static void KeepPromises(Policy *policy, const ReportContext *report_context)
{
Constraint *cp;
Rval retval;
for (cp = ControlBodyConstraints(policy, cf_monitor); cp != NULL; cp = cp->next)
{
if (IsExcluded(cp->classes, NULL))
{
continue;
}
if (GetVariable("control_monitor", cp->lval, &retval) == cf_notype)
{
CfOut(cf_error, "", "Unknown lval %s in monitor control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFM_CONTROLBODY[cfm_histograms].lval) == 0)
{
/* Keep accepting this option for backward compatibility. */
}
if (strcmp(cp->lval, CFM_CONTROLBODY[cfm_tcpdump].lval) == 0)
{
MonNetworkSnifferEnable(GetBoolean(retval.item));
}
if (strcmp(cp->lval, CFM_CONTROLBODY[cfm_forgetrate].lval) == 0)
{
sscanf(retval.item, "%lf", &FORGETRATE);
CfDebug("forget rate = %f\n", FORGETRATE);
}
}
}
static void SendEvent( const ModuleEvent *eventptr, Event event, const CmdParams *cmdparams, Module *module_ptr )
{
if( !eventptr )
{
dlog( DEBUG9, "SendEvent: %s has no event handler for %s", module_ptr->info->name, EventStrings[event] );
return;
}
/* If we are not yet synched, check that the module supports
* the event before we are synched. */
if( !IsModuleSynched( module_ptr ) && !( eventptr->flags & EVENT_FLAG_IGNORE_SYNCH ) )
{
dlog( DEBUG9, "Skipping module %s for %s since module is not yet synched", module_ptr->info->name, EventStrings[event] );
return;
}
if( ( eventptr->flags & EVENT_FLAG_DISABLED ) )
{
dlog( DEBUG9, "Skipping module %s for %s since it is disabled", module_ptr->info->name, EventStrings[event] );
return;
}
if( ( eventptr->flags & EVENT_FLAG_EXCLUDE_ME ) && IsMe( cmdparams->source ) )
{
dlog( DEBUG9, "Skipping module %s for %s since %s is excluded as a NeoStats client", module_ptr->info->name, EventStrings[event], cmdparams->source->name );
return;
}
if( eventptr->flags & EVENT_FLAG_EXCLUDE_MODME )
{
if( cmdparams->source && cmdparams->source->user && cmdparams->source->user->bot && cmdparams->source->user->bot->moduleptr == module_ptr )
{
dlog( DEBUG9, "Skipping module %s for %s since %s is excluded as a Module client", module_ptr->info->name, EventStrings[event], cmdparams->source->name );
return;
}
}
if( ( eventptr->flags & EVENT_FLAG_USE_EXCLUDE ) && IsExcluded( cmdparams->source ) )
{
dlog( DEBUG9, "Skipping module %s for %s since %s is excluded", module_ptr->info->name, EventStrings[event], cmdparams->source->name );
return;
}
dlog( DEBUG9, "Running module %s with %s", module_ptr->info->name, EventStrings[event] );
SET_SEGV_LOCATION();
#ifdef USE_PERL
if( ( eventptr->flags & EVENT_FLAG_PERLCALL ) )
{
SET_RUN_LEVEL( module_ptr );
perl_event_cb( event, cmdparams, module_ptr );
RESET_RUN_LEVEL();
return;
}
#endif /* USE_PERL */
if( setjmp( sigvbuf ) == 0 )
{
SET_RUN_LEVEL( module_ptr );
( void )module_ptr->event_list[event]->handler( cmdparams );
RESET_RUN_LEVEL();
}
else
{
nlog( LOG_CRITICAL, "SendEvent: setjmp() failed, not calling module %s", module_ptr->info->name );
}
}
static bool AutoExportDir(const char* inputDir, const char* outputDir, const char* groupFiles, std::vector<std::string>& excludeFiles)
{
bool exportedFile = false;
char outputFileName[MAX_PATH];
sprintf(outputFileName, "%s\\Export.prd", outputDir);
char outputLog[MAX_PATH];
sprintf(outputLog, "%s\\AutoExport.log", outputDir);
char doneDir[MAX_PATH];
sprintf(doneDir, "%s\\Done\\", inputDir);
CreateDirectory(doneDir, NULL);
// Don't give missing bitmap warnings
TheManager->SetSilentMode(TRUE);
hsFolderIterator sourceDir(inputDir);
while (sourceDir.NextFileSuffix(".max"))
{
char exportFile[MAX_PATH];
sourceDir.GetPathAndName(exportFile);
if (IsExcluded(sourceDir.GetFileName(), excludeFiles))
continue;
// If we're doing grouped files, and this isn't one, keep looking
if (groupFiles && strncmp(sourceDir.GetFileName(), groupFiles, strlen(groupFiles)) != 0)
continue;
hsUNIXStream log;
if (log.Open(outputLog, "ab"))
{
log.WriteFmt("%s\r\n", sourceDir.GetFileName());
log.Close();
}
if (GetCOREInterface()->LoadFromFile(exportFile))
{
sprintf(doneDir, "%s\\Done\\%s", inputDir, sourceDir.GetFileName());
MoveFileEx(exportFile, doneDir, MOVEFILE_REPLACE_EXISTING);
GetCOREInterface()->ExportToFile(outputFileName, TRUE);
exportedFile = true;
// If we're not doing grouped files, this is it, we exported our one file
if (!groupFiles)
break;
}
}
return exportedFile;
}
static bool AutoExportDir(const char* inputDir, const char* outputDir, const plFileName& groupFiles, std::vector<plFileName>& excludeFiles)
{
bool exportedFile = false;
char outputFileName[MAX_PATH];
sprintf(outputFileName, "%s\\Export.prd", outputDir);
char outputLog[MAX_PATH];
sprintf(outputLog, "%s\\AutoExport.log", outputDir);
char doneDir[MAX_PATH];
sprintf(doneDir, "%s\\Done\\", inputDir);
CreateDirectory(doneDir, NULL);
// Don't give missing bitmap warnings
TheManager->SetSilentMode(TRUE);
std::vector<plFileName> sources = plFileSystem::ListDir(inputDir, "*.max");
for (auto iter = sources.begin(); iter != sources.end(); ++iter)
{
if (IsExcluded(iter->GetFileName(), excludeFiles))
continue;
// If we're doing grouped files, and this isn't one, keep looking
if (groupFiles.IsValid() && groupFiles != iter->GetFileName())
continue;
hsUNIXStream log;
if (log.Open(outputLog, "ab"))
{
log.WriteFmt("%s\r\n", iter->GetFileName().c_str());
log.Close();
}
if (GetCOREInterface()->LoadFromFile(iter->AsString().c_str()))
{
plFileSystem::Move(*iter, plFileName::Join(inputDir, "Done", iter->GetFileName()));
GetCOREInterface()->ExportToFile(outputFileName, TRUE);
exportedFile = true;
// If we're not doing grouped files, this is it, we exported our one file
if (!groupFiles.IsValid())
break;
}
}
return exportedFile;
}
//______________________________________________________________________________
void TFractionFitter::ComputeChisquareLambda()
{
// Method used internally to compute the likelihood ratio chi2
// See the function GetChisquare() for details
if ( !fFitDone ) {
Error("ComputeChisquareLambda","Fit not yet (successfully) performed");
fChisquare = 0;
return;
}
// fPlot must be initialized and filled. Leave this to the GetPlot() method.
if (! fPlot)
GetPlot();
Int_t minX, maxX, minY, maxY, minZ, maxZ;
GetRanges(minX, maxX, minY, maxY, minZ, maxZ);
Double_t logLyn = 0; // likelihood of prediction
Double_t logLmn = 0; // likelihood of data ("true" distribution)
for(Int_t x = minX; x <= maxX; x++) {
for(Int_t y = minY; y <= maxY; y++) {
for(Int_t z = minZ; z <= maxZ; z++) {
if (IsExcluded(fData->GetBin(x, y, z))) continue;
Double_t di = fData->GetBinContent(x, y, z);
Double_t fi = fPlot->GetBinContent(x, y, z);
if(fi != 0) logLyn += di * TMath::Log(fi) - fi;
if(di != 0) logLmn += di * TMath::Log(di) - di;
for(Int_t j = 0; j < fNpar; j++) {
Double_t aji = ((TH1*)fMCs.At(j))->GetBinContent(x, y, z);
Double_t bji = ((TH1*)fAji.At(j))->GetBinContent(x, y, z);
if(bji != 0) logLyn += aji * TMath::Log(bji) - bji;
if(aji != 0) logLmn += aji * TMath::Log(aji) - aji;
}
}
}
}
fChisquare = -2*logLyn + 2*logLmn;
return;
}
bool TreeMultiItemBase::IsVisible()
{
// are we excluded? then we are not visible as well
if(IsExcluded())
return false;
// check every parent up until the last and if one of them is collapsed
// we are not visible
TreeMultiItemNode *p = GetParent();
while(p)
{
if(!p->IsExpanded())
return false;
else
p = p->GetParent();
}
return true;
}
void KeepControlPromises()
{ struct Constraint *cp;
char rettype;
void *retval;
RUNATTR.copy.trustkey = false;
RUNATTR.copy.encrypt = true;
RUNATTR.copy.force_ipv4 = false;
RUNATTR.copy.portnumber = SHORT_CFENGINEPORT;
/* Keep promised agent behaviour - control bodies */
for (cp = ControlBodyConstraints(cf_runagent); cp != NULL; cp=cp->next)
{
if (IsExcluded(cp->classes))
{
continue;
}
if (GetVariable("control_runagent",cp->lval,&retval,&rettype) == cf_notype)
{
CfOut(cf_error,"","Unknown lval %s in runagent control body",cp->lval);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_force_ipv4].lval) == 0)
{
RUNATTR.copy.force_ipv4 = GetBoolean(retval);
CfOut(cf_verbose,"","SET force_ipv4 = %d\n",RUNATTR.copy.force_ipv4);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_trustkey].lval) == 0)
{
RUNATTR.copy.trustkey = GetBoolean(retval);
CfOut(cf_verbose,"","SET trustkey = %d\n",RUNATTR.copy.trustkey);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_encrypt].lval) == 0)
{
RUNATTR.copy.encrypt = GetBoolean(retval);
CfOut(cf_verbose,"","SET encrypt = %d\n",RUNATTR.copy.encrypt);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_portnumber].lval) == 0)
{
RUNATTR.copy.portnumber = (short)Str2Int(retval);
CfOut(cf_verbose,"","SET default portnumber = %u\n",(int)RUNATTR.copy.portnumber);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_background].lval) == 0)
{
/*
* Only process this option if are is no -b or -i options specified on
* command line.
*/
if (BACKGROUND || INTERACTIVE)
{
CfOut(cf_error, "", "Warning: 'background_children' setting from 'body runagent control' is overriden by command-line option.");
}
else
{
BACKGROUND = GetBoolean(retval);
}
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_maxchild].lval) == 0)
{
MAXCHILD = (short)Str2Int(retval);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_output_to_file].lval) == 0)
{
OUTPUT_TO_FILE = GetBoolean(retval);
continue;
}
/*
* HvB: add variabele output directory
*/
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_output_directory].lval) == 0)
{
if ( IsAbsPath(retval) )
{
strncpy(OUTPUT_DIRECTORY,retval,CF_BUFSIZE-1);
CfOut(cf_verbose,"","SET output direcory to = %s\n", OUTPUT_DIRECTORY);
}
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_timeout].lval) == 0)
{
RUNATTR.copy.timeout = (short)Str2Int(retval);
continue;
}
if (strcmp(cp->lval,CFR_CONTROLBODY[cfr_hosts].lval) == 0)
{
if (HOSTLIST == NULL) // Don't override if command line setting
{
HOSTLIST = retval;
}
continue;
}
}
}
void KeepControlPromises(Policy *policy)
{
Rval retval;
Rlist *rp;
Seq *constraints = ControlBodyConstraints(policy, AGENT_TYPE_AGENT);
if (constraints)
{
for (size_t i = 0; i < SeqLength(constraints); i++)
{
Constraint *cp = SeqAt(constraints, i);
if (IsExcluded(cp->classes, NULL))
{
continue;
}
if (GetVariable("control_common", cp->lval, &retval) != DATA_TYPE_NONE)
{
/* Already handled in generic_agent */
continue;
}
if (GetVariable("control_agent", cp->lval, &retval) == DATA_TYPE_NONE)
{
CfOut(cf_error, "", "Unknown lval %s in agent control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_maxconnections].lval) == 0)
{
CFA_MAXTHREADS = (int) Str2Int(retval.item);
CfOut(cf_verbose, "", "SET maxconnections = %d\n", CFA_MAXTHREADS);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_checksum_alert_time].lval) == 0)
{
CF_PERSISTENCE = (int) Str2Int(retval.item);
CfOut(cf_verbose, "", "SET checksum_alert_time = %d\n", CF_PERSISTENCE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_agentfacility].lval) == 0)
{
SetFacility(retval.item);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_agentaccess].lval) == 0)
{
ACCESSLIST = (Rlist *) retval.item;
CheckAgentAccess(ACCESSLIST, InputFiles(policy));
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_refresh_processes].lval) == 0)
{
Rlist *rp;
if (VERBOSE)
{
printf("%s> SET refresh_processes when starting: ", VPREFIX);
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
printf(" %s", (char *) rp->item);
PrependItem(&PROCESSREFRESH, rp->item, NULL);
}
printf("\n");
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_abortclasses].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Abort classes from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
char name[CF_MAXVARSIZE] = "";
strncpy(name, rp->item, CF_MAXVARSIZE - 1);
AddAbortClass(name, cp->classes);
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_abortbundleclasses].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Abort bundle classes from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
char name[CF_MAXVARSIZE] = "";
strncpy(name, rp->item, CF_MAXVARSIZE - 1);
if (!IsItemIn(ABORTBUNDLEHEAP, name))
{
AppendItem(&ABORTBUNDLEHEAP, name, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_addclasses].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "-> Add classes ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
CfOut(cf_verbose, "", " -> ... %s\n", ScalarValue(rp));
NewClass(rp->item, NULL);
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_auditing].lval) == 0)
{
CfOut(cf_verbose, "", "This option does nothing and is retained for compatibility reasons");
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_alwaysvalidate].lval) == 0)
{
ALWAYS_VALIDATE = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET alwaysvalidate = %d\n", ALWAYS_VALIDATE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_allclassesreport].lval) == 0)
{
ALLCLASSESREPORT = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET allclassesreport = %d\n", ALLCLASSESREPORT);
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_secureinput].lval) == 0)
{
CFPARANOID = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET secure input = %d\n", CFPARANOID);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_binarypaddingchar].lval) == 0)
{
CfOut(cf_verbose, "", "binarypaddingchar is obsolete and does nothing\n");
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_bindtointerface].lval) == 0)
{
strncpy(BINDINTERFACE, retval.item, CF_BUFSIZE - 1);
CfOut(cf_verbose, "", "SET bindtointerface = %s\n", BINDINTERFACE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_hashupdates].lval) == 0)
{
bool enabled = GetBoolean(retval.item);
SetChecksumUpdates(enabled);
CfOut(cf_verbose, "", "SET ChecksumUpdates %d\n", enabled);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_exclamation].lval) == 0)
{
CfOut(cf_verbose, "", "exclamation control is deprecated and does not do anything\n");
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_childlibpath].lval) == 0)
{
char output[CF_BUFSIZE];
snprintf(output, CF_BUFSIZE, "LD_LIBRARY_PATH=%s", (char *) retval.item);
if (putenv(xstrdup(output)) == 0)
{
CfOut(cf_verbose, "", "Setting %s\n", output);
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_defaultcopytype].lval) == 0)
{
DEFAULT_COPYTYPE = (char *) retval.item;
CfOut(cf_verbose, "", "SET defaultcopytype = %s\n", DEFAULT_COPYTYPE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_fsinglecopy].lval) == 0)
{
SINGLE_COPY_LIST = (Rlist *) retval.item;
CfOut(cf_verbose, "", "SET file single copy list\n");
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_fautodefine].lval) == 0)
{
SetFileAutoDefineList(ListRvalValue(retval));
CfOut(cf_verbose, "", "SET file auto define list\n");
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_dryrun].lval) == 0)
{
DONTDO = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET dryrun = %c\n", DONTDO);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_inform].lval) == 0)
{
INFORM = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET inform = %c\n", INFORM);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_verbose].lval) == 0)
{
VERBOSE = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET inform = %c\n", VERBOSE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_repository].lval) == 0)
{
SetRepositoryLocation(retval.item);
CfOut(cf_verbose, "", "SET repository = %s\n", ScalarRvalValue(retval));
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_skipidentify].lval) == 0)
{
bool enabled = GetBoolean(retval.item);
SetSkipIdentify(enabled);
CfOut(cf_verbose, "", "SET skipidentify = %d\n", (int) enabled);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_suspiciousnames].lval) == 0)
{
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
AddFilenameToListOfSuspicious(ScalarValue(rp));
CfOut(cf_verbose, "", "-> Considering %s as suspicious file", ScalarValue(rp));
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_repchar].lval) == 0)
{
char c = *(char *) retval.item;
SetRepositoryChar(c);
CfOut(cf_verbose, "", "SET repchar = %c\n", c);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_mountfilesystems].lval) == 0)
{
CF_MOUNTALL = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET mountfilesystems = %d\n", CF_MOUNTALL);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_editfilesize].lval) == 0)
{
EDITFILESIZE = Str2Int(retval.item);
CfOut(cf_verbose, "", "SET EDITFILESIZE = %d\n", EDITFILESIZE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_ifelapsed].lval) == 0)
{
VIFELAPSED = Str2Int(retval.item);
CfOut(cf_verbose, "", "SET ifelapsed = %d\n", VIFELAPSED);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_expireafter].lval) == 0)
{
VEXPIREAFTER = Str2Int(retval.item);
CfOut(cf_verbose, "", "SET ifelapsed = %d\n", VEXPIREAFTER);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_timeout].lval) == 0)
{
CONNTIMEOUT = Str2Int(retval.item);
CfOut(cf_verbose, "", "SET timeout = %jd\n", (intmax_t) CONNTIMEOUT);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_max_children].lval) == 0)
{
CFA_BACKGROUND_LIMIT = Str2Int(retval.item);
CfOut(cf_verbose, "", "SET MAX_CHILDREN = %d\n", CFA_BACKGROUND_LIMIT);
if (CFA_BACKGROUND_LIMIT > 10)
{
CfOut(cf_error, "", "Silly value for max_children in agent control promise (%d > 10)",
CFA_BACKGROUND_LIMIT);
CFA_BACKGROUND_LIMIT = 1;
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_syslog].lval) == 0)
{
CfOut(cf_verbose, "", "SET syslog = %d\n", GetBoolean(retval.item));
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_environment].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET environment variables from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (putenv(rp->item) != 0)
{
CfOut(cf_error, "putenv", "Failed to set environment variable %s", ScalarValue(rp));
}
}
continue;
}
}
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_lastseenexpireafter].lval, &retval) != DATA_TYPE_NONE)
{
LASTSEENEXPIREAFTER = Str2Int(retval.item) * 60;
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_fips_mode].lval, &retval) != DATA_TYPE_NONE)
{
FIPS_MODE = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET FIPS_MODE = %d\n", FIPS_MODE);
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_syslog_port].lval, &retval) != DATA_TYPE_NONE)
{
SetSyslogPort(Str2Int(retval.item));
CfOut(cf_verbose, "", "SET syslog_port to %s", ScalarRvalValue(retval));
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_syslog_host].lval, &retval) != DATA_TYPE_NONE)
{
SetSyslogHost(Hostname2IPString(retval.item));
CfOut(cf_verbose, "", "SET syslog_host to %s", Hostname2IPString(retval.item));
}
#ifdef HAVE_NOVA
Nova_Initialize();
#endif
}
static void KeepControlPromises(Policy *policy)
{
Rval retval;
RUNATTR.copy.trustkey = false;
RUNATTR.copy.encrypt = true;
RUNATTR.copy.force_ipv4 = false;
RUNATTR.copy.portnumber = SHORT_CFENGINEPORT;
/* Keep promised agent behaviour - control bodies */
Seq *constraints = ControlBodyConstraints(policy, AGENT_TYPE_RUNAGENT);
if (constraints)
{
for (size_t i = 0; i < SeqLength(constraints); i++)
{
Constraint *cp = SeqAt(constraints, i);
if (IsExcluded(cp->classes, NULL))
{
continue;
}
if (GetVariable("control_runagent", cp->lval, &retval) == DATA_TYPE_NONE)
{
CfOut(OUTPUT_LEVEL_ERROR, "", "Unknown lval %s in runagent control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_FORCE_IPV4].lval) == 0)
{
RUNATTR.copy.force_ipv4 = BooleanFromString(retval.item);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET force_ipv4 = %d\n", RUNATTR.copy.force_ipv4);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_TRUSTKEY].lval) == 0)
{
RUNATTR.copy.trustkey = BooleanFromString(retval.item);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET trustkey = %d\n", RUNATTR.copy.trustkey);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_ENCRYPT].lval) == 0)
{
RUNATTR.copy.encrypt = BooleanFromString(retval.item);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET encrypt = %d\n", RUNATTR.copy.encrypt);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_PORT_NUMBER].lval) == 0)
{
RUNATTR.copy.portnumber = (short) IntFromString(retval.item);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET default portnumber = %u\n", (int) RUNATTR.copy.portnumber);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_BACKGROUND].lval) == 0)
{
/*
* Only process this option if are is no -b or -i options specified on
* command line.
*/
if (BACKGROUND || INTERACTIVE)
{
CfOut(OUTPUT_LEVEL_ERROR, "",
"Warning: 'background_children' setting from 'body runagent control' is overriden by command-line option.");
}
else
{
BACKGROUND = BooleanFromString(retval.item);
}
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_MAX_CHILD].lval) == 0)
{
MAXCHILD = (short) IntFromString(retval.item);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_OUTPUT_TO_FILE].lval) == 0)
{
OUTPUT_TO_FILE = BooleanFromString(retval.item);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_OUTPUT_DIRECTORY].lval) == 0)
{
if (IsAbsPath(retval.item))
{
strncpy(OUTPUT_DIRECTORY, retval.item, CF_BUFSIZE - 1);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET output direcory to = %s\n", OUTPUT_DIRECTORY);
}
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_TIMEOUT].lval) == 0)
{
RUNATTR.copy.timeout = (short) IntFromString(retval.item);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[RUNAGENT_CONTROL_HOSTS].lval) == 0)
{
if (HOSTLIST == NULL) // Don't override if command line setting
{
HOSTLIST = retval.item;
}
continue;
}
}
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_lastseenexpireafter].lval, &retval) != DATA_TYPE_NONE)
{
LASTSEENEXPIREAFTER = IntFromString(retval.item) * 60;
}
}
void KeepControlPromises()
{ struct Constraint *cp;
char rettype;
void *retval;
struct Rlist *rp;
for (cp = ControlBodyConstraints(cf_agent); cp != NULL; cp=cp->next)
{
if (IsExcluded(cp->classes))
{
continue;
}
if (GetVariable("control_common",cp->lval,&retval,&rettype) != cf_notype)
{
/* Already handled in generic_agent */
continue;
}
if (GetVariable("control_agent",cp->lval,&retval,&rettype) == cf_notype)
{
CfOut(cf_error,"","Unknown lval %s in agent control body",cp->lval);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_maxconnections].lval) == 0)
{
CFA_MAXTHREADS = (int)Str2Int(retval);
CfOut(cf_verbose,"","SET maxconnections = %d\n",CFA_MAXTHREADS);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_checksum_alert_time].lval) == 0)
{
CF_PERSISTENCE = (int)Str2Int(retval);
CfOut(cf_verbose,"","SET checksum_alert_time = %d\n",CF_PERSISTENCE);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_agentfacility].lval) == 0)
{
SetFacility(retval);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_agentaccess].lval) == 0)
{
ACCESSLIST = (struct Rlist *) retval;
CheckAgentAccess(ACCESSLIST);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_refresh_processes].lval) == 0)
{
struct Rlist *rp;
if (VERBOSE)
{
printf("%s> SET refresh_processes when starting: ",VPREFIX);
for (rp = (struct Rlist *) retval; rp != NULL; rp = rp->next)
{
printf(" %s",(char *)rp->item);
PrependItem(&PROCESSREFRESH,rp->item,NULL);
}
printf("\n");
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_abortclasses].lval) == 0)
{
struct Rlist *rp;
CfOut(cf_verbose,"","SET Abort classes from ...\n");
for (rp = (struct Rlist *) retval; rp != NULL; rp = rp->next)
{
char name[CF_MAXVARSIZE] = "";
strncpy(name, rp->item, CF_MAXVARSIZE - 1);
CanonifyNameInPlace(name);
if (!IsItemIn(ABORTHEAP,name))
{
AppendItem(&ABORTHEAP,name,cp->classes);
}
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_abortbundleclasses].lval) == 0)
{
struct Rlist *rp;
CfOut(cf_verbose,"","SET Abort bundle classes from ...\n");
for (rp = (struct Rlist *) retval; rp != NULL; rp = rp->next)
{
char name[CF_MAXVARSIZE] = "";
strncpy(name, rp->item, CF_MAXVARSIZE - 1);
CanonifyNameInPlace(name);
if (!IsItemIn(ABORTBUNDLEHEAP,name))
{
AppendItem(&ABORTBUNDLEHEAP,name,cp->classes);
}
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_addclasses].lval) == 0)
{
struct Rlist *rp;
CfOut(cf_verbose,"","-> Add classes ...\n");
for (rp = (struct Rlist *) retval; rp != NULL; rp = rp->next)
{
CfOut(cf_verbose,""," -> ... %s\n",rp->item);
NewClass(rp->item);
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_auditing].lval) == 0)
{
AUDIT = GetBoolean(retval);
CfOut(cf_verbose,"","SET auditing = %d\n",AUDIT);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_alwaysvalidate].lval) == 0)
{
ALWAYS_VALIDATE = GetBoolean(retval);
CfOut(cf_verbose,"","SET alwaysvalidate = %d\n",ALWAYS_VALIDATE);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_secureinput].lval) == 0)
{
CFPARANOID = GetBoolean(retval);
CfOut(cf_verbose,"","SET secure input = %d\n",CFPARANOID);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_binarypaddingchar].lval) == 0)
{
PADCHAR = *(char *)retval;
CfOut(cf_verbose,"","SET binarypaddingchar = %c\n",PADCHAR);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_bindtointerface].lval) == 0)
{
strncpy(BINDINTERFACE,retval,CF_BUFSIZE-1);
CfOut(cf_verbose,"","SET bindtointerface = %s\n",BINDINTERFACE);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_hashupdates].lval) == 0)
{
CHECKSUMUPDATES = GetBoolean(retval);
CfOut(cf_verbose,"","SET ChecksumUpdates %d\n",CHECKSUMUPDATES);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_exclamation].lval) == 0)
{
EXCLAIM = GetBoolean(retval);
CfOut(cf_verbose,"","SET exclamation %d\n",EXCLAIM);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_childlibpath].lval) == 0)
{
char output[CF_BUFSIZE];
snprintf(output,CF_BUFSIZE,"LD_LIBRARY_PATH=%s",(char *)retval);
if (putenv(strdup(output)) == 0)
{
CfOut(cf_verbose,"","Setting %s\n",output);
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_defaultcopytype].lval) == 0)
{
DEFAULT_COPYTYPE = (char *)retval;
CfOut(cf_verbose,"","SET defaultcopytype = %c\n",DEFAULT_COPYTYPE);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_fsinglecopy].lval) == 0)
{
SINGLE_COPY_LIST = (struct Rlist *)retval;
CfOut(cf_verbose,"","SET file single copy list\n");
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_fautodefine].lval) == 0)
{
AUTO_DEFINE_LIST = (struct Rlist *)retval;
CfOut(cf_verbose,"","SET file auto define list\n");
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_dryrun].lval) == 0)
{
DONTDO = GetBoolean(retval);
CfOut(cf_verbose,"","SET dryrun = %c\n",DONTDO);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_inform].lval) == 0)
{
INFORM = GetBoolean(retval);
CfOut(cf_verbose,"","SET inform = %c\n",INFORM);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_verbose].lval) == 0)
{
VERBOSE = GetBoolean(retval);
CfOut(cf_verbose,"","SET inform = %c\n",VERBOSE);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_repository].lval) == 0)
{
VREPOSITORY = strdup(retval);
CfOut(cf_verbose,"","SET repository = %s\n",VREPOSITORY);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_skipidentify].lval) == 0)
{
SKIPIDENTIFY = GetBoolean(retval);
CfOut(cf_verbose,"","SET skipidentify = %d\n",SKIPIDENTIFY);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_suspiciousnames].lval) == 0)
{
for (rp = (struct Rlist *) retval; rp != NULL; rp = rp->next)
{
PrependItem(&SUSPICIOUSLIST,rp->item,NULL);
CfOut(cf_verbose,"", "-> Concidering %s as suspicious file", rp->item);
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_repchar].lval) == 0)
{
REPOSCHAR = *(char *)retval;
CfOut(cf_verbose,"","SET repchar = %c\n",REPOSCHAR);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_mountfilesystems].lval) == 0)
{
CF_MOUNTALL = GetBoolean(retval);
CfOut(cf_verbose,"","SET mountfilesystems = %d\n",CF_MOUNTALL);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_editfilesize].lval) == 0)
{
EDITFILESIZE = Str2Int(retval);
CfOut(cf_verbose,"","SET EDITFILESIZE = %d\n",EDITFILESIZE);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_ifelapsed].lval) == 0)
{
VIFELAPSED = Str2Int(retval);
CfOut(cf_verbose,"","SET ifelapsed = %d\n",VIFELAPSED);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_expireafter].lval) == 0)
{
VEXPIREAFTER = Str2Int(retval);
CfOut(cf_verbose,"","SET ifelapsed = %d\n",VEXPIREAFTER);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_timeout].lval) == 0)
{
CONNTIMEOUT = Str2Int(retval);
CfOut(cf_verbose,"","SET timeout = %d\n",CONNTIMEOUT);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_max_children].lval) == 0)
{
CFA_BACKGROUND_LIMIT = Str2Int(retval);
CfOut(cf_verbose,"","SET MAX_CHILDREN = %d\n",CFA_BACKGROUND_LIMIT);
if (CFA_BACKGROUND_LIMIT > 10)
{
CfOut(cf_error,"","Silly value for max_children in agent control promise (%d > 10)",CFA_BACKGROUND_LIMIT);
CFA_BACKGROUND_LIMIT = 1;
}
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_syslog].lval) == 0)
{
LOGGING = GetBoolean(retval);
CfOut(cf_verbose,"","SET syslog = %d\n",LOGGING);
continue;
}
if (strcmp(cp->lval,CFA_CONTROLBODY[cfa_environment].lval) == 0)
{
struct Rlist *rp;
CfOut(cf_verbose,"","SET environment variables from ...\n");
for (rp = (struct Rlist *) retval; rp != NULL; rp = rp->next)
{
if (putenv(rp->item) != 0)
{
CfOut(cf_error, "putenv", "Failed to set environment variable %s", rp->item);
}
}
continue;
}
}
if (GetVariable("control_common",CFG_CONTROLBODY[cfg_lastseenexpireafter].lval,&retval,&rettype) != cf_notype)
{
LASTSEENEXPIREAFTER = Str2Int(retval);
}
if (GetVariable("control_common",CFG_CONTROLBODY[cfg_fips_mode].lval,&retval,&rettype) != cf_notype)
{
FIPS_MODE = GetBoolean(retval);
CfOut(cf_verbose,"","SET FIPS_MODE = %d\n",FIPS_MODE);
}
if (GetVariable("control_common",CFG_CONTROLBODY[cfg_syslog_port].lval,&retval,&rettype) != cf_notype)
{
SYSLOGPORT = (unsigned short)Str2Int(retval);
CfOut(cf_verbose,"","SET syslog_port to %d",SYSLOGPORT);
}
if (GetVariable("control_common",CFG_CONTROLBODY[cfg_syslog_host].lval,&retval,&rettype) != cf_notype)
{
strncpy(SYSLOGHOST,Hostname2IPString(retval),CF_MAXVARSIZE-1);
CfOut(cf_verbose,"","SET syslog_host to %s",SYSLOGHOST);
}
#ifdef HAVE_NOVA
Nova_Initialize();
#endif
}
void KeepControlPromises()
{
Constraint *cp;
Rval retval;
CFD_MAXPROCESSES = 30;
MAXTRIES = 5;
CFD_INTERVAL = 0;
DENYBADCLOCKS = true;
CFRUNCOMMAND[0] = '\0';
SetChecksumUpdates(true);
/* Keep promised agent behaviour - control bodies */
Banner("Server control promises..");
HashControls();
/* Now expand */
for (cp = ControlBodyConstraints(cf_server); cp != NULL; cp = cp->next)
{
if (IsExcluded(cp->classes))
{
continue;
}
if (GetVariable("control_server", cp->lval, &retval) == cf_notype)
{
CfOut(cf_error, "", "Unknown lval %s in server control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_serverfacility].lval) == 0)
{
SetFacility(retval.item);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_denybadclocks].lval) == 0)
{
DENYBADCLOCKS = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET denybadclocks = %d\n", DENYBADCLOCKS);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_logencryptedtransfers].lval) == 0)
{
LOGENCRYPT = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET LOGENCRYPT = %d\n", LOGENCRYPT);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_logallconnections].lval) == 0)
{
LOGCONNS = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET LOGCONNS = %d\n", LOGCONNS);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_maxconnections].lval) == 0)
{
CFD_MAXPROCESSES = (int) Str2Int(retval.item);
MAXTRIES = CFD_MAXPROCESSES / 3;
CfOut(cf_verbose, "", "SET maxconnections = %d\n", CFD_MAXPROCESSES);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_cfruncommand].lval) == 0)
{
strncpy(CFRUNCOMMAND, retval.item, CF_BUFSIZE - 1);
CfOut(cf_verbose, "", "SET cfruncommand = %s\n", CFRUNCOMMAND);
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_allowconnects].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Allowing connections from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(NONATTACKERLIST, rp->item))
{
AppendItem(&NONATTACKERLIST, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_denyconnects].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Denying connections from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(ATTACKERLIST, rp->item))
{
AppendItem(&ATTACKERLIST, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_skipverify].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Skip verify connections from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(SKIPVERIFY, rp->item))
{
AppendItem(&SKIPVERIFY, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_dynamicaddresses].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Dynamic addresses from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(DHCPLIST, rp->item))
{
AppendItem(&DHCPLIST, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_allowallconnects].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Allowing multiple connections from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(MULTICONNLIST, rp->item))
{
AppendItem(&MULTICONNLIST, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_allowusers].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Allowing users ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(ALLOWUSERLIST, rp->item))
{
AppendItem(&ALLOWUSERLIST, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_trustkeysfrom].lval) == 0)
{
Rlist *rp;
CfOut(cf_verbose, "", "SET Trust keys from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(TRUSTKEYLIST, rp->item))
{
AppendItem(&TRUSTKEYLIST, rp->item, cp->classes);
}
}
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_portnumber].lval) == 0)
{
SHORT_CFENGINEPORT = (short) Str2Int(retval.item);
strncpy(STR_CFENGINEPORT, retval.item, 15);
CfOut(cf_verbose, "", "SET default portnumber = %u = %s = %s\n", (int) SHORT_CFENGINEPORT, STR_CFENGINEPORT,
ScalarRvalValue(retval));
SHORT_CFENGINEPORT = htons((short) Str2Int(retval.item));
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_keyttl].lval) == 0)
{
CfOut(cf_verbose, "", "Ignoring deprecated option keycacheTTL");
continue;
}
if (strcmp(cp->lval, CFS_CONTROLBODY[cfs_bindtointerface].lval) == 0)
{
strncpy(BINDINTERFACE, retval.item, CF_BUFSIZE - 1);
CfOut(cf_verbose, "", "SET bindtointerface = %s\n", BINDINTERFACE);
continue;
}
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_syslog_host].lval, &retval) != cf_notype)
{
SetSyslogHost(Hostname2IPString(retval.item));
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_syslog_port].lval, &retval) != cf_notype)
{
SetSyslogPort(Str2Int(retval.item));
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_fips_mode].lval, &retval) != cf_notype)
{
FIPS_MODE = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET FIPS_MODE = %d\n", FIPS_MODE);
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_lastseenexpireafter].lval, &retval) != cf_notype)
{
LASTSEENEXPIREAFTER = Str2Int(retval.item) * 60;
}
}
//______________________________________________________________________________
void TFractionFitter::ComputeFCN(Int_t& /*npar*/, Double_t* /*gin*/,
Double_t& f, Double_t* xx, Int_t flag)
{
// Used internally to compute the likelihood value.
// normalise the fit parameters
Int_t bin, mc;
Int_t minX, maxX, minY, maxY, minZ, maxZ;
Int_t x,y,z;
GetRanges(minX, maxX, minY, maxY, minZ, maxZ);
for (mc = 0; mc < fNpar; ++mc) {
Double_t tot;
TH1 *h = (TH1*)fMCs[mc];
TH1 *hw = (TH1*)fWeights[mc];
if (hw) {
tot = 0;
for (z = minZ; z <= maxZ; ++z) {
for (y = minY; y <= maxY; ++y) {
for (x = minX; x <= maxX; ++x) {
if (IsExcluded(fData->GetBin(x, y, z))) continue;
Double_t weight = hw->GetBinContent(x, y, z);
if (weight <= 0) {
Error("ComputeFCN","Invalid weight encountered for MC source %d",mc);
return;
}
tot += weight * h->GetBinContent(x, y, z);
}
}
}
} else tot = fIntegralMCs[mc];
fFractions[mc] = xx[mc] * fIntegralData / tot;
}
if (flag == 3) {
TString ts = "Fraction fit to hist: "; ts += fData->GetName();
fPlot = (TH1*) fData->Clone(ts.Data());
fPlot->Reset();
}
// likelihood computation
Double_t result = 0;
for (z = minZ; z <= maxZ; ++z) {
for (y = minY; y <= maxY; ++y) {
for (x = minX; x <= maxX; ++x) {
bin = fData->GetBin(x, y, z);
if (IsExcluded(bin)) continue;
// Solve for the "predictions"
int k0 = 0;
Double_t ti = 0.0; Double_t aki = 0.0;
FindPrediction(bin, ti, k0, aki);
Double_t prediction = 0;
for (mc = 0; mc < fNpar; ++mc) {
TH1 *h = (TH1*)fMCs[mc];
TH1 *hw = (TH1*)fWeights[mc];
Double_t binPrediction;
Double_t binContent = h->GetBinContent(bin);
Double_t weight = hw ? hw->GetBinContent(bin) : 1;
if (k0 >= 0 && fFractions[mc] == fFractions[k0]) {
binPrediction = aki;
} else {
binPrediction = binContent > 0 ? binContent / (1+weight*fFractions[mc]*ti) : 0;
}
prediction += fFractions[mc]*weight*binPrediction;
result -= binPrediction;
if (binContent > 0 && binPrediction > 0)
result += binContent*TMath::Log(binPrediction);
if (flag == 3) {
((TH1*)fAji.At(mc))->SetBinContent(bin, binPrediction);
}
}
if (flag == 3) {
fPlot->SetBinContent(bin, prediction);
}
result -= prediction;
Double_t found = fData->GetBinContent(bin);
if (found > 0 && prediction > 0)
result += found*TMath::Log(prediction);
}
}
}
f = -result;
}
void KeepControlPromises(Policy *policy)
{
Rval retval;
RUNATTR.copy.trustkey = false;
RUNATTR.copy.encrypt = true;
RUNATTR.copy.force_ipv4 = false;
RUNATTR.copy.portnumber = SHORT_CFENGINEPORT;
/* Keep promised agent behaviour - control bodies */
Seq *constraints = ControlBodyConstraints(policy, AGENT_TYPE_RUNAGENT);
if (constraints)
{
for (size_t i = 0; i < SeqLength(constraints); i++)
{
Constraint *cp = SeqAt(constraints, i);
if (IsExcluded(cp->classes, NULL))
{
continue;
}
if (GetVariable("control_runagent", cp->lval, &retval) == cf_notype)
{
CfOut(cf_error, "", "Unknown lval %s in runagent control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_force_ipv4].lval) == 0)
{
RUNATTR.copy.force_ipv4 = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET force_ipv4 = %d\n", RUNATTR.copy.force_ipv4);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_trustkey].lval) == 0)
{
RUNATTR.copy.trustkey = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET trustkey = %d\n", RUNATTR.copy.trustkey);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_encrypt].lval) == 0)
{
RUNATTR.copy.encrypt = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET encrypt = %d\n", RUNATTR.copy.encrypt);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_portnumber].lval) == 0)
{
RUNATTR.copy.portnumber = (short) Str2Int(retval.item);
CfOut(cf_verbose, "", "SET default portnumber = %u\n", (int) RUNATTR.copy.portnumber);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_background].lval) == 0)
{
/*
* Only process this option if are is no -b or -i options specified on
* command line.
*/
if (BACKGROUND || INTERACTIVE)
{
CfOut(cf_error, "",
"Warning: 'background_children' setting from 'body runagent control' is overriden by command-line option.");
}
else
{
BACKGROUND = GetBoolean(retval.item);
}
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_maxchild].lval) == 0)
{
MAXCHILD = (short) Str2Int(retval.item);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_output_to_file].lval) == 0)
{
OUTPUT_TO_FILE = GetBoolean(retval.item);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_output_directory].lval) == 0)
{
if (IsAbsPath(retval.item))
{
strncpy(OUTPUT_DIRECTORY, retval.item, CF_BUFSIZE - 1);
CfOut(cf_verbose, "", "SET output direcory to = %s\n", OUTPUT_DIRECTORY);
}
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_timeout].lval) == 0)
{
RUNATTR.copy.timeout = (short) Str2Int(retval.item);
continue;
}
if (strcmp(cp->lval, CFR_CONTROLBODY[cfr_hosts].lval) == 0)
{
if (HOSTLIST == NULL) // Don't override if command line setting
{
HOSTLIST = retval.item;
}
continue;
}
}
}
if (GetVariable("control_common", CFG_CONTROLBODY[cfg_lastseenexpireafter].lval, &retval) != cf_notype)
{
LASTSEENEXPIREAFTER = Str2Int(retval.item) * 60;
}
}
void SetDefaultRoute()
{ int sk, defaultokay = 1;
struct sockaddr_in sindst,singw;
char oldroute[INET_ADDRSTRLEN];
char routefmt[CF_MAXVARSIZE];
/* These OSes have these structs defined but use the route command */
# if defined DARWIN || defined FREEBSD || defined OPENBSD || defined SOLARIS
# undef HAVE_RTENTRY
# undef HAVE_ORTENTRY
# endif
# ifdef HAVE_ORTENTRY
struct ortentry route;
# else
# if HAVE_RTENTRY
struct rtentry route;
# endif
# endif
FILE *pp;
Verbose("Looking for a default route...\n");
if (!IsPrivileged())
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Only root can set a default route.");
CfLog(cfinform,OUTPUT,"");
return;
}
if (VDEFAULTROUTE == NULL)
{
Verbose("cfengine: No default route is defined. Ignoring the routing tables.\n");
return;
}
if ((pp = cfpopen(VNETSTAT[VSYSTEMHARDCLASS],"r")) == NULL)
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Failed to open pipe from %s\n",VNETSTAT[VSYSTEMHARDCLASS]);
CfLog(cferror,OUTPUT,"popen");
return;
}
while (!feof(pp))
{
ReadLine(VBUFF,CF_BUFSIZE,pp);
Debug("LINE: %s = %s?\n",VBUFF,VDEFAULTROUTE->name);
if ((strncmp(VBUFF,"default",7) == 0)||(strncmp(VBUFF,"0.0.0.0",7) == 0))
{
/* extract the default route */
/* format: default|0.0.0.0 <whitespace> route <whitespace> etc */
if ((sscanf(VBUFF, "%*[default0. ]%s%*[ ]", &oldroute)) == 1)
{
if ((strncmp(VDEFAULTROUTE->name, oldroute, INET_ADDRSTRLEN)) == 0)
{
Verbose("cfengine: default route is already set to %s\n",VDEFAULTROUTE->name);
defaultokay = 1;
break;
}
else
{
Verbose("cfengine: default route is set to %s, but should be %s.\n",oldroute,VDEFAULTROUTE->name);
defaultokay = 2;
break;
}
}
}
else
{
Debug("No default route is yet registered\n");
defaultokay = 0;
}
}
cfpclose(pp);
if (defaultokay == 1)
{
Verbose("Default route is set and agrees with conditional policy\n");
return;
}
if (defaultokay == 0)
{
AddMultipleClasses("no_default_route");
}
if (IsExcluded(VDEFAULTROUTE->classes))
{
Verbose("cfengine: No default route is applicable. Ignoring the routing tables.\n");
return;
}
CfLog(cferror,"The default route is incorrect, trying to correct\n","");
if ( strcmp(VROUTE[VSYSTEMHARDCLASS], "-") != 0 )
{
Debug ("Using route shell commands to set default route\n");
if (defaultokay == 2)
{
if (! DONTDO)
{
/* get the route command and the format for the delete argument */
snprintf(routefmt,CF_MAXVARSIZE,"%s %s",VROUTE[VSYSTEMHARDCLASS],VROUTEDELFMT[VSYSTEMHARDCLASS]);
snprintf(VBUFF,CF_MAXVARSIZE,routefmt,"default",VDEFAULTROUTE->name);
if (ShellCommandReturnsZero(VBUFF,false))
{
CfLog(cfinform,"Removing old default route","");
CfLog(cfinform,VBUFF,"");
}
else
{
CfLog(cferror,"Error removing route","");
}
}
}
if (! DONTDO)
{
snprintf(routefmt,CF_MAXVARSIZE,"%s %s",VROUTE[VSYSTEMHARDCLASS],VROUTEADDFMT[VSYSTEMHARDCLASS]);
snprintf(VBUFF,CF_MAXVARSIZE,routefmt,"default",VDEFAULTROUTE->name);
if (ShellCommandReturnsZero(VBUFF,false))
{
CfLog(cfinform,"Setting default route","");
CfLog(cfinform,VBUFF,"");
}
else
{
CfLog(cferror,"Error setting route","");
}
}
return;
}
else
{
#if defined HAVE_RTENTRY || defined HAVE_ORTENTRY
Debug ("Using route ioctl to set default route\n");
if ((sk = socket(AF_INET,SOCK_RAW,0)) == -1)
{
CfLog(cferror,"System class: ", CLASSTEXT[VSYSTEMHARDCLASS]);
CfLog(cferror,"","Error in SetDefaultRoute():");
perror("cfengine: socket");
}
else
{
sindst.sin_family = AF_INET;
singw.sin_family = AF_INET;
sindst.sin_addr.s_addr = INADDR_ANY;
singw.sin_addr.s_addr = inet_addr(VDEFAULTROUTE->name);
route.rt_dst = *(struct sockaddr *)&sindst; /* This disgusting method is necessary */
route.rt_gateway = *(struct sockaddr *)&singw;
route.rt_flags = RTF_GATEWAY;
if (! DONTDO)
{
if (ioctl(sk,SIOCADDRT, (caddr_t) &route) == -1) /* Get the device status flags */
{
CfLog(cferror,"Error setting route:","");
perror("cfengine: ioctl SIOCADDRT:");
}
else
{
CfLog(cferror,"Setting default route.\n","");
snprintf(OUTPUT,CF_BUFSIZE*2,"I'm setting it to %s\n",VDEFAULTROUTE->name);
CfLog(cferror,OUTPUT,"");
}
}
}
#else
/* Socket routing - don't really know how to do this yet */
Verbose("Sorry don't know how to do routing on this platform\n");
#endif
}
}
void KeepPromises(Policy *policy, ExecConfig *config)
{
for (Constraint *cp = ControlBodyConstraints(policy, cf_executor); cp != NULL; cp = cp->next)
{
if (IsExcluded(cp->classes, NULL))
{
continue;
}
Rval retval;
if (GetVariable("control_executor", cp->lval, &retval) == cf_notype)
{
CfOut(cf_error, "", "Unknown lval %s in exec control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_mailfrom].lval) == 0)
{
free(config->mail_from_address);
config->mail_from_address = SafeStringDuplicate(retval.item);
CfDebug("mailfrom = %s\n", config->mail_from_address);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_mailto].lval) == 0)
{
free(config->mail_to_address);
config->mail_to_address = SafeStringDuplicate(retval.item);
CfDebug("mailto = %s\n", config->mail_to_address);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_smtpserver].lval) == 0)
{
free(config->mail_server);
config->mail_server = SafeStringDuplicate(retval.item);
CfDebug("smtpserver = %s\n", config->mail_server);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_execcommand].lval) == 0)
{
free(config->exec_command);
config->exec_command = SafeStringDuplicate(retval.item);
CfDebug("exec_command = %s\n", config->exec_command);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_agent_expireafter].lval) == 0)
{
config->agent_expireafter = Str2Int(retval.item);
CfDebug("agent_expireafter = %d\n", config->agent_expireafter);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_executorfacility].lval) == 0)
{
SetFacility(retval.item);
continue;
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_mailmaxlines].lval) == 0)
{
config->mail_max_lines = Str2Int(retval.item);
CfDebug("maxlines = %d\n", config->mail_max_lines);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_splaytime].lval) == 0)
{
int time = Str2Int(ScalarRvalValue(retval));
SPLAYTIME = (int) (time * SECONDS_PER_MINUTE * GetSplay());
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_schedule].lval) == 0)
{
Rlist *rp;
CfDebug("schedule ...\n");
DeleteItemList(SCHEDULE);
SCHEDULE = NULL;
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
if (!IsItemIn(SCHEDULE, rp->item))
{
AppendItem(&SCHEDULE, rp->item, NULL);
}
}
}
}
}
static void KeepKnowControlPromises()
{
Constraint *cp;
Rval retval;
for (cp = ControlBodyConstraints(cf_know); cp != NULL; cp = cp->next)
{
if (IsExcluded(cp->classes))
{
continue;
}
if (GetVariable("control_knowledge", cp->lval, &retval) == cf_notype)
{
CfOut(cf_error, "", " !! Unknown lval %s in knowledge control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_tm_prefix].lval) == 0)
{
CfOut(cf_error, "", "The topic map prefix has been deprecated");
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_builddir].lval) == 0)
{
strncpy(BUILD_DIR, retval.item, CF_BUFSIZE);
if (strlen(MANDIR) < 2) /* MANDIR defaults to BUILDDIR */
{
strncpy(MANDIR, retval.item, CF_BUFSIZE);
}
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_sql_type].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_sql_database].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_sql_owner].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_sql_passwd].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_sql_server].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_sql_connect_db].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_query_engine].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_htmlbanner].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_htmlfooter].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_stylesheet].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_query_output].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_graph_output].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_views].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_genman].lval) == 0)
{
GENERATE_MANUAL = GetBoolean(retval.item);
CfOut(cf_verbose, "", "SET generate_manual = %d\n", GENERATE_MANUAL);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_mandir].lval) == 0)
{
strncpy(MANDIR, retval.item, CF_MAXVARSIZE);
CfOut(cf_verbose, "", "SET manual_source_directory = %s\n", MANDIR);
continue;
}
if (strcmp(cp->lval, CFK_CONTROLBODY[cfk_docroot].lval) == 0)
{
CfOut(cf_verbose, "", " -> Option %s has been deprecated in this release", cp->lval);
continue;
}
}
}
void DoEditHomeFiles(struct Edit *ptr)
{ DIR *dirh, *dirh2;
struct dirent *dirp, *dirp2;
char *sp,homedir[CF_BUFSIZE],dest[CF_BUFSIZE];
struct passwd *pw;
struct stat statbuf;
struct Item *ip;
uid_t uid;
if (!MountPathDefined())
{
CfLog(cfinform,"Mountpattern is undefined\n","");
return;
}
for (ip = VMOUNTLIST; ip != NULL; ip=ip->next)
{
if (IsExcluded(ip->classes))
{
continue;
}
if ((dirh = opendir(ip->name)) == NULL)
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Can't open directory %s\n",ip->name);
CfLog(cferror,OUTPUT,"opendir");
return;
}
for (dirp = readdir(dirh); dirp != NULL; dirp = readdir(dirh))
{
if (!SensibleFile(dirp->d_name,ip->name,NULL))
{
continue;
}
strcpy(homedir,ip->name);
AddSlash(homedir);
strcat(homedir,dirp->d_name);
if (! IsHomeDir(homedir))
{
continue;
}
if ((dirh2 = opendir(homedir)) == NULL)
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Can't open directory%s\n",homedir);
CfLog(cferror,OUTPUT,"opendir");
return;
}
for (dirp2 = readdir(dirh2); dirp2 != NULL; dirp2 = readdir(dirh2))
{
if (!SensibleFile(dirp2->d_name,homedir,NULL))
{
continue;
}
strcpy(dest,homedir);
AddSlash(dest);
strcat(dest,dirp2->d_name);
AddSlash(dest);
sp = ptr->fname + strlen("home/");
strcat(dest,sp);
if (stat(dest,&statbuf))
{
EditVerbose("File %s doesn't exist for editing, skipping\n",dest);
continue;
}
if ((pw = getpwnam(dirp2->d_name)) == NULL)
{
Debug2("cfengine: directory corresponds to no user %s - ignoring\n",dirp2->d_name);
continue;
}
else
{
Debug2("(Setting user id to %s)\n",dirp2->d_name);
}
uid = statbuf.st_uid;
WrapDoEditFile(ptr,dest);
chown(dest,uid,CF_SAME_OWNER);
}
closedir(dirh2);
}
closedir(dirh);
}
}
static void CheckControlPromises(char *scope,char *agent,struct Constraint *controllist)
{ struct Constraint *cp;
struct BodySyntax *bp = NULL;
struct Rlist *rp;
int i = 0;
struct Rval returnval;
char rettype;
void *retval;
Debug("CheckControlPromises(%s)\n",agent);
for (i = 0; CF_ALL_BODIES[i].bs != NULL; i++)
{
bp = CF_ALL_BODIES[i].bs;
if (strcmp(agent,CF_ALL_BODIES[i].btype) == 0)
{
break;
}
}
if (bp == NULL)
{
FatalError("Unknown agent");
}
for (cp = controllist; cp != NULL; cp=cp->next)
{
if (IsExcluded(cp->classes))
{
continue;
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_bundlesequence].lval) == 0)
{
returnval = ExpandPrivateRval(CONTEXTID,cp->rval,cp->type);
}
else
{
returnval = EvaluateFinalRval(CONTEXTID,cp->rval,cp->type,true,NULL);
}
DeleteVariable(scope,cp->lval);
if (!AddVariableHash(scope,cp->lval,returnval.item,returnval.rtype,GetControlDatatype(cp->lval,bp),cp->audit->filename,cp->lineno))
{
CfOut(cf_error,""," !! Rule from %s at/before line %d\n",cp->audit->filename,cp->lineno);
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_output_prefix].lval) == 0)
{
strncpy(VPREFIX,returnval.item,CF_MAXVARSIZE);
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_domain].lval) == 0)
{
strcpy(VDOMAIN,cp->rval);
CfOut(cf_verbose,"","SET domain = %s\n",VDOMAIN);
DeleteScalar("sys","domain");
DeleteScalar("sys","fqhost");
snprintf(VFQNAME,CF_MAXVARSIZE,"%s.%s",VUQNAME,VDOMAIN);
NewScalar("sys","fqhost",VFQNAME,cf_str);
NewScalar("sys","domain",VDOMAIN,cf_str);
DeleteClass("undefined_domain");
NewClass(VDOMAIN);
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_ignore_missing_inputs].lval) == 0)
{
CfOut(cf_verbose,"","SET ignore_missing_inputs %s\n",cp->rval);
IGNORE_MISSING_INPUTS = GetBoolean(cp->rval);
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_ignore_missing_bundles].lval) == 0)
{
CfOut(cf_verbose,"","SET ignore_missing_bundles %s\n",cp->rval);
IGNORE_MISSING_BUNDLES = GetBoolean(cp->rval);
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_goalpatterns].lval) == 0)
{
GOALS = NULL;
for (rp = (struct Rlist *)returnval.item; rp != NULL; rp=rp->next)
{
PrependRScalar(&GOALS,rp->item,CF_SCALAR);
}
CfOut(cf_verbose,"","SET goal_patterns list\n");
continue;
}
if (strcmp(cp->lval,CFG_CONTROLBODY[cfg_goalcategories].lval) == 0)
{
GOALCATEGORIES = NULL;
for (rp = (struct Rlist *)returnval.item; rp != NULL; rp=rp->next)
{
PrependRScalar(&GOALCATEGORIES,rp->item,CF_SCALAR);
}
CfOut(cf_verbose,"","SET goal_categories list\n");
continue;
}
DeleteRvalItem(returnval.item,returnval.rtype);
}
}
void KeepPromises(Policy *policy, ExecConfig *config)
{
bool schedule_is_specified = false;
Seq *constraints = ControlBodyConstraints(policy, AGENT_TYPE_EXECUTOR);
if (constraints)
{
for (size_t i = 0; i < SeqLength(constraints); i++)
{
Constraint *cp = SeqAt(constraints, i);
if (IsExcluded(cp->classes, NULL))
{
continue;
}
Rval retval;
if (GetVariable("control_executor", cp->lval, &retval) == DATA_TYPE_NONE)
{
CfOut(OUTPUT_LEVEL_ERROR, "", "Unknown lval %s in exec control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_mailfrom].lval) == 0)
{
free(config->mail_from_address);
config->mail_from_address = SafeStringDuplicate(retval.item);
CfDebug("mailfrom = %s\n", config->mail_from_address);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_mailto].lval) == 0)
{
free(config->mail_to_address);
config->mail_to_address = SafeStringDuplicate(retval.item);
CfDebug("mailto = %s\n", config->mail_to_address);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_smtpserver].lval) == 0)
{
free(config->mail_server);
config->mail_server = SafeStringDuplicate(retval.item);
CfDebug("smtpserver = %s\n", config->mail_server);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_execcommand].lval) == 0)
{
free(config->exec_command);
config->exec_command = SafeStringDuplicate(retval.item);
CfDebug("exec_command = %s\n", config->exec_command);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_agent_expireafter].lval) == 0)
{
config->agent_expireafter = IntFromString(retval.item);
CfDebug("agent_expireafter = %d\n", config->agent_expireafter);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_executorfacility].lval) == 0)
{
SetFacility(retval.item);
continue;
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_mailmaxlines].lval) == 0)
{
config->mail_max_lines = IntFromString(retval.item);
CfDebug("maxlines = %d\n", config->mail_max_lines);
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_splaytime].lval) == 0)
{
int time = IntFromString(RvalScalarValue(retval));
SPLAYTIME = (int) (time * SECONDS_PER_MINUTE * GetSplay());
}
if (strcmp(cp->lval, CFEX_CONTROLBODY[cfex_schedule].lval) == 0)
{
CfDebug("Loading user-defined schedule...\n");
DeleteItemList(SCHEDULE);
SCHEDULE = NULL;
schedule_is_specified = true;
for (const Rlist *rp = retval.item; rp; rp = rp->next)
{
if (!IsItemIn(SCHEDULE, rp->item))
{
AppendItem(&SCHEDULE, rp->item, NULL);
}
}
}
}
}
if (!schedule_is_specified)
{
LoadDefaultSchedule();
}
}
//______________________________________________________________________________
void TFractionFitter::CheckConsistency() {
// Function used internally to check the consistency between the
// various histograms. Checks are performed on nonexistent or empty
// histograms, the precise histogram class, and the number of bins.
// In addition, integrals over the "allowed" bin ranges are computed.
// Any inconsistency results in a error.
if (! fData) {
Error("CheckConsistency","Nonexistent data histogram");
return;
}
Int_t minX, maxX, minY, maxY, minZ, maxZ;
Int_t x,y,z,par;
GetRanges(minX, maxX, minY, maxY, minZ, maxZ);
fIntegralData = 0;
fNpfits = 0;
for (z = minZ; z <= maxZ; ++z) {
for (y = minY; y <= maxY; ++y) {
for (x = minX; x <= maxX; ++x) {
if (IsExcluded(fData->GetBin(x, y, z))) continue;
fNpfits++;
fIntegralData += fData->GetBinContent(x, y, z);
}
}
}
if (fIntegralData <= 0) {
Error("CheckConsistency","Empty data histogram");
return;
}
TClass* cl = fData->Class();
fNDF = fNpfits - fNpar;
if (fNpar < 2) {
Error("CheckConsistency","Need at least two MC histograms");
return;
}
for (par = 0; par < fNpar; ++par) {
TH1 *h = (TH1*)fMCs.At(par);
if (! h) {
Error("CheckConsistency","Nonexistent MC histogram for source #%d",par);
return;
}
if ((! h->Class()->InheritsFrom(cl)) || h->GetNbinsX() != fData->GetNbinsX() ||
(fData->GetDimension() > 1 && h->GetNbinsY() != fData->GetNbinsY()) ||
(fData->GetDimension() > 2 && h->GetNbinsZ() != fData->GetNbinsZ())) {
Error("CheckConsistency","Histogram inconsistency for source #%d",par);
return;
}
fIntegralMCs[par] = 0;
for (z = minZ; z <= maxZ; ++z) {
for (y = minY; y <= maxY; ++y) {
for (x = minX; x <= maxX; ++x) {
Int_t bin = fData->GetBin(x, y, z);
if (IsExcluded(bin)) continue;
Double_t MCEvents = h->GetBinContent(bin);
if (MCEvents < 0) {
Error("CheckConsistency", "Number of MC events (bin = %d, par = %d) cannot be negative: "
" their distribution is binomial (see paper)", bin, par);
}
fIntegralMCs[par] += MCEvents;
}
}
}
if (fIntegralMCs[par] <= 0) {
Error("CheckConsistency","Empty MC histogram #%d",par);
}
}
}
