Merge pull request #5 from PufferPanel/security-release

Implement security patch and cpulimit
pufferpanel · Dec 5, 2014 · 985389c · 985389c
2 parents 036c1a1 + e00643b
commit 985389c
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 53 deletions.
diff --git a/package.json b/package.json
@@ -16,24 +16,25 @@
 		"url": "https://github.com/gametainers/gsd.git"
 	},
 	"dependencies" : {
-		"mc-ping" : "",
+		"async" : "",
+		"bukget" : "git://github.com/gametainers/bukget.js.git",
+		"download" : "",
+		"ftpd" : "git://github.com/sstur/nodeftpd.git",
 		"gamedig" : "",
-		"glob":"",
-		"restify":"",
-		"socket.io":"",
-		"download":"",
-		"mcquery":"",
-		"usage":"",
-		"pty.js":"",
-		"async":"",
-		"ncp":"",
-		"ftpd":"git://github.com/sstur/nodeftpd.git",
-		"request":"",
-		"bukget":"git://github.com/gametainers/bukget.js.git",
-		"properties":"",
-		"js-yaml":"",
-		"tar.gz":"",
-		"unzip":""
+		"glob" : "",
+		"js-yaml" : "",
+		"mc-ping" : "",
+		"mcquery" : "",
+		"ncp" : "",
+		"properties" : "",
+		"pty.js" : "",
+		"request" : "",
+		"restify" : "",
+		"socket.io" : "",
+		"tar.gz" : "git://github.com/cranic/node-tar.gz.git",
+		"unzip" : "",
+		"usage" : "",
+		"userid" : ""
 	},
 		"engines": {
 		"node": ">=0.6"

diff --git a/services/create.js b/services/create.js
@@ -5,17 +5,25 @@ var fs = require('fs');
 var ncp = require('ncp').ncp;
 var format = require('util').format;
 var executeCommand = require('../utls').executeCommand;
+var userid = require('userid');
 
 function createUser(username, home, callback){
-  // TODO : check if user exists first
-  // useradd -m -d {0} -s /bin/bash -G exe {1}
-  command = format("useradd -m -d %s -s /bin/bash %s", home, username);
-  executeCommand(command, callback)
+
+    try {
+
+        console.log("Creating a server for "+ username );
+        command = format("useradd -m -d %s -s /bin/false -G gsdusers %s", home, username);
+        executeCommand(command, callback);
+
+    } catch(ex) {
+        console.log("Unable to create a user on the system.");
+    }
+
 }
 
 function deleteUser(username){
-  // TODO : check if user exists first
   command = format("userdel --remove-home %s", username);
+  // @TODO: Actually remove the server from config.json...
   executeCommand(command, callback)
 }
 
@@ -26,14 +34,8 @@ function linkDir(from_path, to_path, callback){
 }
 
 
-function fixperms(gameserver){
-  callback = function(){};
-
-  command = format("find %s -type d -exec chown %s {} \\;", from_path, to_path);
-  executeCommand(command, callback)
-
-  command = format("find %s -type d -exec chown %s {} \\;", from_path, to_path);
-  executeCommand(command, callback)
+function fixperms(user, path, callback){
+    executeCommand("chown -R "+ user +":gsdusers "+ path + user, callback);
 };
 
 function replaceFiles(base_folder, files, backing_folder, callback){

diff --git a/services/gameprocess.js b/services/gameprocess.js
@@ -16,8 +16,8 @@ var getIPAddress = require("../utls.js").getIPAddress;
 var savesettings = require("../utls.js").savesettings;
 var async = require('async');
 var utls = require("../utls.js");
+var userid = require('userid');
 var targz = require('tar.gz');
-var fs = require('fs');
 var unzip = require('unzip');
 
 var OFF = 0; ON = 1; STARTING = 2; STOPPING = 3; CHANGING_GAMEMODE = 4;
@@ -68,12 +68,29 @@ GameServer.prototype.turnon = function() {
 	}
 
 	this.plugin.preflight(this);
-	this.ps = pty.spawn(this.exe, this.commandline, {cwd: this.config.path});
+
+	this.ps = pty.spawn(this.exe, this.commandline, {cwd: this.config.path, uid: userid.uid(self.config.user), gid: userid.gid("gsdusers")});
+	this.pid = this.ps.pid;
 
 	this.setStatus(STARTING);
 	console.log("Starting server for "+ self.config.user +" ("+ self.config.name +")");
 
-	this.pid = this.ps.pid;
+	try {
+
+		this.cpu_limit = parseInt(this.config.build.cpu);
+
+		if(this.cpu_limit > 0) {
+
+			exec('cpulimit -p ' + this.ps.pid + ' -l ' + this.cpu_limit + ' -d', function(error, stdout, stderr) {
+				console.log("Beginning CPU Limiting (" + this.cpu_limit + "%) for process: " + this.ps.pid);
+				console.log("Output: " + stdout);
+			});
+
+		}
+
+	} catch(ex) {
+		console.log("Assumed outdated GSD config. No CPU Limit defined for server!");
+	}
 
 	this.ps.on('data', function(data){
 		output = data.toString();
@@ -163,10 +180,8 @@ GameServer.prototype.create = function(){
 		self.plugin.install(self, function cb(){callback(null);});
 	},
 	function(callback) {
-		fixperms(self);
-		callback(null);
-	}
-	]);
+		fixperms(config.user, config.path, function cb(){callback(null);});
+	}]);
 };
 
 GameServer.prototype.delete = function(){
@@ -190,7 +205,7 @@ GameServer.prototype.procStats = function(self){
 	usage.lookup(self.pid, {keepHistory: true}, function(err, result) {
 		// TODO : Return as % of os.totalmem() (optional)
 		// TODO : Return as % of ram max setting
-		self.usagestats = {"memory":result.memory, "cpu":Math.round(result.cpu)};
+		self.usagestats = {"memory": result.memory, "cpu": Math.round(result.cpu)};
 		self.emit('processStats');
 	});
 };

diff --git a/services/plugins/minecraft.js b/services/plugins/minecraft.js
@@ -55,32 +55,36 @@ settings.commands = {
 };
 
 settings.preflight = function(server){
-	var jarPath = pathlib.join(server.config.path, server.variables['-jar']);
+	var jarPath = pathlib.join(server.config.path, server.config.variables['-jar']);
 
 	if (!fs.existsSync(jarPath)){
-	throw new Error("Jar doesn\'t exist : " + server.variables['-jar']);
+	throw new Error("Jar doesn\'t exist : " + server.config.variables['-jar']);
 	}
 };
 
 settings.install = function(server, callback){
-	copyFolder(server, "/mnt/MC/CraftBukkit/", function(){
-		var settingsPath = pathlib.join(server.config.path, "server.properties");
 
-		if (!fs.existsSync(settingsPath)){
-			callback();
+	try {
+
+		if(typeof server.config.build.install_dir == 'undefined') {
+			copyFolder(server, '/mnt/MC/CraftBukkit/', function(){ callback(); });
+		} else {
+			if(!fs.existsSync(server.config.build.install_dir)){
+				copyFolder(server, '/mnt/MC/CraftBukkit/', function(){ callback(); });
+			} else {
+				copyFolder(server, server.config.build.install_dir, function(){ callback(); });
+			}
 		}
 
-		var serverConfig = properties.parse(settingsPath, {path:true}, function (error, obj){
+		callback();
 
-		obj['enable-query'] = 'true';
-		obj['server-port'] = server.gameport;
-		obj['snooper-enabled'] = 'false';
+	} catch(ex) {
+
+		console.log("An error occured trying to copy over the files for the following server: "+ server.config.name);
+		console.log(ex);
+
+	}
 
-		properties.stringify(obj, {path:settingsPath}, function (error, obj){
-		callback();
-		});
-	});
-	})
 };
 
 settings.maplist = function maplist(self){