shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-16 22:50:10 +03:00
Code Releases Wiki Activity

Bug #847: Automatically create at bootstrap new user serveradmin with server_cipher driver.

Browse Source
This commit is contained in:
Carlos Martín 2011-10-25 18:48:24 +02:00
parent 3b2c9c7281
commit c7584ad602
3 changed files with 122 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/UserPool.h
View File

@ -157,6 +157,10 @@ public:
*/
static const char * DEFAULT_AUTH;
/**
* Name for the default Sunstone server user
*/
static const char * SERVER_NAME;
private:
//--------------------------------------------------------------------------

86
src/onedb/3.0.0_to_3.1.0.rb
View File

@ -26,6 +26,10 @@ module Migrator
end
def up
########################################################################
# Update table definitions
########################################################################
[ [:group_pool, "group"],
[:host_pool, "host"],
[:image_pool, "image"],
@ -45,6 +49,10 @@ module Migrator
end
}
########################################################################
# Add new attributes to images
########################################################################
@db.run "ALTER TABLE image_pool RENAME TO old_image_pool;"
@db.run "CREATE TABLE image_pool (oid INTEGER PRIMARY KEY, name VARCHAR(128), body TEXT, uid INTEGER, gid INTEGER, public INTEGER, UNIQUE(name,uid) );"
@ -78,6 +86,9 @@ module Migrator
@db.run "DROP TABLE old_image_pool;"
########################################################################
# Add new attributes to users
########################################################################
@db.run "ALTER TABLE user_pool RENAME TO old_user_pool;"
@db.run "CREATE TABLE user_pool (oid INTEGER PRIMARY KEY, name VARCHAR(128), body TEXT, UNIQUE(name));"
@ -100,6 +111,81 @@ module Migrator
@db.run "DROP TABLE old_user_pool;"
########################################################################
# Create new serveradmin user
########################################################################
username = "serveradmin"
found = false
oneadmin_row = nil
user_oid = nil
@db.fetch("SELECT * FROM user_pool WHERE name='#{username}'") do |row|
found = true
end
if ( found )
puts " > Trying to create user '#{username}' "<<
"for Sunstone and public servers operation;\n"<<
" but a user with that name already exists. "<<
"You will need to create manually a new user, visit\n"<<
" http://opennebula.org/documentation:rel3.2:upgrade"
else
@db.fetch("SELECT * FROM user_pool WHERE oid=0") do |row|
oneadmin_row = row
end
@db.fetch("SELECT last_oid FROM pool_control WHERE tablename='user_pool'") do |row|
user_oid = (row[:last_oid].to_i + 1)
end
doc = Document.new(oneadmin_row[:body])
doc.root.each_element("ID") { |e|
e.text = (user_oid).to_s
}
doc.root.each_element("GID") { |e|
e.text = "0"
}
doc.root.each_element("NAME") { |e|
e.text = username
}
doc.root.each_element("AUTH_DRIVER") { |e|
e.text = "server_cipher"
}
# Insert new user
@db[:user_pool].insert(
:oid => user_oid,
:name => username,
:body => doc.root.to_s)
# Update last oid in pool_control
@db.run("UPDATE pool_control SET last_oid=#{user_oid} WHERE tablename='user_pool';")
# Insert new user ID in oneadmin group
@db.fetch("SELECT body FROM group_pool WHERE oid=0") do |row|
doc = Document.new(row[:body])
end
doc.root.each_element("USERS"){ |e|
new_elem = e.add_element("ID")
new_elem.text = user_oid
}
@db.run("UPDATE group_pool SET body='#{doc.root.to_s}' WHERE oid=0;")
puts " > New user '#{username}' created "<<
"for Sunstone and public servers operation.\n"<<
" You will need to create some configuration files "<<
"before Sunstone, OCCI or EC2 are "<<
"started.\n Visit\n"<<
" http://opennebula.org/documentation:rel3.2:upgrade"
end
return true
end

44
src/um/UserPool.cc
View File

@ -35,6 +35,8 @@ const char * UserPool::SERVER_AUTH = "server*";
const char * UserPool::PUBLIC_AUTH = "public";
const char * UserPool::DEFAULT_AUTH = "default";
const char * UserPool::SERVER_NAME = "serveradmin";
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
@ -47,7 +49,8 @@ UserPool::UserPool(SqlDB * db,
time_t __session_expiration_time):
PoolSQL(db,User::table)
{
int one_uid = -1;
int one_uid = -1;
int server_uid = -1;
ostringstream oss;
string one_token;
string one_name;
@ -100,16 +103,33 @@ UserPool::UserPool(SqlDB * db,
{
if (User::split_secret(one_token,one_name,one_pass) == 0)
{
string error_str;
if ( one_name == SERVER_NAME )
{
oss << "The name '" << SERVER_NAME << "' is reserved";
}
else
{
string error_str;
allocate(&one_uid,
GroupPool::ONEADMIN_ID,
one_name,
GroupPool::ONEADMIN_NAME,
one_pass,
UserPool::CORE_AUTH,
true,
error_str);
allocate(&one_uid,
GroupPool::ONEADMIN_ID,
one_name,
GroupPool::ONEADMIN_NAME,
one_pass,
UserPool::CORE_AUTH,
true,
error_str);
// Create the serveradmin user with the same password
allocate(&server_uid,
GroupPool::ONEADMIN_ID,
SERVER_NAME,
GroupPool::ONEADMIN_NAME,
SSLTools::sha1_digest(one_pass),
"server_cipher",
true,
error_str);
}
}
else
{
@ -119,12 +139,12 @@ UserPool::UserPool(SqlDB * db,
}
else
{
oss << "Cloud not open file: " << one_auth;
oss << "Could not open file: " << one_auth;
}
file.close();
if (one_uid != 0)
if (one_uid != 0 || server_uid != 1)
{
NebulaLog::log("ONE",Log::ERROR,oss);
throw;