X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fmodules%2FClientPackages.pm;h=f714cd46608c47190ce216a4742670e9586fe968;hb=6a2030fa85791f8f789fb3bf549d99dfba833860;hp=7ae02e44dd302cce9f0e2f91827f5822bf0be326;hpb=0134bd9690ce51481ab33eee3df1303008f7c32f;p=gosa.git diff --git a/gosa-si/modules/ClientPackages.pm b/gosa-si/modules/ClientPackages.pm index 7ae02e44d..f714cd466 100644 --- a/gosa-si/modules/ClientPackages.pm +++ b/gosa-si/modules/ClientPackages.pm @@ -1,12 +1,11 @@ package ClientPackages; -use Exporter; -@ISA = ("Exporter"); - # Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and receives the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it. use strict; use warnings; + +use Exporter; use GOSA::GosaSupportDaemon; use IO::Socket::INET; use XML::Simple; @@ -17,6 +16,8 @@ use Net::LDAP::Util; use Socket; use Net::hostent; +our @ISA = ("Exporter"); + my $event_dir = "/usr/lib/gosa-si/server/ClientPackages"; use lib "/usr/lib/gosa-si/server/ClientPackages"; @@ -24,10 +25,8 @@ BEGIN{} END {} my ($server_ip, $server_port, $ClientPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface); -#my ($bus_activ, $bus_key, $bus_ip, $bus_port); my $server; my $network_interface; -#my $no_bus; my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret); my $mesg; @@ -64,7 +63,7 @@ my ($error, $result, $event_hash) = &import_events($event_dir); foreach my $log_line (@$result) { if ($log_line =~ / succeed: /) { - &main::daemon_log("0 DEBUG: ClientPackages - $log_line", 7); + &main::daemon_log("0 INFO: ClientPackages - $log_line", 5); } else { &main::daemon_log("0 ERROR: ClientPackages - $log_line", 1); } @@ -147,12 +146,39 @@ if((not defined($main::gosa_unit_tag)) || length($main::gosa_unit_tag) == 0) { } else { &main::daemon_log("0 INFO: Using gosaUnitTag from config-file: $main::gosa_unit_tag",5); } + &main::release_ldap_handle($ldap_handle); } my $server_address = "$server_ip:$server_port"; $main::server_address = $server_address; +{ + # Check if ou=incoming exists + # TODO: This should be transferred to a module init-function + my $ldap_handle = &main::get_ldap_handle(); + if( defined($ldap_handle) ) { + &main::daemon_log("0 INFO: Searching for ou=incoming container for new clients", 5); + # Perform search + my $mesg = $ldap_handle->search( + base => $ldap_base, + scope => 'one', + filter => "(&(ou=incoming)(objectClass=organizationalUnit))" + ); + if(not defined($mesg->count) or $mesg->count == 0) { + my $incomingou = Net::LDAP::Entry->new(); + $incomingou->dn('ou=incoming,'.$ldap_base); + $incomingou->add('objectClass' => 'organizationalUnit'); + $incomingou->add('ou' => 'incoming'); + my $result = $incomingou->update($ldap_handle); + if($result->code != 0) { + &main::daemon_log("0 ERROR: Problem adding ou=incoming: '".$result->error()."'!", 1); + } + } + } + &main::release_ldap_handle($ldap_handle); +} + ### functions ################################################################# @@ -278,16 +304,14 @@ sub process_incoming_msg { # skip PREFIX $header =~ s/^CLMSG_//; - &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 7); + &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 26); if( 0 == length @target_l){ &main::daemon_log("$session_id ERROR: no target specified for msg $header", 1); $error++; - } - - if( 1 == length @target_l) { + } elsif( 1 == length @target_l) { my $target = $target_l[0]; - if(&server_matches($target)) { + if(&server_matches($target, $session_id)) { if ($header eq 'new_key') { @out_msg_l = &new_key($msg_hash) } elsif ($header eq 'here_i_am') { @@ -295,7 +319,7 @@ sub process_incoming_msg { } else { # a event exists with the header as name if( exists $event2module_hash->{$header} ) { - &main::daemon_log("$session_id INFO: found event '$header' at event-module '".$event2module_hash->{$header}."'", 5); + &main::daemon_log("$session_id DEBUG: found event '$header' at event-module '".$event2module_hash->{$header}."'", 26); no strict 'refs'; @out_msg_l = &{$event2module_hash->{$header}."::$header"}($msg, $msg_hash, $session_id); @@ -345,13 +369,8 @@ sub process_incoming_msg { &main::daemon_log("$session_id ERROR: client '$target' is not registered for event '$header', processing is aborted", 1); @out_msg_l = (); } - - - - - } - else { - &main::daemon_log("INFO: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 5); + } else { + &main::daemon_log("DEBUG: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 26); push(@out_msg_l, $msg); } } @@ -433,9 +452,9 @@ sub here_i_am { if ( defined($msg_hash->{'force-hostname'}[0]) && length($msg_hash->{'force-hostname'}[0]) > 0){ # $heap->{force-hostname}->{$mac_address}= $msg_hash->{'force-hostname'}[0]; - open (TFILE, ">/var/tmp/$mac_address"); - print TFILE $msg_hash->{'force-hostname'}[0]; - close (TFILE); + open (my $TFILE, ">", "/var/tmp/$mac_address"); + print $TFILE $msg_hash->{'force-hostname'}[0]; + close ($TFILE); } else { # $heap->{force-hostname}->{$mac_address}= undef; if ( -e "/var/tmp/$mac_address") { @@ -451,16 +470,16 @@ sub here_i_am { my $db_res= $main::known_clients_db->select_dbentry( $sql_statement ); if ( 1 == keys %{$db_res} ) { - &main::daemon_log("$session_id WARNING: $source is already known as a client", 1); - &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 1); + &main::daemon_log("$session_id WARNING: $source is already known as a client", 3); + &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 3); $nu_clients --; } # number of current active clients my $act_nu_clients = $nu_clients; - &main::daemon_log("$session_id INFO: number of current active clients: $act_nu_clients", 5); - &main::daemon_log("$session_id INFO: number of maximal allowed clients: $max_clients", 5); + &main::daemon_log("$session_id DEBUG: number of current active clients: $act_nu_clients", 26); + &main::daemon_log("$session_id DEBUG: number of maximal allowed clients: $max_clients", 26); if($max_clients <= $act_nu_clients) { my $out_hash = &create_xml_hash("denied", $server_address, $source); @@ -488,14 +507,13 @@ sub here_i_am { } ); if ($res != 0) { - &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res"); + &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res",1); return; } # return acknowledgement to client $out_hash = &create_xml_hash("registered", $server_address, $source); - # give the new client his ldap config # Workaround: Send within the registration response, if the client will get an ldap config later my $new_ldap_config_out = &new_ldap_config($source, $session_id); @@ -508,7 +526,7 @@ sub here_i_am { "SET status='error', result='$new_ldap_config_out' ". "WHERE status='processing' AND macaddress LIKE '$mac_address'"; my $res = $main::job_db->update_dbentry($sql_statement); - &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 7); + &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 26); } my $register_out = &create_xml_string($out_hash); push(@out_msg_l, $register_out); @@ -536,13 +554,45 @@ sub here_i_am { push(@out_msg_l, $syslog_config_out); } + # update ldap entry if exists + my $ldap_handle= &main::get_ldap_handle(); + my $ldap_res= $ldap_handle->search( + base => $ldap_base, + scope => 'sub', + #attrs => ['ipHostNumber'], + filter => "(&(objectClass=GOhard)(macAddress=$mac_address))"); + if($ldap_res->code) { + &main::daemon_log("$session_id ERROR: LDAP Entry for client with mac address $mac_address not found: ".$ldap_res->error, 1); + } elsif ($ldap_res->count != 1) { + &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not updating ldap entry". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: ipHostNumber". + "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1); + } else { + my $entry= $ldap_res->pop_entry(); + my $ip_address= $entry->get_value('ipHostNumber'); + my $source_ip= ($1) if $source =~ /^([0-9\.]*?):[0-9]*$/; + if(not defined($ip_address) and defined($source_ip)) { + $entry->add( 'ipHostNumber' => $source_ip ); + my $mesg= $entry->update($ldap_handle); + $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1); + } elsif(defined($source_ip) and not ($source_ip eq $ip_address)) { + $entry->replace( 'ipHostNumber' => $source_ip ); + my $mesg= $entry->update($ldap_handle); + $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1); + } elsif (not defined($source_ip)) { + &main::daemon_log("ERROR: Could not parse source value '$source' perhaps not an ip address?", 1); + } + } + &main::release_ldap_handle($ldap_handle); + # notify registered client to all other server my %mydata = ( 'client' => $source, 'macaddress' => $mac_address); my $mymsg = &build_msg('new_foreign_client', $main::server_address, "KNOWN_SERVER", \%mydata); push(@out_msg_l, $mymsg); - &main::daemon_log("$session_id INFO: register client $source ($mac_address)", 5); - &main::daemon_log("$session_id INFO: client version: $client_status - $client_revision", 5); + &main::daemon_log("$session_id INFO: register client $source ($mac_address), $client_status - $client_revision", 5); return @out_msg_l; } @@ -560,7 +610,7 @@ sub who_has { # what is your search pattern my $search_pattern = @{$msg_hash->{who_has}}[0]; my $search_element = @{$msg_hash->{$search_pattern}}[0]; - &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7); + #&main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7); # scanning known_clients for search_pattern my @host_addresses = keys %$main::known_clients; @@ -599,13 +649,7 @@ sub who_has_i_do { sub new_syslog_config { my ($mac_address, $session_id) = @_; my $syslog_msg; - - # Build LDAP connection - my $ldap_handle = &main::get_ldap_handle($session_id); - if( not defined $ldap_handle ) { - &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } + my $ldap_handle=&main::get_ldap_handle(); # Perform search my $ldap_res = $ldap_handle->search( base => $ldap_base, @@ -613,7 +657,8 @@ sub new_syslog_config { attrs => ['gotoSyslogServer'], filter => "(&(objectClass=GOhard)(macaddress=$mac_address))"); if($ldap_res->code) { - &main::daemon_log("$session_id ".$ldap_res->error, 1); + &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -624,6 +669,7 @@ sub new_syslog_config { "\n\tscope: sub". "\n\tattrs: gotoSyslogServer". "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -637,9 +683,10 @@ sub new_syslog_config { my $ldap_res = $ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['gotoSyslogServer'], - filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))"); + filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))"); if($ldap_res->code) { - &main::daemon_log("$session_id ".$ldap_res->error, 1); + &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -649,7 +696,8 @@ sub new_syslog_config { "\n\tbase: $ldap_base". "\n\tscope: sub". "\n\tattrs: gotoSyslogServer". - "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -660,6 +708,7 @@ sub new_syslog_config { # Return if no syslog server specified if (not defined $syslog_server) { &main::daemon_log("$session_id WARNING: no syslog server specified for this host '$mac_address'", 3); + &main::release_ldap_handle($ldap_handle); return; } @@ -668,6 +717,7 @@ sub new_syslog_config { my $syslog_msg_hash = &create_xml_hash("new_syslog_config", $server_address, $mac_address); &add_content2xml_hash($syslog_msg_hash, "server", $syslog_server); + &main::release_ldap_handle($ldap_handle); return &create_xml_string($syslog_msg_hash); } @@ -675,13 +725,7 @@ sub new_syslog_config { sub new_ntp_config { my ($address, $session_id) = @_; my $ntp_msg; - - # Build LDAP connection - my $ldap_handle = &main::get_ldap_handle($session_id); - if( not defined $ldap_handle ) { - &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } + my $ldap_handle=&main::get_ldap_handle(); # Perform search my $ldap_res = $ldap_handle->search( base => $ldap_base, @@ -689,7 +733,8 @@ sub new_ntp_config { attrs => ['gotoNtpServer'], filter => "(&(objectClass=GOhard)(macaddress=$address))"); if($ldap_res->code) { - &main::daemon_log("$session_id ".$ldap_res->error, 1); + &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -700,6 +745,7 @@ sub new_ntp_config { "\n\tscope: sub". "\n\tattrs: gotoNtpServer". "\n\tfilter: (&(objectClass=GOhard)(macaddress=$address))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -713,9 +759,10 @@ sub new_ntp_config { my $ldap_res = $ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['gotoNtpServer'], - filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))"); + filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))"); if($ldap_res->code) { - &main::daemon_log("$session_id ".$ldap_res->error, 1); + &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -725,7 +772,8 @@ sub new_ntp_config { "\n\tbase: $ldap_base". "\n\tscope: sub". "\n\tattrs: gotoNtpServer". - "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -736,6 +784,7 @@ sub new_ntp_config { # Return if no ntp server specified if ((not @ntp_servers) || (@ntp_servers == 0)) { &main::daemon_log("$session_id WARNING: no ntp server specified for this host '$address'", 3); + &main::release_ldap_handle($ldap_handle); return; } @@ -745,6 +794,7 @@ sub new_ntp_config { &add_content2xml_hash($ntp_msg_hash, "server", $ntp_server); } + &main::release_ldap_handle($ldap_handle); return &create_xml_string($ntp_msg_hash); } @@ -764,32 +814,28 @@ sub new_ldap_config { # check hit my $hit_counter = keys %{$res}; if( not $hit_counter == 1 ) { - &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query '$sql_statement'", 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: more or no hit found in known_clients_db by query '$sql_statement'", 1); + return; } $address = $res->{1}->{hostname}; my $macaddress = $res->{1}->{macaddress}; my $hostkey = $res->{1}->{hostkey}; - + if (not defined $macaddress) { - &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: no mac address found for client $address", 1); return; } - # Build LDAP connection - my $ldap_handle = &main::get_ldap_handle($session_id); - if( not defined $ldap_handle ) { - &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } - # Perform search + my $ldap_handle=&main::get_ldap_handle(); $mesg = $ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag', 'FAIclass'], filter => "(&(objectClass=GOhard)(macaddress=$macaddress))"); if($mesg->code) { - &main::daemon_log("$session_id ".$mesg->error, 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -800,6 +846,7 @@ sub new_ldap_config { "\n\tscope: sub". "\n\tattrs: dn, gotoLdapServer". "\n\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -824,19 +871,21 @@ sub new_ldap_config { $mesg = $ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['dn', 'gotoLdapServer', 'FAIclass'], - filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))"); + filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))"); if($mesg->code) { - &main::daemon_log("$session_id ERROR: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1); + &main::release_ldap_handle($ldap_handle); return; } # Sanity check if ($mesg->count != 1) { - &main::daemon_log("$session_id ERROR: client with mac address $macaddress not found/unique/active - not sending ldap config". + &main::daemon_log("$session_id ERROR: new_ldap_config: client with mac address $macaddress not found/unique/active - not sending ldap config". "\n\tbase: $ldap_base". "\n\tscope: sub". "\n\tattrs: dn, gotoLdapServer, FAIclass". - "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -898,13 +947,15 @@ sub new_ldap_config { filter => "(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$unit_tag))"); #$mesg->code && die $mesg->error; if($mesg->code) { - &main::daemon_log($mesg->error, 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1); + &main::release_ldap_handle($ldap_handle); return "error-unit-tag-count-0"; } # Sanity check if ($mesg->count != 1) { - &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 1); + &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 3); + &main::release_ldap_handle($ldap_handle); return "error-unit-tag-count-".$mesg->count; } @@ -915,6 +966,7 @@ sub new_ldap_config { # Append unit Tag $data{'unit_tag'}= $unit_tag; } + &main::release_ldap_handle($ldap_handle); # Send information return &build_msg("new_ldap_config", $server_address, $address, \%data); @@ -939,24 +991,18 @@ sub hardware_config { # check hit my $hit_counter = keys %{$res}; if( not $hit_counter == 1 ) { - &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query by '$address'", 1); + &main::daemon_log("$session_id ERROR: hardware_config: more or no hit found in known_clients_db by query by '$address'", 1); } my $macaddress = $res->{1}->{macaddress}; my $hostkey = $res->{1}->{hostkey}; if (not defined $macaddress) { - &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1); + &main::daemon_log("$session_id ERROR: hardware_config: no mac address found for client $address", 1); return; } - # Build LDAP connection - my $ldap_handle = &main::get_ldap_handle($session_id); - if( not defined $ldap_handle ) { - &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } - # Perform search + my $ldap_handle=&main::get_ldap_handle(); $mesg = $ldap_handle->search( base => $ldap_base, scope => 'sub', @@ -964,7 +1010,7 @@ sub hardware_config { ); if($mesg->count() == 0) { - &main::daemon_log("Host was not found in LDAP!", 1); + &main::daemon_log("$session_id INFO: Host was not found in LDAP!", 5); # set status = hardware_detection at jobqueue if entry exists # TODO @@ -989,13 +1035,14 @@ sub hardware_config { } else { my $entry= $mesg->entry(0); if (defined($entry->get_value("gotoHardwareChecksum"))) { - if (! $entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum) { + if (! ($entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum)) { $entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum); if($entry->update($ldap_handle)) { &main::daemon_log("$session_id INFO: Hardware changed! Detection triggered.", 5); } } else { # Nothing to do + &main::release_ldap_handle($ldap_handle); return; } } @@ -1010,12 +1057,14 @@ sub hardware_config { $data{'goto_secret'}= $goto_secret; } + &main::release_ldap_handle($ldap_handle); + # Send information return &build_msg("detect_hardware", $server_address, $address, \%data); } sub server_matches { - my $target = shift; + my ($target, $session_id) = @_ ; my $target_ip = ($1) if $target =~ /^([0-9\.]*?):.*$/; if(!defined($target_ip) or length($target_ip) == 0) { return; @@ -1033,12 +1082,12 @@ sub server_matches { } else { my $PROC_NET_ROUTE= ('/proc/net/route'); - open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE") + open(my $FD_PROC_NET_ROUTE, "<", "$PROC_NET_ROUTE") or die "Could not open $PROC_NET_ROUTE"; - my @ifs = ; + my @ifs = <$FD_PROC_NET_ROUTE>; - close(PROC_NET_ROUTE); + close($FD_PROC_NET_ROUTE); # Eat header line shift @ifs; @@ -1059,7 +1108,7 @@ sub server_matches { } } } else { - &main::daemon_log("Target ip $target_ip does not match Server ip $server_ip",1); + &main::daemon_log("$session_id INFO: Target ip $target_ip does not match Server ip $server_ip",5); } return $result;