Commit 12eeadb1 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Add a wrapper around the "console" program to get the acl from the

XMLRPC server on boss.
parent ba0237de
...@@ -2283,7 +2283,7 @@ outfiles="$outfiles Makeconf GNUmakefile \ ...@@ -2283,7 +2283,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \ tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \
tbsetup/panic tbsetup/webpanic \ tbsetup/panic tbsetup/webpanic \
tbsetup/tbrsync \ tbsetup/tbrsync \
tip/GNUmakefile \ tip/GNUmakefile tip/console \
tmcd/GNUmakefile tmcd/tmcd.restart \ tmcd/GNUmakefile tmcd/tmcd.restart \
tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \ tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \
tmcd/freebsd/GNUmakefile \ tmcd/freebsd/GNUmakefile \
...@@ -2305,6 +2305,7 @@ outfiles="$outfiles Makeconf GNUmakefile \ ...@@ -2305,6 +2305,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
utils/grabwebcams utils/loghole utils/webcopy \ utils/grabwebcams utils/loghole utils/webcopy \
utils/setdest utils/websetdest utils/grabswitchconfig \ utils/setdest utils/websetdest utils/grabswitchconfig \
utils/backupswitches utils/setbuildinfo utils/checkquota \ utils/backupswitches utils/setbuildinfo utils/checkquota \
utils/spewconlog utils/webspewconlog \
www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \ www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \
www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \ www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \
vis/GNUmakefile vis/webvistopology vis/dbvistopology \ vis/GNUmakefile vis/webvistopology vis/dbvistopology \
......
...@@ -721,7 +721,7 @@ outfiles="$outfiles Makeconf GNUmakefile \ ...@@ -721,7 +721,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \ tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \
tbsetup/panic tbsetup/webpanic \ tbsetup/panic tbsetup/webpanic \
tbsetup/tbrsync \ tbsetup/tbrsync \
tip/GNUmakefile \ tip/GNUmakefile tip/console \
tmcd/GNUmakefile tmcd/tmcd.restart \ tmcd/GNUmakefile tmcd/tmcd.restart \
tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \ tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \
tmcd/freebsd/GNUmakefile \ tmcd/freebsd/GNUmakefile \
...@@ -743,6 +743,7 @@ outfiles="$outfiles Makeconf GNUmakefile \ ...@@ -743,6 +743,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
utils/grabwebcams utils/loghole utils/webcopy \ utils/grabwebcams utils/loghole utils/webcopy \
utils/setdest utils/websetdest utils/grabswitchconfig \ utils/setdest utils/websetdest utils/grabswitchconfig \
utils/backupswitches utils/setbuildinfo utils/checkquota \ utils/backupswitches utils/setbuildinfo utils/checkquota \
utils/spewconlog utils/webspewconlog \
www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \ www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \
www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \ www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \
vis/GNUmakefile vis/webvistopology vis/dbvistopology \ vis/GNUmakefile vis/webvistopology vis/dbvistopology \
......
...@@ -5,7 +5,7 @@ SUBDIR = tip ...@@ -5,7 +5,7 @@ SUBDIR = tip
include $(OBJDIR)/Makeconf include $(OBJDIR)/Makeconf
all: tip tiptunnel console tippty all: tip tiptunnel console.bin console tippty
client: tippty client: tippty
include $(TESTBED_SRCDIR)/GNUmakerules include $(TESTBED_SRCDIR)/GNUmakerules
...@@ -49,11 +49,11 @@ tiptunnel: tiptunnel.o ...@@ -49,11 +49,11 @@ tiptunnel: tiptunnel.o
# 'console' is tiptunnel, without SSL, and with localmode on by default. # 'console' is tiptunnel, without SSL, and with localmode on by default.
console.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h console.bin.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
$(CC) -DLOCALBYDEFAULT -o console.o -c $< $(CC) -DLOCALBYDEFAULT -o console.bin.o -c $<
console: console.o console.bin: console.bin.o
$(CC) -o console console.o $(CC) -o console.bin console.bin.o
tippty.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h tippty.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
$(CC) -DTIPPTY -o $@ -c $< $(CC) -DTIPPTY -o $@ -c $<
...@@ -66,13 +66,14 @@ $(OBJS): tipconf.h tip.h ...@@ -66,13 +66,14 @@ $(OBJS): tipconf.h tip.h
client-install: client client-install: client
$(INSTALL_PROGRAM) tippty$(EXE) $(DESTDIR)$(CLIENT_BINDIR)/tippty$(EXE) $(INSTALL_PROGRAM) tippty$(EXE) $(DESTDIR)$(CLIENT_BINDIR)/tippty$(EXE)
control-install tipserv-install: all $(INSTALL_BINDIR)/tip $(INSTALL_BINDIR)/tiptunnel $(INSTALL_BINDIR)/console control-install tipserv-install: all $(INSTALL_BINDIR)/tip $(INSTALL_BINDIR)/tiptunnel $(INSTALL_BINDIR)/console.bin $(INSTALL_BINDIR)/console
install: control-install install: control-install
-mkdir -p $(INSTALL_DIR)/opsdir/bin -mkdir -p $(INSTALL_DIR)/opsdir/bin
$(INSTALL_PROGRAM) tiptunnel $(INSTALL_DIR)/opsdir/bin/tiptunnel $(INSTALL_PROGRAM) tiptunnel $(INSTALL_DIR)/opsdir/bin/tiptunnel
$(INSTALL_PROGRAM) tip $(INSTALL_DIR)/opsdir/bin/tip $(INSTALL_PROGRAM) tip $(INSTALL_DIR)/opsdir/bin/tip
$(INSTALL_PROGRAM) console $(INSTALL_DIR)/opsdir/bin/console $(INSTALL_PROGRAM) console $(INSTALL_DIR)/opsdir/bin/console
$(INSTALL_PROGRAM) console.bin $(INSTALL_DIR)/opsdir/bin/console.bin
clean: clean:
rm -f $(OBJS) tiptunnel.o console.o tip tiptunnel console tippty.o tippty rm -f $(OBJS) *.o tip tiptunnel console console.bin tippty
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use POSIX qw(setsid);
#
# Wrapper for console program; grab tipacl from XMLRPC server, and feed it
# to the console binary.
#
sub usage()
{
print(STDOUT "Usage: console pcXXX\n");
exit(-1);
}
my $optlist = "";
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $WRAPPER = "$TB/bin/script_wrapper.py";
my $CONSOLEBIN = "$TB/bin/console.bin";
my $aclfile;
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output. Very important for this script!
#
$| = 1;
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
usage()
if (@ARGV != 1);
my $node = $ARGV[0];
#
# Make a temp file for the acl.
#
$ENV{'TMPDIR'} = "/tmp";
my $tempfile = `mktemp -t tipacl`;
if ($?) {
die("*** $0:\n".
" Could not create a temporary file!\n");
}
if ($tempfile =~ /^([-\w\/\.]*)$/) {
$tempfile = $1;
}
else {
die("*** $0:\n".
" Bad data in tag: $tempfile\n");
}
#
# Ask the XMLRPC server for the tipacl. The current user has to have proper
# permission of course.
#
system("$WRAPPER tipacl $node >> $tempfile");
#
# Do not want to leave the acl file around, and do not want to wait for
# the user to quit the program, so fork a child to wait a moment and remove
# the file. We have the child do it so as to avoid messing with the session
# and tty goo.
#
my $syspid = fork();
# Child delays a moment and exits.
if (!$syspid) {
sleep(1);
unlink($tempfile);
exit(0);
}
my @cmdargs = ($CONSOLEBIN, "-a", "$tempfile", "$node");
exec(@cmdargs);
die("*** $0:\n".
" Exec failure: '@cmdargs'\n");
...@@ -136,6 +136,7 @@ static void sigquit(int sig) ...@@ -136,6 +136,7 @@ static void sigquit(int sig)
int main( int argc, char ** argv ) int main( int argc, char ** argv )
{ {
const char * name = argv[0]; const char * name = argv[0];
char * aclfile = (char *) NULL;
int op; int op;
#if defined(LOCALBYDEFAULT) || defined(TIPPTY) #if defined(LOCALBYDEFAULT) || defined(TIPPTY)
...@@ -145,11 +146,14 @@ int main( int argc, char ** argv ) ...@@ -145,11 +146,14 @@ int main( int argc, char ** argv )
#endif #endif
#endif #endif
while ((op = getopt( argc, argv, "hlp:rdu:c:" )) != -1) { while ((op = getopt( argc, argv, "hlp:rdu:c:a:" )) != -1) {
switch (op) { switch (op) {
case 'h': case 'h':
usage(name); usage(name);
break; break;
case 'a':
aclfile = optarg;
break;
case 'l': case 'l':
localmode++; localmode++;
break; break;
...@@ -189,9 +193,13 @@ int main( int argc, char ** argv ) ...@@ -189,9 +193,13 @@ int main( int argc, char ** argv )
} }
if (localmode) { if (localmode) {
char localAclName[1024]; if (aclfile)
sprintf( localAclName, "%s/%s.acl", ACLDIR, argv[0] ); loadAcl( aclfile );
loadAcl( localAclName ); else {
char localAclName[1024];
sprintf( localAclName, "%s/%s.acl", ACLDIR, argv[0] );
loadAcl( localAclName );
}
} else { } else {
loadAcl( argv[0] ); loadAcl( argv[0] );
} }
...@@ -400,15 +408,15 @@ void loadAcl( const char * filename ) ...@@ -400,15 +408,15 @@ void loadAcl( const char * filename )
bzero( &key, sizeof( key ) ); bzero( &key, sizeof( key ) );
while (fscanf(aclFile, "%s %s\n", &b1, &b2) != EOF) { while (fscanf(aclFile, "%s %s\n", &b1, &b2) != EOF) {
if ( strcmp(b1, "host:") == 0 ) { if ( strcmp(b1, "host:") == 0 || strcmp(b1, "server:") == 0 ) {
if (!uploadmode) if (!uploadmode)
hostname = strdup( b2 ); hostname = strdup( b2 );
} else if ( strcmp(b1, "port:") == 0 ) { } else if ( strcmp(b1, "port:") == 0 || strcmp(b1, "portnum:") == 0 ) {
if (!uploadmode) if (!uploadmode)
port = atoi( b2 ); port = atoi( b2 );
} else if ( strcmp(b1, "keylen:") == 0 ) { } else if ( strcmp(b1, "keylen:") == 0 ) {
key.keylen = atoi( b2 ); key.keylen = atoi( b2 );
} else if ( strcmp(b1, "key:") == 0 ) { } else if ( strcmp(b1, "key:") == 0 || strcmp(b1, "keydata:") == 0) {
strcpy( key.key, b2 ); strcpy( key.key, b2 );
#ifdef WITHSSL #ifdef WITHSSL
} else if ( strcmp(b1, "uphost:") == 0 ) { } else if ( strcmp(b1, "uphost:") == 0 ) {
...@@ -423,11 +431,15 @@ void loadAcl( const char * filename ) ...@@ -423,11 +431,15 @@ void loadAcl( const char * filename )
usingSSL++; usingSSL++;
#endif /* WITHSSL */ #endif /* WITHSSL */
} else { } else {
fprintf(stderr, "Ignored unknown ACL: %s %s\n", b1, b2); /* fprintf(stderr, "Ignored unknown ACL: %s %s\n", b1, b2); */
} }
} }
fclose(aclFile);
if (!key.keylen)
key.keylen = strlen(key.key);
if (!port || !hostname || !key.keylen || !strlen(key.key)) { if (!port || !hostname || !strlen(key.key)) {
fprintf(stderr, "Incomplete ACL\n"); fprintf(stderr, "Incomplete ACL\n");
exit(-1); exit(-1);
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment