view release on metacpan or  search on metacpan

lib/App/Yabsm/Command/Daemon.pm  view on Meta::CPAN

    # Handle SIGHUP by restarting yabsmd.

    # Restart the daemon on a SIGHUP.
    $SIG{HUP} = \&yabsmd_restart;

    # Gracefully exit on any signal that has a default action of terminate or
    # dump.
    my $cleanup_and_exit = sub {
        # clear the PID file
        if (open my $fh, '>', '/run/yabsmd.pid') {
            close $fh;
        }
        exit 0;
    };

    $SIG{ABRT}   = $cleanup_and_exit;
    $SIG{ALRM}   = $cleanup_and_exit;
    $SIG{BUS}    = $cleanup_and_exit;
    $SIG{FPE}    = $cleanup_and_exit;
    $SIG{ILL}    = $cleanup_and_exit;
    $SIG{INT}    = $cleanup_and_exit;
    $SIG{IO}     = $cleanup_and_exit;
    $SIG{KILL}   = $cleanup_and_exit;
    $SIG{PIPE}   = $cleanup_and_exit;
    $SIG{PROF}   = $cleanup_and_exit;
    $SIG{PWR}    = $cleanup_and_exit;
    $SIG{QUIT}   = $cleanup_and_exit;
    $SIG{SEGV}   = $cleanup_and_exit;
    $SIG{STKFLT} = $cleanup_and_exit;
    $SIG{SYS}    = $cleanup_and_exit;
    $SIG{TERM}   = $cleanup_and_exit;
    $SIG{TRAP}   = $cleanup_and_exit;
    $SIG{USR1}   = $cleanup_and_exit;
    $SIG{USR2}   = $cleanup_and_exit;
    $SIG{VTALRM} = $cleanup_and_exit;
    $SIG{XCPU}   = $cleanup_and_exit;
    $SIG{XFSZ}   = $cleanup_and_exit;
}

sub create_yabsm_user_ssh_key {

    # Create an SSH key for the yabsm user if one doesn't already exist. This
    # function dies unless the processes ruid and rgid are that of the yabsm user
    # and group.
    #
    # If the $force value is false then only create the key if the users
    # configuration defines at least one ssh_backup, and if it is true then
    # create the key even if no ssh_backup's are defined.

    arg_count_or_die(2, 2, @_);

    my $force      = shift;
    my $config_ref = shift;

    if ($force || all_ssh_backups($config_ref)) {

        my $yabsm_uid = getpwnam('yabsm') or confess(q(yabsm: internal error: cannot find user named 'yabsm'));
        my $yabsm_gid = getgrnam('yabsm') or confess(q(yabsm: internal error: cannot find group named 'yabsm'));

        unless (POSIX::getuid() == $yabsm_uid && POSIX::getgid() == $yabsm_gid) {
            my $username  = getpwuid POSIX::getuid();
            my $groupname = getgrgid POSIX::getgid();
            confess "yabsm: internal error: expected to be running as user and group yabsm but instead running as user '$username' and group '$groupname'";
        }

        my $yabsm_user_home = yabsm_user_home($config_ref);

        my $ssh_dir  = "$yabsm_user_home/.ssh";
        my $priv_key = "$ssh_dir/id_ed25519";
        my $pub_key  = "$ssh_dir/id_ed25519.pub";

        unless (-f $priv_key && -f $pub_key) {
            system_or_die('ssh-keygen', '-t', 'ed25519', '-f', $priv_key, '-N', '');
            chown $yabsm_uid, $yabsm_gid, $priv_key, $pub_key;
            chmod 0600, $priv_key;
            chmod 0644, $pub_key;
        }

        return 1;
    }

    return 0;
}

sub add_yabsm_user_btrfs_sudoer_rule {

    # Add sudoer rule to '/etc/sudoers.d/yabsm-btrfs' to grant the 'yabsm' user
    # sudo access to btrfs-progs.

    arg_count_or_die(0, 0, @_);

    i_am_root_or_die();

    my $file = '/etc/sudoers.d/yabsm-btrfs';

    unless (-f $file) {
        my $btrfs_bin = `which btrfs 2>/dev/null`
          or confess('yabsm: internal error: btrfs-progs not in root users path');

        my $sudoer_rule = "yabsm ALL=(root) NOPASSWD $btrfs_bin";

        open my $fh, '>', $file
          or confess("yabsm: internal error: could not open '$file' for writing");

        print $fh $sudoer_rule;

        close $fh
    }

    return $file;
}

sub create_yabsm_user_and_group {

    # Create a locked-user and group named 'yabsm' if they do not already exist.

    arg_count_or_die(1, 1, @_);

    my $config_ref = shift;

    i_am_root_or_die();