authpolicy/path_service.cc - chromiumos/platform2 - Git at Google

 // Copyright 2017 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "authpolicy/path_service.h"

 #include <utility>

 #include <base/logging.h>

 namespace authpolicy {
 namespace {

 // Base directories.
 const char kAuthPolicyTempDir[] = "/tmp/authpolicyd";
 const char kAuthPolicyStateDir[] = "/var/lib/authpolicyd";

 // Relative Samba directories.
 const char kSambaDir[] = "/samba";
 const char kLockDir[] = "/lock";
 const char kCacheDir[] = "/cache";
 const char kStateDir[] = "/state";
 const char kPrivateDir[] = "/private";
 const char kGpoCacheDir[] = "/gpo_cache";

 // Configuration files.
 const char kConfigPath[] = "/config.dat";
 const char kSmbConfPath[] = "/smb.conf";

 // Kerberos configuration paths.
 const char kUserKrb5ConfPath[] = "/krb5_user.conf";
 const char kDeviceKrb5ConfPath[] = "/krb5_device.conf";

 // Credential cache paths.
 const char kUserCredentialCache[] = "/krb5cc_user";
 const char kDeviceCredentialCache[] = "/krb5cc_device";

 // Machine keytab.
 const char kMachineKeyTabPath[] = "/krb5_machine.keytab";
 // Debug flags.
 const char kDebugFlagsPath[] = "/etc/authpolicyd_flags";
 // kinit trace logs.
 const char kKrb5TracePath[] = "/krb5_trace";

 // Executable paths.
 const char kKInitPath[] = "/usr/bin/kinit";
 const char kKListPath[] = "/usr/bin/klist";
 const char kNetPath[] = "/usr/bin/net";
 const char kParserPath[] = "/usr/sbin/authpolicy_parser";
 const char kSmbClientPath[] = "/usr/bin/smbclient";

 // Seccomp filters.
 const char kKInitSeccompFilter[] =
     "/usr/share/policy/kinit-seccomp.policy";
 const char kKListSeccompFilter[] = "/usr/share/policy/klist-seccomp.policy";
 const char kNetAdsSeccompFilter[] =
     "/usr/share/policy/net_ads-seccomp.policy";
 const char kParserSeccompFilter[] =
     "/usr/share/policy/authpolicy_parser-seccomp.policy";
 const char kSmbClientSeccompFilter[] =
     "/usr/share/policy/smbclient-seccomp.policy";

 }  // namespace

 PathService::PathService() : PathService(true) {
 }

 PathService::PathService(bool initialize) {
   if (initialize)
     Initialize();
 }

 PathService::~PathService() {
 }

 void PathService::Initialize() {
   // Set paths. Note: Won't override paths that are already set by a more
   // derived version of this method.
   Insert(Path::TEMP_DIR, kAuthPolicyTempDir);
   Insert(Path::STATE_DIR, kAuthPolicyStateDir);

   const std::string& temp_dir = Get(Path::TEMP_DIR);
   const std::string& state_dir = Get(Path::STATE_DIR);
   Insert(Path::SAMBA_DIR, temp_dir + kSambaDir);
   Insert(Path::SAMBA_LOCK_DIR, temp_dir + kSambaDir + kLockDir);
   Insert(Path::SAMBA_CACHE_DIR, temp_dir + kSambaDir + kCacheDir);
   Insert(Path::SAMBA_STATE_DIR, temp_dir + kSambaDir + kStateDir);
   Insert(Path::SAMBA_PRIVATE_DIR, temp_dir + kSambaDir + kPrivateDir);
   Insert(Path::GPO_LOCAL_DIR, temp_dir + kSambaDir + kCacheDir + kGpoCacheDir);

   Insert(Path::CONFIG_DAT, state_dir + kConfigPath);
   Insert(Path::SMB_CONF, temp_dir + kSmbConfPath);

   Insert(Path::USER_KRB5_CONF, temp_dir + kUserKrb5ConfPath);
   Insert(Path::DEVICE_KRB5_CONF, temp_dir + kDeviceKrb5ConfPath);

   const std::string& samba_dir = Get(Path::SAMBA_DIR);
   Insert(Path::USER_CREDENTIAL_CACHE, samba_dir + kUserCredentialCache);
   Insert(Path::DEVICE_CREDENTIAL_CACHE, samba_dir + kDeviceCredentialCache);

   Insert(Path::MACHINE_KT_STATE, state_dir + kMachineKeyTabPath);
   Insert(Path::MACHINE_KT_TEMP, samba_dir + kMachineKeyTabPath);

   Insert(Path::KINIT, kKInitPath);
   Insert(Path::KLIST, kKListPath);
   Insert(Path::NET, kNetPath);
   Insert(Path::PARSER, kParserPath);
   Insert(Path::SMBCLIENT, kSmbClientPath);

   Insert(Path::KINIT_SECCOMP, kKInitSeccompFilter);
   Insert(Path::KLIST_SECCOMP, kKListSeccompFilter);
   Insert(Path::NET_ADS_SECCOMP, kNetAdsSeccompFilter);
   Insert(Path::PARSER_SECCOMP, kParserSeccompFilter);
   Insert(Path::SMBCLIENT_SECCOMP, kSmbClientSeccompFilter);

   Insert(Path::DEBUG_FLAGS, kDebugFlagsPath);
   Insert(Path::KRB5_TRACE, temp_dir + kKrb5TracePath);
 }

 const std::string& PathService::Get(Path path_key) const {
   auto iter = paths_.find(path_key);
   DCHECK(iter != paths_.end());
   return iter->second;
 }

 void PathService::Insert(Path path_key, const std::string& path) {
   paths_.insert(std::make_pair(path_key, path));
 }

 }  // namespace authpolicy
	// Copyright 2017 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "authpolicy/path_service.h"

	#include <utility>

	#include <base/logging.h>

	namespace authpolicy {
	namespace {

	// Base directories.
	const char kAuthPolicyTempDir[] = "/tmp/authpolicyd";
	const char kAuthPolicyStateDir[] = "/var/lib/authpolicyd";

	// Relative Samba directories.
	const char kSambaDir[] = "/samba";
	const char kLockDir[] = "/lock";
	const char kCacheDir[] = "/cache";
	const char kStateDir[] = "/state";
	const char kPrivateDir[] = "/private";
	const char kGpoCacheDir[] = "/gpo_cache";

	// Configuration files.
	const char kConfigPath[] = "/config.dat";
	const char kSmbConfPath[] = "/smb.conf";

	// Kerberos configuration paths.
	const char kUserKrb5ConfPath[] = "/krb5_user.conf";
	const char kDeviceKrb5ConfPath[] = "/krb5_device.conf";

	// Credential cache paths.
	const char kUserCredentialCache[] = "/krb5cc_user";
	const char kDeviceCredentialCache[] = "/krb5cc_device";

	// Machine keytab.
	const char kMachineKeyTabPath[] = "/krb5_machine.keytab";
	// Debug flags.
	const char kDebugFlagsPath[] = "/etc/authpolicyd_flags";
	// kinit trace logs.
	const char kKrb5TracePath[] = "/krb5_trace";

	// Executable paths.
	const char kKInitPath[] = "/usr/bin/kinit";
	const char kKListPath[] = "/usr/bin/klist";
	const char kNetPath[] = "/usr/bin/net";
	const char kParserPath[] = "/usr/sbin/authpolicy_parser";
	const char kSmbClientPath[] = "/usr/bin/smbclient";

	// Seccomp filters.
	const char kKInitSeccompFilter[] =
	"/usr/share/policy/kinit-seccomp.policy";
	const char kKListSeccompFilter[] = "/usr/share/policy/klist-seccomp.policy";
	const char kNetAdsSeccompFilter[] =
	"/usr/share/policy/net_ads-seccomp.policy";
	const char kParserSeccompFilter[] =
	"/usr/share/policy/authpolicy_parser-seccomp.policy";
	const char kSmbClientSeccompFilter[] =
	"/usr/share/policy/smbclient-seccomp.policy";

	} // namespace

	PathService::PathService() : PathService(true) {
	}

	PathService::PathService(bool initialize) {
	if (initialize)
	Initialize();
	}

	PathService::~PathService() {
	}

	void PathService::Initialize() {
	// Set paths. Note: Won't override paths that are already set by a more
	// derived version of this method.
	Insert(Path::TEMP_DIR, kAuthPolicyTempDir);
	Insert(Path::STATE_DIR, kAuthPolicyStateDir);

	const std::string& temp_dir = Get(Path::TEMP_DIR);
	const std::string& state_dir = Get(Path::STATE_DIR);
	Insert(Path::SAMBA_DIR, temp_dir + kSambaDir);
	Insert(Path::SAMBA_LOCK_DIR, temp_dir + kSambaDir + kLockDir);
	Insert(Path::SAMBA_CACHE_DIR, temp_dir + kSambaDir + kCacheDir);
	Insert(Path::SAMBA_STATE_DIR, temp_dir + kSambaDir + kStateDir);
	Insert(Path::SAMBA_PRIVATE_DIR, temp_dir + kSambaDir + kPrivateDir);
	Insert(Path::GPO_LOCAL_DIR, temp_dir + kSambaDir + kCacheDir + kGpoCacheDir);

	Insert(Path::CONFIG_DAT, state_dir + kConfigPath);
	Insert(Path::SMB_CONF, temp_dir + kSmbConfPath);

	Insert(Path::USER_KRB5_CONF, temp_dir + kUserKrb5ConfPath);
	Insert(Path::DEVICE_KRB5_CONF, temp_dir + kDeviceKrb5ConfPath);

	const std::string& samba_dir = Get(Path::SAMBA_DIR);
	Insert(Path::USER_CREDENTIAL_CACHE, samba_dir + kUserCredentialCache);
	Insert(Path::DEVICE_CREDENTIAL_CACHE, samba_dir + kDeviceCredentialCache);

	Insert(Path::MACHINE_KT_STATE, state_dir + kMachineKeyTabPath);
	Insert(Path::MACHINE_KT_TEMP, samba_dir + kMachineKeyTabPath);

	Insert(Path::KINIT, kKInitPath);
	Insert(Path::KLIST, kKListPath);
	Insert(Path::NET, kNetPath);
	Insert(Path::PARSER, kParserPath);
	Insert(Path::SMBCLIENT, kSmbClientPath);

	Insert(Path::KINIT_SECCOMP, kKInitSeccompFilter);
	Insert(Path::KLIST_SECCOMP, kKListSeccompFilter);
	Insert(Path::NET_ADS_SECCOMP, kNetAdsSeccompFilter);
	Insert(Path::PARSER_SECCOMP, kParserSeccompFilter);
	Insert(Path::SMBCLIENT_SECCOMP, kSmbClientSeccompFilter);

	Insert(Path::DEBUG_FLAGS, kDebugFlagsPath);
	Insert(Path::KRB5_TRACE, temp_dir + kKrb5TracePath);
	}

	const std::string& PathService::Get(Path path_key) const {
	auto iter = paths_.find(path_key);
	DCHECK(iter != paths_.end());
	return iter->second;
	}

	void PathService::Insert(Path path_key, const std::string& path) {
	paths_.insert(std::make_pair(path_key, path));
	}

	} // namespace authpolicy