ExternalVendorCode/conserver
1
0
Fork 0
mirror of https://github.com/bstansell/conserver.git synced 2025-01-18 02:29:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Imported from conserver-8.1.12.tar.gz

Browse Source
This commit is contained in:
Bryan Stansell 2005-09-05 16:15:33 -07:00
parent 892f52dbd4
commit 3cec1dde71
37 changed files with 1274 additions and 551 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
CHANGES
View File

@ -1,6 +1,31 @@
CHANGES
=======
version 8.1.12 (Sep 5, 2005):
- printf() fix for autologin - patch by Menno Duursma
<druiloor@zonnet.nl>
- newly spawned (from SIGHUP) processes didn't properly close
primary socket
- SSL certificates now work again (anonymous ciphers are not
allowed if a certificate is used)
- client options -x, -u, -w, and -i can now take a console name
to restrict output - suggested by Evan McClure
<emcclure@internap.com>
- convert program now installed in $libdir/conserver - patch by
Petter Reinholdtsen <pere@hungry.com>
- we now ignore SIGXFSZ, if it exists
- added 'limited' access option to remove certain functionality
from users - suggested by Sven Michels <sven@darkman.de>
- added client option -z/-Z for sending commands to servers
(reload, quit, etc) - based on suggestion by Joshua Pincus
<Joshua.Pincus@Sun.COM>
- added 'execrunas' and 'initrunas' console options to allow
'exec' and 'initcmd' execution as another user and/or group -
based on patch by Gary Mills <mills@cc.umanitoba.ca>
- the east coast mirror had to shut down (for now, at least)
- crash from bad pointer manipulation during log replay - reported by
Ryan Kirkpatrick <linux@rkirkpat.net>
version 8.1.11 (Nov 9, 2004):
- fixed array bounds and stack tromping - reported by Emmett
Hogan <hogan@bigcityit.com>
@ -788,5 +813,5 @@ before version 6.05:
and enhancements of various types were applied.
#
# $Id: CHANGES,v 1.196 2004/11/09 09:01:41 bryan Exp $
# $Id: CHANGES,v 1.210 2005/09/05 23:15:27 bryan Exp $
#

10
INSTALL
View File

@ -228,10 +228,10 @@ Detailed Instructions
step.
+ Next, make sure conserver runs during boot. The init script we
use under Solaris is installed in <PREFIX>/etc/conserver.rc.
Use that or some form of it for your own /etc/init.d script or
an entry in startup files (/etc/rc, /etc/rc.local, or
whatever).
use under Solaris is installed in
<DATADIR>/examples/conserver/conserver.rc. Use that or some
form of it for your own /etc/init.d script or an entry in
startup files (/etc/rc, /etc/rc.local, or whatever).
+ Now for the fun stuff. You need to create a conserver.cf and
conserver.passwd file. Those are defined with the
@ -278,5 +278,5 @@ Other Information And Gotchas
#
# $Id: INSTALL,v 1.38 2004/04/13 18:11:58 bryan Exp $
# $Id: INSTALL,v 1.39 2005/05/21 13:47:16 bryan Exp $
#

32
PROTOCOL
View File

@ -106,10 +106,13 @@ Upon successful login, the commands available are:
groups provide ports for group leaders
help this help message
master provide a list of master servers
newlogs* close and open all logfiles (SIGUSR2)
pid provide pid of master process
quit* terminate conserver (SIGTERM)
restart* restart conserver (SIGHUP)
restart* restart conserver (SIGHUP) - deprecated
reconfig* reread config file (SIGHUP)
version provide version info for server
up* bring up all downed consoles (SIGUSR1)
* = requires admin privileges
"exit" and "help" are the same as before the client logged login.
@ -130,23 +133,36 @@ names. The list includes any hosts (including the possibility of the
local host) which have locally managed consoles. The client is not
disconnected.
The "newlogs" command reopens all logfiles used by conserver, assuming
the user has administrative access. It responds with a message starting
with "ok" if successful and an error message otherwise (like
"unauthorized command"). The client is disconnected if it's successful.
The "pid" command responds with the pid of the master process (in this
case, the one the client is talking to). The client is not
disconnected.
The "quit" command will shut down conserver, assuming the user has
administrative access. It responds with a message starting with "ok" if
successful, and an error message otherwise (like "unauthorized
command"). The client is disconnected if it's successful.
successful and an error message otherwise (like "unauthorized command").
The client is disconnected if it's successful.
The "restart" command will shut down conserver, assuming the user has
administrative access. It responds with a message starting with "ok" if
successful, and an error message otherwise (like "unauthorized
command"). The client is not disconnected.
The "restart" command has been deprecated. You should use "reconfig".
The "reconfig" command will cause conserver to reread the configuration
file and apply any changes, assuming the user has administrative access.
It responds with a message starting with "ok" if successful and an error
message otherwise (like "unauthorized command"). The client is not
disconnected.
The "version" command responds with the version string. The client is
not disconnected.
The "up" command tries to "bring up" all disconnected consoles, assuming
the user has administrative access. It responds with a message starting
with "ok" if successful and an error message otherwise (like
"unauthorized command"). The client is disconnected if it's successful.
"group" Mode
------------
@ -286,5 +302,5 @@ The more "interesting" escape sequences are the following.
" -- spy mode]"
#
# $Id: PROTOCOL,v 1.1 2004/04/16 16:50:55 bryan Exp $
# $Id: PROTOCOL,v 1.2 2005/09/05 21:54:03 bryan Exp $
#

4
README
View File

@ -21,7 +21,7 @@ Downloading
Mirrors of the site are at:
Australia http://planetmirror.com/pub/conserver/
US-East http://conserver.syr.edu/
Russia http://conserver.rinet.ru/
Systems Tested
@ -61,5 +61,5 @@ Contributions
http://www.columbia.edu/acis/sy/unixdev/zinc
#
# $Id: README,v 1.23 2004/05/27 23:39:29 bryan Exp $
# $Id: README,v 1.24 2005/09/05 21:46:43 bryan Exp $
#

11
TODO
View File

@ -95,13 +95,20 @@ Bryan Stansell
Sjolund <erik.sjolund@sbc.su.se>
- netgroup support? : Nikolaos Papavassiliou
<Nikolaos.Papavassiliou@reuters.com>
<Nikolaos.Papavassiliou@reuters.com> and Phil Dibowitz <phil@usc.edu>
- send sequences to console on client connect? (to repaint screen,
for example) : John Cagle <jcagle@gmail.com>
- uucp locks : Sebastian Zagrodzki <sebek@heron.net.icm.edu.pl>
- support more than 9 break sequences : Danish Mirza <Danish@lehman.com>
thought it was easy, but adding more than could break things with
current encoding. doable, will have to think harder about it.
- reintroduce console grouping : Martin Turba
<martin.turba@igd.fraunhofer.de>
#
# $Id: TODO,v 1.52 2004/11/06 01:03:36 bryan Exp $
# $Id: TODO,v 1.55 2005/06/06 23:02:36 bryan Exp $
#

4
autologin/autologin.c
View File

@ -69,7 +69,7 @@
*/
#ifndef lint
char *rcsid = "$Id: autologin.c,v 1.23 2002/09/21 06:29:39 bryan Exp $";
char *rcsid = "$Id: autologin.c,v 1.24 2004/12/12 07:36:07 bryan Exp $";
#endif /* not lint */
extern char *progname;
gid_t awGrps[NGROUPS_MAX];
@ -126,7 +126,7 @@ Process()
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
(void) fprintf(stderr, "%s: gethostname: %s\n", strerror(errno));
(void) fprintf(stderr, "%s: gethostname: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}

536
config.guess vendored
View File

File diff suppressed because it is too large Load Diff

6
config.h.in
View File

@ -355,6 +355,9 @@
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to `int' if <sys/types.h> doesn't define. */
#undef gid_t
/* Define to `int' if <sys/types.h> does not define. */
#undef mode_t
@ -366,3 +369,6 @@
/* Define to `unsigned' if <sys/types.h> does not define. */
#undef size_t
/* Define to `int' if <sys/types.h> doesn't define. */
#undef uid_t

84
config.sub vendored
View File

@ -1,9 +1,9 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
timestamp='2004-08-29'
timestamp='2005-07-08'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@ -21,14 +21,15 @@ timestamp='2004-08-29'
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
# 02110-1301, USA.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Please send patches to <config-patches@gnu.org>. Submit a context
# diff and a properly formatted ChangeLog entry.
#
@ -70,7 +71,7 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
@ -83,11 +84,11 @@ Try \`$me --help' for more information."
while test $# -gt 0 ; do
case $1 in
--time-stamp | --time* | -t )
echo "$timestamp" ; exit 0 ;;
echo "$timestamp" ; exit ;;
--version | -v )
echo "$version" ; exit 0 ;;
echo "$version" ; exit ;;
--help | --h* | -h )
echo "$usage"; exit 0 ;;
echo "$usage"; exit ;;
-- ) # Stop option processing
shift; break ;;
- ) # Use stdin as input.
@ -99,7 +100,7 @@ while test $# -gt 0 ; do
*local*)
# First pass through any local machine types.
echo $1
exit 0;;
exit ;;
* )
break ;;
@ -231,13 +232,14 @@ case $basic_machine in
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| am33_2.0 \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
| bfin \
| c4x | clipper \
| d10v | d30v | dlx | dsp16xx \
| fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
| m32r | m32rle | m68000 | m68k | m88k | mcore \
| m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
@ -246,6 +248,7 @@ case $basic_machine in
| mips64vr4100 | mips64vr4100el \
| mips64vr4300 | mips64vr4300el \
| mips64vr5000 | mips64vr5000el \
| mips64vr5900 | mips64vr5900el \
| mipsisa32 | mipsisa32el \
| mipsisa32r2 | mipsisa32r2el \
| mipsisa64 | mipsisa64el \
@ -254,23 +257,28 @@ case $basic_machine in
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
| ms1 \
| msp430 \
| ns16k | ns32k \
| openrisc | or32 \
| or32 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
| sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
| sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b \
| strongarm \
| tahoe | thumb | tic4x | tic80 | tron \
| v850 | v850e \
| we32k \
| x86 | xscale | xstormy16 | xtensa \
| x86 | xscale | xscalee[bl] | xstormy16 | xtensa \
| z8k)
basic_machine=$basic_machine-unknown
;;
m32c)
basic_machine=$basic_machine-unknown
;;
m6811 | m68hc11 | m6812 | m68hc12)
# Motorola 68HC11/12.
basic_machine=$basic_machine-unknown
@ -298,7 +306,7 @@ case $basic_machine in
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* \
| bs2000-* \
| bfin-* | bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
| clipper-* | craynv-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
@ -310,7 +318,7 @@ case $basic_machine in
| ip2k-* | iq2000-* \
| m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | mcore-* \
| m88110-* | m88k-* | maxq-* | mcore-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
@ -319,6 +327,7 @@ case $basic_machine in
| mips64vr4100-* | mips64vr4100el-* \
| mips64vr4300-* | mips64vr4300el-* \
| mips64vr5000-* | mips64vr5000el-* \
| mips64vr5900-* | mips64vr5900el-* \
| mipsisa32-* | mipsisa32el-* \
| mipsisa32r2-* | mipsisa32r2el-* \
| mipsisa64-* | mipsisa64el-* \
@ -327,6 +336,7 @@ case $basic_machine in
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
| mipstx39-* | mipstx39el-* \
| mmix-* \
| ms1-* \
| msp430-* \
| none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
@ -334,20 +344,23 @@ case $basic_machine in
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
| sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
| sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
| x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
| xtensa-* \
| x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \
| xstormy16-* | xtensa-* \
| ymp-* \
| z8k-*)
;;
m32c-*)
;;
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
386bsd)
@ -489,6 +502,10 @@ case $basic_machine in
basic_machine=m88k-motorola
os=-sysv3
;;
djgpp)
basic_machine=i586-pc
os=-msdosdjgpp
;;
dpx20 | dpx20-*)
basic_machine=rs6000-bull
os=-bosx
@ -754,9 +771,8 @@ case $basic_machine in
basic_machine=hppa1.1-oki
os=-proelf
;;
or32 | or32-*)
openrisc | openrisc-*)
basic_machine=or32-unknown
os=-coff
;;
os400)
basic_machine=powerpc-ibm
@ -1029,6 +1045,10 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
xbox)
basic_machine=i686-pc
os=-mingw32
;;
xps | xps100)
basic_machine=xps100-honeywell
;;
@ -1078,12 +1098,9 @@ case $basic_machine in
we32k)
basic_machine=we32k-att
;;
sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele)
sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sh64)
basic_machine=sh64-unknown
;;
sparc | sparcv8 | sparcv9 | sparcv9b)
basic_machine=sparc-sun
;;
@ -1170,7 +1187,8 @@ case $os in
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*)
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
| -skyos* | -haiku*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1188,7 +1206,7 @@ case $os in
os=`echo $os | sed -e 's|nto|nto-qnx|'`
;;
-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
| -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
;;
-mac*)
@ -1297,6 +1315,9 @@ case $os in
-kaos*)
os=-kaos
;;
-zvmoe)
os=-zvmoe
;;
-none)
;;
*)
@ -1374,6 +1395,9 @@ case $basic_machine in
*-be)
os=-beos
;;
*-haiku)
os=-haiku
;;
*-ibm)
os=-aix
;;
@ -1545,7 +1569,7 @@ case $basic_machine in
esac
echo $basic_machine$os
exit 0
exit
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)

38
configure vendored
View File

@ -4386,6 +4386,44 @@ _ACEOF
fi
echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5
echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6
if test "${ac_cv_type_uid_t+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <sys/types.h>
_ACEOF
if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
$EGREP "uid_t" >/dev/null 2>&1; then
ac_cv_type_uid_t=yes
else
ac_cv_type_uid_t=no
fi
rm -f conftest*
fi
echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5
echo "${ECHO_T}$ac_cv_type_uid_t" >&6
if test $ac_cv_type_uid_t = no; then
cat >>confdefs.h <<\_ACEOF
#define uid_t int
_ACEOF
cat >>confdefs.h <<\_ACEOF
#define gid_t int
_ACEOF
fi
echo "$as_me:$LINENO: checking for sig_atomic_t" >&5
echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6

1
configure.in
View File

@ -339,6 +339,7 @@ AC_TYPE_MODE_T
AC_TYPE_SIGNAL
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_TYPE_UID_T
AC_CHECK_TYPE([sig_atomic_t],,
AC_DEFINE(sig_atomic_t, volatile int,

10
conserver.cf/INSTALL
View File

@ -1,11 +1,11 @@
The two files you need to set up are the conserver.cf and conserver.passwd
files. See the sample conserver.cf and conserver.passwd files
for examples. You can start with those and then modify extensively.
The man page for conserver.cf and conserver.passwd should explain the
files with enough detail to get you going.
files. See the sample conserver.cf and conserver.passwd files for examples
(installed in <DATADIR>/examples/conserver). You can start with those and
then modify extensively. The man page for conserver.cf and conserver.passwd
should explain the files with enough detail to get you going.
That's about it. Good luck.
#
# $Id: INSTALL,v 1.3 2003/07/04 18:21:21 bryan Exp $
# $Id: INSTALL,v 1.4 2005/05/21 13:47:18 bryan Exp $
#

79
conserver.cf/conserver.cf.man
View File

@ -1,5 +1,5 @@
.\" $Id: conserver.cf.man,v 1.69 2004/11/06 00:20:30 bryan Exp $
.TH CONSERVER.CF 5 "2004/11/06" "conserver-8.1.11" "conserver"
.\" $Id: conserver.cf.man,v 1.73 2005/06/09 07:09:31 bryan Exp $
.TH CONSERVER.CF 5 "2005/06/09" "conserver-8.1.12" "conserver"
.SH NAME
conserver.cf \- console configuration file for
.BR conserver (8)
@ -174,6 +174,31 @@ The access lists defined using the name
are applied to the current access block.
The included access block must be previously defined.
.TP
\f3limited\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of users with limited functionality on the console server.
These users will not be allowed to suspend their connection,
shift to another console, or attach to a local command.
If
.I username
matches a previously defined group name, all members of the previous
group are applied to the admin list (with access reversed if prefixed
with a `!').
If
.I username
doesn't match a previously defined group and
.I username
begins with `@', the name (minus the `@') is checked against the
host's group database.
All users found in the group will be granted (or denied, if prefixed
with `!') access.
If
.I username
doesn't match a previous group and doesn't begin with `@', the users
will be granted (or denied, if prefixed with `!') access.
If the null string (``\f3""\fP'') is used, any
users previously defined for the console server's limited list are removed.
.TP
\f3rejected\fP \f2hostname\fP[\f3,\fP...]
.br
The list of hostnames are added to the ``rejected'' list, which rejects
@ -524,6 +549,27 @@ If the null string (``\f3""\fP'') is used or no
keyword is specified, conserver will use the command ``/bin/sh -i''.
Only consoles of type ``exec'' will use this value.
.TP
\f3execrunas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP
.br
By default, the command invoked by
.B exec
is run with the same privileges as the server.
If the server is running with root privileges, this option resets the user
and/or group of the invoked process to
.I user
and
.I group
respectively.
.I user
may be a username or numeric uid and
.I group
may be a group name or numeric gid.
Either one is optional.
If the server is not running with root privileges, these values
are not used.
If the null string (``\f3""\fP'') is specified, the default of running
with the same privileges as the server is restored.
.TP
\f3execsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
@ -584,7 +630,7 @@ The default block defined using the name
is applied to the current console or default block.
The included default block must be previously defined.
.TP
\f3initcmd\fP \f3command\fP|\f3""\fP
\f3initcmd\fP \f2command\fP|\f3""\fP
.br
Invoke
.I command
@ -597,6 +643,27 @@ is passed as an argument to ``/bin/sh -ce''.
If the null string (``\f3""\fP'') is used, the command is unset and
nothing is invoked.
.TP
\f3initrunas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP
.br
By default, the command invoked by
.B initcmd
is run with the same privileges as the server.
If the server is running with root privileges, this option resets the user
and/or group of the invoked process to
.I user
and
.I group
respectively.
.I user
may be a username or numeric uid and
.I group
may be a group name or numeric gid.
Either one is optional.
If the server is not running with root privileges, these values
are not used.
If the null string (``\f3""\fP'') is specified, the default of running
with the same privileges as the server is restored.
.TP
\f3initspinmax\fP \f2n\fP|\f3""\fP
.br
Set the maximum number of ``spins'' allowed for the console to
@ -607,7 +674,7 @@ where 0 <=
A console is determined to be ``spinning'' if an attempt to initialize
the console occurs in under
.B initspintimer
seconds from it's previous initialization and this quick
seconds from its previous initialization and this quick
initialization occurs
.B initspinmax
times in a row.
@ -661,7 +728,7 @@ no logging will occur.
.br
Enable automatic rotation of
.B logfile
once it's size exceeds
once its size exceeds
.I number
bytes.
Specifying
@ -810,7 +877,7 @@ Default is
.BR autoreinit .
.TP
.B unloved
Enable the sending of this console's output (prefixed with it's
Enable the sending of this console's output (prefixed with its
name) to the daemon's stdout (or the logfile if in daemon mode) when no
clients are connected to the console.
The conserver option

2
conserver.cf/conserver.passwd.man
View File

@ -1,5 +1,5 @@
.\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.11" "conserver"
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.12" "conserver"
.SH NAME
conserver.passwd \- user access information for
.BR conserver (8)

9
conserver.html
View File

@ -37,7 +37,6 @@
mirror: &nbsp;&nbsp;<A href=
"http://planetmirror.com/pub/conserver/">Australia</A>
&nbsp;&nbsp;<A href="http://conserver.rinet.ru/">Russia</A>
&nbsp;&nbsp;<A href="http://conserver.syr.edu/">US-East</A>
&nbsp;&nbsp;<A href="http://www.conserver.com/">US-West
(Primary)</A><BR>
<BR>
@ -183,11 +182,11 @@
<H3>Downloading</H3>
<P>The current version, released on Nov 9, 2004, is <A
href="8.1.11.tar.gz">8.1.11.tar.gz</A>. You can get it
<P>The current version, released on Sep 5, 2005, is <A
href="8.1.12.tar.gz">8.1.12.tar.gz</A>. You can get it
via <A href=
"ftp://ftp.conserver.com/conserver/8.1.11.tar.gz">FTP</A>
or <A href="8.1.11.tar.gz">HTTP</A>. See the <A href=
"ftp://ftp.conserver.com/conserver/8.1.12.tar.gz">FTP</A>
or <A href="8.1.12.tar.gz">HTTP</A>. See the <A href=
"CHANGES">CHANGES</A> file for information on the latest
updates.</P>

4
conserver/Makefile.in
View File

@ -7,6 +7,8 @@ sbindir = @sbindir@
sysconfdir = @sysconfdir@
mandir = @mandir@
datadir = @datadir@
libdir = @libdir@
pkglibdir = $(libdir)/conserver
exampledir = $(datadir)/examples/conserver
### Installation programs and flags
@ -63,5 +65,7 @@ install: conserver
$(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
$(MKDIR) $(DESTDIR)$(exampledir)
$(INSTALL) conserver.rc $(DESTDIR)$(exampledir)
$(MKDIR) $(DESTDIR)$(pkglibdir)
$(INSTALL) convert $(DESTDIR)$(pkglibdir)/convert
.PHONY: clean distclean install

42
conserver/client.c
View File

@ -1,5 +1,5 @@
/*
* $Id: client.c,v 5.85 2004/10/25 07:18:18 bryan Exp $
* $Id: client.c,v 5.89 2005/09/04 00:28:58 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -41,6 +41,7 @@
#include <access.h>
#include <client.h>
#include <group.h>
#include <readcfg.h>
#if defined(USE_LIBWRAP)
#include <syslog.h>
@ -250,25 +251,21 @@ Replay(pCE, fdOut, iBack)
/* this is a mark and the previous line is also
* a mark, so make (or continue) that range
*/
if (0 == lines[ln - 1].mark_end->allocated) {
if (0 == lines[ln - 1].mark_end->used) {
/* this is a new range - shuffle pointers
*
* remember that we are moving backward
*/
*(lines[ln - 1].mark_end) = *(lines[ln - 1].line);
InitString(lines[ln - 1].line);
}
/* if unallocated, cheat and shuffle pointers */
if (0 == lines[ln - 1].line->allocated) {
*(lines[ln - 1].line) = *(lines[ln].line);
InitString(lines[ln].line);
} else {
BuildStringN(lines[ln - 1].line->string,
lines[ln - 1].line->used - 1,
lines[ln - 1].mark_end);
BuildString((char *)0, lines[ln - 1].line);
BuildStringN(lines[ln].line->string,
lines[ln].line->used - 1,
lines[ln - 1].line);
BuildString((char *)0, lines[ln].line);
}
BuildString((char *)0, lines[ln - 1].line);
BuildStringN(lines[ln].line->string,
lines[ln].line->used - 1,
lines[ln - 1].line);
BuildString((char *)0, lines[ln].line);
ln--;
}
lines[ln].is_mark = is_mark;
@ -385,6 +382,7 @@ Replay(pCE, fdOut, iBack)
#define WHEN_ATTACH 0x02
#define WHEN_EXPERT 0x04 /* ZZZ no way to set his yet */
#define WHEN_ALWAYS 0x40
#define IS_LIMITED 0x100
#define HALFLINE 40
@ -395,7 +393,7 @@ typedef struct HLnode {
static HELP aHLTable[] = {
{WHEN_ALWAYS, ". disconnect"},
{WHEN_ALWAYS, "; move to another console"},
{WHEN_ALWAYS | IS_LIMITED, "; move to another console"},
{WHEN_ALWAYS, "a attach read/write"},
{WHEN_ALWAYS, "b send broadcast message"},
{WHEN_ATTACH, "c toggle flow control"},
@ -417,8 +415,8 @@ static HELP aHLTable[] = {
{WHEN_ALWAYS, "v show version info"},
{WHEN_ALWAYS, "w who is on this console"},
{WHEN_ALWAYS, "x show console baud info"},
{WHEN_ALWAYS, "z suspend the connection"},
{WHEN_ATTACH, "| attach local command"},
{WHEN_ALWAYS | IS_LIMITED, "z suspend the connection"},
{WHEN_ATTACH | IS_LIMITED, "| attach local command"},
{WHEN_ALWAYS, "? print this message"},
{WHEN_ALWAYS, "<cr> ignore/abort command"},
{WHEN_ALWAYS, "^R replay the last line"},
@ -433,7 +431,7 @@ void
#if PROTOTYPES
HelpUser(CONSCLIENT *pCL)
#else
HelpUser(pCL)
HelpUser(pCL, pCE)
CONSCLIENT *pCL;
#endif
{
@ -456,9 +454,13 @@ HelpUser(pCL)
BuildString((char *)0, acLine);
for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) {
if (0 == (aHLTable[i].iwhen & iCmp)) {
if (aHLTable[i].iwhen & IS_LIMITED &&
ConsentUserOk(pLUList, pCL->username->string) == 1)
continue;
}
if (0 == (aHLTable[i].iwhen & iCmp))
continue;
if (acLine->used != 0) { /* second part of line */
if (strlen(aHLTable[i].actext) < HALFLINE) {
for (j = acLine->used; j <= HALFLINE; ++j) {

2
conserver/client.h
View File

@ -1,5 +1,5 @@
/*
* $Id: client.h,v 5.38 2004/10/25 07:18:18 bryan Exp $
* $Id: client.h,v 5.40 2005/06/07 19:55:51 bryan Exp $
*
* Copyright conserver.com, 2000
*

18
conserver/consent.c
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.c,v 5.144 2004/10/25 07:25:35 bryan Exp $
* $Id: consent.c,v 5.145 2005/06/08 18:09:40 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -421,6 +421,13 @@ StartInit(pCE)
close(pout[0]);
close(pin[1]);
if (geteuid() == 0) {
if (pCE->initgid != 0)
setgid(pCE->initgid);
if (pCE->inituid != 0)
setuid(pCE->inituid);
}
tcsetpgrp(0, iNewGrp);
apcArgv[2] = pCE->initcmd;
@ -510,6 +517,15 @@ VirtDev(pCE)
Error("[%s] fd sync error", pCE->server);
Bye(EX_OSERR);
}
if (geteuid() == 0) {
if (pCE->execgid != 0)
setgid(pCE->execgid);
if (pCE->execuid != 0) {
fchown(0, pCE->execuid, -1);
setuid(pCE->execuid);
}
}
# if HAVE_STROPTS_H && !defined(_AIX)
/* SYSVr4 semantics for opening stream ptys (gregf)
* under PTX (others?) we have to push the compatibility

6
conserver/consent.h
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.h,v 5.59 2004/10/25 07:18:18 bryan Exp $
* $Id: consent.h,v 5.63 2005/06/08 18:09:40 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -100,6 +100,8 @@ typedef struct consent { /* console information */
/* type == EXEC */
char *exec; /* exec command */
char *execsubst; /* exec substitution pattern */
uid_t execuid; /* user to run exec as */
gid_t execgid; /* group to run exec as */
/* global stuff */
char *master; /* master hostname */
unsigned short breakNum; /* break type [1-9] */
@ -107,6 +109,8 @@ typedef struct consent { /* console information */
off_t logfilemax; /* size limit for rolling logfile */
char *initcmd; /* initcmd command */
char *initsubst; /* initcmd substitution pattern */
uid_t inituid; /* user to run initcmd as */
gid_t initgid; /* group to run initcmd as */
char *motd; /* motd */
time_t idletimeout; /* idle timeout */
char *idlestring; /* string to print when idle */

12
conserver/conserver.man
View File

@ -1,6 +1,6 @@
.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
.\" $Id: conserver.man,v 1.50 2004/06/08 16:19:46 bryan Exp $
.TH CONSERVER 8 "2004/06/08" "conserver-8.1.11" "conserver"
.\" $Id: conserver.man,v 1.51 2005/04/02 09:59:48 bryan Exp $
.TH CONSERVER 8 "2005/04/02" "conserver-8.1.12" "conserver"
.SH NAME
conserver \- console server daemon
.SH SYNOPSIS
@ -89,10 +89,10 @@ The server will
.B not
remove any files in the directory itself, just in case the directory is
accidentally specified as ``/etc'' or some other critical location.
The server will do it's best to remove all the sockets when it shuts down,
The server will do its best to remove all the sockets when it shuts down,
but it could stop ungracefully (crash, ``kill -9'', etc)
and leave files behind.
It's would then be up to the admin (or a creative startup script) to clean
It would then be up to the admin (or a creative startup script) to clean
up the directory before the server will start again.
.PP
.B Conserver
@ -427,7 +427,7 @@ The second style is the character-based, escape-sequence mode, while
connected to a console.
.PP
The initial line-based mode begins the same for both the master process
and it's children.
and its children.
Upon a successful (non-rejected) client connection, an ``ok'' is sent.
The client then issues a command and the server responds to it with a
result string (``ok'' being the sign of success for most commands).
@ -435,7 +435,7 @@ The commands available are ``help'', ``ssl'' (if
SSL was built into the code), ``login'', and ``exit''.
Using the ``login'' command, the client authenticates and gains access to
the extended command set.
This is where the master process and it's children differ.
This is where the master process and its children differ.
The master process gives the client access to global commands, and the
child provides commands for interacting with the consoles it manages.
The ``help'' command, in both cases, will provide a complete

6
conserver/cutil.c
View File

@ -1,5 +1,5 @@
/*
* $Id: cutil.c,v 1.121 2004/11/09 08:37:05 bryan Exp $
* $Id: cutil.c,v 1.122 2005/06/11 02:31:05 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -3067,7 +3067,7 @@ ParseFile(filename, fp, level)
void
#if PROTOTYPES
ProcessSubst(SUBST * s, char **repl, char **str, char *name, char *id)
ProcessSubst(SUBST *s, char **repl, char **str, char *name, char *id)
#else
ProcessSubst(s, repl, str, name, id)
SUBST *s;
@ -3187,7 +3187,7 @@ ProcessSubst(s, repl, str, name, id)
OutOfMem();
}
if (s != (SUBST *) 0 && repl != (char **)0) {
if (s != (SUBST *)0 && repl != (char **)0) {
static STRING *result = (STRING *)0;
if (result == (STRING *)0)

205
conserver/group.c
View File

@ -1,5 +1,5 @@
/*
* $Id: group.c,v 5.311 2004/10/25 07:25:35 bryan Exp $
* $Id: group.c,v 5.318 2005/06/08 18:09:40 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -1869,6 +1869,53 @@ AttemptSSL(pCL)
}
#endif
CONSENT *
#if PROTOTYPES
HuntForConsole(GRPENT *pGE, char *name)
#else
HuntForConsole(pGE, name)
GRPENT *pGE;
char *name;
#endif
{
/* try to find a given console
* we assume all the right checks for ambiguity
* were already done by the master process, so
* the first match should be what the user wants
*/
CONSENT *pCE = (CONSENT *)0;
if (name == (char *)0)
return pCE;
for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
NAMES *n = (NAMES *)0;
if (strcasecmp(name, pCE->server) == 0)
break;
for (n = pCE->aliases; n != (NAMES *)0; n = n->next) {
if (strcasecmp(name, n->name) == 0)
break;
}
if (n != (NAMES *)0)
break;
}
if (pCE == (CONSENT *)0 && config->autocomplete == FLAGTRUE) {
NAMES *n = (NAMES *)0;
int len = strlen(name);
for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
if (strncasecmp(name, pCE->server, len) == 0)
break;
for (n = pCE->aliases; n != (NAMES *)0; n = n->next) {
if (strncasecmp(name, n->name, len) == 0)
break;
}
if (n != (NAMES *)0)
break;
}
}
return pCE;
}
void
#if PROTOTYPES
CommandAttach(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing,
@ -2000,18 +2047,24 @@ CommandDown(pGE, pCLServing, pCEServing, tyme)
void
#if PROTOTYPES
CommandExamine(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing,
long tyme)
long tyme, char *args)
#else
CommandExamine(pGE, pCLServing, pCEServing, tyme)
CommandExamine(pGE, pCLServing, pCEServing, tyme, args)
GRPENT *pGE;
CONSCLIENT *pCLServing;
CONSENT *pCEServing;
long tyme;
char *args;
#endif
{
CONSENT *pCE;
for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
if (args == (char *)0)
pCE = pGE->pCElist;
else
pCE = HuntForConsole(pGE, args);
for (; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
char *d = (char *)0;
char *b = (char *)0;
char p = '\000';
@ -2038,6 +2091,8 @@ CommandExamine(pGE, pCLServing, pCEServing, tyme)
FilePrint(pCLServing->fd, FLAGFALSE,
" %-24.24s on %-32.32s at %6.6s%c\r\n", pCE->server, d,
b, p);
if (args != (char *)0)
break;
}
}
@ -2107,16 +2162,20 @@ CommandForce(pGE, pCLServing, pCEServing, tyme)
void
#if PROTOTYPES
CommandGroup(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing,
long tyme)
long tyme, char *args)
#else
CommandGroup(pGE, pCLServing, pCEServing, tyme)
CommandGroup(pGE, pCLServing, pCEServing, tyme, args)
GRPENT *pGE;
CONSCLIENT *pCLServing;
CONSENT *pCEServing;
long tyme;
char *args;
#endif
{
CONSCLIENT *pCL;
CONSENT *pCE;
pCE = HuntForConsole(pGE, args);
/* we do not show the ctl console
* else we'd get the client always
@ -2124,6 +2183,8 @@ CommandGroup(pGE, pCLServing, pCEServing, tyme)
for (pCL = pGE->pCLall; (CONSCLIENT *)0 != pCL; pCL = pCL->pCLscan) {
if (pGE->pCEctl == pCL->pCEto)
continue;
if (pCE != (CONSENT *)0 && pCL->pCEto != pCE)
continue;
FilePrint(pCLServing->fd, FLAGFALSE,
" %-32.32s %c %-7.7s %6s %s\r\n", pCL->acid->string,
pCL == pCLServing ? '*' : ' ',
@ -2135,18 +2196,24 @@ CommandGroup(pGE, pCLServing, pCEServing, tyme)
void
#if PROTOTYPES
CommandHosts(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing,
long tyme)
long tyme, char *args)
#else
CommandHosts(pGE, pCLServing, pCEServing, tyme)
CommandHosts(pGE, pCLServing, pCEServing, tyme, args)
GRPENT *pGE;
CONSCLIENT *pCLServing;
CONSENT *pCEServing;
long tyme;
char *args;
#endif
{
CONSENT *pCE;
for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
if (args == (char *)0)
pCE = pGE->pCElist;
else
pCE = HuntForConsole(pGE, args);
for (; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
FilePrint(pCLServing->fd, FLAGFALSE,
" %-24.24s %c %-4.4s %-.40s\r\n", pCE->server,
pCE == pCEServing ? '*' : ' ', (pCE->fup &&
@ -2159,25 +2226,33 @@ CommandHosts(pGE, pCLServing, pCEServing, tyme)
"down",
pCE->pCLwr ? pCE->pCLwr->acid->string : pCE->
pCLon ? "<spies>" : "<none>");
if (args != (char *)0)
break;
}
}
void
#if PROTOTYPES
CommandInfo(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing,
long tyme)
long tyme, char *args)
#else
CommandInfo(pGE, pCLServing, pCEServing, tyme)
CommandInfo(pGE, pCLServing, pCEServing, tyme, args)
GRPENT *pGE;
CONSCLIENT *pCLServing;
CONSENT *pCEServing;
long tyme;
char *args;
#endif
{
CONSENT *pCE;
CONSCLIENT *pCL;
for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
if (args == (char *)0)
pCE = pGE->pCElist;
else
pCE = HuntForConsole(pGE, args);
for (; pCE != (CONSENT *)0; pCE = pCE->pCEnext) {
int comma = 0;
char *s = (char *)0;
FilePrint(pCLServing->fd, FLAGTRUE, "%s:%s,%lu,%hu:", pCE->server,
@ -2282,6 +2357,8 @@ CommandInfo(pGE, pCLServing, pCEServing, tyme)
pCE->idletimeout,
(pCE->idlestring == (char *)0 ? "" : pCE->idlestring));
BuildTmpString((char *)0);
if (args != (char *)0)
break;
}
}
@ -2721,7 +2798,6 @@ DoClientRead(pGE, pCLServing)
{
struct termios sbuf;
CONSENT *pCEServing = pCLServing->pCEto;
CONSENT *pCE;
int nr, i, l;
unsigned char acIn[BUFSIZ], acInOrig[BUFSIZ];
time_t tyme;
@ -2919,53 +2995,8 @@ DoClientRead(pGE, pCLServing)
"call requires argument\r\n", -1);
else {
CONSENT *pCEwant = (CONSENT *)0;
/* try to move to the given console
* we assume all the right checks for ambiguity
* were already done by the master process, so
* the first match should be what the user wants
*/
for (pCE = pGE->pCElist; pCE != (CONSENT *)0;
pCE = pCE->pCEnext) {
NAMES *n = (NAMES *)0;
if (strcasecmp(pcArgs, pCE->server)
== 0) {
pCEwant = pCE;
break;
}
for (n = pCE->aliases; n != (NAMES *)0;
n = n->next) {
if (strcasecmp(pcArgs, n->name)
== 0) {
pCEwant = pCE;
break;
}
}
if (n != (NAMES *)0)
break;
}
if (pCEwant == (CONSENT *)0 &&
config->autocomplete == FLAGTRUE) {
NAMES *n = (NAMES *)0;
int len = strlen(pcArgs);
for (pCE = pGE->pCElist; pCE != (CONSENT *)0;
pCE = pCE->pCEnext) {
if (strncasecmp(pcArgs, pCE->server, len)
== 0) {
pCEwant = pCE;
break;
}
for (n = pCE->aliases; n != (NAMES *)0;
n = n->next) {
if (strncasecmp(pcArgs, n->name, len)
== 0) {
pCEwant = pCE;
break;
}
}
if (n != (NAMES *)0)
break;
}
}
pCEwant = HuntForConsole(pGE, pcArgs);
if (pCEwant == (CONSENT *)0) {
FilePrint(pCLServing->fd, FLAGFALSE,
@ -3052,16 +3083,19 @@ DoClientRead(pGE, pCLServing)
}
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "info") == 0) {
CommandInfo(pGE, pCLServing, pCEServing, tyme);
CommandInfo(pGE, pCLServing, pCEServing, tyme, pcArgs);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "examine") == 0) {
CommandExamine(pGE, pCLServing, pCEServing, tyme);
CommandExamine(pGE, pCLServing, pCEServing, tyme,
pcArgs);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "group") == 0) {
CommandGroup(pGE, pCLServing, pCEServing, tyme);
CommandGroup(pGE, pCLServing, pCEServing, tyme,
pcArgs);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "hosts") == 0) {
CommandHosts(pGE, pCLServing, pCEServing, tyme);
CommandHosts(pGE, pCLServing, pCEServing, tyme,
pcArgs);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "broadcast") == 0) {
if (pcArgs == (char *)0) {
@ -3288,8 +3322,7 @@ DoClientRead(pGE, pCLServing)
m = "read-only";
FilePrint(pCLServing->fd, FLAGFALSE,
"[%s -- use %s %s ? for help]\r\n",
m, FmtCtl(pCLServing->ic[0],
acA1),
m, FmtCtl(pCLServing->ic[0], acA1),
FmtCtl(pCLServing->ic[1], acA2));
}
continue;
@ -3400,7 +3433,7 @@ DoClientRead(pGE, pCLServing)
case '=':
if (!pCLServing->fcon) {
char *m = ConsState(pCEServing);
if (strcmp(m,"up") == 0)
if (strcmp(m, "up") == 0)
FileWrite(pCLServing->fd,
FLAGFALSE, "up]\r\n",
-1);
@ -3414,6 +3447,11 @@ DoClientRead(pGE, pCLServing)
break;
case ';':
if (pCLServing->fcon) {
if (ConsentUserOk
(pLUList,
pCLServing->username->string) ==
1)
goto unknownchar;
FileSetQuoteIAC(pCLServing->fd,
FLAGFALSE);
FilePrint(pCLServing->fd, FLAGFALSE,
@ -3490,7 +3528,7 @@ DoClientRead(pGE, pCLServing)
"group %s]\r\n",
pGE->pCEctl->server);
CommandGroup(pGE, pCLServing, pCEServing,
tyme);
tyme, (char *)0);
break;
case 'H':
@ -3507,7 +3545,7 @@ DoClientRead(pGE, pCLServing)
FileWrite(pCLServing->fd, FLAGFALSE,
"info]\r\n", -1);
CommandInfo(pGE, pCLServing, pCEServing,
tyme);
tyme, (char *)0);
break;
case 'L':
@ -3587,7 +3625,7 @@ DoClientRead(pGE, pCLServing)
FileWrite(pCLServing->fd, FLAGFALSE,
"hosts]\r\n", -1);
CommandHosts(pGE, pCLServing, pCEServing,
tyme);
tyme, (char *)0);
break;
case 'V':
@ -3614,10 +3652,14 @@ DoClientRead(pGE, pCLServing)
FileWrite(pCLServing->fd, FLAGFALSE,
"examine]\r\n", -1);
CommandExamine(pGE, pCLServing, pCEServing,
tyme);
tyme, (char *)0);
break;
case '|': /* wait for client */
if (ConsentUserOk
(pLUList,
pCLServing->username->string) == 1)
goto unknownchar;
if (!pCLServing->fwr) {
FileWrite(pCLServing->fd, FLAGFALSE,
"attach to run local command]\r\n",
@ -3636,6 +3678,10 @@ DoClientRead(pGE, pCLServing)
DEPRECATED;
case 'z': /* suspend the client */
case '\032':
if (ConsentUserOk
(pLUList,
pCLServing->username->string) == 1)
goto unknownchar;
FileSetQuoteIAC(pCLServing->fd, FLAGFALSE);
FilePrint(pCLServing->fd, FLAGFALSE,
"%c%c", OB_IAC, OB_SUSP);
@ -4094,6 +4140,9 @@ Kiddie(pGE, sfd)
#endif
#if defined(SIGPOLL)
SimpleSignal(SIGPOLL, SIG_IGN);
#endif
#if defined(SIGXFSZ)
SimpleSignal(SIGXFSZ, SIG_IGN);
#endif
SimpleSignal(SIGTERM, FlagGoAway);
SimpleSignal(SIGCHLD, FlagReapVirt);
@ -4166,7 +4215,7 @@ Kiddie(pGE, sfd)
fSawChldHUP = 0;
ReopenLogfile();
ReopenUnifiedlog();
ReReadCfg(sfd);
ReReadCfg(sfd, -1);
pGE = pGroups;
ReOpen(pGE);
ReUp(pGE, 0);
@ -4644,10 +4693,11 @@ Kiddie(pGE, sfd)
*/
void
#if PROTOTYPES
Spawn(GRPENT *pGE)
Spawn(GRPENT *pGE, int msfd)
#else
Spawn(pGE)
Spawn(pGE, msfd)
GRPENT *pGE;
int msfd;
#endif
{
pid_t pid;
@ -4724,7 +4774,8 @@ Spawn(pGE)
if (!SetFlags(sfd, O_NONBLOCK, 0))
Bye(EX_OSERR);
while (bind(sfd, (struct sockaddr *)&lstn_port, sizeof(lstn_port)) < 0) {
while (bind(sfd, (struct sockaddr *)&lstn_port, sizeof(lstn_port))
< 0) {
if (bindBasePort && (
# if defined(EADDRINUSE)
(errno == EADDRINUSE) ||
@ -4781,6 +4832,10 @@ Spawn(pGE)
pGE->imembers == 1 ? "console" : "consoles");
#endif
/* close the master fd - which is there *except* on startup */
if (msfd != -1)
close(msfd);
/* clean out the master client lists - they aren't useful here and just
* cause extra file descriptors and memory allocation to lie around,
* not a very good thing!

4
conserver/group.h
View File

@ -1,5 +1,5 @@
/*
* $Id: group.h,v 5.47 2004/10/10 18:46:15 bryan Exp $
* $Id: group.h,v 5.48 2005/05/21 17:56:14 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -64,7 +64,7 @@ typedef struct grpent { /* group info */
extern time_t timers[];
extern void Spawn PARAMS((GRPENT *));
extern void Spawn PARAMS((GRPENT *, int));
extern int CheckPass PARAMS((char *, char *));
extern void TagLogfile PARAMS((const CONSENT *, char *, ...));
extern void TagLogfileAct PARAMS((const CONSENT *, char *, ...));

27
conserver/main.c
View File

@ -1,5 +1,5 @@
/*
* $Id: main.c,v 5.186 2004/07/14 05:28:42 bryan Exp $
* $Id: main.c,v 5.196 2005/06/11 02:31:05 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -323,6 +323,7 @@ SetupSSL()
#endif
{
if (ctx == (SSL_CTX *)0) {
char *ciphers;
SSL_load_error_strings();
if (!SSL_library_init()) {
Error("SetupSSL(): SSL_library_init() failed");
@ -352,6 +353,9 @@ SetupSSL()
config->sslcredentials);
Bye(EX_SOFTWARE);
}
ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH";
} else {
ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH";
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
SSL_CTX_set_options(ctx,
@ -362,8 +366,7 @@ SetupSSL()
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_AUTO_RETRY);
SSL_CTX_set_tmp_dh_callback(ctx, TmpDHCallback);
if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") !=
1) {
if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) {
Error("SetupSSL(): setting SSL cipher list failed");
Bye(EX_SOFTWARE);
}
@ -472,6 +475,9 @@ Daemonize()
#if defined(SIGTSTP)
SimpleSignal(SIGTSTP, SIG_IGN);
#endif
#if defined(SIGXFSZ)
SimpleSignal(SIGXFSZ, SIG_IGN);
#endif
fflush(stdout);
fflush(stderr);
@ -697,6 +703,7 @@ DestroyDataStructures()
pACList = pAC;
}
DestroyConsentUsers(&pADList);
DestroyConsentUsers(&pLUList);
DestroyConfig(pConfig);
DestroyConfig(optConf);
@ -721,7 +728,7 @@ DestroyDataStructures()
DestroyBreakList();
DestroyStrings();
DestroyUserList();
if (substData != (SUBST *) 0)
if (substData != (SUBST *)0)
free(substData);
}
@ -892,6 +899,9 @@ DumpDataStructures()
EMPTYSTR(pCE->execSlave),
EMPTYSTR(pCE->exec),
(unsigned long)pCE->ipid));
CONDDEBUG((1,
"DumpDataStructures(): execuid=%d, execgid=%d",
pCE->execuid, pCE->execgid));
break;
case HOST:
@ -941,13 +951,16 @@ DumpDataStructures()
FLAGSTR(pCE->crtscts)));
#endif
CONDDEBUG((1,
"DumpDataStructures(): reinitoncc=%s, striphigh=%s, unloved=%s",
FLAGSTR(pCE->reinitoncc), FLAGSTR(pCE->striphigh),
"DumpDataStructures(): reinitoncc=%s, striphigh=%s",
FLAGSTR(pCE->reinitoncc), FLAGSTR(pCE->striphigh)));
CONDDEBUG((1, "DumpDataStructures(): unloved=%s",
FLAGSTR(pCE->unloved)));
CONDDEBUG((1,
"DumpDataStructures(): initpid=%lu, initcmd=%s, initfile=%d",
(unsigned long)pCE->initpid, EMPTYSTR(pCE->initcmd),
FileFDNum(pCE->initfile)));
CONDDEBUG((1, "DumpDataStructures(): inituid=%d, initgid=%d",
pCE->inituid, pCE->initgid));
CONDDEBUG((1,
"DumpDataStructures(): motd=%s, idletimeout=%d, idlestring=%s",
EMPTYSTR(pCE->motd), pCE->idletimeout,
@ -1552,7 +1565,7 @@ main(argc, argv)
if (pGE->imembers == 0)
continue;
Spawn(pGE);
Spawn(pGE, -1);
Verbose("group #%d pid %lu on port %hu", pGE->id,
(unsigned long)pGE->pid, pGE->port);
}

72
conserver/master.c
View File

@ -1,5 +1,5 @@
/*
* $Id: master.c,v 5.128 2004/07/14 05:28:42 bryan Exp $
* $Id: master.c,v 5.132 2005/09/05 22:22:53 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -68,9 +68,10 @@ FlagSawCHLD(sig)
*/
static void
#if PROTOTYPES
FixKids()
FixKids(int msfd)
#else
FixKids()
FixKids(msfd)
int msfd;
#endif
{
pid_t pid;
@ -124,7 +125,7 @@ FixKids()
/* this kid kid is dead, start another
*/
Spawn(pGE);
Spawn(pGE, msfd);
Verbose("group #%d pid %lu on port %hu", pGE->id,
(unsigned long)pGE->pid, pGE->port);
}
@ -497,15 +498,18 @@ DoNormalRead(pCLServing)
(char *)0
};
static char *apcHelp2[] = {
"call provide port for given console\r\n",
"exit disconnect\r\n",
"groups provide ports for group leaders\r\n",
"help this help message\r\n",
"master provide a list of master servers\r\n",
"pid provide pid of master process\r\n",
"quit* terminate conserver (SIGTERM)\r\n",
"restart* restart conserver (SIGHUP)\r\n",
"version provide version info for server\r\n",
"call provide port for given console\r\n",
"exit disconnect\r\n",
"groups provide ports for group leaders\r\n",
"help this help message\r\n",
"master provide a list of master servers\r\n",
"newlogs* close and open all logfiles (SIGUSR2)\r\n",
"pid provide pid of master process\r\n",
"quit* terminate conserver (SIGTERM)\r\n",
"restart* restart conserver (SIGHUP) - deprecated\r\n",
"reconfig* reread config file (SIGHUP)\r\n",
"version provide version info for server\r\n",
"up* bring up all downed consoles (SIGUSR1)\r\n",
"* = requires admin privileges\r\n",
(char *)0
};
@ -638,6 +642,41 @@ DoNormalRead(pCLServing)
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "reconfig") == 0) {
if (ConsentUserOk(pADList, pCLServing->username->string) ==
1) {
FileWrite(pCLServing->fd, FLAGFALSE,
"ok -- reconfiguring\r\n", -1);
Verbose("reconfig command by %s",
pCLServing->acid->string);
kill(thepid, SIGHUP);
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "up") == 0) {
if (ConsentUserOk(pADList, pCLServing->username->string) ==
1) {
FileWrite(pCLServing->fd, FLAGFALSE,
"ok -- bringing up consoles\r\n", -1);
Verbose("up command by %s", pCLServing->acid->string);
kill(thepid, SIGUSR1);
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "newlogs") == 0) {
if (ConsentUserOk(pADList, pCLServing->username->string) ==
1) {
FileWrite(pCLServing->fd, FLAGFALSE,
"ok -- opening new logfiles\r\n", -1);
Verbose("newlogs command by %s",
pCLServing->acid->string);
kill(thepid, SIGUSR2);
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "groups") == 0) {
int iSep = 1;
@ -707,6 +746,9 @@ Master()
#endif
#if defined(SIGPOLL)
SimpleSignal(SIGPOLL, SIG_IGN);
#endif
#if defined(SIGXFSZ)
SimpleSignal(SIGXFSZ, SIG_IGN);
#endif
SimpleSignal(SIGCHLD, FlagSawCHLD);
SimpleSignal(SIGTERM, FlagQuitIt);
@ -816,7 +858,7 @@ Master()
for (fSawQuit = 0; !fSawQuit; /* can't close here :-( */ ) {
if (fSawCHLD) {
fSawCHLD = 0;
FixKids();
FixKids(msfd);
}
if (fSawHUP) {
fSawHUP = 0;
@ -824,7 +866,7 @@ Master()
ReopenLogfile();
ReopenUnifiedlog();
SignalKids(SIGHUP);
ReReadCfg(msfd);
ReReadCfg(msfd, msfd);
/* fix up the client descriptors since ReReadCfg() doesn't
* see them like it can in the child processes */
for (pCL = pCLmall; pCL != (CONSCLIENT *)0; pCL = pCL->pCLscan) {

228
conserver/readcfg.c
View File

@ -1,5 +1,5 @@
/*
* $Id: readcfg.c,v 5.181 2004/10/25 07:18:19 bryan Exp $
* $Id: readcfg.c,v 5.189 2005/09/05 21:55:49 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -25,6 +25,9 @@
#include <compat.h>
#include <pwd.h>
#include <grp.h>
#include <cutil.h>
#include <consent.h>
#include <client.h>
@ -39,6 +42,7 @@ GRPENT *pGroups = (GRPENT *)0;
REMOTE *pRCList = (REMOTE *)0;
ACCESS *pACList = (ACCESS *)0;
CONSENTUSERS *pADList = (CONSENTUSERS *)0;
CONSENTUSERS *pLUList = (CONSENTUSERS *)0;
REMOTE *pRCUniq = (REMOTE *)0;
CONFIG *pConfig = (CONFIG *)0;
BREAKS breakList[9] = {
@ -242,7 +246,11 @@ BreakDestroy()
{
int i;
for (i = 0; i < 9; i++) {
Msg("Break[%d] = `%s', delay=%d", i, breakList[i].seq->string,
Msg("Break[%d] = `%s', delay=%d", i,
breakList[i].seq ==
(STRING *)0 ? "(null)" : (breakList[i].seq->
string ? breakList[i].seq->
string : "(null)"),
breakList[i].delay);
}
}
@ -631,6 +639,14 @@ ApplyDefault(d, c)
c->idletimeout = d->idletimeout;
if (d->logfilemax != 0)
c->logfilemax = d->logfilemax;
if (d->inituid != 0)
c->inituid = d->inituid;
if (d->initgid != 0)
c->initgid = d->initgid;
if (d->execuid != 0)
c->execuid = d->execuid;
if (d->execgid != 0)
c->execgid = d->execgid;
if (d->raw != FLAGUNKNOWN)
c->raw = d->raw;
if (d->port != 0)
@ -933,7 +949,7 @@ DefaultItemDevice(id)
ProcessDevice(parserDefaultTemp, id);
}
SUBST *substData = (SUBST *) 0;
SUBST *substData = (SUBST *)0;
int
#if PROTOTYPES
@ -947,9 +963,8 @@ SubstCallback(c, s, i)
{
int retval = 0;
if (substData == (SUBST *) 0) {
if ((substData =
(SUBST *) calloc(1, sizeof(SUBST))) == (SUBST *) 0)
if (substData == (SUBST *)0) {
if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
OutOfMem();
substData->callback = &SubstCallback;
substData->tokens['p'] = ISNUMBER;
@ -1029,6 +1044,127 @@ DefaultItemInitsubst(id)
"initsubst", id);
}
void
#if PROTOTYPES
ProcessUidGid(uid_t * uid, gid_t * gid, char *id)
#else
ProcessUidGid(uid, gid, id)
uid_t *uid;
gid_t *gid;
char *id;
#endif
{
char *colon = (char *)0;
int i;
CONDDEBUG((1, "ProcessUidGid(%s) [%s:%d]", id, file, line));
*uid = *gid = 0;
if (id == (char *)0 || id[0] == '\000')
return;
/* hunt for colon */
if ((colon = strchr(id, ':')) != (char *)0)
*colon = '\000';
if (id[0] != '\000') {
/* Look for non-numeric characters */
for (i = 0; id[i] != '\000'; i++)
if (!isdigit((int)id[i]))
break;
if (id[i] == '\000') {
*uid = (uid_t) atoi(id);
} else {
struct passwd *pwd = (struct passwd *)0;
if ((pwd = getpwnam(id)) == (struct passwd *)0) {
CONDDEBUG((1, "ProcessUidGid(): getpwnam(%s): %s", id,
strerror(errno)));
if (isMaster)
Error("invalid user name `%s' [%s:%d]", id, file,
line);
} else {
*uid = pwd->pw_uid;
}
}
}
if (colon != (char *)0) {
*colon = ':';
colon++;
if (*colon != '\000') {
/* Look for non-numeric characters */
for (i = 0; colon[i] != '\000'; i++)
if (!isdigit((int)colon[i]))
break;
if (colon[i] == '\000') {
*gid = (gid_t) atoi(colon);
} else {
struct group *grp = (struct group *)0;
if ((grp = getgrnam(colon)) == (struct group *)0) {
CONDDEBUG((1, "ProcessUidGid(): getgrnam(%s): %s",
colon, strerror(errno)));
if (isMaster)
Error("invalid group name `%s' [%s:%d]", colon,
file, line);
} else {
*gid = grp->gr_gid;
}
}
}
}
}
void
#if PROTOTYPES
ProcessInitrunas(CONSENT *c, char *id)
#else
ProcessInitrunas(c, id)
CONSENT *c;
char *id;
#endif
{
CONDDEBUG((1, "ProcessInitrunas(%s) [%s:%d]", id, file, line));
ProcessUidGid(&(c->inituid), &(c->initgid), id);
}
void
#if PROTOTYPES
ProcessExecrunas(CONSENT *c, char *id)
#else
ProcessExecrunas(c, id)
CONSENT *c;
char *id;
#endif
{
CONDDEBUG((1, "ProcessExecrunas(%s) [%s:%d]", id, file, line));
ProcessUidGid(&(c->execuid), &(c->execgid), id);
}
void
#if PROTOTYPES
DefaultItemInitrunas(char *id)
#else
DefaultItemInitrunas(id)
char *id;
#endif
{
CONDDEBUG((1, "DefaultItemInitrunas(%s) [%s:%d]", id, file, line));
ProcessInitrunas(parserDefaultTemp, id);
}
void
#if PROTOTYPES
DefaultItemExecrunas(char *id)
#else
DefaultItemExecrunas(id)
char *id;
#endif
{
CONDDEBUG((1, "DefaultItemExecrunas(%s) [%s:%d]", id, file, line));
ProcessExecrunas(parserDefaultTemp, id);
}
void
#if PROTOTYPES
ProcessExec(CONSENT *c, char *id)
@ -2595,6 +2731,14 @@ ConsoleAdd(c)
SwapStr(&pCEmatch->exec, &c->exec);
closeMatch = 0;
}
if (pCEmatch->execuid != c->execuid) {
pCEmatch->execuid = c->execuid;
closeMatch = 0;
}
if (pCEmatch->execgid != c->execgid) {
pCEmatch->execgid = c->execgid;
closeMatch = 0;
}
if (pCEmatch->ixany != c->ixany) {
pCEmatch->ixany = c->ixany;
closeMatch = 0;
@ -2711,6 +2855,8 @@ ConsoleAdd(c)
pCEmatch->reinitoncc = c->reinitoncc;
pCEmatch->autoreinit = c->autoreinit;
pCEmatch->unloved = c->unloved;
pCEmatch->inituid = c->inituid;
pCEmatch->initgid = c->initgid;
while (pCEmatch->aliases != (NAMES *)0) {
NAMES *name;
name = pCEmatch->aliases->next;
@ -3166,6 +3312,30 @@ ConsoleItemInitsubst(id)
"initsubst", id);
}
void
#if PROTOTYPES
ConsoleItemInitrunas(char *id)
#else
ConsoleItemInitrunas(id)
char *id;
#endif
{
CONDDEBUG((1, "ConsoleItemInitrunas(%s) [%s:%d]", id, file, line));
ProcessInitrunas(parserConsoleTemp, id);
}
void
#if PROTOTYPES
ConsoleItemExecrunas(char *id)
#else
ConsoleItemExecrunas(id)
char *id;
#endif
{
CONDDEBUG((1, "ConsoleItemExecrunas(%s) [%s:%d]", id, file, line));
ProcessExecrunas(parserConsoleTemp, id);
}
void
#if PROTOTYPES
ConsoleItemExec(char *id)
@ -3447,6 +3617,7 @@ typedef struct parserAccess {
STRING *name;
ACCESS *access;
CONSENTUSERS *admin;
CONSENTUSERS *limited;
struct parserAccess *next;
} PARSERACCESS;
@ -3496,6 +3667,7 @@ DestroyParserAccess(pa)
a = n;
}
DestroyConsentUsers(&(pa->admin));
DestroyConsentUsers(&(pa->limited));
free(pa);
CONDDEBUG((2, "DestroyParserAccess(): %s", m));
}
@ -3626,6 +3798,7 @@ AccessDestroy()
PARSERACCESS *p;
ACCESS **ppa;
CONSENTUSERS **pad;
CONSENTUSERS **plu;
CONDDEBUG((1, "AccessDestroy() [%s:%d]", file, line));
@ -3638,10 +3811,13 @@ AccessDestroy()
pACList = (ACCESS *)0;
DestroyConsentUsers(&(pADList));
DestroyConsentUsers(&(pLUList));
pADList = (CONSENTUSERS *)0;
pLUList = (CONSENTUSERS *)0;
ppa = &(pACList);
pad = &(pADList);
plu = &(pLUList);
for (p = parserAccesses; p != (PARSERACCESS *)0; p = p->next) {
#if DUMPDATA
@ -3654,6 +3830,9 @@ AccessDestroy()
for (u = p->admin; u != (CONSENTUSERS *)0; u = u->next) {
Msg(" Admin = %s", u->user->name);
}
for (u = p->limited; u != (CONSENTUSERS *)0; u = u->next) {
Msg(" Limited = %s", u->user->name);
}
}
#endif
if ((p->name->used == 2 && p->name->string[0] == '*') ||
@ -3667,6 +3846,11 @@ AccessDestroy()
*pad = p->admin;
p->admin = (CONSENTUSERS *)0;
}
/* add any limited users to the list */
if (p->limited != (CONSENTUSERS *)0) {
*plu = p->limited;
p->limited = (CONSENTUSERS *)0;
}
/* advance to the end of the list so we can append more
* this will potentially have duplicates in the access
@ -3679,6 +3863,9 @@ AccessDestroy()
while (*pad != (CONSENTUSERS *)0) {
pad = &((*pad)->next);
}
while (*plu != (CONSENTUSERS *)0) {
plu = &((*plu)->next);
}
}
}
@ -3700,6 +3887,18 @@ AccessItemAdmin(id)
ProcessRoRw(&(parserAccessTemp->admin), id);
}
void
#if PROTOTYPES
AccessItemLimited(char *id)
#else
AccessItemLimited(id)
char *id;
#endif
{
CONDDEBUG((1, "AccessItemLimited(%s) [%s:%d]", id, file, line));
ProcessRoRw(&(parserAccessTemp->limited), id);
}
void
#if PROTOTYPES
AccessItemInclude(char *id)
@ -3729,6 +3928,9 @@ AccessItemInclude(id)
}
if (pa->admin != (CONSENTUSERS *)0)
CopyConsentUserList(pa->admin, &(parserAccessTemp->admin));
if (pa->limited != (CONSENTUSERS *)0)
CopyConsentUserList(pa->limited,
&(parserAccessTemp->limited));
}
}
}
@ -4393,6 +4595,7 @@ ITEM keyDefault[] = {
{"device", DefaultItemDevice},
{"devicesubst", DefaultItemDevicesubst},
{"exec", DefaultItemExec},
{"execrunas", DefaultItemExecrunas},
{"execsubst", DefaultItemExecsubst},
/* {"flow", DefaultItemFlow}, */
{"host", DefaultItemHost},
@ -4400,6 +4603,7 @@ ITEM keyDefault[] = {
{"idletimeout", DefaultItemIdletimeout},
{"include", DefaultItemInclude},
{"initcmd", DefaultItemInitcmd},
{"initrunas", DefaultItemInitrunas},
{"initspinmax", DefaultItemInitspinmax},
{"initspintimer", DefaultItemInitspintimer},
{"initsubst", DefaultItemInitsubst},
@ -4427,6 +4631,7 @@ ITEM keyConsole[] = {
{"device", ConsoleItemDevice},
{"devicesubst", ConsoleItemDevicesubst},
{"exec", ConsoleItemExec},
{"execrunas", ConsoleItemExecrunas},
{"execsubst", ConsoleItemExecsubst},
/* {"flow", ConsoleItemFlow}, */
{"host", ConsoleItemHost},
@ -4434,6 +4639,7 @@ ITEM keyConsole[] = {
{"idletimeout", ConsoleItemIdletimeout},
{"include", ConsoleItemInclude},
{"initcmd", ConsoleItemInitcmd},
{"initrunas", ConsoleItemInitrunas},
{"initspinmax", ConsoleItemInitspinmax},
{"initspintimer", ConsoleItemInitspintimer},
{"initsubst", ConsoleItemInitsubst},
@ -4458,6 +4664,7 @@ ITEM keyAccess[] = {
{"admin", AccessItemAdmin},
{"allowed", AccessItemAllowed},
{"include", AccessItemInclude},
{"limited", AccessItemLimited},
{"rejected", AccessItemRejected},
{"trusted", AccessItemTrusted},
{(char *)0, (void *)0}
@ -4555,10 +4762,11 @@ ReadCfg(filename, fp)
void
#if PROTOTYPES
ReReadCfg(int fd)
ReReadCfg(int fd, int msfd)
#else
ReReadCfg(fd)
ReReadCfg(fd, msfd)
int fd;
int msfd;
#endif
{
FILE *fpConfig;
@ -4587,7 +4795,7 @@ ReReadCfg(fd)
kill(thepid, SIGTERM); /* shoot myself in the head */
return;
} else {
Error("no consoles to manage after reconfiguration - exiting");
Msg("no consoles to manage in child process after reconfiguration - child exiting");
DeUtmp((GRPENT *)0, fd);
}
}
@ -4802,7 +5010,7 @@ ReReadCfg(fd)
if (pGE->imembers == 0 || pGE->pid != -1)
continue;
Spawn(pGE);
Spawn(pGE, msfd);
Verbose("group #%d pid %lu on port %hu", pGE->id,
(unsigned long)pGE->pid, pGE->port);

5
conserver/readcfg.h
View File

@ -1,5 +1,5 @@
/*
* $Id: readcfg.h,v 5.41 2004/07/14 05:28:42 bryan Exp $
* $Id: readcfg.h,v 5.45 2005/06/07 19:55:51 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -42,12 +42,13 @@ extern REMOTE *pRCList; /* list of remote consoles we know about */
extern REMOTE *pRCUniq; /* list of uniq console servers */
extern ACCESS *pACList; /* `who do you love' (or trust) */
extern CONSENTUSERS *pADList; /* list of admin users */
extern CONSENTUSERS *pLUList; /* list of limited users */
extern BREAKS breakList[9]; /* list of break sequences */
extern CONFIG *pConfig; /* settings seen by config parser */
extern SUBST *substData; /* substitution function data */
extern void ReadCfg PARAMS((char *, FILE *));
extern void ReReadCfg PARAMS((int));
extern void ReReadCfg PARAMS((int, int));
extern void DestroyBreakList PARAMS((void));
extern void DestroyUserList PARAMS((void));
extern void DestroyConfig PARAMS((CONFIG *));

4
conserver/version.h
View File

@ -1,5 +1,5 @@
/*
* $Id: version.h,v 1.70 2004/11/09 08:24:01 bryan Exp $
* $Id: version.h,v 1.71 2005/09/05 23:13:14 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -14,4 +14,4 @@
@(#) Copyright 2000 conserver.com.\n\
All rights reserved.\n"
#define THIS_VERSION "conserver.com version 8.1.11"
#define THIS_VERSION "conserver.com version 8.1.12"

178
console/console.c
View File

@ -1,5 +1,5 @@
/*
* $Id: console.c,v 5.169 2004/10/25 07:18:20 bryan Exp $
* $Id: console.c,v 5.176 2005/09/05 22:34:39 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -57,6 +57,7 @@ char *gotoName = (char *)0;
char *prevName = (char *)0;
CONFIG *optConf = (CONFIG *)0;
CONFIG *config = (CONFIG *)0;
FLAG interact = FLAGFALSE;
#if HAVE_OPENSSL
SSL_CTX *ctx = (SSL_CTX *)0;
@ -69,6 +70,7 @@ SetupSSL()
#endif
{
if (ctx == (SSL_CTX *)0) {
char *ciphers;
SSL_load_error_strings();
if (!SSL_library_init()) {
Error("SSL library initialization failed");
@ -95,6 +97,9 @@ SetupSSL()
config->sslcredentials);
Bye(EX_UNAVAILABLE);
}
ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH";
} else {
ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH";
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
SSL_CTX_set_options(ctx,
@ -104,8 +109,7 @@ SetupSSL()
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_AUTO_RETRY);
if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") !=
1) {
if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) {
Error("Setting SSL cipher list failed");
Bye(EX_UNAVAILABLE);
}
@ -202,7 +206,7 @@ Usage(wantfull)
#endif
"f(F) force read/write connection (and replay)",
"h output this message",
"i(I) display information in machine-parseable form (on master)",
"i(I) display status info in machine-parseable form (on master)",
"l user use username instead of current username",
"M master master server to poll first",
"n do not read system-wide config file",
@ -222,21 +226,20 @@ Usage(wantfull)
"V show version information",
"w(W) show who is on which console (on master)",
"x examine ports and baud rates",
"z(Z) cmd send a command to the (master) server (think 'z'ap)",
(char *)0
};
fprintf(stderr,
"usage: %s [-aAfFsS] [-7DEnUv] [-c cred] [-C config] [-M master] [-p port] [-e esc] [-l username] console\n",
progname);
fprintf(stderr,
" %s [-hiIPrRuVwWx] [-7DEnUv] [-c cred] [-C config] [-M master] [-p port] [-d [user][@console]] [-[bB] message] [-t [user][@console] message]\n",
progname);
fprintf(stderr,
" %s [-qQ] [-7DEnUv] [-c cred] [-C config] [-M master] [-p port]\n",
progname);
fprintf(stderr, "usage: %s [generic-args] [-aAfFsS] [-e esc] console\n\
%s [generic-args] [-iIuwWx] [console]\n\
%s [generic-args] [-hPqQrRV] [-[bB] message] [-d [user][@console]]\n\
[-t [user][@console] message] [-[zZ] cmd]\n\n\
generic-args: [-7DEnUv] [-c cred] [-C config] [-M master]\n\
[-p port] [-l username]\n", progname, progname, progname);
if (wantfull) {
int i;
fprintf(stderr, "\n");
for (i = 0; full[i] != (char *)0; i++)
fprintf(stderr, "\t%s\n", full[i]);
}
@ -615,7 +618,7 @@ DestroyDataStructures()
if (myAddrs != (struct in_addr *)0)
free(myAddrs);
DestroyStrings();
if (substData != (SUBST *) 0)
if (substData != (SUBST *)0)
free(substData);
}
@ -1397,8 +1400,7 @@ CallUp(pcf, pcMaster, pcMach, pcHow, result)
/* try to grok the state of the console */
FilePrint(pcf, FLAGFALSE, "%c%c=", chAttn, chEsc);
r = ReadReply(pcf, 0);
if (strncmp(r, "[unknown", 8) != 0 &&
strncmp(r, "[up]", 4) != 0)
if (strncmp(r, "[unknown", 8) != 0 && strncmp(r, "[up]", 4) != 0)
FileWrite(cfstdout, FLAGFALSE, r, -1);
printf("[Enter `");
@ -1636,28 +1638,52 @@ DoCmds(master, pports, cmdi)
Error("forwarding level too deep!");
Bye(EX_SOFTWARE);
}
} else if (result[0] != '[') { /* did we not get a connection? */
limit = 0;
FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName,
result);
FileClose(&pcf);
continue;
FileWrite(pcf, FLAGFALSE, "exit\r\n", 6);
t = ReadReply(pcf, 1);
} else {
limit = 0;
CallUp(pcf, server, cmdarg, cmds[0], result);
if (pcf != gotoConsole)
/* if we're not trying to connect to a console */
if (interact == FLAGFALSE) {
FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName,
result);
FileClose(&pcf);
break;
continue;
}
if (result[0] != '[') { /* did we not get a connection? */
limit = 0;
FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName,
result);
FileClose(&pcf);
continue;
} else {
limit = 0;
CallUp(pcf, server, cmdarg, cmds[0], result);
if (pcf != gotoConsole)
FileClose(&pcf);
break;
}
}
} else if (cmds[cmdi][0] == 'q') {
t = ReadReply(pcf, 0);
FileWrite(cfstdout, FLAGFALSE, t, -1);
if (cmdi == 0) {
t = ReadReply(pcf, 0);
FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName, t);
} else {
FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName,
result);
}
/* only say 'exit' if 'quit' failed...since it's dying anyway */
if (t[0] != 'o' || t[1] != 'k') {
FileWrite(pcf, FLAGFALSE, "exit\r\n", 6);
t = ReadReply(pcf, 1);
}
} else {
/* all done */
/* ok, this is whacky. if cmdi==0, we haven't read back the
* reply yet, so 't' is going to have multiple lines out output
* since we send the 'exit' command...first line (or set of
* lines) would be the previous command, and then a 'goodbye'
* (ideally). we monkey around below because of this.
* like i said. wacky.
*/
FileWrite(pcf, FLAGFALSE, "exit\r\n", 6);
t = ReadReply(pcf, cmdi == 0 ? 1 : 0);
@ -1668,6 +1694,7 @@ DoCmds(master, pports, cmdi)
free(result);
if ((result = StrDup(t)) == (char *)0)
OutOfMem();
/* strip off the goodbye from the tail of the result */
len = strlen(result);
if (len > 8 &&
strcmp("goodbye\r\n", result + len - 9) == 0) {
@ -1688,9 +1715,12 @@ DoCmds(master, pports, cmdi)
}
} else if ((cmds[0][0] != 'b' && cmds[0][0] != 't') ||
(result[0] != 'o' || result[1] != 'k')) {
/* did a 'master' before this or doing a 'disconnect' */
/* did a 'master' before this or doing a 'disconnect',
* 'reconfig', 'newlogs', or 'up'
*/
if ((cmds[1] != (char *)0 && cmds[1][0] == 'm') ||
cmds[0][0] == 'd') {
cmds[0][0] == 'd' || cmds[0][0] == 'r' ||
cmds[0][0] == 'n' || cmds[0][0] == 'u') {
FileWrite(cfstdout, FLAGTRUE, serverName, -1);
FileWrite(cfstdout, FLAGTRUE, ": ", 2);
}
@ -1702,7 +1732,7 @@ DoCmds(master, pports, cmdi)
FileClose(&pcf);
/* this would only be true if we got extra redirects (@... above) */
if (cmds[cmdi][0] == 'c')
if (cmds[cmdi][0] == 'c' && interact == FLAGTRUE)
DoCmds(server, result, cmdi);
else if (cmdi > 0)
DoCmds(server, result, cmdi - 1);
@ -1739,7 +1769,8 @@ main(argc, argv)
int opt;
int fLocal;
static STRING *acPorts = (STRING *)0;
static char acOpts[] = "7aAb:B:c:C:d:De:EfFhiIl:M:np:PqQrRsSt:uUvVwWx";
static char acOpts[] =
"7aAb:B:c:C:d:De:EfFhiIl:M:np:PqQrRsSt:uUvVwWxz:Z:";
extern int optind;
extern int optopt;
extern char *optarg;
@ -1748,6 +1779,23 @@ main(argc, argv)
static STRING *consoleName = (STRING *)0;
short readSystemConf = 1;
char *userConf = (char *)0;
typedef struct zaps {
char *opt;
char *cmd;
char *desc;
} ZAPS;
ZAPS zap[] = {
{"bringup, SIGUSR1", "up", "bring up any consoles that are down"},
{"help", (char *)0, "this help message"},
{"pid", "pid", "display master process ids"},
{"quit, SIGTERM", "quit", "terminate the server"},
{"reconfig, SIGHUP", "reconfig",
"reread configuration file, then do 'reopen' actions"},
{"reopen, SIGUSR2", "newlogs",
"reopen all logfiles, then do 'bringup' actions"},
{"version", "version", "display version information"}
};
int isZap = 0;
isMultiProc = 0; /* make sure stuff DOESN'T have the pid */
@ -1940,6 +1988,53 @@ main(argc, argv)
fVersion = 1;
break;
case 'Z': /* only send cmd this host */
fLocal = 1;
/*fallthough */
case 'z': /* send a command to the server */
pcCmd = (char *)0;
for (isZap = sizeof(zap) / sizeof(ZAPS) - 1; isZap >= 0;
isZap--) {
char *token = (char *)0;
char *str = (char *)0;
if (zap[isZap].cmd == (char *)0) /* skip non-action ones */
continue;
BuildTmpString((char *)0);
str = BuildTmpString(zap[isZap].opt);
for (token = strtok(str, ", "); token != (char *)0;
token = strtok(NULL, ", ")) {
if (strcasecmp(optarg, token) == 0) {
pcCmd = zap[isZap].cmd;
isZap++;
break;
}
}
if (pcCmd)
break;
}
if (isZap < 0) {
if (strcasecmp(optarg, "help") == 0) {
STRING *help;
help = AllocString();
BuildString("available -z commands:\n\n", help);
for (isZap = 0; isZap < sizeof(zap) / sizeof(ZAPS);
isZap++) {
char *str;
BuildTmpString((char *)0);
str =
BuildTmpStringPrint(" %16s %s\n",
zap[isZap].opt,
zap[isZap].desc);
BuildString(str, help);
}
Error(help->string);
} else
Error("invalid -z command: `%s' (try `help')",
optarg);
Bye(EX_UNAVAILABLE);
}
break;
case 'h': /* huh? */
Usage(1);
Bye(EX_OK);
@ -2068,6 +2163,7 @@ main(argc, argv)
}
if (*pcCmd == 'a' || *pcCmd == 'f' || *pcCmd == 's') {
/* attach, force-attach, and spy */
if (optind >= argc) {
Error("missing console name");
Bye(EX_UNAVAILABLE);
@ -2077,6 +2173,7 @@ main(argc, argv)
if ((cmdarg = StrDup(argv[optind++])) == (char *)0)
OutOfMem();
} else if (*pcCmd == 't') {
/* text message */
if (optind >= argc) {
Error("missing message text");
Bye(EX_UNAVAILABLE);
@ -2085,6 +2182,15 @@ main(argc, argv)
free(cmdarg);
if ((cmdarg = StrDup(argv[optind++])) == (char *)0)
OutOfMem();
} else if (*pcCmd == 'i' || *pcCmd == 'e' || *pcCmd == 'h' ||
*pcCmd == 'g') {
/* info, e(x)amine, hosts (u), groups (w) */
if (optind < argc) {
if (cmdarg != (char *)0)
free(cmdarg);
if ((cmdarg = StrDup(argv[optind++])) == (char *)0)
OutOfMem();
}
}
if (optind < argc) {
@ -2156,12 +2262,18 @@ main(argc, argv)
cmdi = -1;
cmds[++cmdi] = pcCmd;
if (*pcCmd == 'q' || *pcCmd == 'v' || *pcCmd == 'p') {
if (*pcCmd == 'q' || *pcCmd == 'v' || *pcCmd == 'p' || *pcCmd == 'r' ||
isZap) {
if (!fLocal)
cmds[++cmdi] = "master";
} else if (*pcCmd == 'a' || *pcCmd == 'f' || *pcCmd == 's') {
ValidateEsc();
cmds[++cmdi] = "call";
interact = FLAGTRUE;
} else if (cmdarg != (char *)0 &&
(*pcCmd == 'i' || *pcCmd == 'e' || *pcCmd == 'h' ||
*pcCmd == 'g')) {
cmds[++cmdi] = "call";
} else {
cmds[++cmdi] = "groups";
if (!fLocal)

141
console/console.man
View File

@ -1,10 +1,34 @@
.\" $Id: console.man,v 1.55 2004/07/14 05:28:42 bryan Exp $
.TH CONSOLE 1 "2004/07/14" "conserver-8.1.11" "conserver"
.\" $Id: console.man,v 1.58 2005/09/05 22:17:33 bryan Exp $
.TH CONSOLE 1 "2005/09/05" "conserver-8.1.12" "conserver"
.SH NAME
console \- console server client program
.SH SYNOPSIS
.B console
.RI [ generic-args ]
.RB [ \-aAfFsS ]
.BR [ \-e
.IR esc ]
.I console
.br
.B console
.RI [ generic-args ]
.RB [ \-iIuwWx ]
.RI [ console ]
.br
.B console
.RI [ generic-args ]
.RB [ \-hPqQrRV ]
.RB [ \- [ bB ]
.IR message ]
.RB [ \-d
.RI [ user ][\f3@\fP console ]]
.RB [ \-t
.RI [ user ][\f3@\fP console ]
.IR message ]
.RB [ \- [ zZ ]
.IR cmd ]
.PP
.IR generic-args :
.RB [ \-7DEnUv ]
.RB [ \-c
.IR cred ]
@ -14,42 +38,8 @@ console \- console server client program
.IR master ]
.BR [ \-p
.IR port ]
.BR [ \-e
.IR esc ]
.BR [ \-l
.IR user ]
.I console
.br
.B console
.RB [ \-hiIPrRuVwWx ]
.RB [ \-7DEnUv ]
.RB [ \-c
.IR cred ]
.RB [ \-C
.IR config ]
.RB [ \-M
.IR master ]
.RB [ \-p
.IR port ]
.RB [ \-d
.RI [ user ][\f3@\fP console ]]
.RB [ \- [ bB ]
.IR message ]
.RB [ \-t
.RI [ user ][\f3@\fP console ]
.IR message ]
.br
.B console
.RB [ \-qQ ]
.RB [ \-7DEnUv ]
.RB [ \-c
.IR cred ]
.RB [ \-C
.IR config ]
.RB [ \-M
.IR master ]
.RB [ \-p
.IR port ]
.SH DESCRIPTION
.B Console
is used to manipulate console terminals remotely or to poll running
@ -129,7 +119,7 @@ Load an SSL certificate and key from the PEM encoded file
.TP
.BI \-C config
Use the per-user configuration file
.IR conf .
.IR config .
.TP
.B \-d
Disconnect the users specified by
@ -182,7 +172,7 @@ except it will force any existing connection into spy mode.
Display a brief help message.
.TP
.B \-i
Display information in a machine-parseable format (see below for the details).
Display status information in a machine-parseable format (see below for the details).
.TP
.B \-I
Same as
@ -338,6 +328,72 @@ but just acts on the primary server.
.TP
.B \-x
Show a list of consoles and devices.
.TP
.BI \-z cmd
Sends a command
.RI ( cmd )
to each server and displays the result.
The valid commands are:
.RS
.sp
.PD 0
.TP 12
.B bringup
Try to connect all consoles marked as down (this is equivalent
to sending the server a SIGUSR1)
.TP
.B SIGUSR1
Same as
.B bringup
.TP
.B help
Displays the help message
.TP
.B pid
Returns the pid of the server (this is equivalent to
.BR \-P )
.TP
.B quit
Instructs the server to shut down (this is equivalent to
.B \-q
or sending the server a SIGTERM)
.TP
.B SIGTERM
Same as
.B quit
.TP
.B reconfig
Instructs the server to reload the configuration file, then
perform the actions of
.B reopen
(this is equivalent to sending the server a SIGHUP)
.TP
.B SIGHUP
Same as
.B reconfig
.TP
.B reopen
Instructs the server to reopen all logfiles, then
perform the actions of
.B bringup
(this is equivalent to sending the server a SIGUSR2)
.TP
.B SIGUSR2
Same as
.B reopen
.TP
.B version
Returns the version of the server (this is equivalent to
.BR \-V )
.PD
.RE
.TP
.BI \-Z cmd
Same as
.B \-z
but just sends
.I cmd
to the primary server.
.PP
The
.BR \-A ,
@ -350,8 +406,15 @@ making the connection (as if
were typed).
.PP
The
.BR \-i ,
.BR \-u ,
.BR \-w ", and"
.B \-x
options can be given a console name, which will limit their output to that console.
.PP
The
.B \-i
option outputs information regarding each console in 15 colon-separated fields.
option outputs status information regarding each console in 15 colon-separated fields.
.TP
.I name
The name of the console.

9
console/readconf.c
View File

@ -1,5 +1,5 @@
/*
* $Id: readconf.c,v 5.2 2004/05/25 00:38:15 bryan Exp $
* $Id: readconf.c,v 5.3 2005/06/11 02:32:21 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -510,7 +510,7 @@ ConfigItemUsername(id)
OutOfMem();
}
SUBST *substData = (SUBST *) 0;
SUBST *substData = (SUBST *)0;
int
#if PROTOTYPES
@ -524,9 +524,8 @@ SubstCallback(c, s, i)
{
int retval = 0;
if (substData == (SUBST *) 0) {
if ((substData =
(SUBST *) calloc(1, sizeof(SUBST))) == (SUBST *) 0)
if (substData == (SUBST *)0) {
if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
OutOfMem();
substData->callback = &SubstCallback;
substData->tokens['u'] = ISSTRING;

2
contrib/redhat-rpm/conserver.spec
View File

@ -4,7 +4,7 @@
#
%define pkg conserver
%define ver 8.1.11
%define ver 8.1.12
# define the name of the machine on which the main conserver
# daemon will be running if you don't want to use the default

2
contrib/solaris-package/pkginfo
View File

@ -1,7 +1,7 @@
PKG="conserver"
NAME="Console server and client"
CATEGORY="system"
VERSION="8.1.11"
VERSION="8.1.12"
DESC="Console server and client"
CLASSES=none
ARCH=sparc

2
test/dotest
View File

@ -94,5 +94,7 @@ dotest 'cocacoc.'
dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x sh | sed -e '1s/^[^:]*//'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x shell | sed -e 's/ on [^ ]* */ on /'"
cleanup

2
test/results/test14 Normal file
View File

@ -0,0 +1,2 @@
: ambiguous console abbreviation, `sh'
choices are shellb, shella, shell

1
test/results/test15 Normal file
View File

@ -0,0 +1 @@
shell on at Local