From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH 1/2] wsdd: Install wsdd - fixes bug13445 Date: Fri, 12 Jan 2024 13:40:57 +0000 Message-ID: <638C4CD5-D9CD-466A-8C4E-37C4DF0E9F0C@ipfire.org> In-Reply-To: <27e673f6-16fc-4fd0-a25c-271d02f8884f@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4233370447819203002==" List-Id: --===============4233370447819203002== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, > On 12 Jan 2024, at 11:14, Adolf Belka wrote: >=20 > Hi Daniel, >=20 > On 11/01/2024 17:11, daniel.weismueller(a)ipfire.org wrote: >> Hi Adolf. >> We have looked at your work. First of all, thank you very much. >> Your scripts seems to work fine. I will start tomorrow to test them in who= le. However we have made a few changes. >> In particular, we have adapted the code to the existing code in IPFire. >> Please take look at Michaels wsdd branch. >> https://git.ipfire.org/?p=3Dpeople/ms/ipfire-2.x.git;a=3Dshortlog;h=3Drefs= /heads/wsdd >=20 > That looks very good. I clearly still have a bit to learn about how to code= in a more tidy manner. It worked=E2=80=A6 I was just in the swing of it :) > I also see that Michael fixed the pid fault in the loadproc/statusproc/kill= proc while I just created a workaround solution for the wsdd initscript alone. loadproc/statusproc/killproc are really difficult to handle. They are suppose= d to be LSB-conformant functions, but I believe that it never really happened= that they because universally used and compatible between distributions. Now= with systemd, there is no more need=E2=80=A6 And it is also because of systemd that daemons behave differently now - actua= lly not even like daemons whatsoever any more. They used to fork themselves i= nto the background which made all the PID processing necessary, because the i= nit script could not know the PID of the process forked in the background. No= w, they don=E2=80=99t do this any more because without the fork, things are e= asier for systemd to manage. The new -b switch that was added some while ago is already helping us to laun= ch such new processes into the background, but we don=E2=80=99t have PID file= s any more. And since scripts don=E2=80=99t work with statusproc/killproc, I = thought it might be a good idea to add this to loadproc as I am expecting us = to need this more often in the future. And while I was thinking about the problem, I figured it would be easier to s= end a patch for those few lines instead of explaining it in words - which pro= bably would have been a little bit longer. The only noteworthy thing is that there was a potential security issue in pas= sing around the shell arguments as strings because the workgroup variable cou= ld have been almost anything. I am not sure what validation samba would do, b= ut I thought it would be best not to rely on that. A two words (with a space)= workgroup would have caused wsdd not to start, because it would have seen a = command line like =E2=80=9C=E2=80=94-workgroup ABC DEF=E2=80=9D with ABC bein= g interpreted as the workgroup and DEF being some garbage that wsdd would not= understand. The trick with the array is that it would pass the arguments lik= e this =E2=80=9C=E2=80=94-workgroup =E2=80=98ABC DEF=E2=80=99=E2=80=9D which = prevents that =E2=80=9CDEF=E2=80=9D would be interpreted as an extra paramete= r. So, everything is fine :) Especially after I added the =E2=80=9Crestart=E2=80= =9D command :) > I did have a look at the code in the functions file but struggled to unders= tand it enough to be able to figure out what was giving the problem I was exp= eriencing. Which functions? > I am glad that has been sorted and the initscript tidied up in line with IP= Fire coding style. That is why we are all working together... > Will try and remember that in future. If not, we are here to help :) -Michael > Regards, > Adolf. >=20 >> - >> Daniel >> Am 10. Januar 2024 um 14:30 schrieb "Adolf Belka" >: >> - lfs and toorfile created for wsdd >> - wsdd added to make.sh script >> - created install/update/uninstall scripts for wsdd that create an >> unpriveleged user and >> group. >> - initscript created for wsdd. As wsdd is a python3 script, when it >> is run as a daemon the >> pidof command does not find any pid for wsdd. So a directory/file >> for a pid file was >> created. This is then passed to the loadproc and killproc commands. >> After the loadproc >> command has been created the pid is extracted from the ps aux >> command and put into the >> pid file. This then works when running the killproc command for it >> to know what to go >> and stop. The statusproc command does not have the ability to feed >> in the pid from a >> pid file and so it fails to find a running wsdd as it uses the pidof >> command. Code was >> added to the status section of the initscript to check if the pid >> file exists and if so >> to print the same command as used with the statusproc command, and >> also the same >> wording if the pid file does not exist because wsdd is not running. >> - info from the ethernet/settings file is used to identify if only >> green0 is available or >> if blue0 is also used and based on this the appropriate interface >> commands are added to >> the wsdd command. >> - wsdd is also set up to run in a chroot >> - Has been tested on my vm testbed, initially by editing the files >> on the vm clone. After >> everything confiremd to be working, the build was successfully >> carried out and the >> .ipfire package was copied to a new vm clone installed and shown to >> perform as expected. >> This test only confirms that wsdd is correctly installed and >> started. Shutsdown and >> restarts on reboot successfully. Confirmed from the ps aux info that >> wsdd has been >> started with the correct options. Thge testing can not evaluate if >> wsdd enables windows >> systems newer than version 7 top be able to detect the samba shares >> as I have no >> windows systems. >> Fixes: Bug13445 >> Tested-by: Adolf Belka >> Signed-off-by: Adolf Belka >> --- >> config/rootfiles/packages/wsdd | 2 + >> lfs/wsdd | 89 ++++++++++++++++++++++++++++++++++ >> make.sh | 1 + >> src/initscripts/packages/wsdd | 63 ++++++++++++++++++++++++ >> src/paks/wsdd/install.sh | 40 +++++++++++++++ >> src/paks/wsdd/uninstall.sh | 30 ++++++++++++ >> src/paks/wsdd/update.sh | 27 +++++++++++ >> 7 files changed, 252 insertions(+) >> create mode 100644 config/rootfiles/packages/wsdd >> create mode 100644 lfs/wsdd >> create mode 100644 src/initscripts/packages/wsdd >> create mode 100644 src/paks/wsdd/install.sh >> create mode 100644 src/paks/wsdd/uninstall.sh >> create mode 100644 src/paks/wsdd/update.sh >> diff --git a/config/rootfiles/packages/wsdd >> b/config/rootfiles/packages/wsdd >> new file mode 100644 >> index 000000000..ce225043a >> --- /dev/null >> +++ b/config/rootfiles/packages/wsdd >> @@ -0,0 +1,2 @@ >> +etc/rc.d/init.d/wsdd >> +usr/bin/wsdd >> diff --git a/lfs/wsdd b/lfs/wsdd >> new file mode 100644 >> index 000000000..aa65e47ef >> --- /dev/null >> +++ b/lfs/wsdd >> @@ -0,0 +1,89 @@ >> +######################################################################= ######### >> +# # >> +# IPFire.org - A linux based firewall # >> +# Copyright (C) 2007-2024 IPFire Team # >> +# # >> +# This program is free software: you can redistribute it and/or >> modify # >> +# it under the terms of the GNU General Public License as published >> by # >> +# the Free Software Foundation, either version 3 of the License, or # >> +# (at your option) any later version. # >> +# # >> +# This program is distributed in the hope that it will be useful, # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # >> +# GNU General Public License for more details. # >> +# # >> +# You should have received a copy of the GNU General Public License # >> +# along with this program. If not, see >> >. # >> +# # >> +######################################################################= ######### >> + >> +######################################################################= ######### >> +# Definitions >> +######################################################################= ######### >> + >> +include Config >> + >> +VER =3D 0.7.1 >> +SUMMARY =3D A Web Service Discovery host daemon. >> + >> +THISAPP =3D wsdd-$(VER) >> +DL_FILE =3D $(THISAPP).tar.gz >> +DL_FROM =3D $(URL_IPFIRE) >> +DIR_APP =3D $(DIR_SRC)/$(THISAPP) >> +TARGET =3D $(DIR_INFO)/$(THISAPP) >> +PROG =3D wsdd >> +PAK_VER =3D 1 >> + >> +DEPS =3D >> + >> +SERVICES =3D wsdd >> + >> +######################################################################= ######### >> +# Top-level Rules >> +######################################################################= ######### >> + >> +objects =3D $(DL_FILE) >> + >> +$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) >> + >> +$(DL_FILE)_BLAKE2 =3D >> ce43022c3bd9f7ff1fd7169ac0d5ab6b2ff78d35c221c05b2e20908a5772d563ab2aca5= 71d4e6ae48a55d19d4adcb9cde60f720ae47af8ee950198224fcfdb26 >> + >> +install : $(TARGET) >> + >> +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) >> + >> +download :$(patsubst %,$(DIR_DL)/%,$(objects)) >> + >> +b2 : $(subst %,%_BLAKE2,$(objects)) >> + >> +dist: >> + @$(PAK) >> + >> +######################################################################= ######### >> +# Downloading, checking, b2sum >> +######################################################################= ######### >> + >> +$(patsubst %,$(DIR_CHK)/%,$(objects)) : >> + @$(CHECK) >> + >> +$(patsubst %,$(DIR_DL)/%,$(objects)) : >> + @$(LOAD) >> + >> +$(subst %,%_BLAKE2,$(objects)) : >> + @$(B2SUM) >> + >> +######################################################################= ######### >> +# Installation Details >> +######################################################################= ######### >> + >> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> + @$(PREBUILD) >> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) >> + cd $(DIR_APP) && cp src/wsdd.py /usr/bin/wsdd >> + >> + #install initscripts >> + $(call INSTALL_INITSCRIPTS,$(SERVICES)) >> + >> + @rm -rf $(DIR_APP) >> + @$(POSTBUILD) >> diff --git a/make.sh b/make.sh >> index 06e09c9a3..5af3dedc3 100755 >> --- a/make.sh >> +++ b/make.sh >> @@ -1699,6 +1699,7 @@ buildipfire() { >> lfsmake2 perl-MIME-Base32 >> lfsmake2 perl-URI-Encode >> lfsmake2 rsnapshot >> + lfsmake2 wsdd >> # Kernelbuild ... current we have no platform that need >> # multi kernel builds so KCFG is empty >> diff --git a/src/initscripts/packages/wsdd >> b/src/initscripts/packages/wsdd >> new file mode 100644 >> index 000000000..c5207f872 >> --- /dev/null >> +++ b/src/initscripts/packages/wsdd >> @@ -0,0 +1,63 @@ >> +#!/bin/sh >> +######################################################################= ######### >> +# # >> +# IPFire.org - A linux based firewall # >> +# Copyright (C) 2007-2024 IPFire Team # >> +# # >> +# This program is free software: you can redistribute it and/or >> modify # >> +# it under the terms of the GNU General Public License as published >> by # >> +# the Free Software Foundation, either version 3 of the License, or # >> +# (at your option) any later version. # >> +# # >> +# This program is distributed in the hope that it will be useful, # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # >> +# GNU General Public License for more details. # >> +# # >> +# You should have received a copy of the GNU General Public License # >> +# along with this program. If not, see >> >. # >> +# # >> +######################################################################= ######### >> + >> +. /etc/sysconfig/rc >> +. $rc_functions >> + >> +eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) >> + >> +# Create chroot directory for wsdd >> +mkdir -p /var/run/wsdd >> + >> +INTERFACES=3D"-i ${GREEN_DEV}" >> + if [ -n "${BLUE_DEV}" ]; then >> + INTERFACES=3D"${INTERFACES} -i ${BLUE_DEV}" >> + fi >> +WSDD_WORKGROUP=3D"-w $(/usr/bin/testparm -s --parameter-name >> workgroup 2>/dev/null)" >> +WSDD_USER=3D"-u wsdd:wsdd" >> +WSDD_CHROOT=3D"-c /var/run/wsdd" >> + >> +case "$1" in >> + start) >> + boot_mesg "Starting wsdd daemon..." >> + loadproc -b /usr/bin/wsdd -4 ${WSDD_USER} ${INTERFACES} >> ${WSDD_WORKGROUP} ${WSDD_CHROOT} >> + sleep 1 >> + echo $(ps aux | grep "/usr/bin/wsdd" | grep -v grep | awk '{print >> $2}') > /var/run/wsdd/pid >> + ;; >> + stop) >> + boot_mesg "Stopping wsdd daemon..." >> + killproc -p /var/run/wsdd/pid /usr/bin/wsdd >> + ;; >> + status) >> + WSDD_PID=3D$(ps aux | grep "/usr/bin/wsdd" | grep -v grep | awk >> '{print $2}') >> + if [ -n "${WSDD_PID}" ]; then >> + echo -e "\\033[1;36m /usr/bin/wsdd is running with Process"\ >> + "ID(s) $WSDD_PID.\\033[0;39m" >> + else >> + echo -e "\\033[1;36m /usr/bin/wsdd is not running.\\033[0;39m" >> + fi >> + ;; >> + *) >> + echo "Usage: $0 (start|stop|status)" >> + exit 1 >> + ;; >> +esac >> + >> diff --git a/src/paks/wsdd/install.sh b/src/paks/wsdd/install.sh >> new file mode 100644 >> index 000000000..181b84eb9 >> --- /dev/null >> +++ b/src/paks/wsdd/install.sh >> @@ -0,0 +1,40 @@ >> +#!/bin/bash >> +######################################################################= ###### >> +# # >> +# This file is part of the IPFire Firewall. # >> +# # >> +# IPFire is free software; you can redistribute it and/or modify # >> +# it under the terms of the GNU General Public License as published >> by # >> +# the Free Software Foundation; either version 2 of the License, or # >> +# (at your option) any later version. # >> +# # >> +# IPFire is distributed in the hope that it will be useful, # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # >> +# GNU General Public License for more details. # >> +# # >> +# You should have received a copy of the GNU General Public License # >> +# along with IPFire; if not, write to the Free Software # >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA >> 02111-1307 USA # >> +# # >> +# Copyright (C) 2007 IPFire-Team . # >> +# # >> +######################################################################= ###### >> +# >> +. /opt/pakfire/lib/functions.sh >> + >> +# If the wsdd user does not exist yet, then create it and add to >> wsdd group. >> +if ! getent user wsdd >/dev/null; then >> + useradd -r -U -d / -s /bin/false -c "wsdd user" wsdd >> + usermod -a -G wsdd wsdd >> +fi >> + >> +extract_files >> +restore_backup ${NAME} >> + >> +# Create startlinks >> +ln -sf ../init.d/wsdd /etc/rc.d/rc0.d/K35wsdd >> +ln -sf ../init.d/wsdd /etc/rc.d/rc3.d/S65wsdd >> +ln -sf ../init.d/wsdd /etc/rc.d/rc6.d/K35wsdd >> +start_service ${NAME} >> +exit 0 >> diff --git a/src/paks/wsdd/uninstall.sh b/src/paks/wsdd/uninstall.sh >> new file mode 100644 >> index 000000000..4c52ee281 >> --- /dev/null >> +++ b/src/paks/wsdd/uninstall.sh >> @@ -0,0 +1,30 @@ >> +#!/bin/bash >> +######################################################################= ###### >> +# # >> +# This file is part of the IPFire Firewall. # >> +# # >> +# IPFire is free software; you can redistribute it and/or modify # >> +# it under the terms of the GNU General Public License as published >> by # >> +# the Free Software Foundation; either version 2 of the License, or # >> +# (at your option) any later version. # >> +# # >> +# IPFire is distributed in the hope that it will be useful, # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # >> +# GNU General Public License for more details. # >> +# # >> +# You should have received a copy of the GNU General Public License # >> +# along with IPFire; if not, write to the Free Software # >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA >> 02111-1307 USA # >> +# # >> +# Copyright (C) 2007 IPFire-Team . # >> +# # >> +######################################################################= ###### >> +# >> +. /opt/pakfire/lib/functions.sh >> +stop_service ${NAME} >> +make_backup ${NAME} >> +remove_files >> +# Remove all start links. >> +rm -rf /etc/rc.d/rc*.d/*wsdd >> +exit 0 >> diff --git a/src/paks/wsdd/update.sh b/src/paks/wsdd/update.sh >> new file mode 100644 >> index 000000000..99776659c >> --- /dev/null >> +++ b/src/paks/wsdd/update.sh >> @@ -0,0 +1,27 @@ >> +#!/bin/bash >> +######################################################################= ###### >> +# # >> +# This file is part of the IPFire Firewall. # >> +# # >> +# IPFire is free software; you can redistribute it and/or modify # >> +# it under the terms of the GNU General Public License as published >> by # >> +# the Free Software Foundation; either version 2 of the License, or # >> +# (at your option) any later version. # >> +# # >> +# IPFire is distributed in the hope that it will be useful, # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # >> +# GNU General Public License for more details. # >> +# # >> +# You should have received a copy of the GNU General Public License # >> +# along with IPFire; if not, write to the Free Software # >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA >> 02111-1307 USA # >> +# # >> +# Copyright (C) 2007-2020 IPFire-Team . # >> +# # >> +######################################################################= ###### >> +# >> +. /opt/pakfire/lib/functions.sh >> +extract_backup_includes >> +./uninstall.sh >> +./install.sh >> -- 2.43.0 >=20 > --=20 > Sent from my laptop --===============4233370447819203002==--