return 0;
}
+#ifdef BOS_RESTRICTED_MODE
+static GetRestrict(as)
+struct cmd_syndesc *as; {
+ register struct rx_connection *tconn;
+ afs_int32 code, val;
+
+ tconn = GetConn(as, 0);
+ code = BOZO_GetRestrictedMode(tconn, &val);
+ if (code) printf("bos: failed to get restricted mode (%s)\n", em(code));
+ else printf("Restricted mode is %s\n", val ? "on" : "off");
+
+ return 0;
+}
+
+static SetRestrict(as)
+struct cmd_syndesc *as; {
+ register struct rx_connection *tconn;
+ afs_int32 code, val;
+
+ tconn = GetConn(as, 0);
+ util_GetInt32(as->parms[1].items->data, &val);
+ code = BOZO_SetRestrictedMode(tconn, val);
+ if (code) printf("bos: failed to set restricted mode (%s)\n", em(code));
+ return 0;
+}
+#endif
+
static void add_std_args (ts)
register struct cmd_syndesc *ts;
{
"ignore | remove | attach");
add_std_args (ts);
+#ifdef BOS_RESTRICTED_MODE
+ ts = cmd_CreateSyntax("getrestricted", GetRestrict, 0, "get restrict mode");
+ cmd_AddParm(ts, "-server", CMD_SINGLE, 0, "machine name");
+ add_std_args (ts);
+
+ ts = cmd_CreateSyntax("setrestricted", SetRestrict, 0, "set restrict mode");
+ cmd_AddParm(ts, "-server", CMD_SINGLE, 0, "machine name");
+ cmd_AddParm(ts, "-mode", CMD_SINGLE, 0, "mode to set");
+ add_std_args (ts);
+#endif
#endif
code = cmd_Dispatch(argc, argv);
OUT string spare2<BOZO_BSSIZE>,
OUT string spare3<BOZO_BSSIZE>
) = 114;
+
+GetRestrictedMode(
+ OUT afs_int32 *restmode
+) = 115;
+
+SetRestrictedMode(
+ IN afs_int32 restmode
+) = 116;
+/* RPC #117 will be Salvage, if I get around to it */
extern struct rx_securityClass *bozo_rxsc[2];
extern int bozo_newKTs;
extern int DoLogging;
+#ifdef BOS_RESTRICTED_MODE
+extern int bozo_isrestricted;
+#endif
BOZO_GetRestartTime(acall, atype, aktime)
struct rx_call *acall;
code = BZACCESS;
goto fail;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted) {
+ code = BZACCESS;
+ goto fail;
+ }
+#endif
if (DoLogging) bozo_Log("%s is executing the shell command '%s'\n", caller, acmd);
/* should copy output to acall, but don't yet cause its hard */
osi_auditU (acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END);
return code;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted) {
+ code = BZACCESS;
+ osi_auditU (acall, BOS_UnInstallEvent, code, AUD_STR, aname, AUD_END);
+ return code;
+ }
+#endif
/* construct local path from canonical (wire-format) path */
if (ConstructLocalBinPath(aname, &filepath)) {
char caller[MAXKTCNAMELEN];
if (!afsconf_SuperUser(bozo_confdir, acall, caller)) return BZACCESS;
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted) return BZACCESS;
+#endif
/* construct local path from canonical (wire-format) path */
if (ConstructLocalBinPath(aname, &fpp)) {
code = BZACCESS;
goto fail;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted) {
+ if (strcmp(atype, "cron") || strcmp(ainstance, "salvage-tmp") ||
+ strcmp(ap2, "now") ||
+ strncmp(ap1, AFSDIR_CANONICAL_SERVER_SALVAGER_FILEPATH,
+ strlen(AFSDIR_CANONICAL_SERVER_SALVAGER_FILEPATH))) {
+ code = BZACCESS;
+ goto fail;
+ }
+ }
+#endif
code = bnode_Create(atype, ainstance, &tb, ap1, ap2, ap3, ap4, ap5, notifier,BSTAT_NORMAL);
if (!code)
code = BZACCESS;
goto fail;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted) {
+ code = BZACCESS;
+ goto fail;
+ }
+#endif
if (DoLogging) bozo_Log("%s is executing DeleteBnode '%s'\n", caller, ainstance);
code = bnode_DeleteName(ainstance);
code = BZACCESS;
goto fail;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted) {
+ code = BZACCESS;
+ goto fail;
+ }
+#endif
if (DoLogging) bozo_Log("%s is executing Prune (flags=%d)\n", caller, aflags);
/* first scan AFS binary directory */
code = BZACCESS;
goto fail;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_isrestricted && strchr(aname, '/') &&
+ strcmp(aname, AFSDIR_CANONICAL_SERVER_SLVGLOG_FILEPATH)) {
+ code = BZACCESS;
+ goto fail;
+ }
+#endif
/* construct local path from canonical (wire-format) path */
if (ConstructLocalLogPath(aname, &logpath)) {
return BZNOENT;
}
+#ifdef BOS_RESTRICTED_MODE
+BOZO_GetRestrictedMode(acall, arestmode)
+struct rx_call *acall;
+afs_int32 *arestmode;
+{
+ *arestmode=bozo_isrestricted;
+ return 0;
+}
+
+BOZO_SetRestrictedMode(acall, arestmode)
+struct rx_call *acall;
+afs_int32 arestmode;
+{
+ afs_int32 code;
+ char caller[MAXKTCNAMELEN];
+
+ if (!afsconf_SuperUser(bozo_confdir, acall, caller)) {
+ return BZACCESS;
+ }
+ if (bozo_isrestricted) {
+ return BZACCESS;
+ }
+ if (arestmode !=0 && arestmode !=1) {
+ return BZDOM;
+ }
+ bozo_isrestricted=arestmode;
+ code = WriteBozoFile(0);
+ fail:
+ return code;
+}
+#else
+BOZO_GetRestrictedMode(acall, arestmode)
+struct rx_call *acall;
+afs_int32 *arestmode;
+{
+ return RXGEN_OPCODE;
+}
+
+BOZO_SetRestrictedMode(acall, arestmode)
+struct rx_call *acall;
+afs_int32 arestmode;
+{
+ return RXGEN_OPCODE;
+}
+#endif
void bozo_ShutdownAndExit(int asignal)
{
struct ktime bozo_nextRestartKT, bozo_nextDayKT;
int bozo_newKTs;
+#ifdef BOS_RESTRICTED_MODE
+int bozo_isrestricted=0;
+int bozo_restdisable=0;
+
+void bozo_insecureme(int sig)
+{
+ signal(SIGFPE, bozo_insecureme);
+ bozo_isrestricted=0;
+ bozo_restdisable=1;
+}
+#endif
struct bztemp {
FILE *file;
afs_int32 i, goal;
struct bnode *tb;
char *parms[MAXPARMS];
+#ifdef BOS_RESTRICTED_MODE
+ int rmode;
+#endif
/* rename BozoInit to BosServer for the user */
if (!aname) {
continue;
}
+#ifdef BOS_RESTRICTED_MODE
+ if (strncmp(tbuffer, "restrictmode", 12) == 0) {
+ code = sscanf(tbuffer, "restrictmode %d",
+ &rmode);
+ if (code != 1) {
+ code = -1;
+ goto fail;
+ }
+ if (rmode !=0 && rmode != 1) {
+ code = -1;
+ goto fail;
+ }
+ bozo_isrestricted=rmode;
+ continue;
+ }
+#endif
+
if (strncmp("bnode", tbuffer, 5) != 0) {
code = -1;
goto fail;
tfile = fopen(tbuffer, "w");
if (!tfile) return -1;
btemp.file = tfile;
+#ifdef BOS_RESTRICTED_MODE
+ fprintf(tfile, "restrictmode %d\n", bozo_isrestricted);
+#endif
fprintf(tfile, "restarttime %d %d %d %d %d\n", bozo_nextRestartKT.mask,
bozo_nextRestartKT.day, bozo_nextRestartKT.hour, bozo_nextRestartKT.min,
bozo_nextRestartKT.sec);
IOMGR_Sleep(60);
now = FT_ApproxTime();
+#ifdef BOS_RESTRICTED_MODE
+ if (bozo_restdisable) {
+ bozo_Log("Restricted mode disabled by signal\n");
+ bozo_restdisable=0;
+ }
+#endif
if (bozo_newKTs) { /* need to recompute restart times */
bozo_newKTs = 0; /* done for a while */
nextRestart = ktime_next(&bozo_nextRestartKT, BOZO_MINSKIP);
sigaction(SIGSEGV, &nsa, NULL);
sigaction(SIGABRT, &nsa, NULL);
#endif
+#ifdef BOS_RESTRICTED_MODE
+ signal(SIGFPE, bozo_insecureme);
+#endif
#ifdef AFS_NT40_ENV
/* Initialize winsock */
else if (strcmp(argv[code], "-enable_process_stats")==0) {
rx_enableProcessRPCStats();
}
+#ifdef BOS_RESTRICTED_MODE
+ else if (strcmp(argv[code], "-restricted")==0) {
+ bozo_isrestricted=1;
+ }
+#endif
else {
/* hack to support help flag */
projects / packages / o / openafs.git / commitdiff