and wouldn't that be a deviation from the "initial-authentication"
model?
On Fri, 2008-10-31 at 13:57 -0600, Abhishek Kulkarni wrote:
> So that means a normal user can add users and/or groups to the userpool?
> I thought it was necessary to authenticate with xcpu-admin to add/delete
> users.
>
>
> On Fri, 2008-10-31 at 12:39 -0600, Latchesar Ionkov wrote:
> > xuserset and xgroupset should do the same.
> >
> > Thanks,
> > Lucho
> >
> > On Oct 31, 2008, at 9:17 AM, Latchesar Ionkov wrote:
> >
> > >
> > > I think the right solution is to try as a normal user first, if it
> > > fails, try as xcpu-admin.
> > >
> > > Thanks,
> > > Lucho
> > >
> > > On Oct 30, 2008, at 1:09 PM, Abhishek Kulkarni wrote:
> > >
> > >>
> > >> Shouldn't xgetent authenticate with "xcpu-admin" a la xgroupset and
> > >> xuserset?
> > >>
> > >> I am a little confused but I didn't find it right that you cannot
> > >> view
> > >> the users/groups in the pool after you flush them.
> > >>
> > >> Signed-off-by: Abhishek Kulkarni <[EMAIL PROTECTED]>
> > >>
> > >> Index: utils/xgetent.c
> > >> ===================================================================
> > >> --- utils/xgetent.c (revision 715)
> > >> +++ utils/xgetent.c (working copy)
> > >> @@ -37,6 +37,7 @@
> > >> #include <signal.h>
> > >> #include <regex.h>
> > >> #include <math.h>
> > >> +#include <pwd.h>
> > >>
> > >> #include "spfs.h"
> > >> #include "spclient.h"
> > >> @@ -46,29 +47,14 @@
> > >> #include "xcpu.h"
> > >>
> > >> extern int spc_chatty;
> > >> -static Spuser *user;
> > >> -static Xkey *ukey;
> > >> +static Xkey *adminkey;
> > >> +static Spuser adminuser = {
> > >> + .uname = "xcpu-admin",
> > >> + .uid = 65530,
> > >> +};
> > >>
> > >> -static int
> > >> -init_user(void)
> > >> -{
> > >> - char *homepath, keypath[128];
> > >> -
> > >> - user = sp_unix_users->uid2user(sp_unix_users, geteuid());
> > >> - if (!user)
> > >> - return -1;
> > >> -
> > >> - homepath = getenv("HOME");
> > >> - snprintf(keypath, sizeof(keypath), "%s/.ssh/id_rsa",
> > >> homepath);
> > >> - ukey = xauth_privkey_create(keypath);
> > >> - if (!ukey)
> > >> - return -1;
> > >> -
> > >> - return 0;
> > >> -}
> > >> -
> > >> -void usage() {
> > >> - fprintf(stderr, "usage: xgetent [-dap] <passwd|group>
> > >> host,...\n");
> > >> +void usage(char *name) {
> > >> + fprintf(stderr, "usage: %s [-h] [-A admin_keyfile] [-d] [-p
> > >> port] <passwd|group> {-a | nodeset} \n", name);
> > >> exit(1);
> > >> }
> > >>
> > >> @@ -79,11 +65,11 @@
> > >> int n, off, ret, bufsize = 8192;
> > >>
> > >> ret = 0;
> > >> - buf = malloc(sizeof(*buf) * bufsize);
> > >> - fs = xp_node_mount(node, user, ukey);
> > >> + fs = xp_node_mount(node, &adminuser, adminkey);
> > >> if (!fs)
> > >> return -1;
> > >>
> > >> + buf = malloc(sizeof(*buf) * bufsize);
> > >> fid = spc_open(fs, "pwent", Oread);
> > >> if (!fid) {
> > >> free(buf);
> > >> @@ -100,7 +86,7 @@
> > >>
> > >> if (n < 0)
> > >> ret = -1;
> > >> -
> > >> +
> > >> spc_close(fid);
> > >> spc_umount(fs);
> > >> free(buf);
> > >> @@ -113,11 +99,11 @@
> > >> int n, off, ret, bufsize = 8192;
> > >>
> > >> ret = 0;
> > >> - buf = malloc(sizeof(*buf) * bufsize);
> > >> - fs = xp_node_mount(node, user, ukey);
> > >> + fs = xp_node_mount(node, &adminuser, adminkey);
> > >> if (!fs)
> > >> return -1;
> > >>
> > >> + buf = malloc(sizeof(*buf) * bufsize);
> > >> fid = spc_open(fs, "grent", Oread);
> > >> if (!fid) {
> > >> free(buf);
> > >> @@ -134,7 +120,7 @@
> > >>
> > >> if (n < 0)
> > >> ret = -1;
> > >> -
> > >> +
> > >> spc_close(fid);
> > >> spc_umount(fs);
> > >> free(buf);
> > >> @@ -146,17 +132,22 @@
> > >> {
> > >> int c, ecode;
> > >> int allflag = 0;
> > >> - char *ename, db[7];
> > >> + char *ename, db[7], *end;
> > >> Xpnodeset *nds, *nds2;
> > >> - int port = STAT_PORT;
> > >> - char *end;
> > >> + int port = STAT_PORT;
> > >> + struct passwd *pw;
> > >> + char *adminkeyfile = "/etc/xcpu/admin_key";
> > >>
> > >> - while ((c = getopt(argc, argv, "+dap:")) != -1) {
> > >> + while ((c = getopt(argc, argv, "+dA:ap:h")) != -1) {
> > >> switch (c) {
> > >> case 'd':
> > >> spc_chatty = 1;
> > >> break;
> > >>
> > >> + case 'A':
> > >> + adminkeyfile = strdup(optarg);
> > >> + break;
> > >> +
> > >> case 'a':
> > >> allflag++;
> > >> break;
> > >> @@ -164,21 +155,34 @@
> > >> case 'p':
> > >> port = strtol(optarg, &end, 10);
> > >> if (*end != '\0')
> > >> - usage();
> > >> + usage(argv[0]);
> > >> break;
> > >> + case 'h':
> > >> default:
> > >> - usage();
> > >> + usage(argv[0]);
> > >> }
> > >> }
> > >>
> > >> if ((!allflag && argc - optind != 2 ) || (allflag && argc -
> > >> optind !=
> > >> 1))
> > >> - usage();
> > >> + usage(argv[0]);
> > >>
> > >> -
> > >> snprintf(db, 7, "%s", argv[optind++]);
> > >> if (strcmp("passwd", db) && strcmp("group", db))
> > >> - usage();
> > >> + usage(argv[0]);
> > >>
> > >> + adminkey = xauth_privkey_create(adminkeyfile);
> > >> + if (!adminkey)
> > >> + goto lerror;
> > >> +
> > >> + setpwent();
> > >> + while ((pw = getpwent()) != NULL) {
> > >> + if(!strcmp(pw->pw_name, adminuser.uname)) {
> > >> + adminuser.uid = pw->pw_uid;
> > >> + break;
> > >> + }
> > >> + }
> > >> + endpwent();
> > >> +
> > >> if (allflag) {
> > >> char statserver[32];
> > >> sprintf(statserver, "localhost!%d", port);
> > >> @@ -203,9 +207,6 @@
> > >> if (!nds)
> > >> goto lerror;
> > >>
> > >> - if (init_user() < 0)
> > >> - goto lerror;
> > >> -
> > >> if (!strcmp("passwd", db)) {
> > >> if (xp_nodeset_iterate(nds, read_pwent, NULL) > 0)
> > >> goto rerror;
> > >>
> > >>
> > >
> >
>
