index b25c44d95f4c1282f7f2f8f8857a6b9ee6d9f95d..08c8689357e994930ba38f38eac978b39723abd0 100644 (file)
use Data::Dumper;
use NetAddr::IP;
use Net::LDAP;
+use Net::LDAP::Util;
use Socket;
use Net::hostent;
END {}
my ($server_ip, $server_port, $ClientPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface);
-my ($bus_activ, $bus_key, $bus_ip, $bus_port);
+#my ($bus_activ, $bus_key, $bus_ip, $bus_port);
my $server;
my $network_interface;
-my $no_bus;
+#my $no_bus;
my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
my $mesg;
my %cfg_defaults = (
-"bus" => {
- "activ" => [\$bus_activ, "on"],
- "key" => [\$bus_key, ""],
- "ip" => [\$bus_ip, ""],
- "port" => [\$bus_port, "20080"],
- },
"server" => {
"ip" => [\$server_ip, "0.0.0.0"],
"mac-address" => [\$main::server_mac_address, "00:00:00:00:00"],
### START #####################################################################
# read configfile and import variables
-&read_configfile();
+&local_read_configfile();
# if server_ip is not an ip address but a name
# import local events
my ($error, $result, $event_hash) = &import_events($event_dir);
-if ($error == 0) {
- foreach my $log_line (@$result) {
+
+foreach my $log_line (@$result) {
+ if ($log_line =~ / succeed: /) {
&main::daemon_log("0 DEBUG: ClientPackages - $log_line", 7);
- }
-} else {
- foreach my $log_line (@$result) {
+ } else {
&main::daemon_log("0 ERROR: ClientPackages - $log_line", 1);
}
+}
+# build vice versa event_hash, event_name => module
+my $event2module_hash = {};
+while (my ($module, $mod_events) = each %$event_hash) {
+ while (my ($event_name, $nothing) = each %$mod_events) {
+ $event2module_hash->{$event_name} = $module;
+ }
}
$main::server_address = $server_address;
-if( inet_aton($bus_ip) ){ $bus_ip = inet_ntoa(inet_aton($bus_ip)); }
-######################################################
-# to change
-if( $bus_ip eq "127.0.1.1" ) { $bus_ip = "127.0.0.1" }
-######################################################
-my $bus_address = "$bus_ip:$bus_port";
-$main::bus_address = $bus_address;
-
-# create general settings for this module
-my $xml = new XML::Simple();
-
-# register at bus
-if ($main::no_bus > 0) {
- $bus_activ = "off"
-}
-if($bus_activ eq "on") {
- ®ister_at_bus();
-}
-
-# add myself to known_server_db
-my $res = $main::known_server_db->add_dbentry( {table=>'known_server',
- primkey=>['hostname'],
- hostname=>$server_address,
- status=>'myself',
- hostkey=>$ClientPackages_key,
- timestamp=>&get_time,
- } );
-
-
-
### functions #################################################################
sub get_module_info {
my @info = ($server_address,
$ClientPackages_key,
+ $event_hash,
);
return \@info;
}
#=== FUNCTION ================================================================
-# NAME: read_configfile
+# NAME: local_read_configfile
# PARAMETERS: cfg_file - string -
# RETURNS: nothing
# DESCRIPTION: read cfg_file and set variables
#===============================================================================
-sub read_configfile {
+sub local_read_configfile {
my $cfg;
if( defined( $main::cfg_file) && ( (-s $main::cfg_file) > 0 )) {
if( -r $main::cfg_file ) {
}
-#=== FUNCTION ================================================================
-# NAME: get_interface_for_ip
-# PARAMETERS: ip address (i.e. 192.168.0.1)
-# RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else
-# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
-#===============================================================================
-sub get_interface_for_ip {
- my $result;
- my $ip= shift;
- if ($ip && length($ip) > 0) {
- my @ifs= &get_interfaces();
- if($ip eq "0.0.0.0") {
- $result = "all";
- } else {
- foreach (@ifs) {
- my $if=$_;
- if(&main::get_ip($if) eq $ip) {
- $result = $if;
- }
- }
- }
- }
- return $result;
-}
-
-#=== FUNCTION ================================================================
-# NAME: get_interfaces
-# PARAMETERS: none
-# RETURNS: (list of interfaces)
-# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
-#===============================================================================
-sub get_interfaces {
- my @result;
- my $PROC_NET_DEV= ('/proc/net/dev');
-
- open(PROC_NET_DEV, "<$PROC_NET_DEV")
- or die "Could not open $PROC_NET_DEV";
-
- my @ifs = <PROC_NET_DEV>;
-
- close(PROC_NET_DEV);
-
- # Eat first two line
- shift @ifs;
- shift @ifs;
-
- chomp @ifs;
- foreach my $line(@ifs) {
- my $if= (split /:/, $line)[0];
- $if =~ s/^\s+//;
- push @result, $if;
- }
-
- return @result;
-}
#=== FUNCTION ================================================================
# NAME: get_mac
}
-#=== FUNCTION ================================================================
-# NAME: register_at_bus
-# PARAMETERS: nothing
-# RETURNS: nothing
-# DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus
-#===============================================================================
-sub register_at_bus {
-
- # add bus to known_server_db
- my $res = $main::known_server_db->add_dbentry( {table=>'known_server',
- primkey=>['hostname'],
- hostname=>$bus_address,
- status=>'bus',
- hostkey=>$bus_key,
- timestamp=>&get_time,
- } );
- my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address);
- my $msg = &create_xml_string($msg_hash);
-
- &main::send_msg_to_target($msg, $bus_address, $bus_key, "here_i_am");
- return $msg;
-}
-
-
-
-# outcommented from rettenbe: moved to GosaSupportDaemon.pm
-#sub import_events {
-# if (not -e $event_dir) {
-# &main::daemon_log("S ERROR: cannot find directory or directory is not readable: $event_dir", 1);
-# }
-# opendir (DIR, $event_dir) or die "ERROR while loading gosa-si-events from directory $event_dir : $!\n";
-#
-# while (defined (my $event = readdir (DIR))) {
-# if( $event eq "." || $event eq ".." ) { next; }
-# if( $event eq "gosaTriggered.pm" ) { next; } # only GOsa specific events
-#
-# eval{ require $event; };
-# if( $@ ) {
-# &main::daemon_log("S ERROR: import of event module '$event' failed", 1);
-# &main::daemon_log("$@", 8);
-# next;
-# }
-#
-# $event =~ /(\S*?).pm$/;
-# my $event_module = $1;
-# my $events_l = eval( $1."::get_events()") ;
-# foreach my $event_name (@{$events_l}) {
-# $event_hash->{$event_name} = $event_module;
-# }
-# my $events_string = join( ", ", @{$events_l});
-# &main::daemon_log("S DEBUG: ClientPackages imported events $events_string", 8);
-# }
-#}
-
-
#=== FUNCTION ================================================================
# NAME: process_incoming_msg
# PARAMETERS: crypted_msg - string - incoming crypted message
@out_msg_l = &here_i_am($msg, $msg_hash, $session_id)
} else {
# a event exists with the header as name
- if( exists $event_hash->{$header} ) {
- &main::daemon_log("$session_id INFO: found event '$header' at event-module '".$event_hash->{$header}."'", 5);
+ if( exists $event2module_hash->{$header} ) {
+ &main::daemon_log("$session_id INFO: found event '$header' at event-module '".$event2module_hash->{$header}."'", 5);
no strict 'refs';
- @out_msg_l = &{$event_hash->{$header}."::$header"}($msg, $msg_hash, $session_id);
+ @out_msg_l = &{$event2module_hash->{$header}."::$header"}($msg, $msg_hash, $session_id);
# if no event handler is implemented
} else {
@out_msg_l = ();
} elsif ($out_msg_l[0] eq 'knownclienterror') {
&main::daemon_log("$session_id ERROR: no or more than 1 hits are found at known_clients_db with sql query: '$sql_events'", 1);
- &main::daemon_log("$session_id WARNING: processing is aborted and message will not be forwarded");
+ &main::daemon_log("$session_id ERROR: processing is aborted and message will not be forwarded", 1);
@out_msg_l = ();
} elsif ($out_msg_l[0] eq 'noeventerror') {
- &main::daemon_log("$session_id WARNING: client '$target' is not registered for event '$header', processing is aborted", 1);
+ &main::daemon_log("$session_id ERROR: client '$target' is not registered for event '$header', processing is aborted", 1);
@out_msg_l = ();
}
my $gotoHardwareChecksum = @{$msg_hash->{gotoHardwareChecksum}}[0];
my $client_status = @{$msg_hash->{client_status}}[0];
my $client_revision = @{$msg_hash->{client_revision}}[0];
+ my $key_lifetime = @{$msg_hash->{key_lifetime}}[0];
+
+ # Move forced hostname to heap - if used
+ #FIXME: move to some global POE namespace - please
+ if ( defined($msg_hash->{'force-hostname'}[0]) &&
+ length($msg_hash->{'force-hostname'}[0]) > 0){
+ # $heap->{force-hostname}->{$mac_address}= $msg_hash->{'force-hostname'}[0];
+ open (TFILE, ">/var/tmp/$mac_address");
+ print TFILE $msg_hash->{'force-hostname'}[0];
+ close (TFILE);
+ } else {
+ # $heap->{force-hostname}->{$mac_address}= undef;
+ if ( -e "/var/tmp/$mac_address") {
+ unlink("/var/tmp/$mac_address")
+ };
+ }
# number of known clients
my $nu_clients= $main::known_clients_db->count_dbentries('known_clients');
status=>'registered',
hostkey=>$new_passwd,
timestamp=>$act_timestamp,
+ keylifetime=>$key_lifetime,
} );
if ($res != 0) {
$out_hash = &create_xml_hash("registered", $server_address, $source);
-
-
-# # notify registered client to all other server
-# if( $bus_activ eq "on") {
-# # fetch actual bus key
-# my $sql_statement= "SELECT * FROM known_server WHERE status='bus'";
-# my $query_res = $main::known_server_db->select_dbentry( $sql_statement );
-# my $hostkey = $query_res->{1}->{'hostkey'};
-#
-# # send update msg to bus
-# $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source);
-# &add_content2xml_hash($out_hash, "macaddress", $mac_address);
-# &add_content2xml_hash($out_hash, "timestamp", $act_timestamp);
-# my $new_client_out = &create_xml_string($out_hash);
-# push(@out_msg_l, $new_client_out);
-# &main::daemon_log("$session_id INFO: send bus msg that client '$source' has registered at server '$server_address'", 5);
-# }
-
# give the new client his ldap config
# Workaround: Send within the registration response, if the client will get an ldap config later
my $new_ldap_config_out = &new_ldap_config($source, $session_id);
push(@out_msg_l, $new_ldap_config_out);
}
+ # Send client hardware configuration
my $hardware_config_out = &hardware_config($msg, $msg_hash, $session_id);
if( $hardware_config_out ) {
push(@out_msg_l, $hardware_config_out);
}
+ # Send client ntp server
+ my $ntp_config_out = &new_ntp_config($mac_address, $session_id);
+ if ($ntp_config_out) {
+ push(@out_msg_l, $ntp_config_out);
+ }
+
+ # Send client syslog server
+ my $syslog_config_out = &new_syslog_config($mac_address, $session_id);
+ if ($syslog_config_out) {
+ push(@out_msg_l, $syslog_config_out);
+ }
+
# notify registered client to all other server
my %mydata = ( 'client' => $source, 'macaddress' => $mac_address);
my $mymsg = &build_msg('new_foreign_client', $main::server_address, "KNOWN_SERVER", \%mydata);
}
+sub new_syslog_config {
+ my ($mac_address, $session_id) = @_;
+ my $syslog_msg;
+
+ # Build LDAP connection
+ my $ldap_handle = &main::get_ldap_handle($session_id);
+ if( not defined $ldap_handle ) {
+ &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
+ return;
+ }
+
+ # Perform search
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoSyslogServer'],
+ filter => "(&(objectClass=GOhard)(macaddress=$mac_address))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not sending syslog config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoSyslogServer".
+ "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ my $filter_dn = &Net::LDAP::Util::escape_filter_value($entry->dn);
+ my $syslog_server = $entry->get_value("gotoSyslogServer");
+
+ # If no syslog server is specified at host, just have a look at the object group of the host
+ # Perform object group search
+ if (not defined $syslog_server) {
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoSyslogServer'],
+ filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not sending syslog config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoSyslogServer".
+ "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ $syslog_server= $entry->get_value("gotoSyslogServer");
+ }
+
+ # Return if no syslog server specified
+ if (not defined $syslog_server) {
+ &main::daemon_log("$session_id WARNING: no syslog server specified for this host '$mac_address'", 3);
+ return;
+ }
+
+
+ # Add syslog server to 'syslog_config' message
+ my $syslog_msg_hash = &create_xml_hash("new_syslog_config", $server_address, $mac_address);
+ &add_content2xml_hash($syslog_msg_hash, "server", $syslog_server);
+
+ return &create_xml_string($syslog_msg_hash);
+}
+
+
+sub new_ntp_config {
+ my ($address, $session_id) = @_;
+ my $ntp_msg;
+
+ # Build LDAP connection
+ my $ldap_handle = &main::get_ldap_handle($session_id);
+ if( not defined $ldap_handle ) {
+ &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
+ return;
+ }
+
+ # Perform search
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoNtpServer'],
+ filter => "(&(objectClass=GOhard)(macaddress=$address))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $address not found/unique/active - not sending ntp config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoNtpServer".
+ "\n\tfilter: (&(objectClass=GOhard)(macaddress=$address))", 1);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ my $filter_dn = &Net::LDAP::Util::escape_filter_value($entry->dn);
+ my @ntp_servers= $entry->get_value("gotoNtpServer");
+
+ # If no ntp server is specified at host, just have a look at the object group of the host
+ # Perform object group search
+ if ((not @ntp_servers) || (@ntp_servers == 0)) {
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoNtpServer'],
+ filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $address not found/unique/active - not sending ntp config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoNtpServer".
+ "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ @ntp_servers= $entry->get_value("gotoNtpServer");
+ }
+
+ # Return if no ntp server specified
+ if ((not @ntp_servers) || (@ntp_servers == 0)) {
+ &main::daemon_log("$session_id WARNING: no ntp server specified for this host '$address'", 3);
+ return;
+ }
+
+ # Add each ntp server to 'ntp_config' message
+ my $ntp_msg_hash = &create_xml_hash("new_ntp_config", $server_address, $address);
+ foreach my $ntp_server (@ntp_servers) {
+ &add_content2xml_hash($ntp_msg_hash, "server", $ntp_server);
+ }
+
+ return &create_xml_string($ntp_msg_hash);
+}
+
+
#=== FUNCTION ================================================================
# NAME: new_ldap_config
# PARAMETERS: address - string - ip address and port of a host
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
&main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query '$sql_statement'", 1);
+ return;
}
$address = $res->{1}->{hostname};
# Sanity check
if ($mesg->count != 1) {
- &main::daemon_log("$session_id WARNING: client with mac address $macaddress not found/unique/active - not sending ldap config".
+ &main::daemon_log("$session_id ERROR: client with mac address $macaddress not found/unique/active - not sending ldap config".
"\n\tbase: $ldap_base".
"\n\tscope: sub".
"\n\tattrs: dn, gotoLdapServer".
}
my $entry= $mesg->entry(0);
- my $dn= $entry->dn;
+ my $filter_dn= &Net::LDAP::Util::escape_filter_value($entry->dn);
my @servers= $entry->get_value("gotoLdapServer");
my $unit_tag= $entry->get_value("gosaUnitTag");
my @ldap_uris;
my $server;
my $base;
my $release;
+ my $dn= $entry->dn;
# Fill release if available
my $FAIclass= $entry->get_value("FAIclass");
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'FAIclass'],
- filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))");
- #$mesg->code && die $mesg->error;
+ filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))");
if($mesg->code) {
- &main::daemon_log("$session_id ".$mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1);
return;
}
# Sanity check
- if ($mesg->count != 1) {
- &main::daemon_log("$session_id WARNING: no LDAP information found for client mac $macaddress", 1);
- return;
- }
+ if ($mesg->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $macaddress not found/unique/active - not sending ldap config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: dn, gotoLdapServer, FAIclass".
+ "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ return;
+ }
$entry= $mesg->entry(0);
$dn= $entry->dn;
@servers= sort (@servers);
+ # complain if no ldap information found
+ if (@servers == 0) {
+ &main::daemon_log("$session_id ERROR: no gotoLdapServer information for LDAP entry '$dn'", 1);
+ }
+
foreach $server (@servers){
# Conversation for backward compatibility
if (not $server =~ /^\d+:[^:]+:ldap[^:]*:\/\// ) {
# TODO
# resolve plain name for host
my $func_dic = {table=>$main::job_queue_tn,
- primkey=>[],
+ primkey=>['macaddress', 'headertag'],
timestamp=>&get_time,
status=>'processing',
result=>'none',
xmlmessage=>'none',
macaddress=>$macaddress,
plainname=>'none',
+ siserver=>'localhost',
+ modified=>'1',
};
my $hd_res = $main::job_db->add_dbentry($func_dic);
&main::daemon_log("$session_id INFO: add '$macaddress' to job queue as an installing job", 5);
} else {
my $entry= $mesg->entry(0);
- my $dn= $entry->dn;
if (defined($entry->get_value("gotoHardwareChecksum"))) {
if (! $entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum) {
$entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum);
return $result;
}
+# vim:ts=4:shiftwidth:expandtab
1;