smeserver-base/root/etc/e-smith/db/configuration/migrate/10SetAccessDefaults

{
=head1 NAME

set-access-defaults -- Set services to appropriate defaults for SystemMode

=head1 DESCRIPTION

The SystemMode can be changed through the console. When it is changed,
console-save is called, which causes services to be reconfigured in
accordance with the new SystemMode.

In servergateway mode, the following services are enabled on the
external interface: HTTP, HTTPS, SMTP, AUTH/IDENT

In servergateway-private mode, all external services are disabled

This script is a no-op if the SystemMode has not been changed.

=cut

    my $conf = $DB;

    my $current_mode = $conf->get_value('SystemMode') or return;

    my $sysconfig = $conf->get("sysconfig") or return;

    my $previous_mode = $sysconfig->prop('PreviousSystemMode')
			    || "unknown";

    if ($previous_mode eq "unknown")
    {
	$sysconfig->set_prop('PreviousSystemMode', $current_mode);
	return;
    }

    return unless ( $previous_mode eq 'servergateway-private' or
                    $current_mode eq 'servergateway-private' );

    #------------------------------------------------------------
    # OK, we have a new SystemMode, go for it
    #------------------------------------------------------------
    my %service2access =
	    (
		oidentd		=> "public",
		'httpd-e-smith'	=> "public",
		'qpsmtpd'	=> "public",
		'sqpsmtpd'	=> "public",
		ftp		=> "private",
		imap		=> "private",
		imaps		=> "private",
		modSSL		=> "public",
		pop3s		=> "private",
		popd		=> "private",
		sshd		=> "private",
		telnet		=> "private",
	    
	    );

    if ( $current_mode eq 'servergateway-private' )
    {
	foreach my $key (keys %service2access)
	{
	    $service2access{$key} = 'private';
	}
    }

    #------------------------------------------------------------
    # Enforce the default access rights
    #------------------------------------------------------------
    foreach my $service ( keys %service2access )
    {
	my $entry = $conf->get($service);

	next unless ($entry);

	$entry->set_prop("access", $service2access{$service});
    }

    $sysconfig->set_prop('PreviousSystemMode', $current_mode);
}
initial commit of file from CVS for e-smith-base on Thu 26 Oct 11:24:52 BST 2023 2023-10-26 12:24:52 +02:00			`{`
			`=head1 NAME`

			`set-access-defaults -- Set services to appropriate defaults for SystemMode`

			`=head1 DESCRIPTION`

			`The SystemMode can be changed through the console. When it is changed,`
			`console-save is called, which causes services to be reconfigured in`
			`accordance with the new SystemMode.`

			`In servergateway mode, the following services are enabled on the`
			`external interface: HTTP, HTTPS, SMTP, AUTH/IDENT`

			`In servergateway-private mode, all external services are disabled`

			`This script is a no-op if the SystemMode has not been changed.`

			`=cut`

			`my $conf = $DB;`

			`my $current_mode = $conf->get_value('SystemMode') or return;`

			`my $sysconfig = $conf->get("sysconfig") or return;`

			`my $previous_mode = $sysconfig->prop('PreviousSystemMode')`
			`\|\| "unknown";`

			`if ($previous_mode eq "unknown")`
			`{`
			`$sysconfig->set_prop('PreviousSystemMode', $current_mode);`
			`return;`
			`}`

			`return unless ( $previous_mode eq 'servergateway-private' or`
			`$current_mode eq 'servergateway-private' );`

			`#------------------------------------------------------------`
			`# OK, we have a new SystemMode, go for it`
			`#------------------------------------------------------------`
			`my %service2access =`
			`(`
			`oidentd => "public",`
			`'httpd-e-smith' => "public",`
			`'qpsmtpd' => "public",`
			`'sqpsmtpd' => "public",`
			`ftp => "private",`
			`imap => "private",`
			`imaps => "private",`
			`modSSL => "public",`
			`pop3s => "private",`
			`popd => "private",`
			`sshd => "private",`
			`telnet => "private",`

			`);`

			`if ( $current_mode eq 'servergateway-private' )`
			`{`
			`foreach my $key (keys %service2access)`
			`{`
			`$service2access{$key} = 'private';`
			`}`
			`}`

			`#------------------------------------------------------------`
			`# Enforce the default access rights`
			`#------------------------------------------------------------`
			`foreach my $service ( keys %service2access )`
			`{`
			`my $entry = $conf->get($service);`

			`next unless ($entry);`

			`$entry->set_prop("access", $service2access{$service});`
			`}`

			`$sysconfig->set_prop('PreviousSystemMode', $current_mode);`
			`}`