X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fclient%2Fevents%2Fcorefunctions.pm;h=f1a8935cc128c6c4bc9ef4bda18c42e159e2b905;hb=bafea1f535c3f2aa0e8e4bb8fe39aefb29dcb0d0;hp=de0539aa8cfed04104466252d21fea243ea52fd4;hpb=54fa8908ca0eb97e5437371c5f33d1b58524889d;p=gosa.git diff --git a/gosa-si/client/events/corefunctions.pm b/gosa-si/client/events/corefunctions.pm index de0539aa8..f1a8935cc 100644 --- a/gosa-si/client/events/corefunctions.pm +++ b/gosa-si/client/events/corefunctions.pm @@ -1,30 +1,42 @@ package corefunctions; use Exporter; @ISA = qw(Exporter); -my @events = qw(get_events registered set_activated_for_installation new_ldap_config new_key generate_hw_digest detect_hardware reboot halt reinstall softupdate); +my @events = ( + "get_events", + "registered", + 'new_syslog_config', + "new_ntp_config", + "new_ldap_config", + "new_key", + "generate_hw_digest", # no implementations + "detect_hardware", + "confirm_new_key", + "ping", + "import_events", # no implementations + ); @EXPORT = @events; use strict; use warnings; -use Data::Dumper; use Fcntl; use GOSA::GosaSupportDaemon; use File::Basename; +my ($ldap_enabled, $offline_enabled, $ldap_config, $pam_config, $nss_config, $fai_logpath, $ldap_config_exit_hook); -my ($ldap_enabled, $ldap_config, $pam_config, $nss_config, $fai_logpath); - +my $chrony_file = "/etc/chrony/chrony.conf"; +my $syslog_file = "/etc/syslog.conf"; my %cfg_defaults = ( - "general" => { - "fai_logpath" => [\$fai_logpath, "/var/log/fai/fai.log"], - }, - "client" => { - "ldap" => [\$ldap_enabled, 1], - "ldap_config" => [\$ldap_config, "/etc/ldap/ldap.conf"], - "pam_config" => [\$pam_config, "/etc/pam_ldap.conf"], - "nss_config" => [\$nss_config, "/etc/libnss_ldap.conf"], - }, + "client" => { + "ldap" => [\$ldap_enabled, 1], + "offline-ldap" => [\$offline_enabled, 0], + "ldap-config" => [\$ldap_config, "/etc/ldap/ldap.conf"], + "pam-config" => [\$pam_config, "/etc/pam_ldap.conf"], + "nss-config" => [\$nss_config, "/etc/libnss-ldap.conf"], + "fai-logpath" => [\$fai_logpath, "/var/log/fai/fai.log"], + "ldap-config-exit-hook" => [\$ldap_config_exit_hook, undef], + }, ); BEGIN {} @@ -41,125 +53,224 @@ my $server_key = $main::server_key; my $client_mac_address = $main::client_mac_address; sub write_to_file { - my ($string, $file) = @_; - my $error = 0; + my ($string, $file) = @_; + my $error = 0; - if( not defined $file || not -f $file ) { - &main::daemon_log("ERROR: $0: check '-f file' failed: $file", 1); - $error++; - } - if( not defined $string || 0 == length($string)) { - &main::daemon_log("ERROR: $0: empty string to write to file '$file'", 1); - $error++; - } - - if( $error == 0 ) { - - chomp($string); - - open(FILE, ">> $file"); - print FILE $string."\n"; - close(FILE); - } + if( not defined $file || not -f $file ) { + &main::daemon_log("ERROR: $0: check '-f file' failed: $file", 1); + $error++; + } + if( not defined $string || 0 == length($string)) { + &main::daemon_log("ERROR: $0: empty string to write to file '$file'", 1); + $error++; + } + + if( $error == 0 ) { - return; + chomp($string); + + if( not -f $file ) { + open (FILE, "$file"); + close(FILE); + } + open(FILE, ">> $file") or &main::daemon_log("ERROR in corefunctions.pm: can not open '$file' to write '$string'", 1);; + print FILE $string."\n"; + close(FILE); + } + + return; } sub get_events { - return \@events; + return \@events; } sub daemon_log { - my ($msg, $level) = @_ ; - &main::daemon_log($msg, $level); - return; + my ($msg, $level) = @_ ; + &main::daemon_log($msg, $level); + return; } +sub registered { + my ($msg, $msg_hash) = @_ ; -sub reboot { - my ($msg, $msg_hash) = @_ ; - &main::daemon_log("got reboot-msg: $msg", 5); - return; -} + my $header = @{$msg_hash->{'header'}}[0]; + if( $header eq "registered" ) { + my $source = @{$msg_hash->{'source'}}[0]; + &main::daemon_log("INFO: registration at $source", 1); + $main::server_address = $source; + } + # set globaly variable client_address + my $target = @{$msg_hash->{'target'}}[0]; + $main::client_address = $target; -sub halt { - my ($msg, $msg_hash) = @_ ; + # set registration_flag to true + &main::_setREGISTERED(1); - &main::daemon_log("got halt-msg: $msg", 5); - return; -} + # Write the MAC address to file + if(stat($main::opts_file)) { + unlink($main::opts_file); + } + my $opts_file_FH; + my $hostname= $main::client_dnsname; + $hostname =~ s/\..*$//; + $hostname =~ tr/A-Z/a-z/; + sysopen($opts_file_FH, $main::opts_file, O_RDWR | O_CREAT | O_TRUNC , 0644); + print $opts_file_FH "MAC=\"$main::client_mac_address\"\n"; + print $opts_file_FH "IPADDRESS=\"$main::client_ip\"\n"; + print $opts_file_FH "HOSTNAME=\"$hostname\"\n"; + print $opts_file_FH "FQDN=\"$main::client_dnsname\"\n"; + if(defined(@{$msg_hash->{'ldap_available'}}) && + @{$msg_hash->{'ldap_available'}}[0] eq "true") { + print $opts_file_FH "LDAP_AVAILABLE=\"true\"\n"; + } + if(defined(@{$msg_hash->{'error'}})) { + my $errormsg= @{$msg_hash->{'error'}}[0]; + print $opts_file_FH "GOSA_SI_ERROR=\"$errormsg\"\n"; + &write_to_file($errormsg, $fai_logpath); + } + close($opts_file_FH); + + return; +} -sub reinstall { - my ($msg, $msg_hash) = @_ ; - &main::daemon_log("got reinstall-msg: $msg", 5); +sub server_leaving { + my ($msg_hash) = @_ ; + my $source = @{$msg_hash->{'source'}}[0]; + my $header = @{$msg_hash->{'header'}}[0]; + + daemon_log("gosa-si-server $source is going down, cause registration procedure", 1); + $main::server_address = "none"; + $main::server_key = "none"; - return; + # reinitialization of default values in config file + &main::read_configfile; + + # registrated at new daemon + &main::register_at_server(); + + return; } -sub softupdate { - my ($msg, $msg_hash) = @_ ; - &main::daemon_log("got softupdate-msg: $msg", 5); +## @method new_syslog_config +# Update or add syslog messages forwarding to specified syslog server. +# @param msg - STRING - xml message with tag server +# @param msg_hash - HASHREF - message information parsed into a hash +sub new_syslog_config { + my ($msg, $msg_hash) = @_ ; - return; -} + # Sanity check of incoming message + if ((not exists $msg_hash->{'server'}) || (not @{$msg_hash->{'server'}} == 1) ) { + &main::daemon_log("ERROR: 'new_syslog_config'-message does not contain a syslog server: $msg", 1); + return; + } + # Fetch the new syslog server from incoming message + my $syslog_server = @{$msg_hash->{'server'}}[0]; + &main::daemon_log("INFO: found syslog server: ".join(", ", $syslog_server), 5); + my $found_server_flag = 0; + + # Sanity check of /etc/syslog.conf + if (not -f $syslog_file) { + &main::daemon_log("ERROR: file '$syslog_file' does not exist, cannot do syslog reconfiguration!", 1); + return; + } + + # Substitute existing server with new syslog server + open (FILE, "<$syslog_file"); + my @file = ; + close FILE; + my $syslog_server_line = "*.*\t@".$syslog_server."\n"; + foreach my $line (@file) { + if ($line =~ /^\*\.\*\s+@/) { + $line = $syslog_server_line; + $found_server_flag++; + } + } + + # Append new server if no old server configuration found + if (not $found_server_flag) { + push(@file, "\n#\n# syslog server configuration written by GOsa-si\n#\n"); + push(@file, $syslog_server_line); + } + + # Write changes to file and close it + open (FILE, "+>$syslog_file"); + print FILE join("", @file); + close FILE; + &main::daemon_log("INFO: Wrote new configuration file: $syslog_file", 5); -sub registered { - my ($msg, $msg_hash) = @_ ; + # Restart syslog deamon + my $res = qx(/etc/init.d/sysklogd restart); + &main::daemon_log("INFO: restart syslog daemon: $res", 5); - my $header = @{$msg_hash->{'header'}}[0]; - if( $header eq "registered" ) { - my $source = @{$msg_hash->{'source'}}[0]; - &main::daemon_log("registration at $source",1); - } + return; +} - # set globaly variable client_address - my $target = @{$msg_hash->{'target'}}[0]; - $main::client_address = $target; - # set registration_flag to true - my $out_hash = &create_xml_hash("registered", $main::client_address, $main::server_address); - my $out_msg = &create_xml_string($out_hash); - return $out_msg; +## @method new_ntp_config +# Updates the server options in /etc/chrony/chrony.conf and restarts the chrony service +# @param msg - STRING - xml message with tag server +# @param msg_hash - HASHREF - message information parsed into a hash +sub new_ntp_config { + my ($msg, $msg_hash) = @_ ; -} + # Sanity check of incoming message + if ((not exists $msg_hash->{'server'}) || (not @{$msg_hash->{'server'}} >= 1) ) { + &main::daemon_log("ERROR: 'new_ntp_config'-message does not contain a ntp server: $msg", 1); + return; + } + # Fetch the new ntp server from incoming message + my $ntp_servers = $msg_hash->{'server'}; + &main::daemon_log("INFO: found ntp server: ".join(", ", @$ntp_servers), 5); + my $ntp_servers_string = "server\t".join("\nserver\t", @$ntp_servers)."\n"; + my $found_server_flag = 0; -sub set_activated_for_installation { - my ($msg, $msg_hash) = @_ ; - my $header = @{$msg_hash->{'header'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $source = @{$msg_hash->{'source'}}[0]; + # Sanity check of /etc/chrony/chrony.conf + if (not -f $chrony_file) { + &main::daemon_log("ERROR: file '$chrony_file' does not exist, cannot do ntp reconfiguration!", 1); + return; + } - my $Datei = "/tmp/set_activated_for_installation"; - open(DATEI, ">$Datei"); - print DATEI "set_activated_for_installation\n"; - close DATEI; - - return; -} + # Substitute existing server with new ntp server + open (FILE, "<$chrony_file"); + my @file = ; + close FILE; + my @new_file; + foreach my $line (@file) { + if ($line =~ /^server\s+/) { + if ($found_server_flag) { + $line =~ s/^server\s+[\S]+\s+$//; + } else { + $line =~ s/^server\s+[\S]+\s+$/$ntp_servers_string/; + } + $found_server_flag++; + } + push(@new_file, $line); + } + # Append new server if no old server configuration found + if (not $found_server_flag) { + push(@new_file, "\n# ntp server configuration written by GOsa-si\n"); + push(@new_file, $ntp_servers_string); + } -sub server_leaving { - my ($msg_hash) = @_ ; - my $source = @{$msg_hash->{'source'}}[0]; - my $header = @{$msg_hash->{'header'}}[0]; - - daemon_log("gosa-si-server $source is going down, cause registration procedure", 1); - $main::server_address = "none"; - $main::server_key = "none"; - - # reinitialization of default values in config file - &main::read_configfile; - - # registrated at new daemon - &main::register_at_server(); - - return; + # Write changes to file and close it + open (FILE, ">$chrony_file"); + print FILE join("", @new_file); + close FILE; + &main::daemon_log("INFO: Wrote new configuration file: $chrony_file", 5); + + # Restart chrony deamon + my $res = qx(/etc/init.d/chrony force-reload); + &main::daemon_log("INFO: restart chrony daemon: $res", 5); + + return; } @@ -180,69 +291,68 @@ sub new_ldap_config { my $goto_secret; my $admin_base= ""; my $department= ""; + my $release= ""; my $unit_tag; # Transform input into array while ( my ($key, $value) = each(%$msg_hash) ) { if ($key =~ /^(source|target|header)$/) { - next; + next; } foreach $element (@$value) { - if ($key =~ /^ldap_uri$/) { - push (@ldap_uris, $element); - next; - } - if ($key =~ /^ldap_base$/) { - $ldap_base= $element; - next; - } - if ($key =~ /^goto_admin$/) { - $goto_admin= $element; - next; - } - if ($key =~ /^goto_secret$/) { - $goto_secret= $element; - next; - } - if ($key =~ /^ldap_cfg$/) { - push (@ldap_options, "$element"); - next; - } - if ($key =~ /^pam_cfg$/) { - push (@pam_options, "$element"); - next; - } - if ($key =~ /^nss_cfg$/) { - push (@nss_options, "$element"); - next; - } - if ($key =~ /^admin_base$/) { - $admin_base= $element; - next; - } - if ($key =~ /^department$/) { - $department= $element; - next; - } - if ($key =~ /^unit_tag$/) { - $unit_tag= $element; - next; - } + if ($key =~ /^ldap_uri$/) { + push (@ldap_uris, $element); + next; + } + if ($key =~ /^ldap_base$/) { + $ldap_base= $element; + next; + } + if ($key =~ /^goto_admin$/) { + $goto_admin= $element; + next; + } + if ($key =~ /^goto_secret$/) { + $goto_secret= $element; + next; + } + if ($key =~ /^ldap_cfg$/) { + push (@ldap_options, "$element"); + next; + } + if ($key =~ /^pam_cfg$/) { + push (@pam_options, "$element"); + next; + } + if ($key =~ /^nss_cfg$/) { + push (@nss_options, "$element"); + next; + } + if ($key =~ /^admin_base$/) { + $admin_base= $element; + next; + } + if ($key =~ /^department$/) { + $department= $element; + next; + } + if ($key =~ /^unit_tag$/) { + $unit_tag= $element; + next; + } + if ($key =~ /^release$/) { + $release= $element; + next; + } } } # Unit tagging enabled? if (defined $unit_tag){ - push (@pam_options, "pam_filter gosaUnitTag=$unit_tag"); - push (@nss_options, "nss_base_passwd $admin_base?sub?gosaUnitTag=$unit_tag"); - push (@nss_options, "nss_base_group $admin_base?sub?gosaUnitTag=$unit_tag"); - } - - # Sanity check - if(! ref($ldap_base) eq '') { - daemon_log("Received empty LDAP config. Don't write anything.", 1); - return; + push (@pam_options, "pam_filter gosaUnitTag=$unit_tag"); + push (@nss_options, "nss_base_passwd $admin_base?sub?gosaUnitTag=$unit_tag"); + push (@nss_options, "nss_base_group $admin_base?sub?gosaUnitTag=$unit_tag"); } # Setup ldap.conf @@ -259,9 +369,9 @@ sub new_ldap_config { print file1 "$element\n"; } close (file1); - daemon_log("wrote $ldap_config", 5); + daemon_log("INFO: Wrote $ldap_config", 5); - # Setup pam_ldap.conf / libnss_ldap.conf + # Setup pam_ldap.conf / libnss-ldap.conf open(file1, "> $pam_config"); open(file2, "> $nss_config"); print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n"; @@ -281,52 +391,104 @@ sub new_ldap_config { print file2 "$element\n"; } close (file2); - daemon_log("wrote $nss_config", 5); + daemon_log("INFO: Wrote $nss_config", 5); close (file1); - daemon_log("wrote $pam_config", 5); + daemon_log("INFO: Wrote $pam_config", 5); # Create goto.secrets if told so - for compatibility reasons if (defined $goto_admin){ open(file1, "> /etc/goto/secret"); - close(file1); - chown(0,0, "/etc/goto/secret"); - chmod(0600, "/etc/goto/secret"); + close(file1); + chown(0,0, "/etc/goto/secret"); + chmod(0600, "/etc/goto/secret"); open(file1, "> /etc/goto/secret"); - print file1 "GOTOADMIN=\"$goto_admin\"\nGOTOSECRET=\"$goto_secret\"\n"; - close(file1); - daemon_log("wrote /etc/goto/secret", 5); + print file1 "GOTOADMIN=\"$goto_admin\"\nGOTOSECRET=\"$goto_secret\"\n"; + close(file1); + daemon_log("INFO: Wrote /etc/goto/secret", 5); } - - # Write shell based config - my $cfg_name= dirname($ldap_config)."/ldap-shell.conf"; - open(file1, "> $cfg_name"); - print file1 "LDAP_BASE=\"$ldap_base\"\n"; - print file1 "ADMIN_BASE=\"$admin_base\"\n"; - print file1 "DEPARTMENT=\"$department\"\n"; - print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n"; - print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n"; - close(file1); - daemon_log("wrote $cfg_name", 5); + my $cfg_name= "/etc/ldap/ldap-shell.conf"; + + # Get first LDAP server + my $ldap_server= $ldap_uris[0]; + $ldap_server=~ s/^ldap:\/\/([^:]+).*$/$1/; + + open(file1, "> $cfg_name"); + print file1 "LDAP_BASE=\"$ldap_base\"\n"; + print file1 "LDAP_SERVER=\"$ldap_server\"\n"; + print file1 "LDAP_URIS=\"@ldap_uris\"\n"; + print file1 "ADMIN_BASE=\"$admin_base\"\n"; + print file1 "DEPARTMENT=\"$department\"\n"; + print file1 "RELEASE=\"$release\"\n"; + print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n"; + print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n"; + close(file1); + daemon_log("INFO: Wrote $cfg_name", 5); + + # Write offline config + if ($offline_enabled){ + $cfg_name= "/etc/ldap/ldap-offline.conf"; + + # Get first LDAP server + open(file1, "> $cfg_name"); + print file1 "LDAP_BASE=\"$ldap_base\"\n"; + print file1 "LDAP_SERVER=\"127.0.0.1\"\n"; + print file1 "LDAP_URIS=\"ldap://127.0.0.1\"\n"; + print file1 "ADMIN_BASE=\"$admin_base\"\n"; + print file1 "DEPARTMENT=\"$department\"\n"; + print file1 "RELEASE=\"$release\"\n"; + print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n"; + print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n"; + close(file1); + daemon_log("INFO: Wrote $cfg_name", 5); + } - return; + # Set permissions and ownership structure of + chown(0, 0, $cfg_name); + chmod(0644, $cfg_name); + + # Allow custom scripts to be executed + if (defined $ldap_config_exit_hook) { + system($ldap_config_exit_hook); + daemon_log("executed hook $ldap_config_exit_hook", 5); + } + return; } + sub new_key { - # my ($msg_hash) = @_ ; + # Create new key my $new_server_key = &main::create_passwd(); - my $out_hash = &create_xml_hash("new_key", $main::client_address, $main::server_address, $new_server_key); - my $out_msg = &create_xml_string($out_hash); - return $out_msg; + # Send new_key message to server + my $errSend = &main::send_msg_hash_to_target( + &main::create_xml_hash("new_key", $main::client_address, $main::server_address, $new_server_key), + $main::server_address, + $main::server_key, + ); + + # Set global key + if (not $errSend) { + $main::server_key = $new_server_key; + } + + return; } +sub confirm_new_key { + my ($msg, $msg_hash) = @_ ; + my $source = @{$msg_hash->{'source'}}[0]; + + &main::daemon_log("confirm new key from $source", 5); + return; + +} -sub detect_hardware { +sub detect_hardware { &write_to_file('goto-hardware-detection-start', $fai_logpath); @@ -438,11 +600,13 @@ sub detect_hardware { &write_to_file('goto-hardware-detection-stop', $fai_logpath); - return &main::send_msg_hash2address( + &main::send_msg_hash_to_target( &main::create_xml_hash("detected_hardware", $main::client_address, $main::server_address, $result), $main::server_address, $main::server_key, ); + + return; } @@ -451,13 +615,28 @@ sub ping { my $header = @{$msg_hash->{'header'}}[0]; my $source = @{$msg_hash->{'source'}}[0]; my $target = @{$msg_hash->{'target'}}[0]; - - # switch target and source and send msg back - my $out_hash = &main::create_xml_hash("got_ping", $target, $source); - my $out_msg = &main::create_xml_string($out_hash); + my $session_id = @{$msg_hash->{'session_id'}}[0]; + my $out_msg; + my $out_hash; + + # there is no session_id so send 'got_new_ping'-msg + if (not defined $session_id) { + $out_hash = &main::create_xml_hash("got_new_ping", $target, $source); + + # there is a session_id so send 'answer_$session_id'-msg because there is + # a process waiting for this message + } else { + $out_hash = &main::create_xml_hash("answer_$session_id", $target, $source); + &add_content2xml_hash($out_hash, "session_id", $session_id); + } + + my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; + if (defined $forward_to_gosa) { + &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); + } + $out_msg = &main::create_xml_string($out_hash); return $out_msg; } - 1;