--- loncom/Attic/lcuseradd	2000/10/29 23:14:16	1.7
+++ loncom/Attic/lcuseradd	2000/10/30 03:30:26	1.13
@@ -3,7 +3,8 @@
 # lcuseradd
 #
 # Scott Harrison
-# October 27, 2000
+# SH: October 27, 2000
+# SH: October 29, 2000
 
 use strict;
 
@@ -43,6 +44,20 @@ use strict;
 # print "uh-oh" if $exitcode;
 
 # These are the exit codes.
+# ( (0,"ok"),
+# (1,"User ID mismatch.  This program must be run as user 'www'"),
+# (2,"Error. This program needs 3 command-line arguments (username, password 1, password 2)."),
+# (3,"Error. Three lines should be entered into standard input."),
+# (4,"Error. Too many other simultaneous password change requests being made."),
+# (5,"Error. User $username does not exist."),
+# (6,"Error. Could not make www a member of the group \"$safeusername\"."),
+# (7,"Error. Root was not successfully enabled.),
+# (8,"Error. Cannot open /etc/passwd."),
+# (9,"Error. The user name specified has invalid characters."),
+# (10,"Error. A password entry had an invalid character."),
+# (11,"Error. User already exists.),
+# (12,"Error. Something went wrong with the addition of user \"$safeusername\"."),
+# (13,"Error. Password mismatch."),
 
 # Security
 $ENV{'PATH'}=""; # Nullify path information.
@@ -99,19 +114,32 @@ else {
 my ($username,$password1,$password2)=@input;
 $username=~/^(\w+)$/;
 my $safeusername=$1;
+if ($username ne $safeusername) {
+    print "Error. The user name specified has invalid characters.\n";
+    unlink('/tmp/lock_lcpasswd');
+    exit 9;
+}
+my $pbad=0;
+map {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} (split(//,$password1));
+map {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} (split(//,$password2));
+if ($pbad) {
+    print "Error. A password entry had an invalid character.\n";
+    unlink('/tmp/lock_lcpasswd');
+    exit 10;
+}
 
 # Only add user if we can create a brand new home directory (/home/username).
 if (-e "/home/$safeusername") {
     print "Error. User already exists.\n" unless $noprint;
     unlink('/tmp/lock_lcpasswd');
-    exit 8;
+    exit 11;
 }
 
 # Only add user if the two password arguments match.
 if ($password1 ne $password2) {
     print "Error. Password mismatch.\n" unless $noprint;
     unlink('/tmp/lock_lcpasswd');
-    exit 7;
+    exit 13;
 }
 
 &enable_root_capability;
@@ -122,7 +150,7 @@ if ($password1 ne $password2) {
 if (system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername)) {
     print "Error.  Something went wrong with the addition of user \"$safeusername\".\n" unless $noprint;
     unlink('/tmp/lock_lcpasswd');
-    exit 5;
+    exit 12;
 }
 
 # Make www a member of that user group.
@@ -137,8 +165,100 @@ if (system('/usr/sbin/usermod','-G',$saf
 # for crazy characters in the password, and the setuid environment of perl
 # requires me to make everything safe.
 
+# Grab the line corresponding to username
+open (IN, "</etc/passwd");
+@lines=<IN>;
+close IN;
+my ($userid,$useroldcryptpwd);
+my @F; my @U;
+for my $l (@lines) {
+    chop $l;
+    @F=split(/\:/,$l);
+    if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
+}
 
+# Verify existence of user
+if (!defined($userid)) {
+    print "Error. User $username does not exist.\n" unless $noprint;
+    unlink('/tmp/lock_lcpasswd');
+    exit 5;
+}
 
+# Construct new password entry (random salt)
+my $newcryptpwd=crypt($password1,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
+$U[1]=$newcryptpwd;
+my $userline=join(':',@U);
+my $rootid=&enable_root_capability;
+if ($rootid!=0) {
+    print "Error.  Root was not successfully enabled.\n" unless $noprint;
+    unlink('/tmp/lock_lcpasswd');
+    exit 7;
+}
+open PASSWORDFILE, '>/etc/passwd' or (print("Error.  Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8));
+for my $l (@lines) {
+    @F=split(/\:/,$l);
+    if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
+    else {print PASSWORDFILE "$l\n";}
+}
+close PASSWORDFILE;
+
+($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
+unless (-e '/etc/smbpasswd') {
+    open (OUT,'>/etc/smbpasswd'); close OUT;
+}
+my $smbexist=0;
+open (IN, '</etc/smbpasswd');
+my @lines=<IN>;
+close IN;
+for my $l (@lines) {
+    chop $l;
+    my @F=split(/\:/,$l);
+    if ($F[0] eq $username) {$smbexist=1;}
+}
+unless ($smbexist) {
+    open(OUT,'>>/etc/smbpasswd');
+    print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
+    close OUT;
+}
+open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
+print OUT $password1; print OUT "\n";
+print OUT $password1; print OUT "\n";
+close OUT;
+$<=$wwwid; # unfool the program
+
+# Make final modifications to the user directory.
+# Add a public_html file with a stand-in index.html file.
+
+system('/bin/chmod','-R','0660',"/home/$safeusername");
+system('/bin/chmod','0770',"/home/$safeusername");
+mkdir "/home/$safeusername/public_html",0770;
+open OUT,">/home/$safeusername/public_html/index.html";
+print OUT<<END;
+<HTML>
+<HEAD>
+<TITLE>$safeusername</TITLE>
+</HEAD>
+<BODY>
+<H1>$safeusername</H1>
+<P>
+Learning Online Network
+</P>
+<P>
+This area provides for:
+</P>
+<UL>
+<LI>resource construction
+<LI>resource publication
+<LI>record-keeping
+</UL>
+</BODY>
+</HTML>
+END
+close OUT;
+system('/bin/chown','-R',"$safeusername:$safeusername","/home/$safeusername");
+&disable_root_capability;
+unlink('/tmp/lock_lcpasswd');
+exit 0;
 
 # ----------------------------------------------------------- have setuid script run as root
 sub enable_root_capability {