[BACK]Return to lcuseradd CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/Attic/lcuseradd between versions 1.7 and 1.8

version 1.7, 2000/10/29 23:14:16 version 1.8, 2000/10/30 02:31:45
Line 99  else { Line 99  else {
 my ($username,$password1,$password2)=@input;  my ($username,$password1,$password2)=@input;
 $username=~/^(\w+)$/;  $username=~/^(\w+)$/;
 my $safeusername=$1;  my $safeusername=$1;
   if ($username ne $safeusername) {
       print "Error. The user name specified has invalid characters.\n";
       unlink('/tmp/lock_lcpasswd');
       exit 9;
   }
   my $pbad=0;
   map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$oldpwd));
   map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$newpwd));
   if ($pbad) {
       print "Error. A password entry had an invalid character.\n";
       unlink('/tmp/lock_lcpasswd');
       exit 10;
   }
   
 # Only add user if we can create a brand new home directory (/home/username).  # Only add user if we can create a brand new home directory (/home/username).
 if (-e "/home/$safeusername") {  if (-e "/home/$safeusername") {
Line 137  if (system('/usr/sbin/usermod','-G',$saf Line 150  if (system('/usr/sbin/usermod','-G',$saf
 # for crazy characters in the password, and the setuid environment of perl  # for crazy characters in the password, and the setuid environment of perl
 # requires me to make everything safe.  # requires me to make everything safe.
   
   my $pbad=0;
   map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$oldpwd));
   map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$newpwd));
   if ($pbad) {
       print "Error. A password entry had an invalid character.\n";
       unlink('/tmp/lock_lcpasswd');
       exit 10;
   }
   
   # Grab the line corresponding to username
   my ($userid,$useroldcryptpwd);
   my @F; my @U;
   for my $l (@lines) {
       @F=split(/\:/,$l);
       if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
   }
   
   # Verify existence of user
   if (!defined($userid)) {
       print "Error. User $username does not exist.\n" unless $noprint;
       unlink('/tmp/lock_lcpasswd');
       exit 5;
   }
   
   # Verify password entry
   if (crypt($oldpwd,$useroldcryptpwd) ne $useroldcryptpwd) {
       print "Error. Invalid entry of current password.\n" unless $noprint;
       unlink('/tmp/lock_lcpasswd');
       exit 6;
   }
   
   # Construct new password entry (random salt)
   my $newcryptpwd=crypt($newpwd,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
   $U[1]=$newcryptpwd;
   my $userline=join(':',@U);
   my $rootid=&enable_root_capability;
   if ($rootid!=0) {
       print "Error.  Root was not successfully enabled.\n" unless $noprint;
       unlink('/tmp/lock_lcpasswd');
       exit 7;
   }
   open PASSWORDFILE, '>/etc/passwd' or (print("Error.  Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8));
   for my $l (@lines) {
       @F=split(/\:/,$l);
       if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
       else {print PASSWORDFILE "$l\n";}
   }
   close PASSWORDFILE;
   
   ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
   unless (-e '/etc/smbpasswd') {
       open (OUT,'>/etc/smbpasswd'); close OUT;
   }
   my $smbexist=0;
   open (IN, '</etc/smbpasswd');
   my @lines=<IN>;
   close IN;
   for my $l (@lines) {
       chop $l;
       my @F=split(/\:/,$l);
       if ($F[0] eq $username) {$smbexist=1;}
   }
   unless ($smbexist) {
       open(OUT,'>>/etc/smbpasswd');
       print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
       close OUT;
   }
   open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
   print OUT $newpwd; print OUT "\n";
   print OUT $newpwd; print OUT "\n";
   close OUT;
   $<=$wwwid; # unfool the program
   
   # Make final modifications to the user directory.
   # Add a public_html file with a stand-in index.html file.
   
   mkdir "/home/$safeusername/public_html",0750;
   # chmod -R
   open OUT,">/home/$safeusername/public_html";
   print OUT<<END;
   <HTML>
   <HEAD>
   <TITLE>$safeusername</TITLE>
   </HEAD>
   <BODY>
   <H1>$safeusername</H1>
   <P>
   Learning Online Network
   </P>
   <P>
   This area provides for:
   </P>
   <UL>
   <LI>resource construction
   <LI>resource publication
   <LI>record-keeping
   </UL>
   </BODY>
   </HTML>
   END
   close OUT;
   
   &disable_root_capability;
   unlink('/tmp/lock_lcpasswd');
   exit 0;
   
 # ----------------------------------------------------------- have setuid script run as root  # ----------------------------------------------------------- have setuid script run as root
 sub enable_root_capability {  sub enable_root_capability {
Removed from v.1.7  
changed lines
  Added in v.1.8

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>