Commit 12eeadb1 authored by Leigh Stoller's avatar Leigh Stoller

Add a wrapper around the "console" program to get the acl from the

XMLRPC server on boss.
parent ba0237de
......@@ -2283,7 +2283,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \
tbsetup/panic tbsetup/webpanic \
tbsetup/tbrsync \
tip/GNUmakefile \
tip/GNUmakefile tip/console \
tmcd/GNUmakefile tmcd/tmcd.restart \
tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \
tmcd/freebsd/GNUmakefile \
......@@ -2305,6 +2305,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
utils/grabwebcams utils/loghole utils/webcopy \
utils/setdest utils/websetdest utils/grabswitchconfig \
utils/backupswitches utils/setbuildinfo utils/checkquota \
utils/spewconlog utils/webspewconlog \
www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \
www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \
vis/GNUmakefile vis/webvistopology vis/dbvistopology \
......
......@@ -721,7 +721,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \
tbsetup/panic tbsetup/webpanic \
tbsetup/tbrsync \
tip/GNUmakefile \
tip/GNUmakefile tip/console \
tmcd/GNUmakefile tmcd/tmcd.restart \
tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \
tmcd/freebsd/GNUmakefile \
......@@ -743,6 +743,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
utils/grabwebcams utils/loghole utils/webcopy \
utils/setdest utils/websetdest utils/grabswitchconfig \
utils/backupswitches utils/setbuildinfo utils/checkquota \
utils/spewconlog utils/webspewconlog \
www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \
www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \
vis/GNUmakefile vis/webvistopology vis/dbvistopology \
......
......@@ -5,7 +5,7 @@ SUBDIR = tip
include $(OBJDIR)/Makeconf
all: tip tiptunnel console tippty
all: tip tiptunnel console.bin console tippty
client: tippty
include $(TESTBED_SRCDIR)/GNUmakerules
......@@ -49,11 +49,11 @@ tiptunnel: tiptunnel.o
# 'console' is tiptunnel, without SSL, and with localmode on by default.
console.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
$(CC) -DLOCALBYDEFAULT -o console.o -c $<
console.bin.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
$(CC) -DLOCALBYDEFAULT -o console.bin.o -c $<
console: console.o
$(CC) -o console console.o
console.bin: console.bin.o
$(CC) -o console.bin console.bin.o
tippty.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
$(CC) -DTIPPTY -o $@ -c $<
......@@ -66,13 +66,14 @@ $(OBJS): tipconf.h tip.h
client-install: client
$(INSTALL_PROGRAM) tippty$(EXE) $(DESTDIR)$(CLIENT_BINDIR)/tippty$(EXE)
control-install tipserv-install: all $(INSTALL_BINDIR)/tip $(INSTALL_BINDIR)/tiptunnel $(INSTALL_BINDIR)/console
control-install tipserv-install: all $(INSTALL_BINDIR)/tip $(INSTALL_BINDIR)/tiptunnel $(INSTALL_BINDIR)/console.bin $(INSTALL_BINDIR)/console
install: control-install
-mkdir -p $(INSTALL_DIR)/opsdir/bin
$(INSTALL_PROGRAM) tiptunnel $(INSTALL_DIR)/opsdir/bin/tiptunnel
$(INSTALL_PROGRAM) tip $(INSTALL_DIR)/opsdir/bin/tip
$(INSTALL_PROGRAM) console $(INSTALL_DIR)/opsdir/bin/console
$(INSTALL_PROGRAM) console.bin $(INSTALL_DIR)/opsdir/bin/console.bin
clean:
rm -f $(OBJS) tiptunnel.o console.o tip tiptunnel console tippty.o tippty
rm -f $(OBJS) *.o tip tiptunnel console console.bin tippty
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use POSIX qw(setsid);
#
# Wrapper for console program; grab tipacl from XMLRPC server, and feed it
# to the console binary.
#
sub usage()
{
print(STDOUT "Usage: console pcXXX\n");
exit(-1);
}
my $optlist = "";
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $WRAPPER = "$TB/bin/script_wrapper.py";
my $CONSOLEBIN = "$TB/bin/console.bin";
my $aclfile;
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output. Very important for this script!
#
$| = 1;
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
usage()
if (@ARGV != 1);
my $node = $ARGV[0];
#
# Make a temp file for the acl.
#
$ENV{'TMPDIR'} = "/tmp";
my $tempfile = `mktemp -t tipacl`;
if ($?) {
die("*** $0:\n".
" Could not create a temporary file!\n");
}
if ($tempfile =~ /^([-\w\/\.]*)$/) {
$tempfile = $1;
}
else {
die("*** $0:\n".
" Bad data in tag: $tempfile\n");
}
#
# Ask the XMLRPC server for the tipacl. The current user has to have proper
# permission of course.
#
system("$WRAPPER tipacl $node >> $tempfile");
#
# Do not want to leave the acl file around, and do not want to wait for
# the user to quit the program, so fork a child to wait a moment and remove
# the file. We have the child do it so as to avoid messing with the session
# and tty goo.
#
my $syspid = fork();
# Child delays a moment and exits.
if (!$syspid) {
sleep(1);
unlink($tempfile);
exit(0);
}
my @cmdargs = ($CONSOLEBIN, "-a", "$tempfile", "$node");
exec(@cmdargs);
die("*** $0:\n".
" Exec failure: '@cmdargs'\n");
......@@ -136,6 +136,7 @@ static void sigquit(int sig)
int main( int argc, char ** argv )
{
const char * name = argv[0];
char * aclfile = (char *) NULL;
int op;
#if defined(LOCALBYDEFAULT) || defined(TIPPTY)
......@@ -145,11 +146,14 @@ int main( int argc, char ** argv )
#endif
#endif
while ((op = getopt( argc, argv, "hlp:rdu:c:" )) != -1) {
while ((op = getopt( argc, argv, "hlp:rdu:c:a:" )) != -1) {
switch (op) {
case 'h':
usage(name);
break;
case 'a':
aclfile = optarg;
break;
case 'l':
localmode++;
break;
......@@ -189,9 +193,13 @@ int main( int argc, char ** argv )
}
if (localmode) {
char localAclName[1024];
sprintf( localAclName, "%s/%s.acl", ACLDIR, argv[0] );
loadAcl( localAclName );
if (aclfile)
loadAcl( aclfile );
else {
char localAclName[1024];
sprintf( localAclName, "%s/%s.acl", ACLDIR, argv[0] );
loadAcl( localAclName );
}
} else {
loadAcl( argv[0] );
}
......@@ -400,15 +408,15 @@ void loadAcl( const char * filename )
bzero( &key, sizeof( key ) );
while (fscanf(aclFile, "%s %s\n", &b1, &b2) != EOF) {
if ( strcmp(b1, "host:") == 0 ) {
if ( strcmp(b1, "host:") == 0 || strcmp(b1, "server:") == 0 ) {
if (!uploadmode)
hostname = strdup( b2 );
} else if ( strcmp(b1, "port:") == 0 ) {
} else if ( strcmp(b1, "port:") == 0 || strcmp(b1, "portnum:") == 0 ) {
if (!uploadmode)
port = atoi( b2 );
} else if ( strcmp(b1, "keylen:") == 0 ) {
key.keylen = atoi( b2 );
} else if ( strcmp(b1, "key:") == 0 ) {
} else if ( strcmp(b1, "key:") == 0 || strcmp(b1, "keydata:") == 0) {
strcpy( key.key, b2 );
#ifdef WITHSSL
} else if ( strcmp(b1, "uphost:") == 0 ) {
......@@ -423,11 +431,15 @@ void loadAcl( const char * filename )
usingSSL++;
#endif /* WITHSSL */
} else {
fprintf(stderr, "Ignored unknown ACL: %s %s\n", b1, b2);
/* fprintf(stderr, "Ignored unknown ACL: %s %s\n", b1, b2); */
}
}
fclose(aclFile);
if (!key.keylen)
key.keylen = strlen(key.key);
if (!port || !hostname || !key.keylen || !strlen(key.key)) {
if (!port || !hostname || !strlen(key.key)) {
fprintf(stderr, "Incomplete ACL\n");
exit(-1);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment