CR 7121230 Rad unix transport paths should be created under /system/volatile/rad/
--- a/usr/src/cmd/rad/daemon/rad-test.xml Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/rad/daemon/rad-test.xml Thu Feb 02 11:25:01 2012 -0500
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
- Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
CDDL HEADER START
@@ -61,14 +61,14 @@
<property_group name='local_port' type='xport_unix'>
<propval name='proto' type='astring' value='rad' />
<propval name='path' type='astring'
- value='/var/run/test-radsocket' />
+ value='/system/volatile/rad/test-radsocket' />
<propval name='peercred' type='boolean' value='true' />
</property_group>
<property_group name='local_port_unauth' type='xport_unix'>
<propval name='proto' type='astring' value='rad' />
<propval name='path' type='astring'
- value='/var/run/test-radsocket-unauth' />
+ value='/system/volatile/rad/test-radsocket-unauth' />
<propval name='peercred' type='boolean' value='false' />
</property_group>
--- a/usr/src/cmd/rad/daemon/rad.xml Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/rad/daemon/rad.xml Thu Feb 02 11:25:01 2012 -0500
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
- Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
CDDL HEADER START
@@ -86,14 +86,14 @@
<property_group name='local_port' type='xport_unix'>
<propval name='proto' type='astring' value='rad' />
<propval name='path' type='astring'
- value='/var/run/radsocket' />
+ value='/system/volatile/rad/radsocket' />
<propval name='peercred' type='boolean' value='true' />
</property_group>
<property_group name='local_port_unauth' type='xport_unix'>
<propval name='proto' type='astring' value='rad' />
<propval name='path' type='astring'
- value='/var/run/radsocket-unauth' />
+ value='/system/volatile/rad/radsocket-unauth' />
<propval name='peercred' type='boolean' value='false' />
</property_group>
</instance>
--- a/usr/src/cmd/rad/daemon/rad_modapi.h Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/rad/daemon/rad_modapi.h Thu Feb 02 11:25:01 2012 -0500
@@ -20,13 +20,14 @@
*/
/*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
*/
#ifndef _RAD_MODAPI_H
#define _RAD_MODAPI_H
#include <pthread.h>
+#include <paths.h>
#include <rad/adr.h>
#include <rad/adr_name.h>
#include <rad/adr_object.h>
@@ -81,7 +82,7 @@
*/
typedef struct rad_container rad_container_t; /* An object namespace */
-typedef struct rad_object rad_object_t; /* An implementation of an API */
+typedef struct rad_object rad_object_t; /* An implementation of an API */
typedef struct rad_instance rad_instance_t; /* An instance of an API impl. */
typedef conerr_t (attr_write_f)(rad_instance_t *, adr_attribute_t *,
@@ -237,6 +238,17 @@
extern boolean_t rad_isproxy;
extern rad_container_t *rad_container;
+/*
+ * Directory for temporary rad files
+ */
+#define RAD_TMPDIR _PATH_SYSVOL "/rad"
+
+/*
+ * Default path for AF_UNIX sockets
+ */
+#define RAD_PATH_AFUNIX_AUTH RAD_TMPDIR "/radsocket"
+#define RAD_PATH_AFUNIX_UNAUTH RAD_TMPDIR "/radsocket-unauth"
+
#ifdef __cplusplus
}
#endif
--- a/usr/src/cmd/rad/daemon/radctl.py Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/rad/daemon/radctl.py Thu Feb 02 11:25:01 2012 -0500
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
#
import sys
@@ -30,6 +30,11 @@
import rad.util as util
import rad.adaptor as adapt
+#
+# Path for AF_UNIX control socket
+#
+_RAD_PATH_CTL = "/system/volatile/rad/radcontrol"
+
def usage():
sys.stderr.write('Usage: radctl [ refresh | shutdown ]\n')
sys.exit(2)
@@ -48,7 +53,7 @@
try:
name = client.Name("org.opensolaris.os.rad",
[("type", "control")])
- rc = util.connect_local("/var/run/radcontrol")
+ rc = util.connect_local(_RAD_PATH_CTL)
obj = adapt.RawAdaptor(rc.get_object(name))
except IOError:
sys.stderr.write('failed to communicate to server\n')
--- a/usr/src/cmd/rad/mod/xport_unix/mod_xport_unix.c Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/rad/mod/xport_unix/mod_xport_unix.c Thu Feb 02 11:25:01 2012 -0500
@@ -20,11 +20,12 @@
*/
/*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
*/
#include <sys/types.h>
#include <sys/socket.h>
+#include <sys/stat.h>
#include <bsm/adt_event.h>
#include <stdio.h>
#include <string.h>
@@ -64,11 +65,48 @@
}
static int
+create_tmpdir(const char *name)
+{
+ int retval = 0;
+ struct stat st;
+ mode_t um;
+
+ int i = strncmp(name, RAD_TMPDIR "/", strlen(RAD_TMPDIR "/"));
+
+ if (i == 0) { /* Default path specified */
+ if (stat(RAD_TMPDIR, &st) == 0) {
+ if (!S_ISDIR(st.st_mode)) {
+ rad_log(RL_ERROR, "file '%s' exists.",
+ RAD_TMPDIR);
+ retval = -1;
+ }
+ } else if (errno == ENOENT) { /* Create it */
+ um = umask(0);
+ i = mkdir(RAD_TMPDIR, S_IRWXU | S_IRWXG | S_IRWXO);
+ umask(um);
+ if (i != 0) {
+ rad_log(RL_ERROR, "error creating '%s': %s."
+ RAD_TMPDIR, strerror(errno));
+ retval = -1;
+ }
+ } else {
+ rad_log(RL_ERROR, "error creating '%s': %s."
+ RAD_TMPDIR, strerror(errno));
+ retval = -1;
+ }
+ }
+ return (retval);
+}
+
+static int
listen_on_name(const char *name)
{
int fd;
struct sockaddr_un addr;
+ if (create_tmpdir(name) != 0)
+ return (-1);
+
if (unlink(name) == -1 && errno != ENOENT) {
rad_log(RL_ERROR, "unlink of '%s' failed: %s", name,
strerror(errno));
--- a/usr/src/cmd/radcli/radcli.c Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/radcli/radcli.c Thu Feb 02 11:25:01 2012 -0500
@@ -20,7 +20,7 @@
*/
/*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
*/
#include <sys/types.h>
@@ -32,6 +32,7 @@
#include <stdlib.h>
#include <pthread.h>
+#include <rad/rad_modapi.h>
#include <rad/radclient.h>
#include <rad/adr.h>
@@ -150,9 +151,9 @@
else if (argc > 1 && strcmp(argv[1], "-p") == 0)
fd = slave_connect_pipe();
else if (argc > 1 && strcmp(argv[1], "-u") == 0)
- fd = afunix_connect("/var/run/radsocket-unauth");
+ fd = afunix_connect(RAD_PATH_AFUNIX_UNAUTH);
else
- fd = afunix_connect("/var/run/radsocket");
+ fd = afunix_connect(RAD_PATH_AFUNIX_AUTH);
if (fd == -1) {
perror("unable to connect to rad");
return (1);
--- a/usr/src/cmd/radconsole/radconsole.sh Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/radconsole/radconsole.sh Thu Feb 02 11:25:01 2012 -0500
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
#
#
@@ -34,6 +34,6 @@
CLASSPATH="${CLASSPATH}:/usr/lib/rad/java/adr.jar"
CLASSPATH="${CLASSPATH}:/usr/lib/rad/java/rad.jar"
CLASSPATH="${CLASSPATH}:/usr/lib/rad/java/afunix.jar"
-URL=service:jmx:radunix:///var/run/radsocket
+URL=service:jmx:radunix:///system/volatile/rad/radsocket
java -ea -classpath "${CLASSPATH}" sun.tools.jconsole.JConsole "${1:-$URL}"
--- a/usr/src/cmd/radpipe/radpipe.c Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/radpipe/radpipe.c Thu Feb 02 11:25:01 2012 -0500
@@ -20,7 +20,7 @@
*/
/*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
*/
#include <sys/types.h>
@@ -33,6 +33,8 @@
#include <pthread.h>
#include <stdio.h>
+#include <rad/rad_modapi.h>
+
/*
* Connects to an AF_UNIX socket
*/
@@ -101,9 +103,9 @@
main(int argc, char **argv)
{
if (argc > 1 && strcmp(argv[1], "-u") == 0)
- radfd = afunix_connect("/var/run/radsocket-unauth");
+ radfd = afunix_connect(RAD_PATH_AFUNIX_UNAUTH);
else {
- radfd = afunix_connect("/var/run/radsocket");
+ radfd = afunix_connect(RAD_PATH_AFUNIX_AUTH);
}
if (radfd == -1) {
--- a/usr/src/cmd/zmgr/ztest.py Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/cmd/zmgr/ztest.py Thu Feb 02 11:25:01 2012 -0500
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
#
import socket
@@ -26,9 +26,14 @@
import rad.adaptor as adapt
import sys
+#
+# Path for authenticated AF_UNIX socket
+#
+_RAD_PATH_AFUNIX_AUTH = "/system/volatile/rad/radsocket"
+
# Make connection (AF_UNIX socket lets us bypass authentication)
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM);
-s.connect("/var/run/radsocket");
+s.connect(_RAD_PATH_AFUNIX_AUTH);
#s = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
#s.connect(("localhost", 1234))
--- a/usr/src/doc/manpage/man-rad.xml Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/doc/manpage/man-rad.xml Thu Feb 02 11:25:01 2012 -0500
@@ -13,7 +13,7 @@
PDL HEADER END
- Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
-->
<refentry id="man.rad">
@@ -496,7 +496,7 @@
</varlistentry>
<varlistentry>
- <term>/var/run/radsocket</term>
+ <term>/system/volatile/rad/radsocket</term>
<listitem><para>
The AF_UNIX socket where the local rad instance
(<uri>svc:/system/rad:local</uri>) accepts connections
@@ -506,7 +506,7 @@
</para></listitem>
</varlistentry>
<varlistentry>
- <term>/var/run/radsocket-unauth</term>
+ <term>/system/volatile/rad/radsocket-unauth</term>
<listitem><para>
The AF_UNIX socket where the local rad instance
(<uri>svc:/system/rad:local</uri>) accepts connections
@@ -601,10 +601,10 @@
<para>
Two instances of rad are delivered by the system.
<uri>svc:/system/rad:local</uri> listens to AF_UNIX
- connections at the paths /var/run/radsocket and
- /var/run/radsocket-unauth, and is enabled by default. The
- former AF_UNIX socket will automatically authenticate the
- connecting process using <citerefentry>
+ connections at the paths /system/volatile/rad/radsocket and
+ /system/volatile/rad/radsocket-unauth, and is enabled by
+ default. The former AF_UNIX socket will automatically
+ authenticate the connecting process using <citerefentry>
<refentrytitle>getpeerucred</refentrytitle>
<manvolnum>3C</manvolnum> </citerefentry>, while the latter
requires the connecting process to explicitly
--- a/usr/src/java/vpanels/client/org/opensolaris/os/vp/client/common/RadLoginManager.java Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/java/vpanels/client/org/opensolaris/os/vp/client/common/RadLoginManager.java Thu Feb 02 11:25:01 2012 -0500
@@ -20,7 +20,7 @@
*/
/*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
*/
package org.opensolaris.os.vp.client.common;
@@ -49,6 +49,11 @@
import org.opensolaris.os.vp.util.misc.finder.Finder;
public abstract class RadLoginManager {
+ public static final String RAD_PATH_AFUNIX_AUTH =
+ "/system/volatile/rad/radsocket";
+ public static final String RAD_PATH_AFUNIX_UNAUTH =
+ "/system/volatile/rad/radsocket-unauth";
+
//
// Inner classes
//
@@ -783,8 +788,8 @@
if (NetUtil.isLocalAddress(host)) {
String[] paths = {
- "/var/run/radsocket",
- "/var/run/radsocket-unauth"
+ RAD_PATH_AFUNIX_AUTH,
+ RAD_PATH_AFUNIX_UNAUTH
};
for (String path : paths) {
--- a/usr/src/lib/pyrad/util.py Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/lib/pyrad/util.py Thu Feb 02 11:25:01 2012 -0500
@@ -20,7 +20,7 @@
#
#
-# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
#
import socket
@@ -32,6 +32,11 @@
import rad.adaptor as adapt
#
+# Default path for authenticated AF_UNIX socket
+#
+_RAD_PATH_AFUNIX_AUTH = "/system/volatile/rad/radsocket"
+
+#
# Make pipes quack enough like a socket to satisfy RecordMarkingSocket
#
class SocketLike(object):
@@ -114,7 +119,7 @@
#
# Connect to the local rad daemon via the standard unix domain socket
#
-def connect_local(path = "/var/run/radsocket", locale = None):
+def connect_local(path = _RAD_PATH_AFUNIX_AUTH, locale = None):
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM);
s.connect(path)
return rad.RadConnection(s, locale = locale)
--- a/usr/src/test/java/src/client/PAMTestBase.java Wed Feb 01 09:22:41 2012 -0500
+++ b/usr/src/test/java/src/client/PAMTestBase.java Thu Feb 02 11:25:01 2012 -0500
@@ -20,7 +20,7 @@
*/
/*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
*/
package client;
@@ -52,8 +52,10 @@
public abstract class PAMTestBase extends MBeanTestCommon {
public static final String RADTEST_SVC = "svc:/system/rad:test";
public static final String RADCONVTEST_SVC = "svc:/system/rad-conv-test";
- public static final String PATH_AUTH = "/var/run/test-radsocket";
- public static final String PATH_UNAUTH = "/var/run/test-radsocket-unauth";
+ public static final String RAD_PATH_AFUNIX_AUTH =
+ "/system/volatile/rad/test-radsocket";
+ public static final String RAD_PATH_AFUNIX_UNAUTH =
+ "/system/volatile/rad/test-radsocket-unauth";
private JMXConnector conn_;
protected AuthenticatorMXBean bean_;
@@ -98,7 +100,7 @@
protected boolean isRadReady(boolean auth) throws Exception {
checkRequiredServices();
- String path = auth ? PATH_AUTH : PATH_UNAUTH;
+ String path = auth ? RAD_PATH_AFUNIX_AUTH : RAD_PATH_AFUNIX_UNAUTH;
final String url = "service:jmx:radunix://" + path;
final String name = "org.opensolaris.os.rad:type=authentication";