/linux-2.6.21.1-rsbac-1.3.4/include/rsbac/um.h File Reference

#include <linux/init.h>
#include <rsbac/types.h>
#include <rsbac/um_types.h>

Go to the source code of this file.

Functions

int rsbac_init_um (void) __init
int rsbac_stats_um (void)
int rsbac_um_add_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t *user_p, struct rsbac_um_user_entry_t *entry_p, char *pass, rsbac_time_t ttl)
int rsbac_um_add_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t *group_p, struct rsbac_um_group_entry_t *entry_p, char *pass, rsbac_time_t ttl)
int rsbac_um_add_gm (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, rsbac_gid_t group, rsbac_time_t ttl)
int rsbac_um_mod_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int rsbac_um_mod_group (rsbac_list_ta_number_t ta_number, rsbac_uid_t group, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int rsbac_um_get_user_item (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int rsbac_um_get_group_item (rsbac_list_ta_number_t ta_number, rsbac_gid_t group, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int rsbac_um_user_exists (rsbac_list_ta_number_t ta_number, rsbac_uid_t user)
int rsbac_um_group_exists (rsbac_list_ta_number_t ta_number, rsbac_gid_t group)
int rsbac_um_remove_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t user)
int rsbac_um_remove_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t group)
int rsbac_um_remove_gm (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, rsbac_gid_t group)
int rsbac_um_get_next_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t old_user, rsbac_uid_t *next_user_p)
int rsbac_um_get_user_list (rsbac_list_ta_number_t ta_number, rsbac_uid_t **list_pp)
int rsbac_um_get_gm_list (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, rsbac_gid_t **list_pp)
int rsbac_um_get_gm_user_list (rsbac_list_ta_number_t ta_number, rsbac_gid_t group, rsbac_uid_t **list_pp)
int rsbac_um_get_group_list (rsbac_list_ta_number_t ta_number, rsbac_gid_t **list_pp)
int rsbac_um_get_user_entry (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, struct rsbac_um_user_entry_t *entry_p, rsbac_time_t *ttl_p)
int rsbac_um_get_uid (rsbac_list_ta_number_t ta_number, char *name, rsbac_uid_t *uid_p)
int rsbac_um_get_gid (rsbac_list_ta_number_t ta_number, char *name, rsbac_gid_t *gid_p)
int rsbac_um_check_pass (rsbac_uid_t uid, char *pass)
int rsbac_um_good_pass (rsbac_uid_t uid, char *pass)
int rsbac_um_set_pass (rsbac_uid_t uid, char *pass)
int rsbac_um_set_group_pass (rsbac_gid_t gid, char *pass)
int rsbac_um_check_account (rsbac_uid_t user)


Function Documentation

int rsbac_init_um ( void   ) 

Definition at line 209 of file um_data_structures.c.

References get_error_name(), group_handle, nr_group_hashes, nr_user_hashes, NULL, proc_rsbac_root_p, RSBAC_EREINIT, rsbac_is_initialized(), rsbac_kmalloc(), RSBAC_LIST_AUTO_HASH_RESIZE, RSBAC_LIST_BACKUP, RSBAC_LIST_DEF_DATA, rsbac_list_hash_gid(), rsbac_list_hash_uid(), rsbac_list_lol_register_hashed(), RSBAC_LIST_PERSIST, rsbac_list_register_hashed(), RSBAC_LIST_REPLICATE, RSBAC_LIST_VERSION, RSBAC_MAXNAMELEN, rsbac_pr_debug, rsbac_printk(), RSBAC_UM_GROUP_LIST_KEY, RSBAC_UM_GROUP_LIST_NAME, RSBAC_UM_GROUP_LIST_VERSION, RSBAC_UM_NR_GROUP_LISTS, RSBAC_UM_NR_USER_LISTS, RSBAC_UM_OLD_GROUP_LIST_NAME, RSBAC_UM_OLD_USER_LIST_NAME, RSBAC_UM_OLD_USER_PWHISTORY_LIST_NAME, RSBAC_UM_PASS_LEN, RSBAC_UM_USER_LIST_KEY, RSBAC_UM_USER_LIST_NAME, RSBAC_UM_USER_LIST_VERSION, RSBAC_UM_USER_PWHISTORY_LIST_KEY, RSBAC_UM_USER_PWHISTORY_LIST_NAME, RSBAC_UM_USER_PWHISTORY_LIST_VERSION, and user_handle.

Referenced by rsbac_do_init().

00211 {
00212         int err = 0;
00213         struct proc_dir_entry *tmp_entry_p;
00214         struct rsbac_list_info_t *list_info_p;
00215         struct rsbac_list_lol_info_t *lol_info_p;
00216 
00217         if (rsbac_is_initialized()) {
00218                 rsbac_printk(KERN_WARNING "rsbac_init_um(): RSBAC already initialized\n");
00219                 return (-RSBAC_EREINIT);
00220         }
00221 
00222         /* set rw-spinlocks to unlocked status and init data structures */
00223         rsbac_printk(KERN_INFO "rsbac_init_um(): Initializing RSBAC: User Management subsystem\n");
00224 
00225         list_info_p = kmalloc(sizeof(*list_info_p), GFP_KERNEL);
00226         if (!list_info_p) {
00227                 return -ENOMEM;
00228         }
00229         lol_info_p = kmalloc(sizeof(*lol_info_p), GFP_KERNEL);
00230         if (!lol_info_p) {
00231                 kfree(list_info_p);
00232                 return -ENOMEM;
00233         }
00234 
00235         lol_info_p->version = RSBAC_UM_USER_LIST_VERSION;
00236         lol_info_p->key = RSBAC_UM_USER_LIST_KEY;
00237         lol_info_p->desc_size = sizeof(rsbac_uid_t);
00238         lol_info_p->data_size = sizeof(struct rsbac_um_user_entry_t);
00239         lol_info_p->subdesc_size = sizeof(rsbac_gid_t);
00240         lol_info_p->subdata_size = 0;
00241         lol_info_p->max_age = 0;
00242         nr_user_hashes = RSBAC_UM_NR_USER_LISTS;
00243         err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION,
00244                                 &user_handle, lol_info_p,
00245 #ifdef CONFIG_RSBAC_DEV_USER_BACKUP
00246                                 RSBAC_LIST_BACKUP |
00247 #endif
00248                                 RSBAC_LIST_PERSIST |
00249                                 RSBAC_LIST_REPLICATE |
00250                                 RSBAC_LIST_AUTO_HASH_RESIZE, NULL,
00251                                 NULL, NULL, NULL, NULL, NULL,
00252                                 RSBAC_UM_USER_LIST_NAME,
00253                                 RSBAC_AUTO_DEV,
00254                                 nr_user_hashes,
00255                                 rsbac_list_hash_uid,
00256                                 RSBAC_UM_OLD_USER_LIST_NAME);
00257         if (err) {
00258                 char *tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00259 
00260                 if (tmp) {
00261                         rsbac_printk(KERN_WARNING "rsbac_init_um(): Registering user list of lists %s failed with error %s\n",
00262                                      RSBAC_UM_USER_LIST_NAME, get_error_name(tmp, err));
00263                 }
00264         }
00265 
00266         list_info_p->version = RSBAC_UM_GROUP_LIST_VERSION;
00267         list_info_p->key = RSBAC_UM_GROUP_LIST_KEY;
00268         list_info_p->desc_size = sizeof(rsbac_gid_t);
00269         list_info_p->data_size = sizeof(struct rsbac_um_group_entry_t);
00270         list_info_p->max_age = 0;
00271         nr_group_hashes = RSBAC_UM_NR_GROUP_LISTS;
00272         err = rsbac_list_register_hashed(RSBAC_LIST_VERSION,
00273                                 &group_handle, list_info_p,
00274 #ifdef CONFIG_RSBAC_DEV_USER_BACKUP
00275                                 RSBAC_LIST_BACKUP |
00276 #endif
00277                                 RSBAC_LIST_PERSIST |
00278                                 RSBAC_LIST_REPLICATE |
00279                                 RSBAC_LIST_AUTO_HASH_RESIZE, NULL, NULL,
00280                                 NULL, RSBAC_UM_GROUP_LIST_NAME,
00281                                 RSBAC_AUTO_DEV,
00282                                 nr_group_hashes,
00283                                 rsbac_list_hash_gid,
00284                                 RSBAC_UM_OLD_GROUP_LIST_NAME);
00285         if (err) {
00286                 char *tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00287 
00288                 if (tmp) {
00289                         rsbac_printk(KERN_WARNING "rsbac_init_um(): Registering group list %s failed with error %s\n",
00290                                      RSBAC_UM_GROUP_LIST_NAME, get_error_name(tmp, err));
00291                 }
00292         }
00293 
00294 #ifdef CONFIG_RSBAC_UM_PWHISTORY
00295         {
00296                 __u8 def_max_history = CONFIG_RSBAC_UM_PWHISTORY_MAX;
00297 
00298                 lol_info_p->version = RSBAC_UM_USER_PWHISTORY_LIST_VERSION;
00299                 lol_info_p->key = RSBAC_UM_USER_PWHISTORY_LIST_KEY;
00300                 lol_info_p->desc_size = sizeof(rsbac_uid_t);
00301                 lol_info_p->data_size = sizeof(__u8);
00302                 lol_info_p->subdesc_size = sizeof(__u32);
00303                 lol_info_p->subdata_size = RSBAC_UM_PASS_LEN;
00304                 lol_info_p->max_age = 0;
00305                 nr_user_pwhistory_hashes = RSBAC_UM_NR_USER_LISTS;
00306                 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION,
00307                                                 &user_pwhistory_handle,
00308                                                 lol_info_p,
00309 #ifdef CONFIG_RSBAC_DEV_USER_BACKUP
00310                                                 RSBAC_LIST_BACKUP |
00311 #endif
00312                                                 RSBAC_LIST_PERSIST |
00313                                                 RSBAC_LIST_DEF_DATA |
00314                                                 RSBAC_LIST_AUTO_HASH_RESIZE,
00315                                                 NULL, NULL, NULL, NULL,
00316                                                 &def_max_history, NULL,
00317                                                 RSBAC_UM_USER_PWHISTORY_LIST_NAME,
00318                                                 RSBAC_AUTO_DEV,
00319                                                 nr_user_pwhistory_hashes,
00320                                                 rsbac_list_hash_uid,
00321                                                 RSBAC_UM_OLD_USER_PWHISTORY_LIST_NAME);
00322                 if (err) {
00323                         char *tmp =
00324                             rsbac_kmalloc(RSBAC_MAXNAMELEN);
00325 
00326                         if (tmp) {
00327                                 rsbac_printk(KERN_WARNING "rsbac_init_um(): Registering user password history list of lists %s failed with error %s\n",
00328                                              RSBAC_UM_USER_PWHISTORY_LIST_NAME,
00329                                              get_error_name(tmp,
00330                                                             err));
00331                         }
00332                 }
00333         }
00334 #endif
00335 
00336 
00337 #if defined(CONFIG_RSBAC_PROC)
00338         tmp_entry_p = create_proc_entry("stats_um",
00339                                         S_IFREG | S_IRUGO,
00340                                         proc_rsbac_root_p);
00341         if (tmp_entry_p) {
00342                 tmp_entry_p->get_info = stats_um_proc_info;
00343         }
00344 #endif
00345 
00346         rsbac_pr_debug(ds_um, "Ready.\n");
00347         kfree(list_info_p);
00348         kfree(lol_info_p);
00349         return (err);
00350 }

int rsbac_stats_um ( void   ) 

Definition at line 355 of file um_data_structures.c.

References A_none, rsbac_attribute_value_t::dummy, group_handle, R_GET_STATUS_DATA, rsbac_adf_request(), RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_count(), rsbac_list_lol_all_subcount(), rsbac_list_lol_count(), rsbac_pr_debug, rsbac_printk(), rsbac_target_id_t::scd, ST_rsbac, T_SCD, and user_handle.

00356 {
00357         u_long user_count;
00358         u_long group_count;
00359         u_long member_count;
00360 
00361         union rsbac_target_id_t rsbac_target_id;
00362         union rsbac_attribute_value_t rsbac_attribute_value;
00363 
00364         if (!rsbac_is_initialized()) {
00365                 rsbac_printk(KERN_WARNING "rsbac_stats_um(): RSBAC not initialized\n");
00366                 return (-RSBAC_ENOTINITIALIZED);
00367         }
00368         rsbac_pr_debug(aef_um, "calling ADF\n");
00369         rsbac_target_id.scd = ST_rsbac;
00370         rsbac_attribute_value.dummy = 0;
00371         if (!rsbac_adf_request(R_GET_STATUS_DATA,
00372                                current->pid,
00373                                T_SCD,
00374                                rsbac_target_id,
00375                                A_none, rsbac_attribute_value)) {
00376                 return -EPERM;
00377         }
00378 
00379         user_count = rsbac_list_lol_count(user_handle);
00380         member_count = rsbac_list_lol_all_subcount(user_handle);
00381         group_count = rsbac_list_count(group_handle);
00382         rsbac_printk(KERN_INFO "UM Status\n---------\n");
00383 
00384         rsbac_printk(KERN_INFO "%lu user items with sum of %lu group memberships, %lu group items\n",
00385                      user_count, member_count, group_count);
00386         return 0;
00387 }

int rsbac_um_add_gm ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user,
rsbac_gid_t  group,
rsbac_time_t  ttl 
)

Definition at line 615 of file um_data_structures.c.

References group_handle, NULL, RSBAC_ENOTFOUND, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_exist(), rsbac_ta_list_lol_subadd_ttl(), and user_handle.

Referenced by sys_rsbac_um_add_gm().

00617 {
00618         if (!rsbac_is_initialized()) {
00619                 rsbac_printk(KERN_WARNING "rsbac_um_add_gm(): RSBAC not initialized\n");
00620                 return (-RSBAC_ENOTINITIALIZED);
00621         }
00622 #ifdef CONFIG_RSBAC_UM_EXCL
00623         if (!rsbac_um_no_excl) {
00624                 if (!rsbac_ta_list_exist
00625                     (ta_number, user_handle, &user)) {
00626                         rsbac_printk(KERN_INFO "rsbac_um_add_gm(): uid %u not known to RSBAC User Management!\n",
00627                                      user);
00628                         return -RSBAC_ENOTFOUND;
00629                 }
00630                 if (!rsbac_ta_list_exist
00631                     (ta_number, group_handle, &group)) {
00632                         rsbac_printk(KERN_INFO "rsbac_um_add_gm(): gid %u not known to RSBAC User Management!\n",
00633                                      group);
00634                         return -RSBAC_ENOTFOUND;
00635                 }
00636         }
00637 #endif
00638         rsbac_pr_debug(aef_um, "pid %u/%.15s: adding user %u group %u\n",
00639                 current->pid, current->comm, user, group);
00640         return rsbac_ta_list_lol_subadd_ttl(ta_number,
00641                                             user_handle,
00642                                             ttl, &user, &group, NULL);
00643 }

int rsbac_um_add_group ( rsbac_list_ta_number_t  ta_number,
rsbac_gid_t group_p,
struct rsbac_um_group_entry_t entry_p,
char *  pass,
rsbac_time_t  ttl 
)

Definition at line 571 of file um_data_structures.c.

References group_handle, rsbac_um_group_entry_t::name, new_salt(), rsbac_um_group_entry_t::pass, RSBAC_EEXISTS, RSBAC_EINVALIDPOINTER, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), RSBAC_NO_USER, rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_add_ttl(), rsbac_ta_list_exist(), rsbac_um_get_gid(), rsbac_um_hash(), and RSBAC_UM_PASS_LEN.

Referenced by sys_rsbac_um_add_group().

00575 {
00576         int err;
00577 
00578         if (!rsbac_is_initialized()) {
00579                 rsbac_printk(KERN_WARNING "rsbac_um_add_group(): RSBAC not initialized\n");
00580                 return (-RSBAC_ENOTINITIALIZED);
00581         }
00582         if (!entry_p)
00583                 return -RSBAC_EINVALIDPOINTER;
00584         if (!rsbac_um_get_gid(ta_number, entry_p->name, group_p))
00585                 return -RSBAC_EEXISTS;
00586         if (*group_p == RSBAC_NO_USER) {
00587                 *group_p = CONFIG_RSBAC_UM_GROUP_MIN;
00588                 while (rsbac_ta_list_exist
00589                        (ta_number, group_handle,
00590                         group_p))
00591                         (*group_p)++;
00592         } else
00593             if (rsbac_ta_list_exist
00594                 (ta_number, group_handle, group_p))
00595                 return -RSBAC_EEXISTS;
00596         rsbac_pr_debug(aef_um, "pid %u/%.15s: adding group %u\n",
00597                 current->pid, current->comm, *group_p);
00598         if (pass) {
00599                 __u32 salt;
00600 
00601                 new_salt(&salt);
00602                 err = rsbac_um_hash(pass, salt);
00603                 if (err)
00604                         return err;
00605                 memcpy(entry_p->pass, &salt, sizeof(salt));
00606                 memcpy(entry_p->pass + sizeof(salt), pass,
00607                        RSBAC_UM_PASS_LEN - sizeof(salt));
00608         } else
00609                 memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN);
00610         return rsbac_ta_list_add_ttl(ta_number,
00611                                      group_handle,
00612                                      ttl, group_p, entry_p);
00613 }

int rsbac_um_add_user ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t user_p,
struct rsbac_um_user_entry_t entry_p,
char *  pass,
rsbac_time_t  ttl 
)

Definition at line 512 of file um_data_structures.c.

References rsbac_um_user_entry_t::group, group_handle, rsbac_um_user_entry_t::name, new_salt(), rsbac_um_user_entry_t::pass, RSBAC_EEXISTS, RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDVALUE, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), RSBAC_NO_USER, rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_exist(), rsbac_ta_list_lol_add_ttl(), rsbac_ta_list_lol_exist(), rsbac_um_get_uid(), rsbac_um_hash(), RSBAC_UM_PASS_LEN, and user_handle.

Referenced by sys_rsbac_um_add_user().

00516 {
00517         int err;
00518         rsbac_uid_t user;
00519 
00520         if (!rsbac_is_initialized()) {
00521                 rsbac_printk(KERN_WARNING "rsbac_um_add_user(): RSBAC not initialized\n");
00522                 return (-RSBAC_ENOTINITIALIZED);
00523         }
00524         if (!entry_p)
00525                 return -RSBAC_EINVALIDPOINTER;
00526         user = *user_p;
00527         if (!rsbac_um_get_uid(ta_number, entry_p->name, &user))
00528                 return -RSBAC_EEXISTS;
00529 #ifdef CONFIG_RSBAC_UM_EXCL
00530         if (!rsbac_um_no_excl
00531             && !rsbac_ta_list_exist(ta_number,
00532                                     group_handle,
00533                                     &entry_p->group)) {
00534                 rsbac_printk(KERN_INFO "rsbac_um_add_user(): gid %u not known to RSBAC User Management!\n",
00535                              entry_p->group);
00536                 return -RSBAC_EINVALIDVALUE;
00537         }
00538 #endif
00539         if (user == RSBAC_NO_USER) {
00540                 user = CONFIG_RSBAC_UM_USER_MIN;
00541                 while (rsbac_ta_list_lol_exist
00542                        (ta_number, user_handle, &user))
00543                         user++;
00544         } else
00545             if (rsbac_ta_list_lol_exist
00546                 (ta_number, user_handle, &user))
00547                 return -RSBAC_EEXISTS;
00548         rsbac_pr_debug(aef_um, "pid %u/%.15s: adding user %u\n",
00549                 current->pid, current->comm, user);
00550         if (pass) {
00551                 __u32 salt;
00552 
00553                 new_salt(&salt);
00554                 err = rsbac_um_hash(pass, salt);
00555                 if (err)
00556                         return err;
00557                 memcpy(entry_p->pass, &salt, sizeof(salt));
00558                 memcpy(entry_p->pass + sizeof(salt), pass,
00559                        RSBAC_UM_PASS_LEN - sizeof(salt));
00560         } else
00561                 memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN);
00562         err =
00563             rsbac_ta_list_lol_add_ttl(ta_number,
00564                                       user_handle, ttl,
00565                                       &user, entry_p);
00566         if (!err)
00567                 *user_p = user;
00568         return err;
00569 }

int rsbac_um_check_account ( rsbac_uid_t  user  ) 

Definition at line 1434 of file um_data_structures.c.

References NULL, RSBAC_EEXPIRED, RSBAC_EMUSTCHANGE, RSBAC_ENOMEM, rsbac_kfree(), rsbac_kmalloc(), rsbac_pr_debug, rsbac_ta_list_lol_get_data_ttl(), and user_handle.

Referenced by sys_rsbac_um_check_account(), and sys_rsbac_um_check_account_name().

01435 {
01436         int err;
01437         struct rsbac_um_user_entry_t *entry_p;
01438         u_long curdays;
01439 
01440         entry_p = rsbac_kmalloc(sizeof(*entry_p));
01441         if (!entry_p)
01442                 return -RSBAC_ENOMEM;
01443         err =
01444             rsbac_ta_list_lol_get_data_ttl(0, user_handle,
01445                                            NULL, &uid, entry_p);
01446         if (err)
01447                 goto out_free;
01448 
01449         rsbac_pr_debug(aef_um, "pid %u/%.15s: checking account for user %u\n",
01450                 current->pid, current->comm, uid);
01451         /* check whether account or password has expired */
01452         curdays = RSBAC_CURRENT_TIME / 86400;
01453         if (*((__u32 *) entry_p->pass)
01454             && !entry_p->lastchange) {
01455                 err = -RSBAC_EMUSTCHANGE;
01456                 rsbac_pr_debug(aef_um, "pid %u/%.15s: user %u must change password, "
01457                                "lastchange = 0\n", current->pid, current->comm, uid);
01458                                goto out_free;
01459         }
01460         if ((curdays > entry_p->expire)
01461             && (entry_p->expire != -1)
01462             && (entry_p->expire)
01463             ) {
01464                 err = -RSBAC_EEXPIRED;
01465                 rsbac_pr_debug(aef_um, "pid %u/%.15s: account for user %u has expired\n",
01466                                current->pid, current->comm, uid);
01467                 goto out_free;
01468         }
01469         if ((curdays >
01470              (entry_p->lastchange + entry_p->maxchange +
01471               entry_p->inactive))
01472             && (entry_p->maxchange != -1)
01473             && (entry_p->maxchange)
01474             && (entry_p->inactive != -1)
01475             && (entry_p->inactive)
01476             ) {
01477                 err = -RSBAC_EEXPIRED;
01478                 rsbac_pr_debug(aef_um, "pid %u/%.15s: password for user %u has expired\n",
01479                                current->pid, current->comm, uid);
01480                 goto out_free;
01481         }
01482         if (((entry_p->lastchange + entry_p->maxchange) < curdays)
01483             && entry_p->maxchange && (entry_p->maxchange != -1)
01484             ) {
01485                 err = -RSBAC_EMUSTCHANGE;
01486                 rsbac_pr_debug(aef_um, "pid %u/%.15s: user %u must change password, "
01487                                "lastchange too old\n",
01488                                current->pid, current->comm, uid);
01489                 goto out_free;
01490         }
01491         if ((curdays >
01492              (entry_p->lastchange + entry_p->maxchange -
01493               entry_p->warnchange))
01494             && (entry_p->maxchange != -1)
01495             && (entry_p->warnchange != -1)
01496             && entry_p->maxchange && entry_p->warnchange) {
01497                 err = (entry_p->lastchange + entry_p->maxchange) - curdays;
01498         } else
01499                 err = 0;
01500 
01501       out_free:
01502         rsbac_kfree(entry_p);
01503         return err;
01504 }

int rsbac_um_check_pass ( rsbac_uid_t  uid,
char *  pass 
)

Definition at line 1198 of file um_data_structures.c.

References NULL, RSBAC_EEXPIRED, RSBAC_EINVALIDPOINTER, RSBAC_ENOMEM, rsbac_kfree(), rsbac_kmalloc(), rsbac_pr_debug, rsbac_ta_list_lol_get_data_ttl(), rsbac_um_hash(), RSBAC_UM_PASS_LEN, and user_handle.

Referenced by rsbac_rc_sys_change_role(), sys_rsbac_um_auth_name(), sys_rsbac_um_auth_uid(), and sys_rsbac_um_set_pass().

01199 {
01200         int err;
01201         struct rsbac_um_user_entry_t *entry_p;
01202         __u32 salt;
01203         u_long curdays;
01204 
01205         if (!pass)
01206                 return -RSBAC_EINVALIDPOINTER;
01207         entry_p = rsbac_kmalloc(sizeof(*entry_p));
01208         if (!entry_p)
01209                 return -RSBAC_ENOMEM;
01210         err = rsbac_ta_list_lol_get_data_ttl(0, user_handle,
01211                                         NULL, &uid, entry_p);
01212         if (err)
01213                 goto out_free;
01214 
01215         rsbac_pr_debug(aef_um, "pid %u/%.15s: checking password for user %u\n",
01216                 current->pid, current->comm, uid);
01217         /* check whether account or password has expired */
01218         curdays = RSBAC_CURRENT_TIME / 86400;
01219         if ((curdays > entry_p->expire) && (entry_p->expire != -1)
01220             && (entry_p->expire != 0) && (entry_p->lastchange != 0)) {
01221                 err = -RSBAC_EEXPIRED;
01222                 rsbac_pr_debug(aef_um, "pid %u/%.15s: account for user %u has expired\n",
01223                         current->pid, current->comm, uid);
01224                 goto out_free;
01225         }
01226         if ((curdays >
01227              (entry_p->lastchange + entry_p->maxchange +
01228               entry_p->inactive))
01229             && (entry_p->maxchange != -1)
01230             && (entry_p->maxchange)
01231             && (entry_p->inactive != -1)
01232             && (entry_p->inactive)
01233             && (entry_p->lastchange)
01234             ) {
01235                 err = -RSBAC_EEXPIRED;
01236                 rsbac_pr_debug(aef_um, "pid %u/%.15s: password for user %u has expired\n",
01237                                current->pid, current->comm, uid);
01238                 goto out_free;
01239         }
01240 
01241         salt = *((__u32 *) entry_p->pass);
01242         if (!salt) {
01243                 err = -EPERM;
01244                 goto out_free;
01245         }
01246         err = rsbac_um_hash(pass, salt);
01247         if (err)
01248                 return err;
01249         if (memcmp
01250             (pass, entry_p->pass + sizeof(salt),
01251              RSBAC_UM_PASS_LEN - sizeof(salt)))
01252                 err = -EPERM;
01253         else
01254                 err = 0;
01255 
01256       out_free:
01257         rsbac_kfree(entry_p);
01258         if (err)
01259                 ssleep(1);
01260         return err;
01261 }

int rsbac_um_get_gid ( rsbac_list_ta_number_t  ta_number,
char *  name,
rsbac_gid_t gid_p 
)

Definition at line 498 of file um_data_structures.c.

References group_handle, group_name_compare(), RSBAC_EINVALIDPOINTER, RSBAC_ENOTFOUND, and rsbac_ta_list_get_desc().

Referenced by rsbac_um_add_group(), rsbac_um_mod_group(), and sys_rsbac_um_get_gid().

00500 {
00501         if (!name || !gid_p)
00502                 return -RSBAC_EINVALIDPOINTER;
00503         if (!rsbac_ta_list_get_desc(ta_number,
00504                                     group_handle,
00505                                     gid_p,
00506                                     name, group_name_compare))
00507                 return 0;
00508         else
00509                 return -RSBAC_ENOTFOUND;
00510 }

int rsbac_um_get_gm_list ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user,
rsbac_gid_t **  list_pp 
)

Definition at line 1121 of file um_data_structures.c.

References NULL, rsbac_ta_list_lol_get_all_subdesc_ttl(), rsbac_ta_list_lol_subcount(), and user_handle.

Referenced by sys_rsbac_um_get_gm_list().

01123 {
01124         if (!list_pp)
01125                 return rsbac_ta_list_lol_subcount(ta_number,
01126                                                   user_handle,
01127                                                   &user);
01128         else
01129                 return rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number,
01130                                                              user_handle,
01131                                                              &user,
01132                                                              (void **) list_pp,
01133                                                              NULL);
01134 }

int rsbac_um_get_gm_user_list ( rsbac_list_ta_number_t  ta_number,
rsbac_gid_t  group,
rsbac_uid_t **  list_pp 
)

Definition at line 1136 of file um_data_structures.c.

References EXTRA_ROOM, group_handle, RSBAC_ENOMEM, RSBAC_ENOTFOUND, rsbac_min, rsbac_ta_list_exist(), rsbac_ta_list_lol_count(), rsbac_ta_list_lol_get_all_desc(), rsbac_ta_list_lol_subexist(), rsbac_vfree, rsbac_vmalloc, and user_handle.

Referenced by sys_rsbac_um_get_gm_user_list().

01140   {
01141     int j;
01142     long all_count = 0;
01143     long copy_count = 0;
01144     long tmp_count;
01145     rsbac_uid_t * tmp_list_p;
01146     rsbac_uid_t * collect_list_p;
01147     rsbac_uid_t * p;
01148 
01149 #ifdef CONFIG_RSBAC_UM_EXCL
01150     if(!rsbac_um_no_excl && !rsbac_ta_list_exist(ta_number, group_handle, &group))
01151       {
01152         return -RSBAC_ENOTFOUND;
01153       }
01154 #endif
01155     all_count = rsbac_ta_list_lol_count(ta_number, user_handle);
01156     if(!list_pp || (all_count <= 0))
01157       return all_count;
01158 
01159     /* provide some extra room in case new groups have been added during this function run */
01160     all_count += EXTRA_ROOM;
01161     collect_list_p = rsbac_vmalloc(all_count * sizeof(rsbac_uid_t));
01162     if(!collect_list_p)
01163       return -RSBAC_ENOMEM;
01164     p = collect_list_p;
01165     tmp_count = rsbac_ta_list_lol_get_all_desc(ta_number, user_handle, (void *) &tmp_list_p);
01166     if(tmp_count > 0)
01167       {
01168         tmp_count = rsbac_min(tmp_count, all_count - copy_count);
01169         for(j=0; j<tmp_count; j++)
01170           {
01171             if(rsbac_ta_list_lol_subexist(ta_number, user_handle, &tmp_list_p[j], &group))
01172               {
01173                 *p = tmp_list_p[j];
01174                 p++;
01175                 copy_count++;
01176               }
01177           }
01178         rsbac_vfree(tmp_list_p);
01179       }
01180     if(!copy_count)
01181       rsbac_vfree(collect_list_p);
01182     else
01183       *list_pp = collect_list_p;
01184     return copy_count;
01185   }

int rsbac_um_get_group_item ( rsbac_list_ta_number_t  ta_number,
rsbac_gid_t  group,
enum rsbac_um_mod_t  mod,
union rsbac_um_mod_data_t data_p 
)

Definition at line 977 of file um_data_structures.c.

References group_handle, NULL, RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDREQUEST, RSBAC_ENOMEM, RSBAC_ENOTFOUND, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_kfree(), rsbac_kmalloc(), rsbac_printk(), rsbac_ta_list_exist(), rsbac_ta_list_get_data_ttl(), RSBAC_UM_PASS_LEN, rsbac_um_mod_data_t::string, rsbac_um_mod_data_t::ttl, UM_name, UM_pass, and UM_ttl.

Referenced by sys_rsbac_um_get_group_item().

00981 {
00982         int err;
00983         struct rsbac_um_group_entry_t *entry_p;
00984 
00985         if (!rsbac_is_initialized()) {
00986                 rsbac_printk(KERN_WARNING "rsbac_um_get_group_item(): RSBAC not initialized\n");
00987                 return (-RSBAC_ENOTINITIALIZED);
00988         }
00989         if (!data_p)
00990                 return -RSBAC_EINVALIDPOINTER;
00991         if (!rsbac_ta_list_exist
00992             (ta_number, group_handle, &group))
00993                 return -RSBAC_ENOTFOUND;
00994         if (mod == UM_ttl)
00995                 return rsbac_ta_list_get_data_ttl(ta_number,
00996                                                   group_handle,
00997                                                   &data_p->ttl, &group,
00998                                                   NULL);
00999 
01000         entry_p = rsbac_kmalloc(sizeof(*entry_p));
01001         if (!entry_p)
01002                 return -RSBAC_ENOMEM;
01003         err =
01004             rsbac_ta_list_get_data_ttl(ta_number,
01005                                        group_handle,
01006                                        NULL, &group, entry_p);
01007         if (err) {
01008                 rsbac_kfree(entry_p);
01009                 return err;
01010         }
01011         switch (mod) {
01012         case UM_name:
01013                 strcpy(data_p->string, entry_p->name);
01014                 break;
01015 
01016         case UM_pass:
01017                 memcpy(data_p->string, entry_p->pass, RSBAC_UM_PASS_LEN);
01018                 break;
01019 
01020         default:
01021                 rsbac_kfree(entry_p);
01022                 return -RSBAC_EINVALIDREQUEST;
01023         }
01024 
01025         rsbac_kfree(entry_p);
01026         return 0;
01027 }

int rsbac_um_get_group_list ( rsbac_list_ta_number_t  ta_number,
rsbac_gid_t **  list_pp 
)

Definition at line 1187 of file um_data_structures.c.

References group_handle, rsbac_ta_list_count(), and rsbac_ta_list_get_all_desc().

Referenced by sys_rsbac_um_get_group_list().

01189 {
01190         if(!list_pp)
01191                 return rsbac_ta_list_count(ta_number, group_handle);
01192         else
01193                 return rsbac_ta_list_get_all_desc(ta_number,
01194                                            group_handle,
01195                                            (void **) list_pp);
01196 }

int rsbac_um_get_next_user ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  old_user,
rsbac_uid_t next_user_p 
)

Definition at line 1094 of file um_data_structures.c.

References NULL, RSBAC_NO_USER, rsbac_ta_list_lol_get_next_desc(), and user_handle.

Referenced by sys_rsbac_um_get_next_user().

01096 {
01097         rsbac_uid_t *old_user_p;
01098 
01099         if (old_user == RSBAC_NO_USER)
01100                 old_user_p = NULL;
01101         else
01102                 old_user_p = &old_user;
01103 
01104         return rsbac_ta_list_lol_get_next_desc(ta_number,
01105                                             user_handle,
01106                                             old_user_p,
01107                                             next_user_p);
01108 }

int rsbac_um_get_uid ( rsbac_list_ta_number_t  ta_number,
char *  name,
rsbac_uid_t uid_p 
)

Definition at line 485 of file um_data_structures.c.

References name_compare(), RSBAC_EINVALIDPOINTER, RSBAC_ENOTFOUND, rsbac_ta_list_lol_get_desc(), and user_handle.

Referenced by rsbac_um_add_user(), rsbac_um_mod_user(), sys_rsbac_um_auth_name(), sys_rsbac_um_check_account_name(), sys_rsbac_um_get_uid(), and sys_rsbac_um_set_pass_name().

00487 {
00488         if (!name || !uid_p)
00489                 return -RSBAC_EINVALIDPOINTER;
00490         if (!rsbac_ta_list_lol_get_desc(ta_number,
00491                                         user_handle,
00492                                         uid_p, name, name_compare))
00493                 return 0;
00494         else
00495                 return -RSBAC_ENOTFOUND;
00496 }

int rsbac_um_get_user_entry ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user,
struct rsbac_um_user_entry_t entry_p,
rsbac_time_t ttl_p 
)

Definition at line 1084 of file um_data_structures.c.

References rsbac_ta_list_lol_get_data_ttl(), and user_handle.

01088 {
01089         return rsbac_ta_list_lol_get_data_ttl(ta_number,
01090                                               user_handle,
01091                                               ttl_p, &user, entry_p);
01092 }

int rsbac_um_get_user_item ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user,
enum rsbac_um_mod_t  mod,
union rsbac_um_mod_data_t data_p 
)

Definition at line 885 of file um_data_structures.c.

References rsbac_um_mod_data_t::days, rsbac_um_mod_data_t::group, NULL, RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDREQUEST, RSBAC_ENOMEM, RSBAC_ENOTFOUND, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_kfree(), rsbac_kmalloc(), rsbac_printk(), rsbac_ta_list_lol_exist(), rsbac_ta_list_lol_get_data_ttl(), RSBAC_UM_PASS_LEN, rsbac_um_mod_data_t::string, rsbac_um_mod_data_t::ttl, UM_expire, UM_fullname, UM_group, UM_homedir, UM_inactive, UM_lastchange, UM_maxchange, UM_minchange, UM_name, UM_pass, UM_shell, UM_ttl, UM_warnchange, and user_handle.

Referenced by sys_rsbac_um_get_user_item().

00889 {
00890         int err;
00891         struct rsbac_um_user_entry_t *entry_p;
00892 
00893         if (!rsbac_is_initialized()) {
00894                 rsbac_printk(KERN_WARNING "rsbac_um_get_user_item(): RSBAC not initialized\n");
00895                 return (-RSBAC_ENOTINITIALIZED);
00896         }
00897         if (!data_p)
00898                 return -RSBAC_EINVALIDPOINTER;
00899         if (!rsbac_ta_list_lol_exist
00900             (ta_number, user_handle, &user))
00901                 return -RSBAC_ENOTFOUND;
00902         if (mod == UM_ttl)
00903                 return rsbac_ta_list_lol_get_data_ttl(ta_number,
00904                                                       user_handle,
00905                                                       &data_p->ttl, &user,
00906                                                       NULL);
00907 
00908         entry_p = rsbac_kmalloc(sizeof(*entry_p));
00909         if (!entry_p)
00910                 return -RSBAC_ENOMEM;
00911         err =
00912             rsbac_ta_list_lol_get_data_ttl(ta_number,
00913                                            user_handle,
00914                                            NULL, &user, entry_p);
00915         if (err) {
00916                 rsbac_kfree(entry_p);
00917                 return err;
00918         }
00919         switch (mod) {
00920         case UM_name:
00921                 strcpy(data_p->string, entry_p->name);
00922                 break;
00923 
00924         case UM_pass:
00925                 memcpy(data_p->string, entry_p->pass, RSBAC_UM_PASS_LEN);
00926                 break;
00927 
00928         case UM_fullname:
00929                 strcpy(data_p->string, entry_p->fullname);
00930                 break;
00931 
00932         case UM_homedir:
00933                 strcpy(data_p->string, entry_p->homedir);
00934                 break;
00935 
00936         case UM_shell:
00937                 strcpy(data_p->string, entry_p->shell);
00938                 break;
00939 
00940         case UM_group:
00941                 data_p->group = entry_p->group;
00942                 break;
00943 
00944         case UM_lastchange:
00945                 data_p->days = entry_p->lastchange;
00946                 break;
00947 
00948         case UM_minchange:
00949                 data_p->days = entry_p->minchange;
00950                 break;
00951 
00952         case UM_maxchange:
00953                 data_p->days = entry_p->maxchange;
00954                 break;
00955 
00956         case UM_warnchange:
00957                 data_p->days = entry_p->warnchange;
00958                 break;
00959 
00960         case UM_inactive:
00961                 data_p->days = entry_p->inactive;
00962                 break;
00963 
00964         case UM_expire:
00965                 data_p->days = entry_p->expire;
00966                 break;
00967 
00968         default:
00969                 rsbac_kfree(entry_p);
00970                 return -RSBAC_EINVALIDREQUEST;
00971         }
00972 
00973         rsbac_kfree(entry_p);
00974         return 0;
00975 }

int rsbac_um_get_user_list ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t **  list_pp 
)

Definition at line 1110 of file um_data_structures.c.

References rsbac_ta_list_lol_count(), rsbac_ta_list_lol_get_all_desc(), and user_handle.

Referenced by sys_rsbac_um_get_user_list().

01112 {
01113         if(!list_pp)
01114                 return rsbac_ta_list_lol_count(ta_number, user_handle);
01115         else
01116                 return rsbac_ta_list_lol_get_all_desc(ta_number,
01117                                            user_handle,
01118                                            (void **) list_pp);
01119 }

int rsbac_um_good_pass ( rsbac_uid_t  uid,
char *  pass 
)

Definition at line 1263 of file um_data_structures.c.

References RSBAC_EINVALIDPOINTER, RSBAC_EWEAKPASSWORD, rsbac_kfree(), rsbac_kmalloc(), rsbac_max, rsbac_ta_list_lol_get_all_subdata(), rsbac_um_hash(), RSBAC_UM_PASS_LEN, and rsbac_vfree.

Referenced by sys_rsbac_um_set_pass().

01264 {
01265 #ifdef CONFIG_RSBAC_UM_NON_ALPHA
01266         char *p;
01267 #endif
01268 #ifdef CONFIG_RSBAC_UM_PWHISTORY
01269         int i;
01270         long count;
01271         char *hist_pass;
01272         char *tmp;
01273         __u8 *pwhistory_array;
01274         __u32 salt;
01275 #endif
01276 
01277         if (!pass)
01278                 return -RSBAC_EINVALIDPOINTER;
01279         if (strlen(pass) < CONFIG_RSBAC_UM_MIN_PASS_LEN)
01280                 return -RSBAC_EWEAKPASSWORD;
01281 
01282 #ifdef CONFIG_RSBAC_UM_NON_ALPHA
01283         p = pass;
01284         while (*p && (((*p >= 'a')
01285                        && (*p <= 'z')
01286                       )
01287                       || ((*p >= 'A')
01288                           && (*p <= 'Z')
01289                       )
01290                )
01291             )
01292                 p++;
01293         if (!(*p))
01294                 return -RSBAC_EWEAKPASSWORD;
01295 #endif
01296 
01297 #ifdef CONFIG_RSBAC_UM_PWHISTORY
01298         count = rsbac_ta_list_lol_get_all_subdata(0,
01299                                               user_pwhistory_handle,
01300                                               &uid,
01301                                               (void **) &pwhistory_array);
01302         if (count > 0) {
01303                 tmp =
01304                     rsbac_kmalloc(rsbac_max
01305                                   (strlen(pass), RSBAC_UM_PASS_LEN));
01306                 hist_pass = pwhistory_array;
01307 
01308                 for (i = 0; i < count; i++) {
01309                         salt = *((__u32 *) hist_pass);
01310                         memcpy(tmp, pass,
01311                                rsbac_max(strlen(pass), RSBAC_UM_PASS_LEN));
01312                         rsbac_um_hash(tmp, salt);
01313 
01314                         if (memcmp
01315                             (tmp, hist_pass + sizeof(salt),
01316                              RSBAC_UM_PASS_LEN - sizeof(salt)) == 0) {
01317                                 rsbac_kfree(tmp);
01318                                 rsbac_vfree(pwhistory_array);
01319                                 return -RSBAC_EWEAKPASSWORD;
01320                         }
01321                         hist_pass += RSBAC_UM_PASS_LEN;
01322                 }
01323                 rsbac_kfree(tmp);
01324                 rsbac_vfree(pwhistory_array);
01325         }
01326 #endif
01327 
01328         return 0;
01329 }

int rsbac_um_group_exists ( rsbac_list_ta_number_t  ta_number,
rsbac_gid_t  group 
)

Definition at line 1037 of file um_data_structures.c.

References group_handle, and rsbac_ta_list_exist().

Referenced by rsbac_adf_request_int(), and sys_rsbac_um_group_exists().

01039 {
01040         return rsbac_ta_list_exist(ta_number,
01041                                    group_handle,
01042                                    &group);
01043 }

int rsbac_um_mod_group ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  group,
enum rsbac_um_mod_t  mod,
union rsbac_um_mod_data_t data_p 
)

Definition at line 794 of file um_data_structures.c.

References group_handle, new_salt(), NULL, RSBAC_EEXISTS, RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDREQUEST, RSBAC_ENOMEM, RSBAC_ENOTFOUND, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_kfree(), rsbac_kmalloc(), RSBAC_LIST_TTL_KEEP, rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_add_ttl(), rsbac_ta_list_exist(), rsbac_ta_list_get_data_ttl(), rsbac_um_get_gid(), rsbac_um_hash(), RSBAC_UM_NAME_LEN, RSBAC_UM_PASS_LEN, rsbac_um_mod_data_t::string, rsbac_um_mod_data_t::ttl, UM_cryptpass, UM_name, UM_pass, and UM_ttl.

Referenced by sys_rsbac_um_mod_group().

00798 {
00799         int err;
00800         struct rsbac_um_group_entry_t *entry_p;
00801 
00802         if (!rsbac_is_initialized()) {
00803                 rsbac_printk(KERN_WARNING "rsbac_um_mod_group(): RSBAC not initialized\n");
00804                 return (-RSBAC_ENOTINITIALIZED);
00805         }
00806         if (!data_p && (mod != UM_pass)
00807             )
00808                 return -RSBAC_EINVALIDPOINTER;
00809         if (!rsbac_ta_list_exist
00810             (ta_number, group_handle, &group))
00811                 return -RSBAC_ENOTFOUND;
00812 
00813         entry_p = rsbac_kmalloc(sizeof(*entry_p));
00814         if (!entry_p)
00815                 return -RSBAC_ENOMEM;
00816         err =
00817             rsbac_ta_list_get_data_ttl(ta_number,
00818                                        group_handle,
00819                                        NULL, &group, entry_p);
00820         if (err) {
00821                 rsbac_kfree(entry_p);
00822                 return err;
00823         }
00824         rsbac_pr_debug(aef_um, "pid %u/%.15s: modifying group %u\n",
00825                 current->pid, current->comm, group);
00826         switch (mod) {
00827         case UM_name:
00828                 {
00829                         rsbac_gid_t tmp_group;
00830 
00831                         if (!rsbac_um_get_gid
00832                             (ta_number, data_p->string, &tmp_group)
00833                             && (tmp_group != group)
00834                             )
00835                                 return -RSBAC_EEXISTS;
00836                         strncpy(entry_p->name, data_p->string,
00837                                 RSBAC_UM_NAME_LEN);
00838                         entry_p->name[RSBAC_UM_NAME_LEN - 1] = 0;
00839                 }
00840                 break;
00841 
00842         case UM_pass:
00843                 if (data_p) {
00844                         __u32 salt;
00845 
00846                         new_salt(&salt);
00847                         err = rsbac_um_hash(data_p->string, salt);
00848                         if (err) {
00849                                 rsbac_kfree(entry_p);
00850                                 return err;
00851                         }
00852                         memcpy(entry_p->pass, &salt, sizeof(salt));
00853                         memcpy(entry_p->pass + sizeof(salt),
00854                                data_p->string,
00855                                RSBAC_UM_PASS_LEN - sizeof(salt));
00856                 } else
00857                         memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN);
00858                 break;
00859 
00860         case UM_cryptpass:
00861                 memcpy(entry_p->pass, data_p->string, RSBAC_UM_PASS_LEN);
00862                 break;
00863 
00864         case UM_ttl:
00865                 err =
00866                     rsbac_ta_list_add_ttl(ta_number,
00867                                           group_handle,
00868                                           data_p->ttl, &group, entry_p);
00869                 rsbac_kfree(entry_p);
00870                 return err;
00871 
00872         default:
00873                 rsbac_kfree(entry_p);
00874                 return -RSBAC_EINVALIDREQUEST;
00875         }
00876 
00877         err =
00878             rsbac_ta_list_add_ttl(ta_number,
00879                                   group_handle,
00880                                   RSBAC_LIST_TTL_KEEP, &group, entry_p);
00881         rsbac_kfree(entry_p);
00882         return err;
00883 }

int rsbac_um_mod_user ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user,
enum rsbac_um_mod_t  mod,
union rsbac_um_mod_data_t data_p 
)

Definition at line 645 of file um_data_structures.c.

References rsbac_um_mod_data_t::days, rsbac_um_mod_data_t::group, group_handle, new_salt(), NULL, RSBAC_EEXISTS, RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDREQUEST, RSBAC_EINVALIDVALUE, RSBAC_ENOMEM, RSBAC_ENOTFOUND, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_kfree(), rsbac_kmalloc(), RSBAC_LIST_TTL_KEEP, rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_exist(), rsbac_ta_list_lol_add_ttl(), rsbac_ta_list_lol_exist(), rsbac_ta_list_lol_get_data_ttl(), RSBAC_UM_FULLNAME_LEN, rsbac_um_get_uid(), rsbac_um_hash(), RSBAC_UM_HOMEDIR_LEN, RSBAC_UM_NAME_LEN, RSBAC_UM_PASS_LEN, RSBAC_UM_SHELL_LEN, rsbac_um_mod_data_t::string, rsbac_um_mod_data_t::ttl, UM_cryptpass, UM_expire, UM_fullname, UM_group, UM_homedir, UM_inactive, UM_lastchange, UM_maxchange, UM_minchange, UM_name, UM_pass, UM_shell, UM_ttl, UM_warnchange, and user_handle.

Referenced by sys_rsbac_um_mod_user().

00649 {
00650         int err;
00651         struct rsbac_um_user_entry_t *entry_p;
00652 
00653         if (!rsbac_is_initialized()) {
00654                 rsbac_printk(KERN_WARNING "rsbac_um_mod_user(): RSBAC not initialized\n");
00655                 return (-RSBAC_ENOTINITIALIZED);
00656         }
00657         if (!data_p && (mod != UM_pass)
00658             )
00659                 return -RSBAC_EINVALIDPOINTER;
00660         if (!rsbac_ta_list_lol_exist
00661             (ta_number, user_handle, &user))
00662                 return -RSBAC_ENOTFOUND;
00663 
00664         entry_p = rsbac_kmalloc(sizeof(*entry_p));
00665         if (!entry_p)
00666                 return -RSBAC_ENOMEM;
00667         err =
00668             rsbac_ta_list_lol_get_data_ttl(ta_number,
00669                                            user_handle,
00670                                            NULL, &user, entry_p);
00671         if (err) {
00672                 rsbac_kfree(entry_p);
00673                 return err;
00674         }
00675         rsbac_pr_debug(aef_um, "pid %u/%.15s: modifying user %u\n",
00676                 current->pid, current->comm, user);
00677         switch (mod) {
00678         case UM_name:
00679                 {
00680                         rsbac_uid_t tmp_user;
00681 
00682                         if (!rsbac_um_get_uid
00683                             (ta_number, data_p->string, &tmp_user)
00684                             && (tmp_user != user)
00685                             )
00686                                 return -RSBAC_EEXISTS;
00687                         strncpy(entry_p->name, data_p->string,
00688                                 RSBAC_UM_NAME_LEN);
00689                         entry_p->name[RSBAC_UM_NAME_LEN - 1] = 0;
00690                 }
00691                 break;
00692 
00693         case UM_pass:
00694                 if (data_p) {
00695                         __u32 salt;
00696 
00697                         new_salt(&salt);
00698                         err = rsbac_um_hash(data_p->string, salt);
00699                         if (err) {
00700                                 rsbac_kfree(entry_p);
00701                                 return err;
00702                         }
00703                         memcpy(entry_p->pass, &salt, sizeof(salt));
00704                         memcpy(entry_p->pass + sizeof(salt),
00705                                data_p->string,
00706                                RSBAC_UM_PASS_LEN - sizeof(salt));
00707                 } else
00708                         memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN);
00709                 entry_p->lastchange = RSBAC_CURRENT_TIME / 86400;
00710                 break;
00711 
00712         case UM_cryptpass:
00713                 memcpy(entry_p->pass, data_p->string, RSBAC_UM_PASS_LEN);
00714                 break;
00715 
00716         case UM_fullname:
00717                 strncpy(entry_p->fullname, data_p->string,
00718                         RSBAC_UM_FULLNAME_LEN);
00719                 entry_p->fullname[RSBAC_UM_FULLNAME_LEN - 1] = 0;
00720                 break;
00721 
00722         case UM_homedir:
00723                 strncpy(entry_p->homedir, data_p->string,
00724                         RSBAC_UM_HOMEDIR_LEN);
00725                 entry_p->homedir[RSBAC_UM_HOMEDIR_LEN - 1] = 0;
00726                 break;
00727 
00728         case UM_shell:
00729                 strncpy(entry_p->shell, data_p->string,
00730                         RSBAC_UM_SHELL_LEN);
00731                 entry_p->shell[RSBAC_UM_SHELL_LEN - 1] = 0;
00732                 break;
00733 
00734         case UM_group:
00735 #ifdef CONFIG_RSBAC_UM_EXCL
00736                 if (!rsbac_um_no_excl
00737                     && !rsbac_ta_list_exist(ta_number,
00738                                             group_handle,
00739                                             &data_p->group)) {
00740                         rsbac_printk(KERN_INFO "rsbac_um_mod_user(): gid %u not known to RSBAC User Management!\n",
00741                                      data_p->group);
00742                         rsbac_kfree(entry_p);
00743                         return -RSBAC_EINVALIDVALUE;
00744                 }
00745 #endif
00746                 entry_p->group = data_p->group;
00747                 break;
00748 
00749         case UM_lastchange:
00750                 entry_p->lastchange = data_p->days;
00751                 break;
00752 
00753         case UM_minchange:
00754                 entry_p->minchange = data_p->days;
00755                 break;
00756 
00757         case UM_maxchange:
00758                 entry_p->maxchange = data_p->days;
00759                 break;
00760 
00761         case UM_warnchange:
00762                 entry_p->warnchange = data_p->days;
00763                 break;
00764 
00765         case UM_inactive:
00766                 entry_p->inactive = data_p->days;
00767                 break;
00768 
00769         case UM_expire:
00770                 entry_p->expire = data_p->days;
00771                 break;
00772 
00773         case UM_ttl:
00774                 err =
00775                     rsbac_ta_list_lol_add_ttl(ta_number,
00776                                               user_handle,
00777                                               data_p->ttl, &user, entry_p);
00778                 rsbac_kfree(entry_p);
00779                 return err;
00780 
00781         default:
00782                 rsbac_kfree(entry_p);
00783                 return -RSBAC_EINVALIDREQUEST;
00784         }
00785 
00786         err =
00787             rsbac_ta_list_lol_add_ttl(ta_number,
00788                                       user_handle,
00789                                       RSBAC_LIST_TTL_KEEP, &user, entry_p);
00790         rsbac_kfree(entry_p);
00791         return err;
00792 }

int rsbac_um_remove_gm ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user,
rsbac_gid_t  group 
)

Definition at line 1070 of file um_data_structures.c.

References RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_lol_subremove(), and user_handle.

Referenced by sys_rsbac_um_remove_gm().

01072 {
01073         if (!rsbac_is_initialized()) {
01074                 rsbac_printk(KERN_WARNING "rsbac_um_remove_gm(): RSBAC not initialized\n");
01075                 return (-RSBAC_ENOTINITIALIZED);
01076         }
01077         rsbac_pr_debug(aef_um, "pid %u/%.15s: removing user %u group %u\n",
01078                 current->pid, current->comm, user, group);
01079         return rsbac_ta_list_lol_subremove(ta_number,
01080                                            user_handle,
01081                                            &user, &group);
01082 }

int rsbac_um_remove_group ( rsbac_list_ta_number_t  ta_number,
rsbac_gid_t  group 
)

Definition at line 1056 of file um_data_structures.c.

References group_handle, RSBAC_ENOTFOUND, rsbac_ta_list_exist(), rsbac_ta_list_lol_subremove_from_all(), rsbac_ta_list_remove(), and user_handle.

Referenced by sys_rsbac_um_remove_group().

01058 {
01059         if (!rsbac_ta_list_exist
01060             (ta_number, group_handle, &group))
01061                 return -RSBAC_ENOTFOUND;
01062         rsbac_ta_list_lol_subremove_from_all(ta_number,
01063                                              user_handle,
01064                                              &group);
01065         return rsbac_ta_list_remove(ta_number,
01066                                     group_handle,
01067                                     &group);
01068 }

int rsbac_um_remove_user ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user 
)

Definition at line 1045 of file um_data_structures.c.

References RSBAC_ENOTFOUND, rsbac_ta_list_lol_exist(), rsbac_ta_list_lol_remove(), and user_handle.

Referenced by sys_rsbac_um_remove_user().

01047 {
01048         if (!rsbac_ta_list_lol_exist
01049             (ta_number, user_handle, &user))
01050                 return -RSBAC_ENOTFOUND;
01051         return rsbac_ta_list_lol_remove(ta_number,
01052                                         user_handle,
01053                                         &user);
01054 }

int rsbac_um_set_group_pass ( rsbac_gid_t  gid,
char *  pass 
)

Definition at line 1399 of file um_data_structures.c.

References group_handle, new_salt(), NULL, RSBAC_ENOMEM, rsbac_kfree(), rsbac_kmalloc(), rsbac_pr_debug, rsbac_ta_list_add_ttl(), rsbac_ta_list_get_data_ttl(), rsbac_um_hash(), and RSBAC_UM_PASS_LEN.

Referenced by sys_rsbac_um_set_group_pass().

01400 {
01401         int err;
01402         struct rsbac_um_group_entry_t *entry_p;
01403         __u32 salt;
01404 
01405         entry_p = rsbac_kmalloc(sizeof(*entry_p));
01406         if (!entry_p)
01407                 return -RSBAC_ENOMEM;
01408         err = rsbac_ta_list_get_data_ttl(0, group_handle,
01409                                          NULL, &gid, entry_p);
01410         if (err)
01411                 goto out_free;
01412 
01413         rsbac_pr_debug(aef_um, "pid %u/%.15s: setting password for group %u\n",
01414                 current->pid, current->comm, gid);
01415         if (pass) {
01416                 new_salt(&salt);
01417                 err = rsbac_um_hash(pass, salt);
01418                 if (err)
01419                         goto out_free;
01420                 memcpy(entry_p->pass, &salt, sizeof(salt));
01421                 memcpy(entry_p->pass + sizeof(salt), pass,
01422                        RSBAC_UM_PASS_LEN - sizeof(salt));
01423         } else
01424                 memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN);
01425         err =
01426             rsbac_ta_list_add_ttl(0, group_handle, 0,
01427                                   &gid, entry_p);
01428 
01429       out_free:
01430         rsbac_kfree(entry_p);
01431         return err;
01432 }

int rsbac_um_set_pass ( rsbac_uid_t  uid,
char *  pass 
)

Definition at line 1331 of file um_data_structures.c.

References new_salt(), NULL, RSBAC_ENOMEM, rsbac_kfree(), rsbac_kmalloc(), rsbac_list_lol_get_data(), rsbac_list_lol_subadd(), rsbac_list_lol_subcount(), rsbac_pr_debug, rsbac_printk(), rsbac_ta_list_lol_add_ttl(), rsbac_ta_list_lol_get_data_ttl(), rsbac_ta_list_lol_get_max_subdesc(), rsbac_ta_list_lol_subremove_count(), rsbac_um_hash(), RSBAC_UM_PASS_LEN, and user_handle.

Referenced by sys_rsbac_um_set_pass().

01332 {
01333         int err;
01334         struct rsbac_um_user_entry_t *entry_p;
01335         __u32 salt;
01336 
01337         entry_p = rsbac_kmalloc(sizeof(*entry_p));
01338         if (!entry_p)
01339                 return -RSBAC_ENOMEM;
01340         err =
01341             rsbac_ta_list_lol_get_data_ttl(0, user_handle,
01342                                            NULL, &uid, entry_p);
01343         if (err)
01344                 goto out_free;
01345 
01346         rsbac_pr_debug(aef_um, "pid %u/%.15s: setting password for user %u\n",
01347                 current->pid, current->comm, uid);
01348         if (pass) {
01349 #ifdef CONFIG_RSBAC_UM_PWHISTORY
01350                 __u32 max_index = 0;
01351                 __u8 max_history = CONFIG_RSBAC_UM_PWHISTORY_MAX;
01352                 long count;
01353 #endif
01354                 new_salt(&salt);
01355                 err = rsbac_um_hash(pass, salt);
01356                 if (err)
01357                         goto out_free;
01358                 memcpy(entry_p->pass, &salt, sizeof(salt));
01359                 memcpy(entry_p->pass + sizeof(salt), pass,
01360                        RSBAC_UM_PASS_LEN - sizeof(salt));
01361 #ifdef CONFIG_RSBAC_UM_PWHISTORY
01362                 rsbac_ta_list_lol_get_max_subdesc(0,
01363                                                 user_pwhistory_handle,
01364                                                 &uid,
01365                                                 &max_index);
01366                 max_index++;
01367 
01368                 if (max_index != 0)
01369                         rsbac_list_lol_subadd(user_pwhistory_handle,
01370                                               &uid, &max_index,
01371                                               entry_p->pass);
01372                 else
01373                         rsbac_printk(KERN_WARNING "rsbac_um_set_pass(): maximum password history index reached for user %u, password will not be stored!\n",
01374                                      uid);
01375 
01376                 rsbac_list_lol_get_data(user_pwhistory_handle,
01377                                         &uid,
01378                                         &max_history);
01379                 count =
01380                     rsbac_list_lol_subcount(user_pwhistory_handle,
01381                                             &uid);
01382                 if (count > max_history)
01383                         rsbac_ta_list_lol_subremove_count(0,
01384                                                          user_pwhistory_handle,
01385                                                          &uid,
01386                                                          (count - max_history));
01387 #endif
01388         } else
01389                 memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN);
01390         entry_p->lastchange = RSBAC_CURRENT_TIME / 86400;
01391         err = rsbac_ta_list_lol_add_ttl(0, user_handle,
01392                                         0, &uid, entry_p);
01393 
01394       out_free:
01395         rsbac_kfree(entry_p);
01396         return err;
01397 }

int rsbac_um_user_exists ( rsbac_list_ta_number_t  ta_number,
rsbac_uid_t  user 
)

Definition at line 1029 of file um_data_structures.c.

References rsbac_ta_list_lol_exist(), and user_handle.

Referenced by rsbac_adf_request_int(), and sys_rsbac_um_user_exists().

01031 {
01032         return rsbac_ta_list_lol_exist(ta_number,
01033                                        user_handle,
01034                                        &user);
01035 }


Generated on Wed May 16 11:54:05 2007 for RSBAC by  doxygen 1.5.1