1#!/usr/local/bin/perl 2# save_acl.cgi 3# Save the ACL for a module for a user or group 4 5require './cluster-webmin-lib.pl'; 6&ReadParse(); 7$who = $in{'_acl_user'} ? $in{'_acl_user'} : $in{'_acl_group'}; 8 9# Validate and parse inputs 10&error_setup($text{'acl_err'}); 11$maccess{'noconfig'} = $in{'noconfig'}; 12if (-r "../$in{'_acl_mod'}/acl_security.pl") { 13 &foreign_require($in{'_acl_mod'}, "acl_security.pl"); 14 &foreign_call($in{'_acl_mod'}, "acl_security_save", \%maccess, \%in); 15 } 16 17# Setup error handler for down hosts 18sub user_error 19{ 20$user_error_msg = join("", @_); 21} 22&remote_error_setup(\&user_error); 23 24# Write out on all hosts, or just one host 25&ui_print_header(undef, $text{'acl_title'}, ""); 26@allhosts = &list_webmin_hosts(); 27@servers = &list_servers(); 28if ($in{'all'}) { 29 # Doing on all hosts that the user has the module on 30 foreach $h (@allhosts) { 31 local $w; 32 if ($in{'_acl_user'}) { 33 ($w) = grep { $_->{'name'} eq $in{'_acl_user'} } 34 @{$h->{'users'}}; 35 } 36 else { 37 ($w) = grep { $_->{'name'} eq $in{'_acl_group'} } 38 @{$h->{'groups'}}; 39 } 40 next if (!$w); 41 local %ingroup; 42 foreach $g (@{$h->{'groups'}}) { 43 map { $ingroup{$_}++ } @{$g->{'members'}}; 44 } 45 local @m = $ingroup{$w->{'name'}} ? @{$w->{'ownmods'}} 46 : @{$w->{'modules'}}; 47 push(@hosts, $h) if (&indexof($in{'_acl_mod'}, @m) >= 0 || 48 !$in{'_acl_mod'}); 49 } 50 print "<b>",&text('acl_doing', $who),"</b><p>\n"; 51 } 52else { 53 # Doing on just one host 54 @hosts = grep { $_->{'id'} == $in{'_acl_host'} } @allhosts; 55 local ($s) = grep { $_->{'id'} == $hosts[0]->{'id'} } @servers; 56 print "<b>",&text('acl_doing2', $who, &server_name($s)),"</b><p>\n"; 57 } 58$p = 0; 59foreach $h (@hosts) { 60 local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers; 61 local ($rh = "READ$p", $wh = "WRITE$p"); 62 pipe($rh, $wh); 63 if (!fork()) { 64 close($rh); 65 &remote_foreign_require($s->{'host'}, "acl", "acl-lib.pl"); 66 if ($user_error_msg) { 67 # Host is down 68 print $wh &serialise_variable([ 0, $user_error_msg ]); 69 exit; 70 } 71 72 # Save the .acl file 73 local $cd = &remote_eval($s->{'host'}, "acl", 74 '$config_directory'); 75 $sfx = $in{'_acl_user'} ? "acl" : "gacl"; 76 &remote_foreign_call($s->{'host'}, "acl", "write_file", 77 "$cd/$in{'_acl_mod'}/$who.$sfx", \%maccess); 78 79 # Recursively update the ACL for all member users and groups 80 if ($in{'_acl_group'}) { 81 local ($group) = grep { $_->{'name'} eq $in{'_acl_group'} } 82 @{$h->{'groups'}}; 83 &remote_foreign_call($s->{'host'}, "acl", "set_acl_files", 84 $h->{'users'}, $h->{'groups'}, $in{'_acl_mod'}, 85 $group->{'members'}, \%maccess); 86 } 87 88 print $wh &serialise_variable([ 1 ]); 89 exit; 90 } 91 close($wh); 92 $p++; 93 } 94 95# Read back the results 96$p = 0; 97foreach $h (@hosts) { 98 local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers; 99 local $d = &server_name($s); 100 local $rh = "READ$p"; 101 local $line = <$rh>; 102 local $rv = &unserialise_variable($line); 103 close($rh); 104 105 if ($rv && $rv->[0] == 1) { 106 # It worked 107 print &text('acl_success', $d),"<br>\n"; 108 } 109 else { 110 # Something went wrong 111 print &text('acl_failed', $d, $rv->[1]),"<br>\n"; 112 } 113 $p++; 114 } 115 116print "<p><b>$text{'acl_done'}</b><p>\n"; 117 118&remote_finished(); 119&ui_print_footer("", $text{'index_return'}, 120 $in{'_acl_user'} ? ( "edit_user.cgi?user=$in{'_acl_user'}&host=$in{'_acl_host'}", $text{'user_return'} ) : ( "edit_group.cgi?group=$in{'_acl_group'}&host=$in{'_acl_host'}", $text{'group_return'} )); 121 122