Difference between revisions of "Esmith::util"
(→NOTE:) |
|||
(One intermediate revision by the same user not shown) | |||
Line 141: | Line 141: | ||
Returns undef if the password could not be generated/retrieved. | Returns undef if the password could not be generated/retrieved. | ||
+ | |||
+ | === set_secret() === | ||
+ | Shortcut method to create and set a password property on a record without having to extract the record first. | ||
+ | |||
+ | The password creation is based on an UID of 64 bits (Data::UUID). If the optional type option is passed, it will be used to create the record if it does not already exist. Otherwise, a default 'service’ type will be used to create the record. | ||
+ | |||
+ | The $DB is expected to be an already open esmith::DB object, so that an open DB in the caller can be re-used. Therefore in a migrate fragment you could just use $DB. | ||
+ | |||
+ | esmith::util::set_secret($DB, '$key','$property'[,type=>'$type']); | ||
+ | |||
+ | For example in /etc/e-smith/db/configuration/migrate/90roundcube | ||
+ | { | ||
+ | esmith::util::set_secret($DB, ’foo’,’DbPassword’,type=>’service’); | ||
+ | } | ||
+ | |||
+ | The password will be generated to the property ’DbPassword’ in the ’foo’ key. | ||
+ | |||
+ | If you want to change the database then you must open another esmith::DB objet | ||
+ | { | ||
+ | my $database = esmith::ConfigDB->open(’accounts’) or | ||
+ | die esmith::DB->error; | ||
+ | esmith::util::set_secret($database, ’foo’,’DbPassword’,type=>’user’); | ||
+ | } | ||
+ | |||
+ | The password is generated on an initialize-default-databases action | ||
+ | /etc/e-smith/events/actions/initialize-default-databases | ||
== HIGH LEVEL PASSWORD UTILITIES == | == HIGH LEVEL PASSWORD UTILITIES == | ||
Line 184: | Line 210: | ||
serviceControl( NAME=>’httpd-e-smith’, ACTION=>’reload’ ); | serviceControl( NAME=>’httpd-e-smith’, ACTION=>’reload’ ); | ||
+ | |||
+ | or another example in /etc/e-smith/events/actions/ldap-delete-dumps | ||
+ | |||
+ | if($ldap and $ldap->prop('status') eq 'enabled') | ||
+ | { | ||
+ | esmith::util::serviceControl( | ||
+ | NAME => 'ldap', | ||
+ | ACTION => 'stop', | ||
+ | BACKGROUND => 'false') | ||
+ | } | ||
==== NOTES: ==== | ==== NOTES: ==== |
Latest revision as of 21:53, 18 July 2016
NAME
esmith::util - Utilities for e-smith server and gateway development
In a root terminal you can do the command below if you want to display the up-to-date content
perldoc esmith::util
VERSION
This file documents "esmith::util" version 1.4.0
SYNOPSIS
use esmith::util;
DESCRIPTION
This module provides general utilities of use to developers of the e-smith server and gateway.
GENERAL UTILITIES
setRealToEffective()
Sets the real UID to the effective UID and the real GID to the effective GID.
processTemplate({ CONFREF => $conf, TEMPLATE_PATH => $path })
Depreacted interface to esmith::templates::processTemplate().
chownfile($user, $group, $file)
This routine changes the ownership of a file, automatically converting usernames and groupnames to UIDs and GIDs respectively.
determineRelease()
Returns the current release version of the software.
NETWORK ADDRESS TRANSLATION UTILITIES
IPquadToAddr($ip)
Convert IP address from "xxx.xxx.xxx.xxx" notation to a 32-bit integer.
IPaddrToQuad($address)
Convert IP address from a 32-bit integer to "xxx.xxx.xxx.xxx" notation.
IPaddrToBackwardQuad($address)
Convert IP address from a 32-bit integer to reversed "xxx.xxx.xxx.xxx.in-addr.arpa" notation for BIND files.
computeNetworkAndBroadcast($ipaddr, $netmask)
Given an IP address and netmask (both in "xxx.xxx.xxx.xxx" format) compute the network and broadcast addresses and output them in the same format.
computeLocalNetworkPrefix($ipaddr, $netmask)
Given an IP address and netmask, the computeLocalNetworkPrefix function computes the network prefix for local machines.
i.e. for an IP address of 192.168.8.4 and netmask of 255.255.255.0, this function will return "192.168.8.".
This string is suitable for use in configuration files (such as /etc/proftpd.conf) when the more precise notation xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy is not supported.
computeAllLocalNetworkPrefixes ($ipaddress, $netmask)
Given an IP address and netmask, the computeAllLocalNetworkPrefixes function computes the network prefix or list of prefixes that fully describe the network to which the IP address belongs.
examples:
- for an IP address of 192.168.8.4 and netmask of 255.255.255.0, will return an array with a first (and only) element of "192.168.8".
- for an IP address of 192.168.8.4 and netmask of 255.255.254.0, will return the array [ ’192.168.8’, ’192.168.9’ ].
This array is suitable for use in configuration of tools such as djbdns where other network notations are not supported.
computeLocalNetworkShortSpec($ipaddr, $netmask)
Given an IP address and netmask, the computeLocalNetworkShortSpec function computes a valid xxx.xxx.xxx.xxx/yyy specifier where yyy is the number of bits specifying the network.
i.e. for an IP address of 192.168.8.4 and netmask of 255.255.255.0, this function will return "192.168.8.0/24".
This string is suitable for use in configuration files (such as /etc/proftpd.conf) when the more precise notation xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy is not supported.
computeLocalNetworkSpec($ipaddr, $netmask)
Given an IP address and netmask, the computeLocalNetworkSpec function computes a valid xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy specifier.
computeNetmaskFromBits ($bits)
Given a number of bits of network address, calculate the appropriate netmask.
computeLocalNetworkReversed($ipaddr, $netmask)
Given an IP address and netmask, the computeLocalNetworkReversed function computes the appropriate DNS domain field.
NOTE:
The return value is aligned to the next available byte boundary, i.e.
192.168.8.4/255.255.255.0 returns "8.168.192.in-addr.arpa." 192.168.8.4/255.255.252.0 returns "168.192.in-addr.arpa." 192.168.8.4/255.255.0.0 returns "168.192.in-addr.arpa." 192.168.8.4/255.252.0.0 returns "192.in-addr.arpa." 192.168.8.4/255.0.0.0 returns "192.in-addr.arpa."
This string is suitable for use in BIND configuration files.
computeHostRange($ipaddr, $netmask)
Given a network specification (IP address and netmask), compute the total number of hosts in that network, as well as the first and last IP addresses in the range.
ldapBase($domain)
Given a domain name such as foo.bar.com, generate the LDAP base name "dc=foo,dc=bar,dc=com".
backgroundCommand($delaySec, @command)
Run command in background after a specified delay.
PASSWORD UTILITIES
Low-level password-changing utilities. These utilities each change passwords for a single underlying password database, for example /etc/passwd, /etc/samba/smbpasswd, etc.
validatePassword($password, $strength)
Validate Unix password.
setUnixPassword($username, $password)
Set Unix password
authenticateUnixPassword ($username, $password)
Check if the given username/password pair is correct. Return 1 if they are correct, return 0 otherwise.
setUnixPasswordRequirePrevious($username, $oldpassword, $newpassword)
Set Unix password but require previous password for authentication.
setSambaPassword($username, $password)
Set Samba password
cancelSambaPassword($username)
Cancel Samba password
LdapPassword()
Returns the LDAP password from the file "/etc/openldap/ldap.pw". If the file does not exist, a suitable password is created, stored in the file, then returned to the caller.
Returns undef if the password could not be generated/retrieved.
set_secret()
Shortcut method to create and set a password property on a record without having to extract the record first.
The password creation is based on an UID of 64 bits (Data::UUID). If the optional type option is passed, it will be used to create the record if it does not already exist. Otherwise, a default 'service’ type will be used to create the record.
The $DB is expected to be an already open esmith::DB object, so that an open DB in the caller can be re-used. Therefore in a migrate fragment you could just use $DB.
esmith::util::set_secret($DB, '$key','$property'[,type=>'$type']);
For example in /etc/e-smith/db/configuration/migrate/90roundcube
{ esmith::util::set_secret($DB, ’foo’,’DbPassword’,type=>’service’); }
The password will be generated to the property ’DbPassword’ in the ’foo’ key.
If you want to change the database then you must open another esmith::DB objet
{ my $database = esmith::ConfigDB->open(’accounts’) or die esmith::DB->error; esmith::util::set_secret($database, ’foo’,’DbPassword’,type=>’user’); }
The password is generated on an initialize-default-databases action
/etc/e-smith/events/actions/initialize-default-databases
HIGH LEVEL PASSWORD UTILITIES
High-level password-changing utilities. These utilities each change passwords for a single e-smith entity (system, user or ibay). Each one works by calling the appropriate low-level password changing utilities.
setUnixSystemPassword($password)
Set the e-smith system password
setServerSystemPassword($password)
Set the samba administrator password.
setUserPassword($username, $password)
Set e-smith user password
setUserPasswordRequirePrevious($username, $oldpassword, $newpassword)
Set e-smith user password - require previous password
cancelUserPassword
Cancel user password. This is called when a user is deleted from the system. We assume that the Unix "useradd/userdel" programs are called separately. Since "userdel" automatically removes the /etc/passwd entry, we only need to worry about the /etc/samba/smbpasswd entry.
setIbayPassword($ibayname, $password)
Set ibay password
SERVICE MANAGEMENT UTILITIES
serviceControl()
Manage services - stop/start/restart/reload/graceful
Returns 1 for success, 0 if something went wrong, fatal exception on bad arguments.
serviceControl( NAME=>serviceName, ACTION=>start│stop│restart│reload│graceful [ BACKGROUND=>true│false (default is false) ] );
EXAMPLE:
serviceControl( NAME=>’httpd-e-smith’, ACTION=>’reload’ );
or another example in /etc/e-smith/events/actions/ldap-delete-dumps
if($ldap and $ldap->prop('status') eq 'enabled') { esmith::util::serviceControl( NAME => 'ldap', ACTION => 'stop', BACKGROUND => 'false') }
NOTES:
The BACKGROUND parameter is optional and can be set to true if start/stop/restart/etc. is to be done in the background (with backgroundCommand()) rather than synchronously.
CONVENTIONS:
This command is the supported method for action scripts, blade handlers, etc., to start/stop/restart their services. Currently this is done via the rc7 symlinks, but this may change one day. Using this function gives us one location to change this behaviour if desired, instead of hunting all over every scrap of code. Please use it.
getLicenses()
Return all available licenses In scalar context, returns one string combining all licenses In array context, returns an array of individual licenses
Optionally takes a language tag to be used for retrieving the licenses, defaulting to the locale of the server.
initialize_default_databases
Initialize all databases located at /etc/e-smith/db.
AUTHOR
Mitel Networks Corp.
For more information, see http://www.e-smith.org/