X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=9d0f7ad9935303f3d141d8cb1486d9942fe25890;hb=8b3cd612afa2c4040e2073736c4fd51d873545a0;hp=48260797f45aea8e6fc8e6c5e9a6bfe24ee37791;hpb=b8f58e9277ed8d3aa94f6c870b8f6ffabd580708;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 48260797f..9d0f7ad99 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -88,6 +88,7 @@ our (%cfg_defaults, $log_file, $pid_file, $foreign_server_string, $server_domain, $ServerPackages_key, $foreign_servers_register_delay, $wake_on_lan_passwd, $job_synchronization, $modified_jobs_loop_delay, $arp_enabled, $arp_interface, + $opsi_enabled, $opsi_server, $opsi_admin, $opsi_password, ); # additional variable which should be globaly accessable @@ -100,12 +101,6 @@ our $forground; our $cfg_file; our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn); -# dak variables -our $dak_base_directory; -our $dak_signing_keys_directory; -our $dak_queue_directory; -our $dak_user; - # specifies the verbosity of the daemon_log $verbose = 0 ; @@ -210,6 +205,13 @@ my @msgs_to_decrypt = qw(); my $max_children = 2; +# loop delay for job queue to look for opsi jobs +my $job_queue_opsi_delay = 10; +our $opsi_client; +our $opsi_url; + + + %cfg_defaults = ( "general" => { "log-file" => [\$log_file, "/var/run/".$prg.".log"], @@ -242,10 +244,6 @@ my $max_children = 2; "job-queue-loop-delay" => [\$job_queue_loop_delay, 3], "messaging-db-loop-delay" => [\$messaging_db_loop_delay, 3], "key" => [\$GosaPackages_key, "none"], - "dak-base" => [\$dak_base_directory, "/srv/archive"], - "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"], - "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"], - "dak-user" => [\$dak_user, "deb-dak"], }, "ClientPackages" => { "key" => [\$ClientPackages_key, "none"], @@ -262,6 +260,12 @@ my $max_children = 2; "enabled" => [\$arp_enabled, "true"], "interface" => [\$arp_interface, "all"], }, +"Opsi" => { + "enabled" => [\$opsi_enabled, "false"], + "server" => [\$opsi_server, "localhost"], + "admin" => [\$opsi_admin, "opsi-admin"], + "password" => [\$opsi_password, "secret"], + }, ); @@ -287,32 +291,6 @@ EOF } -#=== FUNCTION ================================================================ -# NAME: read_configfile -# PARAMETERS: cfg_file - string - -# RETURNS: nothing -# DESCRIPTION: read cfg_file and set variables -#=============================================================================== -sub read_configfile { - my $cfg; - if( defined( $cfg_file) && ( (-s $cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - print STDERR "Couldn't read config file!\n"; - } - } else { - $cfg = Config::IniFiles->new() ; - } - foreach my $section (keys %cfg_defaults) { - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } -} - - #=== FUNCTION ================================================================ # NAME: logging # PARAMETERS: level - string - default 'info' @@ -334,7 +312,7 @@ sub daemon_log { return } chomp($msg); - $msg =~s/\n//g; # no newlines are allowed in log messages, this is important for later log parsing + #$msg =~s/\n//g; # no newlines are allowed in log messages, this is important for later log parsing if($level <= $verbose){ my ($seconds, $minutes, $hours, $monthday, $month, $year, $weekday, $yearday, $sommertime) = localtime(time); @@ -473,6 +451,7 @@ sub import_modules { } } } + close (DIR); } @@ -562,7 +541,7 @@ sub check_key_and_xml_validity { } }; if($@) { - daemon_log("$session_id DEBUG: do not understand the message: $@", 7); + daemon_log("$session_id ERROR: do not understand the message: $@", 1); $msg = undef; $msg_hash = undef; } @@ -625,7 +604,7 @@ sub check_outgoing_xml_validity { } }; if($@) { - daemon_log("$session_id ERROR: outgoing msg is not gosa-si envelope conform: ", 1); + daemon_log("$session_id ERROR: outgoing msg is not gosa-si envelope conform: $@", 1); daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 1); $msg_hash = undef; } @@ -890,7 +869,7 @@ sub get_local_ip_for_remote_ip { } } } else { - daemon_log("get_local_ip_for_remote_ip was called with a non-ip parameter: $remote_ip", 1); + daemon_log("0 WARNING: get_local_ip_for_remote_ip() was called with a non-ip parameter: '$remote_ip'", 1); } return $result; } @@ -1112,6 +1091,11 @@ sub msg_to_decrypt { my $hostname = $res->{1}->{'hostname'}; $msg =~ s/$target<\/target>/$hostname<\/target>/; #print STDERR "target is a client address in known_clients -> process here\n"; + my $local_address = &get_local_ip_for_remote_ip($target_ip).":$server_port"; + if ($source eq "GOSA") { + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; + } + } else { $not_found_in_known_clients_db = 1; } @@ -1165,6 +1149,7 @@ sub msg_to_decrypt { if(exists $heap->{'client'}) { $msg = &encrypt_msg($msg, $GosaPackages_key); $heap->{'client'}->put($msg); + &daemon_log("$session_id INFO: incoming '$header' message forwarded to GOsa", 5); } $done = 1; #print STDERR "target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa\n"; @@ -1412,9 +1397,9 @@ sub process_task { &update_jobdb_status_for_send_msgs($answer, $error); } - # target of msg is a mac address + # Target of msg is a mac address elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) { - daemon_log("$session_id INFO: target is mac address '$answer_target', looking for host in known_clients", 5); + daemon_log("$session_id INFO: target is mac address '$answer_target', looking for host in known_clients and foreign_clients", 5); my $sql_statement = "SELECT * FROM known_clients WHERE macaddress LIKE '$answer_target'"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); my $found_ip_flag = 0; @@ -1427,11 +1412,40 @@ sub process_task { &update_jobdb_status_for_send_msgs($answer, $error); $found_ip_flag++ ; } + if ($found_ip_flag == 0) { + my $sql = "SELECT * FROM $foreign_clients_tn WHERE macaddress LIKE '$answer_target'"; + my $res = $foreign_clients_db->select_dbentry($sql); + while( my ($hit_num, $hit) = each %{ $res } ) { + my $host_name = $hit->{hostname}; + my $reg_server = $hit->{regserver}; + daemon_log("$session_id INFO: found host '$host_name' with mac '$answer_target', registered at '$reg_server'", 5); + + # Fetch key for reg_server + my $reg_server_key; + my $sql = "SELECT * FROM $known_server_tn WHERE hostname='$reg_server'"; + my $res = $known_server_db->select_dbentry($sql); + if (exists $res->{1}) { + $reg_server_key = $res->{1}->{'hostkey'}; + } else { + daemon_log("$session_id ERROR: cannot find hostkey for '$host_name' in '$known_server_tn'", 1); + daemon_log("$session_id ERROR: unable to forward answer to correct registration server, processing is aborted!", 1); + $reg_server_key = undef; + } + + # Send answer to server where client is registered + if (defined $reg_server_key) { + $answer =~ s/$answer_target/$host_name/g; + my $error = &send_msg_to_target($answer, $reg_server, $reg_server_key, $answer_header, $session_id); + &update_jobdb_status_for_send_msgs($answer, $error); + $found_ip_flag++ ; + } + } + } if( $found_ip_flag == 0) { daemon_log("$session_id WARNING: no host found in known_clients with mac address '$answer_target'", 3); } - # answer is for one specific host + # Answer is for one specific host } else { # get encrypt_key my $encrypt_key = &get_encrypt_key($answer_target); @@ -1476,6 +1490,10 @@ sub session_start { $kernel->delay_set('watch_for_done_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_old_known_clients', $job_queue_loop_delay); + # Start opsi check + if ($opsi_enabled eq "true") { + $kernel->delay_set('watch_for_opsi_jobs', $job_queue_opsi_delay); + } } @@ -1497,8 +1515,110 @@ sub watch_for_done_jobs { } -# if a job got an update or was modified anyway, send to all other si-server an update message -# of this jobs +sub watch_for_opsi_jobs { + my ($kernel) = $_[KERNEL]; + + # This is not very nice to look for opsi install jobs, but headertag has to be trigger_action_reinstall. The only way to identify a + # opsi install job is to parse the xml message. There is still the correct header. + my $sql_statement = "SELECT * FROM ".$job_queue_tn." WHERE ((xmlmessage LIKE '%opsi_install_client%') AND (status='processing') AND (siserver='localhost'))"; + my $res = $job_db->select_dbentry( $sql_statement ); + + # Ask OPSI for an update of the running jobs + while (my ($id, $hit) = each %$res ) { + # Determine current parameters of the job + my $hostId = $hit->{'plainname'}; + my $macaddress = $hit->{'macaddress'}; + my $progress = $hit->{'progress'}; + + my $result= {}; + + # For hosts, only return the products that are or get installed + my $callobj; + $callobj = { + method => 'getProductStates_hash', + params => [ $hostId ], + id => 1, + }; + + my $hres = $opsi_client->call($opsi_url, $callobj); + #my ($hres_err, $hres_err_string) = &check_opsi_res($hres); + if (not &check_opsi_res($hres)) { + my $htmp= $hres->result->{$hostId}; + + # Check state != not_installed or action == setup -> load and add + my $products= 0; + my $installed= 0; + my $installing = 0; + my $error= 0; + my @installed_list; + my @error_list; + my $act_status = "none"; + foreach my $product (@{$htmp}){ + + if ($product->{'installationStatus'} ne "not_installed" or + $product->{'actionRequest'} eq "setup"){ + + # Increase number of products for this host + $products++; + + if ($product->{'installationStatus'} eq "failed"){ + $result->{$product->{'productId'}}= "error"; + unshift(@error_list, $product->{'productId'}); + $error++; + } + if ($product->{'installationStatus'} eq "installed" && $product->{'actionRequest'} eq "none"){ + $result->{$product->{'productId'}}= "installed"; + unshift(@installed_list, $product->{'productId'}); + $installed++; + } + if ($product->{'installationStatus'} eq "installing"){ + $result->{$product->{'productId'}}= "installing"; + $installing++; + $act_status = "installing - ".$product->{'productId'}; + } + } + } + + # Estimate "rough" progress, avoid division by zero + if ($products == 0) { + $result->{'progress'}= 0; + } else { + $result->{'progress'}= int($installed * 100 / $products); + } + + # Set updates in job queue + if ((not $error) && (not $installing) && ($installed)) { + $act_status = "installed - ".join(", ", @installed_list); + } + if ($error) { + $act_status = "error - ".join(", ", @error_list); + } + if ($progress ne $result->{'progress'} ) { + # Updating progress and result + my $update_statement = "UPDATE $job_queue_tn SET modified='1', progress='".$result->{'progress'}."', result='$act_status' WHERE macaddress='$macaddress' AND siserver='localhost'"; + my $update_res = $job_db->update_dbentry($update_statement); + } + if ($progress eq 100) { + # Updateing status + my $done_statement = "UPDATE $job_queue_tn SET modified='1', "; + if ($error) { + $done_statement .= "status='error'"; + } else { + $done_statement .= "status='done'"; + } + $done_statement .= " WHERE macaddress='$macaddress' AND siserver='localhost'"; + my $done_res = $job_db->update_dbentry($done_statement); + } + + + } + } + + $kernel->delay_set('watch_for_opsi_jobs', $job_queue_opsi_delay); +} + + +# If a job got an update or was modified anyway, send to all other si-server an update message of this jobs. sub watch_for_modified_jobs { my ($kernel,$heap) = @_[KERNEL, HEAP]; @@ -1621,7 +1741,6 @@ sub watch_for_new_jobs { } - sub watch_for_new_messages { my ($kernel,$heap) = @_[KERNEL, HEAP]; my @coll_user_msg; # collection list of outgoing messages @@ -1816,7 +1935,7 @@ sub watch_for_old_known_clients { ); $dt->add( seconds => 2 * int($hit->{'keylifetime'}) ); - $expired_timestamp = $dt->ymd('').$dt->hms('')."\n"; + $expired_timestamp = $dt->ymd('').$dt->hms(''); if ($act_time > $expired_timestamp) { my $hostname = $hit->{'hostname'}; my $del_sql = "DELETE FROM $known_clients_tn WHERE hostname='$hostname'"; @@ -2561,6 +2680,7 @@ sub create_packages_list_db { close (CONFIG); + find(\&cleanup_and_extract, keys( %repo_dirs )); &main::strip_packages_list_statements(); unshift @packages_list_statements, "VACUUM"; @@ -2809,7 +2929,7 @@ sub cleanup_and_extract { if( -f "$dir/DEBIAN/templates" ) { - daemon_log("DEBUG: Found debconf templates in '$package' - $newver", 5); + daemon_log("DEBUG: Found debconf templates in '$package' - $newver", 7); my $tmpl= ""; { @@ -2877,7 +2997,7 @@ GetOptions("h|help" => \&usage, # read and set config parameters &check_cmdline_param ; -&read_configfile; +&read_configfile($cfg_file, %cfg_defaults); &check_pid; $SIG{CHLD} = 'IGNORE'; @@ -2994,9 +3114,9 @@ if ( !$server_domain) { # Try our DNS Searchlist for my $domain(get_dns_domains()) { chomp($domain); - my @tmp_domains= &get_server_addresses($domain); - if(@tmp_domains) { - for my $tmp_server(@tmp_domains) { + my ($tmp_domains, $error_string) = &get_server_addresses($domain); + if(@$tmp_domains) { + for my $tmp_server(@$tmp_domains) { push @tmp_servers, $tmp_server; } } @@ -3036,11 +3156,20 @@ foreach my $foreign_server (@foreign_server_list) { } -# import all modules +# Import all modules &import_modules; -# check wether all modules are gosa-si valid passwd check + +# Check wether all modules are gosa-si valid passwd check &password_check; +# Prepare for using Opsi +if ($opsi_enabled eq "true") { + use JSON::RPC::Client; + use XML::Quote qw(:all); + $opsi_url= "https://".$opsi_admin.":".$opsi_password."@".$opsi_server.":4447/rpc"; + $opsi_client = new JSON::RPC::Client; +} + POE::Component::Server::TCP->new( Alias => "TCP_SERVER", @@ -3080,6 +3209,7 @@ POE::Session->create( watch_for_new_jobs => \&watch_for_new_jobs, watch_for_modified_jobs => \&watch_for_modified_jobs, watch_for_done_jobs => \&watch_for_done_jobs, + watch_for_opsi_jobs => \&watch_for_opsi_jobs, watch_for_old_known_clients => \&watch_for_old_known_clients, create_packages_list_db => \&run_create_packages_list_db, create_fai_server_db => \&run_create_fai_server_db,