769 5770 endzoneent(fp);
5770 5771 if (ze != NULL) {
5771 5772 (void) strlcpy(zonename, ze->zone_name, namelen);
5772 5773 free(ze);
5773 5774 return (Z_OK);
5774 5775 } else {
5775 5776 return (Z_NO_ZONE);
5776 5777 }
5777 5778 }
5778 5779
5779 5780 /*
5780 5781 * Given a zone name, get its UUID. Returns a "NULL" UUID value if the zone
5781 5782 * exists but the file doesn't have a value set yet. Returns an error if the
5782 5783 * zone cannot be located.
5783 5784 */
5784 5785 int
5785 5786 zonecfg_get_uuid(const char *zonename, uuid_t uuid)
5786 5787 {
5787 5788 FILE *fp;
5788 5789 struct zoneent *ze;
5789 5790
5790 5791 if ((fp = setzoneent()) == NULL)
5791 5792 return (Z_NO_ZONE);
5792 5793 while ((ze = getzoneent_private(fp)) != NULL) {
5793 5794 if (strcmp(ze->zone_name, zonename) == 0)
5794 5795 break;
5795 5796 free(ze);
5796 5797 }
5797 5798 endzoneent(fp);
5798 5799 if (ze != NULL) {
5799 5800 uuid_copy(uuid, ze->zone_uuid);
5800 5801 free(ze);
5801 5802 return (Z_OK);
5802 5803 } else {
5803 5804 return (Z_NO_ZONE);
5804 5805 }
5805 5806 }
5806 5807
5807 5808 /*
5808 5809 * File-system convenience functions.
5809 5810 */
5810 5811 boolean_t
5811 5812 zonecfg_valid_fs_type(const char *type)
5812 5813 {
5813 5814 /*
5814 5815 * We already know which FS types don't work.
5815 5816 */
5816 5817 if (strcmp(type, "proc") == 0 ||
5817 5818 strcmp(type, "mntfs") == 0 ||
5818 5819 strcmp(type, "autofs") == 0 ||
5819 5820 strncmp(type, "nfs", sizeof ("nfs") - 1) == 0 ||
5820 5821 strcmp(type, "cachefs") == 0)
5821 5822 return (B_FALSE);
5822 5823 /*
5823 5824 * The caller may do more detailed verification to make sure other
5824 5825 * aspects of this filesystem type make sense.
5825 5826 */
5826 5827 return (B_TRUE);
5827 5828 }
5828 5829
5829 5830 /*
5830 5831 * Generally uninteresting rctl convenience functions.
5831 5832 */
5832 5833
5833 5834 int
5834 5835 zonecfg_construct_rctlblk(const struct zone_rctlvaltab *rctlval,
5835 5836 rctlblk_t *rctlblk)
5836 5837 {
5837 5838 unsigned long long ull;
5838 5839 char *endp;
5839 5840 rctl_priv_t priv;
5840 5841 rctl_qty_t limit;
5841 5842 uint_t action;
5842 5843
5843 5844 /* Get the privilege */
5844 5845 if (strcmp(rctlval->zone_rctlval_priv, "basic") == 0) {
5845 5846 priv = RCPRIV_BASIC;
5846 5847 } else if (strcmp(rctlval->zone_rctlval_priv, "privileged") == 0) {
5847 5848 priv = RCPRIV_PRIVILEGED;
5848 5849 } else {
5849 5850 /* Invalid privilege */
5850 5851 return (Z_INVAL);
5851 5852 }
5852 5853
5853 5854 /* deal with negative input; strtoull(3c) doesn't do what we want */
5854 5855 if (rctlval->zone_rctlval_limit[0] == '-')
5855 5856 return (Z_INVAL);
5856 5857 /* Get the limit */
5857 5858 errno = 0;
5858 5859 ull = strtoull(rctlval->zone_rctlval_limit, &endp, 0);
5859 5860 if (errno != 0 || *endp != '\0') {
5860 5861 /* parse failed */
5861 5862 return (Z_INVAL);
5862 5863 }
5863 5864 limit = (rctl_qty_t)ull;
5864 5865
5865 5866 /* Get the action */
5866 5867 if (strcmp(rctlval->zone_rctlval_action, "none") == 0) {
5867 5868 action = RCTL_LOCAL_NOACTION;
5868 5869 } else if (strcmp(rctlval->zone_rctlval_action, "signal") == 0) {
5869 5870 action = RCTL_LOCAL_SIGNAL;
5870 5871 } else if (strcmp(rctlval->zone_rctlval_action, "deny") == 0) {
5871 5872 action = RCTL_LOCAL_DENY;
5872 5873 } else {
5873 5874 /* Invalid Action */
5874 5875 return (Z_INVAL);
5875 5876 }
5876 5877 rctlblk_set_local_action(rctlblk, action, 0);
5877 5878 rctlblk_set_privilege(rctlblk, priv);
5878 5879 rctlblk_set_value(rctlblk, limit);
5879 5880 return (Z_OK);
5880 5881 }
5881 5882
5882 5883 static int
5883 5884 rctl_check(const char *rctlname, void *arg)
5884 5885 {
5885 5886 const char *attrname = arg;
5886 5887
5887 5888 /*
5888 5889 * Returning 1 here is our signal to zonecfg_is_rctl() that it is
5889 5890 * indeed an rctl name recognized by the system.
5890 5891 */
5891 5892 return (strcmp(rctlname, attrname) == 0 ? 1 : 0);
5892 5893 }
5893 5894
5894 5895 boolean_t
5895 5896 zonecfg_is_rctl(const char *name)
5896 5897 {
5897 5898 return (rctl_walk(rctl_check, (void *)name) == 1);
5898 5899 }
5899 5900
5900 5901 boolean_t
5901 5902 zonecfg_valid_rctlname(const char *name)
5902 5903 {
5903 5904 const char *c;
5904 5905
5905 5906 if (strncmp(name, "zone.", sizeof ("zone.") - 1) != 0)
5906 5907 return (B_FALSE);
5907 5908 if (strlen(name) == sizeof ("zone.") - 1)
5908 5909 return (B_FALSE);
5909 5910 for (c = name + sizeof ("zone.") - 1; *c != '\0'; c++) {
5910 5911 if (!isalpha(*c) && *c != '-')
5911 5912 return (B_FALSE);
5912 5913 }
5913 5914 return (B_TRUE);
5914 5915 }
5915 5916
5916 5917 boolean_t
5917 5918 zonecfg_valid_rctlblk(const rctlblk_t *rctlblk)
5918 5919 {
5919 5920 rctl_priv_t priv = rctlblk_get_privilege((rctlblk_t *)rctlblk);
5920 5921 uint_t action = rctlblk_get_local_action((rctlblk_t *)rctlblk, NULL);
5921 5922
5922 5923 if (priv != RCPRIV_PRIVILEGED)
5923 5924 return (B_FALSE);
5924 5925 if (action != RCTL_LOCAL_NOACTION && action != RCTL_LOCAL_DENY)
5925 5926 return (B_FALSE);
5926 5927 return (B_TRUE);
5927 5928 }
5928 5929
5929 5930 boolean_t
5930 5931 zonecfg_valid_rctl(const char *name, const rctlblk_t *rctlblk)
5931 5932 {
5932 5933 rctlblk_t *current, *next;
5933 5934 rctl_qty_t limit = rctlblk_get_value((rctlblk_t *)rctlblk);
5934 5935 uint_t action = rctlblk_get_local_action((rctlblk_t *)rctlblk, NULL);
5935 5936 uint_t global_flags;
5936 5937
5937 5938 if (!zonecfg_valid_rctlblk(rctlblk))
5938 5939 return (B_FALSE);
5939 5940 if (!zonecfg_valid_rctlname(name))
5940 5941 return (B_FALSE);
5941 5942
5942 5943 current = alloca(rctlblk_size());
5943 5944 if (getrctl(name, NULL, current, RCTL_FIRST) != 0)
5944 5945 return (B_TRUE); /* not an rctl on this system */
5945 5946 /*
5946 5947 * Make sure the proposed value isn't greater than the current system
5947 5948 * value.
5948 5949 */
5949 5950 next = alloca(rctlblk_size());
5950 5951 while (rctlblk_get_privilege(current) != RCPRIV_SYSTEM) {
5951 5952 rctlblk_t *tmp;
5952 5953
5953 5954 if (getrctl(name, current, next, RCTL_NEXT) != 0)
5954 5955 return (B_FALSE); /* shouldn't happen */
5955 5956 tmp = current;
5956 5957 current = next;
5957 5958 next = tmp;
5958 5959 }
5959 5960 if (limit > rctlblk_get_value(current))
5960 5961 return (B_FALSE);
5961 5962
5962 5963 /*
5963 5964 * Make sure the proposed action is allowed.
5964 5965 */
5965 5966 global_flags = rctlblk_get_global_flags(current);
5966 5967 if ((global_flags & RCTL_GLOBAL_DENY_NEVER) &&
5967 5968 action == RCTL_LOCAL_DENY)
5968 5969 return (B_FALSE);
5969 5970 if ((global_flags & RCTL_GLOBAL_DENY_ALWAYS) &&
5970 5971 action == RCTL_LOCAL_NOACTION)
5971 5972 return (B_FALSE);
5972 5973
5973 5974 return (B_TRUE);
5974 5975 }
5975 5976
5976 5977 /*
5977 5978 * There is always a race condition between reading the initial copy of
5978 5979 * a zones state and its state changing. We address this by providing
5979 5980 * zonecfg_notify_critical_enter and zonecfg_noticy_critical_exit functions.
5980 5981 * When zonecfg_critical_enter is called, sets the state field to LOCKED
5981 5982 * and aquires biglock. Biglock protects against other threads executing
5982 5983 * critical_enter and the state field protects against state changes during
5983 5984 * the critical period.
5984 5985 *
5985 5986 * If any state changes occur, zn_cb will set the failed field of the znotify
5986 5987 * structure. This will cause the critical_exit function to re-lock the
5987 5988 * channel and return an error. Since evsnts may be delayed, the critical_exit
5988 5989 * function "flushes" the queue by putting an event on the queue and waiting for
5989 5990 * zn_cb to notify critical_exit that it received the ping event.
5990 5991 */
5991 5992 static const char *
5992 5993 string_get_tok(const char *in, char delim, int num)
5993 5994 {
5994 5995 int i = 0;
5995 5996
5996 5997 for (; i < num; in++) {
5997 5998 if (*in == delim)
5998 5999 i++;
5999 6000 if (*in == 0)
6000 6001 return (NULL);
6001 6002 }
6002 6003 return (in);
6003 6004 }
6004 6005
6005 6006 static boolean_t
6006 6007 is_ping(sysevent_t *ev)
6007 6008 {
6008 6009 if (strcmp(sysevent_get_subclass_name(ev),
6009 6010 ZONE_EVENT_PING_SUBCLASS) == 0) {
6010 6011 return (B_TRUE);
6011 6012 } else {
6012 6013 return (B_FALSE);
6013 6014 }
6014 6015 }
6015 6016
6016 6017 static boolean_t
6017 6018 is_my_ping(sysevent_t *ev)
6018 6019 {
6019 6020 const char *sender;
6020 6021 char mypid[sizeof (pid_t) * 3 + 1];
6021 6022
6022 6023 (void) snprintf(mypid, sizeof (mypid), "%i", getpid());
6023 6024 sender = string_get_tok(sysevent_get_pub(ev), ':', 3);
6024 6025 if (sender == NULL)
6025 6026 return (B_FALSE);
6026 6027 if (strcmp(sender, mypid) != 0)
6027 6028 return (B_FALSE);
6028 6029 return (B_TRUE);
6029 6030 }
6030 6031
6031 6032 static int
6032 6033 do_callback(struct znotify *zevtchan, sysevent_t *ev)
6033 6034 {
6034 6035 nvlist_t *l;
6035 6036 int zid;
6036 6037 char *zonename;
6037 6038 char *newstate;
6038 6039 char *oldstate;
6039 6040 int ret;
6040 6041 hrtime_t when;
6041 6042
6042 6043 if (strcmp(sysevent_get_subclass_name(ev),
6043 6044 ZONE_EVENT_STATUS_SUBCLASS) == 0) {
6044 6045
6045 6046 if (sysevent_get_attr_list(ev, &l) != 0) {
6046 6047 if (errno == ENOMEM) {
6047 6048 zevtchan->zn_failure_count++;
6048 6049 return (EAGAIN);
6049 6050 }
6050 6051 return (0);
6051 6052 }
6052 6053 ret = 0;
6053 6054
6054 6055 if ((nvlist_lookup_string(l, ZONE_CB_NAME, &zonename) == 0) &&
6055 6056 (nvlist_lookup_string(l, ZONE_CB_NEWSTATE, &newstate)
6056 6057 == 0) &&
6057 6058 (nvlist_lookup_string(l, ZONE_CB_OLDSTATE, &oldstate)
6058 6059 == 0) &&
6059 6060 (nvlist_lookup_uint64(l, ZONE_CB_TIMESTAMP,
6060 6061 (uint64_t *)&when) == 0) &&
6061 6062 (nvlist_lookup_int32(l, ZONE_CB_ZONEID, &zid) == 0)) {
6062 6063 ret = zevtchan->zn_callback(zonename, zid, newstate,
6063 6064 oldstate, when, zevtchan->zn_private);
6064 6065 }
6065 6066
6066 6067 zevtchan->zn_failure_count = 0;
6067 6068 nvlist_free(l);
6068 6069 return (ret);
6069 6070 } else {
6070 6071 /*
6071 6072 * We have received an event in an unknown subclass. Ignore.
6072 6073 */
6073 6074 zevtchan->zn_failure_count = 0;
6074 6075 return (0);
6075 6076 }
6076 6077 }
6077 6078
6078 6079 static int
6079 6080 zn_cb(sysevent_t *ev, void *p)
6080 6081 {
6081 6082 struct znotify *zevtchan = p;
6082 6083 int error;
6083 6084
6084 6085 (void) pthread_mutex_lock(&(zevtchan->zn_mutex));
6085 6086
6086 6087 if (is_ping(ev) && !is_my_ping(ev)) {
6087 6088 (void) pthread_mutex_unlock((&zevtchan->zn_mutex));
6088 6089 return (0);
6089 6090 }
6090 6091
6091 6092 if (zevtchan->zn_state == ZN_LOCKED) {
6092 6093 assert(!is_ping(ev));
6093 6094 zevtchan->zn_failed = B_TRUE;
6094 6095 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6095 6096 return (0);
6096 6097 }
6097 6098
6098 6099 if (zevtchan->zn_state == ZN_PING_INFLIGHT) {
6099 6100 if (is_ping(ev)) {
6100 6101 zevtchan->zn_state = ZN_PING_RECEIVED;
6101 6102 (void) pthread_cond_signal(&(zevtchan->zn_cond));
6102 6103 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6103 6104 return (0);
6104 6105 } else {
6105 6106 zevtchan->zn_failed = B_TRUE;
6106 6107 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6107 6108 return (0);
6108 6109 }
6109 6110 }
6110 6111
6111 6112 if (zevtchan->zn_state == ZN_UNLOCKED) {
6112 6113
6113 6114 error = do_callback(zevtchan, ev);
6114 6115 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6115 6116 /*
6116 6117 * Every ENOMEM failure causes do_callback to increment
6117 6118 * zn_failure_count and every success causes it to
6118 6119 * set zn_failure_count to zero. If we got EAGAIN,
6119 6120 * we will sleep for zn_failure_count seconds and return
6120 6121 * EAGAIN to gpec to try again.
6121 6122 *
6122 6123 * After 55 seconds, or 10 try's we give up and drop the
6123 6124 * event.
6124 6125 */
6125 6126 if (error == EAGAIN) {
6126 6127 if (zevtchan->zn_failure_count > ZONE_CB_RETRY_COUNT) {
6127 6128 return (0);
6128 6129 }
6129 6130 (void) sleep(zevtchan->zn_failure_count);
6130 6131 }
6131 6132 return (error);
6132 6133 }
6133 6134
6134 6135 if (zevtchan->zn_state == ZN_PING_RECEIVED) {
6135 6136 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6136 6137 return (0);
6137 6138 }
6138 6139
6139 6140 abort();
6140 6141 return (0);
6141 6142 }
6142 6143
6143 6144 void
6144 6145 zonecfg_notify_critical_enter(void *h)
6145 6146 {
6146 6147 struct znotify *zevtchan = h;
6147 6148
6148 6149 (void) pthread_mutex_lock(&(zevtchan->zn_bigmutex));
6149 6150 zevtchan->zn_state = ZN_LOCKED;
6150 6151 }
6151 6152
6152 6153 int
6153 6154 zonecfg_notify_critical_exit(void * h)
6154 6155 {
6155 6156
6156 6157 struct znotify *zevtchan = h;
6157 6158
6158 6159 if (zevtchan->zn_state == ZN_UNLOCKED)
6159 6160 return (0);
6160 6161
6161 6162 (void) pthread_mutex_lock(&(zevtchan->zn_mutex));
6162 6163 zevtchan->zn_state = ZN_PING_INFLIGHT;
6163 6164
6164 6165 (void) sysevent_evc_publish(zevtchan->zn_eventchan,
6165 6166 ZONE_EVENT_STATUS_CLASS,
6166 6167 ZONE_EVENT_PING_SUBCLASS, ZONE_EVENT_PING_PUBLISHER,
6167 6168 zevtchan->zn_subscriber_id, NULL, EVCH_SLEEP);
6168 6169
6169 6170 while (zevtchan->zn_state != ZN_PING_RECEIVED) {
6170 6171 (void) pthread_cond_wait(&(zevtchan->zn_cond),
6171 6172 &(zevtchan->zn_mutex));
6172 6173 }
6173 6174
6174 6175 if (zevtchan->zn_failed == B_TRUE) {
6175 6176 zevtchan->zn_state = ZN_LOCKED;
6176 6177 zevtchan->zn_failed = B_FALSE;
6177 6178 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6178 6179 return (1);
6179 6180 }
6180 6181
6181 6182 zevtchan->zn_state = ZN_UNLOCKED;
6182 6183 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6183 6184 (void) pthread_mutex_unlock(&(zevtchan->zn_bigmutex));
6184 6185 return (0);
6185 6186 }
6186 6187
6187 6188 void
6188 6189 zonecfg_notify_critical_abort(void *h)
6189 6190 {
6190 6191 struct znotify *zevtchan = h;
6191 6192
6192 6193 zevtchan->zn_state = ZN_UNLOCKED;
6193 6194 zevtchan->zn_failed = B_FALSE;
6194 6195 /*
6195 6196 * Don't do anything about zn_lock. If it is held, it could only be
6196 6197 * held by zn_cb and it will be unlocked soon.
6197 6198 */
6198 6199 (void) pthread_mutex_unlock(&(zevtchan->zn_bigmutex));
6199 6200 }
6200 6201
6201 6202 void *
6202 6203 zonecfg_notify_bind(int(*func)(const char *zonename, zoneid_t zid,
6203 6204 const char *newstate, const char *oldstate, hrtime_t when, void *p),
6204 6205 void *p)
6205 6206 {
6206 6207 struct znotify *zevtchan;
6207 6208 int i = 1;
6208 6209 int r;
6209 6210
6210 6211 zevtchan = malloc(sizeof (struct znotify));
6211 6212
6212 6213 if (zevtchan == NULL)
6213 6214 return (NULL);
6214 6215
6215 6216 zevtchan->zn_private = p;
6216 6217 zevtchan->zn_callback = func;
6217 6218 zevtchan->zn_state = ZN_UNLOCKED;
6218 6219 zevtchan->zn_failed = B_FALSE;
6219 6220
6220 6221 if (pthread_mutex_init(&(zevtchan->zn_mutex), NULL))
6221 6222 goto out3;
6222 6223 if (pthread_cond_init(&(zevtchan->zn_cond), NULL)) {
6223 6224 (void) pthread_mutex_destroy(&(zevtchan->zn_mutex));
6224 6225 goto out3;
6225 6226 }
6226 6227 if (pthread_mutex_init(&(zevtchan->zn_bigmutex), NULL)) {
6227 6228 (void) pthread_mutex_destroy(&(zevtchan->zn_mutex));
6228 6229 (void) pthread_cond_destroy(&(zevtchan->zn_cond));
6229 6230 goto out3;
6230 6231 }
6231 6232
6232 6233 if (sysevent_evc_bind(ZONE_EVENT_CHANNEL, &(zevtchan->zn_eventchan),
6233 6234 0) != 0)
6234 6235 goto out2;
6235 6236
6236 6237 do {
6237 6238 /*
6238 6239 * At 4 digits the subscriber ID gets too long and we have
6239 6240 * no chance of successfully registering.
6240 6241 */
6241 6242 if (i > 999)
6242 6243 goto out1;
6243 6244
6244 6245 (void) sprintf(zevtchan->zn_subscriber_id, "zone_%li_%i",
6245 6246 getpid() % 999999l, i);
6246 6247
6247 6248 r = sysevent_evc_subscribe(zevtchan->zn_eventchan,
6248 6249 zevtchan->zn_subscriber_id, ZONE_EVENT_STATUS_CLASS, zn_cb,
6249 6250 zevtchan, 0);
6250 6251
6251 6252 i++;
6252 6253
6253 6254 } while (r);
6254 6255
6255 6256 return (zevtchan);
6256 6257 out1:
6257 6258 (void) sysevent_evc_unbind(zevtchan->zn_eventchan);
6258 6259 out2:
6259 6260 (void) pthread_mutex_destroy(&zevtchan->zn_mutex);
6260 6261 (void) pthread_cond_destroy(&zevtchan->zn_cond);
6261 6262 (void) pthread_mutex_destroy(&(zevtchan->zn_bigmutex));
6262 6263 out3:
6263 6264 free(zevtchan);
6264 6265
6265 6266 return (NULL);
6266 6267 }
6267 6268
6268 6269 void
6269 6270 zonecfg_notify_unbind(void *handle)
6270 6271 {
6271 6272
6272 6273 int ret;
6273 6274
6274 6275 (void) sysevent_evc_unbind(((struct znotify *)handle)->zn_eventchan);
6275 6276 /*
6276 6277 * Check that all evc threads have gone away. This should be
6277 6278 * enforced by sysevent_evc_unbind.
6278 6279 */
6279 6280 ret = pthread_mutex_trylock(&((struct znotify *)handle)->zn_mutex);
6280 6281
6281 6282 if (ret)
6282 6283 abort();
6283 6284
6284 6285 (void) pthread_mutex_unlock(&((struct znotify *)handle)->zn_mutex);
6285 6286 (void) pthread_mutex_destroy(&((struct znotify *)handle)->zn_mutex);
6286 6287 (void) pthread_cond_destroy(&((struct znotify *)handle)->zn_cond);
6287 6288 (void) pthread_mutex_destroy(&((struct znotify *)handle)->zn_bigmutex);
6288 6289
6289 6290 free(handle);
6290 6291 }
6291 6292
6292 6293 static int
6293 6294 zonecfg_add_ds_core(zone_dochandle_t handle, struct zone_dstab *tabptr)
6294 6295 {
6295 6296 xmlNodePtr newnode, cur = handle->zone_dh_cur;
6296 6297 int err;
6297 6298
6298 6299 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DATASET, NULL);
6299 6300 if ((err = newprop(newnode, DTD_ATTR_NAME,
6300 6301 tabptr->zone_dataset_name)) != Z_OK)
6301 6302 return (err);
6302 6303 return (Z_OK);
6303 6304 }
6304 6305
6305 6306 int
6306 6307 zonecfg_add_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
6307 6308 {
6308 6309 int err;
6309 6310
6310 6311 if (tabptr == NULL)
6311 6312 return (Z_INVAL);
6312 6313
6313 6314 if ((err = operation_prep(handle)) != Z_OK)
6314 6315 return (err);
6315 6316
6316 6317 if ((err = zonecfg_add_ds_core(handle, tabptr)) != Z_OK)
6317 6318 return (err);
6318 6319
6319 6320 return (Z_OK);
6320 6321 }
6321 6322
6322 6323 static int
6323 6324 zonecfg_delete_ds_core(zone_dochandle_t handle, struct zone_dstab *tabptr)
6324 6325 {
6325 6326 xmlNodePtr cur = handle->zone_dh_cur;
6326 6327
6327 6328 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6328 6329 if (xmlStrcmp(cur->name, DTD_ELEM_DATASET))
6329 6330 continue;
6330 6331
6331 6332 if (match_prop(cur, DTD_ATTR_NAME,
6332 6333 tabptr->zone_dataset_name)) {
6333 6334 xmlUnlinkNode(cur);
6334 6335 xmlFreeNode(cur);
6335 6336 return (Z_OK);
6336 6337 }
6337 6338 }
6338 6339 return (Z_NO_RESOURCE_ID);
6339 6340 }
6340 6341
6341 6342 int
6342 6343 zonecfg_delete_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
6343 6344 {
6344 6345 int err;
6345 6346
6346 6347 if (tabptr == NULL)
6347 6348 return (Z_INVAL);
6348 6349
6349 6350 if ((err = operation_prep(handle)) != Z_OK)
6350 6351 return (err);
6351 6352
6352 6353 if ((err = zonecfg_delete_ds_core(handle, tabptr)) != Z_OK)
6353 6354 return (err);
6354 6355
6355 6356 return (Z_OK);
6356 6357 }
6357 6358
6358 6359 int
6359 6360 zonecfg_modify_ds(
6360 6361 zone_dochandle_t handle,
6361 6362 struct zone_dstab *oldtabptr,
6362 6363 struct zone_dstab *newtabptr)
6363 6364 {
6364 6365 int err;
6365 6366
6366 6367 if (oldtabptr == NULL || newtabptr == NULL)
6367 6368 return (Z_INVAL);
6368 6369
6369 6370 if ((err = operation_prep(handle)) != Z_OK)
6370 6371 return (err);
6371 6372
6372 6373 if ((err = zonecfg_delete_ds_core(handle, oldtabptr)) != Z_OK)
6373 6374 return (err);
6374 6375
6375 6376 if ((err = zonecfg_add_ds_core(handle, newtabptr)) != Z_OK)
6376 6377 return (err);
6377 6378
6378 6379 return (Z_OK);
6379 6380 }
6380 6381
6381 6382 int
6382 6383 zonecfg_lookup_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
6383 6384 {
6384 6385 xmlNodePtr cur, firstmatch;
6385 6386 int err;
6386 6387 char dataset[MAXNAMELEN];
6387 6388
6388 6389 if (tabptr == NULL)
6389 6390 return (Z_INVAL);
6390 6391
6391 6392 if ((err = operation_prep(handle)) != Z_OK)
6392 6393 return (err);
6393 6394
6394 6395 cur = handle->zone_dh_cur;
6395 6396 firstmatch = NULL;
6396 6397 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6397 6398 if (xmlStrcmp(cur->name, DTD_ELEM_DATASET))
6398 6399 continue;
6399 6400 if (strlen(tabptr->zone_dataset_name) > 0) {
6400 6401 if ((fetchprop(cur, DTD_ATTR_NAME, dataset,
6401 6402 sizeof (dataset)) == Z_OK) &&
6402 6403 (strcmp(tabptr->zone_dataset_name,
6403 6404 dataset) == 0)) {
6404 6405 if (firstmatch == NULL)
6405 6406 firstmatch = cur;
6406 6407 else
6407 6408 return (Z_INSUFFICIENT_SPEC);
6408 6409 }
6409 6410 }
6410 6411 }
6411 6412 if (firstmatch == NULL)
6412 6413 return (Z_NO_RESOURCE_ID);
6413 6414
6414 6415 cur = firstmatch;
6415 6416
6416 6417 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_dataset_name,
6417 6418 sizeof (tabptr->zone_dataset_name))) != Z_OK)
6418 6419 return (err);
6419 6420
6420 6421 return (Z_OK);
6421 6422 }
6422 6423
6423 6424 int
6424 6425 zonecfg_setdsent(zone_dochandle_t handle)
6425 6426 {
6426 6427 return (zonecfg_setent(handle));
6427 6428 }
6428 6429
6429 6430 int
6430 6431 zonecfg_getdsent(zone_dochandle_t handle, struct zone_dstab *tabptr)
6431 6432 {
6432 6433 xmlNodePtr cur;
6433 6434 int err;
6434 6435
6435 6436 if (handle == NULL)
6436 6437 return (Z_INVAL);
6437 6438
6438 6439 if ((cur = handle->zone_dh_cur) == NULL)
6439 6440 return (Z_NO_ENTRY);
6440 6441
6441 6442 for (; cur != NULL; cur = cur->next)
6442 6443 if (!xmlStrcmp(cur->name, DTD_ELEM_DATASET))
6443 6444 break;
6444 6445 if (cur == NULL) {
6445 6446 handle->zone_dh_cur = handle->zone_dh_top;
6446 6447 return (Z_NO_ENTRY);
6447 6448 }
6448 6449
6449 6450 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_dataset_name,
6450 6451 sizeof (tabptr->zone_dataset_name))) != Z_OK) {
6451 6452 handle->zone_dh_cur = handle->zone_dh_top;
6452 6453 return (err);
6453 6454 }
6454 6455
6455 6456 handle->zone_dh_cur = cur->next;
6456 6457 return (Z_OK);
6457 6458 }
6458 6459
6459 6460 int
6460 6461 zonecfg_enddsent(zone_dochandle_t handle)
6461 6462 {
6462 6463 return (zonecfg_endent(handle));
6463 6464 }
6464 6465
6465 6466 /*
6466 6467 * Support for aliased rctls; that is, rctls that have simplified names in
6467 6468 * zonecfg. For example, max-lwps is an alias for a well defined zone.max-lwps
6468 6469 * rctl. If there are multiple existing values for one of these rctls or if
6469 6470 * there is a single value that does not match the well defined template (i.e.
6470 6471 * it has a different action) then we cannot treat the rctl as having an alias
6471 6472 * so we return Z_ALIAS_DISALLOW. That means that the rctl cannot be
6472 6473 * managed in zonecfg via an alias and that the standard rctl syntax must be
6473 6474 * used.
6474 6475 *
6475 6476 * The possible return values are:
6476 6477 * Z_NO_PROPERTY_ID - invalid alias name
6477 6478 * Z_ALIAS_DISALLOW - pre-existing, incompatible rctl definition
6478 6479 * Z_NO_ENTRY - no rctl is configured for this alias
6479 6480 * Z_OK - we got a valid rctl for the specified alias
6480 6481 */
6481 6482 int
6482 6483 zonecfg_get_aliased_rctl(zone_dochandle_t handle, char *name, uint64_t *rval)
6483 6484 {
6484 6485 boolean_t found = B_FALSE;
6485 6486 boolean_t found_val = B_FALSE;
6486 6487 xmlNodePtr cur, val;
6487 6488 char savedname[MAXNAMELEN];
6488 6489 struct zone_rctlvaltab rctl;
6489 6490 int i;
6490 6491 int err;
6491 6492
6492 6493 for (i = 0; aliases[i].shortname != NULL; i++)
6493 6494 if (strcmp(name, aliases[i].shortname) == 0)
6494 6495 break;
6495 6496
6496 6497 if (aliases[i].shortname == NULL)
6497 6498 return (Z_NO_PROPERTY_ID);
6498 6499
6499 6500 if ((err = operation_prep(handle)) != Z_OK)
6500 6501 return (err);
6501 6502
6502 6503 cur = handle->zone_dh_cur;
6503 6504 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6504 6505 if (xmlStrcmp(cur->name, DTD_ELEM_RCTL) != 0)
6505 6506 continue;
6506 6507 if ((fetchprop(cur, DTD_ATTR_NAME, savedname,
6507 6508 sizeof (savedname)) == Z_OK) &&
6508 6509 (strcmp(savedname, aliases[i].realname) == 0)) {
6509 6510
6510 6511 /*
6511 6512 * If we already saw one of these, we can't have an
6512 6513 * alias since we just found another.
6513 6514 */
6514 6515 if (found)
6515 6516 return (Z_ALIAS_DISALLOW);
6516 6517 found = B_TRUE;
6517 6518
6518 6519 for (val = cur->xmlChildrenNode; val != NULL;
6519 6520 val = val->next) {
6520 6521 /*
6521 6522 * If we already have one value, we can't have
6522 6523 * an alias since we just found another.
6523 6524 */
6524 6525 if (found_val)
6525 6526 return (Z_ALIAS_DISALLOW);
6526 6527 found_val = B_TRUE;
6527 6528
6528 6529 if ((fetchprop(val, DTD_ATTR_PRIV,
6529 6530 rctl.zone_rctlval_priv,
6530 6531 sizeof (rctl.zone_rctlval_priv)) != Z_OK))
6531 6532 break;
6532 6533 if ((fetchprop(val, DTD_ATTR_LIMIT,
6533 6534 rctl.zone_rctlval_limit,
6534 6535 sizeof (rctl.zone_rctlval_limit)) != Z_OK))
6535 6536 break;
6536 6537 if ((fetchprop(val, DTD_ATTR_ACTION,
6537 6538 rctl.zone_rctlval_action,
6538 6539 sizeof (rctl.zone_rctlval_action)) != Z_OK))
6539 6540 break;
6540 6541 }
6541 6542
6542 6543 /* check priv and action match the expected vals */
6543 6544 if (strcmp(rctl.zone_rctlval_priv,
6544 6545 aliases[i].priv) != 0 ||
6545 6546 strcmp(rctl.zone_rctlval_action,
6546 6547 aliases[i].action) != 0)
6547 6548 return (Z_ALIAS_DISALLOW);
6548 6549 }
6549 6550 }
6550 6551
6551 6552 if (found) {
6552 6553 *rval = strtoull(rctl.zone_rctlval_limit, NULL, 10);
6553 6554 return (Z_OK);
6554 6555 }
6555 6556
6556 6557 return (Z_NO_ENTRY);
6557 6558 }
6558 6559
6559 6560 int
6560 6561 zonecfg_rm_aliased_rctl(zone_dochandle_t handle, char *name)
6561 6562 {
6562 6563 int i;
6563 6564 uint64_t val;
6564 6565 struct zone_rctltab rctltab;
6565 6566
6566 6567 /*
6567 6568 * First check that we have a valid aliased rctl to remove.
6568 6569 * This will catch an rctl entry with non-standard values or
6569 6570 * multiple rctl values for this name. We need to ignore those
6570 6571 * rctl entries.
6571 6572 */
6572 6573 if (zonecfg_get_aliased_rctl(handle, name, &val) != Z_OK)
6573 6574 return (Z_OK);
6574 6575
6575 6576 for (i = 0; aliases[i].shortname != NULL; i++)
6576 6577 if (strcmp(name, aliases[i].shortname) == 0)
6577 6578 break;
6578 6579
6579 6580 if (aliases[i].shortname == NULL)
6580 6581 return (Z_NO_RESOURCE_ID);
6581 6582
6582 6583 (void) strlcpy(rctltab.zone_rctl_name, aliases[i].realname,
6583 6584 sizeof (rctltab.zone_rctl_name));
6584 6585
6585 6586 return (zonecfg_delete_rctl(handle, &rctltab));
6586 6587 }
6587 6588
6588 6589 boolean_t
6589 6590 zonecfg_aliased_rctl_ok(zone_dochandle_t handle, char *name)
6590 6591 {
6591 6592 uint64_t tmp_val;
6592 6593
6593 6594 switch (zonecfg_get_aliased_rctl(handle, name, &tmp_val)) {
6594 6595 case Z_OK:
6595 6596 /*FALLTHRU*/
6596 6597 case Z_NO_ENTRY:
6597 6598 return (B_TRUE);
6598 6599 default:
6599 6600 return (B_FALSE);
6600 6601 }
6601 6602 }
6602 6603
6603 6604 int
6604 6605 zonecfg_set_aliased_rctl(zone_dochandle_t handle, char *name, uint64_t val)
6605 6606 {
6606 6607 int i;
6607 6608 int err;
6608 6609 struct zone_rctltab rctltab;
6609 6610 struct zone_rctlvaltab *rctlvaltab;
6610 6611 char buf[128];
6611 6612
6612 6613 if (!zonecfg_aliased_rctl_ok(handle, name))
6613 6614 return (Z_ALIAS_DISALLOW);
6614 6615
6615 6616 for (i = 0; aliases[i].shortname != NULL; i++)
6616 6617 if (strcmp(name, aliases[i].shortname) == 0)
6617 6618 break;
6618 6619
6619 6620 if (aliases[i].shortname == NULL)
6620 6621 return (Z_NO_RESOURCE_ID);
6621 6622
6622 6623 /* remove any pre-existing definition for this rctl */
6623 6624 (void) zonecfg_rm_aliased_rctl(handle, name);
6624 6625
6625 6626 (void) strlcpy(rctltab.zone_rctl_name, aliases[i].realname,
6626 6627 sizeof (rctltab.zone_rctl_name));
6627 6628
6628 6629 rctltab.zone_rctl_valptr = NULL;
6629 6630
6630 6631 if ((rctlvaltab = calloc(1, sizeof (struct zone_rctlvaltab))) == NULL)
6631 6632 return (Z_NOMEM);
6632 6633
6633 6634 (void) snprintf(buf, sizeof (buf), "%llu", (long long)val);
6634 6635
6635 6636 (void) strlcpy(rctlvaltab->zone_rctlval_priv, aliases[i].priv,
6636 6637 sizeof (rctlvaltab->zone_rctlval_priv));
6637 6638 (void) strlcpy(rctlvaltab->zone_rctlval_limit, buf,
6638 6639 sizeof (rctlvaltab->zone_rctlval_limit));
6639 6640 (void) strlcpy(rctlvaltab->zone_rctlval_action, aliases[i].action,
6640 6641 sizeof (rctlvaltab->zone_rctlval_action));
6641 6642
6642 6643 rctlvaltab->zone_rctlval_next = NULL;
6643 6644
6644 6645 if ((err = zonecfg_add_rctl_value(&rctltab, rctlvaltab)) != Z_OK)
6645 6646 return (err);
6646 6647
6647 6648 return (zonecfg_add_rctl(handle, &rctltab));
6648 6649 }
6649 6650
6650 6651 static int
6651 6652 delete_tmp_pool(zone_dochandle_t handle)
6652 6653 {
6653 6654 int err;
6654 6655 xmlNodePtr cur = handle->zone_dh_cur;
6655 6656
6656 6657 if ((err = operation_prep(handle)) != Z_OK)
6657 6658 return (err);
6658 6659
6659 6660 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6660 6661 if (xmlStrcmp(cur->name, DTD_ELEM_TMPPOOL) == 0) {
6661 6662 xmlUnlinkNode(cur);
6662 6663 xmlFreeNode(cur);
6663 6664 return (Z_OK);
6664 6665 }
6665 6666 }
6666 6667
6667 6668 return (Z_NO_RESOURCE_ID);
6668 6669 }
6669 6670
6670 6671 static int
6671 6672 modify_tmp_pool(zone_dochandle_t handle, char *pool_importance)
6672 6673 {
6673 6674 int err;
6674 6675 xmlNodePtr cur = handle->zone_dh_cur;
6675 6676 xmlNodePtr newnode;
6676 6677
6677 6678 err = delete_tmp_pool(handle);
6678 6679 if (err != Z_OK && err != Z_NO_RESOURCE_ID)
6679 6680 return (err);
6680 6681
6681 6682 if (*pool_importance != '\0') {
6682 6683 if ((err = operation_prep(handle)) != Z_OK)
6683 6684 return (err);
6684 6685
6685 6686 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_TMPPOOL, NULL);
6686 6687 if ((err = newprop(newnode, DTD_ATTR_IMPORTANCE,
6687 6688 pool_importance)) != Z_OK)
6688 6689 return (err);
6689 6690 }
6690 6691
6691 6692 return (Z_OK);
6692 6693 }
6693 6694
6694 6695 static int
6695 6696 add_pset_core(zone_dochandle_t handle, struct zone_psettab *tabptr)
6696 6697 {
6697 6698 xmlNodePtr newnode, cur = handle->zone_dh_cur;
6698 6699 int err;
6699 6700
6700 6701 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_PSET, NULL);
6701 6702 if ((err = newprop(newnode, DTD_ATTR_NCPU_MIN,
6702 6703 tabptr->zone_ncpu_min)) != Z_OK)
6703 6704 return (err);
6704 6705 if ((err = newprop(newnode, DTD_ATTR_NCPU_MAX,
6705 6706 tabptr->zone_ncpu_max)) != Z_OK)
6706 6707 return (err);
6707 6708
6708 6709 if ((err = modify_tmp_pool(handle, tabptr->zone_importance)) != Z_OK)
6709 6710 return (err);
6710 6711
6711 6712 return (Z_OK);
6712 6713 }
6713 6714
6714 6715 int
6715 6716 zonecfg_add_pset(zone_dochandle_t handle, struct zone_psettab *tabptr)
6716 6717 {
6717 6718 int err;
6718 6719
6719 6720 if (tabptr == NULL)
6720 6721 return (Z_INVAL);
6721 6722
6722 6723 if ((err = operation_prep(handle)) != Z_OK)
6723 6724 return (err);
6724 6725
6725 6726 if ((err = add_pset_core(handle, tabptr)) != Z_OK)
6726 6727 return (err);
6727 6728
6728 6729 return (Z_OK);
6729 6730 }
6730 6731
6731 6732 int
6732 6733 zonecfg_delete_pset(zone_dochandle_t handle)
6733 6734 {
6734 6735 int err;
6735 6736 int res = Z_NO_RESOURCE_ID;
6736 6737 xmlNodePtr cur = handle->zone_dh_cur;
6737 6738
6738 6739 if ((err = operation_prep(handle)) != Z_OK)
6739 6740 return (err);
6740 6741
6741 6742 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6742 6743 if (xmlStrcmp(cur->name, DTD_ELEM_PSET) == 0) {
6743 6744 xmlUnlinkNode(cur);
6744 6745 xmlFreeNode(cur);
6745 6746 res = Z_OK;
6746 6747 break;
6747 6748 }
6748 6749 }
6749 6750
6750 6751 /*
6751 6752 * Once we have msets, we should check that a mset
6752 6753 * do not exist before we delete the tmp_pool data.
6753 6754 */
6754 6755 err = delete_tmp_pool(handle);
6755 6756 if (err != Z_OK && err != Z_NO_RESOURCE_ID)
6756 6757 return (err);
6757 6758
6758 6759 return (res);
6759 6760 }
6760 6761
6761 6762 int
6762 6763 zonecfg_modify_pset(zone_dochandle_t handle, struct zone_psettab *tabptr)
6763 6764 {
6764 6765 int err;
6765 6766
6766 6767 if (tabptr == NULL)
6767 6768 return (Z_INVAL);
6768 6769
6769 6770 if ((err = zonecfg_delete_pset(handle)) != Z_OK)
6770 6771 return (err);
6771 6772
6772 6773 if ((err = add_pset_core(handle, tabptr)) != Z_OK)
6773 6774 return (err);
6774 6775
6775 6776 return (Z_OK);
6776 6777 }
6777 6778
6778 6779 int
6779 6780 zonecfg_lookup_pset(zone_dochandle_t handle, struct zone_psettab *tabptr)
6780 6781 {
6781 6782 xmlNodePtr cur;
6782 6783 int err;
6783 6784 int res = Z_NO_ENTRY;
6784 6785
6785 6786 if (tabptr == NULL)
6786 6787 return (Z_INVAL);
6787 6788
6788 6789 if ((err = operation_prep(handle)) != Z_OK)
6789 6790 return (err);
6790 6791
6791 6792 /* this is an optional component */
6792 6793 tabptr->zone_importance[0] = '\0';
6793 6794
6794 6795 cur = handle->zone_dh_cur;
6795 6796 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6796 6797 if (xmlStrcmp(cur->name, DTD_ELEM_PSET) == 0) {
6797 6798 if ((err = fetchprop(cur, DTD_ATTR_NCPU_MIN,
6798 6799 tabptr->zone_ncpu_min,
6799 6800 sizeof (tabptr->zone_ncpu_min))) != Z_OK) {
6800 6801 handle->zone_dh_cur = handle->zone_dh_top;
6801 6802 return (err);
6802 6803 }
6803 6804
6804 6805 if ((err = fetchprop(cur, DTD_ATTR_NCPU_MAX,
6805 6806 tabptr->zone_ncpu_max,
6806 6807 sizeof (tabptr->zone_ncpu_max))) != Z_OK) {
6807 6808 handle->zone_dh_cur = handle->zone_dh_top;
6808 6809 return (err);
6809 6810 }
6810 6811
6811 6812 res = Z_OK;
6812 6813
6813 6814 } else if (xmlStrcmp(cur->name, DTD_ELEM_TMPPOOL) == 0) {
6814 6815 if ((err = fetchprop(cur, DTD_ATTR_IMPORTANCE,
6815 6816 tabptr->zone_importance,
6816 6817 sizeof (tabptr->zone_importance))) != Z_OK) {
6817 6818 handle->zone_dh_cur = handle->zone_dh_top;
6818 6819 return (err);
6819 6820 }
6820 6821 }
6821 6822 }
6822 6823
6823 6824 return (res);
6824 6825 }
6825 6826
6826 6827 int
6827 6828 zonecfg_getpsetent(zone_dochandle_t handle, struct zone_psettab *tabptr)
6828 6829 {
6829 6830 int err;
6830 6831
6831 6832 if ((err = zonecfg_setent(handle)) != Z_OK)
6832 6833 return (err);
6833 6834
6834 6835 err = zonecfg_lookup_pset(handle, tabptr);
6835 6836
6836 6837 (void) zonecfg_endent(handle);
6837 6838
6838 6839 return (err);
6839 6840 }
6840 6841
6841 6842 static int
6842 6843 add_mcap(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
6843 6844 {
6844 6845 xmlNodePtr newnode, cur = handle->zone_dh_cur;
6845 6846 int err;
6846 6847
6847 6848 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_MCAP, NULL);
6848 6849 if ((err = newprop(newnode, DTD_ATTR_PHYSCAP, tabptr->zone_physmem_cap))
6849 6850 != Z_OK)
6850 6851 return (err);
6851 6852
6852 6853 return (Z_OK);
6853 6854 }
6854 6855
6855 6856 int
6856 6857 zonecfg_delete_mcap(zone_dochandle_t handle)
6857 6858 {
6858 6859 int err;
6859 6860 xmlNodePtr cur = handle->zone_dh_cur;
6860 6861
6861 6862 if ((err = operation_prep(handle)) != Z_OK)
6862 6863 return (err);
6863 6864
6864 6865 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6865 6866 if (xmlStrcmp(cur->name, DTD_ELEM_MCAP) != 0)
6866 6867 continue;
6867 6868
6868 6869 xmlUnlinkNode(cur);
6869 6870 xmlFreeNode(cur);
6870 6871 return (Z_OK);
6871 6872 }
6872 6873 return (Z_NO_RESOURCE_ID);
6873 6874 }
6874 6875
6875 6876 int
6876 6877 zonecfg_modify_mcap(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
6877 6878 {
6878 6879 int err;
6879 6880
6880 6881 if (tabptr == NULL)
6881 6882 return (Z_INVAL);
6882 6883
6883 6884 err = zonecfg_delete_mcap(handle);
6884 6885 /* it is ok if there is no mcap entry */
6885 6886 if (err != Z_OK && err != Z_NO_RESOURCE_ID)
6886 6887 return (err);
6887 6888
6888 6889 if ((err = add_mcap(handle, tabptr)) != Z_OK)
6889 6890 return (err);
6890 6891
6891 6892 return (Z_OK);
6892 6893 }
6893 6894
6894 6895 int
6895 6896 zonecfg_lookup_mcap(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
6896 6897 {
6897 6898 xmlNodePtr cur;
6898 6899 int err;
6899 6900
6900 6901 if (tabptr == NULL)
6901 6902 return (Z_INVAL);
6902 6903
6903 6904 if ((err = operation_prep(handle)) != Z_OK)
6904 6905 return (err);
6905 6906
6906 6907 cur = handle->zone_dh_cur;
6907 6908 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6908 6909 if (xmlStrcmp(cur->name, DTD_ELEM_MCAP) != 0)
6909 6910 continue;
6910 6911 if ((err = fetchprop(cur, DTD_ATTR_PHYSCAP,
6911 6912 tabptr->zone_physmem_cap,
6912 6913 sizeof (tabptr->zone_physmem_cap))) != Z_OK) {
6913 6914 handle->zone_dh_cur = handle->zone_dh_top;
6914 6915 return (err);
6915 6916 }
6916 6917
6917 6918 return (Z_OK);
6918 6919 }
6919 6920
6920 6921 return (Z_NO_ENTRY);
6921 6922 }
6922 6923
6923 6924 static int
6924 6925 getmcapent_core(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
6925 6926 {
6926 6927 xmlNodePtr cur;
6927 6928 int err;
6928 6929
6929 6930 if (handle == NULL)
6930 6931 return (Z_INVAL);
6931 6932
6932 6933 if ((cur = handle->zone_dh_cur) == NULL)
6933 6934 return (Z_NO_ENTRY);
6934 6935
6935 6936 for (; cur != NULL; cur = cur->next)
6936 6937 if (xmlStrcmp(cur->name, DTD_ELEM_MCAP) == 0)
6937 6938 break;
6938 6939 if (cur == NULL) {
6939 6940 handle->zone_dh_cur = handle->zone_dh_top;
6940 6941 return (Z_NO_ENTRY);
6941 6942 }
6942 6943
6943 6944 if ((err = fetchprop(cur, DTD_ATTR_PHYSCAP, tabptr->zone_physmem_cap,
6944 6945 sizeof (tabptr->zone_physmem_cap))) != Z_OK) {
6945 6946 handle->zone_dh_cur = handle->zone_dh_top;
6946 6947 return (err);
6947 6948 }
6948 6949
6949 6950 handle->zone_dh_cur = cur->next;
6950 6951 return (Z_OK);
6951 6952 }
6952 6953
6953 6954 int
6954 6955 zonecfg_getmcapent(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
6955 6956 {
6956 6957 int err;
6957 6958
6958 6959 if ((err = zonecfg_setent(handle)) != Z_OK)
6959 6960 return (err);
6960 6961
6961 6962 err = getmcapent_core(handle, tabptr);
6962 6963
6963 6964 (void) zonecfg_endent(handle);
6964 6965
6965 6966 return (err);
6966 6967 }
6967 6968
6968 6969 /*
6969 6970 * Get the full tree of pkg metadata in a set of nested AVL trees.
6970 6971 * pkgs_avl is an AVL tree of pkgs.
6971 6972 *
6972 6973 * The zone xml data contains DTD_ELEM_PACKAGE elements.
6973 6974 */
6974 6975 int
6975 6976 zonecfg_getpkgdata(zone_dochandle_t handle, uu_avl_pool_t *pkg_pool,
6976 6977 uu_avl_t *pkgs_avl)
6977 6978 {
6978 6979 xmlNodePtr cur;
6979 6980 int res;
6980 6981 zone_pkg_entry_t *pkg;
6981 6982 char name[MAXNAMELEN];
6982 6983 char version[ZONE_PKG_VERSMAX];
6983 6984
6984 6985 if (handle == NULL)
6985 6986 return (Z_INVAL);
6986 6987
6987 6988 if ((res = zonecfg_setent(handle)) != Z_OK)
6988 6989 return (res);
6989 6990
6990 6991 if ((cur = handle->zone_dh_cur) == NULL) {
6991 6992 res = Z_NO_ENTRY;
6992 6993 goto done;
6993 6994 }
6994 6995
6995 6996 for (; cur != NULL; cur = cur->next) {
6996 6997 if (xmlStrcmp(cur->name, DTD_ELEM_PACKAGE) == 0) {
6997 6998 uu_avl_index_t where;
6998 6999
6999 7000 if ((res = fetchprop(cur, DTD_ATTR_NAME, name,
7000 7001 sizeof (name))) != Z_OK)
7001 7002 goto done;
7002 7003
7003 7004 if ((res = fetchprop(cur, DTD_ATTR_VERSION, version,
7004 7005 sizeof (version))) != Z_OK)
7005 7006 goto done;
7006 7007
7007 7008 if ((pkg = (zone_pkg_entry_t *)
7008 7009 malloc(sizeof (zone_pkg_entry_t))) == NULL) {
7009 7010 res = Z_NOMEM;
7010 7011 goto done;
7011 7012 }
7012 7013
7013 7014 if ((pkg->zpe_name = strdup(name)) == NULL) {
7014 7015 free(pkg);
7015 7016 res = Z_NOMEM;
7016 7017 goto done;
7017 7018 }
7018 7019
7019 7020 if ((pkg->zpe_vers = strdup(version)) == NULL) {
7020 7021 free(pkg->zpe_name);
7021 7022 free(pkg);
7022 7023 res = Z_NOMEM;
7023 7024 goto done;
7024 7025 }
7025 7026
7026 7027 uu_avl_node_init(pkg, &pkg->zpe_entry, pkg_pool);
7027 7028 if (uu_avl_find(pkgs_avl, pkg, NULL, &where) != NULL) {
7028 7029 free(pkg->zpe_name);
7029 7030 free(pkg->zpe_vers);
7030 7031 free(pkg);
7031 7032 } else {
7032 7033 uu_avl_insert(pkgs_avl, pkg, where);
7033 7034 }
7034 7035 }
7035 7036 }
7036 7037
7037 7038 done:
7038 7039 (void) zonecfg_endent(handle);
7039 7040 return (res);
7040 7041 }
7041 7042
7042 7043 int
7043 7044 zonecfg_setdevperment(zone_dochandle_t handle)
7044 7045 {
7045 7046 return (zonecfg_setent(handle));
7046 7047 }
7047 7048
7048 7049 int
7049 7050 zonecfg_getdevperment(zone_dochandle_t handle, struct zone_devpermtab *tabptr)
7050 7051 {
7051 7052 xmlNodePtr cur;
7052 7053 int err;
7053 7054 char buf[128];
7054 7055
7055 7056 tabptr->zone_devperm_acl = NULL;
7056 7057
7057 7058 if (handle == NULL)
7058 7059 return (Z_INVAL);
7059 7060
7060 7061 if ((cur = handle->zone_dh_cur) == NULL)
7061 7062 return (Z_NO_ENTRY);
7062 7063
7063 7064 for (; cur != NULL; cur = cur->next)
7064 7065 if (!xmlStrcmp(cur->name, DTD_ELEM_DEV_PERM))
7065 7066 break;
7066 7067 if (cur == NULL) {
7067 7068 handle->zone_dh_cur = handle->zone_dh_top;
7068 7069 return (Z_NO_ENTRY);
7069 7070 }
7070 7071
7071 7072 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_devperm_name,
7072 7073 sizeof (tabptr->zone_devperm_name))) != Z_OK) {
7073 7074 handle->zone_dh_cur = handle->zone_dh_top;
7074 7075 return (err);
7075 7076 }
7076 7077
7077 7078 if ((err = fetchprop(cur, DTD_ATTR_UID, buf, sizeof (buf))) != Z_OK) {
7078 7079 handle->zone_dh_cur = handle->zone_dh_top;
7079 7080 return (err);
7080 7081 }
7081 7082 tabptr->zone_devperm_uid = (uid_t)atol(buf);
7082 7083
7083 7084 if ((err = fetchprop(cur, DTD_ATTR_GID, buf, sizeof (buf))) != Z_OK) {
7084 7085 handle->zone_dh_cur = handle->zone_dh_top;
7085 7086 return (err);
7086 7087 }
7087 7088 tabptr->zone_devperm_gid = (gid_t)atol(buf);
7088 7089
7089 7090 if ((err = fetchprop(cur, DTD_ATTR_MODE, buf, sizeof (buf))) != Z_OK) {
7090 7091 handle->zone_dh_cur = handle->zone_dh_top;
7091 7092 return (err);
7092 7093 }
7093 7094 tabptr->zone_devperm_mode = (mode_t)strtol(buf, (char **)NULL, 8);
7094 7095
7095 7096 if ((err = fetch_alloc_prop(cur, DTD_ATTR_ACL,
7096 7097 &(tabptr->zone_devperm_acl))) != Z_OK) {
7097 7098 handle->zone_dh_cur = handle->zone_dh_top;
7098 7099 return (err);
7099 7100 }
7100 7101
7101 7102 handle->zone_dh_cur = cur->next;
7102 7103 return (Z_OK);
7103 7104 }
7104 7105
7105 7106 int
7106 7107 zonecfg_enddevperment(zone_dochandle_t handle)
7107 7108 {
7108 7109 return (zonecfg_endent(handle));
7109 7110 }
7110 7111
7111 7112 /* PRINTFLIKE1 */
7112 7113 static void
7113 7114 zerror(const char *zone_name, const char *fmt, ...)
7114 7115 {
7115 7116 va_list alist;
7116 7117
7117 7118 va_start(alist, fmt);
7118 7119 (void) fprintf(stderr, "zone '%s': ", zone_name);
7119 7120 (void) vfprintf(stderr, fmt, alist);
7120 7121 (void) fprintf(stderr, "\n");
7121 7122 va_end(alist);
7122 7123 }
7123 7124
7124 7125 static void
7125 7126 zperror(const char *str)
7126 7127 {
7127 7128 (void) fprintf(stderr, "%s: %s\n", str, strerror(errno));
7128 7129 }
7129 7130
7130 7131 /*
7131 7132 * The following three routines implement a simple locking mechanism to
7132 7133 * ensure that only one instance of zoneadm at a time is able to manipulate
7133 7134 * a given zone. The lock is built on top of an fcntl(2) lock of
7134 7135 * [<altroot>]/var/run/zones/<zonename>.zoneadm.lock. If a zoneadm instance
7135 7136 * can grab that lock, it is allowed to manipulate the zone.
7136 7137 *
7137 7138 * Since zoneadm may call external applications which in turn invoke
7138 7139 * zoneadm again, we introduce the notion of "lock inheritance". Any
7139 7140 * instance of zoneadm that has another instance in its ancestry is assumed
7140 7141 * to be acting on behalf of the original zoneadm, and is thus allowed to
7141 7142 * manipulate its zone.
7142 7143 *
7143 7144 * This inheritance is implemented via the _ZONEADM_LOCK_HELD environment
7144 7145 * variable. When zoneadm is granted a lock on its zone, this environment
7145 7146 * variable is set to 1. When it releases the lock, the variable is set to
7146 7147 * 0. Since a child process inherits its parent's environment, checking
7147 7148 * the state of this variable indicates whether or not any ancestor owns
7148 7149 * the lock.
7149 7150 */
7150 7151 void
7151 7152 zonecfg_init_lock_file(const char *zone_name, char **lock_env)
7152 7153 {
7153 7154 *lock_env = getenv(LOCK_ENV_VAR);
7154 7155 if (*lock_env == NULL) {
7155 7156 if (putenv(zoneadm_lock_not_held) != 0) {
7156 7157 zerror(zone_name, gettext("could not set env: %s"),
7157 7158 strerror(errno));
7158 7159 exit(1);
7159 7160 }
7160 7161 } else {
7161 7162 if (atoi(*lock_env) == 1)
7162 7163 zone_lock_cnt = 1;
7163 7164 }
7164 7165 }
7165 7166
7166 7167 void
7167 7168 zonecfg_release_lock_file(const char *zone_name, int lockfd)
7168 7169 {
7169 7170 /*
7170 7171 * If we are cleaning up from a failed attempt to lock the zone for
7171 7172 * the first time, we might have a zone_lock_cnt of 0. In that
7172 7173 * error case, we don't want to do anything but close the lock
7173 7174 * file.
7174 7175 */
7175 7176 assert(zone_lock_cnt >= 0);
7176 7177 if (zone_lock_cnt > 0) {
7177 7178 assert(getenv(LOCK_ENV_VAR) != NULL);
7178 7179 assert(atoi(getenv(LOCK_ENV_VAR)) == 1);
7179 7180 if (--zone_lock_cnt > 0) {
7180 7181 assert(lockfd == -1);
7181 7182 return;
7182 7183 }
7183 7184 if (putenv(zoneadm_lock_not_held) != 0) {
7184 7185 zerror(zone_name, gettext("could not set env: %s"),
7185 7186 strerror(errno));
7186 7187 exit(1);
7187 7188 }
7188 7189 }
7189 7190 assert(lockfd >= 0);
7190 7191 (void) close(lockfd);
7191 7192 }
7192 7193
7193 7194 int
7194 7195 zonecfg_grab_lock_file(const char *zone_name, int *lockfd)
7195 7196 {
7196 7197 char pathbuf[PATH_MAX];
7197 7198 struct flock flock;
7198 7199
7199 7200 /*
7200 7201 * If we already have the lock, we can skip this expensive song
7201 7202 * and dance.
7202 7203 */
7203 7204 assert(zone_lock_cnt >= 0);
7204 7205 assert(getenv(LOCK_ENV_VAR) != NULL);
7205 7206 if (zone_lock_cnt > 0) {
7206 7207 assert(atoi(getenv(LOCK_ENV_VAR)) == 1);
7207 7208 zone_lock_cnt++;
7208 7209 *lockfd = -1;
7209 7210 return (Z_OK);
7210 7211 }
7211 7212 assert(getenv(LOCK_ENV_VAR) != NULL);
7212 7213 assert(atoi(getenv(LOCK_ENV_VAR)) == 0);
7213 7214
7214 7215 if (snprintf(pathbuf, sizeof (pathbuf), "%s%s", zonecfg_get_root(),
7215 7216 ZONES_TMPDIR) >= sizeof (pathbuf)) {
7216 7217 zerror(zone_name, gettext("alternate root path is too long"));
7217 7218 return (-1);
7218 7219 }
7219 7220 if (mkdir(pathbuf, S_IRWXU) < 0 && errno != EEXIST) {
7220 7221 zerror(zone_name, gettext("could not mkdir %s: %s"), pathbuf,
7221 7222 strerror(errno));
7222 7223 return (-1);
7223 7224 }
7224 7225 (void) chmod(pathbuf, S_IRWXU);
7225 7226
7226 7227 /*
7227 7228 * One of these lock files is created for each zone (when needed).
7228 7229 * The lock files are not cleaned up (except on system reboot),
7229 7230 * but since there is only one per zone, there is no resource
7230 7231 * starvation issue.
7231 7232 */
7232 7233 if (snprintf(pathbuf, sizeof (pathbuf), "%s%s/%s.zoneadm.lock",
7233 7234 zonecfg_get_root(), ZONES_TMPDIR, zone_name) >= sizeof (pathbuf)) {
7234 7235 zerror(zone_name, gettext("alternate root path is too long"));
7235 7236 return (-1);
7236 7237 }
7237 7238 if ((*lockfd = open(pathbuf, O_RDWR|O_CREAT, S_IRUSR|S_IWUSR)) < 0) {
7238 7239 zerror(zone_name, gettext("could not open %s: %s"), pathbuf,
7239 7240 strerror(errno));
7240 7241 return (-1);
7241 7242 }
7242 7243 /*
7243 7244 * Lock the file to synchronize with other zoneadmds
7244 7245 */
7245 7246 flock.l_type = F_WRLCK;
7246 7247 flock.l_whence = SEEK_SET;
7247 7248 flock.l_start = (off_t)0;
7248 7249 flock.l_len = (off_t)0;
7249 7250 if ((fcntl(*lockfd, F_SETLKW, &flock) < 0) ||
7250 7251 (putenv(zoneadm_lock_held) != 0)) {
7251 7252 zerror(zone_name, gettext("unable to lock %s: %s"), pathbuf,
7252 7253 strerror(errno));
7253 7254 zonecfg_release_lock_file(zone_name, *lockfd);
7254 7255 return (-1);
7255 7256 }
7256 7257 zone_lock_cnt = 1;
7257 7258 return (Z_OK);
7258 7259 }
7259 7260
7260 7261 boolean_t
7261 7262 zonecfg_lock_file_held(int *lockfd)
7262 7263 {
7263 7264 if (*lockfd >= 0 || zone_lock_cnt > 0)
7264 7265 return (B_TRUE);
7265 7266 return (B_FALSE);
7266 7267 }
7267 7268
7268 7269 static boolean_t
7269 7270 get_doorname(const char *zone_name, char *buffer)
7270 7271 {
7271 7272 return (snprintf(buffer, PATH_MAX, "%s" ZONE_DOOR_PATH,
7272 7273 zonecfg_get_root(), zone_name) < PATH_MAX);
7273 7274 }
7274 7275
7275 7276 /*
7276 7277 * system daemons are not audited. For the global zone, this occurs
7277 7278 * "naturally" since init is started with the default audit
7278 7279 * characteristics. Since zoneadmd is a system daemon and it starts
7279 7280 * init for a zone, it is necessary to clear out the audit
7280 7281 * characteristics inherited from whomever started zoneadmd. This is
7281 7282 * indicated by the audit id, which is set from the ruid parameter of
7282 7283 * adt_set_user(), below.
7283 7284 */
7284 7285
7285 7286 static void
7286 7287 prepare_audit_context(const char *zone_name)
7287 7288 {
7288 7289 adt_session_data_t *ah;
7289 7290 char *failure = gettext("audit failure: %s");
7290 7291
7291 7292 if (adt_start_session(&ah, NULL, 0)) {
7292 7293 zerror(zone_name, failure, strerror(errno));
7293 7294 return;
7294 7295 }
7295 7296 if (adt_set_user(ah, ADT_NO_AUDIT, ADT_NO_AUDIT,
7296 7297 ADT_NO_AUDIT, ADT_NO_AUDIT, NULL, ADT_NEW)) {
7297 7298 zerror(zone_name, failure, strerror(errno));
7298 7299 (void) adt_end_session(ah);
7299 7300 return;
7300 7301 }
7301 7302 if (adt_set_proc(ah))
7302 7303 zerror(zone_name, failure, strerror(errno));
7303 7304
7304 7305 (void) adt_end_session(ah);
7305 7306 }
7306 7307
7307 7308 static int
7308 7309 start_zoneadmd(const char *zone_name, boolean_t lock)
7309 7310 {
7310 7311 char doorpath[PATH_MAX];
7311 7312 pid_t child_pid;
7312 7313 int error = -1;
7313 7314 int doorfd, lockfd;
7314 7315 struct door_info info;
7315 7316
7316 7317 if (!get_doorname(zone_name, doorpath))
7317 7318 return (-1);
7318 7319
7319 7320 if (lock)
7320 7321 if (zonecfg_grab_lock_file(zone_name, &lockfd) != Z_OK)
7321 7322 return (-1);
7322 7323
7323 7324 /*
7324 7325 * Now that we have the lock, re-confirm that the daemon is
7325 7326 * *not* up and working fine. If it is still down, we have a green
7326 7327 * light to start it.
7327 7328 */
7328 7329 if ((doorfd = open(doorpath, O_RDONLY)) < 0) {
7329 7330 if (errno != ENOENT) {
7330 7331 zperror(doorpath);
7331 7332 goto out;
7332 7333 }
7333 7334 } else {
7334 7335 if (door_info(doorfd, &info) == 0 &&
7335 7336 ((info.di_attributes & DOOR_REVOKED) == 0)) {
7336 7337 error = Z_OK;
7337 7338 (void) close(doorfd);
7338 7339 goto out;
7339 7340 }
7340 7341 (void) close(doorfd);
7341 7342 }
7342 7343
7343 7344 if ((child_pid = fork()) == -1) {
7344 7345 zperror(gettext("could not fork"));
7345 7346 goto out;
7346 7347 }
7347 7348
7348 7349 if (child_pid == 0) {
7349 7350 const char *argv[6], **ap;
7350 7351
7351 7352 /* child process */
7352 7353 prepare_audit_context(zone_name);
7353 7354
7354 7355 ap = argv;
7355 7356 *ap++ = "zoneadmd";
7356 7357 *ap++ = "-z";
7357 7358 *ap++ = zone_name;
7358 7359 if (zonecfg_in_alt_root()) {
7359 7360 *ap++ = "-R";
7360 7361 *ap++ = zonecfg_get_root();
7361 7362 }
7362 7363 *ap = NULL;
7363 7364
7364 7365 (void) execv("/usr/lib/zones/zoneadmd", (char * const *)argv);
7365 7366 /*
7366 7367 * TRANSLATION_NOTE
7367 7368 * zoneadmd is a literal that should not be translated.
7368 7369 */
7369 7370 zperror(gettext("could not exec zoneadmd"));
7370 7371 _exit(1);
7371 7372 } else {
7372 7373 /* parent process */
7373 7374 pid_t retval;
7374 7375 int pstatus = 0;
7375 7376
7376 7377 do {
7377 7378 retval = waitpid(child_pid, &pstatus, 0);
7378 7379 } while (retval != child_pid);
7379 7380 if (WIFSIGNALED(pstatus) || (WIFEXITED(pstatus) &&
7380 7381 WEXITSTATUS(pstatus) != 0)) {
7381 7382 zerror(zone_name, gettext("could not start %s"),
7382 7383 "zoneadmd");
7383 7384 goto out;
7384 7385 }
7385 7386 }
7386 7387 error = Z_OK;
7387 7388 out:
7388 7389 if (lock)
7389 7390 zonecfg_release_lock_file(zone_name, lockfd);
7390 7391 return (error);
7391 7392 }
7392 7393
7393 7394 int
7394 7395 zonecfg_ping_zoneadmd(const char *zone_name)
7395 7396 {
7396 7397 char doorpath[PATH_MAX];
7397 7398 int doorfd;
7398 7399 struct door_info info;
7399 7400
7400 7401 if (!get_doorname(zone_name, doorpath))
7401 7402 return (-1);
7402 7403
7403 7404 if ((doorfd = open(doorpath, O_RDONLY)) < 0) {
7404 7405 return (-1);
7405 7406 }
7406 7407 if (door_info(doorfd, &info) == 0 &&
7407 7408 ((info.di_attributes & DOOR_REVOKED) == 0)) {
7408 7409 (void) close(doorfd);
7409 7410 return (Z_OK);
7410 7411 }
7411 7412 (void) close(doorfd);
7412 7413 return (-1);
7413 7414 }
7414 7415
7415 7416 int
7416 7417 zonecfg_call_zoneadmd(const char *zone_name, zone_cmd_arg_t *arg, char *locale,
7417 7418 boolean_t lock)
7418 7419 {
7419 7420 char doorpath[PATH_MAX];
7420 7421 int doorfd, result;
7421 7422 door_arg_t darg;
7422 7423
7423 7424 zoneid_t zoneid;
7424 7425 uint64_t uniqid = 0;
7425 7426
7426 7427 zone_cmd_rval_t *rvalp;
7427 7428 size_t rlen;
7428 7429 char *cp, *errbuf;
7429 7430
7430 7431 rlen = getpagesize();
7431 7432 if ((rvalp = malloc(rlen)) == NULL) {
7432 7433 zerror(zone_name, gettext("failed to allocate %lu bytes: %s"),
7433 7434 rlen, strerror(errno));
7434 7435 return (-1);
7435 7436 }
7436 7437
7437 7438 if ((zoneid = getzoneidbyname(zone_name)) != ZONE_ID_UNDEFINED) {
7438 7439 (void) zone_getattr(zoneid, ZONE_ATTR_UNIQID, &uniqid,
7439 7440 sizeof (uniqid));
7440 7441 }
7441 7442 arg->uniqid = uniqid;
7442 7443 (void) strlcpy(arg->locale, locale, sizeof (arg->locale));
7443 7444 if (!get_doorname(zone_name, doorpath)) {
7444 7445 zerror(zone_name, gettext("alternate root path is too long"));
7445 7446 free(rvalp);
7446 7447 return (-1);
7447 7448 }
7448 7449
7449 7450 /*
7450 7451 * Loop trying to start zoneadmd; if something goes seriously
7451 7452 * wrong we break out and fail.
7452 7453 */
7453 7454 for (;;) {
7454 7455 if (start_zoneadmd(zone_name, lock) != Z_OK)
7455 7456 break;
7456 7457
7457 7458 if ((doorfd = open(doorpath, O_RDONLY)) < 0) {
7458 7459 zperror(gettext("failed to open zone door"));
7459 7460 break;
7460 7461 }
7461 7462
7462 7463 darg.data_ptr = (char *)arg;
7463 7464 darg.data_size = sizeof (*arg);
7464 7465 darg.desc_ptr = NULL;
7465 7466 darg.desc_num = 0;
7466 7467 darg.rbuf = (char *)rvalp;
7467 7468 darg.rsize = rlen;
7468 7469 if (door_call(doorfd, &darg) != 0) {
7469 7470 (void) close(doorfd);
7470 7471 /*
7471 7472 * We'll get EBADF if the door has been revoked.
7472 7473 */
7473 7474 if (errno != EBADF) {
7474 7475 zperror(gettext("door_call failed"));
7475 7476 break;
7476 7477 }
7477 7478 continue; /* take another lap */
7478 7479 }
7479 7480 (void) close(doorfd);
7480 7481
7481 7482 if (darg.data_size == 0) {
7482 7483 /* Door server is going away; kick it again. */
7483 7484 continue;
7484 7485 }
7485 7486
7486 7487 errbuf = rvalp->errbuf;
7487 7488 while (*errbuf != '\0') {
7488 7489 /*
7489 7490 * Remove any newlines since zerror()
7490 7491 * will append one automatically.
7491 7492 */
7492 7493 cp = strchr(errbuf, '\n');
7493 7494 if (cp != NULL)
7494 7495 *cp = '\0';
7495 7496 zerror(zone_name, "%s", errbuf);
7496 7497 if (cp == NULL)
7497 7498 break;
7498 7499 errbuf = cp + 1;
7499 7500 }
7500 7501 result = rvalp->rval == 0 ? 0 : -1;
7501 7502 free(rvalp);
7502 7503 return (result);
7503 7504 }
7504 7505
7505 7506 free(rvalp);
7506 7507 return (-1);
7507 7508 }
7508 7509
7509 7510 boolean_t
7510 7511 zonecfg_valid_auths(const char *auths, const char *zonename)
7511 7512 {
7512 7513 char *right;
7513 7514 char *tmpauths;
7514 7515 char *lasts;
7515 7516 char authname[MAXAUTHS];
7516 7517 boolean_t status = B_TRUE;
7517 7518
7518 7519 tmpauths = strdup(auths);
7519 7520 if (tmpauths == NULL) {
7520 7521 zerror(zonename, gettext("Out of memory"));
7521 7522 return (B_FALSE);
7522 7523 }
7523 7524 right = strtok_r(tmpauths, ",", &lasts);
7524 7525 while (right != NULL) {
7525 7526 (void) snprintf(authname, MAXAUTHS, "%s%s",
7526 7527 ZONE_AUTH_PREFIX, right);
7527 7528 if (getauthnam(authname) == NULL) {
7528 7529 status = B_FALSE;
7529 7530 zerror(zonename,
7530 7531 gettext("'%s' is not a valid authorization"),
7531 7532 right);
7532 7533 }
7533 7534 right = strtok_r(NULL, ",", &lasts);
7534 7535 }
7535 7536 free(tmpauths);
7536 7537 return (status);
7537 7538 }
7538 7539
7539 7540 int
7540 7541 zonecfg_delete_admins(zone_dochandle_t handle, char *zonename)
7541 7542 {
7542 7543 int err;
7543 7544 struct zone_admintab admintab;
7544 7545 boolean_t changed = B_FALSE;
7545 7546
7546 7547 if ((err = zonecfg_setadminent(handle)) != Z_OK) {
7547 7548 return (err);
7548 7549 }
7549 7550 while (zonecfg_getadminent(handle, &admintab) == Z_OK) {
7550 7551 err = zonecfg_delete_admin(handle, &admintab,
7551 7552 zonename);
7552 7553 if (err != Z_OK) {
7553 7554 (void) zonecfg_endadminent(handle);
7554 7555 return (err);
7555 7556 } else {
7556 7557 changed = B_TRUE;
7557 7558 }
7558 7559 if ((err = zonecfg_setadminent(handle)) != Z_OK) {
7559 7560 return (err);
7560 7561 }
7561 7562 }
7562 7563 (void) zonecfg_endadminent(handle);
7563 7564 return (changed? Z_OK:Z_NO_ENTRY);
7564 7565 }
7565 7566
7566 7567 /*
7567 7568 * Checks if a long authorization applies to this zone.
7568 7569 * If so, it returns true, after destructively stripping
7569 7570 * the authorization of its prefix and zone suffix.
7570 7571 */
7571 7572 static boolean_t
7572 7573 is_zone_auth(char **auth, char *zonename, char *oldzonename)
7573 7574 {
7574 7575 char *suffix;
7575 7576 size_t offset;
7576 7577
7577 7578 offset = strlen(ZONE_AUTH_PREFIX);
7578 7579 if ((strncmp(*auth, ZONE_AUTH_PREFIX, offset) == 0) &&
7579 7580 ((suffix = strchr(*auth, '/')) != NULL)) {
7580 7581 if (strcmp(suffix + 1, zonename) == 0) {
7581 7582 *auth += offset;
7582 7583 suffix[0] = '\0';
7583 7584 return (B_TRUE);
7584 7585 } else if ((oldzonename != NULL) &&
7585 7586 (strcmp(suffix + 1, oldzonename) == 0)) {
7586 7587 *auth += offset;
7587 7588 suffix[0] = '\0';
7588 7589 return (B_TRUE);
7589 7590 }
7590 7591 }
7591 7592 return (B_FALSE);
7592 7593 }
7593 7594
7594 7595 /*
7595 7596 * This function determines whether the zone-specific authorization
7596 7597 * assignments in /etc/user_attr have been changed more recently
7597 7598 * than the equivalent data stored in the zone's configuration file.
7598 7599 * This should only happen if the zone-specific authorizations in
7599 7600 * the user_attr file were modified using a tool other than zonecfg.
7600 7601 * If the configuration file is out-of-date with respect to these
7601 7602 * authorization assignments, it is updated to match those specified
7602 7603 * in /etc/user_attr.
7603 7604 */
7604 7605
7605 7606 int
7606 7607 zonecfg_update_userauths(zone_dochandle_t handle, char *zonename)
7607 7608 {
7608 7609 userattr_t *ua_ptr;
7609 7610 char *authlist;
7610 7611 char *lasts;
7611 7612 FILE *uaf;
7612 7613 struct zone_admintab admintab;
7613 7614 struct stat config_st, ua_st;
7614 7615 char config_file[MAXPATHLEN];
7615 7616 boolean_t changed = B_FALSE;
7616 7617 int err;
7617 7618
7618 7619 if ((uaf = fopen(USERATTR_FILENAME, "r")) == NULL) {
7619 7620 zerror(zonename, gettext("could not open file %s: %s"),
7620 7621 USERATTR_FILENAME, strerror(errno));
7621 7622 if (errno == EACCES)
7622 7623 return (Z_ACCES);
7623 7624 if (errno == ENOENT)
7624 7625 return (Z_NO_ZONE);
7625 7626 return (Z_MISC_FS);
7626 7627 }
7627 7628 if ((err = fstat(fileno(uaf), &ua_st)) != 0) {
7628 7629 zerror(zonename, gettext("could not stat file %s: %s"),
7629 7630 USERATTR_FILENAME, strerror(errno));
7630 7631 (void) fclose(uaf);
7631 7632 return (Z_MISC_FS);
7632 7633 }
7633 7634 if (!config_file_path(zonename, config_file)) {
7634 7635 (void) fclose(uaf);
7635 7636 return (Z_MISC_FS);
7636 7637 }
7637 7638
7638 7639 if ((err = stat(config_file, &config_st)) != 0) {
7639 7640 zerror(zonename, gettext("could not stat file %s: %s"),
7640 7641 config_file, strerror(errno));
7641 7642 (void) fclose(uaf);
7642 7643 return (Z_MISC_FS);
7643 7644 }
7644 7645 if (config_st.st_mtime >= ua_st.st_mtime) {
7645 7646 (void) fclose(uaf);
7646 7647 return (Z_NO_ENTRY);
7647 7648 }
7648 7649 if ((err = zonecfg_delete_admins(handle, zonename)) == Z_OK) {
7649 7650 changed = B_TRUE;
7650 7651 } else if (err != Z_NO_ENTRY) {
7651 7652 (void) fclose(uaf);
7652 7653 return (err);
7653 7654 }
7654 7655 while ((ua_ptr = fgetuserattr(uaf)) != NULL) {
7655 7656 if (ua_ptr->name[0] == '#') {
7656 7657 continue;
7657 7658 }
7658 7659 authlist = kva_match(ua_ptr->attr, USERATTR_AUTHS_KW);
7659 7660 if (authlist != NULL) {
7660 7661 char *cur_auth;
7661 7662 boolean_t first;
7662 7663
7663 7664 first = B_TRUE;
7664 7665 bzero(&admintab.zone_admin_auths, MAXAUTHS);
7665 7666 cur_auth = strtok_r(authlist, ",", &lasts);
7666 7667 while (cur_auth != NULL) {
7667 7668 if (is_zone_auth(&cur_auth, zonename,
7668 7669 NULL)) {
7669 7670 /*
7670 7671 * Add auths for this zone
7671 7672 */
7672 7673 if (first) {
7673 7674 first = B_FALSE;
7674 7675 } else {
7675 7676 (void) strlcat(
7676 7677 admintab.zone_admin_auths,
7677 7678 ",", MAXAUTHS);
7678 7679 }
7679 7680 (void) strlcat(
7680 7681 admintab.zone_admin_auths,
7681 7682 cur_auth, MAXAUTHS);
7682 7683 }
7683 7684 cur_auth = strtok_r(NULL, ",", &lasts);
7684 7685 }
7685 7686 if (!first) {
7686 7687 /*
7687 7688 * Add this right to config file
7688 7689 */
7689 7690 (void) strlcpy(admintab.zone_admin_user,
7690 7691 ua_ptr->name,
7691 7692 sizeof (admintab.zone_admin_user));
7692 7693 err = zonecfg_add_admin(handle,
7693 7694 &admintab, zonename);
7694 7695 if (err != Z_OK) {
7695 7696 (void) fclose(uaf);
7696 7697 return (err);
7697 7698 } else {
7698 7699 changed = B_TRUE;
7699 7700 }
7700 7701 }
7701 7702 }
7702 7703 } /* end-of-while-loop */
7703 7704 (void) fclose(uaf);
7704 7705 return (changed? Z_OK: Z_NO_ENTRY);
7705 7706 }
7706 7707
7707 7708 static void
7708 7709 update_profiles(char *rbac_profs, boolean_t add)
7709 7710 {
7710 7711 char new_profs[MAXPROFS];
7711 7712 char *cur_prof;
7712 7713 boolean_t first = B_TRUE;
7713 7714 boolean_t found = B_FALSE;
7714 7715 char *lasts;
7715 7716
7716 7717 cur_prof = strtok_r(rbac_profs, ",", &lasts);
7717 7718 while (cur_prof != NULL) {
7718 7719 if (strcmp(cur_prof, ZONE_MGMT_PROF) == 0) {
7719 7720 found = B_TRUE;
7720 7721 if (!add) {
7721 7722 cur_prof = strtok_r(NULL, ",", &lasts);
7722 7723 continue;
7723 7724 }
7724 7725 }
7725 7726 if (first) {
7726 7727 first = B_FALSE;
7727 7728 } else {
7728 7729 (void) strlcat(new_profs, ",",
7729 7730 MAXPROFS);
7730 7731 }
7731 7732 (void) strlcat(new_profs, cur_prof,
7732 7733 MAXPROFS);
7733 7734 cur_prof = strtok_r(NULL, ",", &lasts);
7734 7735 }
7735 7736 /*
7736 7737 * Now prepend the Zone Management profile at the beginning
7737 7738 * of the list if it is needed, and append the rest.
7738 7739 * Return the updated list in the original buffer.
7739 7740 */
7740 7741 if (add && !found) {
7741 7742 first = B_FALSE;
7742 7743 (void) strlcpy(rbac_profs, ZONE_MGMT_PROF, MAXPROFS);
7743 7744 } else {
7744 7745 first = B_TRUE;
7745 7746 rbac_profs[0] = '\0';
7746 7747 }
7747 7748 if (strlen(new_profs) > 0) {
7748 7749 if (!first)
7749 7750 (void) strlcat(rbac_profs, ",", MAXPROFS);
7750 7751 (void) strlcat(rbac_profs, new_profs, MAXPROFS);
7751 7752 }
7752 7753 }
7753 7754
7754 7755 #define MAX_CMD_LEN 1024
7755 7756
7756 7757 static int
7757 7758 do_subproc(char *zonename, char *cmdbuf)
7758 7759 {
7759 7760 char inbuf[MAX_CMD_LEN];
7760 7761 FILE *file;
7761 7762 int status;
7762 7763
7763 7764 file = popen(cmdbuf, "r");
7764 7765 if (file == NULL) {
7765 7766 zerror(zonename, gettext("Could not launch: %s"), cmdbuf);
7766 7767 return (-1);
7767 7768 }
7768 7769
7769 7770 while (fgets(inbuf, sizeof (inbuf), file) != NULL)
7770 7771 (void) fprintf(stderr, "%s", inbuf);
7771 7772 status = pclose(file);
7772 7773
7773 7774 if (WIFSIGNALED(status)) {
7774 7775 zerror(zonename, gettext("%s unexpectedly terminated "
7775 7776 "due to signal %d"),
7776 7777 cmdbuf, WTERMSIG(status));
7777 7778 return (-1);
7778 7779 }
7779 7780 assert(WIFEXITED(status));
7780 7781 return (WEXITSTATUS(status));
7781 7782 }
7782 7783
7783 7784 /*
7784 7785 * This function updates the local /etc/user_attr file to
7785 7786 * correspond to the admin settings that are currently being
7786 7787 * committed. The updates are done via usermod and/or rolemod
7787 7788 * depending on the type of the specified user. It is also
7788 7789 * invoked to remove entries from user_attr corresponding to
7789 7790 * removed admin assignments, using an empty auths string.
7790 7791 *
7791 7792 * Because the removed entries are no longer included in the
7792 7793 * cofiguration that is being committed, a linked list of
7793 7794 * removed admin entries is maintained to keep track of such
7794 7795 * transactions. The head of the list is stored in the zone_dh_userauths
7795 7796 * element of the handle strcture.
7796 7797 */
7797 7798 static int
7798 7799 zonecfg_authorize_user_impl(zone_dochandle_t handle, char *user,
7799 7800 char *auths, char *zonename)
7800 7801 {
7801 7802 char *right;
7802 7803 char old_auths[MAXAUTHS];
7803 7804 char new_auths[MAXAUTHS];
7804 7805 char rbac_profs[MAXPROFS];
7805 7806 char *lasts;
7806 7807 userattr_t *u;
7807 7808 boolean_t first = B_TRUE;
7808 7809 boolean_t is_zone_admin = B_FALSE;
7809 7810 char user_cmd[] = "/usr/sbin/usermod";
7810 7811 char role_cmd[] = "/usr/sbin/rolemod";
7811 7812 char *auths_cmd = user_cmd; /* either usermod or rolemod */
7812 7813 char *new_auth_start; /* string containing the new auths */
7813 7814 int new_auth_cnt = 0; /* delta of changed authorizations */
7814 7815
7815 7816 /*
7816 7817 * First get the existing authorizations for this user
7817 7818 */
7818 7819
7819 7820 bzero(&old_auths, sizeof (old_auths));
7820 7821 bzero(&new_auths, sizeof (new_auths));
7821 7822 bzero(&rbac_profs, sizeof (rbac_profs));
7822 7823 if ((u = getusernam(user)) != NULL) {
7823 7824 char *current_auths;
7824 7825 char *current_profs;
7825 7826 char *type;
7826 7827
7827 7828 type = kva_match(u->attr, USERATTR_TYPE_KW);
7828 7829 if (type != NULL) {
7829 7830 if (strcmp(type, USERATTR_TYPE_NONADMIN_KW) == 0)
7830 7831 auths_cmd = role_cmd;
7831 7832 }
7832 7833
7833 7834 current_auths = kva_match(u->attr, USERATTR_AUTHS_KW);
7834 7835 if (current_auths != NULL) {
7835 7836 char *cur_auth;
7836 7837 char *delete_name;
7837 7838 size_t offset;
7838 7839
7839 7840 offset = strlen(ZONE_AUTH_PREFIX);
7840 7841
7841 7842 (void) strlcpy(old_auths, current_auths, MAXAUTHS);
7842 7843 cur_auth = strtok_r(current_auths, ",", &lasts);
7843 7844
7844 7845 /*
7845 7846 * Next, remove any existing authorizations
7846 7847 * for this zone, and determine if the
7847 7848 * user still needs the Zone Management Profile.
7848 7849 */
7849 7850 if (is_renaming(handle))
7850 7851 delete_name = handle->zone_dh_delete_name;
7851 7852 else
7852 7853 delete_name = NULL;
7853 7854 while (cur_auth != NULL) {
7854 7855 if (!is_zone_auth(&cur_auth, zonename,
7855 7856 delete_name)) {
7856 7857 if (first) {
7857 7858 first = B_FALSE;
7858 7859 } else {
7859 7860 (void) strlcat(new_auths, ",",
7860 7861 MAXAUTHS);
7861 7862 }
7862 7863 (void) strlcat(new_auths, cur_auth,
7863 7864 MAXAUTHS);
7864 7865 /*
7865 7866 * If the user has authorizations
7866 7867 * for other zones, then set a
7867 7868 * flag indicate that the Zone
7868 7869 * Management profile should be
7869 7870 * preserved in user_attr.
7870 7871 */
7871 7872 if (strncmp(cur_auth,
7872 7873 ZONE_AUTH_PREFIX, offset) == 0)
7873 7874 is_zone_admin = B_TRUE;
7874 7875 } else {
7875 7876 new_auth_cnt++;
7876 7877 }
7877 7878 cur_auth = strtok_r(NULL, ",", &lasts);
7878 7879 }
7879 7880 }
7880 7881 current_profs = kva_match(u->attr, USERATTR_PROFILES_KW);
7881 7882 if (current_profs != NULL) {
7882 7883 (void) strlcpy(rbac_profs, current_profs, MAXPROFS);
7883 7884 }
7884 7885 free_userattr(u);
7885 7886 }
7886 7887 /*
7887 7888 * The following is done to avoid revisiting the
7888 7889 * user_attr entry for this user
7889 7890 */
7890 7891 (void) zonecfg_remove_userauths(handle, user, "", B_FALSE);
7891 7892
7892 7893 /*
7893 7894 * Convert each right into a properly formatted authorization
7894 7895 */
7895 7896 new_auth_start = new_auths + strlen(new_auths);
7896 7897 if (!first)
7897 7898 new_auth_start++;
7898 7899 right = strtok_r(auths, ",", &lasts);
7899 7900 while (right != NULL) {
7900 7901 char auth[MAXAUTHS];
7901 7902
7902 7903 (void) snprintf(auth, MAXAUTHS, "%s%s/%s",
7903 7904 ZONE_AUTH_PREFIX, right, zonename);
7904 7905 if (first) {
7905 7906 first = B_FALSE;
7906 7907 } else {
7907 7908 (void) strlcat(new_auths, ",", MAXAUTHS);
7908 7909 }
7909 7910 (void) strlcat(new_auths, auth, MAXAUTHS);
7910 7911 is_zone_admin = B_TRUE;
7911 7912 new_auth_cnt--;
7912 7913 right = strtok_r(NULL, ",", &lasts);
7913 7914 }
7914 7915
7915 7916 /*
7916 7917 * Need to update the authorizations in user_attr unless
7917 7918 * the number of old and new authorizations is unchanged
7918 7919 * and the new auths are a substrings of the old auths.
7919 7920 *
7920 7921 * If the user's previous authorizations have changed
7921 7922 * execute the usermod progam to update them in user_attr.
7922 7923 */
7923 7924 if ((new_auth_cnt != 0) ||
7924 7925 (strstr(old_auths, new_auth_start) == NULL)) {
7925 7926 char *cmdbuf;
7926 7927 size_t cmd_len;
7927 7928
7928 7929 update_profiles(rbac_profs, is_zone_admin);
7929 7930 cmd_len = snprintf(NULL, 0, "%s -A \"%s\" -P \"%s\" %s",
7930 7931 auths_cmd, new_auths, rbac_profs, user) + 1;
7931 7932 if ((cmdbuf = malloc(cmd_len)) == NULL) {
7932 7933 return (Z_NOMEM);
7933 7934 }
7934 7935 (void) snprintf(cmdbuf, cmd_len, "%s -A \"%s\" -P \"%s\" %s",
7935 7936 auths_cmd, new_auths, rbac_profs, user);
7936 7937 if (do_subproc(zonename, cmdbuf) != 0) {
7937 7938 free(cmdbuf);
7938 7939 return (Z_SYSTEM);
7939 7940 }
7940 7941 free(cmdbuf);
7941 7942 }
7942 7943
7943 7944 return (Z_OK);
7944 7945 }
7945 7946
7946 7947 int
7947 7948 zonecfg_authorize_users(zone_dochandle_t handle, char *zonename)
7948 7949 {
7949 7950 xmlNodePtr cur;
7950 7951 int err;
7951 7952 char user[MAXUSERNAME];
7952 7953 char auths[MAXAUTHS];
7953 7954
7954 7955 if ((err = operation_prep(handle)) != Z_OK)
7955 7956 return (err);
7956 7957
7957 7958 cur = handle->zone_dh_cur;
7958 7959 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
7959 7960 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
7960 7961 continue;
7961 7962 if (fetchprop(cur, DTD_ATTR_USER, user,
7962 7963 sizeof (user)) != Z_OK)
7963 7964 continue;
7964 7965 if (fetchprop(cur, DTD_ATTR_AUTHS, auths,
7965 7966 sizeof (auths)) != Z_OK)
7966 7967 continue;
7967 7968 if (zonecfg_authorize_user_impl(handle, user, auths, zonename)
7968 7969 != Z_OK)
7969 7970 return (Z_SYSTEM);
7970 7971 }
7971 7972 (void) zonecfg_remove_userauths(handle, "", "", B_TRUE);
7972 7973
7973 7974 return (Z_OK);
7974 7975 }
7975 7976
7976 7977 int
7977 7978 zonecfg_deauthorize_user(zone_dochandle_t handle, char *user, char *zonename)
7978 7979 {
7979 7980 return (zonecfg_authorize_user_impl(handle, user, "", zonename));
7980 7981 }
7981 7982
7982 7983 int
7983 7984 zonecfg_deauthorize_users(zone_dochandle_t handle, char *zonename)
7984 7985 {
7985 7986 xmlNodePtr cur;
7986 7987 int err;
7987 7988 char user[MAXUSERNAME];
7988 7989
7989 7990 if ((err = operation_prep(handle)) != Z_OK)
7990 7991 return (err);
7991 7992
7992 7993 cur = handle->zone_dh_cur;
7993 7994 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
7994 7995 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
7995 7996 continue;
7996 7997 if (fetchprop(cur, DTD_ATTR_USER, user,
7997 7998 sizeof (user)) != Z_OK)
7998 7999 continue;
7999 8000 if ((err = zonecfg_deauthorize_user(handle, user,
8000 8001 zonename)) != Z_OK)
8001 8002 return (err);
8002 8003 }
8003 8004 return (Z_OK);
8004 8005 }
8005 8006
8006 8007 int
8007 8008 zonecfg_insert_userauths(zone_dochandle_t handle, char *user, char *zonename)
8008 8009 {
8009 8010 zone_userauths_t *new, **prev, *next;
8010 8011
8011 8012 prev = &handle->zone_dh_userauths;
8012 8013 next = *prev;
8013 8014 while (next) {
8014 8015 if ((strncmp(next->user, user, MAXUSERNAME) == 0) &&
8015 8016 (strncmp(next->zonename, zonename,
8016 8017 ZONENAME_MAX) == 0)) {
8017 8018 /*
8018 8019 * user is already in list
8019 8020 * which isn't supposed to happen!
8020 8021 */
8021 8022 return (Z_OK);
8022 8023 }
8023 8024 prev = &next->next;
8024 8025 next = *prev;
8025 8026 }
8026 8027 new = (zone_userauths_t *)malloc(sizeof (zone_userauths_t));
8027 8028 if (new == NULL)
8028 8029 return (Z_NOMEM);
8029 8030
8030 8031 (void) strlcpy(new->user, user, sizeof (new->user));
8031 8032 (void) strlcpy(new->zonename, zonename, sizeof (new->zonename));
8032 8033 new->next = NULL;
8033 8034 *prev = new;
8034 8035 return (Z_OK);
8035 8036 }
8036 8037
8037 8038 int
8038 8039 zonecfg_remove_userauths(zone_dochandle_t handle, char *user, char *zonename,
8039 8040 boolean_t deauthorize)
8040 8041 {
8041 8042 zone_userauths_t *new, **prev, *next;
8042 8043
8043 8044 prev = &handle->zone_dh_userauths;
8044 8045 next = *prev;
8045 8046
8046 8047 while (next) {
8047 8048 if ((strlen(user) == 0 ||
8048 8049 strncmp(next->user, user, MAXUSERNAME) == 0) &&
8049 8050 (strlen(zonename) == 0 ||
8050 8051 (strncmp(next->zonename, zonename, ZONENAME_MAX) == 0))) {
8051 8052 new = next;
8052 8053 *prev = next->next;
8053 8054 next = *prev;
8054 8055 if (deauthorize)
8055 8056 (void) zonecfg_deauthorize_user(handle,
8056 8057 new->user, new->zonename);
8057 8058 free(new);
8058 8059 continue;
8059 8060 }
8060 8061 prev = &next->next;
8061 8062 next = *prev;
8062 8063 }
8063 8064 return (Z_OK);
8064 8065 }
↓ open down ↓ |
5796 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX