File:
[LON-CAPA] /
loncom /
lcuserdel
Revision
1.15:
download - view:
text,
annotated -
select for diffs
Mon Feb 3 18:03:52 2003 UTC (21 years, 10 months ago) by
harris41
Branches:
MAIN
CVS tags:
version_2_5_X,
version_2_5_2,
version_2_5_1,
version_2_5_0,
version_2_4_X,
version_2_4_99_0,
version_2_4_2,
version_2_4_1,
version_2_4_0,
version_2_3_X,
version_2_3_99_0,
version_2_3_2,
version_2_3_1,
version_2_3_0,
version_2_2_X,
version_2_2_99_1,
version_2_2_99_0,
version_2_2_2,
version_2_2_1,
version_2_2_0,
version_2_1_X,
version_2_1_99_3,
version_2_1_99_2,
version_2_1_99_1,
version_2_1_99_0,
version_2_1_3,
version_2_1_2,
version_2_1_1,
version_2_1_0,
version_2_0_X,
version_2_0_99_1,
version_2_0_2,
version_2_0_1,
version_2_0_0,
version_1_99_3,
version_1_99_2,
version_1_99_1_tmcc,
version_1_99_1,
version_1_99_0_tmcc,
version_1_99_0,
version_1_3_X,
version_1_3_3,
version_1_3_2,
version_1_3_1,
version_1_3_0,
version_1_2_X,
version_1_2_99_1,
version_1_2_99_0,
version_1_2_1,
version_1_2_0,
version_1_1_X,
version_1_1_99_5,
version_1_1_99_4,
version_1_1_99_3,
version_1_1_99_2,
version_1_1_99_1,
version_1_1_99_0,
version_1_1_3,
version_1_1_2,
version_1_1_1,
version_1_1_0,
version_1_0_99_3,
version_1_0_99_2,
version_1_0_99_1,
version_1_0_99,
version_1_0_3,
version_1_0_2,
version_1_0_1,
version_1_0_0,
version_0_99_5,
version_0_99_4,
version_0_99_3,
version_0_99_2,
version_0_99_1,
version_0_99_0,
conference_2003,
HEAD
best wishes to all.
#!/usr/bin/perl
#
# lcuserdel
#
use strict;
# This script is a setuid script (chmod 6755) that should
# be run by user 'www'. It DOES NOT delete directories.
# All it does is remove a user's entries from
# /etc/passwd, /etc/groups, and /etc/smbpasswd.
# It also disables user directory access by making the directory
# to be owned by user=www (as opposed to the former "username").
# This command only returns an error if it is
# invoked incorrectly (by passing bad command-line arguments, etc).
# This script works under the same process control mechanism
# as lcuseradd and lcpasswd, to make sure that only one of these
# processes is running at any one time on the system.
# Standard input usage
# First line is USERNAME
# Valid user names must consist of ascii
# characters that are alphabetical characters
# (A-Z,a-z), numeric (0-9), or the underscore
# mark (_). (Essentially, the perl regex \w).
# Command-line arguments [USERNAME]
# Yes, but be very careful here (don't pass shell commands)
# and this is only supported to allow perl-system calls.
# Usage within code
#
# $exitcode=system("/home/httpd/perl/lcuserdel","NAME")/256;
# print "uh-oh" if $exitcode;
# These are the exit codes.
# ( (0,"ok"),
# (1,"User ID mismatch. This program must be run as user 'www'"),
# (2,"Error. This program needs just 1 command-line argument (username).") )
# (3,"Error. Only one line should be entered into standard input."),
# (4,"Error. Too many other simultaneous password change requests being made."),
# (5,"Error. The user name specified has invalid characters.") )
# Security
$ENV{'PATH'}=""; # Nullify path information.
$ENV{'BASH_ENV'}=""; # Nullify shell environment information.
# Do not print error messages if there are command-line arguments
my $noprint=0;
if (@ARGV) {
$noprint=1;
}
# Read in /etc/passwd, and make sure this process is running from user=www
open (IN, "</etc/passwd");
my @lines=<IN>;
close IN;
my $wwwid;
for my $l (@lines) {
chop $l;
my @F=split(/\:/,$l);
if ($F[0] eq 'www') {$wwwid=$F[2];}
}
if ($wwwid!=$<) {
print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint;
exit 1;
}
&disable_root_capability;
# Handle case of another lcpasswd process
unless (&try_to_lock("/tmp/lock_lcpasswd")) {
print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
exit 4;
}
# Gather input. Should only be 1 value (user name).
my @input;
if (@ARGV==1) {
@input=@ARGV;
}
elsif (@ARGV) {
print("Error. This program needs just 1 command-line argument (username).\n") unless $noprint;
unlink('/tmp/lock_lcpasswd');
exit 2;
}
else {
@input=<>;
if (@input!=1) {
print("Error. Only one line should be entered into standard input.\n") unless $noprint;
unlink('/tmp/lock_lcpasswd');
exit 3;
}
map {chop} @input;
}
my ($username)=@input;
$username=~/^(\w+)$/;
my $safeusername=$1;
if ($username ne $safeusername) {
print "Error. The user name specified has invalid characters.\n";
unlink('/tmp/lock_lcpasswd');
exit 5;
}
&enable_root_capability;
# By using the system userdel command:
# Remove entry from /etc/passwd if it exists
# Remove entry from /etc/groups if it exists
# I surround with groupdel command to make absolutely sure the group definition disappears.
system('/usr/sbin/groupdel',$safeusername); # ignore error message
system('/usr/sbin/userdel',$safeusername); # ignore error message
system('/usr/sbin/groupdel',$safeusername); # ignore error message
# Remove entry from /etc/smbpasswd if it exists
# the safest way to do this is with smbpasswd -x
# as that's independent of location of the smbpasswd file.
#
if (-e '/usr/bin/smbpasswd') {
($>,$<) = (0,0); # fool smbpasswd to think this is not setuid.
system('/usr/bin/smbpasswd -x '.$safeusername);
$< = $wwwid;
}
# Change ownership on directory from username:username to www:www
# This prevents subsequently added users from having access.
system('/bin/chown','-R','www:www',"/home/$safeusername");
&disable_root_capability;
unlink("/tmp/lock_lcpasswd");
exit 0;
# ----------------------------------------------------------- have setuid script run as root
sub enable_root_capability {
if ($wwwid==$>) {
($<,$>)=($>,$<);
($(,$))=($),$();
}
else {
# root capability is already enabled
}
return $>;
}
# ----------------------------------------------------------- have setuid script run as www
sub disable_root_capability {
if ($wwwid==$<) {
($<,$>)=($>,$<);
($(,$))=($),$();
}
else {
# root capability is already disabled
}
}
# ----------------------------------- make sure that another lcpasswd process isn't running
sub try_to_lock {
my ($lockfile)=@_;
my $currentpid;
my $lastpid;
# Do not manipulate lock file as root
if ($>==0) {
return 0;
}
# Try to generate lock file.
# Wait 3 seconds. If same process id is in
# lock file, then assume lock file is stale, and
# go ahead. If process id's fluctuate, try
# for a maximum of 10 times.
for (0..10) {
if (-e $lockfile) {
open(LOCK,"<$lockfile");
$currentpid=<LOCK>;
close LOCK;
if ($currentpid==$lastpid) {
last;
}
sleep 3;
$lastpid=$currentpid;
}
else {
last;
}
if ($_==10) {
return 0;
}
}
open(LOCK,">$lockfile");
print LOCK $$;
close LOCK;
return 1;
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>