]> rtime.felk.cvut.cz Git - novaboot.git/blob - server/novaboot-shell
projects / novaboot.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
server: Fix handling of multi-word commands (rsync) without authorized_keys command...
[novaboot.git] / server / novaboot-shell
1 #!/bin/sh
2
3 set -e
4
5 die() {
6     echo >&2 "novaboot-shell: $*"
7     exit 1
8 }
9
10 print_help() {
11     cat <<EOF
12 Target commands:
13 - console
14 - reset
15 - on
16 - off
17 - rsync ...
18
19 Management commands:
20 - help
21 EOF
22
23     if [ "$NB_ADMIN" ]; then
24         cat <<EOF
25 - add-key
26 - shell (use with ssh -t)
27 EOF
28     fi
29     exit 0
30 }
31
32 add_key() {
33     local user
34     [ "$NB_ADMIN" ] || return 1
35
36     case $# in
37         0) die "Username argument missing";;
38         1) break;;
39         *) die "User name must not contain spaces: $*";;
40     esac
41     user="$1"
42     key=$(cat)
43
44     tmp=$(mktemp ~/.ssh/authorized_keys.XXXXXXXX)
45     {
46         cat ~/.ssh/authorized_keys
47         echo "command=\"user $user\" $key"
48     } | sort -u > $tmp
49
50     mv $tmp ~/.ssh/authorized_keys
51 }
52
53 exec_shell() {
54     [ "$NB_ADMIN" ] || die "Permission denied"
55     exec /bin/bash || exec /bin/sh
56 }
57
58 lock_queue() {
59     lslocks | awk '{ if ($9 == "'"$RUN_DIR"'") { print $2 } }'
60 }
61
62 print_queue() {
63     local queue
64
65     queue=$(
66         for pid in $(lock_queue); do
67             echo $pid $(sed --null-data -ne '/^NOVABOOT_ID=/ s///p' /proc/$pid/environ)
68         done | sort)
69     if [ "$queue" ]; then
70         echo "Target is occupied by:"
71         ( echo "PID USER LOGIN_TIME FROM"; echo "$queue" ) | column -t
72     fi
73 }
74
75 locked() {
76     print_queue
77     tmp=$(mktemp)
78     no_fork=
79     flock -h 2>&1 | grep -q -e "--no-fork" && no_fork=--no-fork
80     rm -f "$tmp"
81     exec flock $no_fork "$RUN_DIR" "$@"
82 }
83
84 unlocked() {
85     exec "$@"
86 }
87
88 # run_subcommand should be called only after permission checks and/or locking
89 run_subcommand() {
90     case "$*" in
91         "console")
92             trap "rm -f $RUN_DIR/ppid" EXIT
93             echo $NOVABOOT_PPID > $RUN_DIR/ppid
94             echo 'novaboot-shell: Connected'
95             # TODO: $reset_begin_cmd
96             eval exec "${console_cmd:?}";;
97         "reset")
98             eval exec "${reset_cmd:?}";;
99         "rsync --server "*" . .")
100             if ! [ $# -eq 5 -o \( $# -eq 6 -a "$4" = '--log-format=X' \) ]; then
101                 die "Unexpected rsync invocation: $*"
102             fi
103             mkdir -p "$HOME/tftproot"
104             cd "$HOME/tftproot"
105             exec "$@";;
106         "on")
107             eval exec "${on_cmd:?}";;
108         "off")
109             eval exec "${off_cmd:?}";;
110     esac
111 }
112
113 main() {
114     if [ "$1" = "-c" ]; then
115         set -- $2
116     elif [ $# -gt 0 ]; then
117         die "Permission denied"
118     fi
119
120     NB_ADMIN=
121     if [ "$1" = "user" ]; then
122         # Get user name encoded in ~/.ssh/authorized_keys
123         NB_USER="$2";
124         [ "$3" = "admin" ] && NB_ADMIN=1
125         set -- $SSH_ORIGINAL_COMMAND
126     fi
127
128     if [ $# -eq 0 ]; then print_help; fi
129
130     IP=${SSH_CONNECTION%% *}
131     HOST=$(getent hosts $IP) || HOST=$IP
132     REMOTE=${HOST##* }
133     DATE=$(LANG=C date +'%F_%T')
134     export NOVABOOT_ID="${NB_USER:-?} $DATE ${REMOTE}"
135     export NOVABOOT_PPID=$PPID
136
137     mkdir -p "$RUN_DIR"
138
139     case "$1" in
140         # Commands allowed at any time
141         "console") locked $0 console;;
142         "get-config") echo -n "${target_config}"; exit;;
143         "add-key") shift; add_key "$@"; exit;;
144         "shell") exec_shell; exit;;
145         "help") print_help;;
146
147         # Commands allowed only when nobody or the same user is connected
148         # to the console. "The same user" means that we were executed by
149         # the same sshd process that has the lock. This is ensured by
150         # using SSH connection sharing on cline side.
151         reset | rsync | on | off)
152             ALLOWED_PPID=$(cat $RUN_DIR/ppid 2>/dev/null || :)
153             if [ "$PPID" -eq "${ALLOWED_PPID:-0}" ]; then run=unlocked; else run=locked; fi
154             $run $0 "$@";;
155         *)
156             echo >&2 "novaboot-shell: Command not allowed: $*"
157             logger -p error "novaboot-shell: Command not allowed: $*"
158             exit 1;;
159     esac
160 }
161
162 RUN_DIR="$HOME"
163
164 if [ "$NOVABOOT_SHELL_CONFIG" ]; then
165     CFG="$NOVABOOT_SHELL_CONFIG"
166 else
167     CFG="$HOME/.novaboot-shell"
168 fi
169
170 . "$CFG"
171
172 if [ -z "$NOVABOOT_ID" ]; then
173     main "$@"
174 else
175     run_subcommand "$@"
176 fi
Mirror of https://github.com/wentasah/novaboot