diff options
| author | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2009-04-02 00:07:29 -0400 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2009-04-02 00:07:29 -0400 |
| commit | 318d43b46c3546bc9dac7be343ec4858ce0007ad (patch) | |
| tree | e140109a3a124e5e21ee6b05b5d44eef1868cd49 | |
| parent | 54607e80544c9c39983bb48951a3363adf3c24ba (diff) | |
| download | credmonger-318d43b46c3546bc9dac7be343ec4858ce0007ad.tar.gz credmonger-318d43b46c3546bc9dac7be343ec4858ce0007ad.tar.xz credmonger-318d43b46c3546bc9dac7be343ec4858ce0007ad.zip | |
- clean up the use of logging
- include the init script and an example configuration
- package the config directory
| -rw-r--r-- | credmonger.spec | 1 | ||||
| -rw-r--r-- | src/Makefile.am | 2 | ||||
| -rw-r--r-- | src/credmonger.c | 97 |
3 files changed, 60 insertions, 40 deletions
diff --git a/credmonger.spec b/credmonger.spec index 694e670..f6e59eb 100644 --- a/credmonger.spec +++ b/credmonger.spec @@ -55,6 +55,7 @@ fi %defattr(-,root,root,-) %doc LICENSE %dir %{_sysconfdir}/credmonger.d +%config(noreplace) %{_sysconfdir}/credmonger.d/* %{_initrddir}/credmonger %{_sbindir}/* %{_mandir}/*/* diff --git a/src/Makefile.am b/src/Makefile.am index de022ad..a4934b5 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,4 +1,4 @@ -EXTRA_DIST = credmonger.init +EXTRA_DIST = credmonger.init $(myconfig_DATA) AM_CFLAGS = @KRB5_CFLAGS@ LDFLAGS = @KRB5_LIBS@ sbin_PROGRAMS = credmonger diff --git a/src/credmonger.c b/src/credmonger.c index e622646..4bef2ca 100644 --- a/src/credmonger.c +++ b/src/credmonger.c @@ -35,9 +35,11 @@ #include <errno.h> #include <pwd.h> #include <signal.h> +#include <stdarg.h> #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <syslog.h> #include <time.h> #include <unistd.h> @@ -63,6 +65,19 @@ static int quit = 0; /* Configuration directory. */ static const char *configdir = CONFIG_DIR; +static void +log_err(int level, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + if (getppid() == 1) { + vsyslog(LOG_AUTHPRIV | level, fmt, ap); + } else { + vfprintf(stderr, fmt, ap); + } + va_end(ap); +} + /* Read the configuration and return a list of ccache names. */ static struct monger_entry ** entries_read(void) @@ -80,9 +95,11 @@ entries_read(void) list = NULL; n_entries = 0; - for (dir = opendir(configdir); - (dir != NULL) && ((ent = readdir(dir)) != NULL); - closedir(dir)) { + dir = opendir(configdir); + if (dir == NULL) { + return NULL; + } + while ((ent = readdir(dir)) != NULL) { if (strchr(".#~", ent->d_name[0]) != NULL) { continue; } @@ -118,7 +135,7 @@ entries_read(void) * user name. */ keytab = strchr(uids, ':'); if (keytab == NULL) { - fprintf(stderr, + log_err(LOG_ERR, "no keytab name field\n"); continue; } @@ -127,7 +144,7 @@ entries_read(void) * close the keytab name. */ principal = strchr(keytab, ':'); if (principal == NULL) { - fprintf(stderr, + log_err(LOG_ERR, "no principal name field\n"); continue; } @@ -153,8 +170,7 @@ entries_read(void) uid = pwd->pw_uid; gid = pwd->pw_gid; } else { - fprintf(stderr, - "unknown user " + log_err(LOG_ERR, "unknown user " "\"%s\"\n", uids); continue; } @@ -164,7 +180,7 @@ entries_read(void) if (pwd != NULL) { gid = pwd->pw_gid; } else { - fprintf(stderr, + log_err(LOG_ERR, "unknown user %lu\n", (unsigned long) uid); continue; @@ -201,14 +217,14 @@ entries_read(void) tmp = realloc(list, sizeof(*list) * (n_entries + 2)); if (tmp == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); break; } list = tmp; /* Allocate this entry. */ list[n_entries] = malloc(sizeof(**list)); if (list[n_entries] == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); break; } entry = list[n_entries]; @@ -221,24 +237,25 @@ entries_read(void) entry->gid = gid; entry->keytab = strdup(keytab); if (entry->keytab == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); break; } entry->principal_name = strdup(principal); if (entry->principal_name == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); break; } entry->fccache_pattern = strdup(fccache_pattern); if (entry->fccache_pattern == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); break; } } fclose(fp); } } + closedir(dir); return list; } @@ -260,7 +277,7 @@ entries_poll(void) /* Figure out the client hostname. */ memset(host, '\0', sizeof(host)); if (gethostname(host, sizeof(host) - 1) != 0) { - fprintf(stderr, "error determining hostname: %s\n", + log_err(LOG_ERR, "error determining hostname: %s\n", strerror(errno)); snprintf(host, sizeof(host), "localhost"); } @@ -268,7 +285,7 @@ entries_poll(void) ctx = NULL; gic_opts = NULL; if ((i = krb5_init_context(&ctx)) != 0) { - fprintf(stderr, "error initializing Kerberos: %s\n", + log_err(LOG_ERR, "error initializing Kerberos: %s\n", error_message(i)); } else { /* Initialize the get_init_creds options. */ @@ -280,7 +297,7 @@ entries_poll(void) } /* Walk the list of entries. */ for (i = 0; (entries != NULL) && (entries[i] != NULL); i++) { - fprintf(stderr, + log_err(LOG_DEBUG, "[uid=%ld, keytab=%s, client=%s, ccache=%s]\n", (unsigned long) entries[i]->uid, entries[i]->keytab && @@ -298,7 +315,7 @@ entries_poll(void) &keytab); } if (ret != 0) { - fprintf(stderr, "error resolving keytab: %s\n", + log_err(LOG_ERR, "error resolving keytab: %s\n", error_message(ret)); continue; } @@ -310,7 +327,7 @@ entries_poll(void) (entries[i]->principal_name[len - 1] == '/')) { principal_name = malloc(len + strlen(host) + 1); if (principal_name == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); krb5_kt_close(ctx, keytab); continue; } @@ -320,16 +337,16 @@ entries_poll(void) } else { principal_name = strdup(entries[i]->principal_name); if (principal_name == NULL) { - fprintf(stderr, "out of memory\n"); + log_err(LOG_ERR, "out of memory\n"); krb5_kt_close(ctx, keytab); continue; } } ret = krb5_parse_name(ctx, principal_name, &client); if (ret != 0) { - fprintf(stderr, "error parsing client \"%s\": " - "%s\n", principal_name, - error_message(ret)); + log_err(LOG_ERR, + "error parsing client \"%s\": %s\n", + principal_name, error_message(ret)); free(principal_name); krb5_kt_close(ctx, keytab); continue; @@ -339,7 +356,7 @@ entries_poll(void) principal_name = NULL; ret = krb5_unparse_name(ctx, client, &principal_name); if (ret != 0) { - fprintf(stderr, "error unparsing name: %s\n", + log_err(LOG_ERR, "error unparsing name: %s\n", error_message(ret)); krb5_kt_close(ctx, keytab); krb5_free_principal(ctx, client); @@ -351,9 +368,9 @@ entries_poll(void) keytab, 0, NULL, gic_opts); if (ret != 0) { - fprintf(stderr, "error getting creds for %s: " - "%s\n", principal_name, - error_message(ret)); + log_err(LOG_ERR, + "error getting creds for %s: %s\n", + principal_name, error_message(ret)); krb5_kt_close(ctx, keytab); krb5_free_unparsed_name(ctx, principal_name); krb5_free_principal(ctx, client); @@ -375,8 +392,8 @@ entries_poll(void) fd = mkstemp(fccache + strlen(FCC_PREFIX)); } if (fd == -1) { - fprintf(stderr, "error creating temporary " - "ccache\n"); + log_err(LOG_ERR, + "error creating temporary ccache\n"); krb5_free_cred_contents(ctx, &creds); krb5_kt_close(ctx, keytab); krb5_free_unparsed_name(ctx, principal_name); @@ -388,8 +405,9 @@ entries_poll(void) ccache = NULL; ret = krb5_cc_resolve(ctx, fccache, &ccache); if (ret != 0) { - fprintf(stderr, "error opening temporary " - "ccache: %s\n", error_message(ret)); + log_err(LOG_ERR, + "error opening temporary ccache: %s\n", + error_message(ret)); unlink(fccache + strlen(FCC_PREFIX)); krb5_free_cred_contents(ctx, &creds); krb5_kt_close(ctx, keytab); @@ -400,7 +418,8 @@ entries_poll(void) /* Write the client's name to the ccache. */ ret = krb5_cc_initialize(ctx, ccache, client); if (ret != 0) { - fprintf(stderr, "error initializing temporary " + log_err(LOG_ERR, + "error initializing temporary " "ccache: %s\n", error_message(ret)); krb5_cc_close(ctx, ccache); unlink(fccache + strlen(FCC_PREFIX)); @@ -413,7 +432,7 @@ entries_poll(void) /* Store the TGT. */ ret = krb5_cc_store_cred(ctx, ccache, &creds); if (ret != 0) { - fprintf(stderr, "error storing creds: %s\n", + log_err(LOG_ERR, "error storing creds: %s\n", error_message(ret)); krb5_cc_close(ctx, ccache); unlink(fccache + strlen(FCC_PREFIX)); @@ -428,7 +447,7 @@ entries_poll(void) /* Fixup permissions. */ if (chown(fccache + strlen(FCC_PREFIX), entries[i]->uid, entries[i]->gid) != 0) { - fprintf(stderr, "error setting permissions " + log_err(LOG_ERR, "error setting permissions " "on \"%s\": %s\n", fccache + strlen(FCC_PREFIX), strerror(errno)); @@ -464,7 +483,7 @@ entries_poll(void) entries[i]->when = creds.times.endtime; } } - fprintf(stderr, "saved creds for \"%s\" to \"%s\"\n", + log_err(LOG_DEBUG, "saved creds for \"%s\" to \"%s\"\n", principal_name, entries[i]->fccache); krb5_free_cred_contents(ctx, &creds); krb5_kt_close(ctx, keytab); @@ -490,7 +509,7 @@ entries_poll(void) } } if ((entries == NULL) || (entries[j] == NULL)) { - fprintf(stderr, "removing \"%s\"\n", + log_err(LOG_DEBUG, "removing \"%s\"\n", cleanup[i]->fccache); unlink(cleanup[i]->fccache + strlen(FCC_PREFIX)); @@ -587,13 +606,13 @@ main(int argc, char **argv) entries = entries_read(); if (entries == NULL) { - fprintf(stderr, "nothing configured\n"); + log_err(LOG_ERR, "nothing configured\n"); return 1; } if (!nofork) { if (daemon(0, 0) != 0) { - fprintf(stderr, "error going to background: %s\n", + log_err(LOG_ERR, "error going to background: %s\n", strerror(errno)); return 1; } @@ -625,14 +644,14 @@ main(int argc, char **argv) } /* Figure out how long to wait. */ howlong = entries_waittime(); - fprintf(stderr, "= waiting for %ld seconds =\n", + log_err(LOG_DEBUG, "waiting for %ld seconds\n", (long) howlong); howlong = sleep(howlong); }; /* Clean up. */ entries_unload(); if (pidfile != NULL) { - fprintf(stderr, "removing \"%s\"\n", pidfile); + log_err(LOG_DEBUG, "removing \"%s\"\n", pidfile); unlink(pidfile); } return 0; |