diff options
Diffstat (limited to 'prosodyctl')
-rwxr-xr-x | prosodyctl | 531 |
1 files changed, 424 insertions, 107 deletions
@@ -1,7 +1,7 @@ #!/usr/bin/env lua -- Prosody IM --- Copyright (C) 2008-2009 Matthew Wild --- Copyright (C) 2008-2009 Waqas Hussain +-- Copyright (C) 2008-2010 Matthew Wild +-- Copyright (C) 2008-2010 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. @@ -11,34 +11,84 @@ -- Will be modified by configure script if run -- -CFG_SOURCEDIR=nil; +CFG_SOURCEDIR=os.getenv("PROSODY_SRCDIR"); CFG_CONFIGDIR=os.getenv("PROSODY_CFGDIR"); -CFG_PLUGINDIR=nil; +CFG_PLUGINDIR=os.getenv("PROSODY_PLUGINDIR"); CFG_DATADIR=os.getenv("PROSODY_DATADIR"); --- -- -- -- -- -- -- ---- -- -- -- -- -- -- -- -- +-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- +local function is_relative(path) + local path_sep = package.config:sub(1,1); + return ((path_sep == "/" and path:sub(1,1) ~= "/") + or (path_sep == "\\" and (path:sub(1,1) ~= "/" and path:sub(2,3) ~= ":\\"))) +end + +-- Tell Lua where to find our libraries if CFG_SOURCEDIR then - package.path = CFG_SOURCEDIR.."/?.lua;"..package.path - package.cpath = CFG_SOURCEDIR.."/?.so;"..package.cpath + local function filter_relative_paths(path) + if is_relative(path) then return ""; end + end + local function sanitise_paths(paths) + return (paths:gsub("[^;]+;?", filter_relative_paths):gsub(";;+", ";")); + end + package.path = sanitise_paths(CFG_SOURCEDIR.."/?.lua;"..package.path); + package.cpath = sanitise_paths(CFG_SOURCEDIR.."/?.so;"..package.cpath); end +-- Substitute ~ with path to home directory in data path if CFG_DATADIR then if os.getenv("HOME") then CFG_DATADIR = CFG_DATADIR:gsub("^~", os.getenv("HOME")); end end --- Required to be able to find packages installed with luarocks -pcall(require, "luarocks.require") - +-- Global 'prosody' object +local prosody = { + hosts = {}; + events = require "util.events".new(); + platform = "posix"; + lock_globals = function () end; + unlock_globals = function () end; + installed = CFG_SOURCEDIR ~= nil; + core_post_stanza = function () end; -- TODO: mod_router! +}; +_G.prosody = prosody; + +local dependencies = require "util.dependencies"; +if not dependencies.check_dependencies() then + os.exit(1); +end config = require "core.configmanager" +local ENV_CONFIG; do - -- TODO: Check for other formats when we add support for them - -- Use lfs? Make a new conf/ dir? - local ok, level, err = config.load((CFG_CONFIGDIR or ".").."/prosody.cfg.lua"); + local filenames = {}; + + local filename; + if arg[1] == "--config" and arg[2] then + table.insert(filenames, arg[2]); + if CFG_CONFIGDIR then + table.insert(filenames, CFG_CONFIGDIR.."/"..arg[2]); + end + table.remove(arg, 1); table.remove(arg, 1); + else + for _, format in ipairs(config.parsers()) do + table.insert(filenames, (CFG_CONFIGDIR or ".").."/prosody.cfg."..format); + end + end + for _,_filename in ipairs(filenames) do + filename = _filename; + local file = io.open(filename); + if file then + file:close(); + ENV_CONFIG = filename; + CFG_CONFIGDIR = filename:match("^(.*)[\\/][^\\/]*$"); + break; + end + end + local ok, level, err = config.load(filename); if not ok then print("\n"); print("**************************"); @@ -60,14 +110,32 @@ do os.exit(1); end end +local original_logging_config = config.get("*", "log"); +config.set("*", "log", { { levels = { min="info" }, to = "console" } }); + +local data_path = config.get("*", "data_path") or CFG_DATADIR or "data"; +local custom_plugin_paths = config.get("*", "plugin_paths"); +if custom_plugin_paths then + local path_sep = package.config:sub(3,3); + -- path1;path2;path3;defaultpath... + CFG_PLUGINDIR = table.concat(custom_plugin_paths, path_sep)..path_sep..(CFG_PLUGINDIR or "plugins"); +end +prosody.paths = { source = CFG_SOURCEDIR, config = CFG_CONFIGDIR, + plugins = CFG_PLUGINDIR or "plugins", data = data_path }; + +if prosody.installed then + -- Change working directory to data path. + require "lfs".chdir(data_path); +end -local data_path = config.get("*", "core", "data_path") or CFG_DATADIR or "data"; -require "util.datamanager".set_data_path(data_path); +require "core.loggingmanager" + +dependencies.log_warnings(); -- Switch away from root and into the prosody user -- local switched_user, current_uid; -local want_pposix_version = "0.3.1"; +local want_pposix_version = "0.3.6"; local ok, pposix = pcall(require, "util.pposix"); if ok and pposix then @@ -75,10 +143,13 @@ if ok and pposix then current_uid = pposix.getuid(); if current_uid == 0 then -- We haz root! - local desired_user = config.get("*", "core", "prosody_user") or "prosody"; - local desired_group = config.get("*", "core", "prosody_group") or desired_user; + local desired_user = config.get("*", "prosody_user") or "prosody"; + local desired_group = config.get("*", "prosody_group") or desired_user; local ok, err = pposix.setgid(desired_group); if ok then + ok, err = pposix.initgroups(desired_user); + end + if ok then ok, err = pposix.setuid(desired_user); if ok then -- Yay! @@ -90,100 +161,114 @@ if ok and pposix then print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err)); end end + + -- Set our umask to protect data files + pposix.umask(config.get("*", "umask") or "027"); + pposix.setenv("HOME", data_path); + pposix.setenv("PROSODY_CONFIG", ENV_CONFIG); else print("Error: Unable to load pposix module. Check that Prosody is installed correctly.") print("For more help send the below error to us through http://prosody.im/discuss"); print(tostring(pposix)) + os.exit(1); end +local function test_writeable(filename) + local f, err = io.open(filename, "a"); + if not f then + return false, err; + end + f:close(); + return true; +end + +local unwriteable_files = {}; +if type(original_logging_config) == "string" and original_logging_config:sub(1,1) ~= "*" then + local ok, err = test_writeable(original_logging_config); + if not ok then + table.insert(unwriteable_files, err); + end +elseif type(original_logging_config) == "table" then + for _, rule in ipairs(original_logging_config) do + if rule.filename then + local ok, err = test_writeable(rule.filename); + if not ok then + table.insert(unwriteable_files, err); + end + end + end +end + +if #unwriteable_files > 0 then + print("One of more of the Prosody log files are not"); + print("writeable, please correct the errors and try"); + print("starting prosodyctl again."); + print(""); + for _, err in ipairs(unwriteable_files) do + print(err); + end + print(""); + os.exit(1); +end + + local error_messages = setmetatable({ ["invalid-username"] = "The given username is invalid in a Jabber ID"; ["invalid-hostname"] = "The given hostname is invalid"; ["no-password"] = "No password was supplied"; ["no-such-user"] = "The given user does not exist on the server"; + ["no-such-host"] = "The given hostname does not exist in the config"; ["unable-to-save-data"] = "Unable to store, perhaps you don't have permission?"; - ["no-pidfile"] = "There is no pidfile option in the configuration file, see http://prosody.im/doc/prosodyctl#pidfile for help"; + ["no-pidfile"] = "There is no 'pidfile' option in the configuration file, see http://prosody.im/doc/prosodyctl#pidfile for help"; + ["no-posix"] = "The mod_posix module is not enabled in the Prosody config file, see http://prosody.im/doc/prosodyctl for more info"; ["no-such-method"] = "This module has no commands"; ["not-running"] = "Prosody is not running"; }, { __index = function (t,k) return "Error: "..(tostring(k):gsub("%-", " "):gsub("^.", string.upper)); end }); -hosts = {}; - -require "core.hostmanager" -require "core.eventmanager".fire_event("server-starting"); -require "core.modulemanager" - -require "util.prosodyctl" -require "socket" ------------------------ - -function show_message(msg, ...) - print(msg:format(...)); -end - -function show_warning(msg, ...) - print(msg:format(...)); -end +hosts = prosody.hosts; -function show_usage(usage, desc) - print("Usage: "..arg[0].." "..usage); - if desc then - print(" "..desc); - end +local function make_host(hostname) + return { + type = "local", + events = prosody.events, + modules = {}, + users = require "core.usermanager".new_null_provider(hostname) + }; end -local function getchar(n) - os.execute("stty raw -echo"); - local ok, char = pcall(io.read, n or 1); - os.execute("stty sane"); - if ok then - return char; - end +for hostname, config in pairs(config.getconfig()) do + hosts[hostname] = make_host(hostname); end -local function getpass() - os.execute("stty -echo"); - local ok, pass = pcall(io.read, "*l"); - os.execute("stty sane"); - io.write("\n"); - if ok then - return pass; - end -end +local modulemanager = require "core.modulemanager" -function show_yesno(prompt) - io.write(prompt, " "); - local choice = getchar():lower(); - io.write("\n"); - if not choice:match("%a") then - choice = prompt:match("%[.-(%U).-%]$"); - if not choice then return nil; end - end - return (choice == "y"); -end +local prosodyctl = require "util.prosodyctl" +require "socket" +----------------------- -local function read_password() - local password; - while true do - io.write("Enter new password: "); - password = getpass(); - if not password then - show_message("No password - cancelled"); - return; - end - io.write("Retype new password: "); - if getpass() ~= password then - if not show_yesno [=[Passwords did not match, try again? [Y/n]]=] then - return; - end - else - break; + -- FIXME: Duplicate code waiting for util.startup +function read_version() + -- Try to determine version + local version_file = io.open((CFG_SOURCEDIR or ".").."/prosody.version"); + if version_file then + prosody.version = version_file:read("*a"):gsub("%s*$", ""); + version_file:close(); + if #prosody.version == 12 and prosody.version:match("^[a-f0-9]+$") then + prosody.version = "hg:"..prosody.version; end + else + prosody.version = "unknown"; end - return password; end -local prosodyctl_timeout = (config.get("*", "core", "prosodyctl_timeout") or 5) * 2; +local show_message, show_warning = prosodyctl.show_message, prosodyctl.show_warning; +local show_usage = prosodyctl.show_usage; +local getchar, getpass = prosodyctl.getchar, prosodyctl.getpass; +local show_yesno = prosodyctl.show_yesno; +local show_prompt = prosodyctl.show_prompt; +local read_password = prosodyctl.read_password; + +local prosodyctl_timeout = (config.get("*", "prosodyctl_timeout") or 5) * 2; ----------------------- local commands = {}; local command = arg[1]; @@ -205,14 +290,15 @@ function commands.adduser(arg) return 1; end - if prosodyctl.user_exists{ user = user, host = host } then - show_message [[That user already exists]]; - return 1; - end - if not hosts[host] then show_warning("The host '%s' is not listed in the configuration file (or is not enabled).", host) show_warning("The user will not be able to log in until this is changed."); + hosts[host] = make_host(host); + end + + if prosodyctl.user_exists{ user = user, host = host } then + show_message [[That user already exists]]; + return 1; end local password = read_password(); @@ -222,7 +308,7 @@ function commands.adduser(arg) if ok then return 0; end - show_message(error_messages[msg]) + show_message(msg) return 1; end @@ -243,6 +329,12 @@ function commands.passwd(arg) return 1; end + if not hosts[host] then + show_warning("The host '%s' is not listed in the configuration file (or is not enabled).", host) + show_warning("The user will not be able to log in until this is changed."); + hosts[host] = make_host(host); + end + if not prosodyctl.user_exists { user = user, host = host } then show_message [[That user does not exist, use prosodyctl adduser to create a new user]] return 1; @@ -276,12 +368,18 @@ function commands.deluser(arg) return 1; end + if not hosts[host] then + show_warning("The host '%s' is not listed in the configuration file (or is not enabled).", host) + show_warning("The user will not be able to log in until this is changed."); + hosts[host] = make_host(host); + end + if not prosodyctl.user_exists { user = user, host = host } then show_message [[That user does not exist on this server]] return 1; end - local ok, msg = prosodyctl.passwd { user = user, host = host }; + local ok, msg = prosodyctl.deluser { user = user, host = host }; if ok then return 0; end @@ -313,21 +411,23 @@ function commands.start(arg) local ok, ret = prosodyctl.start(); if ok then - local i=1; - while true do - local ok, running = prosodyctl.isrunning(); - if ok and running then - break; - elseif i == 5 then - show_message("Still waiting..."); - elseif i >= prosodyctl_timeout then - show_message("Prosody is still not running. Please give it some time or check your log files for errors."); - return 2; + if config.get("*", "daemonize") ~= false then + local i=1; + while true do + local ok, running = prosodyctl.isrunning(); + if ok and running then + break; + elseif i == 5 then + show_message("Still waiting..."); + elseif i >= prosodyctl_timeout then + show_message("Prosody is still not running. Please give it some time or check your log files for errors."); + return 2; + end + socket.sleep(0.5); + i = i + 1; end - socket.sleep(0.5); - i = i + 1; + show_message("Started"); end - show_message("Started"); return 0; end @@ -405,6 +505,91 @@ function commands.stop(arg) return 1; end +function commands.restart(arg) + if arg[1] == "--help" then + show_usage([[restart]], [[Restart a running Prosody server]]); + return 1; + end + + commands.stop(arg); + return commands.start(arg); +end + +function commands.about(arg) + read_version(); + if arg[1] == "--help" then + show_usage([[about]], [[Show information about this Prosody installation]]); + return 1; + end + + local array = require "util.array"; + local keys = require "util.iterators".keys; + + print("Prosody "..(prosody.version or "(unknown version)")); + print(""); + print("# Prosody directories"); + print("Data directory: ", CFG_DATADIR or "./"); + print("Plugin directory:", CFG_PLUGINDIR or "./"); + print("Config directory:", CFG_CONFIGDIR or "./"); + print("Source directory:", CFG_SOURCEDIR or "./"); + print(""); + print("# Lua environment"); + print("Lua version: ", _G._VERSION); + print(""); + print("Lua module search paths:"); + for path in package.path:gmatch("[^;]+") do + print(" "..path); + end + print(""); + print("Lua C module search paths:"); + for path in package.cpath:gmatch("[^;]+") do + print(" "..path); + end + print(""); + local luarocks_status = (pcall(require, "luarocks.loader") and "Installed ("..(luarocks.cfg.program_version or "2.x+")..")") + or (pcall(require, "luarocks.require") and "Installed (1.x)") + or "Not installed"; + print("LuaRocks: ", luarocks_status); + print(""); + print("# Lua module versions"); + local module_versions, longest_name = {}, 8; + for name, module in pairs(package.loaded) do + if type(module) == "table" and rawget(module, "_VERSION") + and name ~= "_G" and not name:match("%.") then + if #name > longest_name then + longest_name = #name; + end + module_versions[name] = module._VERSION; + end + end + local sorted_keys = array.collect(keys(module_versions)):sort(); + for _, name in ipairs(array.collect(keys(module_versions)):sort()) do + print(name..":"..string.rep(" ", longest_name-#name), module_versions[name]); + end + print(""); +end + +function commands.reload(arg) + if arg[1] == "--help" then + show_usage([[reload]], [[Reload Prosody's configuration and re-open log files]]); + return 1; + end + + if not prosodyctl.isrunning() then + show_message("Prosody is not running"); + return 1; + end + + local ok, ret = prosodyctl.reload(); + if ok then + + show_message("Prosody log files re-opened and config file reloaded. You may need to reload modules for some changes to take effect."); + return 0; + end + + show_message(error_messages[ret]); + return 1; +end -- ejabberdctl compatibility function commands.register(arg) @@ -458,6 +643,138 @@ function commands.unregister(arg) return 1; end +local openssl; +local lfs; + +local cert_commands = {}; + +local function ask_overwrite(filename) + return lfs.attributes(filename) and not show_yesno("Overwrite "..filename .. "?"); +end + +function cert_commands.config(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf"; + if ask_overwrite(conf_filename) then + return nil, conf_filename; + end + local conf = openssl.config.new(); + conf:from_prosody(hosts, config, arg); + show_message("Please provide details to include in the certificate config file."); + show_message("Leave the field empty to use the default value or '.' to exclude the field.") + for i, k in ipairs(openssl._DN_order) do + local v = conf.distinguished_name[k]; + if v then + local nv; + if k == "commonName" then + v = arg[1] + elseif k == "emailAddress" then + v = "xmpp@" .. arg[1]; + elseif k == "countryName" then + local tld = arg[1]:match"%.([a-z]+)$"; + if tld and #tld == 2 and tld ~= "uk" then + v = tld:upper(); + end + end + nv = show_prompt(("%s (%s):"):format(k, nv or v)); + nv = (not nv or nv == "") and v or nv; + if nv:find"[\192-\252][\128-\191]+" then + conf.req.string_mask = "utf8only" + end + conf.distinguished_name[k] = nv ~= "." and nv or nil; + end + end + local conf_file = io.open(conf_filename, "w"); + conf_file:write(conf:serialize()); + conf_file:close(); + print(""); + show_message("Config written to " .. conf_filename); + return nil, conf_filename; + else + show_usage("cert config HOSTNAME [HOSTNAME+]", "Builds a certificate config file covering the supplied hostname(s)") + end +end + +function cert_commands.key(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key"; + if ask_overwrite(key_filename) then + return nil, key_filename; + end + os.remove(key_filename); -- This file, if it exists is unlikely to have write permissions + local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048); + local old_umask = pposix.umask("0377"); + if openssl.genrsa{out=key_filename, key_size} then + os.execute(("chmod 400 '%s'"):format(key_filename)); + show_message("Key written to ".. key_filename); + pposix.umask(old_umask); + return nil, key_filename; + end + show_message("There was a problem, see OpenSSL output"); + else + show_usage("cert key HOSTNAME <bits>", "Generates a RSA key named HOSTNAME.key\n " + .."Prompts for a key size if none given") + end +end + +function cert_commands.request(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req"; + if ask_overwrite(req_filename) then + return nil, req_filename; + end + local _, key_filename = cert_commands.key({arg[1]}); + local _, conf_filename = cert_commands.config(arg); + if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then + show_message("Certificate request written to ".. req_filename); + else + show_message("There was a problem, see OpenSSL output"); + end + else + show_usage("cert request HOSTNAME [HOSTNAME+]", "Generates a certificate request for the supplied hostname(s)") + end +end + +function cert_commands.generate(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt"; + if ask_overwrite(cert_filename) then + return nil, cert_filename; + end + local _, key_filename = cert_commands.key({arg[1]}); + local _, conf_filename = cert_commands.config(arg); + local ret; + if key_filename and conf_filename and cert_filename + and openssl.req{new=true, x509=true, nodes=true, key=key_filename, + days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then + show_message("Certificate written to ".. cert_filename); + else + show_message("There was a problem, see OpenSSL output"); + end + else + show_usage("cert generate HOSTNAME [HOSTNAME+]", "Generates a self-signed certificate for the current hostname(s)") + end +end + +function commands.cert(arg) + if #arg >= 1 and arg[1] ~= "--help" then + openssl = require "util.openssl"; + lfs = require "lfs"; + local subcmd = table.remove(arg, 1); + if type(cert_commands[subcmd]) == "function" then + if not arg[1] then + show_message"You need to supply at least one hostname" + arg = { "--help" }; + end + if arg[1] ~= "--help" and not hosts[arg[1]] then + show_message(error_messages["no-such-host"]); + return + end + return cert_commands[subcmd](arg); + end + end + show_usage("cert config|request|generate|key", "Helpers for generating X.509 certificates and keys.") +end --------------------- @@ -508,8 +825,8 @@ if not commands[command] then -- Show help for all commands print(""); print("Where COMMAND may be one of:\n"); - local hidden_commands = require "util.set".new{ "register", "unregister" }; - local commands_order = { "adduser", "passwd", "deluser" }; + local hidden_commands = require "util.set".new{ "register", "unregister", "addplugin" }; + local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart", "reload", "about" }; local done = {}; |