Remote access via e-mail

The final special feature discussed in the chapter is not really unique to Razor per se but is actually just an extension of UNIX that can be implemented independently. It allows a site to arrange for incoming e-mail messages to be parsed and run as a series of UNIX commands, with the output being sent back to the originator of the message.

What Tower Concepts has done, however, is put together a series of scripts and methods which make the setup of this capability fairly straightforward. The mechanisms also provide for a modest level of security. The original intention was to provide a means of letting people at remote sites do queries on the Razor database through simple e-mail messages, but the scope can actually be much greater than that.

How it works

After the system has been put in place, the following sequence describes what happens when e-mail has been received.

1. The script which catches the e-mail (rz_query) does some initialization steps, basically setting itself up to point to the proper Razor database.

2. The incoming e-mail message is caught by the script and the full contents are stored in a temporary file. The "From" and "Subject" lines of the message are noted.

3. A brief e-mail message is sent to the local Razor administrator, letting her know that this type of activity is going on.

4. A lookup occurs to see if the originating e-mail address has been equated with a local user account. If not, then e-mail is sent back indicating that the person was not properly registered to perform this activity, and nothing else happens.

5. If the external address properly equates to a trusted userid the e-mail message (saved from above) is passed to rz_mail_catcher¹, found in the Razor installations script directory, for processing.

NOTE: It is expected that if you plan to implement this feature you will be first curious about and ultimately comfortable with specific details on how it is all implemented. We encourage you to examine all of the relevant scripts; they are fairly well commented, and we welcome your feedback.

6. Installation and set up

The first step in configuring your site for this functionality is to establish two e-mail aliases for your system. Have someone with superuser access add the following lines to your /etc/aliases file...

razor-query: "|<fullpath to RAZOR_UNIVERSE>/Scripts/
rz_query"
razor-admin: <local razor administrator>

... where the text within the brackets are expanded out as necessary. At a minimum, you will need to run the newaliases program to make the new aliases fully functional.

Each user that wishes to take advantage of this capability needs to run the script rz_mail_signup, supplying it with the expected e-mail address to be writing in from on the command line. This script sends a request to the razor-admin address (established above), asking that an entry be made in the trusted_users file. To get the latest copy of rz_query, users should run $RAZOR_HOME/scripts/rz_install_email_query.

Upon receipt of the e-mail'd request, it is up to the discretion of the razor administrator whether or not the user should be granted this level of access. The message details how to edit the file $RAZOR_LICENSE_DIR/trusted_users. As a courtesy, the administrator should e-mail back the resolution status of the request.

Controlling access

If at any point someone needs to be removed from the list of trusted users, it can be done through a simple edit of the $RAZOR_LICENSE_DIR/trusted_users file. The syntax of the file is fairly straightforward, but you can still refer to "trusted_users" on page 262.

E-mail commands

Once you have followed the steps to this point, you will want to add one of the following commands to the body of the e-mail message:

get a read-only copy of a file

RAZOR_GROUP=<group>
razor_get <filename>

check-out a file

RAZOR_GROUP=<group>
razor_co <filename>

check-in a file

RAZOR_GROUP=<group>
razor_ci <filename>
<include the body of the file to be checked in>2
RAZOR_FILE_END

¹ If you have customized this script, it should exist in the database directory called Scripts.
² Razor does not support the capability to attach files when using rz_query since the various mailtools handle attachments in a slightly different manner.