github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 10:20:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
131 Commits 2 Branches 3 Tags
4dcdaf2cb97e833524cf630f5a707d8d2a9e8406
Commit Graph

131 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ken Moore
4dcdaf2cb9 Merge pull request #4 from ldemouy/master 
Create a UserManager for sysadm
 2016-01-14 10:14:09 -05:00
Luke De Mouy
66c878697c Add Default Constructors to users and groups, and change Users to 
Members in the Group class.
 2016-01-13 20:38:42 -07:00
Luke De Mouy
b099e477ee various fixes to make things work and a few style changes, namely 
General::ExecuteCommand cannot execute a command with a space in it so
it has to be added as an arg, and switched from .append to <<
 2016-01-13 19:49:05 -07:00
Luke De Mouy
dbe7a84c3e Simply password changing code so that it doesn't repeat itself between 
being and not being in a chroot
 2016-01-13 18:04:14 -07:00
Luke De Mouy
b2368aadd4 Document all of the member functions in the header 2016-01-13 17:52:09 -07:00
Luke De Mouy
3d16bc3456 simplify the process for creating a new user and switch all system calls 
over to using General::RunCommand();
 2016-01-13 17:35:22 -07:00
Luke De Mouy
942d158db3 Document the functionality to create a new user and transfer it over to 
using sysadm-general, this commit is done in preparation for simplifying
things from the following:

create zfs dataset -> create group associated with user -> manually
create the home directory -> Create the user, passing in the flags that
would have otherwise created the home directory normally, and sets the
groupID to that of the group we created before (which it should
automatically do if we don't specify a group) -> set the user password -
> enable flash -> chown the home folder over to the user

to:
create zfs dataset -> create the user using appropriate flags -> set user
password -> enable flash
 2016-01-13 16:05:31 -07:00
dlavigne
f570e39d04 Doc query. 2016-01-13 14:51:20 -05:00
Ken Moore
ec7f25d804 Add a new API call: namespace=rpc, name=query 
This will probe all the known subsystems and return which ones are currently available and what level of access the user has (read/write).

REST Request:
-------------------------------
PUT /rpc/query
{
   "junk" : "junk"
}

REST Response:
-------------------------------
{
    "args": {
        "rpc/dispatcher": "read/write",
        "rpc/syscache": "read",
        "sysadm/lifepreserver": "read/write",
        "sysadm/network": "read/write"
    }
}

WebSocket Request:
-------------------------------
{
   "id" : "fooid",
   "name" : "query",
   "namespace" : "rpc",
   "args" : {
      "junk" : "junk"
   }
}

WebSocket Response:
-------------------------------
{
  "args": {
    "rpc/dispatcher": "read/write",
    "rpc/syscache": "read",
    "sysadm/lifepreserver": "read/write",
    "sysadm/network": "read/write"
  },
  "id": "fooid",
  "name": "response",
  "namespace": "rpc"
}
 2016-01-13 14:21:45 -05:00
Ken Moore
2020eb2e64 Merge branch 'master' of github.com:pcbsd/sysadm 2016-01-13 13:17:18 -05:00
Ken Moore
d93b0a5ba7 Add a new auth subsystem to teh backend of the server. 
Now the user's who login are divided up into "Full Access" users or not. This allows for additional restrictions in the backend subsystems to restrict certain types of operations to only the "full access" (root-permissioned) users.
The users are divided up like this:
1) The user must be in either the "wheel" or "operator" groups to get any access whatsoever (restricting automated services from connecting).
2) If the user is in the "wheel" group, they get full access to the server's capabilities
3) If the user is in the "operator" group instead, then they only get limited access to the server's capabilities.

While here, also allow password-less logins to the server if the client is connecting to a server on the same system (local access). User restrictions still apply.
 2016-01-13 13:12:10 -05:00
dlavigne
9f2dfc91a9 Doc addreplication action. 2016-01-13 10:01:41 -05:00
Luke De Mouy
30c71db6ae Create the UserManager class, and pull in the functionality from the old 
usermanager backend. Brings in the following functionality:
*Create/Delete User
*Create/Delete Group
*Add/Remove User from Group
*Change a Users Password/Shell/Full Name
*Get the list of Users, Groups, and Shells
 2016-01-12 19:39:41 -07:00
Kris Moore
5bb6fb7d33 Add new API call for creating a replication task in Life-Preserver 
host = <Remote hostname/ip>
port = <SSH port>
password = <Your SSH password>
dataset = <Local Dataset to replicate>
remotedataset = <Target location for remote dataset>
frequency = <time> XX/sync/hour/30min/10min/manual
            XX= Time to perform replication (in 24 hour notation)
          sync= Do replication with snaps (Not recommended for frequent snaps)
          hour= Replicate hourly
         30min= Replicate every 30 minutes
         10min= Replicate every 10 minutes
        manual= Only replicate when requested by user

REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "action" : "addreplication",
   "password" : "mypass",
   "dataset" : "tank1",
   "remotedataset" : "tank/backups",
   "user" : "backupuser",
   "frequency" : "22",
   "port" : "22",
   "host" : "192.168.0.10"
}

REST Response:
-------------------------------
{
    "args": {
        "addreplication": {
            "frequency": "22",
            "host": "192.168.0.10",
            "ldataset": "tank1",
            "port": "22",
            "rdataset": "tank/backups",
            "user": "backupuser"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "namespace" : "sysadm",
   "name" : "lifepreserver",
   "args" : {
      "action" : "addreplication",
      "user" : "backupuser",
      "dataset" : "tank1",
      "frequency" : "22",
      "port" : "22",
      "password" : "mypass",
      "host" : "192.168.0.10",
      "remotedataset" : "tank/backups"
   },
   "id" : "fooid"
}

WebSocket Response:
-------------------------------
{
  "args": {
    "addreplication": {
      "frequency": "22",
      "host": "192.168.0.10",
      "ldataset": "tank1",
      "port": "22",
      "rdataset": "tank/backups",
      "user": "backupuser"
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-12 16:53:46 -05:00
dlavigne
5d834fabbd Doc savesettings action. 2016-01-12 14:57:45 -05:00
Kris Moore
ce4993e825 Merge branch 'master' of https://github.com/pcbsd/sysadm 2016-01-12 14:41:19 -05:00
Kris Moore
4158f4589c Add new API call to save system-wide settings for life-preserver 
duwarn = XX (Percentage, 1-99)
email = Email address to send notifications to
emailopts = ALL/WARN/ERROR (All mail, warnings + errors, or errors only)
recursive = true/false (Do recursive operations on all ZFS snap)

REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "emailopts" : "ALL",
   "duwarn" : "70",
   "recursive" : "true",
   "action" : "savesettings",
   "email" : "kris@example.org"
}

REST Response:
-------------------------------
{
    "args": {
        "savesettings": {
            "duwarn": "70",
            "email": "kris@example.org",
            "emailopts": "ALL",
            "recursive": "true"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "args" : {
      "emailopts" : "ALL",
      "action" : "savesettings",
      "duwarn" : "70",
      "recursive" : "true",
      "email" : "kris@example.org"
   },
   "id" : "fooid",
   "namespace" : "sysadm",
   "name" : "lifepreserver"
}

WebSocket Response:
-------------------------------
{
  "args": {
    "savesettings": {
      "duwarn": "70",
      "email": "kris@example.org",
      "emailopts": "ALL",
      "recursive": "true"
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-12 14:39:10 -05:00
dlavigne
87196e7053 Doc removesnap action. 2016-01-12 14:17:24 -05:00
dlavigne
ddf29f2148 Document revertsnap action. 2016-01-12 14:10:11 -05:00
Kris Moore
399bfb3814 Add new API call to remove ZFS snapshots from a dataset / pool 
REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "dataset" : "tank1/usr/jails",
   "snap" : "auto-2016-01-09-18-00-00",
   "action" : "removesnap"
}

REST Response:
-------------------------------
{
    "args": {
        "removesnap": {
            "dataset": "tank1/usr/jails",
            "snap": "auto-2016-01-09-18-00-00"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "args" : {
      "snap" : "auto-2016-01-09-18-00-00",
      "action" : "removesnap",
      "dataset" : "tank1/usr/jails"
   },
   "name" : "lifepreserver",
   "namespace" : "sysadm",
   "id" : "fooid"
}

WebSocket Response:
-------------------------------
{
  "args": {
     "removesnap": {
        "dataset": "tank1/usr/jails",
        "snap": "auto-2016-01-09-18-00-00"
     }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-12 13:51:24 -05:00
Kris Moore
1b55d09365 Merge branch 'master' of https://github.com/pcbsd/sysadm 2016-01-12 13:37:09 -05:00
Kris Moore
c506bcccb5 Add new API call for reverting a dataset back to a 
specific snapshot

REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "snap" : "auto-2016-01-09-18-00-00",
   "dataset" : "tank1/usr/jails",
   "action" : "revertsnap"
}

REST Response:
-------------------------------
{
    "args": {
        "revertsnap": {
            "dataset": "tank1/usr/jails",
            "snap": "auto-2016-01-09-18-00-00"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "args" : {
      "dataset" : "tank1/usr/jails",
      "action" : "revertsnap",
      "snap" : "auto-2016-01-09-18-00-00"
   },
   "namespace" : "sysadm",
   "name" : "lifepreserver",
   "id" : "fooid"
}

WebSocket Response:
-------------------------------
{
  "args": {
    "revertsnap": {
      "dataset": "tank1/usr/jails",
      "snap": "auto-2016-01-09-18-00-00"
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-12 13:36:42 -05:00
dlavigne
dfbfb3afb1 Update listcron example to include scrubs. 2016-01-12 13:28:15 -05:00
dlavigne
bb88295d44 Document cronscrub action. 2016-01-12 13:17:48 -05:00
Kris Moore
f659ce2fb1 Merge pull request #3 from ldemouy/master 
Move system() calls over to their equivalents from sysadm-general.
 2016-01-12 13:14:20 -05:00
Kris Moore
c37a2d67fa Merge branch 'master' of https://github.com/pcbsd/sysadm 2016-01-12 13:05:13 -05:00
Kris Moore
8f4deefda2 This is a change to the "listcron" API call, specifically it 
adds the "scrub":"<value>" data, so if a scrub is scheduled for
a pool, it will be listed alongside the snap schedule, or on
its own if no snapshots are scheduled

REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "action" : "listcron"
}

REST Response:
-------------------------------
{
    "args": {
        "listcron": {
            "tank1": {
                "keep": "3",
                "schedule": "daily@18",
                "scrub": "daily@22"
            }
        }
    }
}

WebSocket Request:
-------------------------------
{
   "name" : "lifepreserver",
   "id" : "fooid",
   "namespace" : "sysadm",
   "args" : {
      "action" : "listcron"
   }
}

WebSocket Response:
-------------------------------
{
  "args": {
    "listcron": {
      "tank1": {
        "keep": "3",
        "schedule": "daily@18",
        "scrub": "daily@22"
      }
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-12 13:03:51 -05:00
Luke De Mouy
de6e1b41de Move system() calls over to their equivalents from sysadm-general. 
Note: It would probably be a good idea for sysadm-general to have an API
for changing rc.conf
 2016-01-12 10:48:00 -07:00
dlavigne
97c0c1912d Format cronsnap parameters as a table. 2016-01-12 12:44:38 -05:00
Kris Moore
cbf3ce8b8b Add new API call to schedule a cron scrub 
Frequency Options: none, daily@XX, weekly@YY@XX, monthly@ZZ@XX
XX = Hour to execute, YY = Day of week to execute, ZZ = Day of month

REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "action" : "cronscrub",
   "pool" : "tank",
   "frequency" : "daily@22"
}

REST Response:
-------------------------------
{
    "args": {
        "cronscrub": {
            "frequency": "daily@22",
            "pool": "tank"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "args" : {
      "action" : "cronscrub",
      "pool" : "tank",
      "frequency" : "daily@22"
   },
   "namespace" : "sysadm",
   "name" : "lifepreserver",
   "id" : "fooid"
}

WebSocket Response:
-------------------------------
{
  "args": {
    "cronscrub": {
      "frequency": "daily@22",
      "pool": "tank"
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-12 12:12:19 -05:00
Ken Moore
a892e539f2 Merge pull request #2 from ldemouy/master 
Add Functionality from pc-fwmanager into sysadm-firewall
 2016-01-12 09:17:37 -05:00
Luke De Mouy
58db613ab7 Refactor to use Range Based For Loops since C++11 is enabled, also add 
in LoadOpenPorts to the function to reset to the default config, so that
we have the correct set of open ports.
 2016-01-12 02:58:35 -07:00
Luke De Mouy
43a4274565 Add in the ability to close or open multiple ports at once, by passing 
in a QVector<PortInfo> to the OpenPort and ClosePort functions,
 2016-01-12 02:37:07 -07:00
Luke De Mouy
aec5ce9aeb Move the #include<tuple> to where it should be in the header file as 
opposed to the cpp
 2016-01-12 02:26:06 -07:00
Luke De Mouy
4645d2fa20 rename PortType to Type, and simply the argument names from functions 
from portType and portNumber to type and number respectively
 2016-01-11 19:38:42 -07:00
Luke De Mouy
20ee1eaf62 Switch openports from being a nonintuitive string to using our PortInfo 
struct and add comments to the /etc/ipfw.openports file when we write to
it.

Enable C++11 in the library.pro file as it's required for std::sort and
std::tie, since qSort is deprecated as of Qt 5.3
 2016-01-11 19:28:02 -07:00
Luke De Mouy
17d2c131b5 Add in the option to restore the default configuration 2016-01-11 15:02:07 -07:00
Luke De Mouy
21f5cf6265 Add license header on firewall cpp file 2016-01-11 14:29:42 -07:00
Luke De Mouy
38ff401f11 Copy the functionality from the original utility into the Firewall 
class, in particular adds in the following functionality:
Start, Stop, and Restart the firewall, and see if it's running
Open or Close a port, and get a list of the ports that are currently
open.

UI code was removed, and functions were modified as appropriate.
 2016-01-11 14:17:02 -07:00
Ken Moore
35c090da89 Merge pull request #1 from ldemouy/master 
Adds in the LookUpPort function call as well as the basic framework for a new sysadm-firewall management class.
 2016-01-11 14:27:45 -05:00
Luke De Mouy
a326c3f811 renamed PortLookUp to firewall, and the files to sysadm-firewall 2016-01-11 12:22:54 -07:00
dlavigne
4595487578 Doc 3 more API actions. 2016-01-11 11:11:11 -05:00
Luke De Mouy
fb508a8352 Move PortInfo struct out of PortLookUp class, and fiddled with the regex 
to make it actually work based on testing. The filter operation now will
pickup things like 522/tcp in the QStringList if you're searching for
22/tcp, but testing seems to indicate that just taking the first one in
the list works for getting what we want.
 2016-01-09 13:00:23 -07:00
Kris Moore
4c562a85b2 Add a new API call to create snapshot schedules for LifePreserver 
REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "pool" : "mytank",
   "keep" : "10",
   "frequency" : "daily@11",
   "action" : "cronsnap"
}

REST Response:
-------------------------------
{
    "args": {
        "cronsnap": {
            "frequency": "daily@11",
            "keep": "10",
            "pool": "mytank"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "args" : {
      "action" : "cronsnap",
      "keep" : "10",
      "frequency" : "daily@11",
      "pool" : "mytank"
   },
   "namespace" : "sysadm",
   "name" : "lifepreserver",
   "id" : "fooid"
}

WebSocket Response:
-------------------------------
{
  "args": {
    "cronsnap": {
      "frequency": "daily@11",
      "keep": "10",
      "pool": "mytank"
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-08 15:52:09 -05:00
Kris Moore
9160af8912 Add a new API call for sysadm/lifepserver which returns the system-wide 
settings of the utility

REST Request:
-------------------------------
PUT /sysadm/lifepreserver
{
   "action" : "settings"
}

REST Response:
-------------------------------
{
    "args": {
        "settings": {
            "diskwarn": "85%",
            "email": "WARN",
            "emailaddress": "krismoore134@gmail.com",
            "recursive": "ON"
        }
    }
}

WebSocket Request:
-------------------------------
{
   "id" : "fooid",
   "args" : {
      "action" : "settings"
   },
   "namespace" : "sysadm",
   "name" : "lifepreserver"
}

WebSocket Response:
-------------------------------
{
  "args": {
    "settings": {
      "diskwarn": "85%",
      "email": "WARN",
      "emailaddress": "krismoore134@gmail.com",
      "recursive": "ON"
    }
  },
  "id": "fooid",
  "name": "response",
  "namespace": "sysadm"
}
 2016-01-08 14:47:55 -05:00
Kris Moore
adf6fe6ab7 Accept self-signed certs for wss 2016-01-08 14:16:35 -05:00
Ken Moore
eee477167b Fix the cert/key paths used for the websocket server. 2016-01-08 14:12:22 -05:00
Ken Moore
e119e6f25a Merge branch 'master' of github.com:pcbsd/sysadm 2016-01-08 14:02:20 -05:00
Ken Moore
262ddb637d Commit some more work on on updating the websocket server to use wss. 2016-01-08 14:01:49 -05:00
Kris Moore
c90c47adf6 Add wss to api-test script 2016-01-08 13:54:01 -05:00