void check_krb(void)
{
int i;
for (i = 0; file_exists(STOP_FILE); i++)
{
if (i > 30)
{
critical_alert(whoami, "incremental",
"AFS incremental failed (%s exists): %s",
STOP_FILE, tbl_buf);
exit(1);
}
sleep(60);
}
}
void db_error(int code)
{
extern char *whoami;
char buf[256];
size_t bufsize = 256, len = 0;
if (code == -1013)
{
com_err(whoami, 0, "build cancelled by user");
exit(MR_ABORT);
}
com_err(whoami, MR_DBMS_ERR, " code %d\n", code);
sqlglm(buf, &bufsize, &len);
buf[len] = 0;
com_err(whoami, 0, "SQL error text = %s", buf);
critical_alert(whoami, "DCM", "%s build encountered DATABASE ERROR %d\n%s",
whoami, code, buf);
exit(MR_DBMS_ERR);
}
int main(int argc, char **argv)
{
int status, i, listener;
time_t tardy;
char *port, *p;
extern char *database;
struct stat stbuf;
struct utsname uts;
fd_set readfds, writefds, xreadfds, xwritefds;
int nfds, counter = 0;
whoami = argv[0];
/*
* Error handler init.
*/
mr_init();
set_com_err_hook(mr_com_err);
setvbuf(stderr, NULL, _IOLBF, BUFSIZ);
port = strchr(MOIRA_SERVER, ':') + 1;
for (i = 1; i < argc; i++)
{
if (!strcmp(argv[i], "-db") && i + 1 < argc)
{
database = argv[i + 1];
i++;
}
else if (!strcmp(argv[i], "-p") && i + 1 < argc)
{
port = argv[i + 1];
i++;
}
else
{
com_err(whoami, 0, "Usage: moirad [-db database][-p port]");
exit(1);
}
}
status = krb5_init_context(&context);
if (status)
{
com_err(whoami, status, "Initializing krb5 context.");
exit(1);
}
status = krb5_get_default_realm(context, &krb_realm);
if (status)
{
com_err(whoami, status, "Getting default Kerberos realm.");
exit(1);
}
/*
* Database initialization. Only init if database should be open.
*/
if (stat(MOIRA_MOTD_FILE, &stbuf) != 0)
{
if ((status = mr_open_database()))
{
com_err(whoami, status, "trying to open database.");
exit(1);
}
sanity_check_database();
}
else
{
dormant = ASLEEP;
com_err(whoami, 0, "sleeping, not opening database");
}
sanity_check_queries();
/*
* Get moira server hostname for authentication
*/
if (uname(&uts) < 0)
{
com_err(whoami, errno, "Unable to get local hostname");
exit(1);
}
host = canonicalize_hostname(xstrdup(uts.nodename));
for (p = host; *p && *p != '.'; p++)
{
if (isupper(*p))
*p = tolower(*p);
}
*p = '\0';
/*
* Set up client array handler.
*/
nclients = 0;
clientssize = 10;
clients = xmalloc(clientssize * sizeof(client *));
mr_setup_signals();
journal = fopen(JOURNAL, "a");
if (!journal)
{
com_err(whoami, errno, "opening journal file");
exit(1);
}
/*
* Establish template connection.
*/
listener = mr_listen(port);
if (listener == -1)
{
com_err(whoami, MR_ABORTED, "trying to create listening connection");
exit(1);
}
FD_ZERO(&xreadfds);
FD_ZERO(&xwritefds);
FD_SET(listener, &xreadfds);
nfds = listener + 1;
com_err(whoami, 0, "started (pid %d)", getpid());
com_err(whoami, 0, rcsid);
if (dormant != ASLEEP)
send_zgram("MOIRA", "server started");
else
send_zgram("MOIRA", "server started, but database closed");
/*
* Run until shut down.
*/
while (!takedown)
{
int i;
struct timeval timeout = {60, 0}; /* 1 minute */
/* If we're supposed to go down and we can, do it */
if (((dormant == AWAKE) && (nclients == 0) &&
(stat(MOIRA_MOTD_FILE, &stbuf) == 0)) ||
(dormant == SLEEPY))
{
mr_close_database();
com_err(whoami, 0, "database closed");
mr_setup_signals();
send_zgram("MOIRA", "database closed");
dormant = ASLEEP;
}
/* Block until something happens. */
memcpy(&readfds, &xreadfds, sizeof(readfds));
memcpy(&writefds, &xwritefds, sizeof(writefds));
if (select(nfds, &readfds, &writefds, NULL, &timeout) == -1)
{
if (errno != EINTR)
com_err(whoami, errno, "in select");
continue;
}
if (takedown)
break;
if (child_exited_abnormally)
{
critical_alert(whoami, "moirad", "%d: child exits with signal %d status %d",
child_pid, child_signal, child_status);
child_exited_abnormally = 0;
}
time(&now);
tardy = now - 30 * 60;
/* If we're asleep and we should wake up, do it */
if ((dormant == ASLEEP) && (stat(MOIRA_MOTD_FILE, &stbuf) == -1) &&
(errno == ENOENT))
{
mr_open_database();
com_err(whoami, 0, "database open");
mr_setup_signals();
send_zgram("MOIRA", "database open again");
dormant = AWAKE;
}
/* Handle any new connections */
if (FD_ISSET(listener, &readfds))
{
int newconn, addrlen = sizeof(struct sockaddr_in);
struct sockaddr_in addr;
client *cp;
newconn = accept(listener, (struct sockaddr *)&addr, &addrlen);
if (newconn == -1)
com_err(whoami, errno, "accepting new connection");
else if (newconn > 0)
{
if (newconn + 1 > nfds)
nfds = newconn + 1;
FD_SET(newconn, &xreadfds);
/* Add a new client to the array */
nclients++;
if (nclients > clientssize)
{
clientssize = 2 * clientssize;
clients = xrealloc(clients, clientssize * sizeof(client *));
}
clients[nclients - 1] = cp = xmalloc(sizeof(client));
memset(cp, 0, sizeof(client));
cp->con = newconn;
cp->id = counter++;
cp->last_time_used = now;
cp->haddr = addr;
cp->tuplessize = 1;
cp->tuples = xmalloc(sizeof(mr_params));
memset(cp->tuples, 0, sizeof(mr_params));
cp->state = CL_ACCEPTING;
cp->version = 2;
cur_client = cp;
com_err(whoami, 0,
"New connection from %s port %d (now %d client%s)",
inet_ntoa(cp->haddr.sin_addr),
(int)ntohs(cp->haddr.sin_port),
nclients, nclients != 1 ? "s" : "");
}
}
/* Handle any existing connections. */
for (i = 0; i < nclients; i++)
{
cur_client = clients[i];
if (FD_ISSET(clients[i]->con, &writefds))
{
client_write(clients[i]);
if (!clients[i]->ntuples)
{
FD_CLR(clients[i]->con, &xwritefds);
FD_SET(clients[i]->con, &xreadfds);
}
clients[i]->last_time_used = now;
}
if (FD_ISSET(clients[i]->con, &readfds))
{
if (clients[i]->state == CL_ACCEPTING)
{
switch(mr_cont_accept(clients[i]->con,
&clients[i]->hsbuf,
&clients[i]->hslen))
{
case -1:
break;
case 0:
clients[i]->state = CL_CLOSING;
break;
default:
clients[i]->state = CL_ACTIVE;
clients[i]->hsbuf = NULL;
break;
}
}
else
{
client_read(clients[i]);
if (clients[i]->ntuples)
{
FD_CLR(clients[i]->con, &xreadfds);
FD_SET(clients[i]->con, &xwritefds);
}
clients[i]->last_time_used = now;
}
}
if (clients[i]->last_time_used < tardy)
{
com_err(whoami, 0, "Shutting down connection due to inactivity");
clients[i]->state = CL_CLOSING;
}
if (clients[i]->state == CL_CLOSING)
{
client *old;
com_err(whoami, 0, "Closed connection (now %d client%s, "
"%d queries)", nclients - 1, nclients != 2 ? "s" : "",
newqueries);
shutdown(clients[i]->con, 2);
close(clients[i]->con);
FD_CLR(clients[i]->con, &xreadfds);
FD_CLR(clients[i]->con, &xwritefds);
free_rtn_tuples(clients[i]);
free(clients[i]->tuples);
if (clients[i]->hsbuf)
free(clients[i]->hsbuf);
old = clients[i];
clients[i] = clients[--nclients];
free(old);
}
cur_client = NULL;
if (takedown)
break;
}
}
com_err(whoami, 0, "%s", takedown);
if (dormant != ASLEEP)
mr_close_database();
send_zgram("MOIRA", takedown);
return 0;
}
int main(int argc, char **argv)
{
int beforec, afterc, i, astate = 0, bstate = 0, activate;
char *table, **before, **after;
long status;
whoami = ((whoami = strrchr(argv[0], '/')) ? whoami+1 : argv[0]);
if (argc < 4)
{
com_err(whoami, 0, "Unable to process %s", "argc < 4");
exit(1);
}
if (argc < (4 + atoi(argv[2]) + atoi(argv[3])))
{
com_err(whoami, 0, "Unable to process %s", "argc < (4 + beforec + afterc)");
exit(1);
}
table = argv[1];
beforec = atoi(argv[2]);
before = &argv[4];
afterc = atoi(argv[3]);
after = &argv[4 + beforec];
strcpy(tbl_buf, table);
strcat(tbl_buf, " (");
for (i = 0; i < beforec; i++)
{
if (i > 0)
strcat(tbl_buf, ",");
strcat(tbl_buf, before[i]);
}
strcat(tbl_buf, ")->(");
for (i = 0; i < afterc; i++)
{
if (i > 0)
strcat(tbl_buf, ",");
strcat(tbl_buf, after[i]);
}
strcat(tbl_buf, ")");
if (afterc > U_STATE)
astate = atoi(after[U_STATE]);
if (beforec > U_STATE)
bstate = atoi(before[U_STATE]);
check_krb();
/* Reactivating a principal */
if ((astate == 1) || (astate == 6) || (astate == 9))
activate = 1;
/* Deactivating a principal */
else if ((astate == 3) || (astate == 10))
activate = 0;
/* Forcing password change */
else if ((astate == 11) || (astate == 12))
activate = 2;
/* Can ignore other changes */
else
exit(0);
status = modify_kerberos(after[U_NAME], activate);
if (status)
{
com_err(whoami, status, "while modifying Kerberos principal for user %s", after[U_NAME]);
if (activate == 2)
critical_alert(whoami, "incremental", "Couldn't %s Kerberos principal for user %s",
"modify", after[U_NAME]);
else
critical_alert(whoami, "incremental", "Couldn't %s Kerberos principal for user %s",
activate ? "enable" : "disable", after[U_NAME]);
}
else
{
if (activate == 2)
com_err(whoami, 0, "Successfully %s Kerberos principal for user %s",
"modified", after[U_NAME]);
else
com_err(whoami, 0, "Successfully %sd Kerberos principal for user %s",
activate ? "enable" : "disable", after[U_NAME]);
}
exit(0);
}
void do_list(char **before, int beforec, char **after, int afterc)
{
int agid, bgid;
int ahide, bhide;
int code, id;
char g1[PR_MAXNAMELEN], g2[PR_MAXNAMELEN];
char *av[2];
agid = bgid = 0;
if (beforec > L_GID && atoi(before[L_ACTIVE]) && atoi(before[L_GROUP]))
{
bgid = atoi(before[L_GID]);
bhide = atoi(before[L_HIDDEN]);
}
if (afterc > L_GID && atoi(after[L_ACTIVE]) && atoi(after[L_GROUP]))
{
agid = atoi(after[L_GID]);
ahide = atoi(after[L_HIDDEN]);
}
if (agid == 0 && bgid == 0) /* Not active groups */
return;
if (agid && bgid)
{
if (strcmp(after[L_NAME], before[L_NAME]))
{
/* Only a modify is required */
strcpy(g1, "system:");
strcpy(g2, "system:");
strcat(g1, before[L_NAME]);
strcat(g2, after[L_NAME]);
id = -agid;
com_err(whoami, 0, "Changing group %s (gid %d) to %s (gid %d)",
before[L_NAME], bgid, after[L_NAME], agid);
code = pr_try(pr_ChangeEntry, g1, g2, &id, "");
if (code)
{
critical_alert(whoami, "incremental", "Couldn't change group %s (id %d) "
"to %s (id %d): %s", before[L_NAME], -bgid,
after[L_NAME], -agid, error_message(code));
}
}
if (ahide != bhide)
{
com_err(whoami, 0, "Making group %s (gid %d) %s", after[L_NAME],
agid, (ahide ? "hidden" : "visible"));
code = pr_try(pr_SetFieldsEntry, -agid, PR_SF_ALLBITS,
(ahide ? PRP_STATUS_ANY : PRP_GROUP_DEFAULT) >>
PRIVATE_SHIFT, 0 /*ngroups*/, 0 /*nusers*/);
if (code)
{
critical_alert(whoami, "incremental",
"Couldn't set flags of group %s: %s",
after[L_NAME], error_message(code));
}
}
return;
}
void do_user(char **before, int beforec, char **after, int afterc)
{
int astate, bstate, auid, buid, code;
char *av[2];
auid = buid = astate = bstate = 0;
if (afterc > U_STATE)
astate = atoi(after[U_STATE]);
if (beforec > U_STATE)
bstate = atoi(before[U_STATE]);
if (afterc > U_UID)
auid = atoi(after[U_UID]);
if (beforec > U_UID)
buid = atoi(before[U_UID]);
/* We consider "half-registered", "suspended", and "expired" users to be active */
if ((astate == 2) || (astate == 10) || (astate == 11))
astate = 1;
if (bstate == 2 || (astate == 10) || (astate == 11))
bstate = 1;
if (astate != 1 && bstate != 1) /* inactive user */
return;
if (astate == bstate && auid == buid &&
!strcmp(before[U_NAME], after[U_NAME]))
/* No AFS related attributes have changed */
return;
if (astate == bstate)
{
/* Only a modify has to be done */
com_err(whoami, 0, "Changing user %s (uid %d) to %s (uid %d)",
before[U_NAME], buid, after[U_NAME], auid);
code = pr_try(pr_ChangeEntry, before[U_NAME], after[U_NAME], &auid, "");
if (code)
{
critical_alert(whoami, "incremental",
"Couldn't change user %s (id %d) to %s (id %d): %s",
before[U_NAME], buid, after[U_NAME], auid,
error_message(code));
}
return;
}
if (bstate == 1)
{
com_err(whoami, 0, "Deleting user %s (uid %d)",
before[U_NAME], buid);
code = pr_try(pr_DeleteByID, buid);
if (code && code != PRNOENT)
{
critical_alert(whoami, "incremental", "Couldn't delete user %s (id %d): %s",
before[U_NAME], buid, error_message(code));
}
return;
}
if (astate == 1)
{
com_err(whoami, 0, "%s user %s (uid %d)",
((bstate != 0) ? "Reactivating" : "Creating"),
after[U_NAME], auid);
code = pr_try(pr_CreateUser, after[U_NAME], &auid);
/* if we get PRIDEXIST, it's only an error if the username
doesn't match (otherwise it just means the user was deleted
from Moira but not AFS */
if (code == PRIDEXIST)
{
char ename[PR_MAXNAMELEN];
if (pr_try(pr_SIdToName, auid, ename) == 0 &&
!strcmp(after[U_NAME], ename))
return;
}
if (code)
{
critical_alert(whoami, "incremental", "Couldn't create user %s (id %d): %s",
after[U_NAME], auid, error_message(code));
return;
}
if (bstate != 0)
{
/* Reactivating a user; get his group list */
code = moira_connect();
if (code)
{
critical_alert(whoami, "incremental", "Error contacting Moira server "
"to retrieve grouplist of user %s: %s",
after[U_NAME], error_message(code));
return;
}
av[0] = "ruser";
av[1] = after[U_NAME];
code = mr_query("get_lists_of_member", 2, av, add_user_lists,
after[U_NAME]);
if (code && code != MR_NO_MATCH)
{
critical_alert(whoami, "incremental",
"Couldn't retrieve membership of user %s: %s",
after[U_NAME], error_message(code));
}
moira_disconnect();
}
return;
}
}
