/**
* @brief
* Truncate all data from ALL tables from the database
*
* @param[in] conn - The database connection handle
*
* @return Error code
* @retval -1 - Failure
* 0 - Success
*
*/
int
pbs_db_truncate_all(pbs_db_conn_t *conn)
{
sprintf(conn->conn_sql, "truncate table "
"pbs.scheduler_attr, "
"pbs.scheduler, "
"pbs.node_attr, "
"pbs.node, "
"pbs.queue_attr, "
"pbs.queue, "
"pbs.resv_attr, "
"pbs.resv, "
"pbs.subjob_track, "
"pbs.job_scr, "
"pbs.job_attr, "
"pbs.job, "
"pbs.server_attr, "
"pbs.server");
if (pbs_db_execute_str(conn, conn->conn_sql) == -1)
return -1;
return 0;
}
/**
* @brief
* The main function in C - entry point
*
* @param[in] argc - argument count
* @param[in] argv - pointer to argument array
*
* @return int
* @retval 0 - success
* @retval !0 - error
*/
int
main(int argc, char *argv[])
{
int i, rc;
char passwd[MAX_PASSWORD_LEN + 1] = {'\0'};
char passwd2[MAX_PASSWORD_LEN + 1];
char *pquoted;
char pwd_file[MAXPATHLEN + 1];
char userid[LOGIN_NAME_MAX + 1];
int fd, errflg = 0;
int gen_pwd = 0;
char sqlbuff[1024];
int db_conn_error=0;
char *db_errmsg = NULL;
int pmode;
int change_user = 0;
char *olduser;
int update_db = 0;
char getopt_format[5];
char prog[]="pbs_ds_password";
char errmsg[PBS_MAX_DB_CONN_INIT_ERR + 1];
conn = NULL;
pwd_file_new[0]=0;
/*test for real deal or just version and exit*/
PRINT_VERSION_AND_EXIT(argc, argv);
/* read configuration file */
if (pbs_loadconf(0) == 0) {
fprintf(stderr, "%s: Could not load pbs configuration\n", prog);
return (-1);
}
/* backup old user name */
if ((olduser = pbs_get_dataservice_usr(errmsg, PBS_MAX_DB_CONN_INIT_ERR)) == NULL) {
fprintf(stderr, "%s: Could not retrieve current data service user\n", prog);
if (strlen(errmsg) > 0)
fprintf(stderr, "%s\n", errmsg);
return (-1);
}
if (pbs_conf.pbs_data_service_host == NULL)
update_db = 1;
userid[0]=0; /* empty user id */
strcpy(getopt_format, "rC:");
while ((i = getopt(argc, argv, getopt_format)) != EOF) {
switch (i) {
case 'r':
gen_pwd = 1;
break;
case 'C':
strcpy(userid, optarg);
break;
case '?':
default:
errflg++;
}
}
if (errflg) {
fprintf(stderr, "\nusage:\t%s [-r] [-C username]\n", prog);
fprintf(stderr, " \t%s --version\n", prog);
return (-1);
}
/* NOTE : This functionality is added just for the automation testing purpose.
* Usage: pbs_ds_password <password>
*/
if (argv[optind] != NULL) {
gen_pwd = 0;
strncpy(passwd, argv[optind], sizeof(passwd));
passwd[sizeof(passwd) - 1] = '\0';
}
/* check admin privileges */
#ifdef WIN32
if (!isAdminPrivilege(getlogin())) {
fprintf(stderr, "pbs_ds_password: Must be run by Admin\n");
return (1);
}
#else
if ((getuid() != 0) || (geteuid() != 0)) {
fprintf(stderr, "%s: Must be run by root\n", prog);
return (1);
}
#endif /* WIN32 */
change_user = 0;
/* if the -C option was specified read the user from pbs.conf */
if (userid[0] != 0) {
if (strcmp(olduser, userid) != 0) {
change_user = 1;
}
}
if (change_user == 1) {
/* check that the supplied user-id exists (and is non-root on unix) */
if (check_user(userid) != 0) {
#ifdef WIN32
fprintf(stderr, "\n%s: User-id %s does not exist\n", prog, userid);
#else
fprintf(stderr, "\n%s: User-id %s does not exist/is root user/home dir is not accessible\n", prog, userid);
#endif
return (-1);
}
}
atexit(cleanup);
if (update_db == 1) {
/* then connect to database */
conn = pbs_db_init_connection(NULL, PBS_DB_CNT_TIMEOUT_NORMAL, 1, &db_conn_error, errmsg, PBS_MAX_DB_CONN_INIT_ERR);
if (!conn) {
get_db_errmsg(db_conn_error, &db_errmsg);
fprintf(stderr, "%s: %s\n", prog, db_errmsg);
if (strlen(errmsg) > 0)
fprintf(stderr, "%s\n", errmsg);
return -1;
}
db_conn_error = pbs_db_connect(conn);
if (db_conn_error == PBS_DB_SUCCESS && change_user == 1) {
/* able to connect ? Thats bad, PBS or dataservice is running */
fprintf(stderr, "%s: PBS Services and/or PBS Data Service is running\n", prog);
fprintf(stderr, " Stop PBS and Data Services before changing Data Service user\n");
return (-1);
}
if (db_conn_error != PBS_DB_SUCCESS) {
if (db_conn_error == PBS_DB_CONNREFUSED) {
/* start db only if it was not already running */
if (pbs_startup_db(&db_errmsg) != 0) {
if (db_errmsg)
fprintf(stderr, "%s: Failed to start PBS dataservice:[%s]\n", prog, db_errmsg);
else
fprintf(stderr, "%s: Failed to start PBS dataservice\n", prog);
return (-1);
}
started_db = 1;
}
db_conn_error = pbs_db_connect(conn);
if (db_conn_error != PBS_DB_SUCCESS) {
get_db_errmsg(db_conn_error, &db_errmsg);
if (conn->conn_db_err)
fprintf(stderr, "%s: Could not connect to PBS data service:%s:[%s]\n", prog,
db_errmsg, (char*)conn->conn_db_err);
else
fprintf(stderr, "%s: Could not connect to PBS data service:%s\n", prog, db_errmsg);
return (-1);
}
}
}
if (gen_pwd == 0 && passwd[0] == '\0') {
/* ask user to enter password twice */
printf("Enter the password:"******"\nRe-enter the password:"******"\n\n");
if (strcmp(passwd, passwd2) != 0) {
fprintf(stderr, "Entered passwords do not match\n");
return (-2);
}
if (strlen(passwd) == 0) {
fprintf(stderr, "Blank password is not allowed\n");
return (-2);
}
} else if (gen_pwd == 1) {
gen_password(passwd, 16);
}
rc = pbs_encrypt_pwd(passwd, &cred_type, &cred_buf, &cred_len);
if (rc != 0) {
fprintf(stderr, "%s: Failed to encrypt password\n", prog);
return (-1);
}
/* escape password to use in sql strings later */
if ((pquoted = pbs_db_escape_str(conn, passwd)) == NULL) {
fprintf(stderr, "%s: Out of memory\n", prog);
return -1;
}
#ifdef WIN32
sprintf(pwd_file_new, "%s\\server_priv\\db_password.new", pbs_conf.pbs_home_path);
sprintf(pwd_file, "%s\\server_priv\\db_password", pbs_conf.pbs_home_path);
#else
sprintf(pwd_file_new, "%s/server_priv/db_password.new", pbs_conf.pbs_home_path);
sprintf(pwd_file, "%s/server_priv/db_password", pbs_conf.pbs_home_path);
#endif
/* write encrypted password to the password file */
#ifdef WIN32
pmode = _S_IWRITE | _S_IREAD;
fix_perms2(pwd_file_new, pwd_file);
if ((fd = open(pwd_file_new, O_WRONLY | O_TRUNC | O_CREAT | O_Sync | O_BINARY,
pmode)) == -1)
#else
pmode = 0600;
if ((fd = open(pwd_file_new, O_WRONLY | O_TRUNC | O_CREAT | O_Sync,
pmode)) == -1)
#endif
{
perror("open/create failed");
fprintf(stderr, "%s: Unable to create file %s\n", prog, pwd_file_new);
return (-1);
}
#ifdef WIN32
secure_file(pwd_file_new, "Administrators",
READS_MASK|WRITES_MASK|STANDARD_RIGHTS_REQUIRED);
setmode(fd, O_BINARY);
#endif
if (update_db == 1) {
/* change password only if this config option is not set */
if (pbs_db_begin_trx(conn, 0, 0) != 0) {
fprintf(stderr, "%s: Could not start transaction\n", prog);
unlink(pwd_file_new);
return -1;
}
if (change_user == 1) {
/* check whether user exists */
snprintf(sqlbuff, sizeof(sqlbuff),
"select usename from pg_user where usename = '%s'",
userid);
if (pbs_db_execute_str(conn, sqlbuff) == 1) {
/* now attempt to create new user & set the database passwd to the un-encrypted password */
snprintf(sqlbuff, sizeof(sqlbuff),
"create user \"%s\" SUPERUSER ENCRYPTED PASSWORD '%s'",
userid, pquoted);
} else {
/* attempt to alter new user & set the database passwd to the un-encrypted password */
snprintf(sqlbuff, sizeof(sqlbuff),
"alter user \"%s\" SUPERUSER ENCRYPTED PASSWORD '%s'",
userid, pquoted);
}
memset(passwd, 0, sizeof(passwd));
memset(passwd2, 0, sizeof(passwd2));
memset(pquoted, 0, (sizeof(char) * strlen(pquoted)));
if (pbs_db_execute_str(conn, sqlbuff) == -1) {
fprintf(stderr, "%s: Failed to create/alter user id %s\n", prog, userid);
(void) pbs_db_end_trx(conn, PBS_DB_ROLLBACK);
return -1;
}
} else {
/* now attempt to set the database passwd to the un-encrypted password */
/* alter user ${user} SUPERUSER ENCRYPTED PASSWORD '${passwd}' */
sprintf(sqlbuff, "alter user \"%s\" SUPERUSER ENCRYPTED PASSWORD '%s'",
olduser, pquoted);
memset(passwd, 0, sizeof(passwd));
memset(passwd2, 0, sizeof(passwd2));
memset(pquoted, 0, (sizeof(char) * strlen(pquoted)));
if (pbs_db_execute_str(conn, sqlbuff) == -1) {
fprintf(stderr, "%s: Failed to create/alter user id %s\n", prog, userid);
(void) pbs_db_end_trx(conn, PBS_DB_ROLLBACK);
return -1;
}
}
}
if (write(fd, cred_buf, cred_len) != cred_len) {
perror("write failed");
fprintf(stderr, "%s: Unable to write to file %s\n", prog, pwd_file_new);
if (update_db == 1) {
(void) pbs_db_end_trx(conn, PBS_DB_ROLLBACK);
}
return -1;
}
close(fd);
free(cred_buf);
#ifdef WIN32
if (MoveFileEx(pwd_file_new, pwd_file,
MOVEFILE_REPLACE_EXISTING | MOVEFILE_WRITE_THROUGH) == 0) {
errno = GetLastError();
fprintf(stderr, "MoveFileEx(%s, %s) failed!",
pwd_file_new, pwd_file);
if (update_db == 1) {
(void) pbs_db_end_trx(conn, PBS_DB_ROLLBACK);
}
return (-1);
}
#else
if (rename(pwd_file_new, pwd_file) != 0) {
if (update_db == 1) {
(void) pbs_db_end_trx(conn, PBS_DB_ROLLBACK);
}
return (-1);
}
#endif
if (update_db == 1) {
/* commit to database */
(void) pbs_db_end_trx(conn, PBS_DB_COMMIT);
cleanup(); /* cleanup will disconnect and delete tmp file too */
}
printf("---> Updated user password\n");
if (update_db == 1 && change_user == 1) {
printf("---> Updated user in datastore\n");
printf("---> Stored user password in datastore\n");
}
if (change_user == 1) {
char usr_file[MAXPATHLEN + 1];
#ifdef WIN32
sprintf(usr_file, "%s\\server_priv\\db_user", pbs_conf.pbs_home_path);
#else
sprintf(usr_file, "%s/server_priv/db_user", pbs_conf.pbs_home_path);
#endif
/* update PBS_HOME/server_priv/db_user file with the new user name */
if (update_db_usr(usr_file, userid) != 0) {
fprintf(stderr, "Unable to update file %s\n", usr_file);
return -1;
}
printf("---> Updated new user\n");
}
if (update_db == 1 && change_user == 1) {
char datastore[MAXPATHLEN + 1];
#ifndef WIN32
/* ownership is changed only for Unix users
* On windows, these files are allways owned by the user who installed the database
* and writable by administrators anyway
*/
sprintf(datastore, "%s/datastore", pbs_conf.pbs_home_path);
/* change ownership of the datastore directories to the new user, so that db can be started again */
if (change_ownership(datastore, userid) != 0) {
fprintf(stderr, "%s: Failed to change ownership on path %s\n", prog, datastore);
return -1;
}
printf("---> Changed ownership of %s to user %s\n", datastore, userid);
#endif
/* reload configuration file */
if (pbs_loadconf(1) == 0) {
fprintf(stderr, "%s: Could not load pbs configuration\n", prog);
return (-1);
}
if (pbs_startup_db(&db_errmsg) != 0) {
if (db_errmsg)
fprintf(stderr, "%s: Failed to start PBS dataservice as new user:[%s]\n", prog, db_errmsg);
else
fprintf(stderr, "%s: Failed to start PBS dataservice as new user\n", prog);
return (-1);
}
started_db = 1;
/* connect again to drop the old user */
conn = pbs_db_init_connection(NULL, PBS_DB_CNT_TIMEOUT_NORMAL, 1, &db_conn_error, errmsg, PBS_MAX_DB_CONN_INIT_ERR);
if (!conn) {
get_db_errmsg(db_conn_error, &db_errmsg);
fprintf(stderr, "%s: %s\n", prog, db_errmsg);
if (strlen(errmsg) > 0)
fprintf(stderr, "%s\n", errmsg);
return -1;
}
db_conn_error = pbs_db_connect(conn);
if (db_conn_error != PBS_DB_SUCCESS) {
get_db_errmsg(db_conn_error, &db_errmsg);
if (conn->conn_db_err)
fprintf(stderr, "%s: Could not connect to PBS data service as new user:%s[%s]\n", prog,
db_errmsg, (char*)conn->conn_db_err);
else
fprintf(stderr, "%s: Could not connect to PBS data service as new user:%s\n", prog, db_errmsg);
return (-1);
}
/* delete the old user from the database */
sprintf(sqlbuff, "drop user \"%s\"", olduser);
pbs_db_execute_str(conn, sqlbuff);
}
printf("---> Success\n");
return (0);
}
