1 mike 1.1 /*
2 **==============================================================================
3 **
4 ** Open Management Infrastructure (OMI)
5 **
6 ** Copyright (c) Microsoft Corporation
7 **
8 ** Licensed under the Apache License, Version 2.0 (the "License"); you may not
9 ** use this file except in compliance with the License. You may obtain a copy
10 ** of the License at
11 **
12 ** http://www.apache.org/licenses/LICENSE-2.0
13 **
14 ** THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 ** KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED
16 ** WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE,
17 ** MERCHANTABLITY OR NON-INFRINGEMENT.
18 **
19 ** See the Apache 2 License for the specific language governing permissions
20 ** and limitations under the License.
21 **
22 mike 1.1 **==============================================================================
23 */
24
25 #ifndef _omi_user_h
26 #define _omi_user_h
27
28 #include <common.h>
29 #include "strings.h"
30 #if defined(CONFIG_POSIX)
31 #include <pwd.h>
32 #else
33 typedef int uid_t;
34 typedef int gid_t;
35
36 MI_INLINE uid_t geteuid() {return 0;}
37 MI_INLINE gid_t getegid() {return 0;}
38
39 #endif
40
41 BEGIN_EXTERNC
42
43 mike 1.1 /*
44 Validates user name and password;
45 Returns:
46 '0' if user account is valid and authorized to use CIM server
47 '-1' otherwise
48 */
49 int AuthenticateUser(const char* user, const char* password);
50
51 /*
52 Validates user's account for correct account name, expiration etc.
53 Returns:
54 '0' if user account is valid and authorized to use CIM server
55 '-1' otherwise
56 */
57 int ValidateUser(const char* user);
58
59 /*
60 Looks for user's account and retrieves uid/gid.
61 Parameters:
62 user - user name
63 uid [out] user ID
64 mike 1.1 gid [out] group ID
65
66 Returns:
67 0 if operation was successful; -1 otherwise
68 */
69 int LookupUser(const char* user, uid_t* uid, gid_t* gid);
70
71 /*
72 retrieves gid for user specified by uid.
73 Parameters:
74 uid user ID
75 gid [out] group ID
76
77 Returns:
78 0 if operation was successful; -1 otherwise
79 */
80 int GetUserGidByUid(uid_t uid, gid_t* gid);
81
82 /*
83 Retrieves uid/gid from fd if supported by platform
84 Parameters:
85 mike 1.1 fd - socket discritptor (must be connected domain socket fd)
86 uid [out] user ID
87 gid [out] group ID
88
89 Returns:
90 0 if operation was successful; -1 otherwise
91
92 */
93 int GetUIDByConnection(int fd, uid_t* uid, gid_t* gid);
94
95 /*
96 Creates file with random data owned by user and RO by user only
97 Parameters:
98 uid - user ID
99 content - [out] pointer to a buffer for random data
100 size - number of bytes to write
101 path - [out] - resulting file name
102
103 Returns:
104 0 if operation was successful; -1 otherwise
105 */
106 mike 1.1 int CreateAuthFile(uid_t uid, char* content, size_t size, char path[MAX_PATH_SIZE]);
107
108 #if defined(CONFIG_POSIX)
109 /*
110 Formats log file name as
111 <log-dir>/omiagent.<user>.<group>.log
112 Parameters:
113 uid user ID
114 gid group ID
115 path [out] formatted file name
116
117 Returns:
118 0 - if success; -1 otherwise
119 */
120 int FormatLogFileName(uid_t uid, gid_t gid, char path[MAX_PATH_SIZE]);
121
122 /*
123 Disables authentication calls so 'AuthUser' always retunrs 'ok';
124 used for unit-test only
125 Parameters:
126 flag - '1' to ignore atuh; 0 to perform auth calls normally
127 mike 1.1 */
128 void IgnoreAuthCalls(int flag);
129
130
131 /*
132 Changes user/group IDs of current process.
133 Parameters:
134 uid - user ID
135 gid - group ID
136
137 Returns:
138 0 if operation was successful; -1 otherwise
139 */
140 int SetUser(uid_t uid, gid_t gid);
141
142 /*
143 Verifies if current process is running as root
144 Returns:
145 0 - current process is root
146 -1 - current process is not root.
147 */
148 mike 1.1 int IsRoot();
149
150 #endif
151
152 END_EXTERNC
153
154 #endif /* _omi_user_h */
|