--- loncom/Attic/lcuseradd 2005/04/07 22:27:52 1.36
+++ loncom/Attic/lcuseradd 2006/12/05 14:46:04 1.40
@@ -6,7 +6,7 @@
# with adding a user with filesystem privileges (e.g. author)
#
#
-# $Id: lcuseradd,v 1.36 2005/04/07 22:27:52 albertel Exp $
+# $Id: lcuseradd,v 1.40 2006/12/05 14:46:04 raeburn Exp $
###
###############################################################################
@@ -109,7 +109,8 @@ use File::Find;
# (12,"Error. Something went wrong with the addition of user ".
# "\"$safeusername\"."),
# (13,"Error. Password mismatch."),
-# (14, "Error filename is invalid")
+# (14, "Error filename is invalid"),
+# (15, "Error. Could not add home directory.")
# ------------------------------------------------------------- Initializations
# Security
@@ -120,10 +121,6 @@ delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}
# Do not print error messages.
my $noprint=1;
-# Error file:
-
-my $error_file; # This is either the error file name or undef.
-
print "In lcuseradd\n" unless $noprint;
# ----------------------------- Make sure this process is running from user=www
@@ -241,43 +238,32 @@ print "enabling root\n" unless $noprint;
# ---------------------------------- Start running script with root permissions
&enable_root_capability;
-# ------------------- Add user and make www a member of the user-specific group
+# ------------------- Add group and user, and make www a member of the group
+# -- Add group
+
+print "adding group: $safeusername \n" unless $noprint;
+my $status = system('/usr/sbin/groupadd', $safeusername);
+if ($status) {
+ print "Error. Something went wrong with the addition of group ".
+ "\"$safeusername\".\n" unless $noprint;
+ print "Final status of groupadd = $status\n";
+ unlink('/tmp/lock_lcpasswd');
+ &Exit(12);
+}
+my $gid = getgrnam($safeusername);
+
# -- Add user
print "adding user: $safeusername \n" unless $noprint;
-my $status = system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername);
+my $status = system('/usr/sbin/useradd','-c','LON-CAPA user','-g',$gid,$safeusername);
if ($status) {
print "Error. Something went wrong with the addition of user ".
"\"$safeusername\".\n" unless $noprint;
- print "Final status of useradd = $status";
+ system("/usr/sbin/groupdel $safeusername");
+ print "Final status of useradd = $status\n";
unlink('/tmp/lock_lcpasswd');
&Exit(12);
}
-my ($dmy1, $dmy2, $uid, $gid) = getpwnam($safeusername);
-my ($group) = getgrgid($gid);
-if (! $group) {
- print "Error. The primary group of user \"$safeusername\" could not be".
- "determined.\n" unless $noprint;
- system("/usr/sbin/userdel -r $safeusername");
- unlink('/tmp/lock_lcpasswd');
- &Exit(12);
-}
-if ($group != $safeusername) {
- $status = system("/usr/sbin/groupadd -g $uid $safeusername");
- if (! $status) {
- $status = system("/usr/sbin/usermod -g $uid $safeusername");
- if ($status) {
- system("/usr/sbin/groupdel $safeusername");
- }
- }
- if ($status) {
- print "Error. Something went wrong with the addition of user ".
- "\"$safeusername\".\n" unless $noprint;
- system("/usr/sbin/userdel -r $safeusername");
- unlink('/tmp/lock_lcpasswd');
- &Exit(12);
- }
-}
print "Done adding user\n" unless $noprint;
# Make www a member of that user group.
@@ -289,7 +275,7 @@ chomp $groups; $groups=~s/^\S+\s+\:\s+//
my @grouplist=split(/\s+/,$groups);
my @ugrouplist=grep {!/www|$safeusername/} @grouplist;
my $gl=join(',',(@ugrouplist,$safeusername));
-print "Putting user in its own group\n" unless $noprint;
+print "Putting www in user's group\n" unless $noprint;
if (system('/usr/sbin/usermod','-G',$gl,'www')) {
print "Error. Could not make www a member of the group ".
"\"$safeusername\".\n" unless $noprint;
@@ -319,17 +305,26 @@ if ($?) {
($>,$<)=($wwwid,0);
&enable_root_capability;
-# -- Don't add public_html... that can be added either by the user
-# or by lchtmldir when the user is granted an authorship role.
+# Check if home directory exists for user
+# If not, create one.
+if (!-e "/home/$safeusername") {
+ if (!mkdir("/home/$safeusername",0710)) {
+ print "Error. Could not add home directory for ".
+ "\"$safeusername\".\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ &Exit(15);
+ }
+}
# ------------------------------ Make final modifications to the user directory
# -- Add a public_html file with a stand-in index.html file
- system('/bin/chmod','-R','0660',"/home/$safeusername");
-system('/bin/chmod','0710',"/home/$safeusername");
-mkdir "/home/$safeusername/public_html",0755;
-open OUT,">/home/$safeusername/public_html/index.html";
-print OUT<<END;
+if (-d "/home/$safeusername") {
+ system('/bin/chmod','-R','0660',"/home/$safeusername");
+ system('/bin/chmod','0710',"/home/$safeusername");
+ mkdir "/home/$safeusername/public_html",0755;
+ open OUT,">/home/$safeusername/public_html/index.html";
+ print OUT<<END;
<html>
<head>
<title>$safeusername</title>
@@ -341,6 +336,7 @@ print OUT<<END;
</html>
END
close OUT;
+}
#
# In order to allow the loncapa daemons appropriate access
@@ -352,12 +348,19 @@ system('/bin/chown','-R',"$safeusername:
# system('/bin/chown',"$safeusername:www","/home/$safeusername"); # Now adust top level...
# system('/bin/chown','-R',"$safeusername:www","/home/$safeusername/public_html"); # And web dir.
# ---------------------------------------------------- Gracefull Apache Restart
+my $pidfile;
if (-e '/var/run/httpd.pid') {
+ $pidfile = '/var/run/httpd.pid';
+} elsif (-e '/var/run/httpd2.pid') { #Apache 2 on SuSE 10.1 and SLES10
+ $pidfile = '/var/run/httpd2.pid';
+}
+
+if ($pidfile) {
print "lcuseradd Apache restart\n" unless $noprint;
- open(PID,'/var/run/httpd.pid');
+ open(PID,<$pidfile);
my $pid=<PID>;
close(PID);
- my $pid=~ /(\D+)/;
+ $pid=~ /(\D+)/;
my $safepid = $1;
if ($pid) {
system('kill','-USR1',"$safepid");
@@ -480,6 +483,10 @@ sub set_public_html_permissions {
sub Exit {
my ($code) = @_; # Status code.
+ # TODO: Ensure the error file is owned/deletable by www:www:
+
+ &disable_root_capability(); # We run unprivileged to write the error file.
+
print "Exiting with status $code error file is $error_file\n" unless $noprint;
if($error_file) {
open(FH, ">$error_file");