2 * Copyright (C) Stefan Metzmacher 2007 <metze@samba.org>
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the author nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #define NSS_WRAPPER_NOT_REPLACE
37 #include "../replace/replace.h"
38 #include "system/passwd.h"
39 #include "system/filesys.h"
40 #include "../nsswitch/nsstest.h"
42 #else /* _SAMBA_BUILD_ */
44 #error nss_wrapper_only_supported_in_samba_yet
52 /* not all systems have _r functions... */
53 #ifndef HAVE_GETPWNAM_R
54 #define getpwnam_r(name, pwdst, buf, buflen, pwdstp) ENOSYS
56 #ifndef HAVE_GETPWUID_R
57 #define getpwuid_r(uid, pwdst, buf, buflen, pwdstp) ENOSYS
59 #ifndef HAVE_GETPWENT_R
60 #define getpwent_r(pwdst, buf, buflen, pwdstp) ENOSYS
62 #ifndef HAVE_GETGRNAM_R
63 #define getgrnam_r(name, grdst, buf, buflen, grdstp) ENOSYS
65 #ifndef HAVE_GETGRGID_R
66 #define getgrgid_r(gid, grdst, buf, buflen, grdstp) ENOSYS
68 #ifndef HAVE_GETGRENT_R
69 #define getgrent_r(grdst, buf, buflen, grdstp) ENOSYS
72 /* not all systems have getgrouplist */
73 #ifndef HAVE_GETGROUPLIST
74 #define getgrouplist(user, group, groups, ngroups) 0
77 /* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support
83 #define real_getpwnam getpwnam
84 #define real_getpwnam_r getpwnam_r
85 #define real_getpwuid getpwuid
86 #define real_getpwuid_r getpwuid_r
88 #define real_setpwent setpwent
89 #define real_getpwent getpwent
90 #define real_getpwent_r getpwent_r
91 #define real_endpwent endpwent
94 #define real_getgrlst getgrlst
95 #define real_getgrlst_r getgrlst_r
96 #define real_initgroups_dyn initgroups_dyn
98 #define real_initgroups initgroups
99 #define real_getgrouplist getgrouplist
101 #define real_getgrnam getgrnam
102 #define real_getgrnam_r getgrnam_r
103 #define real_getgrgid getgrgid
104 #define real_getgrgid_r getgrgid_r
106 #define real_setgrent setgrent
107 #define real_getgrent getgrent
108 #define real_getgrent_r getgrent_r
109 #define real_endgrent endgrent
115 # define NWRAP_ERROR(args) DEBUG(0, args)
117 # define NWRAP_ERROR(args) printf args
120 #define NWRAP_ERROR(args)
125 # define NWRAP_DEBUG(args) DEBUG(0, args)
127 # define NWRAP_DEBUG(args) printf args
130 #define NWRAP_DEBUG(args)
135 # define NWRAP_VERBOSE(args) DEBUG(0, args)
137 # define NWRAP_VERBOSE(args) printf args
140 #define NWRAP_VERBOSE(args)
143 struct nwrap_module_nss_fns {
144 NSS_STATUS (*_nss_getpwnam_r)(const char *name, struct passwd *result, char *buffer,
145 size_t buflen, int *errnop);
146 NSS_STATUS (*_nss_getpwuid_r)(uid_t uid, struct passwd *result, char *buffer,
147 size_t buflen, int *errnop);
148 NSS_STATUS (*_nss_setpwent)(void);
149 NSS_STATUS (*_nss_getpwent_r)(struct passwd *result, char *buffer,
150 size_t buflen, int *errnop);
151 NSS_STATUS (*_nss_endpwent)(void);
152 NSS_STATUS (*_nss_initgroups)(const char *user, gid_t group, long int *start,
153 long int *size, gid_t **groups, long int limit, int *errnop);
154 NSS_STATUS (*_nss_getgrnam_r)(const char *name, struct group *result, char *buffer,
155 size_t buflen, int *errnop);
156 NSS_STATUS (*_nss_getgrgid_r)(gid_t gid, struct group *result, char *buffer,
157 size_t buflen, int *errnop);
158 NSS_STATUS (*_nss_setgrent)(void);
159 NSS_STATUS (*_nss_getgrent_r)(struct group *result, char *buffer,
160 size_t buflen, int *errnop);
161 NSS_STATUS (*_nss_endgrent)(void);
164 struct nwrap_backend {
168 struct nwrap_ops *ops;
169 struct nwrap_module_nss_fns *fns;
173 struct passwd * (*nw_getpwnam)(struct nwrap_backend *b,
175 int (*nw_getpwnam_r)(struct nwrap_backend *b,
176 const char *name, struct passwd *pwdst,
177 char *buf, size_t buflen, struct passwd **pwdstp);
178 struct passwd * (*nw_getpwuid)(struct nwrap_backend *b,
180 int (*nw_getpwuid_r)(struct nwrap_backend *b,
181 uid_t uid, struct passwd *pwdst,
182 char *buf, size_t buflen, struct passwd **pwdstp);
183 void (*nw_setpwent)(struct nwrap_backend *b);
184 struct passwd * (*nw_getpwent)(struct nwrap_backend *b);
185 int (*nw_getpwent_r)(struct nwrap_backend *b,
186 struct passwd *pwdst, char *buf,
187 size_t buflen, struct passwd **pwdstp);
188 void (*nw_endpwent)(struct nwrap_backend *b);
189 int (*nw_initgroups)(struct nwrap_backend *b,
190 const char *user, gid_t group);
191 struct group * (*nw_getgrnam)(struct nwrap_backend *b,
193 int (*nw_getgrnam_r)(struct nwrap_backend *b,
194 const char *name, struct group *grdst,
195 char *buf, size_t buflen, struct group **grdstp);
196 struct group * (*nw_getgrgid)(struct nwrap_backend *b,
198 int (*nw_getgrgid_r)(struct nwrap_backend *b,
199 gid_t gid, struct group *grdst,
200 char *buf, size_t buflen, struct group **grdstp);
201 void (*nw_setgrent)(struct nwrap_backend *b);
202 struct group * (*nw_getgrent)(struct nwrap_backend *b);
203 int (*nw_getgrent_r)(struct nwrap_backend *b,
204 struct group *grdst, char *buf,
205 size_t buflen, struct group **grdstp);
206 void (*nw_endgrent)(struct nwrap_backend *b);
209 /* protoypes for files backend */
212 static struct passwd *nwrap_files_getpwnam(struct nwrap_backend *b,
214 static int nwrap_files_getpwnam_r(struct nwrap_backend *b,
215 const char *name, struct passwd *pwdst,
216 char *buf, size_t buflen, struct passwd **pwdstp);
217 static struct passwd *nwrap_files_getpwuid(struct nwrap_backend *b,
219 static int nwrap_files_getpwuid_r(struct nwrap_backend *b,
220 uid_t uid, struct passwd *pwdst,
221 char *buf, size_t buflen, struct passwd **pwdstp);
222 static void nwrap_files_setpwent(struct nwrap_backend *b);
223 static struct passwd *nwrap_files_getpwent(struct nwrap_backend *b);
224 static int nwrap_files_getpwent_r(struct nwrap_backend *b,
225 struct passwd *pwdst, char *buf,
226 size_t buflen, struct passwd **pwdstp);
227 static void nwrap_files_endpwent(struct nwrap_backend *b);
228 static int nwrap_files_initgroups(struct nwrap_backend *b,
229 const char *user, gid_t group);
230 static struct group *nwrap_files_getgrnam(struct nwrap_backend *b,
232 static int nwrap_files_getgrnam_r(struct nwrap_backend *b,
233 const char *name, struct group *grdst,
234 char *buf, size_t buflen, struct group **grdstp);
235 static struct group *nwrap_files_getgrgid(struct nwrap_backend *b,
237 static int nwrap_files_getgrgid_r(struct nwrap_backend *b,
238 gid_t gid, struct group *grdst,
239 char *buf, size_t buflen, struct group **grdstp);
240 static void nwrap_files_setgrent(struct nwrap_backend *b);
241 static struct group *nwrap_files_getgrent(struct nwrap_backend *b);
242 static int nwrap_files_getgrent_r(struct nwrap_backend *b,
243 struct group *grdst, char *buf,
244 size_t buflen, struct group **grdstp);
245 static void nwrap_files_endgrent(struct nwrap_backend *b);
247 struct nwrap_ops nwrap_files_ops = {
248 .nw_getpwnam = nwrap_files_getpwnam,
249 .nw_getpwnam_r = nwrap_files_getpwnam_r,
250 .nw_getpwuid = nwrap_files_getpwuid,
251 .nw_getpwuid_r = nwrap_files_getpwuid_r,
252 .nw_setpwent = nwrap_files_setpwent,
253 .nw_getpwent = nwrap_files_getpwent,
254 .nw_getpwent_r = nwrap_files_getpwent_r,
255 .nw_endpwent = nwrap_files_endpwent,
256 .nw_initgroups = nwrap_files_initgroups,
257 .nw_getgrnam = nwrap_files_getgrnam,
258 .nw_getgrnam_r = nwrap_files_getgrnam_r,
259 .nw_getgrgid = nwrap_files_getgrgid,
260 .nw_getgrgid_r = nwrap_files_getgrgid_r,
261 .nw_setgrent = nwrap_files_setgrent,
262 .nw_getgrent = nwrap_files_getgrent,
263 .nw_getgrent_r = nwrap_files_getgrent_r,
264 .nw_endgrent = nwrap_files_endgrent,
268 const char *nwrap_switch;
270 struct nwrap_backend *backends;
273 struct nwrap_main *nwrap_main_global;
274 struct nwrap_main __nwrap_main_global;
282 bool (*parse_line)(struct nwrap_cache *, char *line);
283 void (*unload)(struct nwrap_cache *);
287 struct nwrap_cache *cache;
294 struct nwrap_cache __nwrap_cache_pw;
295 struct nwrap_pw nwrap_pw_global;
297 static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line);
298 static void nwrap_pw_unload(struct nwrap_cache *nwrap);
301 struct nwrap_cache *cache;
308 struct nwrap_cache __nwrap_cache_gr;
309 struct nwrap_gr nwrap_gr_global;
311 static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line);
312 static void nwrap_gr_unload(struct nwrap_cache *nwrap);
314 static void *nwrap_load_module_fn(struct nwrap_backend *b,
321 NWRAP_ERROR(("%s: no handle\n",
326 if (asprintf(&s, "_nss_%s_%s", b->name, fn_name) == -1) {
327 NWRAP_ERROR(("%s: out of memory\n",
332 res = dlsym(b->so_handle, s);
334 NWRAP_ERROR(("%s: cannot find function %s in %s\n",
335 __location__, s, b->so_path));
342 static struct nwrap_module_nss_fns *nwrap_load_module_fns(struct nwrap_backend *b)
344 struct nwrap_module_nss_fns *fns;
350 fns = (struct nwrap_module_nss_fns *)malloc(sizeof(struct nwrap_module_nss_fns));
355 fns->_nss_getpwnam_r = (NSS_STATUS (*)(const char *, struct passwd *, char *, size_t, int *))
356 nwrap_load_module_fn(b, "getpwnam_r");
357 fns->_nss_getpwuid_r = (NSS_STATUS (*)(uid_t, struct passwd *, char *, size_t, int *))
358 nwrap_load_module_fn(b, "getpwuid_r");
359 fns->_nss_setpwent = (NSS_STATUS(*)(void))
360 nwrap_load_module_fn(b, "setpwent");
361 fns->_nss_getpwent_r = (NSS_STATUS (*)(struct passwd *, char *, size_t, int *))
362 nwrap_load_module_fn(b, "getpwent_r");
363 fns->_nss_endpwent = (NSS_STATUS(*)(void))
364 nwrap_load_module_fn(b, "endpwent");
365 fns->_nss_initgroups = (NSS_STATUS (*)(const char *, gid_t, long int *, long int *, gid_t **, long int, int *))
366 nwrap_load_module_fn(b, "initgroups_dyn");
367 fns->_nss_getgrnam_r = (NSS_STATUS (*)(const char *, struct group *, char *, size_t, int *))
368 nwrap_load_module_fn(b, "getgrnam_r");
369 fns->_nss_getgrgid_r = (NSS_STATUS (*)(gid_t, struct group *, char *, size_t, int *))
370 nwrap_load_module_fn(b, "getgrgid_r");
371 fns->_nss_setgrent = (NSS_STATUS(*)(void))
372 nwrap_load_module_fn(b, "setgrent");
373 fns->_nss_getgrent_r = (NSS_STATUS (*)(struct group *, char *, size_t, int *))
374 nwrap_load_module_fn(b, "getgrent_r");
375 fns->_nss_endgrent = (NSS_STATUS(*)(void))
376 nwrap_load_module_fn(b, "endgrent");
381 static void *nwrap_load_module(const char *so_path)
385 if (!so_path || !strlen(so_path)) {
389 h = dlopen(so_path, RTLD_LAZY);
391 NWRAP_ERROR(("%s: cannot open shared library %s\n",
392 __location__, so_path));
399 static bool nwrap_module_init(const char *name,
400 struct nwrap_ops *ops,
403 struct nwrap_backend **backends)
405 *backends = (struct nwrap_backend *)realloc(*backends,
406 sizeof(struct nwrap_backend) * ((*num_backends) + 1));
408 NWRAP_ERROR(("%s: out of memory\n",
412 (*backends)[*num_backends].name = name;
413 (*backends)[*num_backends].ops = ops;
414 (*backends)[*num_backends].so_path = so_path;
415 (*backends)[*num_backends].so_handle = nwrap_load_module(so_path);
416 (*backends)[*num_backends].fns = nwrap_load_module_fns(&((*backends)[*num_backends]));
423 static void nwrap_backend_init(struct nwrap_main *r)
428 if (!nwrap_module_init("files", &nwrap_files_ops, NULL,
431 NWRAP_ERROR(("%s: failed to initialize 'files' backend\n",
437 static void nwrap_init(void)
439 static bool initialized;
441 if (initialized) return;
444 nwrap_main_global = &__nwrap_main_global;
446 nwrap_backend_init(nwrap_main_global);
448 nwrap_pw_global.cache = &__nwrap_cache_pw;
450 nwrap_pw_global.cache->path = getenv("NSS_WRAPPER_PASSWD");
451 nwrap_pw_global.cache->fd = -1;
452 nwrap_pw_global.cache->private_data = &nwrap_pw_global;
453 nwrap_pw_global.cache->parse_line = nwrap_pw_parse_line;
454 nwrap_pw_global.cache->unload = nwrap_pw_unload;
456 nwrap_gr_global.cache = &__nwrap_cache_gr;
458 nwrap_gr_global.cache->path = getenv("NSS_WRAPPER_GROUP");
459 nwrap_gr_global.cache->fd = -1;
460 nwrap_gr_global.cache->private_data = &nwrap_gr_global;
461 nwrap_gr_global.cache->parse_line = nwrap_gr_parse_line;
462 nwrap_gr_global.cache->unload = nwrap_gr_unload;
465 static bool nwrap_enabled(void)
469 if (!nwrap_pw_global.cache->path) {
472 if (nwrap_pw_global.cache->path[0] == '\0') {
475 if (!nwrap_gr_global.cache->path) {
478 if (nwrap_gr_global.cache->path[0] == '\0') {
485 static bool nwrap_parse_file(struct nwrap_cache *nwrap)
491 if (nwrap->st.st_size == 0) {
492 NWRAP_DEBUG(("%s: size == 0\n",
497 if (nwrap->st.st_size > INT32_MAX) {
498 NWRAP_ERROR(("%s: size[%u] larger than INT32_MAX\n",
499 __location__, (unsigned)nwrap->st.st_size));
503 ret = lseek(nwrap->fd, 0, SEEK_SET);
505 NWRAP_ERROR(("%s: lseek - %d\n",__location__,ret));
509 buf = (uint8_t *)malloc(nwrap->st.st_size + 1);
511 NWRAP_ERROR(("%s: malloc failed\n",__location__));
515 ret = read(nwrap->fd, buf, nwrap->st.st_size);
516 if (ret != nwrap->st.st_size) {
517 NWRAP_ERROR(("%s: read(%u) gave %d\n",
518 __location__, (unsigned)nwrap->st.st_size, ret));
522 buf[nwrap->st.st_size] = '\0';
525 while (nline && nline[0]) {
533 e = strchr(line, '\n');
544 NWRAP_VERBOSE(("%s:'%s'\n",__location__, line));
546 if (strlen(line) == 0) {
550 ok = nwrap->parse_line(nwrap, line);
565 static void nwrap_cache_unload(struct nwrap_cache *nwrap)
567 nwrap->unload(nwrap);
569 if (nwrap->buf) free(nwrap->buf);
574 static void nwrap_cache_reload(struct nwrap_cache *nwrap)
579 bool retried = false;
583 nwrap->fd = open(nwrap->path, O_RDONLY);
585 NWRAP_ERROR(("%s: unable to open '%s' readonly %d:%s\n",
587 nwrap->path, nwrap->fd,
591 NWRAP_VERBOSE(("%s: open '%s'\n", __location__, nwrap->path));
594 ret = fstat(nwrap->fd, &st);
596 NWRAP_ERROR(("%s: fstat(%s) - %d:%s\n",
599 ret, strerror(errno)));
603 if (retried == false && st.st_nlink == 0) {
604 /* maybe someone has replaced the file... */
605 NWRAP_DEBUG(("%s: st_nlink == 0, reopen %s\n",
606 __location__, nwrap->path));
608 memset(&nwrap->st, 0, sizeof(nwrap->st));
614 if (st.st_mtime == nwrap->st.st_mtime) {
615 NWRAP_VERBOSE(("%s: st_mtime[%u] hasn't changed, skip reload\n",
616 __location__, (unsigned)st.st_mtime));
619 NWRAP_DEBUG(("%s: st_mtime has changed [%u] => [%u], start reload\n",
620 __location__, (unsigned)st.st_mtime,
621 (unsigned)nwrap->st.st_mtime));
625 nwrap_cache_unload(nwrap);
627 ok = nwrap_parse_file(nwrap);
629 NWRAP_ERROR(("%s: failed to reload %s\n",
630 __location__, nwrap->path));
631 nwrap_cache_unload(nwrap);
633 NWRAP_DEBUG(("%s: reloaded %s\n",
634 __location__, nwrap->path));
638 * the caller has to call nwrap_unload() on failure
640 static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line)
642 struct nwrap_pw *nwrap_pw;
649 nwrap_pw = (struct nwrap_pw *)nwrap->private_data;
651 list_size = sizeof(*nwrap_pw->list) * (nwrap_pw->num+1);
652 pw = (struct passwd *)realloc(nwrap_pw->list, list_size);
654 NWRAP_ERROR(("%s:realloc(%u) failed\n",
655 __location__, list_size));
660 pw = &nwrap_pw->list[nwrap_pw->num];
667 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
668 __location__, line, c));
676 NWRAP_VERBOSE(("name[%s]\n", pw->pw_name));
681 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
682 __location__, line, c));
690 NWRAP_VERBOSE(("password[%s]\n", pw->pw_passwd));
695 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
696 __location__, line, c));
702 pw->pw_uid = (uid_t)strtoul(c, &e, 10);
704 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
705 __location__, line, c, strerror(errno)));
709 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
710 __location__, line, c, strerror(errno)));
714 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
715 __location__, line, c, strerror(errno)));
720 NWRAP_VERBOSE(("uid[%u]\n", pw->pw_uid));
725 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
726 __location__, line, c));
732 pw->pw_gid = (gid_t)strtoul(c, &e, 10);
734 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
735 __location__, line, c, strerror(errno)));
739 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
740 __location__, line, c, strerror(errno)));
744 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
745 __location__, line, c, strerror(errno)));
750 NWRAP_VERBOSE(("gid[%u]\n", pw->pw_gid));
755 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
756 __location__, line, c));
764 NWRAP_VERBOSE(("gecos[%s]\n", pw->pw_gecos));
769 NWRAP_ERROR(("%s:'%s'\n",__location__,c));
777 NWRAP_VERBOSE(("dir[%s]\n", pw->pw_dir));
781 NWRAP_VERBOSE(("shell[%s]\n", pw->pw_shell));
783 NWRAP_DEBUG(("add user[%s:%s:%u:%u:%s:%s:%s]\n",
784 pw->pw_name, pw->pw_passwd,
785 pw->pw_uid, pw->pw_gid,
786 pw->pw_gecos, pw->pw_dir, pw->pw_shell));
792 static void nwrap_pw_unload(struct nwrap_cache *nwrap)
794 struct nwrap_pw *nwrap_pw;
795 nwrap_pw = (struct nwrap_pw *)nwrap->private_data;
797 if (nwrap_pw->list) free(nwrap_pw->list);
799 nwrap_pw->list = NULL;
804 static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst,
805 char *buf, size_t buflen, struct passwd **dstp)
811 first = src->pw_name;
813 last = src->pw_shell;
814 while (*last) last++;
816 ofs = PTR_DIFF(last + 1, first);
822 memcpy(buf, first, ofs);
824 ofs = PTR_DIFF(src->pw_name, first);
825 dst->pw_name = buf + ofs;
826 ofs = PTR_DIFF(src->pw_passwd, first);
827 dst->pw_passwd = buf + ofs;
828 dst->pw_uid = src->pw_uid;
829 dst->pw_gid = src->pw_gid;
830 ofs = PTR_DIFF(src->pw_gecos, first);
831 dst->pw_gecos = buf + ofs;
832 ofs = PTR_DIFF(src->pw_dir, first);
833 dst->pw_dir = buf + ofs;
834 ofs = PTR_DIFF(src->pw_shell, first);
835 dst->pw_shell = buf + ofs;
845 * the caller has to call nwrap_unload() on failure
847 static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line)
849 struct nwrap_gr *nwrap_gr;
857 nwrap_gr = (struct nwrap_gr *)nwrap->private_data;
859 list_size = sizeof(*nwrap_gr->list) * (nwrap_gr->num+1);
860 gr = (struct group *)realloc(nwrap_gr->list, list_size);
862 NWRAP_ERROR(("%s:realloc failed\n",__location__));
867 gr = &nwrap_gr->list[nwrap_gr->num];
874 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
875 __location__, line, c));
883 NWRAP_VERBOSE(("name[%s]\n", gr->gr_name));
888 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
889 __location__, line, c));
897 NWRAP_VERBOSE(("password[%s]\n", gr->gr_passwd));
902 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
903 __location__, line, c));
909 gr->gr_gid = (gid_t)strtoul(c, &e, 10);
911 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
912 __location__, line, c, strerror(errno)));
916 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
917 __location__, line, c, strerror(errno)));
921 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
922 __location__, line, c, strerror(errno)));
927 NWRAP_VERBOSE(("gid[%u]\n", gr->gr_gid));
930 gr->gr_mem = (char **)malloc(sizeof(char *));
932 NWRAP_ERROR(("%s:calloc failed\n",__location__));
935 gr->gr_mem[0] = NULL;
937 for(nummem=0; p; nummem++) {
947 if (strlen(c) == 0) {
951 m_size = sizeof(char *) * (nummem+2);
952 m = (char **)realloc(gr->gr_mem, m_size);
954 NWRAP_ERROR(("%s:realloc(%u) failed\n",
955 __location__, m_size));
959 gr->gr_mem[nummem] = c;
960 gr->gr_mem[nummem+1] = NULL;
962 NWRAP_VERBOSE(("member[%u]: '%s'\n", nummem, gr->gr_mem[nummem]));
965 NWRAP_DEBUG(("add group[%s:%s:%u:] with %u members\n",
966 gr->gr_name, gr->gr_passwd, gr->gr_gid, nummem));
972 static void nwrap_gr_unload(struct nwrap_cache *nwrap)
975 struct nwrap_gr *nwrap_gr;
976 nwrap_gr = (struct nwrap_gr *)nwrap->private_data;
978 if (nwrap_gr->list) {
979 for (i=0; i < nwrap_gr->num; i++) {
980 if (nwrap_gr->list[i].gr_mem) {
981 free(nwrap_gr->list[i].gr_mem);
984 free(nwrap_gr->list);
987 nwrap_gr->list = NULL;
992 static int nwrap_gr_copy_r(const struct group *src, struct group *dst,
993 char *buf, size_t buflen, struct group **dstp)
1003 first = src->gr_name;
1005 lastm = src->gr_mem;
1012 last = src->gr_passwd;
1014 while (*last) last++;
1016 ofsb = PTR_DIFF(last + 1, first);
1017 ofsm = PTR_DIFF(lastm + 1, src->gr_mem);
1019 if ((ofsb + ofsm) > buflen) {
1023 memcpy(buf, first, ofsb);
1024 memcpy(buf + ofsb, src->gr_mem, ofsm);
1026 ofs = PTR_DIFF(src->gr_name, first);
1027 dst->gr_name = buf + ofs;
1028 ofs = PTR_DIFF(src->gr_passwd, first);
1029 dst->gr_passwd = buf + ofs;
1030 dst->gr_gid = src->gr_gid;
1032 dst->gr_mem = (char **)(buf + ofsb);
1033 for (i=0; src->gr_mem[i]; i++) {
1034 ofs = PTR_DIFF(src->gr_mem[i], first);
1035 dst->gr_mem[i] = buf + ofs;
1045 /* user functions */
1046 static struct passwd *nwrap_files_getpwnam(struct nwrap_backend *b,
1051 nwrap_cache_reload(nwrap_pw_global.cache);
1053 for (i=0; i<nwrap_pw_global.num; i++) {
1054 if (strcmp(nwrap_pw_global.list[i].pw_name, name) == 0) {
1055 NWRAP_DEBUG(("%s: user[%s] found\n",
1056 __location__, name));
1057 return &nwrap_pw_global.list[i];
1059 NWRAP_VERBOSE(("%s: user[%s] does not match [%s]\n",
1061 nwrap_pw_global.list[i].pw_name));
1064 NWRAP_DEBUG(("%s: user[%s] not found\n", __location__, name));
1070 static int nwrap_files_getpwnam_r(struct nwrap_backend *b,
1071 const char *name, struct passwd *pwdst,
1072 char *buf, size_t buflen, struct passwd **pwdstp)
1076 pw = nwrap_files_getpwnam(b, name);
1084 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
1087 static struct passwd *nwrap_files_getpwuid(struct nwrap_backend *b,
1092 nwrap_cache_reload(nwrap_pw_global.cache);
1094 for (i=0; i<nwrap_pw_global.num; i++) {
1095 if (nwrap_pw_global.list[i].pw_uid == uid) {
1096 NWRAP_DEBUG(("%s: uid[%u] found\n",
1097 __location__, uid));
1098 return &nwrap_pw_global.list[i];
1100 NWRAP_VERBOSE(("%s: uid[%u] does not match [%u]\n",
1102 nwrap_pw_global.list[i].pw_uid));
1105 NWRAP_DEBUG(("%s: uid[%u] not found\n", __location__, uid));
1111 static int nwrap_files_getpwuid_r(struct nwrap_backend *b,
1112 uid_t uid, struct passwd *pwdst,
1113 char *buf, size_t buflen, struct passwd **pwdstp)
1117 pw = nwrap_files_getpwuid(b, uid);
1125 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
1128 /* user enum functions */
1129 static void nwrap_files_setpwent(struct nwrap_backend *b)
1131 nwrap_pw_global.idx = 0;
1134 static struct passwd *nwrap_files_getpwent(struct nwrap_backend *b)
1138 if (nwrap_pw_global.idx == 0) {
1139 nwrap_cache_reload(nwrap_pw_global.cache);
1142 if (nwrap_pw_global.idx >= nwrap_pw_global.num) {
1147 pw = &nwrap_pw_global.list[nwrap_pw_global.idx++];
1149 NWRAP_VERBOSE(("%s: return user[%s] uid[%u]\n",
1150 __location__, pw->pw_name, pw->pw_uid));
1155 static int nwrap_files_getpwent_r(struct nwrap_backend *b,
1156 struct passwd *pwdst, char *buf,
1157 size_t buflen, struct passwd **pwdstp)
1161 pw = nwrap_files_getpwent(b);
1169 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
1172 static void nwrap_files_endpwent(struct nwrap_backend *b)
1174 nwrap_pw_global.idx = 0;
1177 /* misc functions */
1178 static int nwrap_files_initgroups(struct nwrap_backend *b,
1179 const char *user, gid_t group)
1181 /* TODO: maybe we should also fake this... */
1185 /* group functions */
1186 static struct group *nwrap_files_getgrnam(struct nwrap_backend *b,
1191 nwrap_cache_reload(nwrap_gr_global.cache);
1193 for (i=0; i<nwrap_gr_global.num; i++) {
1194 if (strcmp(nwrap_gr_global.list[i].gr_name, name) == 0) {
1195 NWRAP_DEBUG(("%s: group[%s] found\n",
1196 __location__, name));
1197 return &nwrap_gr_global.list[i];
1199 NWRAP_VERBOSE(("%s: group[%s] does not match [%s]\n",
1201 nwrap_gr_global.list[i].gr_name));
1204 NWRAP_DEBUG(("%s: group[%s] not found\n", __location__, name));
1210 static int nwrap_files_getgrnam_r(struct nwrap_backend *b,
1211 const char *name, struct group *grdst,
1212 char *buf, size_t buflen, struct group **grdstp)
1216 gr = nwrap_files_getgrnam(b, name);
1224 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
1227 static struct group *nwrap_files_getgrgid(struct nwrap_backend *b,
1232 nwrap_cache_reload(nwrap_gr_global.cache);
1234 for (i=0; i<nwrap_gr_global.num; i++) {
1235 if (nwrap_gr_global.list[i].gr_gid == gid) {
1236 NWRAP_DEBUG(("%s: gid[%u] found\n",
1237 __location__, gid));
1238 return &nwrap_gr_global.list[i];
1240 NWRAP_VERBOSE(("%s: gid[%u] does not match [%u]\n",
1242 nwrap_gr_global.list[i].gr_gid));
1245 NWRAP_DEBUG(("%s: gid[%u] not found\n", __location__, gid));
1251 static int nwrap_files_getgrgid_r(struct nwrap_backend *b,
1252 gid_t gid, struct group *grdst,
1253 char *buf, size_t buflen, struct group **grdstp)
1257 gr = nwrap_files_getgrgid(b, gid);
1265 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
1268 /* group enum functions */
1269 static void nwrap_files_setgrent(struct nwrap_backend *b)
1271 nwrap_gr_global.idx = 0;
1274 static struct group *nwrap_files_getgrent(struct nwrap_backend *b)
1278 if (nwrap_gr_global.idx == 0) {
1279 nwrap_cache_reload(nwrap_gr_global.cache);
1282 if (nwrap_gr_global.idx >= nwrap_gr_global.num) {
1287 gr = &nwrap_gr_global.list[nwrap_gr_global.idx++];
1289 NWRAP_VERBOSE(("%s: return group[%s] gid[%u]\n",
1290 __location__, gr->gr_name, gr->gr_gid));
1295 static int nwrap_files_getgrent_r(struct nwrap_backend *b,
1296 struct group *grdst, char *buf,
1297 size_t buflen, struct group **grdstp)
1301 gr = nwrap_files_getgrent(b);
1309 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
1312 static void nwrap_files_endgrent(struct nwrap_backend *b)
1314 nwrap_gr_global.idx = 0;
1321 _PUBLIC_ struct passwd *nwrap_getpwnam(const char *name)
1326 if (!nwrap_enabled()) {
1327 return real_getpwnam(name);
1330 for (i=0; i < nwrap_main_global->num_backends; i++) {
1331 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1332 pwd = b->ops->nw_getpwnam(b, name);
1341 _PUBLIC_ int nwrap_getpwnam_r(const char *name, struct passwd *pwdst,
1342 char *buf, size_t buflen, struct passwd **pwdstp)
1346 if (!nwrap_enabled()) {
1347 return real_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
1350 for (i=0; i < nwrap_main_global->num_backends; i++) {
1351 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1352 ret = b->ops->nw_getpwnam_r(b, name, pwdst, buf, buflen, pwdstp);
1353 if (ret == ENOENT) {
1362 _PUBLIC_ struct passwd *nwrap_getpwuid(uid_t uid)
1367 if (!nwrap_enabled()) {
1368 return real_getpwuid(uid);
1371 for (i=0; i < nwrap_main_global->num_backends; i++) {
1372 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1373 pwd = b->ops->nw_getpwuid(b, uid);
1382 _PUBLIC_ int nwrap_getpwuid_r(uid_t uid, struct passwd *pwdst,
1383 char *buf, size_t buflen, struct passwd **pwdstp)
1387 if (!nwrap_enabled()) {
1388 return real_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
1391 for (i=0; i < nwrap_main_global->num_backends; i++) {
1392 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1393 ret = b->ops->nw_getpwuid_r(b, uid, pwdst, buf, buflen, pwdstp);
1394 if (ret == ENOENT) {
1403 _PUBLIC_ void nwrap_setpwent(void)
1407 if (!nwrap_enabled()) {
1412 for (i=0; i < nwrap_main_global->num_backends; i++) {
1413 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1414 b->ops->nw_setpwent(b);
1418 _PUBLIC_ struct passwd *nwrap_getpwent(void)
1423 if (!nwrap_enabled()) {
1424 return real_getpwent();
1427 for (i=0; i < nwrap_main_global->num_backends; i++) {
1428 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1429 pwd = b->ops->nw_getpwent(b);
1438 _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf,
1439 size_t buflen, struct passwd **pwdstp)
1443 if (!nwrap_enabled()) {
1444 #ifdef SOLARIS_GETPWENT_R
1446 pw = real_getpwent_r(pwdst, buf, buflen);
1458 return real_getpwent_r(pwdst, buf, buflen, pwdstp);
1462 for (i=0; i < nwrap_main_global->num_backends; i++) {
1463 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1464 ret = b->ops->nw_getpwent_r(b, pwdst, buf, buflen, pwdstp);
1465 if (ret == ENOENT) {
1474 _PUBLIC_ void nwrap_endpwent(void)
1478 if (!nwrap_enabled()) {
1483 for (i=0; i < nwrap_main_global->num_backends; i++) {
1484 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1485 b->ops->nw_endpwent(b);
1489 _PUBLIC_ int nwrap_initgroups(const char *user, gid_t group)
1493 if (!nwrap_enabled()) {
1494 return real_initgroups(user, group);
1497 for (i=0; i < nwrap_main_global->num_backends; i++) {
1498 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1499 return b->ops->nw_initgroups(b, user, group);
1506 _PUBLIC_ struct group *nwrap_getgrnam(const char *name)
1511 if (!nwrap_enabled()) {
1512 return real_getgrnam(name);
1515 for (i=0; i < nwrap_main_global->num_backends; i++) {
1516 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1517 grp = b->ops->nw_getgrnam(b, name);
1526 _PUBLIC_ int nwrap_getgrnam_r(const char *name, struct group *grdst,
1527 char *buf, size_t buflen, struct group **grdstp)
1531 if (!nwrap_enabled()) {
1532 return real_getgrnam_r(name, grdst, buf, buflen, grdstp);
1535 for (i=0; i < nwrap_main_global->num_backends; i++) {
1536 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1537 ret = b->ops->nw_getgrnam_r(b, name, grdst, buf, buflen, grdstp);
1538 if (ret == ENOENT) {
1547 _PUBLIC_ struct group *nwrap_getgrgid(gid_t gid)
1552 if (!nwrap_enabled()) {
1553 return real_getgrgid(gid);
1556 for (i=0; i < nwrap_main_global->num_backends; i++) {
1557 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1558 grp = b->ops->nw_getgrgid(b, gid);
1567 _PUBLIC_ int nwrap_getgrgid_r(gid_t gid, struct group *grdst,
1568 char *buf, size_t buflen, struct group **grdstp)
1572 if (!nwrap_enabled()) {
1573 return real_getgrgid_r(gid, grdst, buf, buflen, grdstp);
1576 for (i=0; i < nwrap_main_global->num_backends; i++) {
1577 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1578 ret = b->ops->nw_getgrgid_r(b, gid, grdst, buf, buflen, grdstp);
1579 if (ret == ENOENT) {
1588 _PUBLIC_ void nwrap_setgrent(void)
1592 if (!nwrap_enabled()) {
1597 for (i=0; i < nwrap_main_global->num_backends; i++) {
1598 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1599 b->ops->nw_setgrent(b);
1603 _PUBLIC_ struct group *nwrap_getgrent(void)
1608 if (!nwrap_enabled()) {
1609 return real_getgrent();
1612 for (i=0; i < nwrap_main_global->num_backends; i++) {
1613 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1614 grp = b->ops->nw_getgrent(b);
1623 _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf,
1624 size_t buflen, struct group **grdstp)
1628 if (!nwrap_enabled()) {
1629 #ifdef SOLARIS_GETGRENT_R
1631 gr = real_getgrent_r(grdst, buf, buflen);
1643 return real_getgrent_r(grdst, buf, buflen, grdstp);
1647 for (i=0; i < nwrap_main_global->num_backends; i++) {
1648 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1649 ret = b->ops->nw_getgrent_r(b, grdst, buf, buflen, grdstp);
1650 if (ret == ENOENT) {
1659 _PUBLIC_ void nwrap_endgrent(void)
1663 if (!nwrap_enabled()) {
1668 for (i=0; i < nwrap_main_global->num_backends; i++) {
1669 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1670 b->ops->nw_endgrent(b);
1674 _PUBLIC_ int nwrap_getgrouplist(const char *user, gid_t group, gid_t *groups, int *ngroups)
1679 const char *name_of_group = NULL;
1681 if (!nwrap_enabled()) {
1682 return real_getgrouplist(user, group, groups, ngroups);
1685 NWRAP_DEBUG(("%s: getgrouplist called for %s\n", __location__, user));
1687 groups_tmp = (gid_t *)malloc(count * sizeof(gid_t));
1689 NWRAP_ERROR(("%s:calloc failed\n",__location__));
1694 memcpy(groups_tmp, &group, sizeof(gid_t));
1696 grp = nwrap_getgrgid(group);
1698 name_of_group = grp->gr_name;
1702 while ((grp = nwrap_getgrent()) != NULL) {
1705 NWRAP_VERBOSE(("%s: inspecting %s for group membership\n",
1706 __location__, grp->gr_name));
1708 for (i=0; grp->gr_mem && grp->gr_mem[i] != NULL; i++) {
1710 if ((strcmp(user, grp->gr_mem[i]) == 0) &&
1711 (strcmp(name_of_group, grp->gr_name) != 0)) {
1713 NWRAP_DEBUG(("%s: %s is member of %s\n",
1714 __location__, user, grp->gr_name));
1716 groups_tmp = (gid_t *)realloc(groups_tmp, (count + 1) * sizeof(gid_t));
1718 NWRAP_ERROR(("%s:calloc failed\n",__location__));
1723 memcpy(&groups_tmp[count], &grp->gr_gid, sizeof(gid_t));
1731 NWRAP_VERBOSE(("%s: %s is member of %d groups: %d\n",
1732 __location__, user, *ngroups));
1734 if (*ngroups < count) {
1741 memcpy(groups, groups_tmp, count * sizeof(gid_t));