![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1aa51726cecf3abeed67bc4a9178263d388207ec
1 #!/usr/bin/perl
2 #===============================================================================
3 #
4 # FILE: gosa-sd
5 #
6 # USAGE: ./gosa-sd
7 #
8 # DESCRIPTION:
9 #
10 # OPTIONS: ---
11 # REQUIREMENTS: libconfig-inifiles-perl libcrypt-rijndael-perl libxml-simple-perl
12 # libdata-dumper-simple-perl libdbd-sqlite3-perl libnet-ldap-perl
13 # libpoe-perl
14 # BUGS: ---
15 # NOTES:
16 # AUTHOR: (Andreas Rettenberger), <rettenberger@gonicus.de>
17 # COMPANY:
18 # VERSION: 1.0
19 # CREATED: 12.09.2007 08:54:41 CEST
20 # REVISION: ---
21 #===============================================================================
23 use strict;
24 use warnings;
25 use Getopt::Long;
26 use Config::IniFiles;
27 use POSIX;
28 use utf8;
30 use Fcntl;
31 use IO::Socket::INET;
32 use IO::Handle;
33 use IO::Select;
34 use Symbol qw(qualify_to_ref);
35 use Crypt::Rijndael;
36 use MIME::Base64;
37 use Digest::MD5 qw(md5 md5_hex md5_base64);
38 use XML::Simple;
39 use Data::Dumper;
40 use Sys::Syslog qw( :DEFAULT setlogsock);
41 use Cwd;
42 use File::Spec;
43 use File::Basename;
44 use File::Path;
45 use GOSA::DBsqlite;
46 use GOSA::GosaSupportDaemon;
47 use POE qw(Component::Server::TCP);
48 use Net::LDAP;
49 use Net::LDAP::Util qw(:escape);
51 my $modules_path = "/usr/lib/gosa-si/modules";
52 use lib "/usr/lib/gosa-si/modules";
54 my (%cfg_defaults, $foreground, $verbose, $ping_timeout);
55 my ($bus_activ, $bus, $msg_to_bus, $bus_cipher);
56 my ($server, $server_mac_address);
57 my ($gosa_server, $job_queue_timeout, $job_queue_loop_delay);
58 my ($known_modules);
59 my ($pid_file, $procid, $pid, $log_file);
60 my ($arp_activ, $arp_fifo);
61 my ($xml);
62 my $sources_list;
63 my $max_clients;
64 # variables declared in config file are always set to 'our'
65 our (%cfg_defaults, $log_file, $pid_file,
66 $server_ip, $server_port, $SIPackages_key,
67 $arp_activ, $gosa_unit_tag,
68 $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout,
69 );
71 # additional variable which should be globaly accessable
72 our $server_address;
73 our $bus_address;
74 our $gosa_address;
75 our $no_bus;
76 our $no_arp;
77 our $verbose;
78 our $forground;
79 our $cfg_file;
80 our ($ldap_handle, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password );
83 # specifies the verbosity of the daemon_log
84 $verbose = 0 ;
86 # if foreground is not null, script will be not forked to background
87 $foreground = 0 ;
89 # specifies the timeout seconds while checking the online status of a registrating client
90 $ping_timeout = 5;
92 $no_bus = 0;
93 $bus_activ = "true";
95 $no_arp = 0;
97 our $prg= basename($0);
99 # holds all gosa jobs
100 our $job_db;
101 our $job_queue_tn = 'jobs';
102 my $job_queue_file_name;
103 my @job_queue_col_names = ("id INTEGER", "timestamp", "status", "result", "progress INTEGER",
104 "headertag", "targettag", "xmlmessage", "macaddress");
106 # holds all other gosa-sd as well as the gosa-sd-bus
107 our $known_server_db;
108 our $known_server_tn = "known_server";
109 my $known_server_file_name;
110 my @known_server_col_names = ('hostname', 'status', 'hostkey', 'timestamp');
112 # holds all registrated clients
113 our $known_clients_db;
114 our $known_clients_tn = "known_clients";
115 my $known_clients_file_name;
116 my @known_clients_col_names = ('hostname', 'status', 'hostkey', 'timestamp', 'macaddress', 'events');
118 # holds all logged in user at each client
119 our $login_users_db;
120 our $login_users_tn = "login_users";
121 my $login_users_file_name;
122 my @login_users_col_names = ('client', 'user', 'timestamp');
124 # holds all fai server, the debian release and tag
125 our $fai_server_db;
126 our $fai_server_tn = "fai_server";
127 my $fai_server_file_name;
128 our @fai_server_col_names = ('timestamp', 'server', 'release', 'tag');
129 our $fai_release_tn = "fai_release";
130 our @fai_release_col_names = ('timestamp', 'release', 'class', 'type', 'state');
132 # holds all packages available from different repositories
133 our $packages_list_db;
134 our $packages_list_tn = "packages_list";
135 my $packages_list_file_name;
136 our @packages_list_col_names = ('distribution', 'package', 'version', 'section', 'description', 'template', 'timestamp');
137 my $outdir = "/tmp/packages_list_db";
138 my $arch = "i386";
140 # holds all messages which should be delivered to a user
141 our $messaging_db;
142 our $messaging_tn = "messaging";
143 our @messaging_col_names = ('subject', 'from', 'to', 'flag', 'direction', 'delivery_time', 'message', 'timestamp', 'id INTEGER', );
144 my $messaging_file_name;
146 # path to directory to store client install log files
147 our $client_fai_log_dir = "/var/log/fai";
149 %cfg_defaults = (
150 "general" => {
151 "log-file" => [\$log_file, "/var/run/".$prg.".log"],
152 "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"],
153 },
154 "bus" => {
155 "activ" => [\$bus_activ, "true"],
156 },
157 "server" => {
158 "port" => [\$server_port, "20081"],
159 "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ],
160 "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'],
161 "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'],
162 "fai-server" => [\$fai_server_file_name, '/var/lib/gosa-si/fai.db'],
163 "packages-list" => [\$packages_list_file_name, '/var/lib/gosa-si/packages.db'],
164 "messaging" => [\$messaging_file_name, '/var/lib/gosa-si/messaging.db'],
165 "source-list" => [\$sources_list, '/etc/apt/sources.list'],
166 "ldap-uri" => [\$ldap_uri, ""],
167 "ldap-base" => [\$ldap_base, ""],
168 "ldap-admin-dn" => [\$ldap_admin_dn, ""],
169 "ldap-admin-password" => [\$ldap_admin_password, ""],
170 "gosa-unit-tag" => [\$gosa_unit_tag, ""],
171 "max-clients" => [\$max_clients, 10],
172 },
173 "GOsaPackages" => {
174 "ip" => [\$gosa_ip, "0.0.0.0"],
175 "port" => [\$gosa_port, "20082"],
176 "job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
177 "job-queue-loop-delay" => [\$job_queue_loop_delay, 3],
178 "key" => [\$GosaPackages_key, "none"],
179 },
180 "SIPackages" => {
181 "key" => [\$SIPackages_key, "none"],
182 },
183 );
186 #=== FUNCTION ================================================================
187 # NAME: usage
188 # PARAMETERS: nothing
189 # RETURNS: nothing
190 # DESCRIPTION: print out usage text to STDERR
191 #===============================================================================
192 sub usage {
193 print STDERR << "EOF" ;
194 usage: $prg [-hvf] [-c config]
196 -h : this (help) message
197 -c <file> : config file
198 -f : foreground, process will not be forked to background
199 -v : be verbose (multiple to increase verbosity)
200 -no-bus : starts $prg without connection to bus
201 -no-arp : starts $prg without connection to arp module
203 EOF
204 print "\n" ;
205 }
208 #=== FUNCTION ================================================================
209 # NAME: read_configfile
210 # PARAMETERS: cfg_file - string -
211 # RETURNS: nothing
212 # DESCRIPTION: read cfg_file and set variables
213 #===============================================================================
214 sub read_configfile {
215 my $cfg;
216 if( defined( $cfg_file) && ( length($cfg_file) > 0 )) {
217 if( -r $cfg_file ) {
218 $cfg = Config::IniFiles->new( -file => $cfg_file );
219 } else {
220 print STDERR "Couldn't read config file!\n";
221 }
222 } else {
223 $cfg = Config::IniFiles->new() ;
224 }
225 foreach my $section (keys %cfg_defaults) {
226 foreach my $param (keys %{$cfg_defaults{ $section }}) {
227 my $pinfo = $cfg_defaults{ $section }{ $param };
228 ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] );
229 }
230 }
231 }
234 #=== FUNCTION ================================================================
235 # NAME: logging
236 # PARAMETERS: level - string - default 'info'
237 # msg - string -
238 # facility - string - default 'LOG_DAEMON'
239 # RETURNS: nothing
240 # DESCRIPTION: function for logging
241 #===============================================================================
242 sub daemon_log {
243 # log into log_file
244 my( $msg, $level ) = @_;
245 if(not defined $msg) { return }
246 if(not defined $level) { $level = 1 }
247 if(defined $log_file){
248 open(LOG_HANDLE, ">>$log_file");
249 if(not defined open( LOG_HANDLE, ">>$log_file" )) {
250 print STDERR "cannot open $log_file: $!";
251 return }
252 chomp($msg);
253 if($level <= $verbose){
254 my ($seconds, $minutes, $hours, $monthday, $month,
255 $year, $weekday, $yearday, $sommertime) = localtime(time);
256 $hours = $hours < 10 ? $hours = "0".$hours : $hours;
257 $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
258 $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
259 my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
260 $month = $monthnames[$month];
261 $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
262 $year+=1900;
263 my $name = $prg;
265 my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
266 print LOG_HANDLE $log_msg;
267 if( $foreground ) {
268 print STDERR $log_msg;
269 }
270 }
271 close( LOG_HANDLE );
272 }
273 }
276 #=== FUNCTION ================================================================
277 # NAME: check_cmdline_param
278 # PARAMETERS: nothing
279 # RETURNS: nothing
280 # DESCRIPTION: validates commandline parameter
281 #===============================================================================
282 sub check_cmdline_param () {
283 my $err_config;
284 my $err_counter = 0;
285 if(not defined($cfg_file)) {
286 $cfg_file = "/etc/gosa-si/server.conf";
287 if(! -r $cfg_file) {
288 $err_config = "please specify a config file";
289 $err_counter += 1;
290 }
291 }
292 if( $err_counter > 0 ) {
293 &usage( "", 1 );
294 if( defined( $err_config)) { print STDERR "$err_config\n"}
295 print STDERR "\n";
296 exit( -1 );
297 }
298 }
301 #=== FUNCTION ================================================================
302 # NAME: check_pid
303 # PARAMETERS: nothing
304 # RETURNS: nothing
305 # DESCRIPTION: handels pid processing
306 #===============================================================================
307 sub check_pid {
308 $pid = -1;
309 # Check, if we are already running
310 if( open(LOCK_FILE, "<$pid_file") ) {
311 $pid = <LOCK_FILE>;
312 if( defined $pid ) {
313 chomp( $pid );
314 if( -f "/proc/$pid/stat" ) {
315 my($stat) = `cat /proc/$pid/stat` =~ m/$pid \((.+)\).*/;
316 if( $0 eq $stat ) {
317 close( LOCK_FILE );
318 exit -1;
319 }
320 }
321 }
322 close( LOCK_FILE );
323 unlink( $pid_file );
324 }
326 # create a syslog msg if it is not to possible to open PID file
327 if (not sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) {
328 my($msg) = "Couldn't obtain lockfile '$pid_file' ";
329 if (open(LOCK_FILE, '<', $pid_file)
330 && ($pid = <LOCK_FILE>))
331 {
332 chomp($pid);
333 $msg .= "(PID $pid)\n";
334 } else {
335 $msg .= "(unable to read PID)\n";
336 }
337 if( ! ($foreground) ) {
338 openlog( $0, "cons,pid", "daemon" );
339 syslog( "warning", $msg );
340 closelog();
341 }
342 else {
343 print( STDERR " $msg " );
344 }
345 exit( -1 );
346 }
347 }
349 #=== FUNCTION ================================================================
350 # NAME: import_modules
351 # PARAMETERS: module_path - string - abs. path to the directory the modules
352 # are stored
353 # RETURNS: nothing
354 # DESCRIPTION: each file in module_path which ends with '.pm' and activation
355 # state is on is imported by "require 'file';"
356 #===============================================================================
357 sub import_modules {
358 daemon_log(" ", 1);
360 if (not -e $modules_path) {
361 daemon_log("ERROR: cannot find directory or directory is not readable: $modules_path", 1);
362 }
364 opendir (DIR, $modules_path) or die "ERROR while loading modules from directory $modules_path : $!\n";
365 while (defined (my $file = readdir (DIR))) {
366 if (not $file =~ /(\S*?).pm$/) {
367 next;
368 }
369 my $mod_name = $1;
371 if( $file =~ /ArpHandler.pm/ ) {
372 if( $no_arp > 0 ) {
373 next;
374 }
375 }
377 eval { require $file; };
378 if ($@) {
379 daemon_log("ERROR: gosa-si-server could not load module $file", 1);
380 daemon_log("$@", 5);
381 } else {
382 my $info = eval($mod_name.'::get_module_info()');
383 # Only load module if get_module_info() returns a non-null object
384 if( $info ) {
385 my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info};
386 $known_modules->{$mod_name} = $info;
387 daemon_log("INFO: module $mod_name loaded", 5);
388 }
389 }
390 }
391 close (DIR);
392 }
395 #=== FUNCTION ================================================================
396 # NAME: sig_int_handler
397 # PARAMETERS: signal - string - signal arose from system
398 # RETURNS: noting
399 # DESCRIPTION: handels tasks to be done befor signal becomes active
400 #===============================================================================
401 sub sig_int_handler {
402 my ($signal) = @_;
404 if(defined($ldap_handle)) {
405 $ldap_handle->disconnect;
406 }
408 daemon_log("shutting down gosa-si-server", 1);
409 exit(0);
410 }
411 $SIG{INT} = \&sig_int_handler;
415 sub check_key_and_xml_validity {
416 my ($crypted_msg, $module_key) = @_;
417 my $msg;
418 my $msg_hash;
419 my $error_string;
420 eval{
421 $msg = &decrypt_msg($crypted_msg, $module_key);
423 if ($msg =~ /<xml>/i){
424 daemon_log("decrypted_msg: \n$msg", 8);
425 $msg_hash = $xml->XMLin($msg, ForceArray=>1);
427 ##############
428 # check header
429 if( not exists $msg_hash->{'header'} ) { die "no header specified"; }
430 my $header_l = $msg_hash->{'header'};
431 if( 1 > @{$header_l} ) { die 'empty header tag'; }
432 if( 1 < @{$header_l} ) { die 'more than one header specified'; }
433 my $header = @{$header_l}[0];
434 if( 0 == length $header) { die 'empty string in header tag'; }
436 ##############
437 # check source
438 if( not exists $msg_hash->{'source'} ) { die "no source specified"; }
439 my $source_l = $msg_hash->{'source'};
440 if( 1 > @{$source_l} ) { die 'empty source tag'; }
441 if( 1 < @{$source_l} ) { die 'more than one source specified'; }
442 my $source = @{$source_l}[0];
443 if( 0 == length $source) { die 'source error'; }
445 ##############
446 # check target
447 if( not exists $msg_hash->{'target'} ) { die "no target specified"; }
448 my $target_l = $msg_hash->{'target'};
449 if( 1 > @{$target_l} ) { die 'empty target tag'; }
450 }
451 };
452 if($@) {
453 daemon_log("WARNING: do not understand the message: $@", 5);
454 $msg = undef;
455 $msg_hash = undef;
456 }
458 return ($msg, $msg_hash);
459 }
462 sub check_outgoing_xml_validity {
463 my ($msg) = @_;
465 my $msg_hash;
466 eval{
467 $msg_hash = $xml->XMLin($msg, ForceArray=>1);
469 ##############
470 # check header
471 my $header_l = $msg_hash->{'header'};
472 if( 1 != @{$header_l} ) {
473 die 'no or more than one headers specified';
474 }
475 my $header = @{$header_l}[0];
476 if( 0 == length $header) {
477 die 'header has length 0';
478 }
480 ##############
481 # check source
482 my $source_l = $msg_hash->{'source'};
483 if( 1 != @{$source_l} ) {
484 die 'no or more than 1 sources specified';
485 }
486 my $source = @{$source_l}[0];
487 if( 0 == length $source) {
488 die 'source has length 0';
489 }
490 unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
491 $source =~ /^GOSA$/i ) {
492 die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
493 }
495 ##############
496 # check target
497 my $target_l = $msg_hash->{'target'};
498 if( 0 == @{$target_l} ) {
499 die "no targets specified";
500 }
501 foreach my $target (@$target_l) {
502 if( 0 == length $target) {
503 die "target has length 0";
504 }
505 unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
506 $target =~ /^GOSA$/i ||
507 $target =~ /^\*$/ ||
508 $target =~ /KNOWN_SERVER/i ||
509 $target =~ /JOBDB/i ||
510 $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){
511 die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address";
512 }
513 }
514 };
515 if($@) {
516 daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5);
517 daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 8);
518 $msg_hash = undef;
519 }
521 return ($msg_hash);
522 }
525 sub input_from_known_server {
526 my ($input, $remote_ip) = @_ ;
527 my ($msg, $msg_hash, $module);
529 my $sql_statement= "SELECT * FROM known_server";
530 my $query_res = $known_server_db->select_dbentry( $sql_statement );
532 while( my ($hit_num, $hit) = each %{ $query_res } ) {
533 my $host_name = $hit->{hostname};
534 if( not $host_name =~ "^$remote_ip") {
535 next;
536 }
537 my $host_key = $hit->{hostkey};
538 daemon_log("DEBUG: input_from_known_server: host_name: $host_name", 7);
539 daemon_log("DEBUG: input_from_known_server: host_key: $host_key", 7);
541 # check if module can open msg envelope with module key
542 my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key);
543 if( (!$tmp_msg) || (!$tmp_msg_hash) ) {
544 daemon_log("DEBUG: input_from_known_server: deciphering raise error", 7);
545 daemon_log("$@", 8);
546 next;
547 }
548 else {
549 $msg = $tmp_msg;
550 $msg_hash = $tmp_msg_hash;
551 $module = "SIPackages";
552 last;
553 }
554 }
556 if( (!$msg) || (!$msg_hash) || (!$module) ) {
557 daemon_log("DEBUG: Incoming message is not from a known server", 7);
558 }
560 return ($msg, $msg_hash, $module);
561 }
564 sub input_from_known_client {
565 my ($input, $remote_ip) = @_ ;
566 my ($msg, $msg_hash, $module);
568 my $sql_statement= "SELECT * FROM known_clients";
569 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
570 while( my ($hit_num, $hit) = each %{ $query_res } ) {
571 my $host_name = $hit->{hostname};
572 if( not $host_name =~ /^$remote_ip:\d*$/) {
573 next;
574 }
575 my $host_key = $hit->{hostkey};
576 &daemon_log("DEBUG: input_from_known_client: host_name: $host_name", 7);
577 &daemon_log("DEBUG: input_from_known_client: host_key: $host_key", 7);
579 # check if module can open msg envelope with module key
580 ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key);
582 if( (!$msg) || (!$msg_hash) ) {
583 &daemon_log("DEGUG: input_from_known_client: deciphering raise error", 7);
584 &daemon_log("$@", 8);
585 next;
586 }
587 else {
588 $module = "SIPackages";
589 last;
590 }
591 }
593 if( (!$msg) || (!$msg_hash) || (!$module) ) {
594 &daemon_log("DEBUG: Incoming message is not from a known client", 7);
595 }
597 return ($msg, $msg_hash, $module);
598 }
601 sub input_from_unknown_host {
602 no strict "refs";
603 my ($input) = @_ ;
604 my ($msg, $msg_hash, $module);
605 my $error_string;
607 my %act_modules = %$known_modules;
609 while( my ($mod, $info) = each(%act_modules)) {
611 # check a key exists for this module
612 my $module_key = ${$mod."_key"};
613 if( not defined $module_key ) {
614 if( $mod eq 'ArpHandler' ) {
615 next;
616 }
617 daemon_log("ERROR: no key specified in config file for $mod", 1);
618 next;
619 }
620 daemon_log("DEBUG: $mod: $module_key", 7);
622 # check if module can open msg envelope with module key
623 ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key);
624 if( (not defined $msg) || (not defined $msg_hash) ) {
625 next;
626 }
627 else {
628 $module = $mod;
629 last;
630 }
631 }
633 if( (!$msg) || (!$msg_hash) || (!$module)) {
634 daemon_log("DEBUG: Incoming message is not from an unknown host", 7);
635 }
637 return ($msg, $msg_hash, $module);
638 }
641 sub create_ciphering {
642 my ($passwd) = @_;
643 if((!defined($passwd)) || length($passwd)==0) {
644 $passwd = "";
645 }
646 $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
647 my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
648 my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
649 $my_cipher->set_iv($iv);
650 return $my_cipher;
651 }
654 sub encrypt_msg {
655 my ($msg, $key) = @_;
656 my $my_cipher = &create_ciphering($key);
657 my $len;
658 {
659 use bytes;
660 $len= 16-length($msg)%16;
661 }
662 $msg = "\0"x($len).$msg;
663 $msg = $my_cipher->encrypt($msg);
664 chomp($msg = &encode_base64($msg));
665 # there are no newlines allowed inside msg
666 $msg=~ s/\n//g;
667 return $msg;
668 }
671 sub decrypt_msg {
673 my ($msg, $key) = @_ ;
674 $msg = &decode_base64($msg);
675 my $my_cipher = &create_ciphering($key);
676 $msg = $my_cipher->decrypt($msg);
677 $msg =~ s/\0*//g;
678 return $msg;
679 }
682 sub get_encrypt_key {
683 my ($target) = @_ ;
684 my $encrypt_key;
685 my $error = 0;
687 # target can be in known_server
688 if( not defined $encrypt_key ) {
689 my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'";
690 my $query_res = $known_server_db->select_dbentry( $sql_statement );
691 while( my ($hit_num, $hit) = each %{ $query_res } ) {
692 my $host_name = $hit->{hostname};
693 if( $host_name ne $target ) {
694 next;
695 }
696 $encrypt_key = $hit->{hostkey};
697 last;
698 }
699 }
701 # target can be in known_client
702 if( not defined $encrypt_key ) {
703 my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'";
704 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
705 while( my ($hit_num, $hit) = each %{ $query_res } ) {
706 my $host_name = $hit->{hostname};
707 if( $host_name ne $target ) {
708 next;
709 }
710 $encrypt_key = $hit->{hostkey};
711 last;
712 }
713 }
715 return $encrypt_key;
716 }
719 #=== FUNCTION ================================================================
720 # NAME: open_socket
721 # PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
722 # [PeerPort] string necessary if port not appended by PeerAddr
723 # RETURNS: socket IO::Socket::INET
724 # DESCRIPTION: open a socket to PeerAddr
725 #===============================================================================
726 sub open_socket {
727 my ($PeerAddr, $PeerPort) = @_ ;
728 if(defined($PeerPort)){
729 $PeerAddr = $PeerAddr.":".$PeerPort;
730 }
731 my $socket;
732 $socket = new IO::Socket::INET(PeerAddr => $PeerAddr,
733 Porto => "tcp",
734 Type => SOCK_STREAM,
735 Timeout => 5,
736 );
737 if(not defined $socket) {
738 return;
739 }
740 # &daemon_log("DEBUG: open_socket: $PeerAddr", 7);
741 return $socket;
742 }
745 #=== FUNCTION ================================================================
746 # NAME: get_ip
747 # PARAMETERS: interface name (i.e. eth0)
748 # RETURNS: (ip address)
749 # DESCRIPTION: Uses ioctl to get ip address directly from system.
750 #===============================================================================
751 sub get_ip {
752 my $ifreq= shift;
753 my $result= "";
754 my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
755 my $proto= getprotobyname('ip');
757 socket SOCKET, PF_INET, SOCK_DGRAM, $proto
758 or die "socket: $!";
760 if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
761 my ($if, $sin) = unpack 'a16 a16', $ifreq;
762 my ($port, $addr) = sockaddr_in $sin;
763 my $ip = inet_ntoa $addr;
765 if ($ip && length($ip) > 0) {
766 $result = $ip;
767 }
768 }
770 return $result;
771 }
774 sub get_local_ip_for_remote_ip {
775 my $remote_ip= shift;
776 my $result="0.0.0.0";
778 if($remote_ip =~ /^(\d\d?\d?\.){3}\d\d?\d?$/) {
779 if($remote_ip eq "127.0.0.1") {
780 $result = "127.0.0.1";
781 } else {
782 my $PROC_NET_ROUTE= ('/proc/net/route');
784 open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
785 or die "Could not open $PROC_NET_ROUTE";
787 my @ifs = <PROC_NET_ROUTE>;
789 close(PROC_NET_ROUTE);
791 # Eat header line
792 shift @ifs;
793 chomp @ifs;
794 foreach my $line(@ifs) {
795 my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line);
796 my $destination;
797 my $mask;
798 my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination);
799 $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
800 ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask);
801 $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
802 if(new NetAddr::IP($remote_ip)->within(new NetAddr::IP($destination, $mask))) {
803 # destination matches route, save mac and exit
804 $result= &get_ip($Iface);
805 last;
806 }
807 }
808 }
809 } else {
810 daemon_log("get_local_ip_for_remote_ip was called with a non-ip parameter: $remote_ip", 1);
811 }
812 return $result;
813 }
816 sub send_msg_to_target {
817 my ($msg, $address, $encrypt_key, $msg_header) = @_ ;
818 my $error = 0;
819 my $header;
820 my $new_status;
821 my $act_status;
822 my ($sql_statement, $res);
824 if( $msg_header ) {
825 $header = "'$msg_header'-";
826 } else {
827 $header = "";
828 }
830 # Patch the source ip
831 if($msg =~ /<source>0\.0\.0\.0:\d*?<\/source>/) {
832 my $remote_ip = &get_local_ip_for_remote_ip(sprintf("%s", $address =~ /^([0-9\.]*?):.*$/));
833 $msg =~ s/<source>(0\.0\.0\.0):(\d*?)<\/source>/<source>$remote_ip:$2<\/source>/s;
834 }
836 # encrypt xml msg
837 my $crypted_msg = &encrypt_msg($msg, $encrypt_key);
839 # opensocket
840 my $socket = &open_socket($address);
841 if( !$socket ) {
842 daemon_log("ERROR: cannot send ".$header."msg to $address , host not reachable", 1);
843 $error++;
844 }
846 if( $error == 0 ) {
847 # send xml msg
848 print $socket $crypted_msg."\n";
850 daemon_log("INFO: send ".$header."msg to $address", 5);
851 daemon_log("message:\n$msg", 8);
853 }
855 # close socket in any case
856 if( $socket ) {
857 close $socket;
858 }
860 if( $error > 0 ) { $new_status = "down"; }
861 else { $new_status = $msg_header; }
864 # known_clients
865 $sql_statement = "SELECT * FROM known_clients WHERE hostname='$address'";
866 $res = $known_clients_db->select_dbentry($sql_statement);
867 if( keys(%$res) > 0) {
868 $act_status = $res->{1}->{'status'};
869 if( $act_status eq "down" ) {
870 $sql_statement = "DELETE FROM known_clients WHERE hostname='$address'";
871 $res = $known_clients_db->del_dbentry($sql_statement);
872 daemon_log("WARNING: failed 2x to send msg to host '$address', delete host from known_clients", 3);
873 } else {
874 $sql_statement = "UPDATE known_clients SET status='$new_status' WHERE hostname='$address'";
875 $res = $known_clients_db->update_dbentry($sql_statement);
876 if($new_status eq "down"){
877 daemon_log("WARNING: set '$address' from status '$act_status' to '$new_status'", 3);
878 } else {
879 daemon_log("INFO: set '$address' from status '$act_status' to '$new_status'", 5);
880 }
881 }
882 }
884 # known_server
885 $sql_statement = "SELECT * FROM known_server WHERE hostname='$address'";
886 $res = $known_server_db->select_dbentry($sql_statement);
887 if( keys(%$res) > 0 ) {
888 $act_status = $res->{1}->{'status'};
889 if( $act_status eq "down" ) {
890 $sql_statement = "DELETE FROM known_server WHERE hostname='$address'";
891 $res = $known_server_db->del_dbentry($sql_statement);
892 daemon_log("WARNING: failed 2x to a send msg to host '$address', delete host from known_server", 3);
893 }
894 else {
895 $sql_statement = "UPDATE known_server SET status='$new_status' WHERE hostname='$address'";
896 $res = $known_server_db->update_dbentry($sql_statement);
897 if($new_status eq "down"){
898 daemon_log("WARNING: set '$address' from status '$act_status' to '$new_status'", 3);
899 }
900 else {
901 daemon_log("INFO: set '$address' from status '$act_status' to '$new_status'", 5);
902 }
903 }
904 }
905 return $error;
906 }
909 sub update_jobdb_status_for_send_msgs {
910 my ($answer, $error) = @_;
911 if( $answer =~ /<jobdb_id>(\d+)<\/jobdb_id>/ ) {
912 my $jobdb_id = $1;
913 if( $error ) {
914 if (not $answer =~ /<header>trigger_action_reinstall<\/header>/) {
915 # sending msg faild
916 my $sql_statement = "UPDATE $job_queue_tn ".
917 "SET status='error', result='can not deliver msg, please consult log file' ".
918 "WHERE id='$jobdb_id'";
919 my $res = $job_db->update_dbentry($sql_statement);
920 }
921 } else {
922 # sending msg was successful
923 my $sql_statement = "UPDATE $job_queue_tn ".
924 "SET status='done' ".
925 "WHERE id='$jobdb_id' AND status='processed'";
926 my $res = $job_db->update_dbentry($sql_statement);
927 }
928 }
929 }
932 sub _start {
933 my ($kernel) = $_[KERNEL];
934 &trigger_db_loop($kernel);
935 $kernel->yield('create_fai_server_db', $fai_server_tn );
936 $kernel->yield('create_fai_release_db', $fai_release_tn );
937 #$kernel->yield('create_packages_list_db', $sources_list );
938 }
941 sub client_input {
942 no strict "refs";
943 my ($kernel, $session, $heap, $input, $wheel) = @_[KERNEL, SESSION, HEAP, ARG0, ARG1];
944 my $session_id = $session->ID;
945 my ($msg, $msg_hash, $module);
946 my $error = 0;
947 my $answer_l;
948 my ($answer_header, @answer_target_l, $answer_source);
949 my $client_answer;
951 daemon_log("", 5);
952 daemon_log("INFO: Incoming msg from '".$heap->{'remote_ip'}."'", 5);
953 daemon_log("DEBUG: Incoming msg:\n$input", 9);
955 ####################
956 # check incoming msg
957 # msg is from a new client or gosa
958 ($msg, $msg_hash, $module) = &input_from_unknown_host($input);
959 # msg is from a gosa-si-server or gosa-si-bus
960 if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
961 ($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'});
962 }
963 # msg is from a gosa-si-client
964 if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
965 ($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'});
966 }
967 # an error occurred
968 if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
969 $error++;
970 }
972 ######################
973 # process incoming msg
974 if( $error == 0) {
975 daemon_log("INFO: Incoming msg with header '".@{$msg_hash->{'header'}}[0]."'", 5);
976 daemon_log("DEBUG: Processing module ".$module, 7);
977 $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id);
979 if ( 0 > @{$answer_l} ) {
980 my $answer_str = join("\n", @{$answer_l});
981 daemon_log("DEGUB: $module: Got answer from module: \n".$answer_str,8);
982 }
983 }
984 if( !$answer_l ) { $error++ };
986 ########
987 # answer
988 if( $error == 0 ) {
990 foreach my $answer ( @{$answer_l} ) {
991 # for each answer in answer list
993 # check outgoing msg to xml validity
994 my $answer_hash = &check_outgoing_xml_validity($answer);
995 if( not defined $answer_hash ) {
996 next;
997 }
999 $answer_header = @{$answer_hash->{'header'}}[0];
1000 @answer_target_l = @{$answer_hash->{'target'}};
1001 $answer_source = @{$answer_hash->{'source'}}[0];
1003 # deliver msg to all targets
1004 foreach my $answer_target ( @answer_target_l ) {
1006 # targets of msg are all gosa-si-clients in known_clients_db
1007 if( $answer_target eq "*" ) {
1008 # answer is for all clients
1009 my $sql_statement= "SELECT * FROM known_clients";
1010 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
1011 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1012 my $host_name = $hit->{hostname};
1013 my $host_key = $hit->{hostkey};
1014 my $error = &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
1015 &update_jobdb_status_for_send_msgs($answer, $error);
1016 }
1017 }
1019 # targets of msg are all gosa-si-server in known_server_db
1020 elsif( $answer_target eq "KNOWN_SERVER" ) {
1021 # answer is for all server in known_server
1022 my $sql_statement= "SELECT * FROM known_server";
1023 my $query_res = $known_server_db->select_dbentry( $sql_statement );
1024 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1025 my $host_name = $hit->{hostname};
1026 my $host_key = $hit->{hostkey};
1027 $answer =~ s/KNOWN_SERVER/$host_name/g;
1028 my $error = &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
1029 &update_jobdb_status_for_send_msgs($answer, $error);
1030 }
1031 }
1033 # target of msg is GOsa
1034 elsif( $answer_target eq "GOSA" ) {
1035 $answer =~ /<session_id>(\d+)<\/session_id>/;
1036 my $session_id = $1;
1037 my $add_on = "";
1038 if( defined $session_id ) {
1039 $add_on = ".session_id=$session_id";
1040 }
1041 # answer is for GOSA and has to returned to connected client
1042 my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
1043 $client_answer = $gosa_answer.$add_on;
1044 }
1046 # target of msg is job queue at this host
1047 elsif( $answer_target eq "JOBDB") {
1048 $answer =~ /<header>(\S+)<\/header>/;
1049 my $header;
1050 if( defined $1 ) { $header = $1; }
1051 my $error = &send_msg_to_target($answer, $server_address, $GosaPackages_key, $header);
1052 &update_jobdb_status_for_send_msgs($answer, $error);
1053 }
1055 # target of msg is a mac address
1056 elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) {
1057 daemon_log("INFO: target is mac address '$answer_target', looking for host in known_clients", 5);
1058 my $sql_statement = "SELECT * FROM known_clients WHERE macaddress LIKE '$answer_target'";
1059 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
1060 my $found_ip_flag = 0;
1061 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1062 my $host_name = $hit->{hostname};
1063 my $host_key = $hit->{hostkey};
1064 $answer =~ s/$answer_target/$host_name/g;
1065 daemon_log("INFO: found host '$host_name', associated to '$answer_target'", 5);
1066 my $error = &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
1067 &update_jobdb_status_for_send_msgs($answer, $error);
1068 $found_ip_flag++ ;
1069 }
1070 if( $found_ip_flag == 0) {
1071 daemon_log("WARNING: no host found in known_clients with mac address '$answer_target'", 3);
1072 if( $bus_activ eq "true" ) {
1073 daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
1074 my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
1075 my $query_res = $known_server_db->select_dbentry( $sql_statement );
1076 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1077 my $bus_address = $hit->{hostname};
1078 my $bus_key = $hit->{hostkey};
1079 my $error = &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
1080 &update_jobdb_status_for_send_msgs($answer, $error);
1081 last;
1082 }
1083 }
1085 }
1087 # answer is for one specific host
1088 } else {
1089 # get encrypt_key
1090 my $encrypt_key = &get_encrypt_key($answer_target);
1091 if( not defined $encrypt_key ) {
1092 # unknown target, forward msg to bus
1093 daemon_log("WARNING: unknown target '$answer_target'", 3);
1094 if( $bus_activ eq "true" ) {
1095 daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
1096 my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
1097 my $query_res = $known_server_db->select_dbentry( $sql_statement );
1098 my $res_length = keys( %{$query_res} );
1099 if( $res_length == 0 ){
1100 daemon_log("WARNING: send '$answer_header' to '$bus_address' failed, ".
1101 "no bus found in known_server", 3);
1102 }
1103 else {
1104 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1105 my $bus_key = $hit->{hostkey};
1106 my $error = &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
1107 &update_jobdb_status_for_send_msgs($answer, $error);
1108 }
1109 }
1110 }
1111 next;
1112 }
1113 my $error = &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header);
1114 &update_jobdb_status_for_send_msgs($answer, $error);
1115 }
1116 }
1117 }
1118 }
1120 if( $client_answer ) {
1121 if( $client_answer =~ s/session_id=(\d+)$// ) {
1122 my $session_id = $1;
1123 if( defined $session_id ) {
1124 my $session_reference = $kernel->ID_id_to_session($session_id);
1125 if( defined $session_reference ) {
1126 $heap = $session_reference->get_heap();
1127 }
1128 }
1129 }
1130 $heap->{client}->put($client_answer);
1131 }
1133 return;
1134 }
1138 sub trigger_db_loop {
1139 my ($kernel) = @_ ;
1140 $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay);
1141 $kernel->delay_set('watch_for_done_jobs', $job_queue_loop_delay);
1142 }
1144 sub watch_for_done_jobs {
1145 my ($kernel,$heap) = @_[KERNEL, HEAP];
1147 my $sql_statement = "SELECT * FROM ".$job_queue_tn.
1148 " WHERE status='done'";
1149 my $res = $job_db->select_dbentry( $sql_statement );
1151 while( my ($id, $hit) = each %{$res} ) {
1152 my $jobdb_id = $hit->{id};
1153 my $sql_statement = "DELETE FROM $job_queue_tn WHERE id='$jobdb_id'";
1154 my $res = $job_db->del_dbentry($sql_statement);
1155 }
1157 $kernel->delay_set('watch_for_done_jobs',$job_queue_loop_delay);
1158 }
1160 sub watch_for_new_jobs {
1161 my ($kernel,$heap) = @_[KERNEL, HEAP];
1163 # check gosa job queue for jobs with executable timestamp
1164 my $timestamp = &get_time();
1165 my $sql_statement = "SELECT * FROM ".$job_queue_tn.
1166 " WHERE status='waiting' AND timestamp<'$timestamp'";
1167 my $res = $job_db->select_dbentry( $sql_statement );
1169 while( my ($id, $hit) = each %{$res} ) {
1170 my $jobdb_id = $hit->{id};
1171 my $macaddress = $hit->{'macaddress'};
1172 my $job_msg = $hit->{'xmlmessage'};
1173 daemon_log("DEBUG: its time to execute $job_msg", 7);
1174 my $header = $hit->{'headertag'};
1175 my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'";
1176 my $res_hash = $known_clients_db->select_dbentry( $sql_statement );
1177 # expect macaddress is unique!!!!!!
1178 my $target = $res_hash->{1}->{hostname};
1180 if (not defined $target) {
1181 &daemon_log("ERROR: no host found for mac address: $macaddress", 1);
1182 &daemon_log("$hit->{xmlmessage}", 8);
1183 my $sql_statement = "UPDATE $job_queue_tn ".
1184 "SET status='error', result='no host found for mac address' ".
1185 "WHERE id='$jobdb_id'";
1186 my $res = $job_db->update_dbentry($sql_statement);
1187 next;
1188 }
1190 # change header
1191 $job_msg =~ s/<header>job_/<header>gosa_/;
1193 # add sqlite_id
1194 $job_msg =~ s/<\/xml>$/<jobdb_id>$jobdb_id<\/jobdb_id><\/xml>/;
1196 my $func_error = &send_msg_to_target($job_msg, $server_address, $GosaPackages_key, $header);
1198 # update status in job queue to 'processing'
1199 $sql_statement = "UPDATE $job_queue_tn SET status='processing' WHERE id='$jobdb_id'";
1200 my $res = $job_db->update_dbentry($sql_statement);
1201 }
1203 $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay);
1204 }
1207 sub refresh_ldap_handle {
1208 my $mesg;
1210 # Get an ldap handle, if we don't have one
1211 if( ! defined $ldap_handle ){
1212 $ldap_handle = Net::LDAP->new( $ldap_uri );
1213 }
1214 # Still not defined?
1215 if( ! defined $ldap_handle ) {
1216 daemon_log( "ch $$: Net::LDAP constructor failed: $!\n" );
1217 return 0;
1218 }
1220 # Bind to ldap server - eventually authenticate
1221 if( defined $ldap_admin_dn ) {
1222 if( defined $ldap_admin_password ) {
1223 $mesg = $ldap_handle->bind( $ldap_admin_dn, password => $ldap_admin_password );
1224 } else {
1225 $mesg = $ldap_handle->bind( $ldap_admin_dn );
1226 }
1227 } else {
1228 $mesg = $ldap_handle->bind();
1229 }
1231 if( 0 != $mesg->code ) {
1232 undef( $ldap_handle ) if( 81 == $mesg->code );
1233 daemon_log( "ch $$: LDAP bind: error (". $mesg->code . ') - ' . $mesg->error . "\n", 1);
1234 return 0;
1235 }
1237 return 1;
1238 }
1241 sub change_fai_state {
1242 my ($st, $targets) = @_;
1244 # Set FAI state to localboot
1245 my %mapActions= (
1246 reboot => '',
1247 update => 'softupdate',
1248 localboot => 'localboot',
1249 reinstall => 'install',
1250 rescan => '',
1251 wake => '',
1252 memcheck => 'memcheck',
1253 sysinfo => 'sysinfo',
1254 );
1256 # Return if this is unknown
1257 if (!exists $mapActions{ $st }){
1258 return;
1259 }
1261 my $state= $mapActions{ $st };
1263 &refresh_ldap_handle();
1264 if( defined($ldap_handle) ) {
1266 # Build search filter for hosts
1267 my $search= "(&(objectClass=GOhard)";
1268 foreach (@{$targets}){
1269 $search.= "(macAddress=$_)";
1270 }
1271 $search.= ")";
1273 # If there's any host inside of the search string, procress them
1274 if (!($search =~ /macAddress/)){
1275 return;
1276 }
1278 # Perform search for Unit Tag
1279 my $mesg = $ldap_handle->search(
1280 base => $ldap_base,
1281 scope => 'sub',
1282 attrs => ['dn', 'FAIstate', 'objectClass'],
1283 filter => "$search"
1284 );
1286 if ($mesg->count) {
1287 my @entries = $mesg->entries;
1288 foreach my $entry (@entries) {
1290 # Only modify entry if it is not set to '$state'
1291 if ($entry->get_value("FAIstate") ne "$state"){
1293 daemon_log("INFO: Setting FAIstate to '$state' for ".$entry->dn, 5);
1294 my $result;
1295 my %tmp = map { $_ => 1 } $entry->get_value("objectClass");
1296 if (exists $tmp{'FAIobject'}){
1297 if ($state eq ''){
1298 $result= $ldap_handle->modify($entry->dn, changes => [
1299 delete => [ FAIstate => [] ] ]);
1300 } else {
1301 $result= $ldap_handle->modify($entry->dn, changes => [
1302 replace => [ FAIstate => $state ] ]);
1303 }
1304 } elsif ($state ne ''){
1305 $result= $ldap_handle->modify($entry->dn, changes => [
1306 add => [ objectClass => 'FAIobject' ],
1307 add => [ FAIstate => $state ] ]);
1308 }
1310 # Errors?
1311 if ($result->code){
1312 daemon_log("Error: Setting FAIstate to '$state' for ".$entry->dn. "failed: ".$result->error, 1);
1313 }
1315 }
1316 }
1317 }
1318 }
1319 }
1322 sub change_goto_state {
1323 my ($st, $targets) = @_;
1325 # Switch on or off?
1326 my $state= $st eq 'active' ? 'active': 'locked';
1328 &refresh_ldap_handle();
1329 if( defined($ldap_handle) ) {
1331 # Build search filter for hosts
1332 my $search= "(&(objectClass=GOhard)";
1333 foreach (@{$targets}){
1334 $search.= "(macAddress=$_)";
1335 }
1336 $search.= ")";
1338 # If there's any host inside of the search string, procress them
1339 if (!($search =~ /macAddress/)){
1340 return;
1341 }
1343 # Perform search for Unit Tag
1344 my $mesg = $ldap_handle->search(
1345 base => $ldap_base,
1346 scope => 'sub',
1347 attrs => ['dn', 'gotoMode'],
1348 filter => "$search"
1349 );
1351 if ($mesg->count) {
1352 my @entries = $mesg->entries;
1353 foreach my $entry (@entries) {
1355 # Only modify entry if it is not set to '$state'
1356 if ($entry->get_value("gotoMode") ne $state){
1358 daemon_log("INFO: Setting gotoMode to '$state' for ".$entry->dn, 5);
1359 my $result;
1360 $result= $ldap_handle->modify($entry->dn, changes => [
1361 replace => [ gotoMode => $state ] ]);
1363 # Errors?
1364 if ($result->code){
1365 &daemon_log("Error: Setting gotoMode to '$state' for ".$entry->dn. "failed: ".$result->error, 1);
1366 }
1368 }
1369 }
1370 }
1372 }
1373 }
1376 sub create_fai_server_db {
1377 my ($table_name) = $_[ARG0];
1378 my $result;
1380 if(defined($ldap_handle)) {
1381 daemon_log("Creating fai_server_db",4);
1382 my $mesg= $ldap_handle->search(
1383 base => $ldap_base,
1384 scope => 'sub',
1385 attrs => ['FAIrepository', 'gosaUnitTag'],
1386 filter => "(&(FAIrepository=*)(objectClass=FAIrepositoryServer))",
1387 );
1388 if($mesg->{'resultCode'} == 0 &&
1389 $mesg->count != 0) {
1390 foreach my $entry (@{$mesg->{entries}}) {
1391 if($entry->exists('FAIrepository')) {
1392 # Add an entry for each Repository configured for server
1393 foreach my $repo(@{$entry->get_value('FAIrepository', asref => 1)}) {
1394 my($tmp_url,$tmp_server,$tmp_release,$tmp_sections) = split(/\|/, $repo);
1395 my $tmp_tag= $entry->get_value('gosaUnitTag') || "";
1396 $result= $fai_server_db->add_dbentry( {
1397 table => $table_name,
1398 primkey => ['server', 'release', 'tag'],
1399 server => $tmp_url,
1400 release => $tmp_release,
1401 tag => (length($tmp_tag)>0)?$tmp_tag:"",
1402 } );
1403 }
1404 }
1405 }
1406 }
1407 daemon_log("Done with creating fai_server_db",4);
1408 }
1410 return $result;
1411 }
1414 sub create_fai_release_db {
1415 my ($table_name) = $_[ARG0];
1416 my $result;
1418 if(defined($ldap_handle)) {
1419 daemon_log("Creating fai_release_db",4);
1420 my $mesg= $ldap_handle->search(
1421 base => $ldap_base,
1422 scope => 'sub',
1423 attrs => [],
1424 filter => "(&(objectClass=organizationalUnit)(ou=fai))",
1425 );
1426 if($mesg->{'resultCode'} == 0 &&
1427 $mesg->count != 0) {
1428 # Walk through all possible FAI container ou's
1429 my @sql_list;
1430 my $timestamp= &get_time();
1431 foreach my $ou (@{$mesg->{entries}}) {
1432 my $tmp_classes= resolve_fai_classes($ou->dn);
1433 if(defined($tmp_classes) && ref($tmp_classes) eq 'HASH') {
1434 my @tmp_array=get_fai_release_entries($tmp_classes);
1435 if(@tmp_array) {
1436 foreach my $entry (@tmp_array) {
1437 if(defined($entry) && ref($entry) eq 'HASH') {
1438 my $sql=
1439 "INSERT INTO $table_name "
1440 ."(timestamp, release, class, type, state) VALUES ("
1441 .$timestamp.","
1442 ."'".$entry->{'release'}."',"
1443 ."'".$entry->{'class'}."',"
1444 ."'".$entry->{'type'}."',"
1445 ."'".$entry->{'state'}."')";
1446 push @sql_list, $sql;
1447 }
1448 }
1449 }
1450 }
1451 }
1452 daemon_log("Inserting entries to DB",6);
1453 if(@sql_list) {
1454 unshift @sql_list, "DELETE FROM $table_name";
1455 $fai_server_db->exec_statementlist(\@sql_list);
1456 }
1457 daemon_log("Done with inserting",6);
1458 }
1459 daemon_log("Done with creating fai_release_db",4);
1460 }
1462 return $result;
1463 }
1465 sub resolve_fai_classes {
1466 my $result;
1467 my $fai_base= shift;
1468 my @possible_fai_classes= ("FAIscript", "FAIhook", "FAIpartitionTable", "FAItemplate", "FAIvariable", "FAIprofile", "FAIpackageList");
1469 my $fai_filter= "(|(&(objectClass=FAIclass)(|(objectClass=".join(")(objectClass=", @possible_fai_classes).")))(objectClass=FAIbranch))";
1470 my $fai_classes;
1472 daemon_log("Searching for FAI entries in base $fai_base",6);
1473 my $mesg= $ldap_handle->search(
1474 base => $fai_base,
1475 scope => 'sub',
1476 attrs => ['cn','objectClass','FAIstate'],
1477 filter => $fai_filter,
1478 );
1479 daemon_log("Found ".$mesg->count()." FAI entries",6);
1481 if($mesg->{'resultCode'} == 0 &&
1482 $mesg->count != 0) {
1483 foreach my $entry (@{$mesg->{entries}}) {
1484 if($entry->exists('cn')) {
1485 my $tmp_dn= $entry->dn();
1487 # Skip classname and ou dn parts for class
1488 my $tmp_release = ($1) if $tmp_dn =~ /^[^,]+,[^,]+,(.*?),$fai_base$/;
1490 # Skip classes without releases
1491 if((!defined($tmp_release)) || length($tmp_release)==0) {
1492 next;
1493 }
1495 my $tmp_cn= $entry->get_value('cn');
1496 my $tmp_state= $entry->get_value('FAIstate');
1498 my $tmp_type;
1499 # Get FAI type
1500 for my $oclass(@{$entry->get_value('objectClass', asref => 1)}) {
1501 if(grep $_ eq $oclass, @possible_fai_classes) {
1502 $tmp_type= $oclass;
1503 last;
1504 }
1505 }
1507 if($tmp_release =~ /^.*?,.*?$/ && (!($tmp_release =~ /^.*?\\,.*?$/))) {
1508 # A Subrelease
1509 my @sub_releases = split(/,/, $tmp_release);
1511 # Walk through subreleases and build hash tree
1512 my $hash;
1513 while(my $tmp_sub_release = pop @sub_releases) {
1514 $hash .= "\{'$tmp_sub_release'\}->";
1515 }
1516 eval('push @{$fai_classes->'.$hash.'{$tmp_cn}->{$tmp_type}}, (defined($tmp_state) && length($tmp_state)>0)?$tmp_state:"";');
1517 } else {
1518 # A branch, no subrelease
1519 push @{$fai_classes->{$tmp_release}->{$tmp_cn}->{$tmp_type}}, (defined($tmp_state) && length($tmp_state)>0)?$tmp_state:"";
1520 }
1521 } elsif (!$entry->exists('cn')) {
1522 my $tmp_dn= $entry->dn();
1523 my $tmp_release = ($1) if $tmp_dn =~ /^(.*?),$fai_base$/;
1525 # Skip classes without releases
1526 if((!defined($tmp_release)) || length($tmp_release)==0) {
1527 next;
1528 }
1530 if($tmp_release =~ /^.*?,.*?$/ && (!($tmp_release =~ /^.*?\\,.*?$/))) {
1531 # A Subrelease
1532 my @sub_releases= split(/,/, $tmp_release);
1534 # Walk through subreleases and build hash tree
1535 my $hash;
1536 while(my $tmp_sub_release = pop @sub_releases) {
1537 $hash .= "\{'$tmp_sub_release'\}->";
1538 }
1539 # Remove the last two characters
1540 chop($hash);
1541 chop($hash);
1543 eval('$fai_classes->'.$hash.'= {}');
1544 } else {
1545 # A branch, no subrelease
1546 if(!exists($fai_classes->{$tmp_release})) {
1547 $fai_classes->{$tmp_release} = {};
1548 }
1549 }
1550 }
1551 }
1553 # The hash is complete, now we can honor the copy-on-write based missing entries
1554 foreach my $release (keys %$fai_classes) {
1555 $result->{$release}= deep_copy(apply_fai_inheritance($fai_classes->{$release}));
1556 }
1557 }
1558 return $result;
1559 }
1561 sub get_fai_release_entries {
1562 my $tmp_classes = shift || return;
1563 my $parent = shift || "";
1564 my @result = shift || ();
1566 foreach my $entry (keys %{$tmp_classes}) {
1567 if(defined($entry)) {
1568 if($entry =~ /^ou=.*$/) {
1569 my $release_name = $entry;
1570 $release_name =~ s/ou=//g;
1571 if(length($parent)>0) {
1572 $release_name = $parent."/".$release_name;
1573 }
1574 my @bufentries = get_fai_release_entries($tmp_classes->{$entry}, $release_name, @result);
1575 foreach my $bufentry(@bufentries) {
1576 push @result, $bufentry;
1577 }
1578 } else {
1579 my @types = get_fai_types($tmp_classes->{$entry});
1580 foreach my $type (@types) {
1581 push @result,
1582 {
1583 'class' => $entry,
1584 'type' => $type->{'type'},
1585 'release' => $parent,
1586 'state' => $type->{'state'},
1587 };
1588 }
1589 }
1590 }
1591 }
1593 return @result;
1594 }
1596 sub get_fai_types {
1597 my $tmp_classes = shift || return undef;
1598 my @result;
1600 foreach my $type(keys %{$tmp_classes}) {
1601 if(defined($tmp_classes->{$type}[0]) && (!($tmp_classes->{$type}[0] =~ /^.*?removed.*?$/))) {
1602 my $entry = {
1603 type => $type,
1604 state => $tmp_classes->{$type}[0],
1605 };
1606 push @result, $entry;
1607 }
1608 }
1610 return @result;
1611 }
1613 sub apply_fai_inheritance {
1614 my $fai_classes = shift || return {};
1615 my $tmp_classes;
1617 # Get the classes from the branch
1618 foreach my $class (keys %{$fai_classes}) {
1619 # Skip subreleases
1620 if($class =~ /^ou=.*$/) {
1621 next;
1622 } else {
1623 $tmp_classes->{$class}= deep_copy($fai_classes->{$class});
1624 }
1625 }
1627 # Apply to each subrelease
1628 foreach my $subrelease (keys %{$fai_classes}) {
1629 if($subrelease =~ /ou=/) {
1630 foreach my $tmp_class (keys %{$tmp_classes}) {
1631 if(!exists($fai_classes->{$subrelease}->{$tmp_class})) {
1632 $fai_classes->{$subrelease}->{$tmp_class} =
1633 deep_copy($tmp_classes->{$tmp_class});
1634 } else {
1635 foreach my $type (keys %{$tmp_classes->{$tmp_class}}) {
1636 if(!exists($fai_classes->{$subrelease}->{$tmp_class}->{$type})) {
1637 $fai_classes->{$subrelease}->{$tmp_class}->{$type}=
1638 deep_copy($tmp_classes->{$tmp_class}->{$type});
1639 }
1640 }
1641 }
1642 }
1643 }
1644 }
1646 # Find subreleases in deeper levels
1647 foreach my $subrelease (keys %{$fai_classes}) {
1648 if($subrelease =~ /ou=/) {
1649 foreach my $subsubrelease (keys %{$fai_classes->{$subrelease}}) {
1650 if($subsubrelease =~ /ou=/) {
1651 apply_fai_inheritance($fai_classes->{$subrelease});
1652 }
1653 }
1654 }
1655 }
1657 return $fai_classes;
1658 }
1660 sub deep_copy {
1661 my $this = shift;
1662 if (not ref $this) {
1663 $this;
1664 } elsif (ref $this eq "ARRAY") {
1665 [map deep_copy($_), @$this];
1666 } elsif (ref $this eq "HASH") {
1667 +{map { $_ => deep_copy($this->{$_}) } keys %$this};
1668 } else { die "what type is $_?" }
1669 }
1671 sub create_packages_list_db {
1672 my ($sources_file) = $_[ARG0] ;
1673 my $line;
1675 open(CONFIG, "<$sources_file") or do {
1676 daemon_log( "ERROR: Failed to open '$sources_file', creating packages.db stopped", 1);
1677 return;
1678 };
1680 # Read lines
1681 while ($line = <CONFIG>){
1682 # Unify
1683 chop($line);
1684 $line =~ s/^\s+//;
1685 $line =~ s/^\s+/ /;
1687 # Strip comments
1688 $line =~ s/#.*$//g;
1690 # Skip empty lines
1691 if ($line =~ /^\s*$/){
1692 next;
1693 }
1695 # Interpret deb line
1696 if ($line =~ /^deb [^\s]+\s[^\s]+\s[^\s]+/){
1697 my( $baseurl, $dist, $sections ) = ($line =~ /^deb\s([^\s]+)\s+([^\s]+)\s+(.*)$/);
1698 my $section;
1699 foreach $section (split(' ', $sections)){
1700 &parse_package_info( $baseurl, $dist, $section );
1701 }
1702 }
1703 }
1705 close (CONFIG);
1708 return;
1709 }
1710 sub parse_package_info {
1711 my ($baseurl, $dist, $section)= @_;
1712 my ($package);
1714 my ($path) = ($baseurl =~ m%://[^/]*(.*)$%);
1716 foreach $package ("Packages.gz"){
1717 print "getting $baseurl , $dist , $section... \n";
1718 get_package( "$baseurl/dists/$dist/$section/binary-$arch/$package", "$outdir/$dist/$section" );
1719 print "done\n";
1720 print "parsing packages... \n";
1721 parse_package( "$outdir/$dist/$section", $dist, $path );
1722 print "done\n";
1723 last;
1724 }
1725 }
1726 sub get_package {
1727 my ($url, $dest)= @_;
1729 my $tpath = dirname($dest);
1730 -d "$tpath" || mkpath "$tpath";
1732 # This is ugly, but I've no time to take a look at "how it works in perl"
1733 if( system("wget '$url' -O '$dest' 2>/dev/null") ) {
1734 system("gzip -cd '$dest' > '$dest.in'");
1735 system("rm -f '$dest'");
1736 }
1738 return 0;
1739 }
1740 sub parse_package {
1741 my ($path, $dist, $srv_path )= @_;
1742 my ($package, $version, $section, $description);
1743 my @sql_list;
1745 open(PACKAGES, "<$path.in") or return;
1747 # Read lines
1748 while (my $line = <PACKAGES>){
1749 # Unify
1750 chop($line);
1752 # Use empty lines as a trigger
1753 if ($line =~ /^\s*$/){
1754 my $sql = "INSERT INTO packages_list VALUES ('$dist', '$package', '$version', '$section', 'xxx', 'none', '0')";
1755 push(@sql_list, $sql);
1756 $package = "none";
1757 $version = "none";
1758 $section = "none";
1759 $description = "none";
1760 next;
1761 }
1763 # Trigger for package name
1764 if ($line =~ /^Package:\s/){
1765 ($package)= ($line =~ /^Package: (.*)$/);
1766 next;
1767 }
1769 # Trigger for version
1770 if ($line =~ /^Version:\s/){
1771 ($version)= ($line =~ /^Version: (.*)$/);
1772 next;
1773 }
1775 # Trigger for description
1776 if ($line =~ /^Description:\s/){
1777 ($description)= ($line =~ /^Description: (.*)$/);
1778 next;
1779 }
1781 # Trigger for section
1782 if ($line =~ /^Section:\s/){
1783 ($section)= ($line =~ /^Section: (.*)$/);
1784 next;
1785 }
1787 }
1789 close( PACKAGES );
1790 unlink( "$path.in" );
1792 $packages_list_db->exec_statementlist(\@sql_list);
1793 }
1795 #
1796 #sub store_fileinfo {
1797 # my( $package, $file, $dist, $path, $vers ) = @_;
1798 #
1799 # my %fileinfo = (
1800 # 'package' => $package,
1801 # 'dist' => $dist,
1802 # 'version' => $vers
1803 # );
1804 #
1805 # $repo_files{ "${srvdir}${path}/$file" } = \%fileinfo;
1806 #}
1808 sub next_task {
1809 my ($heap) = $_[HEAP];
1811 if( keys(%{$heap->{task}}) < $max_clients ) {
1813 }
1815 #$heap->{task}->{$task->ID} = $task;
1816 }
1818 sub task_result {
1820 }
1822 #==== MAIN = main ==============================================================
1823 # parse commandline options
1824 Getopt::Long::Configure( "bundling" );
1825 GetOptions("h|help" => \&usage,
1826 "c|config=s" => \$cfg_file,
1827 "f|foreground" => \$foreground,
1828 "v|verbose+" => \$verbose,
1829 "no-bus+" => \$no_bus,
1830 "no-arp+" => \$no_arp,
1831 );
1833 # read and set config parameters
1834 &check_cmdline_param ;
1835 &read_configfile;
1836 &check_pid;
1838 $SIG{CHLD} = 'IGNORE';
1840 # forward error messages to logfile
1841 if( ! $foreground ) {
1842 open( STDIN, '+>/dev/null' );
1843 open( STDOUT, '+>&STDIN' );
1844 open( STDERR, '+>&STDIN' );
1845 }
1847 # Just fork, if we are not in foreground mode
1848 if( ! $foreground ) {
1849 chdir '/' or die "Can't chdir to /: $!";
1850 $pid = fork;
1851 setsid or die "Can't start a new session: $!";
1852 umask 0;
1853 } else {
1854 $pid = $$;
1855 }
1857 # Do something useful - put our PID into the pid_file
1858 if( 0 != $pid ) {
1859 open( LOCK_FILE, ">$pid_file" );
1860 print LOCK_FILE "$pid\n";
1861 close( LOCK_FILE );
1862 if( !$foreground ) {
1863 exit( 0 )
1864 };
1865 }
1867 daemon_log(" ", 1);
1868 daemon_log("$0 started!", 1);
1870 if ($no_bus > 0) {
1871 $bus_activ = "false"
1872 }
1876 # delete old DBsqlite lock files
1877 #unlink('/tmp/gosa_si_lock*');
1879 # connect to gosa-si job queue
1880 $job_db = GOSA::DBsqlite->new($job_queue_file_name);
1881 $job_db->create_table($job_queue_tn, \@job_queue_col_names);
1883 # connect to known_clients_db
1884 $known_clients_db = GOSA::DBsqlite->new($known_clients_file_name);
1885 $known_clients_db->create_table($known_clients_tn, \@known_clients_col_names);
1887 # connect to known_server_db
1888 $known_server_db = GOSA::DBsqlite->new($known_server_file_name);
1889 $known_server_db->create_table($known_server_tn, \@known_server_col_names);
1891 # connect to login_usr_db
1892 $login_users_db = GOSA::DBsqlite->new($login_users_file_name);
1893 $login_users_db->create_table($login_users_tn, \@login_users_col_names);
1895 # connect to fai_server_db and fai_release_db
1896 $fai_server_db = GOSA::DBsqlite->new($fai_server_file_name);
1897 $fai_server_db->create_table($fai_server_tn, \@fai_server_col_names);
1898 $fai_server_db->create_table($fai_release_tn, \@fai_release_col_names);
1900 # connect to packages_list_db
1901 unlink($packages_list_file_name);
1902 $packages_list_db = GOSA::DBsqlite->new($packages_list_file_name);
1903 $packages_list_db->create_table($packages_list_tn, \@packages_list_col_names);
1905 # connect to messaging_db
1906 $messaging_db = GOSA::DBsqlite->new($messaging_file_name);
1907 $messaging_db->create_table($messaging_tn, \@messaging_col_names);
1910 # create xml object used for en/decrypting
1911 $xml = new XML::Simple();
1913 # create socket for incoming xml messages
1914 POE::Component::Server::TCP->new(
1915 Port => $server_port,
1916 ClientInput => \&client_input,
1917 );
1918 daemon_log("start socket for incoming xml messages at port '$server_port' ", 1);
1920 # create session for repeatedly checking the job queue for jobs
1921 POE::Session->create(
1922 inline_states => {
1923 _start => \&_start,
1924 next_task => \&next_task,
1925 task_result => \&task_result,
1926 watch_for_new_jobs => \&watch_for_new_jobs,
1927 watch_for_done_jobs => \&watch_for_done_jobs,
1928 create_packages_list_db => \&create_packages_list_db,
1929 create_fai_server_db => \&create_fai_server_db,
1930 create_fai_release_db => \&create_fai_release_db,
1931 }
1932 );
1935 # import all modules
1936 &import_modules;
1938 # check wether all modules are gosa-si valid passwd check
1940 POE::Kernel->run();
1941 exit;