specify lamdaemon commands on command line
This commit is contained in:
parent
3962852004
commit
6a31925d00
|
@ -2,6 +2,7 @@ June 2010 3.1.0
|
||||||
- Asterisk voicemail support
|
- Asterisk voicemail support
|
||||||
- new hosts module for user accounts to define valid login workstations (replaces inetOrgPerson schema hack) (2951116)
|
- new hosts module for user accounts to define valid login workstations (replaces inetOrgPerson schema hack) (2951116)
|
||||||
- PDF editor: descriptive fields
|
- PDF editor: descriptive fields
|
||||||
|
- lamdaemon: sudo entry needs to be changed to ".../lamdaemon.pl *"
|
||||||
- LAM Pro
|
- LAM Pro
|
||||||
-> custom scripts: new options to hide executed commands and define if output is HTML or plain text
|
-> custom scripts: new options to hide executed commands and define if output is HTML or plain text
|
||||||
- fixed bugs:
|
- fixed bugs:
|
||||||
|
|
|
@ -2941,7 +2941,7 @@ Have fun!
|
||||||
sudo. Edit /etc/sudoers on host where homedirs or quotas should be used
|
sudo. Edit /etc/sudoers on host where homedirs or quotas should be used
|
||||||
and add the following line:</para>
|
and add the following line:</para>
|
||||||
|
|
||||||
<para>$admin All= NOPASSWD: $path_to_lamdaemon</para>
|
<para>$admin All= NOPASSWD: $path_to_lamdaemon *</para>
|
||||||
|
|
||||||
<para><emphasis condition="">$admin</emphasis> is the admin user from
|
<para><emphasis condition="">$admin</emphasis> is the admin user from
|
||||||
LAM (must be a valid Unix account) and
|
LAM (must be a valid Unix account) and
|
||||||
|
@ -2950,7 +2950,8 @@ Have fun!
|
||||||
|
|
||||||
<para><emphasis role="bold">Example:</emphasis></para>
|
<para><emphasis role="bold">Example:</emphasis></para>
|
||||||
|
|
||||||
<para>myAdmin ALL= NOPASSWD: /srv/www/htdocs/lam/lib/lamdaemon.pl</para>
|
<para>myAdmin ALL= NOPASSWD: /srv/www/htdocs/lam/lib/lamdaemon.pl
|
||||||
|
*</para>
|
||||||
|
|
||||||
<para>You might need to run the sudo command once manually to init sudo.
|
<para>You might need to run the sudo command once manually to init sudo.
|
||||||
The command "sudo -l" will show all possible sudo commands of the
|
The command "sudo -l" will show all possible sudo commands of the
|
||||||
|
|
|
@ -43,7 +43,6 @@ function lamdaemon($command, $server) {
|
||||||
if (!function_exists('ssh2_connect')) {
|
if (!function_exists('ssh2_connect')) {
|
||||||
return array('ERROR,' . _('This module requires the PHP ssh2 extension.'));
|
return array('ERROR,' . _('This module requires the PHP ssh2 extension.'));
|
||||||
}
|
}
|
||||||
$command = $command . "\n";
|
|
||||||
// get username and password of the current lam-admin
|
// get username and password of the current lam-admin
|
||||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
$credentials = $_SESSION['ldap']->decrypt_login();
|
||||||
$serverNameParts = explode(",", $server);
|
$serverNameParts = explode(",", $server);
|
||||||
|
@ -66,8 +65,7 @@ function lamdaemon($command, $server) {
|
||||||
}
|
}
|
||||||
$userName = $entry[0]['uid'][0];
|
$userName = $entry[0]['uid'][0];
|
||||||
if (@ssh2_auth_password($handle, $userName, $credentials[1])) {
|
if (@ssh2_auth_password($handle, $userName, $credentials[1])) {
|
||||||
$shell = ssh2_exec($handle, "sudo " . $_SESSION['config']->get_scriptPath());
|
$shell = ssh2_exec($handle, "sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command));
|
||||||
fwrite($shell, $command);
|
|
||||||
$return = array();
|
$return = array();
|
||||||
$time = time() + 30;
|
$time = time() + 30;
|
||||||
while (sizeof($return) < 1) {
|
while (sizeof($return) < 1) {
|
||||||
|
|
|
@ -105,34 +105,30 @@ if ($< != 0 ) {
|
||||||
|
|
||||||
# Drop root privileges
|
# Drop root privileges
|
||||||
($<, $>) = ($>, $<);
|
($<, $>) = ($>, $<);
|
||||||
# loop for every transmitted user
|
my $input = $ARGV[0];
|
||||||
while (1) {
|
$return = "";
|
||||||
my $input = <STDIN>;
|
@vals = split ($SPLIT_DELIMITER, $input);
|
||||||
chop($input);
|
# Get user information
|
||||||
$return = "";
|
if (($vals[3] eq 'user') || ($vals[1] eq 'home')) { @user = getpwnam($vals[0]); }
|
||||||
@vals = split ($SPLIT_DELIMITER, $input);
|
else { @user = getgrnam($vals[0]); }
|
||||||
# Get user information
|
if ($vals[1] eq '') {
|
||||||
if (($vals[3] eq 'user') || ($vals[1] eq 'home')) { @user = getpwnam($vals[0]); }
|
# empty line, nothing to do
|
||||||
else { @user = getgrnam($vals[0]); }
|
|
||||||
if ($vals[1] eq '') {
|
|
||||||
# empty line, nothing to do
|
|
||||||
}
|
|
||||||
elsif (($vals[1] eq 'test')) {
|
|
||||||
# run tests
|
|
||||||
runTest();
|
|
||||||
}
|
|
||||||
elsif ($vals[1] eq 'home') {
|
|
||||||
manageHomedirs();
|
|
||||||
}
|
|
||||||
elsif ($vals[1] eq 'quota') {
|
|
||||||
manageQuotas();
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$return = "ERROR,Lamdaemon ($hostname),Unknown command $vals[1].";
|
|
||||||
logMessage(LOG_ERR, "Unknown command $vals[1].");
|
|
||||||
}
|
|
||||||
print "$return\n";
|
|
||||||
}
|
}
|
||||||
|
elsif (($vals[1] eq 'test')) {
|
||||||
|
# run tests
|
||||||
|
runTest();
|
||||||
|
}
|
||||||
|
elsif ($vals[1] eq 'home') {
|
||||||
|
manageHomedirs();
|
||||||
|
}
|
||||||
|
elsif ($vals[1] eq 'quota') {
|
||||||
|
manageQuotas();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$return = "ERROR,Lamdaemon ($hostname),Unknown command $vals[1].";
|
||||||
|
logMessage(LOG_ERR, "Unknown command $vals[1].");
|
||||||
|
}
|
||||||
|
print "$return\n";
|
||||||
|
|
||||||
#
|
#
|
||||||
# Runs tests to check the environment
|
# Runs tests to check the environment
|
||||||
|
|
|
@ -128,7 +128,7 @@ function lamTestLamdaemon($command, $stopTest, $handle, $testText) {
|
||||||
echo "<tr class=\"userlist\">\n<td nowrap>" . $testText . " </td>\n";
|
echo "<tr class=\"userlist\">\n<td nowrap>" . $testText . " </td>\n";
|
||||||
flush();
|
flush();
|
||||||
$lamdaemonOk = false;
|
$lamdaemonOk = false;
|
||||||
$shell = ssh2_exec($handle, "sudo " . $_SESSION['config']->get_scriptPath());
|
$shell = ssh2_exec($handle, "sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command));
|
||||||
if (!$shell) {
|
if (!$shell) {
|
||||||
echo "<td>" . $failImage . " </td>\n";
|
echo "<td>" . $failImage . " </td>\n";
|
||||||
echo "<td>\n";
|
echo "<td>\n";
|
||||||
|
@ -137,9 +137,8 @@ function lamTestLamdaemon($command, $stopTest, $handle, $testText) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
$stderr = ssh2_fetch_stream($shell, SSH2_STREAM_STDERR);
|
$stderr = ssh2_fetch_stream($shell, SSH2_STREAM_STDERR);
|
||||||
fwrite($shell, $command);
|
|
||||||
$return = array();
|
$return = array();
|
||||||
$time = time() + 20;
|
$time = time() + 30;
|
||||||
while (sizeof($return) < 1) {
|
while (sizeof($return) < 1) {
|
||||||
if ($time < time()) {
|
if ($time < time()) {
|
||||||
$lamdaemonOk = false;
|
$lamdaemonOk = false;
|
||||||
|
@ -291,17 +290,17 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota) {
|
||||||
|
|
||||||
flush();
|
flush();
|
||||||
|
|
||||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "basic\n", $stopTest, $handle, _("Execute lamdaemon"));
|
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "basic", $stopTest, $handle, _("Execute lamdaemon"));
|
||||||
$handle = lamTestConnectSSH($serverName);
|
$handle = lamTestConnectSSH($serverName);
|
||||||
@ssh2_auth_password($handle, $userName, $credentials[1]);
|
@ssh2_auth_password($handle, $userName, $credentials[1]);
|
||||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "nss" . $SPLIT_DELIMITER . "$userName\n", $stopTest, $handle, _("Lamdaemon: check NSS LDAP"));
|
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "nss" . $SPLIT_DELIMITER . "$userName", $stopTest, $handle, _("Lamdaemon: check NSS LDAP"));
|
||||||
if ($testQuota) {
|
if ($testQuota) {
|
||||||
$handle = lamTestConnectSSH($serverName);
|
$handle = lamTestConnectSSH($serverName);
|
||||||
@ssh2_auth_password($handle, $userName, $credentials[1]);
|
@ssh2_auth_password($handle, $userName, $credentials[1]);
|
||||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "quota\n", $stopTest, $handle, _("Lamdaemon: Quota module installed"));
|
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "quota", $stopTest, $handle, _("Lamdaemon: Quota module installed"));
|
||||||
$handle = lamTestConnectSSH($serverName);
|
$handle = lamTestConnectSSH($serverName);
|
||||||
@ssh2_auth_password($handle, $userName, $credentials[1]);
|
@ssh2_auth_password($handle, $userName, $credentials[1]);
|
||||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "quota" . $SPLIT_DELIMITER . "get" . $SPLIT_DELIMITER . "user\n", $stopTest, $handle, _("Lamdaemon: read quotas"));
|
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "quota" . $SPLIT_DELIMITER . "get" . $SPLIT_DELIMITER . "user", $stopTest, $handle, _("Lamdaemon: read quotas"));
|
||||||
}
|
}
|
||||||
|
|
||||||
echo "</table><br>\n";
|
echo "</table><br>\n";
|
||||||
|
|
Loading…
Reference in New Issue