Accueil Explorer Aide
S'inscrire Connexion
Apq
/
sftpgo
miroir de https://github.com/drakkan/sftpgo.git
1
0
Fork 0
Fichiers Tickets 0 Wiki
Aborescence: cc134cad9a
Branches Tags
sftpgo
/
cmd
/
startsubsys.go

startsubsys.go 6.3 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184 
  1. package cmd
    2. 

  2. 

  3. import (
    4. 

  4. 	"io"
    5. 

  5. 	"os"
    6. 

  6. 	"os/user"
    7. 

  7. 	"path/filepath"
    8. 

  8. 

  9. 	"github.com/rs/xid"
    10. 

  10. 	"github.com/rs/zerolog"
    11. 

  11. 	"github.com/spf13/cobra"
    12. 

  12. 	"github.com/spf13/viper"
    13. 

  13. 

  14. 	"github.com/drakkan/sftpgo/v2/common"
    15. 

  15. 	"github.com/drakkan/sftpgo/v2/config"
    16. 

  16. 	"github.com/drakkan/sftpgo/v2/dataprovider"
    17. 

  17. 	"github.com/drakkan/sftpgo/v2/logger"
    18. 

  18. 	"github.com/drakkan/sftpgo/v2/sdk/plugin"
    19. 

  19. 	"github.com/drakkan/sftpgo/v2/sftpd"
    20. 

  20. 	"github.com/drakkan/sftpgo/v2/version"
    21. 

  21. )
    22. 

  22. 

  23. var (
    24. 

  24. 	logJournalD     = false
    25. 

  25. 	preserveHomeDir = false
    26. 

  26. 	baseHomeDir     = ""
    27. 

  27. 	subsystemCmd    = &cobra.Command{
    28. 

  28. 		Use:   "startsubsys",
    29. 

  29. 		Short: "Use SFTPGo as SFTP file transfer subsystem",
    30. 

  30. 		Long: `In this mode SFTPGo speaks the server side of SFTP protocol to stdout and
    31. 

  31. expects client requests from stdin.
    32. 

  32. This mode is not intended to be called directly, but from sshd using the
    33. 

  33. Subsystem option.
    34. 

  34. For example adding a line like this one in "/etc/ssh/sshd_config":
    35. 

  35. 

  36. Subsystem	sftp	sftpgo startsubsys
    37. 

  37. 

  38. Command-line flags should be specified in the Subsystem declaration.
    39. 

  39. `,
    40. 

  40. 		Run: func(cmd *cobra.Command, args []string) {
    41. 

  41. 			logSender := "startsubsys"
    42. 

  42. 			connectionID := xid.New().String()
    43. 

  43. 			logLevel := zerolog.DebugLevel
    44. 

  44. 			if !logVerbose {
    45. 

  45. 				logLevel = zerolog.InfoLevel
    46. 

  46. 			}
    47. 

  47. 			if logJournalD {
    48. 

  48. 				logger.InitJournalDLogger(logLevel)
    49. 

  49. 			} else {
    50. 

  50. 				logger.InitStdErrLogger(logLevel)
    51. 

  51. 			}
    52. 

  52. 			osUser, err := user.Current()
    53. 

  53. 			if err != nil {
    54. 

  54. 				logger.Error(logSender, connectionID, "unable to get the current user: %v", err)
    55. 

  55. 				os.Exit(1)
    56. 

  56. 			}
    57. 

  57. 			username := osUser.Username
    58. 

  58. 			homedir := osUser.HomeDir
    59. 

  59. 			logger.Info(logSender, connectionID, "starting SFTPGo %v as subsystem, user %#v home dir %#v config dir %#v base home dir %#v",
    60. 

  60. 				version.Get(), username, homedir, configDir, baseHomeDir)
    61. 

  61. 			err = config.LoadConfig(configDir, configFile)
    62. 

  62. 			if err != nil {
    63. 

  63. 				logger.Error(logSender, connectionID, "unable to load configuration: %v", err)
    64. 

  64. 				os.Exit(1)
    65. 

  65. 			}
    66. 

  66. 			commonConfig := config.GetCommonConfig()
    67. 

  67. 			// idle connection are managed externally
    68. 

  68. 			commonConfig.IdleTimeout = 0
    69. 

  69. 			config.SetCommonConfig(commonConfig)
    70. 

  70. 			if err := common.Initialize(config.GetCommonConfig()); err != nil {
    71. 

  71. 				logger.Error(logSender, connectionID, "%v", err)
    72. 

  72. 				os.Exit(1)
    73. 

  73. 			}
    74. 

  74. 			kmsConfig := config.GetKMSConfig()
    75. 

  75. 			if err := kmsConfig.Initialize(); err != nil {
    76. 

  76. 				logger.Error(logSender, connectionID, "unable to initialize KMS: %v", err)
    77. 

  77. 				os.Exit(1)
    78. 

  78. 			}
    79. 

  79. 			mfaConfig := config.GetMFAConfig()
    80. 

  80. 			err = mfaConfig.Initialize()
    81. 

  81. 			if err != nil {
    82. 

  82. 				logger.Error(logSender, "", "unable to initialize MFA: %v", err)
    83. 

  83. 				os.Exit(1)
    84. 

  84. 			}
    85. 

  85. 			if err := plugin.Initialize(config.GetPluginsConfig(), logVerbose); err != nil {
    86. 

  86. 				logger.Error(logSender, connectionID, "unable to initialize plugin system: %v", err)
    87. 

  87. 				os.Exit(1)
    88. 

  88. 			}
    89. 

  89. 			smtpConfig := config.GetSMTPConfig()
    90. 

  90. 			err = smtpConfig.Initialize(configDir)
    91. 

  91. 			if err != nil {
    92. 

  92. 				logger.Error(logSender, connectionID, "unable to initialize SMTP configuration: %v", err)
    93. 

  93. 				os.Exit(1)
    94. 

  94. 			}
    95. 

  95. 			dataProviderConf := config.GetProviderConf()
    96. 

  96. 			if dataProviderConf.Driver == dataprovider.SQLiteDataProviderName || dataProviderConf.Driver == dataprovider.BoltDataProviderName {
    97. 

  97. 				logger.Debug(logSender, connectionID, "data provider %#v not supported in subsystem mode, using %#v provider",
    98. 

  98. 					dataProviderConf.Driver, dataprovider.MemoryDataProviderName)
    99. 

  99. 				dataProviderConf.Driver = dataprovider.MemoryDataProviderName
    100. 

  100. 				dataProviderConf.Name = ""
    101. 

  101. 				dataProviderConf.PreferDatabaseCredentials = true
    102. 

  102. 			}
    103. 

  103. 			config.SetProviderConf(dataProviderConf)
    104. 

  104. 			err = dataprovider.Initialize(dataProviderConf, configDir, false)
    105. 

  105. 			if err != nil {
    106. 

  106. 				logger.Error(logSender, connectionID, "unable to initialize the data provider: %v", err)
    107. 

  107. 				os.Exit(1)
    108. 

  108. 			}
    109. 

  109. 			httpConfig := config.GetHTTPConfig()
    110. 

  110. 			if err := httpConfig.Initialize(configDir); err != nil {
    111. 

  111. 				logger.Error(logSender, connectionID, "unable to initialize http client: %v", err)
    112. 

  112. 				os.Exit(1)
    113. 

  113. 			}
    114. 

  114. 			user, err := dataprovider.UserExists(username)
    115. 

  115. 			if err == nil {
    116. 

  116. 				if user.HomeDir != filepath.Clean(homedir) && !preserveHomeDir {
    117. 

  117. 					// update the user
    118. 

  118. 					user.HomeDir = filepath.Clean(homedir)
    119. 

  119. 					err = dataprovider.UpdateUser(&user)
    120. 

  120. 					if err != nil {
    121. 

  121. 						logger.Error(logSender, connectionID, "unable to update user %#v: %v", username, err)
    122. 

  122. 						os.Exit(1)
    123. 

  123. 					}
    124. 

  124. 				}
    125. 

  125. 			} else {
    126. 

  126. 				user.Username = username
    127. 

  127. 				if baseHomeDir != "" && filepath.IsAbs(baseHomeDir) {
    128. 

  128. 					user.HomeDir = filepath.Join(baseHomeDir, username)
    129. 

  129. 				} else {
    130. 

  130. 					user.HomeDir = filepath.Clean(homedir)
    131. 

  131. 				}
    132. 

  132. 				logger.Debug(logSender, connectionID, "home dir for new user %#v", user.HomeDir)
    133. 

  133. 				user.Password = connectionID
    134. 

  134. 				user.Permissions = make(map[string][]string)
    135. 

  135. 				user.Permissions["/"] = []string{dataprovider.PermAny}
    136. 

  136. 				err = dataprovider.AddUser(&user)
    137. 

  137. 				if err != nil {
    138. 

  138. 					logger.Error(logSender, connectionID, "unable to add user %#v: %v", username, err)
    139. 

  139. 					os.Exit(1)
    140. 

  140. 				}
    141. 

  141. 			}
    142. 

  142. 			err = sftpd.ServeSubSystemConnection(&user, connectionID, os.Stdin, os.Stdout)
    143. 

  143. 			if err != nil && err != io.EOF {
    144. 

  144. 				logger.Warn(logSender, connectionID, "serving subsystem finished with error: %v", err)
    145. 

  145. 				os.Exit(1)
    146. 

  146. 			}
    147. 

  147. 			logger.Info(logSender, connectionID, "serving subsystem finished")
    148. 

  148. 			plugin.Handler.Cleanup()
    149. 

  149. 			os.Exit(0)
    150. 

  150. 		},
    151. 

  151. 	}
    152. 

  152. )
    153. 

  153. 

  154. func init() {
    155. 

  155. 	subsystemCmd.Flags().BoolVarP(&preserveHomeDir, "preserve-home", "p", false, `If the user already exists, the existing home
    156. 

  156. directory will not be changed`)
    157. 

  157. 	subsystemCmd.Flags().StringVarP(&baseHomeDir, "base-home-dir", "d", "", `If the user does not exist specify an alternate
    158. 

  158. starting directory. The home directory for a new
    159. 

  159. user will be:
    160. 

  160. 

  161. [base-home-dir]/[username]
    162. 

  162. 

  163. base-home-dir must be an absolute path.`)
    164. 

  164. 	subsystemCmd.Flags().BoolVarP(&logJournalD, "log-to-journald", "j", false, `Send logs to journald. Only available on Linux.
    165. 

  165. Use:
    166. 

  166. 

  167. $ journalctl -o verbose -f
    168. 

  168. 

  169. To see full logs.
    170. 

  170. If not set, the logs will be sent to the standard
    171. 

  171. error`)
    172. 

  172. 

  173. 	addConfigFlags(subsystemCmd)
    174. 

  174. 

  175. 	viper.SetDefault(logVerboseKey, defaultLogVerbose)
    176. 

  176. 	viper.BindEnv(logVerboseKey, "SFTPGO_LOG_VERBOSE") //nolint:errcheck
    177. 

  177. 	subsystemCmd.Flags().BoolVarP(&logVerbose, logVerboseFlag, "v", viper.GetBool(logVerboseKey),
    178. 

  178. 		`Enable verbose logs. This flag can be set
    179. 

  179. using SFTPGO_LOG_VERBOSE env var too.
    180. 

  180. `)
    181. 

  181. 	viper.BindPFlag(logVerboseKey, subsystemCmd.Flags().Lookup(logVerboseFlag)) //nolint:errcheck
    182. 

  182. 

  183. 	rootCmd.AddCommand(subsystemCmd)
    184. 

  184. }
    185.