[19] | 1 | 0000 #!/usr/bin/perl |
---|
| 2 | 0001 use strict; |
---|
| 3 | 0002 |
---|
| 4 | 0003 # admof |
---|
| 5 | 0004 # Copyright (C) 2006 Jeff Arnold <jbarnold@mit.edu> |
---|
| 6 | 0005 # |
---|
| 7 | 0006 # This program is free software; you can redistribute it and/or |
---|
| 8 | 0007 # modify it under the terms of the GNU General Public License |
---|
| 9 | 0008 # as published by the Free Software Foundation; either version 2 |
---|
| 10 | 0009 # of the License, or (at your option) any later version. |
---|
| 11 | 0010 # |
---|
| 12 | 0011 # This program is distributed in the hope that it will be useful, |
---|
| 13 | 0012 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 14 | 0013 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 15 | 0014 # GNU General Public License for more details. |
---|
| 16 | 0015 # |
---|
| 17 | 0016 # You should have received a copy of the GNU General Public License |
---|
| 18 | 0017 # along with this program; if not, write to the Free Software |
---|
| 19 | 0018 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
---|
| 20 | 0019 # |
---|
| 21 | 0020 # See /COPYRIGHT in this repository for more information. |
---|
| 22 | 0021 |
---|
| 23 | 0022 $ENV{PATH} = ''; |
---|
| 24 | 0023 |
---|
| 25 | 0024 my $targetuser; |
---|
| 26 | 0025 unless(($targetuser) = ($ARGV[0] =~ /^([\w._-]+)$/)) { |
---|
| 27 | 0026 error("Invalid locker name: <$ARGV[0]>."); |
---|
| 28 | 0027 } |
---|
| 29 | 0028 my $curuser; |
---|
| 30 | 0029 unless(($curuser) = ($ARGV[1] =~ /^([\w._-]+)\@ATHENA\.MIT\.EDU$/)) { |
---|
| 31 | 0030 error("An internal error has occurred.\nContact scripts\@mit.edu for assistance."); |
---|
| 32 | 0031 } |
---|
| 33 | 0032 |
---|
| 34 | 0033 my $fs = `@fs_path@ 2>/dev/null la /mit/$targetuser/`; |
---|
| 35 | 0034 my @fs = split(/\n/, $fs); |
---|
| 36 | 0035 |
---|
| 37 | 0036 #Access list for . is |
---|
| 38 | 0037 #Normal rights: |
---|
| 39 | 0038 # system:scripts-root rlidwka |
---|
| 40 | 0039 # system:anyuser rl |
---|
| 41 | 0040 |
---|
| 42 | 0041 unless($fs[0] =~ /^Access list for \/mit\/$targetuser\/ is$/ && |
---|
| 43 | 0042 $fs[1] =~ /^Normal rights:$/) { |
---|
| 44 | 0043 error("Cannot find locker <$targetuser>."); |
---|
| 45 | 0044 } |
---|
| 46 | 0045 |
---|
| 47 | 0046 if($ARGV[2] && !getpwnam($targetuser)) { |
---|
| 48 | 0047 error("Locker <$targetuser> does not have a scripts.mit.edu account."); |
---|
| 49 | 0048 } |
---|
| 50 | 0049 |
---|
| 51 | 0050 for(my $i = 2; $i < @fs; $i++) { |
---|
| 52 | 0051 my ($id) = ($fs[$i] =~ /^ ([\w:_-]+) rlidwka$/); |
---|
| 53 | 0052 if($id eq "") { next; } |
---|
| 54 | 0053 my $group; |
---|
| 55 | 0054 if($id eq $curuser) { success(); } |
---|
| 56 | 0055 elsif(($group) = ($id =~ /^(system:.+)/)) { |
---|
| 57 | 0056 my $mems = `@pts_path@ 2>/dev/null membership $group`; |
---|
| 58 | 0057 my @mems = split(/\n/, $mems); |
---|
| 59 | 0058 |
---|
| 60 | 0059 #Members of system:scripts-root (id: -56104) are: |
---|
| 61 | 0060 # hartmans |
---|
| 62 | 0061 # jbarnold |
---|
| 63 | 0062 # presbrey |
---|
| 64 | 0063 # tabbott |
---|
| 65 | 0064 # hartmans.root |
---|
| 66 | 0065 |
---|
| 67 | 0066 next if($mems[0] !~ /^Members of $group \(id: \S+\) are:$/); |
---|
| 68 | 0067 |
---|
| 69 | 0068 if($mems =~ /\s+$curuser\s+/) { |
---|
| 70 | 0069 success(); |
---|
| 71 | 0070 } |
---|
| 72 | 0071 } |
---|
| 73 | 0072 } |
---|
| 74 | 0073 |
---|
| 75 | 0074 print <<END; |
---|
| 76 | 0075 |
---|
| 77 | 0076 ERROR: |
---|
| 78 | 0077 It appears as though you are not an administrator of locker <$targetuser>. |
---|
| 79 | 0078 In order to be able to su to <$targetuser>, you must have full AFS access |
---|
| 80 | 0079 to the root directory of locker <$targetuser>. Try running the command |
---|
| 81 | 0080 fs sa /mit/$targetuser $curuser all |
---|
| 82 | 0081 on Athena in order to explicitly grant yourself full AFS access. |
---|
| 83 | 0082 Contact scripts\@mit.edu if you are unable to solve the problem. |
---|
| 84 | 0083 |
---|
| 85 | 0084 END |
---|
| 86 | 0085 |
---|
| 87 | 0086 exit(1); |
---|
| 88 | 0087 |
---|
| 89 | 0088 sub error { |
---|
| 90 | 0089 print STDERR "\nERROR:\n$_[0]\n\n"; |
---|
| 91 | 0090 exit(1); |
---|
| 92 | 0091 } |
---|
| 93 | 0092 |
---|
| 94 | 0093 sub success { |
---|
| 95 | 0094 print STDERR "\n== SUCCESS ==\nYou are now logged in as user <$targetuser>.\n"; |
---|
| 96 | 0095 print STDERR "To return to being <$curuser>, type \"exit\".\n\n"; |
---|
| 97 | 0096 exit(33); |
---|
| 98 | 0097 } |
---|