--- loncom/Attic/lcuseradd 2000/10/29 22:07:20 1.2
+++ loncom/Attic/lcuseradd 2000/10/30 02:31:45 1.8
@@ -18,18 +18,301 @@ use strict;
# Standard input usage
# First line is USERNAME
# Second line is PASSWORD
+# Third line is PASSWORD
-# Command-line arguments [USERNAME] [PASSWORD]
+# Valid passwords must consist of the
+# ascii characters within the inclusive
+# range of 0x20 (32) to 0x7E (126).
+# These characters are:
+# SPACE and
+# !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
+# PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
+
+# Valid user names must consist of ascii
+# characters that are alphabetical characters
+# (A-Z,a-z), numeric (0-9), or the underscore
+# mark (_). (Essentially, the perl regex \w).
+
+# Command-line arguments [USERNAME] [PASSWORD] [PASSWORD]
# Yes, but be very careful here (don't pass shell commands)
# and this is only supported to allow perl-system calls.
+# Usage within code
+#
+# $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256;
+# print "uh-oh" if $exitcode;
+
+# These are the exit codes.
+
# Security
$ENV{'PATH'}=""; # Nullify path information.
$ENV{'BASH_ENV'}=""; # Nullify shell environment information.
-# Add user entry to /etc/passwd and /etc/groups.
+# Do not print error messages if there are command-line arguments
+my $noprint=0;
+if (@ARGV) {
+ $noprint=1;
+}
+
+# Read in /etc/passwd, and make sure this process is running from user=www
+open (IN, "</etc/passwd");
+my @lines=<IN>;
+close IN;
+my $wwwid;
+for my $l (@lines) {
+ chop $l;
+ my @F=split(/\:/,$l);
+ if ($F[0] eq 'www') {$wwwid=$F[2];}
+}
+if ($wwwid!=$<) {
+ print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint;
+ exit 1;
+}
+&disable_root_capability;
+
+# Handle case of another lcpasswd process
+unless (&try_to_lock("/tmp/lock_lcpasswd")) {
+ print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
+ exit 4;
+}
+
+# Gather input. Should be 3 values (user name, password 1, password 2).
+my @input;
+if (@ARGV==3) {
+ @input=@ARGV;
+}
+elsif (@ARGV) {
+ print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 2;
+}
+else {
+ @input=<>;
+ if (@input!=3) {
+ print("Error. Three lines should be entered into standard input.\n") unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 3;
+ }
+ map {chop} @input;
+}
+
+my ($username,$password1,$password2)=@input;
+$username=~/^(\w+)$/;
+my $safeusername=$1;
+if ($username ne $safeusername) {
+ print "Error. The user name specified has invalid characters.\n";
+ unlink('/tmp/lock_lcpasswd');
+ exit 9;
+}
+my $pbad=0;
+map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$oldpwd));
+map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$newpwd));
+if ($pbad) {
+ print "Error. A password entry had an invalid character.\n";
+ unlink('/tmp/lock_lcpasswd');
+ exit 10;
+}
+
+# Only add user if we can create a brand new home directory (/home/username).
+if (-e "/home/$safeusername") {
+ print "Error. User already exists.\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 8;
+}
+
+# Only add user if the two password arguments match.
+if ($password1 ne $password2) {
+ print "Error. Password mismatch.\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 7;
+}
+
+&enable_root_capability;
+
+# Add user entry to /etc/passwd and /etc/groups in such
+# a way that www is a member of the user-specific group
+
+if (system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername)) {
+ print "Error. Something went wrong with the addition of user \"$safeusername\".\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 5;
+}
+
+# Make www a member of that user group.
+if (system('/usr/sbin/usermod','-G',$safeusername,'www')) {
+ print "Error. Could not make www a member of the group \"$safeusername\".\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 6;
+}
+
+# Set password with lcpasswd-style algorithm (which creates smbpasswd entry).
+# I cannot place a direct shell call to lcpasswd since I have to allow
+# for crazy characters in the password, and the setuid environment of perl
+# requires me to make everything safe.
+
+my $pbad=0;
+map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$oldpwd));
+map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$newpwd));
+if ($pbad) {
+ print "Error. A password entry had an invalid character.\n";
+ unlink('/tmp/lock_lcpasswd');
+ exit 10;
+}
+
+# Grab the line corresponding to username
+my ($userid,$useroldcryptpwd);
+my @F; my @U;
+for my $l (@lines) {
+ @F=split(/\:/,$l);
+ if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
+}
+
+# Verify existence of user
+if (!defined($userid)) {
+ print "Error. User $username does not exist.\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 5;
+}
+
+# Verify password entry
+if (crypt($oldpwd,$useroldcryptpwd) ne $useroldcryptpwd) {
+ print "Error. Invalid entry of current password.\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 6;
+}
+
+# Construct new password entry (random salt)
+my $newcryptpwd=crypt($newpwd,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
+$U[1]=$newcryptpwd;
+my $userline=join(':',@U);
+my $rootid=&enable_root_capability;
+if ($rootid!=0) {
+ print "Error. Root was not successfully enabled.\n" unless $noprint;
+ unlink('/tmp/lock_lcpasswd');
+ exit 7;
+}
+open PASSWORDFILE, '>/etc/passwd' or (print("Error. Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8));
+for my $l (@lines) {
+ @F=split(/\:/,$l);
+ if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
+ else {print PASSWORDFILE "$l\n";}
+}
+close PASSWORDFILE;
+
+($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
+unless (-e '/etc/smbpasswd') {
+ open (OUT,'>/etc/smbpasswd'); close OUT;
+}
+my $smbexist=0;
+open (IN, '</etc/smbpasswd');
+my @lines=<IN>;
+close IN;
+for my $l (@lines) {
+ chop $l;
+ my @F=split(/\:/,$l);
+ if ($F[0] eq $username) {$smbexist=1;}
+}
+unless ($smbexist) {
+ open(OUT,'>>/etc/smbpasswd');
+ print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
+ close OUT;
+}
+open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
+print OUT $newpwd; print OUT "\n";
+print OUT $newpwd; print OUT "\n";
+close OUT;
+$<=$wwwid; # unfool the program
+
+# Make final modifications to the user directory.
+# Add a public_html file with a stand-in index.html file.
+
+mkdir "/home/$safeusername/public_html",0750;
+# chmod -R
+open OUT,">/home/$safeusername/public_html";
+print OUT<<END;
+<HTML>
+<HEAD>
+<TITLE>$safeusername</TITLE>
+</HEAD>
+<BODY>
+<H1>$safeusername</H1>
+<P>
+Learning Online Network
+</P>
+<P>
+This area provides for:
+</P>
+<UL>
+<LI>resource construction
+<LI>resource publication
+<LI>record-keeping
+</UL>
+</BODY>
+</HTML>
+END
+close OUT;
+
+&disable_root_capability;
+unlink('/tmp/lock_lcpasswd');
+exit 0;
-# Set password with lcpasswd (which creates smbpasswd entry).
+# ----------------------------------------------------------- have setuid script run as root
+sub enable_root_capability {
+ if ($wwwid==$>) {
+ ($<,$>)=($>,$<);
+ ($(,$))=($),$();
+ }
+ else {
+ # root capability is already enabled
+ }
+ return $>;
+}
-# www becomes member of this user group
+# ----------------------------------------------------------- have setuid script run as www
+sub disable_root_capability {
+ if ($wwwid==$<) {
+ ($<,$>)=($>,$<);
+ ($(,$))=($),$();
+ }
+ else {
+ # root capability is already disabled
+ }
+}
+# ----------------------------------- make sure that another lcpasswd process isn't running
+sub try_to_lock {
+ my ($lockfile)=@_;
+ my $currentpid;
+ my $lastpid;
+ # Do not manipulate lock file as root
+ if ($>==0) {
+ return 0;
+ }
+ # Try to generate lock file.
+ # Wait 3 seconds. If same process id is in
+ # lock file, then assume lock file is stale, and
+ # go ahead. If process id's fluctuate, try
+ # for a maximum of 10 times.
+ for (0..10) {
+ if (-e $lockfile) {
+ open(LOCK,"<$lockfile");
+ $currentpid=<LOCK>;
+ close LOCK;
+ if ($currentpid==$lastpid) {
+ last;
+ }
+ sleep 3;
+ $lastpid=$currentpid;
+ }
+ else {
+ last;
+ }
+ if ($_==10) {
+ return 0;
+ }
+ }
+ open(LOCK,">$lockfile");
+ print LOCK $$;
+ close LOCK;
+ return 1;
+}