Browse code

Improvements, bugfixes and cleanups in openserctl and openserdbctl - introduce TEST variable to make save testing with a local config possible, per default disabled as this could be used from attackers to overwrite config settings - fix version string - improve help messages for lcr and cr modules - remove obselete $TABLE_TYPE from pg file - make dbctl config source consistent to ctl behaviour - remove double ETCDIR variable definition - add a variable for SERWEB tables to dbctl.base, needed by pg GRANT - fix postgresql GRANT syntax for all tables - improve some comments, small spelling fixes, remove obselete changelogs

git-svn-id: https://openser.svn.sourceforge.net/svnroot/openser/trunk@3519 689a6050-402a-0410-94f2-e92a70836424

Henning Westerholt authored on 10/01/2008 12:45:43
Showing 9 changed files
... ...
@@ -7,9 +7,9 @@
7 7
 #===================================================================
8 8
 
9 9
 PATH=$PATH:/usr/local/sbin/
10
+TEST="false"
10 11
 
11
-
12
-### include resource files, if any
12
+### include config files
13 13
 if [ -f /etc/openser/openserctlrc ]; then
14 14
 	. /etc/openser/openserctlrc
15 15
 fi
... ...
@@ -19,23 +19,23 @@ fi
19 19
 if [ -f ~/.openserctlrc ]; then
20 20
 	. ~/.openserctlrc
21 21
 fi
22
+# for testing only, please don't enable this in production environments
23
+# as this introduce security risks
24
+if [ $TEST = "true" ]; then
25
+	if [ -f ./openserctlrc ]; then
26
+		. ./openserctlrc
27
+	fi
28
+fi
22 29
 
23
-##### ------------------------------------------------ #####
24
-### force values for variables in this section
25
-#
26 30
 
31
+### force values for variables in this section
27 32
 # you better set the variables in ~/.openserctlrc
28
-
29
-
30 33
 if [ -z "$ETCDIR" ] ; then
31 34
 	ETCDIR="/usr/local/etc/openser"
32 35
 fi
33 36
 
34
-##### ------------------------------------------------ #####
35
-### 
36
-#
37 37
 ### version for this script
38
-VERSION='1.2 - $Revision$'
38
+VERSION='$Revision$'
39 39
 
40 40
 if [ -z "$MYDIR" ] ; then
41 41
 	MYDIR=`dirname $0`
... ...
@@ -134,6 +134,7 @@ usage() {
134 134
 	fi
135 135
 	cat <<EOF
136 136
 $0 $VERSION
137
+
137 138
 Existing commands:
138 139
 EOF
139 140
 for f in $USAGE_FUNCTIONS
... ...
@@ -324,10 +324,8 @@ cat <<EOF
324 324
            ............. show routes, gateways and groups
325 325
  lcr reload ...................................................................
326 326
            ............. reload lcr gateways
327
- lcr addgw_grp <grp_name> .....................................................
328
-           .............. add gateway group, autocreate grp_id
329 327
  lcr addgw_grp <grp_name> <grp_id> ............................................
330
-           ............... add gateway group with grp_id
328
+           .............. add gateway group, autocreate grp_id if not present .
331 329
  lcr rmgw_grp  <grp_id> .......................................................
332 330
            ............... delete the gw_grp
333 331
  lcr addgw <gw_name> <ip> <port> <scheme> <transport> <grp_id> <prefix> <strip>
... ...
@@ -352,13 +350,11 @@ cat <<EOF
352 352
  cr reload ...................................................... reload tables
353 353
  cr addrt <routing_tree_id> <routing_tree> ...................... add a tree
354 354
  cr rmrt  <routing_tree> ........................................ rm a tree
355
- cr addcarrier <carrier> <scan_prefix> <domain> <rewrite_host> .. add a carrier
356
- cr addcarrier <carrier> <scan_prefix> <domain> <rewrite_host> ................
357
-               <prob> ........................................... add a carrier
358 355
  cr addcarrier <carrier> <scan_prefix> <domain> <rewrite_host> ................
359 356
                <prob> <strip> <rewrite_prefix> <rewrite_suffix> ...............
360 357
                <comment> ........................................ add a carrier
361
-               (rewrite_prefix, rewrite_suffix, comment are optional arguments)
358
+               (strip, rewrite_prefix, rewrite_suffix and comment are optional
359
+                arguments) ....................................................
362 360
  cr rmcarrier  <carrier> <scan_prefix> <domain> ................. rm a carrier
363 361
 EOF
364 362
 }
... ...
@@ -33,7 +33,7 @@ fi
33 33
 # input: sql query, optional mysql command-line params
34 34
 mysql_query() {
35 35
 	# if password not yet queried, query it now
36
-	prompt_pw "MySql password for user '$DBRWUSER@$DBHOST'"
36
+	prompt_pw "MySQL password for user '$DBRWUSER@$DBHOST'"
37 37
 	$MYSQL $2 -h $DBHOST -u $DBRWUSER "-p$DBRWPW" -e "$1 ;" $DBNAME
38 38
 }
39 39
 
... ...
@@ -30,18 +30,11 @@ if [ -z "$PGSQL" ] ; then
30 30
 	PGSQL="$TOOLPATH"
31 31
 fi
32 32
 
33
-##### ----------------------------------------------- #####
34
-### variables
35
-
36
-# type of sql tables
37
-if [ -z "$TABLE_TYPE" ]; then
38
-	TABLE_TYPE=""
39
-fi
40 33
 
41 34
 # input: sql query, optional pgsql command-line params
42 35
 pgsql_query() {
43 36
 	# if password not yet queried, query it now
44
-	prompt_pw "PgSql password for user '$DBRWUSER@$DBHOST'"
37
+	prompt_pw "PgSQL password for user '$DBRWUSER@$DBHOST'"
45 38
 	mecho "pgsql_query: $PGSQL $2 -A -q -t -P fieldsep='	' -h $DBHOST -U $DBRWUSER $DBNAME -c '$1'"
46 39
 	PGPASSWORD="$DBRWPW" $PGSQL $2 \
47 40
 		-A -q -t \
... ...
@@ -64,6 +57,5 @@ pgsql_ro_query() {
64 64
 
65 65
 DBCMD=pgsql_query
66 66
 DBROCMD=pgsql_ro_query
67
-#DBRAWPARAMS="-A -q -t -P fieldsep=\"	\""
68 67
 DBRAWPARAMS="-A -q -t"
69 68
 
... ...
@@ -7,37 +7,29 @@
7 7
 #===================================================================
8 8
 
9 9
 PATH=$PATH:/usr/local/sbin/
10
-
10
+TEST="false"
11 11
 
12 12
 ### include resource files, if any
13
+if [ -f /etc/openser/openserctlrc ]; then
14
+	. /etc/openser/openserctlrc
15
+fi
13 16
 if [ -f /usr/local/etc/openser/openserctlrc ]; then
14 17
 	. /usr/local/etc/openser/openserctlrc
15 18
 fi
16 19
 if [ -f ~/.openserctlrc ]; then
17 20
 	. ~/.openserctlrc
18 21
 fi
19
-### for testing only
20
-if [ -f ./openserctlrc ]; then
21
-	. ./openserctlrc
22
+# for testing only, please don't enable this in production environments
23
+# as this introduce security risks
24
+if [ $TEST = "true" ]; then
25
+	if [ -f ./openserctlrc ]; then
26
+		. ./openserctlrc
27
+	fi
22 28
 fi
23 29
 
24 30
 
25
-##### ------------------------------------------------ #####
26
-### force values for variables in this section
27
-#
28
-
29
-# you better set the variables in ~/.openserctlrc
30
-
31
-
32
-if [ -z "$ETCDIR" ] ; then
33
-	ETCDIR="/usr/local/etc/openser"
34
-fi
35
-
36
-##### ------------------------------------------------ #####
37
-### 
38
-#
39 31
 ### version for this script
40
-VERSION='1.3dev - $Revision$'
32
+VERSION='$Revision$'
41 33
 
42 34
 if [ -z "$MYDIR" ] ; then
43 35
 	MYDIR=`dirname $0`
... ...
@@ -51,13 +43,6 @@ if [ -z "$MYLIBDIR" ] ; then
51 51
 fi
52 52
 
53 53
 
54
-# force values for variables in this section
55
-# you better set the variables in ~/.openserctlrc
56
-if [ -z "$ETCDIR" ] ; then
57
-	ETCDIR="/usr/local/etc/openser"
58
-fi
59
-
60
-
61 54
 ##### ------------------------------------------------ #####
62 55
 ### load base functions
63 56
 #
... ...
@@ -298,6 +283,9 @@ case $1 in
298 298
 		openser_berkeley "$@"
299 299
 		exit $?
300 300
 		;;
301
+	version)
302
+		echo  "$0 $VERSION"
303
+		;;
301 304
 	*)
302 305
 		usage
303 306
 		exit 1;
... ...
@@ -31,14 +31,17 @@ INSTALL_EXTRA_TABLES=${INSTALL_EXTRA_TABLES:-ask}
31 31
 INSTALL_PRESENCE_TABLES=${INSTALL_PRESENCE_TABLES:-ask}
32 32
 INSTALL_SERWEB_TABLES=${INSTALL_SERWEB_TABLES:-ask}
33 33
 
34
-# Used by dbtext and db_berkeley to define tables to be created
34
+# Used by dbtext and db_berkeley to define tables to be created, used by
35
+# postgres to do the grants
35 36
 STANDARD_TABLES=${STANDARD_TABLES:-version acc dbaliases lcr domain grp
36 37
 		uri speed_dial gw pdt subscriber location re_grp trusted
37 38
 		address missed_calls usr_preferences aliases silo dialog
38 39
 		dispatcher}
39
-EXTRA_TABLES=${EXTRA_TABLES:-imc_members imc_rooms cpl sip_trace domainpolicy}
40
+EXTRA_TABLES=${EXTRA_TABLES:-imc_members imc_rooms cpl sip_trace domainpolicy carrierroute route_tree}
40 41
 PRESENCE_TABLES=${PRESENCE_TABLES:-presentity active_watchers watchers xcap 
41 42
 		pua rls_presentity rls_watchers}
43
+SERWEB_TABLES=${SERWEB_TABLES:-phonebook pending active_sessions server_monitoring
44
+		server_monitoring_agg usr_preferences_types admin_privileges}
42 45
 
43 46
 # SQL definitions
44 47
 # If you change this definitions here, then you must change them
... ...
@@ -72,6 +75,8 @@ EXTRA_MODULES=${EXTRA_MODULES:-imc cpl siptrace domainpolicy carrierroute}
72 72
 usage() {
73 73
 COMMAND=`basename $0`
74 74
 cat <<EOF
75
+$0 $VERSION
76
+
75 77
 usage: $COMMAND create <db name or db_path, optional> .....(creates a new database)
76 78
        $COMMAND drop <db name or db_path, optional> .......(!entirely deletes tables!)
77 79
        $COMMAND reinit <db name or db_path, optional> .....(!entirely deletes and than re-creates tables!)
... ...
@@ -2,7 +2,6 @@
2 2
 #
3 3
 # Script for adding and dropping OpenSER DBTEXT tables
4 4
 #
5
-#
6 5
 # History:
7 6
 # 2007-02-14  Branch from mysqldb.sh script and adapt minimal capabilities(Cesc Santasusana)
8 7
 #
... ...
@@ -2,21 +2,7 @@
2 2
 #
3 3
 # Script for adding and dropping OpenSER MySQL tables
4 4
 #
5
-# TO-DO: update_structures command for migriting to new
6
-#        table definitons
7
-#
8
-# 2003-01-21 changed SILO table definition, by dcm
9
-#
10 5
 # History:
11
-# 2003-03-12 added replication mark and state columns to location (nils)
12
-# 2003-03-05: Changed user to username, user is reserved word (janakj)
13
-# 2003-01-26 statistics table introduced (jiri)
14
-# 2003-01-25: Optimized keys of some core tables (janakj)
15
-# 2003-01-25: USER_ID changed to user everywhere (janakj)
16
-# 2003-01-24: Changed realm column of subscriber and pending
17
-#             tables to domain (janakj)
18
-# 2003-04-14  reinstall introduced (jiri)
19
-# 2004-07-05  new definition of table silo (dcm)
20 6
 # 2006-04-07  removed gen_ha1 dependency - use md5sum;
21 7
 #             separated the serweb from openser tables;
22 8
 #             fixed the reinstall functionality (bogdan)
... ...
@@ -2,29 +2,7 @@
2 2
 #
3 3
 # Script for adding and dropping OpenSER Postgres tables
4 4
 #
5
-# TO-DO: update_structures command for migriting to new
6
-#        table definitons
7
-#
8
-# 2003-01-21 changed SILO table definition, by dcm
9
-#
10 5
 # History:
11
-# 2003-03-12 added replication mark and state columns to location (nils)
12
-# 2003-03-05: Changed user to username, user is reserved word (janakj)
13
-# 2003-01-26 statistics table introduced (jiri)
14
-# 2003-01-25: Optimized keys of some core tables (janakj)
15
-# 2003-01-25: USER_ID changed to user everywhere (janakj)
16
-# 2003-01-24: Changed realm column of subscriber and pending
17
-#             tables to domain (janakj)
18
-# 2003-04-14  reinstall introduced (jiri)
19
-# 2004-07-05  new definition of table silo (dcm)
20
-# 2005-07-26  modify mysqldb.sh for postgres (darilion), known issues:
21
-#  -  int unsigned replaced by bigint
22
-#  -  postgresql creates some implicit indexes, thus some of the
23
-#     indexes are doubled
24
-#  -  msilo: blob replaced by text, is this fine?
25
-#  -  datetime types not sure
26
-# 2006-04-07  removed gen_ha1 dependency - use md5sum;
27
-#             separated the serweb from openser tables (bogdan)
28 6
 # 2006-05-16  added ability to specify MD5 from a configuration file
29 7
 #             FreeBSD does not have the md5sum function (norm)
30 8
 # 2006-07-14  Corrected syntax from MySQL to Postgres (norm)
... ...
@@ -72,7 +50,7 @@ if [ -z "$DBROOTUSER" ]; then
72 72
 	fi
73 73
 fi
74 74
 
75
-CMD="psql -h $DBHOST -U $DBROOTUSER "
75
+CMD="psql -q -h $DBHOST -U $DBROOTUSER "
76 76
 DUMP_CMD="pg_dump -h $DBHOST -U $DBROOTUSER -c"
77 77
 #################################################################
78 78
 
... ...
@@ -151,14 +129,14 @@ if [ $? -ne 0 ] ; then
151 151
 	mwarn "Create user in database failed, perhaps they allready exist? Try to continue.."
152 152
 fi
153 153
 
154
-sql_query "$1" "GRANT ALL PRIVILEGES ON DATABASE $1 TO $DBRWUSER;"
155
-if [ $? -ne 0 ] ; then
156
-	merr "Grant privileges to database failed!"
157
-	exit 1
158
-fi
159
-
160 154
 for TABLE in $STANDARD_TABLES; do
161
-    sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
155
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE $TABLE TO $DBRWUSER;"
156
+	sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
157
+	if [ $TABLE != "version" ] ; then
158
+		sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE "$TABLE"_id_seq TO $DBRWUSER;"
159
+    	sql_query "$1" "GRANT SELECT ON TABLE "$TABLE"_id_seq TO $DBROUSER;"
160
+	fi
161
+
162 162
 	if [ $? -ne 0 ] ; then
163 163
 		merr "Grant privileges to standard tables failed!"
164 164
 		exit 1
... ...
@@ -217,14 +195,11 @@ if [ $? -ne 0 ] ; then
217 217
 	exit 1
218 218
 fi
219 219
 
220
-sql_query "$1" "GRANT ALL PRIVILEGES ON DATABASE $1 TO $DBRWUSER;"
221
-if [ $? -ne 0 ] ; then
222
-	merr "Grant privileges to database failed!"
223
-	exit 1
224
-fi
225
-
226 220
 for TABLE in $PRESENCE_TABLES; do
227
-    sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
221
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE $TABLE TO $DBRWUSER;"
222
+	sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
223
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE "$TABLE"_id_seq TO $DBRWUSER;"
224
+    sql_query "$1" "GRANT SELECT ON TABLE "$TABLE"_id_seq TO $DBROUSER;"
228 225
 	if [ $? -ne 0 ] ; then
229 226
 		merr "Grant privileges to presence tables failed!"
230 227
 		exit 1
... ...
@@ -253,14 +228,13 @@ for TABLE in $EXTRA_MODULES; do
253 253
     fi
254 254
 done
255 255
 
256
-sql_query "$1" "GRANT ALL PRIVILEGES ON DATABASE $1 TO $DBRWUSER;"
257
-if [ $? -ne 0 ] ; then
258
-	merr "Grant privileges to database failed!"
259
-	exit 1
260
-fi
261
-
262 256
 for TABLE in $EXTRA_TABLES; do
263
-    sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
257
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE $TABLE TO $DBRWUSER;"
258
+	sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
259
+	if [ $TABLE != "route_tree" ] ; then
260
+		sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE "$TABLE"_id_seq TO $DBRWUSER;"
261
+	    sql_query "$1" "GRANT SELECT ON TABLE "$TABLE"_id_seq TO $DBROUSER;"
262
+	fi
264 263
 	if [ $? -ne 0 ] ; then
265 264
 		merr "Grant privileges to extra tables failed!"
266 265
 		exit 1
... ...
@@ -329,14 +303,19 @@ if [ $? -ne 0 ] ; then
329 329
 	merr "Failed to create presence tables!"
330 330
 	exit 1
331 331
 fi
332
-sql_query "$1" "GRANT ALL PRIVILEGES ON DATABASE $1 TO $DBRWUSER;
333
-		GRANT SELECT ON TABLE phonebook, pending, active_sessions, server_monitoring,
334
-		server_monitoring_agg, usr_preferences_types, admin_privileges to $DBROUSER;" 
335 332
 
336
-if [ $? -ne 0 ] ; then
337
-	merr "Grant privileges to serweb tables failed!"
338
-	exit 1
339
-fi
333
+for TABLE in $SERWEB_TABLES; do
334
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE $TABLE TO $DBRWUSER;"
335
+	sql_query "$1" "GRANT SELECT ON TABLE $TABLE TO $DBROUSER;"
336
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE phonebook_id_seq TO $DBRWUSER;"
337
+	sql_query "$1" "GRANT SELECT ON TABLE phonebook_id_seq TO $DBROUSER;"
338
+	sql_query "$1" "GRANT ALL PRIVILEGES ON TABLE pending_id_seq TO $DBRWUSER;"
339
+	sql_query "$1" "GRANT SELECT ON TABLE pending_id_seq TO $DBROUSER;"
340
+	if [ $? -ne 0 ] ; then
341
+		merr "Grant privileges to serweb tables failed!"
342
+		exit 1
343
+	fi
344
+done
340 345
 
341 346
 if [ -z "$NO_USER_INIT" ] ; then
342 347
 	if [ -z "$SIP_DOMAIN" ] ; then