예제 #1
0
파일: alphalist.c 프로젝트: fbettag/core
void DeleteAlphaList(AlphaList *al)
{
    for (int i = 0; i < CF_ALPHABETSIZE; i++)
    {
        DeleteItemList(al->list[i]);
    }

    InitAlphaList(al);
}
예제 #2
0
static int SelectOwnerMatch(char *path, struct stat *lstatptr, Rlist *crit)
{
    AlphaList leafattrib;
    Rlist *rp;
    char ownerName[CF_BUFSIZE];
    int gotOwner;

    InitAlphaList(&leafattrib);

#ifndef MINGW                   // no uids on Windows
    char buffer[CF_SMALLBUF];
    sprintf(buffer, "%jd", (uintmax_t) lstatptr->st_uid);
    PrependAlphaList(&leafattrib, buffer);
#endif /* MINGW */

    gotOwner = GetOwnerName(path, lstatptr, ownerName, sizeof(ownerName));

    if (gotOwner)
    {
        PrependAlphaList(&leafattrib, ownerName);
    }
    else
    {
        PrependAlphaList(&leafattrib, "none");
    }

    for (rp = crit; rp != NULL; rp = rp->next)
    {
        if (EvalFileResult((char *) rp->item, &leafattrib))
        {
            CfDebug(" - ? Select owner match\n");
            DeleteAlphaList(&leafattrib);
            return true;
        }

        if (gotOwner && FullTextMatch((char *) rp->item, ownerName))
        {
            CfDebug(" - ? Select owner match\n");
            DeleteAlphaList(&leafattrib);
            return true;
        }

#ifndef MINGW
        if (FullTextMatch((char *) rp->item, buffer))
        {
            CfDebug(" - ? Select owner match\n");
            DeleteAlphaList(&leafattrib);
            return true;
        }
#endif /* NOT MINGW */
    }

    DeleteAlphaList(&leafattrib);
    return false;
}
예제 #3
0
static int SelectGroupMatch(struct stat *lstatptr, Rlist *crit)
{
    AlphaList leafattrib;
    char buffer[CF_SMALLBUF];
    struct group *gr;
    Rlist *rp;

    InitAlphaList(&leafattrib);

    sprintf(buffer, "%jd", (uintmax_t) lstatptr->st_gid);
    PrependAlphaList(&leafattrib, buffer);

    if ((gr = getgrgid(lstatptr->st_gid)) != NULL)
    {
        PrependAlphaList(&leafattrib, gr->gr_name);
    }
    else
    {
        PrependAlphaList(&leafattrib, "none");
    }

    for (rp = crit; rp != NULL; rp = rp->next)
    {
        if (EvalFileResult((char *) rp->item, &leafattrib))
        {
            CfDebug(" - ? Select group match\n");
            DeleteAlphaList(&leafattrib);
            return true;
        }

        if (gr && FullTextMatch((char *) rp->item, gr->gr_name))
        {
            CfDebug(" - ? Select owner match\n");
            DeleteAlphaList(&leafattrib);
            return true;
        }

        if (FullTextMatch((char *) rp->item, buffer))
        {
            CfDebug(" - ? Select owner match\n");
            DeleteAlphaList(&leafattrib);
            return true;
        }
    }

    DeleteAlphaList(&leafattrib);
    return false;
}
예제 #4
0
static bool ScheduleRun(Policy **policy, GenericAgentConfig *config, ExecConfig *exec_config, const ReportContext *report_context)
{
    Item *ip;

    CfOut(OUTPUT_LEVEL_VERBOSE, "", "Sleeping...\n");
    sleep(CFPULSETIME);         /* 1 Minute resolution is enough */

// recheck license (in case of license updates or expiry)

    if (EnterpriseExpiry())
    {
        CfOut(OUTPUT_LEVEL_ERROR, "", "Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
        exit(1);
    }

    /*
     * FIXME: this logic duplicates the one from cf-serverd.c. Unify ASAP.
     */

    if (CheckNewPromises(config->input_file, InputFiles(*policy), report_context) == RELOAD_FULL)
    {
        /* Full reload */

        CfOut(OUTPUT_LEVEL_INFORM, "", "Re-reading promise file %s..\n", config->input_file);

        DeleteAlphaList(&VHEAP);
        InitAlphaList(&VHEAP);
        DeleteAlphaList(&VHARDHEAP);
        InitAlphaList(&VHARDHEAP);
        DeleteAlphaList(&VADDCLASSES);
        InitAlphaList(&VADDCLASSES);

        DeleteItemList(IPADDRESSES);
        IPADDRESSES = NULL;

        DeleteItemList(VNEGHEAP);

        DeleteAllScope();

        strcpy(VDOMAIN, "undefinded.domain");
        POLICY_SERVER[0] = '\0';

        VNEGHEAP = NULL;

        PolicyDestroy(*policy);
        *policy = NULL;

        ERRORCOUNT = 0;

        NewScope("sys");

        SetPolicyServer(POLICY_SERVER);
        NewScalar("sys", "policy_hub", POLICY_SERVER, DATA_TYPE_STRING);

        NewScope("const");
        NewScope("this");
        NewScope("mon");
        NewScope("control_server");
        NewScope("control_common");
        NewScope("remote_access");

        GetNameInfo3();
        GetInterfacesInfo(AGENT_TYPE_EXECUTOR);
        Get3Environment();
        BuiltinClasses();
        OSClasses();

        HardClass(CF_AGENTTYPES[THIS_AGENT_TYPE]);

        SetReferenceTime(true);

        GenericAgentConfigSetBundleSequence(config, NULL);

        *policy = GenericAgentLoadPolicy(AGENT_TYPE_EXECUTOR, config, report_context);
        KeepPromises(*policy, exec_config);
    }
    else
    {
        /* Environment reload */

        DeleteAlphaList(&VHEAP);
        InitAlphaList(&VHEAP);
        DeleteAlphaList(&VADDCLASSES);
        InitAlphaList(&VADDCLASSES);
        DeleteAlphaList(&VHARDHEAP);
        InitAlphaList(&VHARDHEAP);

        DeleteItemList(IPADDRESSES);
        IPADDRESSES = NULL;


        DeleteScope("this");
        DeleteScope("mon");
        DeleteScope("sys");
        NewScope("this");
        NewScope("mon");
        NewScope("sys");

        GetInterfacesInfo(AGENT_TYPE_EXECUTOR);
        Get3Environment();
        BuiltinClasses();
        OSClasses();
        SetReferenceTime(true);
    }

    for (ip = SCHEDULE; ip != NULL; ip = ip->next)
    {
        CfOut(OUTPUT_LEVEL_VERBOSE, "", "Checking schedule %s...\n", ip->name);

        if (IsDefinedClass(ip->name, NULL))
        {
            CfOut(OUTPUT_LEVEL_VERBOSE, "", "Waking up the agent at %s ~ %s \n", cf_ctime(&CFSTARTTIME), ip->name);
            return true;
        }
    }

    CfOut(OUTPUT_LEVEL_VERBOSE, "", "Nothing to do at %s\n", cf_ctime(&CFSTARTTIME));
    return false;
}
예제 #5
0
int SelectLeaf(char *path, struct stat *sb, Attributes attr, Promise *pp)
{
    AlphaList leaf_attr;
    int result = true;
    Rlist *rp;

    InitAlphaList(&leaf_attr);

#ifdef MINGW
    if (attr.select.issymlinkto != NULL)
    {
        CfOut(cf_verbose, "",
              "files_select.issymlinkto is ignored on Windows (symbolic links are not supported by Windows)");
    }

    if (attr.select.groups != NULL)
    {
        CfOut(cf_verbose, "",
              "files_select.search_groups is ignored on Windows (file groups are not supported by Windows)");
    }

    if (attr.select.bsdflags != NULL)
    {
        CfOut(cf_verbose, "", "files_select.search_bsdflags is ignored on Windows");
    }
#endif /* MINGW */

    if (!attr.haveselect)
    {
        return true;
    }

    if (attr.select.name == NULL)
    {
        PrependAlphaList(&leaf_attr, "leaf_name");
    }

    for (rp = attr.select.name; rp != NULL; rp = rp->next)
    {
        if (SelectNameRegexMatch(path, rp->item))
        {
            PrependAlphaList(&leaf_attr, "leaf_name");
            break;
        }
    }

    if (attr.select.path == NULL)
    {
        PrependAlphaList(&leaf_attr, "leaf_path");
    }

    for (rp = attr.select.path; rp != NULL; rp = rp->next)
    {
        if (SelectPathRegexMatch(path, rp->item))
        {
            PrependAlphaList(&leaf_attr, "path_name");
            break;
        }
    }

    if (SelectTypeMatch(sb, attr.select.filetypes))
    {
        PrependAlphaList(&leaf_attr, "file_types");
    }

    if (attr.select.owners && SelectOwnerMatch(path, sb, attr.select.owners))
    {
        PrependAlphaList(&leaf_attr, "owner");
    }

    if (attr.select.owners == NULL)
    {
        PrependAlphaList(&leaf_attr, "owner");
    }

#ifdef MINGW
    PrependAlphaList(&leaf_attr, "group");

#else /* NOT MINGW */
    if (attr.select.groups && SelectGroupMatch(sb, attr.select.groups))
    {
        PrependAlphaList(&leaf_attr, "group");
    }

    if (attr.select.groups == NULL)
    {
        PrependAlphaList(&leaf_attr, "group");
    }
#endif /* NOT MINGW */

    if (SelectModeMatch(sb, attr.select.perms))
    {
        PrependAlphaList(&leaf_attr, "mode");
    }

#if defined HAVE_CHFLAGS
    if (SelectBSDMatch(sb, attr.select.bsdflags, pp))
    {
        PrependAlphaList(&leaf_attr, "bsdflags");
    }
#endif

    if (SelectTimeMatch(sb->st_atime, attr.select.min_atime, attr.select.max_atime))
    {
        PrependAlphaList(&leaf_attr, "atime");
    }

    if (SelectTimeMatch(sb->st_ctime, attr.select.min_ctime, attr.select.max_ctime))
    {
        PrependAlphaList(&leaf_attr, "ctime");
    }

    if (SelectSizeMatch(sb->st_size, attr.select.min_size, attr.select.max_size))
    {
        PrependAlphaList(&leaf_attr, "size");
    }

    if (SelectTimeMatch(sb->st_mtime, attr.select.min_mtime, attr.select.max_mtime))
    {
        PrependAlphaList(&leaf_attr, "mtime");
    }

    if (attr.select.issymlinkto && SelectIsSymLinkTo(path, attr.select.issymlinkto))
    {
        PrependAlphaList(&leaf_attr, "issymlinkto");
    }

    if (attr.select.exec_regex && SelectExecRegexMatch(path, attr.select.exec_regex, attr.select.exec_program))
    {
        PrependAlphaList(&leaf_attr, "exec_regex");
    }

    if (attr.select.exec_program && SelectExecProgram(path, attr.select.exec_program))
    {
        PrependAlphaList(&leaf_attr, "exec_program");
    }

    if ((result = EvalFileResult(attr.select.result, &leaf_attr)))
    {
        //NewClassesFromString(fp->defines);
    }

    CfDebug("Select result \"%s\"on %s was %d\n", attr.select.result, path, result);

    DeleteAlphaList(&leaf_attr);

    return result;
}
예제 #6
0
static int SelectTypeMatch(struct stat *lstatptr, Rlist *crit)
{
    AlphaList leafattrib;
    Rlist *rp;

    InitAlphaList(&leafattrib);

    if (S_ISREG(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "reg");
        PrependAlphaList(&leafattrib, "plain");
    }

    if (S_ISDIR(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "dir");
    }

#ifndef MINGW
    if (S_ISLNK(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "symlink");
    }

    if (S_ISFIFO(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "fifo");
    }

    if (S_ISSOCK(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "socket");
    }

    if (S_ISCHR(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "char");
    }

    if (S_ISBLK(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "block");
    }
#endif /* NOT MINGW */

#ifdef HAVE_DOOR_CREATE
    if (S_ISDOOR(lstatptr->st_mode))
    {
        PrependAlphaList(&leafattrib, "door");
    }
#endif

    for (rp = crit; rp != NULL; rp = rp->next)
    {
        if (EvalFileResult((char *) rp->item, &leafattrib))
        {
            DeleteAlphaList(&leafattrib);
            return true;
        }
    }

    DeleteAlphaList(&leafattrib);
    return false;
}
예제 #7
0
void CheckFileChanges(Policy **policy, GenericAgentConfig *config, const ReportContext *report_context)
{
    if (EnterpriseExpiry())
    {
        CfOut(cf_error, "", "!! This enterprise license is invalid.");
    }

    CfDebug("Checking file updates on %s\n", config->input_file);

    if (NewPromiseProposals(config->input_file, InputFiles(*policy)))
    {
        CfOut(cf_verbose, "", " -> New promises detected...\n");

        if (CheckPromises(config->input_file, report_context))
        {
            CfOut(cf_inform, "", "Rereading config files %s..\n", config->input_file);

            /* Free & reload -- lock this to avoid access errors during reload */

            DeleteItemList(VNEGHEAP);
            
            DeleteAlphaList(&VHEAP);
            InitAlphaList(&VHEAP);
            DeleteAlphaList(&VHARDHEAP);
            InitAlphaList(&VHARDHEAP);
            
            DeleteAlphaList(&VADDCLASSES);
            InitAlphaList(&VADDCLASSES);

            DeleteItemList(IPADDRESSES);
            IPADDRESSES = NULL;

            DeleteItemList(SV.trustkeylist);
            DeleteItemList(SV.skipverify);
            DeleteItemList(SV.attackerlist);
            DeleteItemList(SV.nonattackerlist);
            DeleteItemList(SV.multiconnlist);

            DeleteAuthList(VADMIT);
            DeleteAuthList(VDENY);

            DeleteAuthList(VARADMIT);
            DeleteAuthList(VARDENY);

            DeleteAuthList(ROLES);

            //DeleteRlist(VINPUTLIST); This is just a pointer, cannot free it

            DeleteAllScope();

            strcpy(VDOMAIN, "undefined.domain");
            POLICY_SERVER[0] = '\0';

            VADMIT = VADMITTOP = NULL;
            VDENY = VDENYTOP = NULL;

            VARADMIT = VARADMITTOP = NULL;
            VARDENY = VARDENYTOP = NULL;

            ROLES = ROLESTOP = NULL;

            VNEGHEAP = NULL;
            SV.trustkeylist = NULL;
            SV.skipverify = NULL;
            SV.attackerlist = NULL;
            SV.nonattackerlist = NULL;
            SV.multiconnlist = NULL;

            PolicyDestroy(*policy);
            *policy = NULL;

            ERRORCOUNT = 0;

            NewScope("sys");

            SetPolicyServer(POLICY_SERVER);
            NewScalar("sys", "policy_hub", POLICY_SERVER, DATA_TYPE_STRING);

            if (EnterpriseExpiry())
            {
                CfOut(cf_error, "",
                      "Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
            }

            NewScope("const");
            NewScope("this");
            NewScope("control_server");
            NewScope("control_common");
            NewScope("mon");
            NewScope("remote_access");
            GetNameInfo3();
            GetInterfacesInfo(AGENT_TYPE_SERVER);
            Get3Environment();
            BuiltinClasses();
            OSClasses();
            KeepHardClasses();

            HardClass(CF_AGENTTYPES[THIS_AGENT_TYPE]);

            SetReferenceTime(true);
            *policy = ReadPromises(AGENT_TYPE_SERVER, config, report_context);
            KeepPromises(*policy, config, report_context);
            Summarize();

        }
        else
        {
            CfOut(cf_inform, "", " !! File changes contain errors -- ignoring");
            PROMISETIME = time(NULL);
        }
    }
    else
    {
        CfDebug(" -> No new promises found\n");
    }
}
예제 #8
0
int SelectProcess(char *procentry, char **names, int *start, int *end, Attributes a, Promise *pp)
{
    AlphaList proc_attr;
    int result = true, i;
    char *column[CF_PROCCOLS];
    Rlist *rp;

    CfDebug("SelectProcess(%s)\n", procentry);

    InitAlphaList(&proc_attr);

    if (!a.haveselect)
    {
        return true;
    }

    if (!SplitProcLine(procentry, names, start, end, column))
    {
        return false;
    }

    if (DEBUG)
    {
        for (i = 0; names[i] != NULL; i++)
        {
            printf("COL[%s] = \"%s\"\n", names[i], column[i]);
        }
    }

    for (rp = a.process_select.owner; rp != NULL; rp = rp->next)
    {
        if (SelectProcRegexMatch("USER", "UID", (char *) rp->item, names, column))
        {
            PrependAlphaList(&proc_attr, "process_owner");
            break;
        }
    }

    if (SelectProcRangeMatch("PID", "PID", a.process_select.min_pid, a.process_select.max_pid, names, column))
    {
        PrependAlphaList(&proc_attr, "pid");
    }

    if (SelectProcRangeMatch("PPID", "PPID", a.process_select.min_ppid, a.process_select.max_ppid, names, column))
    {
        PrependAlphaList(&proc_attr, "ppid");
    }

    if (SelectProcRangeMatch("PGID", "PGID", a.process_select.min_pgid, a.process_select.max_pgid, names, column))
    {
        PrependAlphaList(&proc_attr, "pgid");
    }

    if (SelectProcRangeMatch("VSZ", "SZ", a.process_select.min_vsize, a.process_select.max_vsize, names, column))
    {
        PrependAlphaList(&proc_attr, "vsize");
    }

    if (SelectProcRangeMatch("RSS", "RSS", a.process_select.min_rsize, a.process_select.max_rsize, names, column))
    {
        PrependAlphaList(&proc_attr, "rsize");
    }

    if (SelectProcTimeCounterRangeMatch
        ("TIME", "TIME", a.process_select.min_ttime, a.process_select.max_ttime, names, column))
    {
        PrependAlphaList(&proc_attr, "ttime");
    }

    if (SelectProcTimeAbsRangeMatch
        ("STIME", "START", a.process_select.min_stime, a.process_select.max_stime, names, column))
    {
        PrependAlphaList(&proc_attr, "stime");
    }

    if (SelectProcRangeMatch("NI", "PRI", a.process_select.min_pri, a.process_select.max_pri, names, column))
    {
        PrependAlphaList(&proc_attr, "priority");
    }

    if (SelectProcRangeMatch("NLWP", "NLWP", a.process_select.min_thread, a.process_select.max_thread, names, column))
    {
        PrependAlphaList(&proc_attr, "threads");
    }

    if (SelectProcRegexMatch("S", "STAT", a.process_select.status, names, column))
    {
        PrependAlphaList(&proc_attr, "status");
    }

    if (SelectProcRegexMatch("CMD", "COMMAND", a.process_select.command, names, column))
    {
        PrependAlphaList(&proc_attr, "command");
    }

    if (SelectProcRegexMatch("TTY", "TTY", a.process_select.tty, names, column))
    {
        PrependAlphaList(&proc_attr, "tty");
    }

    if ((result = EvalProcessResult(a.process_select.process_result, &proc_attr)))
    {
        //ClassesFromString(fp->defines);
    }

    DeleteAlphaList(&proc_attr);

    if (result)
    {
        if (a.transaction.action == cfa_warn)
        {
            CfOut(cf_error, "", " !! Matched: %s\n", procentry);
        }
        else
        {
            CfOut(cf_inform, "", " !! Matched: %s\n", procentry);
        }
    }

    for (i = 0; column[i] != NULL; i++)
    {
        free(column[i]);
    }

    return result;
}
예제 #9
0
파일: cf-execd.c 프로젝트: pombredanne/core
static bool ScheduleRun(Policy **policy, ExecConfig *exec_config, const ReportContext *report_context)
{
    Item *ip;

    CfOut(cf_verbose, "", "Sleeping...\n");
    sleep(CFPULSETIME);         /* 1 Minute resolution is enough */

// recheck license (in case of license updates or expiry)

    if (EnterpriseExpiry())
    {
        CfOut(cf_error, "", "Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
        exit(1);
    }

    /*
     * FIXME: this logic duplicates the one from cf-serverd.c. Unify ASAP.
     */

    if (CheckNewPromises(report_context) == RELOAD_FULL)
    {
        /* Full reload */

        CfOut(cf_inform, "", "Re-reading promise file %s..\n", VINPUTFILE);

        DeleteAlphaList(&VHEAP);
        InitAlphaList(&VHEAP);
        DeleteAlphaList(&VHARDHEAP);
        InitAlphaList(&VHARDHEAP);
        DeleteAlphaList(&VADDCLASSES);
        InitAlphaList(&VADDCLASSES);

        DeleteItemList(IPADDRESSES);
        IPADDRESSES = NULL;

        DeleteItemList(VNEGHEAP);

        DeleteAllScope();

        strcpy(VDOMAIN, "undefinded.domain");
        POLICY_SERVER[0] = '\0';

        VNEGHEAP = NULL;
        VINPUTLIST = NULL;

        PolicyDestroy(*policy);
        *policy = NULL;

        ERRORCOUNT = 0;

        NewScope("sys");

        SetPolicyServer(POLICY_SERVER);
        NewScalar("sys", "policy_hub", POLICY_SERVER, cf_str);

        NewScope("const");
        NewScope("this");
        NewScope("mon");
        NewScope("control_server");
        NewScope("control_common");
        NewScope("remote_access");

        GetNameInfo3();
        GetInterfacesInfo(AGENT_TYPE_EXECUTOR);
        Get3Environment();
        BuiltinClasses();
        OSClasses();

        HardClass(CF_AGENTTYPES[THIS_AGENT_TYPE]);

        SetReferenceTime(true);

        GenericAgentConfig config = {
            .bundlesequence = NULL
        };

        *policy = ReadPromises(AGENT_TYPE_EXECUTOR, CF_EXECC, config, report_context);
        KeepPromises(*policy, exec_config);
    }