diff options
| -rw-r--r-- | pttbbs/daemon/angelbeats/angelbeats.c | 7 | ||||
| -rw-r--r-- | pttbbs/include/perm.h | 9 | ||||
| -rw-r--r-- | pttbbs/include/pttstruct.h | 3 | ||||
| -rw-r--r-- | pttbbs/util/Makefile | 4 | ||||
| -rw-r--r-- | pttbbs/util/angel.c | 3 | ||||
| -rw-r--r-- | pttbbs/util/bbsctl.c | 67 | ||||
| -rw-r--r-- | pttbbs/util/permreport.c | 108 | ||||
| -rw-r--r-- | pttbbs/util/permrpt.sh | 2 |
8 files changed, 139 insertions, 64 deletions
diff --git a/pttbbs/daemon/angelbeats/angelbeats.c b/pttbbs/daemon/angelbeats/angelbeats.c index 82e9f1fb..0677c65e 100644 --- a/pttbbs/daemon/angelbeats/angelbeats.c +++ b/pttbbs/daemon/angelbeats/angelbeats.c @@ -405,6 +405,11 @@ init_angel_list_callback(void *ctx GCC_UNUSED, int uidx, userec_t *u) { if (!u->userid[0]) return 0; + if (u->role & ROLE_ANGEL_ACTIVITY) { + debug("skip: ROLE_ANGEL_ACTIVITY: %s\n", u->userid); + return 0; + } + // add entry if I'm an angel. if (u->userlevel & PERM_ANGEL) angel_list_add(u->userid, unum); @@ -445,7 +450,7 @@ init_angel_list_callback(void *ctx GCC_UNUSED, int uidx, userec_t *u) { int init_angel_list() { g_angel_list_size = 0; - passwd_apply(NULL, init_angel_list_callback); + passwd_fast_apply(NULL, init_angel_list_callback); angel_list_sort(); return 0; } diff --git a/pttbbs/include/perm.h b/pttbbs/include/perm.h index 4080935e..f40c5d50 100644 --- a/pttbbs/include/perm.h +++ b/pttbbs/include/perm.h @@ -58,6 +58,15 @@ #define HasBasicUserPerm(x) (HasUserPerm(PERM_BASIC) && HasUserPerm(x)) #define PERM_HIDE(u) (u && (u)->userlevel & PERM_SYSOPHIDE) +#define ROLE_ANGEL_CIA 0x00000001 /* Angel: CIA. */ +#define ROLE_ANGEL_ACTIVITY 0x00000002 /* Angel: For activities, no assign. */ +#define ROLE_ANGEL_ARCHANGEL 0x00000080 /* Angel: Arch-Angel */ +#define ROLE_POLICE_ANONYMOUS 0x00000100 /* Police: Anonymous account. */ + +#define ROLE_HIDE_FROM (ROLE_ANGEL_CIA | ROLE_POLICE_ANONYMOUS) + +#define HasUserRole(x) ((cuser.role & (x)) != 0) + #define IS_BOARD(bptr) ((bptr)->brdname[0] && \ !((bptr)->brdattr & BRD_GROUPBOARD)) #define IS_GROUP(bptr) ((bptr)->brdname[0] && \ diff --git a/pttbbs/include/pttstruct.h b/pttbbs/include/pttstruct.h index c81a75d5..62db689a 100644 --- a/pttbbs/include/pttstruct.h +++ b/pttbbs/include/pttstruct.h @@ -90,7 +90,8 @@ typedef struct userec_t { char career[40]; /* 學歷職業 */ char phone[20]; /* 電話 */ uint32_t _unused6; /* 從前放轉換前的 numlogins, 使用前請先清0 */ - char chkpad1[48]; + char chkpad1[44]; + uint32_t role; /* Role-specific permissions */ time4_t lastseen; /* 最近上站時間(隱身不計) */ time4_t timesetangel; /* 上次得到天使時間 */ time4_t timeplayangel; /* 上次與天使互動時間 (by day) */ diff --git a/pttbbs/util/Makefile b/pttbbs/util/Makefile index 6b122995..aa686b0c 100644 --- a/pttbbs/util/Makefile +++ b/pttbbs/util/Makefile @@ -23,7 +23,7 @@ CPROG_WITH_UTIL= \ angel gamblegive \ chesscountry tunepasswd buildir xchatd \ uhash_loader timecap_buildref showuser removebm \ - redir + redir permreport # 下面是 C++ 的程式 CPP_WITH_UTIL= \ @@ -90,7 +90,7 @@ installfiltermail: # for bbsctl. bbsctl should be compiled with bbs and installed with root bbsctl: bbsctl.c - $(CC) $(CFLAGS) ${LDFLAGS} -o $@ $@.c $(LDLIBS) + $(CC) $(CFLAGS) ${LDFLAGS} -o $@ $@.c $(LDLIBS) installbbsctl: bbsctl rm -f /home/bbs/bin/bbsctl diff --git a/pttbbs/util/angel.c b/pttbbs/util/angel.c index 0879aaff..afeb370a 100644 --- a/pttbbs/util/angel.c +++ b/pttbbs/util/angel.c @@ -82,6 +82,8 @@ int buildMasterInfo(AngelRecord *rec, int num_recs) { fprintf(stderr, "."); if (!*user.userid) continue; + if (user.role & ROLE_ANGEL_ACTIVITY) + continue; if (user.userlevel & PERM_ANGEL) { r->is_angel = 1; count++; @@ -214,6 +216,7 @@ int main(int argc, char *argv[]){ rec = (AngelRecord *)malloc(sizeof(AngelRecord) * MAX_USERS); assert(rec); count = buildMasterInfo(rec, MAX_USERS); + // TODO remove expired angels. angels = (AngelRecord *)malloc(sizeof(AngelRecord) * count); assert(angels); diff --git a/pttbbs/util/bbsctl.c b/pttbbs/util/bbsctl.c index 2cae3dd6..47a9451f 100644 --- a/pttbbs/util/bbsctl.c +++ b/pttbbs/util/bbsctl.c @@ -42,7 +42,7 @@ int HaveBBSADM(void) } for( i = 0 ; i < ngids ; ++i ) - if( gr->gr_gid == (int)gids[i] ) + if( gr->gr_gid == gids[i] ) return 1; return 0; @@ -91,7 +91,7 @@ int parse_bindports_mode(const char *fn) return mode; } -int startbbs(int argc, char **argv) +int startbbs(int argc GCC_UNUSED, char **argv GCC_UNUSED) { const char *bindports_fn = BBSHOME "/" FN_CONF_BINDPORTS; if( setuid(0) < 0 ){ @@ -134,7 +134,7 @@ int startbbs(int argc, char **argv) return 1; } -int stopbbs(int argc, char **argv) +int stopbbs(int argc GCC_UNUSED, char **argv GCC_UNUSED) { DIR *dirp; struct dirent *de; @@ -176,7 +176,7 @@ int stopbbs(int argc, char **argv) return 0; } -int nonstopSTOP(int argc, char **argv) +int nonstopSTOP(int argc GCC_UNUSED, char **argv GCC_UNUSED) { DIR *dirp; struct dirent *de; @@ -207,7 +207,7 @@ int nonstopSTOP(int argc, char **argv) return 0; } -int fakekill(pid_t pid, int sig) +int fakekill(pid_t pid, int sig GCC_UNUSED) { kill(pid, 0 /* dummy */); return 0; @@ -369,7 +369,7 @@ int restartbbs(int argc, char **argv) return 0; } -int bbsadm(int argc, char **argv) +int bbsadm(int argc GCC_UNUSED, char **argv GCC_UNUSED) { if( setuid(0) < 0 ){ perror("setuid(0)"); @@ -380,7 +380,7 @@ int bbsadm(int argc, char **argv) return 0; } -int bbstest(int argc, char **argv) +int bbstest(int argc GCC_UNUSED, char **argv GCC_UNUSED) { if( access("mbbsd", 0) < 0 ){ perror("./mbbsd"); @@ -401,7 +401,7 @@ int bbstest(int argc, char **argv) return 0; } -int Xipcrm(int argc, char **argv) +int Xipcrm(int argc GCC_UNUSED, char **argv GCC_UNUSED) { #ifdef __FreeBSD__ char buf[256], cmd[256]; @@ -449,56 +449,6 @@ int Xipcrm(int argc, char **argv) #endif } -int permreport(int argc, char **argv) -{ - int fd, i, count; - userec_t usr; - struct { - int perm; - char *desc; - } check[] = { - {PERM_BBSADM, "PERM_BBSADM"}, - {PERM_SYSOP, "PERM_SYSOP"}, - {PERM_ACCOUNTS, "PERM_ACCOUNTS 帳號總管"}, - {PERM_CHATROOM, "PERM_CHATROOM 聊天室總管"}, - {PERM_BOARD, "PERM_BOARD 看板總管"}, - {PERM_PRG, "PERM_PRG 程式組"}, - {PERM_VIEWSYSOP,"PERM_VIEWSYSOP 視覺站長"}, - {PERM_POLICE_MAN,"PERM_POLICE_MAN 警察總管"}, - {PERM_SYSSUPERSUBOP,"PERM_SYSSUPERSUBOP 群組長"}, - //{PERM_SYSSUBOP, "PERM_SYSSUBOP 小組長"}, - {PERM_ACCTREG, "PERM_ACCTREG 帳號審核組"}, -#if 0 - {PERM_RELATION, "PERM_RELATION"}, - {PERM_PRG, "PERM_PRG"}, - {PERM_ACTION, "PERM_ACTION"}, - {PERM_PAINT, "PERM_PAINT"}, - {PERM_POLICE_MAN, "PERM_POLICE_MAN"}, - {PERM_MSYSOP, "PERM_MSYSOP"}, - {PERM_PTT, "PERM_PTT"}, -#endif - {0, NULL}}; - - if( (fd = open(".PASSWDS", O_RDONLY)) < 0 ){ - perror(".PASSWDS"); - return 1; - } - for( count = i = 0 ; check[i].perm != 0 ; ++i ){ - count = 0; - lseek(fd, 0, SEEK_SET); - printf("%s\n", check[i].desc); - while( read(fd, &usr, sizeof(usr)) > 0 ){ - if( usr.userid[0] != 0 && isalpha(usr.userid[0]) && - usr.userlevel & check[i].perm ){ - ++count; - printf("%-20s%-10s\n", usr.userid, usr.realname); - } - } - printf("total %d users\n\n", count); - } - return 0; -} - struct { int (*func)(int, char **); char *cmd, *descript; @@ -512,7 +462,6 @@ struct { {nonstopSTOP,"nonstopSTOP","killall ALL mbbsd (nonstop)"}, {STOP, "STOP", "killall ALL mbbsd"}, {fakeSTOP, "fakeSTOP", "fake killall ALL mbbsd"}, - {permreport, "permreport", "permission report"}, {NULL, NULL, NULL} }; int main(int argc, char **argv) diff --git a/pttbbs/util/permreport.c b/pttbbs/util/permreport.c new file mode 100644 index 00000000..6fcd81f9 --- /dev/null +++ b/pttbbs/util/permreport.c @@ -0,0 +1,108 @@ +/* $Id: bbsctl.c 4594 2009-06-13 13:13:27Z piaip $ */ +#include "bbs.h" + +#define PERMCHECK(s) {s, #s} + +static int get_offset(int mask) { + int i; + for (i = 0; mask; i++, mask >>= 1) + if (mask & 0x1) + return i; + assert(mask); + return -1; +} + +typedef struct { + uint32_t mask; + char *desc, *list; + const char *caption; + int count; +} check_item; + +int main(void) { + int fd, i; + userec_t usr; + check_item checks[] = { + PERMCHECK(PERM_BBSADM), + PERMCHECK(PERM_SYSOP), + PERMCHECK(PERM_ACCOUNTS), + PERMCHECK(PERM_CHATROOM), + PERMCHECK(PERM_BOARD), + PERMCHECK(PERM_PRG), + PERMCHECK(PERM_VIEWSYSOP), + PERMCHECK(PERM_POLICE_MAN), + PERMCHECK(PERM_SYSSUPERSUBOP), + PERMCHECK(PERM_ACCTREG), +#if 0 + PERMCHECK(PERM_SYSSUBOP), + PERMCHECK(PERM_ACTION), + PERMCHECK(PERM_PAINT), +#endif + PERMCHECK(ROLE_ANGEL_CIA), + PERMCHECK(ROLE_ANGEL_ACTIVITY), + PERMCHECK(ROLE_ANGEL_ARCHANGEL), + PERMCHECK(ROLE_POLICE_ANONYMOUS), + {0, NULL}, + }; + + chdir(BBSHOME); + attach_SHM(); + + if ((fd = open(".PASSWDS", O_RDONLY)) < 0) { + perror(".PASSWDS"); + return 1; + } + + // new version + while (read(fd, &usr, sizeof(usr)) == sizeof(usr)) { + if (!*usr.userid) + continue; + if (!usr.userlevel && !usr.role) + continue; + for (i = 0; checks[i].mask; i++) { + int mask = checks[i].mask; + uint32_t *pvalue = NULL; + const char *desc = checks[i].desc; + char *list = checks[i].list; + int is_perm = 0; + size_t need_len = sizeof(usr.userid) + sizeof(usr.realname) + 4; + + if (strncmp(desc, "PERM_", 4) == 0) { + if (!checks[i].caption) + checks[i].caption = str_permid[get_offset(mask)]; + pvalue = &usr.userlevel; + is_perm = 1; + } else if (strncmp(desc, "ROLE_", 5) == 0) { + if (!checks[i].caption) + checks[i].caption = str_roleid[get_offset(mask)]; + pvalue = &usr.role; + } else + assert(pvalue); + + if (!(*pvalue & mask)) + continue; + + // append to list + checks[i].list = (char *)realloc( + list, (list ? strlen(list) : 0) + need_len); + assert(checks[i].list); + if (!list) + checks[i].list[0] = 0; + checks[i].count++; + list = checks[i].list; + list += strlen(list); + sprintf(list, " %-*s %s\n", IDLEN, usr.userid, + usr.realname); + } + } + + // Now, iterate through all permissions and print out list. + for (i = 0; checks[i].mask; i++) { + printf("%s %s\n%stotal %d users\n\n", + checks[i].desc, checks[i].caption, + checks[i].list ? checks[i].list : "", + checks[i].count); + } + close(fd); + return 0; +} diff --git a/pttbbs/util/permrpt.sh b/pttbbs/util/permrpt.sh index c821d5b1..c28e1836 100644 --- a/pttbbs/util/permrpt.sh +++ b/pttbbs/util/permrpt.sh @@ -1,6 +1,6 @@ #!/bin/sh -bin/bbsctl permreport > etc/permrpt.log +bin/permreport >etc/permrpt.log if [ -s etc/permrpt.log ] ; then bin/post Administor "特殊權限使用者名單 `date +'%Y%m%d'`" "[權限報告]" etc/permrpt.log fi |