Annotation of loncom/lcuseradd, revision 1.4
1.1 harris41 1: #!/usr/bin/perl
2: #
3: # lcuseradd
4: #
5: # Scott Harrison
6: # October 27, 2000
7:
8: use strict;
9:
10: # This script is a setuid script that should
11: # be run by user 'www'. It creates a /home/USERNAME directory
12: # as well as a /home/USERNAME/public_html directory.
13: # It adds user entries to
14: # /etc/passwd and /etc/groups.
1.2 harris41 15: # Passwords are set with lcpasswd.
16: # www becomes a member of this user group.
1.1 harris41 17:
18: # Standard input usage
19: # First line is USERNAME
20: # Second line is PASSWORD
1.3 harris41 21: # Third line is PASSWORD
1.1 harris41 22:
1.3 harris41 23: # Command-line arguments [USERNAME] [PASSWORD] [PASSWORD]
1.1 harris41 24: # Yes, but be very careful here (don't pass shell commands)
25: # and this is only supported to allow perl-system calls.
26:
1.4 ! harris41 27: # Usage within code
! 28: #
! 29: # $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256;
! 30: # print "uh-oh" if $exitcode;
! 31:
! 32: # These are the exit codes.
! 33:
1.1 harris41 34: # Security
35: $ENV{'PATH'}=""; # Nullify path information.
36: $ENV{'BASH_ENV'}=""; # Nullify shell environment information.
1.2 harris41 37:
1.4 ! harris41 38: # Do not print error messages if there are command-line arguments
! 39: my $noprint=0;
! 40: if (@ARGV) {
! 41: $noprint=1;
! 42: }
! 43:
! 44: # Read in /etc/passwd, and make sure this process is running from user=www
! 45: open (IN, "</etc/passwd");
! 46: my @lines=<IN>;
! 47: close IN;
! 48: my $wwwid;
! 49: for my $l (@lines) {
! 50: chop $l;
! 51: my @F=split(/\:/,$l);
! 52: if ($F[0] eq 'www') {$wwwid=$F[2];}
! 53: }
! 54: if ($wwwid!=$<) {
! 55: print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint;
! 56: exit 1;
! 57: }
! 58: &disable_root_capability;
! 59:
! 60: # Handle case of another lcpasswd process
! 61: unless (&try_to_lock("/tmp/lock_lcpasswd")) {
! 62: print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
! 63: exit 4;
! 64: }
! 65:
! 66: # Gather input. Should be 3 values (user name, password 1, password 2).
! 67: my @input;
! 68: if (@ARGV==1) {
! 69: @input=@ARGV;
! 70: }
! 71: elsif (@ARGV) {
! 72: print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint;
! 73: unlink('/tmp/lock_lcpasswd');
! 74: exit 2;
! 75: }
! 76: else {
! 77: @input=<>;
! 78: if (@input!=1) {
! 79: print("Error. Three lines should be entered into standard input.\n") unless $noprint;
! 80: unlink('/tmp/lock_lcpasswd');
! 81: exit 3;
! 82: }
! 83: map {chop} @input;
! 84: }
! 85:
! 86: my ($username,$password1,$password2)=@input;
! 87: $username=~/^(\w+)$/;
! 88: my $safeusername=$1;
! 89: $password1=~/^(\w+)$/;
! 90: my $password1=$1;
! 91: $password2=~/^(\w+)$/;
! 92: my $safepassword2=$1;
! 93:
! 94: &enable_root_capability;
! 95:
1.3 harris41 96: # Add user entry to /etc/passwd and /etc/groups in such
97: # a way that www is a member of the user-specific group
98:
1.4 ! harris41 99: # This command 'should' make the user be a member of just
! 100:
! 101: if (system('/usr/sbin/useradd','-c','LON-CAPA user','-G','www',$safeusername)) {
! 102: print "Error. Something went wrong with the addition of user \"$safeusername\".\n";
! 103: unlink('/tmp/lock_lcpasswd');
! 104: exit 5;
! 105: }
1.2 harris41 106:
107: # Set password with lcpasswd (which creates smbpasswd entry).
1.1 harris41 108:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lcuseradd CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom