--- loncom/lcuserdel	2000/10/27 23:42:33	1.1
+++ loncom/lcuserdel	2000/10/30 02:31:45	1.10
@@ -3,25 +3,198 @@
 # lcuserdel
 #
 # Scott Harrison
-# October 27, 2000
+# SH: October 27, 2000
+# SH: October 28, 2000
+# SH: October 29, 2000
 
 use strict;
 
-# This script is a setuid script that should
+# This script is a setuid script (chmod 6755) that should
 # be run by user 'www'.  It DOES NOT delete directories.
 # All it does is remove a user's entries from
 # /etc/passwd, /etc/groups, and /etc/smbpasswd.
-
-
+# It also disables user directory access by making the directory
+# to be owned by user=www (as opposed to the former "username").
+# This command only returns an error if it is
+# invoked incorrectly (by passing bad command-line arguments, etc).
+
+# This script works under the same process control mechanism
+# as lcuseradd and lcpasswd, to make sure that only one of these
+# processes is running at any one time on the system.
 
 # Standard input usage
 # First line is USERNAME
 
+# Valid user names must consist of ascii
+# characters that are alphabetical characters
+# (A-Z,a-z), numeric (0-9), or the underscore
+# mark (_). (Essentially, the perl regex \w).
+
 # Command-line arguments [USERNAME]
 # Yes, but be very careful here (don't pass shell commands)
 # and this is only supported to allow perl-system calls.
 
+# Usage within code
+#
+# $exitcode=system("/home/httpd/perl/lcuserdel","NAME")/256;
+# print "uh-oh" if $exitcode;
+
+# These are the exit codes.
+# ( (0,"ok"),
+#   (1,"User ID mismatch.  This program must be run as user 'www'"),
+#   (2,"Error. Too many other simultaneous password change requests being made."),
+#   (3,"Error. Only one line should be entered into standard input."),
+#   (4,"Error. This program needs just 1 command-line argument (username).") )
+
 # Security
 $ENV{'PATH'}=""; # Nullify path information.
 $ENV{'BASH_ENV'}=""; # Nullify shell environment information.
 
+# Do not print error messages if there are command-line arguments
+my $noprint=0;
+if (@ARGV) {
+    $noprint=1;
+}
+
+# Read in /etc/passwd, and make sure this process is running from user=www
+open (IN, "</etc/passwd");
+my @lines=<IN>;
+close IN;
+my $wwwid;
+for my $l (@lines) {
+    chop $l;
+    my @F=split(/\:/,$l);
+    if ($F[0] eq 'www') {$wwwid=$F[2];}
+}
+if ($wwwid!=$<) {
+    print("User ID mismatch.  This program must be run as user 'www'\n") unless $noprint;
+    exit 1;
+}
+&disable_root_capability;
+
+# Handle case of another lcpasswd process
+unless (&try_to_lock("/tmp/lock_lcpasswd")) {
+    print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
+    exit 4;
+}
+
+# Gather input.  Should only be 1 value (user name).
+my @input;
+if (@ARGV==1) {
+    @input=@ARGV;
+}
+elsif (@ARGV) {
+    print("Error. This program needs just 1 command-line argument (username).\n") unless $noprint;
+    unlink('/tmp/lock_lcpasswd');
+    exit 2;
+}
+else {
+    @input=<>;
+    if (@input!=1) {
+	print("Error. Only one line should be entered into standard input.\n") unless $noprint;
+	unlink('/tmp/lock_lcpasswd');
+	exit 3;
+    }
+    map {chop} @input;
+}
+
+my ($username)=@input;
+$username=~/^(\w+)$/;
+my $safeusername=$1;
+if ($username ne $safeusername) {
+    print "Error. The user name specified has invalid characters.\n";
+    unlink('/tmp/lock_lcpasswd');
+    exit 9;
+}
+
+&enable_root_capability;
+
+# By using the system userdel command:
+# Remove entry from /etc/passwd if it exists
+# Remove entry from /etc/groups if it exists
+# I surround with groupdel command to make absolutely sure the group definition disappears.
+system('/usr/sbin/groupdel 2>/dev/null',$safeusername); # ignore error message
+system('/usr/sbin/userdel 2>/dev/null',$safeusername); # ignore error message
+system('/usr/sbin/groupdel 2>/dev/null',$safeusername); # ignore error message
+
+# Remove entry from /etc/smbpasswd if it exists
+my $oldsmbpasswd=`/bin/cat /etc/smbpasswd`;
+my $newsmbpasswd=`/bin/grep -v '^${safeusername}:' /etc/smbpasswd`;
+
+if ($oldsmbpasswd ne $newsmbpasswd) {
+    open OUT,">/etc/smbpasswd";
+    print OUT $newsmbpasswd;
+    close OUT;
+}
+
+# Change ownership on directory from username:username to www:www
+# This prevents subsequently added users from having access.
+
+system('/bin/chown','-R','www:www',"/home/$safeusername");
+
+&disable_root_capability;
+unlink("/tmp/lock_lcpasswd");
+exit 0;
+
+# ----------------------------------------------------------- have setuid script run as root
+sub enable_root_capability {
+    if ($wwwid==$>) {
+	($<,$>)=($>,$<);
+	($(,$))=($),$();
+    }
+    else {
+	# root capability is already enabled
+    }
+    return $>;
+}
+
+# ----------------------------------------------------------- have setuid script run as www
+sub disable_root_capability {
+    if ($wwwid==$<) {
+	($<,$>)=($>,$<);
+	($(,$))=($),$();
+    }
+    else {
+	# root capability is already disabled
+    }
+}
+
+# ----------------------------------- make sure that another lcpasswd process isn't running
+sub try_to_lock {
+    my ($lockfile)=@_;
+    my $currentpid;
+    my $lastpid;
+    # Do not manipulate lock file as root
+    if ($>==0) {
+	return 0;
+    }
+    # Try to generate lock file.
+    # Wait 3 seconds.  If same process id is in
+    # lock file, then assume lock file is stale, and
+    # go ahead.  If process id's fluctuate, try
+    # for a maximum of 10 times.
+    for (0..10) {
+	if (-e $lockfile) {
+	    open(LOCK,"<$lockfile");
+	    $currentpid=<LOCK>;
+	    close LOCK;
+	    if ($currentpid==$lastpid) {
+		last;
+	    }
+	    sleep 3;
+	    $lastpid=$currentpid;
+	}
+	else {
+	    last;
+	}
+	if ($_==10) {
+	    return 0;
+	}
+    }
+    open(LOCK,">$lockfile");
+    print LOCK $$;
+    close LOCK;
+    return 1;
+}
+
+