+#!/bin/sh
+
+# test to see if fuse-devel (or fuse.h and libfuse) are installed
+#
+cat <<EOF >fuse-test.c
+#include <fuse.h>
+int main() { struct fuse_context ctx;
+return fuse_main(0, (char **) 0, (struct fuse_operations *) 0); }
+EOF
+make fuse-test
+if [ $? = 0 ] ; then have_fuse=1 ; fi
+
+cat <<EOF >gridsite.spec
+#
+# Autogenerated by make-gridsite-spec
+#
+# You should modify make-gridsite-spec and rebuild RPM with make rpm
+# rather than editing this spec file
+#
Name: gridsite
-Version: %(echo ${MYVERSION:-1.x.x})
+Version: ${PATCH_VERSION:-1.x.x}
+# This next piece of .spec/sed magic puts the build OS version in the release
Release: 1%(sed 's/^\([A-Z]\)[^ ]* \([A-Z]\)[^0-9]*\([0-9][^ ]*\).*/\1\2\3/g' /etc/redhat-release | sed 's/[^A-Z,a-z,0-9]//g')
Summary: GridSite
License: Modified BSD
Group: System Environment/Daemons
Source: %{name}-%{version}.src.tar.gz
-Prefix: %(echo ${MYPREFIX:-/usr})
+Prefix: ${MYPREFIX:-/usr}
URL: http://www.gridsite.org/
Vendor: GridPP
Requires: libxml2
%build
cd src
-make prefix=$RPM_BUILD_ROOT/%{prefix} \
- GSOAPDIR=$GSOAPDIR OPENSSL_FLAGS=$OPENSSL_FLAGS \
- OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT
-
-if [ -f /usr/include/fuse/fuse.h ] ; then
- make slashgrid
+make prefix=\$RPM_BUILD_ROOT/%{prefix} \
+ GSOAPDIR=\$GSOAPDIR OPENSSL_FLAGS=\$OPENSSL_FLAGS \
+ OPENSSL_LIBS=\$OPENSSL_LIBS FLAVOR_EXT=\$FLAVOR_EXT
+
+EOF
+
+if [ $have_fuse ] ; then
+cat <<EOF >>gridsite.spec
+make prefix=\$RPM_BUILD_ROOT/%{prefix} \
+ GSOAPDIR=\$GSOAPDIR OPENSSL_FLAGS=\$OPENSSL_FLAGS \
+ OPENSSL_LIBS=\$OPENSSL_LIBS FLAVOR_EXT=\$FLAVOR_EXT slashgrid
+EOF
fi
+cat <<EOF >>gridsite.spec
+
%install
cd src
-make install prefix=$RPM_BUILD_ROOT/%{prefix} \
-GSOAPDIR=$GSOAPDIR OPENSSL_FLAGS=$OPENSSL_FLAGS \
-OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT
-
-mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
-
-if [ -f /usr/include/fuse/fuse.h ] ; then
- make install-slashgrid prefix=$RPM_BUILD_ROOT/%{prefix} \
- OPENSSL_FLAGS=$OPENSSL_FLAGS \
- OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT
-else
- echo -e '#!/bin/sh\necho SlashGrid wasnt built since no fuse-devel on build machine)' \
- >$RPM_BUILD_ROOT/%{prefix}/sbin/slashgrid
- echo -e '#!/bin/sh\n# chkconfig: - 90 10\n# description: slashgrid\necho SlashGrid wasnt built since no fuse-devel on build machine' \
- >$RPM_BUILD_ROOT/etc/rc.d/init.d/slashgrid
- mkdir -p $RPM_BUILD_ROOT/var/spool/slashgrid/headers
- mkdir -p $RPM_BUILD_ROOT/var/spool/slashgrid/blocks
- mkdir -p $RPM_BUILD_ROOT/var/spool/slashgrid/tmp
+make install prefix=\$RPM_BUILD_ROOT/%{prefix} \
+GSOAPDIR=\$GSOAPDIR OPENSSL_FLAGS=\$OPENSSL_FLAGS \
+OPENSSL_LIBS=\$OPENSSL_LIBS FLAVOR_EXT=\$FLAVOR_EXT
+EOF
+
+if [ $have_fuse ] ; then
+
+cat <<EOF >>gridsite.spec
+
+mkdir -p \$RPM_BUILD_ROOT/etc/rc.d/init.d
+make install-slashgrid prefix=\$RPM_BUILD_ROOT/%{prefix} \
+ OPENSSL_FLAGS=\$OPENSSL_FLAGS \
+ OPENSSL_LIBS=\$OPENSSL_LIBS FLAVOR_EXT=\$FLAVOR_EXT
+EOF
fi
+cat <<EOF >>gridsite.spec
+
%post shared
-if [ "$UID" = "0" ] ; then
+if [ "\$UID" = "0" ] ; then
/sbin/ldconfig
fi
%postun
-if [ "$UID" = "0" ] ; then
+if [ "\$UID" = "0" ] ; then
/sbin/ldconfig
fi
%attr(-, root, root) %{prefix}/lib/libgridsite.so
%attr(-, root, root) %{prefix}/lib/libgridsite_globus.so.%{version}
%attr(-, root, root) %{prefix}/lib/libgridsite_globus.so
-%attr(-, root, root) %{prefix}/share/doc/gridsite-%(echo ${MYVERSION:-1.x.x} | cut -f1-2 -d.)
+%attr(-, root, root) %{prefix}/share/doc/gridsite-${MINOR_VERSION:-1.x}
%files devel
%attr(-, root, root) %{prefix}/include/gridsite.h
%files gsexec
%attr(4510, root, apache) %{prefix}/sbin/gsexec
%attr(-, root, root) %{prefix}/share/man/man8/gsexec.8.gz
+EOF
+
+if [ $have_fuse ] ; then
+cat <<EOF >>gridsite.spec
%package slashgrid
Group: Applications/Internet
Summary: slashgrid daemon
%attr(0744, root, root) %{prefix}/sbin/slashgrid
%attr(0744, root, root) /etc/rc.d/init.d/slashgrid
%attr(0700, root, root) /var/spool/slashgrid
+EOF
+
+fi
+
return proxyfile;
}
+char *mapdir_uid_to_dn(uid_t uid)
+{
+ int ret;
+ char *firstlinkpath, *otherlinkpath, *dn, *buf = NULL;
+ struct dirent *mapdirentry;
+ DIR *mapdirstream;
+ ino_t firstinode;
+ long buflen;
+ struct stat statbuf;
+ struct passwd pw, *pwp;
+
+ if (gridmapdir == NULL) return NULL;
+
+ buflen = sysconf(_SC_GETPW_R_SIZE_MAX);
+ buf = malloc(buflen);
+
+ if ((buflen <= 0) ||
+ (getpwuid_r(uid, &pw, buf, buflen, &pwp) != 0) ||
+ (pw.pw_name == NULL))
+ {
+ if (buf != NULL) free(buf);
+ return NULL;
+ }
+
+ asprintf(&firstlinkpath, "%s/%s", gridmapdir, pw.pw_name);
+ ret = stat(firstlinkpath, &statbuf);
+
+ free(firstlinkpath);
+
+ if ((ret != 0) || (statbuf.st_nlink != 2))
+ {
+ free(buf);
+ return NULL;
+ }
+
+ firstinode = statbuf.st_ino; /* save for comparisons */
+
+ mapdirstream = opendir(gridmapdir);
+
+ if (mapdirstream != NULL)
+ {
+ while ((mapdirentry = readdir(mapdirstream)) != NULL)
+ {
+ if (strcmp(mapdirentry->d_name, pw.pw_name) == 0) continue;
+
+ if (mapdirentry->d_ino == firstinode)
+ {
+ asprintf(&otherlinkpath, "%s/%s", gridmapdir,
+ mapdirentry->d_name);
+
+ utime(otherlinkpath, (struct utimbuf *) NULL);
+ free(otherlinkpath);
+
+ dn = GRSThttpUrlDecode(mapdirentry->d_name);
+
+ if (debugmode) syslog(LOG_DEBUG, "mapdir_uid_to_dn "
+ "maps %s(%d) to %s", pw.pw_name, uid, dn);
+
+ closedir(mapdirstream);
+ free(buf);
+ return dn;
+ }
+ }
+
+ closedir(mapdirstream);
+ }
+
+ free(buf);
+ return NULL;
+}
+
+
int perform_request(struct grst_request *request_data,
struct fuse_context *fuse_ctx)
{
{
GRSTgaclPerm perm = GRST_PERM_NONE;
GRSTgaclCred *cred;
- GRSTgaclUser *user;
+ GRSTgaclUser *user = NULL;
GRSTgaclAcl *acl;
+ char *dn = NULL;
// eventually want a UID cache here...
-// will check gridmapdir for DN and create user in future...
- user = NULL; // but just anonymous user for now
+ dn = mapdir_uid_to_dn(fuse_ctx->uid);
- acl = GRSTgaclAclLoadforFile(path);
-
+ if (dn != NULL)
+ {
+ cred = GRSTgaclCredNew("person");
+ GRSTgaclCredAddValue(cred, "dn", dn);
+ user = GRSTgaclUserNew(cred);
+ free(dn);
+ }
+
+ acl = GRSTgaclAclLoadforFile(path);
perm = GRSTgaclAclTestUser(acl, user);
GRSTgaclAclFree(acl);
GRSTgaclUserFree(user);
-perm = 255;
+ if (strstr(path, GRST_ACL_FILE) != NULL) perm &= ~GRST_PERM_WRITE;
if (debugmode) syslog(LOG_DEBUG, "get_gaclPerm returns perm=%d", perm);
free(dirlist[i]);
}
- free(dirlist);
+ if (ilast >= 0) free(dirlist);
free(dirname);
return 0;
{
asprintf(&dirname, "%s%s/", local_root, &path[6]);
- if (debugmode) syslog(LOG_DEBUG, "in slashgrid_readdir, dirname=%s", dirname);
-
perm = get_gaclPerm(&fuse_ctx, dirname);
if (!GRSTgaclPermHasList(perm))
if (ilast < 0) return -ENOENT;
- filler(buf, ".", NULL, 0);
- filler(buf, "..", NULL, 0);
+// filler(buf, ".", NULL, 0);
+// filler(buf, "..", NULL, 0);
for (i=0; i <= ilast; ++i)
{
- if (dirlist[i]->d_name[0] != '.')
+// if (dirlist[i]->d_name[0] != '.')
filler(buf, dirlist[i]->d_name, NULL, 0);
free(dirlist[i]);
}
if ((local_root != NULL) && (strncmp(path, "/local/", 7) == 0))
{
- asprintf(&localpath, "%s/%s", local_root, &path[7]);
-
+ asprintf(&localpath, "%s/%s", local_root, &path[7]);
perm = get_gaclPerm(&fuse_ctx, localpath);
if (GRSTgaclPermHasWrite(perm))
int slashgrid_rename(const char *oldpath, const char *newpath)
{
- int anyerror = 0, thiserror, i, fd;
- char *s, *url, *p, *destination, errorbuffer[CURL_ERROR_SIZE+1] = "";
+ int anyerror = 0, thiserror, i, fd, ret;
+ char *s, *url, *p, *destination, errorbuffer[CURL_ERROR_SIZE+1] = "",
+ *oldlocalpath, *newlocalpath;
struct grst_read_data read_data;
struct fuse_context fuse_ctx;
struct grst_request request_data;
+ GRSTgaclPerm oldperm, newperm;
memcpy(&fuse_ctx, fuse_get_context(), sizeof(struct fuse_context));
- if (strncmp(oldpath, "/http/", 6) == 0)
+ if ((local_root != NULL) &&
+ ((strncmp(oldpath, "/local/", 7) == 0) ||
+ (strncmp(newpath, "/local/", 7) == 0)))
+ {
+ if (strncmp(oldpath, newpath, 7) != 0)
+ {
+ return -EXDEV; /* not on same filesystem */
+ }
+
+ asprintf(&oldlocalpath, "%s/%s", local_root, &oldpath[7]);
+ asprintf(&newlocalpath, "%s/%s", local_root, &newpath[7]);
+
+ oldperm = get_gaclPerm(&fuse_ctx, oldlocalpath);
+ newperm = get_gaclPerm(&fuse_ctx, newlocalpath);
+
+ if (GRSTgaclPermHasWrite(oldperm) &&
+ GRSTgaclPermHasWrite(newperm))
+ {
+ ret = rename(oldlocalpath, newlocalpath);
+ free(oldlocalpath);
+ free(newlocalpath);
+
+ return (ret == 0) ? 0 : -errno;
+ }
+
+ free(oldlocalpath);
+ free(newlocalpath);
+ return -EACCES;
+ }
+ else if (strncmp(oldpath, "/http/", 6) == 0)
{
if (strncmp(newpath, "/http/", 6) != 0) return -EXDEV;
int slashgrid_unlink(const char *path)
{
- int anyerror = 0, thiserror, i, fd;
- char *s, *url, *p, errorbuffer[CURL_ERROR_SIZE+1] = "";
+ int anyerror = 0, thiserror, i, fd, ret;
+ char *s, *url, *p, errorbuffer[CURL_ERROR_SIZE+1] = "",
+ *localpath;
struct grst_read_data read_data;
struct fuse_context fuse_ctx;
struct grst_request request_data;
+ GRSTgaclPerm perm;
memcpy(&fuse_ctx, fuse_get_context(), sizeof(struct fuse_context));
+ if (debugmode) syslog(LOG_DEBUG, "slashgrid_unlink called for %s", path);
+
if (strncmp(path, "/http/", 6) == 0)
asprintf(&url, "http://%s", &path[6]);
else if (strncmp(path, "/https/", 7) == 0)
asprintf(&url, "https://%s", &path[7]);
+ else if ((local_root != NULL) && (strncmp(path, "/local/", 7) == 0))
+ {
+ asprintf(&localpath, "%s/%s", local_root, &path[7]);
+
+ perm = get_gaclPerm(&fuse_ctx, localpath);
+
+ if (GRSTgaclPermHasWrite(perm))
+ {
+ ret = remove(localpath);
+ free(localpath);
+
+ return (ret == 0) ? 0 : -errno;
+ }
+
+ free(localpath);
+ return -EACCES;
+ }
else return -ENOENT;
read_data.buf = "";
int slashgrid_rmdir(const char *path)
{
int ret;
- char *pathwithslash;
-
+ char *pathwithslash, *localpath;
+
asprintf(&pathwithslash, "%s/", path);
ret = slashgrid_unlink(pathwithslash);
free(pathwithslash);
int slashgrid_mkdir(const char *path, mode_t mode)
{
int ret;
- char *pathwithslash;
+ char *pathwithslash, *localpath;
+ struct fuse_context fuse_ctx;
+ GRSTgaclPerm perm;
+ memcpy(&fuse_ctx, fuse_get_context(), sizeof(struct fuse_context));
+
+ if (debugmode) syslog(LOG_DEBUG, "slashgrid_mkdir, for %s", path);
+
+ if ((local_root != NULL) && (strncmp(path, "/local/", 7) == 0))
+ {
+ asprintf(&localpath, "%s/%s", local_root, &path[7]);
+
+ perm = get_gaclPerm(&fuse_ctx, localpath);
+
+ if (GRSTgaclPermHasWrite(perm))
+ {
+ ret = mkdir(localpath, S_IRUSR | S_IWUSR | S_IXUSR);
+ chown(localpath, local_uid, local_gid);
+ free(localpath);
+
+ return (ret == 0) ? 0 : -errno;
+ }
+
+ free(localpath);
+ return -EACCES;
+ }
+
asprintf(&pathwithslash, "%s/", path);
ret = slashgrid_write(pathwithslash, "", 0, 0, NULL);
free(pathwithslash);
ret = truncate(localpath, offset);
free(localpath);
- return (ret == 0) ? 0 : -ENOENT;
+ return (ret == 0) ? 0 : -errno;
}
free(localpath);
git://scientific.zcu.cz / jra1mw.git / commitdiff