Projects/mysql-admutils
Projects
/
mysql-admutils
13
0
Fork 0
Code Issues Pull Requests Activity

With alter table patches and the undocumented feature for administering 

mysql users and databases with same name as unix groups for the user.
This commit is contained in:
Knut Petter Svendsen 2002-02-27 08:49:48 +00:00
parent 7f589bb064
commit ff52786682
10 changed files with 260 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
acconfig.h
View File

@ -1,7 +1,7 @@
/* /*
* acconfig.h * acconfig.h
* *
* @(#) $Header: /tmp/cvs/mysql-admutils/acconfig.h,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @(#) $Header: /tmp/cvs/mysql-admutils/acconfig.h,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
*/ */

74
common.c
View File

@ -1,5 +1,5 @@
/* /*
* @(#) $Header: /tmp/cvs/mysql-admutils/common.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @(#) $Header: /tmp/cvs/mysql-admutils/common.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
* functions used by mysql-dbadm.c and mysql-useradm.c * functions used by mysql-dbadm.c and mysql-useradm.c
* *
@ -17,11 +17,12 @@
#include <unistd.h> #include <unistd.h>
#include <ctype.h> #include <ctype.h>
#include <string.h> #include <string.h>
#include <grp.h>
#include "mysql-admutils.h" #include "mysql-admutils.h"
char *program_name; char *program_name;
static char *rcsheader = "@(#) " PACKAGE " " VERSION " ljosa@initio.no $Header: /tmp/cvs/mysql-admutils/common.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $"; static char *rcsheader = "@(#) " PACKAGE " " VERSION " ljosa@initio.no $Header: /tmp/cvs/mysql-admutils/common.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $";
int int
@ -117,6 +118,75 @@ owner(char *name)
return 0; /* not owner if we get as far as this */ return 0; /* not owner if we get as far as this */
} }
/**
* Decides if the user is member of a group. The Unix group can't contain any
* '_'. i.e 'fidi_s' won't be accepted.
*/
int
member(char *gr) {
char *username;
char *group;
struct group *g;
struct passwd *p;
char *foo;
/* size_t i = 0; */
/* Get username */
p = getpwuid(getuid());
if (!p) {
fprintf(stderr, "Failed to look up your UNIX username.");
exit(1);
}
username = p->pw_name;
/* Copy string, but cut at '_' */
group = strdup(gr);
if (group == NULL) {
fprintf(stderr, "Couldn't allocate memory. Terminating.");
exit(1);
}
foo = strchr(group, '_');
if (foo) {
#if DEBUG
printf("gr = %s, group = %s, foo = %s\n", gr, group, foo);
#endif
*foo = '\0';
}
/* Get group */
g = getgrnam(group);
if (g == NULL) {
fprintf(stderr, "No such group: %s\n", group);
exit(1);
}
/* Check if user is member of group */
while(*g->gr_mem != NULL) {
char * member = *g->gr_mem;
#if DEBUG
printf("Medlem: %s\n", *g->gr_mem);
#endif
if (strcmp(member,username) == 0) {
#if DEBUG
printf("You have access to '%s'\n", gr);
#endif
return 1; /* OK */
} else
*g->gr_mem++;
}
#if DEBUG
printf("You have no access to '%s'\n", gr);
#endif
return 0;
}
int int
reload(MYSQL *pmysql) reload(MYSQL *pmysql)

86
common.patch Normal file
View File

@ -0,0 +1,86 @@
--- mysql/common.c Wed Feb 2 22:59:21 2000
+++ src-0.3-local/common.c Thu Feb 17 21:20:24 2000
@@ -17,6 +17,7 @@
#include <unistd.h>
#include <ctype.h>
#include <string.h>
+#include <grp.h>
#include "mysql-admutils.h"
char *program_name;
@@ -115,6 +116,75 @@
return 1; /* OK */
return 0; /* not owner if we get as far as this */
+}
+
+/**
+ * Decides if the user is member of a group. The Unix group can't contain any
+ * '_'. i.e 'fidi_s' won't be accepted.
+ */
+int
+member(char *gr) {
+ char *username;
+
+ char *group;
+ struct group *g;
+
+ struct passwd *p;
+ char *foo;
+
+ /* size_t i = 0; */
+
+ /* Get username */
+ p = getpwuid(getuid());
+ if (!p) {
+ fprintf(stderr, "Failed to look up your UNIX username.");
+ exit(1);
+ }
+ username = p->pw_name;
+
+ /* Copy string, but cut at '_' */
+ group = strdup(gr);
+ if (group == NULL) {
+ fprintf(stderr, "Couldn't allocate memory. Terminating.");
+ exit(1);
+ }
+
+ foo = strchr(group, '_');
+ if (foo) {
+#if DEBUG
+ printf("gr = %s, group = %s, foo = %s\n", gr, group, foo);
+#endif
+ *foo = '\0';
+ }
+
+ /* Get group */
+ g = getgrnam(group);
+ if (g == NULL) {
+ fprintf(stderr, "No such group: %s\n", group);
+ exit(1);
+ }
+
+ /* Check if user is member of group */
+ while(*g->gr_mem != NULL) {
+ char * member = *g->gr_mem;
+#if DEBUG
+ printf("Medlem: %s\n", *g->gr_mem);
+#endif
+
+ if (strcmp(member,username) == 0) {
+#if DEBUG
+ printf("You have access to '%s'\n", gr);
+#endif
+ return 1; /* OK */
+ } else
+ *g->gr_mem++;
+ }
+#if DEBUG
+ printf("You have no access to '%s'\n", gr);
+#endif
+
+ return 0;
+
}

2
mysql-admutils.h
View File

@ -1,5 +1,5 @@
/* /*
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-admutils.h,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-admutils.h,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
*/ */

24
mysql-dbadm.c
View File

@ -1,5 +1,5 @@
/* /*
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
* mysql-dbadm.c * mysql-dbadm.c
* *
@ -168,24 +168,24 @@ writeperm(FILE *f, MYSQL *pmysql, const char *db)
MYSQL_ROW row; MYSQL_ROW row;
sprintf(query, "select user,select_priv,insert_priv,update_priv," sprintf(query, "select user,select_priv,insert_priv,update_priv,"
"delete_priv,create_priv,drop_priv from db where db='%s'", db); "delete_priv,create_priv,drop_priv,alter_priv from db where db='%s'", db);
if (mysql_query(pmysql, query)) if (mysql_query(pmysql, query))
return dberror(pmysql, "Query for permissions failed."); return dberror(pmysql, "Query for permissions failed.");
res = mysql_store_result(pmysql); res = mysql_store_result(pmysql);
rows = mysql_num_rows(res); rows = mysql_num_rows(res);
fprintf(f, "# User " fprintf(f, "# User "
"Select Insert Update Delete Create Drop\n"); "Select Insert Update Delete Create Drop Alter\n");
fprintf(f, "# ---------------- " fprintf(f, "# ---------------- "
"------ ------ ------ ------ ------ ------\n"); "------ ------ ------ ------ ------ ---- -----\n");
if (rows == 0) if (rows == 0)
fprintf(f, "# (no permissions currently granted to any users)\n"); fprintf(f, "# (no permissions currently granted to any users)\n");
else else
for (i = 0; i < rows; i++) for (i = 0; i < rows; i++)
{ {
row = mysql_fetch_row(res); row = mysql_fetch_row(res);
fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %s\n", fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %-7s %s\n",
row[0], row[1], row[2], row[3], row[4], row[5], row[6]); row[0], row[1], row[2], row[3], row[4], row[5], row[6], row[7]);
} }
return 0; return 0;
} }
@ -215,7 +215,7 @@ editperm(MYSQL *pmysql, const char *db)
char line[1024]; /* buffer to hold one line */ char line[1024]; /* buffer to hold one line */
char *cp; /* used to interate through a line */ char *cp; /* used to interate through a line */
char *user, *select_priv, *insert_priv, *update_priv, *delete_priv, char *user, *select_priv, *insert_priv, *update_priv, *delete_priv,
*create_priv, *drop_priv; *create_priv, *drop_priv, *alter_priv;
char query[1024]; /* used to build a query */ char query[1024]; /* used to build a query */
char *queries[MAX_GRANTS]; /* insert queries */ char *queries[MAX_GRANTS]; /* insert queries */
int lines; /* number of grant lines processed */ int lines; /* number of grant lines processed */
@ -285,15 +285,17 @@ editperm(MYSQL *pmysql, const char *db)
CHECK_PRIV(create_priv); CHECK_PRIV(create_priv);
STRTOK_WHITESPACE(drop_priv, NULL); STRTOK_WHITESPACE(drop_priv, NULL);
CHECK_PRIV(drop_priv); CHECK_PRIV(drop_priv);
STRTOK_WHITESPACE(alter_priv, NULL);
CHECK_PRIV(alter_priv);
#undef STRTOK_WHITESPACE #undef STRTOK_WHITESPACE
#undef CHECK_PRIV #undef CHECK_PRIV
sprintf(query, "insert into db (host, db, user, select_priv, insert_priv, " sprintf(query, "insert into db (host, db, user, select_priv, insert_priv, "
"update_priv, delete_priv, create_priv, drop_priv) values " "update_priv, delete_priv, create_priv, drop_priv, alter_priv) values "
"('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", "('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
db, user, select_priv, insert_priv, update_priv, delete_priv, db, user, select_priv, insert_priv, update_priv, delete_priv,
create_priv, drop_priv); create_priv, drop_priv, alter_priv);
queries[lines] = strdup(query); queries[lines] = strdup(query);
lines++; lines++;
if (lines >= MAX_GRANTS) if (lines >= MAX_GRANTS)
@ -391,7 +393,7 @@ main(int argc, char *argv[])
/* for each supplied database name, perform the requested action */ /* for each supplied database name, perform the requested action */
for (i = 2; i < argc; i++) for (i = 2; i < argc; i++)
{ {
if (! owner(argv[i])) if (! (owner(argv[i]) || member(argv[i])))
{ {
dberror(NULL, "You are not the owner of '%s'. Skipping.", dberror(NULL, "You are not the owner of '%s'. Skipping.",
argv[i]); argv[i]);

71
mysql-dbadm.patch Normal file
View File

@ -0,0 +1,71 @@
--- mysql/mysql-dbadm.c Wed Feb 2 20:51:53 2000
+++ src-0.3-local/mysql-dbadm.c Thu Feb 17 21:29:49 2000
@@ -168,24 +168,24 @@
MYSQL_ROW row;
sprintf(query, "select user,select_priv,insert_priv,update_priv,"
- "delete_priv,create_priv,drop_priv from db where db='%s'", db);
+ "delete_priv,create_priv,drop_priv,alter_priv from db where db='%s'", db);
if (mysql_query(pmysql, query))
return dberror(pmysql, "Query for permissions failed.");
res = mysql_store_result(pmysql);
rows = mysql_num_rows(res);
fprintf(f, "# User "
- "Select Insert Update Delete Create Drop\n");
+ "Select Insert Update Delete Create Drop Alter\n");
fprintf(f, "# ---------------- "
- "------ ------ ------ ------ ------ ------\n");
+ "------ ------ ------ ------ ------ ---- -----\n");
if (rows == 0)
fprintf(f, "# (no permissions currently granted to any users)\n");
else
for (i = 0; i < rows; i++)
{
row = mysql_fetch_row(res);
- fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %s\n",
- row[0], row[1], row[2], row[3], row[4], row[5], row[6]);
+ fprintf(f, " %-16s %-7s %-7s %-7s %-7s %-7s %-7s %s\n",
+ row[0], row[1], row[2], row[3], row[4], row[5], row[6], row[7]);
}
return 0;
}
@@ -215,7 +215,7 @@
char line[1024]; /* buffer to hold one line */
char *cp; /* used to interate through a line */
char *user, *select_priv, *insert_priv, *update_priv, *delete_priv,
- *create_priv, *drop_priv;
+ *create_priv, *drop_priv, *alter_priv;
char query[1024]; /* used to build a query */
char *queries[MAX_GRANTS]; /* insert queries */
int lines; /* number of grant lines processed */
@@ -285,15 +285,17 @@
CHECK_PRIV(create_priv);
STRTOK_WHITESPACE(drop_priv, NULL);
CHECK_PRIV(drop_priv);
+ STRTOK_WHITESPACE(alter_priv, NULL);
+ CHECK_PRIV(alter_priv);
#undef STRTOK_WHITESPACE
#undef CHECK_PRIV
sprintf(query, "insert into db (host, db, user, select_priv, insert_priv, "
- "update_priv, delete_priv, create_priv, drop_priv) values "
- "('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
+ "update_priv, delete_priv, create_priv, drop_priv, alter_priv) values "
+ "('%%', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
db, user, select_priv, insert_priv, update_priv, delete_priv,
- create_priv, drop_priv);
+ create_priv, drop_priv, alter_priv);
queries[lines] = strdup(query);
lines++;
if (lines >= MAX_GRANTS)
@@ -391,7 +393,7 @@
/* for each supplied database name, perform the requested action */
for (i = 2; i < argc; i++)
{
- if (! owner(argv[i]))
+ if (! (owner(argv[i]) || member(argv[i])))
{
dberror(NULL, "You are not the owner of '%s'. Skipping.",
argv[i]);

4
mysql-useradm.c
View File

@ -1,5 +1,5 @@
/* /*
* @(#) $Header: /tmp/cvs/mysql-admutils/mysql-useradm.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-useradm.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
* mysql-useradm.c * mysql-useradm.c
* *
@ -269,7 +269,7 @@ main(int argc, char *argv[])
/* for each supplied database name, perform the requested action */ /* for each supplied database name, perform the requested action */
for (i = 2; i < argc; i++) for (i = 2; i < argc; i++)
{ {
if (! owner(argv[i])) if (! (owner(argv[i]) || member(argv[i])))
{ {
dberror(NULL, "You are not the owner of '%s'. Skipping.", dberror(NULL, "You are not the owner of '%s'. Skipping.",
argv[i]); argv[i]);

11
mysql-useradm.patch Normal file
View File

@ -0,0 +1,11 @@
--- mysql/mysql-useradm.c Wed Feb 2 20:51:53 2000
+++ src-0.3-local/mysql-useradm.c Thu Feb 17 21:22:31 2000
@@ -269,7 +269,7 @@
/* for each supplied database name, perform the requested action */
for (i = 2; i < argc; i++)
{
- if (! owner(argv[i]))
+ if (! (owner(argv[i]) || member(argv[i])))
{
dberror(NULL, "You are not the owner of '%s'. Skipping.",
argv[i]);

2
pwfile.c
View File

@ -1,5 +1,5 @@
/* /*
* @($) $Id: pwfile.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @($) $Id: pwfile.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
* functions for parsing the config file. * functions for parsing the config file.
* *

4
pwlex.c
View File

@ -1,7 +1,7 @@
/* A lexical scanner generated by flex */ /* A lexical scanner generated by flex */
/* Scanner skeleton version: /* Scanner skeleton version:
* $Header: /tmp/cvs/mysql-admutils/pwlex.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * $Header: /tmp/cvs/mysql-admutils/pwlex.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
*/ */
#define FLEX_SCANNER #define FLEX_SCANNER
@ -389,7 +389,7 @@ char *yytext;
#line 1 "pwlex.l" #line 1 "pwlex.l"
#define INITIAL 0 #define INITIAL 0
/* /*
* @(#) $Id: pwlex.c,v 1.1.1.1 2001-11-25 00:41:16 lkarsten Exp $ * @(#) $Id: pwlex.c,v 1.2 2002-02-27 08:49:48 knutpett Exp $
* *
* lex source for the configuration file * lex source for the configuration file
* *