FeddDownload: grantnodetype.patch
| File grantnodetype.patch, 3.2 KB (added by faber, 3 years ago) |
|---|
-
grantnodetype
RCS file: /usr/DETER/cvsroot/testbed/utils/grantnodetype.in,v retrieving revision 1.1.1.3 diff -u -r1.1.1.3 grantnodetype.in
29 29 # permission to use all of the types in that class, the class itself, and any 30 30 # aux nodetypes for the type/class (node_types_auxtypes table). 31 31 # 32 # The -R option removes the specified access and the -C option confirms that it 33 # exists (via exit code). 34 # 32 35 sub usage() 33 36 { 34 print STDERR "Usage: grantnodetype [-h] -p <pid> <type>\n"; 37 print STDERR "Usage: grantnodetype [-RCh] -p <pid> <type>\n"; 38 print STDERR " -R Remove access\n"; 39 print STDERR " -C Confirm access\n"; 35 40 print STDERR " -h This message\n"; 36 41 exit(-1); 37 42 } 38 my $optlist = " hp:dn";43 my $optlist = "CRhp:dn"; 39 44 my $impotent = 0; 40 45 my $debug = 0; 41 46 my %newtypes = (); 47 my $operation = "add"; 42 48 my $pid; 43 49 44 50 # … … 76 82 # Untaint the path 77 83 # 78 84 $ENV{'PATH'} = "/bin:/sbin:/usr/bin:"; 85 delete $ENV{'CDPATH'}; 79 86 80 87 # 81 88 # Parse command arguments. Once we return from getopts, all that should be … … 94 101 if (defined($options{d})) { 95 102 $debug = 1; 96 103 } 104 if (defined($options{R})) { 105 $operation = "remove"; 106 } 107 if (defined($options{C})) { 108 if ($operation eq "add" ) { 109 $operation = "confirm"; 110 } 111 else { 112 print STDERR "Only one of -C or -R permitted\n"; 113 usage(); 114 } 115 } 97 116 if (defined($options{p})) { 98 117 $pid = $options{p}; 99 118 } … … 176 195 # 177 196 # Run the queries. 178 197 # 198 199 my $confirm = 1; 179 200 foreach my $newtype (keys(%newtypes)) { 180 201 print STDERR "Granting permission to use type $newtype\n" 181 202 if ($debug); … … 197 218 " There is no '-' policy for node type $newtype! Stopping.\n"); 198 219 } 199 220 200 # 201 # Add generic rules that say the project is allowed to use "infinite" 202 # number of nodes of each type. 203 # 204 DBQueryFatal("replace into group_policies ". 205 "(pid_idx, gid_idx, pid, gid, policy, auxdata, count) ". 206 "values ($pid_idx, $pid_idx, '$pid', '$pid', ". 207 " 'type', '$newtype', 999999)") 208 if (!$impotent); 221 if ($operation eq "add") { 222 # 223 # Add generic rules that say the project is allowed to use "infinite" 224 # number of nodes of each type. 225 # 226 DBQueryFatal("replace into group_policies ". 227 "(pid_idx, gid_idx, pid, gid, policy, auxdata, count) ". 228 "values ($pid_idx, $pid_idx, '$pid', '$pid', ". 229 " 'type', '$newtype', 999999)") 230 if (!$impotent); 231 } 232 elsif ($operation eq 'remove') { 233 # 234 # Remove rules with this pid and this type 235 # 236 DBQueryFatal("delete from group_policies where pid='$pid' " . 237 "and auxdata='$newtype'") 238 if (!$impotent); 239 } 240 elsif ($operation eq 'confirm') { 241 # 242 # Confirm that all the table entries add would make are there. 243 # 244 if (!$impotent) { 245 my $result = DBQueryFatal("select pid from group_policies ". 246 "where pid='$pid' and auxdata='$newtype'"); 247 if (!$result->num_rows) { 248 $confirm = 0; 249 last; 250 } 251 } 252 else { 253 next; 254 } 255 } 209 256 } 210 257 258 exit($confirm ? 0 : 20) if ($operation eq 'confirm'); 259 211 260 # 212 261 # Now update the permissions table. 213 262 #
