-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathpath_service.h
110 lines (88 loc) · 3.25 KB
/
path_service.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
// Copyright 2017 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef AUTHPOLICY_PATH_SERVICE_H_
#define AUTHPOLICY_PATH_SERVICE_H_
#include <map>
#include <string>
#include <base/macros.h>
namespace authpolicy {
enum class Path {
// Invalid path, not set, triggers a DCHECK in PathService::Get().
INVALID,
// Base directories.
TEMP_DIR, // Files here are wiped on authpolicyd restart.
STATE_DIR, // Files here are persistent and globally accessible.
RUN_DIR, // Files here are wiped on reboot.
DAEMON_STORE_DIR, // Files here are persistent in the user's cryptohome and
// hence accessible only for the logged-in user.
// Samba directories.
SAMBA_DIR,
SAMBA_LOCK_DIR,
SAMBA_CACHE_DIR,
SAMBA_STATE_DIR,
SAMBA_PRIVATE_DIR,
GPO_LOCAL_DIR, // Location of downloaded GPOs.
// Configuration files.
CONFIG_DAT, // Authpolicy configuration.
USER_SMB_CONF, // Samba configuration for user account.
DEVICE_SMB_CONF, // Samba configuration for device/machine account.
USER_KRB5_CONF, // Kerberos configuration for user account.
DEVICE_KRB5_CONF, // Kerberos configuration for device/machine account.
// Credential cache paths.
USER_CREDENTIAL_CACHE,
DEVICE_CREDENTIAL_CACHE,
// Machine credentials. Authpolicy uses EITHER password OR keytab. Newly
// enrolled devices use passwords, older devices use keytabs.
MACHINE_PASS, // Current machine password.
PREV_MACHINE_PASS, // Previous machine password.
NEW_MACHINE_PASS, // New machine password.
MACHINE_KEYTAB, // Kerberos machine keytab file.
// Files that are wiped on reboot.
FLAGS_DEFAULT_LEVEL, // File with flags default level (as integer), see
// AuthPolicyFlags::DefaultLevel.
AUTH_DATA_CACHE, // Cached authentication data.
// Samba/Kerberos/parser executables.
KINIT,
KLIST,
KPASSWD,
NET,
SMBCLIENT,
PARSER,
// Seccomp filter policies.
KINIT_SECCOMP,
KLIST_SECCOMP,
KPASSWD_SECCOMP,
NET_ADS_SECCOMP,
PARSER_SECCOMP,
SMBCLIENT_SECCOMP,
// Misc.
DEBUG_FLAGS, // File with debug flags, see AuthPolicyFlags.
KRB5_TRACE, // kinit and kpasswd trace log.
};
// Simple path service.
class PathService {
public:
// Calls Initialize().
PathService();
PathService(const PathService&) = delete;
PathService& operator=(const PathService&) = delete;
virtual ~PathService();
// Retrieves the file or directory path for the given |path_key|.
const std::string& Get(Path path_key) const;
protected:
// Calls Initialize() if |initialize| is true.
explicit PathService(bool initialize);
// Should be called at some point during construction to initialize all paths.
// Derived classes can override paths by specifying a constuctor that calls
// PathService(false), inserts paths and then calls Initialize() to initialize
// paths not set yet.
void Initialize();
// Inserts |path| at key |path_key| into |path_map_| if the key is not
// already set.
void Insert(Path path_key, const std::string& path);
private:
std::map<Path, std::string> paths_;
};
} // namespace authpolicy
#endif // AUTHPOLICY_PATH_SERVICE_H_