File:
[LON-CAPA] /
loncom /
Attic /
lcuseradd
Revision
1.4:
download - view:
text,
annotated -
select for diffs
Sun Oct 29 22:38:21 2000 UTC (23 years, 11 months ago) by
harris41
Branches:
MAIN
CVS tags:
HEAD
fixing up exit code documentation for lcpasswd and lcuserdel. lcuseradd
useradd system call syntax still incorrect here. I'm putting in more
of the setuid handling code. -Scott
1: #!/usr/bin/perl
2: #
3: # lcuseradd
4: #
5: # Scott Harrison
6: # October 27, 2000
7:
8: use strict;
9:
10: # This script is a setuid script that should
11: # be run by user 'www'. It creates a /home/USERNAME directory
12: # as well as a /home/USERNAME/public_html directory.
13: # It adds user entries to
14: # /etc/passwd and /etc/groups.
15: # Passwords are set with lcpasswd.
16: # www becomes a member of this user group.
17:
18: # Standard input usage
19: # First line is USERNAME
20: # Second line is PASSWORD
21: # Third line is PASSWORD
22:
23: # Command-line arguments [USERNAME] [PASSWORD] [PASSWORD]
24: # Yes, but be very careful here (don't pass shell commands)
25: # and this is only supported to allow perl-system calls.
26:
27: # Usage within code
28: #
29: # $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256;
30: # print "uh-oh" if $exitcode;
31:
32: # These are the exit codes.
33:
34: # Security
35: $ENV{'PATH'}=""; # Nullify path information.
36: $ENV{'BASH_ENV'}=""; # Nullify shell environment information.
37:
38: # Do not print error messages if there are command-line arguments
39: my $noprint=0;
40: if (@ARGV) {
41: $noprint=1;
42: }
43:
44: # Read in /etc/passwd, and make sure this process is running from user=www
45: open (IN, "</etc/passwd");
46: my @lines=<IN>;
47: close IN;
48: my $wwwid;
49: for my $l (@lines) {
50: chop $l;
51: my @F=split(/\:/,$l);
52: if ($F[0] eq 'www') {$wwwid=$F[2];}
53: }
54: if ($wwwid!=$<) {
55: print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint;
56: exit 1;
57: }
58: &disable_root_capability;
59:
60: # Handle case of another lcpasswd process
61: unless (&try_to_lock("/tmp/lock_lcpasswd")) {
62: print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
63: exit 4;
64: }
65:
66: # Gather input. Should be 3 values (user name, password 1, password 2).
67: my @input;
68: if (@ARGV==1) {
69: @input=@ARGV;
70: }
71: elsif (@ARGV) {
72: print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint;
73: unlink('/tmp/lock_lcpasswd');
74: exit 2;
75: }
76: else {
77: @input=<>;
78: if (@input!=1) {
79: print("Error. Three lines should be entered into standard input.\n") unless $noprint;
80: unlink('/tmp/lock_lcpasswd');
81: exit 3;
82: }
83: map {chop} @input;
84: }
85:
86: my ($username,$password1,$password2)=@input;
87: $username=~/^(\w+)$/;
88: my $safeusername=$1;
89: $password1=~/^(\w+)$/;
90: my $password1=$1;
91: $password2=~/^(\w+)$/;
92: my $safepassword2=$1;
93:
94: &enable_root_capability;
95:
96: # Add user entry to /etc/passwd and /etc/groups in such
97: # a way that www is a member of the user-specific group
98:
99: # This command 'should' make the user be a member of just
100:
101: if (system('/usr/sbin/useradd','-c','LON-CAPA user','-G','www',$safeusername)) {
102: print "Error. Something went wrong with the addition of user \"$safeusername\".\n";
103: unlink('/tmp/lock_lcpasswd');
104: exit 5;
105: }
106:
107: # Set password with lcpasswd (which creates smbpasswd entry).
108:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>