Archived
1
0

New logging system

This commit is contained in:
Mercier Pierre-Olivier 2013-09-04 02:56:29 +02:00
parent 0c5e95b469
commit 495202128e
8 changed files with 260 additions and 165 deletions

1
.gitignore vendored
View File

@ -1 +1,2 @@
*~ *~
*.log

View File

@ -56,7 +56,7 @@ sub get($$)
my $url = shift; my $url = shift;
my $ua = LWP::UserAgent->new; my $ua = LWP::UserAgent->new;
ACU::Log::do_debug ('GET Request to ' . API_URL . $url); log(DEBUG, 'GET Request to ', API_URL, $url);
my $req = GET API_URL . $url; my $req = GET API_URL . $url;
return parse($next, $ua->request($req)->content); return parse($next, $ua->request($req)->content);
@ -68,7 +68,7 @@ sub send($$@)
my $url = shift; my $url = shift;
my $ua = LWP::UserAgent->new; my $ua = LWP::UserAgent->new;
ACU::Log::do_debug ('POST Request to ' . API_URL . $url); log(DEBUG, 'POST Request to ', API_URL, $url);
my $req = POST API_URL . $url, @_; my $req = POST API_URL . $url, @_;
return parse($next, $ua->request($req)->content); return parse($next, $ua->request($req)->content);

View File

@ -35,10 +35,10 @@ sub ldap_connect()
my $ldap = Net::LDAPS->new($ldaphost) or die ("$@"); my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");
my $mesg = $ldap->bind($binddn, password => $bindsecret) or die ("$@"); my $mesg = $ldap->bind($binddn, password => $bindsecret) or die ("$@");
ACU::Log::do_debug("Connect to LDAP with $binddn"); log(DEBUG, "Connect to LDAP with $binddn");
if ($mesg->code) { if ($mesg->code) {
ACU::Log::do_err("An error occurred: " .ldap_error_text($mesg->code)); log(FATAL, "An error occurred: " .ldap_error_text($mesg->code));
} }
return $ldap; return $ldap;
@ -49,10 +49,10 @@ sub ldap_connect_anon()
my $ldap = Net::LDAPS->new($ldaphost) or die ("$@"); my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");
my $mesg = $ldap->bind or die ("$@"); my $mesg = $ldap->bind or die ("$@");
ACU::Log::do_debug("Connect to LDAP anonymously"); log(DEBUG, "Connect to LDAP anonymously");
if ($mesg->code) { if ($mesg->code) {
ACU::Log::do_err("An error occurred: " .ldap_error_text($mesg->code)); log(FATAL, "An error occurred: " .ldap_error_text($mesg->code));
} }
return $ldap; return $ldap;
@ -70,7 +70,7 @@ sub add_group($$$;$)
my $dn = "cn=$cn,ou=$year,ou=$ou,ou=groups,dc=acu,dc=epita,dc=fr"; my $dn = "cn=$cn,ou=$year,ou=$ou,ou=groups,dc=acu,dc=epita,dc=fr";
ACU::Log::do_debug("Add group $dn"); log(DEBUG, "Add group $dn");
my $mesg = $ldap->add( $dn, my $mesg = $ldap->add( $dn,
attrs => [ attrs => [
@ -78,7 +78,7 @@ sub add_group($$$;$)
cn => $cn, cn => $cn,
] ]
); );
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; } if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
return $dn; return $dn;
} }
@ -91,19 +91,19 @@ sub delete_group($$;$)
my $ldap = ldap_connect(); my $ldap = ldap_connect();
ACU::Log::do_debug("Delete group ou=groups,dc=acu,dc=epita,dc=fr"); log(DEBUG, "Delete group ou=groups,dc=acu,dc=epita,dc=fr");
my $mesg = $ldap->search( # search my $mesg = $ldap->search( # search
base => "ou=groups,dc=acu,dc=epita,dc=fr", base => "ou=groups,dc=acu,dc=epita,dc=fr",
filter => "cn=$cn", filter => "cn=$cn",
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; } if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
if ($mesg->count != 1) { ACU::Log::do_warn("$cn not found or multiple entries match"); return 0; } if ($mesg->count != 1) { log(WARN, "$cn not found or multiple entries match"); return 0; }
$ldap->delete( $mesg->entry(0)->dn ); $ldap->delete( $mesg->entry(0)->dn );
$ldap->unbind or ACU::Log::do_warn ("couldn't disconnect correctly"); $ldap->unbind or log(WARN, "couldn't disconnect correctly");
} }
sub get_year(;$) sub get_year(;$)
@ -127,8 +127,8 @@ sub get_dn($$@)
attrs => @_, attrs => @_,
scope => "base" scope => "base"
); );
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return undef; } if ($mesg->code != 0) { log(WARN, $mesg->error); return undef; }
if ($mesg->count != 1) { ACU::Log::do_warn("$dn not found or multiple entries match"); return undef; } if ($mesg->count != 1) { log(WARN, "$dn not found or multiple entries match"); return undef; }
return $mesg->entry(0); return $mesg->entry(0);
} }
@ -148,12 +148,12 @@ sub add_attribute($$$@)
if (! grep { /^\Q$value\E$/ } @data) { if (! grep { /^\Q$value\E$/ } @data) {
$mod = 1; $mod = 1;
ACU::Log::do_debug("Add attribute $value to $dn"); log(DEBUG, "Add attribute $value to $dn");
push @data, $value; push @data, $value;
} }
else { else {
ACU::Log::do_warn("Attribute $what with value $value for $dn already exists."); log(WARN, "Attribute $what with value $value for $dn already exists.");
} }
} }
@ -162,7 +162,7 @@ sub add_attribute($$$@)
$entry->replace($what => \@data) or die $!; $entry->replace($what => \@data) or die $!;
my $mesg = $entry->update($ldap) or die $!; my $mesg = $entry->update($ldap) or die $!;
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; } if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
return 1; return 1;
} }
@ -184,13 +184,13 @@ sub delete_attribute($$$@)
for my $value (@_) for my $value (@_)
{ {
if (grep { /^\Q$value\E$/ } @data) { if (grep { /^\Q$value\E$/ } @data) {
ACU::Log::do_debug("Remove attribute $what ($value) from $dn"); log(DEBUG, "Remove attribute $what ($value) from $dn");
@data = grep { ! /^\Q$value\E$/ } @data; @data = grep { ! /^\Q$value\E$/ } @data;
$mod = 1; $mod = 1;
} }
else { else {
ACU::Log::do_warn("No attribute $what with value $value for $dn"); log(WARN, "No attribute $what with value $value for $dn");
} }
} }
@ -198,7 +198,7 @@ sub delete_attribute($$$@)
{ {
$entry->replace($what => \@data) or die $!; $entry->replace($what => \@data) or die $!;
my $mesg = $entry->update($ldap) or die $!; my $mesg = $entry->update($ldap) or die $!;
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; } if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
return 1; return 1;
} }
else { else {
@ -212,7 +212,7 @@ sub delete_entry($$)
my $mesg = $ldap->delete( shift ); my $mesg = $ldap->delete( shift );
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; } if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
return 1; return 1;
} }
@ -224,7 +224,7 @@ sub flush_attribute($$@)
my $mesg = $ldap->modify($dn, delete => \@_)->code; my $mesg = $ldap->modify($dn, delete => \@_)->code;
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; } if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
return 1; return 1;
} }
@ -254,12 +254,33 @@ sub search_dn($$@)
attrs => [ ], attrs => [ ],
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return undef; } if ($mesg->code != 0) { log(WARN, $mesg->error); return undef; }
if ($mesg->count != 1) { ACU::Log::do_warn("$filter not found or multiple entries match"); return undef; } if ($mesg->count != 1) { log(WARN, "$filter not found or multiple entries match"); return undef; }
return $mesg->entry(0)->dn; return $mesg->entry(0)->dn;
} }
sub search_dns($$$@)
{
my $ldap = shift // ldap_connect();
my $base = shift;
my $filter = shift;
if ($base) {
$base .= ","
}
my $mesg = $ldap->search( # search
base => $base."dc=acu,dc=epita,dc=fr",
filter => $filter,
attrs => @_,
scope => "sub"
);
if ($mesg->code != 0) { log(WARN, $mesg->error); return undef; }
return $mesg->entries;
}
sub update_attribute($$$@) sub update_attribute($$$@)
{ {
my $ldap = shift // ldap_connect(); my $ldap = shift // ldap_connect();
@ -271,7 +292,7 @@ sub update_attribute($$$@)
my $mesg = $entry->update($ldap); my $mesg = $entry->update($ldap);
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_warn($mesg->error); log(WARN, $mesg->error);
return 0; return 0;
} }

View File

@ -1,51 +1,100 @@
#! /usr/bin/env perl
package ACU::Log; package ACU::Log;
use v5.10.1; use v5.10.1;
use strict; use strict;
use warnings; use warnings;
use Term::ANSIColor qw(:constants);
use Data::Dumper; use Data::Dumper;
use Exporter 'import';
use POSIX qw(strftime);
use Term::ANSIColor qw(:constants);
our $verbosity = 1; use constant {
our $debug = 1; FATAL => 1,
ERROR2 => 2,
ERROR => 3,
WARN4 => 4,
WARN => 5,
USAGE => 6,
INFO => 7,
DEBUG => 8,
TRACE => 9,
};
sub do_err(@) our @EXPORT = qw(log FATAL ERROR2 ERROR WARN4 WARN USAGE INFO DEBUG TRACE);
our $display_level = 7;
our $save_level = 9;
our $fatal_error = 1;
our $fatal_warn = 0;
our $log_file = $0.".log";
my $log_fd;
sub log($@)
{ {
say BOLD, RED, ">>>", RESET, " ", BOLD, @_, RESET; my $level = shift;
exit(1);
if (!$log_fd && $log_file) {
open ($log_fd, ">>", $log_file) or die("Unable to open log ($log_file) file for writing");
say $log_fd strftime("%a %b %e %H:%M:%S %Y", localtime), " START new logging session ";
} }
sub do_usage(@) if ($level <= $save_level and $log_fd) {
{ print $log_fd strftime("%a %b %e %H:%M:%S %Y", localtime), " ", levelstr($level), " ";
say BOLD, MAGENTA, " * ", RESET, " ", BOLD, @_, RESET;
if ($level >= TRACE) {
print $log_fd Dumper(@_);
}
else {
say $log_fd @_;
}
}
if ($level <= $display_level) {
say (leveldisp($level), @_, RESET);
} }
sub do_warn(@) if ($fatal_warn && $level <= WARN){
{ #TODO Thibaut
say BOLD, YELLOW, ">>>", RESET, " ", BOLD, @_, RESET; #log(INFO, "Program stopped due to warning");
exit 125;
} }
elsif ($fatal_error && $level <= ERROR) {
sub do_info(@) #TODO Thibaut
{ #log(INFO, "Program stopped due to error");
if ($verbosity) { exit 126;
say BOLD, CYAN, " * ", RESET, " ", @_, RESET; }
elsif ($level <= FATAL) {
#TODO Thibaut
#log(INFO, "Program stopped due to fatal error");
exit 127;
} }
} }
sub do_debug(@) sub levelstr($)
{ {
if ($debug) { my $level = shift;
say BOLD, BLUE, " * ", RESET, " ", @_, RESET;
} return "FATAL" if ($level == 1);
return "ERROR" if ($level == 3 or $level == 2);
return "WARN " if ($level == 5 or $level == 4);
return "USAGE" if ($level == 6);
return "INFO " if ($level == 7);
return "DEBUG" if ($level == 8);
return "TRACE";
} }
sub do_dump(@) sub leveldisp($)
{ {
if ($debug) { my $level = shift;
print Dumper(@_);
} return BOLD, ON_RED, YELLOW, "/!\\", RESET, " ", BOLD if ($level == 1);
return BOLD, ON_RED, ">>>", RESET, " ", BOLD if ($level == 2);
return BOLD, RED, ">>>", RESET, " ", BOLD if ($level == 3);
return BOLD, YELLOW, ">>>", RESET, " ", BOLD if ($level == 5 or $level == 4);
return BOLD, MAGENTA, " * ", RESET, " ", BOLD if ($level == 6);
return BOLD, CYAN, " * ", RESET, " " if ($level == 7);
return BOLD, BLUE, " % ", RESET, " " if ($level == 8);
return BOLD, BLUE, "#", RESET, " ";
} }
1; 1;

View File

@ -41,8 +41,8 @@ sub do_work ($$$@)
my $given_args = shift; my $given_args = shift;
my $priority = shift; my $priority = shift;
ACU::Log::do_debug("Starting job"); log(DEBUG, "Starting job");
ACU::Log::do_dump($_[0]); log(TRACE, $_[0]{argref});
my $old = 0; my $old = 0;
# Check the load isn't to high for this process # Check the load isn't to high for this process

View File

@ -12,17 +12,12 @@ BEGIN {
use ACU::Process; use ACU::Process;
use ACU::API::Base; use ACU::API::Base;
use ACU::Log;
sub process sub check_key($)
{ {
my ($given_args, $args) = @_;
my ($fh, $filename) = tempfile();
# Write key to file
print $fh $args->{param}{key};
# Call ssh-keygen # Call ssh-keygen
if (`ssh-keygen -l -f $filename 2> /dev/null` =~ /^([0-9]+) [0-9a-f:]+ [a-zA-Z0-9\/_-]+ \(([A-Z]+)\)$/) if (`ssh-keygen -l -f ".shift." 2> /dev/null` =~ /^([0-9]+) [0-9a-f:]+ [a-zA-Z0-9\/_-]+ \(([A-Z]+)\)$/)
{ {
if ($2 eq "RSA") { if ($2 eq "RSA") {
if ($1 >= 4096) { if ($1 >= 4096) {
@ -38,13 +33,33 @@ sub process
elsif ($2 eq "DSA") { elsif ($2 eq "DSA") {
return API::Base::make_response("3", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa"); return API::Base::make_response("3", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa");
} }
else {
do_warn("");
return API::Base::make_response("3", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa");
}
} }
else { else {
return API::Base::make_response("4", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa"); return API::Base::make_response("4", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa");
} }
}
sub process
{
my ($given_args, $args) = @_;
my ($fh, $filename) = tempfile();
# Write key to file
print $fh $args->{param}{key};
close $fh; close $fh;
check_key $filename;
unlink $filename; unlink $filename;
} }
if (@ARGV) {
check_key
}
else {
Process::register("check_ssh_key", \&process); Process::register("check_ssh_key", \&process);
}

View File

@ -58,6 +58,8 @@ sub _add($$$)
my $cnt_type = $_get_type->($args->{param}); my $cnt_type = $_get_type->($args->{param});
ACU::Log::do_dump($args);
# Add content if any # Add content if any
for (my $i = $args->{unamed}; $i > 0; $i--) { for (my $i = $args->{unamed}; $i > 0; $i--) {
LDAP::add_attribute($ldap, $dn, $cnt_type, $args->{param}{$i}); LDAP::add_attribute($ldap, $dn, $cnt_type, $args->{param}{$i});

205
utils/lpt
View File

@ -146,7 +146,7 @@ sub cmd_account(@)
my $login = shift; my $login = shift;
if (! $login) { if (! $login) {
ACU::Log::do_usage ("lpt account <login> <command> [arguments ...]"); log(USAGE, "lpt account <login> <command> [arguments ...]");
return 1; return 1;
} }
@ -157,7 +157,7 @@ sub cmd_account(@)
-sections => [ 'ACCOUNT COMMANDS' ] ); -sections => [ 'ACCOUNT COMMANDS' ] );
} }
elsif (! exists $cmds_account{$subcmd}) { elsif (! exists $cmds_account{$subcmd}) {
ACU::Log::do_usage ("Unknown command for account: ". $subcmd); log(USAGE, "Unknown command for account: ". $subcmd);
return 1; return 1;
} }
@ -174,7 +174,7 @@ sub cmd_account_close($@)
my $login = shift; my $login = shift;
if ($#_ > -1) { if ($#_ > -1) {
ACU::Log::do_usage ("<lpt> account <login> close"); log(USAGE, "<lpt> account <login> close");
return -1; return -1;
} }
@ -187,14 +187,14 @@ sub cmd_account_close($@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err ($mesg->error); log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found or multiple presence"); log(ERROR, "User $login not found or multiple presence");
} }
if (grep { "epitaAccount" } $mesg->entry(0)->get_value("objectClass")) { if (grep { "epitaAccount" } $mesg->entry(0)->get_value("objectClass")) {
ACU::Log::do_info ("Invalidating password for $login ..."); log(INFO, "Invalidating password for $login ...");
my $passwd = $mesg->entry(0)->get_value("userPassword"); my $passwd = $mesg->entry(0)->get_value("userPassword");
$passwd =~ s/^(\{[^\}]+\})/$1!/ if ($passwd !~ /^\{[^\}]+\}!/); $passwd =~ s/^(\{[^\}]+\})/$1!/ if ($passwd !~ /^\{[^\}]+\}!/);
@ -206,11 +206,11 @@ sub cmd_account_close($@)
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
if (grep { "posixAccount" } $mesg->entry(0)->get_value("objectClass")) { if (grep { "posixAccount" } $mesg->entry(0)->get_value("objectClass")) {
ACU::Log::do_debug ("Setting shell for $login ..."); log(DEBUG, "Setting shell for $login ...");
cmd_account_shell($login, "/bin/false"); cmd_account_shell($login, "/bin/false");
} }
ACU::Log::do_warn ("Done. Don't forget to restart nscd on servers and workstations!"); log(WARN, "Done. Don't forget to restart nscd on servers and workstations!");
return 0; return 0;
} }
@ -224,13 +224,13 @@ sub cmd_account_create($@)
my $login = shift; my $login = shift;
if ($#_ < 3) { if ($#_ < 3) {
ACU::Log::do_usage ("lpt account <login> create <year> <uid> <prénom> <nom> [nopass|passgen|password]"); log(USAGE, "lpt account <login> create <year> <uid> <prénom> <nom> [nopass|passgen|password]");
return 1; return 1;
} }
my $group = shift; my $group = shift;
ACU::Log::do_debug ("Adding dn: uid=$login,ou=$group,ou=users,dc=acu,dc=epita,dc=fr ..."); log(DEBUG, "Adding dn: uid=$login,ou=$group,ou=users,dc=acu,dc=epita,dc=fr ...");
my $ldap = LDAP::ldap_connect(); my $ldap = LDAP::ldap_connect();
my $mesg = $ldap->add( "uid=$login,ou=$group,ou=users,dc=acu,dc=epita,dc=fr", my $mesg = $ldap->add( "uid=$login,ou=$group,ou=users,dc=acu,dc=epita,dc=fr",
@ -246,13 +246,13 @@ sub cmd_account_create($@)
#$ldap->unbind or die ("couldn't disconnect correctly"); #$ldap->unbind or die ("couldn't disconnect correctly");
if ($mesg->code == 0) { if ($mesg->code == 0) {
ACU::Log::do_info("Account added: $login"); log(INFO, "Account added: $login");
my $pass = shift; my $pass = shift;
return cmd_account($login, $pass) if ($pass ne "nopass"); return cmd_account($login, $pass) if ($pass ne "nopass");
return 0; return 0;
} }
else { else {
ACU::Log::do_err ("Unable to add: $login: ", RESET, $mesg->error); log(ERROR, "Unable to add: $login: ", RESET, $mesg->error);
} }
} }
@ -266,7 +266,7 @@ sub cmd_account_grantintra($@)
LDAP::add_attribute($ldap, $dn, "objectClass", "intraAccount"); LDAP::add_attribute($ldap, $dn, "objectClass", "intraAccount");
ACU::Log::do_info ("$login now grants to use the intranet."); log(INFO, "$login now grants to use the intranet.");
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
} }
@ -277,7 +277,7 @@ sub cmd_account_grantlab($@)
my $group = shift; my $group = shift;
if ($group ne "acu" && $group ne "yaka") { if ($group ne "acu" && $group ne "yaka") {
ACU::Log::do_usage ("lpt account <login> grantlab <acu|yaka>"); log(USAGE, "lpt account <login> grantlab <acu|yaka>");
return 1; return 1;
} }
@ -294,7 +294,7 @@ sub cmd_account_grantlab($@)
LDAP::add_attribute($ldap, $dn, "objectClass", "MailAccount"); LDAP::add_attribute($ldap, $dn, "objectClass", "MailAccount");
LDAP::add_attribute($ldap, $dn, "objectClass", "labAccount"); LDAP::add_attribute($ldap, $dn, "objectClass", "labAccount");
ACU::Log::do_info ("$login now grants to receive e-mail and connect in laboratory."); log(INFO, "$login now grants to receive e-mail and connect in laboratory.");
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
} }
@ -317,24 +317,24 @@ sub cmd_account_nopass($@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err ($mesg->error); log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found"); log(ERROR, "User $login not found");
} }
my $pass = $mesg->entry(0)->get_value("userPassword"); my $pass = $mesg->entry(0)->get_value("userPassword");
if (! $pass || $pass eq "{crypt}!toto") { if (! $pass || $pass eq "{crypt}!toto") {
$mesg = $ldap->unbind; $mesg = $ldap->unbind;
ACU::Log::do_warn ("Password already empty"); log(WARN, "Password already empty");
return 2; return 2;
} }
else { else {
printf(STDERR "Are you sure you want to reset password for $login? [y/N] "); printf(STDERR "Are you sure you want to reset password for $login? [y/N] ");
if (getc(STDIN) ne "y") { if (getc(STDIN) ne "y") {
ACU::Log::do_debug ("y response expected to continue; leaving."); log(DEBUG, "y response expected to continue; leaving.");
ACU::Log::do_warn ("Password unchanged for $login."); log(WARN, "Password unchanged for $login.");
return 2; return 2;
} }
@ -345,16 +345,16 @@ sub cmd_account_nopass($@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err ($mesg->error); log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found"); log(ERROR, "User $login not found");
} }
$mesg->entry(0)->replace("userPassword" => "{crypt}!toto"); $mesg->entry(0)->replace("userPassword" => "{crypt}!toto");
$mesg->entry(0)->update($ldap); $mesg->entry(0)->update($ldap);
ACU::Log::do_info ("$login have no more password."); log(INFO, "$login have no more password.");
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
@ -368,20 +368,21 @@ sub cmd_account_passgen($@)
my $nb_char = shift // 10; my $nb_char = shift // 10;
if ($nb_char < 10) { if ($nb_char < 10) {
ACU::Log::do_usage ("lpt account <login> passgen [nb_char>=10]"); log(USAGE, "lpt account <login> passgen [nb_char>=10]");
return 1; return 1;
} }
printf(STDERR "Are you sure you want to change password for $login? [y/N] "); #printf(STDERR "Are you sure you want to change password for $login? [y/N] ");
my $go = <STDIN>; # my $go = <STDIN>;
chomp $go; # chomp $go;
if ($go ne "y" and $go ne "yes") { # if ($go ne "y" and $go ne "yes") {
ACU::Log::do_debug ("y response expected to continue, leaving."); # log(DEBUG, "y response expected to continue, leaving.");
ACU::Log::do_warn ("Password unchanged for $login."); # log(WARN, "Password unchanged for $login.");
return 2; # return 2;
} # }
#
ACU::Log::do_debug ("Generating a $nb_char chars password..."); log(DEBUG, "Generating a $nb_char chars password...");
my $pass = ""; my $pass = "";
open (HANDLE, "pwgen -s -n -c -y -1 $nb_char 1 |"); open (HANDLE, "pwgen -s -n -c -y -1 $nb_char 1 |");
while(<HANDLE>) { while(<HANDLE>) {
@ -390,7 +391,7 @@ sub cmd_account_passgen($@)
close(HANDLE); close(HANDLE);
chomp($pass); chomp($pass);
ACU::Log::do_debug ("Setting $pass password to $login..."); log(DEBUG, "Setting $pass password to $login...");
if (cmd_account_password($login, $pass)) { if (cmd_account_password($login, $pass)) {
return 3; return 3;
} }
@ -405,7 +406,7 @@ sub cmd_account_password($@)
my $login = shift; my $login = shift;
if ($#_ > 0) { if ($#_ > 0) {
ACU::Log::do_usage ("lpt account <login> password [new_password]"); log(USAGE, "lpt account <login> password [new_password]");
return 1; return 1;
} }
my $pass = shift; my $pass = shift;
@ -419,14 +420,14 @@ sub cmd_account_password($@)
ReadMode("restore"); ReadMode("restore");
print "\n"; print "\n";
ACU::Log::do_debug ("Read passwords: $pass1 and $pass2"); log(DEBUG, "Read passwords: $pass1 and $pass2");
$pass1 eq $pass2 || ACU::Log::do_err ("Passwords did not match."); $pass1 eq $pass2 || log(ERROR, "Passwords did not match.");
$pass = $pass1; $pass = $pass1;
} }
if ($pass eq "") { if ($pass eq "") {
ACU::Log::do_err ("Empty password refused."); log(ERROR, "Empty password refused.");
} }
chomp($pass); chomp($pass);
@ -447,10 +448,10 @@ sub cmd_account_password($@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err $mesg->error; log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found"); log(ERROR, "User $login not found");
} }
$mesg->entry(0)->replace("userPassword" => $enc_password); $mesg->entry(0)->replace("userPassword" => $enc_password);
@ -469,7 +470,7 @@ sub cmd_account_reopen(@)
my $login = shift; my $login = shift;
if ($#_ != -1) { if ($#_ != -1) {
ACU::Log::do_usage ("<lpt> account <login> reopen"); log(USAGE, "<lpt> account <login> reopen");
return 1; return 1;
} }
@ -482,17 +483,17 @@ sub cmd_account_reopen(@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err ($mesg->error); log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found or multiple presence"); log(ERROR, "User $login not found or multiple presence");
} }
if (grep { "epitaAccount" } $mesg->entry(0)->get_value("objectClass")) { if (grep { "epitaAccount" } $mesg->entry(0)->get_value("objectClass")) {
# update password # update password
my $passwd = $mesg->entry(0)->get_value("userPassword"); my $passwd = $mesg->entry(0)->get_value("userPassword");
if ($passwd =~ /^\{[^\}]+\}!/) { if ($passwd =~ /^\{[^\}]+\}!/) {
ACU::Log::do_info ("Restoring password for $login ..."); log(INFO, "Restoring password for $login ...");
$passwd =~ s/^(\{[^\}]+\})!/$1/; $passwd =~ s/^(\{[^\}]+\})!/$1/;
@ -504,11 +505,11 @@ sub cmd_account_reopen(@)
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
if (grep { "posixAccount" } $mesg->entry(0)->get_value("objectClass")) { if (grep { "posixAccount" } $mesg->entry(0)->get_value("objectClass")) {
ACU::Log::do_debug ("Setting shell for $login ..."); log(DEBUG, "Setting shell for $login ...");
cmd_account_shell($login, $shellValid); cmd_account_shell($login, $shellValid);
} }
ACU::Log::do_warn ("Done. Don't forget to restart nscd on servers and workstations!"); log(WARN, "Done. Don't forget to restart nscd on servers and workstations!");
return 0; return 0;
} }
@ -536,7 +537,7 @@ sub cmd_account_multiple_vieworchange($$$@)
my $change = shift; my $change = shift;
if (($action ne "list" and $action ne "add" and $action ne "del" and $action ne "flush") or (!$change and $action ne "list" and $action ne "flush")) { if (($action ne "list" and $action ne "add" and $action ne "del" and $action ne "flush") or (!$change and $action ne "list" and $action ne "flush")) {
ACU::Log::do_usage ("<lpt> account <login> $typeName [list|add|del|flush] [string]"); log(USAGE, "<lpt> account <login> $typeName [list|add|del|flush] [string]");
return 1; return 1;
} }
@ -550,14 +551,14 @@ sub cmd_account_multiple_vieworchange($$$@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err ($mesg->error); log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found or multiple presence"); log(ERROR, "User $login not found or multiple presence");
} }
if ($action eq "add") { if ($action eq "add") {
ACU::Log::do_info ("Adding $change as ".$typeName."s for $login ..."); log(INFO, "Adding $change as ".$typeName."s for $login ...");
my @data = $mesg->entry(0)->get_value($type); my @data = $mesg->entry(0)->get_value($type);
if (! grep(/^$change$/, @data)) { if (! grep(/^$change$/, @data)) {
@ -565,42 +566,42 @@ sub cmd_account_multiple_vieworchange($$$@)
$mesg->entry(0)->replace($type => \@data) or die $!; $mesg->entry(0)->replace($type => \@data) or die $!;
$mesg->entry(0)->update($ldap) or die $!; $mesg->entry(0)->update($ldap) or die $!;
ACU::Log::do_info ("Done!"); log(INFO, "Done!");
} }
else { else {
ACU::Log::do_warn ("$login has already $change $typeName."); log(WARN, "$login has already $change $typeName.");
} }
} }
elsif ($action eq "del") { elsif ($action eq "del") {
ACU::Log::do_info ("Checking if $change is a ".$typeName."s of $login ..."); log(INFO, "Checking if $change is a ".$typeName."s of $login ...");
my @data = $mesg->entry(0)->get_value($type); my @data = $mesg->entry(0)->get_value($type);
if (grep(/^$change$/, @data)) { if (grep(/^$change$/, @data)) {
ACU::Log::do_info ("Deleting $change as $typeName for $login ..."); log(INFO, "Deleting $change as $typeName for $login ...");
@data = grep(!/$change$/, @data); @data = grep(!/$change$/, @data);
$mesg->entry(0)->replace($type => \@data) or die $!; $mesg->entry(0)->replace($type => \@data) or die $!;
$mesg->entry(0)->update($ldap) or die $!; $mesg->entry(0)->update($ldap) or die $!;
ACU::Log::do_info ("Done!"); log(INFO, "Done!");
} }
else { else {
ACU::Log::do_warn ("$change is not a $typeName for $login."); log(WARN, "$change is not a $typeName for $login.");
} }
} }
elsif ($action eq "flush") { elsif ($action eq "flush") {
$ldap->modify($mesg->entry(0)->dn, delete => [$type]); $ldap->modify($mesg->entry(0)->dn, delete => [$type]);
ACU::Log::do_info ("$login have no more $typeName."); log(INFO, "$login have no more $typeName.");
} }
else { else {
if ($mesg->entry(0)->get_value($type)) { if ($mesg->entry(0)->get_value($type)) {
ACU::Log::do_info ($login."'s ".$typeName."s are:"); log(INFO, $login."'s ".$typeName."s are:");
for my $val ($mesg->entry(0)->get_value($type)) { for my $val ($mesg->entry(0)->get_value($type)) {
say " - $val"; say " - $val";
} }
} }
else { else {
ACU::Log::do_info ("$login have no $typeName."); log(INFO, "$login have no $typeName.");
} }
} }
@ -615,7 +616,7 @@ sub cmd_account_vieworchange($$@)
my $login = shift; my $login = shift;
if ($#_ > 0) { if ($#_ > 0) {
ACU::Log::do_usage ("<lpt> account <login> $typeName [new_string]"); log(USAGE, "<lpt> account <login> $typeName [new_string]");
return 1; return 1;
} }
@ -632,22 +633,25 @@ sub cmd_account_vieworchange($$@)
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { if ($mesg->code != 0) {
ACU::Log::do_err ($mesg->error); log(ERROR, $mesg->error);
} }
if ($mesg->count != 1) { if ($mesg->count != 1) {
ACU::Log::do_err ("User $login not found or multiple presence"); log(ERROR, "User $login not found or multiple presence");
} }
if ($change) { if ($change) {
ACU::Log::do_info ("Setting $typeName to $change for $login ..."); log(INFO, "Setting $typeName to $change for $login ...");
$mesg->entry(0)->replace($type => $change) or die $!; $mesg->entry(0)->replace($type => $change) or die $!;
$mesg->entry(0)->update($ldap) or die $!; $mesg->entry(0)->update($ldap) or die $!;
ACU::Log::do_info ("Done!"); log(INFO, "Done!");
}
elsif ($mesg->entry(0)->get_value($type)) {
log(INFO, $login."'s $typeName is ".$mesg->entry(0)->get_value($type).".");
} }
else { else {
ACU::Log::do_info ($login."'s $typeName is ".$mesg->entry(0)->get_value($type)."."); log(INFO, $login."'s has no $typeName.");
} }
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
@ -664,12 +668,12 @@ sub cmd_account_view($@)
filter => "uid=$login", filter => "uid=$login",
attrs => ['objectClass']); attrs => ['objectClass']);
$mesg->code && ACU::Log::do_err ($mesg->error); $mesg->code && log(ERROR, $mesg->error);
if ($mesg->count <= 0) { if ($mesg->count <= 0) {
ACU::Log::do_err ("No such account!"); log(ERROR, "No such account!");
} }
ACU::Log::do_debug ("objectClasses:\t" . join(', ', $mesg->entry(0)->get_value("objectClass"))); log(DEBUG, "objectClasses:\t" . join(', ', $mesg->entry(0)->get_value("objectClass")));
my @attrs = ['dn', 'ou']; my @attrs = ['dn', 'ou'];
if ($#_ >= 0) { if ($#_ >= 0) {
@ -693,7 +697,7 @@ sub cmd_account_view($@)
} }
} }
ACU::Log::do_debug ("attrs to get: " . join(', ', @attrs)); log(DEBUG, "attrs to get: " . join(', ', @attrs));
$mesg = $ldap->search(base => "ou=users,dc=acu,dc=epita,dc=fr", $mesg = $ldap->search(base => "ou=users,dc=acu,dc=epita,dc=fr",
filter => "uid=$login", filter => "uid=$login",
attrs => \@attrs); attrs => \@attrs);
@ -735,7 +739,7 @@ sub cmd_group(@)
my $gname = shift; my $gname = shift;
if (! $gname) { if (! $gname) {
ACU::Log::do_usage ("lpt group <group-name> <command> [arguments ...]"); log(USAGE, "lpt group <group-name> <command> [arguments ...]");
return 1; return 1;
} }
@ -746,7 +750,7 @@ sub cmd_group(@)
-sections => [ 'GROUP COMMANDS' ] ); -sections => [ 'GROUP COMMANDS' ] );
} }
elsif (! exists $cmds_group{$subcmd}) { elsif (! exists $cmds_group{$subcmd}) {
ACU::Log::do_usage ("Unknown command for group: ". $subcmd); log(USAGE, "Unknown command for group: ". $subcmd);
return 1; return 1;
} }
@ -757,7 +761,7 @@ sub cmd_group_list(@)
{ {
if ($#ARGV > 0) if ($#ARGV > 0)
{ {
ACU::Log::do_usage ("<lpt> group list [group]"); log(USAGE, "<lpt> group list [group]");
exit(1); exit(1);
} }
@ -807,7 +811,7 @@ sub cmd_group_add(@)
{ {
if ($#ARGV < 1) if ($#ARGV < 1)
{ {
ACU::Log::do_usage ("<lpt> group add <group> <login>"); log(USAGE, "<lpt> group add <group> <login>");
exit(1); exit(1);
} }
@ -857,7 +861,7 @@ sub cmd_group_remove(@)
{ {
if ($#ARGV < 1) if ($#ARGV < 1)
{ {
ACU::Log::do_usage ("<lpt> group remove <group> <login>"); log(USAGE, "<lpt> group remove <group> <login>");
exit(1); exit(1);
} }
@ -913,7 +917,7 @@ sub cmd_group_create($$)
{ {
if ($#_ != 1) if ($#_ != 1)
{ {
ACU::Log::do_usage ("<lpt> group create <yaka|acu> <year>"); log(USAGE, "<lpt> group create <yaka|acu> <year>");
exit(1); exit(1);
} }
@ -928,7 +932,7 @@ sub cmd_group_create($$)
$gid = $year - 1000; $gid = $year - 1000;
} }
else { else {
ACU::Log::do_err ("Error: type must be acu or yaka!"); log(ERROR, "Error: type must be acu or yaka!");
} }
my $ldap = LDAP::ldap_connect(); my $ldap = LDAP::ldap_connect();
@ -944,14 +948,14 @@ sub cmd_group_create($$)
$ldap->unbind or die ("couldn't disconnect correctly"); $ldap->unbind or die ("couldn't disconnect correctly");
ACU::Log::do_info ("group added: $cn"); log(INFO, "group added: $cn");
} }
sub cmd_group_delete(@) sub cmd_group_delete(@)
{ {
if ($#ARGV != 1) if ($#ARGV != 1)
{ {
ACU::Log::do_usage ("<lpt> group delete <yaka|acu> <year>"); log(USAGE, "<lpt> group delete <yaka|acu> <year>");
exit(1); exit(1);
} }
@ -976,7 +980,7 @@ sub cmd_list(@)
-sections => [ 'LIST COMMANDS' ] ); -sections => [ 'LIST COMMANDS' ] );
} }
elsif (! exists $cmds_list{$subcmd}) { elsif (! exists $cmds_list{$subcmd}) {
ACU::Log::do_usage ("Unknown command for list: ". $subcmd); log(USAGE, "Unknown command for list: ". $subcmd);
return 1; return 1;
} }
@ -987,10 +991,10 @@ sub cmd_list_accounts(@)
{ {
if ($#_ > 1) if ($#_ > 1)
{ {
ACU::Log::do_usage ("<lpt> list account [open|close|services]"); log(USAGE, "<lpt> list account [open|close|services]");
exit(1); exit(1);
} }
my $action = shift; my $action = shift // "open";
my $shellFalse = "/bin/false"; my $shellFalse = "/bin/false";
my $ldap = LDAP::ldap_connect(); my $ldap = LDAP::ldap_connect();
@ -1002,7 +1006,7 @@ sub cmd_list_accounts(@)
attrs => [ 'dn', 'userPassword' ]); attrs => [ 'dn', 'userPassword' ]);
$mesg->code && die $mesg->error; $mesg->code && die $mesg->error;
if ($mesg->count == 0) { if ($mesg->count == 0) {
ACU::Log::do_warn ("No account found"); log(WARN, "No account found");
} }
else { else {
for my $entry ($mesg->entries) { for my $entry ($mesg->entries) {
@ -1022,7 +1026,7 @@ sub cmd_list_accounts(@)
attrs => [ 'userPassword' ]); attrs => [ 'userPassword' ]);
$mesg->code && die $mesg->error; $mesg->code && die $mesg->error;
if ($mesg->count == 0) { if ($mesg->count == 0) {
ACU::Log::do_warn ("No account found"); log(WARN, "No account found");
} }
else { else {
for my $entry ($mesg->entries) { for my $entry ($mesg->entries) {
@ -1044,7 +1048,7 @@ sub cmd_list_accounts(@)
attrs => [ 'uid', 'labService' ]); attrs => [ 'uid', 'labService' ]);
$mesg->code && die $mesg->error; $mesg->code && die $mesg->error;
if ($mesg->count == 0) { if ($mesg->count == 0) {
ACU::Log::do_warn ("No account found!"); log(WARN, "No account found!");
} }
else { else {
for my $entry ($mesg->entries) { for my $entry ($mesg->entries) {
@ -1119,7 +1123,7 @@ sub cmd_account_quota_set($@)
if ($#_ > 2) if ($#_ > 2)
{ {
ACU::Log::do_usage ("<lpt> account <login> quota <volume> <type> <value>"); log(USAGE, "<lpt> account <login> quota <volume> <type> <value>");
return 1; return 1;
} }
@ -1129,10 +1133,10 @@ sub cmd_account_quota_set($@)
# check args # check args
if (!($volume eq "home" || $volume eq "sgoinfre")) { if (!($volume eq "home" || $volume eq "sgoinfre")) {
ACU::Log::do_err("Volume must be home or sgoinfre; given: $volume"); log(ERROR, "Volume must be home or sgoinfre; given: $volume");
} }
if (!($type eq "file" || $type eq "block")) { if (!($type eq "file" || $type eq "block")) {
ACU::Log::do_err("Type must be file or block; given: $type"); log(ERROR, "Type must be file or block; given: $type");
} }
# generate quotaName # generate quotaName
@ -1151,8 +1155,8 @@ sub cmd_account_quota_set($@)
attrs => [ $quotaName ], attrs => [ $quotaName ],
scope => "sub" scope => "sub"
); );
if ($mesg->code != 0) { ACU::Log::do_err($mesg->error); } if ($mesg->code != 0) { log(ERROR, $mesg->error); }
if ($mesg->count != 1) { ACU::Log::do_err("user $login not found or multiple presence"); } if ($mesg->count != 1) { log(ERROR, "user $login not found or multiple presence"); }
my $old_value = $mesg->entry(0)->get_value($quotaName); my $old_value = $mesg->entry(0)->get_value($quotaName);
if (!$old_value) { if (!$old_value) {
@ -1182,17 +1186,17 @@ sub cmd_account_quota_set($@)
$value = $old_value - $t; $value = $old_value - $t;
} }
elsif ($value !~ /^[0-9]+$/) { elsif ($value !~ /^[0-9]+$/) {
ACU::Log::do_err ("Value must be an integer or +i or -i"); log(ERROR, "Value must be an integer or +i or -i");
} }
ACU::Log::do_info ("Changing quota of $quotaName of $login to $value..."); log(INFO, "Changing quota of $quotaName of $login to $value...");
$mesg->entry(0)->replace($quotaName => $value) or die $!; $mesg->entry(0)->replace($quotaName => $value) or die $!;
$mesg->entry(0)->update($ldap) or die $!; $mesg->entry(0)->update($ldap) or die $!;
$ldap->unbind; $ldap->unbind;
ACU::Log::do_info ("Done!"); log(INFO, "Done!");
} }
sub cmd_account_quota_sync($;$) sub cmd_account_quota_sync($;$)
@ -1209,7 +1213,7 @@ sub cmd_account_quota_sync($;$)
'quotaSgoinfreBlock', 'quotaSgoinfreFile' ] 'quotaSgoinfreBlock', 'quotaSgoinfreFile' ]
); );
$mesg->code && die $mesg->error; $mesg->code && die $mesg->error;
$mesg->count == 1 || ACU::Log::do_err ("User $login not found or multiple presence"); $mesg->count == 1 || log(ERROR, "User $login not found or multiple presence");
my $quotaHomeBlock = $mesg->entry(0)->get_value("quotaHomeBlock") // $def_quota{block}{home}; my $quotaHomeBlock = $mesg->entry(0)->get_value("quotaHomeBlock") // $def_quota{block}{home};
my $quotaHomeFile = $mesg->entry(0)->get_value("quotaHomeFile") // $def_quota{file}{home}; my $quotaHomeFile = $mesg->entry(0)->get_value("quotaHomeFile") // $def_quota{file}{home};
@ -1218,10 +1222,10 @@ sub cmd_account_quota_sync($;$)
if (Quota::setqlim($dev_quota{home}, $mesg->entry(0)->get_value("uidNumber"), int(0.9 * $quotaHomeBlock), $quotaHomeBlock, int(0.9 * $quotaHomeFile), $quotaHomeFile, 1, 0) == 0 and if (Quota::setqlim($dev_quota{home}, $mesg->entry(0)->get_value("uidNumber"), int(0.9 * $quotaHomeBlock), $quotaHomeBlock, int(0.9 * $quotaHomeFile), $quotaHomeFile, 1, 0) == 0 and
Quota::setqlim($dev_quota{sgoinfre}, $mesg->entry(0)->get_value("uidNumber"), int(0.9 * $quotaHomeBlock), $quotaHomeBlock, int(0.9 * $quotaHomeFile), $quotaHomeFile, 1, 0) == 0) { Quota::setqlim($dev_quota{sgoinfre}, $mesg->entry(0)->get_value("uidNumber"), int(0.9 * $quotaHomeBlock), $quotaHomeBlock, int(0.9 * $quotaHomeFile), $quotaHomeFile, 1, 0) == 0) {
ACU::Log::do_info ($login."'s quota synchronized!"); log(INFO, $login."'s quota synchronized!");
} }
else { else {
ACU::Log::do_err ("An error occurs during quota synchronization:"); log(ERROR, "An error occurs during quota synchronization:");
Quota::strerr(); Quota::strerr();
return 2; return 2;
} }
@ -1505,18 +1509,21 @@ if ($#ARGV == -1) {
my $cmd = shift; my $cmd = shift;
if ($cmd eq "-v" or $cmd eq "--verbose" or $cmd eq "--debug") { if ($cmd eq "-v" or $cmd eq "--verbose" or $cmd eq "--debug") {
$ACU::Log::debug = 1; $ACU::Log::display_level = 8;
$cmd = shift; $cmd = shift;
} }
elsif ($cmd eq "-f" or $cmd eq "--force") { elsif ($cmd eq "-q" or $cmd eq "--quiet") {
$ACU::Log::verbosity = 0; $ACU::Log::display_level = 6;
$cmd = shift; $cmd = shift;
} }
$ACU::Log::fatal_error = 1;
$ACU::Log::fatal_warn = 0;
if (! exists $cmds{$cmd}) if (! exists $cmds{$cmd})
{ {
say BOLD, "Usage: ", RESET, "$0 ", GREEN, "command", RESET, " <arguments>"; say BOLD, "Usage: ", RESET, "$0 ", GREEN, "command", RESET, " <arguments>";
ACU::Log::do_err("Uknown command : $cmd"); log(ERROR, "Uknown command : $cmd");
} }
exit ($cmds{$cmd}(@ARGV)); exit ($cmds{$cmd}(@ARGV));