1 john.eisenbraun 1.124 //%LICENSE////////////////////////////////////////////////////////////////
|
2 mike 1.19 //
|
3 john.eisenbraun 1.124 // Licensed to The Open Group (TOG) under one or more contributor license
4 // agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
5 // this work for additional information regarding copyright ownership.
6 // Each contributor licenses this file to you under the OpenPegasus Open
7 // Source License; you may not use this file except in compliance with the
8 // License.
9 //
10 // Permission is hereby granted, free of charge, to any person obtaining a
11 // copy of this software and associated documentation files (the "Software"),
12 // to deal in the Software without restriction, including without limitation
13 // the rights to use, copy, modify, merge, publish, distribute, sublicense,
14 // and/or sell copies of the Software, and to permit persons to whom the
15 // Software is furnished to do so, subject to the following conditions:
16 //
17 // The above copyright notice and this permission notice shall be included
18 // in all copies or substantial portions of the Software.
19 //
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
21 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24 john.eisenbraun 1.124 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27 mike 1.19 //
|
28 john.eisenbraun 1.124 //////////////////////////////////////////////////////////////////////////
|
29 david 1.54 //
|
30 mike 1.19 //%/////////////////////////////////////////////////////////////////////////////
31
|
32 john.eisenbraun 1.124 #if !defined(PEGASUS_OS_ZOS) && \
33 !defined(PEGASUS_OS_DARWIN)
34 # include <crypt.h>
|
35 konrad.r 1.86 #endif
36
|
37 mike 1.19 PEGASUS_NAMESPACE_BEGIN
38
|
39 john.eisenbraun 1.125 Boolean System::canRead(const char* path)
40 {
41 return access(path, R_OK) == 0;
42 }
43
44 Boolean System::canWrite(const char* path)
45 {
46 return access(path, W_OK) == 0;
47 }
48
|
49 john.eisenbraun 1.124 String System::getPassword(const char* prompt)
|
50 mike 1.19 {
|
51 john.eisenbraun 1.124 #if defined(PEGASUS_OS_PASE)
|
52 david 1.63
|
53 john.eisenbraun 1.124 char* umepass = umeGetPass();
54 if(NULL == umepass)
|
55 kumpf 1.104 {
56 return String::EMPTY;
57 }
|
58 kumpf 1.24 else
59 {
|
60 john.eisenbraun 1.124 return String(umepass);
|
61 kumpf 1.24 }
62
|
63 john.eisenbraun 1.124 #else /* default */
|
64 mike 1.21
|
65 john.eisenbraun 1.124 return String(getpass(prompt));
|
66 kumpf 1.66
|
67 john.eisenbraun 1.124 #endif /* default */
|
68 kumpf 1.79
|
69 mike 1.21 }
70
71 String System::encryptPassword(const char* password, const char* salt)
72 {
|
73 john.eisenbraun 1.124 return String(crypt(password, salt));
|
74 mike 1.21 }
75
|
76 john.eisenbraun 1.124 Boolean System::isPrivilegedUser(const String& userName)
|
77 mike 1.21 {
|
78 john.eisenbraun 1.124 #if defined(PEGASUS_OS_PASE)
79 CString user = userName.getCString();
80 // this function only can be found in PASE environment
81 return umeIsPrivilegedUser((const char *)user);
|
82 keith.petley 1.62
83 #else
|
84 kumpf 1.38 struct passwd pwd;
85 struct passwd *result;
|
86 kumpf 1.79 const unsigned int PWD_BUFF_SIZE = 1024;
87 char pwdBuffer[PWD_BUFF_SIZE];
88
89 if (getpwnam_r(
90 userName.getCString(), &pwd, pwdBuffer, PWD_BUFF_SIZE, &result) != 0)
91 {
|
92 john.eisenbraun 1.124 PEG_TRACE((
93 TRC_OS_ABSTRACTION,
94 Tracer::LEVEL1,
95 "getpwnam_r failure : %s",
96 strerror(errno)));
|
97 kumpf 1.79 }
|
98 kumpf 1.25
|
99 kumpf 1.79 // Check if the requested entry was found. If not return false.
100 if ( result != NULL )
|
101 kumpf 1.25 {
|
102 kumpf 1.79 // Check if the uid is 0.
|
103 dev.meetei 1.125.8.1 if ( pwd.pw_gid == 0 || pwd.pw_uid == 0 )
|
104 kumpf 1.25 {
|
105 kumpf 1.38 return true;
|
106 kumpf 1.25 }
|
107 mike 1.21 }
|
108 kumpf 1.38 return false;
|
109 chuck 1.51 #endif
|
110 kumpf 1.26 }
111
|
112 john.eisenbraun 1.124 #if defined(PEGASUS_ENABLE_USERGROUP_AUTHORIZATION)
|
113 kumpf 1.22
|
114 kumpf 1.81 Boolean System::isGroupMember(const char* userName, const char* groupName)
115 {
|
116 john.eisenbraun 1.124 struct group grp;
117 char* member;
118 Boolean retVal = false;
119 const unsigned int PWD_BUFF_SIZE = 1024;
120 const unsigned int GRP_BUFF_SIZE = 1024;
121 struct passwd pwd;
122 struct passwd* result;
123 struct group* grpresult;
124 char pwdBuffer[PWD_BUFF_SIZE];
125 char grpBuffer[GRP_BUFF_SIZE];
|
126 kumpf 1.81
127 // Search Primary group information.
128
129 // Find the entry that matches "userName"
130
131 if (getpwnam_r(userName, &pwd, pwdBuffer, PWD_BUFF_SIZE, &result) != 0)
132 {
133 String errorMsg = String("getpwnam_r failure : ") +
134 String(strerror(errno));
|
135 john.eisenbraun 1.124 Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
|
136 kumpf 1.81 errorMsg);
137 throw InternalSystemError();
138 }
139
140 if ( result != NULL )
141 {
142 // User found, check for group information.
143 gid_t group_id;
144 group_id = pwd.pw_gid;
145
146 // Get the group name using group_id and compare with group passed.
147 if ( getgrgid_r(group_id, &grp,
148 grpBuffer, GRP_BUFF_SIZE, &grpresult) != 0)
149 {
150 String errorMsg = String("getgrgid_r failure : ") +
151 String(strerror(errno));
|
152 john.eisenbraun 1.124 Logger::put(
153 Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
154 errorMsg);
|
155 kumpf 1.81 throw InternalSystemError();
156 }
157
158 // Compare the user's group name to groupName.
|
159 john.eisenbraun 1.124 if (strcmp(grp.gr_name, groupName) == 0)
|
160 kumpf 1.81 {
161 // User is a member of the group.
162 return true;
163 }
164 }
165
166 //
167 // Search supplemental groups.
168 // Get a user group entry
169 //
|
170 john.eisenbraun 1.124 if (getgrnam_r((char *)groupName, &grp,
171 grpBuffer, GRP_BUFF_SIZE, &grpresult) != 0)
|
172 kumpf 1.81 {
173 String errorMsg = String("getgrnam_r failure : ") +
|
174 john.eisenbraun 1.124 String(strerror(errno));
175 Logger::put(
176 Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING, errorMsg);
|
177 kumpf 1.81 throw InternalSystemError();
178 }
179
180 // Check if the requested group was found.
181 if (grpresult == NULL)
182 {
183 return false;
184 }
185
186 Uint32 j = 0;
187
188 //
189 // Get all the members of the group
190 //
191 member = grp.gr_mem[j++];
192
193 while (member)
194 {
195 //
196 // Check if the user is a member of the group
197 //
198 kumpf 1.81 if ( strcmp(userName, member) == 0 )
199 {
200 retVal = true;
201 break;
202 }
203 member = grp.gr_mem[j++];
204 }
205
206 return retVal;
207 }
|
208 kumpf 1.119
|
209 john.eisenbraun 1.124 #endif /* PEGASUS_ENABLE_USERGROUP_AUTHORIZATION */
|
210 kumpf 1.94
|
211 david.dillard 1.107
|
212 mike 1.19 PEGASUS_NAMESPACE_END
|