Runtime.hs 6.23 KB
Newer Older
Iustin Pop's avatar
Iustin Pop committed
1
2
3
4
5
6
{-| Implementation of the runtime configuration details.

-}

{-

7
Copyright (C) 2011, 2012, 2013 Google Inc.
Iustin Pop's avatar
Iustin Pop committed
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301, USA.

-}

module Ganeti.Runtime
  ( GanetiDaemon(..)
  , MiscGroup(..)
  , GanetiGroup(..)
  , RuntimeEnts
  , daemonName
32
  , daemonOnlyOnMaster
Iustin Pop's avatar
Iustin Pop committed
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
  , daemonUser
  , daemonGroup
  , daemonLogFile
  , daemonPidFile
  , getEnts
  , verifyDaemonUser
  ) where

import Control.Exception
import Control.Monad
import qualified Data.Map as M
import System.Exit
import System.FilePath
import System.IO
import System.IO.Error
import System.Posix.Types
import System.Posix.User
import Text.Printf

import qualified Ganeti.Constants as C
53
import qualified Ganeti.Path as Path
Iustin Pop's avatar
Iustin Pop committed
54
55
56
57
58
59
import Ganeti.BasicTypes

data GanetiDaemon = GanetiMasterd
                  | GanetiNoded
                  | GanetiRapi
                  | GanetiConfd
60
                  | GanetiQueryd
61
                  | GanetiMond
Iustin Pop's avatar
Iustin Pop committed
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
                    deriving (Show, Enum, Bounded, Eq, Ord)

data MiscGroup = DaemonsGroup
               | AdminGroup
                 deriving (Show, Enum, Bounded, Eq, Ord)

data GanetiGroup = DaemonGroup GanetiDaemon
                 | ExtraGroup MiscGroup
                   deriving (Show, Eq, Ord)

type RuntimeEnts = (M.Map GanetiDaemon UserID, M.Map GanetiGroup GroupID)

-- | Returns the daemon name for a given daemon.
daemonName :: GanetiDaemon -> String
daemonName GanetiMasterd = C.masterd
daemonName GanetiNoded   = C.noded
daemonName GanetiRapi    = C.rapi
daemonName GanetiConfd   = C.confd
80
daemonName GanetiQueryd  = C.queryd
81
daemonName GanetiMond    = C.mond
Iustin Pop's avatar
Iustin Pop committed
82

83
84
85
86
87
88
89
90
91
-- | Returns whether the daemon only runs on the master node.
daemonOnlyOnMaster :: GanetiDaemon -> Bool
daemonOnlyOnMaster GanetiMasterd = True
daemonOnlyOnMaster GanetiNoded   = False
daemonOnlyOnMaster GanetiRapi    = False
daemonOnlyOnMaster GanetiConfd   = False
daemonOnlyOnMaster GanetiQueryd  = True
daemonOnlyOnMaster GanetiMond    = False

92
93
94
95
96
97
-- | Returns the log file base for a daemon.
daemonLogBase :: GanetiDaemon -> String
daemonLogBase GanetiMasterd = C.daemonsLogbaseGanetiMasterd
daemonLogBase GanetiNoded   = C.daemonsLogbaseGanetiNoded
daemonLogBase GanetiRapi    = C.daemonsLogbaseGanetiRapi
daemonLogBase GanetiConfd   = C.daemonsLogbaseGanetiConfd
98
daemonLogBase GanetiQueryd  = C.daemonsLogbaseGanetiQueryd
99
daemonLogBase GanetiMond    = C.daemonsLogbaseGanetiMond
100

Iustin Pop's avatar
Iustin Pop committed
101
102
103
104
105
106
-- | Returns the configured user name for a daemon.
daemonUser :: GanetiDaemon -> String
daemonUser GanetiMasterd = C.masterdUser
daemonUser GanetiNoded   = C.nodedUser
daemonUser GanetiRapi    = C.rapiUser
daemonUser GanetiConfd   = C.confdUser
107
daemonUser GanetiQueryd  = C.querydUser
108
daemonUser GanetiMond    = C.mondUser
Iustin Pop's avatar
Iustin Pop committed
109
110
111
112
113
114
115

-- | Returns the configured group for a daemon.
daemonGroup :: GanetiGroup -> String
daemonGroup (DaemonGroup GanetiMasterd) = C.masterdGroup
daemonGroup (DaemonGroup GanetiNoded)   = C.nodedGroup
daemonGroup (DaemonGroup GanetiRapi)    = C.rapiGroup
daemonGroup (DaemonGroup GanetiConfd)   = C.confdGroup
116
daemonGroup (DaemonGroup GanetiQueryd)  = C.querydGroup
117
daemonGroup (DaemonGroup GanetiMond)    = C.mondGroup
Iustin Pop's avatar
Iustin Pop committed
118
119
120
121
daemonGroup (ExtraGroup  DaemonsGroup)  = C.daemonsGroup
daemonGroup (ExtraGroup  AdminGroup)    = C.adminGroup

-- | Returns the log file for a daemon.
Iustin Pop's avatar
Iustin Pop committed
122
123
124
daemonLogFile :: GanetiDaemon -> IO FilePath
daemonLogFile daemon = do
  logDir <- Path.logDir
125
  return $ logDir </> daemonLogBase daemon <.> "log"
Iustin Pop's avatar
Iustin Pop committed
126
127

-- | Returns the pid file name for a daemon.
Iustin Pop's avatar
Iustin Pop committed
128
129
130
131
daemonPidFile :: GanetiDaemon -> IO FilePath
daemonPidFile daemon = do
  runDir <- Path.runDir
  return $ runDir </> daemonName daemon <.> "pid"
Iustin Pop's avatar
Iustin Pop committed
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185

-- | All groups list. A bit hacking, as we can't enforce it's complete
-- at compile time.
allGroups :: [GanetiGroup]
allGroups = map DaemonGroup [minBound..maxBound] ++
            map ExtraGroup  [minBound..maxBound]

ignoreDoesNotExistErrors :: IO a -> IO (Result a)
ignoreDoesNotExistErrors value = do
  result <- tryJust (\e -> if isDoesNotExistError e
                             then Just (show e)
                             else Nothing) value
  return $ eitherToResult result

-- | Computes the group/user maps.
getEnts :: IO (Result RuntimeEnts)
getEnts = do
  users <- mapM (\daemon -> do
                   entry <- ignoreDoesNotExistErrors .
                            getUserEntryForName .
                            daemonUser $ daemon
                   return (entry >>= \e -> return (daemon, userID e))
                ) [minBound..maxBound]
  groups <- mapM (\group -> do
                    entry <- ignoreDoesNotExistErrors .
                             getGroupEntryForName .
                             daemonGroup $ group
                    return (entry >>= \e -> return (group, groupID e))
                 ) allGroups
  return $ do -- 'Result' monad
    users'  <- sequence users
    groups' <- sequence groups
    let usermap = M.fromList users'
        groupmap = M.fromList groups'
    return (usermap, groupmap)


-- | Checks whether a daemon runs as the right user.
verifyDaemonUser :: GanetiDaemon -> RuntimeEnts -> IO ()
verifyDaemonUser daemon ents = do
  myuid <- getEffectiveUserID
  -- note: we use directly ! as lookup failues shouldn't happen, due
  -- to the above map construction
  checkUidMatch (daemonName daemon) ((M.!) (fst ents) daemon) myuid

-- | Check that two UIDs are matching or otherwise exit.
checkUidMatch :: String -> UserID -> UserID -> IO ()
checkUidMatch name expected actual =
  when (expected /= actual) $ do
    hPrintf stderr "%s started using wrong user ID (%d), \
                   \expected %d\n" name
              (fromIntegral actual::Int)
              (fromIntegral expected::Int) :: IO ()
    exitWith $ ExitFailure C.exitFailure