diff options
author | Nathan Angelacos <nangel@tetrasec.net> | 2008-09-29 20:16:06 +0000 |
---|---|---|
committer | Nathan Angelacos <nangel@tetrasec.net> | 2008-09-29 20:16:06 +0000 |
commit | 06f12e51f6a31a06008a482058107f1511ba2ebf (patch) | |
tree | 6bf40f8750ed81c57d87ed0b0df9abeaea6bf300 | |
parent | 6653bf15788592e34d1e5acce850142c15e52b46 (diff) | |
download | acf-core-06f12e51f6a31a06008a482058107f1511ba2ebf.tar.bz2 acf-core-06f12e51f6a31a06008a482058107f1511ba2ebf.tar.xz |
Auditing functions in place
git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@1536 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r-- | acf.conf | 21 | ||||
-rw-r--r-- | lib/format.lua | 32 | ||||
-rw-r--r-- | lib/modelfunctions.lua | 34 |
3 files changed, 70 insertions, 17 deletions
@@ -1,7 +1,26 @@ +# Configuration file for Alpine Configuration Framework + + +# Directories where the application resides appdir=/usr/share/acf/app/ libdir=/usr/share/acf/lib/ + +# sessiondir is where the session state files are stored sessiondir=/tmp/ + +# ACF is skinnable - these specifiy the active skin skindir=/skins/ -# ice or snow skin=alps + +# The login system credentials file passfile=/etc/acf/passwd + + +# Auditing can be done before and/or after a commit +# if the controller supports it. +# ${TEMPFILE} and ${CONFFILE} are used precommit +# only ${CONFFILE} has any meaning postcommit + +#audit_precommit=diff -u ${CONFFILE} ${TEMPFILE} >>/var/log/${self.conf.controller}.log 2>/dev/null +#audit_postcommit=echo ${self.sessiondata.userinfo.userid} made a change to ${CONFFILE} >>/var/log/acf.log + diff --git a/lib/format.lua b/lib/format.lua index 057bc03..1407b97 100644 --- a/lib/format.lua +++ b/lib/format.lua @@ -187,22 +187,22 @@ end -- Takes a str and expands any ${...} constructs with the Lua variable -- ex: a="foo"; print(expand_bash_syntax_vars("a=${a}) - > "a=foo" - -function expand_bash_syntax_vars ( str ) - local deref = function ( f) - local v = _G - for w in string.gfind(f, "[%w_]+") do - v = v[w] - end - return v - end - - for w in string.gmatch (str, "${[^}]*}" ) do - local rvar = string.sub(w,3,-2) - local rval = ( deref(rvar) or "nil" ) - str = string.gsub (str, w, rval) - end - return (str) +expand_bash_syntax_vars = function (str) + + local deref = function ( f) + local v = getfenv(3) -- get the upstream global env + for w in string.gfind(f, "[%w_]+") do + if v then v = v[w] end + end + return v + end + + for w in string.gmatch (str, "${[^}]*}" ) do + local rvar = string.sub(w,3,-2) + local rval = ( deref(rvar) or "nil" ) + str = string.gsub (str, w, rval) + end + return (str) end -- Removes the linenum line from str and replaces it with line. diff --git a/lib/modelfunctions.lua b/lib/modelfunctions.lua index ef0513c..d311ff6 100644 --- a/lib/modelfunctions.lua +++ b/lib/modelfunctions.lua @@ -103,3 +103,37 @@ function validatemulti(multi) end return true end + + +function write_file_with_audit (self, path, str) + local pre = "" + local post = "" + local tmpfile = (self.conf.sessiondir or "/tmp/") .. + (self.sessiondata.userinfo.userid or "unknown") .. "-" .. + os.time() .. ".tmp" + + if type(self.conf) == "table" then + -- we make temporary globals for expand_bash_syntax_vars + local a,b,c = TEMPFILE,CONFFILE,_G.self + TEMPFILE=tmpfile + CONFFILE=path + _G.self=self + + pre = format.expand_bash_syntax_vars(self.conf.audit_precommit or "" ) + post = format.expand_bash_syntax_vars(self.conf.audit_postcommit or "") + TEMPFILE,CONFFILE,_G.self = a,b,c + end + + fs.write_file(tmpfile,str) + + if #pre then + os.execute(pre) + end + + os.rename (tmpfile, path) + + if #post then + os.execute(post) + end + return +end |