![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index aa8590f954ff932dd183b1bb0c6bb90aae0616e2..1ca28e06e044bcbdc85ec89bef5f0cf7b7c69264 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
my %repo_files=();
my $repo_path;
my %repo_dirs=();
-# variables declared in config file are always set to 'our'
+
+# Variables declared in config file are always set to 'our'
our (%cfg_defaults, $log_file, $pid_file,
- $server_ip, $server_port, $ClientPackages_key,
+ $server_ip, $server_port, $ClientPackages_key, $dns_lookup,
$arp_activ, $gosa_unit_tag,
$GosaPackages_key, $gosa_timeout,
$foreign_server_string, $server_domain, $ServerPackages_key, $foreign_servers_register_delay,
our $cfg_file;
our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn);
our $known_modules;
+our $root_uid;
+our $adm_gid;
+
# specifies the verbosity of the daemon_log
$verbose = 0 ;
"pid-file" => [\$pid_file, "/var/run/".$prg.".pid"],
},
"server" => {
- "ip" => [\$server_ip, "0.0.0.0"],
- "port" => [\$server_port, "20081"],
- "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ],
- "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'],
- "incoming" => [\$incoming_file_name, '/var/lib/gosa-si/incoming.db'],
- "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'],
- "fai-server" => [\$fai_server_file_name, '/var/lib/gosa-si/fai_server.db'],
- "fai-release" => [\$fai_release_file_name, '/var/lib/gosa-si/fai_release.db'],
- "packages-list" => [\$packages_list_file_name, '/var/lib/gosa-si/packages.db'],
- "messaging" => [\$messaging_file_name, '/var/lib/gosa-si/messaging.db'],
- "foreign-clients" => [\$foreign_clients_file_name, '/var/lib/gosa-si/foreign_clients.db'],
- "source-list" => [\$sources_list, '/etc/apt/sources.list'],
- "repo-path" => [\$repo_path, '/srv/www/repository'],
- "ldap-uri" => [\$ldap_uri, ""],
- "ldap-base" => [\$ldap_base, ""],
- "ldap-admin-dn" => [\$ldap_admin_dn, ""],
- "ldap-admin-password" => [\$ldap_admin_password, ""],
- "gosa-unit-tag" => [\$gosa_unit_tag, ""],
- "max-clients" => [\$max_clients, 10],
- "wol-password" => [\$wake_on_lan_passwd, ""],
+ "ip" => [\$server_ip, "0.0.0.0"],
+ "port" => [\$server_port, "20081"],
+ "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ],
+ "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'],
+ "incoming" => [\$incoming_file_name, '/var/lib/gosa-si/incoming.db'],
+ "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'],
+ "fai-server" => [\$fai_server_file_name, '/var/lib/gosa-si/fai_server.db'],
+ "fai-release" => [\$fai_release_file_name, '/var/lib/gosa-si/fai_release.db'],
+ "packages-list" => [\$packages_list_file_name, '/var/lib/gosa-si/packages.db'],
+ "messaging" => [\$messaging_file_name, '/var/lib/gosa-si/messaging.db'],
+ "foreign-clients" => [\$foreign_clients_file_name, '/var/lib/gosa-si/foreign_clients.db'],
+ "source-list" => [\$sources_list, '/etc/apt/sources.list'],
+ "repo-path" => [\$repo_path, '/srv/www/repository'],
+ "ldap-uri" => [\$ldap_uri, ""],
+ "ldap-base" => [\$ldap_base, ""],
+ "ldap-admin-dn" => [\$ldap_admin_dn, ""],
+ "ldap-admin-password" => [\$ldap_admin_password, ""],
+ "gosa-unit-tag" => [\$gosa_unit_tag, ""],
+ "max-clients" => [\$max_clients, 10],
+ "wol-password" => [\$wake_on_lan_passwd, ""],
},
"GOsaPackages" => {
"job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
},
"ServerPackages"=> {
"address" => [\$foreign_server_string, ""],
+ "dns-lookup" => [\$dns_lookup, "true"],
"domain" => [\$server_domain, ""],
"key" => [\$ServerPackages_key, "none"],
"key-lifetime" => [\$foreign_servers_register_delay, 120],
if(not defined $level) { $level = 1 }
if(defined $log_file){
open(LOG_HANDLE, ">>$log_file");
- chmod 0600, $log_file;
if(not defined open( LOG_HANDLE, ">>$log_file" )) {
print STDERR "cannot open $log_file: $!";
return
sub input_from_unknown_host {
- no strict "refs";
- my ($input, $session_id) = @_ ;
- my ($msg, $msg_hash, $module);
- my $error_string;
-
+ no strict "refs";
+ my ($input, $session_id) = @_ ;
+ my ($msg, $msg_hash, $module);
+ my $error_string;
+
my %act_modules = %$known_modules;
-
- while( my ($mod, $info) = each(%act_modules)) {
- # check a key exists for this module
- my $module_key = ${$mod."_key"};
- if( not defined $module_key ) {
- if( $mod eq 'ArpHandler' ) {
- next;
- }
- daemon_log("$session_id ERROR: no key specified in config file for $mod", 1);
- next;
- }
- daemon_log("$session_id DEBUG: $mod: $module_key", 7);
+ while( my ($mod, $info) = each(%act_modules)) {
- # check if module can open msg envelope with module key
- ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key, $session_id);
- if( (not defined $msg) || (not defined $msg_hash) ) {
- next;
- }
- else {
- $module = $mod;
- last;
- }
- }
+ # check a key exists for this module
+ my $module_key = ${$mod."_key"};
+ if( not defined $module_key ) {
+ if( $mod eq 'ArpHandler' ) {
+ next;
+ }
+ daemon_log("$session_id ERROR: no key specified in config file for $mod", 1);
+ next;
+ }
+ daemon_log("$session_id DEBUG: $mod: $module_key", 7);
- if( (!$msg) || (!$msg_hash) || (!$module)) {
- daemon_log("$session_id DEBUG: Incoming message is not from an unknown host", 7);
- }
+ # check if module can open msg envelope with module key
+ ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key, $session_id);
+ if( (not defined $msg) || (not defined $msg_hash) ) {
+ next;
+ } else {
+ $module = $mod;
+ last;
+ }
+ }
- return ($msg, $msg_hash, $module);
+ if( (!$msg) || (!$msg_hash) || (!$module)) {
+ daemon_log("$session_id DEBUG: Incoming message is not from an unknown host", 7);
+ }
+
+ return ($msg, $msg_hash, $module);
}
if (not $done) {
if ($target eq "GOSA" && $source eq "GOSA") {
$done = 1;
+ &daemon_log("$session_id DEBUG: target and source is 'GOSA' -> process here", 7);
}
}
if ($source eq "GOSA") {
$msg =~ s/<\/xml>/<forward_to_gosa>$local_address,$session_id<\/forward_to_gosa><\/xml>/;
}
- #print STDERR "target is own address without forward_to_gosa-tag -> process here\n";
+ &daemon_log("$session_id DEBUG: target is own address without forward_to_gosa-tag -> process here", 7);
}
}
$done = 1;
my $hostname = $res->{1}->{'hostname'};
$msg =~ s/<target>$target<\/target>/<target>$hostname<\/target>/;
- #print STDERR "target is a client address in known_clients -> process here\n";
my $local_address = &get_local_ip_for_remote_ip($target_ip).":$server_port";
if ($source eq "GOSA") {
$msg =~ s/<\/xml>/<forward_to_gosa>$local_address,$session_id<\/forward_to_gosa><\/xml>/;
}
+ &daemon_log("$session_id DEBUG: target is a client address in known_clients -> process here", 7);
} else {
$not_found_in_known_clients_db = 1;
my ($gosa_at, $gosa_session_id) = split(/,/, $forward_to_gosa);
if ($gosa_at ne $local_address) {
$done = 1;
- #print STDERR "target is own address with forward_to_gosa-tag not pointing to myself -> process here\n";
+ &daemon_log("$session_id DEBUG: target is own address with forward_to_gosa-tag not pointing to myself -> process here", 7);
}
}
}
&daemon_log("$session_id INFO: incoming '$header' message forwarded to GOsa", 5);
}
$done = 1;
- #print STDERR "target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa\n";
+ &daemon_log("$session_id DEBUG: target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa", 7);
}
}
&send_msg_to_target($msg, $regserver, $regserver_key, $header, $session_id);
}
$done = 1;
- #print STDERR "target is a client address in foreign_clients -> forward to registration server\n";
+ &daemon_log("$session_id DEBUG: target is a client address in foreign_clients -> forward to registration server", 7);
} else {
$not_found_in_foreign_clients_db = 1;
}
&send_msg_to_target($msg, $target, $hostkey, $header, $session_id);
$done = 1;
+ &daemon_log("$session_id DEBUG: target is a server address -> forward to server", 7);
} else {
$not_found_in_known_server_db = 1;
}
sessionid=>$session_id,
} );
$done = 1;
+ &daemon_log("$session_id DEBUG: target is not in foreign_clients_db, known_server_db or known_clients_db, maybe it is a complete new one -> process here", 7);
}
# Skip new jobs for host if there is a processing job
if(defined($res) and defined @{$res}[0]) {
# Prevent race condition if there is a trigger_activate job waiting and a goto-activation job processing
- if(@{$res}[5] eq 'goto-activation') {
+ my $row = @{$res}[0] if (ref $res eq 'ARRAY');
+ if(@{$row}[5] eq 'trigger_action_reinstall') {
my $sql_statement_2 = "SELECT * FROM $job_queue_tn WHERE macaddress LIKE '$macaddress' AND status='waiting' AND headertag = 'trigger_activate_new'";
my $res_2 = $job_db->exec_statement( $sql_statement_2 );
- if(defined($res_2) and defined @{$res}[0]) {
+ if(defined($res_2) and defined @{$res_2}[0]) {
# Set status from goto-activation to 'waiting' and update timestamp
- $job_db->exec_statement = "UPDATE $job_queue_tn SET status='waiting' WHERE macaddress LIKE '$macaddress' AND headertag = 'trigger_action_reinstall'";
- $job_db->exec_statement = "UPDATE $job_queue_tn SET timestamp='".&get_time(30)."' WHERE macaddress LIKE '$macaddress' AND headertag = 'trigger_action_reinstall'";
- next;
+ $job_db->exec_statement("UPDATE $job_queue_tn SET status='waiting' WHERE macaddress LIKE '$macaddress' AND headertag = 'trigger_action_reinstall'");
+ $job_db->exec_statement("UPDATE $job_queue_tn SET timestamp='".&get_time(30)."' WHERE macaddress LIKE '$macaddress' AND headertag = 'trigger_action_reinstall'");
}
}
+ next;
}
foreach my $jobdb_headertag (keys %{$hits->{$macaddress}}) {
$server_status = "developmental" ;
}
+# Prepare log file
+$root_uid = getpwnam('root');
+$adm_gid = getgrnam('adm');
+chmod(0640, $log_file);
+chown($root_uid, $adm_gid, $log_file);
+chown($root_uid, $adm_gid, "/var/lib/gosa-si");
daemon_log(" ", 1);
daemon_log("$0 started!", 1);
# connect to gosa-si job queue
$job_db = GOSA::DBsqlite->new($job_queue_file_name);
$job_db->create_table($job_queue_tn, \@job_queue_col_names);
+chmod(0660, $job_queue_file_name);
+chown($root_uid, $adm_gid, $job_queue_file_name);
+
# connect to known_clients_db
$known_clients_db = GOSA::DBsqlite->new($known_clients_file_name);
$known_clients_db->create_table($known_clients_tn, \@known_clients_col_names);
+chmod(0660, $known_clients_file_name);
+chown($root_uid, $adm_gid, $known_clients_file_name);
# connect to foreign_clients_db
$foreign_clients_db = GOSA::DBsqlite->new($foreign_clients_file_name);
$foreign_clients_db->create_table($foreign_clients_tn, \@foreign_clients_col_names);
+chmod(0660, $foreign_clients_file_name);
+chown($root_uid, $adm_gid, $foreign_clients_file_name);
# connect to known_server_db
unlink($known_server_file_name);
$known_server_db = GOSA::DBsqlite->new($known_server_file_name);
$known_server_db->create_table($known_server_tn, \@known_server_col_names);
+chmod(0660, $known_server_file_name);
+chown($root_uid, $adm_gid, $known_server_file_name);
# connect to login_usr_db
$login_users_db = GOSA::DBsqlite->new($login_users_file_name);
$login_users_db->create_table($login_users_tn, \@login_users_col_names);
+chmod(0660, $login_users_file_name);
+chown($root_uid, $adm_gid, $login_users_file_name);
# connect to fai_server_db and fai_release_db
unlink($fai_server_file_name);
$fai_server_db = GOSA::DBsqlite->new($fai_server_file_name);
$fai_server_db->create_table($fai_server_tn, \@fai_server_col_names);
+chmod(0660, $fai_server_file_name);
+chown($root_uid, $adm_gid, $fai_server_file_name);
unlink($fai_release_file_name);
$fai_release_db = GOSA::DBsqlite->new($fai_release_file_name);
$fai_release_db->create_table($fai_release_tn, \@fai_release_col_names);
+chmod(0660, $fai_release_file_name);
+chown($root_uid, $adm_gid, $fai_release_file_name);
# connect to packages_list_db
#unlink($packages_list_file_name);
unlink($packages_list_under_construction);
$packages_list_db = GOSA::DBsqlite->new($packages_list_file_name);
$packages_list_db->create_table($packages_list_tn, \@packages_list_col_names);
+chmod(0660, $packages_list_file_name);
+chown($root_uid, $adm_gid, $packages_list_file_name);
# connect to messaging_db
$messaging_db = GOSA::DBsqlite->new($messaging_file_name);
$messaging_db->create_table($messaging_tn, \@messaging_col_names);
+chmod(0660, $messaging_file_name);
+chown($root_uid, $adm_gid, $messaging_file_name);
# create xml object used for en/decrypting
foreach my $foreign_server (@cfg_foreign_server_list) {
push(@foreign_server_list, $foreign_server);
}
-}
-# add foreign server from dns
-my @tmp_servers;
-if ( !$server_domain) {
- # Try our DNS Searchlist
- for my $domain(get_dns_domains()) {
- chomp($domain);
- my ($tmp_domains, $error_string) = &get_server_addresses($domain);
- if(@$tmp_domains) {
- for my $tmp_server(@$tmp_domains) {
- push @tmp_servers, $tmp_server;
+ daemon_log("0 INFO: found foreign server in config file: ".join(", ", @foreign_server_list), 5);
+}
+
+# Perform a DNS lookup for server registration if flag is true
+if ($dns_lookup eq "true") {
+ # Add foreign server from dns
+ my @tmp_servers;
+ if (not $server_domain) {
+ # Try our DNS Searchlist
+ for my $domain(get_dns_domains()) {
+ chomp($domain);
+ my ($tmp_domains, $error_string) = &get_server_addresses($domain);
+ if(@$tmp_domains) {
+ for my $tmp_server(@$tmp_domains) {
+ push @tmp_servers, $tmp_server;
+ }
}
}
+ if(@tmp_servers && length(@tmp_servers)==0) {
+ daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
+ }
+ } else {
+ @tmp_servers = &get_server_addresses($server_domain);
+ if( 0 == @tmp_servers ) {
+ daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
+ }
}
- if(@tmp_servers && length(@tmp_servers)==0) {
- daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
+
+ daemon_log("0 INFO: found foreign server via DNS ".join(", ", @tmp_servers), 5);
+
+ foreach my $server (@tmp_servers) {
+ unshift(@foreign_server_list, $server);
}
} else {
- @tmp_servers = &get_server_addresses($server_domain);
- if( 0 == @tmp_servers ) {
- daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
- }
-}
-foreach my $server (@tmp_servers) {
- unshift(@foreign_server_list, $server);
+ daemon_log("0 INFO: DNS lookup for server registration is disabled", 5);
}
+
+
# eliminate duplicate entries
@foreign_server_list = &del_doubles(@foreign_server_list);
my $all_foreign_server = join(", ", @foreign_server_list);
-daemon_log("0 INFO: found foreign server in config file and DNS: $all_foreign_server", 5);
+daemon_log("0 INFO: found foreign server in config file and DNS: '$all_foreign_server'", 5);
# add all found foreign servers to known_server
my $act_timestamp = &get_time();