Author: fapeeler Date: Fri Nov 20 15:05:45 2009 New Revision: 882594 URL: http://svn.apache.org/viewvc?rev=882594&view=rev Log: VCL-265
utils.pm: if uid is NULL, set to 0 Linux.pm: if uid is 0, let OS set uid VCL-271: utils.pm: cleaned out unused routines disable_sshd,enable_sshd,add_user,del_user reserved.pm: removed legacy code from reserved Modified: incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm incubator/vcl/trunk/managementnode/lib/VCL/reserved.pm incubator/vcl/trunk/managementnode/lib/VCL/utils.pm Modified: incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm?rev=882594&r1=882593&r2=882594&view=diff ============================================================================== --- incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm (original) +++ incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm Fri Nov 20 15:05:45 2009 @@ -613,7 +613,14 @@ } - my $useradd_string = "/usr/sbin/useradd -u $user_uid -d /home/$user_name -m $user_name -g vcl"; + my $useradd_string; + if(defined($user_uid) && $user_uid != 0){ + $useradd_string = "/usr/sbin/useradd -u $user_uid -d /home/$user_name -m $user_name -g vcl"; + } + else{ + $useradd_string = "/usr/sbin/useradd -d /home/$user_name -m $user_name -g vcl"; + } + my @sshcmd = run_ssh_command($computer_node_name, $image_identity, $useradd_string, "root"); foreach my $l (@{$sshcmd[1]}) { @@ -705,6 +712,7 @@ notify($ERRORS{'CRITICAL'}, 0, "failed to add AllowUsers $user to external_sshd_config"); return 0; } + undef @sshcmd; @sshcmd = run_ssh_command($computer_node_name, $identity, "/etc/init.d/ext_sshd restart", "root"); Modified: incubator/vcl/trunk/managementnode/lib/VCL/reserved.pm URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/reserved.pm?rev=882594&r1=882593&r2=882594&view=diff ============================================================================== --- incubator/vcl/trunk/managementnode/lib/VCL/reserved.pm (original) +++ incubator/vcl/trunk/managementnode/lib/VCL/reserved.pm Fri Nov 20 15:05:45 2009 @@ -110,7 +110,6 @@ my $image_os_type = $self->data->get_image_os_type(); my $request_forimaging = $self->data->get_request_forimaging; my $image_name = $self->data->get_image_name(); - my $user_uid = $self->data->get_user_uid(); my $user_unityid = $self->data->get_user_login_id(); my $user_standalone = $self->data->get_user_standalone(); my $imagemeta_checkuser = $self->data->get_imagemeta_checkuser(); @@ -156,7 +155,7 @@ } notify($ERRORS{'OK'}, 0, "computer info: id=$computer_id, type=$computer_type, hostname=$nodename"); - notify($ERRORS{'OK'}, 0, "user info: uid=$user_uid, unity id=$user_unityid, standalone=$user_standalone"); + notify($ERRORS{'OK'}, 0, "user info: login_id id=$user_unityid, standalone=$user_standalone"); notify($ERRORS{'OK'}, 0, "imagemeta checkuser set to: $imagemeta_checkuser"); notify($ERRORS{'OK'}, 0, "formimaging set to: $request_forimaging"); @@ -209,107 +208,12 @@ notify($ERRORS{'WARNING'}, 0, "failed to grant OS access on $nodename"); } } + else{ + notify($ERRORS{'CRITICAL'}, 0,"failed to grant access" . ref($self->os) . "::grant_access() subroutine not implemented"); + insertloadlog($reservation_id, $computer_id, "failed", "failed to grant access, grant_access "); + return; + } - # Older style code, remove below once all OS's have been modularized - # Check if computer type is blade - elsif ($computer_type =~ /blade|virtualmachine/) { - notify($ERRORS{'OK'}, 0, "blade or virtual machine detected: $computer_type"); - # different senerios - # standard -- 1-1-1 with connection checks - # group access M-N-K -- multiple users need access - # standard with no connection checks - - # Check if linux image - if ($image_os_type =~ /linux/){ - notify($ERRORS{'OK'}, 0, "Linux image detected: $image_os_name"); - - # adduser ; this adds user and restarts sshd - # check for group access - - my $grpflag = 0; - my @group; - - if ($imagemeta_usergroupid ne '') { - notify($ERRORS{'OK'}, 0, "group access groupid $imagemeta_usergroupid"); - - # Check group membership count - if ($user_group_member_count > 0) { - # Good, at least something is listed - notify($ERRORS{'OK'}, 0, "imagemeta group acess membership is $user_group_member_count"); - $grpflag = $user_group_member_count; - @group = @user_group_members; - } - else { - notify($ERRORS{'OK'}, 0, "image claims group access but membership is 0, usergrouid: $imagemeta_usergroupid, only adding requester"); - } - - } # Close imagemeta user group defined and member count is > 0 - - # Try to add the user account to the linux computer - if (add_user($computer_short_name, $user_unityid, $user_uid, 0, $computer_hostname, $image_os_name, $image_os_type, $remote_ip, $grpflag, @group)) { - notify($ERRORS{'OK'}, 0, "user $user_unityid added to $computer_short_name"); - insertloadlog($reservation_id, $computer_id, "info", "reserved: adding user and opening remote access port for $remote_ip"); - } - else { - notify($ERRORS{'WARNING'}, 0, "could not add user $user_unityid to $computer_short_name"); - insertloadlog($reservation_id, $computer_id, "failed", "reserved: could not add user to node"); - $retval_conn = "failed"; - goto RETVALCONN; - } - - # Check if user was set to standalone - # Occurs if affiliation is not specified in the NOT_STANDALONE property in vcld.conf - # or if vcladmin is the user or if the user's UID is >= 1,000,000 - if ($user_standalone) { - if (changelinuxpassword($computer_short_name, $user_unityid, $reservation_password)) { - # Password successfully changed - notify($ERRORS{'OK'}, 0, "password changed on $computer_short_name for standalone user $user_unityid"); - } - else { - notify($ERRORS{'WARNING'}, 0, "could not change linux password for $user_unityid on $computer_short_name"); - insertloadlog($reservation_id, $computer_id, "failed", "reserved: could not change user password on node"); - $retval_conn = "failed"; - goto RETVALCONN; - } - } # Close if standalone - else { - notify($ERRORS{'OK'}, 0, "password not changed on $computer_short_name for non-standalone user $user_unityid"); - } - - - - } # Close elseif linux computer - - } # Close if computer type is blade - - # Check if computer type is lab - elsif ($computer_type eq "lab") { - notify($ERRORS{'OK'}, 0, "lab computer detected"); - - # Check if Solaris or RHEL - if ($image_os_name =~ /sun4x_|rhel/) { - notify($ERRORS{'OK'}, 0, "Sun or RHEL lab computer detected"); - if (enablesshd($computer_ip_address, $user_unityid, $remote_ip, "new", $image_os_name)) { - notify($ERRORS{'OK'}, 0, "SSHD enabled on $computer_hostname $computer_ip_address"); - } - else { - # Could not enable SSHD - # Add code to better handle this such as fetch another machine - notify($ERRORS{'WARNING'}, 0, "could not enable SSHD on $computer_hostname"); - - # Update the computer state to failed - if (update_computer_state($computer_id, "failed", "new")) { - notify($ERRORS{'OK'}, 0, "setting computer ID $computer_id into failed state"); - } - - insertloadlog($reservation_id, $computer_id, "failed", "reserved: could not enable access port on remote machine"); - $retval_conn = "failed"; - goto RETVALCONN; - } ## end else [ if (enablesshd($computer_ip_address, $user_unityid... - } # Close if Solaris or RHEL - - } # Close elsif computer type is lab - } # close if defined remoteIP elsif ($acknowledge_attempts < 180) { Modified: incubator/vcl/trunk/managementnode/lib/VCL/utils.pm URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/utils.pm?rev=882594&r1=882593&r2=882594&view=diff ============================================================================== --- incubator/vcl/trunk/managementnode/lib/VCL/utils.pm (original) +++ incubator/vcl/trunk/managementnode/lib/VCL/utils.pm Fri Nov 20 15:05:45 2009 @@ -83,7 +83,6 @@ _machine_os _pingnode _sshd_status - add_user changelinuxpassword check_blockrequest_time check_connection @@ -102,12 +101,9 @@ convert_to_epoch_seconds database_execute database_select - del_user delete_computerloadlog_reservation delete_request delete_block_request - disablesshd - enablesshd firewall_compare_update format_data get_block_request_image_info @@ -2863,433 +2859,6 @@ #///////////////////////////////////////////////////////////////////////////// -=head2 add_user - - Parameters : $node, $user, $uid, $passwd, $hostname, $os, $remoteip, $grpflag, @group - Returns : 1 success, 0 failed - Description : logs into remote node adds supplied user account - -=cut - -sub add_user { - my ($node, $user, $uid, $passwd, $hostname, $os, $image_os_type,$remoteip, $grpflag, @group) = @_; - my ($package, $filename, $line, $sub) = caller(0); - notify($ERRORS{'WARNING'}, 0, "node is not defined") if (!(defined($node))); - notify($ERRORS{'WARNING'}, 0, "user is not defined") if (!(defined($user))); - notify($ERRORS{'OK'}, 0, "uid is not defined") if (!(defined($uid))); - notify($ERRORS{'WARNING'}, 0, "passwd is not defined") if (!(defined($passwd))); - notify($ERRORS{'WARNING'}, 0, "os is not defined") if (!(defined($os))); - notify($ERRORS{'OK'}, 0, "remoteip is not defined") if (!(defined($remoteip))); - notify($ERRORS{'OK'}, 0, "grpflag is not defined") if (!(defined($grpflag))); - - if (!(defined($grpflag))) { - $grpflag = 0; - } - elsif ($grpflag > 0) { - notify($ERRORS{'OK'}, 0, "group access memberlist= @group "); - } - - my $identity; - - if ($image_os_type =~ /linux/i) { - $identity = $IDENTITY_bladerhel; - } - else { - $identity = $IDENTITY_bladerhel; - } - - if ($image_os_type =~ /linux/i) { - # set common linux useradd string - my $useradd_string; - if (!(defined($uid))) { # check for uid if not let OS set one - $useradd_string = "/usr/sbin/useradd -d /home/$user -m $user"; - } - else { - $useradd_string = "/usr/sbin/useradd -u $uid -d /home/$user -m $user"; - } - - # two methods: single user or group of users - if ($grpflag) { - #assumes owner is already member of group - #ok group flag set proceed - my $allowuserstring = "AllowUsers"; - foreach my $u (@group) { - #$u in form of unity:uid - my ($user_unityid, $uid) = split(":", $u); - my $cmd = "/usr/sbin/useradd -u $uid -d /home/$user_unityid -m $user_unityid"; - if (run_ssh_command($node, $identity, $cmd, "root")) { - notify($ERRORS{'OK'}, 0, "added user $user_unityid to $node"); - } - else { - notify($ERRORS{'WARNING'}, 0, "failed to execute $cmd"); - return 0; - } - - #append to ssh string - $allowuserstring .= " $user_unityid"; - } ## end foreach my $u (@group) - - # modify external_sshd config - my $cmdstring = "echo \"$allowuserstring\" >> /etc/ssh/external_sshd_config"; - my @sshcmd; - if (run_ssh_command($node, $identity, $cmdstring, "root")) { - notify($ERRORS{'OK'}, 0, "adding user string to sshd conf $allowuserstring"); - undef @sshcmd; - @sshcmd = run_ssh_command($node, $identity, "/etc/init.d/ext_sshd restart", "root"); - foreach my $l (@{$sshcmd[1]}) { - if ($l =~ /Stopping ext_sshd:/i) { - #notify($ERRORS{'OK'},0,"stopping sshd on $node "); - } - if ($l =~ /Starting ext_sshd:[ OK ]/i) { - notify($ERRORS{'OK'}, 0, "ext_sshd on $node started"); - } - } #foreach - notify($ERRORS{'OK'}, 0, "started ext_sshd on $node"); - return 1; - } ## end if (run_ssh_command($node, $IDENTITY_bladerhel... - else { - notify($ERRORS{'CRITICAL'}, 0, "failed to add $allowuserstring to external_sshd_config on $node "); - return 0; - } - - } ## end if ($grpflag) - else { - #single user proceed - my @sshcmd = run_ssh_command($node, $identity, $useradd_string, "root"); - foreach my $l (@{$sshcmd[1]}) { - if ($l =~ /user $user exists/) { - notify($ERRORS{'OK'}, 0, "detected user already has account, deleting"); - #FIXME - if type or project is not HPC related. - if (del_user($node, $user, "blade", $os, $image_os_type)) { - notify($ERRORS{'OK'}, 0, "$user deleted"); - } - if (run_ssh_command($node, $identity, $useradd_string, "root")) { - notify($ERRORS{'OK'}, 0, "user $user added"); - } - } ## end if ($l =~ /user $user exists/) - - } ## end foreach my $l (@{$sshcmd[1]}) - - #SETUP sudoers file - #clear user from sudoers file first - my $clear_cmd = "sed -ie \"/^$user .*/d\" /etc/sudoers"; - if (run_ssh_command($node, $identity, $clear_cmd, "root")) { - notify($ERRORS{'DEBUG'}, 0, "cleared $user from /etc/sudoers"); - } - else { - notify($ERRORS{'CRITICAL'}, 0, "failed to clear $user from /etc/sudoers"); - } - my $sudoers_cmd = "echo \"$user ALL= NOPASSWD: ALL\" >> /etc/sudoers"; - if (run_ssh_command($node, $identity, $sudoers_cmd, "root")) { - notify($ERRORS{'DEBUG'}, 0, "added $user to /etc/sudoers"); - } - else { - notify($ERRORS{'CRITICAL'}, 0, "failed to add $user to /etc/sudoers"); - } - - if (_is_user_added($node, $user, "blade", $os, $image_os_type)) { - notify($ERRORS{'OK'}, 0, "added user account $user to $node"); - undef @sshcmd; - my $cmd = "echo \"AllowUsers $user\" >> /etc/ssh/external_sshd_config"; - if (run_ssh_command($node, $identity, $cmd, "root")) { - notify($ERRORS{'DEBUG'}, 0, "added AllowUsers $user to external_sshd_config"); - } - else { - notify($ERRORS{'CRITICAL'}, 0, "failed to add AllowUsers $user to external_sshd_config"); - return 0; - } - - undef @sshcmd; - @sshcmd = run_ssh_command($node, $identity, "/etc/init.d/ext_sshd restart", "root"); - - foreach my $l (@{$sshcmd[1]}) { - if ($l =~ /Stopping ext_sshd:/i) { - #notify($ERRORS{'OK'},0,"stopping sshd on $node "); - } - if ($l =~ /Starting ext_sshd:[ OK ]/i) { - notify($ERRORS{'OK'}, 0, "ext_sshd on $node started"); - } - } #foreach - notify($ERRORS{'OK'}, 0, "started ext_sshd on $node"); - return 1; - } ## end if (_is_user_added($node, $user, "blade", ... - else { - notify($ERRORS{'CRITICAL'}, 0, "PROBLEM added user $user to $node @{ $sshcmd[1] }"); - return 0; - } - # add user to external_sshd config - } # grpflag true - - - } # rhel - else { - return 0; - } -} ## end sub add_user - -#///////////////////////////////////////////////////////////////////////////// - -=head2 del_user - - Parameters : $node, $user, $type, $osname - Returns : 1 success 0 failure - Description : removes user account from specificed node - -=cut - -sub del_user { - my ($node, $user, $type, $osname, $image_os_type) = @_; - my ($package, $filename, $line, $sub) = caller(0); - notify($ERRORS{'WARNING'}, 0, "node is not defined") if (!(defined($node))); - notify($ERRORS{'WARNING'}, 0, "user is not defined") if (!(defined($user))); - notify($ERRORS{'WARNING'}, 0, "type is not defined") if (!(defined($type))); - notify($ERRORS{'WARNING'}, 0, "osname is not defined") if (!(defined($osname))); - notify($ERRORS{'WARNING'}, 0, "image_os_type is not defined") if (!(defined($image_os_type))); - #set variables to use - my $cmd; - my @sshcmd; - if ($type =~ /blade|virtualmachine/) { - #my $os = _machine_os($node); - if ($image_os_type =~ /linux/i) { - #remove user from machine - my @file; - my $l; - undef $cmd; - undef @sshcmd; - # do not currently use userdel -r will affect HPC user storage for HPC installs - $cmd = "/usr/sbin/userdel $user"; - @sshcmd = run_ssh_command($node, $IDENTITY_bladerhel, $cmd, "root"); - foreach my $l (@{$sshcmd[1]}) { - if ($l =~ /currently logged in/) { - notify($ERRORS{'WARNING'}, 0, "$user currently logged in returning 0"); - return 0; - } - } - #user successfully deleted - my $path1 = "$node:/etc/ssh/external_sshd_config"; - my $path2 = "/tmp/$node.sshd"; - if (run_scp_command($path1, $path2, $IDENTITY_bladerhel)) { - notify($ERRORS{'DEBUG'}, 0, "scp success retrieved $path1"); - } - else { - notify($ERRORS{'WARNING'}, 0, "failed to retrieve $path1"); - return 0; - } - #remove from sshd - if (open(SSHDCFG, "/tmp/$node.sshd")) { - @file = <SSHDCFG>; - close SSHDCFG; - foreach $l (@file) { - $l = "" if ($l =~ /AllowUsers/); - } - if (open(SCP, ">/tmp/$node.sshd")) { - print SCP @file; - close SCP; - } - undef $path1; - undef $path2; - $path1 = "/tmp/$node.sshd"; - $path2 = "$node:/etc/ssh/external_sshd_config"; - if (run_scp_command($path1, $path2, $IDENTITY_bladerhel)) { - notify($ERRORS{'DEBUG'}, 0, "scp success copied $path1 to $path2"); - unlink $path1; - #turn off external sshd - if (run_ssh_command($node, $IDENTITY_bladerhel, "/etc/init.d/ext_sshd stop")) { - notify($ERRORS{'DEBUG'}, 0, "turned off ext_sshd on $node"); - } - return 1; - } - else { - notify($ERRORS{'WARNING'}, 0, "failed to copy $path1 to $path2"); - return 0; - } - } ## end if (open(SSHDCFG, "/tmp/$node.sshd")) - - #CLEAR sudoers file - my $clear_cmd = "sed -ie \"/^$user .*/d\" /etc/sudoers"; - if (run_ssh_command($node, $IDENTITY_bladerhel, $clear_cmd, "root")) { - notify($ERRORS{'DEBUG'}, 0, "cleared $user from /etc/sudoers"); - } - else { - notify($ERRORS{'CRITICAL'}, 0, "failed to clear $user from /etc/sudoers"); - } - - - } ## end elsif - else { - notify($ERRORS{'WARNING'}, 0, "$osname does not exist "); - return 0; - } - } ## end if ($type =~ /blade|virtualmachine/) - -} ## end sub del_user - -#///////////////////////////////////////////////////////////////////////////// - -=head2 disablesshd - - Parameters : $hostname, $unityname, $remoteIP, $state, $osname, $log - Returns : 1 success 0 failure - Description : using ssh identity key log into remote lab machine - and set flag for vclclientd to disable sshd for remote user - -=cut - -sub disablesshd { - my ($hostname, $unityname, $remoteIP, $state, $osname, $log) = @_; - my ($package, $filename, $line, $sub) = caller(0); - $log = 0 if (!(defined($log))); - notify($ERRORS{'WARNING'}, $log, "hostname is not defined") if (!(defined($hostname))); - notify($ERRORS{'WARNING'}, $log, "unityname is not defined") if (!(defined($unityname))); - notify($ERRORS{'WARNING'}, $log, "remoteIP is not defined") if (!(defined($remoteIP))); - notify($ERRORS{'WARNING'}, $log, "state is not defined") if (!(defined($state))); - notify($ERRORS{'WARNING'}, $log, "osname is not defined") if (!(defined($osname))); - - if (!(defined($remoteIP))) { - $remoteIP = "127.0.0.1"; - } - my @lines; - my $l; - my $identity; - if ($osname =~ /sun4x_/) { - $identity = $IDENTITY_solaris_lab; - } - elsif ($osname =~ /rhel/) { - $identity = $IDENTITY_linux_lab; - } - else { - #if all else fails - $identity = $IDENTITY_solaris_lab; - } - # create clientdata file - my $clientdata = "/tmp/clientdata.$hostname"; - if (open(CLIENTDATA, ">$clientdata")) { - print CLIENTDATA "$state\n"; - print CLIENTDATA "$unityname\n"; - print CLIENTDATA "$remoteIP\n"; - close CLIENTDATA; - - # scp to hostname - my $target = "vclsta...@$hostname:/home/vclstaff/clientdata"; - if (run_scp_command($clientdata, $target, $identity, "24")) { - notify($ERRORS{'OK'}, $log, "Success copied $clientdata to $target"); - unlink($clientdata); - - # send flag to activate changes - my @sshcmd = run_ssh_command($hostname, $identity, "echo 1 > /home/vclstaff/flag", "vclstaff", "24"); - notify($ERRORS{'OK'}, $log, "setting flag to 1 on $hostname"); - - my $nmapchecks = 0; - # return nmap check - - NMAPPORT: - if (!(nmap_port($hostname, 22))) { - return 1; - } - else { - if ($nmapchecks < 5) { - $nmapchecks++; - sleep 1; - notify($ERRORS{'OK'}, $log, "port 22 not closed yet calling NMAPPORT code block"); - goto NMAPPORT; - } - else { - notify($ERRORS{'WARNING'}, $log, "port 22 never closed on client $hostname"); - return 0; - } - } ## end else [ if (!(nmap_port($hostname, 22))) - } ## end if (run_scp_command($clientdata, $target, ... - else { - notify($ERRORS{'OK'}, $log, "could not copy src=$clientdata to target=$target"); - return 0; - } - } ## end if (open(CLIENTDATA, ">$clientdata")) - else { - notify($ERRORS{'WARNING'}, $log, "could not open /tmp/clientdata.$hostname $! "); - return 0; - } -} ## end sub disablesshd - -#///////////////////////////////////////////////////////////////////////////// - -=head2 enablesshd - - Parameters : $hostname, $unityname, $remoteIP, $state, $osname, $log - Returns : 1 success 0 failure - Description : using ssh identity key log into remote lab machine - and set flag for vclclientd to enable ssh access for remote user - -=cut - -sub enablesshd { - my ($hostname, $unityname, $remoteIP, $state, $osname, $log) = @_; - my ($package, $filename, $line, $sub) = caller(0); - $log = 0 if (!(defined($log))); - notify($ERRORS{'WARNING'}, $log, "hostname is not defined") if (!(defined($hostname))); - notify($ERRORS{'WARNING'}, $log, "unityname is not defined") if (!(defined($unityname))); - notify($ERRORS{'WARNING'}, $log, "remoteIP is not defined") if (!(defined($remoteIP))); - notify($ERRORS{'WARNING'}, $log, "state is not defined") if (!(defined($state))); - notify($ERRORS{'WARNING'}, $log, "osname is not defined") if (!(defined($osname))); - my $identity; - - if ($osname =~ /sun4x_/) { - $identity = $IDENTITY_solaris_lab; - } - elsif ($osname =~ /rhel/) { - $identity = $IDENTITY_linux_lab; - } - # create clientdata file - my $clientdata = "/tmp/clientdata.$hostname"; - if (open(CLIENTDATA, ">$clientdata")) { - print CLIENTDATA "$state\n"; - print CLIENTDATA "$unityname\n"; - print CLIENTDATA "$remoteIP\n"; - close CLIENTDATA; - - # scp to hostname - my $target = "vclsta...@$hostname:/home/vclstaff/clientdata"; - if (run_scp_command($clientdata, $target, $identity, "24")) { - notify($ERRORS{'OK'}, $log, "Success copied $clientdata to $target"); - unlink($clientdata); - - # send flag to activate changes - my @sshcmd = run_ssh_command($hostname, $identity, "echo 1 > /home/vclstaff/flag", "vclstaff", "24"); - notify($ERRORS{'OK'}, $log, "setting flag to 1 on $hostname"); - - my $nmapchecks = 0; - # return nmap check - - NMAPPORT: - if (nmap_port($hostname, 22)) { - notify($ERRORS{'OK'}, $log, "sshd opened"); - return 1; - } - else { - if ($nmapchecks < 6) { - $nmapchecks++; - sleep 1; - #notify($ERRORS{'OK'},0,"calling NMAPPORT code block"); - goto NMAPPORT; - } - else { - notify($ERRORS{'WARNING'}, $log, "port 22 never opened on client $hostname"); - return 0; - } - } ## end else [ if (nmap_port($hostname, 22)) - } ## end if (run_scp_command($clientdata, $target, ... - else { - notify($ERRORS{'WARNING'}, $log, "could not copy src=$clientdata to target= $target"); - return 0; - } - } ## end if (open(CLIENTDATA, ">$clientdata")) - else { - notify($ERRORS{'WARNING'}, $log, "could not open /tmp/clientdata.$hostname $! "); - return 0; - } -} ## end sub enablesshd - -#///////////////////////////////////////////////////////////////////////////// - =head2 nmap_port Parameters : $hostname, $port @@ -5336,9 +4905,9 @@ $request_info{user}{preferredname} = $request_info{user}{firstname}; } - # Set the user's uid to to the VCL user ID if it's NULL + ## Set the user's uid to to the VCL user ID if it's NULL if (!defined($request_info{user}{uid}) || !$request_info{user}{uid}) { - $request_info{user}{uid} = $request_info{user}{id}; + $request_info{user}{uid} = 0; } # Set the user's IMid to '' if it's NULL @@ -5355,14 +4924,22 @@ notify($ERRORS{'DEBUG'}, 0, "standalone affiliation found: $request_info{user}{affiliation}{name}"); $request_info{user}{STANDALONE} = 1; } - + + #if uid is 0 set STANDALONE + if($request_info{user}{uid} == 0) { + $request_info{user}{STANDALONE} = 1; + notify($ERRORS{'OK'}, 0, "found NULL uid setting standalone flag: $request_info{user}{unityid}, uid: NULL"); + } + # Fix the unityid if if the user's UID is >= 1000000 # Remove the domain section if the user's unityid contains @... - if ($request_info{user}{uid} >= 1000000) { - my ($correct_unity_id, $user_domain) = split /@/, $request_info{user}{unityid}; - $request_info{user}{unityid} = $correct_unity_id; - $request_info{user}{STANDALONE} = 1; - notify($ERRORS{'OK'}, 0, "standalone user found: $request_info{user}{unityid}, uid: $request_info{user}{uid}"); + if(defined($request_info{user}{uid})) { + if ($request_info{user}{uid} >= 1000000 ) { + my ($correct_unity_id, $user_domain) = split /@/, $request_info{user}{unityid}; + $request_info{user}{unityid} = $correct_unity_id; + $request_info{user}{STANDALONE} = 1; + notify($ERRORS{'OK'}, 0, "standalone user found: $request_info{user}{unityid}, uid: $request_info{user}{uid}"); + } } # For test account only