3 # dump_database.pl - script to dump data from the database to flat files so the ofher perl
4 # scripts can process it without needing to access the database.
7 require("/usr/share/gforge/lib/include.pl"); # Include all the predefined functions
10 my($name,$passwd,$uid,$gid,$quota,$comment,$gcos,$dir,$shell) = getpwnam("gforge");
20 # Dump the Groups Table information
21 $query = "select group_id,group_id+".$gid_add.",unix_group_name,status,is_public from groups";
22 $c = $dbh->prepare($query);
25 while(my ($group_id, $unix_gid, $group_name, $status, $is_public) = $c->fetchrow()) {
27 my $new_query = "select users.user_name AS user_name FROM users,user_group WHERE users.user_id=user_group.user_id AND group_id=$group_id";
28 my $d = $dbh->prepare($new_query);
33 while($user_name = $d->fetchrow()) {
34 $user_list .= "$user_name,";
37 $grouplist = "$group_name:$status:$unix_gid:$is_public:$user_list\n";
40 push @group_array, $grouplist;
46 # Now write out the files
47 write_array_file($file_dir."/dumps/group_dump", @group_array);
48 system("chmod o-r,g-r $file_dir/dumps/group_dump");
50 my $group_file = $file_dir . "/dumps/group_dump";
51 my ($gname, $gstatus, $gid, $is_public, $userlist);
53 # Open up all the files that we need.
54 @groupdump_array = open_array_file($group_file);
57 # Loop through @groupdump_array and deal w/ users.
59 if($verbose) {print ("\n\n Processing Groups\n\n")};
60 while ($ln = pop(@groupdump_array)) {
62 ($gname, $gstatus, $gid, $is_public, $userlist) = split(":", $ln);
64 $userlist =~ tr/A-Z/a-z/;
66 $group_exists = (-d $grpdir_prefix .'/'. $gname);
68 if ($gstatus eq 'A' && $group_exists) {
69 update_group($gid, $gname, $is_public, $userlist);
71 } elsif ($gstatus eq 'A' && !$group_exists) {
72 add_group($gid, $gname, $is_public, $userlist);
74 } elsif ($gstatus eq 'D' && $group_exists) {
80 ###############################################
82 ###############################################
84 ## Become this effective user (EUID/EGID) and perform this action.
86 ## This protect against symlink attacks; they are inevitable when
87 ## working in a directory owned by a local user. We could naively
88 ## check for the presence of symlinks, but then we'd still be
89 ## vulnerable to a symlink race attack.
91 ## We'll use set_e_uid/set_e_gid for efficiency and simplicity
92 ## (e.g. we can get the return value directly), which is enough for
93 ## opening files and similar basic operations. When calling external
94 ## programs, you should use fork&exec&setuid/setgid.
98 sub SudoEffectiveUser {
100 my $sub_unprivileged = $_[1];
102 my ($uid,$gid) = GetUserUidGid($user);
103 if ($uid eq "" or $gid eq "") {
104 print "Unknown user: $user\n";
108 my $old_GID = $GID; # save additional groups
110 $EGID = "$gid $gid"; # set egid and additional groups
112 warn "Cannot setegid($gid $gid): $!";
117 warn "Cannot seteuid($uid): $!";
121 # Perform the action under this effective user:
122 my $ret = &$sub_unprivileged();
125 undef($EUID); # restore euid==uid
126 $EGID = $old_GID; # restore egid==gid + additional groups
131 ## Get system uid/gid
134 my ($name,$passwd,$uid,$gid,
135 $quota,$comment,$gcos,$dir,$shell,$expire) = getpwnam($user);
139 #############################
141 #############################
143 my ($gid, $gname, $is_public, $userlist) = @_;
144 my ($log_dir, $cgi_dir, $ht_dir);
146 my ($default_perms) ;
147 my ($file_default_perms) ;
150 $group_dir = $grpdir_prefix."/".$gname;
151 $log_dir = $group_dir."/log";
152 $cgi_dir = $group_dir."/cgi-bin";
153 $ht_dir = $group_dir."/htdocs";
154 $inc_dir = $group_dir."/incoming";
157 $default_perms = 02775 ;
158 $file_default_perms = 0664;
160 $default_perms = 02770 ;
161 $file_default_perms = 0660;
163 $default_page = &forge_get_config ('custom_path') . "/project_default_page.html";
164 $incdir_perms = 02775;
166 if ($verbose) {print("Making a Group for : $gname\n")};
168 if (mkdir $group_dir, $default_perms) {
169 chown $dummy_uid, $gid, $group_dir ;
171 SudoEffectiveUser($dummy_user, sub {
172 mkdir $log_dir, $default_perms ;
173 mkdir $cgi_dir, $default_perms ;
174 mkdir $ht_dir, $default_perms ;
175 mkdir $inc_dir, $default_perms ;
176 if (-e $default_page) {
178 if (&forge_get_config ('use_ssl')) {
179 $projurl .= 'https://';
181 $projurl .= 'http://';
183 $projurl .= &forge_get_config ('web_host');
184 $projurl .= &forge_get_config ('url_prefix');
185 $projurl .= 'projects/';
188 open DPT, $default_page;
189 open DP, "> $ht_dir/index.html";
190 while (my $l = <DPT>) {
192 $l =~ s/PROJECTNAME/$gname/;
193 $l =~ s/PROJECTURL/$projurl/;
199 # perl is sometime fucked to create with right permission
200 chmod $default_perms, $group_dir;
201 chmod $default_perms, $log_dir;
202 chmod $default_perms, $cgi_dir;
203 chmod $default_perms, $ht_dir;
204 chmod $incdir_perms, $inc_dir;
205 chmod 0664, "$ht_dir/index.php";
210 #############################
211 # Group Update Function
212 #############################
214 my ($gid, $gname, $is_public, $userlist) = @_;
215 my ($log_dir, $cgi_dir, $ht_dir);
216 my ($realuid, $realgid);
219 $group_dir = $grpdir_prefix.'/'.$gname;
220 $log_dir = $group_dir."/log";
221 $cgi_dir = $group_dir."/cgi-bin";
222 $ht_dir = $group_dir."/htdocs";
223 $inc_dir = $group_dir."/incoming";
226 $default_perms = 02775 ;
228 $default_perms = 02771 ;
230 $incdir_perms = 02775;
232 if ($verbose) {print("Updating Group: $gname\n")};
234 chown $dummy_uid, $gid, $group_dir;
236 SudoEffectiveUser($dummy_user, sub {
237 chmod $default_perms, $group_dir;
238 chmod $default_perms, $log_dir;
239 chmod $default_perms, $cgi_dir;
240 chmod $default_perms, $ht_dir;
241 chmod $incdir_perms, $inc_dir;
245 #############################
246 # Group Delete Function
247 #############################
249 my ($gname, $x, $gid, $userlist, $counter);
250 my $this_group = shift(@_);
253 if (substr($hostname,0,3) ne "cvs") {
254 if ($verbose) {print("Deleting Group: $this_group\n")};
255 system("/bin/mv /var/lib/gforge/chroot/home/groups/$this_group /var/lib/gforge/chroot/home/groups/deleted_group_$this_group");
256 system("/bin/tar -czf /var/lib/gforge/tmp/$this_group.tar.gz /var/lib/gforge/chroot/home/groups/deleted_group_$this_group && /bin/rm -rf /var/lib/gforge/chroot/home/groups/deleted_group_$this_group");
260 #############################
262 #############################
263 sub get_file_owner_uid {
264 my $filename = shift(@_);
265 my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($filename);
269 #############################
271 #############################
272 sub get_file_owner_gid {
273 my $filename = shift(@_);
274 my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($filename);