1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-22 13:33:52 +03:00

Feature #1681: Add new oned.conf att. for a default umask

This commit is contained in:
Carlos Martín 2013-01-18 18:34:51 +01:00
parent 3d3cc4fa9f
commit d4245a6699
35 changed files with 257 additions and 106 deletions

View File

@ -195,6 +195,7 @@ private:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
DatastoreTemplate* ds_template, DatastoreTemplate* ds_template,
int cluster_id, int cluster_id,
const string& cluster_name); const string& cluster_name);

View File

@ -75,6 +75,7 @@ public:
* @param gid the id of the group this object is assigned to * @param gid the id of the group this object is assigned to
* @param uname name of the user * @param uname name of the user
* @param gname name of the group * @param gname name of the group
* @param umask permissions umask
* @param ds_template Datastore definition template * @param ds_template Datastore definition template
* @param oid the id assigned to the Datastore * @param oid the id assigned to the Datastore
* @param cluster_id the id of the cluster this Datastore will belong to * @param cluster_id the id of the cluster this Datastore will belong to
@ -88,6 +89,7 @@ public:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
DatastoreTemplate * ds_template, DatastoreTemplate * ds_template,
int * oid, int * oid,
int cluster_id, int cluster_id,
@ -182,7 +184,7 @@ private:
*/ */
PoolObjectSQL * create() PoolObjectSQL * create()
{ {
return new Datastore(-1,-1,"","", 0, -1, ""); return new Datastore(-1,-1,"","", 0, 0, -1, "");
}; };
}; };

View File

@ -127,6 +127,7 @@ protected:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
int type, int type,
Template * _template_contents); Template * _template_contents);

View File

@ -38,6 +38,7 @@ public:
* @param gid the id of the group this object is assigned to * @param gid the id of the group this object is assigned to
* @param uname name of the owner user * @param uname name of the owner user
* @param gname name of the group * @param gname name of the group
* @param umask permissions umask
* @param type for the new Document * @param type for the new Document
* @param template_contents a Template object * @param template_contents a Template object
* @param oid the id assigned to the Document * @param oid the id assigned to the Document
@ -49,13 +50,14 @@ public:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
int type, int type,
Template * template_contents, Template * template_contents,
int * oid, int * oid,
string& error_str) string& error_str)
{ {
*oid = PoolSQL::allocate( *oid = PoolSQL::allocate(
new Document(-1, uid, gid, uname, gname, type, template_contents), new Document(-1, uid, gid, uname, gname, umask, type, template_contents),
error_str); error_str);
return *oid; return *oid;
@ -115,7 +117,7 @@ private:
*/ */
PoolObjectSQL * create() PoolObjectSQL * create()
{ {
return new Document(-1,-1,-1,"","",0,0); return new Document(-1,-1,-1,"","",0,0,0);
}; };
}; };

View File

@ -615,6 +615,7 @@ protected:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
ImageTemplate* img_template); ImageTemplate* img_template);
virtual ~Image(); virtual ~Image();

View File

@ -54,6 +54,7 @@ public:
* @param gid the id of the group this object is assigned to * @param gid the id of the group this object is assigned to
* @param uname name of the user * @param uname name of the user
* @param gname name of the group * @param gname name of the group
* @param umask permissions umask
* @param img_template template associated with the image * @param img_template template associated with the image
* @param ds_id the id of the datastore * @param ds_id the id of the datastore
* @param ds_name the name of the datastore * @param ds_name the name of the datastore
@ -73,6 +74,7 @@ public:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
ImageTemplate * img_template, ImageTemplate * img_template,
int ds_id, int ds_id,
const string& ds_name, const string& ds_name,
@ -219,7 +221,7 @@ private:
*/ */
PoolObjectSQL * create() PoolObjectSQL * create()
{ {
return new Image(-1,-1,"","",0); return new Image(-1,-1,"","",0,0);
}; };
}; };

View File

@ -356,6 +356,23 @@ public:
return nebula_configuration->to_xml(xml); return nebula_configuration->to_xml(xml);
}; };
int get_default_umask() const
{
string umask_st;
int umask;
istringstream iss;
get_configuration_attribute(
"DEFAULT_UMASK", umask_st);
iss.str(umask_st);
iss >> oct >> umask;
return umask;
};
// ----------------------------------------------------------------------- // -----------------------------------------------------------------------
// Default Quotas // Default Quotas
// ----------------------------------------------------------------------- // -----------------------------------------------------------------------

View File

@ -503,6 +503,14 @@ protected:
} }
}; };
/**
* Initializes the object's permissions, according to the provided umask.
*
* @param umask Permission mask, similar to unix umask.
* For example a umask of 137 will set the permissions "um- u-- ---"
*/
void set_umask(int umask);
/** /**
* The object's unique ID * The object's unique ID
*/ */

View File

@ -65,7 +65,8 @@ protected:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att) RequestAttributes& att,
int umask)
{ {
return -1; return -1;
}; };
@ -76,9 +77,10 @@ protected:
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name) const string& cluster_name,
int umask)
{ {
return pool_allocate(_paramList, tmpl, id, error_str, att); return pool_allocate(_paramList, tmpl, id, error_str, att, umask);
}; };
virtual int get_cluster_id(xmlrpc_c::paramList const& paramList) virtual int get_cluster_id(xmlrpc_c::paramList const& paramList)
@ -139,7 +141,8 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att); RequestAttributes& att,
int umask);
bool allocate_authorization(Template * obj_template, bool allocate_authorization(Template * obj_template,
RequestAttributes& att, RequestAttributes& att,
@ -178,7 +181,8 @@ public:
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name); const string& cluster_name,
int umask);
int get_cluster_id(xmlrpc_c::paramList const& paramList) int get_cluster_id(xmlrpc_c::paramList const& paramList)
{ {
@ -250,7 +254,8 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att); RequestAttributes& att,
int umask);
}; };
/* ------------------------------------------------------------------------- */ /* ------------------------------------------------------------------------- */
@ -280,7 +285,8 @@ public:
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name); const string& cluster_name,
int umask);
int get_cluster_id(xmlrpc_c::paramList const& paramList) int get_cluster_id(xmlrpc_c::paramList const& paramList)
{ {
@ -320,7 +326,8 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att); RequestAttributes& att,
int umask);
void log_xmlrpc_param( void log_xmlrpc_param(
const xmlrpc_c::value& v, const xmlrpc_c::value& v,
@ -351,7 +358,8 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att); RequestAttributes& att,
int umask);
}; };
/* ------------------------------------------------------------------------- */ /* ------------------------------------------------------------------------- */
@ -386,7 +394,8 @@ public:
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name); const string& cluster_name,
int umask);
int get_cluster_id(xmlrpc_c::paramList const& paramList) int get_cluster_id(xmlrpc_c::paramList const& paramList)
{ {
@ -440,7 +449,8 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att); RequestAttributes& att,
int umask);
}; };
/* ------------------------------------------------------------------------- */ /* ------------------------------------------------------------------------- */
@ -473,7 +483,8 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att); RequestAttributes& att,
int umask);
}; };
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */

View File

@ -49,7 +49,8 @@ protected:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att) = 0; RequestAttributes& att,
int umask) = 0;
}; };
/* ------------------------------------------------------------------------- */ /* ------------------------------------------------------------------------- */
@ -83,15 +84,16 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att) RequestAttributes& att,
int umask)
{ {
VMTemplatePool * tpool = static_cast<VMTemplatePool *>(pool); VMTemplatePool * tpool = static_cast<VMTemplatePool *>(pool);
VirtualMachineTemplate * ttmpl = VirtualMachineTemplate * ttmpl =
static_cast<VirtualMachineTemplate *>(tmpl); static_cast<VirtualMachineTemplate *>(tmpl);
return tpool->allocate(att.uid, att.gid, att.uname, att.gname, ttmpl, return tpool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
&id, error_str); ttmpl, &id, error_str);
}; };
}; };
@ -127,12 +129,13 @@ public:
Template * tmpl, Template * tmpl,
int& id, int& id,
string& error_str, string& error_str,
RequestAttributes& att) RequestAttributes& att,
int umask)
{ {
DocumentPool * docpool = static_cast<DocumentPool *>(pool); DocumentPool * docpool = static_cast<DocumentPool *>(pool);
Document * doc = docpool->get(source_id, true); Document * doc = docpool->get(source_id, true);
return docpool->allocate(att.uid, att.gid, att.uname, att.gname, return docpool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
doc->get_document_type(), tmpl, &id, error_str); doc->get_document_type(), tmpl, &id, error_str);
}; };
}; };

View File

@ -117,6 +117,7 @@ protected:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualMachineTemplate * _template_contents); VirtualMachineTemplate * _template_contents);
~VMTemplate(); ~VMTemplate();

View File

@ -36,6 +36,9 @@ public:
* allocated for the object. * allocated for the object.
* @param uid user id (the owner of the Template) * @param uid user id (the owner of the Template)
* @param gid the id of the group this object is assigned to * @param gid the id of the group this object is assigned to
* @param uname user name
* @param gname group name
* @param umask permissions umask
* @param template_contents a VM Template object * @param template_contents a VM Template object
* @param oid the id assigned to the Template * @param oid the id assigned to the Template
* @param error_str Returns the error reason, if any * @param error_str Returns the error reason, if any
@ -46,6 +49,7 @@ public:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualMachineTemplate * template_contents, VirtualMachineTemplate * template_contents,
int * oid, int * oid,
string& error_str); string& error_str);
@ -118,7 +122,7 @@ private:
*/ */
PoolObjectSQL * create() PoolObjectSQL * create()
{ {
return new VMTemplate(-1,-1,-1,"","",0); return new VMTemplate(-1,-1,-1,"","",0,0);
}; };
}; };

View File

@ -1220,6 +1220,7 @@ protected:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualMachineTemplate * _vm_template); VirtualMachineTemplate * _vm_template);
virtual ~VirtualMachine(); virtual ~VirtualMachine();

View File

@ -46,10 +46,14 @@ public:
* Function to allocate a new VM object * Function to allocate a new VM object
* @param uid user id (the owner of the VM) * @param uid user id (the owner of the VM)
* @param gid the id of the group this object is assigned to * @param gid the id of the group this object is assigned to
* @param uname user name
* @param gname group name
* @param umask permissions umask
* @param vm_template a VM Template object describing the VM * @param vm_template a VM Template object describing the VM
* @param oid the id assigned to the VM (output) * @param oid the id assigned to the VM (output)
* @param error_str Returns the error reason, if any * @param error_str Returns the error reason, if any
* @param on_hold flag to submit on hold * @param on_hold flag to submit on hold
*
* @return oid on success, -1 error inserting in DB or -2 error parsing * @return oid on success, -1 error inserting in DB or -2 error parsing
* the template * the template
*/ */
@ -58,6 +62,7 @@ public:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualMachineTemplate * vm_template, VirtualMachineTemplate * vm_template,
int * oid, int * oid,
string& error_str, string& error_str,
@ -249,7 +254,7 @@ private:
*/ */
PoolObjectSQL * create() PoolObjectSQL * create()
{ {
return new VirtualMachine(-1,-1,-1,"","",0); return new VirtualMachine(-1,-1,-1,"","",0,0);
}; };
/** /**

View File

@ -299,6 +299,7 @@ private:
int gid, int gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
int _umask,
int _cluster_id, int _cluster_id,
const string& _cluster_name, const string& _cluster_name,
VirtualNetworkTemplate * _vn_template = 0); VirtualNetworkTemplate * _vn_template = 0);

View File

@ -45,6 +45,9 @@ public:
* Function to allocate a new VNET object * Function to allocate a new VNET object
* @param uid user identifier * @param uid user identifier
* @param gid the id of the group this object is assigned to * @param gid the id of the group this object is assigned to
* @param uname user name
* @param gname group name
* @param umask permissions umask
* @param vn_template a VirtualNetworkTemplate describing the VNET * @param vn_template a VirtualNetworkTemplate describing the VNET
* @param oid the id assigned to the VM (output) * @param oid the id assigned to the VM (output)
* @param cluster_id the id of the cluster this VNET will belong to * @param cluster_id the id of the cluster this VNET will belong to
@ -57,6 +60,7 @@ public:
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualNetworkTemplate * vn_template, VirtualNetworkTemplate * vn_template,
int * oid, int * oid,
int cluster_id, int cluster_id,
@ -169,7 +173,7 @@ private:
*/ */
PoolObjectSQL * create() PoolObjectSQL * create()
{ {
return new VirtualNetwork(-1,-1,"","",-1,"",0); return new VirtualNetwork(-1,-1,"","",0,-1,"",0);
}; };
/** /**

View File

@ -465,6 +465,10 @@ HM_MAD = [
# ENABLE_OTHER_PERMISSIONS: Whether or not users can set the permissions for # ENABLE_OTHER_PERMISSIONS: Whether or not users can set the permissions for
# 'other', so publishing or sharing resources with others. Users in the oneadmin # 'other', so publishing or sharing resources with others. Users in the oneadmin
# group will still be able to change these permissions. Values: YES or NO. # group will still be able to change these permissions. Values: YES or NO.
#
# DEFAULT_UMASK: Similar to Unix umask, sets the default resources permissions.
# Its format must be 3 octal digits. For example a umask of 137 will set
# the new object's permissions to 640 "um- u-- ---"
#******************************************************************************* #*******************************************************************************
AUTH_MAD = [ AUTH_MAD = [
@ -476,6 +480,8 @@ SESSION_EXPIRATION_TIME = 900
#ENABLE_OTHER_PERMISSIONS = "YES" #ENABLE_OTHER_PERMISSIONS = "YES"
DEFAULT_UMASK = 177
#******************************************************************************* #*******************************************************************************
# Restricted Attributes Configuration # Restricted Attributes Configuration
#******************************************************************************* #*******************************************************************************

View File

@ -41,6 +41,7 @@ Datastore::Datastore(
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
DatastoreTemplate* ds_template, DatastoreTemplate* ds_template,
int cluster_id, int cluster_id,
const string& cluster_name): const string& cluster_name):
@ -52,8 +53,6 @@ Datastore::Datastore(
base_path(""), base_path(""),
type(IMAGE_DS) type(IMAGE_DS)
{ {
group_u = 1;
if (ds_template != 0) if (ds_template != 0)
{ {
obj_template = ds_template; obj_template = ds_template;
@ -62,6 +61,10 @@ Datastore::Datastore(
{ {
obj_template = new DatastoreTemplate; obj_template = new DatastoreTemplate;
} }
set_umask(umask);
group_u = 1;
} }
/* ------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------ */

View File

@ -47,7 +47,6 @@ DatastorePool::DatastorePool(SqlDB * db):
if (get_lastOID() == -1) //lastOID is set in PoolSQL::init_cb if (get_lastOID() == -1) //lastOID is set in PoolSQL::init_cb
{ {
DatastoreTemplate * ds_tmpl; DatastoreTemplate * ds_tmpl;
Datastore * ds;
int rc; int rc;
@ -71,6 +70,7 @@ DatastorePool::DatastorePool(SqlDB * db):
GroupPool::ONEADMIN_ID, GroupPool::ONEADMIN_ID,
UserPool::oneadmin_name, UserPool::oneadmin_name,
GroupPool::ONEADMIN_NAME, GroupPool::ONEADMIN_NAME,
0137,
ds_tmpl, ds_tmpl,
&rc, &rc,
ClusterPool::NONE_CLUSTER_ID, ClusterPool::NONE_CLUSTER_ID,
@ -104,6 +104,7 @@ DatastorePool::DatastorePool(SqlDB * db):
GroupPool::ONEADMIN_ID, GroupPool::ONEADMIN_ID,
UserPool::oneadmin_name, UserPool::oneadmin_name,
GroupPool::ONEADMIN_NAME, GroupPool::ONEADMIN_NAME,
0133,
ds_tmpl, ds_tmpl,
&rc, &rc,
ClusterPool::NONE_CLUSTER_ID, ClusterPool::NONE_CLUSTER_ID,
@ -115,18 +116,6 @@ DatastorePool::DatastorePool(SqlDB * db):
goto error_bootstrap; goto error_bootstrap;
} }
ds = get(rc, true);
ds->set_permissions(
-1,-1,-1,
-1,-1,-1,
1,-1,-1,
error_str);
update(ds);
ds->unlock();
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
// Create the default file datastore // Create the default file datastore
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
@ -149,6 +138,7 @@ DatastorePool::DatastorePool(SqlDB * db):
GroupPool::ONEADMIN_ID, GroupPool::ONEADMIN_ID,
UserPool::oneadmin_name, UserPool::oneadmin_name,
GroupPool::ONEADMIN_NAME, GroupPool::ONEADMIN_NAME,
0133,
ds_tmpl, ds_tmpl,
&rc, &rc,
ClusterPool::NONE_CLUSTER_ID, ClusterPool::NONE_CLUSTER_ID,
@ -160,18 +150,6 @@ DatastorePool::DatastorePool(SqlDB * db):
goto error_bootstrap; goto error_bootstrap;
} }
ds = get(rc, true);
ds->set_permissions(
-1,-1,-1,
-1,-1,-1,
1,-1,-1,
error_str);
update(ds);
ds->unlock();
// User created datastores will start from ID 100 // User created datastores will start from ID 100
set_update_lastOID(99); set_update_lastOID(99);
} }
@ -194,6 +172,7 @@ int DatastorePool::allocate(
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
DatastoreTemplate * ds_template, DatastoreTemplate * ds_template,
int * oid, int * oid,
int cluster_id, int cluster_id,
@ -205,7 +184,7 @@ int DatastorePool::allocate(
string name; string name;
ostringstream oss; ostringstream oss;
ds = new Datastore(uid, gid, uname, gname, ds = new Datastore(uid, gid, uname, gname, umask,
ds_template, cluster_id, cluster_name); ds_template, cluster_id, cluster_name);
// ------------------------------------------------------------------------- // -------------------------------------------------------------------------

View File

@ -25,6 +25,7 @@ Document::Document( int id,
int _gid, int _gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
int _umask,
int _type, int _type,
Template * _template_contents): Template * _template_contents):
PoolObjectSQL(id,DOCUMENT,"",_uid,_gid,_uname,_gname,table), type(_type) PoolObjectSQL(id,DOCUMENT,"",_uid,_gid,_uname,_gname,table), type(_type)
@ -37,6 +38,8 @@ Document::Document( int id,
{ {
obj_template = new Template; obj_template = new Template;
} }
set_umask(_umask);
} }
/* ------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------ */

View File

@ -38,6 +38,7 @@ Image::Image(int _uid,
int _gid, int _gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
int _umask,
ImageTemplate * _image_template): ImageTemplate * _image_template):
PoolObjectSQL(-1,IMAGE,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(-1,IMAGE,"",_uid,_gid,_uname,_gname,table),
type(OS), type(OS),
@ -64,6 +65,8 @@ Image::Image(int _uid,
{ {
obj_template = new ImageTemplate; obj_template = new ImageTemplate;
} }
set_umask(_umask);
} }
Image::~Image() Image::~Image()

View File

@ -67,6 +67,7 @@ int ImagePool::allocate (
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
ImageTemplate * img_template, ImageTemplate * img_template,
int ds_id, int ds_id,
const string& ds_name, const string& ds_name,
@ -86,7 +87,7 @@ int ImagePool::allocate (
string type; string type;
ostringstream oss; ostringstream oss;
img = new Image(uid, gid, uname, gname, img_template); img = new Image(uid, gid, uname, gname, umask, img_template);
// ------------------------------------------------------------------------- // -------------------------------------------------------------------------
// Check name & duplicates // Check name & duplicates

View File

@ -225,6 +225,7 @@ void OpenNebulaTemplate::set_conf_default()
#******************************************************************************* #*******************************************************************************
# SESSION_EXPIRATION_TIME # SESSION_EXPIRATION_TIME
# ENABLE_OTHER_PERMISSIONS # ENABLE_OTHER_PERMISSIONS
# DEFAULT_UMASK
#******************************************************************************* #*******************************************************************************
*/ */
// SESSION_EXPIRATION_TIME // SESSION_EXPIRATION_TIME
@ -238,5 +239,11 @@ void OpenNebulaTemplate::set_conf_default()
attribute = new SingleAttribute("ENABLE_OTHER_PERMISSIONS",value); attribute = new SingleAttribute("ENABLE_OTHER_PERMISSIONS",value);
conf_default.insert(make_pair(attribute->name(),attribute)); conf_default.insert(make_pair(attribute->name(),attribute));
// DEFAULT_UMASK
value = "177";
attribute = new SingleAttribute("DEFAULT_UMASK",value);
conf_default.insert(make_pair(attribute->name(),attribute));
} }

View File

@ -17,6 +17,7 @@
#include "PoolObjectSQL.h" #include "PoolObjectSQL.h"
#include "PoolObjectAuth.h" #include "PoolObjectAuth.h"
#include "SSLTools.h" #include "SSLTools.h"
#include "Nebula.h"
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
@ -305,3 +306,41 @@ error_value:
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
void PoolObjectSQL::set_umask(int umask)
{
int perms;
bool enable_other;
Nebula::instance().get_configuration_attribute(
"ENABLE_OTHER_PERMISSIONS", enable_other);
if (uid == 0 || gid == 0)
{
perms = 0777;
}
else if (enable_other)
{
perms = 0666;
}
else
{
perms = 0660;
}
perms = perms & ~umask;
owner_u = ( (perms & 0400) != 0 ) ? 1 : 0;
owner_m = ( (perms & 0200) != 0 ) ? 1 : 0;
owner_a = ( (perms & 0100) != 0 ) ? 1 : 0;
group_u = ( (perms & 0040) != 0 ) ? 1 : 0;
group_m = ( (perms & 0020) != 0 ) ? 1 : 0;
group_a = ( (perms & 0010) != 0 ) ? 1 : 0;
other_u = ( (perms & 0004) != 0 ) ? 1 : 0;
other_m = ( (perms & 0002) != 0 ) ? 1 : 0;
other_a = ( (perms & 0001) != 0 ) ? 1 : 0;
}
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */

View File

@ -131,7 +131,7 @@ void RequestManagerAllocate::request_execute(xmlrpc_c::paramList const& params,
Template * tmpl = 0; Template * tmpl = 0;
string error_str; string error_str;
int rc, id; int rc, id, umask;
Cluster * cluster = 0; Cluster * cluster = 0;
int cluster_id = ClusterPool::NONE_CLUSTER_ID; int cluster_id = ClusterPool::NONE_CLUSTER_ID;
@ -179,7 +179,9 @@ void RequestManagerAllocate::request_execute(xmlrpc_c::paramList const& params,
return; return;
} }
rc = pool_allocate(params, tmpl, id, error_str, att, cluster_id, cluster_name); umask = Nebula::instance().get_default_umask();
rc = pool_allocate(params, tmpl, id, error_str, att, cluster_id, cluster_name, umask);
if ( rc < 0 ) if ( rc < 0 )
{ {
@ -234,11 +236,13 @@ void RequestManagerAllocate::request_execute(xmlrpc_c::paramList const& params,
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
int VirtualMachineAllocate::pool_allocate(xmlrpc_c::paramList const& paramList, int VirtualMachineAllocate::pool_allocate(
Template * tmpl, xmlrpc_c::paramList const& paramList,
int& id, Template * tmpl,
string& error_str, int& id,
RequestAttributes& att) string& error_str,
RequestAttributes& att,
int umask)
{ {
bool on_hold = false; bool on_hold = false;
@ -252,8 +256,8 @@ int VirtualMachineAllocate::pool_allocate(xmlrpc_c::paramList const& paramList,
Template tmpl_back(*tmpl); Template tmpl_back(*tmpl);
int rc = vmpool->allocate(att.uid, att.gid, att.uname, att.gname, ttmpl, &id, int rc = vmpool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
error_str, on_hold); ttmpl, &id, error_str, on_hold);
if ( rc < 0 ) if ( rc < 0 )
{ {
@ -274,13 +278,14 @@ int VirtualNetworkAllocate::pool_allocate(
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name) const string& cluster_name,
int umask)
{ {
VirtualNetworkPool * vpool = static_cast<VirtualNetworkPool *>(pool); VirtualNetworkPool * vpool = static_cast<VirtualNetworkPool *>(pool);
VirtualNetworkTemplate * vtmpl=static_cast<VirtualNetworkTemplate *>(tmpl); VirtualNetworkTemplate * vtmpl=static_cast<VirtualNetworkTemplate *>(tmpl);
return vpool->allocate(att.uid, att.gid, att.uname, att.gname, vtmpl, &id, return vpool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
cluster_id, cluster_name, error_str); vtmpl, &id, cluster_id, cluster_name, error_str);
} }
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
@ -319,6 +324,9 @@ void ImageAllocate::request_execute(xmlrpc_c::paramList const& params,
Datastore * ds; Datastore * ds;
Image::DiskType ds_disk_type; Image::DiskType ds_disk_type;
string umask_st;
int umask;
// ------------------------- Parse image template -------------------------- // ------------------------- Parse image template --------------------------
rc = tmpl->parse_str_or_xml(str_tmpl, error_str); rc = tmpl->parse_str_or_xml(str_tmpl, error_str);
@ -452,10 +460,13 @@ void ImageAllocate::request_execute(xmlrpc_c::paramList const& params,
} }
} }
umask = Nebula::instance().get_default_umask();
rc = ipool->allocate(att.uid, rc = ipool->allocate(att.uid,
att.gid, att.gid,
att.uname, att.uname,
att.gname, att.gname,
umask,
tmpl, tmpl,
ds_id, ds_id,
ds_name, ds_name,
@ -490,18 +501,20 @@ void ImageAllocate::request_execute(xmlrpc_c::paramList const& params,
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
int TemplateAllocate::pool_allocate(xmlrpc_c::paramList const& _paramList, int TemplateAllocate::pool_allocate(
Template * tmpl, xmlrpc_c::paramList const& paramList,
int& id, Template * tmpl,
string& error_str, int& id,
RequestAttributes& att) string& error_str,
RequestAttributes& att,
int umask)
{ {
VMTemplatePool * tpool = static_cast<VMTemplatePool *>(pool); VMTemplatePool * tpool = static_cast<VMTemplatePool *>(pool);
VirtualMachineTemplate * ttmpl=static_cast<VirtualMachineTemplate *>(tmpl); VirtualMachineTemplate * ttmpl=static_cast<VirtualMachineTemplate *>(tmpl);
return tpool->allocate(att.uid, att.gid, att.uname, att.gname, ttmpl, &id, return tpool->allocate(att.uid, att.gid, att.uname, att.gname, umask, ttmpl,
error_str); &id, error_str);
} }
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
@ -514,7 +527,8 @@ int HostAllocate::pool_allocate(
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name) const string& cluster_name,
int umask)
{ {
string host = xmlrpc_c::value_string(paramList.getString(1)); string host = xmlrpc_c::value_string(paramList.getString(1));
string im_mad = xmlrpc_c::value_string(paramList.getString(2)); string im_mad = xmlrpc_c::value_string(paramList.getString(2));
@ -531,11 +545,13 @@ int HostAllocate::pool_allocate(
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
int UserAllocate::pool_allocate(xmlrpc_c::paramList const& paramList, int UserAllocate::pool_allocate(
Template * tmpl, xmlrpc_c::paramList const& paramList,
int& id, Template * tmpl,
string& error_str, int& id,
RequestAttributes& att) string& error_str,
RequestAttributes& att,
int umask)
{ {
string uname = xmlrpc_c::value_string(paramList.getString(1)); string uname = xmlrpc_c::value_string(paramList.getString(1));
string passwd = xmlrpc_c::value_string(paramList.getString(2)); string passwd = xmlrpc_c::value_string(paramList.getString(2));
@ -580,11 +596,13 @@ void UserAllocate::log_xmlrpc_param(
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
int GroupAllocate::pool_allocate(xmlrpc_c::paramList const& paramList, int GroupAllocate::pool_allocate(
Template * tmpl, xmlrpc_c::paramList const& paramList,
int& id, Template * tmpl,
string& error_str, int& id,
RequestAttributes& att) string& error_str,
RequestAttributes& att,
int umask)
{ {
string gname = xmlrpc_c::value_string(paramList.getString(1)); string gname = xmlrpc_c::value_string(paramList.getString(1));
@ -603,24 +621,27 @@ int DatastoreAllocate::pool_allocate(
string& error_str, string& error_str,
RequestAttributes& att, RequestAttributes& att,
int cluster_id, int cluster_id,
const string& cluster_name) const string& cluster_name,
int umask)
{ {
DatastorePool * dspool = static_cast<DatastorePool *>(pool); DatastorePool * dspool = static_cast<DatastorePool *>(pool);
DatastoreTemplate * ds_tmpl = static_cast<DatastoreTemplate *>(tmpl); DatastoreTemplate * ds_tmpl = static_cast<DatastoreTemplate *>(tmpl);
return dspool->allocate(att.uid, att.gid, att.uname, att.gname, return dspool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
ds_tmpl, &id, cluster_id, cluster_name, error_str); ds_tmpl, &id, cluster_id, cluster_name, error_str);
} }
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
int ClusterAllocate::pool_allocate(xmlrpc_c::paramList const& paramList, int ClusterAllocate::pool_allocate(
Template * tmpl, xmlrpc_c::paramList const& paramList,
int& id, Template * tmpl,
string& error_str, int& id,
RequestAttributes& att) string& error_str,
RequestAttributes& att,
int umask)
{ {
string name = xmlrpc_c::value_string(paramList.getString(1)); string name = xmlrpc_c::value_string(paramList.getString(1));
@ -632,16 +653,18 @@ int ClusterAllocate::pool_allocate(xmlrpc_c::paramList const& paramList,
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
int DocumentAllocate::pool_allocate(xmlrpc_c::paramList const& paramList, int DocumentAllocate::pool_allocate(
Template * tmpl, xmlrpc_c::paramList const& paramList,
int& id, Template * tmpl,
string& error_str, int& id,
RequestAttributes& att) string& error_str,
RequestAttributes& att,
int umask)
{ {
int type = xmlrpc_c::value_int(paramList.getInt(2)); int type = xmlrpc_c::value_int(paramList.getInt(2));
DocumentPool * docpool = static_cast<DocumentPool *>(pool); DocumentPool * docpool = static_cast<DocumentPool *>(pool);
return docpool->allocate(att.uid, att.gid, att.uname, att.gname, type, return docpool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
tmpl, &id, error_str); type, tmpl, &id, error_str);
} }

View File

@ -28,7 +28,7 @@ void RequestManagerClone::request_execute(
int source_id = xmlrpc_c::value_int(paramList.getInt(1)); int source_id = xmlrpc_c::value_int(paramList.getInt(1));
string name = xmlrpc_c::value_string(paramList.getString(2)); string name = xmlrpc_c::value_string(paramList.getString(2));
int rc, new_id; int rc, new_id, umask;
PoolObjectAuth perms; PoolObjectAuth perms;
@ -80,7 +80,9 @@ void RequestManagerClone::request_execute(
} }
} }
rc = pool_allocate(source_id, tmpl, new_id, error_str, att); umask = Nebula::instance().get_default_umask();
rc = pool_allocate(source_id, tmpl, new_id, error_str, att, umask);
if ( rc < 0 ) if ( rc < 0 )
{ {

View File

@ -229,7 +229,7 @@ void ImageClone::request_execute(
int clone_id = xmlrpc_c::value_int(paramList.getInt(1)); int clone_id = xmlrpc_c::value_int(paramList.getInt(1));
string name = xmlrpc_c::value_string(paramList.getString(2)); string name = xmlrpc_c::value_string(paramList.getString(2));
int rc, new_id, ds_id, size; int rc, new_id, ds_id, size, umask;
string error_str, ds_name, ds_data; string error_str, ds_name, ds_data;
Image::DiskType disk_type; Image::DiskType disk_type;
@ -356,10 +356,13 @@ void ImageClone::request_execute(
} }
} }
umask = Nebula::instance().get_default_umask();
rc = ipool->allocate(att.uid, rc = ipool->allocate(att.uid,
att.gid, att.gid,
att.uname, att.uname,
att.gname, att.gname,
umask,
tmpl, tmpl,
ds_id, ds_id,
ds_name, ds_name,

View File

@ -30,6 +30,7 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList
int rc; int rc;
int vid; int vid;
int umask;
ostringstream sid; ostringstream sid;
@ -138,8 +139,10 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList
Template tmpl_back(*tmpl); Template tmpl_back(*tmpl);
rc = vmpool->allocate(att.uid, att.gid, att.uname, att.gname, tmpl, &vid, umask = Nebula::instance().get_default_umask();
error_str, on_hold);
rc = vmpool->allocate(att.uid, att.gid, att.uname, att.gname, umask,
tmpl, &vid, error_str, on_hold);
if ( rc < 0 ) if ( rc < 0 )
{ {

View File

@ -855,10 +855,13 @@ void VirtualMachineSaveDisk::request_execute(xmlrpc_c::paramList const& paramLis
// Create the image // Create the image
// ------------------------------------------------------------------------- // -------------------------------------------------------------------------
int umask = Nebula::instance().get_default_umask();
rc = ipool->allocate(att.uid, rc = ipool->allocate(att.uid,
att.gid, att.gid,
att.uname, att.uname,
att.gname, att.gname,
umask,
itemplate, itemplate,
ds_id, ds_id,
ds_name, ds_name,

View File

@ -43,6 +43,7 @@ VirtualMachine::VirtualMachine(int id,
int _gid, int _gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
int umask,
VirtualMachineTemplate * _vm_template): VirtualMachineTemplate * _vm_template):
PoolObjectSQL(id,VM,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(id,VM,"",_uid,_gid,_uname,_gname,table),
last_poll(0), last_poll(0),
@ -70,6 +71,8 @@ VirtualMachine::VirtualMachine(int id,
} }
user_obj_template = new Template(false,'=',"USER_TEMPLATE"); user_obj_template = new Template(false,'=',"USER_TEMPLATE");
set_umask(umask);
} }
VirtualMachine::~VirtualMachine() VirtualMachine::~VirtualMachine()

View File

@ -210,6 +210,7 @@ int VirtualMachinePool::allocate (
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualMachineTemplate * vm_template, VirtualMachineTemplate * vm_template,
int * oid, int * oid,
string& error_str, string& error_str,
@ -220,7 +221,7 @@ int VirtualMachinePool::allocate (
// ------------------------------------------------------------------------ // ------------------------------------------------------------------------
// Build a new Virtual Machine object // Build a new Virtual Machine object
// ------------------------------------------------------------------------ // ------------------------------------------------------------------------
vm = new VirtualMachine(-1, uid, gid, uname, gname, vm_template); vm = new VirtualMachine(-1, uid, gid, uname, gname, umask, vm_template);
if ( _submit_on_hold == true || on_hold ) if ( _submit_on_hold == true || on_hold )
{ {

View File

@ -28,6 +28,7 @@ VMTemplate::VMTemplate(int id,
int _gid, int _gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
int umask,
VirtualMachineTemplate * _template_contents): VirtualMachineTemplate * _template_contents):
PoolObjectSQL(id,TEMPLATE,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(id,TEMPLATE,"",_uid,_gid,_uname,_gname,table),
regtime(time(0)) regtime(time(0))
@ -40,6 +41,8 @@ VMTemplate::VMTemplate(int id,
{ {
obj_template = new VirtualMachineTemplate; obj_template = new VirtualMachineTemplate;
} }
set_umask(umask);
} }
/* ------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------ */

View File

@ -28,6 +28,7 @@ int VMTemplatePool::allocate (
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualMachineTemplate * template_contents, VirtualMachineTemplate * template_contents,
int * oid, int * oid,
string& error_str) string& error_str)
@ -40,7 +41,7 @@ int VMTemplatePool::allocate (
// ------------------------------------------------------------------------ // ------------------------------------------------------------------------
// Build a new VMTemplate object // Build a new VMTemplate object
// ------------------------------------------------------------------------ // ------------------------------------------------------------------------
vm_template = new VMTemplate(-1, uid, gid, uname, gname,template_contents); vm_template = new VMTemplate(-1, uid, gid, uname, gname, umask, template_contents);
// Check name // Check name
vm_template->get_template_attribute("NAME", name); vm_template->get_template_attribute("NAME", name);

View File

@ -36,6 +36,7 @@ VirtualNetwork::VirtualNetwork(int _uid,
int _gid, int _gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
int _umask,
int _cluster_id, int _cluster_id,
const string& _cluster_name, const string& _cluster_name,
VirtualNetworkTemplate * _vn_template): VirtualNetworkTemplate * _vn_template):
@ -53,6 +54,8 @@ VirtualNetwork::VirtualNetwork(int _uid,
{ {
obj_template = new VirtualNetworkTemplate; obj_template = new VirtualNetworkTemplate;
} }
set_umask(_umask);
}; };
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */

View File

@ -81,6 +81,7 @@ int VirtualNetworkPool::allocate (
int gid, int gid,
const string& uname, const string& uname,
const string& gname, const string& gname,
int umask,
VirtualNetworkTemplate * vn_template, VirtualNetworkTemplate * vn_template,
int * oid, int * oid,
int cluster_id, int cluster_id,
@ -92,7 +93,7 @@ int VirtualNetworkPool::allocate (
string name; string name;
ostringstream oss; ostringstream oss;
vn = new VirtualNetwork(uid, gid, uname, gname, vn = new VirtualNetwork(uid, gid, uname, gname, umask,
cluster_id, cluster_name, vn_template); cluster_id, cluster_name, vn_template);
// Check name // Check name