#!/usr/bin/perl # # This program adds, edits and removes striker peers (for replicating Anvil! database data). # # Exit codes; # 0 = Normal exit. # 1 = Program not run as root. # 2 = A switch is missing or invalid. # 3 = # # Calling this with --add, will insert an entry if it's not found. Calling it with no switch will update the # entry if it exists. Calling it with --remove will delete it. # ### Show existing entries # /usr/sbin/anvil-manage-striker-peers --list ### Add a new entry, or edit an existing one # /usr/sbin/anvil-manage-striker-peers --add --host-uuid e20c3f10-c35d-4543-b5e6-8a373f27977a --host localhost --port 5432 --password-file /tmp/anvil-manage-striker-peers.2e410b43-42a0-4eaf-985c-670f92c482b8 --ping 0 ### Edit an existing entry, but don't add it if it wasn't found. # /usr/sbin/anvil-manage-striker-peers --host-uuid e20c3f10-c35d-4543-b5e6-8a373f27977a --host localhost --port 5432 --password-file /tmp/anvil-manage-striker-peers.2e410b43-42a0-4eaf-985c-670f92c482b8 --ping 0 ### Remove an entry # /usr/sbin/anvil-manage-striker-peers --remove --host-uuid e20c3f10-c35d-4543-b5e6-8a373f27977a use strict; use warnings; use Anvil::Tools; my $THIS_FILE = ($0 =~ /^.*\/(.*)$/)[0]; my $running_directory = ($0 =~ /^(.*?)\/$THIS_FILE$/)[0]; if (($running_directory =~ /^\./) && ($ENV{PWD})) { $running_directory =~ s/^\./$ENV{PWD}/; } # Turn off buffering so that the pinwheel will display while waiting for the SSH call(s) to complete. $| = 1; my $anvil = Anvil::Tools->new({log_level => 2, log_secure => 1}); # Read switches $anvil->data->{switches}{list} = ""; $anvil->data->{switches}{add} = 0; $anvil->Get->switches; # Make sure we're running as 'root' # $< == real UID, $> == effective UID if (($< != 0) && ($> != 0)) { # Not root print $anvil->Words->string({key => "error_0005"})."\n"; $anvil->nice_exit({code => 1}); } # Paths $anvil->Storage->read_config({file => $anvil->data->{path}{configs}{'anvil.conf'}}); # Am I adding, editing or deleting? if (not $anvil->data->{switches}{list}) { process_entry($anvil) ; } ### Report the peers. # First sort by host name/ip foreach my $uuid (keys %{$anvil->data->{database}}) { my $host = $anvil->data->{database}{$uuid}{host}; $anvil->data->{sorted}{db}{$host} = $uuid; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 0, level => 2, list => { host => $host, "sorted::db::${host}" => $anvil->data->{sorted}{db}{$host}, }}); } foreach my $host (sort {$a cmp $b} keys %{$anvil->data->{sorted}{db}}) { my $uuid = $anvil->data->{sorted}{db}{$host}; my $port = $anvil->data->{database}{$uuid}{port} ? $anvil->data->{database}{$uuid}{port} : 5432; my $name = $anvil->data->{database}{$uuid}{name} ? $anvil->data->{database}{$uuid}{name} : $anvil->data->{sys}{database}{name}; my $user = $anvil->data->{database}{$uuid}{user} ? $anvil->data->{database}{$uuid}{user} : $anvil->data->{sys}{database}{user}; my $password = $anvil->data->{database}{$uuid}{password} ? $anvil->data->{database}{$uuid}{password} : ""; print $anvil->Words->string({key => "message_0032", variables => { peer => $user."\@".$host.":".$port, name => $name, uuid => $uuid, }})."\n"; $anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 1, secure => 0, key => "log_0190", variables => { peer => $user."\@".$host.":".$port, name => $name, password => $anvil->Log->secure ? $password : $anvil->Words->string({key => "log_0186"}), uuid => $uuid, }}); } $anvil->nice_exit({code => 0}); ############################################################################################################# # Functions # ############################################################################################################# sub process_entry { my ($anvil) = @_; my $host_uuid = defined $anvil->data->{switches}{'host-uuid'} ? $anvil->data->{switches}{'host-uuid'} : ""; my $host = defined $anvil->data->{switches}{'host'} ? $anvil->data->{switches}{'host'} : ""; my $port = defined $anvil->data->{switches}{'port'} ? $anvil->data->{switches}{'port'} : 5432; my $password_file = defined $anvil->data->{switches}{'password-file'} ? $anvil->data->{switches}{'password-file'} : ""; my $ping = defined $anvil->data->{switches}{'ping'} ? $anvil->data->{switches}{'ping'} : 0; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 0, level => 2, list => { host_uuid => $host_uuid, host => $host, port => $port, password_file => $password_file, ping => $ping, }}); # Read in the anvil.conf, we're going to need it in any case. $anvil->data->{body}{'anvil.conf'} = $anvil->Storage->read_file({file => $anvil->data->{path}{configs}{'anvil.conf'}}); $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 1, level => 3, list => { "body::anvil.conf" => $anvil->data->{body}{'anvil.conf'} }}); # If we don't find the entry, or if the entry exists but has changed, this will be set to '1' so we'll # rewrite the file. $anvil->data->{config}{rewrite} = 0; # Is anything missing? if ((not $host_uuid) or (not $anvil->Validate->is_uuid({uuid => $host_uuid}))) { # Invalid UUID. print $anvil->Words->string({key => "error_0031", variables => { host_uuid => $host_uuid }})."\n"; $anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, secure => 0, key => "error_0031", variables => { host_uuid => $host_uuid }}); $anvil->nice_exit({code => 2}); } if ((not $host) && (not $anvil->data->{switches}{remove})) { # Invalid UUID. print $anvil->Words->string({key => "error_0032", variables => { switch => "host" }})."\n"; $anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, secure => 0, key => "error_0032", variables => { host => $host }}); $anvil->nice_exit({code => 2}); } if (($port =~ /\D/) or ($port < 1) or ($port > 65535)) { # Invalid port. print $anvil->Words->string({key => "error_0033", variables => { port => $port }})."\n"; $anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, secure => 0, key => "error_0033", variables => { port => $port }}); $anvil->nice_exit({code => 2}); } # Pull the password out of the file. my $password = $anvil->Storage->read_file({file => $password_file}); $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 1, level => 2, list => { password => $password }}); # If the config already exists, we'll look at each of the values to see if any changed (or are not defaults). If so, we'll rewrite my $host_variable = "database::${host_uuid}::host"; my $host_different = 1; my $port_variable = "database::${host_uuid}::port"; my $port_different = 1; my $password_variable = "database::${host_uuid}::password"; my $password_different = 1; my $ping_variable = "database::${host_uuid}::ping"; my $ping_different = 1; my $peer_seen = 0; # If we don't see this peer, this will be inserted. my $insert = $host_variable." = ".$host."\n"; $insert .= $port_variable." = ".$port."\n"; $insert .= $password_variable." = ".$password."\n"; $insert .= $ping_variable." = ".$ping."\n"; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 1, level => 2, list => { insert => $insert }}); # Loop through the existing file. my $new_body = ""; my $just_deleted = 0; my $test_line = "database::${host_uuid}::"; foreach my $line (split/\n/, $anvil->data->{body}{'anvil.conf'}) { # If I removed an entry, I also want to delete the white space after it. if (($just_deleted) && ((not $line) or ($line =~ /^\s+$/))) { $just_deleted = 0; next; } $just_deleted = 0; # Secure password lines. my $secure = (($line =~ /password/) && ($line !~ /^#/)) ? 1 : 0; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => $secure, level => 3, list => { line => $line }}); # If we've hit the end of the DB list, see if we need to insert a new entry. if ($line eq "### end db list ###") { # If I've not seen this DB, enter it. $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 0, level => 2, list => { peer_seen => $peer_seen, "switches::add" => $anvil->data->{switches}{add}, }}); if ((not $peer_seen) && ($anvil->data->{switches}{add})) { $new_body .= $insert."\n"; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, secure => 1, level => 2, list => { new_body => $new_body, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); } } # Skip comments. if ($line =~ /^#/) { $new_body .= $line."\n"; next; } if ($line =~ /^(.*?)(\s*)=(\s*)(.*)$/) { my $variable = $1; my $left_space = $2; my $right_space = $3; my $value = $4; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "s1:variable" => $variable, "s2:value" => $value, "s3:left_space" => $left_space, "s4:right_space" => $right_space, }}); if ($variable eq $host_variable) { $peer_seen = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "s1:value" => $value, "s2:host" => $host, "s3:peer_seen" => $peer_seen, }}); if ($anvil->data->{switches}{remove}) { $just_deleted = 1; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { just_deleted => $just_deleted, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); next; } elsif ($value eq $host) { # No change. $host_different = 0; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { host_different => $host_different }}); } else { $line = $variable.$left_space."=".$right_space.$host; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { line => $line, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); } } elsif ($variable eq $port_variable) { $peer_seen = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "s1:value" => $value, "s2:port" => $port, "s3:peer_seen" => $peer_seen, }}); if ($anvil->data->{switches}{remove}) { $just_deleted = 1; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { just_deleted => $just_deleted, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); next; } elsif ($value eq $port) { # No change. $port_different = 0; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { port_different => $port_different }}); } else { $line = $variable.$left_space."=".$right_space.$port; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { line => $line, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); } } elsif ($variable eq $password_variable) { $peer_seen = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, secure => 1, list => { "s1:value" => $value, "s2:password" => $password, "s3:peer_seen" => $peer_seen, }}); $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, secure => 1, list => { value => $value, password => $password, }}); if ($anvil->data->{switches}{remove}) { $just_deleted = 1; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { just_deleted => $just_deleted, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); next; } elsif ($value eq $password) { # No change. $password_different = 0; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { password_different => $password_different }}); } else { $line = $variable.$left_space."=".$right_space.$password; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { line => $anvil->Log->secure ? $line : $anvil->Words->string({key => "log_0186"}), "config::rewrite" => $anvil->data->{config}{rewrite}, }}); } } elsif ($variable eq $ping_variable) { $peer_seen = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "s1:value" => $value, "s2:ping" => $ping, "s3:peer_seen" => $peer_seen, }}); if ($anvil->data->{switches}{remove}) { $just_deleted = 1; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { just_deleted => $just_deleted, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); next; } elsif ($value eq $ping) { # No change. $ping_different = 0; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { ping_different => $ping_different }}); } else { $line = $variable.$left_space."=".$right_space.$ping; $anvil->data->{config}{rewrite} = 1; $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { line => $line, "config::rewrite" => $anvil->data->{config}{rewrite}, }}); } } } $new_body .= $line."\n"; } $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "config::rewrite" => $anvil->data->{config}{rewrite} }}); if ($anvil->data->{config}{rewrite}) { # Backup the original my $backup_file = $anvil->Storage->backup({secure => 1, file => $anvil->data->{path}{configs}{'anvil.conf'}}); $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { backup_file => $backup_file }}); # Now update! $anvil->Storage->write_file({ secure => 1, file => $anvil->data->{path}{configs}{'anvil.conf'}, body => $new_body, user => "admin", group => "admin", mode => "0644", overwrite => 1, }); # Delete any databases I new about, the we'll reload from the config. delete $anvil->data->{database}; # Re-read the config. sleep 1; $anvil->Storage->read_config({file => $anvil->data->{path}{configs}{'anvil.conf'}}); } return(0); }