diff options
author | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-06-17 20:09:33 -0400 |
---|---|---|
committer | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-06-17 20:09:33 -0400 |
commit | 4d12729aa4026229e4e118b924cc3b1c75ca214b (patch) | |
tree | abd9a69ec11504844148b1017f9e9601ef7e90b8 /go/parabola_hackers/nslcd_backend/hackers.go | |
parent | 4f175a22cf726bfa09652d8d9ca6374785561348 (diff) |
write setuid, move things around
Diffstat (limited to 'go/parabola_hackers/nslcd_backend/hackers.go')
-rw-r--r-- | go/parabola_hackers/nslcd_backend/hackers.go | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/go/parabola_hackers/nslcd_backend/hackers.go b/go/parabola_hackers/nslcd_backend/hackers.go new file mode 100644 index 0000000..bb03862 --- /dev/null +++ b/go/parabola_hackers/nslcd_backend/hackers.go @@ -0,0 +1,122 @@ +// Copyright 2015-2016 Luke Shumaker <lukeshu@sbcglobal.net>. +// +// This is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License as +// published by the Free Software Foundation; either version 2 of +// the License, or (at your option) any later version. +// +// This software is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public +// License along with this manual; if not, see +// <http://www.gnu.org/licenses/>. + +// Package hackers_nslcd_backend is an nslcd_server Backend that +// speaks to hackers.git. +package hackers_nslcd_backend + +import ( + "parabola_hackers" + "sync" + + nslcd_server "lukeshu.com/git/go/libnslcd.git/proto/server" + nslcd_systemd "lukeshu.com/git/go/libnslcd.git/systemd" + "lukeshu.com/git/go/libsystemd.git/sd_daemon/logger" +) + +type config struct { + Pam_password_prohibit_message string +} + +type Hackers struct { + nslcd_server.NilBackend + lock sync.RWMutex + + CfgFilename string + + cfg config + users map[int32]parabola_hackers.User + groups map[string]map[string]bool +} + +var _ nslcd_systemd.Backend = &Hackers{} +var _ nslcd_server.Backend = &Hackers{} + +func (o *Hackers) Init() error { + logger.Debug("hackers.git: CfgFilename = %v", o.CfgFilename) + err := o.Reload() + if err != nil { + logger.Err("hackers.git: Could not initialize: %v", err) + return err + } + return nil +} + +func (o *Hackers) Close() { + logger.Info("hackers.git: Closing session") + o.lock.Lock() + defer o.lock.Unlock() + + o.users = make(map[int32]parabola_hackers.User, 0) + o.groups = make(map[string]map[string]bool) +} + +func (o *Hackers) Reload() error { + logger.Info("hackers.git: Loading session") + o.lock.Lock() + defer o.lock.Unlock() + + var err error + o.cfg, err = parse_config(o.CfgFilename) + if err != nil { + return err + } + logger.Info("hackers.git: pam_password_prohibit_message: %#v", o.cfg.Pam_password_prohibit_message) + + logger.Debug("hackers.git: Parsing user data") + o.users, err = parabola_hackers.LoadAllUsers() + if err != nil { + return err + } + + passwords, err := parabola_hackers.LoadAllPasswords() + if err != nil { + return err + } + + o.groups = make(map[string]map[string]bool) + for uid, user := range o.users { + user.Passwd.GID = usersGid + hash, hasHash := passwords[user.Passwd.Name] + if !hasHash { + hash = "!" + } + user.Passwd.PwHash = hash + o.users[uid] = user + for _, groupname := range user.Groups { + o.add_user_to_group(user.Passwd.Name, groupname) + } + } + return nil +} + +func (o *Hackers) name2uid(name string) int32 { + for uid, data := range o.users { + if data.Passwd.Name == name { + return uid + } + } + return -1 +} + +func (o *Hackers) add_user_to_group(username string, groupname string) { + group, found := o.groups[groupname] + if !found { + group = make(map[string]bool) + o.groups[groupname] = group + } + group[username] = true +} |