Commit 90cdfb60 authored by Leigh Stoller's avatar Leigh Stoller

Checkpoint Chat Support stuff; mostly working but still needs work.

Ready for local people to play with.

The current implementation is that we munge the mysql DB on ops directly,
underneath jabberd. We add/del users from the authreg table, and set up
buddy lists in the roster-items and roster-groups tables. modgroups will
invoke the modjabberbuddies whenever a user is added or removed from a
group, although currently I am building buddy lists for just the top level
projects.

The "My IM" link in the collaboration menu will tell the user their
jabber ID on the Emulab chat server (jabber.emulab.net) and also give
them their plain text password to plug into their chat client.

I also installed a java applet (Jeti) that is a simple chat client that
I found off the jabberware page. Like all applets, it exhibits a degree
of flakiness, but I really do not expect too many people to use it.
parent bd9aff96
......@@ -42,6 +42,7 @@ my $BOSSNODE = "@BOSSNODE@";
my $WITHSFS = @SFSSUPPORT@;
my $WIKISUPPORT = @WIKISUPPORT@;
my $BUGDBSUPPORT= @BUGDBSUPPORT@;
my $CHATSUPPORT = @CHATSUPPORT@;
my $PROTOUSER = 'elabman';
my $SAMBANODE = "fs"; # DNS makes this do the right thing in E-in-E.
......@@ -65,6 +66,8 @@ my $ADDWIKIUSER = "$TB/sbin/addwikiuser";
my $DELWIKIUSER = "$TB/sbin/delwikiuser";
my $ADDBUGDBUSER= "$TB/sbin/addbugdbuser";
my $DELBUGDBUSER= "$TB/sbin/delbugdbuser";
my $ADDCHATUSER = "$TB/sbin/addjabberuser";
my $DELCHATUSER = "$TB/sbin/deljabberuser";
my $NOLOGIN = "/sbin/nologin";
my $SSH = "$TB/bin/sshtb";
my $SAVEUID = $UID;
......@@ -360,10 +363,14 @@ sub AddUser()
system("$ADDWIKIUSER $user")
if ($WIKISUPPORT && !$batch && $user ne $PROTOUSER);
# And to the bugdn if enabled.
# And to the bugdb if enabled.
system("$ADDBUGDBUSER $user")
if ($BUGDBSUPPORT && !$batch && $user ne $PROTOUSER);
# And to the chat server if enabled.
system("$ADDCHATUSER $user")
if ($CHATSUPPORT && !$batch && $user ne $PROTOUSER);
# Generate the SSL cert for the user.
system("$MKUSERCERT $user");
......@@ -444,6 +451,10 @@ sub DelUser()
system("$DELWIKIUSER $user")
if ($WIKISUPPORT);
# And the chat server if enabled.
system("$DELCHATUSER $user")
if ($CHATSUPPORT);
$EUID = 0;
$sfsupdate = 1;
......@@ -486,6 +497,7 @@ sub UpdatePassword()
# And to the bugdb if enabled.
system("$ADDBUGDBUSER -m $user")
if ($BUGDBSUPPORT && $user ne $PROTOUSER);
$EUID = 0;
return 0;
......
......@@ -11,7 +11,7 @@ SUBDIR = collab
include $(OBJDIR)/Makeconf
SUBDIRS = mailman cvs
SUBDIRS = mailman cvs jabber
all: all-subdirs
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2005 University of Utah and the Flux Group.
# All rights reserved.
#
SRCDIR = @srcdir@
TESTBED_SRCDIR = @top_srcdir@
OBJDIR = ../..
SUBDIR = collab/jabber
include $(OBJDIR)/Makeconf
SBIN_SCRIPTS = jabbersetup addjabberuser deljabberuser \
modjabberbuddies
LIBEXEC_SCRIPTS =
CTRL_LIBEXEC_SCRIPTS =
CTRL_LIB_FILES =
CTRL_SBIN_SCRIPTS = jabberproxy
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
#
all: $(SBIN_SCRIPTS) $(CTRL_SBIN_SCRIPTS) $(CTRL_LIBEXEC_SCRIPTS) \
$(CTRL_LIB_FILES) $(LIBEXEC_SCRIPTS)
include $(TESTBED_SRCDIR)/GNUmakerules
install: $(addprefix $(INSTALL_SBINDIR)/, $(SBIN_SCRIPTS)) \
$(addprefix $(INSTALL_LIBEXECDIR)/, $(LIBEXEC_SCRIPTS)) \
$(addprefix $(INSTALL_DIR)/opsdir/libexec/jabber/, $(CTRL_LIBEXEC_SCRIPTS)) \
$(addprefix $(INSTALL_DIR)/opsdir/sbin/, $(CTRL_SBIN_SCRIPTS)) \
$(addprefix $(INSTALL_DIR)/opsdir/lib/jabber/, $(CTRL_LIB_FILES))
boss-install: install
post-install:
chown root $(INSTALL_SBINDIR)/addjabberuser
chmod u+s $(INSTALL_SBINDIR)/addjabberuser
chown root $(INSTALL_SBINDIR)/deljabberuser
chmod u+s $(INSTALL_SBINDIR)/deljabberuser
chown root $(INSTALL_SBINDIR)/modjabberbuddies
chmod u+s $(INSTALL_SBINDIR)/modjabberbuddies
#
# Control node installation (okay, plastic)
#
control-install: \
$(addprefix $(INSTALL_SBINDIR)/, $(CTRL_SBIN_SCRIPTS)) \
$(addprefix $(INSTALL_LIBDIR)/jabber/, $(CTRL_LIB_FILES)) \
$(addprefix $(INSTALL_LIBEXECDIR)/jabber/, $(CTRL_LIBEXEC_FILES))
clean:
rm -f *.o core
$(INSTALL_DIR)/opsdir/sbin/%: %
@echo "Installing $<"
-mkdir -p $(INSTALL_DIR)/opsdir/sbin
$(INSTALL) $< $@
$(INSTALL_DIR)/opsdir/lib/jabber/%: %
@echo "Installing $<"
-mkdir -p $(INSTALL_DIR)/opsdir/lib/jabber
$(INSTALL_DATA) $< $@
$(INSTALL_DIR)/opsdir/libexec/jabber/%: %
@echo "Installing $<"
-mkdir -p $(INSTALL_DIR)/opsdir/libexec/jabber
$(INSTALL) $< $@
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use Fcntl ':flock';
#
# Add a user to the jabber DB on ops.
#
sub usage()
{
print STDOUT "Usage: addjabberuser <uid>\n";
exit(-1);
}
my $optlist = "d";
my $debug = 0;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $CHATSUPPORT = @CHATSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $JABBERPROXY = "$TB/sbin/jabberproxy";
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libdb;
use libtestbed;
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# If no chat support, just exit.
#
if (! $CHATSUPPORT) {
print "CHAT support is not enabled. Exit ...\n";
exit(0);
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
if (@ARGV != 1) {
usage();
}
my $user = $ARGV[0];
#
# Untaint args.
#
if ($user =~ /^([-\w]+)$/) {
$user = $1;
}
else {
die("Bad data in user: $user.");
}
#
# This script always does the right thing, so no permission checks.
# In fact, all it does it call over to ops to run a script over there.
# Note that adduser will just update the password if the user already
# exist in the wiki.
#
#
# Look in the DB to see if there is already a wikiname defined. If
# we use that. Otherwise have to form one from the user name. Ick.
#
my $query_result =
DBQueryFatal("select mailman_password ".
"from users where uid='$user'");
if (!$query_result->numrows) {
fatal("No such user $user in the DB!");
}
my ($password) = $query_result->fetchrow_array();
if (!defined($password)) {
fatal("No password defined for $user!");
}
#
# For ssh.
#
$UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
my $optarg = ($debug ? "-d" : "");
print "Adding user $user to the jabber DB on $CONTROL.\n";
system("echo '$password' | ".
"$SSH -host $CONTROL $JABBERPROXY $optarg adduser $user");
if ($?) {
if ($? >> 8 == EEXIST()) {
# Not an error.
exit(0);
}
fatal("$JABBERPROXY failed on $CONTROL!");
}
}
exit(0);
sub fatal($)
{
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use Fcntl ':flock';
#
# Delete a user from the jabber DB on ops.
#
sub usage()
{
print STDOUT "Usage: deljabberuser <uid>\n";
exit(-1);
}
my $optlist = "d";
my $debug = 0;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $CHATSUPPORT = @CHATSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $JABBERPROXY = "$TB/sbin/jabberproxy";
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libdb;
use libtestbed;
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# If no chat support, just exit.
#
if (! $CHATSUPPORT) {
print "CHAT support is not enabled. Exit ...\n";
exit(0);
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
if (@ARGV != 1) {
usage();
}
my $user = $ARGV[0];
#
# Untaint args.
#
if ($user =~ /^([-\w]+)$/) {
$user = $1;
}
else {
die("Bad data in user: $user.");
}
#
# For ssh.
#
$UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
my $optarg = ($debug ? "-d" : "");
print "Removing user $user from the jabber DB on $CONTROL.\n";
system("$SSH -host $CONTROL $JABBERPROXY $optarg deluser $user");
if ($?) {
fatal("$JABBERPROXY failed on $CONTROL!");
}
}
exit(0);
sub fatal($)
{
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
This diff is collapsed.
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
#
# Initial jabber setup.
#
sub usage()
{
print STDOUT "Usage: jabbersetup\n";
exit(-1);
}
my $optlist = "d";
my $debug = 0;
my $impotent = 0;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $CHATSUPPORT = @CHATSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $ADDUSER = "$TB/sbin/addjabberuser";
my $MODBUDDIES = "$TB/sbin/modjabberbuddies";
# Protos
sub fatal($);
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
#
# If no jabber support, just exit.
#
if (! $CHATSUPPORT) {
print "Chat support is not enabled. Exit ...\n";
exit(0);
}
#
# Only testbed admins.
#
if (!TBAdmin($UID)) {
die("*** $0:\n".
" Must be a testbed admin to run this script\n");
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
if (@ARGV) {
usage();
}
#
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
#
# Parent exits normally
#
exit(0);
}
#
# First add the users.
#
$query_result =
DBQueryFatal("select distinct u.uid ".
" from group_membership as g ".
"left join users as u on u.uid=g.uid ".
"where u.status='active' ".
" and (g.pid='testbed' or g.pid='emulab-ops' or ".
" g.pid='tbres' or g.pid='utahstud' or ".
" g.pid='lbsbox')" .
"order by u.admin");
while (my ($uid) = $query_result->fetchrow_array()) {
system("$ADDUSER $uid") == 0
or fatal("Could not create jabber account for $uid");
}
#
# Now add buddies for each user in each project.
#
$query_result =
DBQueryFatal("select g.pid,g.gid from groups as g ".
"left join projects as p on p.pid=g.pid ".
"where p.approved=1 ".
"and (p.pid='testbed' or p.pid='emulab-ops' or ".
" p.pid='tbres' or p.pid='utahstud' or ".
" g.pid='lbsbox')" .
"");
while (my ($pid,$gid) = $query_result->fetchrow_array()) {
next
if ($pid ne $gid);
print "Setting up buddy lists for members of $pid\n"
if ($debug);
my $users_results =
DBQueryFatal("select g.uid from group_membership as g ".
"left join users as u on u.uid=g.uid ".
"where g.pid='$pid' and g.gid='$gid' and ".
" u.status='active'");
while (my ($uid) = $users_results->fetchrow_array()) {
system("$MODBUDDIES -a $pid:$gid $uid") == 0 or
fatal("$MODBUDDIES '-a $pid:$gid $uid' failed!");
}
}
exit(0);
sub fatal($)
{
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
#
# Modify groups (add and subtract in DB) for a user, and then call
# other scripts that need to do something about it.
#
# Note that this script does not create accounts or groups. That should
# already have been done with other scripts.
#
sub usage()
{
print STDOUT
"Usage: modjabberbuddies [-a pid:gid[,pid:gid]...] ".
"[-r pid:gid[,pid:gid]...] user\n";
exit(-1);
}
my $optlist = "dr:a:";
my $debug = 0;
my $user;
my @addlist = ();
my @remlist = ();
my $addargs = "";
my $remargs = "";
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBLOGS = "@TBLOGSEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $CHATSUPPORT = @CHATSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $JABBERPROXY = "$TB/sbin/jabberproxy";
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
# Protos
sub fatal($);
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# If no chat support, just exit.
#
if (! $CHATSUPPORT) {
print "CHAT support is not enabled. Exit ...\n";
exit(0);
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
if (defined($options{"a"})) {
my @tokens = split(",", $options{"a"});
foreach my $token (@tokens) {
#
# Untaint,
#
if ($token =~ /^([-\w]+):([-\w]+)$/) {
push(@addlist, "$1:$2");
}
else {
die("Bad data in token: $token.");
}
}
}
if (defined($options{"r"})) {
my @tokens = split(",", $options{"r"});
foreach my $token (@tokens) {
#
# Untaint,
#
if ($token =~ /^([-\w]+):([-\w]+)$/) {
push(@remlist, "$1:$2");
}
else {
die("Bad data in token: $token.");
}
}
}
usage()
if (@ARGV != 1);
$user = $ARGV[0];
# Untaint the user.
if ($user =~ /^([\w]+)$/) {
$user = $1;
}
else {
die("Bad user name: $user.");
}
#
# Get user DB uid.
#
#if (! UNIX2DBUID($UID, \$dbuid)) {
# die("*** $0:\n".
# " You do not exist in the Emulab Database!\n");
#}
#
# Permission checks. Do this later.
#
#
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
#
# Parent exits normally
#
exit(0);
}
#
# Add groups. Construct a command line to pass to addjabberbuddies.
#
foreach my $token (@addlist) {
my ($pid,$gid) = split(":", $token);
# Not going to worry about subgroups yet ...
next
if ($pid ne $gid);
#
# Okay, whenever a user is added to a project, add all the members