Amanda::ClientService -- support for writing amandad and inetd services
package main::Service;
use base qw( Amanda::ClientService );
sub start {
my $self = shift;
if ($self->from_inetd) {
$self->check_bsd_security('main');
}
# ...
}
#...
package main;
use Amanda::MainLoop;
my $svc = main::Service->new();
Amanda::MainLoop::run();
Note that, despite the name, some client services are actually run on the server - amidxtaped
and amindexd
in particular.
This package is used as a parent class, and is usually subclassed as main::Service
. Its constructor takes no arguments, and automatically configures the MainLoop to call the start
method:
my $svc = main::Service->new();
Amanda::MainLoop::start();
The object is a blessed hashref. And all of the keys used by this class are private, and begin with an underscore. Subclasses are free to use any key names that do not begin with an underscore.
Some client services can be invoked directly from inetd for backward compatibility. This package will automatically detect this, and act accordingly. Subclasses can determine if they were invoked from inetd with the boolean from_inetd
and from_amandad
methods. If from_amandad
is true, then the authentication specified is available from the amandad_auth
method (and may be undef
).
print "hi, inetd"
if $self->from_inetd();
print "hi, amandadd w/ ", ($self->amandad_auth() || "none")
if $self->from_amandad();
This package manages the available data streams as pairs of file descriptors, providing convenience methods to hide some of the complexity of dealing with them. Note that the class does not handle asynchronous reading or writing to these file descriptors, and in fact most of the operations are entirely synchronous, as they are non-blocking. File descriptors for streams are available from the rfd
and wfd
methods, which both take a stream name:
Amanda::Util::full_write($self->wfd('MESG'), $buf, length($buf));
Each bidirectional stream has a name. At startup, stdin and stdout constitute the 'main' stream. For amandad invocations, this stream should be used to read the REQ packet and write the PREP and REP packets (see below). For inetd invocations, this is the primary means of communicating with the other end of the connection.
For amandad invocations, the create_streams
method will create named streams back to amandad. Each stream name is paired with direction indicators: 'r'
for read, 'w'
for write, or 'rw'
for both. Any unused file descriptors will be closed. The method will return a CONNECT
line suitable for inclusion in a REP packet, without a newline terminator, giving the streams in the order they were specified.
push @replines, $self->connect_streams(
'DATA' => 'w', 'MESG' => 'rw', 'INDEX' => 'w');
For inetd invocations, the connection_listen
method will open a (privileged, if $priv
is true) listening socket and return the port. You should then write a CONNECT $port\n
to the main stream and call connection_acecpt
to wait for a connection to the listening port. The latter method calls finished_cb
with undef
on success or an error message on failure. The $timeout
is specified in seconds. On success, the stream named $name
is then available for use. Note that this method does not check security on the connection. Also note that this process requires that the Amanda configuration be initialized.
my $port = $self->connection_listen($name, $priv);
# send $port to the other side
$self->connection_accept($name, $timeout, $finished_cb);
To close a stream, use close
. This takes an optional second argument which can be used to half-close connections which support it. Note that the underlying file descriptor is closed immediately, without regard to any outstanding asynchronous reads or writes.
$self->close('MESG'); # complete close ('rw' is OK too)
$self->close('INDEX', 'r'); # close for reading
$self->close('DATA', 'w'); # close for writing
Invocations from inetd require a BSD-style security check. The check_bsd_security
method takes the stream and the authentication string, without the "SECURITY "
prefix or trailing newline, and performs the necesary checks. To be clear, this string usually has the form "USER root"
. The method returns undef
if the check succeeds, and an error message if it fails.
if ($self->check_bsd_security($stream, $authstr, $service)) { .. }
Not that the security check is skipped if the service is being run from an installcheck, since BSD security can't be tested by installchecks.
When invoked from amandad, a REQ packet is available on stdin, and amanadad expects a REP packet on stdout. The parse_req
method takes the entire REP packet, splits it into lines without trailing whitespace, exracts any OPTIONS line into a hash, and decodes any features in the OPTIONS line. If no OPTIONS appear, or the OPTIONS do not include features, then the features
key of the result will be undefined. If there are format errors in the REQ, then the errors
key will contain a list of error messages.
my $req_info = parse_req($req_str);
if (@{$req_info->{'errors'}}) {
print join("\n", @{$req_info->{'errors'}}), "\n";
exit;
}
print $req_info->{'options'}{'auth'}; # access to options
print "yes!" if $req_info->{'features'}->has($fe_whatever);
for my $line (@{$req_info->{'lines'}) {
print "got REQ line '$line'\n";
}
Note that the general format of OPTION strings is unknown at this time, so this method may change significantly as more client services are added.
This page was automatically generated Tue Mar 19 07:08:15 2019 from the Amanda source tree, and documents the most recent development version of Amanda. For documentation specific to the version of Amanda on your system, use the 'perldoc' command.