Print this page
/etc/zones/did.txt should be alternate-root aware
OS-192 zone_create() warning on headnode
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/libzonecfg/common/libzonecfg.c
+++ new/usr/src/lib/libzonecfg/common/libzonecfg.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2014 Gary Mills
24 24 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
25 25 * Copyright (c) 2018, Joyent, Inc.
26 26 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
27 27 */
28 28
29 29 #include <libsysevent.h>
30 30 #include <pthread.h>
31 31 #include <stdlib.h>
32 32 #include <errno.h>
33 33 #include <fnmatch.h>
34 34 #include <strings.h>
35 35 #include <unistd.h>
36 36 #include <assert.h>
37 37 #include <libgen.h>
38 38 #include <libintl.h>
39 39 #include <alloca.h>
40 40 #include <ctype.h>
41 41 #include <sys/acl.h>
42 42 #include <sys/stat.h>
43 43 #include <sys/brand.h>
44 44 #include <sys/mntio.h>
45 45 #include <sys/mnttab.h>
46 46 #include <sys/nvpair.h>
47 47 #include <sys/types.h>
48 48 #include <sys/sockio.h>
49 49 #include <sys/systeminfo.h>
50 50 #include <ftw.h>
51 51 #include <pool.h>
52 52 #include <libscf.h>
53 53 #include <libproc.h>
54 54 #include <sys/priocntl.h>
55 55 #include <libuutil.h>
56 56 #include <wait.h>
57 57 #include <bsm/adt.h>
58 58 #include <auth_attr.h>
59 59 #include <auth_list.h>
60 60 #include <secdb.h>
61 61 #include <user_attr.h>
62 62 #include <prof_attr.h>
63 63
64 64 #include <arpa/inet.h>
65 65 #include <netdb.h>
66 66
67 67 #include <libxml/xmlmemory.h>
68 68 #include <libxml/parser.h>
69 69
70 70 #include <libdevinfo.h>
71 71 #include <uuid/uuid.h>
72 72 #include <dirent.h>
|
↓ open down ↓ |
72 lines elided |
↑ open up ↑ |
73 73 #include <libbrand.h>
74 74
75 75 #include <libzonecfg.h>
76 76 #include "zonecfg_impl.h"
77 77
78 78 #define _PATH_TMPFILE "/zonecfg.XXXXXX"
79 79 #define ZONE_CB_RETRY_COUNT 10
80 80 #define ZONE_EVENT_PING_SUBCLASS "ping"
81 81 #define ZONE_EVENT_PING_PUBLISHER "solaris"
82 82
83 +#define DEBUGID_FILE "/etc/zones/did.txt"
84 +
83 85 /* Hard-code the DTD element/attribute/entity names just once, here. */
84 86 #define DTD_ELEM_ATTR (const xmlChar *) "attr"
85 87 #define DTD_ELEM_COMMENT (const xmlChar *) "comment"
86 88 #define DTD_ELEM_DEVICE (const xmlChar *) "device"
87 89 #define DTD_ELEM_FS (const xmlChar *) "filesystem"
88 90 #define DTD_ELEM_FSOPTION (const xmlChar *) "fsoption"
89 91 #define DTD_ELEM_NET (const xmlChar *) "network"
90 92 #define DTD_ELEM_RCTL (const xmlChar *) "rctl"
91 93 #define DTD_ELEM_RCTLVALUE (const xmlChar *) "rctl-value"
92 94 #define DTD_ELEM_ZONE (const xmlChar *) "zone"
93 95 #define DTD_ELEM_DATASET (const xmlChar *) "dataset"
94 96 #define DTD_ELEM_TMPPOOL (const xmlChar *) "tmp_pool"
95 97 #define DTD_ELEM_PSET (const xmlChar *) "pset"
96 98 #define DTD_ELEM_MCAP (const xmlChar *) "mcap"
97 99 #define DTD_ELEM_PACKAGE (const xmlChar *) "package"
98 100 #define DTD_ELEM_OBSOLETES (const xmlChar *) "obsoletes"
99 101 #define DTD_ELEM_DEV_PERM (const xmlChar *) "dev-perm"
100 102 #define DTD_ELEM_ADMIN (const xmlChar *) "admin"
101 103 #define DTD_ELEM_SECFLAGS (const xmlChar *) "security-flags"
102 104
103 105 #define DTD_ATTR_ACTION (const xmlChar *) "action"
104 106 #define DTD_ATTR_ADDRESS (const xmlChar *) "address"
105 107 #define DTD_ATTR_ALLOWED_ADDRESS (const xmlChar *) "allowed-address"
106 108 #define DTD_ATTR_AUTOBOOT (const xmlChar *) "autoboot"
107 109 #define DTD_ATTR_IPTYPE (const xmlChar *) "ip-type"
108 110 #define DTD_ATTR_DEFROUTER (const xmlChar *) "defrouter"
109 111 #define DTD_ATTR_DIR (const xmlChar *) "directory"
110 112 #define DTD_ATTR_LIMIT (const xmlChar *) "limit"
111 113 #define DTD_ATTR_LIMITPRIV (const xmlChar *) "limitpriv"
112 114 #define DTD_ATTR_BOOTARGS (const xmlChar *) "bootargs"
113 115 #define DTD_ATTR_SCHED (const xmlChar *) "scheduling-class"
114 116 #define DTD_ATTR_MATCH (const xmlChar *) "match"
115 117 #define DTD_ATTR_NAME (const xmlChar *) "name"
116 118 #define DTD_ATTR_PHYSICAL (const xmlChar *) "physical"
117 119 #define DTD_ATTR_POOL (const xmlChar *) "pool"
118 120 #define DTD_ATTR_PRIV (const xmlChar *) "priv"
119 121 #define DTD_ATTR_RAW (const xmlChar *) "raw"
120 122 #define DTD_ATTR_SPECIAL (const xmlChar *) "special"
121 123 #define DTD_ATTR_TYPE (const xmlChar *) "type"
122 124 #define DTD_ATTR_VALUE (const xmlChar *) "value"
123 125 #define DTD_ATTR_ZONEPATH (const xmlChar *) "zonepath"
124 126 #define DTD_ATTR_NCPU_MIN (const xmlChar *) "ncpu_min"
|
↓ open down ↓ |
32 lines elided |
↑ open up ↑ |
125 127 #define DTD_ATTR_NCPU_MAX (const xmlChar *) "ncpu_max"
126 128 #define DTD_ATTR_IMPORTANCE (const xmlChar *) "importance"
127 129 #define DTD_ATTR_PHYSCAP (const xmlChar *) "physcap"
128 130 #define DTD_ATTR_VERSION (const xmlChar *) "version"
129 131 #define DTD_ATTR_ID (const xmlChar *) "id"
130 132 #define DTD_ATTR_UID (const xmlChar *) "uid"
131 133 #define DTD_ATTR_GID (const xmlChar *) "gid"
132 134 #define DTD_ATTR_MODE (const xmlChar *) "mode"
133 135 #define DTD_ATTR_ACL (const xmlChar *) "acl"
134 136 #define DTD_ATTR_BRAND (const xmlChar *) "brand"
137 +#define DTD_ATTR_DID (const xmlChar *) "debugid"
135 138 #define DTD_ATTR_HOSTID (const xmlChar *) "hostid"
136 139 #define DTD_ATTR_USER (const xmlChar *) "user"
137 140 #define DTD_ATTR_AUTHS (const xmlChar *) "auths"
138 141 #define DTD_ATTR_FS_ALLOWED (const xmlChar *) "fs-allowed"
139 142 #define DTD_ATTR_DEFAULT (const xmlChar *) "default"
140 143 #define DTD_ATTR_LOWER (const xmlChar *) "lower"
141 144 #define DTD_ATTR_UPPER (const xmlChar *) "upper"
142 145
143 146
144 147 #define DTD_ENTITY_BOOLEAN "boolean"
145 148 #define DTD_ENTITY_DEVPATH "devpath"
146 149 #define DTD_ENTITY_DRIVER "driver"
147 150 #define DTD_ENTITY_DRVMIN "drv_min"
148 151 #define DTD_ENTITY_FALSE "false"
149 152 #define DTD_ENTITY_INT "int"
150 153 #define DTD_ENTITY_STRING "string"
151 154 #define DTD_ENTITY_TRUE "true"
152 155 #define DTD_ENTITY_UINT "uint"
153 156
154 157 #define DTD_ENTITY_BOOL_LEN 6 /* "false" */
155 158
156 159 #define ATTACH_FORCED "SUNWattached.xml"
157 160
158 161 #define TMP_POOL_NAME "SUNWtmp_%s"
159 162 #define MAX_TMP_POOL_NAME (ZONENAME_MAX + 9)
160 163 #define RCAP_SERVICE "system/rcap:default"
161 164 #define POOLD_SERVICE "system/pools/dynamic:default"
162 165
163 166 /*
164 167 * rctl alias definitions
165 168 *
166 169 * This holds the alias, the full rctl name, the default priv value, action
167 170 * and lower limit. The functions that handle rctl aliases step through
168 171 * this table, matching on the alias, and using the full values for setting
169 172 * the rctl entry as well the limit for validation.
170 173 */
171 174 static struct alias {
172 175 char *shortname;
173 176 char *realname;
174 177 char *priv;
175 178 char *action;
176 179 uint64_t low_limit;
177 180 } aliases[] = {
178 181 {ALIAS_MAXLWPS, "zone.max-lwps", "privileged", "deny", 100},
179 182 {ALIAS_MAXSHMMEM, "zone.max-shm-memory", "privileged", "deny", 0},
180 183 {ALIAS_MAXSHMIDS, "zone.max-shm-ids", "privileged", "deny", 0},
181 184 {ALIAS_MAXMSGIDS, "zone.max-msg-ids", "privileged", "deny", 0},
182 185 {ALIAS_MAXSEMIDS, "zone.max-sem-ids", "privileged", "deny", 0},
183 186 {ALIAS_MAXLOCKEDMEM, "zone.max-locked-memory", "privileged", "deny", 0},
184 187 {ALIAS_MAXSWAP, "zone.max-swap", "privileged", "deny", 0},
185 188 {ALIAS_SHARES, "zone.cpu-shares", "privileged", "none", 0},
186 189 {ALIAS_CPUCAP, "zone.cpu-cap", "privileged", "deny", 0},
187 190 {ALIAS_MAXPROCS, "zone.max-processes", "privileged", "deny", 100},
188 191 {NULL, NULL, NULL, NULL, 0}
189 192 };
190 193
191 194 /*
192 195 * Structure for applying rctls to a running zone. It allows important
193 196 * process values to be passed together easily.
194 197 */
195 198 typedef struct pr_info_handle {
196 199 struct ps_prochandle *pr;
197 200 pid_t pid;
198 201 } pr_info_handle_t;
199 202
200 203 struct zone_dochandle {
201 204 char *zone_dh_rootdir;
202 205 xmlDocPtr zone_dh_doc;
203 206 xmlNodePtr zone_dh_cur;
204 207 xmlNodePtr zone_dh_top;
205 208 boolean_t zone_dh_newzone;
206 209 boolean_t zone_dh_snapshot;
207 210 boolean_t zone_dh_sw_inv;
208 211 zone_userauths_t *zone_dh_userauths;
209 212 char zone_dh_delete_name[ZONENAME_MAX];
210 213 };
211 214
212 215 struct znotify {
213 216 void * zn_private;
214 217 evchan_t *zn_eventchan;
215 218 int (*zn_callback)(const char *zonename, zoneid_t zid,
216 219 const char *newstate, const char *oldstate, hrtime_t when, void *p);
217 220 pthread_mutex_t zn_mutex;
218 221 pthread_cond_t zn_cond;
219 222 pthread_mutex_t zn_bigmutex;
220 223 volatile enum {ZN_UNLOCKED, ZN_LOCKED, ZN_PING_INFLIGHT,
221 224 ZN_PING_RECEIVED} zn_state;
222 225 char zn_subscriber_id[MAX_SUBID_LEN];
223 226 volatile boolean_t zn_failed;
224 227 int zn_failure_count;
225 228 };
226 229
227 230 /* used to track nested zone-lock operations */
228 231 static int zone_lock_cnt = 0;
229 232
230 233 /* used to communicate lock status to children */
231 234 #define LOCK_ENV_VAR "_ZONEADM_LOCK_HELD"
232 235 static char zoneadm_lock_held[] = LOCK_ENV_VAR"=1";
233 236 static char zoneadm_lock_not_held[] = LOCK_ENV_VAR"=0";
234 237
235 238 char *zonecfg_root = "";
236 239
237 240 /*
238 241 * For functions which return int, which is most of the functions herein,
239 242 * the return values should be from the Z_foo set defined in <libzonecfg.h>.
240 243 * In some instances, we take pains mapping some libc errno values to Z_foo
241 244 * values from this set.
242 245 */
243 246
244 247 /*
245 248 * Set the root (/) path for all zonecfg configuration files. This is a
246 249 * private interface used by Live Upgrade extensions to access zone
247 250 * configuration inside mounted alternate boot environments.
248 251 * This interface is also used by zoneadm mount and unmount subcommands.
249 252 */
250 253 void
251 254 zonecfg_set_root(const char *rootpath)
252 255 {
253 256 if (*zonecfg_root != '\0')
254 257 free(zonecfg_root);
255 258 if (rootpath == NULL || rootpath[0] == '\0' || rootpath[1] == '\0' ||
256 259 (zonecfg_root = strdup(rootpath)) == NULL)
257 260 zonecfg_root = "";
258 261 }
259 262
260 263 const char *
261 264 zonecfg_get_root(void)
262 265 {
263 266 return (zonecfg_root);
264 267 }
265 268
266 269 boolean_t
267 270 zonecfg_in_alt_root(void)
268 271 {
269 272 return (*zonecfg_root != '\0');
270 273 }
271 274
272 275 /*
273 276 * Callers of the _file_path() functions are expected to have the second
274 277 * parameter be a (char foo[MAXPATHLEN]).
275 278 */
276 279
277 280 static boolean_t
278 281 config_file_path(const char *zonename, char *answer)
279 282 {
280 283 return (snprintf(answer, MAXPATHLEN, "%s%s/%s.xml", zonecfg_root,
281 284 ZONE_CONFIG_ROOT, zonename) < MAXPATHLEN);
282 285 }
283 286
284 287 static boolean_t
285 288 snap_file_path(const char *zonename, char *answer)
286 289 {
287 290 return (snprintf(answer, MAXPATHLEN, "%s%s/%s.snapshot.xml",
288 291 zonecfg_root, ZONE_SNAPSHOT_ROOT, zonename) < MAXPATHLEN);
289 292 }
290 293
291 294 /*ARGSUSED*/
292 295 static void
293 296 zonecfg_error_func(void *ctx, const char *msg, ...)
294 297 {
295 298 /*
296 299 * This function does nothing by design. Its purpose is to prevent
297 300 * libxml from dumping unwanted messages to stdout/stderr.
298 301 */
299 302 }
300 303
301 304 zone_dochandle_t
302 305 zonecfg_init_handle(void)
303 306 {
304 307 zone_dochandle_t handle = calloc(1, sizeof (struct zone_dochandle));
305 308 if (handle == NULL) {
306 309 errno = Z_NOMEM;
307 310 return (NULL);
308 311 }
309 312
310 313 /* generic libxml initialization */
311 314 (void) xmlLineNumbersDefault(1);
312 315 xmlLoadExtDtdDefaultValue |= XML_DETECT_IDS;
313 316 xmlDoValidityCheckingDefaultValue = 1;
314 317 (void) xmlKeepBlanksDefault(0);
315 318 xmlGetWarningsDefaultValue = 0;
316 319 xmlSetGenericErrorFunc(NULL, zonecfg_error_func);
317 320
318 321 return (handle);
319 322 }
320 323
321 324 int
322 325 zonecfg_check_handle(zone_dochandle_t handle)
323 326 {
324 327 if (handle == NULL || handle->zone_dh_doc == NULL)
325 328 return (Z_BAD_HANDLE);
326 329 return (Z_OK);
327 330 }
328 331
329 332 void
330 333 zonecfg_fini_handle(zone_dochandle_t handle)
331 334 {
332 335 if (zonecfg_check_handle(handle) == Z_OK)
333 336 xmlFreeDoc(handle->zone_dh_doc);
334 337 if (handle != NULL)
335 338 free(handle);
336 339 }
337 340
338 341 static int
339 342 zonecfg_destroy_impl(char *filename)
340 343 {
341 344 if (unlink(filename) == -1) {
342 345 if (errno == EACCES)
343 346 return (Z_ACCES);
344 347 if (errno == ENOENT)
345 348 return (Z_NO_ZONE);
346 349 return (Z_MISC_FS);
347 350 }
348 351 return (Z_OK);
349 352 }
350 353
351 354 int
352 355 zonecfg_destroy(const char *zonename, boolean_t force)
353 356 {
354 357 char path[MAXPATHLEN];
355 358 struct zoneent ze;
356 359 int err, state_err;
357 360 zone_state_t state;
358 361
359 362 if (!config_file_path(zonename, path))
360 363 return (Z_MISC_FS);
361 364
362 365 state_err = zone_get_state((char *)zonename, &state);
363 366 err = access(path, W_OK);
364 367
365 368 /*
366 369 * If there is no file, and no index entry, reliably indicate that no
367 370 * such zone exists.
368 371 */
369 372 if ((state_err == Z_NO_ZONE) && (err == -1) && (errno == ENOENT))
370 373 return (Z_NO_ZONE);
371 374
372 375 /*
373 376 * Handle any other filesystem related errors (except if the XML
374 377 * file is missing, which we treat silently), unless we're forcing,
375 378 * in which case we plow on.
376 379 */
377 380 if (err == -1 && errno != ENOENT) {
378 381 if (errno == EACCES)
379 382 return (Z_ACCES);
380 383 else if (!force)
381 384 return (Z_MISC_FS);
382 385 }
383 386
384 387 if (state > ZONE_STATE_INSTALLED)
385 388 return (Z_BAD_ZONE_STATE);
386 389
387 390 if (!force && state > ZONE_STATE_CONFIGURED)
388 391 return (Z_BAD_ZONE_STATE);
389 392
390 393 /*
391 394 * Index deletion succeeds even if the entry doesn't exist. So this
392 395 * will fail only if we've had some more severe problem.
393 396 */
394 397 bzero(&ze, sizeof (ze));
395 398 (void) strlcpy(ze.zone_name, zonename, sizeof (ze.zone_name));
396 399 if ((err = putzoneent(&ze, PZE_REMOVE)) != Z_OK)
397 400 if (!force)
398 401 return (err);
399 402
400 403 err = zonecfg_destroy_impl(path);
401 404
402 405 /*
403 406 * Treat failure to find the XML file silently, since, well, it's
404 407 * gone, and with the index file cleaned up, we're done.
405 408 */
406 409 if (err == Z_OK || err == Z_NO_ZONE)
407 410 return (Z_OK);
408 411 return (err);
409 412 }
410 413
411 414 int
412 415 zonecfg_destroy_snapshot(const char *zonename)
413 416 {
414 417 char path[MAXPATHLEN];
415 418
416 419 if (!snap_file_path(zonename, path))
417 420 return (Z_MISC_FS);
418 421 return (zonecfg_destroy_impl(path));
419 422 }
420 423
421 424 static int
422 425 getroot(zone_dochandle_t handle, xmlNodePtr *root)
423 426 {
424 427 if (zonecfg_check_handle(handle) == Z_BAD_HANDLE)
425 428 return (Z_BAD_HANDLE);
426 429
427 430 *root = xmlDocGetRootElement(handle->zone_dh_doc);
428 431
429 432 if (*root == NULL)
430 433 return (Z_EMPTY_DOCUMENT);
431 434
432 435 if (xmlStrcmp((*root)->name, DTD_ELEM_ZONE))
433 436 return (Z_WRONG_DOC_TYPE);
434 437
435 438 return (Z_OK);
436 439 }
437 440
438 441 static int
439 442 operation_prep(zone_dochandle_t handle)
440 443 {
441 444 xmlNodePtr root;
442 445 int err;
443 446
444 447 if ((err = getroot(handle, &root)) != 0)
445 448 return (err);
446 449
447 450 handle->zone_dh_cur = root;
448 451 handle->zone_dh_top = root;
449 452 return (Z_OK);
450 453 }
451 454
452 455 static int
453 456 fetchprop(xmlNodePtr cur, const xmlChar *propname, char *dst, size_t dstsize)
454 457 {
455 458 xmlChar *property;
456 459 size_t srcsize;
457 460
458 461 if ((property = xmlGetProp(cur, propname)) == NULL)
459 462 return (Z_BAD_PROPERTY);
460 463 srcsize = strlcpy(dst, (char *)property, dstsize);
461 464 xmlFree(property);
462 465 if (srcsize >= dstsize)
463 466 return (Z_TOO_BIG);
464 467 return (Z_OK);
465 468 }
466 469
467 470 static int
468 471 fetch_alloc_prop(xmlNodePtr cur, const xmlChar *propname, char **dst)
469 472 {
470 473 xmlChar *property;
471 474
472 475 if ((property = xmlGetProp(cur, propname)) == NULL)
473 476 return (Z_BAD_PROPERTY);
474 477 if ((*dst = strdup((char *)property)) == NULL) {
475 478 xmlFree(property);
476 479 return (Z_NOMEM);
477 480 }
478 481 xmlFree(property);
479 482 return (Z_OK);
480 483 }
481 484
482 485 static int
483 486 getrootattr(zone_dochandle_t handle, const xmlChar *propname,
484 487 char *propval, size_t propsize)
485 488 {
486 489 xmlNodePtr root;
487 490 int err;
488 491
489 492 if ((err = getroot(handle, &root)) != 0)
490 493 return (err);
491 494
492 495 return (fetchprop(root, propname, propval, propsize));
493 496 }
494 497
495 498 static int
496 499 get_alloc_rootattr(zone_dochandle_t handle, const xmlChar *propname,
497 500 char **propval)
498 501 {
499 502 xmlNodePtr root;
500 503 int err;
501 504
502 505 if ((err = getroot(handle, &root)) != 0)
503 506 return (err);
504 507
505 508 return (fetch_alloc_prop(root, propname, propval));
506 509 }
507 510
508 511 static int
509 512 setrootattr(zone_dochandle_t handle, const xmlChar *propname,
510 513 const char *propval)
511 514 {
512 515 int err;
513 516 xmlNodePtr root;
514 517
515 518 if ((err = getroot(handle, &root)) != Z_OK)
516 519 return (err);
517 520
518 521 /*
519 522 * If we get a null propval remove the property (ignore return since it
520 523 * may not be set to begin with).
521 524 */
522 525 if (propval == NULL) {
523 526 (void) xmlUnsetProp(root, propname);
524 527 } else {
525 528 if (xmlSetProp(root, propname, (const xmlChar *) propval)
526 529 == NULL)
527 530 return (Z_INVAL);
528 531 }
529 532 return (Z_OK);
530 533 }
531 534
532 535 static void
533 536 addcomment(zone_dochandle_t handle, const char *comment)
534 537 {
535 538 xmlNodePtr node;
536 539 node = xmlNewComment((xmlChar *) comment);
537 540
538 541 if (node != NULL)
539 542 (void) xmlAddPrevSibling(handle->zone_dh_top, node);
540 543 }
541 544
542 545 static void
543 546 stripcomments(zone_dochandle_t handle)
544 547 {
545 548 xmlDocPtr top;
546 549 xmlNodePtr child, next;
547 550
548 551 top = handle->zone_dh_doc;
549 552 for (child = top->xmlChildrenNode; child != NULL; child = next) {
550 553 next = child->next;
551 554 if (child->name == NULL)
552 555 continue;
553 556 if (xmlStrcmp(child->name, DTD_ELEM_COMMENT) == 0) {
554 557 next = child->next;
555 558 xmlUnlinkNode(child);
556 559 xmlFreeNode(child);
557 560 }
558 561 }
559 562 }
560 563
561 564 static void
562 565 strip_sw_inv(zone_dochandle_t handle)
563 566 {
564 567 xmlNodePtr root, child, next;
565 568
566 569 root = xmlDocGetRootElement(handle->zone_dh_doc);
567 570 for (child = root->xmlChildrenNode; child != NULL; child = next) {
568 571 next = child->next;
569 572 if (child->name == NULL)
570 573 continue;
571 574 if (xmlStrcmp(child->name, DTD_ELEM_PACKAGE) == 0) {
572 575 next = child->next;
573 576 xmlUnlinkNode(child);
574 577 xmlFreeNode(child);
575 578 }
576 579 }
577 580 }
578 581
579 582 static int
580 583 zonecfg_get_handle_impl(const char *zonename, const char *filename,
581 584 zone_dochandle_t handle)
582 585 {
583 586 xmlValidCtxtPtr cvp;
584 587 struct stat statbuf;
585 588 int valid;
586 589
587 590 if (zonename == NULL)
588 591 return (Z_NO_ZONE);
589 592
590 593 if ((handle->zone_dh_doc = xmlParseFile(filename)) == NULL) {
591 594 /* distinguish file not found vs. found but not parsed */
592 595 if (stat(filename, &statbuf) == 0)
593 596 return (Z_INVALID_DOCUMENT);
594 597 return (Z_NO_ZONE);
595 598 }
596 599 if ((cvp = xmlNewValidCtxt()) == NULL)
597 600 return (Z_NOMEM);
598 601 cvp->error = zonecfg_error_func;
599 602 cvp->warning = zonecfg_error_func;
600 603 valid = xmlValidateDocument(cvp, handle->zone_dh_doc);
601 604 xmlFreeValidCtxt(cvp);
602 605 if (valid == 0)
603 606 return (Z_INVALID_DOCUMENT);
604 607
605 608 /* delete any comments such as inherited Sun copyright / ident str */
606 609 stripcomments(handle);
607 610 return (Z_OK);
608 611 }
609 612
610 613 int
611 614 zonecfg_get_handle(const char *zonename, zone_dochandle_t handle)
612 615 {
613 616 char path[MAXPATHLEN];
614 617
615 618 if (!config_file_path(zonename, path))
616 619 return (Z_MISC_FS);
617 620 handle->zone_dh_newzone = B_FALSE;
618 621
619 622 return (zonecfg_get_handle_impl(zonename, path, handle));
620 623 }
621 624
622 625 int
623 626 zonecfg_get_attach_handle(const char *path, const char *fname,
624 627 const char *zonename, boolean_t preserve_sw, zone_dochandle_t handle)
625 628 {
626 629 char migpath[MAXPATHLEN];
627 630 int err;
628 631 struct stat buf;
629 632
630 633 if (snprintf(migpath, sizeof (migpath), "%s/root", path) >=
631 634 sizeof (migpath))
632 635 return (Z_NOMEM);
633 636
634 637 if (stat(migpath, &buf) == -1 || !S_ISDIR(buf.st_mode))
635 638 return (Z_NO_ZONE);
636 639
637 640 if (snprintf(migpath, sizeof (migpath), "%s/%s", path, fname) >=
638 641 sizeof (migpath))
639 642 return (Z_NOMEM);
640 643
641 644 if ((err = zonecfg_get_handle_impl(zonename, migpath, handle)) != Z_OK)
642 645 return (err);
643 646
644 647 if (!preserve_sw)
645 648 strip_sw_inv(handle);
646 649
647 650 handle->zone_dh_newzone = B_TRUE;
648 651 if ((err = setrootattr(handle, DTD_ATTR_ZONEPATH, path)) != Z_OK)
649 652 return (err);
650 653
651 654 return (setrootattr(handle, DTD_ATTR_NAME, zonename));
652 655 }
653 656
654 657 int
655 658 zonecfg_get_snapshot_handle(const char *zonename, zone_dochandle_t handle)
656 659 {
657 660 char path[MAXPATHLEN];
658 661
659 662 if (!snap_file_path(zonename, path))
660 663 return (Z_MISC_FS);
661 664 handle->zone_dh_newzone = B_FALSE;
662 665 return (zonecfg_get_handle_impl(zonename, path, handle));
663 666 }
664 667
665 668 int
666 669 zonecfg_get_template_handle(const char *template, const char *zonename,
667 670 zone_dochandle_t handle)
668 671 {
669 672 char path[MAXPATHLEN];
670 673 int err;
671 674
672 675 if (!config_file_path(template, path))
673 676 return (Z_MISC_FS);
674 677
675 678 if ((err = zonecfg_get_handle_impl(template, path, handle)) != Z_OK)
676 679 return (err);
677 680 handle->zone_dh_newzone = B_TRUE;
678 681 return (setrootattr(handle, DTD_ATTR_NAME, zonename));
679 682 }
680 683
681 684 int
682 685 zonecfg_get_xml_handle(const char *path, zone_dochandle_t handle)
683 686 {
684 687 struct stat buf;
685 688 int err;
686 689
687 690 if (stat(path, &buf) == -1)
688 691 return (Z_MISC_FS);
689 692
690 693 if ((err = zonecfg_get_handle_impl("xml", path, handle)) != Z_OK)
691 694 return (err);
692 695 handle->zone_dh_newzone = B_TRUE;
693 696 return (Z_OK);
694 697 }
695 698
696 699 /*
697 700 * Initialize two handles from the manifest read on fd. The rem_handle
698 701 * is initialized from the input file, including the sw inventory. The
699 702 * local_handle is initialized with the same zone configuration but with
700 703 * no sw inventory.
701 704 */
702 705 int
703 706 zonecfg_attach_manifest(int fd, zone_dochandle_t local_handle,
704 707 zone_dochandle_t rem_handle)
705 708 {
706 709 xmlValidCtxtPtr cvp;
707 710 int valid;
708 711
709 712 /* load the manifest into the handle for the remote system */
710 713 if ((rem_handle->zone_dh_doc = xmlReadFd(fd, NULL, NULL, 0)) == NULL) {
711 714 return (Z_INVALID_DOCUMENT);
712 715 }
713 716 if ((cvp = xmlNewValidCtxt()) == NULL)
714 717 return (Z_NOMEM);
715 718 cvp->error = zonecfg_error_func;
716 719 cvp->warning = zonecfg_error_func;
717 720 valid = xmlValidateDocument(cvp, rem_handle->zone_dh_doc);
718 721 xmlFreeValidCtxt(cvp);
719 722 if (valid == 0)
720 723 return (Z_INVALID_DOCUMENT);
721 724
722 725 /* delete any comments such as inherited Sun copyright / ident str */
723 726 stripcomments(rem_handle);
724 727
725 728 rem_handle->zone_dh_newzone = B_TRUE;
726 729 rem_handle->zone_dh_sw_inv = B_TRUE;
727 730
728 731 /*
729 732 * Now use the remote system handle to generate a local system handle
730 733 * with an identical zones configuration but no sw inventory.
731 734 */
732 735 if ((local_handle->zone_dh_doc = xmlCopyDoc(rem_handle->zone_dh_doc,
733 736 1)) == NULL) {
734 737 return (Z_INVALID_DOCUMENT);
735 738 }
736 739
737 740 /*
738 741 * We need to re-run xmlValidateDocument on local_handle to properly
739 742 * update the in-core representation of the configuration.
740 743 */
741 744 if ((cvp = xmlNewValidCtxt()) == NULL)
742 745 return (Z_NOMEM);
743 746 cvp->error = zonecfg_error_func;
744 747 cvp->warning = zonecfg_error_func;
745 748 valid = xmlValidateDocument(cvp, local_handle->zone_dh_doc);
746 749 xmlFreeValidCtxt(cvp);
747 750 if (valid == 0)
748 751 return (Z_INVALID_DOCUMENT);
749 752
750 753 strip_sw_inv(local_handle);
751 754
752 755 local_handle->zone_dh_newzone = B_TRUE;
753 756 local_handle->zone_dh_sw_inv = B_FALSE;
754 757
755 758 return (Z_OK);
756 759 }
757 760
758 761 static boolean_t
759 762 is_renaming(zone_dochandle_t handle)
760 763 {
761 764 if (handle->zone_dh_newzone)
762 765 return (B_FALSE);
763 766 if (strlen(handle->zone_dh_delete_name) > 0)
764 767 return (B_TRUE);
765 768 return (B_FALSE);
766 769 }
767 770
768 771 static boolean_t
769 772 is_new(zone_dochandle_t handle)
770 773 {
771 774 return (handle->zone_dh_newzone || handle->zone_dh_snapshot);
772 775 }
773 776
774 777 static boolean_t
775 778 is_snapshot(zone_dochandle_t handle)
776 779 {
777 780 return (handle->zone_dh_snapshot);
778 781 }
779 782
780 783 /*
781 784 * It would be great to be able to use libc's ctype(3c) macros, but we
782 785 * can't, as they are locale sensitive, and it would break our limited thread
783 786 * safety if this routine had to change the app locale on the fly.
784 787 */
785 788 int
786 789 zonecfg_validate_zonename(const char *zone)
787 790 {
788 791 int i;
789 792
790 793 if (strcmp(zone, GLOBAL_ZONENAME) == 0)
791 794 return (Z_BOGUS_ZONE_NAME);
792 795
793 796 if (strlen(zone) >= ZONENAME_MAX)
794 797 return (Z_BOGUS_ZONE_NAME);
795 798
796 799 if (!((zone[0] >= 'a' && zone[0] <= 'z') ||
797 800 (zone[0] >= 'A' && zone[0] <= 'Z') ||
798 801 (zone[0] >= '0' && zone[0] <= '9')))
799 802 return (Z_BOGUS_ZONE_NAME);
800 803
801 804 for (i = 1; zone[i] != '\0'; i++) {
802 805 if (!((zone[i] >= 'a' && zone[i] <= 'z') ||
803 806 (zone[i] >= 'A' && zone[i] <= 'Z') ||
804 807 (zone[i] >= '0' && zone[i] <= '9') ||
805 808 (zone[i] == '-') || (zone[i] == '_') || (zone[i] == '.')))
806 809 return (Z_BOGUS_ZONE_NAME);
807 810 }
808 811
809 812 return (Z_OK);
810 813 }
811 814
812 815 /*
813 816 * Changing the zone name requires us to track both the old and new
814 817 * name of the zone until commit time.
815 818 */
816 819 int
817 820 zonecfg_get_name(zone_dochandle_t handle, char *name, size_t namesize)
818 821 {
819 822 return (getrootattr(handle, DTD_ATTR_NAME, name, namesize));
820 823 }
821 824
822 825 static int
823 826 insert_admins(zone_dochandle_t handle, char *zonename)
824 827 {
825 828 int err;
826 829 struct zone_admintab admintab;
827 830
828 831 if ((err = zonecfg_setadminent(handle)) != Z_OK) {
829 832 return (err);
830 833 }
831 834 while (zonecfg_getadminent(handle, &admintab) == Z_OK) {
832 835 err = zonecfg_insert_userauths(handle,
833 836 admintab.zone_admin_user, zonename);
834 837 if (err != Z_OK) {
835 838 (void) zonecfg_endadminent(handle);
836 839 return (err);
837 840 }
838 841 }
839 842 (void) zonecfg_endadminent(handle);
840 843 return (Z_OK);
841 844 }
842 845
843 846 int
844 847 zonecfg_set_name(zone_dochandle_t handle, char *name)
845 848 {
846 849 zone_state_t state;
847 850 char curname[ZONENAME_MAX], old_delname[ZONENAME_MAX];
848 851 int err;
849 852
850 853 if ((err = getrootattr(handle, DTD_ATTR_NAME, curname,
851 854 sizeof (curname))) != Z_OK)
852 855 return (err);
853 856
854 857 if (strcmp(name, curname) == 0)
855 858 return (Z_OK);
856 859
857 860 /*
858 861 * Switching zone names to one beginning with SUNW is not permitted.
859 862 */
860 863 if (strncmp(name, "SUNW", 4) == 0)
861 864 return (Z_BOGUS_ZONE_NAME);
862 865
863 866 if ((err = zonecfg_validate_zonename(name)) != Z_OK)
864 867 return (err);
865 868
866 869 /*
867 870 * Setting the name back to the original name (effectively a revert of
868 871 * the name) is fine. But if we carry on, we'll falsely identify the
869 872 * name as "in use," so special case here.
870 873 */
871 874 if (strcmp(name, handle->zone_dh_delete_name) == 0) {
872 875 err = setrootattr(handle, DTD_ATTR_NAME, name);
873 876 handle->zone_dh_delete_name[0] = '\0';
874 877 return (err);
875 878 }
876 879
877 880 /* Check to see if new name chosen is already in use */
878 881 if (zone_get_state(name, &state) != Z_NO_ZONE)
879 882 return (Z_NAME_IN_USE);
880 883
881 884 /*
882 885 * If this isn't already "new" or in a renaming transition, then
883 886 * we're initiating a rename here; so stash the "delete name"
884 887 * (i.e. the name of the zone we'll be removing) for the rename.
885 888 */
886 889 (void) strlcpy(old_delname, handle->zone_dh_delete_name,
887 890 sizeof (old_delname));
888 891 if (!is_new(handle) && !is_renaming(handle)) {
889 892 /*
890 893 * Name change is allowed only when the zone we're altering
891 894 * is not ready or running.
892 895 */
893 896 err = zone_get_state(curname, &state);
894 897 if (err == Z_OK) {
895 898 if (state > ZONE_STATE_INSTALLED)
896 899 return (Z_BAD_ZONE_STATE);
897 900 } else if (err != Z_NO_ZONE) {
898 901 return (err);
899 902 }
900 903
901 904 (void) strlcpy(handle->zone_dh_delete_name, curname,
902 905 sizeof (handle->zone_dh_delete_name));
903 906 assert(is_renaming(handle));
904 907 } else if (is_renaming(handle)) {
905 908 err = zone_get_state(handle->zone_dh_delete_name, &state);
906 909 if (err == Z_OK) {
907 910 if (state > ZONE_STATE_INSTALLED)
908 911 return (Z_BAD_ZONE_STATE);
909 912 } else if (err != Z_NO_ZONE) {
910 913 return (err);
911 914 }
912 915 }
913 916
914 917 if ((err = setrootattr(handle, DTD_ATTR_NAME, name)) != Z_OK) {
915 918 /*
916 919 * Restore the deletename to whatever it was at the
917 920 * top of the routine, since we've had a failure.
918 921 */
919 922 (void) strlcpy(handle->zone_dh_delete_name, old_delname,
920 923 sizeof (handle->zone_dh_delete_name));
921 924 return (err);
922 925 }
923 926
924 927 /*
925 928 * Record the old admins from the old zonename
926 929 * so that they can be deleted when the operation is committed.
927 930 */
928 931 if ((err = insert_admins(handle, curname)) != Z_OK)
929 932 return (err);
930 933 else
931 934 return (Z_OK);
932 935 }
933 936
934 937 int
935 938 zonecfg_get_zonepath(zone_dochandle_t handle, char *path, size_t pathsize)
936 939 {
937 940 size_t len;
938 941
939 942 if ((len = strlcpy(path, zonecfg_root, pathsize)) >= pathsize)
940 943 return (Z_TOO_BIG);
941 944 return (getrootattr(handle, DTD_ATTR_ZONEPATH, path + len,
942 945 pathsize - len));
943 946 }
944 947
945 948 int
946 949 zonecfg_set_zonepath(zone_dochandle_t handle, char *zonepath)
947 950 {
948 951 size_t len;
949 952 char *modpath, *copy_mp, *curr_mp; /* modified path ptrs */
950 953 char last_copied;
951 954 int ret;
952 955
953 956 /*
954 957 * Collapse multiple contiguous slashes and remove trailing slash.
955 958 */
956 959 modpath = strdup(zonepath);
957 960 if (modpath == NULL)
958 961 return (Z_NOMEM);
959 962 last_copied = '\0';
960 963 for (copy_mp = curr_mp = modpath; *curr_mp != '\0'; curr_mp++) {
961 964 if (*curr_mp != '/' || last_copied != '/') {
962 965 last_copied = *copy_mp = *curr_mp;
963 966 copy_mp++;
964 967 }
965 968 }
966 969 if (last_copied == '/')
967 970 copy_mp--;
968 971 *copy_mp = '\0';
969 972
970 973 /*
971 974 * The user deals in absolute paths in the running global zone, but the
972 975 * internal configuration files deal with boot environment relative
973 976 * paths. Strip out the alternate root when specified.
974 977 */
975 978 len = strlen(zonecfg_root);
976 979 if (strncmp(modpath, zonecfg_root, len) != 0 || modpath[len] != '/') {
977 980 free(modpath);
978 981 return (Z_BAD_PROPERTY);
979 982 }
980 983 curr_mp = modpath + len;
981 984 ret = setrootattr(handle, DTD_ATTR_ZONEPATH, curr_mp);
982 985 free(modpath);
983 986 return (ret);
984 987 }
985 988
986 989 static int
987 990 i_zonecfg_get_brand(zone_dochandle_t handle, char *brand, size_t brandsize,
988 991 boolean_t default_query)
989 992 {
990 993 int ret, sz;
991 994
992 995 ret = getrootattr(handle, DTD_ATTR_BRAND, brand, brandsize);
993 996
994 997 /*
995 998 * If the lookup failed, or succeeded in finding a non-null brand
996 999 * string then return.
997 1000 */
998 1001 if (ret != Z_OK || brand[0] != '\0')
999 1002 return (ret);
1000 1003
1001 1004 if (!default_query) {
1002 1005 /* If the zone has no brand, it is the default brand. */
1003 1006 return (zonecfg_default_brand(brand, brandsize));
1004 1007 }
1005 1008
1006 1009 /* if SUNWdefault didn't specify a brand, fallback to "native" */
1007 1010 sz = strlcpy(brand, NATIVE_BRAND_NAME, brandsize);
1008 1011 if (sz >= brandsize)
1009 1012 return (Z_TOO_BIG);
1010 1013 return (Z_OK);
1011 1014 }
1012 1015
1013 1016 int
1014 1017 zonecfg_get_brand(zone_dochandle_t handle, char *brand, size_t brandsize)
1015 1018 {
1016 1019 return (i_zonecfg_get_brand(handle, brand, brandsize, B_FALSE));
1017 1020 }
1018 1021
1019 1022 int
1020 1023 zonecfg_set_brand(zone_dochandle_t handle, char *brand)
1021 1024 {
1022 1025 return (setrootattr(handle, DTD_ATTR_BRAND, brand));
1023 1026 }
1024 1027
1025 1028 int
1026 1029 zonecfg_get_autoboot(zone_dochandle_t handle, boolean_t *autoboot)
1027 1030 {
1028 1031 char autobootstr[DTD_ENTITY_BOOL_LEN];
1029 1032 int ret;
1030 1033
1031 1034 if ((ret = getrootattr(handle, DTD_ATTR_AUTOBOOT, autobootstr,
1032 1035 sizeof (autobootstr))) != Z_OK)
1033 1036 return (ret);
1034 1037
1035 1038 if (strcmp(autobootstr, DTD_ENTITY_TRUE) == 0)
1036 1039 *autoboot = B_TRUE;
1037 1040 else if (strcmp(autobootstr, DTD_ENTITY_FALSE) == 0)
1038 1041 *autoboot = B_FALSE;
1039 1042 else
1040 1043 ret = Z_BAD_PROPERTY;
1041 1044 return (ret);
1042 1045 }
1043 1046
1044 1047 int
1045 1048 zonecfg_set_autoboot(zone_dochandle_t handle, boolean_t autoboot)
1046 1049 {
1047 1050 return (setrootattr(handle, DTD_ATTR_AUTOBOOT,
1048 1051 autoboot ? DTD_ENTITY_TRUE : DTD_ENTITY_FALSE));
1049 1052 }
1050 1053
1051 1054 int
1052 1055 zonecfg_get_pool(zone_dochandle_t handle, char *pool, size_t poolsize)
1053 1056 {
1054 1057 return (getrootattr(handle, DTD_ATTR_POOL, pool, poolsize));
1055 1058 }
1056 1059
1057 1060 int
1058 1061 zonecfg_set_pool(zone_dochandle_t handle, char *pool)
1059 1062 {
1060 1063 return (setrootattr(handle, DTD_ATTR_POOL, pool));
1061 1064 }
1062 1065
1063 1066 int
1064 1067 zonecfg_get_limitpriv(zone_dochandle_t handle, char **limitpriv)
1065 1068 {
1066 1069 return (get_alloc_rootattr(handle, DTD_ATTR_LIMITPRIV, limitpriv));
1067 1070 }
1068 1071
1069 1072 int
1070 1073 zonecfg_set_limitpriv(zone_dochandle_t handle, char *limitpriv)
1071 1074 {
1072 1075 return (setrootattr(handle, DTD_ATTR_LIMITPRIV, limitpriv));
1073 1076 }
1074 1077
1075 1078 int
1076 1079 zonecfg_get_bootargs(zone_dochandle_t handle, char *bargs, size_t bargssize)
1077 1080 {
1078 1081 return (getrootattr(handle, DTD_ATTR_BOOTARGS, bargs, bargssize));
1079 1082 }
1080 1083
1081 1084 int
1082 1085 zonecfg_set_bootargs(zone_dochandle_t handle, char *bargs)
1083 1086 {
1084 1087 return (setrootattr(handle, DTD_ATTR_BOOTARGS, bargs));
1085 1088 }
1086 1089
1087 1090 int
1088 1091 zonecfg_get_sched_class(zone_dochandle_t handle, char *sched, size_t schedsize)
1089 1092 {
1090 1093 return (getrootattr(handle, DTD_ATTR_SCHED, sched, schedsize));
1091 1094 }
1092 1095
1093 1096 int
1094 1097 zonecfg_set_sched(zone_dochandle_t handle, char *sched)
1095 1098 {
1096 1099 return (setrootattr(handle, DTD_ATTR_SCHED, sched));
1097 1100 }
1098 1101
1099 1102 /*
1100 1103 * /etc/zones/index caches a vital piece of information which is also
1101 1104 * in the <zonename>.xml file: the path to the zone. This is for performance,
1102 1105 * since we need to walk all zonepath's in order to be able to detect conflicts
1103 1106 * (see crosscheck_zonepaths() in the zoneadm command).
1104 1107 *
1105 1108 * An additional complexity is that when doing a rename, we'd like the entire
1106 1109 * index update operation (rename, and potential state changes) to be atomic.
1107 1110 * In general, the operation of this function should succeed or fail as
1108 1111 * a unit.
1109 1112 */
1110 1113 int
1111 1114 zonecfg_refresh_index_file(zone_dochandle_t handle)
1112 1115 {
1113 1116 char name[ZONENAME_MAX], zonepath[MAXPATHLEN];
1114 1117 struct zoneent ze;
1115 1118 int err;
1116 1119 int opcode;
1117 1120 char *zn;
1118 1121
1119 1122 bzero(&ze, sizeof (ze));
1120 1123 ze.zone_state = -1; /* Preserve existing state in index */
1121 1124
1122 1125 if ((err = zonecfg_get_name(handle, name, sizeof (name))) != Z_OK)
1123 1126 return (err);
1124 1127 (void) strlcpy(ze.zone_name, name, sizeof (ze.zone_name));
1125 1128
1126 1129 if ((err = zonecfg_get_zonepath(handle, zonepath,
1127 1130 sizeof (zonepath))) != Z_OK)
1128 1131 return (err);
1129 1132 (void) strlcpy(ze.zone_path, zonepath + strlen(zonecfg_root),
1130 1133 sizeof (ze.zone_path));
1131 1134
1132 1135 if (is_renaming(handle)) {
1133 1136 opcode = PZE_MODIFY;
1134 1137 (void) strlcpy(ze.zone_name, handle->zone_dh_delete_name,
1135 1138 sizeof (ze.zone_name));
1136 1139 (void) strlcpy(ze.zone_newname, name, sizeof (ze.zone_newname));
1137 1140 } else if (is_new(handle)) {
1138 1141 FILE *cookie;
1139 1142 /*
1140 1143 * Be tolerant of the zone already existing in the index file,
1141 1144 * since we might be forcibly overwriting an existing
1142 1145 * configuration with a new one (for example 'create -F'
1143 1146 * in zonecfg).
1144 1147 */
1145 1148 opcode = PZE_ADD;
1146 1149 cookie = setzoneent();
1147 1150 while ((zn = getzoneent(cookie)) != NULL) {
1148 1151 if (strcmp(zn, name) == 0) {
1149 1152 opcode = PZE_MODIFY;
1150 1153 free(zn);
1151 1154 break;
1152 1155 }
1153 1156 free(zn);
1154 1157 }
1155 1158 endzoneent(cookie);
1156 1159 ze.zone_state = ZONE_STATE_CONFIGURED;
1157 1160 } else {
1158 1161 opcode = PZE_MODIFY;
1159 1162 }
1160 1163
1161 1164 if ((err = putzoneent(&ze, opcode)) != Z_OK)
1162 1165 return (err);
1163 1166
1164 1167 return (Z_OK);
1165 1168 }
1166 1169
1167 1170 /*
1168 1171 * The goal of this routine is to cause the index file update and the
1169 1172 * document save to happen as an atomic operation. We do the document
1170 1173 * first, saving a backup copy using a hard link; if that succeeds, we go
1171 1174 * on to the index. If that fails, we roll the document back into place.
1172 1175 *
1173 1176 * Strategy:
1174 1177 *
1175 1178 * New zone 'foo' configuration:
1176 1179 * Create tmpfile (zonecfg.xxxxxx)
1177 1180 * Write XML to tmpfile
1178 1181 * Rename tmpfile to xmlfile (zonecfg.xxxxxx -> foo.xml)
1179 1182 * Add entry to index file
1180 1183 * If it fails, delete foo.xml, leaving nothing behind.
1181 1184 *
1182 1185 * Save existing zone 'foo':
1183 1186 * Make backup of foo.xml -> .backup
1184 1187 * Create tmpfile (zonecfg.xxxxxx)
1185 1188 * Write XML to tmpfile
1186 1189 * Rename tmpfile to xmlfile (zonecfg.xxxxxx -> foo.xml)
1187 1190 * Modify index file as needed
1188 1191 * If it fails, recover from .backup -> foo.xml
1189 1192 *
1190 1193 * Rename 'foo' to 'bar':
1191 1194 * Create tmpfile (zonecfg.xxxxxx)
1192 1195 * Write XML to tmpfile
1193 1196 * Rename tmpfile to xmlfile (zonecfg.xxxxxx -> bar.xml)
1194 1197 * Add entry for 'bar' to index file, Remove entry for 'foo' (refresh)
1195 1198 * If it fails, delete bar.xml; foo.xml is left behind.
1196 1199 */
1197 1200 static int
1198 1201 zonecfg_save_impl(zone_dochandle_t handle, char *filename)
1199 1202 {
1200 1203 char tmpfile[MAXPATHLEN];
1201 1204 char bakdir[MAXPATHLEN], bakbase[MAXPATHLEN], bakfile[MAXPATHLEN];
1202 1205 int tmpfd, err, valid;
1203 1206 xmlValidCtxt cvp = { NULL };
1204 1207 boolean_t backup;
1205 1208
1206 1209 (void) strlcpy(tmpfile, filename, sizeof (tmpfile));
1207 1210 (void) dirname(tmpfile);
1208 1211 (void) strlcat(tmpfile, _PATH_TMPFILE, sizeof (tmpfile));
1209 1212
1210 1213 tmpfd = mkstemp(tmpfile);
1211 1214 if (tmpfd == -1) {
1212 1215 (void) unlink(tmpfile);
1213 1216 return (Z_TEMP_FILE);
1214 1217 }
1215 1218 (void) close(tmpfd);
1216 1219
1217 1220 cvp.error = zonecfg_error_func;
1218 1221 cvp.warning = zonecfg_error_func;
1219 1222
1220 1223 /*
1221 1224 * We do a final validation of the document. Since the library has
1222 1225 * malfunctioned if it fails to validate, we follow-up with an
1223 1226 * assert() that the doc is valid.
1224 1227 */
1225 1228 valid = xmlValidateDocument(&cvp, handle->zone_dh_doc);
1226 1229 assert(valid != 0);
1227 1230
1228 1231 if (xmlSaveFormatFile(tmpfile, handle->zone_dh_doc, 1) <= 0)
1229 1232 goto err;
1230 1233
1231 1234 (void) chmod(tmpfile, 0644);
1232 1235
1233 1236 /*
1234 1237 * In the event we are doing a standard save, hard link a copy of the
1235 1238 * original file in .backup.<pid>.filename so we can restore it if
1236 1239 * something goes wrong.
1237 1240 */
1238 1241 if (!is_new(handle) && !is_renaming(handle)) {
1239 1242 backup = B_TRUE;
1240 1243
1241 1244 (void) strlcpy(bakdir, filename, sizeof (bakdir));
1242 1245 (void) strlcpy(bakbase, filename, sizeof (bakbase));
1243 1246 (void) snprintf(bakfile, sizeof (bakfile), "%s/.backup.%d.%s",
1244 1247 dirname(bakdir), getpid(), basename(bakbase));
1245 1248
1246 1249 if (link(filename, bakfile) == -1) {
1247 1250 err = errno;
1248 1251 (void) unlink(tmpfile);
1249 1252 if (errno == EACCES)
1250 1253 return (Z_ACCES);
1251 1254 return (Z_MISC_FS);
1252 1255 }
1253 1256 }
1254 1257
1255 1258 /*
1256 1259 * Move the new document over top of the old.
1257 1260 * i.e.: zonecfg.XXXXXX -> myzone.xml
1258 1261 */
1259 1262 if (rename(tmpfile, filename) == -1) {
1260 1263 err = errno;
1261 1264 (void) unlink(tmpfile);
1262 1265 if (backup)
1263 1266 (void) unlink(bakfile);
1264 1267 if (err == EACCES)
1265 1268 return (Z_ACCES);
1266 1269 return (Z_MISC_FS);
1267 1270 }
1268 1271
1269 1272 /*
1270 1273 * If this is a snapshot, we're done-- don't add an index entry.
1271 1274 */
1272 1275 if (is_snapshot(handle))
1273 1276 return (Z_OK);
1274 1277
1275 1278 /* now update the index file to reflect whatever we just did */
1276 1279 if ((err = zonecfg_refresh_index_file(handle)) != Z_OK) {
1277 1280 if (backup) {
1278 1281 /*
1279 1282 * Try to restore from our backup.
1280 1283 */
1281 1284 (void) unlink(filename);
1282 1285 (void) rename(bakfile, filename);
1283 1286 } else {
1284 1287 /*
1285 1288 * Either the zone is new, in which case we can delete
1286 1289 * new.xml, or we're doing a rename, so ditto.
1287 1290 */
1288 1291 assert(is_new(handle) || is_renaming(handle));
1289 1292 (void) unlink(filename);
1290 1293 }
1291 1294 return (Z_UPDATING_INDEX);
1292 1295 }
1293 1296
1294 1297 if (backup)
1295 1298 (void) unlink(bakfile);
1296 1299
1297 1300 return (Z_OK);
1298 1301
1299 1302 err:
1300 1303 (void) unlink(tmpfile);
1301 1304 return (Z_SAVING_FILE);
1302 1305 }
1303 1306
1304 1307 int
1305 1308 zonecfg_save(zone_dochandle_t handle)
1306 1309 {
1307 1310 char zname[ZONENAME_MAX], path[MAXPATHLEN];
1308 1311 char delpath[MAXPATHLEN];
1309 1312 int err = Z_SAVING_FILE;
1310 1313
1311 1314 if (zonecfg_check_handle(handle) != Z_OK)
1312 1315 return (Z_BAD_HANDLE);
1313 1316
1314 1317 /*
1315 1318 * We don't support saving snapshots or a tree containing a sw
1316 1319 * inventory at this time.
1317 1320 */
1318 1321 if (handle->zone_dh_snapshot || handle->zone_dh_sw_inv)
1319 1322 return (Z_INVAL);
1320 1323
1321 1324 if ((err = zonecfg_get_name(handle, zname, sizeof (zname))) != Z_OK)
1322 1325 return (err);
1323 1326
1324 1327 if (!config_file_path(zname, path))
1325 1328 return (Z_MISC_FS);
1326 1329
1327 1330 addcomment(handle, "\n DO NOT EDIT THIS "
1328 1331 "FILE. Use zonecfg(1M) instead.\n");
1329 1332
1330 1333 /*
1331 1334 * Update user_attr first so that it will be older
1332 1335 * than the config file.
1333 1336 */
1334 1337 (void) zonecfg_authorize_users(handle, zname);
1335 1338 err = zonecfg_save_impl(handle, path);
1336 1339
1337 1340 stripcomments(handle);
1338 1341
1339 1342 if (err != Z_OK)
1340 1343 return (err);
1341 1344
1342 1345 handle->zone_dh_newzone = B_FALSE;
1343 1346
1344 1347 if (is_renaming(handle)) {
1345 1348 if (config_file_path(handle->zone_dh_delete_name, delpath))
1346 1349 (void) unlink(delpath);
1347 1350 handle->zone_dh_delete_name[0] = '\0';
1348 1351 }
1349 1352
1350 1353 return (Z_OK);
1351 1354 }
1352 1355
1353 1356 int
1354 1357 zonecfg_verify_save(zone_dochandle_t handle, char *filename)
1355 1358 {
1356 1359 int valid;
1357 1360
1358 1361 xmlValidCtxt cvp = { NULL };
1359 1362
1360 1363 if (zonecfg_check_handle(handle) != Z_OK)
1361 1364 return (Z_BAD_HANDLE);
1362 1365
1363 1366 cvp.error = zonecfg_error_func;
1364 1367 cvp.warning = zonecfg_error_func;
1365 1368
1366 1369 /*
1367 1370 * We do a final validation of the document. Since the library has
1368 1371 * malfunctioned if it fails to validate, we follow-up with an
1369 1372 * assert() that the doc is valid.
1370 1373 */
1371 1374 valid = xmlValidateDocument(&cvp, handle->zone_dh_doc);
1372 1375 assert(valid != 0);
1373 1376
1374 1377 if (xmlSaveFormatFile(filename, handle->zone_dh_doc, 1) <= 0)
1375 1378 return (Z_SAVING_FILE);
1376 1379
1377 1380 return (Z_OK);
1378 1381 }
1379 1382
1380 1383 int
1381 1384 zonecfg_detach_save(zone_dochandle_t handle, uint_t flags)
1382 1385 {
1383 1386 char zname[ZONENAME_MAX];
1384 1387 char path[MAXPATHLEN];
1385 1388 char migpath[MAXPATHLEN];
1386 1389 xmlValidCtxt cvp = { NULL };
1387 1390 int err = Z_SAVING_FILE;
1388 1391 int valid;
1389 1392
1390 1393 if (zonecfg_check_handle(handle) != Z_OK)
1391 1394 return (Z_BAD_HANDLE);
1392 1395
1393 1396 if (flags & ZONE_DRY_RUN) {
1394 1397 (void) strlcpy(migpath, "-", sizeof (migpath));
1395 1398 } else {
1396 1399 if ((err = zonecfg_get_name(handle, zname, sizeof (zname)))
1397 1400 != Z_OK)
1398 1401 return (err);
1399 1402
1400 1403 if ((err = zone_get_zonepath(zname, path, sizeof (path)))
1401 1404 != Z_OK)
1402 1405 return (err);
1403 1406
1404 1407 if (snprintf(migpath, sizeof (migpath), "%s/%s", path,
1405 1408 ZONE_DETACHED) >= sizeof (migpath))
1406 1409 return (Z_NOMEM);
1407 1410 }
1408 1411
1409 1412 if ((err = operation_prep(handle)) != Z_OK)
1410 1413 return (err);
1411 1414
1412 1415 addcomment(handle, "\n DO NOT EDIT THIS FILE. "
1413 1416 "Use zonecfg(1M) and zoneadm(1M) attach.\n");
1414 1417
1415 1418 cvp.error = zonecfg_error_func;
1416 1419 cvp.warning = zonecfg_error_func;
1417 1420
1418 1421 /*
1419 1422 * We do a final validation of the document. Since the library has
1420 1423 * malfunctioned if it fails to validate, we follow-up with an
1421 1424 * assert() that the doc is valid.
1422 1425 */
1423 1426 valid = xmlValidateDocument(&cvp, handle->zone_dh_doc);
1424 1427 assert(valid != 0);
1425 1428
1426 1429 if (xmlSaveFormatFile(migpath, handle->zone_dh_doc, 1) <= 0)
1427 1430 return (Z_SAVING_FILE);
1428 1431
1429 1432 if (!(flags & ZONE_DRY_RUN))
1430 1433 (void) chmod(migpath, 0644);
1431 1434
1432 1435 stripcomments(handle);
1433 1436
1434 1437 handle->zone_dh_newzone = B_FALSE;
1435 1438
1436 1439 return (Z_OK);
1437 1440 }
1438 1441
1439 1442 boolean_t
1440 1443 zonecfg_detached(const char *path)
1441 1444 {
1442 1445 char migpath[MAXPATHLEN];
1443 1446 struct stat buf;
1444 1447
1445 1448 if (snprintf(migpath, sizeof (migpath), "%s/%s", path, ZONE_DETACHED) >=
1446 1449 sizeof (migpath))
1447 1450 return (B_FALSE);
1448 1451
1449 1452 if (stat(migpath, &buf) != -1)
1450 1453 return (B_TRUE);
1451 1454
1452 1455 return (B_FALSE);
1453 1456 }
1454 1457
1455 1458 void
1456 1459 zonecfg_rm_detached(zone_dochandle_t handle, boolean_t forced)
1457 1460 {
1458 1461 char zname[ZONENAME_MAX];
1459 1462 char path[MAXPATHLEN];
1460 1463 char detached[MAXPATHLEN];
1461 1464 char attached[MAXPATHLEN];
1462 1465
1463 1466 if (zonecfg_check_handle(handle) != Z_OK)
1464 1467 return;
1465 1468
1466 1469 if (zonecfg_get_name(handle, zname, sizeof (zname)) != Z_OK)
1467 1470 return;
1468 1471
1469 1472 if (zone_get_zonepath(zname, path, sizeof (path)) != Z_OK)
1470 1473 return;
1471 1474
1472 1475 (void) snprintf(detached, sizeof (detached), "%s/%s", path,
1473 1476 ZONE_DETACHED);
1474 1477 (void) snprintf(attached, sizeof (attached), "%s/%s", path,
1475 1478 ATTACH_FORCED);
1476 1479
1477 1480 if (forced) {
1478 1481 (void) rename(detached, attached);
1479 1482 } else {
1480 1483 (void) unlink(attached);
1481 1484 (void) unlink(detached);
1482 1485 }
1483 1486 }
1484 1487
1485 1488 /*
1486 1489 * Special case: if access(2) fails with ENOENT, then try again using
1487 1490 * ZONE_CONFIG_ROOT instead of config_file_path(zonename). This is how we
1488 1491 * work around the case of a config file which has not been created yet:
1489 1492 * the user will need access to the directory so use that as a heuristic.
1490 1493 */
1491 1494
1492 1495 int
1493 1496 zonecfg_access(const char *zonename, int amode)
1494 1497 {
1495 1498 char path[MAXPATHLEN];
1496 1499
1497 1500 if (!config_file_path(zonename, path))
1498 1501 return (Z_INVAL);
1499 1502 if (access(path, amode) == 0)
1500 1503 return (Z_OK);
1501 1504 if (errno == ENOENT) {
1502 1505 if (snprintf(path, sizeof (path), "%s%s", zonecfg_root,
1503 1506 ZONE_CONFIG_ROOT) >= sizeof (path))
1504 1507 return (Z_INVAL);
1505 1508 if (access(path, amode) == 0)
1506 1509 return (Z_OK);
1507 1510 }
1508 1511 if (errno == EACCES)
1509 1512 return (Z_ACCES);
1510 1513 if (errno == EINVAL)
1511 1514 return (Z_INVAL);
1512 1515 return (Z_MISC_FS);
1513 1516 }
1514 1517
1515 1518 int
1516 1519 zonecfg_create_snapshot(const char *zonename)
1517 1520 {
1518 1521 zone_dochandle_t handle;
1519 1522 char path[MAXPATHLEN], zonepath[MAXPATHLEN], rpath[MAXPATHLEN];
1520 1523 int error = Z_OK, res;
1521 1524
1522 1525 if ((handle = zonecfg_init_handle()) == NULL) {
1523 1526 return (Z_NOMEM);
1524 1527 }
1525 1528
1526 1529 handle->zone_dh_newzone = B_TRUE;
1527 1530 handle->zone_dh_snapshot = B_TRUE;
1528 1531
1529 1532 if ((error = zonecfg_get_handle(zonename, handle)) != Z_OK)
1530 1533 goto out;
1531 1534 if ((error = operation_prep(handle)) != Z_OK)
1532 1535 goto out;
1533 1536 error = zonecfg_get_zonepath(handle, zonepath, sizeof (zonepath));
1534 1537 if (error != Z_OK)
1535 1538 goto out;
1536 1539 if ((res = resolvepath(zonepath, rpath, sizeof (rpath))) == -1) {
1537 1540 error = Z_RESOLVED_PATH;
1538 1541 goto out;
1539 1542 }
1540 1543 /*
1541 1544 * If the resolved path is not the same as the original path, then
1542 1545 * save the resolved path in the snapshot, thus preventing any
1543 1546 * potential problems down the line when zoneadmd goes to unmount
1544 1547 * file systems and depends on initial string matches with resolved
1545 1548 * paths.
1546 1549 */
1547 1550 rpath[res] = '\0';
1548 1551 if (strcmp(zonepath, rpath) != 0) {
1549 1552 if ((error = zonecfg_set_zonepath(handle, rpath)) != Z_OK)
1550 1553 goto out;
1551 1554 }
1552 1555 if (snprintf(path, sizeof (path), "%s%s", zonecfg_root,
1553 1556 ZONE_SNAPSHOT_ROOT) >= sizeof (path)) {
1554 1557 error = Z_MISC_FS;
1555 1558 goto out;
1556 1559 }
1557 1560 if ((mkdir(path, S_IRWXU) == -1) && (errno != EEXIST)) {
1558 1561 error = Z_MISC_FS;
1559 1562 goto out;
1560 1563 }
1561 1564
1562 1565 if (!snap_file_path(zonename, path)) {
1563 1566 error = Z_MISC_FS;
1564 1567 goto out;
1565 1568 }
1566 1569
1567 1570 addcomment(handle, "\n DO NOT EDIT THIS FILE. "
1568 1571 "It is a snapshot of running zone state.\n");
1569 1572
1570 1573 error = zonecfg_save_impl(handle, path);
1571 1574
1572 1575 stripcomments(handle);
1573 1576
1574 1577 out:
1575 1578 zonecfg_fini_handle(handle);
1576 1579 return (error);
1577 1580 }
1578 1581
1579 1582 int
1580 1583 zonecfg_get_iptype(zone_dochandle_t handle, zone_iptype_t *iptypep)
1581 1584 {
1582 1585 char property[10]; /* 10 is big enough for "shared"/"exclusive" */
1583 1586 int err;
1584 1587
1585 1588 err = getrootattr(handle, DTD_ATTR_IPTYPE, property, sizeof (property));
1586 1589 if (err == Z_BAD_PROPERTY) {
1587 1590 /* Return default value */
1588 1591 *iptypep = ZS_SHARED;
1589 1592 return (Z_OK);
1590 1593 } else if (err != Z_OK) {
1591 1594 return (err);
1592 1595 }
1593 1596
1594 1597 if (strlen(property) == 0 ||
1595 1598 strcmp(property, "shared") == 0)
1596 1599 *iptypep = ZS_SHARED;
1597 1600 else if (strcmp(property, "exclusive") == 0)
1598 1601 *iptypep = ZS_EXCLUSIVE;
1599 1602 else
1600 1603 return (Z_INVAL);
1601 1604
1602 1605 return (Z_OK);
1603 1606 }
1604 1607
1605 1608 int
1606 1609 zonecfg_set_iptype(zone_dochandle_t handle, zone_iptype_t iptype)
1607 1610 {
1608 1611 xmlNodePtr cur;
1609 1612
1610 1613 if (handle == NULL)
1611 1614 return (Z_INVAL);
1612 1615
1613 1616 cur = xmlDocGetRootElement(handle->zone_dh_doc);
1614 1617 if (cur == NULL) {
1615 1618 return (Z_EMPTY_DOCUMENT);
1616 1619 }
1617 1620
1618 1621 if (xmlStrcmp(cur->name, DTD_ELEM_ZONE) != 0) {
1619 1622 return (Z_WRONG_DOC_TYPE);
1620 1623 }
1621 1624 switch (iptype) {
1622 1625 case ZS_SHARED:
1623 1626 /*
1624 1627 * Since "shared" is the default, we don't write it to the
1625 1628 * configuration file, so that it's easier to migrate those
1626 1629 * zones elsewhere, eg., to systems which are not IP-Instances
1627 1630 * aware.
1628 1631 * xmlUnsetProp only fails when the attribute doesn't exist,
1629 1632 * which we don't care.
1630 1633 */
1631 1634 (void) xmlUnsetProp(cur, DTD_ATTR_IPTYPE);
1632 1635 break;
1633 1636 case ZS_EXCLUSIVE:
1634 1637 if (xmlSetProp(cur, DTD_ATTR_IPTYPE,
1635 1638 (const xmlChar *) "exclusive") == NULL)
1636 1639 return (Z_INVAL);
1637 1640 break;
1638 1641 }
1639 1642 return (Z_OK);
1640 1643 }
1641 1644
1642 1645 static int
1643 1646 newprop(xmlNodePtr node, const xmlChar *attrname, char *src)
1644 1647 {
1645 1648 xmlAttrPtr newattr;
1646 1649
1647 1650 newattr = xmlNewProp(node, attrname, (xmlChar *)src);
1648 1651 if (newattr == NULL) {
1649 1652 xmlUnlinkNode(node);
1650 1653 xmlFreeNode(node);
1651 1654 return (Z_BAD_PROPERTY);
1652 1655 }
1653 1656 return (Z_OK);
1654 1657 }
1655 1658
1656 1659 static int
1657 1660 zonecfg_add_filesystem_core(zone_dochandle_t handle, struct zone_fstab *tabptr)
1658 1661 {
1659 1662 xmlNodePtr newnode, cur = handle->zone_dh_cur, options_node;
1660 1663 zone_fsopt_t *ptr;
1661 1664 int err;
1662 1665
1663 1666 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_FS, NULL);
1664 1667 if ((err = newprop(newnode, DTD_ATTR_SPECIAL,
1665 1668 tabptr->zone_fs_special)) != Z_OK)
1666 1669 return (err);
1667 1670 if (tabptr->zone_fs_raw[0] != '\0' &&
1668 1671 (err = newprop(newnode, DTD_ATTR_RAW, tabptr->zone_fs_raw)) != Z_OK)
1669 1672 return (err);
1670 1673 if ((err = newprop(newnode, DTD_ATTR_DIR, tabptr->zone_fs_dir)) != Z_OK)
1671 1674 return (err);
1672 1675 if ((err = newprop(newnode, DTD_ATTR_TYPE,
1673 1676 tabptr->zone_fs_type)) != Z_OK)
1674 1677 return (err);
1675 1678 if (tabptr->zone_fs_options != NULL) {
1676 1679 for (ptr = tabptr->zone_fs_options; ptr != NULL;
1677 1680 ptr = ptr->zone_fsopt_next) {
1678 1681 options_node = xmlNewTextChild(newnode, NULL,
1679 1682 DTD_ELEM_FSOPTION, NULL);
1680 1683 if ((err = newprop(options_node, DTD_ATTR_NAME,
1681 1684 ptr->zone_fsopt_opt)) != Z_OK)
1682 1685 return (err);
1683 1686 }
1684 1687 }
1685 1688 return (Z_OK);
1686 1689 }
1687 1690
1688 1691 int
1689 1692 zonecfg_add_filesystem(zone_dochandle_t handle, struct zone_fstab *tabptr)
1690 1693 {
1691 1694 int err;
1692 1695
1693 1696 if (tabptr == NULL)
1694 1697 return (Z_INVAL);
1695 1698
1696 1699 if ((err = operation_prep(handle)) != Z_OK)
1697 1700 return (err);
1698 1701
1699 1702 if ((err = zonecfg_add_filesystem_core(handle, tabptr)) != Z_OK)
1700 1703 return (err);
1701 1704
1702 1705 return (Z_OK);
1703 1706 }
1704 1707
1705 1708 int
1706 1709 zonecfg_add_fs_option(struct zone_fstab *tabptr, char *option)
1707 1710 {
1708 1711 zone_fsopt_t *last, *old, *new;
1709 1712
1710 1713 last = tabptr->zone_fs_options;
1711 1714 for (old = last; old != NULL; old = old->zone_fsopt_next)
1712 1715 last = old; /* walk to the end of the list */
1713 1716 new = (zone_fsopt_t *)malloc(sizeof (zone_fsopt_t));
1714 1717 if (new == NULL)
1715 1718 return (Z_NOMEM);
1716 1719 (void) strlcpy(new->zone_fsopt_opt, option,
1717 1720 sizeof (new->zone_fsopt_opt));
1718 1721 new->zone_fsopt_next = NULL;
1719 1722 if (last == NULL)
1720 1723 tabptr->zone_fs_options = new;
1721 1724 else
1722 1725 last->zone_fsopt_next = new;
1723 1726 return (Z_OK);
1724 1727 }
1725 1728
1726 1729 int
1727 1730 zonecfg_remove_fs_option(struct zone_fstab *tabptr, char *option)
1728 1731 {
1729 1732 zone_fsopt_t *last, *this, *next;
1730 1733
1731 1734 last = tabptr->zone_fs_options;
1732 1735 for (this = last; this != NULL; this = this->zone_fsopt_next) {
1733 1736 if (strcmp(this->zone_fsopt_opt, option) == 0) {
1734 1737 next = this->zone_fsopt_next;
1735 1738 if (this == tabptr->zone_fs_options)
1736 1739 tabptr->zone_fs_options = next;
1737 1740 else
1738 1741 last->zone_fsopt_next = next;
1739 1742 free(this);
1740 1743 return (Z_OK);
1741 1744 } else
1742 1745 last = this;
1743 1746 }
1744 1747 return (Z_NO_PROPERTY_ID);
1745 1748 }
1746 1749
1747 1750 void
1748 1751 zonecfg_free_fs_option_list(zone_fsopt_t *list)
1749 1752 {
1750 1753 zone_fsopt_t *this, *next;
1751 1754
1752 1755 for (this = list; this != NULL; this = next) {
1753 1756 next = this->zone_fsopt_next;
1754 1757 free(this);
1755 1758 }
1756 1759 }
1757 1760
1758 1761 void
1759 1762 zonecfg_free_rctl_value_list(struct zone_rctlvaltab *valtab)
1760 1763 {
1761 1764 if (valtab == NULL)
1762 1765 return;
1763 1766 zonecfg_free_rctl_value_list(valtab->zone_rctlval_next);
1764 1767 free(valtab);
1765 1768 }
1766 1769
1767 1770 static boolean_t
1768 1771 match_prop(xmlNodePtr cur, const xmlChar *attr, char *user_prop)
1769 1772 {
1770 1773 xmlChar *gotten_prop;
1771 1774 int prop_result;
1772 1775
1773 1776 gotten_prop = xmlGetProp(cur, attr);
1774 1777 if (gotten_prop == NULL) /* shouldn't happen */
1775 1778 return (B_FALSE);
1776 1779 prop_result = xmlStrcmp(gotten_prop, (const xmlChar *) user_prop);
1777 1780 xmlFree(gotten_prop);
1778 1781 return ((prop_result == 0)); /* empty strings will match */
1779 1782 }
1780 1783
1781 1784 static int
1782 1785 zonecfg_delete_filesystem_core(zone_dochandle_t handle,
1783 1786 struct zone_fstab *tabptr)
1784 1787 {
1785 1788 xmlNodePtr cur = handle->zone_dh_cur;
1786 1789 boolean_t dir_match, spec_match, raw_match, type_match;
1787 1790
1788 1791 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1789 1792 if (xmlStrcmp(cur->name, DTD_ELEM_FS))
1790 1793 continue;
1791 1794 dir_match = match_prop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir);
1792 1795 spec_match = match_prop(cur, DTD_ATTR_SPECIAL,
1793 1796 tabptr->zone_fs_special);
1794 1797 raw_match = match_prop(cur, DTD_ATTR_RAW,
1795 1798 tabptr->zone_fs_raw);
1796 1799 type_match = match_prop(cur, DTD_ATTR_TYPE,
1797 1800 tabptr->zone_fs_type);
1798 1801 if (dir_match && spec_match && raw_match && type_match) {
1799 1802 xmlUnlinkNode(cur);
1800 1803 xmlFreeNode(cur);
1801 1804 return (Z_OK);
1802 1805 }
1803 1806 }
1804 1807 return (Z_NO_RESOURCE_ID);
1805 1808 }
1806 1809
1807 1810 int
1808 1811 zonecfg_delete_filesystem(zone_dochandle_t handle, struct zone_fstab *tabptr)
1809 1812 {
1810 1813 int err;
1811 1814
1812 1815 if (tabptr == NULL)
1813 1816 return (Z_INVAL);
1814 1817
1815 1818 if ((err = operation_prep(handle)) != Z_OK)
1816 1819 return (err);
1817 1820
1818 1821 if ((err = zonecfg_delete_filesystem_core(handle, tabptr)) != Z_OK)
1819 1822 return (err);
1820 1823
1821 1824 return (Z_OK);
1822 1825 }
1823 1826
1824 1827 int
1825 1828 zonecfg_modify_filesystem(
1826 1829 zone_dochandle_t handle,
1827 1830 struct zone_fstab *oldtabptr,
1828 1831 struct zone_fstab *newtabptr)
1829 1832 {
1830 1833 int err;
1831 1834
1832 1835 if (oldtabptr == NULL || newtabptr == NULL)
1833 1836 return (Z_INVAL);
1834 1837
1835 1838 if ((err = operation_prep(handle)) != Z_OK)
1836 1839 return (err);
1837 1840
1838 1841 if ((err = zonecfg_delete_filesystem_core(handle, oldtabptr)) != Z_OK)
1839 1842 return (err);
1840 1843
1841 1844 if ((err = zonecfg_add_filesystem_core(handle, newtabptr)) != Z_OK)
1842 1845 return (err);
1843 1846
1844 1847 return (Z_OK);
1845 1848 }
1846 1849
1847 1850 int
1848 1851 zonecfg_lookup_filesystem(
1849 1852 zone_dochandle_t handle,
1850 1853 struct zone_fstab *tabptr)
1851 1854 {
1852 1855 xmlNodePtr cur, options, firstmatch;
1853 1856 int err;
1854 1857 char dirname[MAXPATHLEN], special[MAXPATHLEN], raw[MAXPATHLEN];
1855 1858 char type[FSTYPSZ];
1856 1859 char options_str[MAX_MNTOPT_STR];
1857 1860
1858 1861 if (tabptr == NULL)
1859 1862 return (Z_INVAL);
1860 1863
1861 1864 if ((err = operation_prep(handle)) != Z_OK)
1862 1865 return (err);
1863 1866
1864 1867 /*
1865 1868 * Walk the list of children looking for matches on any properties
1866 1869 * specified in the fstab parameter. If more than one resource
1867 1870 * matches, we return Z_INSUFFICIENT_SPEC; if none match, we return
1868 1871 * Z_NO_RESOURCE_ID.
1869 1872 */
1870 1873 cur = handle->zone_dh_cur;
1871 1874 firstmatch = NULL;
1872 1875 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
1873 1876 if (xmlStrcmp(cur->name, DTD_ELEM_FS))
1874 1877 continue;
1875 1878 if (strlen(tabptr->zone_fs_dir) > 0) {
1876 1879 if ((fetchprop(cur, DTD_ATTR_DIR, dirname,
1877 1880 sizeof (dirname)) == Z_OK) &&
1878 1881 (strcmp(tabptr->zone_fs_dir, dirname) == 0)) {
1879 1882 if (firstmatch == NULL)
1880 1883 firstmatch = cur;
1881 1884 else
1882 1885 return (Z_INSUFFICIENT_SPEC);
1883 1886 }
1884 1887 }
1885 1888 if (strlen(tabptr->zone_fs_special) > 0) {
1886 1889 if ((fetchprop(cur, DTD_ATTR_SPECIAL, special,
1887 1890 sizeof (special)) == Z_OK)) {
1888 1891 if (strcmp(tabptr->zone_fs_special,
1889 1892 special) == 0) {
1890 1893 if (firstmatch == NULL)
1891 1894 firstmatch = cur;
1892 1895 else if (firstmatch != cur)
1893 1896 return (Z_INSUFFICIENT_SPEC);
1894 1897 } else {
1895 1898 /*
1896 1899 * If another property matched but this
1897 1900 * one doesn't then reset firstmatch.
1898 1901 */
1899 1902 if (firstmatch == cur)
1900 1903 firstmatch = NULL;
1901 1904 }
1902 1905 }
1903 1906 }
1904 1907 if (strlen(tabptr->zone_fs_raw) > 0) {
1905 1908 if ((fetchprop(cur, DTD_ATTR_RAW, raw,
1906 1909 sizeof (raw)) == Z_OK)) {
1907 1910 if (strcmp(tabptr->zone_fs_raw, raw) == 0) {
1908 1911 if (firstmatch == NULL)
1909 1912 firstmatch = cur;
1910 1913 else if (firstmatch != cur)
1911 1914 return (Z_INSUFFICIENT_SPEC);
1912 1915 } else {
1913 1916 /*
1914 1917 * If another property matched but this
1915 1918 * one doesn't then reset firstmatch.
1916 1919 */
1917 1920 if (firstmatch == cur)
1918 1921 firstmatch = NULL;
1919 1922 }
1920 1923 }
1921 1924 }
1922 1925 if (strlen(tabptr->zone_fs_type) > 0) {
1923 1926 if ((fetchprop(cur, DTD_ATTR_TYPE, type,
1924 1927 sizeof (type)) == Z_OK)) {
1925 1928 if (strcmp(tabptr->zone_fs_type, type) == 0) {
1926 1929 if (firstmatch == NULL)
1927 1930 firstmatch = cur;
1928 1931 else if (firstmatch != cur)
1929 1932 return (Z_INSUFFICIENT_SPEC);
1930 1933 } else {
1931 1934 /*
1932 1935 * If another property matched but this
1933 1936 * one doesn't then reset firstmatch.
1934 1937 */
1935 1938 if (firstmatch == cur)
1936 1939 firstmatch = NULL;
1937 1940 }
1938 1941 }
1939 1942 }
1940 1943 }
1941 1944
1942 1945 if (firstmatch == NULL)
1943 1946 return (Z_NO_RESOURCE_ID);
1944 1947
1945 1948 cur = firstmatch;
1946 1949
1947 1950 if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
1948 1951 sizeof (tabptr->zone_fs_dir))) != Z_OK)
1949 1952 return (err);
1950 1953
1951 1954 if ((err = fetchprop(cur, DTD_ATTR_SPECIAL, tabptr->zone_fs_special,
1952 1955 sizeof (tabptr->zone_fs_special))) != Z_OK)
1953 1956 return (err);
1954 1957
1955 1958 if ((err = fetchprop(cur, DTD_ATTR_RAW, tabptr->zone_fs_raw,
1956 1959 sizeof (tabptr->zone_fs_raw))) != Z_OK)
1957 1960 return (err);
1958 1961
1959 1962 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_fs_type,
1960 1963 sizeof (tabptr->zone_fs_type))) != Z_OK)
1961 1964 return (err);
1962 1965
1963 1966 /* options are optional */
1964 1967 tabptr->zone_fs_options = NULL;
1965 1968 for (options = cur->xmlChildrenNode; options != NULL;
1966 1969 options = options->next) {
1967 1970 if ((fetchprop(options, DTD_ATTR_NAME, options_str,
1968 1971 sizeof (options_str)) != Z_OK))
1969 1972 break;
1970 1973 if (zonecfg_add_fs_option(tabptr, options_str) != Z_OK)
1971 1974 break;
1972 1975 }
1973 1976 return (Z_OK);
1974 1977 }
1975 1978
1976 1979 /*
1977 1980 * Compare two IP addresses in string form. Allow for the possibility that
1978 1981 * one might have "/<prefix-length>" at the end: allow a match on just the
1979 1982 * IP address (or host name) part.
1980 1983 */
1981 1984
1982 1985 boolean_t
1983 1986 zonecfg_same_net_address(char *a1, char *a2)
1984 1987 {
1985 1988 char *slashp, *slashp1, *slashp2;
1986 1989 int result;
1987 1990
1988 1991 if (strcmp(a1, a2) == 0)
1989 1992 return (B_TRUE);
1990 1993
1991 1994 /*
1992 1995 * If neither has a slash or both do, they need to match to be
1993 1996 * considered the same, but they did not match above, so fail.
1994 1997 */
1995 1998 slashp1 = strchr(a1, '/');
1996 1999 slashp2 = strchr(a2, '/');
1997 2000 if ((slashp1 == NULL && slashp2 == NULL) ||
1998 2001 (slashp1 != NULL && slashp2 != NULL))
1999 2002 return (B_FALSE);
2000 2003
2001 2004 /*
2002 2005 * Only one had a slash: pick that one, zero out the slash, compare
2003 2006 * the "address only" strings, restore the slash, and return the
2004 2007 * result of the comparison.
2005 2008 */
2006 2009 slashp = (slashp1 == NULL) ? slashp2 : slashp1;
2007 2010 *slashp = '\0';
2008 2011 result = strcmp(a1, a2);
2009 2012 *slashp = '/';
2010 2013 return ((result == 0));
2011 2014 }
2012 2015
2013 2016 int
2014 2017 zonecfg_valid_net_address(char *address, struct lifreq *lifr)
2015 2018 {
2016 2019 struct sockaddr_in *sin4;
2017 2020 struct sockaddr_in6 *sin6;
2018 2021 struct addrinfo hints, *result;
2019 2022 char *slashp = strchr(address, '/');
2020 2023
2021 2024 bzero(lifr, sizeof (struct lifreq));
2022 2025 sin4 = (struct sockaddr_in *)&lifr->lifr_addr;
2023 2026 sin6 = (struct sockaddr_in6 *)&lifr->lifr_addr;
2024 2027 if (slashp != NULL)
2025 2028 *slashp = '\0';
2026 2029 if (inet_pton(AF_INET, address, &sin4->sin_addr) == 1) {
2027 2030 sin4->sin_family = AF_INET;
2028 2031 } else if (inet_pton(AF_INET6, address, &sin6->sin6_addr) == 1) {
2029 2032 if (slashp == NULL)
2030 2033 return (Z_IPV6_ADDR_PREFIX_LEN);
2031 2034 sin6->sin6_family = AF_INET6;
2032 2035 } else {
2033 2036 /* "address" may be a host name */
2034 2037 (void) memset(&hints, 0, sizeof (hints));
2035 2038 hints.ai_family = PF_INET;
2036 2039 if (getaddrinfo(address, NULL, &hints, &result) != 0)
2037 2040 return (Z_BOGUS_ADDRESS);
2038 2041 sin4->sin_family = result->ai_family;
2039 2042
2040 2043 (void) memcpy(&sin4->sin_addr,
2041 2044 /* LINTED E_BAD_PTR_CAST_ALIGN */
2042 2045 &((struct sockaddr_in *)result->ai_addr)->sin_addr,
2043 2046 sizeof (struct in_addr));
2044 2047
2045 2048 freeaddrinfo(result);
2046 2049 }
2047 2050 return (Z_OK);
2048 2051 }
2049 2052
2050 2053 boolean_t
2051 2054 zonecfg_ifname_exists(sa_family_t af, char *ifname)
2052 2055 {
2053 2056 struct lifreq lifr;
2054 2057 int so;
2055 2058 int save_errno;
2056 2059
2057 2060 (void) memset(&lifr, 0, sizeof (lifr));
2058 2061 (void) strlcpy(lifr.lifr_name, ifname, sizeof (lifr.lifr_name));
2059 2062 lifr.lifr_addr.ss_family = af;
2060 2063 if ((so = socket(af, SOCK_DGRAM, 0)) < 0) {
2061 2064 /* Odd - can't tell if the ifname exists */
2062 2065 return (B_FALSE);
2063 2066 }
2064 2067 if (ioctl(so, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) {
2065 2068 save_errno = errno;
2066 2069 (void) close(so);
2067 2070 errno = save_errno;
2068 2071 return (B_FALSE);
2069 2072 }
2070 2073 (void) close(so);
2071 2074 return (B_TRUE);
2072 2075 }
2073 2076
2074 2077 /*
2075 2078 * Determines whether there is a net resource with the physical interface, IP
2076 2079 * address, and default router specified by 'tabptr' in the zone configuration
2077 2080 * to which 'handle' refers. 'tabptr' must have an interface, an address, a
2078 2081 * default router, or a combination of the three. This function returns Z_OK
2079 2082 * iff there is exactly one net resource matching the query specified by
2080 2083 * 'tabptr'. The function returns Z_INSUFFICIENT_SPEC if there are multiple
2081 2084 * matches or 'tabptr' does not specify a physical interface, address, or
2082 2085 * default router. The function returns Z_NO_RESOURCE_ID if are no matches.
2083 2086 *
2084 2087 * Errors might also be returned if the entry that exactly matches the
2085 2088 * query lacks critical network resource information.
2086 2089 *
2087 2090 * If there is a single match, then the matching entry's physical interface, IP
2088 2091 * address, and default router information are stored in 'tabptr'.
2089 2092 */
2090 2093 int
2091 2094 zonecfg_lookup_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2092 2095 {
2093 2096 xmlNodePtr cur;
2094 2097 xmlNodePtr firstmatch;
2095 2098 int err;
2096 2099 char address[INET6_ADDRSTRLEN];
2097 2100 char physical[LIFNAMSIZ];
2098 2101 size_t addrspec; /* nonzero if tabptr has IP addr */
2099 2102 size_t physspec; /* nonzero if tabptr has interface */
2100 2103 size_t defrouterspec; /* nonzero if tabptr has def. router */
2101 2104 size_t allowed_addrspec;
2102 2105 zone_iptype_t iptype;
2103 2106
2104 2107 if (tabptr == NULL)
2105 2108 return (Z_INVAL);
2106 2109
2107 2110 /*
2108 2111 * Determine the fields that will be searched. There must be at least
2109 2112 * one.
2110 2113 *
2111 2114 * zone_nwif_address, zone_nwif_physical, and zone_nwif_defrouter are
2112 2115 * arrays, so no NULL checks are necessary.
2113 2116 */
2114 2117 addrspec = strlen(tabptr->zone_nwif_address);
2115 2118 physspec = strlen(tabptr->zone_nwif_physical);
2116 2119 defrouterspec = strlen(tabptr->zone_nwif_defrouter);
2117 2120 allowed_addrspec = strlen(tabptr->zone_nwif_allowed_address);
2118 2121 if (addrspec != 0 && allowed_addrspec != 0)
2119 2122 return (Z_INVAL); /* can't specify both */
2120 2123 if (addrspec == 0 && physspec == 0 && defrouterspec == 0 &&
2121 2124 allowed_addrspec == 0)
2122 2125 return (Z_INSUFFICIENT_SPEC);
2123 2126
2124 2127 if ((err = operation_prep(handle)) != Z_OK)
2125 2128 return (err);
2126 2129
2127 2130 if ((err = zonecfg_get_iptype(handle, &iptype)) != Z_OK)
2128 2131 return (err);
2129 2132 /*
2130 2133 * Iterate over the configuration's elements and look for net elements
2131 2134 * that match the query.
2132 2135 */
2133 2136 firstmatch = NULL;
2134 2137 cur = handle->zone_dh_cur;
2135 2138 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2136 2139 /* Skip non-net elements */
2137 2140 if (xmlStrcmp(cur->name, DTD_ELEM_NET))
2138 2141 continue;
2139 2142
2140 2143 /*
2141 2144 * If any relevant fields don't match the query, then skip
2142 2145 * the current net element.
2143 2146 */
2144 2147 if (physspec != 0 && (fetchprop(cur, DTD_ATTR_PHYSICAL,
2145 2148 physical, sizeof (physical)) != Z_OK ||
2146 2149 strcmp(tabptr->zone_nwif_physical, physical) != 0))
2147 2150 continue;
2148 2151 if (iptype == ZS_SHARED && addrspec != 0 &&
2149 2152 (fetchprop(cur, DTD_ATTR_ADDRESS, address,
2150 2153 sizeof (address)) != Z_OK ||
2151 2154 !zonecfg_same_net_address(tabptr->zone_nwif_address,
2152 2155 address)))
2153 2156 continue;
2154 2157 if (iptype == ZS_EXCLUSIVE && allowed_addrspec != 0 &&
2155 2158 (fetchprop(cur, DTD_ATTR_ALLOWED_ADDRESS, address,
2156 2159 sizeof (address)) != Z_OK ||
2157 2160 !zonecfg_same_net_address(tabptr->zone_nwif_allowed_address,
2158 2161 address)))
2159 2162 continue;
2160 2163 if (defrouterspec != 0 && (fetchprop(cur, DTD_ATTR_DEFROUTER,
2161 2164 address, sizeof (address)) != Z_OK ||
2162 2165 !zonecfg_same_net_address(tabptr->zone_nwif_defrouter,
2163 2166 address)))
2164 2167 continue;
2165 2168
2166 2169 /*
2167 2170 * The current net element matches the query. Select it if
2168 2171 * it's the first match; otherwise, abort the search.
2169 2172 */
2170 2173 if (firstmatch == NULL)
2171 2174 firstmatch = cur;
2172 2175 else
2173 2176 return (Z_INSUFFICIENT_SPEC);
2174 2177 }
2175 2178 if (firstmatch == NULL)
2176 2179 return (Z_NO_RESOURCE_ID);
2177 2180
2178 2181 cur = firstmatch;
2179 2182
2180 2183 if ((err = fetchprop(cur, DTD_ATTR_PHYSICAL, tabptr->zone_nwif_physical,
2181 2184 sizeof (tabptr->zone_nwif_physical))) != Z_OK)
2182 2185 return (err);
2183 2186
2184 2187 if (iptype == ZS_SHARED &&
2185 2188 (err = fetchprop(cur, DTD_ATTR_ADDRESS, tabptr->zone_nwif_address,
2186 2189 sizeof (tabptr->zone_nwif_address))) != Z_OK)
2187 2190 return (err);
2188 2191
2189 2192 if (iptype == ZS_EXCLUSIVE &&
2190 2193 (err = fetchprop(cur, DTD_ATTR_ALLOWED_ADDRESS,
2191 2194 tabptr->zone_nwif_allowed_address,
2192 2195 sizeof (tabptr->zone_nwif_allowed_address))) != Z_OK)
2193 2196 return (err);
2194 2197
2195 2198 if ((err = fetchprop(cur, DTD_ATTR_DEFROUTER,
2196 2199 tabptr->zone_nwif_defrouter,
2197 2200 sizeof (tabptr->zone_nwif_defrouter))) != Z_OK)
2198 2201 return (err);
2199 2202
2200 2203 return (Z_OK);
2201 2204 }
2202 2205
2203 2206 static int
2204 2207 zonecfg_add_nwif_core(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2205 2208 {
2206 2209 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2207 2210 int err;
2208 2211
2209 2212 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_NET, NULL);
2210 2213 if (strlen(tabptr->zone_nwif_address) > 0 &&
2211 2214 (err = newprop(newnode, DTD_ATTR_ADDRESS,
2212 2215 tabptr->zone_nwif_address)) != Z_OK)
2213 2216 return (err);
2214 2217 if (strlen(tabptr->zone_nwif_allowed_address) > 0 &&
2215 2218 (err = newprop(newnode, DTD_ATTR_ALLOWED_ADDRESS,
2216 2219 tabptr->zone_nwif_allowed_address)) != Z_OK)
2217 2220 return (err);
2218 2221 if ((err = newprop(newnode, DTD_ATTR_PHYSICAL,
2219 2222 tabptr->zone_nwif_physical)) != Z_OK)
2220 2223 return (err);
2221 2224 /*
2222 2225 * Do not add this property when it is not set, for backwards
2223 2226 * compatibility and because it is optional.
2224 2227 */
2225 2228 if ((strlen(tabptr->zone_nwif_defrouter) > 0) &&
2226 2229 ((err = newprop(newnode, DTD_ATTR_DEFROUTER,
2227 2230 tabptr->zone_nwif_defrouter)) != Z_OK))
2228 2231 return (err);
2229 2232 return (Z_OK);
2230 2233 }
2231 2234
2232 2235 int
2233 2236 zonecfg_add_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2234 2237 {
2235 2238 int err;
2236 2239
2237 2240 if (tabptr == NULL)
2238 2241 return (Z_INVAL);
2239 2242
2240 2243 if ((err = operation_prep(handle)) != Z_OK)
2241 2244 return (err);
2242 2245
2243 2246 if ((err = zonecfg_add_nwif_core(handle, tabptr)) != Z_OK)
2244 2247 return (err);
2245 2248
2246 2249 return (Z_OK);
2247 2250 }
2248 2251
2249 2252 static int
2250 2253 zonecfg_delete_nwif_core(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2251 2254 {
2252 2255 xmlNodePtr cur = handle->zone_dh_cur;
2253 2256 boolean_t addr_match, phys_match, allowed_addr_match;
2254 2257
2255 2258 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2256 2259 if (xmlStrcmp(cur->name, DTD_ELEM_NET))
2257 2260 continue;
2258 2261
2259 2262 addr_match = match_prop(cur, DTD_ATTR_ADDRESS,
2260 2263 tabptr->zone_nwif_address);
2261 2264 allowed_addr_match = match_prop(cur, DTD_ATTR_ALLOWED_ADDRESS,
2262 2265 tabptr->zone_nwif_allowed_address);
2263 2266 phys_match = match_prop(cur, DTD_ATTR_PHYSICAL,
2264 2267 tabptr->zone_nwif_physical);
2265 2268
2266 2269 if (addr_match && allowed_addr_match && phys_match) {
2267 2270 xmlUnlinkNode(cur);
2268 2271 xmlFreeNode(cur);
2269 2272 return (Z_OK);
2270 2273 }
2271 2274 }
2272 2275 return (Z_NO_RESOURCE_ID);
2273 2276 }
2274 2277
2275 2278 int
2276 2279 zonecfg_delete_nwif(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
2277 2280 {
2278 2281 int err;
2279 2282
2280 2283 if (tabptr == NULL)
2281 2284 return (Z_INVAL);
2282 2285
2283 2286 if ((err = operation_prep(handle)) != Z_OK)
2284 2287 return (err);
2285 2288
2286 2289 if ((err = zonecfg_delete_nwif_core(handle, tabptr)) != Z_OK)
2287 2290 return (err);
2288 2291
2289 2292 return (Z_OK);
2290 2293 }
2291 2294
2292 2295 int
2293 2296 zonecfg_modify_nwif(
2294 2297 zone_dochandle_t handle,
2295 2298 struct zone_nwiftab *oldtabptr,
2296 2299 struct zone_nwiftab *newtabptr)
2297 2300 {
2298 2301 int err;
2299 2302
2300 2303 if (oldtabptr == NULL || newtabptr == NULL)
2301 2304 return (Z_INVAL);
2302 2305
2303 2306 if ((err = operation_prep(handle)) != Z_OK)
2304 2307 return (err);
2305 2308
2306 2309 if ((err = zonecfg_delete_nwif_core(handle, oldtabptr)) != Z_OK)
2307 2310 return (err);
2308 2311
2309 2312 if ((err = zonecfg_add_nwif_core(handle, newtabptr)) != Z_OK)
2310 2313 return (err);
2311 2314
2312 2315 return (Z_OK);
2313 2316 }
2314 2317
2315 2318 /*
2316 2319 * Must be a comma-separated list of alpha-numeric file system names.
2317 2320 */
2318 2321 static int
2319 2322 zonecfg_valid_fs_allowed(const char *fsallowedp)
2320 2323 {
2321 2324 char tmp[ZONE_FS_ALLOWED_MAX];
2322 2325 char *cp = tmp;
2323 2326 char *p;
2324 2327
2325 2328 if (strlen(fsallowedp) > ZONE_FS_ALLOWED_MAX)
2326 2329 return (Z_TOO_BIG);
2327 2330
2328 2331 (void) strlcpy(tmp, fsallowedp, sizeof (tmp));
2329 2332
2330 2333 while (*cp != '\0') {
2331 2334 p = cp;
2332 2335 while (*p != '\0' && *p != ',') {
2333 2336 if (!isalnum(*p) && *p != '-')
2334 2337 return (Z_INVALID_PROPERTY);
2335 2338 p++;
2336 2339 }
2337 2340
2338 2341 if (*p == ',') {
2339 2342 if (p == cp)
2340 2343 return (Z_INVALID_PROPERTY);
2341 2344
2342 2345 p++;
2343 2346
2344 2347 if (*p == '\0')
2345 2348 return (Z_INVALID_PROPERTY);
2346 2349 }
2347 2350
2348 2351 cp = p;
2349 2352 }
2350 2353
2351 2354 return (Z_OK);
2352 2355 }
2353 2356
2354 2357 int
2355 2358 zonecfg_get_fs_allowed(zone_dochandle_t handle, char *bufp, size_t buflen)
2356 2359 {
2357 2360 int err;
2358 2361
2359 2362 if ((err = getrootattr(handle, DTD_ATTR_FS_ALLOWED,
2360 2363 bufp, buflen)) != Z_OK)
2361 2364 return (err);
2362 2365 if (bufp[0] == '\0')
2363 2366 return (Z_BAD_PROPERTY);
2364 2367 return (zonecfg_valid_fs_allowed(bufp));
2365 2368 }
2366 2369
2367 2370 int
2368 2371 zonecfg_set_fs_allowed(zone_dochandle_t handle, const char *bufp)
2369 2372 {
2370 2373 int err;
2371 2374
2372 2375 if (bufp == NULL || (err = zonecfg_valid_fs_allowed(bufp)) == Z_OK)
2373 2376 return (setrootattr(handle, DTD_ATTR_FS_ALLOWED, bufp));
2374 2377 return (err);
2375 2378 }
2376 2379
2377 2380 /*
2378 2381 * Determines if the specified string is a valid hostid string. This function
2379 2382 * returns Z_OK if the string is a valid hostid string. It returns Z_INVAL if
2380 2383 * 'hostidp' is NULL, Z_TOO_BIG if 'hostidp' refers to a string buffer
2381 2384 * containing a hex string with more than 8 digits, and Z_INVALID_PROPERTY if
2382 2385 * the string has an invalid format.
2383 2386 */
2384 2387 static int
2385 2388 zonecfg_valid_hostid(const char *hostidp)
2386 2389 {
2387 2390 char *currentp;
2388 2391 u_longlong_t hostidval;
2389 2392 size_t len;
2390 2393
2391 2394 if (hostidp == NULL)
2392 2395 return (Z_INVAL);
2393 2396
2394 2397 /* Empty strings and strings with whitespace are invalid. */
2395 2398 if (*hostidp == '\0')
2396 2399 return (Z_INVALID_PROPERTY);
2397 2400 for (currentp = (char *)hostidp; *currentp != '\0'; ++currentp) {
2398 2401 if (isspace(*currentp))
2399 2402 return (Z_INVALID_PROPERTY);
2400 2403 }
2401 2404 len = (size_t)(currentp - hostidp);
2402 2405
2403 2406 /*
2404 2407 * The caller might pass a hostid that is larger than the maximum
2405 2408 * unsigned 32-bit integral value. Check for this! Also, make sure
2406 2409 * that the whole string is converted (this helps us find illegal
2407 2410 * characters) and that the whole string fits within a buffer of size
2408 2411 * HW_HOSTID_LEN.
2409 2412 */
2410 2413 currentp = (char *)hostidp;
2411 2414 if (strncmp(hostidp, "0x", 2) == 0 || strncmp(hostidp, "0X", 2) == 0)
2412 2415 currentp += 2;
2413 2416 hostidval = strtoull(currentp, ¤tp, 16);
2414 2417 if ((size_t)(currentp - hostidp) >= HW_HOSTID_LEN)
2415 2418 return (Z_TOO_BIG);
2416 2419 if (hostidval > UINT_MAX || hostidval == HW_INVALID_HOSTID ||
2417 2420 currentp != hostidp + len)
2418 2421 return (Z_INVALID_PROPERTY);
2419 2422 return (Z_OK);
2420 2423 }
2421 2424
2422 2425 /*
2423 2426 * Gets the zone hostid string stored in the specified zone configuration
2424 2427 * document. This function returns Z_OK on success. Z_BAD_PROPERTY is returned
2425 2428 * if the config file doesn't specify a hostid or if the hostid is blank.
2426 2429 *
2427 2430 * Note that buflen should be at least HW_HOSTID_LEN.
2428 2431 */
2429 2432 int
2430 2433 zonecfg_get_hostid(zone_dochandle_t handle, char *bufp, size_t buflen)
2431 2434 {
2432 2435 int err;
2433 2436
2434 2437 if ((err = getrootattr(handle, DTD_ATTR_HOSTID, bufp, buflen)) != Z_OK)
2435 2438 return (err);
2436 2439 if (bufp[0] == '\0')
2437 2440 return (Z_BAD_PROPERTY);
2438 2441 return (zonecfg_valid_hostid(bufp));
2439 2442 }
2440 2443
2441 2444 /*
2442 2445 * Sets the hostid string in the specified zone config document to the given
2443 2446 * string value. If 'hostidp' is NULL, then the config document's hostid
2444 2447 * attribute is cleared. Non-NULL hostids are validated. This function returns
2445 2448 * Z_OK on success. Any other return value indicates failure.
2446 2449 */
2447 2450 int
2448 2451 zonecfg_set_hostid(zone_dochandle_t handle, const char *hostidp)
2449 2452 {
2450 2453 int err;
2451 2454
2452 2455 /*
2453 2456 * A NULL hostid string is interpreted as a request to clear the
2454 2457 * hostid.
2455 2458 */
2456 2459 if (hostidp == NULL || (err = zonecfg_valid_hostid(hostidp)) == Z_OK)
2457 2460 return (setrootattr(handle, DTD_ATTR_HOSTID, hostidp));
2458 2461 return (err);
2459 2462 }
2460 2463
2461 2464 int
2462 2465 zonecfg_lookup_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
2463 2466 {
2464 2467 xmlNodePtr cur, firstmatch;
2465 2468 int err;
2466 2469 char match[MAXPATHLEN];
2467 2470
2468 2471 if (tabptr == NULL)
2469 2472 return (Z_INVAL);
2470 2473
2471 2474 if ((err = operation_prep(handle)) != Z_OK)
2472 2475 return (err);
2473 2476
2474 2477 cur = handle->zone_dh_cur;
2475 2478 firstmatch = NULL;
2476 2479 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2477 2480 if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
2478 2481 continue;
2479 2482 if (strlen(tabptr->zone_dev_match) == 0)
2480 2483 continue;
2481 2484
2482 2485 if ((fetchprop(cur, DTD_ATTR_MATCH, match,
2483 2486 sizeof (match)) == Z_OK)) {
2484 2487 if (strcmp(tabptr->zone_dev_match,
2485 2488 match) == 0) {
2486 2489 if (firstmatch == NULL)
2487 2490 firstmatch = cur;
2488 2491 else if (firstmatch != cur)
2489 2492 return (Z_INSUFFICIENT_SPEC);
2490 2493 } else {
2491 2494 /*
2492 2495 * If another property matched but this
2493 2496 * one doesn't then reset firstmatch.
2494 2497 */
2495 2498 if (firstmatch == cur)
2496 2499 firstmatch = NULL;
2497 2500 }
2498 2501 }
2499 2502 }
2500 2503 if (firstmatch == NULL)
2501 2504 return (Z_NO_RESOURCE_ID);
2502 2505
2503 2506 cur = firstmatch;
2504 2507
2505 2508 if ((err = fetchprop(cur, DTD_ATTR_MATCH, tabptr->zone_dev_match,
2506 2509 sizeof (tabptr->zone_dev_match))) != Z_OK)
2507 2510 return (err);
2508 2511
2509 2512 return (Z_OK);
2510 2513 }
2511 2514
2512 2515 static int
2513 2516 zonecfg_add_dev_core(zone_dochandle_t handle, struct zone_devtab *tabptr)
2514 2517 {
2515 2518 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2516 2519 int err;
2517 2520
2518 2521 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DEVICE, NULL);
2519 2522
2520 2523 if ((err = newprop(newnode, DTD_ATTR_MATCH,
2521 2524 tabptr->zone_dev_match)) != Z_OK)
2522 2525 return (err);
2523 2526
2524 2527 return (Z_OK);
2525 2528 }
2526 2529
2527 2530 int
2528 2531 zonecfg_add_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
2529 2532 {
2530 2533 int err;
2531 2534
2532 2535 if (tabptr == NULL)
2533 2536 return (Z_INVAL);
2534 2537
2535 2538 if ((err = operation_prep(handle)) != Z_OK)
2536 2539 return (err);
2537 2540
2538 2541 if ((err = zonecfg_add_dev_core(handle, tabptr)) != Z_OK)
2539 2542 return (err);
2540 2543
2541 2544 return (Z_OK);
2542 2545 }
2543 2546
2544 2547 static int
2545 2548 zonecfg_delete_dev_core(zone_dochandle_t handle, struct zone_devtab *tabptr)
2546 2549 {
2547 2550 xmlNodePtr cur = handle->zone_dh_cur;
2548 2551 int match_match;
2549 2552
2550 2553 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2551 2554 if (xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
2552 2555 continue;
2553 2556
2554 2557 match_match = match_prop(cur, DTD_ATTR_MATCH,
2555 2558 tabptr->zone_dev_match);
2556 2559
2557 2560 if (match_match) {
2558 2561 xmlUnlinkNode(cur);
2559 2562 xmlFreeNode(cur);
2560 2563 return (Z_OK);
2561 2564 }
2562 2565 }
2563 2566 return (Z_NO_RESOURCE_ID);
2564 2567 }
2565 2568
2566 2569 int
2567 2570 zonecfg_delete_dev(zone_dochandle_t handle, struct zone_devtab *tabptr)
2568 2571 {
2569 2572 int err;
2570 2573
2571 2574 if (tabptr == NULL)
2572 2575 return (Z_INVAL);
2573 2576
2574 2577 if ((err = operation_prep(handle)) != Z_OK)
2575 2578 return (err);
2576 2579
2577 2580 if ((err = zonecfg_delete_dev_core(handle, tabptr)) != Z_OK)
2578 2581 return (err);
2579 2582
2580 2583 return (Z_OK);
2581 2584 }
2582 2585
2583 2586 int
2584 2587 zonecfg_modify_dev(
2585 2588 zone_dochandle_t handle,
2586 2589 struct zone_devtab *oldtabptr,
2587 2590 struct zone_devtab *newtabptr)
2588 2591 {
2589 2592 int err;
2590 2593
2591 2594 if (oldtabptr == NULL || newtabptr == NULL)
2592 2595 return (Z_INVAL);
2593 2596
2594 2597 if ((err = operation_prep(handle)) != Z_OK)
2595 2598 return (err);
2596 2599
2597 2600 if ((err = zonecfg_delete_dev_core(handle, oldtabptr)) != Z_OK)
2598 2601 return (err);
2599 2602
2600 2603 if ((err = zonecfg_add_dev_core(handle, newtabptr)) != Z_OK)
2601 2604 return (err);
2602 2605
2603 2606 return (Z_OK);
2604 2607 }
2605 2608
2606 2609 static int
2607 2610 zonecfg_add_auth_core(zone_dochandle_t handle, struct zone_admintab *tabptr,
2608 2611 char *zonename)
2609 2612 {
2610 2613 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2611 2614 int err;
2612 2615
2613 2616 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_ADMIN, NULL);
2614 2617 err = newprop(newnode, DTD_ATTR_USER, tabptr->zone_admin_user);
2615 2618 if (err != Z_OK)
2616 2619 return (err);
2617 2620 err = newprop(newnode, DTD_ATTR_AUTHS, tabptr->zone_admin_auths);
2618 2621 if (err != Z_OK)
2619 2622 return (err);
2620 2623 if ((err = zonecfg_remove_userauths(
2621 2624 handle, tabptr->zone_admin_user, zonename, B_FALSE)) != Z_OK)
2622 2625 return (err);
2623 2626 return (Z_OK);
2624 2627 }
2625 2628
2626 2629 int
2627 2630 zonecfg_add_admin(zone_dochandle_t handle, struct zone_admintab *tabptr,
2628 2631 char *zonename)
2629 2632 {
2630 2633 int err;
2631 2634
2632 2635 if (tabptr == NULL)
2633 2636 return (Z_INVAL);
2634 2637
2635 2638 if ((err = operation_prep(handle)) != Z_OK)
2636 2639 return (err);
2637 2640
2638 2641 if ((err = zonecfg_add_auth_core(handle, tabptr,
2639 2642 zonename)) != Z_OK)
2640 2643 return (err);
2641 2644
2642 2645 return (Z_OK);
2643 2646 }
2644 2647
2645 2648 static int
2646 2649 zonecfg_delete_auth_core(zone_dochandle_t handle, struct zone_admintab *tabptr,
2647 2650 char *zonename)
2648 2651 {
2649 2652 xmlNodePtr cur = handle->zone_dh_cur;
2650 2653 boolean_t auth_match;
2651 2654 int err;
2652 2655
2653 2656 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2654 2657 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
2655 2658 continue;
2656 2659 auth_match = match_prop(cur, DTD_ATTR_USER,
2657 2660 tabptr->zone_admin_user);
2658 2661 if (auth_match) {
2659 2662 if ((err = zonecfg_insert_userauths(
2660 2663 handle, tabptr->zone_admin_user,
2661 2664 zonename)) != Z_OK)
2662 2665 return (err);
2663 2666 xmlUnlinkNode(cur);
2664 2667 xmlFreeNode(cur);
2665 2668 return (Z_OK);
2666 2669 }
2667 2670 }
2668 2671 return (Z_NO_RESOURCE_ID);
2669 2672 }
2670 2673
2671 2674 int
2672 2675 zonecfg_delete_admin(zone_dochandle_t handle, struct zone_admintab *tabptr,
2673 2676 char *zonename)
2674 2677 {
2675 2678 int err;
2676 2679
2677 2680 if (tabptr == NULL)
2678 2681 return (Z_INVAL);
2679 2682
2680 2683 if ((err = operation_prep(handle)) != Z_OK)
2681 2684 return (err);
2682 2685
2683 2686 if ((err = zonecfg_delete_auth_core(handle, tabptr, zonename)) != Z_OK)
2684 2687 return (err);
2685 2688
2686 2689 return (Z_OK);
2687 2690 }
2688 2691
2689 2692 int
2690 2693 zonecfg_modify_admin(zone_dochandle_t handle, struct zone_admintab *oldtabptr,
2691 2694 struct zone_admintab *newtabptr, char *zonename)
2692 2695 {
2693 2696 int err;
2694 2697
2695 2698 if (oldtabptr == NULL || newtabptr == NULL)
2696 2699 return (Z_INVAL);
2697 2700
2698 2701 if ((err = operation_prep(handle)) != Z_OK)
2699 2702 return (err);
2700 2703
2701 2704 if ((err = zonecfg_delete_auth_core(handle, oldtabptr, zonename))
2702 2705 != Z_OK)
2703 2706 return (err);
2704 2707
2705 2708 if ((err = zonecfg_add_auth_core(handle, newtabptr,
2706 2709 zonename)) != Z_OK)
2707 2710 return (err);
2708 2711
2709 2712 return (Z_OK);
2710 2713 }
2711 2714
2712 2715 int
2713 2716 zonecfg_lookup_admin(zone_dochandle_t handle, struct zone_admintab *tabptr)
2714 2717 {
2715 2718 xmlNodePtr cur, firstmatch;
2716 2719 int err;
2717 2720 char user[MAXUSERNAME];
2718 2721
2719 2722 if (tabptr == NULL)
2720 2723 return (Z_INVAL);
2721 2724
2722 2725 if ((err = operation_prep(handle)) != Z_OK)
2723 2726 return (err);
2724 2727
2725 2728 cur = handle->zone_dh_cur;
2726 2729 firstmatch = NULL;
2727 2730 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2728 2731 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
2729 2732 continue;
2730 2733 if (strlen(tabptr->zone_admin_user) > 0) {
2731 2734 if ((fetchprop(cur, DTD_ATTR_USER, user,
2732 2735 sizeof (user)) == Z_OK) &&
2733 2736 (strcmp(tabptr->zone_admin_user, user) == 0)) {
2734 2737 if (firstmatch == NULL)
2735 2738 firstmatch = cur;
2736 2739 else
2737 2740 return (Z_INSUFFICIENT_SPEC);
2738 2741 }
2739 2742 }
2740 2743 }
2741 2744 if (firstmatch == NULL)
2742 2745 return (Z_NO_RESOURCE_ID);
2743 2746
2744 2747 cur = firstmatch;
2745 2748
2746 2749 if ((err = fetchprop(cur, DTD_ATTR_USER, tabptr->zone_admin_user,
2747 2750 sizeof (tabptr->zone_admin_user))) != Z_OK)
2748 2751 return (err);
2749 2752
2750 2753 if ((err = fetchprop(cur, DTD_ATTR_AUTHS, tabptr->zone_admin_auths,
2751 2754 sizeof (tabptr->zone_admin_auths))) != Z_OK)
2752 2755 return (err);
2753 2756
2754 2757 return (Z_OK);
2755 2758 }
2756 2759
2757 2760 static int
2758 2761 zonecfg_add_secflags_core(zone_dochandle_t handle,
2759 2762 struct zone_secflagstab *tabptr)
2760 2763 {
2761 2764 xmlNodePtr newnode, cur = handle->zone_dh_cur;
2762 2765 int err;
2763 2766
2764 2767 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_SECFLAGS, NULL);
2765 2768 err = newprop(newnode, DTD_ATTR_DEFAULT, tabptr->zone_secflags_default);
2766 2769 if (err != Z_OK)
2767 2770 return (err);
2768 2771 err = newprop(newnode, DTD_ATTR_LOWER, tabptr->zone_secflags_lower);
2769 2772 if (err != Z_OK)
2770 2773 return (err);
2771 2774 err = newprop(newnode, DTD_ATTR_UPPER, tabptr->zone_secflags_upper);
2772 2775 if (err != Z_OK)
2773 2776 return (err);
2774 2777
2775 2778 return (Z_OK);
2776 2779 }
2777 2780
2778 2781 int
2779 2782 zonecfg_add_secflags(zone_dochandle_t handle, struct zone_secflagstab *tabptr)
2780 2783 {
2781 2784 int err;
2782 2785
2783 2786
2784 2787 if (tabptr == NULL)
2785 2788 return (Z_INVAL);
2786 2789
2787 2790 if ((err = operation_prep(handle)) != Z_OK)
2788 2791 return (err);
2789 2792
2790 2793 if ((err = zonecfg_add_secflags_core(handle, tabptr)) != Z_OK)
2791 2794 return (err);
2792 2795
2793 2796 return (Z_OK);
2794 2797 }
2795 2798
2796 2799 static int
2797 2800 zonecfg_delete_secflags_core(zone_dochandle_t handle,
2798 2801 struct zone_secflagstab *tabptr)
2799 2802 {
2800 2803 xmlNodePtr cur = handle->zone_dh_cur;
2801 2804 boolean_t def_match, low_match, up_match;
2802 2805
2803 2806 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2804 2807 if (xmlStrcmp(cur->name, DTD_ELEM_SECFLAGS) != 0)
2805 2808 continue;
2806 2809
2807 2810 def_match = match_prop(cur, DTD_ATTR_DEFAULT,
2808 2811 tabptr->zone_secflags_default);
2809 2812 low_match = match_prop(cur, DTD_ATTR_LOWER,
2810 2813 tabptr->zone_secflags_lower);
2811 2814 up_match = match_prop(cur, DTD_ATTR_UPPER,
2812 2815 tabptr->zone_secflags_upper);
2813 2816
2814 2817 if (def_match && low_match && up_match) {
2815 2818 xmlUnlinkNode(cur);
2816 2819 xmlFreeNode(cur);
2817 2820 return (Z_OK);
2818 2821 }
2819 2822
2820 2823 }
2821 2824 return (Z_NO_RESOURCE_ID);
2822 2825 }
2823 2826
2824 2827 int
2825 2828 zonecfg_delete_secflags(zone_dochandle_t handle,
2826 2829 struct zone_secflagstab *tabptr)
2827 2830 {
2828 2831 int err;
2829 2832
2830 2833 if (tabptr == NULL)
2831 2834 return (Z_INVAL);
2832 2835
2833 2836 if ((err = operation_prep(handle)) != Z_OK)
2834 2837 return (err);
2835 2838
2836 2839 if ((err = zonecfg_delete_secflags_core(handle, tabptr)) != Z_OK)
2837 2840 return (err);
2838 2841
2839 2842 return (Z_OK);
2840 2843 }
2841 2844
2842 2845 int
2843 2846 zonecfg_modify_secflags(zone_dochandle_t handle,
2844 2847 struct zone_secflagstab *oldtabptr,
2845 2848 struct zone_secflagstab *newtabptr)
2846 2849 {
2847 2850 int err;
2848 2851
2849 2852 if (oldtabptr == NULL || newtabptr == NULL)
2850 2853 return (Z_INVAL);
2851 2854
2852 2855 if ((err = operation_prep(handle)) != Z_OK)
2853 2856 return (err);
2854 2857
2855 2858 if ((err = zonecfg_delete_secflags_core(handle, oldtabptr))
2856 2859 != Z_OK)
2857 2860 return (err);
2858 2861
2859 2862 if ((err = zonecfg_add_secflags_core(handle, newtabptr)) != Z_OK)
2860 2863 return (err);
2861 2864
2862 2865 return (Z_OK);
2863 2866 }
2864 2867
2865 2868 int
2866 2869 zonecfg_lookup_secflags(zone_dochandle_t handle,
2867 2870 struct zone_secflagstab *tabptr)
2868 2871 {
2869 2872 xmlNodePtr cur;
2870 2873 int err;
2871 2874
2872 2875 if (tabptr == NULL)
2873 2876 return (Z_INVAL);
2874 2877
2875 2878 if ((err = operation_prep(handle)) != Z_OK)
2876 2879 return (err);
2877 2880
2878 2881 cur = handle->zone_dh_cur;
2879 2882
2880 2883 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2881 2884 if (xmlStrcmp(cur->name, DTD_ELEM_SECFLAGS) != 0)
2882 2885 continue;
2883 2886
2884 2887 if ((err = fetchprop(cur, DTD_ATTR_DEFAULT,
2885 2888 tabptr->zone_secflags_default,
2886 2889 sizeof (tabptr->zone_secflags_default))) != Z_OK) {
2887 2890 handle->zone_dh_cur = handle->zone_dh_top;
2888 2891 return (err);
2889 2892 }
2890 2893
2891 2894 if ((err = fetchprop(cur, DTD_ATTR_LOWER,
2892 2895 tabptr->zone_secflags_lower,
2893 2896 sizeof (tabptr->zone_secflags_lower))) != Z_OK) {
2894 2897 handle->zone_dh_cur = handle->zone_dh_top;
2895 2898 return (err);
2896 2899 }
2897 2900
2898 2901 if ((err = fetchprop(cur, DTD_ATTR_UPPER,
2899 2902 tabptr->zone_secflags_upper,
2900 2903 sizeof (tabptr->zone_secflags_upper))) != Z_OK) {
2901 2904 handle->zone_dh_cur = handle->zone_dh_top;
2902 2905 return (err);
2903 2906 }
2904 2907
2905 2908 return (Z_OK);
2906 2909 }
2907 2910
2908 2911 return (Z_NO_ENTRY);
2909 2912 }
2910 2913
2911 2914 /* Lock to serialize all devwalks */
2912 2915 static pthread_mutex_t zonecfg_devwalk_lock = PTHREAD_MUTEX_INITIALIZER;
2913 2916 /*
2914 2917 * Global variables used to pass data from zonecfg_dev_manifest to the nftw
2915 2918 * call-back (zonecfg_devwalk_cb). g_devwalk_data is really the void*
2916 2919 * parameter and g_devwalk_cb is really the *cb parameter from
2917 2920 * zonecfg_dev_manifest.
2918 2921 */
2919 2922 typedef struct __g_devwalk_data *g_devwalk_data_t;
2920 2923 static g_devwalk_data_t g_devwalk_data;
2921 2924 static int (*g_devwalk_cb)(const char *, uid_t, gid_t, mode_t, const char *,
2922 2925 void *);
2923 2926 static size_t g_devwalk_skip_prefix;
2924 2927
2925 2928 /*
2926 2929 * zonecfg_dev_manifest call-back function used during detach to generate the
2927 2930 * dev info in the manifest.
2928 2931 */
2929 2932 static int
2930 2933 get_detach_dev_entry(const char *name, uid_t uid, gid_t gid, mode_t mode,
2931 2934 const char *acl, void *hdl)
2932 2935 {
2933 2936 zone_dochandle_t handle = (zone_dochandle_t)hdl;
2934 2937 xmlNodePtr newnode;
2935 2938 xmlNodePtr cur;
2936 2939 int err;
2937 2940 char buf[128];
2938 2941
2939 2942 if ((err = operation_prep(handle)) != Z_OK)
2940 2943 return (err);
2941 2944
2942 2945 cur = handle->zone_dh_cur;
2943 2946 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DEV_PERM, NULL);
2944 2947 if ((err = newprop(newnode, DTD_ATTR_NAME, (char *)name)) != Z_OK)
2945 2948 return (err);
2946 2949 (void) snprintf(buf, sizeof (buf), "%lu", uid);
2947 2950 if ((err = newprop(newnode, DTD_ATTR_UID, buf)) != Z_OK)
2948 2951 return (err);
2949 2952 (void) snprintf(buf, sizeof (buf), "%lu", gid);
2950 2953 if ((err = newprop(newnode, DTD_ATTR_GID, buf)) != Z_OK)
2951 2954 return (err);
2952 2955 (void) snprintf(buf, sizeof (buf), "%o", mode);
2953 2956 if ((err = newprop(newnode, DTD_ATTR_MODE, buf)) != Z_OK)
2954 2957 return (err);
2955 2958 if ((err = newprop(newnode, DTD_ATTR_ACL, (char *)acl)) != Z_OK)
2956 2959 return (err);
2957 2960 return (Z_OK);
2958 2961 }
2959 2962
2960 2963 /*
2961 2964 * This is the nftw call-back function used by zonecfg_dev_manifest. It is
2962 2965 * responsible for calling the actual call-back.
2963 2966 */
2964 2967 /* ARGSUSED2 */
2965 2968 static int
2966 2969 zonecfg_devwalk_cb(const char *path, const struct stat *st, int f,
2967 2970 struct FTW *ftw)
2968 2971 {
2969 2972 acl_t *acl;
2970 2973 char *acl_txt = NULL;
2971 2974
2972 2975 /* skip all but character and block devices */
2973 2976 if (!S_ISBLK(st->st_mode) && !S_ISCHR(st->st_mode))
2974 2977 return (0);
2975 2978
2976 2979 if ((acl_get(path, ACL_NO_TRIVIAL, &acl) == 0) &&
2977 2980 acl != NULL) {
2978 2981 acl_txt = acl_totext(acl, ACL_NORESOLVE);
2979 2982 acl_free(acl);
2980 2983 }
2981 2984
2982 2985 if (strlen(path) <= g_devwalk_skip_prefix)
2983 2986 return (0);
2984 2987
2985 2988 (void) g_devwalk_cb(path + g_devwalk_skip_prefix, st->st_uid,
2986 2989 st->st_gid, st->st_mode & S_IAMB, acl_txt != NULL ? acl_txt : "",
2987 2990 g_devwalk_data);
2988 2991 free(acl_txt);
2989 2992 return (0);
2990 2993 }
2991 2994
2992 2995 /*
2993 2996 * Walk the dev tree for the zone specified by hdl and call the
2994 2997 * get_detach_dev_entry call-back function for each entry in the tree. The
2995 2998 * call-back will be passed the name, uid, gid, mode, acl string and the
2996 2999 * handle input parameter for each dev entry.
2997 3000 *
2998 3001 * Data is passed to get_detach_dev_entry through the global variables
2999 3002 * g_devwalk_data, *g_devwalk_cb, and g_devwalk_skip_prefix. The
3000 3003 * zonecfg_devwalk_cb function will actually call get_detach_dev_entry.
3001 3004 */
3002 3005 int
3003 3006 zonecfg_dev_manifest(zone_dochandle_t hdl)
3004 3007 {
3005 3008 char path[MAXPATHLEN];
3006 3009 int ret;
3007 3010
3008 3011 if ((ret = zonecfg_get_zonepath(hdl, path, sizeof (path))) != Z_OK)
3009 3012 return (ret);
3010 3013
3011 3014 if (strlcat(path, "/dev", sizeof (path)) >= sizeof (path))
3012 3015 return (Z_TOO_BIG);
3013 3016
3014 3017 /*
3015 3018 * We have to serialize all devwalks in the same process
3016 3019 * (which should be fine), since nftw() is so badly designed.
3017 3020 */
3018 3021 (void) pthread_mutex_lock(&zonecfg_devwalk_lock);
3019 3022
3020 3023 g_devwalk_skip_prefix = strlen(path) + 1;
3021 3024 g_devwalk_data = (g_devwalk_data_t)hdl;
3022 3025 g_devwalk_cb = get_detach_dev_entry;
3023 3026 (void) nftw(path, zonecfg_devwalk_cb, 0, FTW_PHYS);
3024 3027
3025 3028 (void) pthread_mutex_unlock(&zonecfg_devwalk_lock);
3026 3029 return (Z_OK);
3027 3030 }
3028 3031
3029 3032 /*
3030 3033 * Update the owner, group, mode and acl on the specified dev (inpath) for
3031 3034 * the zone (hdl). This function can be used to fix up the dev tree after
3032 3035 * attaching a migrated zone.
3033 3036 */
3034 3037 int
3035 3038 zonecfg_devperms_apply(zone_dochandle_t hdl, const char *inpath, uid_t owner,
3036 3039 gid_t group, mode_t mode, const char *acltxt)
3037 3040 {
3038 3041 int ret;
3039 3042 char path[MAXPATHLEN];
3040 3043 struct stat st;
3041 3044 acl_t *aclp;
3042 3045
3043 3046 if ((ret = zonecfg_get_zonepath(hdl, path, sizeof (path))) != Z_OK)
3044 3047 return (ret);
3045 3048
3046 3049 if (strlcat(path, "/dev/", sizeof (path)) >= sizeof (path))
3047 3050 return (Z_TOO_BIG);
3048 3051 if (strlcat(path, inpath, sizeof (path)) >= sizeof (path))
3049 3052 return (Z_TOO_BIG);
3050 3053
3051 3054 if (stat(path, &st) == -1)
3052 3055 return (Z_INVAL);
3053 3056
3054 3057 /* make sure we're only touching device nodes */
3055 3058 if (!S_ISCHR(st.st_mode) && !S_ISBLK(st.st_mode))
3056 3059 return (Z_INVAL);
3057 3060
3058 3061 if (chown(path, owner, group) == -1)
3059 3062 return (Z_SYSTEM);
3060 3063
3061 3064 if (chmod(path, mode) == -1)
3062 3065 return (Z_SYSTEM);
3063 3066
3064 3067 if ((acltxt == NULL) || (strcmp(acltxt, "") == 0))
3065 3068 return (Z_OK);
3066 3069
3067 3070 if (acl_fromtext(acltxt, &aclp) != 0) {
3068 3071 errno = EINVAL;
3069 3072 return (Z_SYSTEM);
3070 3073 }
3071 3074
3072 3075 errno = 0;
3073 3076 if (acl_set(path, aclp) == -1) {
3074 3077 free(aclp);
3075 3078 return (Z_SYSTEM);
3076 3079 }
3077 3080
3078 3081 free(aclp);
3079 3082 return (Z_OK);
3080 3083 }
3081 3084
3082 3085 /*
3083 3086 * This function finds everything mounted under a zone's rootpath.
3084 3087 * This returns the number of mounts under rootpath, or -1 on error.
3085 3088 * callback is called once per mount found with the first argument
3086 3089 * pointing to a mnttab structure containing the mount's information.
3087 3090 *
3088 3091 * If the callback function returns non-zero zonecfg_find_mounts
3089 3092 * aborts with an error.
3090 3093 */
3091 3094 int
3092 3095 zonecfg_find_mounts(char *rootpath, int (*callback)(const struct mnttab *,
3093 3096 void *), void *priv)
3094 3097 {
3095 3098 FILE *mnttab;
3096 3099 struct mnttab m;
3097 3100 size_t l;
3098 3101 int zfsl;
3099 3102 int rv = 0;
3100 3103 char zfs_path[MAXPATHLEN];
3101 3104
3102 3105 assert(rootpath != NULL);
3103 3106
3104 3107 if ((zfsl = snprintf(zfs_path, sizeof (zfs_path), "%s/.zfs/", rootpath))
3105 3108 >= sizeof (zfs_path))
3106 3109 return (-1);
3107 3110
3108 3111 l = strlen(rootpath);
3109 3112
3110 3113 mnttab = fopen("/etc/mnttab", "r");
3111 3114
3112 3115 if (mnttab == NULL)
3113 3116 return (-1);
3114 3117
3115 3118 if (ioctl(fileno(mnttab), MNTIOC_SHOWHIDDEN, NULL) < 0) {
3116 3119 rv = -1;
3117 3120 goto out;
3118 3121 }
3119 3122
3120 3123 while (!getmntent(mnttab, &m)) {
3121 3124 if ((strncmp(rootpath, m.mnt_mountp, l) == 0) &&
3122 3125 (m.mnt_mountp[l] == '/') &&
3123 3126 (strncmp(zfs_path, m.mnt_mountp, zfsl) != 0)) {
3124 3127 rv++;
3125 3128 if (callback == NULL)
3126 3129 continue;
3127 3130 if (callback(&m, priv)) {
3128 3131 rv = -1;
3129 3132 goto out;
3130 3133
3131 3134 }
3132 3135 }
3133 3136 }
3134 3137
3135 3138 out:
3136 3139 (void) fclose(mnttab);
3137 3140 return (rv);
3138 3141 }
3139 3142
3140 3143 int
3141 3144 zonecfg_lookup_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3142 3145 {
3143 3146 xmlNodePtr cur, firstmatch;
3144 3147 int err;
3145 3148 char name[MAXNAMELEN], type[MAXNAMELEN], value[MAXNAMELEN];
3146 3149
3147 3150 if (tabptr == NULL)
3148 3151 return (Z_INVAL);
3149 3152
3150 3153 if ((err = operation_prep(handle)) != Z_OK)
3151 3154 return (err);
3152 3155
3153 3156 cur = handle->zone_dh_cur;
3154 3157 firstmatch = NULL;
3155 3158 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3156 3159 if (xmlStrcmp(cur->name, DTD_ELEM_ATTR))
3157 3160 continue;
3158 3161 if (strlen(tabptr->zone_attr_name) > 0) {
3159 3162 if ((fetchprop(cur, DTD_ATTR_NAME, name,
3160 3163 sizeof (name)) == Z_OK) &&
3161 3164 (strcmp(tabptr->zone_attr_name, name) == 0)) {
3162 3165 if (firstmatch == NULL)
3163 3166 firstmatch = cur;
3164 3167 else
3165 3168 return (Z_INSUFFICIENT_SPEC);
3166 3169 }
3167 3170 }
3168 3171 if (strlen(tabptr->zone_attr_type) > 0) {
3169 3172 if ((fetchprop(cur, DTD_ATTR_TYPE, type,
3170 3173 sizeof (type)) == Z_OK)) {
3171 3174 if (strcmp(tabptr->zone_attr_type, type) == 0) {
3172 3175 if (firstmatch == NULL)
3173 3176 firstmatch = cur;
3174 3177 else if (firstmatch != cur)
3175 3178 return (Z_INSUFFICIENT_SPEC);
3176 3179 } else {
3177 3180 /*
3178 3181 * If another property matched but this
3179 3182 * one doesn't then reset firstmatch.
3180 3183 */
3181 3184 if (firstmatch == cur)
3182 3185 firstmatch = NULL;
3183 3186 }
3184 3187 }
3185 3188 }
3186 3189 if (strlen(tabptr->zone_attr_value) > 0) {
3187 3190 if ((fetchprop(cur, DTD_ATTR_VALUE, value,
3188 3191 sizeof (value)) == Z_OK)) {
3189 3192 if (strcmp(tabptr->zone_attr_value, value) ==
3190 3193 0) {
3191 3194 if (firstmatch == NULL)
3192 3195 firstmatch = cur;
3193 3196 else if (firstmatch != cur)
3194 3197 return (Z_INSUFFICIENT_SPEC);
3195 3198 } else {
3196 3199 /*
3197 3200 * If another property matched but this
3198 3201 * one doesn't then reset firstmatch.
3199 3202 */
3200 3203 if (firstmatch == cur)
3201 3204 firstmatch = NULL;
3202 3205 }
3203 3206 }
3204 3207 }
3205 3208 }
3206 3209 if (firstmatch == NULL)
3207 3210 return (Z_NO_RESOURCE_ID);
3208 3211
3209 3212 cur = firstmatch;
3210 3213
3211 3214 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_attr_name,
3212 3215 sizeof (tabptr->zone_attr_name))) != Z_OK)
3213 3216 return (err);
3214 3217
3215 3218 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_attr_type,
3216 3219 sizeof (tabptr->zone_attr_type))) != Z_OK)
3217 3220 return (err);
3218 3221
3219 3222 if ((err = fetchprop(cur, DTD_ATTR_VALUE, tabptr->zone_attr_value,
3220 3223 sizeof (tabptr->zone_attr_value))) != Z_OK)
3221 3224 return (err);
3222 3225
3223 3226 return (Z_OK);
3224 3227 }
3225 3228
3226 3229 static int
3227 3230 zonecfg_add_attr_core(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3228 3231 {
3229 3232 xmlNodePtr newnode, cur = handle->zone_dh_cur;
3230 3233 int err;
3231 3234
3232 3235 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_ATTR, NULL);
3233 3236 err = newprop(newnode, DTD_ATTR_NAME, tabptr->zone_attr_name);
3234 3237 if (err != Z_OK)
3235 3238 return (err);
3236 3239 err = newprop(newnode, DTD_ATTR_TYPE, tabptr->zone_attr_type);
3237 3240 if (err != Z_OK)
3238 3241 return (err);
3239 3242 err = newprop(newnode, DTD_ATTR_VALUE, tabptr->zone_attr_value);
3240 3243 if (err != Z_OK)
3241 3244 return (err);
3242 3245 return (Z_OK);
3243 3246 }
3244 3247
3245 3248 int
3246 3249 zonecfg_add_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3247 3250 {
3248 3251 int err;
3249 3252
3250 3253 if (tabptr == NULL)
3251 3254 return (Z_INVAL);
3252 3255
3253 3256 if ((err = operation_prep(handle)) != Z_OK)
3254 3257 return (err);
3255 3258
3256 3259 if ((err = zonecfg_add_attr_core(handle, tabptr)) != Z_OK)
3257 3260 return (err);
3258 3261
3259 3262 return (Z_OK);
3260 3263 }
3261 3264
3262 3265 static int
3263 3266 zonecfg_delete_attr_core(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3264 3267 {
3265 3268 xmlNodePtr cur = handle->zone_dh_cur;
3266 3269 int name_match, type_match, value_match;
3267 3270
3268 3271 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3269 3272 if (xmlStrcmp(cur->name, DTD_ELEM_ATTR))
3270 3273 continue;
3271 3274
3272 3275 name_match = match_prop(cur, DTD_ATTR_NAME,
3273 3276 tabptr->zone_attr_name);
3274 3277 type_match = match_prop(cur, DTD_ATTR_TYPE,
3275 3278 tabptr->zone_attr_type);
3276 3279 value_match = match_prop(cur, DTD_ATTR_VALUE,
3277 3280 tabptr->zone_attr_value);
3278 3281
3279 3282 if (name_match && type_match && value_match) {
3280 3283 xmlUnlinkNode(cur);
3281 3284 xmlFreeNode(cur);
3282 3285 return (Z_OK);
3283 3286 }
3284 3287 }
3285 3288 return (Z_NO_RESOURCE_ID);
3286 3289 }
3287 3290
3288 3291 int
3289 3292 zonecfg_delete_attr(zone_dochandle_t handle, struct zone_attrtab *tabptr)
3290 3293 {
3291 3294 int err;
3292 3295
3293 3296 if (tabptr == NULL)
3294 3297 return (Z_INVAL);
3295 3298
3296 3299 if ((err = operation_prep(handle)) != Z_OK)
3297 3300 return (err);
3298 3301
3299 3302 if ((err = zonecfg_delete_attr_core(handle, tabptr)) != Z_OK)
3300 3303 return (err);
3301 3304
3302 3305 return (Z_OK);
3303 3306 }
3304 3307
3305 3308 int
3306 3309 zonecfg_modify_attr(
3307 3310 zone_dochandle_t handle,
3308 3311 struct zone_attrtab *oldtabptr,
3309 3312 struct zone_attrtab *newtabptr)
3310 3313 {
3311 3314 int err;
3312 3315
3313 3316 if (oldtabptr == NULL || newtabptr == NULL)
3314 3317 return (Z_INVAL);
3315 3318
3316 3319 if ((err = operation_prep(handle)) != Z_OK)
3317 3320 return (err);
3318 3321
3319 3322 if ((err = zonecfg_delete_attr_core(handle, oldtabptr)) != Z_OK)
3320 3323 return (err);
3321 3324
3322 3325 if ((err = zonecfg_add_attr_core(handle, newtabptr)) != Z_OK)
3323 3326 return (err);
3324 3327
3325 3328 return (Z_OK);
3326 3329 }
3327 3330
3328 3331 int
3329 3332 zonecfg_get_attr_boolean(const struct zone_attrtab *attr, boolean_t *value)
3330 3333 {
3331 3334 if (attr == NULL)
3332 3335 return (Z_INVAL);
3333 3336
3334 3337 if (strcmp(attr->zone_attr_type, DTD_ENTITY_BOOLEAN) != 0)
3335 3338 return (Z_INVAL);
3336 3339
3337 3340 if (strcmp(attr->zone_attr_value, DTD_ENTITY_TRUE) == 0) {
3338 3341 *value = B_TRUE;
3339 3342 return (Z_OK);
3340 3343 }
3341 3344 if (strcmp(attr->zone_attr_value, DTD_ENTITY_FALSE) == 0) {
3342 3345 *value = B_FALSE;
3343 3346 return (Z_OK);
3344 3347 }
3345 3348 return (Z_INVAL);
3346 3349 }
3347 3350
3348 3351 int
3349 3352 zonecfg_get_attr_int(const struct zone_attrtab *attr, int64_t *value)
3350 3353 {
3351 3354 long long result;
3352 3355 char *endptr;
3353 3356
3354 3357 if (attr == NULL)
3355 3358 return (Z_INVAL);
3356 3359
3357 3360 if (strcmp(attr->zone_attr_type, DTD_ENTITY_INT) != 0)
3358 3361 return (Z_INVAL);
3359 3362
3360 3363 errno = 0;
3361 3364 result = strtoll(attr->zone_attr_value, &endptr, 10);
3362 3365 if (errno != 0 || *endptr != '\0')
3363 3366 return (Z_INVAL);
3364 3367 *value = result;
3365 3368 return (Z_OK);
3366 3369 }
3367 3370
3368 3371 int
3369 3372 zonecfg_get_attr_string(const struct zone_attrtab *attr, char *value,
3370 3373 size_t val_sz)
3371 3374 {
3372 3375 if (attr == NULL)
3373 3376 return (Z_INVAL);
3374 3377
3375 3378 if (strcmp(attr->zone_attr_type, DTD_ENTITY_STRING) != 0)
3376 3379 return (Z_INVAL);
3377 3380
3378 3381 if (strlcpy(value, attr->zone_attr_value, val_sz) >= val_sz)
3379 3382 return (Z_TOO_BIG);
3380 3383 return (Z_OK);
3381 3384 }
3382 3385
3383 3386 int
3384 3387 zonecfg_get_attr_uint(const struct zone_attrtab *attr, uint64_t *value)
3385 3388 {
3386 3389 unsigned long long result;
3387 3390 long long neg_result;
3388 3391 char *endptr;
3389 3392
3390 3393 if (attr == NULL)
3391 3394 return (Z_INVAL);
3392 3395
3393 3396 if (strcmp(attr->zone_attr_type, DTD_ENTITY_UINT) != 0)
3394 3397 return (Z_INVAL);
3395 3398
3396 3399 errno = 0;
3397 3400 result = strtoull(attr->zone_attr_value, &endptr, 10);
3398 3401 if (errno != 0 || *endptr != '\0')
3399 3402 return (Z_INVAL);
3400 3403 errno = 0;
3401 3404 neg_result = strtoll(attr->zone_attr_value, &endptr, 10);
3402 3405 /*
3403 3406 * Incredibly, strtoull("<negative number>", ...) will not fail but
3404 3407 * return whatever (negative) number cast as a u_longlong_t, so we
3405 3408 * need to look for this here.
3406 3409 */
3407 3410 if (errno == 0 && neg_result < 0)
3408 3411 return (Z_INVAL);
3409 3412 *value = result;
3410 3413 return (Z_OK);
3411 3414 }
3412 3415
3413 3416 int
3414 3417 zonecfg_lookup_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3415 3418 {
3416 3419 xmlNodePtr cur, val;
3417 3420 char savedname[MAXNAMELEN];
3418 3421 struct zone_rctlvaltab *valptr;
3419 3422 int err;
3420 3423
3421 3424 if (strlen(tabptr->zone_rctl_name) == 0)
3422 3425 return (Z_INVAL);
3423 3426
3424 3427 if ((err = operation_prep(handle)) != Z_OK)
3425 3428 return (err);
3426 3429
3427 3430 cur = handle->zone_dh_cur;
3428 3431 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3429 3432 if (xmlStrcmp(cur->name, DTD_ELEM_RCTL))
3430 3433 continue;
3431 3434 if ((fetchprop(cur, DTD_ATTR_NAME, savedname,
3432 3435 sizeof (savedname)) == Z_OK) &&
3433 3436 (strcmp(savedname, tabptr->zone_rctl_name) == 0)) {
3434 3437 tabptr->zone_rctl_valptr = NULL;
3435 3438 for (val = cur->xmlChildrenNode; val != NULL;
3436 3439 val = val->next) {
3437 3440 valptr = (struct zone_rctlvaltab *)malloc(
3438 3441 sizeof (struct zone_rctlvaltab));
3439 3442 if (valptr == NULL)
3440 3443 return (Z_NOMEM);
3441 3444 if ((fetchprop(val, DTD_ATTR_PRIV,
3442 3445 valptr->zone_rctlval_priv,
3443 3446 sizeof (valptr->zone_rctlval_priv)) !=
3444 3447 Z_OK))
3445 3448 break;
3446 3449 if ((fetchprop(val, DTD_ATTR_LIMIT,
3447 3450 valptr->zone_rctlval_limit,
3448 3451 sizeof (valptr->zone_rctlval_limit)) !=
3449 3452 Z_OK))
3450 3453 break;
3451 3454 if ((fetchprop(val, DTD_ATTR_ACTION,
3452 3455 valptr->zone_rctlval_action,
3453 3456 sizeof (valptr->zone_rctlval_action)) !=
3454 3457 Z_OK))
3455 3458 break;
3456 3459 if (zonecfg_add_rctl_value(tabptr, valptr) !=
3457 3460 Z_OK)
3458 3461 break;
3459 3462 }
3460 3463 return (Z_OK);
3461 3464 }
3462 3465 }
3463 3466 return (Z_NO_RESOURCE_ID);
3464 3467 }
3465 3468
3466 3469 static int
3467 3470 zonecfg_add_rctl_core(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3468 3471 {
3469 3472 xmlNodePtr newnode, cur = handle->zone_dh_cur, valnode;
3470 3473 struct zone_rctlvaltab *valptr;
3471 3474 int err;
3472 3475
3473 3476 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_RCTL, NULL);
3474 3477 err = newprop(newnode, DTD_ATTR_NAME, tabptr->zone_rctl_name);
3475 3478 if (err != Z_OK)
3476 3479 return (err);
3477 3480 for (valptr = tabptr->zone_rctl_valptr; valptr != NULL;
3478 3481 valptr = valptr->zone_rctlval_next) {
3479 3482 valnode = xmlNewTextChild(newnode, NULL,
3480 3483 DTD_ELEM_RCTLVALUE, NULL);
3481 3484 err = newprop(valnode, DTD_ATTR_PRIV,
3482 3485 valptr->zone_rctlval_priv);
3483 3486 if (err != Z_OK)
3484 3487 return (err);
3485 3488 err = newprop(valnode, DTD_ATTR_LIMIT,
3486 3489 valptr->zone_rctlval_limit);
3487 3490 if (err != Z_OK)
3488 3491 return (err);
3489 3492 err = newprop(valnode, DTD_ATTR_ACTION,
3490 3493 valptr->zone_rctlval_action);
3491 3494 if (err != Z_OK)
3492 3495 return (err);
3493 3496 }
3494 3497 return (Z_OK);
3495 3498 }
3496 3499
3497 3500 int
3498 3501 zonecfg_add_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3499 3502 {
3500 3503 int err;
3501 3504
3502 3505 if (tabptr == NULL)
3503 3506 return (Z_INVAL);
3504 3507
3505 3508 if ((err = operation_prep(handle)) != Z_OK)
3506 3509 return (err);
3507 3510
3508 3511 if ((err = zonecfg_add_rctl_core(handle, tabptr)) != Z_OK)
3509 3512 return (err);
3510 3513
3511 3514 return (Z_OK);
3512 3515 }
3513 3516
3514 3517 static int
3515 3518 zonecfg_delete_rctl_core(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3516 3519 {
3517 3520 xmlNodePtr cur = handle->zone_dh_cur;
3518 3521 xmlChar *savedname;
3519 3522 int name_result;
3520 3523
3521 3524 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
3522 3525 if (xmlStrcmp(cur->name, DTD_ELEM_RCTL))
3523 3526 continue;
3524 3527
3525 3528 savedname = xmlGetProp(cur, DTD_ATTR_NAME);
3526 3529 if (savedname == NULL) /* shouldn't happen */
3527 3530 continue;
3528 3531 name_result = xmlStrcmp(savedname,
3529 3532 (const xmlChar *) tabptr->zone_rctl_name);
3530 3533 xmlFree(savedname);
3531 3534
3532 3535 if (name_result == 0) {
3533 3536 xmlUnlinkNode(cur);
3534 3537 xmlFreeNode(cur);
3535 3538 return (Z_OK);
3536 3539 }
3537 3540 }
3538 3541 return (Z_NO_RESOURCE_ID);
3539 3542 }
3540 3543
3541 3544 int
3542 3545 zonecfg_delete_rctl(zone_dochandle_t handle, struct zone_rctltab *tabptr)
3543 3546 {
3544 3547 int err;
3545 3548
3546 3549 if (tabptr == NULL)
3547 3550 return (Z_INVAL);
3548 3551
3549 3552 if ((err = operation_prep(handle)) != Z_OK)
3550 3553 return (err);
3551 3554
3552 3555 if ((err = zonecfg_delete_rctl_core(handle, tabptr)) != Z_OK)
3553 3556 return (err);
3554 3557
3555 3558 return (Z_OK);
3556 3559 }
3557 3560
3558 3561 int
3559 3562 zonecfg_modify_rctl(
3560 3563 zone_dochandle_t handle,
3561 3564 struct zone_rctltab *oldtabptr,
3562 3565 struct zone_rctltab *newtabptr)
3563 3566 {
3564 3567 int err;
3565 3568
3566 3569 if (oldtabptr == NULL || newtabptr == NULL)
3567 3570 return (Z_INVAL);
3568 3571
3569 3572 if ((err = operation_prep(handle)) != Z_OK)
3570 3573 return (err);
3571 3574
3572 3575 if ((err = zonecfg_delete_rctl_core(handle, oldtabptr)) != Z_OK)
3573 3576 return (err);
3574 3577
3575 3578 if ((err = zonecfg_add_rctl_core(handle, newtabptr)) != Z_OK)
3576 3579 return (err);
3577 3580
3578 3581 return (Z_OK);
3579 3582 }
3580 3583
3581 3584 int
3582 3585 zonecfg_add_rctl_value(
3583 3586 struct zone_rctltab *tabptr,
3584 3587 struct zone_rctlvaltab *valtabptr)
3585 3588 {
3586 3589 struct zone_rctlvaltab *last, *old, *new;
3587 3590 rctlblk_t *rctlblk = alloca(rctlblk_size());
3588 3591
3589 3592 last = tabptr->zone_rctl_valptr;
3590 3593 for (old = last; old != NULL; old = old->zone_rctlval_next)
3591 3594 last = old; /* walk to the end of the list */
3592 3595 new = valtabptr; /* alloc'd by caller */
3593 3596 new->zone_rctlval_next = NULL;
3594 3597 if (zonecfg_construct_rctlblk(valtabptr, rctlblk) != Z_OK)
3595 3598 return (Z_INVAL);
3596 3599 if (!zonecfg_valid_rctlblk(rctlblk))
3597 3600 return (Z_INVAL);
3598 3601 if (last == NULL)
3599 3602 tabptr->zone_rctl_valptr = new;
3600 3603 else
3601 3604 last->zone_rctlval_next = new;
3602 3605 return (Z_OK);
3603 3606 }
3604 3607
3605 3608 int
3606 3609 zonecfg_remove_rctl_value(
3607 3610 struct zone_rctltab *tabptr,
3608 3611 struct zone_rctlvaltab *valtabptr)
3609 3612 {
3610 3613 struct zone_rctlvaltab *last, *this, *next;
3611 3614
3612 3615 last = tabptr->zone_rctl_valptr;
3613 3616 for (this = last; this != NULL; this = this->zone_rctlval_next) {
3614 3617 if (strcmp(this->zone_rctlval_priv,
3615 3618 valtabptr->zone_rctlval_priv) == 0 &&
3616 3619 strcmp(this->zone_rctlval_limit,
3617 3620 valtabptr->zone_rctlval_limit) == 0 &&
3618 3621 strcmp(this->zone_rctlval_action,
3619 3622 valtabptr->zone_rctlval_action) == 0) {
3620 3623 next = this->zone_rctlval_next;
3621 3624 if (this == tabptr->zone_rctl_valptr)
3622 3625 tabptr->zone_rctl_valptr = next;
3623 3626 else
3624 3627 last->zone_rctlval_next = next;
3625 3628 free(this);
3626 3629 return (Z_OK);
3627 3630 } else
3628 3631 last = this;
3629 3632 }
3630 3633 return (Z_NO_PROPERTY_ID);
3631 3634 }
3632 3635
3633 3636 void
3634 3637 zonecfg_set_swinv(zone_dochandle_t handle)
3635 3638 {
3636 3639 handle->zone_dh_sw_inv = B_TRUE;
3637 3640 }
3638 3641
3639 3642 /*
3640 3643 * Add the pkg to the sw inventory on the handle.
3641 3644 */
3642 3645 int
3643 3646 zonecfg_add_pkg(zone_dochandle_t handle, char *name, char *version)
3644 3647 {
3645 3648 xmlNodePtr newnode;
3646 3649 xmlNodePtr cur;
3647 3650 int err;
3648 3651
3649 3652 if ((err = operation_prep(handle)) != Z_OK)
3650 3653 return (err);
3651 3654
3652 3655 cur = handle->zone_dh_cur;
3653 3656 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_PACKAGE, NULL);
3654 3657 if ((err = newprop(newnode, DTD_ATTR_NAME, name)) != Z_OK)
3655 3658 return (err);
3656 3659 if ((err = newprop(newnode, DTD_ATTR_VERSION, version)) != Z_OK)
3657 3660 return (err);
3658 3661 return (Z_OK);
3659 3662 }
3660 3663
3661 3664 char *
3662 3665 zonecfg_strerror(int errnum)
3663 3666 {
3664 3667 switch (errnum) {
3665 3668 case Z_OK:
3666 3669 return (dgettext(TEXT_DOMAIN, "OK"));
3667 3670 case Z_EMPTY_DOCUMENT:
3668 3671 return (dgettext(TEXT_DOMAIN, "Empty document"));
3669 3672 case Z_WRONG_DOC_TYPE:
3670 3673 return (dgettext(TEXT_DOMAIN, "Wrong document type"));
3671 3674 case Z_BAD_PROPERTY:
3672 3675 return (dgettext(TEXT_DOMAIN, "Bad document property"));
3673 3676 case Z_TEMP_FILE:
3674 3677 return (dgettext(TEXT_DOMAIN,
3675 3678 "Problem creating temporary file"));
3676 3679 case Z_SAVING_FILE:
3677 3680 return (dgettext(TEXT_DOMAIN, "Problem saving file"));
3678 3681 case Z_NO_ENTRY:
3679 3682 return (dgettext(TEXT_DOMAIN, "No such entry"));
3680 3683 case Z_BOGUS_ZONE_NAME:
3681 3684 return (dgettext(TEXT_DOMAIN, "Bogus zone name"));
3682 3685 case Z_REQD_RESOURCE_MISSING:
3683 3686 return (dgettext(TEXT_DOMAIN, "Required resource missing"));
3684 3687 case Z_REQD_PROPERTY_MISSING:
3685 3688 return (dgettext(TEXT_DOMAIN, "Required property missing"));
3686 3689 case Z_BAD_HANDLE:
3687 3690 return (dgettext(TEXT_DOMAIN, "Bad handle"));
3688 3691 case Z_NOMEM:
3689 3692 return (dgettext(TEXT_DOMAIN, "Out of memory"));
3690 3693 case Z_INVAL:
3691 3694 return (dgettext(TEXT_DOMAIN, "Invalid argument"));
3692 3695 case Z_ACCES:
3693 3696 return (dgettext(TEXT_DOMAIN, "Permission denied"));
3694 3697 case Z_TOO_BIG:
3695 3698 return (dgettext(TEXT_DOMAIN, "Argument list too long"));
3696 3699 case Z_MISC_FS:
3697 3700 return (dgettext(TEXT_DOMAIN,
3698 3701 "Miscellaneous file system error"));
3699 3702 case Z_NO_ZONE:
3700 3703 return (dgettext(TEXT_DOMAIN, "No such zone configured"));
3701 3704 case Z_NO_RESOURCE_TYPE:
3702 3705 return (dgettext(TEXT_DOMAIN, "No such resource type"));
3703 3706 case Z_NO_RESOURCE_ID:
3704 3707 return (dgettext(TEXT_DOMAIN, "No such resource with that id"));
3705 3708 case Z_NO_PROPERTY_TYPE:
3706 3709 return (dgettext(TEXT_DOMAIN, "No such property type"));
3707 3710 case Z_NO_PROPERTY_ID:
3708 3711 return (dgettext(TEXT_DOMAIN, "No such property with that id"));
3709 3712 case Z_BAD_ZONE_STATE:
3710 3713 return (dgettext(TEXT_DOMAIN,
3711 3714 "Zone state is invalid for the requested operation"));
3712 3715 case Z_INVALID_DOCUMENT:
3713 3716 return (dgettext(TEXT_DOMAIN, "Invalid document"));
3714 3717 case Z_NAME_IN_USE:
3715 3718 return (dgettext(TEXT_DOMAIN, "Zone name already in use"));
3716 3719 case Z_NO_SUCH_ID:
3717 3720 return (dgettext(TEXT_DOMAIN, "No such zone ID"));
3718 3721 case Z_UPDATING_INDEX:
3719 3722 return (dgettext(TEXT_DOMAIN, "Problem updating index file"));
3720 3723 case Z_LOCKING_FILE:
3721 3724 return (dgettext(TEXT_DOMAIN, "Locking index file"));
3722 3725 case Z_UNLOCKING_FILE:
3723 3726 return (dgettext(TEXT_DOMAIN, "Unlocking index file"));
3724 3727 case Z_INSUFFICIENT_SPEC:
3725 3728 return (dgettext(TEXT_DOMAIN, "Insufficient specification"));
3726 3729 case Z_RESOLVED_PATH:
3727 3730 return (dgettext(TEXT_DOMAIN, "Resolved path mismatch"));
3728 3731 case Z_IPV6_ADDR_PREFIX_LEN:
3729 3732 return (dgettext(TEXT_DOMAIN,
3730 3733 "IPv6 address missing required prefix length"));
3731 3734 case Z_BOGUS_ADDRESS:
3732 3735 return (dgettext(TEXT_DOMAIN,
3733 3736 "Neither an IPv4 nor an IPv6 address nor a host name"));
3734 3737 case Z_PRIV_PROHIBITED:
3735 3738 return (dgettext(TEXT_DOMAIN,
3736 3739 "Specified privilege is prohibited"));
3737 3740 case Z_PRIV_REQUIRED:
3738 3741 return (dgettext(TEXT_DOMAIN,
3739 3742 "Required privilege is missing"));
3740 3743 case Z_PRIV_UNKNOWN:
3741 3744 return (dgettext(TEXT_DOMAIN,
3742 3745 "Specified privilege is unknown"));
3743 3746 case Z_BRAND_ERROR:
3744 3747 return (dgettext(TEXT_DOMAIN,
3745 3748 "Brand-specific error"));
3746 3749 case Z_INCOMPATIBLE:
3747 3750 return (dgettext(TEXT_DOMAIN, "Incompatible settings"));
3748 3751 case Z_ALIAS_DISALLOW:
3749 3752 return (dgettext(TEXT_DOMAIN,
3750 3753 "An incompatible rctl already exists for this property"));
3751 3754 case Z_CLEAR_DISALLOW:
3752 3755 return (dgettext(TEXT_DOMAIN,
3753 3756 "Clearing this property is not allowed"));
3754 3757 case Z_POOL:
3755 3758 return (dgettext(TEXT_DOMAIN, "libpool(3LIB) error"));
3756 3759 case Z_POOLS_NOT_ACTIVE:
3757 3760 return (dgettext(TEXT_DOMAIN, "Pools facility not active; "
3758 3761 "zone will not be bound to pool"));
3759 3762 case Z_POOL_ENABLE:
3760 3763 return (dgettext(TEXT_DOMAIN,
3761 3764 "Could not enable pools facility"));
3762 3765 case Z_NO_POOL:
3763 3766 return (dgettext(TEXT_DOMAIN,
3764 3767 "Pool not found; using default pool"));
3765 3768 case Z_POOL_CREATE:
3766 3769 return (dgettext(TEXT_DOMAIN,
3767 3770 "Could not create a temporary pool"));
3768 3771 case Z_POOL_BIND:
3769 3772 return (dgettext(TEXT_DOMAIN, "Could not bind zone to pool"));
3770 3773 case Z_INVALID_PROPERTY:
3771 3774 return (dgettext(TEXT_DOMAIN, "Specified property is invalid"));
3772 3775 case Z_SYSTEM:
3773 3776 return (strerror(errno));
3774 3777 default:
3775 3778 return (dgettext(TEXT_DOMAIN, "Unknown error"));
3776 3779 }
3777 3780 }
3778 3781
3779 3782 /*
3780 3783 * Note that the zonecfg_setXent() and zonecfg_endXent() calls are all the
3781 3784 * same, as they just turn around and call zonecfg_setent() / zonecfg_endent().
3782 3785 */
3783 3786
3784 3787 static int
3785 3788 zonecfg_setent(zone_dochandle_t handle)
3786 3789 {
3787 3790 xmlNodePtr cur;
3788 3791 int err;
3789 3792
3790 3793 if (handle == NULL)
3791 3794 return (Z_INVAL);
3792 3795
3793 3796 if ((err = operation_prep(handle)) != Z_OK) {
3794 3797 handle->zone_dh_cur = NULL;
3795 3798 return (err);
3796 3799 }
3797 3800 cur = handle->zone_dh_cur;
3798 3801 cur = cur->xmlChildrenNode;
3799 3802 handle->zone_dh_cur = cur;
3800 3803 return (Z_OK);
3801 3804 }
3802 3805
3803 3806 static int
3804 3807 zonecfg_endent(zone_dochandle_t handle)
3805 3808 {
3806 3809 if (handle == NULL)
3807 3810 return (Z_INVAL);
3808 3811
3809 3812 handle->zone_dh_cur = handle->zone_dh_top;
3810 3813 return (Z_OK);
3811 3814 }
3812 3815
3813 3816 /*
3814 3817 * Do the work required to manipulate a process through libproc.
3815 3818 * If grab_process() returns no errors (0), then release_process()
3816 3819 * must eventually be called.
3817 3820 *
3818 3821 * Return values:
3819 3822 * 0 Successful creation of agent thread
3820 3823 * 1 Error grabbing
3821 3824 * 2 Error creating agent
3822 3825 */
3823 3826 static int
3824 3827 grab_process(pr_info_handle_t *p)
3825 3828 {
3826 3829 int ret;
3827 3830
3828 3831 if ((p->pr = Pgrab(p->pid, 0, &ret)) != NULL) {
3829 3832
3830 3833 if (Psetflags(p->pr, PR_RLC) != 0) {
3831 3834 Prelease(p->pr, 0);
3832 3835 return (1);
3833 3836 }
3834 3837 if (Pcreate_agent(p->pr) == 0) {
3835 3838 return (0);
3836 3839
3837 3840 } else {
3838 3841 Prelease(p->pr, 0);
3839 3842 return (2);
3840 3843 }
3841 3844 } else {
3842 3845 return (1);
3843 3846 }
3844 3847 }
3845 3848
3846 3849 /*
3847 3850 * Release the specified process. This destroys the agent
3848 3851 * and releases the process. If the process is NULL, nothing
3849 3852 * is done. This function should only be called if grab_process()
3850 3853 * has previously been called and returned success.
3851 3854 *
3852 3855 * This function is Pgrab-safe.
3853 3856 */
3854 3857 static void
3855 3858 release_process(struct ps_prochandle *Pr)
3856 3859 {
3857 3860 if (Pr == NULL)
3858 3861 return;
3859 3862
3860 3863 Pdestroy_agent(Pr);
3861 3864 Prelease(Pr, 0);
3862 3865 }
3863 3866
3864 3867 static boolean_t
3865 3868 grab_zone_proc(char *zonename, pr_info_handle_t *p)
3866 3869 {
3867 3870 DIR *dirp;
3868 3871 struct dirent *dentp;
3869 3872 zoneid_t zoneid;
3870 3873 int pid_self;
3871 3874 psinfo_t psinfo;
3872 3875
3873 3876 if (zone_get_id(zonename, &zoneid) != 0)
3874 3877 return (B_FALSE);
3875 3878
3876 3879 pid_self = getpid();
3877 3880
3878 3881 if ((dirp = opendir("/proc")) == NULL)
3879 3882 return (B_FALSE);
3880 3883
3881 3884 while (dentp = readdir(dirp)) {
3882 3885 p->pid = atoi(dentp->d_name);
3883 3886
3884 3887 /* Skip self */
3885 3888 if (p->pid == pid_self)
3886 3889 continue;
3887 3890
3888 3891 if (proc_get_psinfo(p->pid, &psinfo) != 0)
3889 3892 continue;
3890 3893
3891 3894 if (psinfo.pr_zoneid != zoneid)
3892 3895 continue;
3893 3896
3894 3897 /* attempt to grab process */
3895 3898 if (grab_process(p) != 0)
3896 3899 continue;
3897 3900
3898 3901 if (pr_getzoneid(p->pr) != zoneid) {
3899 3902 release_process(p->pr);
3900 3903 continue;
3901 3904 }
3902 3905
3903 3906 (void) closedir(dirp);
3904 3907 return (B_TRUE);
3905 3908 }
3906 3909
3907 3910 (void) closedir(dirp);
3908 3911 return (B_FALSE);
3909 3912 }
3910 3913
3911 3914 static boolean_t
3912 3915 get_priv_rctl(struct ps_prochandle *pr, char *name, rctlblk_t *rblk)
3913 3916 {
3914 3917 if (pr_getrctl(pr, name, NULL, rblk, RCTL_FIRST))
3915 3918 return (B_FALSE);
3916 3919
3917 3920 if (rctlblk_get_privilege(rblk) == RCPRIV_PRIVILEGED)
3918 3921 return (B_TRUE);
3919 3922
3920 3923 while (pr_getrctl(pr, name, rblk, rblk, RCTL_NEXT) == 0) {
3921 3924 if (rctlblk_get_privilege(rblk) == RCPRIV_PRIVILEGED)
3922 3925 return (B_TRUE);
3923 3926 }
3924 3927
3925 3928 return (B_FALSE);
3926 3929 }
3927 3930
3928 3931 /*
3929 3932 * Apply the current rctl settings to the specified, running zone.
3930 3933 */
3931 3934 int
3932 3935 zonecfg_apply_rctls(char *zone_name, zone_dochandle_t handle)
3933 3936 {
3934 3937 int err;
3935 3938 int res = Z_OK;
3936 3939 rctlblk_t *rblk;
3937 3940 pr_info_handle_t p;
3938 3941 struct zone_rctltab rctl;
3939 3942
3940 3943 if ((err = zonecfg_setrctlent(handle)) != Z_OK)
3941 3944 return (err);
3942 3945
3943 3946 if ((rblk = (rctlblk_t *)malloc(rctlblk_size())) == NULL) {
3944 3947 (void) zonecfg_endrctlent(handle);
3945 3948 return (Z_NOMEM);
3946 3949 }
3947 3950
3948 3951 if (!grab_zone_proc(zone_name, &p)) {
3949 3952 (void) zonecfg_endrctlent(handle);
3950 3953 free(rblk);
3951 3954 return (Z_SYSTEM);
3952 3955 }
3953 3956
3954 3957 while (zonecfg_getrctlent(handle, &rctl) == Z_OK) {
3955 3958 char *rname;
3956 3959 struct zone_rctlvaltab *valptr;
3957 3960
3958 3961 rname = rctl.zone_rctl_name;
3959 3962
3960 3963 /* first delete all current privileged settings for this rctl */
3961 3964 while (get_priv_rctl(p.pr, rname, rblk)) {
3962 3965 if (pr_setrctl(p.pr, rname, NULL, rblk, RCTL_DELETE) !=
3963 3966 0) {
3964 3967 res = Z_SYSTEM;
3965 3968 goto done;
3966 3969 }
3967 3970 }
3968 3971
3969 3972 /* now set each new value for the rctl */
3970 3973 for (valptr = rctl.zone_rctl_valptr; valptr != NULL;
3971 3974 valptr = valptr->zone_rctlval_next) {
3972 3975 if ((err = zonecfg_construct_rctlblk(valptr, rblk))
3973 3976 != Z_OK) {
3974 3977 res = errno = err;
3975 3978 goto done;
3976 3979 }
3977 3980
3978 3981 if (pr_setrctl(p.pr, rname, NULL, rblk, RCTL_INSERT)) {
3979 3982 res = Z_SYSTEM;
3980 3983 goto done;
3981 3984 }
3982 3985 }
3983 3986 }
3984 3987
3985 3988 done:
3986 3989 release_process(p.pr);
3987 3990 free(rblk);
3988 3991 (void) zonecfg_endrctlent(handle);
3989 3992
3990 3993 return (res);
3991 3994 }
3992 3995
3993 3996 static const xmlChar *
3994 3997 nm_to_dtd(char *nm)
3995 3998 {
3996 3999 if (strcmp(nm, "device") == 0)
3997 4000 return (DTD_ELEM_DEVICE);
3998 4001 if (strcmp(nm, "fs") == 0)
3999 4002 return (DTD_ELEM_FS);
4000 4003 if (strcmp(nm, "net") == 0)
4001 4004 return (DTD_ELEM_NET);
4002 4005 if (strcmp(nm, "attr") == 0)
4003 4006 return (DTD_ELEM_ATTR);
4004 4007 if (strcmp(nm, "rctl") == 0)
4005 4008 return (DTD_ELEM_RCTL);
4006 4009 if (strcmp(nm, "dataset") == 0)
4007 4010 return (DTD_ELEM_DATASET);
4008 4011 if (strcmp(nm, "admin") == 0)
4009 4012 return (DTD_ELEM_ADMIN);
4010 4013
4011 4014 return (NULL);
4012 4015 }
4013 4016
4014 4017 int
4015 4018 zonecfg_num_resources(zone_dochandle_t handle, char *rsrc)
4016 4019 {
4017 4020 int num = 0;
4018 4021 const xmlChar *dtd;
4019 4022 xmlNodePtr cur;
4020 4023
4021 4024 if ((dtd = nm_to_dtd(rsrc)) == NULL)
4022 4025 return (num);
4023 4026
4024 4027 if (zonecfg_setent(handle) != Z_OK)
4025 4028 return (num);
4026 4029
4027 4030 for (cur = handle->zone_dh_cur; cur != NULL; cur = cur->next)
4028 4031 if (xmlStrcmp(cur->name, dtd) == 0)
4029 4032 num++;
4030 4033
4031 4034 (void) zonecfg_endent(handle);
4032 4035
4033 4036 return (num);
4034 4037 }
4035 4038
4036 4039 int
4037 4040 zonecfg_del_all_resources(zone_dochandle_t handle, char *rsrc)
4038 4041 {
4039 4042 int err;
4040 4043 const xmlChar *dtd;
4041 4044 xmlNodePtr cur;
4042 4045
4043 4046 if ((dtd = nm_to_dtd(rsrc)) == NULL)
4044 4047 return (Z_NO_RESOURCE_TYPE);
4045 4048
4046 4049 if ((err = zonecfg_setent(handle)) != Z_OK)
4047 4050 return (err);
4048 4051
4049 4052 cur = handle->zone_dh_cur;
4050 4053 while (cur != NULL) {
4051 4054 xmlNodePtr tmp;
4052 4055
4053 4056 if (xmlStrcmp(cur->name, dtd)) {
4054 4057 cur = cur->next;
4055 4058 continue;
4056 4059 }
4057 4060
4058 4061 tmp = cur->next;
4059 4062 xmlUnlinkNode(cur);
4060 4063 xmlFreeNode(cur);
4061 4064 cur = tmp;
4062 4065 }
4063 4066
4064 4067 (void) zonecfg_endent(handle);
4065 4068 return (Z_OK);
4066 4069 }
4067 4070
4068 4071 static boolean_t
4069 4072 valid_uint(char *s, uint64_t *n)
4070 4073 {
4071 4074 char *endp;
4072 4075
4073 4076 /* strtoull accepts '-'?! so we want to flag that as an error */
4074 4077 if (strchr(s, '-') != NULL)
4075 4078 return (B_FALSE);
4076 4079
4077 4080 errno = 0;
4078 4081 *n = strtoull(s, &endp, 10);
4079 4082
4080 4083 if (errno != 0 || *endp != '\0')
4081 4084 return (B_FALSE);
4082 4085 return (B_TRUE);
4083 4086 }
4084 4087
4085 4088 /*
4086 4089 * Convert a string representing a number (possibly a fraction) into an integer.
4087 4090 * The string can have a modifier (K, M, G or T). The modifiers are treated
4088 4091 * as powers of two (not 10).
4089 4092 */
4090 4093 int
4091 4094 zonecfg_str_to_bytes(char *str, uint64_t *bytes)
4092 4095 {
4093 4096 long double val;
4094 4097 char *unitp;
4095 4098 uint64_t scale;
4096 4099
4097 4100 if ((val = strtold(str, &unitp)) < 0)
4098 4101 return (-1);
4099 4102
4100 4103 /* remove any leading white space from units string */
4101 4104 while (isspace(*unitp) != 0)
4102 4105 ++unitp;
4103 4106
4104 4107 /* if no units explicitly set, error */
4105 4108 if (unitp == NULL || *unitp == '\0') {
4106 4109 scale = 1;
4107 4110 } else {
4108 4111 int i;
4109 4112 char *units[] = {"K", "M", "G", "T", NULL};
4110 4113
4111 4114 scale = 1024;
4112 4115
4113 4116 /* update scale based on units */
4114 4117 for (i = 0; units[i] != NULL; i++) {
4115 4118 if (strcasecmp(unitp, units[i]) == 0)
4116 4119 break;
4117 4120 scale <<= 10;
4118 4121 }
4119 4122
4120 4123 if (units[i] == NULL)
4121 4124 return (-1);
4122 4125 }
4123 4126
4124 4127 *bytes = (uint64_t)(val * scale);
4125 4128 return (0);
4126 4129 }
4127 4130
4128 4131 boolean_t
4129 4132 zonecfg_valid_ncpus(char *lowstr, char *highstr)
4130 4133 {
4131 4134 uint64_t low, high;
4132 4135
4133 4136 if (!valid_uint(lowstr, &low) || !valid_uint(highstr, &high) ||
4134 4137 low < 1 || low > high)
4135 4138 return (B_FALSE);
4136 4139
4137 4140 return (B_TRUE);
4138 4141 }
4139 4142
4140 4143 boolean_t
4141 4144 zonecfg_valid_importance(char *impstr)
4142 4145 {
4143 4146 uint64_t num;
4144 4147
4145 4148 if (!valid_uint(impstr, &num))
4146 4149 return (B_FALSE);
4147 4150
4148 4151 return (B_TRUE);
4149 4152 }
4150 4153
4151 4154 boolean_t
4152 4155 zonecfg_valid_alias_limit(char *name, char *limitstr, uint64_t *limit)
4153 4156 {
4154 4157 int i;
4155 4158
4156 4159 for (i = 0; aliases[i].shortname != NULL; i++)
4157 4160 if (strcmp(name, aliases[i].shortname) == 0)
4158 4161 break;
4159 4162
4160 4163 if (aliases[i].shortname == NULL)
4161 4164 return (B_FALSE);
4162 4165
4163 4166 if (!valid_uint(limitstr, limit) || *limit < aliases[i].low_limit)
4164 4167 return (B_FALSE);
4165 4168
4166 4169 return (B_TRUE);
4167 4170 }
4168 4171
4169 4172 boolean_t
4170 4173 zonecfg_valid_memlimit(char *memstr, uint64_t *mem_val)
4171 4174 {
4172 4175 if (zonecfg_str_to_bytes(memstr, mem_val) != 0)
4173 4176 return (B_FALSE);
4174 4177
4175 4178 return (B_TRUE);
4176 4179 }
4177 4180
4178 4181 static int
4179 4182 zerr_pool(char *pool_err, int err_size, int res)
4180 4183 {
4181 4184 (void) strlcpy(pool_err, pool_strerror(pool_error()), err_size);
4182 4185 return (res);
4183 4186 }
4184 4187
4185 4188 static int
4186 4189 create_tmp_pset(char *pool_err, int err_size, pool_conf_t *pconf, pool_t *pool,
4187 4190 char *name, int min, int max)
4188 4191 {
4189 4192 pool_resource_t *res;
4190 4193 pool_elem_t *elem;
4191 4194 pool_value_t *val;
4192 4195
4193 4196 if ((res = pool_resource_create(pconf, "pset", name)) == NULL)
4194 4197 return (zerr_pool(pool_err, err_size, Z_POOL));
4195 4198
4196 4199 if (pool_associate(pconf, pool, res) != PO_SUCCESS)
4197 4200 return (zerr_pool(pool_err, err_size, Z_POOL));
4198 4201
4199 4202 if ((elem = pool_resource_to_elem(pconf, res)) == NULL)
4200 4203 return (zerr_pool(pool_err, err_size, Z_POOL));
4201 4204
4202 4205 if ((val = pool_value_alloc()) == NULL)
4203 4206 return (zerr_pool(pool_err, err_size, Z_POOL));
4204 4207
4205 4208 /* set the maximum number of cpus for the pset */
4206 4209 pool_value_set_uint64(val, (uint64_t)max);
4207 4210
4208 4211 if (pool_put_property(pconf, elem, "pset.max", val) != PO_SUCCESS) {
4209 4212 pool_value_free(val);
4210 4213 return (zerr_pool(pool_err, err_size, Z_POOL));
4211 4214 }
4212 4215
4213 4216 /* set the minimum number of cpus for the pset */
4214 4217 pool_value_set_uint64(val, (uint64_t)min);
4215 4218
4216 4219 if (pool_put_property(pconf, elem, "pset.min", val) != PO_SUCCESS) {
4217 4220 pool_value_free(val);
4218 4221 return (zerr_pool(pool_err, err_size, Z_POOL));
4219 4222 }
4220 4223
4221 4224 pool_value_free(val);
4222 4225
4223 4226 return (Z_OK);
4224 4227 }
4225 4228
4226 4229 static int
4227 4230 create_tmp_pool(char *pool_err, int err_size, pool_conf_t *pconf, char *name,
4228 4231 struct zone_psettab *pset_tab)
4229 4232 {
4230 4233 pool_t *pool;
4231 4234 int res = Z_OK;
4232 4235
4233 4236 /* create a temporary pool configuration */
4234 4237 if (pool_conf_open(pconf, NULL, PO_TEMP) != PO_SUCCESS) {
4235 4238 res = zerr_pool(pool_err, err_size, Z_POOL);
4236 4239 return (res);
4237 4240 }
4238 4241
4239 4242 if ((pool = pool_create(pconf, name)) == NULL) {
4240 4243 res = zerr_pool(pool_err, err_size, Z_POOL_CREATE);
4241 4244 goto done;
4242 4245 }
4243 4246
4244 4247 /* set pool importance */
4245 4248 if (pset_tab->zone_importance[0] != '\0') {
4246 4249 pool_elem_t *elem;
4247 4250 pool_value_t *val;
4248 4251
4249 4252 if ((elem = pool_to_elem(pconf, pool)) == NULL) {
4250 4253 res = zerr_pool(pool_err, err_size, Z_POOL);
4251 4254 goto done;
4252 4255 }
4253 4256
4254 4257 if ((val = pool_value_alloc()) == NULL) {
4255 4258 res = zerr_pool(pool_err, err_size, Z_POOL);
4256 4259 goto done;
4257 4260 }
4258 4261
4259 4262 pool_value_set_int64(val,
4260 4263 (int64_t)atoi(pset_tab->zone_importance));
4261 4264
4262 4265 if (pool_put_property(pconf, elem, "pool.importance", val)
4263 4266 != PO_SUCCESS) {
4264 4267 res = zerr_pool(pool_err, err_size, Z_POOL);
4265 4268 pool_value_free(val);
4266 4269 goto done;
4267 4270 }
4268 4271
4269 4272 pool_value_free(val);
4270 4273 }
4271 4274
4272 4275 if ((res = create_tmp_pset(pool_err, err_size, pconf, pool, name,
4273 4276 atoi(pset_tab->zone_ncpu_min),
4274 4277 atoi(pset_tab->zone_ncpu_max))) != Z_OK)
4275 4278 goto done;
4276 4279
4277 4280 /* validation */
4278 4281 if (pool_conf_status(pconf) == POF_INVALID) {
4279 4282 res = zerr_pool(pool_err, err_size, Z_POOL);
4280 4283 goto done;
4281 4284 }
4282 4285
4283 4286 /*
4284 4287 * This validation is the one we expect to fail if the user specified
4285 4288 * an invalid configuration (too many cpus) for this system.
4286 4289 */
4287 4290 if (pool_conf_validate(pconf, POV_RUNTIME) != PO_SUCCESS) {
4288 4291 res = zerr_pool(pool_err, err_size, Z_POOL_CREATE);
4289 4292 goto done;
4290 4293 }
4291 4294
4292 4295 /*
4293 4296 * Commit the dynamic configuration but not the pool configuration
4294 4297 * file.
4295 4298 */
4296 4299 if (pool_conf_commit(pconf, 1) != PO_SUCCESS)
4297 4300 res = zerr_pool(pool_err, err_size, Z_POOL);
4298 4301
4299 4302 done:
4300 4303 (void) pool_conf_close(pconf);
4301 4304 return (res);
4302 4305 }
4303 4306
4304 4307 static int
4305 4308 get_running_tmp_pset(pool_conf_t *pconf, pool_t *pool, pool_resource_t *pset,
4306 4309 struct zone_psettab *pset_tab)
4307 4310 {
4308 4311 int nfound = 0;
4309 4312 pool_elem_t *pe;
4310 4313 pool_value_t *pv = pool_value_alloc();
4311 4314 uint64_t val_uint;
4312 4315
4313 4316 if (pool != NULL) {
4314 4317 pe = pool_to_elem(pconf, pool);
4315 4318 if (pool_get_property(pconf, pe, "pool.importance", pv)
4316 4319 != POC_INVAL) {
4317 4320 int64_t val_int;
4318 4321
4319 4322 (void) pool_value_get_int64(pv, &val_int);
4320 4323 (void) snprintf(pset_tab->zone_importance,
4321 4324 sizeof (pset_tab->zone_importance), "%d", val_int);
4322 4325 nfound++;
4323 4326 }
4324 4327 }
4325 4328
4326 4329 if (pset != NULL) {
4327 4330 pe = pool_resource_to_elem(pconf, pset);
4328 4331 if (pool_get_property(pconf, pe, "pset.min", pv) != POC_INVAL) {
4329 4332 (void) pool_value_get_uint64(pv, &val_uint);
4330 4333 (void) snprintf(pset_tab->zone_ncpu_min,
4331 4334 sizeof (pset_tab->zone_ncpu_min), "%u", val_uint);
4332 4335 nfound++;
4333 4336 }
4334 4337
4335 4338 if (pool_get_property(pconf, pe, "pset.max", pv) != POC_INVAL) {
4336 4339 (void) pool_value_get_uint64(pv, &val_uint);
4337 4340 (void) snprintf(pset_tab->zone_ncpu_max,
4338 4341 sizeof (pset_tab->zone_ncpu_max), "%u", val_uint);
4339 4342 nfound++;
4340 4343 }
4341 4344 }
4342 4345
4343 4346 pool_value_free(pv);
4344 4347
4345 4348 if (nfound == 3)
4346 4349 return (PO_SUCCESS);
4347 4350
4348 4351 return (PO_FAIL);
4349 4352 }
4350 4353
4351 4354 /*
4352 4355 * Determine if a tmp pool is configured and if so, if the configuration is
4353 4356 * still valid or if it has been changed since the tmp pool was created.
4354 4357 * If the tmp pool configuration is no longer valid, delete the tmp pool.
4355 4358 *
4356 4359 * Set *valid=B_TRUE if there is an existing, valid tmp pool configuration.
4357 4360 */
4358 4361 static int
4359 4362 verify_del_tmp_pool(pool_conf_t *pconf, char *tmp_name, char *pool_err,
4360 4363 int err_size, struct zone_psettab *pset_tab, boolean_t *exists)
4361 4364 {
4362 4365 int res = Z_OK;
4363 4366 pool_t *pool;
4364 4367 pool_resource_t *pset;
4365 4368 struct zone_psettab pset_current;
4366 4369
4367 4370 *exists = B_FALSE;
4368 4371
4369 4372 if (pool_conf_open(pconf, pool_dynamic_location(), PO_RDWR)
4370 4373 != PO_SUCCESS) {
4371 4374 res = zerr_pool(pool_err, err_size, Z_POOL);
4372 4375 return (res);
4373 4376 }
4374 4377
4375 4378 pool = pool_get_pool(pconf, tmp_name);
4376 4379 pset = pool_get_resource(pconf, "pset", tmp_name);
4377 4380
4378 4381 if (pool == NULL && pset == NULL) {
4379 4382 /* no tmp pool configured */
4380 4383 goto done;
4381 4384 }
4382 4385
4383 4386 /*
4384 4387 * If an existing tmp pool for this zone is configured with the proper
4385 4388 * settings, then the tmp pool is valid.
4386 4389 */
4387 4390 if (get_running_tmp_pset(pconf, pool, pset, &pset_current)
4388 4391 == PO_SUCCESS &&
4389 4392 strcmp(pset_tab->zone_ncpu_min,
4390 4393 pset_current.zone_ncpu_min) == 0 &&
4391 4394 strcmp(pset_tab->zone_ncpu_max,
4392 4395 pset_current.zone_ncpu_max) == 0 &&
4393 4396 strcmp(pset_tab->zone_importance,
4394 4397 pset_current.zone_importance) == 0) {
4395 4398 *exists = B_TRUE;
4396 4399
4397 4400 } else {
4398 4401 /*
4399 4402 * An out-of-date tmp pool configuration exists. Delete it
4400 4403 * so that we can create the correct tmp pool config.
4401 4404 */
4402 4405 if (pset != NULL &&
4403 4406 pool_resource_destroy(pconf, pset) != PO_SUCCESS) {
4404 4407 res = zerr_pool(pool_err, err_size, Z_POOL);
4405 4408 goto done;
4406 4409 }
4407 4410
4408 4411 if (pool != NULL &&
4409 4412 pool_destroy(pconf, pool) != PO_SUCCESS) {
4410 4413 res = zerr_pool(pool_err, err_size, Z_POOL);
4411 4414 goto done;
4412 4415 }
4413 4416
4414 4417 /* commit dynamic config */
4415 4418 if (pool_conf_commit(pconf, 0) != PO_SUCCESS)
4416 4419 res = zerr_pool(pool_err, err_size, Z_POOL);
4417 4420 }
4418 4421
4419 4422 done:
4420 4423 (void) pool_conf_close(pconf);
4421 4424
4422 4425 return (res);
4423 4426 }
4424 4427
4425 4428 /*
4426 4429 * Destroy any existing tmp pool.
4427 4430 */
4428 4431 int
4429 4432 zonecfg_destroy_tmp_pool(char *zone_name, char *pool_err, int err_size)
4430 4433 {
4431 4434 int status;
4432 4435 int res = Z_OK;
4433 4436 pool_conf_t *pconf;
4434 4437 pool_t *pool;
4435 4438 pool_resource_t *pset;
4436 4439 char tmp_name[MAX_TMP_POOL_NAME];
4437 4440
4438 4441 /* if pools not enabled then nothing to do */
4439 4442 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED)
4440 4443 return (Z_OK);
4441 4444
4442 4445 if ((pconf = pool_conf_alloc()) == NULL)
4443 4446 return (zerr_pool(pool_err, err_size, Z_POOL));
4444 4447
4445 4448 (void) snprintf(tmp_name, sizeof (tmp_name), TMP_POOL_NAME, zone_name);
4446 4449
4447 4450 if (pool_conf_open(pconf, pool_dynamic_location(), PO_RDWR)
4448 4451 != PO_SUCCESS) {
4449 4452 res = zerr_pool(pool_err, err_size, Z_POOL);
4450 4453 pool_conf_free(pconf);
4451 4454 return (res);
4452 4455 }
4453 4456
4454 4457 pool = pool_get_pool(pconf, tmp_name);
4455 4458 pset = pool_get_resource(pconf, "pset", tmp_name);
4456 4459
4457 4460 if (pool == NULL && pset == NULL) {
4458 4461 /* nothing to destroy, we're done */
4459 4462 goto done;
4460 4463 }
4461 4464
4462 4465 if (pset != NULL && pool_resource_destroy(pconf, pset) != PO_SUCCESS) {
4463 4466 res = zerr_pool(pool_err, err_size, Z_POOL);
4464 4467 goto done;
4465 4468 }
4466 4469
4467 4470 if (pool != NULL && pool_destroy(pconf, pool) != PO_SUCCESS) {
4468 4471 res = zerr_pool(pool_err, err_size, Z_POOL);
4469 4472 goto done;
4470 4473 }
4471 4474
4472 4475 /* commit dynamic config */
4473 4476 if (pool_conf_commit(pconf, 0) != PO_SUCCESS)
4474 4477 res = zerr_pool(pool_err, err_size, Z_POOL);
4475 4478
4476 4479 done:
4477 4480 (void) pool_conf_close(pconf);
4478 4481 pool_conf_free(pconf);
4479 4482
4480 4483 return (res);
4481 4484 }
4482 4485
4483 4486 /*
4484 4487 * Attempt to bind to a tmp pool for this zone. If there is no tmp pool
4485 4488 * configured, we just return Z_OK.
4486 4489 *
4487 4490 * We either attempt to create the tmp pool for this zone or rebind to an
4488 4491 * existing tmp pool for this zone.
4489 4492 *
4490 4493 * Rebinding is used when a zone with a tmp pool reboots so that we don't have
4491 4494 * to recreate the tmp pool. To do this we need to be sure we work correctly
4492 4495 * for the following cases:
4493 4496 *
4494 4497 * - there is an existing, properly configured tmp pool.
4495 4498 * - zonecfg added tmp pool after zone was booted, must now create.
4496 4499 * - zonecfg updated tmp pool config after zone was booted, in this case
4497 4500 * we destroy the old tmp pool and create a new one.
4498 4501 */
4499 4502 int
4500 4503 zonecfg_bind_tmp_pool(zone_dochandle_t handle, zoneid_t zoneid, char *pool_err,
4501 4504 int err_size)
4502 4505 {
4503 4506 struct zone_psettab pset_tab;
4504 4507 int err;
4505 4508 int status;
4506 4509 pool_conf_t *pconf;
4507 4510 boolean_t exists;
4508 4511 char zone_name[ZONENAME_MAX];
4509 4512 char tmp_name[MAX_TMP_POOL_NAME];
4510 4513
4511 4514 (void) getzonenamebyid(zoneid, zone_name, sizeof (zone_name));
4512 4515
4513 4516 err = zonecfg_lookup_pset(handle, &pset_tab);
4514 4517
4515 4518 /* if no temporary pool configured, we're done */
4516 4519 if (err == Z_NO_ENTRY)
4517 4520 return (Z_OK);
4518 4521
4519 4522 /*
4520 4523 * importance might not have a value but we need to validate it here,
4521 4524 * so set the default.
4522 4525 */
4523 4526 if (pset_tab.zone_importance[0] == '\0')
4524 4527 (void) strlcpy(pset_tab.zone_importance, "1",
4525 4528 sizeof (pset_tab.zone_importance));
4526 4529
4527 4530 /* if pools not enabled, enable them now */
4528 4531 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED) {
4529 4532 if (pool_set_status(POOL_ENABLED) != PO_SUCCESS)
4530 4533 return (Z_POOL_ENABLE);
4531 4534 }
4532 4535
4533 4536 if ((pconf = pool_conf_alloc()) == NULL)
4534 4537 return (zerr_pool(pool_err, err_size, Z_POOL));
4535 4538
4536 4539 (void) snprintf(tmp_name, sizeof (tmp_name), TMP_POOL_NAME, zone_name);
4537 4540
4538 4541 /*
4539 4542 * Check if a valid tmp pool/pset already exists. If so, we just
4540 4543 * reuse it.
4541 4544 */
4542 4545 if ((err = verify_del_tmp_pool(pconf, tmp_name, pool_err, err_size,
4543 4546 &pset_tab, &exists)) != Z_OK) {
4544 4547 pool_conf_free(pconf);
4545 4548 return (err);
4546 4549 }
4547 4550
4548 4551 if (!exists)
4549 4552 err = create_tmp_pool(pool_err, err_size, pconf, tmp_name,
4550 4553 &pset_tab);
4551 4554
4552 4555 pool_conf_free(pconf);
4553 4556
4554 4557 if (err != Z_OK)
4555 4558 return (err);
4556 4559
4557 4560 /* Bind the zone to the pool. */
4558 4561 if (pool_set_binding(tmp_name, P_ZONEID, zoneid) != PO_SUCCESS)
4559 4562 return (zerr_pool(pool_err, err_size, Z_POOL_BIND));
4560 4563
4561 4564 return (Z_OK);
4562 4565 }
4563 4566
4564 4567 /*
4565 4568 * Attempt to bind to a permanent pool for this zone. If there is no
4566 4569 * permanent pool configured, we just return Z_OK.
4567 4570 */
4568 4571 int
4569 4572 zonecfg_bind_pool(zone_dochandle_t handle, zoneid_t zoneid, char *pool_err,
4570 4573 int err_size)
4571 4574 {
4572 4575 pool_conf_t *poolconf;
4573 4576 pool_t *pool;
4574 4577 char poolname[MAXPATHLEN];
4575 4578 int status;
4576 4579 int error;
4577 4580
4578 4581 /*
4579 4582 * Find the pool mentioned in the zone configuration, and bind to it.
4580 4583 */
4581 4584 error = zonecfg_get_pool(handle, poolname, sizeof (poolname));
4582 4585 if (error == Z_NO_ENTRY || (error == Z_OK && strlen(poolname) == 0)) {
4583 4586 /*
4584 4587 * The property is not set on the zone, so the pool
4585 4588 * should be bound to the default pool. But that's
4586 4589 * already done by the kernel, so we can just return.
4587 4590 */
4588 4591 return (Z_OK);
4589 4592 }
4590 4593 if (error != Z_OK) {
4591 4594 /*
4592 4595 * Not an error, even though it shouldn't be happening.
4593 4596 */
4594 4597 return (Z_OK);
4595 4598 }
4596 4599 /*
4597 4600 * Don't do anything if pools aren't enabled.
4598 4601 */
4599 4602 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED)
4600 4603 return (Z_POOLS_NOT_ACTIVE);
4601 4604
4602 4605 /*
4603 4606 * Try to provide a sane error message if the requested pool doesn't
4604 4607 * exist.
4605 4608 */
4606 4609 if ((poolconf = pool_conf_alloc()) == NULL)
4607 4610 return (zerr_pool(pool_err, err_size, Z_POOL));
4608 4611
4609 4612 if (pool_conf_open(poolconf, pool_dynamic_location(), PO_RDONLY) !=
4610 4613 PO_SUCCESS) {
4611 4614 pool_conf_free(poolconf);
4612 4615 return (zerr_pool(pool_err, err_size, Z_POOL));
4613 4616 }
4614 4617 pool = pool_get_pool(poolconf, poolname);
4615 4618 (void) pool_conf_close(poolconf);
4616 4619 pool_conf_free(poolconf);
4617 4620 if (pool == NULL)
4618 4621 return (Z_NO_POOL);
4619 4622
4620 4623 /*
4621 4624 * Bind the zone to the pool.
4622 4625 */
4623 4626 if (pool_set_binding(poolname, P_ZONEID, zoneid) != PO_SUCCESS) {
4624 4627 /* if bind fails, return poolname for the error msg */
4625 4628 (void) strlcpy(pool_err, poolname, err_size);
4626 4629 return (Z_POOL_BIND);
4627 4630 }
4628 4631
4629 4632 return (Z_OK);
4630 4633 }
4631 4634
4632 4635 int
4633 4636 zonecfg_get_poolname(zone_dochandle_t handle, char *zone, char *pool,
4634 4637 size_t poolsize)
4635 4638 {
4636 4639 int err;
4637 4640 struct zone_psettab pset_tab;
4638 4641
4639 4642 err = zonecfg_lookup_pset(handle, &pset_tab);
4640 4643 if ((err != Z_NO_ENTRY) && (err != Z_OK))
4641 4644 return (err);
4642 4645
4643 4646 /* pset was found so a temporary pool was created */
4644 4647 if (err == Z_OK) {
4645 4648 (void) snprintf(pool, poolsize, TMP_POOL_NAME, zone);
4646 4649 return (Z_OK);
4647 4650 }
4648 4651
4649 4652 /* lookup the poolname in zonecfg */
4650 4653 return (zonecfg_get_pool(handle, pool, poolsize));
4651 4654 }
4652 4655
4653 4656 static boolean_t
4654 4657 svc_enabled(char *svc_name)
4655 4658 {
4656 4659 scf_simple_prop_t *prop;
4657 4660 boolean_t found = B_FALSE;
4658 4661
4659 4662 prop = scf_simple_prop_get(NULL, svc_name, SCF_PG_GENERAL,
4660 4663 SCF_PROPERTY_ENABLED);
4661 4664
4662 4665 if (scf_simple_prop_numvalues(prop) == 1 &&
4663 4666 *scf_simple_prop_next_boolean(prop) != 0)
4664 4667 found = B_TRUE;
4665 4668
4666 4669 scf_simple_prop_free(prop);
4667 4670
4668 4671 return (found);
4669 4672 }
4670 4673
4671 4674 /*
4672 4675 * If the zone has capped-memory, make sure the rcap service is enabled.
4673 4676 */
4674 4677 int
4675 4678 zonecfg_enable_rcapd(char *err, int size)
4676 4679 {
4677 4680 if (!svc_enabled(RCAP_SERVICE) &&
4678 4681 smf_enable_instance(RCAP_SERVICE, 0) == -1) {
4679 4682 (void) strlcpy(err, scf_strerror(scf_error()), size);
4680 4683 return (Z_SYSTEM);
4681 4684 }
4682 4685
4683 4686 return (Z_OK);
4684 4687 }
4685 4688
4686 4689 /*
4687 4690 * Return true if pset has cpu range specified and poold is not enabled.
4688 4691 */
4689 4692 boolean_t
4690 4693 zonecfg_warn_poold(zone_dochandle_t handle)
4691 4694 {
4692 4695 struct zone_psettab pset_tab;
4693 4696 int min, max;
4694 4697 int err;
4695 4698
4696 4699 err = zonecfg_lookup_pset(handle, &pset_tab);
4697 4700
4698 4701 /* if no temporary pool configured, we're done */
4699 4702 if (err == Z_NO_ENTRY)
4700 4703 return (B_FALSE);
4701 4704
4702 4705 min = atoi(pset_tab.zone_ncpu_min);
4703 4706 max = atoi(pset_tab.zone_ncpu_max);
4704 4707
4705 4708 /* range not specified, no need for poold */
4706 4709 if (min == max)
4707 4710 return (B_FALSE);
4708 4711
4709 4712 /* we have a range, check if poold service is enabled */
4710 4713 if (svc_enabled(POOLD_SERVICE))
4711 4714 return (B_FALSE);
4712 4715
4713 4716 return (B_TRUE);
4714 4717 }
4715 4718
4716 4719 /*
4717 4720 * Retrieve the specified pool's thread scheduling class. 'poolname' must
4718 4721 * refer to the name of a configured resource pool. The thread scheduling
4719 4722 * class specified by the pool will be stored in the buffer to which 'class'
4720 4723 * points. 'clsize' is the byte size of the buffer to which 'class' points.
4721 4724 *
4722 4725 * This function returns Z_OK if it successfully stored the specified pool's
4723 4726 * thread scheduling class into the buffer to which 'class' points. It returns
4724 4727 * Z_NO_POOL if resource pools are not enabled, the function is unable to
4725 4728 * access the system's resource pools configuration, or the specified pool
4726 4729 * does not exist. The function returns Z_TOO_BIG if the buffer to which
4727 4730 * 'class' points is not large enough to contain the thread scheduling class'
4728 4731 * name. The function returns Z_NO_ENTRY if the pool does not specify a thread
4729 4732 * scheduling class.
4730 4733 */
4731 4734 static int
4732 4735 get_pool_sched_class(char *poolname, char *class, int clsize)
4733 4736 {
4734 4737 int status;
4735 4738 pool_conf_t *poolconf;
4736 4739 pool_t *pool;
4737 4740 pool_elem_t *pe;
4738 4741 pool_value_t *pv = pool_value_alloc();
4739 4742 const char *sched_str;
4740 4743
4741 4744 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED)
4742 4745 return (Z_NO_POOL);
4743 4746
4744 4747 if ((poolconf = pool_conf_alloc()) == NULL)
4745 4748 return (Z_NO_POOL);
4746 4749
4747 4750 if (pool_conf_open(poolconf, pool_dynamic_location(), PO_RDONLY) !=
4748 4751 PO_SUCCESS) {
4749 4752 pool_conf_free(poolconf);
4750 4753 return (Z_NO_POOL);
4751 4754 }
4752 4755
4753 4756 if ((pool = pool_get_pool(poolconf, poolname)) == NULL) {
4754 4757 (void) pool_conf_close(poolconf);
4755 4758 pool_conf_free(poolconf);
4756 4759 return (Z_NO_POOL);
4757 4760 }
4758 4761
4759 4762 pe = pool_to_elem(poolconf, pool);
4760 4763 if (pool_get_property(poolconf, pe, "pool.scheduler", pv) !=
4761 4764 POC_STRING) {
4762 4765 (void) pool_conf_close(poolconf);
4763 4766 pool_conf_free(poolconf);
4764 4767 return (Z_NO_ENTRY);
4765 4768 }
4766 4769 (void) pool_value_get_string(pv, &sched_str);
4767 4770 (void) pool_conf_close(poolconf);
4768 4771 pool_conf_free(poolconf);
4769 4772 if (strlcpy(class, sched_str, clsize) >= clsize)
4770 4773 return (Z_TOO_BIG);
4771 4774 return (Z_OK);
4772 4775 }
4773 4776
4774 4777 /*
4775 4778 * Get the default scheduling class for the zone. This will either be the
4776 4779 * class set on the zone's pool or the system default scheduling class.
4777 4780 */
4778 4781 int
4779 4782 zonecfg_get_dflt_sched_class(zone_dochandle_t handle, char *class, int clsize)
4780 4783 {
4781 4784 char poolname[MAXPATHLEN];
4782 4785
4783 4786 if (zonecfg_get_pool(handle, poolname, sizeof (poolname)) == Z_OK) {
4784 4787 /* check if the zone's pool specified a sched class */
4785 4788 if (get_pool_sched_class(poolname, class, clsize) == Z_OK)
4786 4789 return (Z_OK);
4787 4790 }
4788 4791
4789 4792 if (priocntl(0, 0, PC_GETDFLCL, class, (uint64_t)clsize) == -1)
4790 4793 return (Z_TOO_BIG);
4791 4794
4792 4795 return (Z_OK);
4793 4796 }
4794 4797
4795 4798 int
4796 4799 zonecfg_setfsent(zone_dochandle_t handle)
4797 4800 {
4798 4801 return (zonecfg_setent(handle));
4799 4802 }
4800 4803
4801 4804 int
4802 4805 zonecfg_getfsent(zone_dochandle_t handle, struct zone_fstab *tabptr)
4803 4806 {
4804 4807 xmlNodePtr cur, options;
4805 4808 char options_str[MAX_MNTOPT_STR];
4806 4809 int err;
4807 4810
4808 4811 if (handle == NULL)
4809 4812 return (Z_INVAL);
4810 4813
4811 4814 if ((cur = handle->zone_dh_cur) == NULL)
4812 4815 return (Z_NO_ENTRY);
4813 4816
4814 4817 for (; cur != NULL; cur = cur->next)
4815 4818 if (!xmlStrcmp(cur->name, DTD_ELEM_FS))
4816 4819 break;
4817 4820 if (cur == NULL) {
4818 4821 handle->zone_dh_cur = handle->zone_dh_top;
4819 4822 return (Z_NO_ENTRY);
4820 4823 }
4821 4824
4822 4825 if ((err = fetchprop(cur, DTD_ATTR_SPECIAL, tabptr->zone_fs_special,
4823 4826 sizeof (tabptr->zone_fs_special))) != Z_OK) {
4824 4827 handle->zone_dh_cur = handle->zone_dh_top;
4825 4828 return (err);
4826 4829 }
4827 4830
4828 4831 if ((err = fetchprop(cur, DTD_ATTR_RAW, tabptr->zone_fs_raw,
4829 4832 sizeof (tabptr->zone_fs_raw))) != Z_OK) {
4830 4833 handle->zone_dh_cur = handle->zone_dh_top;
4831 4834 return (err);
4832 4835 }
4833 4836
4834 4837 if ((err = fetchprop(cur, DTD_ATTR_DIR, tabptr->zone_fs_dir,
4835 4838 sizeof (tabptr->zone_fs_dir))) != Z_OK) {
4836 4839 handle->zone_dh_cur = handle->zone_dh_top;
4837 4840 return (err);
4838 4841 }
4839 4842
4840 4843 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_fs_type,
4841 4844 sizeof (tabptr->zone_fs_type))) != Z_OK) {
4842 4845 handle->zone_dh_cur = handle->zone_dh_top;
4843 4846 return (err);
4844 4847 }
4845 4848
4846 4849 /* OK for options to be NULL */
4847 4850 tabptr->zone_fs_options = NULL;
4848 4851 for (options = cur->xmlChildrenNode; options != NULL;
4849 4852 options = options->next) {
4850 4853 if (fetchprop(options, DTD_ATTR_NAME, options_str,
4851 4854 sizeof (options_str)) != Z_OK)
4852 4855 break;
4853 4856 if (zonecfg_add_fs_option(tabptr, options_str) != Z_OK)
4854 4857 break;
4855 4858 }
4856 4859
4857 4860 handle->zone_dh_cur = cur->next;
4858 4861 return (Z_OK);
4859 4862 }
4860 4863
4861 4864 int
4862 4865 zonecfg_endfsent(zone_dochandle_t handle)
4863 4866 {
4864 4867 return (zonecfg_endent(handle));
4865 4868 }
4866 4869
4867 4870 int
4868 4871 zonecfg_setnwifent(zone_dochandle_t handle)
4869 4872 {
4870 4873 return (zonecfg_setent(handle));
4871 4874 }
4872 4875
4873 4876 int
4874 4877 zonecfg_getnwifent(zone_dochandle_t handle, struct zone_nwiftab *tabptr)
4875 4878 {
4876 4879 xmlNodePtr cur;
4877 4880 int err;
4878 4881
4879 4882 if (handle == NULL)
4880 4883 return (Z_INVAL);
4881 4884
4882 4885 if ((cur = handle->zone_dh_cur) == NULL)
4883 4886 return (Z_NO_ENTRY);
4884 4887
4885 4888 for (; cur != NULL; cur = cur->next)
4886 4889 if (!xmlStrcmp(cur->name, DTD_ELEM_NET))
4887 4890 break;
4888 4891 if (cur == NULL) {
4889 4892 handle->zone_dh_cur = handle->zone_dh_top;
4890 4893 return (Z_NO_ENTRY);
4891 4894 }
4892 4895
4893 4896 if ((err = fetchprop(cur, DTD_ATTR_ADDRESS, tabptr->zone_nwif_address,
4894 4897 sizeof (tabptr->zone_nwif_address))) != Z_OK) {
4895 4898 handle->zone_dh_cur = handle->zone_dh_top;
4896 4899 return (err);
4897 4900 }
4898 4901
4899 4902 if ((err = fetchprop(cur, DTD_ATTR_ALLOWED_ADDRESS,
4900 4903 tabptr->zone_nwif_allowed_address,
4901 4904 sizeof (tabptr->zone_nwif_allowed_address))) != Z_OK) {
4902 4905 handle->zone_dh_cur = handle->zone_dh_top;
4903 4906 return (err);
4904 4907 }
4905 4908
4906 4909 if ((err = fetchprop(cur, DTD_ATTR_PHYSICAL, tabptr->zone_nwif_physical,
4907 4910 sizeof (tabptr->zone_nwif_physical))) != Z_OK) {
4908 4911 handle->zone_dh_cur = handle->zone_dh_top;
4909 4912 return (err);
4910 4913 }
4911 4914
4912 4915 if ((err = fetchprop(cur, DTD_ATTR_DEFROUTER,
4913 4916 tabptr->zone_nwif_defrouter,
4914 4917 sizeof (tabptr->zone_nwif_defrouter))) != Z_OK) {
4915 4918 handle->zone_dh_cur = handle->zone_dh_top;
4916 4919 return (err);
4917 4920 }
4918 4921
4919 4922 handle->zone_dh_cur = cur->next;
4920 4923 return (Z_OK);
4921 4924 }
4922 4925
4923 4926 int
4924 4927 zonecfg_endnwifent(zone_dochandle_t handle)
4925 4928 {
4926 4929 return (zonecfg_endent(handle));
4927 4930 }
4928 4931
4929 4932 int
4930 4933 zonecfg_setdevent(zone_dochandle_t handle)
4931 4934 {
4932 4935 return (zonecfg_setent(handle));
4933 4936 }
4934 4937
4935 4938 int
4936 4939 zonecfg_getdevent(zone_dochandle_t handle, struct zone_devtab *tabptr)
4937 4940 {
4938 4941 xmlNodePtr cur;
4939 4942 int err;
4940 4943
4941 4944 if (handle == NULL)
4942 4945 return (Z_INVAL);
4943 4946
4944 4947 if ((cur = handle->zone_dh_cur) == NULL)
4945 4948 return (Z_NO_ENTRY);
4946 4949
4947 4950 for (; cur != NULL; cur = cur->next)
4948 4951 if (!xmlStrcmp(cur->name, DTD_ELEM_DEVICE))
4949 4952 break;
4950 4953 if (cur == NULL) {
4951 4954 handle->zone_dh_cur = handle->zone_dh_top;
4952 4955 return (Z_NO_ENTRY);
4953 4956 }
4954 4957
4955 4958 if ((err = fetchprop(cur, DTD_ATTR_MATCH, tabptr->zone_dev_match,
4956 4959 sizeof (tabptr->zone_dev_match))) != Z_OK) {
4957 4960 handle->zone_dh_cur = handle->zone_dh_top;
4958 4961 return (err);
4959 4962 }
4960 4963
4961 4964 handle->zone_dh_cur = cur->next;
4962 4965 return (Z_OK);
4963 4966 }
4964 4967
4965 4968 int
4966 4969 zonecfg_enddevent(zone_dochandle_t handle)
4967 4970 {
4968 4971 return (zonecfg_endent(handle));
4969 4972 }
4970 4973
4971 4974 int
4972 4975 zonecfg_setrctlent(zone_dochandle_t handle)
4973 4976 {
4974 4977 return (zonecfg_setent(handle));
4975 4978 }
4976 4979
4977 4980 int
4978 4981 zonecfg_getrctlent(zone_dochandle_t handle, struct zone_rctltab *tabptr)
4979 4982 {
4980 4983 xmlNodePtr cur, val;
4981 4984 struct zone_rctlvaltab *valptr;
4982 4985 int err;
4983 4986
4984 4987 if (handle == NULL)
4985 4988 return (Z_INVAL);
4986 4989
4987 4990 if ((cur = handle->zone_dh_cur) == NULL)
4988 4991 return (Z_NO_ENTRY);
4989 4992
4990 4993 for (; cur != NULL; cur = cur->next)
4991 4994 if (!xmlStrcmp(cur->name, DTD_ELEM_RCTL))
4992 4995 break;
4993 4996 if (cur == NULL) {
4994 4997 handle->zone_dh_cur = handle->zone_dh_top;
4995 4998 return (Z_NO_ENTRY);
4996 4999 }
4997 5000
4998 5001 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_rctl_name,
4999 5002 sizeof (tabptr->zone_rctl_name))) != Z_OK) {
5000 5003 handle->zone_dh_cur = handle->zone_dh_top;
5001 5004 return (err);
5002 5005 }
5003 5006
5004 5007 tabptr->zone_rctl_valptr = NULL;
5005 5008 for (val = cur->xmlChildrenNode; val != NULL; val = val->next) {
5006 5009 valptr = (struct zone_rctlvaltab *)malloc(
5007 5010 sizeof (struct zone_rctlvaltab));
5008 5011 if (valptr == NULL)
5009 5012 return (Z_NOMEM);
5010 5013 if (fetchprop(val, DTD_ATTR_PRIV, valptr->zone_rctlval_priv,
5011 5014 sizeof (valptr->zone_rctlval_priv)) != Z_OK)
5012 5015 break;
5013 5016 if (fetchprop(val, DTD_ATTR_LIMIT, valptr->zone_rctlval_limit,
5014 5017 sizeof (valptr->zone_rctlval_limit)) != Z_OK)
5015 5018 break;
5016 5019 if (fetchprop(val, DTD_ATTR_ACTION, valptr->zone_rctlval_action,
5017 5020 sizeof (valptr->zone_rctlval_action)) != Z_OK)
5018 5021 break;
5019 5022 if (zonecfg_add_rctl_value(tabptr, valptr) != Z_OK)
5020 5023 break;
5021 5024 }
5022 5025
5023 5026 handle->zone_dh_cur = cur->next;
5024 5027 return (Z_OK);
5025 5028 }
5026 5029
5027 5030 int
5028 5031 zonecfg_endrctlent(zone_dochandle_t handle)
5029 5032 {
5030 5033 return (zonecfg_endent(handle));
5031 5034 }
5032 5035
5033 5036 int
5034 5037 zonecfg_setattrent(zone_dochandle_t handle)
5035 5038 {
5036 5039 return (zonecfg_setent(handle));
5037 5040 }
5038 5041
5039 5042 int
5040 5043 zonecfg_getattrent(zone_dochandle_t handle, struct zone_attrtab *tabptr)
5041 5044 {
5042 5045 xmlNodePtr cur;
5043 5046 int err;
5044 5047
5045 5048 if (handle == NULL)
5046 5049 return (Z_INVAL);
5047 5050
5048 5051 if ((cur = handle->zone_dh_cur) == NULL)
5049 5052 return (Z_NO_ENTRY);
5050 5053
5051 5054 for (; cur != NULL; cur = cur->next)
5052 5055 if (!xmlStrcmp(cur->name, DTD_ELEM_ATTR))
5053 5056 break;
5054 5057 if (cur == NULL) {
5055 5058 handle->zone_dh_cur = handle->zone_dh_top;
5056 5059 return (Z_NO_ENTRY);
5057 5060 }
5058 5061
5059 5062 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_attr_name,
5060 5063 sizeof (tabptr->zone_attr_name))) != Z_OK) {
5061 5064 handle->zone_dh_cur = handle->zone_dh_top;
5062 5065 return (err);
5063 5066 }
5064 5067
5065 5068 if ((err = fetchprop(cur, DTD_ATTR_TYPE, tabptr->zone_attr_type,
5066 5069 sizeof (tabptr->zone_attr_type))) != Z_OK) {
5067 5070 handle->zone_dh_cur = handle->zone_dh_top;
5068 5071 return (err);
5069 5072 }
5070 5073
5071 5074 if ((err = fetchprop(cur, DTD_ATTR_VALUE, tabptr->zone_attr_value,
5072 5075 sizeof (tabptr->zone_attr_value))) != Z_OK) {
5073 5076 handle->zone_dh_cur = handle->zone_dh_top;
5074 5077 return (err);
5075 5078 }
5076 5079
5077 5080 handle->zone_dh_cur = cur->next;
5078 5081 return (Z_OK);
5079 5082 }
5080 5083
5081 5084 int
5082 5085 zonecfg_endattrent(zone_dochandle_t handle)
5083 5086 {
5084 5087 return (zonecfg_endent(handle));
5085 5088 }
5086 5089
5087 5090 int
5088 5091 zonecfg_setadminent(zone_dochandle_t handle)
5089 5092 {
5090 5093 return (zonecfg_setent(handle));
5091 5094 }
5092 5095
5093 5096 int
5094 5097 zonecfg_getadminent(zone_dochandle_t handle, struct zone_admintab *tabptr)
5095 5098 {
5096 5099 xmlNodePtr cur;
5097 5100 int err;
5098 5101
5099 5102 if (handle == NULL)
5100 5103 return (Z_INVAL);
5101 5104
5102 5105 if ((cur = handle->zone_dh_cur) == NULL)
5103 5106 return (Z_NO_ENTRY);
5104 5107
5105 5108 for (; cur != NULL; cur = cur->next)
5106 5109 if (!xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
5107 5110 break;
5108 5111 if (cur == NULL) {
5109 5112 handle->zone_dh_cur = handle->zone_dh_top;
5110 5113 return (Z_NO_ENTRY);
5111 5114 }
5112 5115
5113 5116 if ((err = fetchprop(cur, DTD_ATTR_USER, tabptr->zone_admin_user,
5114 5117 sizeof (tabptr->zone_admin_user))) != Z_OK) {
5115 5118 handle->zone_dh_cur = handle->zone_dh_top;
5116 5119 return (err);
5117 5120 }
5118 5121
5119 5122
5120 5123 if ((err = fetchprop(cur, DTD_ATTR_AUTHS, tabptr->zone_admin_auths,
5121 5124 sizeof (tabptr->zone_admin_auths))) != Z_OK) {
5122 5125 handle->zone_dh_cur = handle->zone_dh_top;
5123 5126 return (err);
5124 5127 }
5125 5128
5126 5129 handle->zone_dh_cur = cur->next;
5127 5130 return (Z_OK);
5128 5131 }
5129 5132
5130 5133 int
5131 5134 zonecfg_endadminent(zone_dochandle_t handle)
5132 5135 {
5133 5136 return (zonecfg_endent(handle));
5134 5137 }
5135 5138
5136 5139 /*
5137 5140 * The privileges available on the system and described in privileges(5)
5138 5141 * fall into four categories with respect to non-global zones:
5139 5142 *
5140 5143 * Default set of privileges considered safe for all non-global
5141 5144 * zones. These privileges are "safe" in the sense that a
5142 5145 * privileged process in the zone cannot affect processes in any
5143 5146 * other zone on the system.
5144 5147 *
5145 5148 * Set of privileges not currently permitted within a non-global
5146 5149 * zone. These privileges are considered by default, "unsafe,"
5147 5150 * and include ones which affect global resources (such as the
5148 5151 * system clock or physical memory) or are overly broad and cover
5149 5152 * more than one mechanism in the system. In other cases, there
5150 5153 * has not been sufficient virtualization in the parts of the
5151 5154 * system the privilege covers to allow its use within a
5152 5155 * non-global zone.
5153 5156 *
5154 5157 * Set of privileges required in order to get a zone booted and
5155 5158 * init(1M) started. These cannot be removed from the zone's
5156 5159 * privilege set.
5157 5160 *
5158 5161 * All other privileges are optional and are potentially useful for
5159 5162 * processes executing inside a non-global zone.
5160 5163 *
5161 5164 * When privileges are added to the system, a determination needs to be
5162 5165 * made as to which category the privilege belongs to. Ideally,
5163 5166 * privileges should be fine-grained enough and the mechanisms they cover
5164 5167 * virtualized enough so that they can be made available to non-global
5165 5168 * zones.
5166 5169 */
5167 5170
5168 5171 /*
5169 5172 * Define some of the tokens that priv_str_to_set(3C) recognizes. Since
5170 5173 * the privilege string separator can be any character, although it is
5171 5174 * usually a comma character, define these here as well in the event that
5172 5175 * they change or are augmented in the future.
5173 5176 */
5174 5177 #define BASIC_TOKEN "basic"
5175 5178 #define DEFAULT_TOKEN "default"
5176 5179 #define ZONE_TOKEN "zone"
5177 5180 #define TOKEN_PRIV_CHAR ','
5178 5181 #define TOKEN_PRIV_STR ","
5179 5182
5180 5183 typedef struct priv_node {
5181 5184 struct priv_node *pn_next; /* Next privilege */
5182 5185 char *pn_priv; /* Privileges name */
5183 5186 } priv_node_t;
5184 5187
5185 5188 /* Privileges lists can differ across brands */
5186 5189 typedef struct priv_lists {
5187 5190 /* Privileges considered safe for all non-global zones of a brand */
5188 5191 struct priv_node *pl_default;
5189 5192
5190 5193 /* Privileges not permitted for all non-global zones of a brand */
5191 5194 struct priv_node *pl_prohibited;
5192 5195
5193 5196 /* Privileges required for all non-global zones of a brand */
5194 5197 struct priv_node *pl_required;
5195 5198
5196 5199 /*
5197 5200 * ip-type of the zone these privileges lists apply to.
5198 5201 * It is used to pass ip-type to the callback function,
5199 5202 * priv_lists_cb, which has no way of getting the ip-type.
5200 5203 */
5201 5204 const char *pl_iptype;
5202 5205 } priv_lists_t;
5203 5206
5204 5207 static int
5205 5208 priv_lists_cb(void *data, priv_iter_t *priv_iter)
5206 5209 {
5207 5210 priv_lists_t *plp = (priv_lists_t *)data;
5208 5211 priv_node_t *pnp;
5209 5212
5210 5213 /* Skip this privilege if ip-type does not match */
5211 5214 if ((strcmp(priv_iter->pi_iptype, "all") != 0) &&
5212 5215 (strcmp(priv_iter->pi_iptype, plp->pl_iptype) != 0))
5213 5216 return (0);
5214 5217
5215 5218 /* Allocate a new priv list node. */
5216 5219 if ((pnp = malloc(sizeof (*pnp))) == NULL)
5217 5220 return (-1);
5218 5221 if ((pnp->pn_priv = strdup(priv_iter->pi_name)) == NULL) {
5219 5222 free(pnp);
5220 5223 return (-1);
5221 5224 }
5222 5225
5223 5226 /* Insert the new priv list node into the right list */
5224 5227 if (strcmp(priv_iter->pi_set, "default") == 0) {
5225 5228 pnp->pn_next = plp->pl_default;
5226 5229 plp->pl_default = pnp;
5227 5230 } else if (strcmp(priv_iter->pi_set, "prohibited") == 0) {
5228 5231 pnp->pn_next = plp->pl_prohibited;
5229 5232 plp->pl_prohibited = pnp;
5230 5233 } else if (strcmp(priv_iter->pi_set, "required") == 0) {
5231 5234 pnp->pn_next = plp->pl_required;
5232 5235 plp->pl_required = pnp;
5233 5236 } else {
5234 5237 free(pnp->pn_priv);
5235 5238 free(pnp);
5236 5239 return (-1);
5237 5240 }
5238 5241 return (0);
5239 5242 }
5240 5243
5241 5244 static void
5242 5245 priv_lists_destroy(priv_lists_t *plp)
5243 5246 {
5244 5247 priv_node_t *pnp;
5245 5248
5246 5249 assert(plp != NULL);
5247 5250
5248 5251 while ((pnp = plp->pl_default) != NULL) {
5249 5252 plp->pl_default = pnp->pn_next;
5250 5253 free(pnp->pn_priv);
5251 5254 free(pnp);
5252 5255 }
5253 5256 while ((pnp = plp->pl_prohibited) != NULL) {
5254 5257 plp->pl_prohibited = pnp->pn_next;
5255 5258 free(pnp->pn_priv);
5256 5259 free(pnp);
5257 5260 }
5258 5261 while ((pnp = plp->pl_required) != NULL) {
5259 5262 plp->pl_required = pnp->pn_next;
5260 5263 free(pnp->pn_priv);
5261 5264 free(pnp);
5262 5265 }
5263 5266 free(plp);
5264 5267 }
5265 5268
5266 5269 static int
5267 5270 priv_lists_create(zone_dochandle_t handle, char *brand, priv_lists_t **plpp,
5268 5271 const char *curr_iptype)
5269 5272 {
5270 5273 priv_lists_t *plp;
5271 5274 brand_handle_t bh;
5272 5275 char brand_str[MAXNAMELEN];
5273 5276
5274 5277 /* handle or brand must be set, but never both */
5275 5278 assert((handle != NULL) || (brand != NULL));
5276 5279 assert((handle == NULL) || (brand == NULL));
5277 5280
5278 5281 if (handle != NULL) {
5279 5282 brand = brand_str;
5280 5283 if (zonecfg_get_brand(handle, brand, sizeof (brand_str)) != 0)
5281 5284 return (Z_BRAND_ERROR);
5282 5285 }
5283 5286
5284 5287 if ((bh = brand_open(brand)) == NULL)
5285 5288 return (Z_BRAND_ERROR);
5286 5289
5287 5290 if ((plp = calloc(1, sizeof (priv_lists_t))) == NULL) {
5288 5291 brand_close(bh);
5289 5292 return (Z_NOMEM);
5290 5293 }
5291 5294
5292 5295 plp->pl_iptype = curr_iptype;
5293 5296
5294 5297 /* construct the privilege lists */
5295 5298 if (brand_config_iter_privilege(bh, priv_lists_cb, plp) != 0) {
5296 5299 priv_lists_destroy(plp);
5297 5300 brand_close(bh);
5298 5301 return (Z_BRAND_ERROR);
5299 5302 }
5300 5303
5301 5304 brand_close(bh);
5302 5305 *plpp = plp;
5303 5306 return (Z_OK);
5304 5307 }
5305 5308
5306 5309 static int
5307 5310 get_default_privset(priv_set_t *privs, priv_lists_t *plp)
5308 5311 {
5309 5312 priv_node_t *pnp;
5310 5313 priv_set_t *basic;
5311 5314
5312 5315 basic = priv_str_to_set(BASIC_TOKEN, TOKEN_PRIV_STR, NULL);
5313 5316 if (basic == NULL)
5314 5317 return (errno == ENOMEM ? Z_NOMEM : Z_INVAL);
5315 5318
5316 5319 priv_union(basic, privs);
5317 5320 priv_freeset(basic);
5318 5321
5319 5322 for (pnp = plp->pl_default; pnp != NULL; pnp = pnp->pn_next) {
5320 5323 if (priv_addset(privs, pnp->pn_priv) != 0)
5321 5324 return (Z_INVAL);
5322 5325 }
5323 5326
5324 5327 return (Z_OK);
5325 5328 }
5326 5329
5327 5330 int
5328 5331 zonecfg_default_brand(char *brand, size_t brandsize)
5329 5332 {
5330 5333 zone_dochandle_t handle;
5331 5334 int myzoneid = getzoneid();
5332 5335 int ret;
5333 5336
5334 5337 /*
5335 5338 * If we're running within a zone, then the default brand is the
5336 5339 * current zone's brand.
5337 5340 */
5338 5341 if (myzoneid != GLOBAL_ZONEID) {
5339 5342 ret = zone_getattr(myzoneid, ZONE_ATTR_BRAND, brand, brandsize);
5340 5343 if (ret < 0)
5341 5344 return ((errno == EFAULT) ? Z_TOO_BIG : Z_INVAL);
5342 5345 return (Z_OK);
5343 5346 }
5344 5347
5345 5348 if ((handle = zonecfg_init_handle()) == NULL)
5346 5349 return (Z_NOMEM);
5347 5350 if ((ret = zonecfg_get_handle("SUNWdefault", handle)) == Z_OK) {
5348 5351 ret = i_zonecfg_get_brand(handle, brand, brandsize, B_TRUE);
5349 5352 zonecfg_fini_handle(handle);
5350 5353 return (ret);
5351 5354 }
5352 5355 return (ret);
5353 5356 }
5354 5357
5355 5358 int
5356 5359 zonecfg_default_privset(priv_set_t *privs, const char *curr_iptype)
5357 5360 {
5358 5361 priv_lists_t *plp;
5359 5362 char buf[MAXNAMELEN];
5360 5363 int ret;
5361 5364
5362 5365 if ((ret = zonecfg_default_brand(buf, sizeof (buf))) != Z_OK)
5363 5366 return (ret);
5364 5367 if ((ret = priv_lists_create(NULL, buf, &plp, curr_iptype)) != Z_OK)
5365 5368 return (ret);
5366 5369 ret = get_default_privset(privs, plp);
5367 5370 priv_lists_destroy(plp);
5368 5371 return (ret);
5369 5372 }
5370 5373
5371 5374 void
5372 5375 append_priv_token(char *priv, char *str, size_t strlen)
5373 5376 {
5374 5377 if (*str != '\0')
5375 5378 (void) strlcat(str, TOKEN_PRIV_STR, strlen);
5376 5379 (void) strlcat(str, priv, strlen);
5377 5380 }
5378 5381
5379 5382 /*
5380 5383 * Verify that the supplied string is a valid privilege limit set for a
5381 5384 * non-global zone. This string must not only be acceptable to
5382 5385 * priv_str_to_set(3C) which parses it, but it also must resolve to a
5383 5386 * privilege set that includes certain required privileges and lacks
5384 5387 * certain prohibited privileges.
5385 5388 */
5386 5389 static int
5387 5390 verify_privset(char *privbuf, priv_set_t *privs, char **privname,
5388 5391 boolean_t add_default, priv_lists_t *plp)
5389 5392 {
5390 5393 priv_node_t *pnp;
5391 5394 char *tmp, *cp, *lasts;
5392 5395 size_t len;
5393 5396 priv_set_t *mergeset;
5394 5397 const char *token;
5395 5398
5396 5399 /*
5397 5400 * The verification of the privilege string occurs in several
5398 5401 * phases. In the first phase, the supplied string is scanned for
5399 5402 * the ZONE_TOKEN token which is not support as part of the
5400 5403 * "limitpriv" property.
5401 5404 *
5402 5405 * Duplicate the supplied privilege string since strtok_r(3C)
5403 5406 * tokenizes its input by null-terminating the tokens.
5404 5407 */
5405 5408 if ((tmp = strdup(privbuf)) == NULL)
5406 5409 return (Z_NOMEM);
5407 5410 for (cp = strtok_r(tmp, TOKEN_PRIV_STR, &lasts); cp != NULL;
5408 5411 cp = strtok_r(NULL, TOKEN_PRIV_STR, &lasts)) {
5409 5412 if (strcmp(cp, ZONE_TOKEN) == 0) {
5410 5413 free(tmp);
5411 5414 if ((*privname = strdup(ZONE_TOKEN)) == NULL)
5412 5415 return (Z_NOMEM);
5413 5416 else
5414 5417 return (Z_PRIV_UNKNOWN);
5415 5418 }
5416 5419 }
5417 5420 free(tmp);
5418 5421
5419 5422 if (add_default) {
5420 5423 /*
5421 5424 * If DEFAULT_TOKEN was specified, a string needs to be
5422 5425 * built containing the privileges from the default, safe
5423 5426 * set along with those of the "limitpriv" property.
5424 5427 */
5425 5428 len = strlen(privbuf) + sizeof (BASIC_TOKEN) + 2;
5426 5429
5427 5430 for (pnp = plp->pl_default; pnp != NULL; pnp = pnp->pn_next)
5428 5431 len += strlen(pnp->pn_priv) + 1;
5429 5432 tmp = alloca(len);
5430 5433 *tmp = '\0';
5431 5434
5432 5435 append_priv_token(BASIC_TOKEN, tmp, len);
5433 5436 for (pnp = plp->pl_default; pnp != NULL; pnp = pnp->pn_next)
5434 5437 append_priv_token(pnp->pn_priv, tmp, len);
5435 5438 (void) strlcat(tmp, TOKEN_PRIV_STR, len);
5436 5439 (void) strlcat(tmp, privbuf, len);
5437 5440 } else {
5438 5441 tmp = privbuf;
5439 5442 }
5440 5443
5441 5444
5442 5445 /*
5443 5446 * In the next phase, attempt to convert the merged privilege
5444 5447 * string into a privilege set. In the case of an error, either
5445 5448 * there was a memory allocation failure or there was an invalid
5446 5449 * privilege token in the string. In either case, return an
5447 5450 * appropriate error code but in the event of an invalid token,
5448 5451 * allocate a string containing its name and return that back to
5449 5452 * the caller.
5450 5453 */
5451 5454 mergeset = priv_str_to_set(tmp, TOKEN_PRIV_STR, &token);
5452 5455 if (mergeset == NULL) {
5453 5456 if (token == NULL)
5454 5457 return (Z_NOMEM);
5455 5458 if ((cp = strchr(token, TOKEN_PRIV_CHAR)) != NULL)
5456 5459 *cp = '\0';
5457 5460 if ((*privname = strdup(token)) == NULL)
5458 5461 return (Z_NOMEM);
5459 5462 else
5460 5463 return (Z_PRIV_UNKNOWN);
5461 5464 }
5462 5465
5463 5466 /*
5464 5467 * Next, verify that none of the prohibited zone privileges are
5465 5468 * present in the merged privilege set.
5466 5469 */
5467 5470 for (pnp = plp->pl_prohibited; pnp != NULL; pnp = pnp->pn_next) {
5468 5471 if (priv_ismember(mergeset, pnp->pn_priv)) {
5469 5472 priv_freeset(mergeset);
5470 5473 if ((*privname = strdup(pnp->pn_priv)) == NULL)
5471 5474 return (Z_NOMEM);
5472 5475 else
5473 5476 return (Z_PRIV_PROHIBITED);
5474 5477 }
5475 5478 }
5476 5479
5477 5480 /*
5478 5481 * Finally, verify that all of the required zone privileges are
5479 5482 * present in the merged privilege set.
5480 5483 */
5481 5484 for (pnp = plp->pl_required; pnp != NULL; pnp = pnp->pn_next) {
5482 5485 if (!priv_ismember(mergeset, pnp->pn_priv)) {
5483 5486 priv_freeset(mergeset);
5484 5487 if ((*privname = strdup(pnp->pn_priv)) == NULL)
5485 5488 return (Z_NOMEM);
5486 5489 else
5487 5490 return (Z_PRIV_REQUIRED);
5488 5491 }
5489 5492 }
5490 5493
5491 5494 priv_copyset(mergeset, privs);
5492 5495 priv_freeset(mergeset);
5493 5496 return (Z_OK);
5494 5497 }
5495 5498
5496 5499 /*
5497 5500 * Fill in the supplied privilege set with either the default, safe set of
5498 5501 * privileges suitable for a non-global zone, or one based on the
5499 5502 * "limitpriv" property in the zone's configuration.
5500 5503 *
5501 5504 * In the event of an invalid privilege specification in the
5502 5505 * configuration, a string is allocated and returned containing the
5503 5506 * "privilege" causing the issue. It is the caller's responsibility to
5504 5507 * free this memory when it is done with it.
5505 5508 */
5506 5509 int
5507 5510 zonecfg_get_privset(zone_dochandle_t handle, priv_set_t *privs,
5508 5511 char **privname)
5509 5512 {
5510 5513 priv_lists_t *plp;
5511 5514 char *cp, *limitpriv = NULL;
5512 5515 int err, limitlen;
5513 5516 zone_iptype_t iptype;
5514 5517 const char *curr_iptype;
5515 5518
5516 5519 /*
5517 5520 * Attempt to lookup the "limitpriv" property. If it does not
5518 5521 * exist or matches the string DEFAULT_TOKEN exactly, then the
5519 5522 * default, safe privilege set is returned.
5520 5523 */
5521 5524 if ((err = zonecfg_get_limitpriv(handle, &limitpriv)) != Z_OK)
5522 5525 return (err);
5523 5526
5524 5527 if ((err = zonecfg_get_iptype(handle, &iptype)) != Z_OK)
5525 5528 return (err);
5526 5529
5527 5530 switch (iptype) {
5528 5531 case ZS_SHARED:
5529 5532 curr_iptype = "shared";
5530 5533 break;
5531 5534 case ZS_EXCLUSIVE:
5532 5535 curr_iptype = "exclusive";
5533 5536 break;
5534 5537 }
5535 5538
5536 5539 if ((err = priv_lists_create(handle, NULL, &plp, curr_iptype)) != Z_OK)
5537 5540 return (err);
5538 5541
5539 5542 limitlen = strlen(limitpriv);
5540 5543 if (limitlen == 0 || strcmp(limitpriv, DEFAULT_TOKEN) == 0) {
5541 5544 free(limitpriv);
5542 5545 err = get_default_privset(privs, plp);
5543 5546 priv_lists_destroy(plp);
5544 5547 return (err);
5545 5548 }
5546 5549
5547 5550 /*
5548 5551 * Check if the string DEFAULT_TOKEN is the first token in a list
5549 5552 * of privileges.
5550 5553 */
5551 5554 cp = strchr(limitpriv, TOKEN_PRIV_CHAR);
5552 5555 if (cp != NULL &&
5553 5556 strncmp(limitpriv, DEFAULT_TOKEN, cp - limitpriv) == 0)
5554 5557 err = verify_privset(cp + 1, privs, privname, B_TRUE, plp);
5555 5558 else
5556 5559 err = verify_privset(limitpriv, privs, privname, B_FALSE, plp);
5557 5560
5558 5561 free(limitpriv);
5559 5562 priv_lists_destroy(plp);
5560 5563 return (err);
5561 5564 }
5562 5565
5563 5566 int
5564 5567 zone_get_zonepath(char *zone_name, char *zonepath, size_t rp_sz)
5565 5568 {
5566 5569 zone_dochandle_t handle;
5567 5570 boolean_t found = B_FALSE;
5568 5571 struct zoneent *ze;
5569 5572 FILE *cookie;
5570 5573 int err;
5571 5574 char *cp;
5572 5575
5573 5576 if (zone_name == NULL)
5574 5577 return (Z_INVAL);
5575 5578
5576 5579 (void) strlcpy(zonepath, zonecfg_root, rp_sz);
5577 5580 cp = zonepath + strlen(zonepath);
5578 5581 while (cp > zonepath && cp[-1] == '/')
5579 5582 *--cp = '\0';
5580 5583
5581 5584 if (strcmp(zone_name, GLOBAL_ZONENAME) == 0) {
5582 5585 if (zonepath[0] == '\0')
5583 5586 (void) strlcpy(zonepath, "/", rp_sz);
5584 5587 return (Z_OK);
5585 5588 }
5586 5589
5587 5590 /*
5588 5591 * First check the index file. Because older versions did not have
5589 5592 * a copy of the zone path, allow for it to be zero length, in which
5590 5593 * case we ignore this result and fall back to the XML files.
5591 5594 */
5592 5595 cookie = setzoneent();
5593 5596 while ((ze = getzoneent_private(cookie)) != NULL) {
5594 5597 if (strcmp(ze->zone_name, zone_name) == 0) {
5595 5598 found = B_TRUE;
5596 5599 if (ze->zone_path[0] != '\0')
5597 5600 (void) strlcpy(cp, ze->zone_path,
5598 5601 rp_sz - (cp - zonepath));
5599 5602 }
5600 5603 free(ze);
5601 5604 if (found)
5602 5605 break;
5603 5606 }
5604 5607 endzoneent(cookie);
5605 5608 if (found && *cp != '\0')
5606 5609 return (Z_OK);
5607 5610
5608 5611 /* Fall back to the XML files. */
5609 5612 if ((handle = zonecfg_init_handle()) == NULL)
5610 5613 return (Z_NOMEM);
5611 5614
5612 5615 /*
5613 5616 * Check the snapshot first: if a zone is running, its zonepath
5614 5617 * may have changed.
5615 5618 */
5616 5619 if (zonecfg_get_snapshot_handle(zone_name, handle) != Z_OK) {
5617 5620 if ((err = zonecfg_get_handle(zone_name, handle)) != Z_OK) {
5618 5621 zonecfg_fini_handle(handle);
5619 5622 return (err);
5620 5623 }
5621 5624 }
5622 5625 err = zonecfg_get_zonepath(handle, zonepath, rp_sz);
5623 5626 zonecfg_fini_handle(handle);
5624 5627 return (err);
5625 5628 }
5626 5629
5627 5630 int
5628 5631 zone_get_rootpath(char *zone_name, char *rootpath, size_t rp_sz)
5629 5632 {
5630 5633 int err;
5631 5634
5632 5635 /* This function makes sense for non-global zones only. */
5633 5636 if (strcmp(zone_name, GLOBAL_ZONENAME) == 0)
5634 5637 return (Z_BOGUS_ZONE_NAME);
5635 5638 if ((err = zone_get_zonepath(zone_name, rootpath, rp_sz)) != Z_OK)
5636 5639 return (err);
5637 5640 if (strlcat(rootpath, "/root", rp_sz) >= rp_sz)
5638 5641 return (Z_TOO_BIG);
5639 5642 return (Z_OK);
5640 5643 }
5641 5644
5642 5645 int
5643 5646 zone_get_brand(char *zone_name, char *brandname, size_t rp_sz)
5644 5647 {
5645 5648 int err;
5646 5649 zone_dochandle_t handle;
5647 5650 char myzone[MAXNAMELEN];
5648 5651 int myzoneid = getzoneid();
5649 5652
5650 5653 /*
5651 5654 * If we are not in the global zone, then we don't have the zone
5652 5655 * .xml files with the brand name available. Thus, we are going to
5653 5656 * have to ask the kernel for the information.
5654 5657 */
5655 5658 if (myzoneid != GLOBAL_ZONEID) {
5656 5659 if (is_system_labeled()) {
5657 5660 (void) strlcpy(brandname, NATIVE_BRAND_NAME, rp_sz);
5658 5661 return (Z_OK);
5659 5662 }
5660 5663 if (zone_getattr(myzoneid, ZONE_ATTR_NAME, myzone,
5661 5664 sizeof (myzone)) < 0)
5662 5665 return (Z_NO_ZONE);
5663 5666 if (!zonecfg_is_scratch(myzone)) {
5664 5667 if (strncmp(zone_name, myzone, MAXNAMELEN) != 0)
5665 5668 return (Z_NO_ZONE);
5666 5669 }
5667 5670 err = zone_getattr(myzoneid, ZONE_ATTR_BRAND, brandname, rp_sz);
5668 5671 if (err < 0)
5669 5672 return ((errno == EFAULT) ? Z_TOO_BIG : Z_INVAL);
5670 5673
5671 5674 return (Z_OK);
5672 5675 }
5673 5676
5674 5677 if (strcmp(zone_name, "global") == 0)
5675 5678 return (zonecfg_default_brand(brandname, rp_sz));
5676 5679
5677 5680 if ((handle = zonecfg_init_handle()) == NULL)
|
↓ open down ↓ |
5533 lines elided |
↑ open up ↑ |
5678 5681 return (Z_NOMEM);
5679 5682
5680 5683 err = zonecfg_get_handle((char *)zone_name, handle);
5681 5684 if (err == Z_OK)
5682 5685 err = zonecfg_get_brand(handle, brandname, rp_sz);
5683 5686
5684 5687 zonecfg_fini_handle(handle);
5685 5688 return (err);
5686 5689 }
5687 5690
5691 +/*
5692 + * Atomically get a new zone_did value. The currently allocated value
5693 + * is stored in /etc/zones/did.txt. Lock the file, read the current value,
5694 + * increment, save the new value and unlock the file. Return the new value
5695 + * or -1 if there was an error. The ID namespace is large enough that we
5696 + * don't worry about recycling an ID when a zone is deleted.
5697 + */
5698 +static zoneid_t
5699 +new_zone_did()
5700 +{
5701 + int fd;
5702 + int len;
5703 + int val;
5704 + struct flock lck;
5705 + char pathbuf[PATH_MAX];
5706 + char buf[80];
5707 +
5708 + if (snprintf(pathbuf, sizeof (pathbuf), "%s%s", zonecfg_get_root(),
5709 + DEBUGID_FILE) >= sizeof (pathbuf)) {
5710 + printf(gettext("alternate root path is too long"));
5711 + return (-1);
5712 + }
5713 +
5714 + if ((fd = open(pathbuf, O_RDWR | O_CREAT,
5715 + S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) < 0) {
5716 + perror("new_zone_did open failed");
5717 + return (-1);
5718 + }
5719 +
5720 + /* Initialize the lock. */
5721 + lck.l_whence = SEEK_SET;
5722 + lck.l_start = 0;
5723 + lck.l_len = 0;
5724 +
5725 + /* Wait until we acquire an exclusive lock on the file. */
5726 + lck.l_type = F_WRLCK;
5727 + if (fcntl(fd, F_SETLKW, &lck) == -1) {
5728 + perror("new_zone_did lock failed");
5729 + (void) close(fd);
5730 + return (-1);
5731 + }
5732 +
5733 + /* Get currently allocated value */
5734 + len = read(fd, buf, sizeof (buf));
5735 + if (len == -1) {
5736 + perror("new_zone_did read failed");
5737 + val = -1;
5738 + } else {
5739 + if (lseek(fd, 0L, SEEK_SET) == -1) {
5740 + perror("new_zone_did seek failed");
5741 + val = -1;
5742 + } else {
5743 + if (len == 0) {
5744 + /* Just created the file, initialize at 1 */
5745 + val = 1;
5746 + } else {
5747 + val = atoi(buf);
5748 + val++;
5749 + }
5750 +
5751 + (void) snprintf(buf, sizeof (buf), "%d\n", val);
5752 + len = strlen(buf);
5753 +
5754 + /* Save newly allocated value */
5755 + if (write(fd, buf, len) == -1) {
5756 + perror("new_zone_did write failed");
5757 + val = -1;
5758 + }
5759 + }
5760 + }
5761 +
5762 + /* Release the file lock. */
5763 + lck.l_type = F_UNLCK;
5764 + if (fcntl(fd, F_SETLK, &lck) == -1) {
5765 + perror("new_zone_did unlock failed");
5766 + val = -1;
5767 + }
5768 +
5769 + if (close(fd) != 0)
5770 + perror("new_zone_did close failed");
5771 +
5772 + return (val);
5773 +}
5774 +
5775 +/*
5776 + * Called by zoneadmd to get the zone's debug ID.
5777 + * If the zone doesn't already have an ID, a new one is generated and
5778 + * persistently saved onto the zone. Normally either zoneadm or zonecfg
5779 + * will assign a new ID for the zone, so zoneadmd should never have to
5780 + * generate one, but we also handle that here just to be paranoid.
5781 + */
5782 +zoneid_t
5783 +zone_get_did(char *zone_name)
5784 +{
5785 + int res;
5786 + zoneid_t new_did;
5787 + zone_dochandle_t handle;
5788 + char did_str[80];
5789 +
5790 + if ((handle = zonecfg_init_handle()) == NULL)
5791 + return (getpid());
5792 +
5793 + if (zonecfg_get_handle((char *)zone_name, handle) != Z_OK)
5794 + return (getpid());
5795 +
5796 + res = getrootattr(handle, DTD_ATTR_DID, did_str, sizeof (did_str));
5797 +
5798 + /* If the zone already has an assigned debug ID, return it. */
5799 + if (res == Z_OK && did_str[0] != '\0') {
5800 + zonecfg_fini_handle(handle);
5801 + return (atoi(did_str));
5802 + }
5803 +
5804 + /*
5805 + * The zone doesn't have an assigned debug ID yet, generate one and
5806 + * save it as part of the zone definition.
5807 + */
5808 + if ((new_did = new_zone_did()) == -1) {
5809 + /*
5810 + * We should really never hit this block of code.
5811 + * Generating a new ID failed for some reason. Use the current
5812 + * pid as a temporary ID so that the zone can continue to boot
5813 + * but we don't persistently save this temporary ID on the zone.
5814 + */
5815 + zonecfg_fini_handle(handle);
5816 + return (getpid());
5817 + }
5818 +
5819 + /* Now persistently save this new ID onto the zone. */
5820 + (void) snprintf(did_str, sizeof (did_str), "%d", new_did);
5821 + (void) setrootattr(handle, DTD_ATTR_DID, did_str);
5822 + (void) zonecfg_save(handle);
5823 +
5824 + zonecfg_fini_handle(handle);
5825 + return (new_did);
5826 +}
5827 +
5828 +zoneid_t
5829 +zonecfg_get_did(zone_dochandle_t handle)
5830 +{
5831 + char did_str[80];
5832 + int err;
5833 + zoneid_t did;
5834 +
5835 + err = getrootattr(handle, DTD_ATTR_DID, did_str, sizeof (did_str));
5836 + if (err == Z_OK && did_str[0] != '\0')
5837 + did = atoi(did_str);
5838 + else
5839 + did = -1;
5840 +
5841 + return (did);
5842 +}
5843 +
5844 +void
5845 +zonecfg_set_did(zone_dochandle_t handle)
5846 +{
5847 + zoneid_t new_did;
5848 + char did_str[80];
5849 +
5850 + if ((new_did = new_zone_did()) == -1)
5851 + return;
5852 + (void) snprintf(did_str, sizeof (did_str), "%d", new_did);
5853 + (void) setrootattr(handle, DTD_ATTR_DID, did_str);
5854 +}
5855 +
5688 5856 /*
5689 5857 * Return the appropriate root for the active /dev.
5690 5858 * For normal zone, the path is $ZONEPATH/root;
5691 5859 * for scratch zone, the dev path is $ZONEPATH/lu.
5692 5860 */
5693 5861 int
5694 5862 zone_get_devroot(char *zone_name, char *devroot, size_t rp_sz)
5695 5863 {
5696 5864 int err;
5697 5865 char *suffix;
5698 5866 zone_state_t state;
5699 5867
5700 5868 /* This function makes sense for non-global zones only. */
5701 5869 if (strcmp(zone_name, GLOBAL_ZONENAME) == 0)
5702 5870 return (Z_BOGUS_ZONE_NAME);
5703 5871 if ((err = zone_get_zonepath(zone_name, devroot, rp_sz)) != Z_OK)
5704 5872 return (err);
5705 5873
5706 5874 if (zone_get_state(zone_name, &state) == Z_OK &&
5707 5875 state == ZONE_STATE_MOUNTED)
5708 5876 suffix = "/lu";
5709 5877 else
5710 5878 suffix = "/root";
5711 5879 if (strlcat(devroot, suffix, rp_sz) >= rp_sz)
5712 5880 return (Z_TOO_BIG);
5713 5881 return (Z_OK);
5714 5882 }
5715 5883
5716 5884 static zone_state_t
5717 5885 kernel_state_to_user_state(zoneid_t zoneid, zone_status_t kernel_state)
5718 5886 {
5719 5887 char zoneroot[MAXPATHLEN];
5720 5888 size_t zlen;
5721 5889
5722 5890 assert(kernel_state <= ZONE_MAX_STATE);
5723 5891 switch (kernel_state) {
5724 5892 case ZONE_IS_UNINITIALIZED:
5725 5893 case ZONE_IS_INITIALIZED:
5726 5894 /* The kernel will not return these two states */
5727 5895 return (ZONE_STATE_READY);
5728 5896 case ZONE_IS_READY:
5729 5897 /*
5730 5898 * If the zone's root is mounted on $ZONEPATH/lu, then
5731 5899 * it's a mounted scratch zone.
5732 5900 */
5733 5901 if (zone_getattr(zoneid, ZONE_ATTR_ROOT, zoneroot,
5734 5902 sizeof (zoneroot)) >= 0) {
5735 5903 zlen = strlen(zoneroot);
5736 5904 if (zlen > 3 &&
5737 5905 strcmp(zoneroot + zlen - 3, "/lu") == 0)
5738 5906 return (ZONE_STATE_MOUNTED);
5739 5907 }
5740 5908 return (ZONE_STATE_READY);
5741 5909 case ZONE_IS_BOOTING:
5742 5910 case ZONE_IS_RUNNING:
5743 5911 return (ZONE_STATE_RUNNING);
5744 5912 case ZONE_IS_SHUTTING_DOWN:
5745 5913 case ZONE_IS_EMPTY:
5746 5914 return (ZONE_STATE_SHUTTING_DOWN);
5747 5915 case ZONE_IS_DOWN:
5748 5916 case ZONE_IS_DYING:
5749 5917 case ZONE_IS_DEAD:
5750 5918 default:
5751 5919 return (ZONE_STATE_DOWN);
5752 5920 }
5753 5921 /* NOTREACHED */
5754 5922 }
5755 5923
5756 5924 int
5757 5925 zone_get_state(char *zone_name, zone_state_t *state_num)
5758 5926 {
5759 5927 zone_status_t status;
5760 5928 zoneid_t zone_id;
5761 5929 struct zoneent *ze;
5762 5930 boolean_t found = B_FALSE;
5763 5931 FILE *cookie;
5764 5932 char kernzone[ZONENAME_MAX];
5765 5933 FILE *fp;
5766 5934
5767 5935 if (zone_name == NULL)
5768 5936 return (Z_INVAL);
5769 5937
5770 5938 /*
5771 5939 * If we're looking at an alternate root, then we need to query the
5772 5940 * kernel using the scratch zone name.
5773 5941 */
5774 5942 zone_id = -1;
5775 5943 if (*zonecfg_root != '\0' && !zonecfg_is_scratch(zone_name)) {
5776 5944 if ((fp = zonecfg_open_scratch("", B_FALSE)) != NULL) {
5777 5945 if (zonecfg_find_scratch(fp, zone_name, zonecfg_root,
5778 5946 kernzone, sizeof (kernzone)) == 0)
5779 5947 zone_id = getzoneidbyname(kernzone);
5780 5948 zonecfg_close_scratch(fp);
5781 5949 }
5782 5950 } else {
5783 5951 zone_id = getzoneidbyname(zone_name);
5784 5952 }
5785 5953
5786 5954 /* check to see if zone is running */
5787 5955 if (zone_id != -1 &&
5788 5956 zone_getattr(zone_id, ZONE_ATTR_STATUS, &status,
5789 5957 sizeof (status)) >= 0) {
5790 5958 *state_num = kernel_state_to_user_state(zone_id, status);
5791 5959 return (Z_OK);
5792 5960 }
5793 5961
5794 5962 cookie = setzoneent();
5795 5963 while ((ze = getzoneent_private(cookie)) != NULL) {
5796 5964 if (strcmp(ze->zone_name, zone_name) == 0) {
5797 5965 found = B_TRUE;
5798 5966 *state_num = ze->zone_state;
5799 5967 }
5800 5968 free(ze);
5801 5969 if (found)
5802 5970 break;
5803 5971 }
5804 5972 endzoneent(cookie);
5805 5973 return ((found) ? Z_OK : Z_NO_ZONE);
5806 5974 }
5807 5975
5808 5976 int
5809 5977 zone_set_state(char *zone, zone_state_t state)
5810 5978 {
5811 5979 struct zoneent ze;
5812 5980
5813 5981 if (state != ZONE_STATE_CONFIGURED && state != ZONE_STATE_INSTALLED &&
5814 5982 state != ZONE_STATE_INCOMPLETE)
5815 5983 return (Z_INVAL);
5816 5984
5817 5985 bzero(&ze, sizeof (ze));
5818 5986 (void) strlcpy(ze.zone_name, zone, sizeof (ze.zone_name));
5819 5987 ze.zone_state = state;
5820 5988 (void) strlcpy(ze.zone_path, "", sizeof (ze.zone_path));
5821 5989 return (putzoneent(&ze, PZE_MODIFY));
5822 5990 }
5823 5991
5824 5992 /*
5825 5993 * Get id (if any) for specified zone. There are four possible outcomes:
5826 5994 * - If the string corresponds to the numeric id of an active (booted)
5827 5995 * zone, sets *zip to the zone id and returns 0.
5828 5996 * - If the string corresponds to the name of an active (booted) zone,
5829 5997 * sets *zip to the zone id and returns 0.
5830 5998 * - If the string is a name in the configuration but is not booted,
5831 5999 * sets *zip to ZONE_ID_UNDEFINED and returns 0.
5832 6000 * - Otherwise, leaves *zip unchanged and returns -1.
5833 6001 *
5834 6002 * This function acts as an auxiliary filter on the function of the same
5835 6003 * name in libc; the linker binds to this version if libzonecfg exists,
5836 6004 * and the libc version if it doesn't. Any changes to this version of
5837 6005 * the function should probably be reflected in the libc version as well.
5838 6006 */
5839 6007 int
5840 6008 zone_get_id(const char *str, zoneid_t *zip)
5841 6009 {
5842 6010 zone_dochandle_t hdl;
5843 6011 zoneid_t zoneid;
5844 6012 char *cp;
5845 6013 int err;
5846 6014
5847 6015 /* first try looking for active zone by id */
5848 6016 errno = 0;
5849 6017 zoneid = (zoneid_t)strtol(str, &cp, 0);
5850 6018 if (errno == 0 && cp != str && *cp == '\0' &&
5851 6019 getzonenamebyid(zoneid, NULL, 0) != -1) {
5852 6020 *zip = zoneid;
5853 6021 return (0);
5854 6022 }
5855 6023
5856 6024 /* then look for active zone by name */
5857 6025 if ((zoneid = getzoneidbyname(str)) != -1) {
5858 6026 *zip = zoneid;
5859 6027 return (0);
5860 6028 }
5861 6029
5862 6030 /* if in global zone, try looking up name in configuration database */
5863 6031 if (getzoneid() != GLOBAL_ZONEID ||
5864 6032 (hdl = zonecfg_init_handle()) == NULL)
5865 6033 return (-1);
5866 6034
5867 6035 if (zonecfg_get_handle(str, hdl) == Z_OK) {
5868 6036 /* zone exists but isn't active */
5869 6037 *zip = ZONE_ID_UNDEFINED;
5870 6038 err = 0;
5871 6039 } else {
5872 6040 err = -1;
5873 6041 }
5874 6042
5875 6043 zonecfg_fini_handle(hdl);
5876 6044 return (err);
5877 6045 }
5878 6046
5879 6047 char *
5880 6048 zone_state_str(zone_state_t state_num)
5881 6049 {
5882 6050 switch (state_num) {
5883 6051 case ZONE_STATE_CONFIGURED:
5884 6052 return (ZONE_STATE_STR_CONFIGURED);
5885 6053 case ZONE_STATE_INCOMPLETE:
5886 6054 return (ZONE_STATE_STR_INCOMPLETE);
5887 6055 case ZONE_STATE_INSTALLED:
5888 6056 return (ZONE_STATE_STR_INSTALLED);
5889 6057 case ZONE_STATE_READY:
5890 6058 return (ZONE_STATE_STR_READY);
5891 6059 case ZONE_STATE_MOUNTED:
5892 6060 return (ZONE_STATE_STR_MOUNTED);
5893 6061 case ZONE_STATE_RUNNING:
5894 6062 return (ZONE_STATE_STR_RUNNING);
5895 6063 case ZONE_STATE_SHUTTING_DOWN:
5896 6064 return (ZONE_STATE_STR_SHUTTING_DOWN);
5897 6065 case ZONE_STATE_DOWN:
5898 6066 return (ZONE_STATE_STR_DOWN);
5899 6067 default:
5900 6068 return ("unknown");
5901 6069 }
5902 6070 }
5903 6071
5904 6072 /*
5905 6073 * Given a UUID value, find an associated zone name. This is intended to be
5906 6074 * used by callers who set up some 'default' name (corresponding to the
5907 6075 * expected name for the zone) in the zonename buffer, and thus the function
5908 6076 * doesn't touch this buffer on failure.
5909 6077 */
5910 6078 int
5911 6079 zonecfg_get_name_by_uuid(const uuid_t uuidin, char *zonename, size_t namelen)
5912 6080 {
5913 6081 FILE *fp;
5914 6082 struct zoneent *ze;
5915 6083 uchar_t *uuid;
5916 6084
5917 6085 /*
5918 6086 * A small amount of subterfuge via casts is necessary here because
5919 6087 * libuuid doesn't use const correctly, but we don't want to export
5920 6088 * this brokenness to our clients.
5921 6089 */
5922 6090 uuid = (uchar_t *)uuidin;
5923 6091 if (uuid_is_null(uuid))
5924 6092 return (Z_NO_ZONE);
5925 6093 if ((fp = setzoneent()) == NULL)
5926 6094 return (Z_NO_ZONE);
5927 6095 while ((ze = getzoneent_private(fp)) != NULL) {
5928 6096 if (uuid_compare(uuid, ze->zone_uuid) == 0)
5929 6097 break;
5930 6098 free(ze);
5931 6099 }
5932 6100 endzoneent(fp);
5933 6101 if (ze != NULL) {
5934 6102 (void) strlcpy(zonename, ze->zone_name, namelen);
5935 6103 free(ze);
5936 6104 return (Z_OK);
5937 6105 } else {
5938 6106 return (Z_NO_ZONE);
5939 6107 }
5940 6108 }
5941 6109
5942 6110 /*
5943 6111 * Given a zone name, get its UUID. Returns a "NULL" UUID value if the zone
5944 6112 * exists but the file doesn't have a value set yet. Returns an error if the
5945 6113 * zone cannot be located.
5946 6114 */
5947 6115 int
5948 6116 zonecfg_get_uuid(const char *zonename, uuid_t uuid)
5949 6117 {
5950 6118 FILE *fp;
5951 6119 struct zoneent *ze;
5952 6120
5953 6121 if ((fp = setzoneent()) == NULL)
5954 6122 return (Z_NO_ZONE);
5955 6123 while ((ze = getzoneent_private(fp)) != NULL) {
5956 6124 if (strcmp(ze->zone_name, zonename) == 0)
5957 6125 break;
5958 6126 free(ze);
5959 6127 }
5960 6128 endzoneent(fp);
5961 6129 if (ze != NULL) {
5962 6130 uuid_copy(uuid, ze->zone_uuid);
5963 6131 free(ze);
5964 6132 return (Z_OK);
5965 6133 } else {
5966 6134 return (Z_NO_ZONE);
5967 6135 }
5968 6136 }
5969 6137
5970 6138 /*
5971 6139 * File-system convenience functions.
5972 6140 */
5973 6141 boolean_t
5974 6142 zonecfg_valid_fs_type(const char *type)
5975 6143 {
5976 6144 /*
5977 6145 * We already know which FS types don't work.
5978 6146 */
5979 6147 if (strcmp(type, "proc") == 0 ||
5980 6148 strcmp(type, "mntfs") == 0 ||
5981 6149 strcmp(type, "autofs") == 0 ||
5982 6150 strncmp(type, "nfs", sizeof ("nfs") - 1) == 0)
5983 6151 return (B_FALSE);
5984 6152 /*
5985 6153 * The caller may do more detailed verification to make sure other
5986 6154 * aspects of this filesystem type make sense.
5987 6155 */
5988 6156 return (B_TRUE);
5989 6157 }
5990 6158
5991 6159 /*
5992 6160 * Generally uninteresting rctl convenience functions.
5993 6161 */
5994 6162
5995 6163 int
5996 6164 zonecfg_construct_rctlblk(const struct zone_rctlvaltab *rctlval,
5997 6165 rctlblk_t *rctlblk)
5998 6166 {
5999 6167 unsigned long long ull;
6000 6168 char *endp;
6001 6169 rctl_priv_t priv;
6002 6170 rctl_qty_t limit;
6003 6171 uint_t action;
6004 6172
6005 6173 /* Get the privilege */
6006 6174 if (strcmp(rctlval->zone_rctlval_priv, "basic") == 0) {
6007 6175 priv = RCPRIV_BASIC;
6008 6176 } else if (strcmp(rctlval->zone_rctlval_priv, "privileged") == 0) {
6009 6177 priv = RCPRIV_PRIVILEGED;
6010 6178 } else {
6011 6179 /* Invalid privilege */
6012 6180 return (Z_INVAL);
6013 6181 }
6014 6182
6015 6183 /* deal with negative input; strtoull(3c) doesn't do what we want */
6016 6184 if (rctlval->zone_rctlval_limit[0] == '-')
6017 6185 return (Z_INVAL);
6018 6186 /* Get the limit */
6019 6187 errno = 0;
6020 6188 ull = strtoull(rctlval->zone_rctlval_limit, &endp, 0);
6021 6189 if (errno != 0 || *endp != '\0') {
6022 6190 /* parse failed */
6023 6191 return (Z_INVAL);
6024 6192 }
6025 6193 limit = (rctl_qty_t)ull;
6026 6194
6027 6195 /* Get the action */
6028 6196 if (strcmp(rctlval->zone_rctlval_action, "none") == 0) {
6029 6197 action = RCTL_LOCAL_NOACTION;
6030 6198 } else if (strcmp(rctlval->zone_rctlval_action, "signal") == 0) {
6031 6199 action = RCTL_LOCAL_SIGNAL;
6032 6200 } else if (strcmp(rctlval->zone_rctlval_action, "deny") == 0) {
6033 6201 action = RCTL_LOCAL_DENY;
6034 6202 } else {
6035 6203 /* Invalid Action */
6036 6204 return (Z_INVAL);
6037 6205 }
6038 6206 rctlblk_set_local_action(rctlblk, action, 0);
6039 6207 rctlblk_set_privilege(rctlblk, priv);
6040 6208 rctlblk_set_value(rctlblk, limit);
6041 6209 return (Z_OK);
6042 6210 }
6043 6211
6044 6212 static int
6045 6213 rctl_check(const char *rctlname, void *arg)
6046 6214 {
6047 6215 const char *attrname = arg;
6048 6216
6049 6217 /*
6050 6218 * Returning 1 here is our signal to zonecfg_is_rctl() that it is
6051 6219 * indeed an rctl name recognized by the system.
6052 6220 */
6053 6221 return (strcmp(rctlname, attrname) == 0 ? 1 : 0);
6054 6222 }
6055 6223
6056 6224 boolean_t
6057 6225 zonecfg_is_rctl(const char *name)
6058 6226 {
6059 6227 return (rctl_walk(rctl_check, (void *)name) == 1);
6060 6228 }
6061 6229
6062 6230 boolean_t
6063 6231 zonecfg_valid_rctlname(const char *name)
6064 6232 {
6065 6233 const char *c;
6066 6234
6067 6235 if (strncmp(name, "zone.", sizeof ("zone.") - 1) != 0)
6068 6236 return (B_FALSE);
6069 6237 if (strlen(name) == sizeof ("zone.") - 1)
6070 6238 return (B_FALSE);
6071 6239 for (c = name + sizeof ("zone.") - 1; *c != '\0'; c++) {
6072 6240 if (!isalpha(*c) && *c != '-')
6073 6241 return (B_FALSE);
6074 6242 }
6075 6243 return (B_TRUE);
6076 6244 }
6077 6245
6078 6246 boolean_t
6079 6247 zonecfg_valid_rctlblk(const rctlblk_t *rctlblk)
6080 6248 {
6081 6249 rctl_priv_t priv = rctlblk_get_privilege((rctlblk_t *)rctlblk);
6082 6250 uint_t action = rctlblk_get_local_action((rctlblk_t *)rctlblk, NULL);
6083 6251
6084 6252 if (priv != RCPRIV_PRIVILEGED)
6085 6253 return (B_FALSE);
6086 6254 if (action != RCTL_LOCAL_NOACTION && action != RCTL_LOCAL_DENY)
6087 6255 return (B_FALSE);
6088 6256 return (B_TRUE);
6089 6257 }
6090 6258
6091 6259 boolean_t
6092 6260 zonecfg_valid_rctl(const char *name, const rctlblk_t *rctlblk)
6093 6261 {
6094 6262 rctlblk_t *current, *next;
6095 6263 rctl_qty_t limit = rctlblk_get_value((rctlblk_t *)rctlblk);
6096 6264 uint_t action = rctlblk_get_local_action((rctlblk_t *)rctlblk, NULL);
6097 6265 uint_t global_flags;
6098 6266
6099 6267 if (!zonecfg_valid_rctlblk(rctlblk))
6100 6268 return (B_FALSE);
6101 6269 if (!zonecfg_valid_rctlname(name))
6102 6270 return (B_FALSE);
6103 6271
6104 6272 current = alloca(rctlblk_size());
6105 6273 if (getrctl(name, NULL, current, RCTL_FIRST) != 0)
6106 6274 return (B_TRUE); /* not an rctl on this system */
6107 6275 /*
6108 6276 * Make sure the proposed value isn't greater than the current system
6109 6277 * value.
6110 6278 */
6111 6279 next = alloca(rctlblk_size());
6112 6280 while (rctlblk_get_privilege(current) != RCPRIV_SYSTEM) {
6113 6281 rctlblk_t *tmp;
6114 6282
6115 6283 if (getrctl(name, current, next, RCTL_NEXT) != 0)
6116 6284 return (B_FALSE); /* shouldn't happen */
6117 6285 tmp = current;
6118 6286 current = next;
6119 6287 next = tmp;
6120 6288 }
6121 6289 if (limit > rctlblk_get_value(current))
6122 6290 return (B_FALSE);
6123 6291
6124 6292 /*
6125 6293 * Make sure the proposed action is allowed.
6126 6294 */
6127 6295 global_flags = rctlblk_get_global_flags(current);
6128 6296 if ((global_flags & RCTL_GLOBAL_DENY_NEVER) &&
6129 6297 action == RCTL_LOCAL_DENY)
6130 6298 return (B_FALSE);
6131 6299 if ((global_flags & RCTL_GLOBAL_DENY_ALWAYS) &&
6132 6300 action == RCTL_LOCAL_NOACTION)
6133 6301 return (B_FALSE);
6134 6302
6135 6303 return (B_TRUE);
6136 6304 }
6137 6305
6138 6306 /*
6139 6307 * There is always a race condition between reading the initial copy of
6140 6308 * a zones state and its state changing. We address this by providing
6141 6309 * zonecfg_notify_critical_enter and zonecfg_noticy_critical_exit functions.
6142 6310 * When zonecfg_critical_enter is called, sets the state field to LOCKED
6143 6311 * and aquires biglock. Biglock protects against other threads executing
6144 6312 * critical_enter and the state field protects against state changes during
6145 6313 * the critical period.
6146 6314 *
6147 6315 * If any state changes occur, zn_cb will set the failed field of the znotify
6148 6316 * structure. This will cause the critical_exit function to re-lock the
6149 6317 * channel and return an error. Since evsnts may be delayed, the critical_exit
6150 6318 * function "flushes" the queue by putting an event on the queue and waiting for
6151 6319 * zn_cb to notify critical_exit that it received the ping event.
6152 6320 */
6153 6321 static const char *
6154 6322 string_get_tok(const char *in, char delim, int num)
6155 6323 {
6156 6324 int i = 0;
6157 6325
6158 6326 for (; i < num; in++) {
6159 6327 if (*in == delim)
6160 6328 i++;
6161 6329 if (*in == 0)
6162 6330 return (NULL);
6163 6331 }
6164 6332 return (in);
6165 6333 }
6166 6334
6167 6335 static boolean_t
6168 6336 is_ping(sysevent_t *ev)
6169 6337 {
6170 6338 if (strcmp(sysevent_get_subclass_name(ev),
6171 6339 ZONE_EVENT_PING_SUBCLASS) == 0) {
6172 6340 return (B_TRUE);
6173 6341 } else {
6174 6342 return (B_FALSE);
6175 6343 }
6176 6344 }
6177 6345
6178 6346 static boolean_t
6179 6347 is_my_ping(sysevent_t *ev)
6180 6348 {
6181 6349 const char *sender;
6182 6350 char mypid[sizeof (pid_t) * 3 + 1];
6183 6351
6184 6352 (void) snprintf(mypid, sizeof (mypid), "%i", getpid());
6185 6353 sender = string_get_tok(sysevent_get_pub(ev), ':', 3);
6186 6354 if (sender == NULL)
6187 6355 return (B_FALSE);
6188 6356 if (strcmp(sender, mypid) != 0)
6189 6357 return (B_FALSE);
6190 6358 return (B_TRUE);
6191 6359 }
6192 6360
6193 6361 static int
6194 6362 do_callback(struct znotify *zevtchan, sysevent_t *ev)
6195 6363 {
6196 6364 nvlist_t *l;
6197 6365 int zid;
6198 6366 char *zonename;
6199 6367 char *newstate;
6200 6368 char *oldstate;
6201 6369 int ret;
6202 6370 hrtime_t when;
6203 6371
6204 6372 if (strcmp(sysevent_get_subclass_name(ev),
6205 6373 ZONE_EVENT_STATUS_SUBCLASS) == 0) {
6206 6374
6207 6375 if (sysevent_get_attr_list(ev, &l) != 0) {
6208 6376 if (errno == ENOMEM) {
6209 6377 zevtchan->zn_failure_count++;
6210 6378 return (EAGAIN);
6211 6379 }
6212 6380 return (0);
6213 6381 }
6214 6382 ret = 0;
6215 6383
6216 6384 if ((nvlist_lookup_string(l, ZONE_CB_NAME, &zonename) == 0) &&
6217 6385 (nvlist_lookup_string(l, ZONE_CB_NEWSTATE, &newstate)
6218 6386 == 0) &&
6219 6387 (nvlist_lookup_string(l, ZONE_CB_OLDSTATE, &oldstate)
6220 6388 == 0) &&
6221 6389 (nvlist_lookup_uint64(l, ZONE_CB_TIMESTAMP,
6222 6390 (uint64_t *)&when) == 0) &&
6223 6391 (nvlist_lookup_int32(l, ZONE_CB_ZONEID, &zid) == 0)) {
6224 6392 ret = zevtchan->zn_callback(zonename, zid, newstate,
6225 6393 oldstate, when, zevtchan->zn_private);
6226 6394 }
6227 6395
6228 6396 zevtchan->zn_failure_count = 0;
6229 6397 nvlist_free(l);
6230 6398 return (ret);
6231 6399 } else {
6232 6400 /*
6233 6401 * We have received an event in an unknown subclass. Ignore.
6234 6402 */
6235 6403 zevtchan->zn_failure_count = 0;
6236 6404 return (0);
6237 6405 }
6238 6406 }
6239 6407
6240 6408 static int
6241 6409 zn_cb(sysevent_t *ev, void *p)
6242 6410 {
6243 6411 struct znotify *zevtchan = p;
6244 6412 int error;
6245 6413
6246 6414 (void) pthread_mutex_lock(&(zevtchan->zn_mutex));
6247 6415
6248 6416 if (is_ping(ev) && !is_my_ping(ev)) {
6249 6417 (void) pthread_mutex_unlock((&zevtchan->zn_mutex));
6250 6418 return (0);
6251 6419 }
6252 6420
6253 6421 if (zevtchan->zn_state == ZN_LOCKED) {
6254 6422 assert(!is_ping(ev));
6255 6423 zevtchan->zn_failed = B_TRUE;
6256 6424 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6257 6425 return (0);
6258 6426 }
6259 6427
6260 6428 if (zevtchan->zn_state == ZN_PING_INFLIGHT) {
6261 6429 if (is_ping(ev)) {
6262 6430 zevtchan->zn_state = ZN_PING_RECEIVED;
6263 6431 (void) pthread_cond_signal(&(zevtchan->zn_cond));
6264 6432 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6265 6433 return (0);
6266 6434 } else {
6267 6435 zevtchan->zn_failed = B_TRUE;
6268 6436 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6269 6437 return (0);
6270 6438 }
6271 6439 }
6272 6440
6273 6441 if (zevtchan->zn_state == ZN_UNLOCKED) {
6274 6442
6275 6443 error = do_callback(zevtchan, ev);
6276 6444 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6277 6445 /*
6278 6446 * Every ENOMEM failure causes do_callback to increment
6279 6447 * zn_failure_count and every success causes it to
6280 6448 * set zn_failure_count to zero. If we got EAGAIN,
6281 6449 * we will sleep for zn_failure_count seconds and return
6282 6450 * EAGAIN to gpec to try again.
6283 6451 *
6284 6452 * After 55 seconds, or 10 try's we give up and drop the
6285 6453 * event.
6286 6454 */
6287 6455 if (error == EAGAIN) {
6288 6456 if (zevtchan->zn_failure_count > ZONE_CB_RETRY_COUNT) {
6289 6457 return (0);
6290 6458 }
6291 6459 (void) sleep(zevtchan->zn_failure_count);
6292 6460 }
6293 6461 return (error);
6294 6462 }
6295 6463
6296 6464 if (zevtchan->zn_state == ZN_PING_RECEIVED) {
6297 6465 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6298 6466 return (0);
6299 6467 }
6300 6468
6301 6469 abort();
6302 6470 return (0);
6303 6471 }
6304 6472
6305 6473 void
6306 6474 zonecfg_notify_critical_enter(void *h)
6307 6475 {
6308 6476 struct znotify *zevtchan = h;
6309 6477
6310 6478 (void) pthread_mutex_lock(&(zevtchan->zn_bigmutex));
6311 6479 zevtchan->zn_state = ZN_LOCKED;
6312 6480 }
6313 6481
6314 6482 int
6315 6483 zonecfg_notify_critical_exit(void * h)
6316 6484 {
6317 6485
6318 6486 struct znotify *zevtchan = h;
6319 6487
6320 6488 if (zevtchan->zn_state == ZN_UNLOCKED)
6321 6489 return (0);
6322 6490
6323 6491 (void) pthread_mutex_lock(&(zevtchan->zn_mutex));
6324 6492 zevtchan->zn_state = ZN_PING_INFLIGHT;
6325 6493
6326 6494 (void) sysevent_evc_publish(zevtchan->zn_eventchan,
6327 6495 ZONE_EVENT_STATUS_CLASS,
6328 6496 ZONE_EVENT_PING_SUBCLASS, ZONE_EVENT_PING_PUBLISHER,
6329 6497 zevtchan->zn_subscriber_id, NULL, EVCH_SLEEP);
6330 6498
6331 6499 while (zevtchan->zn_state != ZN_PING_RECEIVED) {
6332 6500 (void) pthread_cond_wait(&(zevtchan->zn_cond),
6333 6501 &(zevtchan->zn_mutex));
6334 6502 }
6335 6503
6336 6504 if (zevtchan->zn_failed == B_TRUE) {
6337 6505 zevtchan->zn_state = ZN_LOCKED;
6338 6506 zevtchan->zn_failed = B_FALSE;
6339 6507 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6340 6508 return (1);
6341 6509 }
6342 6510
6343 6511 zevtchan->zn_state = ZN_UNLOCKED;
6344 6512 (void) pthread_mutex_unlock(&(zevtchan->zn_mutex));
6345 6513 (void) pthread_mutex_unlock(&(zevtchan->zn_bigmutex));
6346 6514 return (0);
6347 6515 }
6348 6516
6349 6517 void
6350 6518 zonecfg_notify_critical_abort(void *h)
6351 6519 {
6352 6520 struct znotify *zevtchan = h;
6353 6521
6354 6522 zevtchan->zn_state = ZN_UNLOCKED;
6355 6523 zevtchan->zn_failed = B_FALSE;
6356 6524 /*
6357 6525 * Don't do anything about zn_lock. If it is held, it could only be
6358 6526 * held by zn_cb and it will be unlocked soon.
6359 6527 */
6360 6528 (void) pthread_mutex_unlock(&(zevtchan->zn_bigmutex));
6361 6529 }
6362 6530
6363 6531 void *
6364 6532 zonecfg_notify_bind(int(*func)(const char *zonename, zoneid_t zid,
6365 6533 const char *newstate, const char *oldstate, hrtime_t when, void *p),
6366 6534 void *p)
6367 6535 {
6368 6536 struct znotify *zevtchan;
6369 6537 int i = 1;
6370 6538 int r;
6371 6539
6372 6540 zevtchan = malloc(sizeof (struct znotify));
6373 6541
6374 6542 if (zevtchan == NULL)
6375 6543 return (NULL);
6376 6544
6377 6545 zevtchan->zn_private = p;
6378 6546 zevtchan->zn_callback = func;
6379 6547 zevtchan->zn_state = ZN_UNLOCKED;
6380 6548 zevtchan->zn_failed = B_FALSE;
6381 6549
6382 6550 if (pthread_mutex_init(&(zevtchan->zn_mutex), NULL))
6383 6551 goto out3;
6384 6552 if (pthread_cond_init(&(zevtchan->zn_cond), NULL)) {
6385 6553 (void) pthread_mutex_destroy(&(zevtchan->zn_mutex));
6386 6554 goto out3;
6387 6555 }
6388 6556 if (pthread_mutex_init(&(zevtchan->zn_bigmutex), NULL)) {
6389 6557 (void) pthread_mutex_destroy(&(zevtchan->zn_mutex));
6390 6558 (void) pthread_cond_destroy(&(zevtchan->zn_cond));
6391 6559 goto out3;
6392 6560 }
6393 6561
6394 6562 if (sysevent_evc_bind(ZONE_EVENT_CHANNEL, &(zevtchan->zn_eventchan),
6395 6563 0) != 0)
6396 6564 goto out2;
6397 6565
6398 6566 do {
6399 6567 /*
6400 6568 * At 4 digits the subscriber ID gets too long and we have
6401 6569 * no chance of successfully registering.
6402 6570 */
6403 6571 if (i > 999)
6404 6572 goto out1;
6405 6573
6406 6574 (void) sprintf(zevtchan->zn_subscriber_id, "zone_%li_%i",
6407 6575 getpid() % 999999l, i);
6408 6576
6409 6577 r = sysevent_evc_subscribe(zevtchan->zn_eventchan,
6410 6578 zevtchan->zn_subscriber_id, ZONE_EVENT_STATUS_CLASS, zn_cb,
6411 6579 zevtchan, 0);
6412 6580
6413 6581 i++;
6414 6582
6415 6583 } while (r);
6416 6584
6417 6585 return (zevtchan);
6418 6586 out1:
6419 6587 (void) sysevent_evc_unbind(zevtchan->zn_eventchan);
6420 6588 out2:
6421 6589 (void) pthread_mutex_destroy(&zevtchan->zn_mutex);
6422 6590 (void) pthread_cond_destroy(&zevtchan->zn_cond);
6423 6591 (void) pthread_mutex_destroy(&(zevtchan->zn_bigmutex));
6424 6592 out3:
6425 6593 free(zevtchan);
6426 6594
6427 6595 return (NULL);
6428 6596 }
6429 6597
6430 6598 void
6431 6599 zonecfg_notify_unbind(void *handle)
6432 6600 {
6433 6601
6434 6602 int ret;
6435 6603
6436 6604 (void) sysevent_evc_unbind(((struct znotify *)handle)->zn_eventchan);
6437 6605 /*
6438 6606 * Check that all evc threads have gone away. This should be
6439 6607 * enforced by sysevent_evc_unbind.
6440 6608 */
6441 6609 ret = pthread_mutex_trylock(&((struct znotify *)handle)->zn_mutex);
6442 6610
6443 6611 if (ret)
6444 6612 abort();
6445 6613
6446 6614 (void) pthread_mutex_unlock(&((struct znotify *)handle)->zn_mutex);
6447 6615 (void) pthread_mutex_destroy(&((struct znotify *)handle)->zn_mutex);
6448 6616 (void) pthread_cond_destroy(&((struct znotify *)handle)->zn_cond);
6449 6617 (void) pthread_mutex_destroy(&((struct znotify *)handle)->zn_bigmutex);
6450 6618
6451 6619 free(handle);
6452 6620 }
6453 6621
6454 6622 static int
6455 6623 zonecfg_add_ds_core(zone_dochandle_t handle, struct zone_dstab *tabptr)
6456 6624 {
6457 6625 xmlNodePtr newnode, cur = handle->zone_dh_cur;
6458 6626 int err;
6459 6627
6460 6628 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_DATASET, NULL);
6461 6629 if ((err = newprop(newnode, DTD_ATTR_NAME,
6462 6630 tabptr->zone_dataset_name)) != Z_OK)
6463 6631 return (err);
6464 6632 return (Z_OK);
6465 6633 }
6466 6634
6467 6635 int
6468 6636 zonecfg_add_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
6469 6637 {
6470 6638 int err;
6471 6639
6472 6640 if (tabptr == NULL)
6473 6641 return (Z_INVAL);
6474 6642
6475 6643 if ((err = operation_prep(handle)) != Z_OK)
6476 6644 return (err);
6477 6645
6478 6646 if ((err = zonecfg_add_ds_core(handle, tabptr)) != Z_OK)
6479 6647 return (err);
6480 6648
6481 6649 return (Z_OK);
6482 6650 }
6483 6651
6484 6652 static int
6485 6653 zonecfg_delete_ds_core(zone_dochandle_t handle, struct zone_dstab *tabptr)
6486 6654 {
6487 6655 xmlNodePtr cur = handle->zone_dh_cur;
6488 6656
6489 6657 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6490 6658 if (xmlStrcmp(cur->name, DTD_ELEM_DATASET))
6491 6659 continue;
6492 6660
6493 6661 if (match_prop(cur, DTD_ATTR_NAME,
6494 6662 tabptr->zone_dataset_name)) {
6495 6663 xmlUnlinkNode(cur);
6496 6664 xmlFreeNode(cur);
6497 6665 return (Z_OK);
6498 6666 }
6499 6667 }
6500 6668 return (Z_NO_RESOURCE_ID);
6501 6669 }
6502 6670
6503 6671 int
6504 6672 zonecfg_delete_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
6505 6673 {
6506 6674 int err;
6507 6675
6508 6676 if (tabptr == NULL)
6509 6677 return (Z_INVAL);
6510 6678
6511 6679 if ((err = operation_prep(handle)) != Z_OK)
6512 6680 return (err);
6513 6681
6514 6682 if ((err = zonecfg_delete_ds_core(handle, tabptr)) != Z_OK)
6515 6683 return (err);
6516 6684
6517 6685 return (Z_OK);
6518 6686 }
6519 6687
6520 6688 int
6521 6689 zonecfg_modify_ds(
6522 6690 zone_dochandle_t handle,
6523 6691 struct zone_dstab *oldtabptr,
6524 6692 struct zone_dstab *newtabptr)
6525 6693 {
6526 6694 int err;
6527 6695
6528 6696 if (oldtabptr == NULL || newtabptr == NULL)
6529 6697 return (Z_INVAL);
6530 6698
6531 6699 if ((err = operation_prep(handle)) != Z_OK)
6532 6700 return (err);
6533 6701
6534 6702 if ((err = zonecfg_delete_ds_core(handle, oldtabptr)) != Z_OK)
6535 6703 return (err);
6536 6704
6537 6705 if ((err = zonecfg_add_ds_core(handle, newtabptr)) != Z_OK)
6538 6706 return (err);
6539 6707
6540 6708 return (Z_OK);
6541 6709 }
6542 6710
6543 6711 int
6544 6712 zonecfg_lookup_ds(zone_dochandle_t handle, struct zone_dstab *tabptr)
6545 6713 {
6546 6714 xmlNodePtr cur, firstmatch;
6547 6715 int err;
6548 6716 char dataset[MAXNAMELEN];
6549 6717
6550 6718 if (tabptr == NULL)
6551 6719 return (Z_INVAL);
6552 6720
6553 6721 if ((err = operation_prep(handle)) != Z_OK)
6554 6722 return (err);
6555 6723
6556 6724 cur = handle->zone_dh_cur;
6557 6725 firstmatch = NULL;
6558 6726 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6559 6727 if (xmlStrcmp(cur->name, DTD_ELEM_DATASET))
6560 6728 continue;
6561 6729 if (strlen(tabptr->zone_dataset_name) > 0) {
6562 6730 if ((fetchprop(cur, DTD_ATTR_NAME, dataset,
6563 6731 sizeof (dataset)) == Z_OK) &&
6564 6732 (strcmp(tabptr->zone_dataset_name,
6565 6733 dataset) == 0)) {
6566 6734 if (firstmatch == NULL)
6567 6735 firstmatch = cur;
6568 6736 else
6569 6737 return (Z_INSUFFICIENT_SPEC);
6570 6738 }
6571 6739 }
6572 6740 }
6573 6741 if (firstmatch == NULL)
6574 6742 return (Z_NO_RESOURCE_ID);
6575 6743
6576 6744 cur = firstmatch;
6577 6745
6578 6746 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_dataset_name,
6579 6747 sizeof (tabptr->zone_dataset_name))) != Z_OK)
6580 6748 return (err);
6581 6749
6582 6750 return (Z_OK);
6583 6751 }
6584 6752
6585 6753 int
6586 6754 zonecfg_setdsent(zone_dochandle_t handle)
6587 6755 {
6588 6756 return (zonecfg_setent(handle));
6589 6757 }
6590 6758
6591 6759 int
6592 6760 zonecfg_getdsent(zone_dochandle_t handle, struct zone_dstab *tabptr)
6593 6761 {
6594 6762 xmlNodePtr cur;
6595 6763 int err;
6596 6764
6597 6765 if (handle == NULL)
6598 6766 return (Z_INVAL);
6599 6767
6600 6768 if ((cur = handle->zone_dh_cur) == NULL)
6601 6769 return (Z_NO_ENTRY);
6602 6770
6603 6771 for (; cur != NULL; cur = cur->next)
6604 6772 if (!xmlStrcmp(cur->name, DTD_ELEM_DATASET))
6605 6773 break;
6606 6774 if (cur == NULL) {
6607 6775 handle->zone_dh_cur = handle->zone_dh_top;
6608 6776 return (Z_NO_ENTRY);
6609 6777 }
6610 6778
6611 6779 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_dataset_name,
6612 6780 sizeof (tabptr->zone_dataset_name))) != Z_OK) {
6613 6781 handle->zone_dh_cur = handle->zone_dh_top;
6614 6782 return (err);
6615 6783 }
6616 6784
6617 6785 handle->zone_dh_cur = cur->next;
6618 6786 return (Z_OK);
6619 6787 }
6620 6788
6621 6789 int
6622 6790 zonecfg_enddsent(zone_dochandle_t handle)
6623 6791 {
6624 6792 return (zonecfg_endent(handle));
6625 6793 }
6626 6794
6627 6795 /*
6628 6796 * Support for aliased rctls; that is, rctls that have simplified names in
6629 6797 * zonecfg. For example, max-lwps is an alias for a well defined zone.max-lwps
6630 6798 * rctl. If there are multiple existing values for one of these rctls or if
6631 6799 * there is a single value that does not match the well defined template (i.e.
6632 6800 * it has a different action) then we cannot treat the rctl as having an alias
6633 6801 * so we return Z_ALIAS_DISALLOW. That means that the rctl cannot be
6634 6802 * managed in zonecfg via an alias and that the standard rctl syntax must be
6635 6803 * used.
6636 6804 *
6637 6805 * The possible return values are:
6638 6806 * Z_NO_PROPERTY_ID - invalid alias name
6639 6807 * Z_ALIAS_DISALLOW - pre-existing, incompatible rctl definition
6640 6808 * Z_NO_ENTRY - no rctl is configured for this alias
6641 6809 * Z_OK - we got a valid rctl for the specified alias
6642 6810 */
6643 6811 int
6644 6812 zonecfg_get_aliased_rctl(zone_dochandle_t handle, char *name, uint64_t *rval)
6645 6813 {
6646 6814 boolean_t found = B_FALSE;
6647 6815 boolean_t found_val = B_FALSE;
6648 6816 xmlNodePtr cur, val;
6649 6817 char savedname[MAXNAMELEN];
6650 6818 struct zone_rctlvaltab rctl;
6651 6819 int i;
6652 6820 int err;
6653 6821
6654 6822 for (i = 0; aliases[i].shortname != NULL; i++)
6655 6823 if (strcmp(name, aliases[i].shortname) == 0)
6656 6824 break;
6657 6825
6658 6826 if (aliases[i].shortname == NULL)
6659 6827 return (Z_NO_PROPERTY_ID);
6660 6828
6661 6829 if ((err = operation_prep(handle)) != Z_OK)
6662 6830 return (err);
6663 6831
6664 6832 cur = handle->zone_dh_cur;
6665 6833 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6666 6834 if (xmlStrcmp(cur->name, DTD_ELEM_RCTL) != 0)
6667 6835 continue;
6668 6836 if ((fetchprop(cur, DTD_ATTR_NAME, savedname,
6669 6837 sizeof (savedname)) == Z_OK) &&
6670 6838 (strcmp(savedname, aliases[i].realname) == 0)) {
6671 6839
6672 6840 /*
6673 6841 * If we already saw one of these, we can't have an
6674 6842 * alias since we just found another.
6675 6843 */
6676 6844 if (found)
6677 6845 return (Z_ALIAS_DISALLOW);
6678 6846 found = B_TRUE;
6679 6847
6680 6848 for (val = cur->xmlChildrenNode; val != NULL;
6681 6849 val = val->next) {
6682 6850 /*
6683 6851 * If we already have one value, we can't have
6684 6852 * an alias since we just found another.
6685 6853 */
6686 6854 if (found_val)
6687 6855 return (Z_ALIAS_DISALLOW);
6688 6856 found_val = B_TRUE;
6689 6857
6690 6858 if ((fetchprop(val, DTD_ATTR_PRIV,
6691 6859 rctl.zone_rctlval_priv,
6692 6860 sizeof (rctl.zone_rctlval_priv)) != Z_OK))
6693 6861 break;
6694 6862 if ((fetchprop(val, DTD_ATTR_LIMIT,
6695 6863 rctl.zone_rctlval_limit,
6696 6864 sizeof (rctl.zone_rctlval_limit)) != Z_OK))
6697 6865 break;
6698 6866 if ((fetchprop(val, DTD_ATTR_ACTION,
6699 6867 rctl.zone_rctlval_action,
6700 6868 sizeof (rctl.zone_rctlval_action)) != Z_OK))
6701 6869 break;
6702 6870 }
6703 6871
6704 6872 /* check priv and action match the expected vals */
6705 6873 if (strcmp(rctl.zone_rctlval_priv,
6706 6874 aliases[i].priv) != 0 ||
6707 6875 strcmp(rctl.zone_rctlval_action,
6708 6876 aliases[i].action) != 0)
6709 6877 return (Z_ALIAS_DISALLOW);
6710 6878 }
6711 6879 }
6712 6880
6713 6881 if (found) {
6714 6882 *rval = strtoull(rctl.zone_rctlval_limit, NULL, 10);
6715 6883 return (Z_OK);
6716 6884 }
6717 6885
6718 6886 return (Z_NO_ENTRY);
6719 6887 }
6720 6888
6721 6889 int
6722 6890 zonecfg_rm_aliased_rctl(zone_dochandle_t handle, char *name)
6723 6891 {
6724 6892 int i;
6725 6893 uint64_t val;
6726 6894 struct zone_rctltab rctltab;
6727 6895
6728 6896 /*
6729 6897 * First check that we have a valid aliased rctl to remove.
6730 6898 * This will catch an rctl entry with non-standard values or
6731 6899 * multiple rctl values for this name. We need to ignore those
6732 6900 * rctl entries.
6733 6901 */
6734 6902 if (zonecfg_get_aliased_rctl(handle, name, &val) != Z_OK)
6735 6903 return (Z_OK);
6736 6904
6737 6905 for (i = 0; aliases[i].shortname != NULL; i++)
6738 6906 if (strcmp(name, aliases[i].shortname) == 0)
6739 6907 break;
6740 6908
6741 6909 if (aliases[i].shortname == NULL)
6742 6910 return (Z_NO_RESOURCE_ID);
6743 6911
6744 6912 (void) strlcpy(rctltab.zone_rctl_name, aliases[i].realname,
6745 6913 sizeof (rctltab.zone_rctl_name));
6746 6914
6747 6915 return (zonecfg_delete_rctl(handle, &rctltab));
6748 6916 }
6749 6917
6750 6918 boolean_t
6751 6919 zonecfg_aliased_rctl_ok(zone_dochandle_t handle, char *name)
6752 6920 {
6753 6921 uint64_t tmp_val;
6754 6922
6755 6923 switch (zonecfg_get_aliased_rctl(handle, name, &tmp_val)) {
6756 6924 case Z_OK:
6757 6925 /*FALLTHRU*/
6758 6926 case Z_NO_ENTRY:
6759 6927 return (B_TRUE);
6760 6928 default:
6761 6929 return (B_FALSE);
6762 6930 }
6763 6931 }
6764 6932
6765 6933 int
6766 6934 zonecfg_set_aliased_rctl(zone_dochandle_t handle, char *name, uint64_t val)
6767 6935 {
6768 6936 int i;
6769 6937 int err;
6770 6938 struct zone_rctltab rctltab;
6771 6939 struct zone_rctlvaltab *rctlvaltab;
6772 6940 char buf[128];
6773 6941
6774 6942 if (!zonecfg_aliased_rctl_ok(handle, name))
6775 6943 return (Z_ALIAS_DISALLOW);
6776 6944
6777 6945 for (i = 0; aliases[i].shortname != NULL; i++)
6778 6946 if (strcmp(name, aliases[i].shortname) == 0)
6779 6947 break;
6780 6948
6781 6949 if (aliases[i].shortname == NULL)
6782 6950 return (Z_NO_RESOURCE_ID);
6783 6951
6784 6952 /* remove any pre-existing definition for this rctl */
6785 6953 (void) zonecfg_rm_aliased_rctl(handle, name);
6786 6954
6787 6955 (void) strlcpy(rctltab.zone_rctl_name, aliases[i].realname,
6788 6956 sizeof (rctltab.zone_rctl_name));
6789 6957
6790 6958 rctltab.zone_rctl_valptr = NULL;
6791 6959
6792 6960 if ((rctlvaltab = calloc(1, sizeof (struct zone_rctlvaltab))) == NULL)
6793 6961 return (Z_NOMEM);
6794 6962
6795 6963 (void) snprintf(buf, sizeof (buf), "%llu", (long long)val);
6796 6964
6797 6965 (void) strlcpy(rctlvaltab->zone_rctlval_priv, aliases[i].priv,
6798 6966 sizeof (rctlvaltab->zone_rctlval_priv));
6799 6967 (void) strlcpy(rctlvaltab->zone_rctlval_limit, buf,
6800 6968 sizeof (rctlvaltab->zone_rctlval_limit));
6801 6969 (void) strlcpy(rctlvaltab->zone_rctlval_action, aliases[i].action,
6802 6970 sizeof (rctlvaltab->zone_rctlval_action));
6803 6971
6804 6972 rctlvaltab->zone_rctlval_next = NULL;
6805 6973
6806 6974 if ((err = zonecfg_add_rctl_value(&rctltab, rctlvaltab)) != Z_OK)
6807 6975 return (err);
6808 6976
6809 6977 return (zonecfg_add_rctl(handle, &rctltab));
6810 6978 }
6811 6979
6812 6980 static int
6813 6981 delete_tmp_pool(zone_dochandle_t handle)
6814 6982 {
6815 6983 int err;
6816 6984 xmlNodePtr cur = handle->zone_dh_cur;
6817 6985
6818 6986 if ((err = operation_prep(handle)) != Z_OK)
6819 6987 return (err);
6820 6988
6821 6989 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6822 6990 if (xmlStrcmp(cur->name, DTD_ELEM_TMPPOOL) == 0) {
6823 6991 xmlUnlinkNode(cur);
6824 6992 xmlFreeNode(cur);
6825 6993 return (Z_OK);
6826 6994 }
6827 6995 }
6828 6996
6829 6997 return (Z_NO_RESOURCE_ID);
6830 6998 }
6831 6999
6832 7000 static int
6833 7001 modify_tmp_pool(zone_dochandle_t handle, char *pool_importance)
6834 7002 {
6835 7003 int err;
6836 7004 xmlNodePtr cur = handle->zone_dh_cur;
6837 7005 xmlNodePtr newnode;
6838 7006
6839 7007 err = delete_tmp_pool(handle);
6840 7008 if (err != Z_OK && err != Z_NO_RESOURCE_ID)
6841 7009 return (err);
6842 7010
6843 7011 if (*pool_importance != '\0') {
6844 7012 if ((err = operation_prep(handle)) != Z_OK)
6845 7013 return (err);
6846 7014
6847 7015 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_TMPPOOL, NULL);
6848 7016 if ((err = newprop(newnode, DTD_ATTR_IMPORTANCE,
6849 7017 pool_importance)) != Z_OK)
6850 7018 return (err);
6851 7019 }
6852 7020
6853 7021 return (Z_OK);
6854 7022 }
6855 7023
6856 7024 static int
6857 7025 add_pset_core(zone_dochandle_t handle, struct zone_psettab *tabptr)
6858 7026 {
6859 7027 xmlNodePtr newnode, cur = handle->zone_dh_cur;
6860 7028 int err;
6861 7029
6862 7030 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_PSET, NULL);
6863 7031 if ((err = newprop(newnode, DTD_ATTR_NCPU_MIN,
6864 7032 tabptr->zone_ncpu_min)) != Z_OK)
6865 7033 return (err);
6866 7034 if ((err = newprop(newnode, DTD_ATTR_NCPU_MAX,
6867 7035 tabptr->zone_ncpu_max)) != Z_OK)
6868 7036 return (err);
6869 7037
6870 7038 if ((err = modify_tmp_pool(handle, tabptr->zone_importance)) != Z_OK)
6871 7039 return (err);
6872 7040
6873 7041 return (Z_OK);
6874 7042 }
6875 7043
6876 7044 int
6877 7045 zonecfg_add_pset(zone_dochandle_t handle, struct zone_psettab *tabptr)
6878 7046 {
6879 7047 int err;
6880 7048
6881 7049 if (tabptr == NULL)
6882 7050 return (Z_INVAL);
6883 7051
6884 7052 if ((err = operation_prep(handle)) != Z_OK)
6885 7053 return (err);
6886 7054
6887 7055 if ((err = add_pset_core(handle, tabptr)) != Z_OK)
6888 7056 return (err);
6889 7057
6890 7058 return (Z_OK);
6891 7059 }
6892 7060
6893 7061 int
6894 7062 zonecfg_delete_pset(zone_dochandle_t handle)
6895 7063 {
6896 7064 int err;
6897 7065 int res = Z_NO_RESOURCE_ID;
6898 7066 xmlNodePtr cur = handle->zone_dh_cur;
6899 7067
6900 7068 if ((err = operation_prep(handle)) != Z_OK)
6901 7069 return (err);
6902 7070
6903 7071 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6904 7072 if (xmlStrcmp(cur->name, DTD_ELEM_PSET) == 0) {
6905 7073 xmlUnlinkNode(cur);
6906 7074 xmlFreeNode(cur);
6907 7075 res = Z_OK;
6908 7076 break;
6909 7077 }
6910 7078 }
6911 7079
6912 7080 /*
6913 7081 * Once we have msets, we should check that a mset
6914 7082 * do not exist before we delete the tmp_pool data.
6915 7083 */
6916 7084 err = delete_tmp_pool(handle);
6917 7085 if (err != Z_OK && err != Z_NO_RESOURCE_ID)
6918 7086 return (err);
6919 7087
6920 7088 return (res);
6921 7089 }
6922 7090
6923 7091 int
6924 7092 zonecfg_modify_pset(zone_dochandle_t handle, struct zone_psettab *tabptr)
6925 7093 {
6926 7094 int err;
6927 7095
6928 7096 if (tabptr == NULL)
6929 7097 return (Z_INVAL);
6930 7098
6931 7099 if ((err = zonecfg_delete_pset(handle)) != Z_OK)
6932 7100 return (err);
6933 7101
6934 7102 if ((err = add_pset_core(handle, tabptr)) != Z_OK)
6935 7103 return (err);
6936 7104
6937 7105 return (Z_OK);
6938 7106 }
6939 7107
6940 7108 int
6941 7109 zonecfg_lookup_pset(zone_dochandle_t handle, struct zone_psettab *tabptr)
6942 7110 {
6943 7111 xmlNodePtr cur;
6944 7112 int err;
6945 7113 int res = Z_NO_ENTRY;
6946 7114
6947 7115 if (tabptr == NULL)
6948 7116 return (Z_INVAL);
6949 7117
6950 7118 if ((err = operation_prep(handle)) != Z_OK)
6951 7119 return (err);
6952 7120
6953 7121 /* this is an optional component */
6954 7122 tabptr->zone_importance[0] = '\0';
6955 7123
6956 7124 cur = handle->zone_dh_cur;
6957 7125 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
6958 7126 if (xmlStrcmp(cur->name, DTD_ELEM_PSET) == 0) {
6959 7127 if ((err = fetchprop(cur, DTD_ATTR_NCPU_MIN,
6960 7128 tabptr->zone_ncpu_min,
6961 7129 sizeof (tabptr->zone_ncpu_min))) != Z_OK) {
6962 7130 handle->zone_dh_cur = handle->zone_dh_top;
6963 7131 return (err);
6964 7132 }
6965 7133
6966 7134 if ((err = fetchprop(cur, DTD_ATTR_NCPU_MAX,
6967 7135 tabptr->zone_ncpu_max,
6968 7136 sizeof (tabptr->zone_ncpu_max))) != Z_OK) {
6969 7137 handle->zone_dh_cur = handle->zone_dh_top;
6970 7138 return (err);
6971 7139 }
6972 7140
6973 7141 res = Z_OK;
6974 7142
6975 7143 } else if (xmlStrcmp(cur->name, DTD_ELEM_TMPPOOL) == 0) {
6976 7144 if ((err = fetchprop(cur, DTD_ATTR_IMPORTANCE,
6977 7145 tabptr->zone_importance,
6978 7146 sizeof (tabptr->zone_importance))) != Z_OK) {
6979 7147 handle->zone_dh_cur = handle->zone_dh_top;
6980 7148 return (err);
6981 7149 }
6982 7150 }
6983 7151 }
6984 7152
6985 7153 return (res);
6986 7154 }
6987 7155
6988 7156 int
6989 7157 zonecfg_getpsetent(zone_dochandle_t handle, struct zone_psettab *tabptr)
6990 7158 {
6991 7159 int err;
6992 7160
6993 7161 if ((err = zonecfg_setent(handle)) != Z_OK)
6994 7162 return (err);
6995 7163
6996 7164 err = zonecfg_lookup_pset(handle, tabptr);
6997 7165
6998 7166 (void) zonecfg_endent(handle);
6999 7167
7000 7168 return (err);
7001 7169 }
7002 7170
7003 7171 static int
7004 7172 add_mcap(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
7005 7173 {
7006 7174 xmlNodePtr newnode, cur = handle->zone_dh_cur;
7007 7175 int err;
7008 7176
7009 7177 newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_MCAP, NULL);
7010 7178 if ((err = newprop(newnode, DTD_ATTR_PHYSCAP, tabptr->zone_physmem_cap))
7011 7179 != Z_OK)
7012 7180 return (err);
7013 7181
7014 7182 return (Z_OK);
7015 7183 }
7016 7184
7017 7185 int
7018 7186 zonecfg_delete_mcap(zone_dochandle_t handle)
7019 7187 {
7020 7188 int err;
7021 7189 xmlNodePtr cur = handle->zone_dh_cur;
7022 7190
7023 7191 if ((err = operation_prep(handle)) != Z_OK)
7024 7192 return (err);
7025 7193
7026 7194 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
7027 7195 if (xmlStrcmp(cur->name, DTD_ELEM_MCAP) != 0)
7028 7196 continue;
7029 7197
7030 7198 xmlUnlinkNode(cur);
7031 7199 xmlFreeNode(cur);
7032 7200 return (Z_OK);
7033 7201 }
7034 7202 return (Z_NO_RESOURCE_ID);
7035 7203 }
7036 7204
7037 7205 int
7038 7206 zonecfg_modify_mcap(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
7039 7207 {
7040 7208 int err;
7041 7209
7042 7210 if (tabptr == NULL)
7043 7211 return (Z_INVAL);
7044 7212
7045 7213 err = zonecfg_delete_mcap(handle);
7046 7214 /* it is ok if there is no mcap entry */
7047 7215 if (err != Z_OK && err != Z_NO_RESOURCE_ID)
7048 7216 return (err);
7049 7217
7050 7218 if ((err = add_mcap(handle, tabptr)) != Z_OK)
7051 7219 return (err);
7052 7220
7053 7221 return (Z_OK);
7054 7222 }
7055 7223
7056 7224 int
7057 7225 zonecfg_lookup_mcap(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
7058 7226 {
7059 7227 xmlNodePtr cur;
7060 7228 int err;
7061 7229
7062 7230 if (tabptr == NULL)
7063 7231 return (Z_INVAL);
7064 7232
7065 7233 if ((err = operation_prep(handle)) != Z_OK)
7066 7234 return (err);
7067 7235
7068 7236 cur = handle->zone_dh_cur;
7069 7237 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
7070 7238 if (xmlStrcmp(cur->name, DTD_ELEM_MCAP) != 0)
7071 7239 continue;
7072 7240 if ((err = fetchprop(cur, DTD_ATTR_PHYSCAP,
7073 7241 tabptr->zone_physmem_cap,
7074 7242 sizeof (tabptr->zone_physmem_cap))) != Z_OK) {
7075 7243 handle->zone_dh_cur = handle->zone_dh_top;
7076 7244 return (err);
7077 7245 }
7078 7246
7079 7247 return (Z_OK);
7080 7248 }
7081 7249
7082 7250 return (Z_NO_ENTRY);
7083 7251 }
7084 7252
7085 7253 int
7086 7254 zonecfg_getsecflagsent(zone_dochandle_t handle,
7087 7255 struct zone_secflagstab *tabptr)
7088 7256 {
7089 7257 int err;
7090 7258 xmlNodePtr cur;
7091 7259
7092 7260 if (handle == NULL)
7093 7261 return (Z_INVAL);
7094 7262
7095 7263 if ((err = zonecfg_setent(handle)) != Z_OK)
7096 7264 return (err);
7097 7265
7098 7266
7099 7267 if ((cur = handle->zone_dh_cur) == NULL)
7100 7268 return (Z_NO_ENTRY);
7101 7269
7102 7270 for (; cur != NULL; cur = cur->next) {
7103 7271 if (xmlStrcmp(cur->name, DTD_ELEM_SECFLAGS) == 0)
7104 7272 break;
7105 7273 }
7106 7274
7107 7275 if (cur == NULL) {
7108 7276 handle->zone_dh_cur = handle->zone_dh_top;
7109 7277 return (Z_NO_ENTRY);
7110 7278 }
7111 7279
7112 7280 if ((err = fetchprop(cur, DTD_ATTR_DEFAULT,
7113 7281 tabptr->zone_secflags_default,
7114 7282 sizeof (tabptr->zone_secflags_default))) != Z_OK) {
7115 7283 handle->zone_dh_cur = handle->zone_dh_top;
7116 7284 return (err);
7117 7285 }
7118 7286
7119 7287 if ((err = fetchprop(cur, DTD_ATTR_LOWER,
7120 7288 tabptr->zone_secflags_lower,
7121 7289 sizeof (tabptr->zone_secflags_lower))) != Z_OK) {
7122 7290 handle->zone_dh_cur = handle->zone_dh_top;
7123 7291 return (err);
7124 7292 }
7125 7293
7126 7294 if ((err = fetchprop(cur, DTD_ATTR_UPPER,
7127 7295 tabptr->zone_secflags_upper,
7128 7296 sizeof (tabptr->zone_secflags_upper))) != Z_OK) {
7129 7297 handle->zone_dh_cur = handle->zone_dh_top;
7130 7298 return (err);
7131 7299 }
7132 7300
7133 7301 handle->zone_dh_cur = cur->next;
7134 7302
7135 7303 (void) zonecfg_endent(handle);
7136 7304
7137 7305 return (err);
7138 7306 }
7139 7307
7140 7308 static int
7141 7309 getmcapent_core(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
7142 7310 {
7143 7311 xmlNodePtr cur;
7144 7312 int err;
7145 7313
7146 7314 if (handle == NULL)
7147 7315 return (Z_INVAL);
7148 7316
7149 7317 if ((cur = handle->zone_dh_cur) == NULL)
7150 7318 return (Z_NO_ENTRY);
7151 7319
7152 7320 for (; cur != NULL; cur = cur->next)
7153 7321 if (xmlStrcmp(cur->name, DTD_ELEM_MCAP) == 0)
7154 7322 break;
7155 7323 if (cur == NULL) {
7156 7324 handle->zone_dh_cur = handle->zone_dh_top;
7157 7325 return (Z_NO_ENTRY);
7158 7326 }
7159 7327
7160 7328 if ((err = fetchprop(cur, DTD_ATTR_PHYSCAP, tabptr->zone_physmem_cap,
7161 7329 sizeof (tabptr->zone_physmem_cap))) != Z_OK) {
7162 7330 handle->zone_dh_cur = handle->zone_dh_top;
7163 7331 return (err);
7164 7332 }
7165 7333
7166 7334 handle->zone_dh_cur = cur->next;
7167 7335 return (Z_OK);
7168 7336 }
7169 7337
7170 7338 int
7171 7339 zonecfg_getmcapent(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
7172 7340 {
7173 7341 int err;
7174 7342
7175 7343 if ((err = zonecfg_setent(handle)) != Z_OK)
7176 7344 return (err);
7177 7345
7178 7346 err = getmcapent_core(handle, tabptr);
7179 7347
7180 7348 (void) zonecfg_endent(handle);
7181 7349
7182 7350 return (err);
7183 7351 }
7184 7352
7185 7353 /*
7186 7354 * Get the full tree of pkg metadata in a set of nested AVL trees.
7187 7355 * pkgs_avl is an AVL tree of pkgs.
7188 7356 *
7189 7357 * The zone xml data contains DTD_ELEM_PACKAGE elements.
7190 7358 */
7191 7359 int
7192 7360 zonecfg_getpkgdata(zone_dochandle_t handle, uu_avl_pool_t *pkg_pool,
7193 7361 uu_avl_t *pkgs_avl)
7194 7362 {
7195 7363 xmlNodePtr cur;
7196 7364 int res;
7197 7365 zone_pkg_entry_t *pkg;
7198 7366 char name[MAXNAMELEN];
7199 7367 char version[ZONE_PKG_VERSMAX];
7200 7368
7201 7369 if (handle == NULL)
7202 7370 return (Z_INVAL);
7203 7371
7204 7372 if ((res = zonecfg_setent(handle)) != Z_OK)
7205 7373 return (res);
7206 7374
7207 7375 if ((cur = handle->zone_dh_cur) == NULL) {
7208 7376 res = Z_NO_ENTRY;
7209 7377 goto done;
7210 7378 }
7211 7379
7212 7380 for (; cur != NULL; cur = cur->next) {
7213 7381 if (xmlStrcmp(cur->name, DTD_ELEM_PACKAGE) == 0) {
7214 7382 uu_avl_index_t where;
7215 7383
7216 7384 if ((res = fetchprop(cur, DTD_ATTR_NAME, name,
7217 7385 sizeof (name))) != Z_OK)
7218 7386 goto done;
7219 7387
7220 7388 if ((res = fetchprop(cur, DTD_ATTR_VERSION, version,
7221 7389 sizeof (version))) != Z_OK)
7222 7390 goto done;
7223 7391
7224 7392 if ((pkg = (zone_pkg_entry_t *)
7225 7393 malloc(sizeof (zone_pkg_entry_t))) == NULL) {
7226 7394 res = Z_NOMEM;
7227 7395 goto done;
7228 7396 }
7229 7397
7230 7398 if ((pkg->zpe_name = strdup(name)) == NULL) {
7231 7399 free(pkg);
7232 7400 res = Z_NOMEM;
7233 7401 goto done;
7234 7402 }
7235 7403
7236 7404 if ((pkg->zpe_vers = strdup(version)) == NULL) {
7237 7405 free(pkg->zpe_name);
7238 7406 free(pkg);
7239 7407 res = Z_NOMEM;
7240 7408 goto done;
7241 7409 }
7242 7410
7243 7411 uu_avl_node_init(pkg, &pkg->zpe_entry, pkg_pool);
7244 7412 if (uu_avl_find(pkgs_avl, pkg, NULL, &where) != NULL) {
7245 7413 free(pkg->zpe_name);
7246 7414 free(pkg->zpe_vers);
7247 7415 free(pkg);
7248 7416 } else {
7249 7417 uu_avl_insert(pkgs_avl, pkg, where);
7250 7418 }
7251 7419 }
7252 7420 }
7253 7421
7254 7422 done:
7255 7423 (void) zonecfg_endent(handle);
7256 7424 return (res);
7257 7425 }
7258 7426
7259 7427 int
7260 7428 zonecfg_setdevperment(zone_dochandle_t handle)
7261 7429 {
7262 7430 return (zonecfg_setent(handle));
7263 7431 }
7264 7432
7265 7433 int
7266 7434 zonecfg_getdevperment(zone_dochandle_t handle, struct zone_devpermtab *tabptr)
7267 7435 {
7268 7436 xmlNodePtr cur;
7269 7437 int err;
7270 7438 char buf[128];
7271 7439
7272 7440 tabptr->zone_devperm_acl = NULL;
7273 7441
7274 7442 if (handle == NULL)
7275 7443 return (Z_INVAL);
7276 7444
7277 7445 if ((cur = handle->zone_dh_cur) == NULL)
7278 7446 return (Z_NO_ENTRY);
7279 7447
7280 7448 for (; cur != NULL; cur = cur->next)
7281 7449 if (!xmlStrcmp(cur->name, DTD_ELEM_DEV_PERM))
7282 7450 break;
7283 7451 if (cur == NULL) {
7284 7452 handle->zone_dh_cur = handle->zone_dh_top;
7285 7453 return (Z_NO_ENTRY);
7286 7454 }
7287 7455
7288 7456 if ((err = fetchprop(cur, DTD_ATTR_NAME, tabptr->zone_devperm_name,
7289 7457 sizeof (tabptr->zone_devperm_name))) != Z_OK) {
7290 7458 handle->zone_dh_cur = handle->zone_dh_top;
7291 7459 return (err);
7292 7460 }
7293 7461
7294 7462 if ((err = fetchprop(cur, DTD_ATTR_UID, buf, sizeof (buf))) != Z_OK) {
7295 7463 handle->zone_dh_cur = handle->zone_dh_top;
7296 7464 return (err);
7297 7465 }
7298 7466 tabptr->zone_devperm_uid = (uid_t)atol(buf);
7299 7467
7300 7468 if ((err = fetchprop(cur, DTD_ATTR_GID, buf, sizeof (buf))) != Z_OK) {
7301 7469 handle->zone_dh_cur = handle->zone_dh_top;
7302 7470 return (err);
7303 7471 }
7304 7472 tabptr->zone_devperm_gid = (gid_t)atol(buf);
7305 7473
7306 7474 if ((err = fetchprop(cur, DTD_ATTR_MODE, buf, sizeof (buf))) != Z_OK) {
7307 7475 handle->zone_dh_cur = handle->zone_dh_top;
7308 7476 return (err);
7309 7477 }
7310 7478 tabptr->zone_devperm_mode = (mode_t)strtol(buf, (char **)NULL, 8);
7311 7479
7312 7480 if ((err = fetch_alloc_prop(cur, DTD_ATTR_ACL,
7313 7481 &(tabptr->zone_devperm_acl))) != Z_OK) {
7314 7482 handle->zone_dh_cur = handle->zone_dh_top;
7315 7483 return (err);
7316 7484 }
7317 7485
7318 7486 handle->zone_dh_cur = cur->next;
7319 7487 return (Z_OK);
7320 7488 }
7321 7489
7322 7490 int
7323 7491 zonecfg_enddevperment(zone_dochandle_t handle)
7324 7492 {
7325 7493 return (zonecfg_endent(handle));
7326 7494 }
7327 7495
7328 7496 /* PRINTFLIKE1 */
7329 7497 static void
7330 7498 zerror(const char *zone_name, const char *fmt, ...)
7331 7499 {
7332 7500 va_list alist;
7333 7501
7334 7502 va_start(alist, fmt);
7335 7503 (void) fprintf(stderr, "zone '%s': ", zone_name);
7336 7504 (void) vfprintf(stderr, fmt, alist);
7337 7505 (void) fprintf(stderr, "\n");
7338 7506 va_end(alist);
7339 7507 }
7340 7508
7341 7509 static void
7342 7510 zperror(const char *str)
7343 7511 {
7344 7512 (void) fprintf(stderr, "%s: %s\n", str, strerror(errno));
7345 7513 }
7346 7514
7347 7515 /*
7348 7516 * The following three routines implement a simple locking mechanism to
7349 7517 * ensure that only one instance of zoneadm at a time is able to manipulate
7350 7518 * a given zone. The lock is built on top of an fcntl(2) lock of
7351 7519 * [<altroot>]/var/run/zones/<zonename>.zoneadm.lock. If a zoneadm instance
7352 7520 * can grab that lock, it is allowed to manipulate the zone.
7353 7521 *
7354 7522 * Since zoneadm may call external applications which in turn invoke
7355 7523 * zoneadm again, we introduce the notion of "lock inheritance". Any
7356 7524 * instance of zoneadm that has another instance in its ancestry is assumed
7357 7525 * to be acting on behalf of the original zoneadm, and is thus allowed to
7358 7526 * manipulate its zone.
7359 7527 *
7360 7528 * This inheritance is implemented via the _ZONEADM_LOCK_HELD environment
7361 7529 * variable. When zoneadm is granted a lock on its zone, this environment
7362 7530 * variable is set to 1. When it releases the lock, the variable is set to
7363 7531 * 0. Since a child process inherits its parent's environment, checking
7364 7532 * the state of this variable indicates whether or not any ancestor owns
7365 7533 * the lock.
7366 7534 */
7367 7535 void
7368 7536 zonecfg_init_lock_file(const char *zone_name, char **lock_env)
7369 7537 {
7370 7538 *lock_env = getenv(LOCK_ENV_VAR);
7371 7539 if (*lock_env == NULL) {
7372 7540 if (putenv(zoneadm_lock_not_held) != 0) {
7373 7541 zerror(zone_name, gettext("could not set env: %s"),
7374 7542 strerror(errno));
7375 7543 exit(1);
7376 7544 }
7377 7545 } else {
7378 7546 if (atoi(*lock_env) == 1)
7379 7547 zone_lock_cnt = 1;
7380 7548 }
7381 7549 }
7382 7550
7383 7551 void
7384 7552 zonecfg_release_lock_file(const char *zone_name, int lockfd)
7385 7553 {
7386 7554 /*
7387 7555 * If we are cleaning up from a failed attempt to lock the zone for
7388 7556 * the first time, we might have a zone_lock_cnt of 0. In that
7389 7557 * error case, we don't want to do anything but close the lock
7390 7558 * file.
7391 7559 */
7392 7560 assert(zone_lock_cnt >= 0);
7393 7561 if (zone_lock_cnt > 0) {
7394 7562 assert(getenv(LOCK_ENV_VAR) != NULL);
7395 7563 assert(atoi(getenv(LOCK_ENV_VAR)) == 1);
7396 7564 if (--zone_lock_cnt > 0) {
7397 7565 assert(lockfd == -1);
7398 7566 return;
7399 7567 }
7400 7568 if (putenv(zoneadm_lock_not_held) != 0) {
7401 7569 zerror(zone_name, gettext("could not set env: %s"),
7402 7570 strerror(errno));
7403 7571 exit(1);
7404 7572 }
7405 7573 }
7406 7574 assert(lockfd >= 0);
7407 7575 (void) close(lockfd);
7408 7576 }
7409 7577
7410 7578 int
7411 7579 zonecfg_grab_lock_file(const char *zone_name, int *lockfd)
7412 7580 {
7413 7581 char pathbuf[PATH_MAX];
7414 7582 struct flock flock;
7415 7583
7416 7584 /*
7417 7585 * If we already have the lock, we can skip this expensive song
7418 7586 * and dance.
7419 7587 */
7420 7588 assert(zone_lock_cnt >= 0);
7421 7589 assert(getenv(LOCK_ENV_VAR) != NULL);
7422 7590 if (zone_lock_cnt > 0) {
7423 7591 assert(atoi(getenv(LOCK_ENV_VAR)) == 1);
7424 7592 zone_lock_cnt++;
7425 7593 *lockfd = -1;
7426 7594 return (Z_OK);
7427 7595 }
7428 7596 assert(getenv(LOCK_ENV_VAR) != NULL);
7429 7597 assert(atoi(getenv(LOCK_ENV_VAR)) == 0);
7430 7598
7431 7599 if (snprintf(pathbuf, sizeof (pathbuf), "%s%s", zonecfg_get_root(),
7432 7600 ZONES_TMPDIR) >= sizeof (pathbuf)) {
7433 7601 zerror(zone_name, gettext("alternate root path is too long"));
7434 7602 return (-1);
7435 7603 }
7436 7604 if (mkdir(pathbuf, S_IRWXU) < 0 && errno != EEXIST) {
7437 7605 zerror(zone_name, gettext("could not mkdir %s: %s"), pathbuf,
7438 7606 strerror(errno));
7439 7607 return (-1);
7440 7608 }
7441 7609 (void) chmod(pathbuf, S_IRWXU);
7442 7610
7443 7611 /*
7444 7612 * One of these lock files is created for each zone (when needed).
7445 7613 * The lock files are not cleaned up (except on system reboot),
7446 7614 * but since there is only one per zone, there is no resource
7447 7615 * starvation issue.
7448 7616 */
7449 7617 if (snprintf(pathbuf, sizeof (pathbuf), "%s%s/%s.zoneadm.lock",
7450 7618 zonecfg_get_root(), ZONES_TMPDIR, zone_name) >= sizeof (pathbuf)) {
7451 7619 zerror(zone_name, gettext("alternate root path is too long"));
7452 7620 return (-1);
7453 7621 }
7454 7622 if ((*lockfd = open(pathbuf, O_RDWR|O_CREAT, S_IRUSR|S_IWUSR)) < 0) {
7455 7623 zerror(zone_name, gettext("could not open %s: %s"), pathbuf,
7456 7624 strerror(errno));
7457 7625 return (-1);
7458 7626 }
7459 7627 /*
7460 7628 * Lock the file to synchronize with other zoneadmds
7461 7629 */
7462 7630 flock.l_type = F_WRLCK;
7463 7631 flock.l_whence = SEEK_SET;
7464 7632 flock.l_start = (off_t)0;
7465 7633 flock.l_len = (off_t)0;
7466 7634 if ((fcntl(*lockfd, F_SETLKW, &flock) < 0) ||
7467 7635 (putenv(zoneadm_lock_held) != 0)) {
7468 7636 zerror(zone_name, gettext("unable to lock %s: %s"), pathbuf,
7469 7637 strerror(errno));
7470 7638 zonecfg_release_lock_file(zone_name, *lockfd);
7471 7639 return (-1);
7472 7640 }
7473 7641 zone_lock_cnt = 1;
7474 7642 return (Z_OK);
7475 7643 }
7476 7644
7477 7645 boolean_t
7478 7646 zonecfg_lock_file_held(int *lockfd)
7479 7647 {
7480 7648 if (*lockfd >= 0 || zone_lock_cnt > 0)
7481 7649 return (B_TRUE);
7482 7650 return (B_FALSE);
7483 7651 }
7484 7652
7485 7653 static boolean_t
7486 7654 get_doorname(const char *zone_name, char *buffer)
7487 7655 {
7488 7656 return (snprintf(buffer, PATH_MAX, "%s" ZONE_DOOR_PATH,
7489 7657 zonecfg_get_root(), zone_name) < PATH_MAX);
7490 7658 }
7491 7659
7492 7660 /*
7493 7661 * system daemons are not audited. For the global zone, this occurs
7494 7662 * "naturally" since init is started with the default audit
7495 7663 * characteristics. Since zoneadmd is a system daemon and it starts
7496 7664 * init for a zone, it is necessary to clear out the audit
7497 7665 * characteristics inherited from whomever started zoneadmd. This is
7498 7666 * indicated by the audit id, which is set from the ruid parameter of
7499 7667 * adt_set_user(), below.
7500 7668 */
7501 7669
7502 7670 static void
7503 7671 prepare_audit_context(const char *zone_name)
7504 7672 {
7505 7673 adt_session_data_t *ah;
7506 7674 char *failure = gettext("audit failure: %s");
7507 7675
7508 7676 if (adt_start_session(&ah, NULL, 0)) {
7509 7677 zerror(zone_name, failure, strerror(errno));
7510 7678 return;
7511 7679 }
7512 7680 if (adt_set_user(ah, ADT_NO_AUDIT, ADT_NO_AUDIT,
7513 7681 ADT_NO_AUDIT, ADT_NO_AUDIT, NULL, ADT_NEW)) {
7514 7682 zerror(zone_name, failure, strerror(errno));
7515 7683 (void) adt_end_session(ah);
7516 7684 return;
7517 7685 }
7518 7686 if (adt_set_proc(ah))
7519 7687 zerror(zone_name, failure, strerror(errno));
7520 7688
7521 7689 (void) adt_end_session(ah);
7522 7690 }
7523 7691
7524 7692 static int
7525 7693 start_zoneadmd(const char *zone_name, boolean_t lock)
7526 7694 {
7527 7695 char doorpath[PATH_MAX];
7528 7696 pid_t child_pid;
7529 7697 int error = -1;
7530 7698 int doorfd, lockfd;
7531 7699 struct door_info info;
7532 7700
7533 7701 if (!get_doorname(zone_name, doorpath))
7534 7702 return (-1);
7535 7703
7536 7704 if (lock)
7537 7705 if (zonecfg_grab_lock_file(zone_name, &lockfd) != Z_OK)
7538 7706 return (-1);
7539 7707
7540 7708 /*
7541 7709 * Now that we have the lock, re-confirm that the daemon is
7542 7710 * *not* up and working fine. If it is still down, we have a green
7543 7711 * light to start it.
7544 7712 */
7545 7713 if ((doorfd = open(doorpath, O_RDONLY)) < 0) {
7546 7714 if (errno != ENOENT) {
7547 7715 zperror(doorpath);
7548 7716 goto out;
7549 7717 }
7550 7718 } else {
7551 7719 if (door_info(doorfd, &info) == 0 &&
7552 7720 ((info.di_attributes & DOOR_REVOKED) == 0)) {
7553 7721 error = Z_OK;
7554 7722 (void) close(doorfd);
7555 7723 goto out;
7556 7724 }
7557 7725 (void) close(doorfd);
7558 7726 }
7559 7727
7560 7728 if ((child_pid = fork()) == -1) {
7561 7729 zperror(gettext("could not fork"));
7562 7730 goto out;
7563 7731 }
7564 7732
7565 7733 if (child_pid == 0) {
7566 7734 const char *argv[6], **ap;
7567 7735
7568 7736 /* child process */
7569 7737 prepare_audit_context(zone_name);
7570 7738
7571 7739 ap = argv;
7572 7740 *ap++ = "zoneadmd";
7573 7741 *ap++ = "-z";
7574 7742 *ap++ = zone_name;
7575 7743 if (zonecfg_in_alt_root()) {
7576 7744 *ap++ = "-R";
7577 7745 *ap++ = zonecfg_get_root();
7578 7746 }
7579 7747 *ap = NULL;
7580 7748
7581 7749 (void) execv("/usr/lib/zones/zoneadmd", (char * const *)argv);
7582 7750 /*
7583 7751 * TRANSLATION_NOTE
7584 7752 * zoneadmd is a literal that should not be translated.
7585 7753 */
7586 7754 zperror(gettext("could not exec zoneadmd"));
7587 7755 _exit(1);
7588 7756 } else {
7589 7757 /* parent process */
7590 7758 pid_t retval;
7591 7759 int pstatus = 0;
7592 7760
7593 7761 do {
7594 7762 retval = waitpid(child_pid, &pstatus, 0);
7595 7763 } while (retval != child_pid);
7596 7764 if (WIFSIGNALED(pstatus) || (WIFEXITED(pstatus) &&
7597 7765 WEXITSTATUS(pstatus) != 0)) {
7598 7766 zerror(zone_name, gettext("could not start %s"),
7599 7767 "zoneadmd");
7600 7768 goto out;
7601 7769 }
7602 7770 }
7603 7771 error = Z_OK;
7604 7772 out:
7605 7773 if (lock)
7606 7774 zonecfg_release_lock_file(zone_name, lockfd);
7607 7775 return (error);
7608 7776 }
7609 7777
7610 7778 int
7611 7779 zonecfg_ping_zoneadmd(const char *zone_name)
7612 7780 {
7613 7781 char doorpath[PATH_MAX];
7614 7782 int doorfd;
7615 7783 struct door_info info;
7616 7784
7617 7785 if (!get_doorname(zone_name, doorpath))
7618 7786 return (-1);
7619 7787
7620 7788 if ((doorfd = open(doorpath, O_RDONLY)) < 0) {
7621 7789 return (-1);
7622 7790 }
7623 7791 if (door_info(doorfd, &info) == 0 &&
7624 7792 ((info.di_attributes & DOOR_REVOKED) == 0)) {
7625 7793 (void) close(doorfd);
7626 7794 return (Z_OK);
7627 7795 }
7628 7796 (void) close(doorfd);
7629 7797 return (-1);
7630 7798 }
7631 7799
7632 7800 int
7633 7801 zonecfg_call_zoneadmd(const char *zone_name, zone_cmd_arg_t *arg, char *locale,
7634 7802 boolean_t lock)
7635 7803 {
7636 7804 char doorpath[PATH_MAX];
7637 7805 int doorfd, result;
7638 7806 door_arg_t darg;
7639 7807
7640 7808 zoneid_t zoneid;
7641 7809 uint64_t uniqid = 0;
7642 7810
7643 7811 zone_cmd_rval_t *rvalp;
7644 7812 size_t rlen;
7645 7813 char *cp, *errbuf;
7646 7814
7647 7815 rlen = getpagesize();
7648 7816 if ((rvalp = malloc(rlen)) == NULL) {
7649 7817 zerror(zone_name, gettext("failed to allocate %lu bytes: %s"),
7650 7818 rlen, strerror(errno));
7651 7819 return (-1);
7652 7820 }
7653 7821
7654 7822 if ((zoneid = getzoneidbyname(zone_name)) != ZONE_ID_UNDEFINED) {
7655 7823 (void) zone_getattr(zoneid, ZONE_ATTR_UNIQID, &uniqid,
7656 7824 sizeof (uniqid));
7657 7825 }
7658 7826 arg->uniqid = uniqid;
7659 7827 (void) strlcpy(arg->locale, locale, sizeof (arg->locale));
7660 7828 if (!get_doorname(zone_name, doorpath)) {
7661 7829 zerror(zone_name, gettext("alternate root path is too long"));
7662 7830 free(rvalp);
7663 7831 return (-1);
7664 7832 }
7665 7833
7666 7834 /*
7667 7835 * Loop trying to start zoneadmd; if something goes seriously
7668 7836 * wrong we break out and fail.
7669 7837 */
7670 7838 for (;;) {
7671 7839 if (start_zoneadmd(zone_name, lock) != Z_OK)
7672 7840 break;
7673 7841
7674 7842 if ((doorfd = open(doorpath, O_RDONLY)) < 0) {
7675 7843 zperror(gettext("failed to open zone door"));
7676 7844 break;
7677 7845 }
7678 7846
7679 7847 darg.data_ptr = (char *)arg;
7680 7848 darg.data_size = sizeof (*arg);
7681 7849 darg.desc_ptr = NULL;
7682 7850 darg.desc_num = 0;
7683 7851 darg.rbuf = (char *)rvalp;
7684 7852 darg.rsize = rlen;
7685 7853 if (door_call(doorfd, &darg) != 0) {
7686 7854 (void) close(doorfd);
7687 7855 /*
7688 7856 * We'll get EBADF if the door has been revoked.
7689 7857 */
7690 7858 if (errno != EBADF) {
7691 7859 zperror(gettext("door_call failed"));
7692 7860 break;
7693 7861 }
7694 7862 continue; /* take another lap */
7695 7863 }
7696 7864 (void) close(doorfd);
7697 7865
7698 7866 if (darg.data_size == 0) {
7699 7867 /* Door server is going away; kick it again. */
7700 7868 continue;
7701 7869 }
7702 7870
7703 7871 errbuf = rvalp->errbuf;
7704 7872 while (*errbuf != '\0') {
7705 7873 /*
7706 7874 * Remove any newlines since zerror()
7707 7875 * will append one automatically.
7708 7876 */
7709 7877 cp = strchr(errbuf, '\n');
7710 7878 if (cp != NULL)
7711 7879 *cp = '\0';
7712 7880 zerror(zone_name, "%s", errbuf);
7713 7881 if (cp == NULL)
7714 7882 break;
7715 7883 errbuf = cp + 1;
7716 7884 }
7717 7885 result = rvalp->rval == 0 ? 0 : -1;
7718 7886 free(rvalp);
7719 7887 return (result);
7720 7888 }
7721 7889
7722 7890 free(rvalp);
7723 7891 return (-1);
7724 7892 }
7725 7893
7726 7894 boolean_t
7727 7895 zonecfg_valid_auths(const char *auths, const char *zonename)
7728 7896 {
7729 7897 char *right;
7730 7898 char *tmpauths;
7731 7899 char *lasts;
7732 7900 char authname[MAXAUTHS];
7733 7901 boolean_t status = B_TRUE;
7734 7902
7735 7903 tmpauths = strdup(auths);
7736 7904 if (tmpauths == NULL) {
7737 7905 zerror(zonename, gettext("Out of memory"));
7738 7906 return (B_FALSE);
7739 7907 }
7740 7908 right = strtok_r(tmpauths, ",", &lasts);
7741 7909 while (right != NULL) {
7742 7910 (void) snprintf(authname, MAXAUTHS, "%s%s",
7743 7911 ZONE_AUTH_PREFIX, right);
7744 7912 if (getauthnam(authname) == NULL) {
7745 7913 status = B_FALSE;
7746 7914 zerror(zonename,
7747 7915 gettext("'%s' is not a valid authorization"),
7748 7916 right);
7749 7917 }
7750 7918 right = strtok_r(NULL, ",", &lasts);
7751 7919 }
7752 7920 free(tmpauths);
7753 7921 return (status);
7754 7922 }
7755 7923
7756 7924 int
7757 7925 zonecfg_delete_admins(zone_dochandle_t handle, char *zonename)
7758 7926 {
7759 7927 int err;
7760 7928 struct zone_admintab admintab;
7761 7929 boolean_t changed = B_FALSE;
7762 7930
7763 7931 if ((err = zonecfg_setadminent(handle)) != Z_OK) {
7764 7932 return (err);
7765 7933 }
7766 7934 while (zonecfg_getadminent(handle, &admintab) == Z_OK) {
7767 7935 err = zonecfg_delete_admin(handle, &admintab,
7768 7936 zonename);
7769 7937 if (err != Z_OK) {
7770 7938 (void) zonecfg_endadminent(handle);
7771 7939 return (err);
7772 7940 } else {
7773 7941 changed = B_TRUE;
7774 7942 }
7775 7943 if ((err = zonecfg_setadminent(handle)) != Z_OK) {
7776 7944 return (err);
7777 7945 }
7778 7946 }
7779 7947 (void) zonecfg_endadminent(handle);
7780 7948 return (changed? Z_OK:Z_NO_ENTRY);
7781 7949 }
7782 7950
7783 7951 /*
7784 7952 * Checks if a long authorization applies to this zone.
7785 7953 * If so, it returns true, after destructively stripping
7786 7954 * the authorization of its prefix and zone suffix.
7787 7955 */
7788 7956 static boolean_t
7789 7957 is_zone_auth(char **auth, char *zonename, char *oldzonename)
7790 7958 {
7791 7959 char *suffix;
7792 7960 size_t offset;
7793 7961
7794 7962 offset = strlen(ZONE_AUTH_PREFIX);
7795 7963 if ((strncmp(*auth, ZONE_AUTH_PREFIX, offset) == 0) &&
7796 7964 ((suffix = strchr(*auth, '/')) != NULL)) {
7797 7965 if (strcmp(suffix + 1, zonename) == 0) {
7798 7966 *auth += offset;
7799 7967 suffix[0] = '\0';
7800 7968 return (B_TRUE);
7801 7969 } else if ((oldzonename != NULL) &&
7802 7970 (strcmp(suffix + 1, oldzonename) == 0)) {
7803 7971 *auth += offset;
7804 7972 suffix[0] = '\0';
7805 7973 return (B_TRUE);
7806 7974 }
7807 7975 }
7808 7976 return (B_FALSE);
7809 7977 }
7810 7978
7811 7979 /*
7812 7980 * This function determines whether the zone-specific authorization
7813 7981 * assignments in /etc/user_attr have been changed more recently
7814 7982 * than the equivalent data stored in the zone's configuration file.
7815 7983 * This should only happen if the zone-specific authorizations in
7816 7984 * the user_attr file were modified using a tool other than zonecfg.
7817 7985 * If the configuration file is out-of-date with respect to these
7818 7986 * authorization assignments, it is updated to match those specified
7819 7987 * in /etc/user_attr.
7820 7988 */
7821 7989
7822 7990 int
7823 7991 zonecfg_update_userauths(zone_dochandle_t handle, char *zonename)
7824 7992 {
7825 7993 userattr_t *ua_ptr;
7826 7994 char *authlist;
7827 7995 char *lasts;
7828 7996 FILE *uaf;
7829 7997 struct zone_admintab admintab;
7830 7998 struct stat config_st, ua_st;
7831 7999 char config_file[MAXPATHLEN];
7832 8000 boolean_t changed = B_FALSE;
7833 8001 int err;
7834 8002
7835 8003 if ((uaf = fopen(USERATTR_FILENAME, "r")) == NULL) {
7836 8004 zerror(zonename, gettext("could not open file %s: %s"),
7837 8005 USERATTR_FILENAME, strerror(errno));
7838 8006 if (errno == EACCES)
7839 8007 return (Z_ACCES);
7840 8008 if (errno == ENOENT)
7841 8009 return (Z_NO_ZONE);
7842 8010 return (Z_MISC_FS);
7843 8011 }
7844 8012 if ((err = fstat(fileno(uaf), &ua_st)) != 0) {
7845 8013 zerror(zonename, gettext("could not stat file %s: %s"),
7846 8014 USERATTR_FILENAME, strerror(errno));
7847 8015 (void) fclose(uaf);
7848 8016 return (Z_MISC_FS);
7849 8017 }
7850 8018 if (!config_file_path(zonename, config_file)) {
7851 8019 (void) fclose(uaf);
7852 8020 return (Z_MISC_FS);
7853 8021 }
7854 8022
7855 8023 if ((err = stat(config_file, &config_st)) != 0) {
7856 8024 zerror(zonename, gettext("could not stat file %s: %s"),
7857 8025 config_file, strerror(errno));
7858 8026 (void) fclose(uaf);
7859 8027 return (Z_MISC_FS);
7860 8028 }
7861 8029 if (config_st.st_mtime >= ua_st.st_mtime) {
7862 8030 (void) fclose(uaf);
7863 8031 return (Z_NO_ENTRY);
7864 8032 }
7865 8033 if ((err = zonecfg_delete_admins(handle, zonename)) == Z_OK) {
7866 8034 changed = B_TRUE;
7867 8035 } else if (err != Z_NO_ENTRY) {
7868 8036 (void) fclose(uaf);
7869 8037 return (err);
7870 8038 }
7871 8039 while ((ua_ptr = fgetuserattr(uaf)) != NULL) {
7872 8040 if (ua_ptr->name[0] == '#') {
7873 8041 continue;
7874 8042 }
7875 8043 authlist = kva_match(ua_ptr->attr, USERATTR_AUTHS_KW);
7876 8044 if (authlist != NULL) {
7877 8045 char *cur_auth;
7878 8046 boolean_t first;
7879 8047
7880 8048 first = B_TRUE;
7881 8049 bzero(&admintab.zone_admin_auths, MAXAUTHS);
7882 8050 cur_auth = strtok_r(authlist, ",", &lasts);
7883 8051 while (cur_auth != NULL) {
7884 8052 if (is_zone_auth(&cur_auth, zonename,
7885 8053 NULL)) {
7886 8054 /*
7887 8055 * Add auths for this zone
7888 8056 */
7889 8057 if (first) {
7890 8058 first = B_FALSE;
7891 8059 } else {
7892 8060 (void) strlcat(
7893 8061 admintab.zone_admin_auths,
7894 8062 ",", MAXAUTHS);
7895 8063 }
7896 8064 (void) strlcat(
7897 8065 admintab.zone_admin_auths,
7898 8066 cur_auth, MAXAUTHS);
7899 8067 }
7900 8068 cur_auth = strtok_r(NULL, ",", &lasts);
7901 8069 }
7902 8070 if (!first) {
7903 8071 /*
7904 8072 * Add this right to config file
7905 8073 */
7906 8074 (void) strlcpy(admintab.zone_admin_user,
7907 8075 ua_ptr->name,
7908 8076 sizeof (admintab.zone_admin_user));
7909 8077 err = zonecfg_add_admin(handle,
7910 8078 &admintab, zonename);
7911 8079 if (err != Z_OK) {
7912 8080 (void) fclose(uaf);
7913 8081 return (err);
7914 8082 } else {
7915 8083 changed = B_TRUE;
7916 8084 }
7917 8085 }
7918 8086 }
7919 8087 } /* end-of-while-loop */
7920 8088 (void) fclose(uaf);
7921 8089 return (changed? Z_OK: Z_NO_ENTRY);
7922 8090 }
7923 8091
7924 8092 static void
7925 8093 update_profiles(char *rbac_profs, boolean_t add)
7926 8094 {
7927 8095 char new_profs[MAXPROFS];
7928 8096 char *cur_prof;
7929 8097 boolean_t first = B_TRUE;
7930 8098 boolean_t found = B_FALSE;
7931 8099 char *lasts;
7932 8100
7933 8101 cur_prof = strtok_r(rbac_profs, ",", &lasts);
7934 8102 while (cur_prof != NULL) {
7935 8103 if (strcmp(cur_prof, ZONE_MGMT_PROF) == 0) {
7936 8104 found = B_TRUE;
7937 8105 if (!add) {
7938 8106 cur_prof = strtok_r(NULL, ",", &lasts);
7939 8107 continue;
7940 8108 }
7941 8109 }
7942 8110 if (first) {
7943 8111 first = B_FALSE;
7944 8112 } else {
7945 8113 (void) strlcat(new_profs, ",",
7946 8114 MAXPROFS);
7947 8115 }
7948 8116 (void) strlcat(new_profs, cur_prof,
7949 8117 MAXPROFS);
7950 8118 cur_prof = strtok_r(NULL, ",", &lasts);
7951 8119 }
7952 8120 /*
7953 8121 * Now prepend the Zone Management profile at the beginning
7954 8122 * of the list if it is needed, and append the rest.
7955 8123 * Return the updated list in the original buffer.
7956 8124 */
7957 8125 if (add && !found) {
7958 8126 first = B_FALSE;
7959 8127 (void) strlcpy(rbac_profs, ZONE_MGMT_PROF, MAXPROFS);
7960 8128 } else {
7961 8129 first = B_TRUE;
7962 8130 rbac_profs[0] = '\0';
7963 8131 }
7964 8132 if (strlen(new_profs) > 0) {
7965 8133 if (!first)
7966 8134 (void) strlcat(rbac_profs, ",", MAXPROFS);
7967 8135 (void) strlcat(rbac_profs, new_profs, MAXPROFS);
7968 8136 }
7969 8137 }
7970 8138
7971 8139 #define MAX_CMD_LEN 1024
7972 8140
7973 8141 static int
7974 8142 do_subproc(char *zonename, char *cmdbuf)
7975 8143 {
7976 8144 char inbuf[MAX_CMD_LEN];
7977 8145 FILE *file;
7978 8146 int status;
7979 8147
7980 8148 file = popen(cmdbuf, "r");
7981 8149 if (file == NULL) {
7982 8150 zerror(zonename, gettext("Could not launch: %s"), cmdbuf);
7983 8151 return (-1);
7984 8152 }
7985 8153
7986 8154 while (fgets(inbuf, sizeof (inbuf), file) != NULL)
7987 8155 (void) fprintf(stderr, "%s", inbuf);
7988 8156 status = pclose(file);
7989 8157
7990 8158 if (WIFSIGNALED(status)) {
7991 8159 zerror(zonename, gettext("%s unexpectedly terminated "
7992 8160 "due to signal %d"),
7993 8161 cmdbuf, WTERMSIG(status));
7994 8162 return (-1);
7995 8163 }
7996 8164 assert(WIFEXITED(status));
7997 8165 return (WEXITSTATUS(status));
7998 8166 }
7999 8167
8000 8168 /*
8001 8169 * This function updates the local /etc/user_attr file to
8002 8170 * correspond to the admin settings that are currently being
8003 8171 * committed. The updates are done via usermod and/or rolemod
8004 8172 * depending on the type of the specified user. It is also
8005 8173 * invoked to remove entries from user_attr corresponding to
8006 8174 * removed admin assignments, using an empty auths string.
8007 8175 *
8008 8176 * Because the removed entries are no longer included in the
8009 8177 * cofiguration that is being committed, a linked list of
8010 8178 * removed admin entries is maintained to keep track of such
8011 8179 * transactions. The head of the list is stored in the zone_dh_userauths
8012 8180 * element of the handle strcture.
8013 8181 */
8014 8182 static int
8015 8183 zonecfg_authorize_user_impl(zone_dochandle_t handle, char *user,
8016 8184 char *auths, char *zonename)
8017 8185 {
8018 8186 char *right;
8019 8187 char old_auths[MAXAUTHS];
8020 8188 char new_auths[MAXAUTHS];
8021 8189 char rbac_profs[MAXPROFS];
8022 8190 char *lasts;
8023 8191 userattr_t *u;
8024 8192 boolean_t first = B_TRUE;
8025 8193 boolean_t is_zone_admin = B_FALSE;
8026 8194 char user_cmd[] = "/usr/sbin/usermod";
8027 8195 char role_cmd[] = "/usr/sbin/rolemod";
8028 8196 char *auths_cmd = user_cmd; /* either usermod or rolemod */
8029 8197 char *new_auth_start; /* string containing the new auths */
8030 8198 int new_auth_cnt = 0; /* delta of changed authorizations */
8031 8199
8032 8200 /*
8033 8201 * First get the existing authorizations for this user
8034 8202 */
8035 8203
8036 8204 bzero(&old_auths, sizeof (old_auths));
8037 8205 bzero(&new_auths, sizeof (new_auths));
8038 8206 bzero(&rbac_profs, sizeof (rbac_profs));
8039 8207 if ((u = getusernam(user)) != NULL) {
8040 8208 char *current_auths;
8041 8209 char *current_profs;
8042 8210 char *type;
8043 8211
8044 8212 type = kva_match(u->attr, USERATTR_TYPE_KW);
8045 8213 if (type != NULL) {
8046 8214 if (strcmp(type, USERATTR_TYPE_NONADMIN_KW) == 0)
8047 8215 auths_cmd = role_cmd;
8048 8216 }
8049 8217
8050 8218 current_auths = kva_match(u->attr, USERATTR_AUTHS_KW);
8051 8219 if (current_auths != NULL) {
8052 8220 char *cur_auth;
8053 8221 char *delete_name;
8054 8222 size_t offset;
8055 8223
8056 8224 offset = strlen(ZONE_AUTH_PREFIX);
8057 8225
8058 8226 (void) strlcpy(old_auths, current_auths, MAXAUTHS);
8059 8227 cur_auth = strtok_r(current_auths, ",", &lasts);
8060 8228
8061 8229 /*
8062 8230 * Next, remove any existing authorizations
8063 8231 * for this zone, and determine if the
8064 8232 * user still needs the Zone Management Profile.
8065 8233 */
8066 8234 if (is_renaming(handle))
8067 8235 delete_name = handle->zone_dh_delete_name;
8068 8236 else
8069 8237 delete_name = NULL;
8070 8238 while (cur_auth != NULL) {
8071 8239 if (!is_zone_auth(&cur_auth, zonename,
8072 8240 delete_name)) {
8073 8241 if (first) {
8074 8242 first = B_FALSE;
8075 8243 } else {
8076 8244 (void) strlcat(new_auths, ",",
8077 8245 MAXAUTHS);
8078 8246 }
8079 8247 (void) strlcat(new_auths, cur_auth,
8080 8248 MAXAUTHS);
8081 8249 /*
8082 8250 * If the user has authorizations
8083 8251 * for other zones, then set a
8084 8252 * flag indicate that the Zone
8085 8253 * Management profile should be
8086 8254 * preserved in user_attr.
8087 8255 */
8088 8256 if (strncmp(cur_auth,
8089 8257 ZONE_AUTH_PREFIX, offset) == 0)
8090 8258 is_zone_admin = B_TRUE;
8091 8259 } else {
8092 8260 new_auth_cnt++;
8093 8261 }
8094 8262 cur_auth = strtok_r(NULL, ",", &lasts);
8095 8263 }
8096 8264 }
8097 8265 current_profs = kva_match(u->attr, USERATTR_PROFILES_KW);
8098 8266 if (current_profs != NULL) {
8099 8267 (void) strlcpy(rbac_profs, current_profs, MAXPROFS);
8100 8268 }
8101 8269 free_userattr(u);
8102 8270 }
8103 8271 /*
8104 8272 * The following is done to avoid revisiting the
8105 8273 * user_attr entry for this user
8106 8274 */
8107 8275 (void) zonecfg_remove_userauths(handle, user, "", B_FALSE);
8108 8276
8109 8277 /*
8110 8278 * Convert each right into a properly formatted authorization
8111 8279 */
8112 8280 new_auth_start = new_auths + strlen(new_auths);
8113 8281 if (!first)
8114 8282 new_auth_start++;
8115 8283 right = strtok_r(auths, ",", &lasts);
8116 8284 while (right != NULL) {
8117 8285 char auth[MAXAUTHS];
8118 8286
8119 8287 (void) snprintf(auth, MAXAUTHS, "%s%s/%s",
8120 8288 ZONE_AUTH_PREFIX, right, zonename);
8121 8289 if (first) {
8122 8290 first = B_FALSE;
8123 8291 } else {
8124 8292 (void) strlcat(new_auths, ",", MAXAUTHS);
8125 8293 }
8126 8294 (void) strlcat(new_auths, auth, MAXAUTHS);
8127 8295 is_zone_admin = B_TRUE;
8128 8296 new_auth_cnt--;
8129 8297 right = strtok_r(NULL, ",", &lasts);
8130 8298 }
8131 8299
8132 8300 /*
8133 8301 * Need to update the authorizations in user_attr unless
8134 8302 * the number of old and new authorizations is unchanged
8135 8303 * and the new auths are a substrings of the old auths.
8136 8304 *
8137 8305 * If the user's previous authorizations have changed
8138 8306 * execute the usermod progam to update them in user_attr.
8139 8307 */
8140 8308 if ((new_auth_cnt != 0) ||
8141 8309 (strstr(old_auths, new_auth_start) == NULL)) {
8142 8310 char *cmdbuf;
8143 8311 size_t cmd_len;
8144 8312
8145 8313 update_profiles(rbac_profs, is_zone_admin);
8146 8314 cmd_len = snprintf(NULL, 0, "%s -A \"%s\" -P \"%s\" %s",
8147 8315 auths_cmd, new_auths, rbac_profs, user) + 1;
8148 8316 if ((cmdbuf = malloc(cmd_len)) == NULL) {
8149 8317 return (Z_NOMEM);
8150 8318 }
8151 8319 (void) snprintf(cmdbuf, cmd_len, "%s -A \"%s\" -P \"%s\" %s",
8152 8320 auths_cmd, new_auths, rbac_profs, user);
8153 8321 if (do_subproc(zonename, cmdbuf) != 0) {
8154 8322 free(cmdbuf);
8155 8323 return (Z_SYSTEM);
8156 8324 }
8157 8325 free(cmdbuf);
8158 8326 }
8159 8327
8160 8328 return (Z_OK);
8161 8329 }
8162 8330
8163 8331 int
8164 8332 zonecfg_authorize_users(zone_dochandle_t handle, char *zonename)
8165 8333 {
8166 8334 xmlNodePtr cur;
8167 8335 int err;
8168 8336 char user[MAXUSERNAME];
8169 8337 char auths[MAXAUTHS];
8170 8338
8171 8339 if ((err = operation_prep(handle)) != Z_OK)
8172 8340 return (err);
8173 8341
8174 8342 cur = handle->zone_dh_cur;
8175 8343 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
8176 8344 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
8177 8345 continue;
8178 8346 if (fetchprop(cur, DTD_ATTR_USER, user,
8179 8347 sizeof (user)) != Z_OK)
8180 8348 continue;
8181 8349 if (fetchprop(cur, DTD_ATTR_AUTHS, auths,
8182 8350 sizeof (auths)) != Z_OK)
8183 8351 continue;
8184 8352 if (zonecfg_authorize_user_impl(handle, user, auths, zonename)
8185 8353 != Z_OK)
8186 8354 return (Z_SYSTEM);
8187 8355 }
8188 8356 (void) zonecfg_remove_userauths(handle, "", "", B_TRUE);
8189 8357
8190 8358 return (Z_OK);
8191 8359 }
8192 8360
8193 8361 int
8194 8362 zonecfg_deauthorize_user(zone_dochandle_t handle, char *user, char *zonename)
8195 8363 {
8196 8364 return (zonecfg_authorize_user_impl(handle, user, "", zonename));
8197 8365 }
8198 8366
8199 8367 int
8200 8368 zonecfg_deauthorize_users(zone_dochandle_t handle, char *zonename)
8201 8369 {
8202 8370 xmlNodePtr cur;
8203 8371 int err;
8204 8372 char user[MAXUSERNAME];
8205 8373
8206 8374 if ((err = operation_prep(handle)) != Z_OK)
8207 8375 return (err);
8208 8376
8209 8377 cur = handle->zone_dh_cur;
8210 8378 for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
8211 8379 if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
8212 8380 continue;
8213 8381 if (fetchprop(cur, DTD_ATTR_USER, user,
8214 8382 sizeof (user)) != Z_OK)
8215 8383 continue;
8216 8384 if ((err = zonecfg_deauthorize_user(handle, user,
8217 8385 zonename)) != Z_OK)
8218 8386 return (err);
8219 8387 }
8220 8388 return (Z_OK);
8221 8389 }
8222 8390
8223 8391 int
8224 8392 zonecfg_insert_userauths(zone_dochandle_t handle, char *user, char *zonename)
8225 8393 {
8226 8394 zone_userauths_t *new, **prev, *next;
8227 8395
8228 8396 prev = &handle->zone_dh_userauths;
8229 8397 next = *prev;
8230 8398 while (next) {
8231 8399 if ((strncmp(next->user, user, MAXUSERNAME) == 0) &&
8232 8400 (strncmp(next->zonename, zonename,
8233 8401 ZONENAME_MAX) == 0)) {
8234 8402 /*
8235 8403 * user is already in list
8236 8404 * which isn't supposed to happen!
8237 8405 */
8238 8406 return (Z_OK);
8239 8407 }
8240 8408 prev = &next->next;
8241 8409 next = *prev;
8242 8410 }
8243 8411 new = (zone_userauths_t *)malloc(sizeof (zone_userauths_t));
8244 8412 if (new == NULL)
8245 8413 return (Z_NOMEM);
8246 8414
8247 8415 (void) strlcpy(new->user, user, sizeof (new->user));
8248 8416 (void) strlcpy(new->zonename, zonename, sizeof (new->zonename));
8249 8417 new->next = NULL;
8250 8418 *prev = new;
8251 8419 return (Z_OK);
8252 8420 }
8253 8421
8254 8422 int
8255 8423 zonecfg_remove_userauths(zone_dochandle_t handle, char *user, char *zonename,
8256 8424 boolean_t deauthorize)
8257 8425 {
8258 8426 zone_userauths_t *new, **prev, *next;
8259 8427
8260 8428 prev = &handle->zone_dh_userauths;
8261 8429 next = *prev;
8262 8430
8263 8431 while (next) {
8264 8432 if ((strlen(user) == 0 ||
8265 8433 strncmp(next->user, user, MAXUSERNAME) == 0) &&
8266 8434 (strlen(zonename) == 0 ||
8267 8435 (strncmp(next->zonename, zonename, ZONENAME_MAX) == 0))) {
8268 8436 new = next;
8269 8437 *prev = next->next;
8270 8438 next = *prev;
8271 8439 if (deauthorize)
8272 8440 (void) zonecfg_deauthorize_user(handle,
8273 8441 new->user, new->zonename);
8274 8442 free(new);
8275 8443 continue;
8276 8444 }
8277 8445 prev = &next->next;
8278 8446 next = *prev;
8279 8447 }
8280 8448 return (Z_OK);
8281 8449 }
|
↓ open down ↓ |
2584 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX