added user creation and deploy as in BashModule
This commit is contained in:
parent
78797df02c
commit
b3bd744ef4
@ -6,6 +6,7 @@
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
|
#include <pwd.h>
|
||||||
#include "BashModule.h"
|
#include "BashModule.h"
|
||||||
#include "BashManager.h"
|
#include "BashManager.h"
|
||||||
|
|
||||||
@ -21,26 +22,97 @@ BashModule::BashModule()
|
|||||||
int BashModule::executeScript(string serviceUsername)
|
int BashModule::executeScript(string serviceUsername)
|
||||||
{
|
{
|
||||||
//this method is called in deploy(), it executes the script deploy.sh if it exists
|
//this method is called in deploy(), it executes the script deploy.sh if it exists
|
||||||
string deployscript="./services/"+serviceUsername+"/deploy.sh";
|
string deployScript="./services/"+serviceUsername+"/deploy.sh";
|
||||||
if(filesystem::exists(deployscript)){
|
if(!filesystem::exists(deployScript)){
|
||||||
pid_t pid = fork();
|
cout << "No deploy.sh script for this service.";
|
||||||
if (pid == -1) {
|
return 0;
|
||||||
cerr << "Error when forking." << endl;
|
} else {
|
||||||
return -1;
|
//check that the file is of type regular
|
||||||
} else if (pid > 0) {
|
if (filesystem::status(deployScript).type()!=filesystem::file_type::regular){
|
||||||
int status;
|
cerr << "Error. The file deploy_user.sh is not regular." << endl;
|
||||||
waitpid(-1,&status,0);
|
return -1;
|
||||||
if(status==-1){
|
} else {
|
||||||
cerr << "Error when executing " << deployscript << endl;
|
//check if the owner has the execute permission
|
||||||
|
if ((filesystem::status(deployScript).permissions() & filesystem::perms::owner_exec)==filesystem::perms::none){
|
||||||
|
cerr << "Error. The owner of file deploy_user.sh does not have permission to execute it. Please change the permission or remove/rename the file." << endl;
|
||||||
|
return -1;
|
||||||
|
}else{
|
||||||
|
//executing the script in a separate process
|
||||||
|
pid_t pid = fork();
|
||||||
|
if (pid == -1) {
|
||||||
|
cerr << "Error when forking." << endl;
|
||||||
|
return -1;
|
||||||
|
} else if (pid > 0) {
|
||||||
|
//parent process
|
||||||
|
int status;
|
||||||
|
waitpid(-1,&status,0);
|
||||||
|
if(status==-1){
|
||||||
|
cerr << "Error when executing " << deployScript << endl;
|
||||||
|
}
|
||||||
|
return status;
|
||||||
|
} else {
|
||||||
|
//child process
|
||||||
|
if(execl("/bin/bash", "/bin/bash", "--noediting", "--noprofile", "--norc", deployScript.c_str(), (char *)0)==-1)
|
||||||
|
{
|
||||||
|
cerr << "Error in the execl call of " << deployScript << endl;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
cout << "status vaut " << status << endl;
|
}
|
||||||
return status;
|
return 0;
|
||||||
} else {
|
}
|
||||||
if(execl("/bin/bash", "/bin/bash", "--noediting", "--noprofile", "--norc", deployscript.c_str(), (char *)0)==-1)
|
}
|
||||||
{
|
|
||||||
cerr << "Error in the execl call of " << deployscript << endl;
|
int BashModule::executeScriptAs(string serviceUsername)
|
||||||
|
{
|
||||||
|
//this method is called in deploy(), it executes the script deploy_user.sh if it exists, as the user associated with the service
|
||||||
|
string deployAsScript="./services/"+serviceUsername+"/deploy_user.sh";
|
||||||
|
//check that the file exists
|
||||||
|
if(!filesystem::exists(deployAsScript)){
|
||||||
|
cout << "No deploy_user.sh script for this service.";
|
||||||
|
return 0;
|
||||||
|
} else {
|
||||||
|
//check that the file is of type regular
|
||||||
|
if (filesystem::status(deployAsScript).type()!=filesystem::file_type::regular){
|
||||||
|
cerr << "Error. The file deploy_user.sh is not regular." << endl;
|
||||||
|
return -1;
|
||||||
|
} else {
|
||||||
|
//check if the owner has the execute permission
|
||||||
|
if ((filesystem::status(deployAsScript).permissions() & filesystem::perms::owner_exec)==filesystem::perms::none){
|
||||||
|
cerr << "Error. The owner of file deploy_user.sh does not have permission to execute it. Please change the permission or remove/rename the file." << endl;
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
//getting the connection information for the user
|
||||||
|
struct passwd * p=getpwnam(serviceUsername.c_str());
|
||||||
|
if (p==NULL){
|
||||||
|
cerr << "Error. The user dedicated to the service is not found when trying to execute the bash script." << endl;
|
||||||
|
return -1;
|
||||||
|
}else{
|
||||||
|
//executing the script in a separate process
|
||||||
|
pid_t pid = fork();
|
||||||
|
if (pid == -1) {
|
||||||
|
cerr << "Error when forking." << endl;
|
||||||
|
return -1;
|
||||||
|
} else if (pid > 0) {
|
||||||
|
//parent process
|
||||||
|
int status;
|
||||||
|
waitpid(-1,&status,0);
|
||||||
|
if(status==-1){
|
||||||
|
cerr << "Error when executing " << deployAsScript << endl;
|
||||||
|
}
|
||||||
|
return status;
|
||||||
|
} else {
|
||||||
|
//child process
|
||||||
|
//executing as the user corresponding to the service
|
||||||
|
setgid(p->pw_gid);
|
||||||
|
setuid(p->pw_uid);
|
||||||
|
if(execl("/bin/bash", "/bin/bash", "--noediting", "--noprofile", "--norc", deployAsScript.c_str(), serviceUsername, (char *)0)==-1)
|
||||||
|
{
|
||||||
|
cerr << "Error in the execl call of " << deployAsScript << endl;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -54,7 +126,13 @@ int BashModule::prepare()
|
|||||||
int BashModule::deploy (string serviceUsername)
|
int BashModule::deploy (string serviceUsername)
|
||||||
{
|
{
|
||||||
cout << "deploy in bash module called" << endl;
|
cout << "deploy in bash module called" << endl;
|
||||||
executeScript(serviceUsername);
|
if (executeScript(serviceUsername)!=0){
|
||||||
|
cerr << "Error in BashModule::deploy." << endl;
|
||||||
|
return -1;
|
||||||
|
}else if (executeScriptAs(serviceUsername)!=0){
|
||||||
|
cerr << "Error in BashModule::deploy." << endl;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -72,7 +72,6 @@ int deployAll(){
|
|||||||
|
|
||||||
int deployService(string serviceUsername){
|
int deployService(string serviceUsername){
|
||||||
//this method deploys indicated service if it is on this server
|
//this method deploys indicated service if it is on this server
|
||||||
//TO DO: faire des boucles if cohérentes
|
|
||||||
if (isServiceOnServer(serviceUsername)==0){
|
if (isServiceOnServer(serviceUsername)==0){
|
||||||
//bash user creation
|
//bash user creation
|
||||||
if(int userCreated = createUser(serviceUsername);userCreated!=0){
|
if(int userCreated = createUser(serviceUsername);userCreated!=0){
|
||||||
|
0
testenv/services/test.sh8s.sh/deploy.sh
Normal file → Executable file
0
testenv/services/test.sh8s.sh/deploy.sh
Normal file → Executable file
@ -1,3 +1,4 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO"
|
#git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO"
|
||||||
|
touch done2
|
||||||
|
Loading…
Reference in New Issue
Block a user