Commit 84c1df2d authored by Leigh Stoller's avatar Leigh Stoller

New script to toggle the directory permissions on a project CVS repo,

to make it public or private. Called from the web server when a project
root or an admin user, toggles the public repo flag in the project profile.

This script only does whats needed for cvsweb; it needs to be extended
for cvs pserver stuff.
parent 8a9bbc86
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
#
# Set the cvsrepo permission bits to make a CVS repo public.
#
sub usage()
{
print(STDOUT "Usage: cvsrepo_ctrl pid\n");
exit(-1);
}
my $optlist = "";
my $dbuid;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBAUDIT = "@TBAUDITEMAIL@";
my $PROJROOT = "/proj";
my $CVSREPOS = "$PROJROOT/cvsrepos";
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# Turn off line buffering on output. Very important for this script!
#
$| = 1;
# Load the Testbed support stuff.
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
# Be careful not to exit on transient error
$libdb::DBQUERY_MAXTRIES = 30;
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
usage()
if (@ARGV != 1);
my $pid = $ARGV[0];
# Untaint
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Tainted project name: $pid\n");
}
#
# Verify user and get his DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database.\n");
}
#
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
#
# Parent exits normally
#
exit(0);
}
#
# Check permission.
#
if (!TBAdmin($UID) &&
!TBMinTrust(TBGrpTrust($dbuid, $pid, $pid), PROJMEMBERTRUST_GROUPROOT)) {
die("*** $0:\n".
" You do not have permission to set cvs permissions for $pid!\n");
}
#
# Grab DB data.
#
my $query_result =
DBQueryFatal("select cvsrepo_public from projects where pid='$pid'");
if (!$query_result->numrows) {
die("*** $0:\n".
" DB error getting info for project $pid!\n");
}
my ($cvsrepo_public) = $query_result->fetchrow_array();
my $prot = ($cvsrepo_public ? 0775 : 0770);
printf("Setting permission on $CVSREPOS/$pid to %o\n", $prot);
if (! chmod($prot, "$CVSREPOS/$pid")) {
die("*** $0:\n".
" Could not chmod($prot) directory $CVSREPOS/$pid: $!");
}
exit(0);
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
#
# This gets invoked from the Web interface. Simply a wrapper ...
#
#
# Configure variables
#
my $TB = "@prefix@";
#
# Run the real thing, and never return.
#
exec "$TB/sbin/cvsrepo_ctrl", @ARGV;
die("webcvsrepo_ctrl: Could not exec cvsrepo_ctrl: $!");
......@@ -20,10 +20,10 @@ SBIN_SCRIPTS = vlandiff vlansync withadminprivs export_tables cvsupd.pl \
eventping grantnodetype import_commitlog dhcpd_wrapper \
opsreboot deletenode node_statewait grabwebcams \
grabswitchconfig backupswitches cvsinit checkquota \
spewconlog
spewconlog cvsrepo_ctrl
LIBEXEC_SCRIPTS = webcreateimage newnode webdeletenode spewleds webcopy \
websetdest spewsource weblinkmon_ctl webcvsweb \
webspewconlog
webspewconlog webcvsrepo_ctrl
#
# Force dependencies on the scripts so that they will be rerun through
......@@ -55,6 +55,8 @@ post-install:
chmod u+s $(INSTALL_SBINDIR)/checkquota
chown root $(INSTALL_SBINDIR)/spewconlog
chmod u+s $(INSTALL_SBINDIR)/spewconlog
chown root $(INSTALL_SBINDIR)/cvsrepo_ctrl
chmod u+s $(INSTALL_SBINDIR)/cvsrepo_ctrl
#
# Control node installation (okay, plastic)
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
#
# Set the cvsrepo permission bits to make a CVS repo public.
#
sub usage()
{
print(STDOUT "Usage: cvsrepo_ctrl pid\n");
exit(-1);
}
my $optlist = "";
my $dbuid;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBAUDIT = "@TBAUDITEMAIL@";
my $PROJROOT = "/proj";
my $CVSREPOS = "$PROJROOT/cvsrepos";
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# Turn off line buffering on output. Very important for this script!
#
$| = 1;
# Load the Testbed support stuff.
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
# Be careful not to exit on transient error
$libdb::DBQUERY_MAXTRIES = 30;
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
usage()
if (@ARGV != 1);
my $pid = $ARGV[0];
# Untaint
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Tainted project name: $pid\n");
}
#
# Verify user and get his DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database.\n");
}
#
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
#
# Parent exits normally
#
exit(0);
}
#
# Check permission.
#
if (!TBAdmin($UID) &&
!TBMinTrust(TBGrpTrust($dbuid, $pid, $pid), PROJMEMBERTRUST_GROUPROOT)) {
die("*** $0:\n".
" You do not have permission to set cvs permissions for $pid!\n");
}
#
# Grab DB data.
#
my $query_result =
DBQueryFatal("select cvsrepo_public from projects where pid='$pid'");
if (!$query_result->numrows) {
die("*** $0:\n".
" DB error getting info for project $pid!\n");
}
my ($cvsrepo_public) = $query_result->fetchrow_array();
my $prot = ($cvsrepo_public ? 0775 : 0770);
printf("Setting permission on $CVSREPOS/$pid to %o\n", $prot);
if (! chmod($prot, "$CVSREPOS/$pid")) {
die("*** $0:\n".
" Could not chmod($prot) directory $CVSREPOS/$pid: $!");
}
exit(0);
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
#
# This gets invoked from the Web interface. Simply a wrapper ...
#
#
# Configure variables
#
my $TB = "@prefix@";
#
# Run the real thing, and never return.
#
exec "$TB/sbin/cvsrepo_ctrl", @ARGV;
die("webcvsrepo_ctrl: Could not exec cvsrepo_ctrl: $!");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment