diff options
Diffstat (limited to 'servers')
-rw-r--r-- | servers/admin_user_mgmt_server_lin/aclocal.m4 | 10 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/doc/Makefile.in | 35 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/doc/en/Makefile.in | 24 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/po/Makefile.in | 24 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/src/Makefile.am | 2 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/src/admin_user_mgmt.cpp (renamed from servers/admin_user_mgmt_server_lin/src/admin_sys_ctl.cpp) | 339 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/src/admin_user_mgmt.h (renamed from servers/admin_user_mgmt_server_lin/src/admin_sys_ctl.h) | 5 | ||||
-rw-r--r-- | servers/admin_user_mgmt_server_lin/src/main.cpp | 4 | ||||
-rw-r--r-- | servers/auth_server_lin/src/auth_conn.cpp | 40 |
9 files changed, 366 insertions, 117 deletions
diff --git a/servers/admin_user_mgmt_server_lin/aclocal.m4 b/servers/admin_user_mgmt_server_lin/aclocal.m4 index a7f0dd4..6135e5b 100644 --- a/servers/admin_user_mgmt_server_lin/aclocal.m4 +++ b/servers/admin_user_mgmt_server_lin/aclocal.m4 @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.11.3 -*- Autoconf -*- +# generated automatically by aclocal 1.11.6 -*- Autoconf -*- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, # 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, @@ -14,8 +14,8 @@ m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl -m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.68],, -[m4_warning([this file was generated for autoconf 2.68. +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, +[m4_warning([this file was generated for autoconf 2.69. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically `autoreconf'.])]) @@ -664,7 +664,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.11' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.11.3], [], +m4_if([$1], [1.11.6], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -680,7 +680,7 @@ m4_define([_AM_AUTOCONF_VERSION], []) # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.11.3])dnl +[AM_AUTOMAKE_VERSION([1.11.6])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) diff --git a/servers/admin_user_mgmt_server_lin/doc/Makefile.in b/servers/admin_user_mgmt_server_lin/doc/Makefile.in index 9435987..fc4ffec 100644 --- a/servers/admin_user_mgmt_server_lin/doc/Makefile.in +++ b/servers/admin_user_mgmt_server_lin/doc/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.11.3 from Makefile.am. +# Makefile.in generated by automake 1.11.6 from Makefile.am. # KDE tags expanded automatically by am_edit - $Revision$ # @configure_input@ @@ -19,6 +19,23 @@ # the SUBDIRS is filled automatically by am_edit. If files are # in this directory they are installed into the english dir VPATH = @srcdir@ +am__make_dryrun = \ + { \ + am__dry=no; \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ + | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ + *) \ + for am__flg in $$MAKEFLAGS; do \ + case $$am__flg in \ + *=*|--*) ;; \ + *n*) am__dry=yes; break;; \ + esac; \ + done;; \ + esac; \ + test $$am__dry = yes; \ + } pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -66,6 +83,11 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ install-pdf-recursive install-ps-recursive install-recursive \ installcheck-recursive installdirs-recursive pdf-recursive \ ps-recursive uninstall-recursive nmcheck-recursive bcheck-recursive +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ @@ -592,13 +614,10 @@ distdir: $(DISTFILES) done @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - fi; \ - done - @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ + $(am__make_dryrun) \ + || test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ $(am__relativize); \ new_distdir=$$reldir; \ diff --git a/servers/admin_user_mgmt_server_lin/doc/en/Makefile.in b/servers/admin_user_mgmt_server_lin/doc/en/Makefile.in index 586e134..5269784 100644 --- a/servers/admin_user_mgmt_server_lin/doc/en/Makefile.in +++ b/servers/admin_user_mgmt_server_lin/doc/en/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.11.3 from Makefile.am. +# Makefile.in generated by automake 1.11.6 from Makefile.am. # KDE tags expanded automatically by am_edit - $Revision$ # @configure_input@ @@ -16,6 +16,23 @@ @SET_MAKE@ VPATH = @srcdir@ +am__make_dryrun = \ + { \ + am__dry=no; \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ + | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ + *) \ + for am__flg in $$MAKEFLAGS; do \ + case $$am__flg in \ + *=*|--*) ;; \ + *n*) am__dry=yes; break;; \ + esac; \ + done;; \ + esac; \ + test $$am__dry = yes; \ + } pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -48,6 +65,11 @@ CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac #>- DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) #>+ 1 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) $(KDE_DIST) diff --git a/servers/admin_user_mgmt_server_lin/po/Makefile.in b/servers/admin_user_mgmt_server_lin/po/Makefile.in index 3e4f5d3..1af59b1 100644 --- a/servers/admin_user_mgmt_server_lin/po/Makefile.in +++ b/servers/admin_user_mgmt_server_lin/po/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.11.3 from Makefile.am. +# Makefile.in generated by automake 1.11.6 from Makefile.am. # KDE tags expanded automatically by am_edit - $Revision$ # @configure_input@ @@ -16,6 +16,23 @@ @SET_MAKE@ VPATH = @srcdir@ +am__make_dryrun = \ + { \ + am__dry=no; \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ + | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ + *) \ + for am__flg in $$MAKEFLAGS; do \ + case $$am__flg in \ + *=*|--*) ;; \ + *n*) am__dry=yes; break;; \ + esac; \ + done;; \ + esac; \ + test $$am__dry = yes; \ + } pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -48,6 +65,11 @@ CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac #>- DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) #>+ 1 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) $(KDE_DIST) diff --git a/servers/admin_user_mgmt_server_lin/src/Makefile.am b/servers/admin_user_mgmt_server_lin/src/Makefile.am index 6e2c003..481bdc2 100644 --- a/servers/admin_user_mgmt_server_lin/src/Makefile.am +++ b/servers/admin_user_mgmt_server_lin/src/Makefile.am @@ -3,7 +3,7 @@ KDE_CXXFLAGS = $(USE_EXCEPTIONS) bin_PROGRAMS = remotefpga_adminsysctlserver -remotefpga_adminsysctlserver_SOURCES = main.cpp admin_sys_ctl.cpp +remotefpga_adminsysctlserver_SOURCES = main.cpp admin_user_mgmt.cpp remotefpga_adminsysctlserver_METASOURCES = AUTO remotefpga_adminsysctlserver_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_KIO) -lktexteditor -ltdekrbsocket -ltqtrla diff --git a/servers/admin_user_mgmt_server_lin/src/admin_sys_ctl.cpp b/servers/admin_user_mgmt_server_lin/src/admin_user_mgmt.cpp index bfb83bc..687a1e5 100644 --- a/servers/admin_user_mgmt_server_lin/src/admin_sys_ctl.cpp +++ b/servers/admin_user_mgmt_server_lin/src/admin_user_mgmt.cpp @@ -40,7 +40,7 @@ #include <klocale.h> -#include "admin_sys_ctl.h" +#include "admin_user_mgmt.h" #define ABORT_SOCKET(s) s->close(); \ s->disconnect(); \ @@ -83,6 +83,9 @@ SysCtlSocket::SysCtlSocket(int sock, TQObject *parent, const char *name) : if (connectToDatabase() != 0) { exit(1); } + + m_minGID = m_config->readNumEntry("MinimumGID", 500); + m_maxGID = m_config->readNumEntry("MaximumGID", 65533); } SysCtlSocket::~SysCtlSocket() { @@ -176,30 +179,17 @@ void SysCtlSocket::commandLoop() { ds.setPrintableData(true); TQString command; ds >> command; - if (command == "USERS") { + if (command == "LIST") { TQString subCommand; ds >> subCommand; if (subCommand == "TERMINALS") { clearFrameTail(); ds << TQString("OK"); - TerminalServiceStatusList list; - TQSqlCursor databaseActivityCursor("sessions", TRUE, m_terminals_database); - databaseActivityCursor.select(); - while (databaseActivityCursor.next()) { - TerminalServiceStatusType status; - - status.protocolVersion = 1; - status.sessionID = databaseActivityCursor.value("pk").toInt(); - status.username = databaseActivityCursor.value("username").toString(); - status.serverName = databaseActivityCursor.value("servername").toString(); - status.serverPID = databaseActivityCursor.value("server_pid").toInt(); - status.wmPID = databaseActivityCursor.value("wm_pid").toInt(); - status.state = databaseActivityCursor.value("state").toInt(); - status.display = databaseActivityCursor.value("display").toInt(); - status.loginStamp.setTime_t(databaseActivityCursor.value("stamp_start").toLongLong()); - status.activityStamp.setTime_t(databaseActivityCursor.value("stamp_statechange").toLongLong()); - - list.append(status); + TQStringList list; + TQSqlCursor databaseServersCursor("servers", TRUE, m_terminals_database); + databaseServersCursor.select(); + while (databaseServersCursor.next()) { + list.append(databaseServersCursor.value("name").toString()); } ds << list; writeEndOfFrame(); @@ -207,29 +197,41 @@ void SysCtlSocket::commandLoop() { else if (subCommand == "WORKSPACES") { clearFrameTail(); ds << TQString("OK"); - WorkspaceServiceStatusList list; - TQSqlCursor databaseActivityCursor("activity", TRUE, m_workspaces_database); - databaseActivityCursor.select(); - while (databaseActivityCursor.next()) { - WorkspaceServiceStatusType status; - - status.protocolVersion = 1; - status.sessionID = databaseActivityCursor.value("pk").toInt(); - status.stationID = databaseActivityCursor.value("station").toInt(); - status.username = databaseActivityCursor.value("username").toString(); - status.realmname = databaseActivityCursor.value("realmname").toString(); - status.serverID = databaseActivityCursor.value("serverid").toInt(); - status.serviceID = databaseActivityCursor.value("serviceid").toInt(); - status.stationID = databaseActivityCursor.value("station").toInt(); - TQSqlCursor databaseStationsCursor("stations", TRUE, m_workspaces_database); - databaseStationsCursor.select(TQString("pk=%1").arg(status.stationID)); - if (databaseStationsCursor.next()) { - status.stationName = databaseStationsCursor.value("name").toString(); - } - status.loginStamp.setTime_t(databaseActivityCursor.value("logontime").toLongLong()); - status.terminateStamp.setTime_t(databaseActivityCursor.value("terminate").toLongLong()); - list.append(status); + StationList list; + TQSqlCursor databaseStationsCursor("stations", TRUE, m_workspaces_database); + TQSqlCursor databaseServicesCursor("services", TRUE, m_workspaces_database); + TQSqlCursor databaseServiceTypesCursor("servicetypes", TRUE, m_workspaces_database); + databaseStationsCursor.select(); + while (databaseStationsCursor.next()) { + StationType st; + st.id = databaseStationsCursor.value("pk").toInt(); + st.name = databaseStationsCursor.value("name").toString(); + st.description = databaseStationsCursor.value("description").toString(); + databaseServicesCursor.select(TQString("station=%1").arg(databaseStationsCursor.value("pk").toInt())); + while (databaseServicesCursor.next()) { + databaseServiceTypesCursor.select(TQString("serviceid=%1").arg(databaseServicesCursor.value("servicetype").toInt())); + ServiceType svt; + if (databaseServiceTypesCursor.next()) { + svt.type = databaseServiceTypesCursor.value("serviceid").toInt(); + svt.name = databaseServiceTypesCursor.value("name").toString(); + svt.description = databaseServiceTypesCursor.value("description").toString(); + svt.clientLibrary = databaseServiceTypesCursor.value("client_library").toString(); + svt.version = databaseServiceTypesCursor.value("version").toInt(); + char tempchar; + tempchar = databaseServiceTypesCursor.value("single_instance").toInt(); + svt.singleInstance = (tempchar != 0); + } + if (svt.name == "") { + svt.name = i18n("<unknown>"); + } + if (svt.description == "") { + svt.description = i18n("<unknown>"); + } + st.services.append(svt); + } + + list.append(st); } ds << list; writeEndOfFrame(); @@ -240,92 +242,237 @@ void SysCtlSocket::commandLoop() { writeEndOfFrame(); } } - else if (command == "SESSION") { + else if (command == "LISTGROUPACCESS") { TQString subCommand; - TQString sessionID; ds >> subCommand; - ds >> sessionID; - if (subCommand == "LOGOFF_TERMINAL") { - TQ_UINT32 delay; - ds >> delay; + if (subCommand == "TERMINALS") { clearFrameTail(); - // FIXME UNIMPLEMENTED - ds << TQString("ERRINVCMD"); + ds << TQString("OK"); + TerminalServiceAuthGroupList list; + + // First search the database for groups... + TQSqlCursor databasePermissionsCursor("allowed_servers", TRUE, m_terminals_database); + databasePermissionsCursor.select(); + while (databasePermissionsCursor.next()) { + TerminalServiceAuthGroupType agt; + TerminalServiceAuthGroupList::iterator it = list.findByName(databasePermissionsCursor.value("groupname").toString()); + if (it != list.end()) { + agt = *it; + list.remove(it); + } + else { + agt.protocolVersion = 1; + agt.groupName = databasePermissionsCursor.value("groupname").toString(); + } + agt.allowedServerNames.append(databasePermissionsCursor.value("server").toString()); + + list.append(agt); + } + + // ...then search LDAP for groups that were not already in the database + struct group* group; + setgrent(); + while ((group = getgrent())) { + if ((group->gr_gid >= m_minGID) && (group->gr_gid <= m_maxGID)) { + TerminalServiceAuthGroupType agt; + TerminalServiceAuthGroupList::iterator it = list.findByName(TQString(group->gr_name)); + if (it == list.end()) { + agt.protocolVersion = 1; + agt.groupName = TQString(group->gr_name); + list.append(agt); + } + } + } + endgrent(); + + ds << list; writeEndOfFrame(); } - else if (subCommand == "CANCEL_LOGOFF_TERMINAL") { + else if (subCommand == "WORKSPACES") { + clearFrameTail(); + ds << TQString("OK"); + + WorkspaceServiceAuthGroupList list; + + // First search the database for groups... + TQSqlCursor databasePermissionsCursor("permissions", TRUE, m_workspaces_database); + databasePermissionsCursor.select(); + while (databasePermissionsCursor.next()) { + WorkspaceServiceAuthGroupType agt; + WorkspaceServiceAuthGroupList::iterator it = list.findByName(databasePermissionsCursor.value("groupname").toString()); + if (it != list.end()) { + agt = *it; + list.remove(it); + } + else { + agt.protocolVersion = 1; + agt.groupName = databasePermissionsCursor.value("groupname").toString(); + } + agt.allowedStationIDs.append(databasePermissionsCursor.value("station").toUInt()); + + list.append(agt); + } + + // ...then search LDAP for groups that were not already in the database + struct group* group; + setgrent(); + while ((group = getgrent())) { + if ((group->gr_gid >= m_minGID) && (group->gr_gid <= m_maxGID)) { + WorkspaceServiceAuthGroupType agt; + WorkspaceServiceAuthGroupList::iterator it = list.findByName(TQString(group->gr_name)); + if (it == list.end()) { + agt.protocolVersion = 1; + agt.groupName = TQString(group->gr_name); + list.append(agt); + } + } + } + endgrent(); + + ds << list; + writeEndOfFrame(); + } + else { clearFrameTail(); - // FIXME UNIMPLEMENTED ds << TQString("ERRINVCMD"); writeEndOfFrame(); } - else if (subCommand == "KILL_TERMINAL") { + } + else if (command == "SETGROUPACCESS") { + TQString subCommand; + ds >> subCommand; + if (subCommand == "TERMINALS") { + TerminalServiceAuthGroupList list; + ds >> list; clearFrameTail(); - TQSqlCursor databaseActivityCursor("sessions", TRUE, m_terminals_database); - databaseActivityCursor.select(TQString("pk=%1").arg(sessionID)); - if (databaseActivityCursor.next()) { - // Gather server information - TQString server_name = databaseActivityCursor.value("servername").toString(); - int server_pid = databaseActivityCursor.value("server_pid").toInt(); - // Kill server process - TQString command = TQString("ssh root@%1 'kill -9 %2'").arg(server_name).arg(server_pid); - if (system(command.ascii()) == 0) { - // Remove database entry - databaseActivityCursor.select(TQString("pk=%1").arg(sessionID)); - if (databaseActivityCursor.next()) { - databaseActivityCursor.primeDelete(); - databaseActivityCursor.del(true); - } - ds << TQString("OK"); + + bool success = true; + TQSqlCursor databasePermissionsCursor("allowed_servers", TRUE, m_terminals_database); + TerminalServiceAuthGroupList::iterator it; + for (it = list.begin(); it != list.end(); ++it) { + TerminalServiceAuthGroupType agt = *it; + + // Delete all existing entries for this group in perparation for update + databasePermissionsCursor.select(TQString("groupname='%1'").arg(agt.groupName)); + while (databasePermissionsCursor.next()) { + databasePermissionsCursor.primeDelete(); + databasePermissionsCursor.del(false); } - else { - ds << TQString("ERRFAILED"); + + // Insert all entries for this group from the information structure + TQStringList::iterator it2; + for (it2 = agt.allowedServerNames.begin(); it2 != agt.allowedServerNames.end(); ++it2) { + TQSqlRecord *buffer = databasePermissionsCursor.primeInsert(); + buffer->setValue("groupname", agt.groupName); + buffer->setValue("server", *it2); + databasePermissionsCursor.insert(); } - writeEndOfFrame(); + } + + if (success) { + ds << TQString("OK"); } else { - ds << TQString("ERRINVCMD"); + ds << TQString("ERRFAILED"); } writeEndOfFrame(); } - else if (subCommand == "KILL_WORKSPACE") { - TQ_INT32 terminationOffset; - ds >> terminationOffset; + else if (subCommand == "WORKSPACES") { + WorkspaceServiceAuthGroupList list; + ds >> list; clearFrameTail(); - TQDateTime terminationTime = TQDateTime::currentDateTime(); - terminationTime = terminationTime.addSecs(terminationOffset*60); - TQSqlCursor databaseActivityCursor("activity", TRUE, m_workspaces_database); - databaseActivityCursor.select(TQString("pk=%1").arg(sessionID)); - if (databaseActivityCursor.next()) { - TQSqlRecord *buffer = databaseActivityCursor.primeUpdate(); - if (terminationOffset > -2) { - buffer->setValue("terminate", terminationTime.toTime_t()); + + bool success = true; + TQSqlCursor databasePermissionsCursor("permissions", TRUE, m_workspaces_database); + WorkspaceServiceAuthGroupList::iterator it; + for (it = list.begin(); it != list.end(); ++it) { + WorkspaceServiceAuthGroupType agt = *it; + + // Delete all existing entries for this group in perparation for update + databasePermissionsCursor.select(TQString("groupname='%1'").arg(agt.groupName)); + while (databasePermissionsCursor.next()) { + databasePermissionsCursor.primeDelete(); + databasePermissionsCursor.del(false); } - else { - buffer->setValue("terminate", 0); + + // Insert all entries for this group from the information structure + TQInt32List::iterator it2; + for (it2 = agt.allowedStationIDs.begin(); it2 != agt.allowedStationIDs.end(); ++it2) { + TQSqlRecord *buffer = databasePermissionsCursor.primeInsert(); + buffer->setValue("groupname", agt.groupName); + buffer->setValue("station", *it2); + databasePermissionsCursor.insert(); } - databaseActivityCursor.update(); + } + if (success) { ds << TQString("OK"); } else { - ds << TQString("ERRINVCMD"); + ds << TQString("ERRFAILED"); } writeEndOfFrame(); } - else if (subCommand == "CANCEL_KILL_WORKSPACE") { + else { clearFrameTail(); - TQSqlCursor databaseActivityCursor("activity", TRUE, m_workspaces_database); - databaseActivityCursor.select(TQString("pk=%1").arg(sessionID)); - if (databaseActivityCursor.next()) { - TQSqlRecord *buffer = databaseActivityCursor.primeUpdate(); - buffer->setValue("terminate", 0); - databaseActivityCursor.update(); + ds << TQString("ERRINVCMD"); + writeEndOfFrame(); + } + } + else if (command == "DELETEGROUPACCESS") { + TQString subCommand; + ds >> subCommand; + if (subCommand == "TERMINALS") { + TerminalServiceAuthGroupList list; + ds >> list; + clearFrameTail(); + + bool success = true; + TQSqlCursor databasePermissionsCursor("allowed_servers", TRUE, m_terminals_database); + TerminalServiceAuthGroupList::iterator it; + for (it = list.begin(); it != list.end(); ++it) { + TerminalServiceAuthGroupType agt = *it; + + // Delete all existing entries for this group + databasePermissionsCursor.select(TQString("groupname='%1'").arg(agt.groupName)); + while (databasePermissionsCursor.next()) { + databasePermissionsCursor.primeDelete(); + databasePermissionsCursor.del(false); + } + } + + if (success) { + ds << TQString("OK"); + } + else { + ds << TQString("ERRFAILED"); + } + writeEndOfFrame(); + } + else if (subCommand == "WORKSPACES") { + WorkspaceServiceAuthGroupList list; + ds >> list; + clearFrameTail(); + + bool success = true; + TQSqlCursor databasePermissionsCursor("permissions", TRUE, m_workspaces_database); + WorkspaceServiceAuthGroupList::iterator it; + for (it = list.begin(); it != list.end(); ++it) { + WorkspaceServiceAuthGroupType agt = *it; + + // Delete all existing entries for this group + databasePermissionsCursor.select(TQString("groupname='%1'").arg(agt.groupName)); + while (databasePermissionsCursor.next()) { + databasePermissionsCursor.primeDelete(); + databasePermissionsCursor.del(false); + } + } + if (success) { ds << TQString("OK"); } else { - ds << TQString("ERRINVCMD"); + ds << TQString("ERRFAILED"); } writeEndOfFrame(); } diff --git a/servers/admin_user_mgmt_server_lin/src/admin_sys_ctl.h b/servers/admin_user_mgmt_server_lin/src/admin_user_mgmt.h index 4812424..d0f75a2 100644 --- a/servers/admin_user_mgmt_server_lin/src/admin_sys_ctl.h +++ b/servers/admin_user_mgmt_server_lin/src/admin_user_mgmt.h @@ -20,6 +20,8 @@ * http://www.raptorengineeringinc.com */ +#include <grp.h> + #include <tqsocket.h> #include <tqserversocket.h> #include <tqapplication.h> @@ -73,6 +75,9 @@ class SysCtlSocket : public TDEKerberosServerSocket TQSqlDatabase* m_workspaces_database; int m_commandLoopState; + gid_t m_minGID; + gid_t m_maxGID; + friend class UserMgmtServer; }; diff --git a/servers/admin_user_mgmt_server_lin/src/main.cpp b/servers/admin_user_mgmt_server_lin/src/main.cpp index b216a9b..d9aa95a 100644 --- a/servers/admin_user_mgmt_server_lin/src/main.cpp +++ b/servers/admin_user_mgmt_server_lin/src/main.cpp @@ -37,7 +37,7 @@ #include <kaboutdata.h> #include <ksimpleconfig.h> -#include "admin_sys_ctl.h" +#include "admin_user_mgmt.h" static const char description[] = I18N_NOOP("RemoteFPGA System Administration User Management Server"); @@ -58,7 +58,7 @@ int main(int argc, char *argv[]) KSimpleConfig config("remotefpga_adminusermgmtserver.conf", false); config.setGroup("Server"); - SysCtlServer fpgasvr(0, config.readNumEntry("port", 4016), &config); + UserMgmtServer fpgasvr(0, config.readNumEntry("port", 4016), &config); return app.exec(); } diff --git a/servers/auth_server_lin/src/auth_conn.cpp b/servers/auth_server_lin/src/auth_conn.cpp index 42b6d2a..2833fc6 100644 --- a/servers/auth_server_lin/src/auth_conn.cpp +++ b/servers/auth_server_lin/src/auth_conn.cpp @@ -22,6 +22,9 @@ #include <stdlib.h> +#include <grp.h> +#include <pwd.h> + #include <tqtimer.h> #include <klocale.h> @@ -414,11 +417,42 @@ void AuthSocket::commandLoop() { while (m_databaseStationsCursor->next()) { bool authorized = false; bool in_use = false; - + + int ngroups = 0; + gid_t *groups; + struct passwd *pw; + struct group *gr; + groups = (gid_t*)malloc(ngroups*sizeof(gid_t)); + if (groups == NULL) { + printf("[ERROR] Unable to allocate memory\n\r"); fflush(stdout); + exit(EXIT_FAILURE); + } + + pw = getpwnam(m_authenticatedUserName.ascii()); + if (pw == NULL) { + printf("[WARNING] Unable to get detailed information for user '%s', ignoring\n\r", m_authenticatedUserName.ascii()); fflush(stdout); + continue; + } + + if (getgrouplist(m_authenticatedUserName.ascii(), pw->pw_gid, groups, &ngroups) == -1) { + free(groups); + groups = (gid_t*)malloc(ngroups*sizeof(gid_t)); + if (getgrouplist(m_authenticatedUserName.ascii(), pw->pw_gid, groups, &ngroups) == -1) { + printf("[WARNING] Unable to get groups for user '%s', ignoring\n\r", m_authenticatedUserName.ascii()); fflush(stdout); + continue; + } + } + + int i; m_databasePermissionsCursor->select(TQString("station=%1").arg(m_databaseStationsCursor->value("pk").toInt())); while (m_databasePermissionsCursor->next()) { - if (m_databasePermissionsCursor->value("username").toString() == m_authenticatedUserName) { - authorized = true; + for (i = 0; i < ngroups; i++) { + gr = getgrgid(groups[i]); + if (gr != NULL) { + if (m_databasePermissionsCursor->value("groupname").toString() == TQString(gr->gr_name)) { + authorized = true; + } + } } } m_databaseActivityCursor->select(TQString("station=%1").arg(m_databaseStationsCursor->value("pk").toInt())); |