With alter table patches and the undocumented feature for administering
mysql users and databases with same name as unix groups for the user.
This commit is contained in:
parent
7f589bb064
commit
ff52786682
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* acconfig.h
|
||||
*
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/acconfig.h,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/acconfig.h,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
*/
|
||||
|
||||
|
|
74
common.c
74
common.c
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/common.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/common.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
* functions used by mysql-dbadm.c and mysql-useradm.c
|
||||
*
|
||||
|
@ -17,11 +17,12 @@
|
|||
#include <unistd.h>
|
||||
#include <ctype.h>
|
||||
#include <string.h>
|
||||
#include <grp.h>
|
||||
#include "mysql-admutils.h"
|
||||
|
||||
char *program_name;
|
||||
|
||||
static char *rcsheader = "@(#) " PACKAGE " " VERSION " ljosa@initio.no $Header: /tmp/cvs/mysql-admutils/common.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $";
|
||||
static char *rcsheader = "@(#) " PACKAGE " " VERSION " ljosa@initio.no $Header: /tmp/cvs/mysql-admutils/common.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $";
|
||||
|
||||
|
||||
int
|
||||
|
@ -117,6 +118,75 @@ owner(char *name)
|
|||
return 0; /* not owner if we get as far as this */
|
||||
}
|
||||
|
||||
/**
|
||||
* Decides if the user is member of a group. The Unix group can't contain any
|
||||
* '_'. i.e 'fidi_s' won't be accepted.
|
||||
*/
|
||||
int
|
||||
member(char *gr) {
|
||||
char *username;
|
||||
|
||||
char *group;
|
||||
struct group *g;
|
||||
|
||||
struct passwd *p;
|
||||
char *foo;
|
||||
|
||||
/* size_t i = 0; */
|
||||
|
||||
/* Get username */
|
||||
p = getpwuid(getuid());
|
||||
if (!p) {
|
||||
fprintf(stderr, "Failed to look up your UNIX username.");
|
||||
exit(1);
|
||||
}
|
||||
username = p->pw_name;
|
||||
|
||||
/* Copy string, but cut at '_' */
|
||||
group = strdup(gr);
|
||||
if (group == NULL) {
|
||||
fprintf(stderr, "Couldn't allocate memory. Terminating.");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
foo = strchr(group, '_');
|
||||
if (foo) {
|
||||
#if DEBUG
|
||||
printf("gr = %s, group = %s, foo = %s\n", gr, group, foo);
|
||||
#endif
|
||||
*foo = '\0';
|
||||
}
|
||||
|
||||
/* Get group */
|
||||
g = getgrnam(group);
|
||||
if (g == NULL) {
|
||||
fprintf(stderr, "No such group: %s\n", group);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/* Check if user is member of group */
|
||||
while(*g->gr_mem != NULL) {
|
||||
char * member = *g->gr_mem;
|
||||
#if DEBUG
|
||||
printf("Medlem: %s\n", *g->gr_mem);
|
||||
#endif
|
||||
|
||||
if (strcmp(member,username) == 0) {
|
||||
#if DEBUG
|
||||
printf("You have access to '%s'\n", gr);
|
||||
#endif
|
||||
return 1; /* OK */
|
||||
} else
|
||||
*g->gr_mem++;
|
||||
}
|
||||
#if DEBUG
|
||||
printf("You have no access to '%s'\n", gr);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
reload(MYSQL *pmysql)
|
||||
|
|
|
@ -0,0 +1,86 @@
|
|||
--- mysql/common.c Wed Feb 2 22:59:21 2000
|
||||
+++ src-0.3-local/common.c Thu Feb 17 21:20:24 2000
|
||||
@@ -17,6 +17,7 @@
|
||||
#include <unistd.h>
|
||||
#include <ctype.h>
|
||||
#include <string.h>
|
||||
+#include <grp.h>
|
||||
#include "mysql-admutils.h"
|
||||
|
||||
char *program_name;
|
||||
@@ -115,6 +116,75 @@
|
||||
return 1; /* OK */
|
||||
|
||||
return 0; /* not owner if we get as far as this */
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
+ * Decides if the user is member of a group. The Unix group can't contain any
|
||||
+ * '_'. i.e 'fidi_s' won't be accepted.
|
||||
+ */
|
||||
+int
|
||||
+member(char *gr) {
|
||||
+ char *username;
|
||||
+
|
||||
+ char *group;
|
||||
+ struct group *g;
|
||||
+
|
||||
+ struct passwd *p;
|
||||
+ char *foo;
|
||||
+
|
||||
+ /* size_t i = 0; */
|
||||
+
|
||||
+ /* Get username */
|
||||
+ p = getpwuid(getuid());
|
||||
+ if (!p) {
|
||||
+ fprintf(stderr, "Failed to look up your UNIX username.");
|
||||
+ exit(1);
|
||||
+ }
|
||||
+ username = p->pw_name;
|
||||
+
|
||||
+ /* Copy string, but cut at '_' */
|
||||
+ group = strdup(gr);
|
||||
+ if (group == NULL) {
|
||||
+ fprintf(stderr, "Couldn't allocate memory. Terminating.");
|
||||
+ exit(1);
|
||||
+ }
|
||||
+
|
||||
+ foo = strchr(group, '_');
|
||||
+ if (foo) {
|
||||
+#if DEBUG
|
||||
+ printf("gr = %s, group = %s, foo = %s\n", gr, group, foo);
|
||||
+#endif
|
||||
+ *foo = '\0';
|
||||
+ }
|
||||
+
|
||||
+ /* Get group */
|
||||
+ g = getgrnam(group);
|
||||
+ if (g == NULL) {
|
||||
+ fprintf(stderr, "No such group: %s\n", group);
|
||||
+ exit(1);
|
||||
+ }
|
||||
+
|
||||
+ /* Check if user is member of group */
|
||||
+ while(*g->gr_mem != NULL) {
|
||||
+ char * member = *g->gr_mem;
|
||||
+#if DEBUG
|
||||
+ printf("Medlem: %s\n", *g->gr_mem);
|
||||
+#endif
|
||||
+
|
||||
+ if (strcmp(member,username) == 0) {
|
||||
+#if DEBUG
|
||||
+ printf("You have access to '%s'\n", gr);
|
||||
+#endif
|
||||
+ return 1; /* OK */
|
||||
+ } else
|
||||
+ *g->gr_mem++;
|
||||
+ }
|
||||
+#if DEBUG
|
||||
+ printf("You have no access to '%s'\n", gr);
|
||||
+#endif
|
||||
+
|
||||
+ return 0;
|
||||
+
|
||||
}
|
||||
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-admutils.h,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-admutils.h,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
*/
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
* mysql-dbadm.c
|
||||
*
|
||||
|
@ -168,24 +168,24 @@ writeperm(FILE *f, MYSQL *pmysql, const char *db)
|
|||
MYSQL_ROW row;
|
||||
|
||||
sprintf(query, "select user,select_priv,insert_priv,update_priv,"
|
||||
"delete_priv,create_priv,drop_priv from db where db='%s'", db);
|
||||
"delete_priv,create_priv,drop_priv,alter_priv from db where db='%s'", db);
|
||||
|
||||
if (mysql_query(pmysql, query))
|
||||
return dberror(pmysql, "Query for permissions failed.");
|
||||
res = mysql_store_result(pmysql);
|
||||
rows = mysql_num_rows(res);
|
||||
fprintf(f, "# User "
|
||||
"Select Insert Update Delete Create Drop\n");
|
||||
"Select Insert Update Delete Create Drop Alter\n");
|
||||
fprintf(f, "# ---------------- "
|
||||
"------ ------ ------ ------ ------ ------\n");
|
||||
"------ ------ ------ ------ ------ ---- -----\n");
|
||||
if (rows == 0)
|
||||
fprintf(f, "# (no permissions currently granted to any users)\n");
|
||||
else
|
||||
for (i = 0; i < rows; i++)
|
||||
{
|
||||
row = mysql_fetch_row(res);
|
||||
fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %s\n",
|
||||
row[0], row[1], row[2], row[3], row[4], row[5], row[6]);
|
||||
fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %-7s %s\n",
|
||||
row[0], row[1], row[2], row[3], row[4], row[5], row[6], row[7]);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
@ -215,7 +215,7 @@ editperm(MYSQL *pmysql, const char *db)
|
|||
char line[1024]; /* buffer to hold one line */
|
||||
char *cp; /* used to interate through a line */
|
||||
char *user, *select_priv, *insert_priv, *update_priv, *delete_priv,
|
||||
*create_priv, *drop_priv;
|
||||
*create_priv, *drop_priv, *alter_priv;
|
||||
char query[1024]; /* used to build a query */
|
||||
char *queries[MAX_GRANTS]; /* insert queries */
|
||||
int lines; /* number of grant lines processed */
|
||||
|
@ -285,15 +285,17 @@ editperm(MYSQL *pmysql, const char *db)
|
|||
CHECK_PRIV(create_priv);
|
||||
STRTOK_WHITESPACE(drop_priv, NULL);
|
||||
CHECK_PRIV(drop_priv);
|
||||
STRTOK_WHITESPACE(alter_priv, NULL);
|
||||
CHECK_PRIV(alter_priv);
|
||||
|
||||
#undef STRTOK_WHITESPACE
|
||||
#undef CHECK_PRIV
|
||||
|
||||
sprintf(query, "insert into db (host, db, user, select_priv, insert_priv, "
|
||||
"update_priv, delete_priv, create_priv, drop_priv) values "
|
||||
"('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
|
||||
"update_priv, delete_priv, create_priv, drop_priv, alter_priv) values "
|
||||
"('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
|
||||
db, user, select_priv, insert_priv, update_priv, delete_priv,
|
||||
create_priv, drop_priv);
|
||||
create_priv, drop_priv, alter_priv);
|
||||
queries[lines] = strdup(query);
|
||||
lines++;
|
||||
if (lines >= MAX_GRANTS)
|
||||
|
@ -391,7 +393,7 @@ main(int argc, char *argv[])
|
|||
/* for each supplied database name, perform the requested action */
|
||||
for (i = 2; i < argc; i++)
|
||||
{
|
||||
if (! owner(argv[i]))
|
||||
if (! (owner(argv[i]) || member(argv[i])))
|
||||
{
|
||||
dberror(NULL, "You are not the owner of '%s'. Skipping.",
|
||||
argv[i]);
|
||||
|
|
|
@ -0,0 +1,71 @@
|
|||
--- mysql/mysql-dbadm.c Wed Feb 2 20:51:53 2000
|
||||
+++ src-0.3-local/mysql-dbadm.c Thu Feb 17 21:29:49 2000
|
||||
@@ -168,24 +168,24 @@
|
||||
MYSQL_ROW row;
|
||||
|
||||
sprintf(query, "select user,select_priv,insert_priv,update_priv,"
|
||||
- "delete_priv,create_priv,drop_priv from db where db='%s'", db);
|
||||
+ "delete_priv,create_priv,drop_priv,alter_priv from db where db='%s'", db);
|
||||
|
||||
if (mysql_query(pmysql, query))
|
||||
return dberror(pmysql, "Query for permissions failed.");
|
||||
res = mysql_store_result(pmysql);
|
||||
rows = mysql_num_rows(res);
|
||||
fprintf(f, "# User "
|
||||
- "Select Insert Update Delete Create Drop\n");
|
||||
+ "Select Insert Update Delete Create Drop Alter\n");
|
||||
fprintf(f, "# ---------------- "
|
||||
- "------ ------ ------ ------ ------ ------\n");
|
||||
+ "------ ------ ------ ------ ------ ---- -----\n");
|
||||
if (rows == 0)
|
||||
fprintf(f, "# (no permissions currently granted to any users)\n");
|
||||
else
|
||||
for (i = 0; i < rows; i++)
|
||||
{
|
||||
row = mysql_fetch_row(res);
|
||||
- fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %s\n",
|
||||
- row[0], row[1], row[2], row[3], row[4], row[5], row[6]);
|
||||
+ fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %-7s %s\n",
|
||||
+ row[0], row[1], row[2], row[3], row[4], row[5], row[6], row[7]);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@@ -215,7 +215,7 @@
|
||||
char line[1024]; /* buffer to hold one line */
|
||||
char *cp; /* used to interate through a line */
|
||||
char *user, *select_priv, *insert_priv, *update_priv, *delete_priv,
|
||||
- *create_priv, *drop_priv;
|
||||
+ *create_priv, *drop_priv, *alter_priv;
|
||||
char query[1024]; /* used to build a query */
|
||||
char *queries[MAX_GRANTS]; /* insert queries */
|
||||
int lines; /* number of grant lines processed */
|
||||
@@ -285,15 +285,17 @@
|
||||
CHECK_PRIV(create_priv);
|
||||
STRTOK_WHITESPACE(drop_priv, NULL);
|
||||
CHECK_PRIV(drop_priv);
|
||||
+ STRTOK_WHITESPACE(alter_priv, NULL);
|
||||
+ CHECK_PRIV(alter_priv);
|
||||
|
||||
#undef STRTOK_WHITESPACE
|
||||
#undef CHECK_PRIV
|
||||
|
||||
sprintf(query, "insert into db (host, db, user, select_priv, insert_priv, "
|
||||
- "update_priv, delete_priv, create_priv, drop_priv) values "
|
||||
- "('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
|
||||
+ "update_priv, delete_priv, create_priv, drop_priv, alter_priv) values "
|
||||
+ "('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
|
||||
db, user, select_priv, insert_priv, update_priv, delete_priv,
|
||||
- create_priv, drop_priv);
|
||||
+ create_priv, drop_priv, alter_priv);
|
||||
queries[lines] = strdup(query);
|
||||
lines++;
|
||||
if (lines >= MAX_GRANTS)
|
||||
@@ -391,7 +393,7 @@
|
||||
/* for each supplied database name, perform the requested action */
|
||||
for (i = 2; i < argc; i++)
|
||||
{
|
||||
- if (! owner(argv[i]))
|
||||
+ if (! (owner(argv[i]) || member(argv[i])))
|
||||
{
|
||||
dberror(NULL, "You are not the owner of '%s'. Skipping.",
|
||||
argv[i]);
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-useradm.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-useradm.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
* mysql-useradm.c
|
||||
*
|
||||
|
@ -269,7 +269,7 @@ main(int argc, char *argv[])
|
|||
/* for each supplied database name, perform the requested action */
|
||||
for (i = 2; i < argc; i++)
|
||||
{
|
||||
if (! owner(argv[i]))
|
||||
if (! (owner(argv[i]) || member(argv[i])))
|
||||
{
|
||||
dberror(NULL, "You are not the owner of '%s'. Skipping.",
|
||||
argv[i]);
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
--- mysql/mysql-useradm.c Wed Feb 2 20:51:53 2000
|
||||
+++ src-0.3-local/mysql-useradm.c Thu Feb 17 21:22:31 2000
|
||||
@@ -269,7 +269,7 @@
|
||||
/* for each supplied database name, perform the requested action */
|
||||
for (i = 2; i < argc; i++)
|
||||
{
|
||||
- if (! owner(argv[i]))
|
||||
+ if (! (owner(argv[i]) || member(argv[i])))
|
||||
{
|
||||
dberror(NULL, "You are not the owner of '%s'. Skipping.",
|
||||
argv[i]);
|
2
pwfile.c
2
pwfile.c
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* @($) $Id: pwfile.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @($) $Id: pwfile.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
* functions for parsing the config file.
|
||||
*
|
||||
|
|
4
pwlex.c
4
pwlex.c
|
@ -1,7 +1,7 @@
|
|||
/* A lexical scanner generated by flex */
|
||||
|
||||
/* Scanner skeleton version:
|
||||
* $Header: /tmp/cvs/mysql-admutils/pwlex.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* $Header: /tmp/cvs/mysql-admutils/pwlex.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*/
|
||||
|
||||
#define FLEX_SCANNER
|
||||
|
@ -389,7 +389,7 @@ char *yytext;
|
|||
#line 1 "pwlex.l"
|
||||
#define INITIAL 0
|
||||
/*
|
||||
* @(#) $Id: pwlex.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $
|
||||
* @(#) $Id: pwlex.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
|
||||
*
|
||||
* lex source for the configuration file
|
||||
*
|
||||
|
|
Loading…
Reference in New Issue