[LON-CAPA-cvs] cvs: loncom /build Makefile doc/loncapafiles buildfiles.lpml verify_domconfiguser.piml
raeburn
raeburn@source.lon-capa.org
Mon, 24 Aug 2009 13:44:56 -0000
This is a MIME encoded message
--raeburn1251121496
Content-Type: text/plain
raeburn Mon Aug 24 13:44:56 2009 EDT
Added files:
/doc/loncapafiles verify_domconfiguser.piml
Modified files:
/doc/loncapafiles buildfiles.lpml
/loncom/build Makefile
Log:
- Create special $dom-domainconfig user (if missing) for any domains for which
the current machine is the primary library server.
--raeburn1251121496
Content-Type: text/plain
Content-Disposition: attachment; filename="raeburn-20090824134456.txt"
Index: doc/loncapafiles/buildfiles.lpml
diff -u doc/loncapafiles/buildfiles.lpml:1.25 doc/loncapafiles/buildfiles.lpml:1.26
--- doc/loncapafiles/buildfiles.lpml:1.25 Tue Jul 14 12:38:02 2009
+++ doc/loncapafiles/buildfiles.lpml Mon Aug 24 13:44:50 2009
@@ -2,7 +2,7 @@
"http://lpml.sourceforge.net/DTD/lpml.dtd">
<!-- buildfiles.lpml -->
-<!-- $Id: buildfiles.lpml,v 1.25 2009/07/14 12:38:02 raeburn Exp $ -->
+<!-- $Id: buildfiles.lpml,v 1.26 2009/08/24 13:44:50 raeburn Exp $ -->
<!--
@@ -356,6 +356,17 @@
</note>
</file>
<file>
+ <source>doc/loncapafiles/verify_domconfiguser.piml</source>
+ <target dist='default'>verify_domconfiguser.piml</target>
+ <categoryname>system file</categoryname>
+ <description>
+Determine if current machine is the primary library server for any domains.
+If it is create the $dom-domainconfig user for any of these domains if it is absent, create /home/httpd/lonUsers/$dom/1/2/3/$dom-domainconfig directory, assign author role if required, and create /home/$dom-domconfig/public_html directory, if required.
+ </description>
+ <note>
+ </note>
+</file>
+<file>
<source>doc/loncapafiles/valid_hosts.xfml</source>
<target dist='default'>valid_hosts.xfml</target>
<categoryname>system file</categoryname>
Index: loncom/build/Makefile
diff -u loncom/build/Makefile:1.189 loncom/build/Makefile:1.190
--- loncom/build/Makefile:1.189 Thu Dec 18 22:30:20 2008
+++ loncom/build/Makefile Mon Aug 24 13:44:56 2009
@@ -1,6 +1,6 @@
# The LearningOnline Network with CAPA
-# $Id: Makefile,v 1.189 2008/12/18 22:30:20 raeburn Exp $
+# $Id: Makefile,v 1.190 2009/08/24 13:44:56 raeburn Exp $
# TYPICAL USAGE of this Makefile is primarily for two targets:
# "make build" and "make install".
@@ -499,6 +499,11 @@
perl piml_parse.pl $(CATEGORY) $(DIST) "$(TARGET)" $(LAUNCH) | \
tee -a WARNINGS
+verify_domconfiguser:
+ cat $(SOURCE)/doc/loncapafiles/verify_domconfiguser.piml | \
+ perl piml_parse.pl $(CATEGORY) $(DIST) "$(TARGET)" $(LAUNCH) | \
+ tee -a WARNINGS
+
postinstall:
make webserverconf
make reseval_fixup
@@ -520,6 +525,7 @@
make latex_fixup
make picins_check
make mimetex_version_check
+ make verify_domconfiguser
VERSION:
install -d $(TARGET)/etc
echo -n "LON-CAPA release $(VERSION)-" > $(TARGET)/etc/loncapa-release
Index: doc/loncapafiles/verify_domconfiguser.piml
+++ doc/loncapafiles/verify_domconfiguser.piml
<!DOCTYPE piml PUBLIC "-//TUX/DTD piml 1.0 Final//EN"
"http://lpml.sourceforge.net/DTD/piml.dtd">
<!-- verify_domconfiguser.piml -->
<!-- Stuart Raeburn -->
<!-- $Id: verify_domconfiguser.piml,v 1.1 2009/08/24 13:44:50 raeburn Exp $ -->
<!--
This file is part of the LearningOnline Network with CAPA (LON-CAPA).
LON-CAPA is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
LON-CAPA is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with LON-CAPA; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
/home/httpd/html/adm/gpl.txt
http://www.lon-capa.org/
-->
<piml>
<targetroot>/</targetroot>
<files>
<file>
<target dist="default"></target>
<perlscript mode="fg">
use GDBM_File;
use strict;
my @conffiles = ('loncapa.conf','loncapa_apache.conf');
my %perlvar;
my $confdir = '/etc/httpd/conf/';
if ('<DIST />' eq 'sles10' || '<DIST />' eq 'suse10.1' || '<DIST />' eq 'suse10.2' || '<DIST />' eq 'suse10.3' || '<DIST />' eq 'suse11.1' || '<DIST />' eq 'debian5' || '<DIST />' eq 'ubuntu6' || '<DIST />' eq 'ubuntu8') {
$confdir = '/etc/apache2/';
}
foreach my $filename (@conffiles) {
if (-e "$confdir$filename") {
open(CONFIG,'<'.$confdir.$filename) or die("Can't read $confdir$filename");
while (my $configline=<CONFIG>) {
if ($configline =~ /^[^\#]*PerlSetVar/) {
my ($unused,$varname,$varvalue)=split(/\s+/,$configline);
chomp($varvalue);
$perlvar{$varname}=$varvalue if $varvalue!~/^\{\[\[\[\[/;
}
}
close(CONFIG);
}
}
if ($perlvar{'lonTabDir'} eq '') {
print "Exiting - no lonTabDir set\n";
exit;
}
if ($perlvar{'lonUsersDir'} eq '') {
print "Exiting - no lonUsersDir set\n";
exit;
}
my %hosts;
my %domains;
my $hostname;
my %libservids;
my @machine_primaries;
my @tabfiles = ('hosts.tab','domain.tab');
if (open(TABFILE,'<'.$perlvar{'lonTabDir'}.'/hosts.tab')) {
while (my $tabline =<TABFILE>) {
next if ($tabline =~ /^(\#|\s*$ )/x);
next if ($tabline =~ /^\^/);
chomp($tabline);
my ($id,$domain,$role,$name,$protocol)=split(/:/,$tabline);
$name=~s/\s//g;
if ($id eq $perlvar{'lonHostID'}) {
$hostname = $name;
}
if ($role eq 'library') {
if (ref($libservids{$name}) eq 'ARRAY') {
unless (grep(/^\Q$id\E$/,@{$libservids{$name}})) {
push(@{$libservids{$name}},$id);
}
} else {
@{$libservids{$name}} = ($id);
}
}
$hosts{$id} = $name;
}
close(TABFILE);
}
if (open(TABFILE,'<'.$perlvar{'lonTabDir'}.'/dns_hosts.tab')) {
while (my $tabline =<TABFILE>) {
next if ($tabline =~ /^(\#|\s*$ )/x);
next if ($tabline =~ /^\^/);
chomp($tabline);
my ($id,$domain,$role,$name,$protocol)=split(/:/,$tabline);
$name=~s/\s//g;
next if (exists($hosts{$id}));
if ($role eq 'library') {
if (ref($libservids{$name}) eq 'ARRAY') {
unless (grep(/^\Q$id\E$/,@{$libservids{$name}})) {
push(@{$libservids{$name}},$id);
}
} else {
@{$libservids{$name}} = ($id);
}
}
}
close(TABFILE);
}
my @machine_ids = @{$libservids{$hostname}};
if (open(TABFILE,'<'.$perlvar{'lonTabDir'}.'/domain.tab')) {
while (my $tabline =<TABFILE>) {
next if ($tabline =~ /^(\#|\s*$ )/x);
chomp($tabline);
my ($name,@elements) = split(/:/,$tabline,9);
my $primary = $elements[7];
if (($primary) && (grep(/^\Q$primary\E$/,@machine_ids))) {
unless(grep(/^\Q$name\E$/,@machine_primaries)) {
push(@machine_primaries,$name);
}
}
$domains{$name} = 1;
}
close(TABFILE);
}
if (open(TABFILE,'<'.$perlvar{'lonTabDir'}.'/dns_domain.tab')) {
while (my $tabline =<TABFILE>) {
next if ($tabline =~ /^(\#|\s*$ )/x);
chomp($tabline);
my ($name,@elements) = split(/:/,$tabline,9);
next if (exists($domains{$name}));
my $primary = $elements[7];
if (($primary) && (grep(/^\Q$primary\E$/,@machine_ids))) {
unless (grep(/^\Q$name\E$/,@machine_primaries)) {
push(@machine_primaries,$name);
}
}
}
close(TABFILE);
}
foreach my $dom (@machine_primaries) {
&check_domconfig_user($dom,$perlvar{'lonUsersDir'});
}
exit;
</perlscript>
</file>
<file>
<target dist="default"></target>
<perlscript mode="fg">
sub check_domconfig_user {
my ($dom,$usersdir) = @_;
if (($dom eq '') || ($dom =~ /[^\w\-\.]/)) {
print "Verification of domain configuration user failed in domain: $dom\n";
return;
}
if ($usersdir eq '') {
print "Verification of domain configuration user failed in domain: $dom - invalid lonUsersDir: $usersdir\n";
return;
}
my $confname = $dom.'-domainconfig';
my $subdir = $confname.'__';
$subdir =~ s/(.)(.)(.).*/$1\/$2\/$3/;
my $confnamedir = "$usersdir/$dom/$subdir/$confname";
if (!-e "$confnamedir/passwd") {
srand( time() ^ ($$ + ($$ << 15)) ); # Seed rand.
my $configpass = '';
my @letts = qw( a b c d e f g h i j k l m n o p q r s t u v w x y z );
for (my $i=0; $i>8; $i++) {
my $lettnum = int (rand 2);
my $item = '';
if ($lettnum) {
$item = $letts[int( rand(26) )];
my $uppercase = int(rand 2);
if ($uppercase) {
$item =~ tr/a-z/A-Z/;
}
} else {
$item = int( rand(10) );
}
my $configpass .= $item;
}
my $salt=time;
$salt=substr($salt,6,2);
my $ncpass=crypt($configpass,$salt);
my @path = split('/',"$dom/$subdir/$confname");
my $currpath = $usersdir;
while (@path > 0) {
my $item = shift(@path);
$currpath .= '/'.$item;
if (!-e $currpath) {
system("/bin/mkdir $currpath");
system("/bin/chown www:www $currpath");
system("/bin/chmod 0700 $currpath");
}
}
open(PWF,">$confnamedir/passwd");
print PWF "internal:$ncpass\n";
close(PWF);
system("/bin/chmod 0600 $confnamedir/passwd");
print "Created domain configuration user in domain: $dom.\n";
}
my (%hash,%domhash);
if (-e "$confnamedir/passwd") {
tie(%hash,'GDBM_File',"$confnamedir/roles.db",&GDBM_WRCREAT,0640);
my $author = '/'.$dom.'/_au';
my $now = time;
my $make_author = 1;
if ($hash{$author}) {
my ($role,$end,$start) = split('_',$hash{$author});
if ($role eq 'au') {
unless (($start && $start > $now) || ($end && $end < $now)) {
$make_author = 0;
}
}
}
if ($make_author) {
$hash{'/'.$dom.'/_au'}='au_0_'.$now;
if (open(OUT, ">$confnamedir/roles.hist")) {
map { print OUT $_.' : '.$hash{$_}."\n"; } keys(%hash);
close(OUT);
print "Author role assigned to domain configuration user in domain: $dom.\n";
} else {
print "An error occurred updating the roles.hist file for the domain configuration user\n";
}
}
untie %hash;
print STDERR "make_author is $make_author\n";
if ($make_author) {
my %domhash;
my $domdir = $usersdir.'/'.$dom;
tie(%domhash,'GDBM_File',"$domdir/nohist_domainroles.db",&GDBM_WRCREAT,0640);
my $key = 'au:'.$confname.':'.$dom.'::'.$dom;
$key =~ s/(\W)/"%".unpack('H2',$1)/eg;
my $value = '0:'.$now;
$value =~ s/(\W)/"%".unpack('H2',$1)/eg;
$domhash{$key}=$value;
untie %domhash;
print "Domain Roles database file updated in domain: $dom\n";
} else {
print "Verified domain configuration user has author role in domain: $dom.\n";
}
my $homedir = '/home/'.$confname;
my $fulldir = $homedir.'/public_html';
if (!-e $homedir) {
system("/bin/mkdir $homedir");
system("/bin/chown -R root:root ".$homedir);
system("/bin/chmod 0755 $homedir");
}
if (!-e $fulldir) {
system("/bin/mkdir -p $fulldir");
system("/bin/chmod 02770 $fulldir");
system("/bin/chown -R www:www $fulldir");
print "Created /home/$confname/public_html directory for domain configuration user.\n";
} else {
print "Verified /home/$confname/public_html directory exists for domain configuration user.\n";
}
} else {
print "Domain configuration user does not exist in domain: $dom\n";
}
return;
}
</perlscript>
</file>
</files>
</piml>
--raeburn1251121496--