diff options
| author | Simon Rettberg | 2020-12-10 14:01:18 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2020-12-10 14:01:18 +0100 |
| commit | cdf414bf6a999788d4d70e997f8c413e96ef7bb1 (patch) | |
| tree | 3c05b78ffd5133fafaf110b4dd392294399d788e | |
| parent | [rebootcontrol] rename scheduler table and associated queries (diff) | |
| download | slx-admin-cdf414bf6a999788d4d70e997f8c413e96ef7bb1.tar.gz slx-admin-cdf414bf6a999788d4d70e997f8c413e96ef7bb1.tar.xz slx-admin-cdf414bf6a999788d4d70e997f8c413e96ef7bb1.zip | |
[sysconfig] CustomModule: Add check for file ownership, add "fix" option
The fix option will change the owner/group of every file and directory
in the archive to root:root
Previously, the client changed the ownership of the config.tgz contents
to root when extracting, but in some cases it's desired to deliver files
with specific owner and group settings.
The version of the CustomModule module has been bumped to 2, so we can
automatically convert old modules when upgrading or importing a backup,
to be compatible to the old "root everything on the client" logic.
9 files changed, 109 insertions, 57 deletions
diff --git a/modules-available/sysconfig/addmodule_custommodule.inc.php b/modules-available/sysconfig/addmodule_custommodule.inc.php index 0c3c299d..7830b8ed 100644 --- a/modules-available/sysconfig/addmodule_custommodule.inc.php +++ b/modules-available/sysconfig/addmodule_custommodule.inc.php @@ -57,6 +57,7 @@ class CustomModule_ProcessUpload extends AddModule_Base { $status = Taskmanager::waitComplete($this->taskId); Taskmanager::release($this->taskId); + $userGroupWarn = false; $tempfile = Session::get('mod_temp'); if (!isset($status['statusCode'])) { unlink($tempfile); @@ -66,36 +67,21 @@ class CustomModule_ProcessUpload extends AddModule_Base unlink($tempfile); $this->taskError($status); } - // Sort files for better display - $dirs = array(); - foreach ($status['data']['entries'] as $file) { - if ($file['isdir']) continue; - $dirs[dirname($file['name'])][] = $file; - } - ksort($dirs); - $list = array(); - foreach ($dirs as $dir => $files) { - $list[] = array( - 'name' => $dir, - 'isdir' => true - ); - sort($files); - foreach ($files as $file) { - $file['size'] = Util::readableFileSize($file['size']); - $list[] = $file; - } - } - if ($this->edit !== false) + $list = SysConfig::archiveContentsFromTask($status, $userGroupWarn); + + if ($this->edit !== false) { $title = $this->edit->title(); - elseif (isset($_FILES['modulefile']['name'])) + } else if (isset($_FILES['modulefile']['name'])) { $title = basename($_FILES['modulefile']['name']); - else + } else { $title = ''; + } Render::addDialog(Dictionary::translate('config-module', 'custom_title'), false, 'custom-fileselect', array( 'step' => 'CustomModule_CompressModule', 'files' => $list, 'edit' => $this->edit ? $this->edit->id() : false, - 'title' => $title + 'title' => $title, + 'userGroupWarn' => $userGroupWarn, )); Session::save(); } @@ -121,7 +107,8 @@ class CustomModule_CompressModule extends AddModule_Base Taskmanager::submit('RecompressArchive', array( 'id' => $this->taskId, 'inputFiles' => [$tempfile => false], - 'outputFile' => $destFile + 'outputFile' => $destFile, + 'forceRoot' => Request::post('force-owner', 0, 'int') !== 0, ), true); $status = Taskmanager::waitComplete($this->taskId, 5000); unlink($tempfile); diff --git a/modules-available/sysconfig/inc/configmodule.inc.php b/modules-available/sysconfig/inc/configmodule.inc.php index f3906378..580c15a0 100644 --- a/modules-available/sysconfig/inc/configmodule.inc.php +++ b/modules-available/sysconfig/inc/configmodule.inc.php @@ -262,6 +262,11 @@ abstract class ConfigModule { return $this->moduleStatus; } + + public final function currentVersion() + { + return $this->currentVersion; + } /** * Get the module type. diff --git a/modules-available/sysconfig/inc/configmodule/customodule.inc.php b/modules-available/sysconfig/inc/configmodule/customodule.inc.php index 3c10bada..8b968336 100644 --- a/modules-available/sysconfig/inc/configmodule/customodule.inc.php +++ b/modules-available/sysconfig/inc/configmodule/customodule.inc.php @@ -12,14 +12,27 @@ ConfigModule::registerModule( class ConfigModule_CustomModule extends ConfigModule { const MODID = 'CustomModule'; - const VERSION = 1; + const VERSION = 2; private $tmpFile = false; protected function generateInternal($tgz, $parent) { if (!$this->validateConfig()) { - return $this->archive() !== false && file_exists($this->archive()); // No new temp file given, old archive still exists, pretend it worked... + // No temp file given from wizard + // Old archive still exists? pretend it worked... + if ($this->archive() === false || !file_exists($this->archive())) + return false; + if ($this->currentVersion() == 1) { + // Need an upgrade + return Taskmanager::submit('RecompressArchive', array( + 'inputFiles' => [$this->archive() => false], + 'outputFile' => $tgz, + 'forceRoot' => true, // Force this for old modules for backward compat + )); + } + // Nothing to do + return true; } $task = Taskmanager::submit('MoveFile', array( 'source' => $this->tmpFile, @@ -42,6 +55,7 @@ class ConfigModule_CustomModule extends ConfigModule public function setData($key, $value) { + // Sets the temp file from the wizard, where it stored the processed archive if ($key !== 'tmpFile' || !file_exists($value)) return false; $this->tmpFile = $value; diff --git a/modules-available/sysconfig/inc/sysconfig.inc.php b/modules-available/sysconfig/inc/sysconfig.inc.php index 15bd4104..9ad3a36f 100644 --- a/modules-available/sysconfig/inc/sysconfig.inc.php +++ b/modules-available/sysconfig/inc/sysconfig.inc.php @@ -14,4 +14,31 @@ class SysConfig return $ret; } + public static function archiveContentsFromTask($status, &$userGroupWarn = null) : array + { + // Sort files for better display + $dirs = array(); + foreach ($status['data']['entries'] as $file) { + if ($file['isdir']) continue; + $dirs[dirname($file['name'])][] = $file; + if ($file['userId'] > 0 || $file['groupId'] > 0) { + $userGroupWarn = true; + } + } + ksort($dirs); + $list = array(); + foreach ($dirs as $dir => $files) { + $list[] = array( + 'name' => $dir, + 'isdir' => true + ); + sort($files); + foreach ($files as $file) { + $file['size'] = Util::readableFileSize($file['size']); + $list[] = $file; + } + } + return $list; + } + }
\ No newline at end of file diff --git a/modules-available/sysconfig/lang/de/template-tags.json b/modules-available/sysconfig/lang/de/template-tags.json index 7832d469..ba41fce2 100644 --- a/modules-available/sysconfig/lang/de/template-tags.json +++ b/modules-available/sysconfig/lang/de/template-tags.json @@ -45,6 +45,7 @@ "lang_fixNumeric": "Numerischen Account-Namen muss ein 's' vorangestellt werden", "lang_fixNumericDescription": "Wenn Sie diese Option aktivieren, m\u00fcssen Benutzer, deren Account-Name nur aus Ziffern besteht, diesem ein 's' voranstellen beim Login. Diese Option ist beim alten Login-Manager (KDM) zwingend erforderlich, da sonst der Loginvorgang fehlschl\u00e4gt. Mit dem neuen lightdm-basierten Login-Screen lassen sich numerische Account-Namen jedoch direkt verwenden. Wenn Sie an Ihrer Einrichtung keine numerischen Account-Namen verwenden, hat diese Option keine Auswirkung.", "lang_folderRedirection": "Folder Redirection", + "lang_forceRootOwner": "Besitzrechte des Inhalts auf root:root setzen", "lang_genUid": "uid-Nummern generieren", "lang_genUidDescription": "Wenn aktiviert, generiert der Satellitenserver nummerische IDs f\u00fcr die Benutzer, anstatt diese aus dem LDAP\/AD zu extrahieren.", "lang_generateModule": "Modul erzeugen", @@ -79,6 +80,7 @@ "lang_moduleChoose": "Bitte w\u00e4hlen Sie aus, welche Art Konfigurationsmodul Sie erstellen m\u00f6chten.", "lang_moduleConfiguration": "Konfigurationsmodule", "lang_moduleName": "Modulname", + "lang_moduleOwnerWarn": "Einige Dateien oder Verzeichnisse in diesem Archiv haben als Besitzer order Gruppe etwas anderes als \"root\" gesetzt. Dies ist nur in besonderen F\u00e4llen sinnvoll bzw. erforderlich.", "lang_moduleTitle": "Titel", "lang_moduleUnused": "Ungenutzt", "lang_moduleUnusedLong": "Dieses Modul ist mit keiner Systemkonfiguration verkn\u00fcpft.", @@ -159,4 +161,4 @@ "lang_user_all": "Alle Nutzer", "lang_user_root_only": "Nur root", "lang_user_user_only": "Alle au\u00dfer root" -} +}
\ No newline at end of file diff --git a/modules-available/sysconfig/lang/en/template-tags.json b/modules-available/sysconfig/lang/en/template-tags.json index 0cfff576..ffdbdaaf 100644 --- a/modules-available/sysconfig/lang/en/template-tags.json +++ b/modules-available/sysconfig/lang/en/template-tags.json @@ -45,6 +45,7 @@ "lang_fixNumeric": "Numeric account names have to be prefixed by 's'", "lang_fixNumericDescription": "If enabled, users with account names that consist entirely of digits have to prefix their user id by 's' when logging in. This is required with the old login manager (KDM) to prevent crashes. The new lightdm-based login manager will accept numeric account names, so you can leave this option disabled. If your organization doesn't have any numeric account names, this option will have no effect.", "lang_folderRedirection": "Folder Redirection", + "lang_forceRootOwner": "Change ownership of archive content to root:root", "lang_genUid": "Generate uid numbers", "lang_genUidDescription": "When selected, the satellite server will generate numeric IDs for the users, instead of extracting them from AD\/LDAP.", "lang_generateModule": "Generating module", @@ -79,6 +80,7 @@ "lang_moduleChoose": "Please select which type of configuration module you want to create.", "lang_moduleConfiguration": "Module Configuration", "lang_moduleName": "Module Name", + "lang_moduleOwnerWarn": "Some files or directories in this archive belong to another user or group than \"root\". This is only necessary\/required in special cases.", "lang_moduleTitle": "Title", "lang_moduleUnused": "Unused", "lang_moduleUnusedLong": "This module is not attached to any system configuration.", diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php index 1ef478b3..ff3983c1 100644 --- a/modules-available/sysconfig/page.inc.php +++ b/modules-available/sysconfig/page.inc.php @@ -267,27 +267,7 @@ class Page_SysConfig extends Page Taskmanager::addErrorMessage($status); Util::redirect('?do=sysconfig&locationid=' . $this->currentLoc); } - - // Sort files for better display - $dirs = array(); - foreach ($status['data']['entries'] as $file) { - if ($file['isdir']) - continue; - $dirs[dirname($file['name'])][] = $file; - } - ksort($dirs); - $list = array(); - foreach ($dirs as $dir => $files) { - $list[] = array( - 'name' => $dir, - 'isdir' => true - ); - sort($files); - foreach ($files as $file) { - $file['size'] = Util::readableFileSize($file['size']); - $list[] = $file; - } - } + $list = SysConfig::archiveContentsFromTask($status); // render the template Render::addDialog(Dictionary::translate('lang_contentOf') . ' ' . $row['title'], false, 'custom-filelist', array( diff --git a/modules-available/sysconfig/templates/custom-filelist.html b/modules-available/sysconfig/templates/custom-filelist.html index 344eece3..20cedfda 100644 --- a/modules-available/sysconfig/templates/custom-filelist.html +++ b/modules-available/sysconfig/templates/custom-filelist.html @@ -4,11 +4,23 @@ {{#files}} <tr> {{#isdir}} - <td class="fileEntry slx-bold" colspan="2">{{name}}</td> + <td class="fileEntry slx-bold" colspan="4">{{name}}</td> {{/isdir}} {{^isdir}} - <td class="fileEntry">{{name}}</td> - <td>{{size}}</td> + <td class="fileEntry"> + {{name}} + {{#linkTarget}} + -> + <span class="text-nowrap">{{linkTarget}}</span> + {{/linkTarget}} + </td> + <td class="text-nowrap">{{user}}{{#user}}{{#group}}/{{/group}}{{/user}}{{group}}</td> + <td class="text-nowrap">{{userId}}:{{groupId}}</td> + <td class="text-nowrap"> + {{^linkTarget}} + {{size}} + {{/linkTarget}} + </td> {{/isdir}} </tr> {{/files}} diff --git a/modules-available/sysconfig/templates/custom-fileselect.html b/modules-available/sysconfig/templates/custom-fileselect.html index f14a6fde..3e7dd3d6 100644 --- a/modules-available/sysconfig/templates/custom-fileselect.html +++ b/modules-available/sysconfig/templates/custom-fileselect.html @@ -4,7 +4,8 @@ <input type="hidden" name="edit" value="{{edit}}"> <div class="input-group"> <span class="input-group-addon">{{lang_moduleName}}</span> - <input type="text" name="title" value="{{title}}" class="form-control" placeholder="Mein Konfigurationsmodul" autofocus="autofocus"> + <input type="text" name="title" value="{{title}}" class="form-control" placeholder="Mein Konfigurationsmodul" + autofocus="autofocus"> </div> <div class="pull-right"> <button type="submit" class="btn btn-primary">{{lang_next}} »</button> @@ -12,18 +13,40 @@ <div class="clearfix"></div> <hr> <p>{{lang_checkFileContent}}</p> + {{#userGroupWarn}} + <div class="alert alert-warning"> + {{lang_moduleOwnerWarn}} + </div> + <div class="checkbox"> + <input id="force-owner" type="checkbox" name="force-owner" value="1" checked> + <label for="force-owner">{{lang_forceRootOwner}}</label> + </div> + <div class="slx-space"></div> + {{/userGroupWarn}} <table class="table table-bordered table-condensed"> - {{#files}} + {{#files}} <tr> {{#isdir}} - <td class="fileEntry slx-bold" colspan="2">{{name}}</td> + <td class="fileEntry slx-bold" colspan="4">{{name}}</td> {{/isdir}} {{^isdir}} - <td class="fileEntry">{{name}}</td> - <td>{{size}}</td> + <td class="fileEntry"> + {{name}} + {{#linkTarget}} + -> + <span class="text-nowrap">{{linkTarget}}</span> + {{/linkTarget}} + </td> + <td class="text-nowrap">{{user}}{{#user}}{{#group}}/{{/group}}{{/user}}{{group}}</td> + <td class="text-nowrap">{{userId}}:{{groupId}}</td> + <td class="text-nowrap"> + {{^linkTarget}} + {{size}} + {{/linkTarget}} + </td> {{/isdir}} </tr> - {{/files}} + {{/files}} </table> <div class="pull-right"> <button type="submit" class="btn btn-primary">{{lang_next}} »</button> |