From: David Howells Date: Tue, 16 Apr 2019 15:48:35 +0000 (+0100) Subject: aklog: Make cell argument optional X-Git-Tag: v0.3~6 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=f923ba57e760d5984bbfde232164bdb2853522ec;p=users%2Fdhowells%2Fkafs-client.git aklog: Make cell argument optional Make cell argument to aklog-kafs optional, reading the cell from /proc/net/afs/rootcell if not given. Also support --help. Signed-off-by: David Howells --- diff --git a/man/aklog-kafs.1 b/man/aklog-kafs.1 index e6187e9..c2b69ca 100644 --- a/man/aklog-kafs.1 +++ b/man/aklog-kafs.1 @@ -7,25 +7,28 @@ .\" as published by the Free Software Foundation; either version .\" 2 of the License, or (at your option) any later version. .\" -.TH AKLOG 1 "9 Feb 2018" Linux "AFS Kerberos authentication" +.TH AKLOG-KAFS 1 "16 Apr 2019" Linux "AFS Kerberos authentication" .SH NAME -aklog \- AFS Kerberos authentication tool +aklog-kafs \- AFS Kerberos authentication tool .SH SYNOPSIS -\fBaklog\fR [] +\fBaklog-kafs\fR [ []] .P .B *** NOTE THE ABOVE IS PROVISIONAL AND IS LIKELY TO CHANGE *** .R .SH DESCRIPTION This program is used to get an authentication ticket from Kerberos that can be -used by the kAFS filesystem to perform authenticated and encrypted accesses to -the server. Without this only unencrypted anonymous accesses can be made. +used by the in-kernel AFS filesystem (kAFS) to perform authenticated and +encrypted accesses to the server. Without this only unencrypted anonymous +accesses can be made. .P Before calling this, the \fBkinit\fR program or similar should be invoked to authenticate with the appropriate Kerberos server. .SH ARGUMENTS .IP -This is the name of the cell with which the ticket is intended to be used. +This is the name of the cell with which the ticket is intended to be used. If +not given, the name of the default cell will be read from +\fB/proc/net/afs/rootcell\fR and used instead. .IP This is the name of the Kerberos realm from which the ticket will be obtained. .SH ERRORS diff --git a/src/aklog-kafs.c b/src/aklog-kafs.c index 27e4dc2..4cee509 100644 --- a/src/aklog-kafs.c +++ b/src/aklog-kafs.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include @@ -247,6 +248,42 @@ key_too_short: exit(1); } +/* + * Read the name of default cell. + */ +static char *get_default_cell(void) +{ + static const char rootcell[] = "/proc/net/afs/rootcell"; + ssize_t n; + char buf[260], *nl, *cell; + int fd; + + fd = open(rootcell, O_RDONLY); + OSERROR(fd, rootcell); + n = read(fd, buf, sizeof(buf) - 2); + OSERROR(n, rootcell); + close(n); + if (n == 0) + goto unset; + + buf[n] = 0; + nl = memchr(buf, '\n', n); + if (nl == buf) + goto unset; + *nl = 0; + + cell = strdup(buf); + OSZERROR(cell, "strdup"); + return cell; + +unset: + fprintf(stderr, "error: The default cell is not set\n"); + exit(1); +} + +/* + * + */ int main(int argc, char **argv) { char *cell, *realm, *princ, *desc, *p; @@ -258,14 +295,19 @@ int main(int argc, char **argv) krb5_ccache cc; krb5_creds search_cred, *creds; - if (argc < 2 || argc > 3) { - fprintf(stderr, "Usage: aklog []\n"); + if (argc < 1 || argc > 3 || + (argc == 2 && strcmp(argv[1], "--help") == 0)) { + fprintf(stderr, "Usage: aklog-kafs [ []]\n"); exit(1); } - cell = argv[1]; + if (argc == 1) + cell = get_default_cell(); + else + cell = argv[1]; + if (argc == 3) { - realm = strdup(argv[3]); + realm = strdup(argv[2]); OSZERROR(realm, "strdup"); } else { realm = strdup(cell);