static void KeepHardClasses()
{
char name[CF_BUFSIZE];
if (name != NULL)
{
snprintf(name, sizeof(name), "%s%cpolicy_server.dat", CFWORKDIR, FILE_SEPARATOR);
FILE *fp = fopen(name, "r");
if (fp != NULL)
{
fclose(fp);
snprintf(name, sizeof(name), "%s/state/am_policy_hub", CFWORKDIR);
MapName(name);
struct stat sb;
if (stat(name, &sb) != -1)
{
HardClass("am_policy_hub");
}
}
}
#if defined HAVE_NOVA
HardClass("nova_edition");
HardClass("enterprise_edition");
#else
HardClass("community_edition");
#endif
}
static void GetMacAddress(AgentType ag, int fd, struct ifreq *ifr, struct ifreq *ifp, Rlist **interfaces,
Rlist **hardware)
{
char name[CF_MAXVARSIZE];
if ((ag != AGENT_TYPE_KNOW) && (ag != AGENT_TYPE_GENDOC))
{
snprintf(name, CF_MAXVARSIZE, "hardware_mac[%s]", ifp->ifr_name);
}
else
{
snprintf(name, CF_MAXVARSIZE, "hardware_mac[interface_name]");
}
# if defined(SIOCGIFHWADDR) && defined(HAVE_STRUCT_IFREQ_IFR_HWADDR)
char hw_mac[CF_MAXVARSIZE];
ioctl(fd, SIOCGIFHWADDR, ifr);
snprintf(hw_mac, CF_MAXVARSIZE - 1, "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",
(unsigned char) ifr->ifr_hwaddr.sa_data[0],
(unsigned char) ifr->ifr_hwaddr.sa_data[1],
(unsigned char) ifr->ifr_hwaddr.sa_data[2],
(unsigned char) ifr->ifr_hwaddr.sa_data[3],
(unsigned char) ifr->ifr_hwaddr.sa_data[4], (unsigned char) ifr->ifr_hwaddr.sa_data[5]);
NewScalar("sys", name, hw_mac, DATA_TYPE_STRING);
RlistAppend(hardware, hw_mac, RVAL_TYPE_SCALAR);
RlistAppend(interfaces, ifp->ifr_name, RVAL_TYPE_SCALAR);
snprintf(name, CF_MAXVARSIZE, "mac_%s", CanonifyName(hw_mac));
HardClass(name);
# else
NewScalar("sys", name, "mac_unknown", DATA_TYPE_STRING);
HardClass("mac_unknown");
# endif
}
static bool ScheduleRun(Policy **policy, GenericAgentConfig *config, ExecConfig *exec_config, const ReportContext *report_context)
{
Item *ip;
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Sleeping...\n");
sleep(CFPULSETIME); /* 1 Minute resolution is enough */
// recheck license (in case of license updates or expiry)
if (EnterpriseExpiry())
{
CfOut(OUTPUT_LEVEL_ERROR, "", "Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
exit(1);
}
/*
* FIXME: this logic duplicates the one from cf-serverd.c. Unify ASAP.
*/
if (CheckNewPromises(config->input_file, InputFiles(*policy), report_context) == RELOAD_FULL)
{
/* Full reload */
CfOut(OUTPUT_LEVEL_INFORM, "", "Re-reading promise file %s..\n", config->input_file);
DeleteAlphaList(&VHEAP);
InitAlphaList(&VHEAP);
DeleteAlphaList(&VHARDHEAP);
InitAlphaList(&VHARDHEAP);
DeleteAlphaList(&VADDCLASSES);
InitAlphaList(&VADDCLASSES);
DeleteItemList(IPADDRESSES);
IPADDRESSES = NULL;
DeleteItemList(VNEGHEAP);
DeleteAllScope();
strcpy(VDOMAIN, "undefinded.domain");
POLICY_SERVER[0] = '\0';
VNEGHEAP = NULL;
PolicyDestroy(*policy);
*policy = NULL;
ERRORCOUNT = 0;
NewScope("sys");
SetPolicyServer(POLICY_SERVER);
NewScalar("sys", "policy_hub", POLICY_SERVER, DATA_TYPE_STRING);
NewScope("const");
NewScope("this");
NewScope("mon");
NewScope("control_server");
NewScope("control_common");
NewScope("remote_access");
GetNameInfo3();
GetInterfacesInfo(AGENT_TYPE_EXECUTOR);
Get3Environment();
BuiltinClasses();
OSClasses();
HardClass(CF_AGENTTYPES[THIS_AGENT_TYPE]);
SetReferenceTime(true);
GenericAgentConfigSetBundleSequence(config, NULL);
*policy = GenericAgentLoadPolicy(AGENT_TYPE_EXECUTOR, config, report_context);
KeepPromises(*policy, exec_config);
}
else
{
/* Environment reload */
DeleteAlphaList(&VHEAP);
InitAlphaList(&VHEAP);
DeleteAlphaList(&VADDCLASSES);
InitAlphaList(&VADDCLASSES);
DeleteAlphaList(&VHARDHEAP);
InitAlphaList(&VHARDHEAP);
DeleteItemList(IPADDRESSES);
IPADDRESSES = NULL;
DeleteScope("this");
DeleteScope("mon");
DeleteScope("sys");
NewScope("this");
NewScope("mon");
NewScope("sys");
GetInterfacesInfo(AGENT_TYPE_EXECUTOR);
Get3Environment();
BuiltinClasses();
OSClasses();
SetReferenceTime(true);
}
for (ip = SCHEDULE; ip != NULL; ip = ip->next)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Checking schedule %s...\n", ip->name);
if (IsDefinedClass(ip->name, NULL))
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Waking up the agent at %s ~ %s \n", cf_ctime(&CFSTARTTIME), ip->name);
return true;
}
}
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Nothing to do at %s\n", cf_ctime(&CFSTARTTIME));
return false;
}
int main(int argc, char *argv[])
{
GenericAgentConfig *config = CheckOpts(argc, argv);
ReportContext *report_context = OpenReports(config->agent_type);
GenericAgentDiscoverContext(config, report_context);
Policy *policy = NULL;
if (GenericAgentCheckPolicy(config, report_context, false))
{
policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
}
else if (config->tty_interactive)
{
FatalError("CFEngine was not able to get confirmation of promises from cf-promises, please verify input file\n");
}
else
{
CfOut(OUTPUT_LEVEL_ERROR, "", "CFEngine was not able to get confirmation of promises from cf-promises, so going to failsafe\n");
HardClass("failsafe_fallback");
GenericAgentConfigSetInputFile(config, "failsafe.cf");
policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
}
CheckLicenses();
ThisAgentInit();
ExecConfig exec_config = {
.scheduled_run = !ONCE,
.exec_command = SafeStringDuplicate(""),
.mail_server = SafeStringDuplicate(""),
.mail_from_address = SafeStringDuplicate(""),
.mail_to_address = SafeStringDuplicate(""),
.mail_max_lines = 30,
.fq_name = VFQNAME,
.ip_address = VIPADDRESS,
.agent_expireafter = 10080,
};
KeepPromises(policy, &exec_config);
#ifdef __MINGW32__
if (WINSERVICE)
{
NovaWin_StartExecService();
}
else
#endif /* __MINGW32__ */
{
StartServer(policy, config, &exec_config, report_context);
}
ReportContextDestroy(report_context);
GenericAgentConfigDestroy(config);
return 0;
}
/*****************************************************************************/
/* Level 1 */
/*****************************************************************************/
static GenericAgentConfig *CheckOpts(int argc, char **argv)
{
extern char *optarg;
int optindex = 0;
int c;
char ld_library_path[CF_BUFSIZE];
GenericAgentConfig *config = GenericAgentConfigNewDefault(AGENT_TYPE_EXECUTOR);
while ((c = getopt_long(argc, argv, "dvnKIf:D:N:VxL:hFOV1gMW", OPTIONS, &optindex)) != EOF)
{
switch ((char) c)
{
case 'f':
if (optarg && strlen(optarg) < 5)
{
FatalError(" -f used but argument \"%s\" incorrect", optarg);
}
GenericAgentConfigSetInputFile(config, optarg);
MINUSF = true;
break;
case 'd':
HardClass("opt_debug");
DEBUG = true;
break;
case 'K':
IGNORELOCK = true;
break;
case 'D':
NewClassesFromString(optarg);
break;
case 'N':
NegateClassesFromString(optarg);
break;
case 'I':
INFORM = true;
break;
case 'v':
VERBOSE = true;
NO_FORK = true;
break;
case 'n':
DONTDO = true;
IGNORELOCK = true;
HardClass("opt_dry_run");
break;
case 'L':
snprintf(ld_library_path, CF_BUFSIZE - 1, "LD_LIBRARY_PATH=%s", optarg);
if (putenv(xstrdup(ld_library_path)) != 0)
{
}
break;
case 'W':
WINSERVICE = false;
break;
case 'F':
NO_FORK = true;
break;
case 'O':
ONCE = true;
break;
case 'V':
PrintVersionBanner("cf-execd");
exit(0);
case 'h':
Syntax("cf-execd - cfengine's execution agent", OPTIONS, HINTS, ID);
exit(0);
case 'M':
ManPage("cf-execd - cfengine's execution agent", OPTIONS, HINTS, ID);
exit(0);
case 'x':
CfOut(OUTPUT_LEVEL_ERROR, "", "Self-diagnostic functionality is retired.");
exit(0);
default:
Syntax("cf-execd - cfengine's execution agent", OPTIONS, HINTS, ID);
exit(1);
}
}
if (argv[optind] != NULL)
{
CfOut(OUTPUT_LEVEL_ERROR, "", "Unexpected argument with no preceding option: %s\n", argv[optind]);
}
return config;
}
/*****************************************************************************/
static void LoadDefaultSchedule(void)
{
CfDebug("Loading default schedule...\n");
DeleteItemList(SCHEDULE);
SCHEDULE = NULL;
AppendItem(&SCHEDULE, "Min00", NULL);
AppendItem(&SCHEDULE, "Min05", NULL);
AppendItem(&SCHEDULE, "Min10", NULL);
AppendItem(&SCHEDULE, "Min15", NULL);
AppendItem(&SCHEDULE, "Min20", NULL);
AppendItem(&SCHEDULE, "Min25", NULL);
AppendItem(&SCHEDULE, "Min30", NULL);
AppendItem(&SCHEDULE, "Min35", NULL);
AppendItem(&SCHEDULE, "Min40", NULL);
AppendItem(&SCHEDULE, "Min45", NULL);
AppendItem(&SCHEDULE, "Min50", NULL);
AppendItem(&SCHEDULE, "Min55", NULL);
}
static GenericAgentConfig *CheckOpts(int argc, char **argv)
{
extern char *optarg;
int optindex = 0;
int c;
GenericAgentConfig *config = GenericAgentConfigNewDefault(AGENT_TYPE_RUNAGENT);
DEFINECLASSES[0] = '\0';
SENDCLASSES[0] = '\0';
while ((c = getopt_long(argc, argv, "t:q:db:vnKhIif:D:VSxo:s:MH:", OPTIONS, &optindex)) != EOF)
{
switch ((char) c)
{
case 'f':
GenericAgentConfigSetInputFile(config, optarg);
MINUSF = true;
break;
case 'b':
BACKGROUND = true;
if (optarg)
{
MAXCHILD = atoi(optarg);
}
break;
case 'd':
HardClass("opt_debug");
DEBUG = true;
break;
case 'q':
if (optarg == NULL)
{
strcpy(MENU, "delta");
}
else
{
strncpy(MENU, optarg, CF_MAXVARSIZE);
}
break;
case 'K':
IGNORELOCK = true;
break;
case 's':
strncpy(SENDCLASSES, optarg, CF_MAXVARSIZE);
if (strlen(optarg) > CF_MAXVARSIZE)
{
FatalError("Argument too long\n");
}
break;
case 'D':
strncpy(DEFINECLASSES, optarg, CF_MAXVARSIZE);
if (strlen(optarg) > CF_MAXVARSIZE)
{
FatalError("Argument too long\n");
}
break;
case 'H':
HOSTLIST = SplitStringAsRList(optarg, ',');
break;
case 'o':
strncpy(REMOTE_AGENT_OPTIONS, optarg, CF_MAXVARSIZE);
break;
case 'I':
INFORM = true;
break;
case 'i':
INTERACTIVE = true;
break;
case 'v':
VERBOSE = true;
break;
case 'n':
DONTDO = true;
IGNORELOCK = true;
HardClass("opt_dry_run");
break;
case 't':
CONNTIMEOUT = atoi(optarg);
break;
case 'V':
PrintVersionBanner("cf-runagent");
exit(0);
case 'h':
Syntax("cf-runagent - Run agent", OPTIONS, HINTS, ID);
exit(0);
case 'M':
ManPage("cf-runagent - Run agent", OPTIONS, HINTS, ID);
exit(0);
case 'x':
SelfDiagnostic();
exit(0);
default:
Syntax("cf-runagent - Run agent", OPTIONS, HINTS, ID);
exit(1);
}
}
CfDebug("Set debugging\n");
return config;
}
void CheckAutoBootstrap()
{
struct stat sb;
char name[CF_BUFSIZE];
int repaired = false, have_policy = false, am_appliance = false;
CfOut(cf_cmdout, "", "** CFEngine BOOTSTRAP probe initiated");
PrintVersionBanner("CFEngine");
printf("\n");
printf(" -> This host is: %s\n", VSYSNAME.nodename);
printf(" -> Operating System Type is %s\n", VSYSNAME.sysname);
printf(" -> Operating System Release is %s\n", VSYSNAME.release);
printf(" -> Architecture = %s\n", VSYSNAME.machine);
printf(" -> Internal soft-class is %s\n", CLASSTEXT[VSYSTEMHARDCLASS]);
if (!BootstrapAllowed())
{
FatalError(" !! Not enough privileges to bootstrap CFEngine");
}
snprintf(name, CF_BUFSIZE - 1, "%s/inputs/failsafe.cf", CFWORKDIR);
MapName(name);
if (cfstat(name, &sb) == -1)
{
CreateFailSafe(name);
repaired = true;
}
snprintf(name, CF_BUFSIZE - 1, "%s/inputs/promises.cf", CFWORKDIR);
MapName(name);
if (cfstat(name, &sb) == -1)
{
CfOut(cf_cmdout, "", " -> No previous policy has been cached on this host");
}
else
{
CfOut(cf_cmdout, "", " -> An existing policy was cached on this host in %s/inputs", CFWORKDIR);
have_policy = true;
}
if (strlen(POLICY_SERVER) > 0)
{
CfOut(cf_cmdout, "", " -> Assuming the policy distribution point at: %s:/var/cfengine/masterfiles\n",
POLICY_SERVER);
}
else
{
if (have_policy)
{
CfOut(cf_cmdout, "",
" -> No policy distribution host was discovered - it might be contained in the existing policy, otherwise this will function autonomously\n");
}
else if (repaired)
{
CfOut(cf_cmdout, "", " -> No policy distribution host was defined - use --policy-server to set one\n");
}
}
printf(" -> Attempting to initiate promised autonomous services...\n\n");
am_appliance = IsDefinedClass(CanonifyName(POLICY_SERVER), NULL);
snprintf(name, CF_MAXVARSIZE, "ipv4_%s", CanonifyName(POLICY_SERVER));
am_appliance |= IsDefinedClass(name, NULL);
if (strlen(POLICY_SERVER) == 0)
{
am_appliance = false;
}
snprintf(name, sizeof(name), "%s/state/am_policy_hub", CFWORKDIR);
MapName(name);
if (am_appliance)
{
HardClass("am_policy_hub");
printf
(" ** This host recognizes itself as a CFEngine Policy Hub, with policy distribution and knowledge base.\n");
printf
(" -> The system is now converging. Full initialisation and self-analysis could take up to 30 minutes\n\n");
creat(name, 0600);
}
else
{
unlink(name);
}
}
static void FindV6InterfacesInfo(void)
{
FILE *pp = NULL;
char buffer[CF_BUFSIZE];
/* Whatever the manuals might say, you cannot get IPV6
interface configuration from the ioctls. This seems
to be implemented in a non standard way across OSes
BSDi has done getifaddrs(), solaris 8 has a new ioctl, Stevens
book shows the suggestion which has not been implemented...
*/
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Trying to locate my IPv6 address\n");
#if defined(__CYGWIN__)
/* NT cannot do this */
return;
#elif defined(__hpux)
if ((pp = cf_popen("/usr/sbin/ifconfig -a", "r")) == NULL)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Could not find interface info\n");
return;
}
#elif defined(_AIX)
if ((pp = cf_popen("/etc/ifconfig -a", "r")) == NULL)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Could not find interface info\n");
return;
}
#else
if ((pp = cf_popen("/sbin/ifconfig -a", "r")) == NULL)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Could not find interface info\n");
return;
}
#endif
/* Don't know the output format of ifconfig on all these .. hope for the best*/
while (!feof(pp))
{
buffer[0] = '\0';
if (fgets(buffer, CF_BUFSIZE, pp) == NULL)
{
if (strlen(buffer))
{
UnexpectedError("Failed to read line from stream");
}
}
if (ferror(pp)) /* abortable */
{
break;
}
if (strcasestr(buffer, "inet6"))
{
Item *ip, *list = NULL;
char *sp;
list = SplitStringAsItemList(buffer, ' ');
for (ip = list; ip != NULL; ip = ip->next)
{
for (sp = ip->name; *sp != '\0'; sp++)
{
if (*sp == '/') /* Remove CIDR mask */
{
*sp = '\0';
}
}
if ((IsIPV6Address(ip->name)) && ((strcmp(ip->name, "::1") != 0)))
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Found IPv6 address %s\n", ip->name);
AppendItem(&IPADDRESSES, ip->name, "");
HardClass(ip->name);
}
}
DeleteItemList(list);
}
}
cf_pclose(pp);
}
void GetInterfacesInfo(AgentType ag)
{
int fd, len, i, j, first_address = false, ipdefault = false;
struct ifreq ifbuf[CF_IFREQ], ifr, *ifp;
struct ifconf list;
struct sockaddr_in *sin;
struct hostent *hp;
char *sp, workbuf[CF_BUFSIZE];
char ip[CF_MAXVARSIZE];
char name[CF_MAXVARSIZE];
char last_name[CF_BUFSIZE];
Rlist *interfaces = NULL, *hardware = NULL, *ips = NULL;
CfDebug("GetInterfacesInfo()\n");
// Long-running processes may call this many times
DeleteItemList(IPADDRESSES);
IPADDRESSES = NULL;
memset(ifbuf, 0, sizeof(ifbuf));
InitIgnoreInterfaces();
last_name[0] = '\0';
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
{
CfOut(OUTPUT_LEVEL_ERROR, "socket", "Couldn't open socket");
exit(1);
}
list.ifc_len = sizeof(ifbuf);
list.ifc_req = ifbuf;
# ifdef SIOCGIFCONF
if (ioctl(fd, SIOCGIFCONF, &list) == -1 || (list.ifc_len < (sizeof(struct ifreq))))
# else
if ((ioctl(fd, OSIOCGIFCONF, &list) == -1) || (list.ifc_len < (sizeof(struct ifreq))))
# endif
{
CfOut(OUTPUT_LEVEL_ERROR, "ioctl", "Couldn't get interfaces - old kernel? Try setting CF_IFREQ to 1024");
exit(1);
}
last_name[0] = '\0';
for (j = 0, len = 0, ifp = list.ifc_req; len < list.ifc_len;
len += SIZEOF_IFREQ(*ifp), j++, ifp = (struct ifreq *) ((char *) ifp + SIZEOF_IFREQ(*ifp)))
{
if (ifp->ifr_addr.sa_family == 0)
{
continue;
}
if ((ifp->ifr_name == NULL) || (strlen(ifp->ifr_name) == 0))
{
continue;
}
/* Skip virtual network interfaces for Linux, which seems to be a problem */
if (IgnoreInterface(ifp->ifr_name))
{
continue;
}
if (strstr(ifp->ifr_name, ":"))
{
#ifdef __linux__
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Skipping apparent virtual interface %d: %s\n", j + 1, ifp->ifr_name);
continue;
#endif
}
else
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Interface %d: %s\n", j + 1, ifp->ifr_name);
}
// Ignore the loopback
if (strcmp(ifp->ifr_name, "lo") == 0)
{
continue;
}
if (strncmp(last_name, ifp->ifr_name, sizeof(ifp->ifr_name)) == 0)
{
first_address = false;
}
else
{
strncpy(last_name, ifp->ifr_name, sizeof(ifp->ifr_name));
if (!first_address)
{
NewScalar("sys", "interface", last_name, DATA_TYPE_STRING);
first_address = true;
}
}
snprintf(workbuf, CF_BUFSIZE, "net_iface_%s", CanonifyName(ifp->ifr_name));
HardClass(workbuf);
if (ifp->ifr_addr.sa_family == AF_INET)
{
strncpy(ifr.ifr_name, ifp->ifr_name, sizeof(ifp->ifr_name));
if (ioctl(fd, SIOCGIFFLAGS, &ifr) == -1)
{
CfOut(OUTPUT_LEVEL_ERROR, "ioctl", "No such network device");
continue;
}
if ((ifr.ifr_flags & IFF_UP) && (!(ifr.ifr_flags & IFF_LOOPBACK)))
{
sin = (struct sockaddr_in *) &ifp->ifr_addr;
if (IgnoreJailInterface(j + 1, sin))
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Ignoring interface %d", j + 1);
continue;
}
CfDebug("Adding hostip %s..\n", inet_ntoa(sin->sin_addr));
HardClass(inet_ntoa(sin->sin_addr));
if ((hp =
gethostbyaddr((char *) &(sin->sin_addr.s_addr), sizeof(sin->sin_addr.s_addr), AF_INET)) == NULL)
{
CfDebug("No hostinformation for %s found\n", inet_ntoa(sin->sin_addr));
}
else
{
if (hp->h_name != NULL)
{
CfDebug("Adding hostname %s..\n", hp->h_name);
HardClass(hp->h_name);
if (hp->h_aliases != NULL)
{
for (i = 0; hp->h_aliases[i] != NULL; i++)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Adding alias %s..\n", hp->h_aliases[i]);
HardClass(hp->h_aliases[i]);
}
}
}
}
if (strcmp(inet_ntoa(sin->sin_addr), "0.0.0.0") == 0)
{
// Maybe we need to do something windows specific here?
CfOut(OUTPUT_LEVEL_VERBOSE, "", " !! Cannot discover hardware IP, using DNS value");
strcpy(ip, "ipv4_");
strcat(ip, VIPADDRESS);
AppendItem(&IPADDRESSES, VIPADDRESS, "");
RlistAppend(&ips, VIPADDRESS, RVAL_TYPE_SCALAR);
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
{
if (*sp == '.')
{
*sp = '\0';
HardClass(ip);
}
}
strcpy(ip, VIPADDRESS);
i = 3;
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
{
if (*sp == '.')
{
*sp = '\0';
snprintf(name, CF_MAXVARSIZE - 1, "ipv4_%d[%s]", i--, CanonifyName(VIPADDRESS));
NewScalar("sys", name, ip, DATA_TYPE_STRING);
}
}
continue;
}
strncpy(ip, "ipv4_", CF_MAXVARSIZE);
strncat(ip, inet_ntoa(sin->sin_addr), CF_MAXVARSIZE - 6);
HardClass(ip);
if (!ipdefault)
{
ipdefault = true;
NewScalar("sys", "ipv4", inet_ntoa(sin->sin_addr), DATA_TYPE_STRING);
strcpy(VIPADDRESS, inet_ntoa(sin->sin_addr));
}
AppendItem(&IPADDRESSES, inet_ntoa(sin->sin_addr), "");
RlistAppend(&ips, inet_ntoa(sin->sin_addr), RVAL_TYPE_SCALAR);
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
{
if (*sp == '.')
{
*sp = '\0';
HardClass(ip);
}
}
// Set the IPv4 on interface array
strcpy(ip, inet_ntoa(sin->sin_addr));
if ((ag != AGENT_TYPE_KNOW) && (ag != AGENT_TYPE_GENDOC))
{
snprintf(name, CF_MAXVARSIZE - 1, "ipv4[%s]", CanonifyName(ifp->ifr_name));
}
else
{
snprintf(name, CF_MAXVARSIZE - 1, "ipv4[interface_name]");
}
NewScalar("sys", name, ip, DATA_TYPE_STRING);
i = 3;
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
{
if (*sp == '.')
{
*sp = '\0';
if ((ag != AGENT_TYPE_KNOW) && (ag != AGENT_TYPE_GENDOC))
{
snprintf(name, CF_MAXVARSIZE - 1, "ipv4_%d[%s]", i--, CanonifyName(ifp->ifr_name));
}
else
{
snprintf(name, CF_MAXVARSIZE - 1, "ipv4_%d[interface_name]", i--);
}
NewScalar("sys", name, ip, DATA_TYPE_STRING);
}
}
}
// Set the hardware/mac address array
GetMacAddress(ag, fd, &ifr, ifp, &interfaces, &hardware);
}
}
close(fd);
NewList("sys", "interfaces", interfaces, DATA_TYPE_STRING_LIST);
NewList("sys", "hardware_addresses", hardware, DATA_TYPE_STRING_LIST);
NewList("sys", "ip_addresses", ips, DATA_TYPE_STRING_LIST);
RlistDestroy(interfaces);
RlistDestroy(hardware);
RlistDestroy(ips);
FindV6InterfacesInfo();
}
static GenericAgentConfig *CheckOpts(int argc, char **argv)
{
extern char *optarg;
char *sp;
int optindex = 0;
int c, alpha = false, v6 = false;
GenericAgentConfig *config = GenericAgentConfigNewDefault(AGENT_TYPE_AGENT);
/* Because of the MacOS linker we have to call this from each agent
individually before Generic Initialize */
POLICY_SERVER[0] = '\0';
while ((c = getopt_long(argc, argv, "rdvnKIf:D:N:Vs:x:MBb:h", OPTIONS, &optindex)) != EOF)
{
switch ((char) c)
{
case 'f':
if (optarg && strlen(optarg) < 5)
{
FatalError(" -f used but argument \"%s\" incorrect", optarg);
}
GenericAgentConfigSetInputFile(config, optarg);
MINUSF = true;
break;
case 'b':
if (optarg)
{
config->bundlesequence = SplitStringAsRList(optarg, ',');
CBUNDLESEQUENCE_STR = optarg;
}
break;
case 'd':
HardClass("opt_debug");
DEBUG = true;
break;
case 'B':
BOOTSTRAP = true;
MINUSF = true;
GenericAgentConfigSetInputFile(config, "promises.cf");
IGNORELOCK = true;
HardClass("bootstrap_mode");
break;
case 's':
if(IsLoopbackAddress(optarg))
{
FatalError("Use a non-loopback address when bootstrapping");
}
// temporary assure that network functions are working
OpenNetwork();
strncpy(POLICY_SERVER, Hostname2IPString(optarg), CF_BUFSIZE - 1);
CloseNetwork();
for (sp = POLICY_SERVER; *sp != '\0'; sp++)
{
if (isalpha((int)*sp))
{
alpha = true;
}
if (ispunct((int)*sp) && *sp != ':' && *sp != '.')
{
alpha = true;
}
if (*sp == ':')
{
v6 = true;
}
}
if (alpha && !v6)
{
FatalError
("Error specifying policy server. The policy server's IP address could not be looked up. Please use the IP address instead if there is no error.");
}
break;
case 'K':
IGNORELOCK = true;
break;
case 'D':
NewClassesFromString(optarg);
break;
case 'N':
NegateClassesFromString(optarg);
break;
case 'I':
INFORM = true;
break;
case 'v':
VERBOSE = true;
break;
case 'n':
DONTDO = true;
IGNORELOCK = true;
HardClass("opt_dry_run");
break;
case 'V':
PrintVersionBanner("cf-agent");
exit(0);
case 'h':
Syntax("cf-agent - cfengine's change agent", OPTIONS, HINTS, ID);
exit(0);
case 'M':
ManPage("cf-agent - cfengine's change agent", OPTIONS, HINTS, ID);
exit(0);
case 'x':
CfOut(cf_error, "", "Self-diagnostic functionality is retired");
exit(0);
case 'r':
SHOWREPORTS = true;
break;
default:
Syntax("cf-agent - cfengine's change agent", OPTIONS, HINTS, ID);
exit(1);
}
}
if (argv[optind] != NULL)
{
CfOut(cf_error, "", "Unexpected argument with no preceding option: %s\n", argv[optind]);
FatalError("Aborted");
}
CfDebug("Set debugging\n");
return config;
}
void CheckFileChanges(Policy **policy, GenericAgentConfig *config, const ReportContext *report_context)
{
if (EnterpriseExpiry())
{
CfOut(cf_error, "", "!! This enterprise license is invalid.");
}
CfDebug("Checking file updates on %s\n", config->input_file);
if (NewPromiseProposals(config->input_file, InputFiles(*policy)))
{
CfOut(cf_verbose, "", " -> New promises detected...\n");
if (CheckPromises(config->input_file, report_context))
{
CfOut(cf_inform, "", "Rereading config files %s..\n", config->input_file);
/* Free & reload -- lock this to avoid access errors during reload */
DeleteItemList(VNEGHEAP);
DeleteAlphaList(&VHEAP);
InitAlphaList(&VHEAP);
DeleteAlphaList(&VHARDHEAP);
InitAlphaList(&VHARDHEAP);
DeleteAlphaList(&VADDCLASSES);
InitAlphaList(&VADDCLASSES);
DeleteItemList(IPADDRESSES);
IPADDRESSES = NULL;
DeleteItemList(SV.trustkeylist);
DeleteItemList(SV.skipverify);
DeleteItemList(SV.attackerlist);
DeleteItemList(SV.nonattackerlist);
DeleteItemList(SV.multiconnlist);
DeleteAuthList(VADMIT);
DeleteAuthList(VDENY);
DeleteAuthList(VARADMIT);
DeleteAuthList(VARDENY);
DeleteAuthList(ROLES);
//DeleteRlist(VINPUTLIST); This is just a pointer, cannot free it
DeleteAllScope();
strcpy(VDOMAIN, "undefined.domain");
POLICY_SERVER[0] = '\0';
VADMIT = VADMITTOP = NULL;
VDENY = VDENYTOP = NULL;
VARADMIT = VARADMITTOP = NULL;
VARDENY = VARDENYTOP = NULL;
ROLES = ROLESTOP = NULL;
VNEGHEAP = NULL;
SV.trustkeylist = NULL;
SV.skipverify = NULL;
SV.attackerlist = NULL;
SV.nonattackerlist = NULL;
SV.multiconnlist = NULL;
PolicyDestroy(*policy);
*policy = NULL;
ERRORCOUNT = 0;
NewScope("sys");
SetPolicyServer(POLICY_SERVER);
NewScalar("sys", "policy_hub", POLICY_SERVER, DATA_TYPE_STRING);
if (EnterpriseExpiry())
{
CfOut(cf_error, "",
"Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
}
NewScope("const");
NewScope("this");
NewScope("control_server");
NewScope("control_common");
NewScope("mon");
NewScope("remote_access");
GetNameInfo3();
GetInterfacesInfo(AGENT_TYPE_SERVER);
Get3Environment();
BuiltinClasses();
OSClasses();
KeepHardClasses();
HardClass(CF_AGENTTYPES[THIS_AGENT_TYPE]);
SetReferenceTime(true);
*policy = ReadPromises(AGENT_TYPE_SERVER, config, report_context);
KeepPromises(*policy, config, report_context);
Summarize();
}
else
{
CfOut(cf_inform, "", " !! File changes contain errors -- ignoring");
PROMISETIME = time(NULL);
}
}
else
{
CfDebug(" -> No new promises found\n");
}
}
int main(int argc, char *argv[])
{
int ret = 0;
GenericAgentConfig *config = CheckOpts(argc, argv);
#ifdef HAVE_AVAHI_CLIENT_CLIENT_H
#ifdef HAVE_AVAHI_COMMON_ADDRESS_H
if (NULL_OR_EMPTY(POLICY_SERVER) && BOOTSTRAP)
{
int ret = AutomaticBootstrap();
if (ret < 0)
{
return 1;
}
}
#endif
#endif
ReportContext *report_context = OpenReports(config->agent_type);
GenericAgentDiscoverContext(config, report_context);
Policy *policy = NULL;
if (GenericAgentCheckPolicy(config, report_context, ALWAYS_VALIDATE))
{
policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
}
else if (config->tty_interactive)
{
FatalError("CFEngine was not able to get confirmation of promises from cf-promises, please verify input file\n");
}
else
{
CfOut(OUTPUT_LEVEL_ERROR, "", "CFEngine was not able to get confirmation of promises from cf-promises, so going to failsafe\n");
HardClass("failsafe_fallback");
GenericAgentConfigSetInputFile(config, "failsafe.cf");
policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
}
CheckLicenses();
ThisAgentInit();
BeginAudit();
KeepPromises(policy, config, report_context);
CloseReports("agent", report_context);
// only note class usage when default policy is run
if (!config->input_file)
{
NoteClassUsage(VHEAP, true);
NoteClassUsage(VHARDHEAP, true);
}
#ifdef HAVE_NOVA
Nova_NoteVarUsageDB();
Nova_TrackExecution(config->input_file);
#endif
PurgeLocks();
if (BOOTSTRAP && !VerifyBootstrap())
{
ret = 1;
}
EndAudit(CFA_BACKGROUND);
GenericAgentConfigDestroy(config);
return ret;
}
static bool ScheduleRun(Policy **policy, ExecConfig *exec_config, const ReportContext *report_context)
{
Item *ip;
CfOut(cf_verbose, "", "Sleeping...\n");
sleep(CFPULSETIME); /* 1 Minute resolution is enough */
// recheck license (in case of license updates or expiry)
if (EnterpriseExpiry())
{
CfOut(cf_error, "", "Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
exit(1);
}
/*
* FIXME: this logic duplicates the one from cf-serverd.c. Unify ASAP.
*/
if (CheckNewPromises(report_context) == RELOAD_FULL)
{
/* Full reload */
CfOut(cf_inform, "", "Re-reading promise file %s..\n", VINPUTFILE);
DeleteAlphaList(&VHEAP);
InitAlphaList(&VHEAP);
DeleteAlphaList(&VHARDHEAP);
InitAlphaList(&VHARDHEAP);
DeleteAlphaList(&VADDCLASSES);
InitAlphaList(&VADDCLASSES);
DeleteItemList(IPADDRESSES);
IPADDRESSES = NULL;
DeleteItemList(VNEGHEAP);
DeleteAllScope();
strcpy(VDOMAIN, "undefinded.domain");
POLICY_SERVER[0] = '\0';
VNEGHEAP = NULL;
VINPUTLIST = NULL;
PolicyDestroy(*policy);
*policy = NULL;
ERRORCOUNT = 0;
NewScope("sys");
SetPolicyServer(POLICY_SERVER);
NewScalar("sys", "policy_hub", POLICY_SERVER, cf_str);
NewScope("const");
NewScope("this");
NewScope("mon");
NewScope("control_server");
NewScope("control_common");
NewScope("remote_access");
GetNameInfo3();
GetInterfacesInfo(AGENT_TYPE_EXECUTOR);
Get3Environment();
BuiltinClasses();
OSClasses();
HardClass(CF_AGENTTYPES[THIS_AGENT_TYPE]);
SetReferenceTime(true);
GenericAgentConfig config = {
.bundlesequence = NULL
};
*policy = ReadPromises(AGENT_TYPE_EXECUTOR, CF_EXECC, config, report_context);
KeepPromises(*policy, exec_config);
}
int main(int argc, char *argv[])
{
GenericAgentConfig config = CheckOpts(argc, argv);
ReportContext *report_context = OpenReports("executor");
Policy *policy = GenericInitialize("executor", config, report_context);
ThisAgentInit();
ExecConfig exec_config = {
.scheduled_run = !ONCE,
.exec_command = SafeStringDuplicate(""),
.mail_server = SafeStringDuplicate(""),
.mail_from_address = SafeStringDuplicate(""),
.mail_to_address = SafeStringDuplicate(""),
.mail_max_lines = 30,
.fq_name = VFQNAME,
.ip_address = VIPADDRESS,
.agent_expireafter = 10080,
};
KeepPromises(policy, &exec_config);
#ifdef MINGW
if (WINSERVICE)
{
NovaWin_StartExecService();
}
else
#endif /* MINGW */
{
StartServer(policy, &exec_config, report_context);
}
ReportContextDestroy(report_context);
return 0;
}
/*****************************************************************************/
/* Level 1 */
/*****************************************************************************/
static GenericAgentConfig CheckOpts(int argc, char **argv)
{
extern char *optarg;
int optindex = 0;
int c;
char ld_library_path[CF_BUFSIZE];
GenericAgentConfig config = GenericAgentDefaultConfig(AGENT_TYPE_EXECUTOR);
while ((c = getopt_long(argc, argv, "dvnKIf:D:N:VxL:hFOV1gMW", OPTIONS, &optindex)) != EOF)
{
switch ((char) c)
{
case 'f':
if (optarg && strlen(optarg) < 5)
{
FatalError(" -f used but argument \"%s\" incorrect", optarg);
}
SetInputFile(optarg);
MINUSF = true;
break;
case 'd':
HardClass("opt_debug");
DEBUG = true;
break;
case 'K':
IGNORELOCK = true;
break;
case 'D':
NewClassesFromString(optarg);
break;
case 'N':
NegateClassesFromString(optarg);
break;
case 'I':
INFORM = true;
break;
case 'v':
VERBOSE = true;
NO_FORK = true;
break;
case 'n':
DONTDO = true;
IGNORELOCK = true;
HardClass("opt_dry_run");
break;
case 'L':
snprintf(ld_library_path, CF_BUFSIZE - 1, "LD_LIBRARY_PATH=%s", optarg);
if (putenv(xstrdup(ld_library_path)) != 0)
{
}
break;
case 'W':
WINSERVICE = false;
break;
case 'F':
NO_FORK = true;
break;
case 'O':
ONCE = true;
break;
case 'V':
PrintVersionBanner("cf-execd");
exit(0);
case 'h':
Syntax("cf-execd - cfengine's execution agent", OPTIONS, HINTS, ID);
exit(0);
case 'M':
ManPage("cf-execd - cfengine's execution agent", OPTIONS, HINTS, ID);
exit(0);
case 'x':
SelfDiagnostic();
exit(0);
default:
Syntax("cf-execd - cfengine's execution agent", OPTIONS, HINTS, ID);
exit(1);
}
}
if (argv[optind] != NULL)
{
CfOut(cf_error, "", "Unexpected argument with no preceding option: %s\n", argv[optind]);
}
return config;
}
/*****************************************************************************/
static void LoadDefaultSchedule(void)
{
CfDebug("Loading default schedule...\n");
DeleteItemList(SCHEDULE);
SCHEDULE = NULL;
AppendItem(&SCHEDULE, "Min00", NULL);
AppendItem(&SCHEDULE, "Min05", NULL);
AppendItem(&SCHEDULE, "Min10", NULL);
AppendItem(&SCHEDULE, "Min15", NULL);
AppendItem(&SCHEDULE, "Min20", NULL);
AppendItem(&SCHEDULE, "Min25", NULL);
AppendItem(&SCHEDULE, "Min30", NULL);
AppendItem(&SCHEDULE, "Min35", NULL);
AppendItem(&SCHEDULE, "Min40", NULL);
AppendItem(&SCHEDULE, "Min45", NULL);
AppendItem(&SCHEDULE, "Min50", NULL);
AppendItem(&SCHEDULE, "Min55", NULL);
}
static void FindV6InterfacesInfo(void)
{
FILE *pp = NULL;
char buffer[CF_BUFSIZE];
/* Whatever the manuals might say, you cannot get IPV6
interface configuration from the ioctls. This seems
to be implemented in a non standard way across OSes
BSDi has done getifaddrs(), solaris 8 has a new ioctl, Stevens
book shows the suggestion which has not been implemented...
*/
CfOut(cf_verbose, "", "Trying to locate my IPv6 address\n");
switch (VSYSTEMHARDCLASS)
{
case cfnt:
/* NT cannot do this */
return;
case hp:
if ((pp = cf_popen("/usr/sbin/ifconfig -a", "r")) == NULL)
{
CfOut(cf_verbose, "", "Could not find interface info\n");
return;
}
break;
case aix:
if ((pp = cf_popen("/etc/ifconfig -a", "r")) == NULL)
{
CfOut(cf_verbose, "", "Could not find interface info\n");
return;
}
break;
default:
if ((pp = cf_popen("/sbin/ifconfig -a", "r")) == NULL)
{
CfOut(cf_verbose, "", "Could not find interface info\n");
return;
}
}
/* Don't know the output format of ifconfig on all these .. hope for the best*/
while (!feof(pp))
{
fgets(buffer, CF_BUFSIZE - 1, pp);
if (ferror(pp)) /* abortable */
{
break;
}
if (strcasestr(buffer, "inet6"))
{
Item *ip, *list = NULL;
char *sp;
list = SplitStringAsItemList(buffer, ' ');
for (ip = list; ip != NULL; ip = ip->next)
{
for (sp = ip->name; *sp != '\0'; sp++)
{
if (*sp == '/') /* Remove CIDR mask */
{
*sp = '\0';
}
}
if ((IsIPV6Address(ip->name)) && ((strcmp(ip->name, "::1") != 0)))
{
CfOut(cf_verbose, "", "Found IPv6 address %s\n", ip->name);
AppendItem(&IPADDRESSES, ip->name, "");
HardClass(ip->name);
}
}
DeleteItemList(list);
}
}
cf_pclose(pp);
}
static GenericAgentConfig CheckOpts(int argc, char **argv)
{
extern char *optarg;
int optindex = 0;
int c;
GenericAgentConfig config = GenericAgentDefaultConfig(cf_monitor);
while ((c = getopt_long(argc, argv, "dvnIf:VSxHTKMFh", OPTIONS, &optindex)) != EOF)
{
switch ((char) c)
{
case 'f':
SetInputFile(optarg);
MINUSF = true;
break;
case 'd':
HardClass("opt_debug");
DEBUG = true;
NO_FORK = true;
break;
case 'K':
IGNORELOCK = true;
break;
case 'I':
INFORM = true;
break;
case 'v':
VERBOSE = true;
NO_FORK = true;
break;
case 'F':
NO_FORK = true;
break;
case 'H': /* Keep accepting this option for compatibility -- no longer used */
break;
case 'T':
MonNetworkSnifferEnable(true);
break;
case 'V':
PrintVersionBanner("cf-monitord");
exit(0);
case 'h':
Syntax("cf-monitord - cfengine's monitoring agent", OPTIONS, HINTS, ID);
exit(0);
case 'M':
ManPage("cf-monitord - cfengine's monitoring agent", OPTIONS, HINTS, ID);
exit(0);
case 'x':
SelfDiagnostic();
exit(0);
default:
Syntax("cf-monitord - cfengine's monitoring agent", OPTIONS, HINTS, ID);
exit(1);
}
}
CfDebug("Set debugging\n");
return config;
}