aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/sledjchisl/sledjchisl.c217
1 files changed, 111 insertions, 106 deletions
diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c
index 1709357..9637a85 100644
--- a/src/sledjchisl/sledjchisl.c
+++ b/src/sledjchisl/sledjchisl.c
@@ -8552,10 +8552,121 @@ Build the OpenSim.
8552 } 8552 }
8553 8553
8554 8554
8555 if ((!isWeb) && (START == currentMode) && (0 == toys.optc))
8556 {
8557////////////////////////////////////////////////////////////////////////////////////////////////////
8558// Sort out directories, part 2
8559////////////////////////////////////////////////////////////////////////////////////////////////////
8560
8561 // Doing this here coz at this point we should be the correct user, and we only want to do this during initial startup.
8562 /* From man 7 inode -
8563 S_ISUID 04000 set-user-ID bit
8564 S_ISGID 02000 set-group-ID bit (see below)
8565 S_ISVTX 01000 sticky bit (see below)
8566
8567 S_IRWXU 00700 owner has read, write, and execute permission
8568 S_IRUSR 00400 owner has read permission
8569 S_IWUSR 00200 owner has write permission
8570 S_IXUSR 00100 owner has execute permission
8571
8572 S_IRWXG 00070 group has read, write, and execute permission
8573 S_IRGRP 00040 group has read permission
8574 S_IWGRP 00020 group has write permission
8575 S_IXGRP 00010 group has execute permission
8576
8577 S_IRWXO 00007 others (not in group) have read, write, and execute permission
8578 S_IROTH 00004 others have read permission
8579 S_IWOTH 00002 others have write permission
8580 S_IXOTH 00001 others have execute permission
8581
8582 The set-group-ID bit (S_ISGID) has several special uses. For a directory, it indicates that BSD semantics is to be used for that directory: files created there inherit their group
8583 ID from the directory, not from the effective group ID of the creating process, and directories created there will also get the S_ISGID bit set. For a file that does not have the
8584 group execution bit (S_IXGRP) set, the set-group-ID bit indicates mandatory file/record locking.
8585
8586 The sticky bit (S_ISVTX) on a directory means that a file in that directory can be renamed or deleted only by the owner of the file, by the owner of the directory,
8587 and by a privileged process
8588 */
8589 V("Making directories in %s.", scRoot);
8590 if ((! qfile_exist(scBin)) && (! qfile_mkdir(scBin, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBin);
8591 if ((! qfile_exist(scEtc)) && (! qfile_mkdir(scEtc, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scEtc);
8592 if ((! qfile_exist(scLib)) && (! qfile_mkdir(scLib, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scLib);
8593 if ((! qfile_exist(scBackup)) && (! qfile_mkdir(scBackup, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBackup);
8594 if ((! qfile_exist(scCache)) && (! qfile_mkdir(scCache, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scCache);
8595 if ((! qfile_exist(scData)) && (! qfile_mkdir(scData, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scData);
8596 if ((! qfile_exist(scLog)) && (! qfile_mkdir(scLog, S_IRWXU, true))) C("Unable to create path %s", scLog);
8597 if ((! qfile_exist(scTemp)) && (! qfile_mkdir(scTemp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scTemp);
8598 tmp = xmprintf("%s/sessions", scCache);
8599 if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp);
8600 free(tmp);
8601 tmp = xmprintf("%s/users", scData);
8602 if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp);
8603 free(tmp);
8604 tmp = xmprintf("%s/db", scData);
8605 if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp);
8606 free(tmp);
8607
8608/* TODO - tighten up security.
8609Make sure correct permissions are set everywhere.
8610 sudo chown -R ${OS_USER}:${OS_USER} ${OS_PATH}
8611
8612Create the /opt/opensim-SC directory structure.
8613 AssetFiles/data Think OpenSim creates all the sub directories itself?
8614 AssetFiles/tmp/spool Think OpenSim creates all the sub directories itself?
8615 config/config.ini (move that etc/config.ini later)
8616. var/backups Copy examples/var/backups/*.IAR files, which are the newbie starter inventories.
8617. var/cache Think OpenSim creates all the sub directories itself?
8618. var/run HAS to be setup correctly BEFORE we try to start up tmux.
8619 web // Fill it with default web stuff from current -> example..
8620*/
8621 I("Securing directories and files in %s. This might take awhile.", scRoot);
8622 if (shellMeFail("chmod u=rw,go= %s/config/*.ini", scRoot)) C("Can't set proper permissions for %s/config*.ini", scRoot);
8623 if (shellMeFail("chmod u=rw,go= %s/config/ROBUST/*.ini", scRoot)) C("Can't set proper permissions for %s/config/ROBUST/*.ini", scRoot);
8624 if (shellMeFail("chmod u=rw,go= %s/.sledjChisl.conf.lua", scEtc)) C("Can't set proper permissions for %s/.sledjChisl.conf.lua", scEtc);
8625 if (shellMeFail("chmod ug+rw %s/config", scRoot)) C("Can't set proper permissions for %s/config", scRoot);
8626 if (shellMeFail("chmod g+s %s/config", scRoot)) C("Can't set proper permissions for %s/config", scRoot);
8627 if (shellMeFail("chmod u=rw,go= %s/config/*.ini", scRoot)) C("Can't set proper permissions for %s/config/*.ini", scRoot);
8628 if (shellMeFail("chmod u=rw,go= %s/config/ROBUST/*.ini", scRoot)) C("Can't set proper permissions for %s/configROBUST/*.ini", scRoot);
8629
8630 if (shellMeFail("chmod ug=rwx,o= %s/AssetFiles", scRoot)) C("Can't set proper permissions for %s/AssetFiles", scRoot);
8631 if (shellMeFail("chmod -fR ug=rw,o=,a+X %s", scBackup)) C("Can't set proper permissions for %s", scBackup);
8632 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scBin)) C("Can't set proper permissions for %s", scBin);
8633 if (shellMeFail("chmod -fR ug=rw,o=,a+X %s", scCache)) C("Can't set proper permissions for %s", scCache);
8634 if (shellMeFail("chmod ug=rwx,o= %s", scCache)) C("Can't set proper permissions for %s", scCache);
8635 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scData)) C("Can't set proper permissions for %s", scData);
8636 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scEtc)) C("Can't set proper permissions for %s", scEtc);
8637 if (shellMeFail("chmod u=rw,g=r,o= %s/.sledjChisl.conf.lua", scEtc)) C("Can't set proper permissions for %s/.sledjChisl.conf.lua", scEtc);
8638 if (shellMeFail("chmod g+s %s", scEtc)) C("Can't set proper permissions for %s", scEtc);
8639 if (shellMeFail("chmod a+x %s/*.shini", scEtc)) C("Can't set proper permissions for %s/*.shini", scEtc);
8640 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scLib)) C("Can't set proper permissions for %s", scLib);
8641 if (shellMeFail("chmod -fR u=rw,u+X,go= %s", scLog)) C("Can't set proper permissions for %s", scLog);
8642 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scTemp)) C("Can't set proper permissions for %s", scTemp);
8643
8644// if (shellMeFail("chmod -R a+x %s/current/*.sh", scRoot)) C("Can't set proper permissions for %s/current/*.sh", scRoot);
8645// if (shellMeFail("chmod -R a+x %s/current/scripts/*.sh", scRoot)) C("Can't set proper permissions for %s/current/scripts/*.sh", scRoot);
8646// if (shellMeFail("chmod -R a+x %s/current/scripts/install/*.sh", scRoot)) C("Can't set proper permissions for %s/current/scripts/install/*.sh", scRoot);
8647// if (shellMeFail("chmod a+x %s/current/scripts/show-console", scRoot)) C("Can't set proper permissions for %s/current/scripts/show-console", scRoot);
8648// if (shellMeFail("chmod a+x %s/current/scripts/start-sim", scRoot)) C("Can't set proper permissions for %s/current/scripts/start-sim", scRoot);
8649
8650 char *newPath = xmprintf("%s/current/bin/sledjchisl", scRoot);
8651 tmp = xmprintf("%s/sledjchisl", scBin);
8652 V("Symlinking %s to %s", newPath, tmp);
8653 if (qfile_exist(tmp))
8654 {
8655 if (shellMeFail("rm %s", tmp))
8656 E("rm command failed!");
8657 }
8658 if (0 != symlink(newPath, tmp))
8659 perror_msg("Symlinking %s to %s", newPath, tmp);
8660 free(tmp);
8661 free(newPath);
8662 }
8663
8664
8555//////////////////////////////////////////////////////////////////////////////////////////////////// 8665////////////////////////////////////////////////////////////////////////////////////////////////////
8556// Other start up stuff. 8666// Other start up stuff.
8557//////////////////////////////////////////////////////////////////////////////////////////////////// 8667////////////////////////////////////////////////////////////////////////////////////////////////////
8558 getSims(); 8668 getSims();
8669
8559 if (isTmux || isWeb) 8670 if (isTmux || isWeb)
8560 { 8671 {
8561 char *d; 8672 char *d;
@@ -8687,112 +8798,6 @@ Build the OpenSim.
8687 // Start ROBUST or join the tmux session, or just figure out where the sims are running in tmux. 8798 // Start ROBUST or join the tmux session, or just figure out where the sims are running in tmux.
8688 if ((START == currentMode) && !checkSimIsRunning("ROBUST")) 8799 if ((START == currentMode) && !checkSimIsRunning("ROBUST"))
8689 { 8800 {
8690////////////////////////////////////////////////////////////////////////////////////////////////////
8691// Sort out directories, part 2
8692////////////////////////////////////////////////////////////////////////////////////////////////////
8693
8694 // Doing this here coz at this point we should be the correct user, and we only want to do this during initial startup.
8695 /* From man 7 inode -
8696 S_ISUID 04000 set-user-ID bit
8697 S_ISGID 02000 set-group-ID bit (see below)
8698 S_ISVTX 01000 sticky bit (see below)
8699
8700 S_IRWXU 00700 owner has read, write, and execute permission
8701 S_IRUSR 00400 owner has read permission
8702 S_IWUSR 00200 owner has write permission
8703 S_IXUSR 00100 owner has execute permission
8704
8705 S_IRWXG 00070 group has read, write, and execute permission
8706 S_IRGRP 00040 group has read permission
8707 S_IWGRP 00020 group has write permission
8708 S_IXGRP 00010 group has execute permission
8709
8710 S_IRWXO 00007 others (not in group) have read, write, and execute permission
8711 S_IROTH 00004 others have read permission
8712 S_IWOTH 00002 others have write permission
8713 S_IXOTH 00001 others have execute permission
8714
8715 The set-group-ID bit (S_ISGID) has several special uses. For a directory, it indicates that BSD semantics is to be used for that directory: files created there inherit their group
8716 ID from the directory, not from the effective group ID of the creating process, and directories created there will also get the S_ISGID bit set. For a file that does not have the
8717 group execution bit (S_IXGRP) set, the set-group-ID bit indicates mandatory file/record locking.
8718
8719 The sticky bit (S_ISVTX) on a directory means that a file in that directory can be renamed or deleted only by the owner of the file, by the owner of the directory,
8720 and by a privileged process
8721 */
8722 V("Making directories in %s.", scRoot);
8723 if ((! qfile_exist(scBin)) && (! qfile_mkdir(scBin, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBin);
8724 if ((! qfile_exist(scEtc)) && (! qfile_mkdir(scEtc, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scEtc);
8725 if ((! qfile_exist(scLib)) && (! qfile_mkdir(scLib, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scLib);
8726 if ((! qfile_exist(scBackup)) && (! qfile_mkdir(scBackup, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBackup);
8727 if ((! qfile_exist(scCache)) && (! qfile_mkdir(scCache, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scCache);
8728 if ((! qfile_exist(scData)) && (! qfile_mkdir(scData, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scData);
8729 if ((! qfile_exist(scLog)) && (! qfile_mkdir(scLog, S_IRWXU, true))) C("Unable to create path %s", scLog);
8730 if ((! qfile_exist(scTemp)) && (! qfile_mkdir(scTemp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scTemp);
8731 tmp = xmprintf("%s/sessions", scCache);
8732 if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp);
8733 free(tmp);
8734 tmp = xmprintf("%s/users", scData);
8735 if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp);
8736 free(tmp);
8737 tmp = xmprintf("%s/db", scData);
8738 if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp);
8739 free(tmp);
8740
8741/* TODO - tighten up security.
8742Make sure correct permissions are set everywhere.
8743 sudo chown -R ${OS_USER}:${OS_USER} ${OS_PATH}
8744
8745Create the /opt/opensim-SC directory structure.
8746 AssetFiles/data Think OpenSim creates all the sub directories itself?
8747 AssetFiles/tmp/spool Think OpenSim creates all the sub directories itself?
8748 config/config.ini (move that etc/config.ini later)
8749. var/backups Copy examples/var/backups/*.IAR files, which are the newbie starter inventories.
8750. var/cache Think OpenSim creates all the sub directories itself?
8751. var/run HAS to be setup correctly BEFORE we try to start up tmux.
8752 web // Fill it with default web stuff from current -> example..
8753*/
8754 I("Securing directories and files in %s. This might take awhile.", scRoot);
8755 if (shellMeFail("chmod u=rw,go= %s/config/*.ini", scRoot)) C("Can't set proper permissions for %s/config*.ini", scRoot);
8756 if (shellMeFail("chmod u=rw,go= %s/config/ROBUST/*.ini", scRoot)) C("Can't set proper permissions for %s/config/ROBUST/*.ini", scRoot);
8757 if (shellMeFail("chmod u=rw,go= %s/.sledjChisl.conf.lua", scEtc)) C("Can't set proper permissions for %s/.sledjChisl.conf.lua", scEtc);
8758 if (shellMeFail("chmod ug+rw %s/config", scRoot)) C("Can't set proper permissions for %s/config", scRoot);
8759 if (shellMeFail("chmod g+s %s/config", scRoot)) C("Can't set proper permissions for %s/config", scRoot);
8760 if (shellMeFail("chmod u=rw,go= %s/config/*.ini", scRoot)) C("Can't set proper permissions for %s/config/*.ini", scRoot);
8761 if (shellMeFail("chmod u=rw,go= %s/config/ROBUST/*.ini", scRoot)) C("Can't set proper permissions for %s/configROBUST/*.ini", scRoot);
8762
8763 if (shellMeFail("chmod ug=rwx,o= %s/AssetFiles", scRoot)) C("Can't set proper permissions for %s/AssetFiles", scRoot);
8764 if (shellMeFail("chmod -fR ug=rw,o=,a+X %s", scBackup)) C("Can't set proper permissions for %s", scBackup);
8765 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scBin)) C("Can't set proper permissions for %s", scBin);
8766 if (shellMeFail("chmod -fR ug=rw,o=,a+X %s", scCache)) C("Can't set proper permissions for %s", scCache);
8767 if (shellMeFail("chmod ug=rwx,o= %s", scCache)) C("Can't set proper permissions for %s", scCache);
8768 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scData)) C("Can't set proper permissions for %s", scData);
8769 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scEtc)) C("Can't set proper permissions for %s", scEtc);
8770 if (shellMeFail("chmod u=rw,g=r,o= %s/.sledjChisl.conf.lua", scEtc)) C("Can't set proper permissions for %s/.sledjChisl.conf.lua", scEtc);
8771 if (shellMeFail("chmod g+s %s", scEtc)) C("Can't set proper permissions for %s", scEtc);
8772 if (shellMeFail("chmod a+x %s/*.shini", scEtc)) C("Can't set proper permissions for %s/*.shini", scEtc);
8773 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scLib)) C("Can't set proper permissions for %s", scLib);
8774 if (shellMeFail("chmod -fR u=rw,u+X,go= %s", scLog)) C("Can't set proper permissions for %s", scLog);
8775 if (shellMeFail("chmod -fR a=r,ug=rw,a+X %s", scTemp)) C("Can't set proper permissions for %s", scTemp);
8776
8777// if (shellMeFail("chmod -R a+x %s/current/*.sh", scRoot)) C("Can't set proper permissions for %s/current/*.sh", scRoot);
8778// if (shellMeFail("chmod -R a+x %s/current/scripts/*.sh", scRoot)) C("Can't set proper permissions for %s/current/scripts/*.sh", scRoot);
8779// if (shellMeFail("chmod -R a+x %s/current/scripts/install/*.sh", scRoot)) C("Can't set proper permissions for %s/current/scripts/install/*.sh", scRoot);
8780// if (shellMeFail("chmod a+x %s/current/scripts/show-console", scRoot)) C("Can't set proper permissions for %s/current/scripts/show-console", scRoot);
8781// if (shellMeFail("chmod a+x %s/current/scripts/start-sim", scRoot)) C("Can't set proper permissions for %s/current/scripts/start-sim", scRoot);
8782
8783 char *newPath = xmprintf("%s/current/bin/sledjchisl", scRoot);
8784 tmp = xmprintf("%s/sledjchisl", scBin);
8785 V("Symlinking %s to %s", newPath, tmp);
8786 if (qfile_exist(tmp))
8787 {
8788 if (shellMeFail("rm %s", tmp))
8789 E("rm command failed!");
8790 }
8791 if (0 != symlink(newPath, tmp))
8792 perror_msg("Symlinking %s to %s", newPath, tmp);
8793 free(tmp);
8794 free(newPath);
8795
8796 char *c = xmprintf("cd %s", scRoot); 8801 char *c = xmprintf("cd %s", scRoot);
8797 I("ROBUST is starting up."); 8802 I("ROBUST is starting up.");
8798 sendTmuxCmd("@0.%1", c); 8803 sendTmuxCmd("@0.%1", c);
generated by cgit v1.1 at 2025-01-23 18:50:07 +0000