![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index 0b00e52bcbfedbf579ae4dbdc19c6da77edc9ed1..a6daf3fe11c0202a8767961dbb0858fcc11a3bc2 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
use Config::IniFiles;
use POSIX;
-use Fcntl;
+use Fcntl qw/:flock/;
use IO::Socket::INET;
use IO::Handle;
use IO::Select;
use XML::Simple;
use Data::Dumper;
use Sys::Syslog qw( :DEFAULT setlogsock);
+use Time::HiRes qw( usleep);
use Cwd;
use File::Spec;
use File::Basename;
use POE qw(Component::Server::TCP Wheel::Run Filter::Reference);
use Net::LDAP;
use Net::LDAP::Util qw(:escape);
-use Time::HiRes qw( usleep);
+use ResourcePool;
+use ResourcePool::Factory::Net::LDAP;
# revision number of server and program name
my $server_headURL;
my ($gosa_server, $job_queue_timeout, $job_queue_loop_delay);
my ($messaging_db_loop_delay);
my ($procid, $pid);
-my ($arp_fifo);
+my ($arp_fifo, $ldap_pool, $ldap_factory);
my ($xml);
my $sources_list;
my $max_clients;
our $verbose;
our $forground;
our $cfg_file;
-our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn);
+our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn, $ldap_version);
our ($mysql_username, $mysql_password, $mysql_database, $mysql_host);
our $known_modules;
our $root_uid;
"ldap-base" => [\$ldap_base, ""],
"ldap-admin-dn" => [\$ldap_admin_dn, ""],
"ldap-admin-password" => [\$ldap_admin_password, ""],
+ "ldap-version" => [\$ldap_version, 3],
"gosa-unit-tag" => [\$gosa_unit_tag, ""],
"max-clients" => [\$max_clients, 10],
"wol-password" => [\$wake_on_lan_passwd, ""],
- "mysql-username" => [\$mysql_username, "gosa_si"],
- "mysql-password" => [\$mysql_password, ""],
- "mysql-database" => [\$mysql_database, "gosa_si"],
- "mysql-host" => [\$mysql_host, "127.0.0.1"],
+ "mysql-username" => [\$mysql_username, "gosa_si"],
+ "mysql-password" => [\$mysql_password, ""],
+ "mysql-database" => [\$mysql_database, "gosa_si"],
+ "mysql-host" => [\$mysql_host, "127.0.0.1"],
},
"GOsaPackages" => {
"job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
if(not defined $msg) { return }
if(not defined $level) { $level = 1 }
if(defined $log_file){
- open(LOG_HANDLE, ">>$log_file");
- if(not defined open( LOG_HANDLE, ">>$log_file" )) {
+ my $open_log_fh = sysopen(LOG_HANDLE, $log_file, O_WRONLY | O_CREAT | O_APPEND , 0440);
+ if(not $open_log_fh) {
print STDERR "cannot open $log_file: $!";
- return
+ return;
}
+ # check owner and group of log_file and update settings if necessary
+ my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $mtime, $ctime, $blksize, $blocks) = stat($log_file);
+ if((not $uid eq $root_uid) || (not $gid eq $adm_gid)) {
+ chown($root_uid, $adm_gid, $log_file);
+ }
+
chomp($msg);
#$msg =~s/\n//g; # no newlines are allowed in log messages, this is important for later log parsing
if($level <= $verbose){
my $name = $prg;
my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
+ flock(LOG_HANDLE, LOCK_EX);
+ seek(LOG_HANDLE, 0, 2);
print LOG_HANDLE $log_msg;
+ flock(LOG_HANDLE, LOCK_UN);
if( $foreground ) {
print STDERR $log_msg;
}
}
opendir (DIR, $modules_path) or die "ERROR while loading modules from directory $modules_path : $!\n";
+
+ my $ldap_handle = &get_ldap_handle;
while (defined (my $file = readdir (DIR))) {
if (not $file =~ /(\S*?).pm$/) {
next;
daemon_log("$@", 1);
exit;
} else {
- my $info = eval($mod_name.'::get_module_info()');
+ my $info = eval($mod_name.'::get_module_info($ldap_handle)');
# Only load module if get_module_info() returns a non-null object
if( $info ) {
my ($input_address, $input_key, $event_hash) = @{$info};
}
}
}
-
+ &release_ldap_handle($ldap_handle);
close (DIR);
}
sub next_task {
- my ($session, $heap, $task) = @_[SESSION, HEAP, ARG0];
+ my ($session, $heap, $task, $ldap_handle) = @_[SESSION, HEAP, ARG0, ARG1];
my $running_task = POE::Wheel::Run->new(
- Program => sub { process_task($session, $heap, $task) },
+ Program => sub { process_task($session, $heap, $task, $ldap_handle) },
StdioFilter => POE::Filter::Reference->new(),
StdoutEvent => "task_result",
StderrEvent => "task_debug",
CloseEvent => "task_done",
);
$heap->{task}->{ $running_task->ID } = $running_task;
+ $heap->{ldap_handle}->{$running_task->ID} = $ldap_handle;
}
sub handle_task_result {
sub handle_task_done {
my ( $kernel, $heap, $task_id ) = @_[ KERNEL, HEAP, ARG0 ];
delete $heap->{task}->{$task_id};
+ if (exists $heap->{ldap_handle}->{$task_id}) {
+ &release_ldap_handle($heap->{ldap_handle}->{$task_id});
+ }
}
sub process_task {
no strict "refs";
#CHECK: Not @_[...]?
- my ($session, $heap, $task) = @_;
+ my ($session, $heap, $task, $ldap_handle) = @_;
my $error = 0;
my $answer_l;
my ($answer_header, @answer_target_l, $answer_source);
# set timestamp of incoming client uptodate, so client will not
# be deleted from known_clients because of expiration
- my $act_time = &get_time();
- my $sql = "UPDATE $known_clients_tn SET timestamp='$act_time' WHERE hostname='$source'";
+ my $cur_time = &get_time();
+ my $sql = "UPDATE $known_clients_tn SET timestamp='$cur_time' WHERE hostname='$source'";
my $res = $known_clients_db->exec_statement($sql);
######################
if( $error == 0) {
daemon_log("$session_id INFO: Incoming msg (session_id=$session_id) with header '".@{$msg_hash->{'header'}}[0]."'", 5);
daemon_log("$session_id DEBUG: Processing module ".$module, 7);
- $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id);
+ $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id, $ldap_handle);
if ( 0 < @{$answer_l} ) {
my $answer_str = join("\n", @{$answer_l});
attrs => ['memberUid'],
filter => "cn=$group_name",
);
+ &release_ldap_handle($ldap_handle);
if ($mesg->count) {
my @entries = $mesg->entries;
foreach my $entry (@entries) {
my $sql_statement = "SELECT * FROM $known_clients_tn";
my $res = $known_clients_db->select_dbentry( $sql_statement );
- my $act_time = int(&get_time());
+ my $cur_time = int(&get_time());
while ( my ($hit_num, $hit) = each %$res) {
my $expired_timestamp = int($hit->{'timestamp'});
$dt->add( seconds => 2 * int($hit->{'keylifetime'}) );
$expired_timestamp = $dt->ymd('').$dt->hms('');
- if ($act_time > $expired_timestamp) {
+ if ($cur_time > $expired_timestamp) {
my $hostname = $hit->{'hostname'};
my $del_sql = "DELETE FROM $known_clients_tn WHERE hostname='$hostname'";
my $del_res = $known_clients_db->exec_statement($del_sql);
my $message_id = $hit->{'id'};
my $session_id = $hit->{'sessionid'};
&daemon_log("$session_id DEBUG: start processing for message with incoming id: '$message_id'", 7);
- $kernel->yield('next_task', $hit);
+
+ my $ldap_handle = &get_ldap_handle();
+ if (not defined $ldap_handle) { next; }
+ $kernel->yield('next_task', $hit, $ldap_handle);
my $sql = "DELETE FROM $incoming_tn WHERE id=$message_id";
my $res = $incoming_db->exec_statement($sql);
sub get_ldap_handle {
my ($session_id) = @_;
my $heap;
- my $ldap_handle;
if (not defined $session_id ) { $session_id = 0 };
if ($session_id =~ /[^0-9]*/) { $session_id = 0 };
- if ($session_id == 0) {
- daemon_log("$session_id DEBUG: get_ldap_handle invoked without a session_id, create a new ldap_handle", 7);
- $ldap_handle = Net::LDAP->new( $ldap_uri );
- if (defined $ldap_handle) {
- $ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password) or daemon_log("$session_id ERROR: Bind to LDAP $ldap_uri as $ldap_admin_dn failed!");
- } else {
- daemon_log("$session_id ERROR: creation of a new LDAP handle failed (ldap_uri '$ldap_uri')");
- }
-
- } else {
- my $session_reference = $global_kernel->ID_id_to_session($session_id);
- if( defined $session_reference ) {
- $heap = $session_reference->get_heap();
- }
-
- if (not defined $heap) {
- daemon_log("$session_id DEBUG: cannot get heap for session_id '$session_id'", 7);
- return;
- }
+ (my $package, my $file, my $row, my $subroutine, my $hasArgs, my $wantArray, my $evalText, my $isRequire) = caller(1);
+ my $caller_text = "subroutin $subroutine";
+ if ($subroutine eq "(eval)") {
+ $caller_text = "eval block within file '$file' for '$evalText'";
+ }
+ daemon_log("$session_id INFO: new ldap handle for $caller_text required");
- # TODO: This "if" is nonsense, because it doesn't prove that the
- # used handle is still valid - or if we've to reconnect...
- #if (not exists $heap->{ldap_handle}) {
- $ldap_handle = Net::LDAP->new( $ldap_uri );
- $ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password) or daemon_log("$session_id ERROR: Bind to LDAP $ldap_uri as $ldap_admin_dn failed!");
- $heap->{ldap_handle} = $ldap_handle;
- #}
+ my $ldap_handle = $ldap_pool->get();
+
+ if (not defined $ldap_handle) {
+ daemon_log("$session_id INFO: ldap handle for $caller_text not available");
}
+ daemon_log("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
return $ldap_handle;
}
+sub release_ldap_handle {
+ my ($ldap_handle) = @_ ;
+ $ldap_pool->free($ldap_handle);
+ daemon_log("0 INFO: ldap handle released!\n-------------------------------------------------------------------------------");
+ return;
+}
+
sub change_fai_state {
my ($st, $targets, $session_id) = @_;
my $state= $mapActions{ $st };
- my $ldap_handle = &get_ldap_handle($session_id);
- if( defined($ldap_handle) ) {
+ #if( defined($ldap_handle) ) {
# Build search filter for hosts
my $search= "(&(objectClass=GOhard)";
return;
}
+ my $ldap_handle = &get_ldap_handle($session_id);
# Perform search for Unit Tag
my $mesg = $ldap_handle->search(
base => $ldap_base,
} else {
daemon_log("$session_id ERROR: LDAP search failed: ldap_base=$ldap_base, filter=$search", 1);
}
+ &release_ldap_handle($ldap_handle);
# if no ldap handle defined
- } else {
- daemon_log("$session_id ERROR: no LDAP handle defined for update FAIstate", 1);
- }
+ #} else {
+ # daemon_log("$session_id ERROR: no LDAP handle defined for update FAIstate", 1);
+ #}
return;
}
}
}
+ &release_ldap_handle($ldap_handle);
+ return;
}
sub run_create_fai_server_db {
my ($kernel, $session, $heap, $table_name) = @_[KERNEL, SESSION, HEAP, ARG0];
my $session_id = $session->ID;
+ my $ldap_handle = &get_ldap_handle();
+ if (not defined $ldap_handle) {
+ $kernel->delay_set('create_fai_server_db', 1, $table_name);
+ return;
+ }
my $task = POE::Wheel::Run->new(
- Program => sub { &create_fai_server_db($table_name,$kernel, undef, $session_id) },
+ Program => sub { &create_fai_server_db($table_name,$kernel, undef, $session_id, $ldap_handle) },
StdoutEvent => "session_run_result",
StderrEvent => "session_run_debug",
CloseEvent => "session_run_done",
);
$heap->{task}->{ $task->ID } = $task;
+ $heap->{ldap_handle}->{$task->ID} = $ldap_handle;
return;
}
sub create_fai_server_db {
- my ($table_name, $kernel, $dont_create_packages_list, $session_id) = @_;
+ my ($table_name, $kernel, $dont_create_packages_list, $session_id, $ldap_handle) = @_;
my $result;
if (not defined $session_id) { $session_id = 0; }
- my $ldap_handle = &get_ldap_handle();
if(defined($ldap_handle)) {
daemon_log("$session_id INFO: create_fai_server_db: start", 5);
my $mesg= $ldap_handle->search(
# TODO: Find a way to post the 'create_packages_list_db' event
if(not defined($dont_create_packages_list)) {
- &create_packages_list_db(undef, undef, $session_id);
+ &create_packages_list_db(undef, $session_id);
}
}
- $ldap_handle->disconnect;
return $result;
}
sub run_create_fai_release_db {
- my ($session, $heap, $table_name) = @_[SESSION, HEAP, ARG0];
+ my ($kernel, $session, $heap, $table_name) = @_[KERNEL, SESSION, HEAP, ARG0];
my $session_id = $session->ID;
+ my $ldap_handle = &get_ldap_handle();
+ if (not defined $ldap_handle) {
+ $kernel->delay_set('create_fai_release_db', 1, $table_name);
+ return;
+ }
my $task = POE::Wheel::Run->new(
- Program => sub { &create_fai_release_db($table_name, $session_id) },
+ Program => sub { &create_fai_release_db($table_name, $session_id, $ldap_handle) },
StdoutEvent => "session_run_result",
StderrEvent => "session_run_debug",
CloseEvent => "session_run_done",
);
$heap->{task}->{ $task->ID } = $task;
+ $heap->{ldap_handle}->{$task->ID} = $ldap_handle;
return;
}
sub create_fai_release_db {
- my ($table_name, $session_id) = @_;
+ my ($table_name, $session_id, $ldap_handle) = @_;
my $result;
# used for logging
if (not defined $session_id) { $session_id = 0; }
- my $ldap_handle = &get_ldap_handle();
+ #my $ldap_handle = &get_ldap_handle();
if(defined($ldap_handle)) {
daemon_log("$session_id INFO: create_fai_release_db: start",5);
my $mesg= $ldap_handle->search(
}
daemon_log("$session_id INFO: create_fai_release_db: finished",5);
}
- $ldap_handle->disconnect;
+ #&release_ldap_handle($ldap_handle);
return $result;
}
sub session_run_done {
my ( $kernel, $heap, $task_id ) = @_[ KERNEL, HEAP, ARG0 ];
delete $heap->{task}->{$task_id};
+ if (exists $heap->{ldap_handle}->{$task_id}) {
+ &release_ldap_handle($heap->{ldap_handle}->{$task_id});
+ }
+ delete $heap->{ldap_handle}->{$task_id};
}
sub create_sources_list {
my $session_id = shift;
- my $ldap_handle = &main::get_ldap_handle;
my $result="/tmp/gosa_si_tmp_sources_list";
# Remove old file
return undef;
}
if(defined($main::ldap_server_dn) and length($main::ldap_server_dn) > 0) {
+ my $ldap_handle = &get_ldap_handle();
my $mesg=$ldap_handle->search(
base => $main::ldap_server_dn,
scope => 'base',
attrs => 'FAIrepository',
filter => 'objectClass=FAIrepositoryServer'
);
+ &release_ldap_handle($ldap_handle);
if($mesg->count) {
foreach my $entry(@{$mesg->{'entries'}}) {
foreach my $value(@{$entry->get_value('FAIrepository', asref => 1)}) {
sub run_create_packages_list_db {
my ($kernel, $session, $heap) = @_[KERNEL, SESSION, HEAP];
my $session_id = $session->ID;
-
my $task = POE::Wheel::Run->new(
Priority => +20,
- Program => sub {&create_packages_list_db(undef, undef, $session_id)},
+ Program => sub {&create_packages_list_db(undef, $session_id)},
StdoutEvent => "session_run_result",
StderrEvent => "session_run_debug",
CloseEvent => "session_run_done",
sub create_packages_list_db {
- my ($ldap_handle, $sources_file, $session_id) = @_;
+ my ($sources_file, $session_id) = @_;
# it should not be possible to trigger a recreation of packages_list_db
# while packages_list_db is under construction, so set flag packages_list_under_construction
}
if (not defined $session_id) { $session_id = 0; }
- if (not defined $ldap_handle) {
- $ldap_handle= &get_ldap_handle();
- if (not defined $ldap_handle) {
- daemon_log("$session_id ERROR: no ldap_handle available to create_packages_list_db", 1);
- unlink($packages_list_under_construction);
- return;
- }
- }
if (not defined $sources_file) {
&main::daemon_log("$session_id INFO: no sources_file given for creating packages list so trigger creation of it", 5);
$sources_file = &create_sources_list($session_id);
} else {
$server_status = "developmental" ;
}
-
-# Prepare log file
+# Prepare log file and set permissions
$root_uid = getpwnam('root');
$adm_gid = getgrnam('adm');
-chmod(0640, $log_file);
+open(FH, ">>$log_file");
+close FH;
+chmod(0440, $log_file);
chown($root_uid, $adm_gid, $log_file);
chown($root_uid, $adm_gid, "/var/lib/gosa-si");
daemon_log("status: $server_status", 1);
daemon_log($server_status_hash->{$server_status}.": $server_revision", 1);
+# Create a pool of LDAP handles
+$ldap_factory = ResourcePool::Factory::Net::LDAP->new($ldap_uri, version => $ldap_version);
+$ldap_factory->bind($ldap_admin_dn, password=>$ldap_admin_password);
+$ldap_pool = ResourcePool->new($ldap_factory,
+ Max => 10,
+ #MaxTry => 1,
+ #SleepOnFail => [0, 0, 1, 1],
+ PreCreate => 5,
+);
+
+
+# Buildup data bases
{
no strict "refs";
# connect to gosa-si job queue
unlink($job_queue_file_name); ## just for debugging
$job_db = GOSA::DBsqlite->new($job_queue_file_name);
- chmod(0660, $job_queue_file_name);
+ chmod(0640, $job_queue_file_name);
chown($root_uid, $adm_gid, $job_queue_file_name);
# connect to known_clients_db
unlink($known_clients_file_name); ## just for debugging
$known_clients_db = GOSA::DBsqlite->new($known_clients_file_name);
- chmod(0660, $known_clients_file_name);
+ chmod(0640, $known_clients_file_name);
chown($root_uid, $adm_gid, $known_clients_file_name);
# connect to foreign_clients_db
unlink($foreign_clients_file_name);
$foreign_clients_db = GOSA::DBsqlite->new($foreign_clients_file_name);
- chmod(0660, $foreign_clients_file_name);
+ chmod(0640, $foreign_clients_file_name);
chown($root_uid, $adm_gid, $foreign_clients_file_name);
# connect to known_server_db
unlink($known_server_file_name);
$known_server_db = GOSA::DBsqlite->new($known_server_file_name);
- chmod(0660, $known_server_file_name);
+ chmod(0640, $known_server_file_name);
chown($root_uid, $adm_gid, $known_server_file_name);
# connect to login_usr_db
unlink($login_users_file_name);
$login_users_db = GOSA::DBsqlite->new($login_users_file_name);
- chmod(0660, $login_users_file_name);
+ chmod(0640, $login_users_file_name);
chown($root_uid, $adm_gid, $login_users_file_name);
# connect to fai_server_db
unlink($fai_server_file_name);
$fai_server_db = GOSA::DBsqlite->new($fai_server_file_name);
- chmod(0660, $fai_server_file_name);
+ chmod(0640, $fai_server_file_name);
chown($root_uid, $adm_gid, $fai_server_file_name);
# connect to fai_release_db
unlink($fai_release_file_name);
$fai_release_db = GOSA::DBsqlite->new($fai_release_file_name);
- chmod(0660, $fai_release_file_name);
+ chmod(0640, $fai_release_file_name);
chown($root_uid, $adm_gid, $fai_release_file_name);
# connect to packages_list_db
#unlink($packages_list_file_name);
unlink($packages_list_under_construction);
$packages_list_db = GOSA::DBsqlite->new($packages_list_file_name);
- chmod(0660, $packages_list_file_name);
+ chmod(0640, $packages_list_file_name);
chown($root_uid, $adm_gid, $packages_list_file_name);
# connect to messaging_db
unlink($messaging_file_name);
$messaging_db = GOSA::DBsqlite->new($messaging_file_name);
- chmod(0660, $messaging_file_name);
+ chmod(0640, $messaging_file_name);
chown($root_uid, $adm_gid, $messaging_file_name);
}
}
+
# Creating tables
$messaging_db->create_table($messaging_tn, \@messaging_col_names);
$packages_list_db->create_table($packages_list_tn, \@packages_list_col_names);
@@ -3359,7 +3395,6 @@ $known_clients_db->create_table($known_clients_tn, \@known_clients_col_names);
$incoming_db->create_table($incoming_tn, \@incoming_col_names);
$job_db->create_table($job_queue_tn, \@job_queue_col_names);
-
# create xml object used for en/decrypting
$xml = new XML::Simple();
daemon_log("0 INFO: found foreign server in config file and DNS: '$all_foreign_server'", 5);
# add all found foreign servers to known_server
-my $act_timestamp = &get_time();
+my $cur_timestamp = &get_time();
foreach my $foreign_server (@foreign_server_list) {
# do not add myself to known_server_db
primkey=>['hostname'],
hostname=>$foreign_server,
macaddress=>"",
- status=>'not_jet_registered',
+ status=>'not_yet_registered',
hostkey=>"none",
loaded_modules => "none",
- timestamp=>$act_timestamp,
+ timestamp=>$cur_timestamp,
} );
}