Diff for /loncom/lcuserdel between versions 1.3 and 1.13

version 1.3, 2000/10/28 18:25:47 version 1.13, 2002/10/07 01:41:31
Line 3 Line 3
 # lcuserdel  # lcuserdel
 #  #
 # Scott Harrison  # Scott Harrison
 # October 27, 2000  # SH: October 27, 2000
 # October 28, 2000  # SH: October 28, 2000
   # SH: October 29, 2000
   
 use strict;  use strict;
   
Line 12  use strict; Line 13  use strict;
 # be run by user 'www'.  It DOES NOT delete directories.  # be run by user 'www'.  It DOES NOT delete directories.
 # All it does is remove a user's entries from  # All it does is remove a user's entries from
 # /etc/passwd, /etc/groups, and /etc/smbpasswd.  # /etc/passwd, /etc/groups, and /etc/smbpasswd.
   # It also disables user directory access by making the directory
   # to be owned by user=www (as opposed to the former "username").
   # This command only returns an error if it is
   # invoked incorrectly (by passing bad command-line arguments, etc).
   
 # This script works under the same process control mechanism  # This script works under the same process control mechanism
 # as lcuseradd and lcpasswd, to make sure that only one of these  # as lcuseradd and lcpasswd, to make sure that only one of these
Line 20  use strict; Line 25  use strict;
 # Standard input usage  # Standard input usage
 # First line is USERNAME  # First line is USERNAME
   
   # Valid user names must consist of ascii
   # characters that are alphabetical characters
   # (A-Z,a-z), numeric (0-9), or the underscore
   # mark (_). (Essentially, the perl regex \w).
   
 # Command-line arguments [USERNAME]  # Command-line arguments [USERNAME]
 # Yes, but be very careful here (don't pass shell commands)  # Yes, but be very careful here (don't pass shell commands)
 # and this is only supported to allow perl-system calls.  # and this is only supported to allow perl-system calls.
Line 30  use strict; Line 40  use strict;
 # print "uh-oh" if $exitcode;  # print "uh-oh" if $exitcode;
   
 # These are the exit codes.  # These are the exit codes.
   # ( (0,"ok"),
   #   (1,"User ID mismatch.  This program must be run as user 'www'"),
   #   (2,"Error. This program needs just 1 command-line argument (username).") )
   #   (3,"Error. Only one line should be entered into standard input."),
   #   (4,"Error. Too many other simultaneous password change requests being made."),
   #   (5,"Error. The user name specified has invalid characters.") )
   
 # Security  # Security
 $ENV{'PATH'}=""; # Nullify path information.  $ENV{'PATH'}=""; # Nullify path information.
Line 70  if (@ARGV==1) { Line 86  if (@ARGV==1) {
 }  }
 elsif (@ARGV) {  elsif (@ARGV) {
     print("Error. This program needs just 1 command-line argument (username).\n") unless $noprint;      print("Error. This program needs just 1 command-line argument (username).\n") unless $noprint;
       unlink('/tmp/lock_lcpasswd');
     exit 2;      exit 2;
 }  }
 else {  else {
     @input=<>;      @input=<>;
     if (@input!=1) {      if (@input!=1) {
  print("Error. Only one line should be entered into standard input.\n") unless $noprint;   print("Error. Only one line should be entered into standard input.\n") unless $noprint;
    unlink('/tmp/lock_lcpasswd');
  exit 3;   exit 3;
     }      }
     map {chop} @input;      map {chop} @input;
 }  }
   
   my ($username)=@input;
   $username=~/^(\w+)$/;
   my $safeusername=$1;
   if ($username ne $safeusername) {
       print "Error. The user name specified has invalid characters.\n";
       unlink('/tmp/lock_lcpasswd');
       exit 5;
   }
   
   &enable_root_capability;
   
   # By using the system userdel command:
   # Remove entry from /etc/passwd if it exists
   # Remove entry from /etc/groups if it exists
   # I surround with groupdel command to make absolutely sure the group definition disappears.
   system('/usr/sbin/groupdel',$safeusername); # ignore error message
   system('/usr/sbin/userdel',$safeusername); # ignore error message
   system('/usr/sbin/groupdel',$safeusername); # ignore error message
   
   # Remove entry from /etc/smbpasswd if it exists
   #  the safest way to do this is with smbpasswd -x
   #  as that's independent of location of the smbpasswd file.
   #
   if (-e '/usr/bin/smbpasswd') {
     ($>,$<) = (0,0); # fool smbpasswd to think this is not setuid.
     system('/usr/bin/smbpasswd -x '.$safeusername);
   }
   
   
   # Change ownership on directory from username:username to www:www
   # This prevents subsequently added users from having access.
   
   system('/bin/chown','-R','www:www',"/home/$safeusername");
   
 &disable_root_capability;  &disable_root_capability;
 unlink("/tmp/lock_lcpasswd");  unlink("/tmp/lock_lcpasswd");
 exit 0;  exit 0;

Removed from v.1.3  
changed lines
  Added in v.1.13


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>