Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
1f1a835a
Commit
1f1a835a
authored
Jul 27, 2006
by
Russ Fish
Browse files
Add a script to set the Windows passwords into Samba for all active login users.
parent
9237c34b
Changes
3
Hide whitespace changes
Inline
Side-by-side
tbsetup/GNUmakefile.in
View file @
1f1a835a
...
...
@@ -34,12 +34,12 @@ SBIN_STUFF = resetvlans console_setup.proxy sched_reload named_setup \
sfskey_update sfskey_update.proxy rmuser idleswap \
newnode_reboot savelogs.proxy eventsys.proxy \
elabinelab snmpit.proxy panic repos_daemon node_attributes \
nfstrace plabinelab
nfstrace plabinelab
smbpasswd_setup smbpasswd_setup.proxy
CTRLBIN_STUFF = console_setup.proxy sfskey_update.proxy \
savelogs.proxy eventsys.proxy
FSBIN_STUFF = exports_setup.proxy
FSBIN_STUFF = exports_setup.proxy
smbpasswd_setup.proxy
LIBEXEC_STUFF = rmproj wanlinksolve wanlinkinfo \
os_setup mkexpdir console_setup webnscheck webreport \
...
...
tbsetup/smbpasswd_setup.in
0 → 100644
View file @
1f1a835a
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2006 University of Utah and the Flux Group.
# All rights reserved.
#
use
English
;
#
# smbpasswd_setup - Run this on Boss as root.
#
# For each active user in the Emulab database, it sets their Samba password on
# Fs to their Windows password, using the smbpasswd_setup.proxy .
#
# usage: smbpasswd_setup [debug_level]
#
my
$dbg
=
0
;
if
(
$#ARGV
+
1
>
0
)
{
# 0 = no debug, 1 = remote dbg, 2 = local dbg.
$dbg
=
$ARGV
[
0
];
}
if
(
$dbg
=~
/^([-\w]+)$/i
)
{
$dbg
=
$
1
;
}
else
{
die
("
Tainted argument:
$dbg
\n
");
}
#
# Configure variables.
#
my
$TB
=
"
@prefix
@
";
my
$FSNODE
=
"
@FSNODE
@
";
my
$WINSUPPORT
=
@WINSUPPORT@
;
# Note no -n option to ssh. We pipe stdin below.
my
$SSH
=
"
$TB
/bin/sshtb -l root -host
$FSNODE
";
my
$PROG
=
"
$TB
/sbin/smbpasswd_setup.proxy
";
#
# We don't want to run this script unless its the real version or local debug.
#
if
(
$EUID
!=
0
and
$dbg
<
2
)
{
die
("
*** $0:
\n
"
.
"
Must be root! Maybe its a development version?
\n
");
}
die
("
*** $0:
\n
"
.
"
Nothing to do if no Windows support in this copy of Emulab.
\n
")
if
(
!
$WINSUPPORT
);
# un-taint path
$ENV
{'
PATH
'}
=
'
/bin:/usr/bin:/usr/sbin:/usr/local/bin
';
delete
@ENV
{'
IFS
',
'
CDPATH
',
'
ENV
',
'
BASH_ENV
'};
#
# Turn off line buffering on output
#
$|
=
1
;
#
# Testbed Support libraries
#
use
lib
"
@prefix
@/lib
";
use
libdb
;
use
libtestbed
;
my
$USERROOT
=
USERROOT
();
# Just do active, login accounts with real (unstarred) passwords.
# (The unix_pwd is set to "frozen" on frozen accounts.)
my
$users_result
=
DBQueryFatal
("
select uid, usr_w_pswd, usr_pswd from users
"
.
"
where status = '
"
.
USERSTATUS_ACTIVE
()
.
"
'
"
.
"
and wikionly = '0' and webonly = '0'
"
.
"
and usr_pswd != '*'
");
{
local
$SIG
{
PIPE
}
=
sub
{
die
"
$PROG
pipe broke
"
};
# Open a pipe to a proxy on Ops.
(
open
(
PROXY
,
"
|
$SSH
$PROG
$dbg
")
||
fatal
("
Failed: '|
$SSH
$PROG
$dbg
' $! $?
"))
if
(
$dbg
<
2
);
while
(
my
@usersrow
=
$users_result
->
fetchrow_array
)
{
my
$uid
=
$usersrow
[
0
];
my
$w_pwd
=
$usersrow
[
1
];
my
$unix_pwd
=
$usersrow
[
2
];
# If there's no user Windows password set, use the initial random default
# for the Windows Password. This based on the Unix encrypted password, in
# particular the random salt if it's an MD5 crypt, consisting of the 8
# characters after an initial "$1$" and followed by a "$".
if
(
!
defined
(
$w_pwd
))
{
# When there's no $ at the beginning, its not an MD5 hash.
if
(
$unix_pwd
!~
m/\$1\$/
)
{
$w_pwd
=
substr
(
$unix_pwd
,
0
,
8
);
}
else
{
$w_pwd
=
substr
(
$unix_pwd
,
3
,
8
);
# The MD5 salt string.
}
}
if
(
-
d
"
$USERROOT
/
$uid
")
{
if
(
$dbg
>=
2
)
{
print
"
$uid
,
$w_pwd
,
$unix_pwd
\n
";
}
else
{
print
PROXY
"
$uid
$w_pwd
\n
";
}
}
else
{
print
STDERR
"
*** smbpasswd_setup:
"
.
"
$USERROOT
/
$uid
does not exist!
\n
";
}
}
(
close
(
PROXY
)
||
fatal
("
Failed, closing: '|
$SSH
$PROG
$dbg
' $! $?
"))
if
(
$dbg
<
2
);
}
exit
(
0
);
tbsetup/smbpasswd_setup.proxy.in
0 → 100644
View file @
1f1a835a
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2006 University of Utah and the Flux Group.
# All rights reserved.
#
use
English
;
#
# smbpasswd_setup.proxy - This is run remotely on Fs as root, with stdin piped
# from smbpasswd_setup on Boss.
#
# It sets the Samba password on Fs for each active user to specified (Emulab
# Windows) password.
#
# usage: smbpasswd_setup.proxy [debug_level]
#
my
$dbg
=
0
;
if
(
$#ARGV
+
1
>
0
)
{
$dbg
=
$ARGV
[
0
];
}
if
(
$dbg
=~
/^([-\w]+)$/i
)
{
$dbg
=
$
1
;
}
else
{
die
("
Tainted argument:
$dbg
\n
");
}
#
# Configure variables.
#
my
$WINSUPPORT
=
@WINSUPPORT@
;
my
$SMBPASSWD
=
"
/usr/local/bin/smbpasswd
";
#
# We don't want to run this script unless its the real version (or debugging.)
#
if
(
$EUID
!=
0
and
!
$dbg
)
{
die
("
*** $0:
\n
"
.
"
Must be root! Maybe its a development version?
\n
");
}
die
("
*** $0:
\n
"
.
"
Nothing to do if no Windows support in this copy of Emulab.
\n
")
if
(
!
$WINSUPPORT
);
# un-taint path
$ENV
{'
PATH
'}
=
'
/bin:/usr/bin:/usr/sbin:/usr/local/bin
';
delete
@ENV
{'
IFS
',
'
CDPATH
',
'
ENV
',
'
BASH_ENV
'};
my
$log
=
"
/tmp/smbpasswd_setup_proxy.log
";
open
(
LOG
,
"
>
$log
")
||
fatal
("
Couldn't open
$log
.
\n
");
{
local
$SIG
{
PIPE
}
=
sub
{
die
"
$SMBPASSWD
pipe broke
"
};
# Each line on stdin is "uid w_pswd".
my
(
$uid
,
$w_pwd
);
while
(
<
STDIN
>
)
{
if
(
!
((
$uid
,
$w_pswd
)
=
m/^(\S+) (.+)/
))
{
print
LOG
"
BAD LINE:
$_
\n
";
}
else
{
print
LOG
"
$uid
, '
$w_pswd
'
\n
";
}
if
(
!
$dbg
)
{
# Tell smbpasswd the password, and again to confirm.
# -s == Silent: no prompts, read from stdin.
# -a == Add the uid if necessary.
my
$cmd
=
"
|
$SMBPASSWD
-s -a
$uid
";
open
(
PWD
,
$cmd
);
print
PWD
"
$w_pswd
\n
$w_pswd
\n
";
my
$stat
=
close
PWD
;
if
(
0
&&
$stat
)
{
# XXX it's succeeding, but returning 1.
print
LOG
"
FAILED, closing: '
$cmd
',
$stat
\n
";
exit
(
$stat
);
}
}
}
}
close
(
LOG
);
exit
(
0
);
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment