source: server/common/oursrc/accountadm/signup-scripts-backend.in @ 488

Last change on this file since 488 was 488, checked in by geofft, 16 years ago
fix banned-user parsing, per quentin
File size: 3.6 KB
Line 
1#!/usr/bin/perl
2use strict;
3
4# signup-scripts-backend
5# Copyright (C) 2006  Jeff Arnold <jbarnold@mit.edu>
6#
7# This program is free software; you can redistribute it and/or
8# modify it under the terms of the GNU General Public License
9# as published by the Free Software Foundation; either version 2
10# of the License, or (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
20#
21# See /COPYRIGHT in this repository for more information.
22
23$ENV{PATH} = '';
24
25my $username = $ARGV[0];
26
27# Complain unless submitted username contains only valid characters
28complain("bad username") unless($username =~ /^[\w._-]+$/);
29
30open(BANNEDUSERS,
31        "</afs/athena.mit.edu/contrib/scripts/admin/users.banned");
32while (<BANNEDUSERS>) {
33    chomp;
34    if ($_ eq $username)
35        complain("banned username");
36}
37close(BANNEDUSERS);
38
39my $homedir;
40my $filsys = `@hesinfo_path@ $username filsys | @sort_path@ -nk5 | @head_path@ -n1`;
41# AFS /afs/athena.mit.edu/user/j/b/jbarnold w /mit/jbarnold
42if($filsys =~ /^AFS\s(\/afs\/[\w\._\/-]+)\s.*\s\/mit\/$username(?: [0-9]+)?$/) {
43        $homedir = $1;
44}
45else {
46        complain("athena user not found");
47}
48
49# Tell AFS that we don't want to trigger fakestat, and confirm user's homedir
50chdir $homedir or complain("athena homedir not found");
51
52# Obtain user's homedir uid
53my ($spam, $spam, $spam, $spam, $uid1, $gid1, $spam, $spam, $spam, $spam, $spam, $egg, $spam) = stat '.' or complain("athena homedir not found");
54
55# Complain if user's uid is too low or too high
56complain("bad uid") unless($uid1 > 110 and $uid1 < (1 << 31));
57
58# Complain if user's .scripts-signup file does not exist
59#complain("scripts-signup file not found") unless(-e '.scripts-signup');
60
61# Complain if the user's username is already taken
62complain("username already taken") if(getpwnam $username);
63
64# Complain if user's uid is already taken
65complain("uid already taken") if(getpwuid $uid1);
66
67if($homedir !~ /\/afs\/athena\.mit\.edu\/user\//) {
68        $gid1 = $uid1;
69}
70
71# Complain if user's gid is already taken
72complain("gid already taken") if(getgrgid $gid1);
73
74my $pid;
75defined ($pid = open LDAP, '|-') or complain("internal error");
76if (!$pid) {
77        close STDOUT;
78        open STDOUT, '>/dev/null';
79        exec '@ldapadd_path@', '-c', '-x', '-D', 'cn=Directory Manager', '-y', '/etc/signup-ldap-pw';
80        exit 1;
81}
82print LDAP <<EOF;
83dn: uid=$username,ou=People,dc=scripts,dc=mit,dc=edu
84objectClass: posixAccount
85cn: $username
86uid: $username
87uidNumber: $uid1
88gidNumber: $gid1
89homeDirectory: $homedir
90loginShell: /usr/local/bin/mbash
91
92dn: cn=$username,ou=Groups,dc=scripts,dc=mit,dc=edu
93objectClass: posixGroup
94cn: $username
95gidNumber: $gid1
96
97dn: apacheServerName=$username.scripts.mit.edu,ou=VirtualHosts,dc=scripts,dc=mit,dc=edu
98objectclass: apacheConfig
99apacheServerName: $username.scripts.mit.edu
100apacheServerAlias: $username.scripts
101apacheDocumentRoot: $homedir
102apacheSuexecUid: $uid1
103apacheSuexecGid: $gid1
104
105EOF
106close LDAP or complain("internal error");
107# Add disk quota for user
108#system('@sudo_path@', '-u', 'root', '/usr/sbin/setquota', $username, '0', '25000', '0', '10000', '-a');
109
110printexit("done", 0);
111
112sub complain {
113  my ($complaint) = @_;
114  printexit($complaint, 1);
115}
116
117sub printexit {
118  my ($msg, $status) = @_;
119  print $msg;
120  exit($status);
121}
Note: See TracBrowser for help on using the repository browser.