Commit 860f55b4 authored by Leigh Stoller's avatar Leigh Stoller

Add script to remove project directory from /proj when a project is

killed.  Okay, so I do not really remove it since its a bad idea to be
so destructive. Instead I rename $pid to $pid-`date+20%y%m%d-%H.%M.%S`
which we can remove by hand as needed.
parent 1a6cf911
......@@ -9,7 +9,7 @@ SCRIPTS = mkprojdir_wrapper tbdoit tbstopit mkexpdir \
delay_setup ifc_setup ifc_filegen \
ir2ifc power resetvlans savevlans snmpit tbend \
tbprerun tbreport vpower vsnmpit killtip \
mkacct-ctrl_wrapper
mkacct-ctrl_wrapper rmprojdir_wrapper
DATAFILES = default.ifc
SUSCRIPTS = mkprojdir os_setup mkacct rmacct \
mkacct-ctrl ifc_setup
......@@ -58,6 +58,8 @@ $(INSTALL_LIBTBDIR)/%: %.tcl
post-install:
chown root $(INSTALL_BINDIR)/mkprojdir
chmod u+s $(INSTALL_BINDIR)/mkprojdir
chown root $(INSTALL_BINDIR)/rmprojdir
chmod u+s $(INSTALL_BINDIR)/rmprojdir
chown root $(INSTALL_BINDIR)/mkacct-ctrl
chmod u+s $(INSTALL_BINDIR)/mkacct-ctrl
chown root $(INSTALL_BINDIR)/mkacct
......
#!/usr/local/bin/perl -wT
use Mysql;
use English;
#
# Remove a project directory hierarchy. Actually, the project directory
# is *renamed* from $pid to $pid-`date +20%y%m%d-%H.%M.%S` since we do
# not want to be so destructive.
#
# usage: rmprojdir <pid>
#
# TODO: Allow for the head of a project delete it.
#
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
my $PROJROOT = "/proj";
my $dbh = Mysql->connect("localhost","tbdb","script","none");
my $db_result= "";
#
# Check args.
#
if ($#ARGV < 0) {
die("Usage: rmprojdir <pid>\n");
}
my $pid = $ARGV[0];
#
# Untaint the argument.
#
if ($pid =~ /^([-\@\w.]+)$/) {
$pid = $1;
}
else {
die("Invalid pid '$pid' contains illegal characters.\n");
}
#
# Figure out who called us. Only root or people with admin status
# can run this script.
#
if ($UID != 0) {
my ($me) = getpwuid($UID)
or die "$UID not in passwd file";
$db_result = $dbh->query("select admin from users where uid='$me'");
my @row = $db_result->fetchrow_array();
if ($row[0] != 1) {
die("rmprojdir: ".
"You must be root or TB admin to remove a project directory\n");
}
}
#
# Ensure that the project is not in the database!
#
$db_result = $dbh->query("select head_uid ".
"from projects where pid='$pid'");
if ($db_result->numrows == 1) {
die("Project '$pid' is still in the database!\n");
}
#
# Rename the project directory.
#
my $newname = "$pid-" . `date +20%y%m%d-%H.%M.%S`;
#
# Untaint the new name since it was constructed with date. Dopey.
#
if ($newname =~ /^([-\@\w.]+)$/) {
$newname = $1;
}
if (! chdir($PROJROOT)) {
print STDOUT "Could not chdir to $PROJROOT!\n";
exit(-1);
}
if (! -e $pid) {
print STDOUT "Project directory '$pid' does not exist!\n";
exit(-1);
}
if (! rename($pid, $newname)) {
print STDOUT "Could not rename project directory $pid to $newname: $!\n";
exit(-1);
}
exit(0);
#!/usr/local/bin/perl -wT
#
# Wrapper for running rmprojdir from the web page. suexec should not be able
# to run a setuid script, but in this case, we want to allow it. Actually,
# I'm not entirely sure that this restriction makes sense in our semi
# controlled environment, but better safe than sorry. If you think I'm being
# too paranoid, let me know.
#
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Check args.
#
if ($#ARGV < 0) {
die("Usage: rmprojdir_wrapper <pid>\n");
}
my $pid = $ARGV[0];
#
# Untaint the argument.
#
if ($pid =~ /^([-\@\w.]+)$/) {
$pid = $1;
}
else {
die("Invalid pid '$pid' contains illegal characters.\n");
}
exec "/usr/testbed/bin/rmprojdir $pid";
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment