loncom/lcuseradd - view

File: [LON-CAPA] / loncom / Attic / lcuseradd
Revision 1.4: download - view: text, annotated - select for diffs
Sun Oct 29 22:38:21 2000 UTC (24 years, 2 months ago) by harris41
Branches: MAIN
CVS tags: HEAD

fixing up exit code documentation for lcpasswd and lcuserdel.  lcuseradd
useradd system call syntax still incorrect here.  I'm putting in more
of the setuid handling code. -Scott

#!/usr/bin/perl # # lcuseradd # # Scott Harrison # October 27, 2000 use strict; # This script is a setuid script that should # be run by user 'www'. It creates a /home/USERNAME directory # as well as a /home/USERNAME/public_html directory. # It adds user entries to # /etc/passwd and /etc/groups. # Passwords are set with lcpasswd. # www becomes a member of this user group. # Standard input usage # First line is USERNAME # Second line is PASSWORD # Third line is PASSWORD # Command-line arguments [USERNAME] [PASSWORD] [PASSWORD] # Yes, but be very careful here (don't pass shell commands) # and this is only supported to allow perl-system calls. # Usage within code # # $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256; # print "uh-oh" if $exitcode; # These are the exit codes. # Security $ENV{'PATH'}=""; # Nullify path information. $ENV{'BASH_ENV'}=""; # Nullify shell environment information. # Do not print error messages if there are command-line arguments my $noprint=0; if (@ARGV) { $noprint=1; } # Read in /etc/passwd, and make sure this process is running from user=www open (IN, "</etc/passwd"); my @lines=<IN>; close IN; my $wwwid; for my $l (@lines) { chop $l; my @F=split(/\:/,$l); if ($F[0] eq 'www') {$wwwid=$F[2];} } if ($wwwid!=$<) { print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint; exit 1; } &disable_root_capability; # Handle case of another lcpasswd process unless (&try_to_lock("/tmp/lock_lcpasswd")) { print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint; exit 4; } # Gather input. Should be 3 values (user name, password 1, password 2). my @input; if (@ARGV==1) { @input=@ARGV; } elsif (@ARGV) { print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint; unlink('/tmp/lock_lcpasswd'); exit 2; } else { @input=<>; if (@input!=1) { print("Error. Three lines should be entered into standard input.\n") unless $noprint; unlink('/tmp/lock_lcpasswd'); exit 3; } map {chop} @input; } my ($username,$password1,$password2)=@input; $username=~/^(\w+)$/; my $safeusername=$1; $password1=~/^(\w+)$/; my $password1=$1; $password2=~/^(\w+)$/; my $safepassword2=$1; &enable_root_capability; # Add user entry to /etc/passwd and /etc/groups in such # a way that www is a member of the user-specific group # This command 'should' make the user be a member of just if (system('/usr/sbin/useradd','-c','LON-CAPA user','-G','www',$safeusername)) { print "Error. Something went wrong with the addition of user \"$safeusername\".\n"; unlink('/tmp/lock_lcpasswd'); exit 5; } # Set password with lcpasswd (which creates smbpasswd entry).