Amanda::ClientService -- support for writing amandad and inetd services
package main::Service; use base qw( Amanda::ClientService );
sub start { my $self = shift; if ($self->from_inetd) { $self->check_bsd_security('main'); } # ... } #...
package main; use Amanda::MainLoop; my $svc = main::Service->new(); Amanda::MainLoop::run();
Note that, despite the name, some client services are actually run on the
server - amidxtaped
and amindexd
in particular.
This package is used as a parent class, and is usually subclassed as
main::Service
. Its constructor takes no arguments, and automatically
configures the MainLoop to call the start
method:
my $svc = main::Service->new(); Amanda::MainLoop::start();
The object is a blessed hashref. And all of the keys used by this class are private, and begin with an underscore. Subclasses are free to use any key names that do not begin with an underscore.
Some client services can be invoked directly from inetd for backward
compatibility. This package will automatically detect this, and act
accordingly. Subclasses can determine if they were invoked from inetd with the
boolean from_inetd
and from_amandad
methods. If from_amandad
is true,
then the authentication specified is available from the amandad_auth
method
(and may be undef
).
print "hi, inetd" if $self->from_inetd(); print "hi, amandadd w/ ", ($self->amandad_auth() || "none") if $self->from_amandad();
This package manages the available data streams as pairs of file descriptors,
providing convenience methods to hide some of the complexity of dealing with
them. Note that the class does not handle asynchronous reading or writing to
these file descriptors, and in fact most of the operations are entirely
synchronous, as they are non-blocking. File descriptors for streams are
available from the rfd
and wfd
methods, which both take a stream name:
Amanda::Util::full_write($self->wfd('MESG'), $buf, length($buf));
Each bidirectional stream has a name. At startup, stdin and stdout constitute the 'main' stream. For amandad invocations, this stream should be used to read the REQ packet and write the PREP and REP packets (see below). For inetd invocations, this is the primary means of communicating with the other end of the connection.
For amandad invocations, the create_streams
method will create named streams
back to amandad. Each stream name is paired with direction indicators: 'r'
for read, 'w'
for write, or 'rw'
for both. Any unused file descriptors
will be closed. The method will return a CONNECT
line suitable for
inclusion in a REP packet, without a newline terminator, giving the streams in
the order they were specified.
push @replines, $self->connect_streams( 'DATA' => 'w', 'MESG' => 'rw', 'INDEX' => 'w');
For inetd invocations, the connection_listen
method will open a (privileged,
if $priv
is true) listening socket and return the port. You should then
write a CONNECT $port\n
to the main stream and call connection_acecpt
to
wait for a connection to the listening port. The latter method calls
finished_cb
with undef
on success or an error message on failure. The
$timeout
is specified in seconds. On success, the stream named $name
is
then available for use. Note that this method does not check security on the
connection. Also note that this process requires that the Amanda configuration
be initialized.
my $port = $self->connection_listen($name, $priv); # send $port to the other side $self->connection_accept($name, $timeout, $finished_cb);
To close a stream, use close
. This takes an optional second argument which
can be used to half-close connections which support it. Note that the
underlying file descriptor is closed immediately, without regard to any
outstanding asynchronous reads or writes.
$self->close('MESG'); # complete close ('rw' is OK too) $self->close('INDEX', 'r'); # close for reading $self->close('DATA', 'w'); # close for writing
Invocations from inetd require a BSD-style security check. The
check_bsd_security
method takes the stream and the authentication string,
without the "SECURITY "
prefix or trailing newline, and performs the
necesary checks. To be clear, this string usually has the form "USER root"
.
The method returns undef
if the check succeeds, and an error message if it
fails.
if ($self->check_bsd_security($stream, $authstr)) { .. }
Not that the security check is skipped if the service is being run from an installcheck, since BSD security can't be tested by installchecks.
When invoked from amandad, a REQ packet is available on stdin, and amanadad
expects a REP packet on stdout. The parse_req
method takes the entire REP
packet, splits it into lines without trailing whitespace, exracts any OPTIONS
line into a hash, and decodes any features in the OPTIONS line. If no OPTIONS
appear, or the OPTIONS do not include features, then the features
key of the
result will be undefined. If there are format errors in the REQ, then the
errors
key will contain a list of error messages.
my $req_info = parse_req($req_str); if (@{$req_info->{'errors'}}) { print join("\n", @{$req_info->{'errors'}}), "\n"; exit; } print $req_info->{'options'}{'auth'}; # access to options print "yes!" if $req_info->{'features'}->has($fe_whatever); for my $line (@{$req_info->{'lines'}) { print "got REQ line '$line'\n"; }
Note that the general format of OPTION strings is unknown at this time, so this method may change significantly as more client services are added.
This page was automatically generated Tue Nov 19 20:05:35 2013 from the Amanda source tree, and documents the most recent development version of Amanda. For documentation specific to the version of Amanda on your system, use the 'perldoc' command.