n3parikh
/
pyceo
forked from public/pyceo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Log Kerberos errors consistently

master
Michael Spang 2009-01-31 00:11:42 -05:00
parent 3358c617ad
commit 8948b29cd1
6 changed files with 56 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/addclub.c
View File

@ -46,7 +46,7 @@ int addclub() {
char homedir[1024];
char acl_s[1024] = {0};
logmsg("adding uid=%s cn=%s by %s", userid, name, user);
notice("adding uid=%s cn=%s by %s", userid, name, user);
if (setreuid(0, 0))
fatalpe("setreuid");
@ -73,26 +73,26 @@ int addclub() {
krb_ok = ceo_del_princ(userid);
if (!krb_ok)
logmsg("successfully cleared principal for %s", userid);
notice("successfully cleared principal for %s", userid);
user_ok = krb_ok || ceo_add_user(userid, users_base, "club", name, homedir,
club_shell, id, NULL);
if (!user_ok)
logmsg("successfully created account for %s", userid);
notice("successfully created account for %s", userid);
group_ok = user_ok || ceo_add_group(userid, groups_base, id);
if (!group_ok)
logmsg("successfully created group for %s", userid);
notice("successfully created group for %s", userid);
sudo_ok = user_ok || ceo_add_group_sudo(userid, sudo_base);
if (!sudo_ok)
logmsg("successfully added group sudo entry for %s", userid);
notice("successfully added group sudo entry for %s", userid);
home_ok = user_ok || ceo_create_home(homedir, refquota, id, id, homedir_mode, acl_s);
if (!home_ok)
logmsg("successfully created home directory for %s", userid);
notice("successfully created home directory for %s", userid);
logmsg("done uid=%s", userid);
notice("done uid=%s", userid);
if (!no_notify && !user_ok) {
int pid;
@ -130,9 +130,9 @@ int addclub() {
waitpid(pid, &status, 0);
if (WIFEXITED(status) && WEXITSTATUS(status))
logmsg("hook %s exited with status %d", notify_hook, WEXITSTATUS(status));
notice("hook %s exited with status %d", notify_hook, WEXITSTATUS(status));
else if (WIFSIGNALED(status))
logmsg("hook %s killed by signal %d", notify_hook, WTERMSIG(status));
notice("hook %s killed by signal %d", notify_hook, WTERMSIG(status));
}
ceo_kadm_cleanup();

16
src/addmember.c
View File

@ -51,7 +51,7 @@ int addmember() {
char homedir[1024];
char acl_s[1024] = {0};
logmsg("adding uid=%s cn=%s program=%s by %s", userid, name, program, user);
notice("adding uid=%s cn=%s program=%s by %s", userid, name, program, user);
if (setreuid(0, 0))
fatalpe("setreuid");
@ -85,22 +85,22 @@ int addmember() {
krb_ok = ceo_del_princ(userid);
krb_ok = krb_ok || ceo_add_princ(userid, password);
if (!krb_ok)
logmsg("successfully created principal for %s", userid);
notice("successfully created principal for %s", userid);
user_ok = krb_ok || ceo_add_user(userid, users_base, "member", name, homedir,
member_shell, id, "program", program, NULL);
if (!user_ok)
logmsg("successfully created account for %s", userid);
notice("successfully created account for %s", userid);
group_ok = user_ok || ceo_add_group(userid, groups_base, id);
if (!group_ok)
logmsg("successfully created group for %s", userid);
notice("successfully created group for %s", userid);
home_ok = user_ok || ceo_create_home(homedir, refquota, id, id, homedir_mode, acl_s);
if (!home_ok)
logmsg("successfully created home directory for %s", userid);
notice("successfully created home directory for %s", userid);
logmsg("done uid=%s", userid);
notice("done uid=%s", userid);
if (!no_notify && !user_ok) {
int pid;
@ -138,9 +138,9 @@ int addmember() {
waitpid(pid, &status, 0);
if (WIFEXITED(status) && WEXITSTATUS(status))
logmsg("hook %s exited with status %d", notify_hook, WEXITSTATUS(status));
notice("hook %s exited with status %d", notify_hook, WEXITSTATUS(status));
else if (WIFSIGNALED(status))
logmsg("hook %s killed by signal %d", notify_hook, WTERMSIG(status));
notice("hook %s killed by signal %d", notify_hook, WTERMSIG(status));
}
ceo_kadm_cleanup();

44
src/krb5.c
View File

@ -25,8 +25,8 @@ static void com_err_hk(const char *whoami, long code, const char *fmt, va_list a
*msgp++ = '\n';
*msgp++ = '\0';
syslog(LOG_ERR, "%s", message);
fprintf(stderr, "%s: %s", whoami, message);
logmsg(LOG_ERR, "fatal: %s", message);
exit(1);
}
void ceo_krb5_init() {
@ -35,16 +35,12 @@ void ceo_krb5_init() {
set_com_err_hook(com_err_hk);
retval = krb5_init_context(&context);
if (retval) {
if (retval)
com_err(prog, retval, "while initializing krb5");
exit(1);
}
retval = krb5_set_default_realm(context, realm);
if (retval) {
if (retval)
com_err(prog, retval, "while setting default realm");
exit(1);
}
}
void ceo_krb5_auth(char *principal, char *ktname) {
@ -58,35 +54,23 @@ void ceo_krb5_auth(char *principal, char *ktname) {
krb5_get_init_creds_opt_init(&options);
memset(&creds, 0, sizeof(creds));
if ((retval = krb5_parse_name(context, principal, &princ))) {
if ((retval = krb5_parse_name(context, principal, &princ)))
com_err(prog, retval, "while resolving user %s", admin_bind_userid);
exit(1);
}
if ((retval = krb5_cc_default(context, &cache))) {
if ((retval = krb5_cc_default(context, &cache)))
com_err(prog, retval, "while resolving credentials cache");
exit(1);
}
if ((retval = krb5_kt_resolve(context, ktname, &keytab))) {
if ((retval = krb5_kt_resolve(context, ktname, &keytab)))
com_err(prog, retval, "while resolving keytab %s", admin_bind_keytab);
exit(1);
}
if ((retval = krb5_get_init_creds_keytab(context, &creds, princ, keytab, 0, NULL, &options))) {
if ((retval = krb5_get_init_creds_keytab(context, &creds, princ, keytab, 0, NULL, &options)))
com_err(prog, retval, "while getting initial credentials");
exit(1);
}
if ((retval = krb5_cc_initialize(context, cache, princ))) {
if ((retval = krb5_cc_initialize(context, cache, princ)))
com_err(prog, retval, "while initializing credentials cache");
exit(1);
}
if ((retval = krb5_cc_store_cred(context, cache, &creds))) {
if ((retval = krb5_cc_store_cred(context, cache, &creds)))
com_err(prog, retval, "while storing credentials");
exit(1);
}
krb5_free_cred_contents(context, &creds);
krb5_kt_close(context, keytab);
@ -98,15 +82,11 @@ void ceo_krb5_deauth() {
krb5_error_code retval;
krb5_ccache cache;
if ((retval = krb5_cc_default(context, &cache))) {
if ((retval = krb5_cc_default(context, &cache)))
com_err(prog, retval, "while resolving credentials cache");
exit(1);
}
if ((retval = krb5_cc_destroy(context, cache))) {
if ((retval = krb5_cc_destroy(context, cache)))
com_err(prog, retval, "while destroying credentials cache");
exit(1);
}
}
void ceo_krb5_cleanup() {

3
src/krb5.h
View File

@ -1,4 +1,7 @@
#include <krb5.h>
#include <com_err.h>
extern char *prog;
extern krb5_context context;

24
src/util.c
View File

@ -90,10 +90,30 @@ void warn(const char *msg, ...) {
va_end(args);
}
void logmsg(const char *msg, ...) {
void notice(const char *msg, ...) {
va_list args;
va_start(args, msg);
vsyslog(LOG_ERR, msg, args);
errmsg(LOG_NOTICE, "notice", msg, args);
va_end(args);
}
void debug(const char *msg, ...) {
va_list args;
va_start(args, msg);
errmsg(LOG_DEBUG, "debug", msg, args);
va_end(args);
}
void logmsg(int priority, const char *msg, ...) {
va_list args;
va_start(args, msg);
vsyslog(priority, msg, args);
va_end(args);
va_start(args, msg);
if (log_stderr) {
vfprintf(stderr, msg, args);
fputc('\n', stderr);
}
va_end(args);
}

3
src/util.h
View File

@ -24,9 +24,10 @@ NORETURN void badconf(const char *, ...);
NORETURN void deny(const char *, ...);
void error(const char *, ...);
void warn(const char *, ...);
void logmsg(const char *, ...);
void notice(const char *, ...);
void errorpe(const char *, ...);
void warnpe(const char *, ...);
void logmsg(int, const char *, ...);
static inline void *xmalloc(size_t size) {
void *alloc = malloc(size);