bool IEngine::try_login()
{
WRITE_ENGINE_STATUS(WC_ENGINE_STATUS_CONNECTING);
if (!is_connected())
{
connect(CONNECT_TIMEOUT_NANO_SECONDS);
}
WRITE_ENGINE_STATUS(is_connected() ? WC_ENGINE_STATUS_CONNECTED: WC_ENGINE_STATUS_CONNECT_FAIL);
if (is_connected() && !is_logged_in())
{
login(CONNECT_TIMEOUT_NANO_SECONDS);
}
WRITE_ENGINE_STATUS(is_logged_in() ? WC_ENGINE_STATUS_LOGIN_SUCCESS: WC_ENGINE_STATUS_LOGIN_FAIL);
return is_logged_in();
}
void IEngine::on_engine_open()
{
KF_LOG_INFO(logger, "[CMD] ENGINE OPEN SERVICE!");
if (is_logged_in())
{
KF_LOG_INFO(logger, "already running!");
}
else
{
if (try_login())
{
pre_run();
KF_LOG_INFO(logger, "restarted!");
}
else
{
KF_LOG_ERROR(logger, "failed to restart!");
}
}
}
int main(int argc, const char **argv)
{
int ret = EXIT_SUCCESS;
struct tools_ctx *tctx = NULL;
const char *pc_username = NULL;
int pc_debug = SSSDBG_DEFAULT;
int pc_remove = 0;
int pc_force = 0;
int pc_kick = 0;
poptContext pc = NULL;
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &pc_debug,
0, _("The debug level to run with"), NULL },
{ "remove", 'r', POPT_ARG_NONE, NULL, 'r',
_("Remove home directory and mail spool"), NULL },
{ "no-remove", 'R', POPT_ARG_NONE, NULL, 'R',
_("Do not remove home directory and mail spool"), NULL },
{ "force", 'f', POPT_ARG_NONE, NULL, 'f',
_("Force removal of files not owned by the user"), NULL },
{ "kick", 'k', POPT_ARG_NONE, NULL, 'k',
_("Kill users' processes before removing him"), NULL },
POPT_TABLEEND
};
debug_prg_name = argv[0];
ret = set_locale();
if (ret != EOK) {
DEBUG(1, ("set_locale failed (%d): %s\n", ret, strerror(ret)));
ERROR("Error setting the locale\n");
ret = EXIT_FAILURE;
goto fini;
}
/* parse parameters */
pc = poptGetContext(NULL, argc, argv, long_options, 0);
poptSetOtherOptionHelp(pc, "USERNAME");
while ((ret = poptGetNextOpt(pc)) > 0) {
switch (ret) {
case 'r':
pc_remove = DO_REMOVE_HOME;
break;
case 'R':
pc_remove = DO_NOT_REMOVE_HOME;
break;
case 'f':
pc_force = DO_FORCE_REMOVAL;
break;
case 'k':
pc_kick = 1;
break;
}
}
debug_level = debug_convert_old_level(pc_debug);
if (ret != -1) {
BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
}
pc_username = poptGetArg(pc);
if (pc_username == NULL) {
BAD_POPT_PARAMS(pc, _("Specify user to delete\n"), ret, fini);
}
CHECK_ROOT(ret, debug_prg_name);
ret = init_sss_tools(&tctx);
if (ret != EOK) {
DEBUG(1, ("init_sss_tools failed (%d): %s\n", ret, strerror(ret)));
if (ret == ENOENT) {
ERROR("Error initializing the tools - no local domain\n");
} else {
ERROR("Error initializing the tools\n");
}
ret = EXIT_FAILURE;
goto fini;
}
/* if the domain was not given as part of FQDN, default to local domain */
ret = parse_name_domain(tctx, pc_username);
if (ret != EOK) {
ERROR("Invalid domain specified in FQDN\n");
ret = EXIT_FAILURE;
goto fini;
}
/*
* Fills in defaults for ops_ctx user did not specify.
*/
ret = userdel_defaults(tctx, tctx->confdb, tctx->octx, pc_remove);
if (ret != EOK) {
ERROR("Cannot set default values\n");
ret = EXIT_FAILURE;
goto fini;
}
ret = sysdb_getpwnam_sync(tctx,
tctx->sysdb,
tctx->octx->name,
tctx->octx);
if (ret != EOK) {
/* Error message will be printed in the switch */
goto done;
}
if ((tctx->octx->uid < tctx->local->id_min) ||
(tctx->local->id_max && tctx->octx->uid > tctx->local->id_max)) {
ERROR("User %1$s is outside the defined ID range for domain\n",
tctx->octx->name);
ret = EXIT_FAILURE;
goto fini;
}
if (pc_kick) {
ret = kick_user(tctx);
if (ret != EOK) {
tctx->error = ret;
goto done;
}
}
/* userdel */
ret = userdel(tctx, tctx->sysdb, tctx->octx);
if (ret != EOK) {
goto done;
}
/* Set SELinux login context - must be done after transaction is done
* b/c libselinux calls getpwnam */
ret = del_seuser(tctx->octx->name);
if (ret != EOK) {
ERROR("Cannot reset SELinux login context\n");
ret = EXIT_FAILURE;
goto fini;
}
if (!pc_kick) {
ret = is_logged_in(tctx, tctx->octx->uid);
switch(ret) {
case ENOENT:
break;
case EOK:
ERROR("WARNING: The user (uid %1$lu) was still logged in when "
"deleted.\n", (unsigned long) tctx->octx->uid);
break;
case ENOSYS:
ERROR("Cannot determine if the user was logged in on this "
"platform");
break;
default:
ERROR("Error while checking if the user was logged in\n");
break;
}
}
ret = run_userdel_cmd(tctx);
if (ret != EOK) {
ERROR("The post-delete command failed: %1$s\n", strerror(ret));
goto fini;
}
if (tctx->octx->remove_homedir) {
ret = remove_homedir(tctx,
tctx->octx->home,
tctx->octx->maildir,
tctx->octx->name,
tctx->octx->uid,
pc_force);
if (ret == EPERM) {
ERROR("Not removing home dir - not owned by user\n");
} else if (ret != EOK) {
ERROR("Cannot remove homedir: %1$s\n", strerror(ret));
ret = EXIT_FAILURE;
goto fini;
}
}
done:
if (ret) {
DEBUG(1, ("sysdb operation failed (%d)[%s]\n", ret, strerror(ret)));
switch (ret) {
case ENOENT:
ERROR("No such user in local domain. "
"Removing users only allowed in local domain.\n");
break;
default:
ERROR("Internal error. Could not remove user.\n");
break;
}
ret = EXIT_FAILURE;
goto fini;
}
ret = EXIT_SUCCESS;
fini:
talloc_free(tctx);
poptFreeContext(pc);
exit(ret);
}
/*
* Main application. This is where the requests come in and routed.
*/
void handle_request(void)
{
bool logged_in = false;
char *request_uri;
struct timespec stp;
struct timespec etp;
clock_gettime(CLOCK_REALTIME, &stp);
qvars = NULL;
avars = NULL;
u_files = NULL;
set_env_vars();
set_vars();
request_uri = strdupa(env_vars.request_uri);
/* Initialise the database connection */
conn = db_conn();
if (!conn)
goto out2;
/*
* Some routes need to come before the login / session stuff as
* they can't be logged in and have no session.
*/
if (match_uri(request_uri, "//")) {
/* function call goes here */
goto out2;
}
if (match_uri(request_uri, "/login/")) {
login();
goto out2;
}
logged_in = is_logged_in();
if (!logged_in) {
printf("Location: /login/\r\n\r\n");
goto out2;
}
/* Logged in, set-up the user_session structure */
set_user_session();
/* Add new url handlers after here */
if (match_uri(request_uri, "/logout/")) {
logout();
goto out;
}
/* Default location */
printf("Location: /login/\r\n\r\n");
out:
free_user_session();
out2:
free_vars(qvars);
free_avars();
free_u_files();
clock_gettime(CLOCK_REALTIME, &etp);
d_fprintf(access_log, "Got request from %s for %s (%s), %ums\n",
env_vars.remote_addr, request_uri,
env_vars.request_method,
(unsigned int)((etp.tv_sec * 1000 +
etp.tv_nsec / NS_MSEC) -
(stp.tv_sec * 1000 + stp.tv_nsec / NS_MSEC)));
free_env_vars();
mysql_close(conn);
}
