Allow socket and address/port to be used with maxadmin

It's now possible to use both a Unix domain socket and host/port when connecting with MaxAdmin to MaxScale. By default MaxAdmin will attempt to use the default Unix domain socket, but if host and/or port has been specified, then an inet socket will be used. maxscaled will authenticate the connection attempt differently depending on whether a Unix domain socket is used or not. If a Unix domain socket is used, then the Linux user id will be used for the authorization, otherwise the 1.4.3 username/password handshake will be performed. adminusers has now been extended so that there is one set of functions for local users (connecting locally over a Unix socket) and one set of functions for remote users (connecting locally or remotely over an Inet socket). The local users are stored in the new .../maxscale-users and the remote users in .../passwd. That is, the old users of a 1.4 installation will work as such in 2.0. One difference is that there will be *no* default remote user. That is, remote users will always have to be added manually using a local user. The implementation is shared; the local and remote alternatives use common functions to which the hashtable and filename to be used are forwarded. The commands "[add|remove] user" behave now exactly like they did in 1.4.3, and also all existing users work out of the box. In addition there is now the commands "[enable|disable] account" using which Linux accounts can be enabled for MaxAdmin usage.
2016-08-30 14:33:00 +03:00
parent d337aa0476
commit a9b0a5550c
20 changed files with 1175 additions and 451 deletions
--- a/server/core/test/testadminusers.c
+++ b/server/core/test/testadminusers.c
@ -49,12 +49,12 @@
 static int
 test1()
 {
-    if (admin_remote_verify("admin", "mariadb") == 0)
+    if (admin_verify_inet_user("admin", "mariadb") == 0)
    {
        fprintf(stderr, "admin_verify: test 1.1 (default user) failed.\n");
        return 1;
    }
-    if (admin_remote_verify("bad", "user"))
+    if (admin_verify_inet_user("bad", "user"))
    {
        fprintf(stderr, "admin_verify: test 1.2 (wrong user) failed.\n");
        return 1;
@ -75,13 +75,13 @@ test2()
 {
    const char *err;

-    if ((err = admin_local_add_user("user0")) != NULL)
+    if ((err = admin_enable_linux_account("user0")) != NULL)
    {
        fprintf(stderr, "admin_add_user: test 2.1 (add user) failed, %s.\n", err);

        return 1;
    }
-    if (admin_local_add_user("user0") == NULL)
+    if (admin_enable_linux_account("user0") == NULL)
    {
        fprintf(stderr, "admin_add_user: test 2.2 (add user) failed, duplicate.\n");

@ -89,7 +89,7 @@ test2()
    }

    /* Deleting the last user is not forbidden so we expect this to succeed */
-    if ((err = admin_local_remove_user("user0")) != NULL)
+    if ((err = admin_disable_linux_account("user0")) != NULL)
    {
        fprintf(stderr, "admin_remove_user: test 2.3 (add user) failed, %s.\n", err);

@ -97,7 +97,7 @@ test2()
    }

    /* Add the user back, for test5. */
-    if ((err = admin_local_add_user("user0")) != NULL)
+    if ((err = admin_enable_linux_account("user0")) != NULL)
    {
        fprintf(stderr, "admin_add_user: test 2.4 (add user) failed, %s.\n", err);

@ -121,35 +121,35 @@ test3()
 {
    const char *err;

-    if ((err = admin_local_add_user("user1")) != NULL)
+    if ((err = admin_enable_linux_account("user1")) != NULL)
    {
        fprintf(stderr, "admin_add_user: test 3.1 (add user) failed, %s.\n", err);

        return 1;
    }

-    if (admin_local_search_user("user1") == 0)
+    if (admin_linux_account_enabled("user1") == 0)
    {
        fprintf(stderr, "admin_search_user: test 3.2 (search user) failed.\n");

        return 1;
    }

-    if (admin_local_search_user("user2") != 0)
+    if (admin_linux_account_enabled("user2") != 0)
    {
        fprintf(stderr, "admin_search_user: test 3.3 (search user) failed, unexpeted user found.\n");

        return 1;
    }

-    if ((err = admin_local_remove_user("user1")) != NULL)
+    if ((err = admin_disable_linux_account("user1")) != NULL)
    {
        fprintf(stderr, "admin_remove_user: test 3.4 (add user) failed, %s.\n", err);

        return 1;
    }

-    if (admin_local_search_user("user1"))
+    if (admin_linux_account_enabled("user1"))
    {
        fprintf(stderr, "admin_search_user: test 3.5 (search user) failed - user was deleted.\n");

@ -179,7 +179,7 @@ test4()
    for (i = 1; i < n_users; i++)
    {
        sprintf(user, "user%d", i);
-        if ((err = admin_local_add_user(user)) != NULL)
+        if ((err = admin_enable_linux_account(user)) != NULL)
        {
            fprintf(stderr, "admin_add_user: test 4.1 (add user) failed, %s.\n", err);

@ -190,7 +190,7 @@ test4()
    for (i = 1; i < n_users; i++)
    {
        sprintf(user, "user%d", i);
-        if (admin_local_search_user(user) == 0)
+        if (admin_linux_account_enabled(user) == 0)
        {
            fprintf(stderr, "admin_search_user: test 4.2 (search user) failed.\n");

@ -201,7 +201,7 @@ test4()
    for (i = 1; i < n_users; i++)
    {
        sprintf(user, "user%d", i);
-        if ((err = admin_local_remove_user(user)) != NULL)
+        if ((err = admin_disable_linux_account(user)) != NULL)
        {
            fprintf(stderr, "admin_remove_user: test 4.3 (add user) failed, %s.\n", err);

@ -223,14 +223,14 @@ test5()
 {
    const char *err;

-    if ((err = admin_local_add_user("user")) != NULL)
+    if ((err = admin_enable_linux_account("user")) != NULL)
    {
        fprintf(stderr, "admin_add_user: test 5.1 (add user) failed, %s.\n", err);

        return 1;
    }

-    if ((err = admin_local_remove_user("user0")) != NULL)
+    if ((err = admin_disable_linux_account("user0")) != NULL)
    {
        fprintf(stderr, "admin_remove_user: test 5.2 (add user) failed, %s.\n", err);