1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25 /* 26 * Additional API for Identity Mapping Service 27 */ 28 29 #ifndef _IDMAP_PRIV_H 30 #define _IDMAP_PRIV_H 31 32 33 #include <libscf.h> 34 #include <resolv.h> 35 36 #include "idmap.h" 37 #include <rpcsvc/idmap_prot.h> 38 39 #ifdef __cplusplus 40 extern "C" { 41 #endif 42 43 #define IDMAP_MAX_NAME_LEN 512 44 45 #define IDMAP_ERROR(rc) (rc != IDMAP_SUCCESS && rc != IDMAP_NEXT) 46 #define IDMAP_FATAL_ERROR(rc) (rc == IDMAP_ERR_MEMORY ||\ 47 rc == IDMAP_ERR_DB) 48 49 50 /* is_user values */ 51 52 #define IDMAP_YES 1 53 #define IDMAP_NO 0 54 #define IDMAP_UNKNOWN -1 55 56 #define CHECK_NULL(s) (s != NULL ? s : "null") 57 #define EMPTY_STRING(str) (str == NULL || *str == '\0') 58 59 /* Opaque handle to batch config add/remove operations */ 60 typedef struct idmap_udt_handle idmap_udt_handle_t; 61 62 /* Opaque iterator */ 63 typedef struct idmap_iter idmap_iter_t; 64 65 66 /* 67 * Update API 68 */ 69 70 /* Create handle for updates */ 71 extern idmap_stat idmap_udt_create(idmap_handle_t *, 72 idmap_udt_handle_t **); 73 74 /* Commit */ 75 extern idmap_stat idmap_udt_commit(idmap_udt_handle_t *); 76 77 /* Get index of the failed batch element */ 78 extern idmap_stat idmap_udt_get_error_index(idmap_udt_handle_t *, int64_t *); 79 80 /* Get the rule which caused the batch to failed */ 81 extern idmap_stat idmap_udt_get_error_rule(idmap_udt_handle_t *, char **, 82 char **, char **, boolean_t *, boolean_t *, boolean_t *, int *); 83 84 /* Get the rule which caused a conflict */ 85 extern idmap_stat idmap_udt_get_conflict_rule(idmap_udt_handle_t *, char **, 86 char **, char **, boolean_t *, boolean_t *, boolean_t *, int *); 87 88 /* Destroy the update handle */ 89 extern void idmap_udt_destroy(idmap_udt_handle_t *); 90 91 /* Add name-based mapping rule */ 92 extern idmap_stat idmap_udt_add_namerule(idmap_udt_handle_t *, const char *, 93 boolean_t, boolean_t, const char *, const char *, boolean_t, int); 94 95 /* Remove name-based mapping rule */ 96 extern idmap_stat idmap_udt_rm_namerule(idmap_udt_handle_t *, boolean_t, 97 boolean_t, const char *, const char *, const char *, int); 98 99 /* Flush name-based mapping rules */ 100 extern idmap_stat idmap_udt_flush_namerules(idmap_udt_handle_t *); 101 102 /* Flush caches */ 103 extern idmap_stat idmap_flush(idmap_handle_t *, idmap_flush_op); 104 105 /* 106 * Iterator API 107 */ 108 109 /* Create a iterator to get SID to UID/GID mappings */ 110 extern idmap_stat idmap_iter_mappings(idmap_handle_t *, idmap_iter_t **, 111 int flag); 112 113 /* Iterate through the SID to UID/GID mappings */ 114 extern idmap_stat idmap_iter_next_mapping(idmap_iter_t *, char **, 115 idmap_rid_t *, uid_t *, char **, char **, char **, boolean_t *, 116 boolean_t *, int *, idmap_info *); 117 118 /* Create a iterator to get name-based mapping rules */ 119 extern idmap_stat idmap_iter_namerules(idmap_handle_t *, const char *, 120 boolean_t, boolean_t, const char *, const char *, idmap_iter_t **); 121 122 /* Iterate through the name-based mapping rules */ 123 extern idmap_stat idmap_iter_next_namerule(idmap_iter_t *, char **, 124 char **, char **, boolean_t *, boolean_t *, boolean_t *, int *); 125 126 /* Set the number of entries requested per batch */ 127 extern idmap_stat idmap_iter_set_limit(idmap_iter_t *, uint64_t); 128 129 /* Destroy the iterator */ 130 extern void idmap_iter_destroy(idmap_iter_t *); 131 132 133 /* 134 * Get mapping 135 */ 136 extern idmap_stat idmap_get_w2u_mapping(idmap_handle_t *, const char *, 137 idmap_rid_t *, const char *, const char *, int, int *, int *, 138 uid_t *, char **, int *, idmap_info *); 139 140 extern idmap_stat idmap_get_u2w_mapping(idmap_handle_t *, uid_t *, 141 const char *, int, int, int *, char **, idmap_rid_t *, char **, 142 char **, int *, idmap_info *); 143 144 145 /* 146 * Miscellaneous 147 */ 148 149 /* string to status */ 150 extern idmap_stat idmap_string2stat(const char *); 151 152 /* internal status to protocol status */ 153 extern idmap_stat idmap_stat4prot(idmap_stat); 154 155 /* copy idmap_namerule including strings */ 156 extern idmap_stat idmap_namerule_cpy(idmap_namerule *, idmap_namerule *); 157 158 /* Move idmap_info info including strings */ 159 extern void idmap_info_mov(idmap_info *to, idmap_info *from); 160 161 /* free idmap_info info from user supplied struct */ 162 extern void idmap_info_free(idmap_info *); 163 extern void idmap_how_clear(idmap_how *); 164 165 166 /* 167 * Extended API to batch SID to UID/GID mapping requests 168 */ 169 170 /* Given SID, get UID */ 171 extern idmap_stat idmap_getext_uidbysid(idmap_get_handle_t *, char *, 172 idmap_rid_t, int, uid_t *, idmap_info *, idmap_stat *); 173 174 /* Given SID, get GID */ 175 extern idmap_stat idmap_getext_gidbysid(idmap_get_handle_t *, char *, 176 idmap_rid_t, int, gid_t *, idmap_info *, idmap_stat *); 177 178 /* Given SID, get UID or GID */ 179 extern idmap_stat idmap_getext_pidbysid(idmap_get_handle_t *, char *, 180 idmap_rid_t, int, uid_t *, int *, idmap_info *, idmap_stat *); 181 182 /* Given UID, get SID */ 183 extern idmap_stat idmap_getext_sidbyuid(idmap_get_handle_t *, uid_t, int, 184 char **, idmap_rid_t *, idmap_info *, idmap_stat *); 185 186 /* Given GID, get SID */ 187 extern idmap_stat idmap_getext_sidbygid(idmap_get_handle_t *, gid_t, int, 188 char **, idmap_rid_t *, idmap_info *, idmap_stat *); 189 190 /* Properties */ 191 extern idmap_stat idmap_get_prop_ds(idmap_handle_t *, idmap_prop_type, 192 idmap_ad_disc_ds_t *); 193 extern idmap_stat idmap_get_prop_str(idmap_handle_t *, idmap_prop_type, 194 char **); 195 196 /* 197 * Trace 198 * 199 * These are the names of the trace parameters that may be returned 200 * when tracing is requested. 201 */ 202 #define IDMAP_TRACE_NAME_MAX 100 /* max length of a trace param name */ 203 #define IDMAP_TRACE_TYPE "-type" /* prefix with "from" or "to" */ 204 #define IDMAP_TRACE_NAME "-name" /* prefix with "from" or "to" */ 205 #define IDMAP_TRACE_SID "-sid" /* prefix with "from" or "to" */ 206 #define IDMAP_TRACE_UNIXID "-unixid" /* prefix with "from" or "to" */ 207 #define IDMAP_TRACE_ERROR "error" 208 #define IDMAP_TRACE_MESSAGE "message" 209 210 extern void idmap_trace_print_1(FILE *out, char *prefix, nvlist_t *entry); 211 extern void idmap_trace_print(FILE *out, char *prefix, nvlist_t *trace); 212 213 #ifdef __cplusplus 214 } 215 #endif 216 217 #endif /* _IDMAP_PRIV_H */ 218