From 82514bed8322d02e31dc4b68663c8257e9f5f1cd Mon Sep 17 00:00:00 2001
From: Florent Villard <warly@mandriva.com>
Date: Mon, 28 Aug 2006 18:33:39 +0000
Subject: add more command for sudo needs, rpm --initdb and --rm

---
 iurt_root_command | 124 +++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 118 insertions(+), 6 deletions(-)

diff --git a/iurt_root_command b/iurt_root_command
index a6fcedf..8be134a 100644
--- a/iurt_root_command
+++ b/iurt_root_command
@@ -26,6 +26,7 @@
 use strict;
 my $program_name = 'iurt_root_command';
 use Mkcd::Commandline qw(parseCommandLine usage);
+use MDK::Common;
 
 my $arg = @ARGV;
 my (@params, %run);
@@ -40,12 +41,50 @@ $run{todo} = [ ];
     #
     # no_rsync, config_help and copy_srpm kept for compatibility reasons
     #
-    [ "", "$program_name", 0, "[--modprobe <module>]", 
+    [ "", "$program_name", 0, "[--verbose <level>] 
+		    [--modprobe <module>] 
+		    [--mkdir [--parents] <dir1> <dir2> ... <dirn>]", 
     "$program_name is a perl script to execute commands which need root privilege, it helps probram which needs occasional root privileges for some commands.", 
-    sub { $arg or usage($program_name, \@params) }, "" ],
+    sub { $arg or usage($program_name, \@params) }, "Running $program_name" ],
+    [ "", "mkdir", [
+    ["", "mkdir", -1, "[--parents] <dir1> <dir2> ... <dirn>]", "mkdir create the given path",
+        sub {    
+            my ($tmp, @arg) = @_; 
+            $tmp->[0] ||= {}; 
+            push @$tmp, @arg; 
+            1 
+        }, "Setting auto mode arguments"], 
+        ["p", "parents", 0, "",  
+        "Also create needed parents directories",  
+        sub { my ($tmp) = @_; $tmp->[0]{parents} = 1; 1 }, "Set the parents flag"], 
+    ], "[--parents] <dir1> <dir2> ... <dirn>]", 
+    "mkdir create the given path", 
+    \&mkdir, "Creating the path" ],
+    [ "", "rm", [
+   ["", "rm", -1, "[-f] [-r] <file1> <file2> ... <filen>]", "remove the provided files",
+        sub {    
+            my ($tmp, @arg) = @_; 
+            $tmp->[0] ||= {}; 
+            push @$tmp, @arg; 
+            1 
+        }, "Setting rm command arguments"], 
+        ["r", "recursive", 0, "",  
+        "Also create needed parents directories",  
+        sub { my ($tmp) = @_; $tmp->[0]{recursive} = 1; 1 }, "Set the recursive flag"], 
+    ], "[-r] <file1> <file2> ... <filen>]", 
+    "Remove files", 
+    \&rm, "Removing files" ],
+    [ "", "initdb", [
+    
+    ], "<chroot>]", 
+    "perform a rpm --initdb in the chroot.", 
+    \&initdb, "Initializing the rpm database" ],
+    [ "v", "verbose", 1, "<verbose level>", 
+    "modprobe try to modprobe the given module if authorized.", 
+    sub { $run{verbose} = @_->[0]; 1 }, "Setting verbose level" ],
     [ "", "modprobe", 1, "<module>]", 
-    "$program_name is a perl script to execute commands which need root privilege, it helps probram which needs occasional root privileges for some commands.", 
-    \&modprobe, "" ],
+    "modprobe try to modprobe the given module if authorized.", 
+    \&modprobe, "Modprobing" ],
 );
 
 open(my $LOG, ">&STDERR");
@@ -55,10 +94,10 @@ my $todo = parseCommandLine($program_name, \@ARGV, \@params);
 @ARGV and usage($program_name, \@params, "@ARGV, too many arguments");
 foreach my $t (@$todo)  {
     print {$run{LOG}} "$program_name: $t->[2]\n" if $run{verbose} > 5;
-    &{$t->[0]}(@{$t->[1]}) or print {$run{LOG}} "ERROR: $t->[2]\n";
+    &{$t->[0]}(\%run, @{$t->[1]}) or print {$run{LOG}} "ERROR: $t->[2]\n";
 }
 
-exit
+exit;
 
 sub modprobe {
     my ($run, $module) = @_;
@@ -69,3 +108,76 @@ sub modprobe {
     system($sudo, "/sbin/depmod", "-a");
     !system($sudo, "/sbin/modprobe", "-f", $module)
 }
+
+sub mkdir {
+    my ($run, $opt, @dir) = @_;
+    foreach my $path (@dir) {
+	-d $path and next;
+	if ($path =~ m,/dev|/proc|/root|/var, && $path !~ /chroot|unionfs/) {
+	    print {$run->{LOG}} "ERROR $program_name: $path creation forbidden\n";
+	}
+	if ($opt->{parents}) {
+	    mkdir_p $path
+	} else {
+	    mkdir $path
+	}
+    }
+    1
+}
+
+sub initdb {
+    my ($run, $chroot) = @_;
+    if (-d $chroot && $chroot !~ /chroot|unionfs/) {
+	print {$run{LOG}} "ERROR $program_name: rpm --initddb not authorized in $chroot\n";
+	return 0
+    }
+    !system("rpm", "--initddb", "--root", "$chroot")
+}
+
+sub rm {
+    my ($run, $opt, @files) = @_;
+    my $ok = 1;
+    my $done;
+    my $unauthorized = "/root|/dev|/var|/lib|/usr";
+    foreach my $f (@files) {
+	if (-d $f) {
+	    if (!$opt->{recursive}) {
+		print {$run->{LOG}} "$program_name: could not remove directories without the -r option\n";
+		$ok = 0
+	    } else {
+		if ($f =~ m,$unauthorized,) {
+		    print {$run->{LOG}} "$program_name: removal of $f forbidden\n";
+		    $ok = 0
+		} else {
+		    system($sudo, 'rm', '-rf', $f);
+		    print {$run->{LOG}} "$program_name: removing $f\n" if $run->{verbose};
+		    $done = 1
+		}
+	    }
+	} else {
+	    if ($f =~ m,/root|/dev|/var|/lib|/usr,) {
+		print {$run->{LOG}} "$program_name: removal of $f forbidden\n";
+		$ok = 0
+	    } else {
+		if ($f =~ /\*?/) {
+		    foreach my $file (glob $f) {
+			if ($f =~ m,/root|/dev|/var|/lib|/usr,) {
+			    print {$run->{LOG}} "$program_name: removal of $f forbidden\n";
+			    $ok = 0
+			} else {
+			    unlink $file;
+			    $done = 1;
+			    print {$run->{LOG}} "$program_name: removing $file\n" if $run->{verbose}
+			}
+		    }
+		} else {
+		    unlink $f;
+		    $done = 1;
+		    print {$run->{LOG}} "$program_name: removing $f\n" if $run->{verbose}
+		}
+	    }
+	}
+    }
+    if (!$done) { print {$run->{LOG}} "$program_name: nothing deleted\n" }
+    $ok
+}
-- 
cgit v1.2.1