Main Page | Modules | Data Structures | File List | Data Fields | Globals | Related Pages

lcmaps_voms_localaccount.c

Go to the documentation of this file.
00001 /*                                                                                                            
00002  * Copyright (c) Members of the EGEE Collaboration. 2004.
00003  * See http://eu-egee.org/partners/ for details on the copyright holders.
00004  * For license conditions see the license file or
00005  * http://eu-egee.org/license.html
00006  */
00007 
00008 /*
00009  * Copyright (c) 2001 EU DataGrid.
00010  * For license conditions see http://www.eu-datagrid.org/license.html
00011  *
00012  * Copyright (c) 2001, 2002 by
00013  *     Martijn Steenbakkers <martijn@nikhef.nl>,
00014  *     David Groep <davidg@nikhef.nl>,
00015  *     NIKHEF Amsterdam, the Netherlands
00016  */
00017 
00104 /*****************************************************************************
00105                             Include header files
00106 ******************************************************************************/
00107 #include <stdio.h>
00108 #include <stdlib.h>
00109 #include <string.h>
00110 #include <pwd.h>
00111 
00112 #include "lcmaps_config.h"
00113 #include "lcmaps_modules.h"
00114 #include "lcmaps_arguments.h"
00115 #include "lcmaps_cred_data.h"
00116 #include "lcmaps_gridlist.h"
00117 
00118 /******************************************************************************
00119                                 Definitions
00120 ******************************************************************************/
00121 #define LCMAPS_MAXGIDBUFFER 256
00122 
00123 /******************************************************************************
00124                           Module specific prototypes
00125 ******************************************************************************/
00126 
00127 /******************************************************************************
00128                        Define module specific variables
00129 ******************************************************************************/
00130 
00131 static char *gridmapfile         = NULL;
00132 static int   use_voms_gid        = 0;
00133 
00134 /******************************************************************************
00135 Function:   plugin_initialize
00136 Description:
00137     Initialize plugin
00138 Parameters:
00139     argc, argv
00140     argv[0]: the name of the plugin
00141 Returns:
00142     LCMAPS_MOD_SUCCESS : succes
00143     LCMAPS_MOD_FAIL    : failure
00144     LCMAPS_MOD_NOFILE  : db file not found (will halt LCMAPS initialization)
00145 ******************************************************************************/
00146 int plugin_initialize(
00147         int argc,
00148         char ** argv
00149 )
00150 {
00151     char *  logstr = "\tlcmaps_plugin_voms_localaccount-plugin_initialize()";
00152     int i;
00153 
00154     lcmaps_log_debug(1,"%s: passed arguments:\n", logstr);
00155     for (i=0; i < argc; i++)
00156     {
00157        lcmaps_log_debug(2,"%s: arg %d is %s\n", logstr, i, argv[i]);
00158     }
00159 
00160     /*
00161      * the first will be the thing to edit/select (gridmap(file))
00162      * the second will be the path && filename of the gridmapfile
00163      */
00164 
00165     /*
00166      * Parse arguments, argv[0] = name of plugin, so start with i = 1
00167      */
00168     for (i = 1; i < argc; i++)
00169     {
00170         if ( ((strcmp(argv[i], "-gridmap") == 0) ||
00171               (strcmp(argv[i], "-GRIDMAP") == 0) ||
00172               (strcmp(argv[i], "-gridmapfile") == 0) ||
00173               (strcmp(argv[i], "-GRIDMAPFILE") == 0))
00174              && (i + 1 < argc))
00175         {
00176             if ((argv[i + 1] != NULL) && (strlen(argv[i + 1]) > 0))
00177             {
00178                  gridmapfile = strdup(argv[i + 1]);
00179             }
00180             i++;
00181         }
00182         else if (strcmp(argv[i], "-use_voms_gid") == 0)
00183         {
00184             use_voms_gid = 1;
00185         }
00186         else
00187         {
00188             lcmaps_log(0,"%s: Error in initialization parameter: %s (failure)\n", logstr,
00189                        argv[i]);
00190             return LCMAPS_MOD_FAIL;
00191         }
00192     }
00193     return LCMAPS_MOD_SUCCESS;
00194 } 
00195 
00196 /******************************************************************************
00197 Function:   plugin_introspect
00198 Description:
00199     return list of required arguments
00200 Parameters:
00201 
00202 Returns:
00203     LCMAPS_MOD_SUCCESS : succes
00204     LCMAPS_MOD_FAIL    : failure
00205 ******************************************************************************/
00206 int plugin_introspect(
00207         int * argc,
00208         lcmaps_argument_t ** argv
00209 )
00210 {
00211     char *                   logstr = "\tlcmaps_plugin_voms_localaccount-plugin_introspect()";
00212     static lcmaps_argument_t argList[] = {
00213         {"user_dn"      ,       "char *"        , 0,   NULL},
00214         {"fqan_list"    ,       "char **"       , 0,   NULL},
00215         {"nfqan"        ,       "int"           , 0,   NULL},
00216         {NULL           ,       NULL            , -1,   NULL}
00217     };
00218 
00219     lcmaps_log_debug(1,"%s: introspecting\n", logstr);
00220 
00221     *argv = argList;
00222     *argc = lcmaps_cntArgs(argList);
00223     lcmaps_log_debug(1,"%s: address first argument: 0x%x\n", logstr, argList);
00224 
00225     return LCMAPS_MOD_SUCCESS;
00226 }
00227 
00228 
00229 /******************************************************************************
00230 Function:   plugin_run
00231 Description:
00232     Gather credentials for LCMAPS
00233 Parameters:
00234     argc: number of arguments
00235     argv: list of arguments
00236 Returns:
00237     LCMAPS_MOD_SUCCESS: authorization succeeded
00238     LCMAPS_MOD_FAIL   : authorization failed
00239 ******************************************************************************/
00240 int plugin_run(
00241         int argc,
00242         lcmaps_argument_t * argv
00243 )
00244 {
00245     char *              logstr = "\tlcmaps_plugin_voms_localaccount-plugin_run()";
00246     char *              dn                  = NULL; 
00247     char *              username            = NULL;
00248     struct passwd       *user_info          = NULL;
00249     int                 i                   = 0;
00250     int                 cnt_sec_gid         = 0;
00251     gid_t *             sec_gid             = NULL;
00252     char **             vo_cred_string_list = NULL;
00253     int                 cnt_vo_cred_string  = 0;
00254     int                 found               = 0;
00255     unsigned short      matching_type       = ((unsigned short)0x0000);
00256     int                 rc                  = 0;
00257     char **             fqan_list           = NULL;
00258     int                 nfqan               = -1;
00259     
00260     /*
00261      * The beginning
00262      */
00263     lcmaps_log_debug(1,"%s:\n", logstr);
00264 
00265     /*
00266      * Try to get the ordered values:
00267      */
00268     if ( ( dn = *(char **) lcmaps_getArgValue("user_dn", "char *", argc, argv) ) )
00269         lcmaps_log_debug(1,"%s: found dn: %s\n", logstr, dn);
00270     else
00271         lcmaps_log_debug(1,"%s: could not get value of dn !\n", logstr);
00272 
00273 
00274     /*
00275      * Check the gridmapfile
00276      */
00277 
00278     if ((gridmapfile != NULL) && (strlen(gridmapfile) > 0))
00279         lcmaps_log_debug(1,"%s: gridmapfile is: %s\n", logstr, gridmapfile);
00280     else
00281     {
00282         if (gridmapfile) free(gridmapfile);
00283         gridmapfile = NULL;
00284         lcmaps_log_debug(1,"%s: No gridmapfile assigned, so function must find out for it self\n", logstr);
00285     }
00286 
00287     /*
00288      * Get the VO user information.
00289      * We can either order it by lcmaps_argument_t or use the getCredentialData() function.
00290      * The latter case requires the voms parsing plugin (lcmaps_voms.mod) to have run beforehand.
00291      * Unfortunately the formats of the VOMS strings (from getCredentialData()) and
00292      * FQANs (from lcmaps_argument_t) are not the same. We may have to introduce
00293      * two-way conversion functions.
00294      * The VOMS info has to matched against the info in the gridmapfile
00295      */
00296     lcmaps_log_debug(1,"%s: First try to get the FQAN list from input credential repository ...\n", logstr);
00297     if ( ( nfqan = *(int *) lcmaps_getArgValue("nfqan", "int", argc, argv) ) )
00298     {
00299         lcmaps_log_debug(1,"%s: the list of FQANs should contain %d elements\n", logstr, nfqan);
00300         if ( ( fqan_list = *(char ***) lcmaps_getArgValue("fqan_list", "char **", argc, argv) ) )
00301             lcmaps_log_debug(1, "%s: found list of FQANs\n", logstr);
00302         else
00303         {
00304             lcmaps_log_debug(1, "%s: could not retrieve list of FQANs!\n", logstr);
00305             goto fail_voms_localaccount;
00306         }
00307         for (i = 0; i < nfqan; i++)
00308         {
00309             lcmaps_log_debug(3, "%s: FQAN %d: %s\n", logstr, i, fqan_list[i]);
00310         }
00311         vo_cred_string_list = fqan_list;
00312         cnt_vo_cred_string = nfqan;
00313     }
00314     else
00315     {
00316         lcmaps_log_debug(1,"%s: ... did not find input credentials in input credential repository...\n", logstr);
00317         lcmaps_log_debug(1,"%s: ... trying the internal credential repository ...\n", logstr);
00318 
00319         vo_cred_string_list = getCredentialData(LCMAPS_VO_CRED_STRING, &cnt_vo_cred_string);
00320     }
00321 
00322     if (cnt_vo_cred_string == 0)
00323     {
00324         lcmaps_log(0,"%s: no VOMS group info --> no mapping\n", logstr);
00325         goto fail_voms_localaccount;
00326     }
00327     else if (cnt_vo_cred_string < 0)
00328     {
00329         lcmaps_log(0,"%s: negative number of VOMS groups found ! (failure)\n", logstr);
00330         goto fail_voms_localaccount;
00331     }
00332 
00333 
00334     /*
00335      * Try to match the VO strings with the gridmapfile info
00336      * normally the first available VO string should match
00337      */
00338     found = 0;
00339 
00340     matching_type = MATCH_EXCLUDE|MATCH_WILD_CHARS;
00341  
00342     for (i = 0; i < cnt_vo_cred_string; i++)
00343     {
00344         if ( (rc = lcmaps_gridlist(vo_cred_string_list[i], &username, gridmapfile, matching_type, ".", NULL)) == 0)
00345         {
00346             found = 1;
00347             lcmaps_log_debug(1,"%s: found username: %s\n", logstr, username);
00348             break;
00349         }
00350         else if (rc == LCMAPS_MOD_NOFILE)
00351         {
00352             lcmaps_log(0, "%s: Could not find the gridmapfile %s\n", logstr, gridmapfile);
00353             goto fail_voms_localaccount;
00354         }
00355         else
00356         {
00357             lcmaps_log_debug(1, "%s: no localaccount available for group (%s) in %s\n", logstr, vo_cred_string_list[i], gridmapfile);
00358         }
00359     }
00360     if (found != 1)
00361     {
00362         lcmaps_log(0, "%s: Could not find a VOMS localaccount in %s (failure)\n", logstr, gridmapfile);
00363         goto fail_voms_localaccount;
00364     }
00365 
00366 
00367     /*
00368      * Get userid to pwd_t structure
00369      */
00370     if (username && (strlen(username) > 0))
00371     {
00372 
00373         if ( ( user_info = getpwnam(username) ) )
00374         {
00375             lcmaps_log_debug(2,"%s: address user_info: %p\n", logstr, user_info);
00376             lcmaps_log_debug(2,"%s: username : %s, char ptr: %p, address char ptr: %p\n", logstr, user_info->pw_name, user_info->pw_name, &(user_info->pw_name));
00377             lcmaps_log_debug(2,"%s: password : %s\n", logstr, user_info->pw_passwd);
00378             lcmaps_log_debug(2,"%s: user_id  : %d, address uid: %p\n", logstr, user_info->pw_uid, &(user_info->pw_uid));
00379             lcmaps_log_debug(2,"%s: group_id : %d\n", logstr, user_info->pw_gid);
00380             lcmaps_log_debug(2,"%s: realname : %s\n", logstr, user_info->pw_gecos);
00381             lcmaps_log_debug(2,"%s: home dir : %s\n", logstr, user_info->pw_dir);
00382             lcmaps_log_debug(2,"%s: shellprg : %s\n", logstr, user_info->pw_shell);
00383 
00384             /* 
00385              * Add this credential data to the credential data repository in the plugin manager
00386              */
00387             addCredentialData(DN,  &dn);
00388             addCredentialData(UID, &(user_info->pw_uid));
00389             if (use_voms_gid == 0)
00390             {
00391                 lcmaps_log_debug(1,"%s: adding primary GID (%d) from local account to CredentialData\n",
00392                                  logstr, user_info->pw_gid);
00393                 addCredentialData(PRI_GID, &(user_info->pw_gid));
00394                 /*
00395                  * Retrieve secondary group id's
00396                  */
00397                 if (lcmaps_get_gidlist(username, &cnt_sec_gid, &sec_gid)==0)
00398                 {
00399                     for (i = 0; i < cnt_sec_gid; i++)
00400                     {
00401                         addCredentialData(SEC_GID, &(sec_gid[i]));
00402                     }
00403                     free(sec_gid);
00404                 }
00405             }
00406         }
00407         else
00408         {
00409             lcmaps_log(0,"%s: no user account found named \"%s\"\n", logstr, username);
00410             goto fail_voms_localaccount;
00411         }
00412     }
00413     else
00414     {   // error (msg is already given)
00415         goto fail_voms_localaccount;
00416     }
00417 
00418     /* succes */
00419  success_voms_localaccount:
00420     if (username) free(username);
00421     lcmaps_log_time(0,"%s: voms_localaccount plugin succeeded\n", logstr);
00422     return LCMAPS_MOD_SUCCESS;
00423 
00424  fail_voms_localaccount:
00425     if (username) free(username);
00426     lcmaps_log_time(0,"%s: voms_localaccount plugin failed\n", logstr);
00427     return LCMAPS_MOD_FAIL;
00428 }
00429 
00430 /******************************************************************************
00431 Function:   plugin_terminate
00432 Description:
00433     Terminate plugin
00434 Parameters:
00435 
00436 Returns:
00437     LCMAPS_MOD_SUCCESS : succes
00438     LCMAPS_MOD_FAIL    : failure
00439 ******************************************************************************/
00440 int plugin_terminate()
00441 {
00442     char * logstr = "\tlcmaps_plugin_voms_localaccount-plugin_terminate()";
00443 
00444     lcmaps_log_debug(1,"%s: terminating\n", logstr);
00445 
00446     if (gridmapfile) free(gridmapfile);
00447 
00448     return LCMAPS_MOD_SUCCESS;
00449 }
00450 
00451 /******************************************************************************
00452 CVS Information:
00453     $Source: /cvs/jra1mw/org.glite.security.lcmaps-plugins-voms/src/voms/lcmaps_voms_localaccount.c,v $
00454     $Date: 2005/02/27 01:30:42 $
00455     $Revision: 1.4 $
00456     $Author: msteenba $
00457 ******************************************************************************/
Generated on Sun May 29 21:22:11 2005 for lcmaps by doxygen 1.3.5