/[pdpsoft]/trunk/grid-mw-security/ees/plugin_examples/posix_enf/src/posix_enf.c
ViewVC logotype

Contents of /trunk/grid-mw-security/ees/plugin_examples/posix_enf/src/posix_enf.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1382 - (show annotations) (download) (as text)
Wed Jan 13 10:49:06 2010 UTC (12 years ago) by aramv
File MIME type: text/x-chdr
File size: 3140 byte(s)
Working on Posix enforcement plugin
1 #include <stdio.h>
2 #include <grp.h>
3 #include "plugin.h"
4
5 #define MAX_UNDEFINED -1
6 #ifdef NGROUPS_MAX
7 #define NGROUPS NGROUPS_MAX
8 #else
9 #define NGROUPS 32
10 #endif
11
12 static int maxuid = MAX_UNDEFINED;
13 static int maxpgid = MAX_UNDEFINED;
14 static int maxsgid = MAX_UNDEFINED;
15 static int set_only_euid = 0;
16 static int set_only_egid = 0;
17 static char *plugin_name = "posix_enf";
18 aos_context_t *context = NULL;
19 aos_attribute_t *attribute = NULL;
20
21 EES_PL_RC plugin_initialize(int argc, char* argv[]){
22 static struct option long_options[] =
23 {
24 {"maxuid", required_argument, 0, 'u'},
25 {"maxpgid", required_argument, 0, 'p'},
26 {"maxsgid", required_argument, 0, 's'},
27 {"set_only_euid", required_argument, 0, 'e'},
28 {"set_only_egid", required_argument, 0, 'g'}
29 };
30 int option_index, c;
31
32 eef_log(LOG_ERR, "%s: Initializing posix enforcement plugin!\n", plugin_name);
33
34 /* parse options */
35 while(1){
36 c = getopt_long_only(argc, argv, "u:p:s:e:g:", long_options, &option_index);
37 if(c == -1){
38 break;
39 }
40 switch(c){
41 case 'u':
42 maxuid = atoi(optarg);
43 break;
44 case 'p':
45 maxpgid = atoi(optarg);
46 break;
47 case 's':
48 maxsgid = atoi(optarg);
49 break;
50 case 'e':
51 if(strncmp(optarg,"yes", 4) == 0){
52 set_only_euid = 1;
53 }
54 break;
55 case 'g':
56 if(strncmp(optarg, "yes", 4) == 0){
57 set_only_egid = 1;
58 }
59 break;
60 }
61 }
62
63 /* sanity checks */
64 if(maxsgid > NGROUPS){
65 eef_log(LOG_ERR, "%s: Option -maxsgid %i exceeds the system limit of %i", plugin_name, maxsgid, NGROUPS);
66 return EES_PL_FAILURE;
67 } else if(maxsgid == MAX_UNDEFINED){
68 maxsgid = NGROUPS;
69 eef_log(LOG_NOTICE, "%s: Option -maxsgid defaulted to maximum %i", plugin_name, NGROUPS);
70 }
71
72 eef_log(LOG_INFO, "%s: Initialized plugin posix_enf with options:\n", plugin_name);
73 eef_log(LOG_INFO, "%s: maxuid: %i\n", plugin_name, maxuid);
74 eef_log(LOG_INFO, "%s: maxpgid: %i\n", plugin_name, maxpgid);
75 eef_log(LOG_INFO, "%s: maxsgid: %i\n", plugin_name, maxsgid);
76
77 eef_log(LOG_INFO, "%s: set_only_euid: %i\n", plugin_name, set_only_euid);
78 eef_log(LOG_INFO, "%s: set_only_egid: %i\n", plugin_name, set_only_egid);
79
80 return EES_PL_SUCCESS;
81 }
82
83 EES_PL_RC plugin_run(){
84 printf("Examining AOS\n");
85 while((context = getNextContext(OBLIGATION, NULL))){
86 printf("Context: %s\n", getContextObligationId(context));
87 if(strncmp(getContextObligationId(context), "uidgid", strlen("uidgid")) == 0){
88 while((attribute = getNextAttribute(context))){
89 if(strncmp(getAttributeId(attribute), "posix-uid", strlen("posix-uid")) == 0){
90 printf("Got UID: %s\n", getAttributeId(attribute));
91 } else if(strncmp(getAttributeId(attribute), "posix-gid", strlen("posix-gid")) == 0){
92 printf("Got primary GID: %s\n", getAttributeId(attribute));
93 }
94 }
95 }
96 }
97 return 0;
98 }
99
100 EES_PL_RC plugin_terminate(){
101 eef_log(LOG_NOTICE, "plugin poxix_enf terminated\n");
102 return 0;
103 }
104

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28