init host_service

host_service/.gitignore

@@ -0,0 +1,5 @@
+.idea
+utils/smb*
+
+host_service
+host_service_x86

host_service/go.mod

@@ -0,0 +1,3 @@
+module host_service
+
+go 1.22.2

host_service/main.go

@@ -0,0 +1,347 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"host_service/utils"
+	"io"
+	"log"
+	"net"
+	"os"
+	"os/exec"
+	"strings"
+)
+
+const SOCKET_PATH = "/var/run/usermgmt.sock"
+
+type Command struct {
+	Action string                 `json:"action"`
+	Params map[string]interface{} `json:"params"`
+}
+
+type Response struct {
+	Success bool        `json:"success"`
+	Data    interface{} `json:"data"`
+	Error   string      `json:"error,omitempty"`
+}
+
+func main() {
+	// Ensure socket file does not exist
+	if err := exec.Command("rm", "-f", SOCKET_PATH).Run(); err != nil {
+		log.Fatal(err)
+	}
+
+	listener, err := net.Listen("unix", SOCKET_PATH)
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer listener.Close()
+
+	// Change socket permissions to allow Docker container access
+	if err := exec.Command("chmod", "777", SOCKET_PATH).Run(); err != nil {
+		log.Fatal(err)
+	}
+
+	log.Printf("Listening on %s", SOCKET_PATH)
+
+	for {
+		conn, err := listener.Accept()
+		if err != nil {
+			log.Printf("Accept error: %v", err)
+			continue
+		}
+		go handleConnection(conn)
+	}
+}
+
+func execCommand(name string, args ...string) error {
+	cmd := exec.Command(name, args...)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	return cmd.Run()
+}
+
+func checkGroupExists(group string) bool {
+	err := exec.Command("getent", "group", group).Run()
+	return err == nil
+}
+
+func handleConnection(conn net.Conn) {
+	defer conn.Close()
+
+	decoder := json.NewDecoder(conn)
+	encoder := json.NewEncoder(conn)
+
+	var cmd Command
+	if err := decoder.Decode(&cmd); err != nil {
+		encoder.Encode(Response{Success: false, Error: err.Error()})
+		return
+	}
+
+	var result Response
+	switch cmd.Action {
+	case "get_users":
+		output, err := exec.Command("bash", "-c", "getent passwd | awk -F: '$3 >= 1000 && $7 !~ /(false)/ {print $0}'").CombinedOutput()
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+		} else {
+			result = Response{Success: true, Data: string(output)}
+		}
+
+	case "create_user":
+		username := cmd.Params["username"].(string)
+		password := cmd.Params["password"].(string)
+		group := cmd.Params["group"].(string)
+		shell := cmd.Params["shell"].(string)
+		isAdmin := cmd.Params["is_admin"].(bool)
+
+		err := createUser(username, password, group, shell, isAdmin)
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+		} else {
+			result = Response{Success: true}
+		}
+
+	case "modify_user_passwd":
+		username := cmd.Params["username"].(string)
+		password := cmd.Params["password"].(string)
+		result = modifyUserPassword(username, password)
+
+	case "delete_user":
+		username := cmd.Params["username"].(string)
+		output, err := exec.Command("sudo", "deluser", username).CombinedOutput()
+		if err != nil {
+			result = Response{Success: false, Data: fmt.Sprintf("error delete user: %s", err)}
+		} else {
+			result = Response{Success: true, Data: string(output)}
+		}
+
+	case "get_samba_status":
+		output, err := exec.Command("smbstatus", "-f").CombinedOutput()
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+		} else {
+			result = Response{Success: true, Data: string(output)}
+		}
+
+	case "get_groups":
+		output, err := exec.Command("bash", "-c", "getent group | awk -F: '$3 >= 1000 {print $1}'").CombinedOutput()
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+		} else {
+			result = Response{Success: true, Data: strings.TrimSpace(string(output))}
+		}
+
+	case "get_user_groups":
+		username := cmd.Params["username"].(string)
+
+		// Get all groups for the user
+		groupOutput, err := exec.Command("groups", username).CombinedOutput()
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+			break
+		}
+
+		// Get group details with GIDs
+		allGroupsOutput, err := exec.Command("bash", "-c", "getent group | awk -F: '$3 >= 1000 {print $1}'").CombinedOutput()
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+			break
+		}
+
+		// Extract user groups and filter against user-created groups
+		userGroups := strings.Fields(string(groupOutput))[2:]
+		userCreatedGroups := strings.Split(strings.TrimSpace(string(allGroupsOutput)), "\n")
+
+		// Filter user groups to include only those in user-created groups
+		var filteredGroups []string
+		for _, group := range userGroups {
+			for _, userGroup := range userCreatedGroups {
+				if group == userGroup {
+					filteredGroups = append(filteredGroups, group)
+					break
+				}
+			}
+		}
+
+		result = Response{Success: true, Data: filteredGroups}
+
+	case "add_user_to_group":
+		username := cmd.Params["username"].(string)
+		group := cmd.Params["group"].(string)
+		err := addUserToGroup(username, group)
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+		} else {
+			result = Response{Success: true}
+		}
+
+	case "remove_user_from_group":
+		username := cmd.Params["username"].(string)
+		group := cmd.Params["group"].(string)
+		err := removeUserFromGroup(username, group)
+		if err != nil {
+			result = Response{Success: false, Error: err.Error()}
+		} else {
+			result = Response{Success: true}
+		}
+
+	case "get_samba_settings":
+		result = getSambaSettings()
+
+	case "update_section_setting":
+		jsonConfig, ok := cmd.Params["config"].(string)
+		if !ok {
+			result = Response{Success: false, Error: "Invalid or missing config parameter"}
+			break
+		}
+		result = updateSectionSetting(jsonConfig)
+
+	case "get_samba_service_info":
+		result = getSambaServiceInfo()
+
+	case "restart_samba_service":
+		result = restartSambaService()
+
+	}
+	encoder.Encode(result)
+}
+
+func modifyUserPassword(username string, password string) Response {
+	cmd := exec.Command("sudo", "chpasswd")
+	cmd.Stdin = strings.NewReader(fmt.Sprintf("%s:%s", username, password))
+
+	cmd = exec.Command("sudo", "smbpasswd", "-a", username)
+
+	// Create a pipe to handle multiple password inputs
+	r, w := io.Pipe()
+	cmd.Stdin = r
+
+	// Write passwords to pipe
+	go func() {
+		defer w.Close()
+		w.Write([]byte(fmt.Sprintf("%s\n%s\n", password, password)))
+	}()
+
+	if err := cmd.Run(); err != nil {
+		return Response{Success: false, Data: fmt.Sprintf("error changing password: %s", err)}
+	}
+
+	if err := cmd.Run(); err != nil {
+		return Response{Success: false, Data: fmt.Sprintf("error changing password: %s", err)}
+	}
+	return Response{Success: true, Data: "Change password success"}
+}
+
+func createUser(username, password, group string, shell string, isAdmin bool) error {
+	if group == "" {
+		group = "sambashare"
+	}
+
+	if err := execCommand("sudo", "useradd", "-M", "-s", shell, "-g", group, username); err != nil {
+		return fmt.Errorf("error creating user: %w", err)
+	}
+
+	cmd := exec.Command("sudo", "chpasswd")
+	cmd.Stdin = strings.NewReader(fmt.Sprintf("%s:%s", username, password))
+	if err := cmd.Run(); err != nil {
+		return fmt.Errorf("error setting user password: %w", err)
+	}
+
+	if checkGroupExists(group) {
+		if err := execCommand("sudo", "usermod", "-aG", group, username); err != nil {
+			return fmt.Errorf("error adding user to group: %w", err)
+		}
+	} else {
+		fmt.Printf("Warning: Group '%s' does not exist.\n", group)
+	}
+
+	if err := execCommand("sudo", "usermod", "-L", username); err != nil {
+		return fmt.Errorf("error locking user account: %w", err)
+	}
+
+	if err := execCommand("sudo", "usermod", "-s", shell, username); err != nil {
+		return fmt.Errorf("error setting shell: %w", err)
+	}
+
+	// Add user to Samba
+	smbCmd := exec.Command("sudo", "smbpasswd", "-a", username)
+	smbCmd.Stdin = strings.NewReader(fmt.Sprintf("%s\n%s\n", password, password))
+	if err := smbCmd.Run(); err != nil {
+		return fmt.Errorf("error adding user to Samba: %w", err)
+	}
+
+	fmt.Printf("User '%s' created successfully and configured for Samba access.\n", username)
+	return nil
+}
+
+func addUserToGroup(username, group string) error {
+	// Use gpasswd to add the user to the group
+	cmd := exec.Command("sudo", "gpasswd", "-a", username, group)
+	if err := cmd.Run(); err != nil {
+		return fmt.Errorf("error adding user to group: %w", err)
+	}
+	fmt.Printf("User '%s' added to group '%s'.\n", username, group)
+	return nil
+}
+
+func removeUserFromGroup(username, group string) error {
+	// Use gpasswd to remove the user from the group
+	cmd := exec.Command("sudo", "gpasswd", "-d", username, group)
+	if err := cmd.Run(); err != nil {
+		return fmt.Errorf("error removing user from group: %w", err)
+	}
+	fmt.Printf("User '%s' removed from group '%s'.\n", username, group)
+	return nil
+}
+
+func getSambaSettings() Response {
+	config, err := utils.NewSambaConfig("/etc/samba/smb.conf")
+	if err != nil {
+		return Response{Success: false, Error: fmt.Sprintf("Error creating config: %v", err)}
+	}
+
+	if err := config.LoadConfig(); err != nil {
+		return Response{Success: false, Error: fmt.Sprintf("Error loading config: %v", err)}
+	}
+
+	jsonData, err := json.Marshal(config)
+	if err != nil {
+		return Response{Success: false, Error: fmt.Sprintf("Error converting to JSON: %v", err)}
+	}
+
+	return Response{Success: true, Data: string(jsonData)}
+}
+
+func updateSectionSetting(jsonConfig string) Response {
+	config, err := utils.NewSambaConfig("/etc/samba/smb.conf")
+	if err != nil {
+		return Response{Success: false, Error: fmt.Sprintf("Error creating config: %v", err)}
+	}
+
+	if err := config.SaveConfig(jsonConfig); err != nil {
+		return Response{Success: false, Error: fmt.Sprintf("Error saving config: %v", err)}
+	}
+
+	return Response{Success: true, Data: "Configuration updated successfully"}
+}
+
+func getSambaServiceInfo() Response {
+	// service smbd restart
+	output, err := exec.Command("sudo", "smbstatus", "-j").CombinedOutput()
+	if err != nil {
+		return Response{Success: false, Data: fmt.Errorf("error to get samba status infomation: %w", err)}
+	}
+	fmt.Println("Success getting smb status")
+	return Response{Success: true, Data: string(output)}
+}
+
+func restartSambaService() Response {
+	// service smbd restart
+	cmd := exec.Command("sudo", "service", "smbd", "restart")
+	if err := cmd.Run(); err != nil {
+		return Response{Success: false, Data: fmt.Errorf("error to restart smbd service: %w", err)}
+	}
+	fmt.Println("Success restart samba service")
+	return Response{Success: true, Data: "Success restart samba service"}
+}

host_service/utils/config_tools.go

@@ -0,0 +1,299 @@
+package utils
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+)
+
+// Custom errors
+type ConfigError struct {
+	Op  string
+	Err error
+}
+
+func (e *ConfigError) Error() string {
+	return fmt.Sprintf("%s: %v", e.Op, e.Err)
+}
+
+// Section represents a configuration section
+type Section struct {
+	Name     string            `json:"name"`
+	Settings map[string]string `json:"settings"`
+}
+
+// SambaConfig represents the main configuration manager class
+type SambaConfig struct {
+	filepath string
+	Global   Section            `json:"global"`
+	Sections map[string]Section `json:"sections"`
+}
+
+// validateFilePath checks if the file path is valid and accessible
+func validateFilePath(path string) error {
+	if path == "" {
+		return fmt.Errorf("file path cannot be empty")
+	}
+
+	absPath, err := filepath.Abs(path)
+	if err != nil {
+		return fmt.Errorf("invalid path: %v", err)
+	}
+
+	dir := filepath.Dir(absPath)
+	if _, err := os.Stat(dir); os.IsNotExist(err) {
+		return fmt.Errorf("directory does not exist: %s", dir)
+	}
+
+	return nil
+}
+
+// NewSambaConfig creates a new instance of SambaConfig
+func NewSambaConfig(filepath string) (*SambaConfig, error) {
+	if err := validateFilePath(filepath); err != nil {
+		return nil, &ConfigError{Op: "new_config", Err: err}
+	}
+
+	return &SambaConfig{
+		filepath: filepath,
+		Global: Section{
+			Name:     "global",
+			Settings: make(map[string]string),
+		},
+		Sections: make(map[string]Section),
+	}, nil
+}
+
+// createBackup creates a timestamped backup of the existing config file
+func (sc *SambaConfig) createBackup() error {
+	// Check if original file exists
+	if _, err := os.Stat(sc.filepath); os.IsNotExist(err) {
+		return nil // No need to backup if file doesn't exist
+	}
+
+	// Create timestamp for backup file
+	timestamp := time.Now().Format("20060102_150405")
+	backupPath := fmt.Sprintf("%s.%s.bak", sc.filepath, timestamp)
+
+	source, err := os.Open(sc.filepath)
+	if err != nil {
+		return &ConfigError{Op: "backup_open", Err: err}
+	}
+	defer source.Close()
+
+	destination, err := os.Create(backupPath)
+	if err != nil {
+		return &ConfigError{Op: "backup_create", Err: err}
+	}
+	defer destination.Close()
+
+	if _, err := destination.ReadFrom(source); err != nil {
+		return &ConfigError{Op: "backup_copy", Err: err}
+	}
+
+	return nil
+}
+
+// LoadConfig reads and parses the configuration file
+func (sc *SambaConfig) LoadConfig() error {
+	if _, err := os.Stat(sc.filepath); os.IsNotExist(err) {
+		return &ConfigError{Op: "load_config", Err: fmt.Errorf("file does not exist: %s", sc.filepath)}
+	}
+
+	file, err := os.OpenFile(sc.filepath, os.O_RDONLY, 0644)
+	if err != nil {
+		return &ConfigError{Op: "load_config", Err: err}
+	}
+	defer file.Close()
+
+	scanner := bufio.NewScanner(file)
+	var currentSection Section
+	currentSection = sc.Global
+
+	const maxCapacity = 512 * 1024
+	buf := make([]byte, maxCapacity)
+	scanner.Buffer(buf, maxCapacity)
+
+	for scanner.Scan() {
+		line := strings.TrimSpace(scanner.Text())
+
+		if line == "" || strings.HasPrefix(line, "#") || strings.HasPrefix(line, ";") {
+			continue
+		}
+
+		if strings.HasPrefix(line, "[") && strings.HasSuffix(line, "]") {
+			sectionName := line[1 : len(line)-1]
+			if sectionName == "global" {
+				currentSection = sc.Global
+			} else {
+				currentSection = Section{
+					Name:     sectionName,
+					Settings: make(map[string]string),
+				}
+			}
+			continue
+		}
+
+		parts := strings.SplitN(line, "=", 2)
+		if len(parts) == 2 {
+			key := strings.TrimSpace(parts[0])
+			value := strings.TrimSpace(parts[1])
+			currentSection.Settings[key] = value
+
+			if currentSection.Name == "global" {
+				sc.Global = currentSection
+			} else {
+				sc.Sections[currentSection.Name] = currentSection
+			}
+		}
+	}
+
+	if err := scanner.Err(); err != nil {
+		return &ConfigError{Op: "load_config_scan", Err: err}
+	}
+
+	return nil
+}
+
+// SaveConfig updates the configuration from JSON string and saves to file
+// SaveConfig saves the Samba configuration after validating it
+func (sc *SambaConfig) SaveConfig(jsonConfig string) error {
+	// Parse JSON config
+	var newConfig SambaConfig
+	if err := json.Unmarshal([]byte(jsonConfig), &newConfig); err != nil {
+		return &ConfigError{Op: "parse_json", Err: err}
+	}
+
+	// Create backup with timestamp
+	if err := sc.createBackup(); err != nil {
+		return err
+	}
+
+	// Update current config with new values
+	sc.Global = newConfig.Global
+	sc.Sections = newConfig.Sections
+
+	// Create temporary file
+	tmpFile, err := os.CreateTemp(filepath.Dir(sc.filepath), "smb.conf.tmp")
+	if err != nil {
+		return &ConfigError{Op: "save_config_temp", Err: err}
+	}
+	tmpPath := tmpFile.Name()
+	defer os.Remove(tmpPath)
+
+	// Write to temporary file
+	if err := sc.writeConfig(tmpFile); err != nil {
+		tmpFile.Close()
+		return err
+	}
+	tmpFile.Close()
+
+	// Validate the configuration file using `testparm`
+	cmd := exec.Command("testparm", "-s", tmpPath)
+	var stderr bytes.Buffer
+	cmd.Stderr = &stderr
+
+	if err := cmd.Run(); err != nil {
+		return &ConfigError{
+			Op:  "validate_config",
+			Err: fmt.Errorf("validation failed: %s", stderr.String()),
+		}
+	}
+
+	// Rename temporary file to target file
+	if err := os.Rename(tmpPath, sc.filepath); err != nil {
+		return &ConfigError{Op: "save_config_rename", Err: err}
+	}
+
+	// Set permissions
+	if err := os.Chmod(sc.filepath, 0644); err != nil {
+		return &ConfigError{Op: "save_config_chmod", Err: err}
+	}
+
+	return nil
+}
+
+// writeConfig writes the configuration to the provided file
+func (sc *SambaConfig) writeConfig(file *os.File) error {
+	writer := bufio.NewWriter(file)
+
+	// Write global section
+	if _, err := writer.WriteString("[global]\n"); err != nil {
+		return &ConfigError{Op: "write_config", Err: err}
+	}
+
+	for key, value := range sc.Global.Settings {
+		if _, err := writer.WriteString(fmt.Sprintf("   %s = %s\n", key, value)); err != nil {
+			return &ConfigError{Op: "write_config", Err: err}
+		}
+	}
+	if _, err := writer.WriteString("\n"); err != nil {
+		return &ConfigError{Op: "write_config", Err: err}
+	}
+
+	// Write other sections
+	for _, section := range sc.Sections {
+		if _, err := writer.WriteString(fmt.Sprintf("[%s]\n", section.Name)); err != nil {
+			return &ConfigError{Op: "write_config", Err: err}
+		}
+
+		for key, value := range section.Settings {
+			if _, err := writer.WriteString(fmt.Sprintf("   %s = %s\n", key, value)); err != nil {
+				return &ConfigError{Op: "write_config", Err: err}
+			}
+		}
+		if _, err := writer.WriteString("\n"); err != nil {
+			return &ConfigError{Op: "write_config", Err: err}
+		}
+	}
+
+	return writer.Flush()
+}
+
+func main() {
+	// Example usage with JSON
+	config, err := NewSambaConfig("utils/smb.conf")
+	if err != nil {
+		fmt.Printf("Error creating config: %v\n", err)
+		return
+	}
+
+	// Load existing config
+	if err := config.LoadConfig(); err != nil {
+		fmt.Printf("Error loading config: %v\n", err)
+		return
+	}
+
+	// Example JSON configuration
+	jsonConfig := `{
+		"global": {
+			"name": "global",
+			"settings": {
+				"workgroup": "WORKGROUP",
+				"server string": "Samba Server"
+			}
+		},
+		"sections": {
+			"share1": {
+				"name": "share1",
+				"settings": {
+					"path": "/path/to/share1",
+					"valid users": "@users",
+					"writeable": "yes"
+				}
+			}
+		}
+	}`
+
+	// Update config with JSON
+	if err := config.SaveConfig(jsonConfig); err != nil {
+		fmt.Printf("Error saving config: %v\n", err)
+		return
+	}
+}