Initial version of glue - going to abandon -alloc stuff.

diff --git a/ipif/Makefile b/ipif/Makefile
index 2bcea8cf5a7fdba4d39b3b0b69551250e5bf58b6..c8f66734e384f19e05d955de86e16bd756107a10 100644 (file)
--- a/ipif/Makefile
+++ b/ipif/Makefile
@@ -3,4 +3,16 @@
 CFLAGS=                -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith \
                -Wwrite-strings -g -D_GNU_SOURCE
 
 CFLAGS=                -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith \
                -Wwrite-strings -g -D_GNU_SOURCE
 

-all:           service
+etc=           /etc
+prefix=                /usr/local
+libipif=       $(prefix)/lib/userv-ipif
+etcipif=       $(etc)/userv/ipif
+
+TARGETS=       service
+
+all:           $(TARGETS)
+
+install:       all
+               mkdir -p $(libipif) $(etcipif)
+               cp service alloc.pl $(libdir)/.
+               touch $(etcipif)/networks

diff --git a/ipif/alloc.pl b/ipif/alloc.pl
new file mode 100644 (file)
index 0000000..15d7615
--- /dev/null
+++ b/ipif/alloc.pl
@@ -0,0 +1,81 @@
+#!/usr/bin/perl
+
+$etcdir= '/etc/userv/ipif';
+chdir($etcdir) or die "$0: chdir $etcdir: $!\n";
+
+$descallowd= '-][()+_\'":=;,./|';
+
+sub usage () {
+    die <<END;
+Allocates an RFC1918 address and records it
+usage: userv ipif-alloc <group|gid> [<prefix>]/<size> <description>
+<description> may contain alphanums, spaces and $descallowed
+END
+}
+
+@ARGV==3 or usage();
+($group, $pfxsize, $desc) = @ARGV;
+
+$super= 0;
+
+open X, "config" or die "$0: open config: $!\n";
+while (<X>) {
+    next if m/^\#/;
+    next if !m/\S/;
+    chomp; s/\s+$//;
+    if (m/^supergroup\s+(\w+)$/) {
+       $super= am_gid($1);
+    } elsif (m/^maxpergid\s+(\d+)$/) {
+       $maxpergid= $1;
+    } elsif (m,^range\s+([.0-9]+)/(\d+)$,) {
+       ($allow_p, $allow_m, $allow_l) = parse_range($1,$2);
+    } else {
+       die "$0: config:$.: unknown directive: $_\n";
+    }
+}
+close X or die "$0: read config: $!\n";
+
+if ($pfxsize =~ m,^([.0-9]+)/(\d+)$,) {
+    ($want_p, $want_m, $want_l) = parse_range($1,$2);
+    if (!$super && !overlap($want_p,$want_m, $allow_p,$allow_m)) {
+       die "$0: permission denied (out of required range)\n";
+    }
+} elsif ($pfxsize =~ m,^/(\d+)$,) {
+    undef $want_p;
+    undef $want_m;
+    $want_l= $1;
+} else {
+    die "$0: bad request: $pfxsize\n";
+}
+
+$gid= get_gid($group);
+if (!am_gid($gid)) {
+    die "$0: you are not gid $gid\n";
+}
+
+$op.= '';
+$max_p= 0; $max_m= 0;
+
+open Y, "auto-nets" or die "$0: open auto-nets: $!\n";
+for (;;) {
+    $!= 0; chomp($_= <Y>);
+    length or die "$0: read auto-nets: $!\n";
+    last if m/^\#end/;
+    next if m/^\#/;
+    $op.= $_."\n";
+    m:^(\d+),([.0-9]+)/(\d+),.*: or die "$0: auto-nets:$.: syntax error: $_\n";
+    $this_gid= $1;
+    ($this_p, $this_m, $this_l) = parse_range($2,$3);
+    if (defined($want_p)) {
+       if (overlap($want_p,$want_m, $this_p,$this_m)) {
+           die "$0: overlaps with existing allocation (auto-nets:$.)\n";
+       }
+    } else {
+       if ($this_p > $max_p) {
+           ($this_p,$this_m) = ($max_p,$max_m);
+       }
+    }
+    
+    
+    next if $1 ne $gid;
+    

diff --git a/ipif/config b/ipif/config
new file mode 100644 (file)
index 0000000..52a3958
--- /dev/null
+++ b/ipif/config
@@ -0,0 +1,3 @@
+supergroup     0
+maxpergid      256
+range          10.232.0.0/15

diff --git a/ipif/ipif b/ipif/ipif
new file mode 100644 (file)
index 0000000..a019469
--- /dev/null
+++ b/ipif/ipif
@@ -0,0 +1,9 @@
+if ( grep calling-user-shell /etc/shells
+   & glob service-user root
+   )
+       reset
+       no-set-environment
+       no-suppress-args
+       no-disconnect-hup
+       execute /usr/local/lib/userv/ipif /etc/userv/ipif/networks --
+fi

diff --git a/ipif/ipif-alloc b/ipif/ipif-alloc
new file mode 100644 (file)
index 0000000..4bfa131
--- /dev/null
+++ b/ipif/ipif-alloc
@@ -0,0 +1,10 @@
+if ( grep calling-user-shell /etc/shells
+   & glob service-user root
+   )
+       reset
+       no-set-environment
+       no-suppress-args
+       no-disconnect-hup
+       execute with-lock-ex -w /etc/userv/ipif/lockfile \
+               /usr/local/lib/userv-ipif/alloc.pl
+fi