Пример #1
0
/**
 * Validate a given filesystem service s. Events are posted according to 
 * its configuration. In case of a fatal event FALSE is returned.
 */
int check_filesystem(Service_T s) {
  char *p;
  char path_buf[PATH_MAX+1];
  Filesystem_T td;
  struct stat stat_buf;

  ASSERT(s);

  p = s->path;

  /* We need to resolve symbolic link so if it points to device, we'll be able to find it in mnttab */
  if (lstat(s->path, &stat_buf) != 0) {
    Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "filesystem doesn't exist");
    return FALSE;
  }
  if (S_ISLNK(stat_buf.st_mode)) {
    if (! realpath(s->path, path_buf)) {
      Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "filesystem symbolic link error -- %s", STRERROR);
      return FALSE;
    }
    p = path_buf;
    Event_post(s, Event_Nonexist, STATE_SUCCEEDED, s->action_NONEXIST, "filesystem symbolic link %s -> %s", s->path, p);
    if (stat(p, &stat_buf) != 0) {
      Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "filesystem doesn't exist");
      return FALSE;
    }
  }
  Event_post(s, Event_Nonexist, STATE_SUCCEEDED, s->action_NONEXIST, "filesystem exists");

  s->inf->st_mode = stat_buf.st_mode;
  s->inf->st_uid  = stat_buf.st_uid;
  s->inf->st_gid  = stat_buf.st_gid;

  if (!filesystem_usage(s->inf, p)) {
    Event_post(s, Event_Data, STATE_FAILED, s->action_DATA, "unable to read filesystem %s state", p);
    return FALSE;
  }
  s->inf->priv.filesystem.inode_percent = s->inf->priv.filesystem.f_files > 0 ? (int)((1000.0 * (s->inf->priv.filesystem.f_files - s->inf->priv.filesystem.f_filesfree)) / (float)s->inf->priv.filesystem.f_files) : 0;
  s->inf->priv.filesystem.space_percent = s->inf->priv.filesystem.f_blocks > 0 ? (int)((1000.0 * (s->inf->priv.filesystem.f_blocks - s->inf->priv.filesystem.f_blocksfree)) / (float)s->inf->priv.filesystem.f_blocks) : 0;
  s->inf->priv.filesystem.inode_total   = s->inf->priv.filesystem.f_files - s->inf->priv.filesystem.f_filesfree;
  s->inf->priv.filesystem.space_total   = s->inf->priv.filesystem.f_blocks - s->inf->priv.filesystem.f_blocksfreetotal;
  Event_post(s, Event_Data, STATE_SUCCEEDED, s->action_DATA, "succeeded getting filesystem statistic for %s", p);

  if (s->perm)
    check_perm(s);

  if (s->uid)
    check_uid(s);

  if (s->gid)
    check_gid(s);

  check_filesystem_flags(s);

  if (s->filesystemlist)
    for (td = s->filesystemlist; td; td = td->next)
      check_filesystem_resources(s, td);

  return TRUE;
}
Пример #2
0
/**
 * Validate a given file service s. Events are posted according to 
 * its configuration. In case of a fatal event FALSE is returned.
 */
int check_file(Service_T s) {
  struct stat stat_buf;

  ASSERT(s);

  if (stat(s->path, &stat_buf) != 0) {
    Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "file doesn't exist");
    return FALSE;
  } else {
    s->inf->st_mode = stat_buf.st_mode;
    if (s->inf->priv.file.st_ino == 0) {
      s->inf->priv.file.st_ino_prev = stat_buf.st_ino;
      s->inf->priv.file.readpos     = stat_buf.st_size;
    } else
      s->inf->priv.file.st_ino_prev = s->inf->priv.file.st_ino;
    s->inf->priv.file.st_ino  = stat_buf.st_ino;
    s->inf->st_uid            = stat_buf.st_uid;
    s->inf->st_gid            = stat_buf.st_gid;
    s->inf->priv.file.st_size = stat_buf.st_size;
    s->inf->timestamp         = MAX(stat_buf.st_mtime, stat_buf.st_ctime);
    DEBUG("'%s' file exists check succeeded\n", s->name);
    Event_post(s, Event_Nonexist, STATE_SUCCEEDED, s->action_NONEXIST, "file exist");
  }

  if (!S_ISREG(s->inf->st_mode)) {
    Event_post(s, Event_Invalid, STATE_FAILED, s->action_INVALID, "is not a regular file");
    return FALSE;
  } else {
    DEBUG("'%s' is a regular file\n", s->name);
    Event_post(s, Event_Invalid, STATE_SUCCEEDED, s->action_INVALID, "is a regular file");
  }

  if (s->checksum)
    check_checksum(s);

  if (s->perm)
    check_perm(s);

  if (s->uid)
    check_uid(s);

  if (s->gid)
    check_gid(s);

  if (s->sizelist)
    check_size(s);

  if (s->timestamplist)
    check_timestamp(s);

  if (s->matchlist)
    check_match(s);

  return TRUE;

}
Пример #3
0
/**
 * Validate a given directory service s.  Events are posted according to 
 * its configuration.  In case of a fatal event FALSE is returned.
 */
int check_directory(Service_T s) {

  struct stat stat_buf;
  char report[STRLEN]= {0};

  if(stat(s->path, &stat_buf) != 0) {
    if(! s->event_handled) {
      Event_post(s, EVENT_START,
		 "Event: directory '%s' doesn't exist\n", s->name);
      s->event_handled= TRUE;
    }
    return FALSE;
  } else {
    s->event_handled= FALSE;
  }

  if(!S_ISDIR(stat_buf.st_mode)) {
    if(!s->event_handled) {
      Event_post(s, EVENT_UNMONITOR,
		 "Event: '%s' is not directory\n", s->name);
      s->event_handled= TRUE;
    }
    return FALSE;
  } else {
    s->event_handled= FALSE;
  }
  
  if(check_perm(s, stat_buf.st_mode, report)) {
    s->perm->event_flag= TRUE;
    if(! eval_actions(s->perm->action, s, report, "permission",
		      EVENT_PERMISSION))
	return FALSE;
  }
  
  if(check_uid(s, stat_buf.st_uid, report)) {
    s->uid->event_flag= TRUE;
    if(! eval_actions(s->uid->action, s, report, "uid", EVENT_UID))
	return FALSE;
  } 
  
  if(check_gid(s, stat_buf.st_gid, report)) {
    s->gid->event_flag= TRUE;
    if(! eval_actions(s->gid->action, s, report, "gid", EVENT_GID))
	return FALSE;
  } 

  if(!check_timestamps(s))
    return FALSE;

  return TRUE;

}
Пример #4
0
/**
 * Validate a given fifo service s. Events are posted according to 
 * its configuration. In case of a fatal event FALSE is returned.
 */
int check_fifo(Service_T s) {

  struct stat stat_buf;

  ASSERT(s);

  if (stat(s->path, &stat_buf) != 0) {
    Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "fifo doesn't exist");
    return FALSE;
  } else {
    s->inf->st_mode   = stat_buf.st_mode;
    s->inf->st_uid    = stat_buf.st_uid;
    s->inf->st_gid    = stat_buf.st_gid;
    s->inf->timestamp = MAX(stat_buf.st_mtime, stat_buf.st_ctime);
    DEBUG("'%s' fifo exists check succeeded\n", s->name);
    Event_post(s, Event_Nonexist, STATE_SUCCEEDED, s->action_NONEXIST, "fifo exist");
  }

  if (!S_ISFIFO(s->inf->st_mode)) {
    Event_post(s, Event_Invalid, STATE_FAILED, s->action_INVALID, "is not fifo");
    return FALSE;
  } else {
    DEBUG("'%s' is fifo\n", s->name);
    Event_post(s, Event_Invalid, STATE_SUCCEEDED, s->action_INVALID, "is fifo");
  }

  if (s->perm)
    check_perm(s);

  if (s->uid)
    check_uid(s);

  if (s->gid)
    check_gid(s);

  if (s->timestamplist)
    check_timestamp(s);

  return TRUE;

}
Пример #5
0
static int userauth(const char *user, const char *password, int gid, int rootfd)
{
	int ret;
	char *pw, *pw_enc;

	if (gid != -1 && (ret = check_gid(user, gid)) != 0)
		return ret;
	ret = get_user_hash(user, gid, &pw);
	if (ret != 0)
		return ret;
	ret = escape_chroot(rootfd);
	if (ret == 0) {
		struct crypt_data data = {};
		ret = VZCTL_E_AUTH;
		pw_enc = crypt_r(password, pw, &data);
		if (pw_enc && !strcmp(pw_enc, pw))
			ret = 0;
	}
	free(pw);
	return ret;
}
Пример #6
0
/**
 * Validate a given file service s.  Events are posted according to 
 * its configuration.  In case of a fatal event FALSE is returned.
 */
int check_file(Service_T s) {

  Size_T sl;
  struct stat stat_buf;
  char report[STRLEN]= {0};

  if(stat(s->path, &stat_buf) != 0) {
    if(! s->event_handled) {
      Event_post(s, EVENT_START, "Event: file '%s' doesn't exist\n", s->name);
      s->event_handled= TRUE;
    }
    return FALSE;
  } else {
    s->event_handled= TRUE;
  }
  
  if(!S_ISREG(stat_buf.st_mode)) {
    if(! s->event_handled) {
      Event_post(s, EVENT_UNMONITOR,
		 "Event: '%s' is not regular file\n", s->name);
      s->event_handled= TRUE;
    }
    return FALSE;
  } else {
    s->event_handled= FALSE;
  }
  
  if(check_checksum(s, report)) {
      s->checksum->event_flag= TRUE;
      if(! eval_actions(s->checksum->action, s, report, "checksum",
			EVENT_CHECKSUM))
	  return FALSE;
  }
  
  if(check_perm(s, stat_buf.st_mode, report)) {
    s->perm->event_flag= TRUE;
    if(! eval_actions(s->perm->action, s, report, "permission",
		      EVENT_PERMISSION))
	return FALSE;
  }

  if(check_uid(s, stat_buf.st_uid, report)) {
    s->uid->event_flag= TRUE;
    if(! eval_actions(s->uid->action, s, report, "uid", EVENT_UID))
	return FALSE;
  }
  
  if(check_gid(s, stat_buf.st_gid, report)) {
    s->gid->event_flag= TRUE;
    if(! eval_actions(s->gid->action, s, report, "gid", EVENT_GID))
	return FALSE;
  }

  for(sl= s->sizelist; sl; sl= sl->next) {
    if(!check_size_item(s, sl, (unsigned long)stat_buf.st_size, report)) {
      if(! sl->event_handled) {
	/* Turn on the object's event_flag to indicate that the size event
	 * occured on this particular object */
	sl->event_flag= TRUE;
	sl->event_handled= TRUE; /* Turn on the object's
				  * event_handled flag so this
				  * test is not handled in
				  * subsequent poll cycles until
				  * the error condition was reset.
				  */
	if(! eval_actions(sl->action, s, report, "size", EVENT_SIZE)) {
	  return FALSE;
	}
      }
    } else {
      sl->event_handled= FALSE;
    }
  }

  if(!check_timestamps(s))
    return FALSE;

  return TRUE;

}
Пример #7
0
/**
 * Validate a given device service s.  Events are posted according to 
 * its configuration.  In case of a fatal event FALSE is returned.
 */
int check_device(Service_T s) {

  Device_T td;
  struct stat stat_buf;
  char report[STRLEN]= {0};

  if(stat(s->path, &stat_buf) != 0) {
    if(! s->event_handled) {
      Event_post(s, EVENT_START, "Event: device '%s' doesn't exist\n", s->name);
      s->event_handled= TRUE;
    }
    return FALSE;
  } else {
    s->event_handled= FALSE;
  }
  
  if(check_perm(s, stat_buf.st_mode, report)) {
    s->perm->event_flag= TRUE;
    if(! eval_actions(s->perm->action, s, report, "permission",
		      EVENT_PERMISSION))
      return FALSE;
  }

  if(check_uid(s, stat_buf.st_uid, report)) {
    s->uid->event_flag= TRUE;
    if(! eval_actions(s->uid->action, s, report, "uid", EVENT_UID))
      return FALSE;
  }

  if(check_gid(s, stat_buf.st_gid, report)) {
    s->gid->event_flag= TRUE;
    if(! eval_actions(s->gid->action, s, report, "gid", EVENT_GID))
      return FALSE;
  }

  if(!DeviceInfo_Usage(s->devinfo, s->path)) {
    if(! s->devinfo->event_handled) {
      Event_post(s, EVENT_START,
		 "Event: unable to read device '%s' state\n",
		 s->path);
      s->devinfo->event_handled= TRUE;
    }
    return FALSE;
  } else {
    s->devinfo->event_handled= FALSE;
    DEBUG("'%s' succeeded getting device statistic for %s\n", s->name, s->path);
  }

  /* Test devices */
  if(s->devicelist) {
    for(td= s->devicelist; td; td= td->next) {
      if(!check_device_resources(s, td, report)) {
	if(! td->event_handled) {
	  td->event_flag= TRUE; /* Turn on the object's event_flag
				 * to indicate that the resource
				 * event occured on this particular
				 * object */
	  td->event_handled= TRUE; /* Turn on the object's
				    * event_handled flag so this
				    * test is not handled in
				    * subsequent poll cycles until
				    * the error condition was reset.
				    */

	  if(! eval_actions(td->action, s, report, "device", EVENT_RESOURCE)) {
	    return FALSE;
	  }
	}
      } else {
	td->event_handled= FALSE; 
      }
    }
    
  }
  
  return TRUE;

}