Commit 1077ffe7 authored by Leigh Stoller's avatar Leigh Stoller

Add ssl certificate check, but not actually using it. I added a quick

check to make sure the user's homedir and ssl certificate exists,
before starting a swap, but turns out the mountd problem in FreeBSD
makes that a little problematic. So lets commit the code, and hope
that FreeBSD fixes the mountd problem someday.
parent cf5bfcae
......@@ -1944,6 +1944,32 @@ sub PeerExports($$)
return 0;
}
#
# Make sure user did not delete their home dir.
#
sub HomeDirOkay($;$)
{
my ($self, $pmsg) = @_;
my $homedir = $self->HomeDir();
if (! -e "$homedir/.ssl/emulab.pem") {
$$pmsg = "Your Emulab SSL certificate is gone! Did you delete it?"
if (defined($pmsg));
return -1;
}
if (! -e "$homedir/.ssl") {
$$pmsg = "Your .ssl directory is gone! Did you delete it?"
if (defined($pmsg));
return -1;
}
if (! -e "$homedir") {
$$pmsg = "Your home directory is gone! Did you delete it?"
if (defined($pmsg));
return -1;
}
return 0;
}
# _Always_ make sure that this 1 is at the end of the file...
1;
......@@ -207,6 +207,20 @@ if (system("$checkquota $user_uid") != 0) {
exit(1);
}
#
# Lets check to make sure user did not delete their home dir.
# Maybe in the future, when exports_setup does not cause all
# mounts to hiccup.
#
if (0) {
my $homdirerror;
if ($this_user->HomeDirOkay(\$homdirerror) != 0) {
tberror({cause => 'user', type => 'primary', severity => SEV_ERROR},
$homdirerror);
exit(1);
}
}
#
# Parse command arguments.
#
......
......@@ -432,6 +432,18 @@ if ($overquota) {
"please login there and cleanup!");
}
#
# Lets check to make sure user did not delete their home dir.
# Maybe in the future, when exports_setup does not cause all
# mounts to hiccup.
#
if (0 && $inout ne "out" && $inout ne "pause") {
my $homdirerror;
if ($this_user->HomeDirOkay(\$homdirerror) != 0) {
ExitWithStatus(1, "$homdirerror\n");
}
}
#
# Temp fix; Disallow swapmod to firewalled experiments. This will come
# out later.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment