[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [Patch][RFC] Access control library (2/3)



Policy checker and loader.

Some of the variables, functions, macros, and files have "xen" in their
names but they are never dedicated to Xen.  Sorry for confusion.  It is
just because our most important target was Xen in the early stage.


diff -r a4c4b2407117 -r d864c312eae4 domname_list.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/domname_list.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,119 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <stdlib.h>
+#include <string.h>
+#include "role_list.h"
+#include "domname_list.h"
+#include "xr_log.h"
+
+static void
+init_domname(domname *dn)
+{
+	strcpy(dn->value, "\n");
+	dn->next = NULL;
+}
+
+domname*
+new_domname(void)
+{
+	domname *dn;
+
+	DMSG(FUNC, "start\n");
+
+	dn = (domname *) malloc(sizeof(struct _domname));
+	if (!dn) {
+		EMSG("out of memory for domname\n");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate domname: %p\n", dn);
+	
+	dn->value = (char *) malloc(XR_MAX_LENGTH_OF_DOMNAME * sizeof(char));
+	if (!dn->value) {
+		free(dn);
+		EMSG("out of memory for value of domname\n");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate value of domname: %p\n", dn->value);
+
+	init_domname(dn);
+	return dn;
+}
+
+static void
+free_domname(domname *dn)
+{
+	DMSG(FUNC, "start\n");
+
+	if (!dn)
+		return;
+
+	if (dn->value) {
+		DMSG(FUNC, "free value of domname: %p\n", dn->value);
+		free(dn->value);
+	}
+
+	DMSG(FUNC, "free domname: %p\n", dn);
+	free(dn);
+}
+
+void
+free_domname_list(role *r)
+{
+	domname *dn = r->managementVMList;
+	domname *dn_next = NULL;
+
+	DMSG(FUNC, "start\n");
+
+	while (dn) {
+		dn_next = dn;
+		free_domname(dn);
+		dn = dn_next;
+	}
+}
+
+void
+append_domname(role *r, domname *dn)
+{
+	DMSG(FUNC, "start\n");
+
+	dn->next = r->managementVMList;
+	r->managementVMList = dn;
+
+	r->domname_c++;
+}
+
+void
+show_domname_list(role *r)
+{
+	domname *dn = r->managementVMList;
+
+	while (dn) {
+		DMSG("  domname           : %p\n", dn);
+		DMSG("   value            : %s\n", dn->value);
+		DMSG("   next             : %p\n", dn->next);
+		dn = dn->next;
+	}
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 domname_list.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/domname_list.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,42 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __DOMNAME_LIST_H__
+#define __DOMNAME_LIST_H__
+#define XR_MAX_LENGTH_OF_DOMNAME 100
+
+typedef struct _domname domname;
+struct _domname {
+	char *value;
+	struct _domname *next;
+};
+struct _role;
+
+domname *new_domname(void);
+void free_domname_list(struct _role *r);
+void append_domname(struct _role *r, domname *dn);
+void show_domname_list(struct _role *r);
+
+#endif /* __DOMNAME_LIST_H */
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 opeid_list.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/opeid_list.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,105 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <stdlib.h>
+#include "role_list.h"
+#include "opeid_list.h"
+#include "xr_log.h"
+
+static void
+init_opeid_data(opeid_data *op)
+{
+	op->value = 0;
+	op->next = NULL;
+}
+
+opeid_data*
+new_opeid_data(void)
+{
+	opeid_data *op;
+
+	DMSG(FUNC, "start\n");
+
+	op = (opeid_data *) malloc(sizeof(struct _opeid_data));
+	if (!op) {
+		EMSG("out of memory for opeid_data");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate opeid_data: %p\n", op);
+
+	init_opeid_data(op);
+	return op;
+}
+
+static void
+free_opeid_data(opeid_data *op)
+{
+	DMSG(FUNC, "start\n");
+
+	if (!op)
+		return;
+
+	DMSG(FUNC, "free opeid_data: %p\n", op);
+	free(op);
+}
+
+void
+free_opeid_data_list(role *r)
+{
+	opeid_data *op = r->acceptOperationList;
+	opeid_data *op_next;
+
+	DMSG(FUNC, "start\n");
+
+	while (op) {
+		op_next = op->next;
+		free_opeid_data(op);
+		op = op_next;
+	}
+}
+
+void
+append_opeid_data(role *r, opeid_data *op)
+{
+	DMSG(FUNC, "start\n");
+
+	op->next = r->acceptOperationList;
+	r->acceptOperationList = op;
+
+	r->opeid_c++;
+}
+
+void
+show_opeid_data_list(role *r)
+{
+	opeid_data *op = r->acceptOperationList;
+
+	while (op) {
+		DMSG("  opeid_data        : %p\n", op);
+		DMSG("   value            : %d\n", op->value);
+		DMSG("   next             : %p\n", op->next);
+		op = op->next;
+	}
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 opeid_list.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/opeid_list.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,41 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __OPEID_LIST_H__
+#define __OPEID_LIST_H__
+
+typedef struct _opeid_data opeid_data;
+struct _opeid_data {
+	int value;
+	struct _opeid_data *next;
+};
+struct _role;
+
+opeid_data *new_opeid_data(void);
+void free_opeid_data_list(struct _role *r);
+void append_opeid_data(struct _role *r, opeid_data *op);
+void show_opeid_data_list(struct _role *r);
+
+#endif /* __OPEID_LIST_H */
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 python/xen/lowlevel/xr/xr.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/python/xen/lowlevel/xr/xr.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,99 @@
+/*
+    Copyright (C) 2008 Fujitsu Limited.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free  Software Foundation; either version 2 of the License, or
+    (at your option)  any later version.
+    
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+    
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+    MA 02110-1301 USA.
+*/
+
+#include <Python.h>
+#include "xenrbac.h"
+
+#define PKG "xen.lowlevel.xr"
+static PyObject *xr_error_obj;
+
+static PyObject*
+pyxr_error_to_exception(int result)
+{
+    PyObject *pyerr;
+    
+    if (result == XR_ACCEPT){
+		Py_DECREF(xr_error_obj);
+		return NULL;
+    }
+    
+    pyerr = Py_BuildValue("s",strerror(result));
+    PyErr_SetObject(xr_error_obj,pyerr);
+    Py_DECREF(pyerr);
+    
+    return NULL;
+}
+
+static PyObject*
+pyxr_judge(PyObject* self, PyObject* args)
+{
+    int result = XR_ACCEPT;
+    static char formats[]  = "zizi";
+    PyObject *username, *opeid, *domainname, *all_flag;
+    
+    if (!PyArg_ParseTuple(args, formats,
+                          &username, &opeid, &domainname, &all_flag))
+		goto error;
+    
+    if ((result = xr_judge( (char *)username  , (int)opeid,
+                            (char *)domainname, (int)all_flag)))
+		goto error;
+    
+    return Py_BuildValue("i",result);
+    
+ error:
+	
+    return pyxr_error_to_exception(result);
+    
+}
+
+static PyMethodDef xr_funcs[] = {
+    {"xr_judge", 
+     (PyCFunction)pyxr_judge,
+     METH_VARARGS,
+     "xr_judge()  does the access judgement.\n"
+     "user name        [str]\n"
+     "operation number [int]\n"
+     "domain name      [str]\n"
+     "all flag         [int]\n"
+     "Returns          [int]:judged result.  \n"},
+    
+    {NULL, NULL, 0, NULL}
+};
+
+void
+initxr(void)
+{
+    PyObject *m;
+    
+    if (!(m = Py_InitModule("xr",xr_funcs)))
+		return;
+    
+    xr_error_obj = PyErr_NewException(PKG".Libxenrbac_Error",
+                                      PyExc_RuntimeError, NULL);
+    Py_INCREF(xr_error_obj);
+    PyModule_AddObject(m,"Libxenrbac_Error",xr_error_obj);
+    
+}
+/*
+ * Local variables:
+ * c-indent-level: 8
+ * c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 rolePolicyDefinition.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rolePolicyDefinition.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,506 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <string.h>
+#include <errno.h>
+#include <libxml/parser.h>
+#include <libxml/tree.h>
+#include <libxml/xpath.h>
+#include "userinfo.h"
+#include "role_list.h"
+#include "rolePolicyDefinition.h"
+#include "xr.h"
+#include "xr_log.h"
+
+static xmlNodePtr getXPathNode(const char *xpath, xmlXPathContextPtr ctxt);
+static int searchRole(userInfo *ui, xmlNodePtr node);
+static int searchPolicyID(role *r, xmlNodePtr node);
+static int searchManageVM(role *r, xmlNodePtr node);
+static int searchVM(role *r, xmlNodePtr node);
+static int makeStructDomname(role *r, xmlChar *attr);
+static int searchControlOperation(role *r, xmlNodePtr node);
+static int searchAccept(role *r, xmlNodePtr node);
+static int searchOperation(role *r, xmlNodePtr node);
+static int makeStructOpeid(role *r, int opeid);
+
+#define EMSG_XML(_a...) \
+	do { \
+		EMSG("%s parsing failed. (%s)\n", ROLE_POLICY_FILENAME, _a); \
+	} while (0)
+
+int
+readRolePolicyDefinition(userInfo *ui)
+{
+	xmlDoc *doc = NULL;
+	xmlXPathContextPtr ctxt = NULL;
+	xmlNodePtr r_node = NULL;
+
+	int rc = 0;
+	char fileName[strlen(XENRBAC_POLICY_PATHNAME) + strlen(ROLE_POLICY_FILENAME) + 1];
+
+	strcpy(fileName, XENRBAC_POLICY_PATHNAME);
+	strcat(fileName, ROLE_POLICY_FILENAME);
+
+	doc = xmlReadFile(fileName, NULL, XML_PARSE_NOBLANKS);
+	if (!doc) {
+		EMSG("%s reading or parsing failed(%m)\n",
+		     ROLE_POLICY_FILENAME);
+		rc = errno;
+		goto error;
+	}
+
+	ctxt = xmlXPathNewContext(doc);
+	if (!ctxt) {
+		EMSG_XML("ctxt is NULL");
+		rc = EINVAL;
+		goto error;
+	}
+
+	r_node = getXPathNode("/RolePolicyDefinition/RoleDefinition/Role", ctxt);
+	if (!r_node) {
+		EMSG_XML("/RolePolicyDefinition/RoleDefinition/Role is not defined");
+		rc = EINVAL;
+		goto error;
+	}
+
+	if (!(rc = searchRole(ui, r_node)))
+		goto cleanup;
+
+error:
+	DMSG(FUNC, "error in readRolePolicyDefinition\n");
+
+cleanup:
+	DMSG(FUNC, "cleanup in readRolePolicyDefinition\n");
+	//free the document
+	/*
+	 *Free the global variables that may
+	 *have been allocated by the parser.
+	 */
+	xmlCleanupParser();
+
+	if (ctxt)
+		xmlXPathFreeContext(ctxt);
+	if (doc)
+		xmlFreeDoc(doc);
+
+	return rc;
+}
+
+static xmlNodePtr
+getXPathNode(const char *xpath, xmlXPathContextPtr ctxt)
+{
+	xmlXPathObjectPtr obj = NULL;
+	xmlNodePtr ret = NULL;
+	
+	if ((ctxt == NULL) || (xpath == NULL))
+		return NULL;
+
+	obj = xmlXPathEval(BAD_CAST xpath, ctxt);
+	if ((obj == NULL) ||
+	    (obj->type != XPATH_NODESET) ||
+	    (obj->nodesetval == NULL) ||
+	    (obj->nodesetval->nodeNr <= 0) ||
+	    (obj->nodesetval->nodeTab == NULL)) {
+		xmlXPathFreeObject(obj);
+		return NULL;
+	}
+
+	ret = obj->nodesetval->nodeTab[0];
+	xmlXPathFreeObject(obj);
+
+	return ret;
+}
+
+static int
+searchRole(userInfo *ui, xmlNodePtr node)
+{
+        xmlNodePtr c_node;
+	xmlChar *attr;
+
+	int rc;
+	size_t len;
+	role *r;
+	
+	DMSG("%S(%d) %S\n",__func__,__LINE__,"searchRole start\n");
+		
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "Role", sizeof("Role")))
+			continue;
+
+		attr = xmlGetProp(c_node, "name");
+		if (!attr) {
+			EMSG_XML("name in /RolePolicyDefinition/Role is not defined");
+			return EINVAL;
+		}
+		
+		len = strlen(attr);
+		if (len >= XR_MAX_LENGTH_OF_ROLENAME) {
+			EMSG_XML("name in /RolePolicyDefinition/Role is long");
+			xmlFree(attr);
+			return EINVAL;
+		}
+	       
+		for (r = ui->roleList; r; r = r->next) {
+			if (strcmp(r->roleName, (char *) attr))
+				continue;
+			
+			if (r->parsed_Role) {
+				EMSG_XML("multiple roles with same name are defined");
+				xmlFree(attr);
+				return EINVAL;
+			}
+
+			if ((rc = searchPolicyID(r, c_node->children))) {
+				xmlFree(attr);
+				return rc;
+			}
+			
+			if ((rc = searchManageVM(r, c_node->children))) {
+				xmlFree(attr);
+				return rc;
+			}
+			
+			if ((rc = searchControlOperation(r, c_node->children))) {
+				xmlFree(attr);
+				return rc;
+
+			r->parsed_Role = 1;
+
+			break;
+			}
+		}
+
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+searchPolicyID(role *r, xmlNodePtr node)
+{
+        xmlNodePtr c_node;
+	xmlChar *attr;
+
+	size_t len;
+	int rc;
+
+	DMSG("%S(%d) %S\n",__func__,__LINE__,"searchPolidyID start\n");
+	
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "PolicyID", sizeof("PolicyID")))
+			continue;
+
+		if (r->parsed_PolicyID) {
+			EMSG_XML("multiple /RolePolicyDefinition/Role/PolicyID is defined for the role");
+			return EINVAL;
+		}
+
+		attr = xmlGetProp(c_node, "id");
+		
+		if (!attr) {
+			EMSG_XML("type in /RolePolicyDefinition/Role/PolicyID is not defined");
+			return EINVAL;
+		}
+		
+		len = strlen(attr);
+		if (len >= XR_MAX_LENGTH_OF_PolicyID) {
+			EMSG_XML("name in /RolePolicyDefinition/PolidyID is long");
+			xmlFree(attr);
+			return EINVAL;
+		}
+		r->parsed_PolicyID = 1;
+
+		strcpy(r->policyID, (char *) attr);
+		
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+searchManageVM(role *r, xmlNodePtr node)
+{
+        xmlNodePtr c_node;
+	xmlChar *attr;
+
+	int rc;
+	
+	DMSG("%S(%d) %S\n",__func__,__LINE__,"searchManagerVM start\n");
+	
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "ManageVM", sizeof("ManageVM")))
+			continue;
+
+		if (r->parsed_ManageVM) {
+			EMSG_XML("multiple /RolePolicyDefinition/Role/ManageVMs are defined for the role");
+			return EINVAL;
+		}
+
+		attr = xmlGetProp(c_node, "type");
+		
+		if (!attr) {
+			EMSG_XML("type in /RolePolicyDefinition/Role/ManageVM is not defined");
+			return EINVAL;
+		}
+
+		if (!strncmp(attr, "individual", sizeof("individual"))) {
+
+			r->managementVMType = XR_VMTYPE_INDIVIDUAL;
+
+			if ((rc = searchVM(r, c_node->children))) {
+				xmlFree(attr);
+				return rc;
+			}
+
+		} else if (!strncmp(attr, "whole", sizeof("whole"))) {
+		        
+			r->managementVMType = XR_VMTYPE_WHOLE;
+		        
+		} else {
+
+			EMSG_XML("type in /RolePolicyDefinition/Role/ManageVM is wrong");
+			xmlFree(attr);
+			return EINVAL;
+		}
+		
+		r->parsed_ManageVM = 1;
+
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+searchVM(role *r, xmlNodePtr node)
+{
+	xmlNodePtr c_node;
+	xmlChar *attr;
+
+	int rc;
+	size_t len;
+
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "VM", sizeof("VM")))
+			continue;
+
+		attr = xmlGetProp(c_node, "name");
+		if (!attr) {
+			EMSG_XML("name in /RolePolicyDefinition/Role/ManageVM/VM is not defined");
+			return EINVAL;
+		}
+
+		len = strlen(attr);
+		if (len >= XR_MAX_LENGTH_OF_DOMNAME) {
+			EMSG_XML("name in /RolePolicyDefinition/Role/ManageVM/VM is long");
+			xmlFree(attr);
+			return EINVAL;
+		}
+
+		if ((rc = makeStructDomname(r, attr))) {
+			xmlFree(attr);
+			return rc;
+		}
+
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+makeStructDomname(role *r, xmlChar *attr)
+{
+	domname *dn;
+
+	DMSG(FUNC, "management domain name = %s\n", attr);
+
+	for (dn = r->managementVMList; dn; dn = dn->next) {
+		if (!strcmp(dn->value, (char *) attr)) {
+			EMSG_XML("same domain name is defined for the role");
+			return EINVAL;
+		}
+	}
+
+	if (r->domname_c >= XR_NR_DOMNAME_LISTS) {
+		EMSG_XML("too many /RolePolicyDefinition/Role/ManageVM/VM");
+		return EINVAL;
+	}
+
+	if (!(dn = new_domname()))
+		return ENOMEM;
+
+	strcpy(dn->value, (char *) attr);
+	append_domname(r, dn);
+
+	return 0;
+}
+
+static int
+searchControlOperation(role *r, xmlNodePtr node)
+{
+	xmlNodePtr c_node;
+
+	int rc;
+
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "ControlOperation", sizeof("ControlOperation")))
+			continue;
+
+		if (r->parsed_ControlOpe) {
+			EMSG_XML("multiple /RolePolicyDefinition/Role/ControlOperations are defined for the role");
+			return EINVAL;
+		}
+
+		if ((rc = searchAccept(r, c_node->children)))
+			return rc;
+
+		r->parsed_ControlOpe = 1;
+	}
+
+	return 0;
+}
+
+static int
+searchAccept(role* r, xmlNodePtr node)
+{
+	xmlNodePtr c_node;
+
+	int rc;
+
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "Accept", sizeof("Accept")))
+			continue;
+
+		if (r->parsed_Accept) {
+			EMSG_XML("multiple /RolePolicyDefinition/Role/ControlOperation/Accepts are defined for the role");
+			return EINVAL;
+		}
+
+		if ((rc = searchOperation(r, c_node->children)))
+			return rc;
+
+		r->parsed_Accept = 1;
+	}
+
+	return 0;
+}
+
+static int
+searchOperation(role* r, xmlNodePtr node)
+{
+	xmlNodePtr c_node;
+	xmlChar *attr;
+
+	int rc;
+	long int long_id;
+
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "operation", sizeof("operation")))
+			continue;
+
+		attr = xmlGetProp(c_node, "id");
+		if (!attr) {
+			EMSG_XML("id in /RolePolicyDefinition/Role/ControlOperation/Accept/operation is not defined");
+			return EINVAL;
+		}
+
+		errno = 0;
+		long_id = strtol((char *) attr, NULL, 10);
+		if (errno) {
+			EMSG_XML("id in /RolePolicyDefinition/Role/ControlOperation/Accept/operation is invalid");
+			xmlFree(attr);
+			return errno;
+		}
+
+		if (long_id < 0 ||
+		    long_id > XR_MAX_OPEID) {
+			EMSG_XML("id in /RolePolicyDefinition/Role/ControlOperation/Accept/operation is invalid");
+			xmlFree(attr);
+			return errno;
+		}
+
+		if ((rc = makeStructOpeid(r, (int) long_id))) {
+			xmlFree(attr);
+			return rc;
+		}
+
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+makeStructOpeid(role *r, int opeid)
+{
+	opeid_data *opd;
+	
+	DMSG(FUNC, "id = %d\n", opeid);
+	/*
+	for (opd = r->acceptOperationList; opd; opd = opd->next) {
+		if (opd->value == opeid) {
+			EMSG_XML("same operation id is defined for the role");
+			return EINVAL;
+		}
+	}
+	*/
+
+	if (r->opeid_c >= XR_NR_OPEID_LISTS) {
+		EMSG_XML("too many /RolePolicyDefinition/Role/ControlOperation/Accept/operation");
+		return EINVAL;
+	}
+
+	if (!(opd = new_opeid_data()))
+		return ENOMEM;
+
+	opd->value = opeid;
+	append_opeid_data(r, opd);
+
+	return 0;
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 rolePolicyDefinition.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rolePolicyDefinition.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,27 @@
+/*
+  Copyright (C) 200 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __ROLE_POLICY_DEFINITION_H__
+#define __ROLE_POLICY_DEFINITION_H__ 
+
+#include "userinfo.h"
+
+int readRolePolicyDefinition(userInfo *ui);
+
+#endif /*__ROLE_POLICY_DEFINITION_H__ */
diff -r a4c4b2407117 -r d864c312eae4 role_list.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/role_list.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,152 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*
+/
+#include <stdlib.h>
+#include <string.h>
+#include "userinfo.h"
+#include "role_list.h"
+#include "xr_log.h"
+
+static void
+init_role(role *r)
+{
+	strcpy(r->roleName, "");
+	r->managementVMType = XR_VMTYPE_UNKNOWN;
+	r->acceptOperationList = NULL;
+	r->opeid_c = 0;
+	strcpy(r->policyID, "");
+	r->managementVMList = NULL;
+	r->domname_c = 0;
+	r->next = NULL;
+	r->parsed_Role = 0;
+	r->parsed_PolicyID = 0;
+	r->parsed_ManageVM = 0;
+	r->parsed_ControlOpe = 0;
+	r->parsed_Accept = 0;
+}
+
+role*
+new_role(void)
+{
+	role *r;
+
+	DMSG(FUNC, "start\n");
+
+	r = (role *) malloc(sizeof(struct _role));
+	if (!r) {
+		EMSG("out of memory for role\n");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate role: %p\n", r);
+
+	r->roleName = (char *) malloc(XR_MAX_LENGTH_OF_ROLENAME * sizeof(char));
+	if (!r->roleName) {
+		free(r);
+		EMSG("out of memory for roleName\n");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate roleName: %p\n", r->roleName);
+
+	r->policyID = (char *) malloc(XR_MAX_LENGTH_OF_PolicyID * sizeof(char));
+	if (!r->policyID) {
+		free(r);
+		EMSG("out of memory for policyID\n");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate policyID: %p\n", r->policyID);
+	
+	init_role(r);
+        return r;
+}
+
+static void
+free_role(role *r)
+{
+	DMSG(FUNC, "start\n");
+
+	if (!r)
+		return;
+	
+	if (r->roleName) {
+		DMSG(FUNC, "free roleName: %p\n", r->roleName);
+		free(r->roleName);
+	}
+	if (r->policyID) {
+		DMSG(FUNC, "free policyID: %p\n", r->policyID);
+		free(r->policyID);
+	}
+	if (r->acceptOperationList)
+		free_opeid_data_list(r);
+	if (r->managementVMList)
+		free_domname_list(r);
+
+	DMSG(FUNC, "free role: %p\n", r);
+	free(r);
+}
+
+void
+free_role_list(userInfo *ui)
+{
+	role *r = ui->roleList;
+	role *r_next;
+
+	DMSG(FUNC, "start\n");
+
+	while (r) {
+		r_next = r->next;
+		free_role(r);
+		r = r_next;
+	}
+}
+
+void
+append_role(userInfo *ui, role *r)
+{
+	DMSG(FUNC, "start\n");
+
+	r->next = ui->roleList;
+	ui->roleList = r;
+
+	ui->role_c++;
+}
+
+void
+show_role_list(userInfo *ui)
+{
+	role *r = ui->roleList;
+	
+	while (r) {
+		DMSG(" role               : %p\n", r);
+		DMSG(" roleName           : %s\n", r->roleName);
+		DMSG(" policyID           : %s\n", r->policyID);
+		DMSG(" managementVMType   : %d\n", r->managementVMType);
+		DMSG(" next               : %p\n", r->next);
+		DMSG(" opeid_c            : %d\n", r->opeid_c);
+		show_opeid_data_list(r);
+		DMSG(" domname_c          : %d\n", r->domname_c);
+		show_domname_list(r);
+		r = r->next;
+	}
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 role_list.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/role_list.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,68 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+
+#ifndef __ROLE_LIST_H__
+#define __ROLE_LIST_H__
+
+#include "opeid_list.h"
+#include "domname_list.h"
+
+#define XR_NR_DOMNAME_LISTS 1000
+#define XR_NR_OPEID_LISTS   1000
+
+#define XR_MAX_LENGTH_OF_ROLENAME 100
+#define XR_MAX_LENGTH_OF_PolicyID 37
+
+enum manageVMType {
+	XR_VMTYPE_UNKNOWN = 0,
+	XR_VMTYPE_WHOLE = 1,
+	XR_VMTYPE_INDIVIDUAL = 2
+};
+
+typedef struct _role role;
+struct _role {
+	char *roleName;
+	char *policyID;
+	enum manageVMType managementVMType;
+	opeid_data *acceptOperationList;
+	int opeid_c;
+	domname *managementVMList;
+	int domname_c;
+	struct _role *next;
+	int parsed_Role;
+	int parsed_PolicyID;
+	int parsed_ManageVM;
+	int parsed_ControlOpe;
+	int parsed_Accept;
+};
+struct _userInfo;
+
+role *new_role(void);
+void free_role_list(struct _userInfo *ui);
+void append_role(struct _userInfo *ui, role *r);
+void show_role_list(struct _userInfo *ui);
+
+#endif /* __ROLE_LIST_H */
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 rsyslog.conf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rsyslog.conf	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,47 @@
+# Log all kernel messages to the console.
+# Logging much else clutters up the screen.
+#kern.*                                                 /dev/console
+
+# Log anything (except mail) of level info or higher.
+# Don't log private authentication messages!
+
+*.info;mail.none;authpriv.none;cron.none                /var/log/messages
+
+# The authpriv file has restricted access.
+authpriv.*                                              /var/log/secure
+
+# Log all the mail messages in one place.
+mail.*                                                  -/var/log/maillog
+
+# Log cron stuff
+cron.*                                                  /var/log/cron
+
+# Everybody gets emergency messages
+*.emerg                                                 *
+
+# Save news errors of level crit and higher in a special file.
+uucp,news.crit                                          /var/log/spooler
+
+# Save boot messages also to boot.log
+local7.*                                                /var/log/boot.log
+
+#################################################
+# For  Xen-RBAC 2008/06/27
+#################################################
+$umask 0000
+$CreateDirs on
+$RepeatedMsgReduction off
+
+$template templateXenRBAC,"%msg%\n"
+$template fileNameXenRBAC, "/var/log/xen-audit/audit-xen-rbac.log"
+
+$DirOwner root
+$DirGroup log-admin
+$DirCreateMode 0750
+
+$FileOwner root
+$FileGroup log-admin
+$FileCreateMode 0640
+
+:syslogtag,isequal,"xenrbac"
+auth.info ?fileNameXenRBAC;templateXenRBAC
diff -r a4c4b2407117 -r d864c312eae4 userConfiguration.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/userConfiguration.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,248 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <string.h>
+#include <errno.h>
+#include <libxml/parser.h>
+#include <libxml/tree.h>
+#include <libxml/xpath.h>
+#include "userinfo.h"
+#include "role_list.h"
+#include "xr.h"
+#include "xr_log.h"
+
+static int searchUser(userInfo *ui, xmlNodePtr node);
+static int searchUserRole(userInfo *ui, xmlNodePtr node);
+static int makeStructRole(userInfo *ui, xmlChar *attr);
+static xmlNodePtr getXPathNode(const char *xpath, xmlXPathContextPtr ctxt);
+
+#define EMSG_XML(_a...) \
+	do { \
+		EMSG("%s parsing failed. (%s)\n", USER_CONFIG_FILENAME, _a); \
+	} while (0)
+
+int
+readUserConfiguration(userInfo *ui)
+{
+	xmlDoc *doc = NULL;
+	xmlXPathContextPtr ctxt = NULL;
+	xmlNodePtr node = NULL;
+
+	int rc = 0;
+	char fileName[strlen(XENRBAC_POLICY_PATHNAME) + strlen(USER_CONFIG_FILENAME) + 1];
+
+	strcpy(fileName, XENRBAC_POLICY_PATHNAME);
+	strcat(fileName, USER_CONFIG_FILENAME);
+
+	doc = xmlReadFile(fileName, NULL, XML_PARSE_NOBLANKS);
+	if (!doc) {
+		EMSG("%s reading or parsing failed (%m)\n",
+		     USER_CONFIG_FILENAME);
+		rc = errno;
+		goto error;
+	}
+
+	ctxt = xmlXPathNewContext(doc);
+	if (!ctxt) {
+		EMSG_XML("ctxt is NULL");
+		rc = EINVAL;
+		goto error;
+	}
+
+	node = getXPathNode("/UserConfiguration/User", ctxt);
+	if (!node) {
+		EMSG_XML("/UserConfiguration/User is not defined");
+		rc = EINVAL;
+		goto error;
+	}
+
+	if (!(rc = searchUser(ui, node)))
+		goto cleanup;
+
+error:
+	DMSG(FUNC, "error in readUserConfiguration\n");
+
+cleanup:
+	DMSG(FUNC, "cleanup in readUserConfiguration\n");
+	//free the document
+	/*
+	 *Free the global variables that may
+	 *have been allocated by the parser.
+	 */
+	xmlCleanupParser();
+	
+	if (ctxt)
+		xmlXPathFreeContext(ctxt);
+	if (doc)
+		xmlFreeDoc(doc);
+
+	return rc;
+}
+
+static xmlNodePtr
+getXPathNode(const char *xpath, xmlXPathContextPtr ctxt)
+{
+	xmlXPathObjectPtr obj = NULL;
+	xmlNodePtr ret = NULL;
+
+	if ((ctxt == NULL) || (xpath == NULL))
+		return NULL;
+
+	obj = xmlXPathEval(BAD_CAST xpath, ctxt);
+	if ((obj == NULL) ||
+	    (obj->type != XPATH_NODESET) ||
+	    (obj->nodesetval == NULL) ||
+	    (obj->nodesetval->nodeNr <= 0) ||
+	    (obj->nodesetval->nodeTab == NULL)) {
+		xmlXPathFreeObject(obj);
+		return NULL;
+	}
+
+	ret = obj->nodesetval->nodeTab[0];
+	xmlXPathFreeObject(obj);
+
+	return ret;
+}
+
+static int
+searchUser(userInfo *ui, xmlNodePtr node)
+{
+	xmlNodePtr c_node;
+	xmlChar *attr;
+
+	int rc;
+	size_t len;
+
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "User", sizeof("User")))
+			continue;
+
+		attr = xmlGetProp(c_node, "name");
+		if (!attr) {
+			EMSG_XML("name in /UserConfiguration/User is not defined");
+			return EINVAL;
+		}
+
+		len = strlen((char *) attr);
+		if (len >= XR_MAX_LENGTH_OF_USERNAME) {
+			EMSG_XML("name in /UserConfiguration/User is long");
+			xmlFree(attr);
+			return EINVAL;
+		}
+
+		if (strncmp((char *) attr, ui->userName, XR_MAX_LENGTH_OF_USERNAME)) {
+			xmlFree(attr);
+			continue;
+		}
+
+		if (ui->parsed_User) {
+			EMSG("multiple /UserConfiguration/Users are defined for the user");
+			xmlFree(attr);
+			return EINVAL;
+		}
+
+		if ((rc = searchUserRole(ui, c_node->children))) {
+			xmlFree(attr);
+			return rc;
+		}
+
+		ui->parsed_User = 1;
+
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+searchUserRole(userInfo *ui, xmlNodePtr node)
+{
+	xmlNodePtr c_node;
+	xmlChar *attr;
+
+	int rc;
+	size_t len;
+
+	for (c_node = node; c_node; c_node = c_node->next) {
+		if (c_node->type != XML_ELEMENT_NODE)
+			continue;
+
+		if (strncmp(c_node->name, "UserRole", sizeof("UserRole")))
+			continue;
+
+		attr = xmlGetProp(c_node, "role");
+		if (!attr) {
+			EMSG_XML("role in /UserConfiguration/User/UserRole is not defined");
+			return EINVAL;
+		}
+
+		len = strlen((char *) attr);
+		if (len >= XR_MAX_LENGTH_OF_ROLENAME) {
+			EMSG_XML("role in /UserConfiguration/User/UserRole is long");
+			xmlFree(attr);
+			return EINVAL;
+		}
+
+		if ((rc = makeStructRole(ui, attr))) {
+			xmlFree(attr);
+			return rc;
+		}
+
+		xmlFree(attr);
+	}
+
+	return 0;
+}
+
+static int
+makeStructRole(userInfo *ui, xmlChar *attr)
+{
+	role *r;
+
+	DMSG(FUNC, "role = %s\n", (char *) attr);
+
+	for (r = ui->roleList; r; r = r->next) {
+		if (!strcmp(r->roleName, (char *) attr)) {
+			EMSG_XML("same role is defined for the user");
+			return EINVAL;
+		}
+	}
+
+	if (ui->role_c >= XR_NR_ROLE_LISTS) {
+		EMSG_XML("too many /UserConfiguration/User/UserRole for the user");
+		return EINVAL;
+	}
+
+	if (!(r = new_role()))
+		return ENOMEM;
+
+	strcpy(r->roleName, (char *) attr);
+	append_role(ui, r);
+
+	return 0;
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 userConfiguration.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/userConfiguration.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,33 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __USER_CONFIGULATION_H_
+#define __USER_CONFIGULATION_H_
+
+#include "userinfo.h"
+
+int readUserConfiguration(userInfo *userInfo);
+
+#endif
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 userinfo.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/userinfo.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,79 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <stdlib.h>
+#include <string.h>
+#include "userinfo.h"
+#include "xr_log.h"
+
+static void
+init_UserInfo(userInfo* ui)
+{
+	strcpy(ui->userName, "\n");
+	ui->roleList = NULL;
+	ui->role_c = 0;
+	ui->parsed_User = 0;
+}
+
+userInfo*
+new_UserInfo(void)
+{
+	userInfo *ui;
+
+	DMSG(FUNC, "start\n");
+
+	ui = (userInfo *) malloc(sizeof(struct _userInfo));
+	if (!ui) {
+		EMSG("out of memory for userInfo\n");
+		return NULL;
+	}
+	DMSG(FUNC, "allocate userInfo: %p\n", ui);
+
+	init_UserInfo(ui);
+	return ui;
+}
+
+void
+free_UserInfo(userInfo *ui)
+{
+	DMSG(FUNC, "start\n");
+
+	if (!ui) {
+		if (!ui->roleList)
+			free_role_list(ui);
+
+		DMSG(FUNC, "free userInfo: %p\n", ui);
+		free(ui);
+	}
+}
+
+void
+show_UserInfo(userInfo *ui)
+{
+	DMSG("userInfo            : %p", ui);
+	DMSG(" user               : %s", ui->userName);
+	DMSG(" role_c             : %d", ui->role_c);
+	show_role_list(ui);
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 userinfo.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/userinfo.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,46 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __USERINFO_H__
+#define __USERINFO_H__
+
+#include "role_list.h"
+
+#define XR_MAX_LENGTH_OF_USERNAME  32
+#define XR_NR_ROLE_LISTS 1000
+
+typedef struct _userInfo userInfo;
+struct _userInfo {
+	char userName[XR_MAX_LENGTH_OF_USERNAME];
+	struct _role *roleList;
+	int role_c;
+	int parsed_User;
+};
+
+userInfo *new_UserInfo(void);
+void free_UserInfo(userInfo *ui);
+void show_UserInfo(userInfo *ui);
+
+#endif /*__USERINFO_H__*/
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 xenrbac.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xenrbac.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,325 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <time.h>
+#include <errno.h>
+#include "userinfo.h"
+#include "role_list.h"
+#include "domname_list.h"
+#include "opeid_list.h"
+#include "rolePolicyDefinition.h"
+#include "userConfiguration.h"
+#include "xenrbac.h"
+#include "xr.h"
+#include "xr_log.h"
+
+static void
+getTime(char *outstr, int size){
+
+	time_t t;
+	struct tm *tmp;
+	char *format = "%FT%T%z";
+	
+	t = time(NULL);
+	tmp = localtime(&t);
+	if (tmp == NULL) {
+		perror("localtime\n");
+		outstr = NULL;  }
+
+	if (strftime(outstr, size, format, tmp) == 0) {
+		fprintf(stderr, "strftime returned 0\n");
+		outstr = NULL;  }
+}
+
+static void
+outputlog(char *user, char *arguments, char *judgedMsg, char *policyID, char *message){
+
+	char time[40];
+	char *host   = getenv("HOSTNAME");
+	char *compo  = "xen-rbac";
+	char *action = "Execute";
+ 
+	if (!host)
+		host = "";
+	getTime(time, sizeof(time));
+	
+	if (!message) {
+		AUDITMSG("\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"\n",
+			 time,
+			 user,
+			 host,
+			 arguments,
+			 action,
+			 judgedMsg,
+			 policyID,
+			 compo
+			 );
+	} else {
+		AUDITMSG("\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"\n",
+			 time,
+			 user,
+			 host,
+			 arguments,
+			 action,
+			 judgedMsg,
+			 policyID,
+			 compo,
+			 message
+			 );
+
+	}
+}
+
+static int
+searchOperationID(int opeid, role *r)
+{
+	opeid_data *opd;
+
+	for (opd = r->acceptOperationList; opd; opd = opd->next) {
+		if (opd->value == opeid)
+			return XR_ACCEPT;
+	}
+
+	return XR_DENY;
+}
+
+static int
+searchManagementVM(char *domainname, role *r)
+{
+	domname *dn = NULL;
+	
+	for (dn = r->managementVMList; dn; dn = dn->next) 
+		if (domainname &&
+		    !strcmp(dn->value, domainname))
+			return XR_ACCEPT;
+	
+	return XR_DENY;
+}
+
+int
+check_args_username(char *un)
+{
+	size_t len_un;
+
+	if (!un) {
+		EMSG("username is NULL\n");
+		return EINVAL;
+	}
+
+	len_un = strlen(un);
+	if (len_un == 0) {
+		EMSG("username is none\n");
+		return EINVAL;
+	}
+	if (len_un >= XR_MAX_LENGTH_OF_USERNAME) {
+		EMSG("username is long\n");
+		return EINVAL;
+	}
+
+	return 0;
+}
+
+int
+check_args_opeid(int op)
+{
+	if (op < XR_MIN_OPEID) {
+		EMSG("opeid is out of range\n");
+		return EINVAL;
+	}
+
+	return 0;
+}
+
+int
+check_args_domainname(char *dn)
+{
+	size_t len_dn;
+
+	if (!dn)
+		return 0;
+
+	len_dn = strlen(dn);
+	/*
+	if (len_dn == 0) {
+		EMSG("domainname is none\n");
+		return EINVAL;
+		}*/
+	if (len_dn >= XR_MAX_LENGTH_OF_DOMNAME) {
+		EMSG("domainname is long\n");
+		return EINVAL;
+	}
+
+	return 0;
+}
+
+int
+check_args_flag_all(int f)
+{
+	if (f != XR_ALL &&
+	    f != XR_ANY) {
+		EMSG("flag_all is invalid\n");
+		return EINVAL;
+	}
+
+	return 0;
+}
+
+int
+check_args(char *username, int opeid, char *domainname, int flag_all)
+{
+	int rc;
+
+	if ((rc = check_args_username(username)))
+		return rc;
+   	if ((rc = check_args_opeid(opeid)))
+		return rc;
+	if ((rc = check_args_domainname(domainname)))
+		return rc;
+	if ((rc = check_args_flag_all(flag_all)))
+		return rc;
+
+	return 0;
+}
+
+int
+xr_judge(char *username, int opeid, char *domainname, int flag_all)
+{
+	int rc = XR_ACCEPT;
+
+	userInfo *ui = NULL;
+	role *r = NULL;
+	char arg[100];
+	char message[100];
+	
+	init_xenrbac_log();
+	
+	if ((rc = check_args(username, opeid, domainname, flag_all)))
+		goto error;
+	
+	if (domainname)
+		sprintf(arg, "OperationID:%d;Flag:%d;VMName:%s", opeid, flag_all, domainname);
+	else
+		sprintf(arg, "OperationID:%d;Flag:%d;VMName:%s", opeid, flag_all, "");
+	
+	if (!(ui = new_UserInfo())) {
+		rc = ENOMEM;
+		goto error;
+	}
+	strncpy(ui->userName, username, XR_MAX_LENGTH_OF_USERNAME);
+	
+	if ((rc = readUserConfiguration(ui)))
+		goto error;
+	show_UserInfo(ui);
+	
+	if ((rc = readRolePolicyDefinition(ui)))
+		goto error;
+	show_UserInfo(ui);
+	
+	//When user don't have role
+	if (!(r = ui->roleList)) {
+		outputlog(username, arg, "deny", "", "role is none");
+		goto access_deny;
+	}
+	
+	if (flag_all) {
+		for (r = ui->roleList; r ; r = r->next) {
+			if (r->managementVMType != XR_VMTYPE_WHOLE) {
+				sprintf(message, "ManagementVMType:whole is not found in role");
+				outputlog(username, arg, "deny", r->policyID, message);
+				continue;
+			}
+			if (searchOperationID(opeid, r) == XR_ACCEPT) {
+				goto access_accept;
+			} else {
+				sprintf(message, "OperationID:%d is not found in role", opeid);
+				outputlog(username, arg, "deny", r->policyID, message);
+			}
+		}
+		
+		goto access_deny;
+	}
+	
+	for (r = ui->roleList; r ; r = r->next) {
+		if (r->managementVMType == XR_VMTYPE_INDIVIDUAL) {
+			if(searchManagementVM(domainname, r) == XR_DENY) {
+				sprintf(message, "ManagementVM:%s is not found in role", domainname);
+				outputlog(username, arg, "deny", r->policyID, message);
+				continue;
+			}
+			if (searchOperationID(opeid, r) == XR_ACCEPT) {
+				goto access_accept;
+			} else {
+				sprintf(message, "OperationID:%d is not found in role", opeid);
+				outputlog(username, arg, "deny", r->policyID, message);
+				continue;
+			}
+		} else if (r->managementVMType == XR_VMTYPE_WHOLE) {
+			if (searchOperationID(opeid, r) == XR_ACCEPT) {
+				goto access_accept;
+			} else {
+				sprintf(message, "OperationID:%d is not found in role", opeid);
+				outputlog(username, arg, "deny", r->policyID, message);
+				continue;
+			}
+		}	
+	}
+	
+	goto access_deny;
+
+error:
+	DMSG("error error_no = %d\n", rc);
+	
+	if (rc == XR_ACCEPT) {
+		EMSG("return code is not set");
+		rc = XR_DENY;
+	}
+	goto cleanup;
+
+access_deny:
+	DMSG("judged result is DENY\n");
+	
+	rc = XR_DENY;
+	goto cleanup;
+
+access_accept:
+	DMSG("judged result is ACCEPT\n");
+	outputlog(username, arg, "allow", r->policyID, NULL);
+	
+	rc = XR_ACCEPT;
+	goto cleanup;
+
+cleanup:
+	DMSG("%s(%d) : %s", __func__, __LINE__,  "cleannup\n");
+	
+	if (ui)
+		free_UserInfo(ui);
+	
+	end_xenrbac_log();
+	
+	return rc;
+}
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 xenrbac.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xenrbac.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,39 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __XENRBAC_H__
+#define __XENRBAC_H__
+
+#include <errno.h>
+
+int xr_judge(char *username, int opeid, char *domainname, int flag_all);
+
+#define XR_ANY 0
+#define XR_ALL 1
+
+#define XR_ACCEPT 0
+#define XR_DENY   EPERM
+
+#endif /*__XENRBAC_H__*/
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 xr.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xr.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,39 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __XR_H__
+#define __XR_H__
+
+#define XENRBAC_POLICY_PATHNAME     "/etc/xen/role/"
+#define USER_CONFIG_FILENAME        "user_define.xml"
+#define ROLE_POLICY_FILENAME        "role_define.xml"
+
+#define XR_OPEID_COMMAND_INVALID -1
+#define XR_OPEID_COMMAND_XM       0
+#define XR_MIN_OPEID             -1
+#define XR_MAX_OPEID             83
+#define XR_NR_OPEIDS             84
+
+#endif /*__XR_H__*/
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 xr_log.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xr_log.c	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,48 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#include <stdlib.h>
+#include <syslog.h>
+#include "xr.h"
+#include "xr_log.h"
+
+int XENRBAC_DEBUG = 0;
+
+void
+init_xenrbac_log(void)
+{
+	openlog("xenrbac", LOG_PID, LOG_AUTHPRIV);
+
+	if (getenv("XENRBAC_DEBUG")) {
+		XENRBAC_DEBUG = 1;
+		DMSG("start with debug mode\n");
+	}
+}
+
+void
+end_xenrbac_log(void)
+{
+	closelog();
+}
+/*
+ * Local variables: 
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */
diff -r a4c4b2407117 -r d864c312eae4 xr_log.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xr_log.h	Fri Jan 23 04:39:58 2009 +0900
@@ -0,0 +1,60 @@
+/*
+  Copyright (C) 2008 Fujitsu Limited.
+  
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free  Software Foundation; either version 2 of the License, or
+  (at your option)  any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+  MA 02110-1301 USA.
+*/
+
+#ifndef __XR_LOG_H__
+#define __XR_LOG_H__
+
+#include <syslog.h>
+
+extern int XENRBAC_DEBUG;
+
+void init_xenrbac_log(void);
+void end_xenrbac_log(void);
+
+#define FUNC "%s: ", __func__
+#define LINE "%s: ", __LINE__
+
+#define AUDITMSG(_a...) \
+	do { \
+		syslog(LOG_AUTH|LOG_INFO, _a); \
+	} while (0)
+
+#define EMSG(_a...) \
+	do { \
+		syslog(LOG_AUTHPRIV|LOG_ERR, _a); \
+	} while (0)
+
+#define IMSG(_a...) \
+	do { \
+		syslog(LOG_AUTHPRIV|LOG_INFO, _a); \
+	} while (0)
+
+#define DMSG(_a...) \
+	do { \
+		if (XENRBAC_DEBUG) \
+			syslog(LOG_AUTHPRIV|LOG_INFO, _a); \
+	} while (0)
+
+#endif /*__XR_LOG_H__*/
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]