mars_nwe/mars-smart
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: mars_nwe:dd478fe88913ec239beb5c8d118f4e99472b6b2e
Branches Tags
mars_nwe:master
..
compare: mars_nwe:master
Branches Tags
mars_nwe:master

34 Commits
dd478fe889 ... master

Author SHA1 Message Date
Mario Fetka
9b49ae2903 add print test page v6 2026-05-22 15:16:45 +02:00
Mario Fetka
111f3cae77 add print test page v5 2026-05-22 15:08:18 +02:00
Mario Fetka
672a8c9fd9 add print test page v4 2026-05-22 15:02:58 +02:00
Mario Fetka
04275ca1a7 add print test page v3 2026-05-22 14:57:13 +02:00
Mario Fetka
1f2c12fc33 add print test page v2 2026-05-22 14:45:54 +02:00
Mario Fetka
5bb5ef98c5 add print test page 2026-05-22 14:37:21 +02:00
Mario Fetka
d967947ece Release Polish Step 2 2026-05-22 11:07:00 +02:00
Mario Fetka
8bc318baf2 Release Polish Step 1 / README + smart.conf 2026-05-22 11:02:43 +02:00
Mario Fetka
46a3d9f653 Native Helper Logging 2026-05-22 10:42:58 +02:00
Mario Fetka
56b70a6ffc nwwebui named log levels. 2026-05-22 10:28:17 +02:00
Mario Fetka
e8f1050246 add smart_userlist 2026-05-22 10:15:16 +02:00
Mario Fetka
a8560e6de5 Remove unreferenced screenshot 2026-05-22 10:08:26 +02:00
Mario Fetka
cc94aa326d add readme screnshots anon 2026-05-22 10:04:04 +02:00
Mario Fetka
ee40a44e9f add readme fix up 2026-05-22 09:59:21 +02:00
Mario Fetka
aad1f8062e add readme fix up 2026-05-22 09:58:38 +02:00
Mario Fetka
668982ea22 add readme 2026-05-22 09:40:14 +02:00
Mario Fetka
02b7984e17 add readme 2026-05-22 09:40:02 +02:00
Mario Fetka
2529e0e9dd Big collection 2 2026-05-22 09:07:47 +02:00
Mario Fetka
58a2e8da04 Big collection 2026-05-22 07:32:17 +02:00
Mario Fetka
6998f5990d Default to services 2026-05-21 23:31:22 +02:00
Mario Fetka
7549a2021e Login Logo big and copyright Fix 2026-05-21 23:27:13 +02:00
Mario Fetka
b5a8e88068 Login Logo big and copyright 2026-05-21 23:19:32 +02:00
Mario Fetka
ce43a20174 Login Logo Fix 2026-05-21 23:10:09 +02:00
Mario Fetka
ba8211e0da Logging stderr 2026-05-21 23:03:32 +02:00
Mario Fetka
efc90d8bfe Logging 2026-05-21 22:49:46 +02:00
Mario Fetka
c1483af0cb Apply Bindery no need to write config 2026-05-21 22:45:45 +02:00
Mario Fetka
23c36384c0 Web Logout 2026-05-21 22:29:29 +02:00
Mario Fetka
c7c746d264 Weblogin 2026-05-21 21:56:28 +02:00
Mario Fetka
4b56266392 Add back smart_userlist 2026-05-21 21:26:13 +02:00
Mario Fetka
6267ac3bf1 roleback 2026-05-21 21:12:44 +02:00
Mario Fetka
7ce22da3ea Userlist 2026-05-21 20:48:37 +02:00
Mario Fetka
544afcd296 Cups support language idependent 2026-05-21 19:12:55 +02:00
Mario Fetka
a2f4f8a789 Cups support 2026-05-21 18:58:59 +02:00
Mario Fetka
339aa49d6b Settings again rounded 2026-05-21 18:40:47 +02:00
52 changed files with 5597 additions and 425 deletions
Expand all files Collapse all files

22
CMakeLists.txt
View File

@@ -71,6 +71,7 @@ INCLUDE_DIRECTORIES(
add_executable(nwwebui nwwebui.c)
add_executable(check_login check_login.c)
add_executable(smart_userlist smart_userlist.c)
#################################
# Linking
@@ -86,6 +87,11 @@ target_link_libraries(check_login
${DL_LIBRARY}
)
target_link_libraries(smart_userlist
${PAM_LIBRARY}
${DL_LIBRARY}
)
#################################
# Install Files
##############
@@ -108,12 +114,28 @@ install(FILES static/favicon.ico DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}
install(FILES static/favicon-32x32.png DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/favicon-16x16.png DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/apple-touch-icon.png DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-start.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-service.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-general.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-dirs.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-configh.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-security.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-susers.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-volumes.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-devices.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-logging.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-smart.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-stations.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-users.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-groups.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
install(FILES static/icon-queues.svg DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR}/static)
if(WITH_SYSTEMD)
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/mars-nwe-webui.service DESTINATION ${SYSTEMD_SERVICES_INSTALL_DIR})
endif()
install(TARGETS check_login DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR})
install(TARGETS smart_userlist DESTINATION ${MARS_NWE_INSTALL_FULL_LIBEXECDIR})
install(TARGETS nwwebui DESTINATION ${CMAKE_INSTALL_SBINDIR})

452
README.md
View File

@@ -2,7 +2,46 @@
SMArT is the web-based configuration interface for **MARS_NWE**, a Novell NetWare 3.x emulator for Linux and FreeBSD.
In the current setup, this repository is no longer treated as a standalone component only. It is integrated into the main `mars_nwe` project as a **Git submodule** and is therefore included in the normal **mars_nwe release** process.
In the current setup, this repository is integrated into the main `mars_nwe` project as a **Git submodule**. It is built, installed, and released as part of the normal **MARS_NWE** release process rather than as a separate end-user component.
## Screenshots
The main menu is the normal entry point after login. It shows the available
configuration sections on the left and opens the selected explanation or editor
view on the right.
All screenshots in this section use anonymized example values for users,
hostnames, printer names and local mountpoints.
![SMArT main menu](doc/screenshots/main-menu.png)
Additional UI examples:
<table>
<tr>
<td width="50%"><a href="doc/screenshots/login.png"><img src="doc/screenshots/thumbs/login.png" alt="Login screen"></a><br><strong>Login</strong><br>PAM-based login with SMArT session cookies.</td>
<td width="50%"><a href="doc/screenshots/service-runtime.png"><img src="doc/screenshots/thumbs/service-runtime.png" alt="Runtime information"></a><br><strong>Runtime information</strong><br>Configured paths, service name and project link.</td>
</tr>
<tr>
<td width="50%"><a href="doc/screenshots/volumes-import.png"><img src="doc/screenshots/thumbs/volumes-import.png" alt="Volume import"></a><br><strong>Volume import</strong><br>Detected host mountpoints can be imported as MARS_NWE volumes.</td>
<td width="50%"><a href="doc/screenshots/user-editor.png"><img src="doc/screenshots/thumbs/user-editor.png" alt="User editor"></a><br><strong>User editor</strong><br>Optional Unix user mapping and bindery group membership.</td>
</tr>
<tr>
<td width="50%"><a href="doc/screenshots/print-queue-cups.png"><img src="doc/screenshots/thumbs/print-queue-cups.png" alt="Print queue CUPS integration"></a><br><strong>Print queues</strong><br>CUPS printer selection can prefill the Unix print command.</td>
<td width="50%"><a href="doc/screenshots/smart-settings.png"><img src="doc/screenshots/thumbs/smart-settings.png" alt="SMArT settings"></a><br><strong>SMArT settings</strong><br>Bindery server settings and server-name synchronization.</td>
</tr>
<tr>
<td width="50%"><a href="doc/screenshots/general-settings.png"><img src="doc/screenshots/thumbs/general-settings.png" alt="General settings"></a><br><strong>General settings</strong><br>Core MARS_NWE options with synchronized bindery naming.</td>
<td width="50%"><a href="doc/screenshots/advanced-path-settings.png"><img src="doc/screenshots/thumbs/advanced-path-settings.png" alt="Advanced path settings"></a><br><strong>Advanced sections</strong><br>Only the matching advanced section is displayed for the selected menu item.</td>
</tr>
<tr>
<td width="50%"><a href="doc/screenshots/validation-error.png"><img src="doc/screenshots/thumbs/validation-error.png" alt="Validation error"></a><br><strong>Validation errors</strong><br>Invalid input is rejected with a focused error page and a back action.</td>
<td width="50%"><a href="doc/screenshots/service-control.png"><img src="doc/screenshots/thumbs/service-control.png" alt="Service control output"></a><br><strong>Service control</strong><br>Start, stop, restart and status output for the configured MARS_NWE service.</td>
</tr>
</table>
A compact maintainer overview of the screenshot set is available as
[`doc/screenshots/screenshot-contact-sheet.png`](doc/screenshots/screenshot-contact-sheet.png).
## Project status and integration
@@ -10,40 +49,216 @@ This repository is intended to be embedded into the main `mars_nwe` Git reposito
- Main project: `mars_nwe`
- Submodule role: provides the SMArT web UI and helper tools
- Release model: shipped as part of the integrated **MARS_NWE** release, not as a separate end-user release artifact
- Release model: shipped as part of the integrated **MARS_NWE** release
The build and install rules show that the web UI binaries, Perl helpers, configuration, static assets, and PAM file are installed as part of the overall build and installation flow.
The build and install rules install the web UI binary, Perl helpers, configuration template, static assets, systemd unit, and PAM file as part of the integrated installation target.
## Architecture overview
SMArT consists of two main parts:
SMArT consists of three main pieces:
1. **Perl-based application logic** for configuration pages and helper scripts
2. **`nwwebui` service** as the web frontend that exposes the application over HTTP and HTTPS
1. **`nwwebui`** a dedicated HTTP/HTTPS frontend service
2. **Perl helper scripts** request routing, configuration pages, bindery operations, validation, and service control
3. **Small native helpers** PAM login checking and optional user enumeration helpers
The current implementation adds a dedicated `nwwebui` service that can serve the application directly over:
The `nwwebui` service can expose the UI over:
- **HTTP on port 9080**
- **HTTPS on port 9443**
The service supports TLS via OpenSSL and can run both listeners in parallel. HTTPS is the preferred mode because authentication happens more securely over an encrypted connection, while plain HTTP may still be useful for testing or trusted internal environments.
Both listeners can run in parallel. HTTPS is recommended for real deployments because the login form transmits credentials. Plain HTTP is still useful for local testing or trusted internal environments.
## Security model
## Major features
SMArT uses PAM-based authentication through the `check_login` helper. The supplied PAM policy is a standard `pam_unix` stack for authentication, account, password, and session handling. During installation with **MARS_NWE**, this file is installed automatically as:
### HTML login, sessions, and logout
- `/etc/pam.d/smart`
SMArT provides a form-based login page, session cookies, and a logout action. Static assets such as the SMArT logo are served before authentication so the login page can render correctly.
That means no manual PAM file deployment is normally required when SMArT is installed through the integrated `mars_nwe` package or release.
Runtime session files are stored under the WebUI runtime directory, typically:
```text
/run/mars-nwe-webui
```
### PAM authentication with administrator group restriction
Authentication is performed through the PAM service `smart` using the `check_login` helper. In addition to a successful PAM login, the user must be a member of the configured Unix administrator group.
The administrator group is configured at build time through the main `mars_nwe` CMake project:
```bash
cmake -DMARS_NWE_SMART_ADMIN_GROUP=root ...
```
The default is `root` to preserve the traditional behavior on existing systems. On normal Unix systems the `root` user has primary group `root`, so root can still log in. For delegated administration, build with a dedicated group instead:
```bash
cmake -DMARS_NWE_SMART_ADMIN_GROUP=nwadmin ...
groupadd nwadmin
usermod -aG nwadmin mario
```
After installation the effective setting appears in `smart.conf` as:
```perl
$smart_admin_group = 'root';
```
or, for a delegated build:
```perl
$smart_admin_group = 'nwadmin';
```
### Service control page
The start page includes controls for the configured MARS_NWE service:
- start
- stop
- restart
- status
The service name is supplied by the build configuration and can be overridden in `smart.conf`:
```perl
$mars_nwe_service = 'mars-nwe-serv.service';
$smart_systemctl_path = '/usr/bin/systemctl';
```
### Runtime information page
The start page shows the important runtime paths generated by CMake, including:
- main MARS_NWE configuration file
- SMArT configuration file
- WebUI helper/script directory
- MARS_NWE service unit name
- `systemctl` executable
This helps diagnose packaging or installation path issues without searching through generated files.
### Configuration editors and advanced sections
The main menu contains the commonly used configuration areas and advanced sections. Advanced pages are shown only when the selected section is opened, which keeps the menu usable while still exposing low-level MARS_NWE options.
Current sections include, among others:
- setup first
- MARS_NWE service
- general settings
- directories
- precompiled/path settings
- security
- user configuration
- volumes
- devices
- logging
- stations/access control
- users
- groups
- print queues
### Import helpers
SMArT can prefill or discover host-side data for common configuration tasks:
- local mount points for volume creation
- Unix users for MARS_NWE user mapping
- CUPS printers for print queue command generation
- IPX interfaces for device configuration
These helpers are meant to reduce manual typing while still leaving the final configuration under administrator control.
### Validation and error pages
The apply path validates common input before writing configuration or changing bindery data. Invalid values are shown on a dedicated validation page instead of failing silently or returning an empty HTTP response.
Validation currently covers areas such as:
- volume names and Unix paths
- device/network parameters
- print queue names, print commands, and spool directories
- user names and group names
- invalid bindery characters
### Bindery command handling
Bindery operations are executed through checked helper functions instead of silent `system()` calls. The WebUI logs command start, command success, command failure, and relevant output.
Commands such as `nwbocreate`, `nwbprm`, and `nwborm` are handled through `run_bindery_cmd()`. Pipe-style `nwbpset` operations are handled through `run_bindery_pipe()` using a temporary input file and checked return code.
This improves diagnostics for user, group, and print queue operations. The browser receives a structured error page when a bindery command fails.
### Bindery success pages
After successful user, group, or print queue changes, SMArT can show a result page with the number of successful bindery commands. This makes bindery changes visible to the administrator and avoids silent redirects after complex operations.
### Optional Unix user mapping updates
Existing MARS_NWE users no longer have their `UNIX_USER` mapping removed unless the administrator explicitly requests a mapping change. This prevents accidental loss of Unix user assignments when only editing full name, password, or group membership.
## Logging
SMArT has two relevant log streams:
- the `nwwebui` service log
- the Perl frontend log, normally `smart.log`
Typical paths:
```text
/var/log/mars_nwe/nwwebui.log
/var/log/mars_nwe/smart.log
```
### Perl frontend log level
The Perl frontend log level is configured in `smart.conf`:
```perl
# SMArT Perl logging verbosity.
# Values: error, warning, info, debug, trace
# Default: info
$smart_debug_level = 'info';
```
Supported values, from quiet to verbose:
- `error` only real errors that abort or fail an operation
- `warning` errors and warnings about unusual but non-fatal situations
- `info` normal operational messages, command start/finish, default
- `debug` additional diagnostic information for troubleshooting
- `trace` very verbose step-by-step traces, including bindery pipe payloads
Use `trace` only while debugging a concrete problem. It may include submitted bindery payload data and can produce a lot of log output. After debugging, switch back to `info`.
### `nwwebui` service log level
The `nwwebui` service has its own numeric log level:
```perl
$nw_log_level = 'info';
```
Typical meanings:
- `0` = errors only
- `1` = informational messages
- `2` = debug output
## Installed components
The install rules include the following relevant components.
### Binaries
- `nwwebui` dedicated web service frontend
- `check_login` PAM authentication helper
- `check_login` PAM authentication and administrator-group helper
- optional host discovery helpers, depending on build options
### Native helper tools
- `check_login` validates PAM credentials and verifies membership in the configured SMArT administrator group
- `smart_userlist` lists local Unix users for the optional bindery-to-Unix user mapping selector
### Perl helpers
@@ -52,77 +267,67 @@ The install rules include the following relevant components.
- `readconfig.pl`
- `settings.pl`
- `static.pl`
- `control`
### Configuration and assets
- `smart.conf`
- static HTML and image assets for the web UI
- static HTML/image assets for the WebUI
- optional `mars-nwe-webui.service` systemd unit
- PAM file installed as `/etc/pam.d/smart`
These components are all installed by the build system as part of the same integrated installation target.
- local Unix user-list helper used by the user editor
## Typical runtime paths
The original templates use CMake placeholders. For documentation, the following standard example paths can be used in a typical Linux installation:
The templates use CMake placeholders. In a typical Linux installation, the effective paths are similar to:
- Main MARS_NWE config directory: `/etc/mars_nwe`
- SMArT config file: `/etc/mars_nwe/smart.conf`
- Main MARS_NWE server config: `/etc/mars_nwe/nwserv.conf`
- Helper binaries and scripts: `/usr/libexec/mars_nwe`
- Helper binaries and scripts, including `smart`, `check_login`, `smart_userlist` and Perl helpers: `/usr/libexec/mars_nwe`
- Static SMArT assets: `/usr/libexec/mars_nwe/static`
- Log directory: `/var/log/mars_nwe`
- Runtime/session directory: `/run/mars-nwe-webui`
- PID directory: `/run/mars_nwe`
- TLS certificate: `/etc/mars_nwe/server.crt`
- TLS private key: `/etc/mars_nwe/server.key`
- PAM file: `/etc/pam.d/smart`
These values are sensible standard defaults for documentation. Packaging may still adjust them depending on the target distribution.
Packaging may adjust these paths depending on the target distribution.
## The `smart.conf` file
## `smart.conf` example
The `smart.conf` file controls both the SMArT frontend behavior and the `nwwebui` listener settings.
A documented example with standard installation paths is shown below:
A documented example with standard installation paths:
```perl
# SMArT / nwwebui configuration file
# ------------------------------------------------------------
# UI colors
# ------------------------------------------------------------
$COLOR_BACK = "#F0F0FF";
$COLOR_HEAD_BACK = "#C0C0FF";
$COLOR_HEAD_FORE = "#000000";
$COLOR_SUBH_BACK = "#D0D0FF";
$COLOR_SUBH_FORE = "#000000";
$COLOR_TEXT_BACK = "#E0E0FF";
$COLOR_TEXT_FORE = "#000000";
# ------------------------------------------------------------
# Main MARS_NWE configuration
# ------------------------------------------------------------
$mars_config = '/etc/mars_nwe/nwserv.conf';
$nonroot_user = 'nobody';
$smart_compact_nwservconf = 0;
# ------------------------------------------------------------
# SMArT internal file layout
# ------------------------------------------------------------
$smart_conf_path = '/etc/mars_nwe/smart.conf';
$smart_nwclient_path = '/etc/mars_nwe/.nwclient';
$smart_static_dir = '/usr/libexec/mars_nwe/static';
$smart_log_path = '/var/log/mars_nwe/smart.log';
$smart_check_login = '/usr/libexec/mars_nwe/check_login';
$smart_admin_group = 'root';
# Optional override, usually not needed
# $smart_perl_path = '/usr/libexec/mars_nwe/smart';
# Perl frontend logging
$smart_debug_level = 'info';
# Service control
$mars_nwe_service = 'mars-nwe-serv.service';
$smart_systemctl_path = '/usr/bin/systemctl';
# CUPS helper integration
$smart_cups_enable = '1';
$smart_cups_lpstat_path = '/usr/bin/lpstat';
$smart_cups_print_command_template = '/usr/bin/lp -d %p -';
# ------------------------------------------------------------
# nwwebui listener settings
# ------------------------------------------------------------
$nw_bind_ip = '0.0.0.0';
$nw_log_level = 1;
$nw_log_level = 'info';
$nw_daemonize = 0;
$nw_pid_file = '/run/mars_nwe/nwwebui.pid';
$nw_log_file = '/var/log/mars_nwe/nwwebui.log';
@@ -135,68 +340,64 @@ $nw_cert_file = '/etc/mars_nwe/server.crt';
$nw_key_file = '/etc/mars_nwe/server.key';
```
## `smart.conf` settings explained
### Print queue test action
### UI colors
The print queue page can submit a small test job to an existing MARS_NWE queue
through the ncpfs `nprint` tool. This verifies the queue through the NetWare
print-queue path instead of only checking the local Unix/CUPS command.
These variables define the default SMArT page colors:
The helper path can be adjusted in `smart.conf`:
- `$COLOR_BACK` page background
- `$COLOR_HEAD_BACK` / `$COLOR_HEAD_FORE` main section header colors
- `$COLOR_SUBH_BACK` / `$COLOR_SUBH_FORE` subsection header colors
- `$COLOR_TEXT_BACK` / `$COLOR_TEXT_FORE` regular content row colors
```perl
$smart_nprint_path = '/usr/bin/nprint';
```
### Main MARS_NWE configuration
## Recent SMArT WebUI features
- `$mars_config` path to the main `nwserv.conf` file that SMArT reads and updates
- `$nonroot_user` unprivileged user account used when SMArT drops privileges
- `$smart_compact_nwservconf` controls how `nwserv.conf` is written back:
- `0` keeps comments, spacing, and the original structure as much as possible
- `1` writes a more compact version without the original long comment layout
The current WebUI includes several usability and safety improvements:
### SMArT internal file layout
- HTML login, session cookies and logout handling
- static asset serving before login, so the login page can load the SMArT logo
- service-control pages for start, stop, restart and status actions
- runtime information on the start page, including generated paths and service name
- import helpers for CUPS printers, IPX interfaces, Unix users and local mountpoints
- `smart_userlist` helper for reliable Unix-user enumeration without parsing page output
- input validation pages for volumes, devices, print queues, users and groups
- stricter bindery object-name validation
- optional Unix user mapping for bindery users
- delete confirmation pages
- bindery command and bindery pipe logging
- success and error pages for bindery operations
- a `UNIX_USER` guard so existing users are not remapped unless requested
- configurable Perl log verbosity through `$smart_debug_level`
- `$smart_conf_path` absolute path to `smart.conf`
- `$smart_nwclient_path` file used to store bindery login information for SMArT helper tools
- `$smart_static_dir` directory containing HTML, icons, and other static assets
- `$smart_log_path` log file used by the Perl-based SMArT frontend
- `$smart_check_login` PAM-based authentication helper path
- `$smart_perl_path` optional override for the main SMArT Perl executable; usually not needed
## Build and installation notes
### `nwwebui` listener settings
This repository is built as part of the main `mars_nwe` build. The build system:
- `$nw_bind_ip` bind address for HTTP and HTTPS listeners, for example `0.0.0.0` for all IPv4 interfaces or `127.0.0.1` for localhost-only access
- `$nw_log_level` service log verbosity:
- `0` = errors only
- `1` = informational messages
- `2` = debug output
- `$nw_daemonize` whether `nwwebui` detaches into the background
- `$nw_pid_file` location of the PID file
- `$nw_log_file` log file written by `nwwebui`
- `$nw_ssl_enable` enables or disables HTTPS support
- `$nw_http_port` HTTP listener port; set to `0` to disable plain HTTP
- `$nw_https_port` HTTPS listener port; set to `0` to disable HTTPS
- `$nw_cert_file` PEM certificate path for TLS
- `$nw_key_file` PEM private key path for TLS
- generates `smart.conf` from the template
- generates the main `smart` Perl launcher script
- builds `nwwebui`
- builds `check_login`
- builds `smart_userlist`
- installs the PAM file and static UI assets
- installs helper scripts and optional systemd units
The current code and template show that:
Useful build-time settings include:
- `nwwebui` listens on `9080` for HTTP by default
- `9443` is used for HTTPS
- the log file can be configured with `$nw_log_file`
- the log path can also be overridden at runtime with `-l`
```bash
cmake -DMARS_NWE_SMART_ADMIN_GROUP=root ...
cmake -DMARS_NWE_SMART_ADMIN_GROUP=nwadmin ...
cmake -DMARS_NWE_SYSTEMD_SERVICE=mars-nwe-serv.service ...
```
Because passwords may be transmitted during login, HTTPS is the recommended way to access the interface.
The administrator group defaults to `root` for compatibility. Use a dedicated group such as `nwadmin` when non-root administrators should be allowed to access the WebUI.
## Starting the service
Depending on the installation method, `nwwebui` can be started either via **systemd** or directly from the **command line**. The build system installs a `mars-nwe-webui.service` unit when systemd support is enabled.
### Starting with systemd
A typical installed system uses the `mars-nwe-webui.service` unit. The unit starts `nwwebui`, prepares the needed runtime directories, and loads the standard `smart.conf` file.
Typical commands:
A typical installed system uses the `mars-nwe-webui.service` unit:
```bash
systemctl enable --now mars-nwe-webui.service
@@ -206,7 +407,7 @@ systemctl restart mars-nwe-webui.service
systemctl status mars-nwe-webui.service
```
The service unit starts `nwwebui` with the equivalent of:
The service starts `nwwebui` with the equivalent of:
```bash
/usr/sbin/nwwebui -c /etc/mars_nwe/smart.conf
@@ -214,8 +415,6 @@ The service unit starts `nwwebui` with the equivalent of:
### Starting from the command line
`nwwebui` can also be launched manually. The built-in usage text documents the supported options:
```text
Usage: nwwebui [-h] [-d] [-s] [-c <smart.conf>] [-p <pidfile>] [-l <logfile>]
@@ -228,30 +427,15 @@ Options:
-l, --logfile <file> Override log file path
```
Typical examples:
Examples:
```bash
# start in foreground with the standard configuration
/usr/sbin/nwwebui -c /etc/mars_nwe/smart.conf
# start in daemon mode
/usr/sbin/nwwebui -d -c /etc/mars_nwe/smart.conf
# stop a running instance
/usr/sbin/nwwebui -s -c /etc/mars_nwe/smart.conf
# use a custom PID file
/usr/sbin/nwwebui -d -c /etc/mars_nwe/smart.conf -p /run/mars_nwe/nwwebui.pid
# use a custom log file
/usr/sbin/nwwebui -c /etc/mars_nwe/smart.conf -l /var/log/mars_nwe/custom-nwwebui.log
# override both PID and log file
/usr/sbin/nwwebui -d -c /etc/mars_nwe/smart.conf -p /run/mars_nwe/nwwebui.pid -l /var/log/mars_nwe/nwwebui.log
```
The `-l` option overrides `$nw_log_file` from `smart.conf` at runtime.
Typical access URLs:
- `http://<host>:9080/`
@@ -259,18 +443,46 @@ Typical access URLs:
For production use, HTTPS should be preferred.
## Build and installation notes
## Native helper logging
This repository is built as part of the main `mars_nwe` build. The build system:
The native helper programs `check_login` and `smart_userlist` read their log
destination and verbosity from `smart.conf` when called by the WebUI.
- generates `smart.conf` from the template
- generates the `smart` launcher script
- builds `nwwebui`
- builds `check_login`
- installs the PAM file and static UI assets
They use the same Perl frontend settings:
Because this repository is integrated as a Git submodule in `mars_nwe`, end users normally consume it through the main `mars_nwe` source tree and release packages rather than using it as a standalone project.
```perl
$smart_log_path = '/var/log/mars_nwe/smart.log';
$smart_debug_level = 'info';
```
The generated `config.h` also provides fallback defaults for these values, so
the helpers can still write useful diagnostics when they are executed manually
or before `smart.conf` could be loaded.
`check_login` logs authentication and authorization results, but never logs the
submitted password. `smart_userlist` keeps its tab-separated user-list output
on stdout unchanged and writes diagnostics only to the configured log file.
## Unix user discovery helper
The WebUI user editor can assign a MARS_NWE bindery user to a local Unix user.
For this selector, SMArT uses the native `smart_userlist` helper.
`smart_userlist` enumerates local users through the system user database instead
of relying on fragile parsing in the web page itself. This keeps the optional
Unix-user mapping UI usable even when the available users come from NSS-backed
sources such as local files, LDAP, SSSD or similar site-specific setups.
The helper is installed together with the other SMArT native tools and is
normally referenced from `smart.conf` as:
```perl
$smart_userlist_path = '/usr/libexec/mars_nwe/smart_userlist';
```
If the path is not set explicitly, SMArT falls back to the standard libexec
location generated by the build system.
## Summary
SMArT is now an integrated part of the `mars_nwe` release and includes a dedicated `nwwebui` service that can expose the interface over both HTTP and HTTPS. The standard listener ports are **9080** for HTTP and **9443** for HTTPS. Authentication is handled through PAM, and the required `/etc/pam.d/smart` file is installed automatically together with the integrated MARS_NWE installation.
SMArT is now an integrated part of the `mars_nwe` release. It includes a dedicated `nwwebui` service, form-based sessions, PAM authentication with configurable administrator group restriction, service control, validation pages, import helpers, improved bindery command handling, and configurable logging.

1548
apply.pl
View File

File diff suppressed because it is too large Load Diff

411
check_login.c
View File

@@ -1,32 +1,266 @@
/*
SMArT
Check username/password combination using PAM
Check username/password combination using PAM and require membership in
the configured SMArT administrator Unix group.
Copyright 2001 Wilmer van der Gaast
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Usage:
check_login <user> <password> <admin-group> [smart.conf]
Passwords are never written to the log.
*/
#include <ctype.h>
#include <errno.h>
#include <grp.h>
#include <pwd.h>
#include <security/pam_appl.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
#include "config.h"
int my_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr);
static int user_in_group(const char *username, const char *groupname);
#define SMART_LOG_ERROR 0
#define SMART_LOG_WARNING 1
#define SMART_LOG_INFO 2
#define SMART_LOG_DEBUG 3
#define SMART_LOG_TRACE 4
typedef struct {
char log_path[512];
char debug_level[64];
char admin_group[256];
int level;
} smart_helper_config_t;
static void trim(char *s)
{
char *p = s;
size_t len;
while (*p && isspace((unsigned char)*p)) {
p++;
}
if (p != s) {
memmove(s, p, strlen(p) + 1);
}
len = strlen(s);
while (len > 0 && isspace((unsigned char)s[len - 1])) {
s[len - 1] = '\0';
len--;
}
}
static void strip_quotes(char *s)
{
size_t len = strlen(s);
if (len >= 2) {
if ((s[0] == '\'' && s[len - 1] == '\'') ||
(s[0] == '"' && s[len - 1] == '"')) {
memmove(s, s + 1, len - 2);
s[len - 2] = '\0';
}
}
}
static int parse_perl_assignment(const char *line, char *key, size_t ksz, char *val, size_t vsz)
{
const char *p = line;
size_t ki = 0;
size_t vi = 0;
while (*p && isspace((unsigned char)*p)) {
p++;
}
if (*p != '$') {
return 0;
}
p++;
while (*p && (isalnum((unsigned char)*p) || *p == '_')) {
if (ki + 1 < ksz) {
key[ki++] = *p;
}
p++;
}
key[ki] = '\0';
while (*p && isspace((unsigned char)*p)) {
p++;
}
if (*p != '=') {
return 0;
}
p++;
while (*p && isspace((unsigned char)*p)) {
p++;
}
while (*p && *p != ';' && *p != '\n' && *p != '\r') {
if (vi + 1 < vsz) {
val[vi++] = *p;
}
p++;
}
val[vi] = '\0';
trim(key);
trim(val);
strip_quotes(val);
return key[0] != '\0';
}
static int parse_log_level(const char *value)
{
char buf[64];
size_t i;
if (value == NULL || value[0] == '\0') {
return SMART_LOG_INFO;
}
snprintf(buf, sizeof(buf), "%s", value);
trim(buf);
for (i = 0; buf[i]; i++) {
buf[i] = (char)tolower((unsigned char)buf[i]);
}
if (strcmp(buf, "error") == 0 || strcmp(buf, "err") == 0 || strcmp(buf, "0") == 0) {
return SMART_LOG_ERROR;
}
if (strcmp(buf, "warning") == 0 || strcmp(buf, "warn") == 0 || strcmp(buf, "1") == 0) {
return SMART_LOG_WARNING;
}
if (strcmp(buf, "info") == 0 || strcmp(buf, "2") == 0) {
return SMART_LOG_INFO;
}
if (strcmp(buf, "debug") == 0 || strcmp(buf, "3") == 0) {
return SMART_LOG_DEBUG;
}
if (strcmp(buf, "trace") == 0 || strcmp(buf, "4") == 0) {
return SMART_LOG_TRACE;
}
return SMART_LOG_INFO;
}
static const char *level_name(int level)
{
if (level <= SMART_LOG_ERROR) {
return "ERROR";
}
if (level == SMART_LOG_WARNING) {
return "WARNING";
}
if (level == SMART_LOG_DEBUG) {
return "DEBUG";
}
if (level >= SMART_LOG_TRACE) {
return "TRACE";
}
return "INFO";
}
static void smart_cfg_init(smart_helper_config_t *cfg)
{
memset(cfg, 0, sizeof(*cfg));
snprintf(cfg->log_path, sizeof(cfg->log_path), "%s", DEFAULT_SMART_LOG_PATH);
snprintf(cfg->debug_level, sizeof(cfg->debug_level), "%s", DEFAULT_SMART_LOG_LEVEL);
snprintf(cfg->admin_group, sizeof(cfg->admin_group), "%s", "root");
cfg->level = parse_log_level(cfg->debug_level);
}
static void smart_cfg_load(smart_helper_config_t *cfg, const char *path)
{
FILE *fh;
char line[2048];
if (path == NULL || path[0] == '\0') {
return;
}
fh = fopen(path, "r");
if (fh == NULL) {
return;
}
while (fgets(line, sizeof(line), fh) != NULL) {
char key[256];
char val[1024];
if (!parse_perl_assignment(line, key, sizeof(key), val, sizeof(val))) {
continue;
}
if (strcmp(key, "smart_log_path") == 0) {
snprintf(cfg->log_path, sizeof(cfg->log_path), "%s", val);
} else if (strcmp(key, "smart_debug_level") == 0 ||
strcmp(key, "smart_log_level") == 0) {
snprintf(cfg->debug_level, sizeof(cfg->debug_level), "%s", val);
cfg->level = parse_log_level(val);
} else if (strcmp(key, "smart_admin_group") == 0) {
snprintf(cfg->admin_group, sizeof(cfg->admin_group), "%s", val);
}
}
fclose(fh);
}
static void helper_log(smart_helper_config_t *cfg, const char *component, int level, const char *fmt, ...)
{
FILE *fh = stderr;
int close_fh = 0;
time_t now;
struct tm tm_now;
char tbuf[64];
va_list ap;
if (cfg != NULL && level > cfg->level) {
return;
}
if (cfg != NULL && cfg->log_path[0] != '\0') {
fh = fopen(cfg->log_path, "a");
if (fh != NULL) {
close_fh = 1;
} else {
fh = stderr;
}
}
now = time(NULL);
localtime_r(&now, &tm_now);
strftime(tbuf, sizeof(tbuf), "%Y-%m-%d %H:%M:%S", &tm_now);
fprintf(fh, "[%s] [%s] [SMArT helper] [%s] ", tbuf, level_name(level), component);
va_start(ap, fmt);
vfprintf(fh, fmt, ap);
va_end(ap);
fputc('\n', fh);
fflush(fh);
if (close_fh) {
fclose(fh);
}
}
static struct pam_conv conv = {
my_conv,
@@ -38,35 +272,160 @@ char *pass;
int main( int argc, char **argv )
{
pam_handle_t *pamh;
pam_handle_t *pamh = NULL;
int retval, st = 1;
const char *admin_group;
const char *smart_conf = DEFAULT_SMART_CONF;
smart_helper_config_t cfg;
smart_cfg_init(&cfg);
if( argc < 4 )
{
fprintf( stderr, "Usage: %s <user> <password> <admin-group> [smart.conf]\n", argv[0] );
return( 3 );
}
user = argv[1];
pass = argv[2];
admin_group = argv[3];
if (argc >= 5 && argv[4] != NULL && argv[4][0] != '\0') {
smart_conf = argv[4];
}
smart_cfg_load(&cfg, smart_conf);
if (admin_group == NULL || admin_group[0] == '\0' || strcmp(admin_group, "-") == 0) {
admin_group = cfg.admin_group;
}
if( user == NULL || user[0] == '\0' ||
pass == NULL ||
admin_group == NULL || admin_group[0] == '\0' )
{
helper_log(&cfg, "check_login", SMART_LOG_ERROR, "invalid helper arguments");
return( 3 );
}
helper_log(&cfg, "check_login", SMART_LOG_INFO, "authentication requested user='%s' admin_group='%s'", user, admin_group);
retval = pam_start( "smart", user, &conv, &pamh );
if ( retval == PAM_SUCCESS )
if( retval == PAM_SUCCESS )
retval = pam_authenticate( pamh, PAM_SILENT );
if ( retval == PAM_SUCCESS )
if( retval == PAM_SUCCESS )
st = retval = pam_acct_mgmt( pamh, PAM_SILENT );
if ( pam_end( pamh, retval ) != PAM_SUCCESS )
return( 1 );
return( st != PAM_SUCCESS );
if( pamh != NULL && pam_end( pamh, retval ) != PAM_SUCCESS ) {
helper_log(&cfg, "check_login", SMART_LOG_ERROR, "pam_end failed user='%s'", user);
return( 1 );
}
if( st != PAM_SUCCESS ) {
helper_log(&cfg, "check_login", SMART_LOG_WARNING, "pam authentication failed user='%s' pam_status=%d", user, st);
return( 1 );
}
helper_log(&cfg, "check_login", SMART_LOG_DEBUG, "pam authentication ok user='%s'", user);
if( ! user_in_group( user, admin_group ) ) {
helper_log(&cfg, "check_login", SMART_LOG_WARNING, "group authorization failed user='%s' required_group='%s'", user, admin_group);
return( 2 );
}
helper_log(&cfg, "check_login", SMART_LOG_INFO, "login accepted user='%s' required_group='%s'", user, admin_group);
return( 0 );
}
static int user_in_group(const char *username, const char *groupname)
{
struct passwd *pw;
struct group *gr;
int ngroups = 0;
gid_t *groups;
int i;
if( username == NULL || username[0] == '\0' ||
groupname == NULL || groupname[0] == '\0' )
{
return( 0 );
}
pw = getpwnam( username );
gr = getgrnam( groupname );
if( pw == NULL || gr == NULL )
{
return( 0 );
}
if( pw->pw_gid == gr->gr_gid )
{
return( 1 );
}
#if defined(__linux__) || defined(__GLIBC__)
getgrouplist( username, pw->pw_gid, NULL, &ngroups );
if( ngroups > 0 )
{
groups = calloc( (size_t) ngroups, sizeof( gid_t ) );
if( groups != NULL )
{
if( getgrouplist( username, pw->pw_gid, groups, &ngroups ) >= 0 )
{
for( i = 0; i < ngroups; i++ )
{
if( groups[i] == gr->gr_gid )
{
free( groups );
return( 1 );
}
}
}
free( groups );
}
}
#endif
if( gr->gr_mem != NULL )
{
for( i = 0; gr->gr_mem[i] != NULL; i++ )
{
if( strcmp( gr->gr_mem[i], username ) == 0 )
{
return( 1 );
}
}
}
return( 0 );
}
int my_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
{
struct pam_response *reply;
int i;
reply = (struct pam_response *) calloc( num_msg, sizeof( struct pam_response ) );
(void) msg;
(void) appdata_ptr;
reply = (struct pam_response *) calloc( (size_t) num_msg, sizeof( struct pam_response ) );
if( reply == NULL )
{
return( PAM_BUF_ERR );
}
for( i = 0; i < num_msg; i ++ )
{
reply[i].resp = (char *) strdup( pass ); /* Just give the password... It's all we know */
reply[i].resp = (char *) strdup( pass );
reply[i].resp_retcode = 0;
}
*resp = reply;
return( PAM_SUCCESS );
}

9
config.h.cmake
View File

@@ -12,9 +12,14 @@
#define LOG_PATH_DEFAULT "@MARS_NWE_LOG_DIR@/nwwebui.log"
#define DEFAULT_SMART_LOG_PATH "@MARS_NWE_LOG_DIR@/smart.log"
#define DEFAULT_SMART_LOG_LEVEL "info"
#define LOG_LEVEL_ERROR 0
#define LOG_LEVEL_INFO 1
#define LOG_LEVEL_DEBUG 2
#define LOG_LEVEL_WARNING 1
#define LOG_LEVEL_INFO 2
#define LOG_LEVEL_DEBUG 3
#define LOG_LEVEL_TRACE 4
#define LOG_LEVEL_DEFAULT LOG_LEVEL_INFO
#define DEFAULT_BIND_IP "0.0.0.0"

BIN
doc/screenshots/advanced-path-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

BIN
doc/screenshots/general-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 76 KiB

BIN
doc/screenshots/login.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
doc/screenshots/main-menu.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 398 KiB

BIN
doc/screenshots/print-queue-cups.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 41 KiB

BIN
doc/screenshots/screenshot-contact-sheet.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 467 KiB

BIN
doc/screenshots/service-control.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

BIN
doc/screenshots/service-runtime.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 151 KiB

BIN
doc/screenshots/smart-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 50 KiB

BIN
doc/screenshots/thumbs/advanced-path-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

BIN
doc/screenshots/thumbs/general-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 55 KiB

BIN
doc/screenshots/thumbs/login.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 KiB

BIN
doc/screenshots/thumbs/main-menu.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 68 KiB

BIN
doc/screenshots/thumbs/print-queue-cups.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
doc/screenshots/thumbs/service-control.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 261 KiB

BIN
doc/screenshots/thumbs/service-runtime.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 97 KiB

BIN
doc/screenshots/thumbs/smart-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 37 KiB

BIN
doc/screenshots/thumbs/user-editor.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 30 KiB

BIN
doc/screenshots/thumbs/validation-error.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

BIN
doc/screenshots/thumbs/volumes-import.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 94 KiB

BIN
doc/screenshots/user-editor.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 39 KiB

BIN
doc/screenshots/validation-error.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
doc/screenshots/volumes-import.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1005 KiB

2
mars-nwe-webui.service.cmake
View File

@@ -8,6 +8,8 @@ Documentation=man:systemd.service(5)
Type=simple
User=root
Group=root
RuntimeDirectory=mars-nwe-webui
RuntimeDirectoryMode=0700
WorkingDirectory=/
ExecStartPre=/bin/mkdir -p @MARS_NWE_LOG_DIR@

84
nwwebui.c
View File

@@ -91,12 +91,86 @@ static void log_reopen(const char *path)
log_open();
}
static int parse_log_level(const char *value)
{
char buf[64];
size_t i;
if (!value || !*value) {
return LOG_LEVEL_DEFAULT;
}
while (*value && isspace((unsigned char)*value)) {
value++;
}
snprintf(buf, sizeof(buf), "%s", value);
for (i = 0; buf[i]; i++) {
buf[i] = (char)tolower((unsigned char)buf[i]);
}
while (i > 0 && isspace((unsigned char)buf[i - 1])) {
buf[i - 1] = '\0';
i--;
}
if (strcmp(buf, "error") == 0 || strcmp(buf, "err") == 0 || strcmp(buf, "0") == 0) {
return LOG_LEVEL_ERROR;
}
if (strcmp(buf, "warning") == 0 || strcmp(buf, "warn") == 0 || strcmp(buf, "1") == 0) {
return LOG_LEVEL_WARNING;
}
if (strcmp(buf, "info") == 0 || strcmp(buf, "2") == 0) {
return LOG_LEVEL_INFO;
}
if (strcmp(buf, "debug") == 0 || strcmp(buf, "3") == 0) {
return LOG_LEVEL_DEBUG;
}
if (strcmp(buf, "trace") == 0 || strcmp(buf, "4") == 0) {
return LOG_LEVEL_TRACE;
}
/*
Compatibility with the old numeric values:
0 = error
1 = info
2 = debug
Named levels are preferred for new configurations.
*/
if (strcmp(buf, "old-info") == 0) {
return LOG_LEVEL_INFO;
}
return LOG_LEVEL_DEFAULT;
}
static const char *log_level_name(int level)
{
if (level <= LOG_LEVEL_ERROR) {
return "ERROR";
}
if (level == LOG_LEVEL_WARNING) {
return "WARNING";
}
if (level == LOG_LEVEL_DEBUG) {
return "DEBUG";
}
if (level >= LOG_LEVEL_TRACE) {
return "TRACE";
}
return "INFO";
}
static void log_msg(int level, const char *fmt, ...)
{
time_t now;
struct tm tm_now;
char tbuf[64];
const char *lvl = "INFO";
const char *lvl;
va_list ap;
if (level > g_log_level) {
@@ -109,11 +183,7 @@ static void log_msg(int level, const char *fmt, ...)
localtime_r(&now, &tm_now);
strftime(tbuf, sizeof(tbuf), "%Y-%m-%d %H:%M:%S", &tm_now);
if (level == LOG_LEVEL_ERROR) {
lvl = "ERROR";
} else if (level == LOG_LEVEL_DEBUG) {
lvl = "DEBUG";
}
lvl = log_level_name(level);
fprintf(g_log_fp, "[%s] [%s] ", tbuf, lvl);
@@ -471,7 +541,7 @@ static void load_smart_conf(nw_config_t *cfg)
if (strcmp(key, "nw_bind_ip") == 0) {
snprintf(cfg->bind_ip, sizeof(cfg->bind_ip), "%s", val);
} else if (strcmp(key, "nw_log_level") == 0) {
g_log_level = atoi(val);
g_log_level = parse_log_level(val);
} else if (strcmp(key, "nw_log_file") == 0) {
snprintf(cfg->log_file, sizeof(cfg->log_file), "%s", val);
} else if (strcmp(key, "nw_ssl_enable") == 0) {

83
readconfig.pl
View File

@@ -122,6 +122,49 @@ sub delconfigline( $ )
@conf = grep( !/^$_[0] /i, grep( !/^$_[0]$/i, @conf ) );
}
sub queue_config_name_from_line( $ )
{
my $line = $_[0];
$line = '' unless defined( $line );
$line =~ s/[\r\n]//g;
$line =~ s/#.*//;
$line =~ s/^\s*21\s+//i;
$line =~ s/^\s+//;
$line =~ s/\s+$//;
return ( split( /\s+/, $line, 2 ) )[0];
}
sub delconfigqueue( $ )
{
my $name = $_[0];
my $conf_before = scalar( @conf );
my $raw_before = scalar( @rawconf );
$name = '' unless defined( $name );
$name =~ s/^\s+//;
$name =~ s/\s+$//;
$name = uc( $name );
return( 0, 0 ) if $name eq '';
@conf = grep {
my $qname = queue_config_name_from_line( $_ );
!( $_ =~ /^\s*21(?:\s|$)/i && uc( $qname ) eq $name )
} @conf;
@rawconf = grep {
my $raw = $_;
my $qname = queue_config_name_from_line( $raw );
!( $raw =~ /^\s*21(?:\s|$)/i && uc( $qname ) eq $name )
} @rawconf;
return( $conf_before - scalar( @conf ), $raw_before - scalar( @rawconf ) );
}
sub normalize_line( $ )
{
my $x = $_[0];
@@ -207,12 +250,17 @@ sub writeconfig_compact()
sub writeconfig_markers()
{
my( %secmap, %emitted );
my( $line, $active_key, $inside_active );
my( %secmap, %emitted, %managed );
my( $line, $active_key, $inside_active, $sec, $key );
%secmap = build_marker_map();
$inside_active = '';
foreach $key ( keys( %secmap ) )
{
$managed{$key} = 1;
}
open( CONF, '>' . $mars_config ) or die "Could not write $mars_config: $!";
foreach $line ( @rawconf )
@@ -249,9 +297,40 @@ sub writeconfig_markers()
next;
}
$sec = section_of_line( $line );
if( $sec ne '' )
{
$key = grouped_section_key( $sec );
if( $managed{$key} )
{
# This section was changed in @conf. Do not write the stale
# raw line again from @rawconf. If the section has no ACTIVE
# marker, it is emitted once after the raw file has been copied.
next;
}
}
print CONF $line;
}
foreach $key ( sort {
my $aa = $a; my $bb = $b;
$aa =~ s/-.*//; $bb =~ s/-.*//;
$aa <=> $bb
} keys( %secmap ) )
{
next if $emitted{$key};
print CONF "\n";
foreach my $entry ( @{ $secmap{$key} } )
{
print CONF $entry . "\n";
}
$emitted{$key} = 1;
}
close( CONF );
}

1615
settings.pl
View File

File diff suppressed because it is too large Load Diff

473
smart.cmake
View File

@@ -31,7 +31,21 @@ do( '@MARS_NWE_INSTALL_FULL_CONFDIR@/smart.conf' )
or die "Could not load @MARS_NWE_INSTALL_FULL_CONFDIR@/smart.conf: $@ $!";
close( STDERR );
open( STDERR, '>>' . $smart_log_path )
# Prefix all raw STDERR from helper tools with timestamp/component before it
# reaches smart.log. This also catches output from nwbols/nwbpset/nwpasswd
# and systemctl warnings.
my $smart_stderr_filter = "perl -MPOSIX=strftime -ne 'chomp; " .
"my \\$v=\\$ENV{SMART_VERSION}||q{0.99.pl28}; " .
"my \\$f=\\$ENV{SMART_LOG_FILE}||q{stderr}; " .
"print strftime(q{[%Y-%m-%d %H:%M:%S]}, localtime), qq{ [ERROR] [SMArT \\$v] [\\$f] \\$_\\n};' >> " .
quotemeta( $smart_log_path );
$ENV{SMART_VERSION} = defined( $smart_version ) && $smart_version ne '' ? $smart_version : '0.99.pl28';
$ENV{SMART_LOG_FILE} = 'stderr';
open( STDERR, '|-', $smart_stderr_filter )
or open( STDERR, '>>' . $smart_log_path )
or die "Could not open $smart_log_path: $!";
$ENV{HOME} = '@MARS_NWE_INSTALL_FULL_CONFDIR@';
@@ -41,15 +55,20 @@ $smart_libexec_dir =~ s#/*$##;
$smart_control_path = $smart_libexec_dir . '/control' unless defined $smart_control_path;
$mars_nwe_service = '@MARS_NWE_SYSTEMD_SERVICE@' unless defined $mars_nwe_service;
$smart_systemctl_path = '@SYSTEMCTL_EXECUTABLE@' unless defined $smart_systemctl_path;
$smart_admin_group = '@MARS_NWE_SMART_ADMIN_GROUP@' unless defined $smart_admin_group;
$smart_admin_group = 'root' if ! defined( $smart_admin_group ) || $smart_admin_group eq '' || $smart_admin_group =~ /^\@MARS_NWE_SMART_ADMIN_GROUP\@$/;
$l = <STDIN>;
$l =~ s/[\n\r]//g;
$request_uri = "";
$post_body = "";
%hl = ();
@c = split( ' ', $l );
if( scalar( @c ) > 2 )
{
$request_uri = $c[1];
while( keys( %h ) < 15 ) # Who would ever want to send more headers???
while( keys( %h ) < 50 )
{
$l = <STDIN>;
$l =~ s/[\n\r]//g;
@@ -59,36 +78,32 @@ if( scalar( @c ) > 2 )
$n =~ s/:[^:]*$//g;
$v = $l;
$v =~ s/^[^:]*://g;
$v =~ s/^\s+//;
$v =~ s/\s+$//;
$h{$n} = $v;
$hl{lc( $n )} = $v;
}
}
$c[0] = uc( $c[0] );
$request_method = $c[0];
if( $h{Authorization} eq '' )
{ error( 401 ); }
else
if( $request_method eq 'POST' )
{
@s = split( ' ', $h{Authorization} );
if( $s[0] ne 'Basic' or length( $h{Authorization} ) > 80 ) # We can't be too careful, can we...
{ error( 401 ); }
else
my $content_length = 0;
if( defined( $hl{'content-length'} ) && $hl{'content-length'} =~ /^[0-9]+$/ )
{
$s[1] =~ tr#A-Za-z0-9+/##cd;
$s[1] =~ tr#A-Za-z0-9+/# -_#;
$s[1] = pack( 'c', 32 + 0.75 * length( $s[1] ) ) . $s[1];
$s[1] = unpack( 'u', $s[1] );
$s[1] =~ s/[\r\n]//g;
@l = split( ':', $s[1] );
if( $l[0] ne 'root' )
{ error( 401 ); }
else
{ if( $x = system( $smart_check_login, @l ) )
{ error( 401 ); } }
$content_length = int( $hl{'content-length'} );
}
if( $content_length > 0 && $content_length < 8192 )
{
read( STDIN, $post_body, $content_length );
}
}
if( $c[0] ne 'GET' )
if( $request_method ne 'GET' && $request_method ne 'POST' )
{
error( 501 );
}
@@ -97,19 +112,39 @@ if( $c[0] ne 'GET' )
$cc = $c[1];
$cc =~ s/[^\?]*\?//;
$c = substr( shift( @p ), 1 );
@p = split( '&', $p[0] );
foreach $p ( @p )
{
$n = $p;
$n =~ s/=.*//;
$v = $p;
$v =~ s/.*=//;
$v =~ s/\+/ /g;
$v =~ s/%([0-9A-F][0-9A-F])/pack('c',hex($1))/gie;
$p{$n} = $v;
}
parse_params( $p[0] );
parse_params( $post_body ) if $request_method eq 'POST';
@c = split( '/', $c );
if( $c[0] eq 'login' )
{
handle_login_route();
exit;
}
if( $c[0] eq 'logout' )
{
handle_logout_route();
exit;
}
# Static assets must be available before login, otherwise the login page
# cannot load the SMArT logo and icons.
if( $c[0] eq 'static' )
{
do( $smart_libexec_dir . '/static.pl' );
handle_request();
exit;
}
if( ! valid_session() )
{
redirect( '/login' );
exit;
}
if( ( $c[0] eq 'service' && $c[1] eq 'control' ) ||
( $c[0] eq 'cgi-bin' && $c[1] eq 'control' ) )
{
@@ -176,6 +211,380 @@ exit;
##### END OF MAIN PROCEDURES FOLLOW #####
##########################################
sub smart_log_line( $$$ )
{
my( $level, $file, $msg ) = @_;
$level = 'INFO' unless defined( $level ) && $level ne '';
$file = 'smart' unless defined( $file ) && $file ne '';
$msg = '' unless defined( $msg );
my( $sec, $min, $hour, $mday, $mon, $year ) = localtime( time() );
my $ts = sprintf( "%04d-%02d-%02d %02d:%02d:%02d",
$year + 1900, $mon + 1, $mday, $hour, $min, $sec );
my $version = defined( $smart_version ) && $smart_version ne '' ? $smart_version : '0.99.pl28';
if( open( my $fh, '>>', $smart_log_path ) )
{
print( $fh '[' . $ts . '] [' . $level . '] [SMArT ' . $version . '] [' . $file . '] ' . $msg . "\n" );
close( $fh );
}
}
sub smart_auth_log( $ )
{
my $msg = $_[0];
$msg = '' unless defined $msg;
my( $sec, $min, $hour, $mday, $mon, $year ) = localtime( time() );
my $ts = sprintf( "%04d-%02d-%02d %02d:%02d:%02d",
$year + 1900, $mon + 1, $mday, $hour, $min, $sec );
my $version = defined( $smart_version ) && $smart_version ne '' ? $smart_version : '0.99.pl28';
if( open( my $fh, '>>', $smart_log_path ) )
{
print( $fh '[' . $ts . '] [INFO] [SMArT ' . $version . '] [smart] ' . $msg . "\n" );
close( $fh );
}
}
sub parse_params( $ )
{
my $qs = $_[0];
return if ! defined( $qs ) || $qs eq '';
my @items = split( '&', $qs );
foreach my $item ( @items )
{
my $n = $item;
my $v = $item;
$n =~ s/=.*//;
$v =~ s/^[^=]*=?//;
$n =~ s/\+/ /g;
$v =~ s/\+/ /g;
$n =~ s/%([0-9A-Fa-f][0-9A-Fa-f])/pack('c',hex($1))/gie;
$v =~ s/%([0-9A-Fa-f][0-9A-Fa-f])/pack('c',hex($1))/gie;
$p{$n} = $v;
}
}
sub smart_html_escape( $ )
{
my $s = $_[0];
$s = '' unless defined $s;
$s =~ s/&/&amp;/g;
$s =~ s/</&lt;/g;
$s =~ s/>/&gt;/g;
$s =~ s/"/&quot;/g;
return $s;
}
sub session_timeout()
{
return $smart_session_timeout if defined( $smart_session_timeout ) && $smart_session_timeout =~ /^[0-9]+$/ && $smart_session_timeout > 0;
return 3600;
}
sub session_dir()
{
my $dir = defined( $smart_session_dir ) && $smart_session_dir ne '' ? $smart_session_dir : '/run/mars-nwe-webui';
if( ! -d $dir )
{
if( ! mkdir( $dir, 0700 ) )
{
smart_auth_log( 'could not create session dir ' . $dir . ': ' . $! );
}
}
if( -d $dir )
{
chmod( 0700, $dir );
}
else
{
smart_auth_log( 'session dir is not available: ' . $dir );
}
return $dir;
}
sub session_token()
{
my $token = '';
if( open( my $fh, '<', '/dev/urandom' ) )
{
my $buf = '';
read( $fh, $buf, 24 );
close( $fh );
$token = unpack( 'H*', $buf );
}
if( $token eq '' )
{
$token = sprintf( "%08x%08x%08x%08x", time(), $$, int( rand( 0xffffffff ) ), int( rand( 0xffffffff ) ) );
}
$token =~ s/[^A-Fa-f0-9]//g;
return $token;
}
sub session_file( $ )
{
my $token = $_[0];
$token = '' unless defined $token;
$token =~ s/[^A-Fa-f0-9]//g;
return '' if $token eq '';
return session_dir() . '/' . $token;
}
sub cookie_session_id()
{
my $cookie = defined( $hl{'cookie'} ) ? $hl{'cookie'} : '';
foreach my $part ( split( /;/, $cookie ) )
{
$part =~ s/^\s+//;
$part =~ s/\s+$//;
if( $part =~ /^SMArT_SID=([A-Fa-f0-9]+)$/ )
{
return $1;
}
}
return '';
}
sub valid_session()
{
my $token = cookie_session_id();
my $file = session_file( $token );
return 0 if $token eq '';
return 0 if $file eq '';
if( ! -f $file )
{
smart_auth_log( 'session cookie exists but file is missing: ' . $file );
return 0;
}
my @st = stat( $file );
if( scalar( @st ) == 0 )
{
smart_auth_log( 'could not stat session file: ' . $file );
return 0;
}
if( time() - $st[9] > session_timeout() )
{
unlink( $file );
smart_auth_log( 'session expired: ' . $file );
return 0;
}
utime( time(), time(), $file );
return 1;
}
sub create_session( $ )
{
my $user = $_[0];
my $token = session_token();
my $file = session_file( $token );
if( $file eq '' )
{
smart_auth_log( 'could not build session file path' );
return '';
}
if( open( my $fh, '>', $file ) )
{
print( $fh $user . "\n" . time() . "\n" );
close( $fh );
chmod( 0600, $file );
smart_auth_log( 'created session for ' . $user . ' at ' . $file );
return $token;
}
smart_auth_log( 'could not create session file ' . $file . ': ' . $! );
return '';
}
sub destroy_session()
{
my $token = cookie_session_id();
my $file = session_file( $token );
unlink( $file ) if $file ne '' && -f $file;
}
sub check_login_password( $$ )
{
my( $user, $pass ) = @_;
return 0 if ! defined( $user ) || ! defined( $pass );
return 0 if $user eq '' || $pass eq '';
if( ! defined( $smart_check_login ) || $smart_check_login eq '' || ! -x $smart_check_login )
{
return -1;
}
my $admin_group = defined( $smart_admin_group ) && $smart_admin_group ne '' ? $smart_admin_group : 'root';
my $conf_path = defined( $smart_conf_path ) && $smart_conf_path ne '' ? $smart_conf_path : '@MARS_NWE_INSTALL_FULL_CONFDIR@/smart.conf';
my $rc = system( $smart_check_login, $user, $pass, $admin_group, $conf_path );
if( $rc == 0 )
{
return 1;
}
my $exit = $rc >> 8;
return -2 if $exit == 2;
return 0;
}
sub print_login_page( $ )
{
my $msg = smart_html_escape( $_[0] );
print <<EOF;
HTTP/1.0 200 OK
Content-Type: text/html
$server_id
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>SMArT Login</title>
<style>
:root{--bg:#f4f1ea;--panel:#faf8f4;--line:#dfd2bf;--text:#3d342c;--muted:#6f6257;--accent:#ad1d1c;--gold:#b9813d}
*{box-sizing:border-box}
html,body{margin:0;padding:0;min-height:100%;background:var(--bg);color:var(--text);font:15px/1.5 Arial,Helvetica,sans-serif}
body{display:flex;align-items:center;justify-content:center;padding:24px}
.login{width:min(440px,100%);background:var(--panel);border:1px solid var(--line);border-radius:20px;box-shadow:0 18px 45px rgba(64,36,12,.12);overflow:hidden}
.hero{padding:26px 28px;background:linear-gradient(135deg,#a80f18,#c44731 60%,#d79a54);color:white}
.hero{display:flex;align-items:center;gap:18px}.hero img{width:120px;max-width:34%;height:auto;display:block;background:#fff;border-radius:16px;padding:8px 10px;box-shadow:0 8px 20px rgba(0,0,0,.12)}.hero h1{margin:0;font-size:28px}
.hero p{margin:6px 0 0;opacity:.95}
form{padding:24px 28px 28px}
label{display:block;font-weight:bold;margin:0 0 7px}
input{width:100%;border:1px solid #cdbb9f;border-radius:12px;padding:10px 12px;background:#fffdf9;color:var(--text);font-size:15px;margin:0 0 16px}
button{width:100%;border:1px solid #a33d2f;border-radius:12px;padding:11px 14px;background:#b84434;color:#fff;font-weight:bold;font-size:15px;cursor:pointer}
.msg{margin:0 0 16px;padding:10px 12px;border-radius:12px;background:#fff3e0;border:1px solid #ead0a4;color:#7a3d18}
.note{margin-top:14px;color:var(--muted);font-size:13px;text-align:center;line-height:1.45}
</style>
</head>
<body>
<div class="login">
<div class="hero">
<img src="/static/smart.jpg" alt="SMArT logo">
<div>
<h1>SMArT Login</h1>
<p>MARS_NWE web administration</p>
</div>
</div>
<form method="POST" action="/login">
EOF
if( $msg ne '' )
{
print '<div class="msg">' . $msg . "</div>\n";
}
print <<EOF;
<label for="user">User</label>
<input id="user" name="user" value="root" autocomplete="username">
<label for="pass">Password</label>
<input id="pass" name="pass" type="password" autocomplete="current-password" autofocus>
<button type="submit">Login</button>
<div class="note">&copy; Copyright 2026 Mario Fetka</div>
</form>
</div>
</body>
</html>
EOF
}
sub handle_login_route()
{
if( $request_method ne 'POST' )
{
print_login_page( '' );
return;
}
my $rv = check_login_password( $p{user}, $p{pass} );
if( $rv == -1 )
{
print_login_page( 'Login helper check_login is missing or not executable.' );
return;
}
if( $rv == -2 )
{
my $admin_group = defined( $smart_admin_group ) && $smart_admin_group ne '' ? $smart_admin_group : 'root';
print_login_page( 'Login denied. User is not a member of required admin group: ' . $admin_group );
return;
}
if( $rv != 1 )
{
print_login_page( 'Login failed.' );
return;
}
my $token = create_session( $p{user} );
if( $token eq '' )
{
print_login_page( 'Could not create login session.' );
return;
}
print <<EOF;
HTTP/1.0 302 Found
Location: /
Set-Cookie: SMArT_SID=$token; Path=/; HttpOnly; Max-Age=3600
$server_id
EOF
}
sub handle_logout_route()
{
destroy_session();
print <<EOF;
HTTP/1.0 302 Found
Location: /login
Set-Cookie: SMArT_SID=deleted; Path=/; HttpOnly; Max-Age=0
$server_id
EOF
}
sub error( $ )
{
if( $_[0] eq '401' )

94
smart.conf.cmake
View File

@@ -61,9 +61,32 @@ $smart_static_dir = '@MARS_NWE_INSTALL_FULL_LIBEXECDIR@/static';
# Keep this separate from the nwwebui log file.
$smart_log_path = '@MARS_NWE_LOG_DIR@/smart.log';
# Path to the PAM-based login helper used for root authentication.
# Path to the PAM-based login helper used for SMArT authentication.
$smart_check_login = '@MARS_NWE_INSTALL_FULL_LIBEXECDIR@/check_login';
# Path to the native Unix-user enumeration helper used by the user editor.
$smart_userlist_path = '@MARS_NWE_INSTALL_FULL_LIBEXECDIR@/smart_userlist';
# Unix group allowed to log in to the SMArT/nwwebui admin interface.
#
# Authentication is still done through PAM service "smart", but a user must
# also be a member of this Unix group.
#
# The build-time default is "root" to preserve the traditional behavior on
# existing installations: the root user is allowed because its primary Unix
# group is normally also "root". Do not add normal users to the "root" group.
#
# For delegated administration, use a dedicated group instead, for example:
#
# cmake -DMARS_NWE_SMART_ADMIN_GROUP=nwadmin ...
# groupadd nwadmin
# usermod -aG nwadmin mario
#
# Changes to local group membership normally require the user to start a new
# login session before NSS/PAM reports the new membership.
$smart_admin_group = '@MARS_NWE_SMART_ADMIN_GROUP@';
# Path to the SMArT service-control helper.
$smart_control_path = '@MARS_NWE_INSTALL_FULL_LIBEXECDIR@/control';
@@ -79,6 +102,23 @@ $smart_systemctl_path = '@SYSTEMCTL_EXECUTABLE@';
# Uncomment and adjust only if a non-standard location must be used.
# $smart_perl_path = '@MARS_NWE_INSTALL_FULL_LIBEXECDIR@/smart';
# ------------------------------------------------------------
# Host printer / CUPS utility integration
# ------------------------------------------------------------
# Enable CUPS host-printer discovery in the SMArT queue UI.
# This value is generated from cmake/modules/cupsutils.cmake.
# 1 = enabled, 0 = disabled
$smart_cups_enable = '@SMART_CUPS_ENABLE@';
# lpstat executable used to discover local CUPS printers for the queue UI.
$smart_cups_lpstat_path = '@CUPS_LPSTAT_EXECUTABLE@';
# Command template used when SMArT creates a print queue from a CUPS printer.
# %p is replaced with the sanitized CUPS printer name.
# The trailing '-' makes lp read the print job from stdin.
$smart_cups_print_command_template = '@CUPS_LP_EXECUTABLE@ -d %p -';
# ------------------------------------------------------------
# nwwebui listener settings
# ------------------------------------------------------------
@@ -88,11 +128,19 @@ $smart_systemctl_path = '@SYSTEMCTL_EXECUTABLE@';
# Use 127.0.0.1 for local-only testing.
$nw_bind_ip = '0.0.0.0';
# Log level used by nwwebui.
# 0 = errors only
# 1 = informational messages
# 2 = debug messages
$nw_log_level = 1;
# Log level used by the native nwwebui frontend service.
#
# Supported values, from quiet to verbose:
#
# error - only real errors
# warning - errors and warnings
# info - normal operational messages, default
# debug - additional diagnostic information
# trace - very verbose request/connection tracing
#
# Older numeric values are still accepted for compatibility, but named values
# are preferred for new configurations.
$nw_log_level = 'info';
# Run nwwebui in daemon mode by default.
# 0 = stay in foreground
@@ -129,3 +177,37 @@ $nw_cert_file = '@MARS_NWE_INSTALL_FULL_CONFDIR@/server.crt';
# TLS private key file in PEM format.
# Required only when HTTPS is enabled.
$nw_key_file = '@MARS_NWE_INSTALL_FULL_CONFDIR@/server.key';
# Directory for HTML login cookie sessions. Created by systemd RuntimeDirectory.
$smart_session_dir = '/run/mars-nwe-webui';
$smart_session_timeout = 3600;
# SMArT Perl logging verbosity.
#
# This controls log messages written by the Perl CGI-style helper scripts
# such as apply.pl. The messages are written to the SMArT log file configured
# for the WebUI, normally:
#
# /var/log/mars_nwe/smart.log
#
# Supported values, from quiet to verbose:
#
# error - only real errors that abort or fail an operation
# warning - errors and warnings about unusual but non-fatal situations
# info - normal operational messages, command start/finish, default
# debug - additional diagnostic information for troubleshooting
# trace - very verbose step-by-step traces, including bindery pipe payloads
#
# Recommended setting for normal operation:
#
# $smart_debug_level = 'info';
#
# Use 'trace' only while debugging a concrete problem. Trace logging may
# include submitted bindery payload data and can produce a lot of log output.
# After debugging, switch back to 'info'.
$smart_debug_level = 'info';
# ncpfs nprint executable used by the queue test action.
$smart_nprint_path = '/usr/bin/nprint';

438
smart_userlist.c Normal file
View File

@@ -0,0 +1,438 @@
/*
SMArT
List local/NSS users for the WebUI.
Usage:
smart_userlist [--config /etc/mars_nwe/smart.conf] [--all]
[--min-uid UID] [--pam-check] [--pam-service SERVICE]
Output format on stdout stays unchanged:
username<TAB>uid<TAB>gid<TAB>gecos<TAB>home<TAB>shell
*/
#include <ctype.h>
#include <errno.h>
#include <pwd.h>
#include <security/pam_appl.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
#include "config.h"
#define SMART_LOG_ERROR 0
#define SMART_LOG_WARNING 1
#define SMART_LOG_INFO 2
#define SMART_LOG_DEBUG 3
#define SMART_LOG_TRACE 4
typedef struct {
char log_path[512];
char debug_level[64];
char admin_group[256];
int level;
} smart_helper_config_t;
static void trim(char *s)
{
char *p = s;
size_t len;
while (*p && isspace((unsigned char)*p)) {
p++;
}
if (p != s) {
memmove(s, p, strlen(p) + 1);
}
len = strlen(s);
while (len > 0 && isspace((unsigned char)s[len - 1])) {
s[len - 1] = '\0';
len--;
}
}
static void strip_quotes(char *s)
{
size_t len = strlen(s);
if (len >= 2) {
if ((s[0] == '\'' && s[len - 1] == '\'') ||
(s[0] == '"' && s[len - 1] == '"')) {
memmove(s, s + 1, len - 2);
s[len - 2] = '\0';
}
}
}
static int parse_perl_assignment(const char *line, char *key, size_t ksz, char *val, size_t vsz)
{
const char *p = line;
size_t ki = 0;
size_t vi = 0;
while (*p && isspace((unsigned char)*p)) {
p++;
}
if (*p != '$') {
return 0;
}
p++;
while (*p && (isalnum((unsigned char)*p) || *p == '_')) {
if (ki + 1 < ksz) {
key[ki++] = *p;
}
p++;
}
key[ki] = '\0';
while (*p && isspace((unsigned char)*p)) {
p++;
}
if (*p != '=') {
return 0;
}
p++;
while (*p && isspace((unsigned char)*p)) {
p++;
}
while (*p && *p != ';' && *p != '\n' && *p != '\r') {
if (vi + 1 < vsz) {
val[vi++] = *p;
}
p++;
}
val[vi] = '\0';
trim(key);
trim(val);
strip_quotes(val);
return key[0] != '\0';
}
static int parse_log_level(const char *value)
{
char buf[64];
size_t i;
if (value == NULL || value[0] == '\0') {
return SMART_LOG_INFO;
}
snprintf(buf, sizeof(buf), "%s", value);
trim(buf);
for (i = 0; buf[i]; i++) {
buf[i] = (char)tolower((unsigned char)buf[i]);
}
if (strcmp(buf, "error") == 0 || strcmp(buf, "err") == 0 || strcmp(buf, "0") == 0) {
return SMART_LOG_ERROR;
}
if (strcmp(buf, "warning") == 0 || strcmp(buf, "warn") == 0 || strcmp(buf, "1") == 0) {
return SMART_LOG_WARNING;
}
if (strcmp(buf, "info") == 0 || strcmp(buf, "2") == 0) {
return SMART_LOG_INFO;
}
if (strcmp(buf, "debug") == 0 || strcmp(buf, "3") == 0) {
return SMART_LOG_DEBUG;
}
if (strcmp(buf, "trace") == 0 || strcmp(buf, "4") == 0) {
return SMART_LOG_TRACE;
}
return SMART_LOG_INFO;
}
static const char *level_name(int level)
{
if (level <= SMART_LOG_ERROR) {
return "ERROR";
}
if (level == SMART_LOG_WARNING) {
return "WARNING";
}
if (level == SMART_LOG_DEBUG) {
return "DEBUG";
}
if (level >= SMART_LOG_TRACE) {
return "TRACE";
}
return "INFO";
}
static void smart_cfg_init(smart_helper_config_t *cfg)
{
memset(cfg, 0, sizeof(*cfg));
snprintf(cfg->log_path, sizeof(cfg->log_path), "%s", DEFAULT_SMART_LOG_PATH);
snprintf(cfg->debug_level, sizeof(cfg->debug_level), "%s", DEFAULT_SMART_LOG_LEVEL);
snprintf(cfg->admin_group, sizeof(cfg->admin_group), "%s", "root");
cfg->level = parse_log_level(cfg->debug_level);
}
static void smart_cfg_load(smart_helper_config_t *cfg, const char *path)
{
FILE *fh;
char line[2048];
if (path == NULL || path[0] == '\0') {
return;
}
fh = fopen(path, "r");
if (fh == NULL) {
return;
}
while (fgets(line, sizeof(line), fh) != NULL) {
char key[256];
char val[1024];
if (!parse_perl_assignment(line, key, sizeof(key), val, sizeof(val))) {
continue;
}
if (strcmp(key, "smart_log_path") == 0) {
snprintf(cfg->log_path, sizeof(cfg->log_path), "%s", val);
} else if (strcmp(key, "smart_debug_level") == 0 ||
strcmp(key, "smart_log_level") == 0) {
snprintf(cfg->debug_level, sizeof(cfg->debug_level), "%s", val);
cfg->level = parse_log_level(val);
} else if (strcmp(key, "smart_admin_group") == 0) {
snprintf(cfg->admin_group, sizeof(cfg->admin_group), "%s", val);
}
}
fclose(fh);
}
static void helper_log(smart_helper_config_t *cfg, const char *component, int level, const char *fmt, ...)
{
FILE *fh = stderr;
int close_fh = 0;
time_t now;
struct tm tm_now;
char tbuf[64];
va_list ap;
if (cfg != NULL && level > cfg->level) {
return;
}
if (cfg != NULL && cfg->log_path[0] != '\0') {
fh = fopen(cfg->log_path, "a");
if (fh != NULL) {
close_fh = 1;
} else {
fh = stderr;
}
}
now = time(NULL);
localtime_r(&now, &tm_now);
strftime(tbuf, sizeof(tbuf), "%Y-%m-%d %H:%M:%S", &tm_now);
fprintf(fh, "[%s] [%s] [SMArT helper] [%s] ", tbuf, level_name(level), component);
va_start(ap, fmt);
vfprintf(fh, fmt, ap);
va_end(ap);
fputc('\n', fh);
fflush(fh);
if (close_fh) {
fclose(fh);
}
}
static int empty_conv(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr)
{
struct pam_response *reply;
(void) msg;
(void) appdata_ptr;
if (num_msg <= 0) {
*resp = NULL;
return PAM_SUCCESS;
}
reply = calloc((size_t) num_msg, sizeof(struct pam_response));
if (reply == NULL) {
return PAM_BUF_ERR;
}
*resp = reply;
return PAM_SUCCESS;
}
static int pam_account_ok(const char *service, const char *user)
{
struct pam_conv conv = { empty_conv, NULL };
pam_handle_t *pamh = NULL;
int rc;
rc = pam_start(service, user, &conv, &pamh);
if (rc == PAM_SUCCESS) {
rc = pam_acct_mgmt(pamh, PAM_SILENT);
}
if (pamh != NULL) {
pam_end(pamh, rc);
}
return rc == PAM_SUCCESS;
}
static void print_sanitized(const char *s)
{
const unsigned char *p = (const unsigned char *) (s != NULL ? s : "");
while (*p != '\0') {
if (*p == '\t' || *p == '\n' || *p == '\r') {
putchar(' ');
} else {
putchar((int) *p);
}
p++;
}
}
static int is_safe_name(const char *s)
{
const unsigned char *p = (const unsigned char *) s;
if (s == NULL || *s == '\0') {
return 0;
}
while (*p != '\0') {
if (!( (*p >= 'A' && *p <= 'Z') ||
(*p >= 'a' && *p <= 'z') ||
(*p >= '0' && *p <= '9') ||
*p == '_' || *p == '-' || *p == '.' )) {
return 0;
}
p++;
}
return 1;
}
int main(int argc, char **argv)
{
struct passwd *pw;
uid_t min_uid = 1000;
int include_system = 0;
int pam_check = 0;
const char *pam_service = "smart";
const char *smart_conf = DEFAULT_SMART_CONF;
int i;
unsigned long emitted = 0;
unsigned long skipped = 0;
smart_helper_config_t cfg;
smart_cfg_init(&cfg);
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "--all") == 0) {
include_system = 1;
min_uid = 0;
} else if (strcmp(argv[i], "--min-uid") == 0 && i + 1 < argc) {
char *end = NULL;
unsigned long v = strtoul(argv[++i], &end, 10);
if (end == NULL || *end != '\0') {
smart_cfg_load(&cfg, smart_conf);
helper_log(&cfg, "smart_userlist", SMART_LOG_ERROR, "invalid --min-uid value");
fprintf(stderr, "Invalid --min-uid value\n");
return 2;
}
min_uid = (uid_t) v;
} else if (strcmp(argv[i], "--pam-check") == 0) {
pam_check = 1;
} else if (strcmp(argv[i], "--pam-service") == 0 && i + 1 < argc) {
pam_service = argv[++i];
} else if (strcmp(argv[i], "--config") == 0 && i + 1 < argc) {
smart_conf = argv[++i];
} else {
smart_cfg_load(&cfg, smart_conf);
helper_log(&cfg, "smart_userlist", SMART_LOG_ERROR, "invalid command line");
fprintf(stderr,
"Usage: %s [--config FILE] [--all] [--min-uid UID] [--pam-check] [--pam-service SERVICE]\n",
argv[0]);
return 2;
}
}
smart_cfg_load(&cfg, smart_conf);
helper_log(&cfg, "smart_userlist", SMART_LOG_DEBUG,
"user enumeration started include_system=%d min_uid=%lu pam_check=%d pam_service='%s'",
include_system, (unsigned long) min_uid, pam_check, pam_service);
errno = 0;
setpwent();
while ((pw = getpwent()) != NULL) {
if (!is_safe_name(pw->pw_name)) {
skipped++;
continue;
}
if (!include_system && pw->pw_uid < min_uid) {
skipped++;
continue;
}
if (!include_system &&
(strcmp(pw->pw_name, "root") == 0 || strcmp(pw->pw_name, "nobody") == 0)) {
skipped++;
continue;
}
if (pam_check && !pam_account_ok(pam_service, pw->pw_name)) {
skipped++;
continue;
}
print_sanitized(pw->pw_name);
printf("\t%lu\t%lu\t", (unsigned long) pw->pw_uid, (unsigned long) pw->pw_gid);
print_sanitized(pw->pw_gecos);
putchar('\t');
print_sanitized(pw->pw_dir);
putchar('\t');
print_sanitized(pw->pw_shell);
putchar('\n');
emitted++;
}
endpwent();
if (errno != 0) {
helper_log(&cfg, "smart_userlist", SMART_LOG_ERROR, "getpwent failed: %s", strerror(errno));
perror("getpwent");
return 1;
}
helper_log(&cfg, "smart_userlist", SMART_LOG_DEBUG,
"user enumeration finished emitted=%lu skipped=%lu",
emitted, skipped);
return 0;
}

17
static/icon-configh.svg Normal file
View File

@@ -0,0 +1,17 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M42 16h16l3 13 12-7 8 14-10 8 10 8-8 14-12-7-3 13H42l-3-13-12 7-8-14 10-8-10-8 8-14 12 7z"/>
<circle cx="50" cy="50" r="12"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 704 B

19
static/icon-devices.svg Normal file
View File

@@ -0,0 +1,19 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M32 18v23M68 18v23"/>
<path d="M26 41h48v13a24 24 0 0 1-48 0z"/>
<path d="M50 78v10M36 88h28"/>
<path d="M38 54h24"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 696 B

18
static/icon-dirs.svg Normal file
View File

@@ -0,0 +1,18 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M18 34h23l6 8h35v32a6 6 0 0 1-6 6H24a6 6 0 0 1-6-6z"/>
<path d="M18 34v-7a5 5 0 0 1 5-5h19l7 8h28a5 5 0 0 1 5 5v7"/>
<path d="M27 57h46"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 717 B

18
static/icon-general.svg Normal file
View File

@@ -0,0 +1,18 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M50 20v10M50 70v10M20 50h10M70 50h10M29 29l7 7M64 64l7 7M71 29l-7 7M36 64l-7 7"/>
<circle cx="50" cy="50" r="14"/>
<circle cx="50" cy="50" r="5" fill="currentColor" stroke="none"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 759 B

18
static/icon-groups.svg Normal file
View File

@@ -0,0 +1,18 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M24 29h27l8 8h17v34a6 6 0 0 1-6 6H24z"/>
<path d="M31 50h38M31 61h28"/>
<circle cx="72" cy="27" r="9"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 682 B

19
static/icon-logging.svg Normal file
View File

@@ -0,0 +1,19 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M28 16h34l10 10v58H28z"/>
<path d="M62 16v14h14"/>
<path d="M37 43h26M37 55h26M37 67h18"/>
<path d="M70 58l9 9-17 17-10 2 2-10z"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 709 B

20
static/icon-queues.svg Normal file
View File

@@ -0,0 +1,20 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M30 20h40v20H30z"/>
<path d="M22 40h56a8 8 0 0 1 8 8v22H14V48a8 8 0 0 1 8-8z"/>
<path d="M30 62h40v22H30z"/>
<path d="M38 70h24"/>
<circle cx="72" cy="51" r="3" fill="currentColor" stroke="none"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 775 B

17
static/icon-security.svg Normal file
View File

@@ -0,0 +1,17 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M50 14l30 12v20c0 20-12 33-30 40-18-7-30-20-30-40V26z"/>
<path d="M37 51l9 9 18-23"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 664 B

23
static/icon-service.svg Normal file
View File

@@ -0,0 +1,23 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
.icon-fill{fill:#ad1d1c;stroke:none}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape">
<path d="M30 24h40a6 6 0 0 1 6 6v12H24V30a6 6 0 0 1 6-6z"/>
<path d="M24 42h52v28a6 6 0 0 1-6 6H30a6 6 0 0 1-6-6z"/>
<path d="M34 34h2M45 34h2M56 34h2"/>
<path d="M37 58h26"/>
<path d="M50 49v18"/>
<path d="M68 54l7 7-7 7"/>
<path d="M32 54l-7 7 7 7"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 843 B

18
static/icon-smart.svg Normal file
View File

@@ -0,0 +1,18 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M34 63c-12-10-11-29 4-39 13-9 34-2 37 15 3 19-16 29-25 40"/>
<path d="M36 63h28M39 74h22"/>
<path d="M41 39c6-7 15-7 21 0M43 50c5 4 10 4 15 0"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 723 B

22
static/icon-start.svg Normal file
View File

@@ -0,0 +1,22 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
.icon-fill{fill:#ad1d1c;stroke:none}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape">
<path d="M24 62c0-20 14-38 34-43"/>
<path d="M58 19l-6 13 15-4"/>
<path d="M28 70h44"/>
<path d="M35 80h30"/>
<path d="M50 38v18"/>
<path d="M41 47l9 9 13-17"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 751 B

19
static/icon-stations.svg Normal file
View File

@@ -0,0 +1,19 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<circle cx="50" cy="50" r="8"/>
<path d="M35 35a22 22 0 0 0 0 30M65 35a22 22 0 0 1 0 30"/>
<path d="M25 25a36 36 0 0 0 0 50M75 25a36 36 0 0 1 0 50"/>
<path d="M50 58v22"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 741 B

18
static/icon-susers.svg Normal file
View File

@@ -0,0 +1,18 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<circle cx="50" cy="32" r="14"/>
<path d="M25 78c3-18 14-28 25-28s22 10 25 28z"/>
<path d="M34 78h32"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 673 B

19
static/icon-users.svg Normal file
View File

@@ -0,0 +1,19 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<circle cx="38" cy="34" r="12"/>
<circle cx="65" cy="36" r="10"/>
<path d="M16 78c3-17 12-26 23-26s20 9 23 26z"/>
<path d="M52 78c2-12 9-20 18-20 7 0 13 5 16 20z"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 734 B

19
static/icon-volumes.svg Normal file
View File

@@ -0,0 +1,19 @@
<svg xmlns="http://www.w3.org/2000/svg" width="96" height="96" viewBox="0 0 100 100" role="img" aria-hidden="true">
<style>
.icon-bg{fill:url(#g);stroke:#d6bf9c;stroke-width:1.8}
.icon-shape{fill:none;stroke:#ad1d1c;stroke-width:5.2;stroke-linecap:round;stroke-linejoin:round}
</style>
<defs>
<linearGradient id="g" x1="0" y1="0" x2="0" y2="1">
<stop offset="0" stop-color="#fffaf2"/>
<stop offset="1" stop-color="#ead9bd"/>
</linearGradient>
</defs>
<rect class="icon-bg" x="6" y="6" width="88" height="88" rx="20"/>
<g class="icon-shape" color="#ad1d1c">
<path d="M25 18h50v64H25z"/>
<path d="M34 18v24h32V18"/>
<path d="M36 64h28"/>
<circle cx="66" cy="70" r="4" fill="currentColor" stroke="none"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 714 B

464
static/menu.html
View File

@@ -9,47 +9,219 @@
<link rel="icon" type="image/png" sizes="32x32" href="/static/favicon-32x32.png">
<link rel="apple-touch-icon" href="/static/apple-touch-icon.png">
<style>
:root{--bg:#f4f1ea;--panel:#faf8f4;--line:#dfd2bf;--soft:#efe6d7;--text:#3d342c;--muted:#6f6257;--accent:#ad1d1c;--accent2:#c96b3d;--gold:#b9813d;}
*{box-sizing:border-box} html,body{margin:0;padding:0;background:var(--bg);color:var(--text);font:15px/1.55 Arial,Helvetica,sans-serif}
:root{
--bg:#f4f1ea;--panel:#faf8f4;--line:#dfd2bf;--soft:#efe6d7;--text:#3d342c;
--muted:#6f6257;--accent:#ad1d1c;--accent2:#c96b3d;--gold:#b9813d;--warm:#d6bf9c;
}
*{box-sizing:border-box}
html,body{margin:0;padding:0;background:var(--bg);color:var(--text);font:15px/1.55 Arial,Helvetica,sans-serif}
body{padding:18px}
a{color:inherit} code,tt{font-family:"DejaVu Sans Mono",monospace}
.shell{max-width:1100px;margin:0 auto}
.shell{max-width:1250px;margin:0 auto}
.hero{display:flex;align-items:center;justify-content:space-between;gap:18px;padding:22px 24px;border:1px solid var(--line);border-radius:18px;background:linear-gradient(135deg,#a80f18,#c44731 60%,#d79a54);color:#fff;box-shadow:0 12px 30px rgba(64,36,12,.08)}
.hero img{height:42px;width:auto;display:block;background:#fff;border-radius:10px;padding:5px;box-shadow:0 8px 20px rgba(0,0,0,.12)}
.hero-actions{display:flex;align-items:center;gap:12px}.hero img{height:42px;width:auto;display:block;background:#fff;border-radius:10px;padding:5px;box-shadow:0 8px 20px rgba(0,0,0,.12)}.logout-button{display:inline-block;text-decoration:none;border:1px solid rgba(255,255,255,.6);border-radius:10px;padding:8px 13px;background:rgba(255,255,255,.14);color:#fff;font-weight:bold;box-shadow:0 8px 18px rgba(0,0,0,.10)}.logout-button:hover{background:rgba(255,255,255,.22)}
.hero h1{margin:0;font-size:28px;line-height:1.1}
.hero p{margin:6px 0 0;font-size:15px;opacity:.95}
.grid{margin-top:18px;display:grid;gap:16px}
.card{display:block;text-decoration:none;background:var(--panel);border:1px solid var(--line);border-radius:16px;overflow:hidden;box-shadow:0 6px 18px rgba(64,36,12,.04)}
.card-header{padding:16px 18px;background:linear-gradient(90deg,#efe7da,#e8dfcf);border-bottom:1px solid var(--line)}
.card-title{margin:0;font-size:18px;color:var(--accent)}
.card-sub{margin:6px 0 0;color:var(--gold);font-size:12px;text-transform:uppercase;letter-spacing:.12em}
.card-body{padding:0}
.workspace{margin-top:18px;display:grid;grid-template-columns:180px minmax(0,1fr);gap:18px;align-items:start}
.nav-shell{background:var(--panel);border:1px solid var(--line);border-radius:18px;box-shadow:0 6px 18px rgba(64,36,12,.05);padding:12px;position:sticky;top:14px}
.nav-title{margin:4px 6px 10px;font-size:13px;text-transform:uppercase;letter-spacing:.12em;color:var(--gold)}
.nav-list{display:flex;flex-direction:column;gap:10px}
.nav-item{appearance:none;-webkit-appearance:none;width:100%;border:1px solid #e6d8c6;border-radius:16px;background:#fffdf9;color:var(--text);padding:10px 8px;display:flex;flex-direction:column;align-items:center;gap:8px;cursor:pointer;transition:all .16s ease;box-shadow:0 2px 8px rgba(64,36,12,.03)}
.nav-item:hover{transform:translateY(-1px);border-color:#d0b089;box-shadow:0 8px 18px rgba(64,36,12,.06)}
.nav-item.active{background:linear-gradient(180deg,#fffaf2,#f3e7d4);border-color:#caa46f;box-shadow:0 10px 20px rgba(64,36,12,.08)}
.nav-icon{width:52px;height:52px;border-radius:16px;display:flex;align-items:center;justify-content:center;font-size:28px;line-height:1;background:linear-gradient(180deg,#f4eadc,#e4d4bb);border:1px solid #d6bf9c;box-shadow:inset 0 1px 0 rgba(255,255,255,.7)}
.nav-item.active .nav-icon{background:linear-gradient(180deg,#d24835,#b62022);color:#fff;border-color:#9f2f26}
.nav-label{font-size:12px;line-height:1.25;text-align:center;font-weight:bold;color:#5a4c3f}
.detail-shell{background:var(--panel);border:1px solid var(--line);border-radius:18px;box-shadow:0 6px 18px rgba(64,36,12,.05);overflow:hidden;min-height:720px}
.detail-topbar{padding:16px 18px;background:linear-gradient(90deg,#efe7da,#e8dfcf);border-bottom:1px solid var(--line);display:flex;align-items:center;justify-content:space-between;gap:16px}
.detail-topbar .left h2{margin:0;font-size:22px;color:var(--accent)}
.detail-topbar .left p{margin:4px 0 0;color:var(--muted);font-size:14px}
.detail-container{padding:0}
.detail-section{display:none}
.detail-section.active{display:block}
.detail-header-row{padding:16px 18px;background:#fbf7f1;border-bottom:1px solid #eee5d7;display:flex;align-items:flex-start;justify-content:space-between;gap:12px}
.detail-kicker{margin:0 0 6px;color:var(--gold);font-size:12px;text-transform:uppercase;letter-spacing:.12em}
.detail-header-row h2{margin:0;font-size:28px;line-height:1.15;color:#332920}
.open-button{display:inline-block;text-decoration:none;border:1px solid #a33d2f;border-radius:10px;padding:8px 14px;background:#b84434;color:#fff;font-weight:bold;white-space:nowrap;box-shadow:0 6px 14px rgba(165,50,36,.16)}
.open-button:hover{filter:brightness(.96)}
.detail-body{padding:0}
.info{padding:16px 18px;border-top:1px solid #eee5d7}
.info:first-child{border-top:0}
.info h3{margin:0 0 8px;font-size:15px;color:#8b4a1d}
.info p,.info ul,.info ol{margin:0 0 10px;color:var(--muted)}
.info p:last-child,.info ul:last-child,.info ol:last-child{margin-bottom:0}
.info p,.info ul,.info ol,.info div{margin:0 0 10px;color:var(--muted)}
.info p:last-child,.info ul:last-child,.info ol:last-child,.info div:last-child{margin-bottom:0}
.info ul,.info ol{padding-left:22px}
.note{color:#5f5349}
@media (max-width:700px){body{padding:12px}.hero{padding:18px;align-items:flex-start;flex-direction:column}.hero img{height:36px}.card-header{padding:14px 16px}.info{padding:14px 16px}}
.tipbar{padding:10px 18px;border-top:1px solid #eadfce;background:#fffaf4;color:#80695a;font-size:13px}
@media (max-width:980px) {
.workspace{grid-template-columns:1fr;}
.nav-shell{position:static}
.nav-list{display:grid;grid-template-columns:repeat(auto-fit,minmax(110px,1fr));gap:10px}
.detail-shell{min-height:auto}
}
@media (max-width:700px){
body{padding:12px}
.hero{padding:18px;align-items:flex-start;flex-direction:column}
.hero img{height:36px}
.detail-topbar,.detail-header-row{padding:14px 16px}
.info{padding:14px 16px}
.detail-header-row{flex-direction:column}
}
.nav-icon{background:none;border:0;box-shadow:none}
.nav-icon img{width:58px;height:58px;display:block;filter:drop-shadow(0 4px 8px rgba(64,36,12,.10))}
.nav-item.active .nav-icon{background:none;color:inherit;border:0}
.nav-item.active .nav-icon img{filter:drop-shadow(0 6px 12px rgba(173,29,28,.22))}
.setup-first .detail-header-row{background:linear-gradient(90deg,#fff7ec,#f1dfc6)}
</style>
</head>
<body>
<div class="shell">
<div class="hero">
<div>
<h1>Main menu</h1>
<p>SMArT configuration navigation with the original explanations preserved.</p>
<div class="hero">
<div>
<h1>Main menu</h1>
<p>Choose a section from the icon list. The explanation opens here on the left, and the editor opens on the right.</p>
</div>
<div class="hero-actions"><a class="logout-button" href="/logout" target="_top">Logout</a><img src="/static/smart_icon.jpg" alt="SMArT logo"></div>
</div>
<img src="/static/smart_icon.jpg" alt="SMArT logo">
</div>
<div class="grid">
<a class="card" href="/settings/general" target="OPTS">
<div class="card-header">
<h2 class="card-title">General settings</h2>
<div class="card-sub">Open settings</div>
<div class="workspace">
<aside class="nav-shell">
<div class="nav-title">Sections</div>
<div class="nav-list">
<button class="nav-item active" type="button" data-target="setup-first" data-href="/settings/smart" aria-pressed="false" title="Setup first">
<span class="nav-icon icon-start"><img src="/static/icon-start.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Setup first</span>
</button>
<button class="nav-item active" type="button" data-target="mars-nwe-service" data-href="/static/start.html" aria-pressed="true" title="MARS_NWE service">
<span class="nav-icon icon-service"><img src="/static/icon-service.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">MARS_NWE service</span>
</button>
<button class="nav-item" type="button" data-target="general-settings" data-href="/settings/general" aria-pressed="false" title="General settings">
<span class="nav-icon icon-general"><img src="/static/icon-general.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">General settings</span>
</button><button class="nav-item" type="button" data-target="directories" data-href="/settings/dirs" aria-pressed="false" title="Directories">
<span class="nav-icon icon-dirs"><img src="/static/icon-dirs.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Directories</span>
</button><button class="nav-item" type="button" data-target="precompiled-settings" data-href="/settings/configh" aria-pressed="false" title="Precompiled settings">
<span class="nav-icon icon-configh"><img src="/static/icon-configh.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Precompiled settings</span>
</button><button class="nav-item" type="button" data-target="security" data-href="/settings/security" aria-pressed="false" title="Security">
<span class="nav-icon icon-security"><img src="/static/icon-security.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Security</span>
</button><button class="nav-item" type="button" data-target="user-configuration" data-href="/settings/susers" aria-pressed="false" title="User configuration">
<span class="nav-icon icon-susers"><img src="/static/icon-susers.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">User configuration</span>
</button><button class="nav-item" type="button" data-target="volumes" data-href="/settings/volumes" aria-pressed="false" title="Volumes">
<span class="nav-icon icon-volumes"><img src="/static/icon-volumes.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Volumes</span>
</button><button class="nav-item" type="button" data-target="devices" data-href="/settings/devices" aria-pressed="false" title="Devices">
<span class="nav-icon icon-devices"><img src="/static/icon-devices.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Devices</span>
</button><button class="nav-item" type="button" data-target="logging" data-href="/settings/logging" aria-pressed="false" title="Logging">
<span class="nav-icon icon-logging"><img src="/static/icon-logging.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Logging</span>
</button><button class="nav-item" type="button" data-target="smart-settings" data-href="/settings/smart" aria-pressed="false" title="SMArT settings">
<span class="nav-icon icon-smart"><img src="/static/icon-smart.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">SMArT settings</span>
</button><button class="nav-item" type="button" data-target="stations-access-control" data-href="/settings/advanced/stations" aria-pressed="false" title="Stations / access control">
<span class="nav-icon icon-stations"><img src="/static/icon-stations.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Stations / access control</span>
</button><button class="nav-item" type="button" data-target="users" data-href="/settings/users" aria-pressed="false" title="Users">
<span class="nav-icon icon-users"><img src="/static/icon-users.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Users</span>
</button><button class="nav-item" type="button" data-target="groups" data-href="/settings/groups" aria-pressed="false" title="Groups">
<span class="nav-icon icon-groups"><img src="/static/icon-groups.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Groups</span>
</button><button class="nav-item" type="button" data-target="print-queues" data-href="/settings/queues" aria-pressed="false" title="Print queues">
<span class="nav-icon icon-queues"><img src="/static/icon-queues.svg" alt="" aria-hidden="true"></span>
<span class="nav-label">Print queues</span>
</button>
</div>
</aside>
<main class="detail-shell">
<div class="detail-topbar">
<div class="left">
<h2 id="panel-title">Setup first</h2>
<p>Explanation on the left, editor opens in the right pane.</p>
</div>
</div>
<div class="detail-container">
<section class="detail-section active setup-first" id="detail-setup-first" data-href="/settings/smart" data-title="Setup first">
<div class="detail-header-row">
<div>
<div class="detail-kicker">First step</div>
<h2>Setup first</h2>
</div>
<a class="open-button" href="/settings/smart" target="OPTS">Open SMArT settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<h3>Fill SMArT settings first</h3>
<div class="note">Before editing users, groups, bindery objects, trustees or print queues, configure the SMArT settings first.</div>
</div>
<div class="info">
<h3>Bindery / Supervisor access</h3>
<div class="note">SMArT needs the NetWare bindery server name, the supervisor login and the supervisor password. Use the supervisor password that is configured for your MARS_NWE server in <tt>nwserv.conf</tt>. Without this, SMArT can still show configuration pages, but operations which talk to the running server can fail.</div>
</div>
<div class="info">
<h3>Why this matters</h3>
<div class="note">User, group and trustee actions use the MARS_NWE tools against the bindery. If the bindery credentials are missing or wrong, SMArT cannot reliably create objects, update memberships, set passwords or modify trustees.</div>
</div>
<div class="info">
<h3>Recommended order</h3>
<div class="note">
<ol>
<li>Open <b>SMArT settings</b>.</li>
<li>Set the <tt>nwserv.conf</tt> path if needed.</li>
<li>Enter bindery server, supervisor user and supervisor password.</li>
<li>Save, then continue with users, groups, volumes, trustees and queues.</li>
</ol>
</div>
</div>
</div>
</section>
<section class="detail-section" id="detail-mars-nwe-service" data-href="/static/start.html" data-title="MARS_NWE service">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Service control</div>
<h2>MARS_NWE service</h2>
</div>
<a class="open-button" href="/static/start.html" target="OPTS">Open start page</a>
</div>
<div class="detail-body">
<div class="info">
<h3>Start, stop, restart and status</h3>
<div class="note">Use this page to control the systemd service for the running MARS_NWE server.</div>
</div>
<div class="info">
<h3>Available actions</h3>
<div class="note">
<ul>
<li><tt>status</tt> shows the current service state.</li>
<li><tt>start</tt> starts the MARS_NWE service.</li>
<li><tt>stop</tt> waits until the service is really stopped.</li>
<li><tt>restart</tt> restarts the service and then shows the final status.</li>
</ul>
</div>
</div>
<div class="info">
<h3>When to use it</h3>
<div class="note">After changing <tt>nwserv.conf</tt>, restart the service so the server reloads the changed configuration. Use the start page buttons on the right to run start, stop, restart or status.</div>
</div>
</div>
</section>
<section class="detail-section" id="detail-general-settings" data-href="/settings/general" data-title="General settings">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>General settings</h2>
</div>
<a class="open-button" href="/settings/general" target="OPTS">Open settings</a>
</div>
<div class="detail-body">
<div class="info">
<h3>Servername</h3>
<div class="note">The servername is the name under which this server will show up when using
@@ -119,39 +291,45 @@ Don't ask me what they mean, but they're hexadecimal, so don't forget to
prepend <tt>0x</tt>.</div>
</div>
</div>
</a>
<a class="card" href="/settings/dirs" target="OPTS">
<div class="card-header">
<h2 class="card-title">Directories</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-directories" data-href="/settings/dirs" data-title="Directories">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Directories</h2>
</div>
<a class="open-button" href="/settings/dirs" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">Some directories for MARS_NWE files.
The path cache directory is needed for Client-32 and the namespace calls,
the spool directory is used for internal print queue handling.</div>
</div>
</div>
</a>
<a class="card" href="/settings/configh" target="OPTS">
<div class="card-header">
<h2 class="card-title">Precompiled settings</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-precompiled-settings" data-href="/settings/configh" data-title="Precompiled settings">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Precompiled settings</h2>
</div>
<a class="open-button" href="/settings/configh" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">When you just leave these fields empty, the values in your <tt>config.h</tt>
file will be used. If you want to change those settings without recompiling
<tt>MARS_NWE</tt>, you can change them here.</div>
</div>
</div>
</a>
<a class="card" href="/settings/security" target="OPTS">
<div class="card-header">
<h2 class="card-title">Security</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-security" data-href="/settings/security" data-title="Security">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Security</h2>
</div>
<a class="open-button" href="/settings/security" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<h3>Modes</h3>
<div class="note">Here you can change the standard modes for new files and directories.
@@ -170,13 +348,15 @@ not-encrypted sending of passwords over the net.<br/>
On the Linux-side, passwords will only be stored in encrypted format.</div>
</div>
</div>
</a>
<a class="card" href="/settings/susers" target="OPTS">
<div class="card-header">
<h2 class="card-title">User configuration</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-user-configuration" data-href="/settings/susers" data-title="User configuration">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>User configuration</h2>
</div>
<a class="open-button" href="/settings/susers" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<h3>Guest user</h3>
<div class="note">Here you can set the UID a user will get before logging in.</div>
@@ -217,13 +397,15 @@ Only those Linux-logins will handled automatically that don't have a
x or asterisk as their encrypted password.</div>
</div>
</div>
</a>
<a class="card" href="/settings/volumes" target="OPTS">
<div class="card-header">
<h2 class="card-title">Volumes</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-volumes" data-href="/settings/volumes" data-title="Volumes">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Volumes</h2>
</div>
<a class="open-button" href="/settings/volumes" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">The OS/2 additional namespace can be used by Windows 9x too. The
'no fixed i-nodes' option is necessary when exporting DOS or CD-ROM
@@ -233,13 +415,15 @@ For more information about pipe filesystems you can take a look at
MARS_NWE's documentation directory.</div>
</div>
</div>
</a>
<a class="card" href="/settings/devices" target="OPTS">
<div class="card-header">
<h2 class="card-title">Devices</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-devices" data-href="/settings/devices" data-title="Devices">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Devices</h2>
</div>
<a class="open-button" href="/settings/devices" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">This section contains information for the ipx-router built into mars_nwe
and/or the external program <tt>nwrouted</tt>.<br/>
@@ -289,13 +473,15 @@ in internal device/routing table at runtime.<br/>
<b>You don't have to set this in FreeBSD!</b></div>
</div>
</div>
</a>
<a class="card" href="/settings/logging" target="OPTS">
<div class="card-header">
<h2 class="card-title">Logging</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-logging" data-href="/settings/logging" data-title="Logging">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Logging</h2>
</div>
<a class="open-button" href="/settings/logging" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">MARS_NWE can keep a log file with error messages, click here to set what
kind of messages must be logged and where.<br/>
@@ -305,48 +491,69 @@ According to <tt>nwserv.conf</tt>, the NWCLIENT tag must always be set
to <i>No debugging</i>.</div>
</div>
</div>
</a>
<a class="card" href="/settings/smart" target="OPTS">
<div class="card-header">
<h2 class="card-title">SMArT settings</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-smart-settings" data-href="/settings/smart" data-title="SMArT settings">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>SMArT settings</h2>
</div>
<a class="open-button" href="/settings/smart" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">Some things have to be configured here before you can use SMArT.</div>
</div>
</div>
</a>
<a class="card" href="/settings/users" target="OPTS">
<div class="card-header">
<h2 class="card-title">Users</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-stations-access-control" data-href="/settings/advanced/stations" data-title="Stations / access control">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Stations / access control</h2>
</div>
<a class="open-button" href="/settings/advanced/stations" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">Configure station file based nearest-server and connection replies.</div>
</div>
</div>
</section><section class="detail-section" id="detail-users" data-href="/settings/users" data-title="Users">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Users</h2>
</div>
<a class="open-button" href="/settings/users" target="OPTS">Open settings</a>
</div>
<div class="detail-body">
<div class="info">
<div class="note">You can edit the userlist from the bindery files here. This option will not
change anything to the <tt>nwserv.conf</tt> configuration file.</div>
</div>
</div>
</a>
<a class="card" href="/settings/groups" target="OPTS">
<div class="card-header">
<h2 class="card-title">Groups</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-groups" data-href="/settings/groups" data-title="Groups">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Groups</h2>
</div>
<a class="open-button" href="/settings/groups" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">You can edit the group list from the bindery files here. This option will not
change anything to the <tt>nwserv.conf</tt> configuration file.</div>
</div>
</div>
</a>
<a class="card" href="/settings/queues" target="OPTS">
<div class="card-header">
<h2 class="card-title">Print queues</h2>
<div class="card-sub">Open settings</div>
</section><section class="detail-section" id="detail-print-queues" data-href="/settings/queues" data-title="Print queues">
<div class="detail-header-row">
<div>
<div class="detail-kicker">Section</div>
<h2>Print queues</h2>
</div>
<a class="open-button" href="/settings/queues" target="OPTS">Open settings</a>
</div>
<div class="card-body">
<div class="detail-body">
<div class="info">
<div class="note">Here you can edit the list of print queues. The things you have to fill in are:
<ol>
@@ -366,8 +573,79 @@ default directory.
</li></li></li></ol></div>
</div>
</div>
</a>
</div>
</section>
</div>
<div class="tipbar">Tip: click an icon on the left to switch topics. The corresponding settings page is opened automatically in the editor pane on the right.</div>
</main>
</div>
</div>
<script>
(function() {
function openInEditor(href) {
try {
if (window.parent && window.parent.frames && window.parent.frames['OPTS']) {
window.parent.frames['OPTS'].location = href;
return;
}
} catch (e) {}
window.open(href, 'OPTS');
}
function activate(target, openEditor) {
var buttons = document.querySelectorAll('.nav-item');
var sections = document.querySelectorAll('.detail-section');
buttons.forEach(function(btn) {
var active = btn.getAttribute('data-target') === target;
btn.classList.toggle('active', active);
btn.setAttribute('aria-pressed', active ? 'true' : 'false');
});
sections.forEach(function(sec) {
sec.classList.toggle('active', sec.id === 'detail-' + target);
});
var activeSection = document.getElementById('detail-' + target);
if (activeSection) {
var title = activeSection.getAttribute('data-title') || '';
var href = activeSection.getAttribute('data-href') || '';
var titleNode = document.getElementById('panel-title');
if (titleNode) titleNode.textContent = title;
if (openEditor && href) openInEditor(href);
}
}
document.querySelectorAll('.nav-item').forEach(function(btn) {
btn.addEventListener('click', function() {
activate(btn.getAttribute('data-target'), true);
});
});
// Load the first section into the editor on first view.
var first = document.querySelector('.nav-item.active') || document.querySelector('.nav-item');
if (first) {
activate(first.getAttribute('data-target'), true);
}
})();
</script>
<script>
(function smartDefaultSection(){
function openDefault(){
if (window.location.hash) return;
var btn = document.querySelector('[data-target="mars-nwe-service"]');
if (btn && typeof btn.click === 'function') {
btn.click();
return;
}
var frame = parent && parent.frames ? parent.frames['OPTS'] : null;
if (frame) frame.location = '/static/start.html';
}
if (document.readyState === 'loading') {
document.addEventListener('DOMContentLoaded', openDefault);
} else {
openDefault();
}
})();
</script>
</body>
</html>

43
static/start.html.cmake
View File

@@ -73,7 +73,11 @@
font-size: 13px;
color: #6c5b52;
}
</STYLE>
.runtime-info{margin:18px 12px 0;border:1px solid #ddcfba;border-radius:16px;overflow:hidden;background:#fbf7f1;box-shadow:0 6px 18px rgba(80,55,30,.06)}.runtime-info-title{background:#d7c0a0;padding:10px 14px;font-weight:bold;color:#2e261d}.runtime-info-row{display:grid;grid-template-columns:190px minmax(0,1fr);gap:12px;padding:8px 14px;border-top:1px solid #eadfce;align-items:center}.runtime-info-row code{color:#5b4b38;white-space:normal;word-break:break-word}.runtime-info-note{padding:10px 14px;border-top:1px solid #eadfce;color:#6b5b50;font-size:13px;line-height:1.35}
.project-footer{margin:16px auto 0;text-align:center;color:#6b5b50;font-size:14px;line-height:1.45;max-width:760px}.project-footer a{color:#9f2f26;text-decoration:none}.project-footer a:hover{text-decoration:underline}.copyright{margin:10px auto 0;text-align:center;color:#6b5b50;font-size:13px;max-width:760px}.copyright a{color:#9f2f26;text-decoration:none}.copyright a:hover{text-decoration:underline}
</STYLE>
</HEAD>
<BODY>
<DIV CLASS="wrapper">
@@ -105,13 +109,42 @@
</TR>
<TR>
<TD WIDTH="50%"><A CLASS="action secondary" HREF="/service/control?restart">Restart <TT>MARS_NWE</TT></A></TD>
<TD WIDTH="50%"><A CLASS="action secondary" HREF="/service/control?status">Status <TT>MARS_NWE</TT></A></TD>
<TD WIDTH="50%"><A CLASS="action secondary" HREF="/service/control?status">Status <TT>MARS_NWE</TT></A>
</TD>
</TR>
</TABLE>
</DIV>
<DIV CLASS="footer">
The newest version of SMArT can be downloaded from <A HREF="http://www.lintux.cx/" TARGET="_parent">the project website</A>.<BR><BR>
&copy; Copyright 2026 <A HREF="mailto:mario.fetka@disconnected-by-peer.at">Mario Fetka</A>
<DIV CLASS="runtime-info">
<DIV CLASS="runtime-info-title">MARS_NWE runtime information</DIV>
<DIV CLASS="runtime-info-row">
<DIV>Configuration file</DIV>
<DIV><CODE>@MARS_NWE_INSTALL_FULL_CONFDIR@/nwserv.conf</CODE></DIV>
</DIV>
<DIV CLASS="runtime-info-row">
<DIV>SMArT configuration</DIV>
<DIV><CODE>@MARS_NWE_INSTALL_FULL_CONFDIR@/smart.conf</CODE></DIV>
</DIV>
<DIV CLASS="runtime-info-row">
<DIV>WebUI scripts</DIV>
<DIV><CODE>@MARS_NWE_INSTALL_FULL_LIBEXECDIR@</CODE></DIV>
</DIV>
<DIV CLASS="runtime-info-row">
<DIV>MARS_NWE service</DIV>
<DIV><CODE>mars-nwe-serv.service</CODE></DIV>
</DIV>
<DIV CLASS="runtime-info-note">
User, group and queue operations need a running <B>MARS_NWE</B> service and a reachable bindery.
Configuration changes require write access to the SMArT configuration directory.
</DIV>
</DIV>
<DIV CLASS="footer">
<DIV CLASS="project-footer">
<DIV>SMArT is shipped as part of the <B>MARS_NWE</B> package.</DIV>
<DIV>Project sources are available from the <A HREF="https://gitea.disconnected-by-peer.at/mars_nwe/mars-nwe" TARGET="_blank">MARS_NWE repository</A>.</DIV>
</DIV><BR><BR>
<DIV CLASS="copyright">&copy; Copyright 2026 <A HREF="mailto:mario.fetka@disconnected-by-peer.at">Mario Fetka</A></DIV>
</DIV>
</DIV>
</DIV>