1 # Common NIS server functions for Linux
3 # show_server_security()
4 # Show NIS server security-related options
5 sub show_server_security
7 local ($opts, $hosts) = &parse_ypserv_conf();
9 # Show port checking option
10 local $port = $opts->{'xfr_check_port'} ? $opts->{'xfr_check_port'}->{'value'}
12 print "<tr> <td><b>$text{'security_port'}</b></td>\n";
13 printf "<td><input type=radio name=port value=1 %s> %s\n",
14 $port ? 'checked' : '', $text{'yes'};
15 printf "<input type=radio name=port value=0 %s> %s</td> </tr>\n",
16 $port ? '' : 'checked', $text{'no'};
18 # Work out if the new (with domains) or old format is in use
19 local ($newfmt) = grep { $_->{'domain'} } @$hosts;
20 print &ui_hidden("format", $newfmt ? 1 : 0),"\n";
23 # Generate new format table
24 $table .= &ui_columns_start([ $text{'security_hosts'},
25 $text{'security_domain'},
26 $text{'security_map'},
27 $text{'security_sec'},
28 $text{'security_mangle'} ]);
30 foreach $h (@$hosts, { 'map' => '*' }) {
32 push(@cols, &ui_radio("host_def_$i", $h->{'host'} eq '*' ? 2 :
34 [ [ 1, $text{'security_none'} ],
35 [ 2, $text{'security_any'} ],
36 [ 0, &ui_textbox("host_$i",
37 $h->{'host'} eq '*' ? undef : $h->{'host'}, 20) ] ]));
38 push(@cols, &ui_opt_textbox("domain_$i",
39 $h->{'domain'} eq '*' ? undef : $h->{'domain'},
40 20, $text{'security_tall'}));
41 push(@cols, &ui_radio("map_def_$i", $h->{'map'} eq '*' ? 1 : 0,
42 [ [ 1, $text{'security_tall'} ],
43 [ 0, &ui_textbox("map_$i", $h->{'map'} eq '*' ? undef :
44 $h->{'map'}, 20) ] ]));
45 push(@cols, &ui_select("sec_$i", $h->{'sec'},
46 [ [ "none", $text{'security_sec_none'} ],
47 [ "port", $text{'security_sec_port'} ],
48 [ "deny", $text{'security_sec_deny'} ] ]));
49 push(@cols, &ui_opt_textbox("mangle_$i",
50 !$h->{'mangle'} ? undef :
51 $h->{'field'} ? $h->{'field'} : 2,
52 5, $text{'security_none'}));
53 $table .= &ui_columns_row(\@cols);
58 # Generate old format table
59 $table .= &ui_columns_start([ $text{'security_hosts'},
60 $text{'security_map'},
61 $text{'security_sec'},
62 $text{'security_mangle'} ]);
64 foreach $h (@$hosts, { 'map' => '*' }) {
66 push(@cols, &ui_radio("host_def_$i", $h->{'host'} eq '*' ? 2 :
68 [ [ 1, $text{'security_none'} ],
69 [ 2, $text{'security_any'} ],
70 [ 0, &ui_textbox("host_$i",
71 $h->{'host'} eq '*' ? undef : $h->{'host'}, 20) ] ]));
72 push(@cols, &ui_radio("map_def_$i", $h->{'map'} eq '*' ? 1 : 0,
73 [ [ 1, $text{'security_tall'} ],
74 [ 0, &ui_textbox("map_$i", $h->{'map'} eq '*' ? undef :
75 $h->{'map'}, 20) ] ]));
76 push(@cols, &ui_select("sec_$i", $h->{'sec'},
77 [ [ "none", $text{'security_sec_none'} ],
78 [ "port", $text{'security_sec_port'} ],
79 [ "deny", $text{'security_sec_deny'} ],
80 [ "des", $text{'security_sec_des'} ] ]));
81 push(@cols, &ui_radio("mangle_$i", $h->{'mangle'} ? 1 : 0,
82 [ [ 0, $text{'security_none'} ],
83 [ 1, &ui_textbox("field_$i", $h->{'field'}, 4) ] ]));
84 $table .= &ui_columns_row(\@cols);
87 $table .= &ui_columns_end();
90 print "<tr> <td colspan=2><b>$text{'security_maps'}</b><br>\n";
91 print "$table</td> </tr>\n";
93 print "</table></td> </tr>\n";
96 # parse_server_security()
97 # Save and apply server security options
98 sub parse_server_security
100 # Save security settings
101 local ($opts, $hosts) = &parse_ypserv_conf();
102 local $lref = &read_file_lines($ypserv_conf);
103 local $xfr = $opts->{'xfr_check_port'};
104 local $line = $in{'port'} ? 'xfr_check_port: yes' : 'xfr_check_port: no';
106 $lref->[$xfr->{'line'}] = $line;
112 # Save host restrictions
113 local ($i, $j, $offset);
114 for($i=0; defined($in{"host_$i"}); $i++) {
116 next if ($in{"host_def_$i"} == 1);
117 $in{"host_def_$i"} == 2 || $in{"host_$i"} =~ /^[^:\s]+$/ ||
118 &error(&text('security_ehost', $in{"host_$i"}));
119 $in{"map_def_$i"} || $in{"map_$i"} =~ /^[^:\s]+$/ ||
120 &error(&text('security_emap', $in{"map_$i"}));
121 if ($in{'format'} == 1) {
122 # New format, including domain
123 $in{"domain_${i}_def"} || $in{"domain_$i"} =~ /^[^:\s]+$/ ||
124 &error(&text('security_edomain', $in{"domain_$i"}));
125 $in{"mangle_${i}_def"} || $in{"mangle_$i"} =~ /^\d+$/ ||
126 &error(&text('security_efield', $in{"mangle_$i"}));
127 @line = ( $in{"host_def_$i"} == 2 ? "*" : $in{"host_$i"},
128 $in{"domain_${i}_def"} ? "*" : $in{"domain_$i"},
129 $in{"map_def_$i"} ? "*" : $in{"map_$i"},
131 ($in{"mangle_${i}_def"} ? "" :
132 "/mangle:".$in{"mangle_$i"}) );
136 $in{"field_$i"} =~ /^\d*$/ ||
137 &error(&text('security_efield', $in{"field_$i"}));
138 @line = ( $in{"host_def_$i"} == 2 ? "*" : $in{"host_$i"},
139 $in{"map_def_$i"} ? "*" : $in{"map_$i"},
141 $in{"mangle_$i"} ? "yes" : "no" );
142 push(@line, $in{"field_$i"})
143 if ($in{"field_$i"} && $in{"field_$i"} != 2);
145 local $old = $hosts->[$j++];
147 $lref->[$old->{'line'}] = join(":", @line);
150 push(@$lref, join(":", @line));
153 while($hosts->[$j]) {
154 splice(@$lref, $hosts->[$j]->{'line'}-$offset, 1);
160 local $pid = &check_pid_file($pid_file);
161 &kill_logged('HUP', $pid) if ($pid);