root/alternc/trunk/tools/get_domains_by_account

Revision 2117, 3.4 kB (checked in by anarcat, 9 months ago)

Major redesign of the MySQL backend interface to fix a security issue.
See: #318.

As of now, the MySQL configuration used everywhere by AlternC is not
stored in the main configuration file (/etc/alternc/local.sh) but in a
MySQL configuration file in /etc/alternc/my.cnf, which enables us to
call mysql without exposing the password on the commandline.

The changes here are quite invasive but will allow us to factor out
the MySQL configuration better. See #364.

This includes a partial rewrite of the mysql.sh logic, which is now ran
from the postinst script (and not alternc.install) which will allow us
to actually change the MySQL root user properly. See #601.

This commit was tested like this:

  • clean install on etch (working)
  • upgrade from a clean 0.9.7 (working)
  • Property svn:executable set to *
Line 
1 #!/bin/ksh
2 #
3 # $Id: get_domains_by_account 22 2005-04-11 17:21:15Z jerome $
4 # ----------------------------------------------------------------------
5 # AlternC - Web Hosting System
6 # Copyright (C) 2002 by the AlternC Development Team.
7 # http://alternc.org
8 # ----------------------------------------------------------------------
9 # Based on:
10 # Valentin Lacambre's web hosting softwares: http://altern.org/
11 # ----------------------------------------------------------------------
12 # LICENSE
13 #
14 # This program is free software; you can redistribute it and/or
15 # modify it under the terms of the GNU General Public License (GPL)
16 # as published by the Free Software Foundation; either version 2
17 # of the License, or (at your option) any later version.
18 #
19 # This program is distributed in the hope that it will be useful,
20 # but WITHOUT ANY WARRANTY; without even the implied warranty of
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
22 # GNU General Public License for more details.
23 #
24 # To read the license please visit http://www.gnu.org/copyleft/gpl.html
25 # ----------------------------------------------------------------------
26 # Original Author of file: Jerome Moinet
27 # Purpose of file: gives domains and sub-domains attached to an account
28 # ----------------------------------------------------------------------
29 #
30 PATH=""
31 PROG_NAME=get_domains_by_account
32 PROG_VERSION=0.1.0
33 ALTERNC_ETC=/etc/alternc
34 ALTERNC_CONF_FILE=$ALTERNC_ETC/local.sh
35 export TEXTDOMAIN=alternc-admintools
36
37
38 # Be sure to use the right programs on Debian
39 # and be sure they are there
40 id=/usr/bin/id
41 mysql=/usr/bin/mysql
42 gettext=/usr/bin/gettext
43 printf=/usr/bin/printf
44
45 # Must have gettext first to display error messages
46 [ -x "$gettext" ] || { echo "Cannot execute $gettext"; exit 1 ; }
47
48 for i in $id $mysql $printf
49 do
50   ! [ -x "$i" ] && { echo "$($gettext "Unable to execute") ${i}."; exit 1 ; }
51 done
52
53 # Language-dependent messages
54 # Uses gettext and mo files.
55 # Don't change these messages, change the .po file instead.
56 HELP=$($gettext "Gives domains and sub-domains attached to an account.")
57 USAGE=`$printf "$($gettext "Usage: %s account.")" $PROG_NAME`
58 NOT_FOUND_MSG=$($gettext "does not exist.")
59 NON_ROOT_MSG=$($gettext "You have to be root (uid 0) to execute this program.")
60 MISSING_PROG=$($gettext "Unable to execute")
61 MISSING_CONF_FILE=`$printf "$($gettext "Can't find %s. Are you sure AlterncC is properly installed?")" $ALTERNC_CONF_FILE`
62 MYSQL_UNREACHABLE_DATABASE=`$printf "$($gettext "Cannot access accounts database. Please check either %s or Mysql state.")" $ALTERNC_CONF_FILE`
63
64
65 #-------------------------
66 # Main
67 #-------------------------
68 # Must be root
69 [ "`$id -u`" != "0" ] && { echo $NON_ROOT_MSG ; exit 1 ; }
70 # Must have minimum 1 parameter
71 [ -z "$1" ] && { echo $USAGE ; exit 1 ; }
72 # Handle -h and --help flags
73 [ "$1" = "-h" ] || [ "$1" = "--help" ] && { echo $HELP ; echo $USAGE ; exit 0 ; }
74 # Have to get AlternC conf file :
75 ! [ -f "$ALTERNC_CONF_FILE" ] && { echo $MISSING_CONF_FILE ; exit 1 ; } || . $ALTERNC_CONF_FILE
76 # Must have access to mysql to retreive accounts owning domains :
77 mysql="$mysql --defaults-file=/etc/alternc/my.cnf -B -N -e"
78 $mysql "select count(*) from domaines_standby;" > /dev/null 2>&1
79 [ "$?" != 0 ] && { echo "$MYSQL_UNREACHABLE_DATABASE" ; exit 1 ; }
80
81 # Does the stuff
82 $mysql "select concat(a.sub, if(a.sub=\"\",\"\", \".\"), a.domaine) from sub_domaines a, membres b where a.compte = b.uid and b.login = \"${1}\";"
83
84
Note: See TracBrowser for help on using the browser.