index 69f8facd8b5f2f68fcd124797c69f46227ec8ae6..b3b48e6709017711047dfa4ff405067f66eab402 100755 (executable)
use Config::IniFiles;
use POSIX;
-use Fcntl;
+use Fcntl qw/:flock/;
use IO::Socket::INET;
use IO::Handle;
use IO::Select;
# holds all messages which should be delivered to a user
our $messaging_db;
our $messaging_tn = "messaging";
-our @messaging_col_names = ("id INTEGER", "subject TEXT", "message_from VARCHAR(255)", "message_to VARCHAR(255)",
+our @messaging_col_names = ("id INTEGER PRIMARY KEY", "subject TEXT", "message_from VARCHAR(255)", "message_to VARCHAR(255)",
"flag VARCHAR(255)", "direction VARCHAR(255)", "delivery_time VARCHAR(255)", "message TEXT", "timestamp VARCHAR(14)" );
my $messaging_file_name;
if(not defined $msg) { return }
if(not defined $level) { $level = 1 }
if(defined $log_file){
- open(LOG_HANDLE, ">>$log_file");
- if(not defined open( LOG_HANDLE, ">>$log_file" )) {
+ my $open_log_fh = sysopen(LOG_HANDLE, $log_file, O_WRONLY | O_CREAT | O_APPEND , 0440);
+ if(not $open_log_fh) {
print STDERR "cannot open $log_file: $!";
- return
+ return;
+ }
+ # check owner and group of log_file and update settings if necessary
+ my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $mtime, $ctime, $blksize, $blocks) = stat($log_file);
+ if((not $uid eq $root_uid) || (not $gid eq $adm_gid)) {
+ chown($root_uid, $adm_gid, $log_file);
}
+
chomp($msg);
#$msg =~s/\n//g; # no newlines are allowed in log messages, this is important for later log parsing
if($level <= $verbose){
my $name = $prg;
my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
+ flock(LOG_HANDLE, LOCK_EX);
+ seek(LOG_HANDLE, 0, 2);
print LOG_HANDLE $log_msg;
+ flock(LOG_HANDLE, LOCK_UN);
if( $foreground ) {
print STDERR $log_msg;
}
}
# Check if source contains hostname instead of ip address
- if(not $source =~ /^[a-z0-9\.]+:\d+$/i) {
+ if($source =~ /^[a-z][a-z0-9\.]+:\d+$/i) {
my ($hostname,$port) = split(/:/, $source);
my $ip_address = inet_ntoa(scalar gethostbyname($hostname));
if(defined($ip_address) && $ip_address =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/ && $port =~ /^\d+$/) {
"no-arp+" => \$no_arp,
);
+# Prepare UID / GID as daemon_log may need it quite early
+$root_uid = getpwnam('root');
+$adm_gid = getgrnam('adm');
+
# read and set config parameters
&check_cmdline_param ;
&read_configfile($cfg_file, %cfg_defaults);
$server_status = "developmental" ;
}
-# Prepare log file
-$root_uid = getpwnam('root');
-$adm_gid = getgrnam('adm');
-chmod(0640, $log_file);
+# Prepare log file and set permissons
+open(FH, ">>$log_file");
+close FH;
+chmod(0440, $log_file);
chown($root_uid, $adm_gid, $log_file);
chown($root_uid, $adm_gid, "/var/lib/gosa-si");
# connect to gosa-si job queue
unlink($job_queue_file_name); ## just for debugging
$job_db = GOSA::DBsqlite->new($job_queue_file_name);
- chmod(0660, $job_queue_file_name);
+ chmod(0640, $job_queue_file_name);
chown($root_uid, $adm_gid, $job_queue_file_name);
# connect to known_clients_db
unlink($known_clients_file_name); ## just for debugging
$known_clients_db = GOSA::DBsqlite->new($known_clients_file_name);
- chmod(0660, $known_clients_file_name);
+ chmod(0640, $known_clients_file_name);
chown($root_uid, $adm_gid, $known_clients_file_name);
# connect to foreign_clients_db
unlink($foreign_clients_file_name);
$foreign_clients_db = GOSA::DBsqlite->new($foreign_clients_file_name);
- chmod(0660, $foreign_clients_file_name);
+ chmod(0640, $foreign_clients_file_name);
chown($root_uid, $adm_gid, $foreign_clients_file_name);
# connect to known_server_db
unlink($known_server_file_name);
$known_server_db = GOSA::DBsqlite->new($known_server_file_name);
- chmod(0660, $known_server_file_name);
+ chmod(0640, $known_server_file_name);
chown($root_uid, $adm_gid, $known_server_file_name);
# connect to login_usr_db
unlink($login_users_file_name);
$login_users_db = GOSA::DBsqlite->new($login_users_file_name);
- chmod(0660, $login_users_file_name);
+ chmod(0640, $login_users_file_name);
chown($root_uid, $adm_gid, $login_users_file_name);
# connect to fai_server_db
unlink($fai_server_file_name);
$fai_server_db = GOSA::DBsqlite->new($fai_server_file_name);
- chmod(0660, $fai_server_file_name);
+ chmod(0640, $fai_server_file_name);
chown($root_uid, $adm_gid, $fai_server_file_name);
# connect to fai_release_db
unlink($fai_release_file_name);
$fai_release_db = GOSA::DBsqlite->new($fai_release_file_name);
- chmod(0660, $fai_release_file_name);
+ chmod(0640, $fai_release_file_name);
chown($root_uid, $adm_gid, $fai_release_file_name);
# connect to packages_list_db
#unlink($packages_list_file_name);
unlink($packages_list_under_construction);
$packages_list_db = GOSA::DBsqlite->new($packages_list_file_name);
- chmod(0660, $packages_list_file_name);
+ chmod(0640, $packages_list_file_name);
chown($root_uid, $adm_gid, $packages_list_file_name);
# connect to messaging_db
unlink($messaging_file_name);
$messaging_db = GOSA::DBsqlite->new($messaging_file_name);
- chmod(0660, $messaging_file_name);
+ chmod(0640, $messaging_file_name);
chown($root_uid, $adm_gid, $messaging_file_name);
}
}