forked from ungleich-public/cdist-contrib
[type/__dma_auth] Simplify code and add more comments
This commit is contained in:
parent
45b10f3e09
commit
67b989a717
2 changed files with 91 additions and 44 deletions
|
@ -31,27 +31,54 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
awk -F'\n' -v server="${server}" '
|
awk -F'\n' -v server="${server}" '
|
||||||
|
function getvalue(path) {
|
||||||
|
getline < path
|
||||||
|
close(path)
|
||||||
|
return $0
|
||||||
|
}
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
DP = "[: \t]" # copied from dma/conf.c
|
DP = "[: \t]" # copied from dma/conf.c
|
||||||
|
|
||||||
|
parameter_dir = ENVIRON["__object"] "/parameter/"
|
||||||
|
|
||||||
|
host_param = getvalue(parameter_dir "server")
|
||||||
|
if (!host_param) host_param = ENVIRON["__object_id"]
|
||||||
|
login_param = getvalue(parameter_dir "login")
|
||||||
|
passwd_param = getvalue(parameter_dir "password")
|
||||||
|
|
||||||
|
state = "absent"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/^#/ || /^$/ {
|
||||||
# skip comments and empty lines
|
# skip comments and empty lines
|
||||||
/^#/ || /^$/ { next }
|
next
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
|
# parse line
|
||||||
|
|
||||||
login = substr($0, 1, index($0, "|") - 1)
|
login = substr($0, 1, index($0, "|") - 1)
|
||||||
|
if (!login) { login = $0 } # if no "|" found
|
||||||
|
|
||||||
host = substr($0, length(login) + 2)
|
host = substr($0, length(login) + 2)
|
||||||
|
|
||||||
if (match(host, DP)) {
|
if (match(host, DP)) {
|
||||||
|
passwd = substr(host, RSTART)
|
||||||
host = substr(host, 1, RSTART - 1)
|
host = substr(host, 1, RSTART - 1)
|
||||||
endpos = length(login) + RSTART
|
} else {
|
||||||
} else endpos = length
|
passwd = ""
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
host == server { print endpos, $0 }
|
host == host_param && login == login_param {
|
||||||
' "${auth_conf}" \
|
if (passwd == passwd_param)
|
||||||
| while read -r pos line
|
state = "present"
|
||||||
do
|
else
|
||||||
printf '%s:%s\n' \
|
state = "different_password"
|
||||||
"$(printf '%s' "$line" | cut -c $((-pos)))" \
|
}
|
||||||
"$(printf '%s' "$line" | cut -c $((pos+2))- | cksum | cut -d' ' -f1)"
|
|
||||||
done
|
END {
|
||||||
|
print state
|
||||||
|
}
|
||||||
|
' "${auth_conf}"
|
|
@ -18,6 +18,7 @@
|
||||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
#
|
#
|
||||||
|
|
||||||
|
state_is=$(cat "${__object}/explorer/state")
|
||||||
state_should=$(cat "${__object}/parameter/state")
|
state_should=$(cat "${__object}/parameter/state")
|
||||||
|
|
||||||
if test -f "${__object}/parameter/server"
|
if test -f "${__object}/parameter/server"
|
||||||
|
@ -28,33 +29,27 @@ else
|
||||||
fi
|
fi
|
||||||
login=$(cat "${__object}/parameter/login")
|
login=$(cat "${__object}/parameter/login")
|
||||||
|
|
||||||
case $state_should
|
if test "${state_is}" = "${state_should}"
|
||||||
in
|
|
||||||
(present)
|
|
||||||
line_should=$(printf '%s|%s:%s\n' \
|
|
||||||
"${login}" "${server}" \
|
|
||||||
"$(cksum "${__object}/parameter/password" | cut -d' ' -f1)")
|
|
||||||
if grep -qxF "${line_should}" "${__object}/explorer/authusers"
|
|
||||||
then
|
then
|
||||||
# correct line already present -> nothing to do
|
# state is as it should
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
case $state_should
|
||||||
|
in
|
||||||
|
(present)
|
||||||
test -n "${login}" || { echo '--login must be non-empty' >&2; exit 1; }
|
test -n "${login}" || { echo '--login must be non-empty' >&2; exit 1; }
|
||||||
|
|
||||||
mode=1
|
mode=1
|
||||||
|
|
||||||
if test -s "${__object}/explorer/authusers"
|
if test "${state_is}" = 'absent'
|
||||||
then
|
then
|
||||||
printf 'set authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out}"
|
|
||||||
else
|
|
||||||
printf 'add authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out}"
|
printf 'add authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out}"
|
||||||
|
else
|
||||||
|
printf 'set authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out}"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
(absent)
|
(absent)
|
||||||
# no matching logins present -> nothing to do
|
|
||||||
test -s "${__object}/explorer/authusers" || exit 0
|
|
||||||
|
|
||||||
mode=0
|
mode=0
|
||||||
|
|
||||||
printf 'delete authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out}"
|
printf 'delete authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out}"
|
||||||
|
@ -67,16 +62,14 @@ esac
|
||||||
|
|
||||||
auth_conf=$(cat "${__object}/explorer/auth_conf")
|
auth_conf=$(cat "${__object}/explorer/auth_conf")
|
||||||
|
|
||||||
if test -z "${auth_conf}"
|
test -n "${auth_conf}" || {
|
||||||
then
|
|
||||||
echo 'Cannot determine path of dma auth.conf' >&2
|
echo 'Cannot determine path of dma auth.conf' >&2
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
}
|
||||||
|
|
||||||
|
|
||||||
cat <<EOF
|
cat <<EOF
|
||||||
export auth_conf='${auth_conf}'
|
auth_conf='${auth_conf}'
|
||||||
export login='${login}'
|
|
||||||
export server='${server}'
|
|
||||||
mode=${mode}
|
mode=${mode}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
@ -84,44 +77,71 @@ cat <<'EOF'
|
||||||
test -f "${auth_conf}" || touch "${auth_conf}"
|
test -f "${auth_conf}" || touch "${auth_conf}"
|
||||||
|
|
||||||
awk -F '\n' -v mode=$mode '
|
awk -F '\n' -v mode=$mode '
|
||||||
function getpw( line, path) {
|
function getvalue(path) {
|
||||||
path = (ENVIRON["__object"] "/parameter/password")
|
getline < path
|
||||||
getline line < path
|
|
||||||
close(path)
|
close(path)
|
||||||
return line
|
return $0
|
||||||
|
}
|
||||||
|
|
||||||
|
function print_should() {
|
||||||
|
printf "%s|%s:%s\n", login_param, host_param, passwd_param
|
||||||
}
|
}
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
DP = "[: \t]" # copied from dma/conf.c
|
DP = "[: \t]" # copied from dma/conf.c
|
||||||
|
|
||||||
|
parameter_dir = ENVIRON["__object"] "/parameter/"
|
||||||
|
|
||||||
|
host_param = getvalue(parameter_dir "server")
|
||||||
|
if (!host_param) host_param = ENVIRON["__object_id"]
|
||||||
|
login_param = getvalue(parameter_dir "login")
|
||||||
|
passwd_param = getvalue(parameter_dir "password")
|
||||||
}
|
}
|
||||||
|
|
||||||
# skip comments and empty lines
|
# skip comments and empty lines
|
||||||
/^#/ || /^$/ { print; next }
|
/^#/ || /^$/ { print; next }
|
||||||
|
|
||||||
{
|
{
|
||||||
|
# parse line
|
||||||
|
|
||||||
login = substr($0, 1, index($0, "|") - 1)
|
login = substr($0, 1, index($0, "|") - 1)
|
||||||
|
if (!login) { login = $0 } # if no "|" found
|
||||||
|
|
||||||
host = substr($0, length(login) + 2)
|
host = substr($0, length(login) + 2)
|
||||||
|
|
||||||
if (match(host, DP)) {
|
if (match(host, DP)) {
|
||||||
|
passwd = substr(host, RSTART)
|
||||||
host = substr(host, 1, RSTART - 1)
|
host = substr(host, 1, RSTART - 1)
|
||||||
endpos = length(login) + RSTART
|
} else {
|
||||||
} else endpos = length
|
passwd = ""
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
host == ENVIRON["server"] {
|
host == host_param {
|
||||||
if (mode) {
|
if (mode) {
|
||||||
if (login == ENVIRON["login"] && !written) {
|
# state_should == present
|
||||||
printf "%s%s\n", substr($0, 1, endpos+1), getpw()
|
if (login == login_param && !written) {
|
||||||
|
# replace line if host and login match
|
||||||
|
print_should()
|
||||||
written = 1
|
written = 1
|
||||||
next
|
next
|
||||||
}
|
}
|
||||||
} else if (!ENVIRON["login"] || login == ENVIRON["login"]) next
|
} else {
|
||||||
|
# state_should == absent
|
||||||
|
if (!login_param || login == login_param) {
|
||||||
|
# empty --login -> drop all lines for this host
|
||||||
|
next
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# leave other lines alone
|
||||||
{ print }
|
{ print }
|
||||||
|
|
||||||
END {
|
END {
|
||||||
if (mode && !written) {
|
if (mode && !written) {
|
||||||
printf "%s|%s:%s\n", ENVIRON["login"], ENVIRON["server"], getpw()
|
# append line if no match to replace was found
|
||||||
|
print_should()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
' <"${auth_conf}" >"${auth_conf}.tmp" \
|
' <"${auth_conf}" >"${auth_conf}.tmp" \
|
||||||
|
|
Loading…
Reference in a new issue