shithub: riscv

Info  •  Files  •  Log  •  Branches

merge

--- a/sys/man/4/keyfs

+++ b/sys/man/4/keyfs

@@ -14,6 +14,9 @@

 .BI -m mntpt

 ]

 [

+.B -r

+]

+[

 .I keyfile

 ]

 .PP

@@ -83,6 +86,10 @@

 If any changes are made to the database that affect the information stored in

 .IR keyfile ,

 a new version of the file is written.

+.PP

+If the

+.B -r

+option is given, the database is mounted `read-only' and no changes are permitted.

 .PP

 There are two authentication databases,

 one for Plan 9 user information,

--- /dev/null

+++ b/sys/src/cmd/auth/asaudit.c

@@ -1,0 +1,106 @@

+#include <u.h>

+#include <libc.h>

+#include <bio.h>

+#include <authsrv.h>

+#include <ndb.h>

+

+int havenvram;

+Nvrsafe nvr;

+char eve[128];

+Ndb *db;

+

+void

+geteve(void)

+{

+	int fd;

+	

+	fd = open("#c/hostowner", OREAD);

+	if(fd < 0) sysfatal("open: %r");

+	memset(eve, 0, sizeof(eve));

+	if(read(fd, eve, sizeof(eve)-1) < 0) sysfatal("read: %r");

+	close(fd);

+	if(strcmp(getuser(), eve) != 0) print("hostowner is %#q, but running as %#q\n", eve, getuser());

+}

+

+void

+ndb(void)

+{

+	db = ndbopen(nil);

+	if(db == nil){

+		print("ndbopen: %r");

+		return;

+	}

+}

+

+void

+nvram(void)

+{

+	char *auth;

+

+	if(readnvram(&nvr, 0) < 0){

+		print("readnvram: %r\n");

+		return;

+	}

+	havenvram = 1;

+	print("found nvram key for user '%s@%s'\n", nvr.authid, nvr.authdom);

+	if(strcmp(eve, nvr.authid) != 0) print("nvram authid doesn't match hostowner %#q\n", eve);

+	if(db != nil){

+		auth = ndbgetvalue(db, nil, "authdom", nvr.authdom, "auth", nil);

+		if(auth == nil) print("authdom %#q not found in ndb\n", nvr.authdom);

+		else{

+			print("ndb says authdom %#q corresponds to auth server %#q\n", nvr.authdom, auth);

+			free(auth);

+		}

+	}

+}

+

+void

+keyfs(void)

+{

+	char *buf;

+	int fd;

+	char aes[AESKEYLEN];

+

+	if(!havenvram) return;

+	if(access("/adm/keys", AREAD) < 0){

+		print("no access to /adm/keys\n");

+		return;

+	}

+	print("starting keyfs\n");

+	rfork(RFNAMEG);

+	switch(fork()){

+	case -1:

+		sysfatal("fork: %r");

+	case 0:

+		if(execl("/bin/auth/keyfs", "auth/keyfs", "-r", nil) < 0)

+			sysfatal("execl: %r");

+	}

+	waitpid();

+	buf = smprint("/mnt/keys/%s/aeskey", nvr.authid);

+	fd = open(buf, OREAD);

+	if(fd < 0){

+		print("can't get key from keyfs: %r");

+		return;

+	}

+	werrstr("short read");

+	if(read(fd, aes, sizeof(aes)) < sizeof(aes)){

+		print("read: %r");

+		close(fd);

+		return;

+	}

+	if(memcmp(nvr.aesmachkey, aes, AESKEYLEN) != 0)

+		print("key in keyfs does not match nvram\n");

+	else

+		print("key in keyfs matches nvram\n");

+	close(fd);

+}

+

+void

+main()

+{

+	quotefmtinstall();

+	geteve();

+	ndb();

+	nvram();

+	keyfs();

+}

--- a/sys/src/cmd/auth/keyfs.c

+++ b/sys/src/cmd/auth/keyfs.c

@@ -92,6 +92,7 @@

 ulong	uniq = 1;

 Fcall	rhdr, thdr;

 int	usepass;

+int	readonly;

 char	*warnarg;

 uchar	mdata[8192 + IOHDRSZ];

 int	messagesize = sizeof mdata;

@@ -137,7 +138,7 @@

 static void

 usage(void)

 {

-	fprint(2, "usage: %s [-p] [-m mtpt] [-w warn] [keyfile]\n", argv0);

+	fprint(2, "usage: %s [-p] [-r] [-m mtpt] [-w warn] [keyfile]\n", argv0);

 	exits("usage");

 }

@@ -165,6 +166,9 @@

 	case 'w':

 		warnarg = EARGF(usage());

 		break;

+	case 'r':

+		readonly = 1;

+		break;

 	default:

 		usage();

 		break;

@@ -390,6 +394,8 @@

 	if(!f->busy)

 		return "create of unused fid";

+	if(readonly)

+		return "mounted read-only";

 	name = rhdr.name;

 	if(f->user != nil){

 		return "permission denied";

@@ -531,6 +537,8 @@

 	if(!f->busy)

 		return "permission denied";

+	if(readonly)

+		return "mounted read-only";

 	n = rhdr.count;

 	data = rhdr.data;

 	switch(f->qtype){

@@ -613,6 +621,10 @@

 {

 	if(!f->busy)

 		return "permission denied";

+	if(readonly){

+		Clunk(f);

+		return "mounted read-only";

+	}

 	if(f->qtype == Qwarnings)

 		f->user->warnings = 0;

 	else if(f->qtype == Quser)

@@ -649,6 +661,8 @@

 	if(!f->busy || f->qtype != Quser)

 		return "permission denied";

+	if(readonly)

+		return "mounted read-only";

 	if(rhdr.nstat > sizeof buf)

 		return "wstat buffer too big";

 	if(convM2D(rhdr.stat, rhdr.nstat, &d, buf) == 0)

@@ -711,6 +725,11 @@

 	User *u;

 	uchar *p, *buf;

 	ulong expire;

+

+	if(readonly){

+		fprint(2, "writeusers called while read-only; shouldn't happen\n");

+		return;

+	}

 	/* what format to use */

 	keydblen = KEYDBLEN;

--- a/sys/src/cmd/auth/mkfile

+++ b/sys/src/cmd/auth/mkfile

@@ -4,6 +4,7 @@

 #

 TARG=\

 	as\

+	asaudit\

 	asn12dsa\

 	asn12rsa\

 	authsrv\