added user creation and deploy as in BashModule

This commit is contained in:
eleonore12345 2024-08-09 18:11:36 +02:00
parent 78797df02c
commit b3bd744ef4
4 changed files with 99 additions and 21 deletions

View File

@ -6,6 +6,7 @@
#include <unistd.h> #include <unistd.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <pwd.h>
#include "BashModule.h" #include "BashModule.h"
#include "BashManager.h" #include "BashManager.h"
@ -21,26 +22,97 @@ BashModule::BashModule()
int BashModule::executeScript(string serviceUsername) int BashModule::executeScript(string serviceUsername)
{ {
//this method is called in deploy(), it executes the script deploy.sh if it exists //this method is called in deploy(), it executes the script deploy.sh if it exists
string deployscript="./services/"+serviceUsername+"/deploy.sh"; string deployScript="./services/"+serviceUsername+"/deploy.sh";
if(filesystem::exists(deployscript)){ if(!filesystem::exists(deployScript)){
pid_t pid = fork(); cout << "No deploy.sh script for this service.";
if (pid == -1) { return 0;
cerr << "Error when forking." << endl; } else {
return -1; //check that the file is of type regular
} else if (pid > 0) { if (filesystem::status(deployScript).type()!=filesystem::file_type::regular){
int status; cerr << "Error. The file deploy_user.sh is not regular." << endl;
waitpid(-1,&status,0); return -1;
if(status==-1){ } else {
cerr << "Error when executing " << deployscript << endl; //check if the owner has the execute permission
if ((filesystem::status(deployScript).permissions() & filesystem::perms::owner_exec)==filesystem::perms::none){
cerr << "Error. The owner of file deploy_user.sh does not have permission to execute it. Please change the permission or remove/rename the file." << endl;
return -1;
}else{
//executing the script in a separate process
pid_t pid = fork();
if (pid == -1) {
cerr << "Error when forking." << endl;
return -1;
} else if (pid > 0) {
//parent process
int status;
waitpid(-1,&status,0);
if(status==-1){
cerr << "Error when executing " << deployScript << endl;
}
return status;
} else {
//child process
if(execl("/bin/bash", "/bin/bash", "--noediting", "--noprofile", "--norc", deployScript.c_str(), (char *)0)==-1)
{
cerr << "Error in the execl call of " << deployScript << endl;
}
}
} }
cout << "status vaut " << status << endl; }
return status; return 0;
} else { }
if(execl("/bin/bash", "/bin/bash", "--noediting", "--noprofile", "--norc", deployscript.c_str(), (char *)0)==-1) }
{
cerr << "Error in the execl call of " << deployscript << endl; int BashModule::executeScriptAs(string serviceUsername)
{
//this method is called in deploy(), it executes the script deploy_user.sh if it exists, as the user associated with the service
string deployAsScript="./services/"+serviceUsername+"/deploy_user.sh";
//check that the file exists
if(!filesystem::exists(deployAsScript)){
cout << "No deploy_user.sh script for this service.";
return 0;
} else {
//check that the file is of type regular
if (filesystem::status(deployAsScript).type()!=filesystem::file_type::regular){
cerr << "Error. The file deploy_user.sh is not regular." << endl;
return -1;
} else {
//check if the owner has the execute permission
if ((filesystem::status(deployAsScript).permissions() & filesystem::perms::owner_exec)==filesystem::perms::none){
cerr << "Error. The owner of file deploy_user.sh does not have permission to execute it. Please change the permission or remove/rename the file." << endl;
return -1;
} }
} }
//getting the connection information for the user
struct passwd * p=getpwnam(serviceUsername.c_str());
if (p==NULL){
cerr << "Error. The user dedicated to the service is not found when trying to execute the bash script." << endl;
return -1;
}else{
//executing the script in a separate process
pid_t pid = fork();
if (pid == -1) {
cerr << "Error when forking." << endl;
return -1;
} else if (pid > 0) {
//parent process
int status;
waitpid(-1,&status,0);
if(status==-1){
cerr << "Error when executing " << deployAsScript << endl;
}
return status;
} else {
//child process
//executing as the user corresponding to the service
setgid(p->pw_gid);
setuid(p->pw_uid);
if(execl("/bin/bash", "/bin/bash", "--noediting", "--noprofile", "--norc", deployAsScript.c_str(), serviceUsername, (char *)0)==-1)
{
cerr << "Error in the execl call of " << deployAsScript << endl;
}
}
}
} }
return 0; return 0;
} }
@ -54,7 +126,13 @@ int BashModule::prepare()
int BashModule::deploy (string serviceUsername) int BashModule::deploy (string serviceUsername)
{ {
cout << "deploy in bash module called" << endl; cout << "deploy in bash module called" << endl;
executeScript(serviceUsername); if (executeScript(serviceUsername)!=0){
cerr << "Error in BashModule::deploy." << endl;
return -1;
}else if (executeScriptAs(serviceUsername)!=0){
cerr << "Error in BashModule::deploy." << endl;
return -1;
}
return 0; return 0;
} }

View File

@ -72,7 +72,6 @@ int deployAll(){
int deployService(string serviceUsername){ int deployService(string serviceUsername){
//this method deploys indicated service if it is on this server //this method deploys indicated service if it is on this server
//TO DO: faire des boucles if cohérentes
if (isServiceOnServer(serviceUsername)==0){ if (isServiceOnServer(serviceUsername)==0){
//bash user creation //bash user creation
if(int userCreated = createUser(serviceUsername);userCreated!=0){ if(int userCreated = createUser(serviceUsername);userCreated!=0){

0
testenv/services/test.sh8s.sh/deploy.sh Normal file → Executable file
View File

View File

@ -1,3 +1,4 @@
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO" #git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO"
touch done2