Merge branch '5-create-run-as-user-tool' into 'main' (3b376dd3) · Commits · NDIP / OIDC Utils

.gitlab-ci.yml

+2 −2

Original line number	Diff line number	Diff line
		@@ -41,8 +41,8 @@ build-packages:
		- docker build -f server_side/dockerfiles/Dockerfile.opensuse -t opensuse --target package ./server_side
		- docker run --rm -v `pwd`:/tmp opensuse bash -c "cp /src/c/build/*.rpm /tmp"
		- fname=`ls *.rpm \| head -n 1`
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/rpm/0.1.0/$fname"'
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/rpm/0.2.0/$fname"'
		- fname=`ls *.deb \| head -n 1`
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/deb/0.1.0/$fname"'
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/deb/0.2.0/$fname"'
		tags:
		- rse-multi-builder

+1 −1

Original line number	Diff line number	Diff line
		@@ -30,7 +30,7 @@ SET(CPACK_DEBIAN_PACKAGE_MAINTAINER "ORNL")
		SET(CPACK_RPM_PACKAGE_MAINTAINER "ORNL")

		set(CPACK_PACKAGE_VERSION_MAJOR "0")
		set(CPACK_PACKAGE_VERSION_MINOR "1")
		set(CPACK_PACKAGE_VERSION_MINOR "2")
		set(CPACK_PACKAGE_VERSION_PATCH "0")

		set(CPACK_DEBIAN_PACKAGE_DEPENDS "curl")

+25 −4

Original line number	Diff line number	Diff line
		@@ -5,12 +5,13 @@
		#include <stdlib.h>
		#include <pwd.h>
		#include <unistd.h>
		#include <sys/fcntl.h>

		#include "auth.h"

		int main(int argc, char *argv[]) {
		if (argc != 4) {
		printf("usage: %s <config_file> <OIDC token> <command>\n", argv[0]);
		if (argc != 5) {
		printf("usage: %s <config_file> <OIDC token> <mode> <path\|command>\n", argv[0]);
		exit(1);
		}
		int res = parse_config(argv[1], &config);
		@@ -42,6 +43,26 @@ int main(int argc, char *argv[]) {
		printf("cannot set uid\n");
		exit(1);
		}
		printf("Executing command \"%s\" as %s(%d)\n", argv[3], uname, pwd->pw_uid);
		return system(argv[3]);
		if (strcmp(argv[3],"-c") == 0) {
		return system(argv[4]);
		} else if (strcmp(argv[3],"-f") == 0) {
		int fd = open(argv[4], O_RDONLY);
		if (fd == -1) {
		printf("cannot open file %s\n", argv[4]);
		exit(1);
		}

		char buf[1024];
		int buflen;
		while((buflen = read(fd, buf, 1024)) > 0)
		{
		write(1, buf, buflen);
		}
		close(fd);

		} else {
		printf("wrong mode %s\n",argv[3]);
		exit(1);
		}

		}

+1 −1

Original line number	Diff line number	Diff line
		@@ -23,7 +23,7 @@ RUN zypper in -y google-authenticator-libpam curl python3 openssh hostname

		COPY --from=package /src/c/build/*.rpm /package/

		RUN zypper in -y --allow-unsigned-rpm /package/oidc-pam-0.1.0-Linux.rpm
		RUN zypper in -y --allow-unsigned-rpm /package/oidc-pam-0.2.0-Linux.rpm

		COPY start_2fa.sh /tmp/oidc/
		COPY update_oidc_config.py /tmp/oidc/

+1 −1

Original line number	Diff line number	Diff line
		@@ -19,7 +19,7 @@ RUN apt-get update && apt-get install -y curl python3 ssh

		COPY --from=package /src/c/build/*.deb /package/

		RUN dpkg -i /package/oidc-pam-0.1.0-Linux.deb
		RUN dpkg -i /package/oidc-pam-0.2.0-Linux.deb

		COPY c/sshd /etc/pam.d/
		COPY sshd_pam.conf /etc/ssh/sshd_config.d/