aboutsummaryrefslogtreecommitdiffstats
path: root/prosodyctl
diff options
context:
space:
mode:
Diffstat (limited to 'prosodyctl')
-rwxr-xr-xprosodyctl531
1 files changed, 424 insertions, 107 deletions
diff --git a/prosodyctl b/prosodyctl
index 358ec9ea..247b099a 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -1,7 +1,7 @@
#!/usr/bin/env lua
-- Prosody IM
--- Copyright (C) 2008-2009 Matthew Wild
--- Copyright (C) 2008-2009 Waqas Hussain
+-- Copyright (C) 2008-2010 Matthew Wild
+-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
@@ -11,34 +11,84 @@
-- Will be modified by configure script if run --
-CFG_SOURCEDIR=nil;
+CFG_SOURCEDIR=os.getenv("PROSODY_SRCDIR");
CFG_CONFIGDIR=os.getenv("PROSODY_CFGDIR");
-CFG_PLUGINDIR=nil;
+CFG_PLUGINDIR=os.getenv("PROSODY_PLUGINDIR");
CFG_DATADIR=os.getenv("PROSODY_DATADIR");
--- -- -- -- -- -- -- ---- -- -- -- -- -- -- -- --
+-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
+local function is_relative(path)
+ local path_sep = package.config:sub(1,1);
+ return ((path_sep == "/" and path:sub(1,1) ~= "/")
+ or (path_sep == "\\" and (path:sub(1,1) ~= "/" and path:sub(2,3) ~= ":\\")))
+end
+
+-- Tell Lua where to find our libraries
if CFG_SOURCEDIR then
- package.path = CFG_SOURCEDIR.."/?.lua;"..package.path
- package.cpath = CFG_SOURCEDIR.."/?.so;"..package.cpath
+ local function filter_relative_paths(path)
+ if is_relative(path) then return ""; end
+ end
+ local function sanitise_paths(paths)
+ return (paths:gsub("[^;]+;?", filter_relative_paths):gsub(";;+", ";"));
+ end
+ package.path = sanitise_paths(CFG_SOURCEDIR.."/?.lua;"..package.path);
+ package.cpath = sanitise_paths(CFG_SOURCEDIR.."/?.so;"..package.cpath);
end
+-- Substitute ~ with path to home directory in data path
if CFG_DATADIR then
if os.getenv("HOME") then
CFG_DATADIR = CFG_DATADIR:gsub("^~", os.getenv("HOME"));
end
end
--- Required to be able to find packages installed with luarocks
-pcall(require, "luarocks.require")
-
+-- Global 'prosody' object
+local prosody = {
+ hosts = {};
+ events = require "util.events".new();
+ platform = "posix";
+ lock_globals = function () end;
+ unlock_globals = function () end;
+ installed = CFG_SOURCEDIR ~= nil;
+ core_post_stanza = function () end; -- TODO: mod_router!
+};
+_G.prosody = prosody;
+
+local dependencies = require "util.dependencies";
+if not dependencies.check_dependencies() then
+ os.exit(1);
+end
config = require "core.configmanager"
+local ENV_CONFIG;
do
- -- TODO: Check for other formats when we add support for them
- -- Use lfs? Make a new conf/ dir?
- local ok, level, err = config.load((CFG_CONFIGDIR or ".").."/prosody.cfg.lua");
+ local filenames = {};
+
+ local filename;
+ if arg[1] == "--config" and arg[2] then
+ table.insert(filenames, arg[2]);
+ if CFG_CONFIGDIR then
+ table.insert(filenames, CFG_CONFIGDIR.."/"..arg[2]);
+ end
+ table.remove(arg, 1); table.remove(arg, 1);
+ else
+ for _, format in ipairs(config.parsers()) do
+ table.insert(filenames, (CFG_CONFIGDIR or ".").."/prosody.cfg."..format);
+ end
+ end
+ for _,_filename in ipairs(filenames) do
+ filename = _filename;
+ local file = io.open(filename);
+ if file then
+ file:close();
+ ENV_CONFIG = filename;
+ CFG_CONFIGDIR = filename:match("^(.*)[\\/][^\\/]*$");
+ break;
+ end
+ end
+ local ok, level, err = config.load(filename);
if not ok then
print("\n");
print("**************************");
@@ -60,14 +110,32 @@ do
os.exit(1);
end
end
+local original_logging_config = config.get("*", "log");
+config.set("*", "log", { { levels = { min="info" }, to = "console" } });
+
+local data_path = config.get("*", "data_path") or CFG_DATADIR or "data";
+local custom_plugin_paths = config.get("*", "plugin_paths");
+if custom_plugin_paths then
+ local path_sep = package.config:sub(3,3);
+ -- path1;path2;path3;defaultpath...
+ CFG_PLUGINDIR = table.concat(custom_plugin_paths, path_sep)..path_sep..(CFG_PLUGINDIR or "plugins");
+end
+prosody.paths = { source = CFG_SOURCEDIR, config = CFG_CONFIGDIR,
+ plugins = CFG_PLUGINDIR or "plugins", data = data_path };
+
+if prosody.installed then
+ -- Change working directory to data path.
+ require "lfs".chdir(data_path);
+end
-local data_path = config.get("*", "core", "data_path") or CFG_DATADIR or "data";
-require "util.datamanager".set_data_path(data_path);
+require "core.loggingmanager"
+
+dependencies.log_warnings();
-- Switch away from root and into the prosody user --
local switched_user, current_uid;
-local want_pposix_version = "0.3.1";
+local want_pposix_version = "0.3.6";
local ok, pposix = pcall(require, "util.pposix");
if ok and pposix then
@@ -75,10 +143,13 @@ if ok and pposix then
current_uid = pposix.getuid();
if current_uid == 0 then
-- We haz root!
- local desired_user = config.get("*", "core", "prosody_user") or "prosody";
- local desired_group = config.get("*", "core", "prosody_group") or desired_user;
+ local desired_user = config.get("*", "prosody_user") or "prosody";
+ local desired_group = config.get("*", "prosody_group") or desired_user;
local ok, err = pposix.setgid(desired_group);
if ok then
+ ok, err = pposix.initgroups(desired_user);
+ end
+ if ok then
ok, err = pposix.setuid(desired_user);
if ok then
-- Yay!
@@ -90,100 +161,114 @@ if ok and pposix then
print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err));
end
end
+
+ -- Set our umask to protect data files
+ pposix.umask(config.get("*", "umask") or "027");
+ pposix.setenv("HOME", data_path);
+ pposix.setenv("PROSODY_CONFIG", ENV_CONFIG);
else
print("Error: Unable to load pposix module. Check that Prosody is installed correctly.")
print("For more help send the below error to us through http://prosody.im/discuss");
print(tostring(pposix))
+ os.exit(1);
end
+local function test_writeable(filename)
+ local f, err = io.open(filename, "a");
+ if not f then
+ return false, err;
+ end
+ f:close();
+ return true;
+end
+
+local unwriteable_files = {};
+if type(original_logging_config) == "string" and original_logging_config:sub(1,1) ~= "*" then
+ local ok, err = test_writeable(original_logging_config);
+ if not ok then
+ table.insert(unwriteable_files, err);
+ end
+elseif type(original_logging_config) == "table" then
+ for _, rule in ipairs(original_logging_config) do
+ if rule.filename then
+ local ok, err = test_writeable(rule.filename);
+ if not ok then
+ table.insert(unwriteable_files, err);
+ end
+ end
+ end
+end
+
+if #unwriteable_files > 0 then
+ print("One of more of the Prosody log files are not");
+ print("writeable, please correct the errors and try");
+ print("starting prosodyctl again.");
+ print("");
+ for _, err in ipairs(unwriteable_files) do
+ print(err);
+ end
+ print("");
+ os.exit(1);
+end
+
+
local error_messages = setmetatable({
["invalid-username"] = "The given username is invalid in a Jabber ID";
["invalid-hostname"] = "The given hostname is invalid";
["no-password"] = "No password was supplied";
["no-such-user"] = "The given user does not exist on the server";
+ ["no-such-host"] = "The given hostname does not exist in the config";
["unable-to-save-data"] = "Unable to store, perhaps you don't have permission?";
- ["no-pidfile"] = "There is no pidfile option in the configuration file, see http://prosody.im/doc/prosodyctl#pidfile for help";
+ ["no-pidfile"] = "There is no 'pidfile' option in the configuration file, see http://prosody.im/doc/prosodyctl#pidfile for help";
+ ["no-posix"] = "The mod_posix module is not enabled in the Prosody config file, see http://prosody.im/doc/prosodyctl for more info";
["no-such-method"] = "This module has no commands";
["not-running"] = "Prosody is not running";
}, { __index = function (t,k) return "Error: "..(tostring(k):gsub("%-", " "):gsub("^.", string.upper)); end });
-hosts = {};
-
-require "core.hostmanager"
-require "core.eventmanager".fire_event("server-starting");
-require "core.modulemanager"
-
-require "util.prosodyctl"
-require "socket"
------------------------
-
-function show_message(msg, ...)
- print(msg:format(...));
-end
-
-function show_warning(msg, ...)
- print(msg:format(...));
-end
+hosts = prosody.hosts;
-function show_usage(usage, desc)
- print("Usage: "..arg[0].." "..usage);
- if desc then
- print(" "..desc);
- end
+local function make_host(hostname)
+ return {
+ type = "local",
+ events = prosody.events,
+ modules = {},
+ users = require "core.usermanager".new_null_provider(hostname)
+ };
end
-local function getchar(n)
- os.execute("stty raw -echo");
- local ok, char = pcall(io.read, n or 1);
- os.execute("stty sane");
- if ok then
- return char;
- end
+for hostname, config in pairs(config.getconfig()) do
+ hosts[hostname] = make_host(hostname);
end
-local function getpass()
- os.execute("stty -echo");
- local ok, pass = pcall(io.read, "*l");
- os.execute("stty sane");
- io.write("\n");
- if ok then
- return pass;
- end
-end
+local modulemanager = require "core.modulemanager"
-function show_yesno(prompt)
- io.write(prompt, " ");
- local choice = getchar():lower();
- io.write("\n");
- if not choice:match("%a") then
- choice = prompt:match("%[.-(%U).-%]$");
- if not choice then return nil; end
- end
- return (choice == "y");
-end
+local prosodyctl = require "util.prosodyctl"
+require "socket"
+-----------------------
-local function read_password()
- local password;
- while true do
- io.write("Enter new password: ");
- password = getpass();
- if not password then
- show_message("No password - cancelled");
- return;
- end
- io.write("Retype new password: ");
- if getpass() ~= password then
- if not show_yesno [=[Passwords did not match, try again? [Y/n]]=] then
- return;
- end
- else
- break;
+ -- FIXME: Duplicate code waiting for util.startup
+function read_version()
+ -- Try to determine version
+ local version_file = io.open((CFG_SOURCEDIR or ".").."/prosody.version");
+ if version_file then
+ prosody.version = version_file:read("*a"):gsub("%s*$", "");
+ version_file:close();
+ if #prosody.version == 12 and prosody.version:match("^[a-f0-9]+$") then
+ prosody.version = "hg:"..prosody.version;
end
+ else
+ prosody.version = "unknown";
end
- return password;
end
-local prosodyctl_timeout = (config.get("*", "core", "prosodyctl_timeout") or 5) * 2;
+local show_message, show_warning = prosodyctl.show_message, prosodyctl.show_warning;
+local show_usage = prosodyctl.show_usage;
+local getchar, getpass = prosodyctl.getchar, prosodyctl.getpass;
+local show_yesno = prosodyctl.show_yesno;
+local show_prompt = prosodyctl.show_prompt;
+local read_password = prosodyctl.read_password;
+
+local prosodyctl_timeout = (config.get("*", "prosodyctl_timeout") or 5) * 2;
-----------------------
local commands = {};
local command = arg[1];
@@ -205,14 +290,15 @@ function commands.adduser(arg)
return 1;
end
- if prosodyctl.user_exists{ user = user, host = host } then
- show_message [[That user already exists]];
- return 1;
- end
-
if not hosts[host] then
show_warning("The host '%s' is not listed in the configuration file (or is not enabled).", host)
show_warning("The user will not be able to log in until this is changed.");
+ hosts[host] = make_host(host);
+ end
+
+ if prosodyctl.user_exists{ user = user, host = host } then
+ show_message [[That user already exists]];
+ return 1;
end
local password = read_password();
@@ -222,7 +308,7 @@ function commands.adduser(arg)
if ok then return 0; end
- show_message(error_messages[msg])
+ show_message(msg)
return 1;
end
@@ -243,6 +329,12 @@ function commands.passwd(arg)
return 1;
end
+ if not hosts[host] then
+ show_warning("The host '%s' is not listed in the configuration file (or is not enabled).", host)
+ show_warning("The user will not be able to log in until this is changed.");
+ hosts[host] = make_host(host);
+ end
+
if not prosodyctl.user_exists { user = user, host = host } then
show_message [[That user does not exist, use prosodyctl adduser to create a new user]]
return 1;
@@ -276,12 +368,18 @@ function commands.deluser(arg)
return 1;
end
+ if not hosts[host] then
+ show_warning("The host '%s' is not listed in the configuration file (or is not enabled).", host)
+ show_warning("The user will not be able to log in until this is changed.");
+ hosts[host] = make_host(host);
+ end
+
if not prosodyctl.user_exists { user = user, host = host } then
show_message [[That user does not exist on this server]]
return 1;
end
- local ok, msg = prosodyctl.passwd { user = user, host = host };
+ local ok, msg = prosodyctl.deluser { user = user, host = host };
if ok then return 0; end
@@ -313,21 +411,23 @@ function commands.start(arg)
local ok, ret = prosodyctl.start();
if ok then
- local i=1;
- while true do
- local ok, running = prosodyctl.isrunning();
- if ok and running then
- break;
- elseif i == 5 then
- show_message("Still waiting...");
- elseif i >= prosodyctl_timeout then
- show_message("Prosody is still not running. Please give it some time or check your log files for errors.");
- return 2;
+ if config.get("*", "daemonize") ~= false then
+ local i=1;
+ while true do
+ local ok, running = prosodyctl.isrunning();
+ if ok and running then
+ break;
+ elseif i == 5 then
+ show_message("Still waiting...");
+ elseif i >= prosodyctl_timeout then
+ show_message("Prosody is still not running. Please give it some time or check your log files for errors.");
+ return 2;
+ end
+ socket.sleep(0.5);
+ i = i + 1;
end
- socket.sleep(0.5);
- i = i + 1;
+ show_message("Started");
end
- show_message("Started");
return 0;
end
@@ -405,6 +505,91 @@ function commands.stop(arg)
return 1;
end
+function commands.restart(arg)
+ if arg[1] == "--help" then
+ show_usage([[restart]], [[Restart a running Prosody server]]);
+ return 1;
+ end
+
+ commands.stop(arg);
+ return commands.start(arg);
+end
+
+function commands.about(arg)
+ read_version();
+ if arg[1] == "--help" then
+ show_usage([[about]], [[Show information about this Prosody installation]]);
+ return 1;
+ end
+
+ local array = require "util.array";
+ local keys = require "util.iterators".keys;
+
+ print("Prosody "..(prosody.version or "(unknown version)"));
+ print("");
+ print("# Prosody directories");
+ print("Data directory: ", CFG_DATADIR or "./");
+ print("Plugin directory:", CFG_PLUGINDIR or "./");
+ print("Config directory:", CFG_CONFIGDIR or "./");
+ print("Source directory:", CFG_SOURCEDIR or "./");
+ print("");
+ print("# Lua environment");
+ print("Lua version: ", _G._VERSION);
+ print("");
+ print("Lua module search paths:");
+ for path in package.path:gmatch("[^;]+") do
+ print(" "..path);
+ end
+ print("");
+ print("Lua C module search paths:");
+ for path in package.cpath:gmatch("[^;]+") do
+ print(" "..path);
+ end
+ print("");
+ local luarocks_status = (pcall(require, "luarocks.loader") and "Installed ("..(luarocks.cfg.program_version or "2.x+")..")")
+ or (pcall(require, "luarocks.require") and "Installed (1.x)")
+ or "Not installed";
+ print("LuaRocks: ", luarocks_status);
+ print("");
+ print("# Lua module versions");
+ local module_versions, longest_name = {}, 8;
+ for name, module in pairs(package.loaded) do
+ if type(module) == "table" and rawget(module, "_VERSION")
+ and name ~= "_G" and not name:match("%.") then
+ if #name > longest_name then
+ longest_name = #name;
+ end
+ module_versions[name] = module._VERSION;
+ end
+ end
+ local sorted_keys = array.collect(keys(module_versions)):sort();
+ for _, name in ipairs(array.collect(keys(module_versions)):sort()) do
+ print(name..":"..string.rep(" ", longest_name-#name), module_versions[name]);
+ end
+ print("");
+end
+
+function commands.reload(arg)
+ if arg[1] == "--help" then
+ show_usage([[reload]], [[Reload Prosody's configuration and re-open log files]]);
+ return 1;
+ end
+
+ if not prosodyctl.isrunning() then
+ show_message("Prosody is not running");
+ return 1;
+ end
+
+ local ok, ret = prosodyctl.reload();
+ if ok then
+
+ show_message("Prosody log files re-opened and config file reloaded. You may need to reload modules for some changes to take effect.");
+ return 0;
+ end
+
+ show_message(error_messages[ret]);
+ return 1;
+end
-- ejabberdctl compatibility
function commands.register(arg)
@@ -458,6 +643,138 @@ function commands.unregister(arg)
return 1;
end
+local openssl;
+local lfs;
+
+local cert_commands = {};
+
+local function ask_overwrite(filename)
+ return lfs.attributes(filename) and not show_yesno("Overwrite "..filename .. "?");
+end
+
+function cert_commands.config(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf";
+ if ask_overwrite(conf_filename) then
+ return nil, conf_filename;
+ end
+ local conf = openssl.config.new();
+ conf:from_prosody(hosts, config, arg);
+ show_message("Please provide details to include in the certificate config file.");
+ show_message("Leave the field empty to use the default value or '.' to exclude the field.")
+ for i, k in ipairs(openssl._DN_order) do
+ local v = conf.distinguished_name[k];
+ if v then
+ local nv;
+ if k == "commonName" then
+ v = arg[1]
+ elseif k == "emailAddress" then
+ v = "xmpp@" .. arg[1];
+ elseif k == "countryName" then
+ local tld = arg[1]:match"%.([a-z]+)$";
+ if tld and #tld == 2 and tld ~= "uk" then
+ v = tld:upper();
+ end
+ end
+ nv = show_prompt(("%s (%s):"):format(k, nv or v));
+ nv = (not nv or nv == "") and v or nv;
+ if nv:find"[\192-\252][\128-\191]+" then
+ conf.req.string_mask = "utf8only"
+ end
+ conf.distinguished_name[k] = nv ~= "." and nv or nil;
+ end
+ end
+ local conf_file = io.open(conf_filename, "w");
+ conf_file:write(conf:serialize());
+ conf_file:close();
+ print("");
+ show_message("Config written to " .. conf_filename);
+ return nil, conf_filename;
+ else
+ show_usage("cert config HOSTNAME [HOSTNAME+]", "Builds a certificate config file covering the supplied hostname(s)")
+ end
+end
+
+function cert_commands.key(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key";
+ if ask_overwrite(key_filename) then
+ return nil, key_filename;
+ end
+ os.remove(key_filename); -- This file, if it exists is unlikely to have write permissions
+ local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048);
+ local old_umask = pposix.umask("0377");
+ if openssl.genrsa{out=key_filename, key_size} then
+ os.execute(("chmod 400 '%s'"):format(key_filename));
+ show_message("Key written to ".. key_filename);
+ pposix.umask(old_umask);
+ return nil, key_filename;
+ end
+ show_message("There was a problem, see OpenSSL output");
+ else
+ show_usage("cert key HOSTNAME <bits>", "Generates a RSA key named HOSTNAME.key\n "
+ .."Prompts for a key size if none given")
+ end
+end
+
+function cert_commands.request(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req";
+ if ask_overwrite(req_filename) then
+ return nil, req_filename;
+ end
+ local _, key_filename = cert_commands.key({arg[1]});
+ local _, conf_filename = cert_commands.config(arg);
+ if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then
+ show_message("Certificate request written to ".. req_filename);
+ else
+ show_message("There was a problem, see OpenSSL output");
+ end
+ else
+ show_usage("cert request HOSTNAME [HOSTNAME+]", "Generates a certificate request for the supplied hostname(s)")
+ end
+end
+
+function cert_commands.generate(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt";
+ if ask_overwrite(cert_filename) then
+ return nil, cert_filename;
+ end
+ local _, key_filename = cert_commands.key({arg[1]});
+ local _, conf_filename = cert_commands.config(arg);
+ local ret;
+ if key_filename and conf_filename and cert_filename
+ and openssl.req{new=true, x509=true, nodes=true, key=key_filename,
+ days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then
+ show_message("Certificate written to ".. cert_filename);
+ else
+ show_message("There was a problem, see OpenSSL output");
+ end
+ else
+ show_usage("cert generate HOSTNAME [HOSTNAME+]", "Generates a self-signed certificate for the current hostname(s)")
+ end
+end
+
+function commands.cert(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ openssl = require "util.openssl";
+ lfs = require "lfs";
+ local subcmd = table.remove(arg, 1);
+ if type(cert_commands[subcmd]) == "function" then
+ if not arg[1] then
+ show_message"You need to supply at least one hostname"
+ arg = { "--help" };
+ end
+ if arg[1] ~= "--help" and not hosts[arg[1]] then
+ show_message(error_messages["no-such-host"]);
+ return
+ end
+ return cert_commands[subcmd](arg);
+ end
+ end
+ show_usage("cert config|request|generate|key", "Helpers for generating X.509 certificates and keys.")
+end
---------------------
@@ -508,8 +825,8 @@ if not commands[command] then -- Show help for all commands
print("");
print("Where COMMAND may be one of:\n");
- local hidden_commands = require "util.set".new{ "register", "unregister" };
- local commands_order = { "adduser", "passwd", "deluser" };
+ local hidden_commands = require "util.set".new{ "register", "unregister", "addplugin" };
+ local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart", "reload", "about" };
local done = {};