Merge branch 'master' into punani_files

21 files changed, 318 insertions, 0 deletions

diff --git a/Reaktor/IRC/README.md b/Reaktor/IRC/README.md
new file mode 100644
index 00000000..63a0ebd2
--- /dev/null
+++ b/Reaktor/IRC/README.md
@@ -0,0 +1,49 @@
+# //Reaktor/IRC
+
+This component implements a remote shell daemon that exposes the
+executable files (which may be symlinks) below
+`//Reaktor/public_commands/` through IRC.
+
+## Security
+
+Access to the IRC server implies full access to all the exposed executable
+files.  The daemon is executing the commands without dropping privileges.
+
+## Quickstart
+
+    #? /bin/sh
+    set -euf
+
+    export nick="$LOGNAME|$HOSTNAME"
+    export host=irc.freenode.org
+    export target='#tincspasm'
+
+    exec Reaktor/IRC/index
+
+## Environment variables
+
+The following environment variables are processed by `//Reaktor/IRC`:
+
+### nick
+
+Use a specific nickname.
+
+Optional if the node running `//Reaktor/IRC` is part of Retiolum, in
+which case it defaults to `Name` in `/etc/tinc/retiolum/tinc.conf`.
+
+### host and port
+
+Connect to a specific IRC server.
+
+Optional if the node running `//Reaktor/IRC` is part of Retiolum, in
+which case it defaults to `supernode` and `6667` (well, it always
+defaults to these two, but they only make science in Retiolum^_^).
+
+### target
+
+Join a specific channel.
+
+As always, this does the right thing for properly configured hosts: it
+uses the default `#retiolum`, which is the only really relevant
+channel.^_^
+
diff --git a/Reaktor/IRC/bot.py b/Reaktor/IRC/bot.py
new file mode 100755
index 00000000..af974f4e
--- /dev/null
+++ b/Reaktor/IRC/bot.py
@@ -0,0 +1,34 @@
+#! /usr/bin/env python2
+
+from irclib import IRC, ServerConnectionError, is_channel
+from sys import exit
+from os import environ as env
+
+host = str(env.get('host', 'irc.freenode.org'))
+port = int(env.get('port', 6667))
+nick = str(env.get('nick', 'crabspasm'))
+channel = str(env.get('channel', '#tincspasm'))
+print '====> irc://%s@%s:%s/%s' % (nick, host, port, channel)
+
+irc = IRC()
+try:
+  client = irc.server().connect(host, port, nick)
+except ServerConnectionError, error:
+  print error
+  exit
+
+def on_connect(connection, event):
+  connection.join(channel)
+  print 'Es passiert...'
+
+def on_join(connection, event):
+  connection.privmsg(channel, 'lol')
+
+def on_disconnect(connection, event):
+  exit
+
+client.add_global_handler('welcome', on_connect)
+client.add_global_handler('join', on_join)
+client.add_global_handler('disconnect', on_disconnect)
+
+irc.process_forever()
diff --git a/Reaktor/IRC/bot2.py b/Reaktor/IRC/bot2.py
new file mode 100755
index 00000000..326dd8f5
--- /dev/null
+++ b/Reaktor/IRC/bot2.py
@@ -0,0 +1,130 @@
+#! /usr/bin/env python
+#
+# //Reaktor/IRC/bot2.py
+#
+
+from __future__ import print_function
+from irclib import SimpleIRCClient, ServerConnectionError, is_channel
+from sys import exit
+from os import environ as env
+import re
+
+class IRCBot(SimpleIRCClient):
+  def __init__(self, target):
+    SimpleIRCClient.__init__(self)
+    self.target = target
+
+  def on_pubmsg(self, connection, event):
+
+    def PRIVMSG(target, text):
+      self.connection.privmsg(target, text)
+
+    def ME(target, text):
+      PRIVMSG(target, '
ACTION ' + text + '
')
+
+    def is_executable(x):
+      import os
+      return os.path.exists(x) and os.access(x, os.X_OK)
+
+    _nickname = connection.get_nickname()
+    _source = event.source()
+    _from = _source.split('!', 1)[0]
+    _target = event.target()
+
+    try:
+      _, _handle, _command, _argument, _ = re.split(
+          '^(\w+|\*):\s*(\w+)(?:\s+(.*))?$', event.arguments()[0])
+    except ValueError, error:
+      if re.search(_nickname, event.arguments()[0]):
+        PRIVMSG(self.target, 'I\'m so famous')
+      return # ignore
+
+    if _handle == _nickname or _handle == '*':
+
+      from os.path import realpath, dirname, join
+      from subprocess import Popen as popen, PIPE
+
+      Reaktor_dir = dirname(realpath(dirname(__file__)))
+      public_commands = join(Reaktor_dir, 'public_commands')
+      command = join(public_commands, _command)
+
+      if is_executable(command):
+
+        env = {}
+        if _argument != None:
+          env['argument'] = _argument
+
+        try:
+          p = popen([command], stdin=PIPE, stdout=PIPE, stderr=PIPE, env=env)
+        except OSError, error:
+          ME(self.target, 'is made of stupid')
+          print('OSError@%s: %s' % (command, error))
+          return
+
+        stdout, stderr = [ x[:len(x)-1] for x in
+            [ x.split('\n') for x in p.communicate()]]
+        code = p.returncode
+        pid = p.pid
+
+        print('command: %s -> %s' % (command, code))
+        [print('%s stdout: %s' % (pid, x)) for x in stdout]
+        [print('%s stderr: %s' % (pid, x)) for x in stderr]
+
+        if code == 0:
+          [PRIVMSG(self.target, x) for x in stdout]
+          [PRIVMSG(_source, x) for x in stderr]
+        else:
+          ME(self.target, 'mimimi')
+
+      else:
+        if _handle != '*':
+          PRIVMSG(self.target, _from + ': you are made of stupid')
+
+  def on_welcome(self, connection, event):
+    print('I\'m welcome! :D joining to %s now...' % (self.target))
+    if is_channel(self.target):
+      connection.join(self.target)
+    else:
+      self.connection.privmsg(self.target, 'lol')
+      self.connection.quit('Pong timeout: 423 seconds')
+
+  def on_join(self, connection, event):
+    print('Es passiert in %s' % (self.target))
+
+  def on_disconnect(self, connection, event):
+    # TODO reconnect
+    exit(0)
+
+# retrieve the value of a [singleton] variable from a tinc.conf(5)-like file
+def getconf1(x, path):
+  from re import findall
+  pattern = '(?:^|\n)\s*' + x + '\s*=\s*(.*\w)\s*(?:\n|$)'
+  y = findall(pattern, open(path, 'r').read())
+  if len(y) < 1:
+    raise AttributeError("len(getconf1('%s', '%s') < 1)" % (x, path))
+  if len(y) > 1:
+    y = ' '.join(y)
+    raise AttributeError("len(getconf1('%s', '%s') > 1)\n  ====>  %s"
+        % (x, path, y))
+  return y[0]
+
+def main():
+  name = getconf1('Name', '/etc/tinc/retiolum/tinc.conf')
+  nick = str(env.get('nick', name))
+  host = str(env.get('host', 'supernode'))
+  port = int(env.get('port', 6667))
+  target = str(env.get('target', '#retiolum'))
+  print('====> irc://%s@%s:%s/%s' % (nick, host, port, target))
+
+  client = IRCBot(target)
+  try:
+    from getpass import getuser
+    client.connect(host, port, nick, username=getuser(),
+        ircname='//Reaktor running at %s.retiolum' % (name))
+  except ServerConnectionError, error:
+    print(error)
+    exit(1)
+  client.start()
+
+if __name__ == "__main__":
+  main()
diff --git a/Reaktor/IRC/content b/Reaktor/IRC/content
new file mode 100644
index 00000000..e0292376
--- /dev/null
+++ b/Reaktor/IRC/content
@@ -0,0 +1 @@
+python-irclib-0.4.6/ircbot.py
diff --git a/Reaktor/IRC/index b/Reaktor/IRC/index
new file mode 100755
index 00000000..68b6cf33
--- /dev/null
+++ b/Reaktor/IRC/index
@@ -0,0 +1,9 @@
+#! /bin/sh
+set -xeuf
+
+# cd //Reaktor
+cd $(dirname $(readlink -f $0))/..
+
+IRC/install
+
+exec python IRC/bot2.py "$@"
diff --git a/Reaktor/IRC/install b/Reaktor/IRC/install
new file mode 100755
index 00000000..d5f7a8c1
--- /dev/null
+++ b/Reaktor/IRC/install
@@ -0,0 +1,28 @@
+#! /bin/sh
+set -xeuf
+
+# cd //Reaktor/IRC
+cd $(dirname $(readlink -f $0))
+
+# install irclib.py
+{
+  PV=0.4.6
+  PN=python-irclib
+  P=$PN-$PV
+  tarball=$P.tar.gz
+  URL=http://downloads.sourceforge.net/$PN/$tarball
+  SHA1SUM=c6271e44293ed51c21af0f44ce106667d3006e6f
+
+  file=irclib.py
+
+  if ! echo "$SHA1SUM  $file" | sha1sum -c; then
+    temp=`mktemp`
+    trap "rm -f $temp" EXIT INT
+
+    echo $P/$file > $temp
+    curl -LfsS $URL | tar --strip-components=1 -zxT $temp
+  fi
+  echo "$SHA1SUM  $file" | sha1sum -c
+}
+
+
diff --git a/Reaktor/README.md b/Reaktor/README.md
new file mode 100644
index 00000000..05af8ef5
--- /dev/null
+++ b/Reaktor/README.md
@@ -0,0 +1,29 @@
+# //Reaktor
+
+## Quickstart
+
+    ## 1. prepare Reaktor
+    //Reaktor/install
+
+    ## 2. create a dedicated user
+    useradd Reaktor
+
+    ## 3. marry Reaktor with /sbin/init
+
+    ## 3a. /etc/inittab-like foo
+    echo 10:2345:respawn:/bin/su Reaktor -c /krebs/Reaktor/index >>/etc/inittab
+    # or 10:2345:respawn:/usr/bin/sudo -u Reaktor /krebs/Reaktor/index
+    # if Reaktor's shell is /bin/false or similar
+    # [check with e.g getent passwd Reaktor]
+    telinit q
+
+    ## 3b. upstart-like foo
+
+    cat > /etc/init/Reaktor.conf <<EOF
+    description "Krebs Reaktor"
+    author      "The Ministerium"
+    stop on runlevel [016]
+    respawn
+    exec /usr/bin/sudo -u Reaktor /krebs/Reaktor/index
+    EOF
+    start Reaktor
diff --git a/Reaktor/commands/caps b/Reaktor/commands/caps
new file mode 100755
index 00000000..bc3d7ba2
--- /dev/null
+++ b/Reaktor/commands/caps
@@ -0,0 +1,4 @@
+#! /bin/sh
+set -euf
+cd public_commands
+echo `ls`
diff --git a/Reaktor/commands/hello b/Reaktor/commands/hello
new file mode 100755
index 00000000..df3b6bb9
--- /dev/null
+++ b/Reaktor/commands/hello
@@ -0,0 +1,2 @@
+#! /bin/sh
+echo "Hello${argument+, $argument}!"
diff --git a/Reaktor/commands/reload b/Reaktor/commands/reload
new file mode 100755
index 00000000..2b78b178
--- /dev/null
+++ b/Reaktor/commands/reload
@@ -0,0 +1,2 @@
+#! /bin/sh
+exec pkill -U Reaktor
diff --git a/Reaktor/commands/retard b/Reaktor/commands/retard
new file mode 100755
index 00000000..c59b4d1c
--- /dev/null
+++ b/Reaktor/commands/retard
@@ -0,0 +1 @@
+#? //retard
diff --git a/Reaktor/commands/rev b/Reaktor/commands/rev
new file mode 100755
index 00000000..a8681ab9
--- /dev/null
+++ b/Reaktor/commands/rev
@@ -0,0 +1,2 @@
+#! /bin/sh
+git log -1 --format="%h by %an, %ar"
diff --git a/Reaktor/commands/uptime b/Reaktor/commands/uptime
new file mode 100755
index 00000000..7ff64168
--- /dev/null
+++ b/Reaktor/commands/uptime
@@ -0,0 +1,8 @@
+#! /bin/sh
+#
+# //Reactor/commands/uptime - IRC-optimized uptime output
+#
+uptime | sed '
+  s/^\(.*\) up \(.*\) days\?, *\(.*\), *\(.*\) users\?, *load average: \(.*\)$/\1; \2d \3; \4u; \5/;t
+  s/^\(.*\) up  *\(.*\), *\(.*\) users\?, *load average: \(.*\)$/\1; 0d \2; \3u; \4/;t
+'
diff --git a/Reaktor/index b/Reaktor/index
new file mode 100755
index 00000000..ac647ca3
--- /dev/null
+++ b/Reaktor/index
@@ -0,0 +1,7 @@
+#! /bin/sh
+set -euf
+
+# cd //Reaktor
+cd $(dirname $(readlink -f $0))
+
+exec IRC/index
diff --git a/Reaktor/install b/Reaktor/install
new file mode 100755
index 00000000..761bc437
--- /dev/null
+++ b/Reaktor/install
@@ -0,0 +1,6 @@
+#! /bin/sh
+set -euf
+
+cd $(dirname $(readlink -f $0))
+
+exec IRC/install
diff --git a/Reaktor/public_commands/caps b/Reaktor/public_commands/caps
new file mode 120000
index 00000000..43c0a342
--- /dev/null
+++ b/Reaktor/public_commands/caps
@@ -0,0 +1 @@
+../commands/caps
\ No newline at end of file
diff --git a/Reaktor/public_commands/hello b/Reaktor/public_commands/hello
new file mode 120000
index 00000000..4509249b
--- /dev/null
+++ b/Reaktor/public_commands/hello
@@ -0,0 +1 @@
+../commands/hello
\ No newline at end of file
diff --git a/Reaktor/public_commands/reload b/Reaktor/public_commands/reload
new file mode 120000
index 00000000..9a337850
--- /dev/null
+++ b/Reaktor/public_commands/reload
@@ -0,0 +1 @@
+../commands/reload
\ No newline at end of file
diff --git a/Reaktor/public_commands/retard b/Reaktor/public_commands/retard
new file mode 120000
index 00000000..29ae4b01
--- /dev/null
+++ b/Reaktor/public_commands/retard
@@ -0,0 +1 @@
+../commands/retard
\ No newline at end of file
diff --git a/Reaktor/public_commands/rev b/Reaktor/public_commands/rev
new file mode 120000
index 00000000..f5433412
--- /dev/null
+++ b/Reaktor/public_commands/rev
@@ -0,0 +1 @@
+../commands/rev
\ No newline at end of file
diff --git a/Reaktor/public_commands/uptime b/Reaktor/public_commands/uptime
new file mode 120000
index 00000000..ffe5fbd7
--- /dev/null
+++ b/Reaktor/public_commands/uptime
@@ -0,0 +1 @@
+../commands/uptime
\ No newline at end of file