mkgroup.in 5.5 KB
Newer Older
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1
#!/usr/bin/perl -wT
Leigh B. Stoller's avatar
Leigh B. Stoller committed
2 3 4

#
# EMULAB-COPYRIGHT
5
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
6 7
# All rights reserved.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
8 9 10 11
use English;
use Getopt::Std;

#
12 13
# Create a group on the control/ops nodes and any tipservers. This does
# not create accounts, or add users to groups; it just creates the group
14 15
# entries and the group directory. Runs in the foreground all the time;
# Its quick enough that the user can wait for it.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
16
#
17 18
# XXX - /proj wired in
#       control node wired in.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
19 20 21
#
sub usage()
{
22
    print STDOUT "Usage: mkgroup <pid> <gid>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
23 24
    exit(-1);
}
25
my  $optlist = "";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
26 27 28 29 30 31 32 33

#
# Configure variables
#
my $TB		= "@prefix@";
my $TBOPS       = "@TBOPSEMAIL@";
my $TBLOGS      = "@TBLOGSEMAIL@";
my $CONTROL     = "@USERNODE@";
34
my $BOSSNODE	= "@BOSSNODE@";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
35
my $PROJROOT    = "/proj";
36
my $GRPROOT     = "/groups";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
37 38
my $SSH         = "$TB/bin/sshtb";
my $GROUPADD    = "/usr/sbin/pw groupadd";
39
my @DIRLIST     = ("exp", "images", "logs", "tarfiles", "rpms", "tiplogs");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
40 41 42 43 44 45 46 47

my $dbuid;
my @db_row;
my $query_result;
my $leader;
my $logname;
my $user_name;
my $user_email;
48 49 50
my $unix_gid;
my $unix_name;
my @tipservers;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71

#
# Note hardwired control node. 
# 
my $control_node = $CONTROL;

#
# Untaint the path
# 
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

#
# Turn off line buffering on output
#
$| = 1;

#
# Load the Testbed support stuff. 
#
use lib "@prefix@/lib";
72
use libaudit;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
73 74 75
use libdb;
use libtestbed;

76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
    die("*** $0:\n".
	"    Must be setuid! Maybe its a development version?\n");
}

#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
# 
if ($UID == 0) {
    die("*** $0:\n".
	"    Please do not run this as root! Its already setuid!\n");
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
93 94 95 96 97 98 99 100 101 102 103
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
    usage();
}
if (@ARGV != 2) {
    usage();
}
104 105
my $pid = shift(@ARGV);
my $gid = shift(@ARGV);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126

#
# Untaint args.
#
if ($pid =~ /^([-\@\w]+)$/) {
    $pid = $1;
}
else {
    die("Bad data in pid: $pid.");
}
if ($gid =~ /^([-\@\w]+)$/) {
    $gid = $1;
}
else {
    die("Bad data in gid: $gid.");
}

#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
127 128
    die("*** $0:\n".
        "    You do not exist in the Emulab Database!\n");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
129 130 131 132 133 134
}

#
# Get email info for mail.
#
if (! UserDBInfo($dbuid, \$user_name, \$user_email)) {
135 136
    die("*** $0:\n".
        "    Cannot determine email info for you!\n");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
137 138 139
}

#
140 141 142
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
143
    #
144
    # Parent exits normally
Leigh B. Stoller's avatar
Leigh B. Stoller committed
145
    #
146
    exit(0);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
147 148
}

149 150 151
#
# Need Proj leader for ownership.
# 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
152
if (! ($leader = GroupLeader($pid, $gid))) {
153 154
    die("*** $0:\n".
	"    Could not determine group leader for $pid/$gid!\n");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
155 156
}

157 158 159
#
# The group directory lives here.
# 
160 161
my $groupdir  = "$GRPROOT/$pid/$gid";
my $grouplink = "$PROJROOT/$pid/groups/$gid";
162

Leigh B. Stoller's avatar
Leigh B. Stoller committed
163 164 165 166
#
# Unix info for the group
#
if (! TBGroupUnixInfo($pid, $gid, \$unix_gid, \$unix_name)) {
167
    fatal("No info for project/group $pid/$gid!");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
168 169 170 171 172 173 174 175 176 177
}

# 
# Create group locally if it does not exist. egrep returns 1 when
# no matches are found.
#
if (system("egrep -q -s '^${unix_name}:' /etc/group")) {
    print "Adding group $unix_name to local node ...\n";

    if (system("$GROUPADD $unix_name -g $unix_gid")) {
178
	fatal("Could not add $unix_gid ($unix_gid) to local node!\n");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
179 180 181 182 183 184 185 186 187 188 189
    }
}

#
# Perl and ssh Sillyness!
#
$UID = $EUID;

#
# Create group on the control node if it does not exist.
#
190
if ($control_node ne $BOSSNODE) {
191
    if (system("$SSH -host $control_node ".
192 193 194 195 196 197 198
	       "egrep -q -s '^${unix_name}:' /etc/group")) {
	print "Adding group $unix_name to $control_node.\n";

	if (system("$SSH -host $control_node ".
		   "$GROUPADD $unix_name -g $unix_gid")) {
	    fatal("Could not add $unix_name ($unix_gid) to $control_node!\n");
	}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
199 200 201
    }
}

202 203 204
#
# Create group on the tip servers. 
#
205
foreach my $tipserver ( TBTipServers() ) {
206 207
    if (system("$SSH -host $tipserver ".
	       "egrep -q -s '^${unix_name}:' /etc/group")) {
208 209
	print "Adding group $unix_name to $tipserver\n";

210 211
	if (system("$SSH -host $tipserver ".
		   "$GROUPADD $unix_name -g $unix_gid")) {
212
	    fatal("Could not add $unix_name ($unix_gid) to $tipserver!\n");
213 214 215 216
	}
    }
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
217
#
218 219
# Create the group directory if it does not already exist, but not for
# the default group of the project.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
220
#
221
if ($pid ne $gid) {
222 223
    if (! -e $groupdir) {
	print "Creating group directory: $groupdir.\n";
224
    
225 226 227
	if (! mkdir("$groupdir", 0770)) {
	    fatal("Could not make directory $groupdir: $!");
	}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
228 229 230
    }

    if (! chmod(0770, "$groupdir")) {
231
	fatal("Could not chmod directory $groupdir: $!");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
232 233 234 235 236
    }

    $unix_uid = getpwnam($leader);

    if (! chown($unix_uid, $unix_gid, "$groupdir")) {
237
	fatal("Could not chown $groupdir to $leader/$gid: $!");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
238
    }
239 240 241

    if (! -e $grouplink) {
	symlink($groupdir, $grouplink) or
242
	    fatal("Could not symlink($groupdir, $grouplink): $!");
243
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
244

245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262
    #
    # Make group subdirs.
    #
    foreach my $dir (@DIRLIST) {
	if (! -e "$groupdir/$dir") {
	    if (! mkdir("$groupdir/$dir", 0770)) {
		fatal("Could not make directory $groupdir/$dir: $!");
	    }
	    if (! chmod(0770, "$groupdir/$dir")) {
		fatal("Could not chmod directory $groupdir/$dir: $!");
	    }
	    if (! chown($unix_uid, $unix_gid, "$groupdir/$dir")) {
		fatal("Could not chown $groupdir/$dir: $!");
	    }
	}
    }
}
    
263
print "Group Creation Completed!\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
264 265 266 267 268 269
exit(0);

sub fatal($)
{
    my($mesg) = $_[0];

270 271
    die("*** $0:\n".
	"    $mesg\n");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
272
}