From 1cf760aa1600199b8a9acb4ccaded655f6903d62 Mon Sep 17 00:00:00 2001 From: Adam Dickmeiss Date: Thu, 23 Oct 2003 11:45:08 +0000 Subject: [PATCH] Implement option to change UID (-u) --- include/yaz++/pdu-assoc.h | 4 +-- include/yaz++/pdu-observer.h | 4 +-- include/yaz++/proxy.h | 4 +-- include/yaz++/z-assoc.h | 4 +-- src/proxy.sh | 25 ++++++++-------- src/yaz-pdu-assoc.cpp | 13 ++++----- src/yaz-proxy-main.cpp | 66 +++++++++++++++++++++++++++++------------- src/yaz-proxy.cpp | 16 ++++++---- src/yaz-z-assoc.cpp | 6 ++-- 9 files changed, 86 insertions(+), 56 deletions(-) diff --git a/include/yaz++/pdu-assoc.h b/include/yaz++/pdu-assoc.h index 72a2832..25a2efd 100644 --- a/include/yaz++/pdu-assoc.h +++ b/include/yaz++/pdu-assoc.h @@ -2,7 +2,7 @@ * Copyright (c) 1998-2003, Index Data. * See the file LICENSE for details. * - * $Id: pdu-assoc.h,v 1.4 2003-10-23 08:48:35 adam Exp $ + * $Id: pdu-assoc.h,v 1.5 2003-10-23 11:45:08 adam Exp $ */ #ifndef YAZ_PDU_ASSOC_INCLUDED @@ -68,7 +68,7 @@ class YAZ_EXPORT Yaz_PDU_Assoc : public IYaz_PDU_Observable, IYazSocketObserver /// connect to server (client role) int connect(IYaz_PDU_Observer *observer, const char *addr); /// listen for clients (server role) - void listen(IYaz_PDU_Observer *observer, const char *addr); + int listen(IYaz_PDU_Observer *observer, const char *addr); /// Socket notification void socketNotify(int event); /// Close socket diff --git a/include/yaz++/pdu-observer.h b/include/yaz++/pdu-observer.h index dda0ca8..3b5bdf5 100644 --- a/include/yaz++/pdu-observer.h +++ b/include/yaz++/pdu-observer.h @@ -2,7 +2,7 @@ * Copyright (c) 1998-2000, Index Data. * See the file LICENSE for details. * - * $Id: pdu-observer.h,v 1.3 2003-10-10 12:37:26 adam Exp $ + * $Id: pdu-observer.h,v 1.4 2003-10-23 11:45:08 adam Exp $ */ #ifndef YAZ_PDU_OBSERVER_H @@ -23,7 +23,7 @@ class YAZ_EXPORT IYaz_PDU_Observable { /// Connect with server specified by addr. virtual int connect(IYaz_PDU_Observer *observer, const char *addr) = 0; /// Listen on address addr. - virtual void listen(IYaz_PDU_Observer *observer, const char *addr) = 0; + virtual int listen(IYaz_PDU_Observer *observer, const char *addr) = 0; /// Close connection virtual void close() = 0; /// Make clone of this object using this interface diff --git a/include/yaz++/proxy.h b/include/yaz++/proxy.h index 78ecf4c..33e4603 100644 --- a/include/yaz++/proxy.h +++ b/include/yaz++/proxy.h @@ -2,7 +2,7 @@ * Copyright (c) 1998-2003, Index Data. * See the file LICENSE for details. * - * $Id: proxy.h,v 1.20 2003-10-20 18:31:43 adam Exp $ + * $Id: proxy.h,v 1.21 2003-10-23 11:45:08 adam Exp $ */ #include @@ -236,7 +236,7 @@ class YAZ_EXPORT Yaz_Proxy : public Yaz_Z_Assoc { int set_config(const char *name); void reconfig() { m_reconfig_flag = 1; } int send_to_client(Z_APDU *apdu); - void server(const char *addr); + int server(const char *addr); void pre_init(); int get_log_mask() { return m_log_mask; }; }; diff --git a/include/yaz++/z-assoc.h b/include/yaz++/z-assoc.h index 4a2b4d4..49b8a68 100644 --- a/include/yaz++/z-assoc.h +++ b/include/yaz++/z-assoc.h @@ -2,7 +2,7 @@ * Copyright (c) 1998-2000, Index Data. * See the file LICENSE for details. * - * $Id: z-assoc.h,v 1.4 2003-10-16 16:10:43 adam Exp $ + * $Id: z-assoc.h,v 1.5 2003-10-23 11:45:08 adam Exp $ */ #ifndef YAZ_Z_ASSOC_INCLUDED @@ -35,7 +35,7 @@ class YAZ_EXPORT Yaz_Z_Assoc : public IYaz_PDU_Observer { /// Begin Z39.50 client role int client(const char *addr); /// Begin Z39.50 server role - void server(const char *addr); + int server(const char *addr); /// Close connection void close(); /// Decode Z39.50 PDU. diff --git a/src/proxy.sh b/src/proxy.sh index 3e1fc16..8adf7e0 100755 --- a/src/proxy.sh +++ b/src/proxy.sh @@ -12,27 +12,26 @@ PATH=/usr/local/bin:/bin:/usr/bin export PATH -RUNAS=nobody -LOGFILE=/var/log/proxy.log - -if test `whoami` != $RUNAS; then - touch $LOGFILE - chown $RUNAS $LOGFILE - su -c "$0 $*" $RUNAS - exit 0 -fi - # Proxy CWD is here. Should be writable by it. -DIR=/var/proxy +DIR=/var/yaz-proxy # Proxy Path DAEMON=/usr/local/bin/yaz-proxy # Proxy PIDFILE. Must be writable by it. -PIDFILE=$DIR/proxy.pid +PIDFILE=$DIR/yaz-proxy.pid +# Log file +LOGFILE=/var/log/yaz-proxy.log # Port PORT=9000 +# Run as this user. Set to empty to keep uid as is +RUNAS=nobody +RUNAS= # Extra args . Config file _WITH_ option ARGS="-c config.xml" +if test -n "RUNAS"; then + ARGS="-u $RUNAS $ARGS" +fi + # Name, Description (not essential) NAME=yaz-proxy DESC="YAZ proxy" @@ -54,6 +53,7 @@ case "$1" in if test -f $PIDFILE; then kill `cat $PIDFILE` + rm -f $PIDFILE echo "$NAME." else echo "No PID $PIDFILE" @@ -68,6 +68,7 @@ case "$1" in echo -n "Restarting $DESC: " if test -f $PIDFILE; then kill `cat $PIDFILE` + rm -f $PIDFILE fi sleep 1 cd $DIR diff --git a/src/yaz-pdu-assoc.cpp b/src/yaz-pdu-assoc.cpp index 6ee18f6..62e0247 100644 --- a/src/yaz-pdu-assoc.cpp +++ b/src/yaz-pdu-assoc.cpp @@ -2,7 +2,7 @@ * Copyright (c) 1998-2003, Index Data. * See the file LICENSE for details. * - * $Id: yaz-pdu-assoc.cpp,v 1.36 2003-10-23 08:46:55 adam Exp $ + * $Id: yaz-pdu-assoc.cpp,v 1.37 2003-10-23 11:45:08 adam Exp $ */ #include @@ -398,27 +398,26 @@ COMSTACK Yaz_PDU_Assoc::comstack(const char *type_and_host, void **vp) return cs_create_host(type_and_host, 2, vp); } -void Yaz_PDU_Assoc::listen(IYaz_PDU_Observer *observer, - const char *addr) +int Yaz_PDU_Assoc::listen(IYaz_PDU_Observer *observer, + const char *addr) { close(); - yaz_log (LOG_LOG, "Adding listener %s", addr); - m_PDU_Observer = observer; void *ap; m_cs = comstack(addr, &ap); if (!m_cs) - return; + return -1; if (cs_bind(m_cs, ap, CS_SERVER) < 0) - return; + return -2; m_socketObservable->addObserver(cs_fileno(m_cs), this); yaz_log(m_log, "maskObserver 9"); m_socketObservable->maskObserver(this, YAZ_SOCKET_OBSERVE_READ| YAZ_SOCKET_OBSERVE_EXCEPT); yaz_log (m_log, "Yaz_PDU_Assoc::listen ok fd=%d", cs_fileno(m_cs)); m_state = Listen; + return 0; } void Yaz_PDU_Assoc::idleTime(int idleTime) diff --git a/src/yaz-proxy-main.cpp b/src/yaz-proxy-main.cpp index e8d594f..8a37ada 100644 --- a/src/yaz-proxy-main.cpp +++ b/src/yaz-proxy-main.cpp @@ -2,11 +2,14 @@ * Copyright (c) 1998-2003, Index Data. * See the file LICENSE for details. * - * $Id: yaz-proxy-main.cpp,v 1.21 2003-10-23 09:08:52 adam Exp $ + * $Id: yaz-proxy-main.cpp,v 1.22 2003-10-23 11:45:08 adam Exp $ */ #include #include +#include +#include + #include #include @@ -17,11 +20,12 @@ void usage(char *prog) { fprintf (stderr, "%s: [-c config] [-a log] [-m num] [-v level] [-t target] [-i sec] " - "[-u auth] [-o optlevel] @:port\n", prog); + "[-u uid] [-p pidfile] [-o optlevel] @:port\n", prog); exit (1); } static char *pid_fname = 0; +static char *uid = 0; int args(Yaz_Proxy *proxy, int argc, char **argv) { @@ -30,7 +34,7 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) char *prog = argv[0]; int ret; - while ((ret = options("o:a:t:v:c:u:i:m:l:T:p:", argv, argc, &arg)) != -2) + while ((ret = options("o:a:t:v:c:u:i:m:l:T:p:U:", argv, argc, &arg)) != -2) { int err; switch (ret) @@ -62,7 +66,7 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) case 't': proxy->set_default_target(arg); break; - case 'u': + case 'U': proxy->set_proxy_authentication(arg); break; case 'o': @@ -87,6 +91,10 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) if (!pid_fname) pid_fname = xstrdup(arg); break; + case 'u': + if (!uid) + uid = xstrdup(arg); + break; default: usage(prog); return 1; @@ -94,7 +102,11 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) } if (addr) { - proxy->server(addr); + if (proxy->server(addr)) + { + yaz_log(LOG_FATAL|LOG_ERRNO, "listen %s", addr); + exit(1); + } } else { @@ -122,25 +134,39 @@ int main(int argc, char **argv) signal(SIGHUP, sighup_handler); args(&proxy, argc, argv); - while (mySocketManager.processEvent() > 0) - if (!mk_pid && pid_fname) - { - FILE *f = fopen(pid_fname, "w"); - if (!f) - { - yaz_log(LOG_ERRNO|LOG_FATAL, "Couldn't create %s", pid_fname); - exit(0); - } - fprintf(f, "%ld", (long) getpid()); - fclose(f); - mk_pid = 1; - } + if (pid_fname) { - if (mk_pid) - unlink(pid_fname); + FILE *f = fopen(pid_fname, "w"); + if (!f) + { + yaz_log(LOG_ERRNO|LOG_FATAL, "Couldn't create %s", pid_fname); + exit(0); + } + fprintf(f, "%ld", (long) getpid()); + fclose(f); xfree(pid_fname); } + if (uid) + { + struct passwd *pw; + + if (!(pw = getpwnam(uid))) + { + yaz_log(LOG_FATAL, "%s: Unknown user", uid); + exit(3); + } + if (setuid(pw->pw_uid) < 0) + { + yaz_log(LOG_FATAL|LOG_ERRNO, "setuid"); + exit(4); + } + xfree(uid); + } + + while (mySocketManager.processEvent() > 0) + ; + exit (0); return 0; } diff --git a/src/yaz-proxy.cpp b/src/yaz-proxy.cpp index 1275732..717fbf4 100644 --- a/src/yaz-proxy.cpp +++ b/src/yaz-proxy.cpp @@ -2,7 +2,7 @@ * Copyright (c) 1998-2003, Index Data. * See the file LICENSE for details. * - * $Id: yaz-proxy.cpp,v 1.66 2003-10-23 09:10:12 adam Exp $ + * $Id: yaz-proxy.cpp,v 1.67 2003-10-23 11:45:08 adam Exp $ */ #include @@ -72,7 +72,7 @@ Yaz_Proxy::Yaz_Proxy(IYaz_PDU_Observable *the_PDU_Observable, m_client_idletime = 600; m_target_idletime = 600; m_optimize = xstrdup ("1"); - strcpy(m_session_str, "0"); + strcpy(m_session_str, "0 "); m_session_no=0; m_bytes_sent = m_bytes_recv = 0; m_bw_hold_PDU = 0; @@ -1529,10 +1529,14 @@ void Yaz_ProxyClient::recv_Z_PDU(Z_APDU *apdu, int len) } } -void Yaz_Proxy::server(const char *addr) +int Yaz_Proxy::server(const char *addr) { - Yaz_Z_Assoc::server(addr); - - timeout(1); + int r = Yaz_Z_Assoc::server(addr); + if (!r) + { + yaz_log(LOG_LOG, "%sStarted proxy on %s", m_session_str, addr); + timeout(1); + } + return r; } diff --git a/src/yaz-z-assoc.cpp b/src/yaz-z-assoc.cpp index bb696ce..aa7d068 100644 --- a/src/yaz-z-assoc.cpp +++ b/src/yaz-z-assoc.cpp @@ -2,7 +2,7 @@ * Copyright (c) 1998-2003, Index Data. * See the file LICENSE for details. * - * $Id: yaz-z-assoc.cpp,v 1.29 2003-10-20 18:31:44 adam Exp $ + * $Id: yaz-z-assoc.cpp,v 1.30 2003-10-23 11:45:08 adam Exp $ */ #include @@ -272,12 +272,12 @@ void Yaz_Z_Assoc::close() m_PDU_Observable->close (); } -void Yaz_Z_Assoc::server(const char *addr) +int Yaz_Z_Assoc::server(const char *addr) { delete [] m_hostname; m_hostname = new char[strlen(addr)+1]; strcpy (m_hostname, addr); - m_PDU_Observable->listen (this, addr); + return m_PDU_Observable->listen (this, addr); } ODR Yaz_Z_Assoc::odr_encode() -- 1.7.10.4