Commit 7bf0bbe9 authored by Mac Newbold's avatar Mac Newbold
Browse files

replaced with mkacct/rmacct

parent 04d656d2
#!/usr/local/bin/perl -w
###
### $Id: exp_accts,v 1.15 2000-09-22 22:06:02 kwright Exp $
###
### Address 'lkw' comments:
### Break up into subroutines, possibly libraries. We'll
### need some of the same things for the removal script.
###
### exp_accts - Makes accounts for all users in this experiment's project.
### Adds accounts to currently booted OS only.
###
use Mysql;
## un-taint path
$ENV{'PATH'} = '/bin:/usr/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
##
## arg: @row = {user, passwd, unix_uid, comment};
##
sub untaint_user_data {
my @row = @_;
if ( @row < 4 ) { # need 4 fields
return 0;
}
if ( $row[0] =~ /^(([a-z]|\d)+)$/ ) { # user
$row[0] = $1;
} else {
return 0;
}
if ( $row[1] =~ /^(\w+)$/ ) { # encrypted passwd
$row[1] = $1;
} else {
return 0;
}
if ( $row[2] =~ /^(\d+)$/ && # unix UID
$row[2] < 32000 ) { # unix UID must be < 32000
$row[2] = $1;
} else {
return 0;
}
if ( $row[3] =~ /^(([^:]+$|^))$/ ) { # comment (fullname)
$row[3] = $1;
} else {
return 0;
}
return 1;
}
my $d = 1; #debug flag
if ($#ARGV < 0) {
die("Usage: exp_accts <eid>\n".
"\tCreates user accounts by experiment.\n");
}
my $eid = $ARGV[0];
if ( !($eid =~ /^[A-Za-z0-9\.\-\_ ]+$/) ) {
die("Invalid eid '$eid' contains illegal characters.\n");
}
##
## Check for valid user
##
open(WHO,"/usr/bin/whoami 2>&1 |");
chop($_ = <WHO>);
close(WHO);
if ($_ ne "root") { die("Must be root.\n"); }
##
## Open database
##
my $dbh = Mysql->connect("localhost","tbdb","script","none");
##
## If the EID doesn't exist, it's invalid.
##
print "Checking that $eid is a valid EID...";
my $cmd = "select eid from experiments where eid='$eid'";
my $sth = $dbh->query($cmd);
my $rows =0;
## Must put in check that $sth defined. May be undefined if
## query command above is syntactically incorrect. -kw
while ($sth->fetchrow_array) {
$rows += 1;
}
if ( $rows != 1 ) {
die("Invalid eid '$eid' (not in database).\n");
} else {
print "ok.\n";
}
##
## Select user parameters for users in given experiment.
## Join: exp.pid -> p.pid
##
print "Selecting users...\n";
$cmd =
"select u.uid,u.usr_pswd,u.unix_uid,u.usr_name ".
"from experiments as e ".
"left join projects as p on e.pid = p.pid ".
"left join proj_memb as pm on p.pid = pm.pid ".
"left join users as u on u.uid = pm.uid ".
"where e.eid = '$eid'";
$sth = $dbh->query($cmd);
my %passwd = ();
my %unix_uid = ();
my %fullname = ();
while (@row = $sth->fetchrow_array) {
if ( untaint_user_data(@row) == 1 ) {
$passwd{$row[0]} = $row[1];
$unix_uid{$row[0]} = $row[2];
$fullname{$row[0]} = $row[3];
print "\t$row[0]\n";
} else {
print "Invalid user data. Row skipped.\n";
}
}
##
## Select group ID for experiment.
##
print "Selecting group ID for experiment...";
$cmd =
"select unix_gid from groups as g ".
"left join proj_grps as pg on g.gid = pg.gid ".
"left join projects as p on pg.pid = p.pid ".
"left join experiments as e on e.pid = p.pid ".
"where e.eid = '$eid'";
$sth = $dbh->query($cmd);
my $unix_gid = 65533; # "nogroup"...
if (@row = $sth->fetchrow_array) {
$unix_gid = $row[0];
print "$unix_gid\n";
} else {
die("Invalid group ID.\n");
}
##
## Select machines.
##
print "Selecting machines...";
$cmd =
"select IP from interfaces as ip ".
"left join reserved as r on r.node_id=ip.node_id ".
"left join experiments as e on r.eid = e.eid ".
"where e.eid = '$eid'";
$sth = $dbh->query($cmd);
my @nodes = ();
while (@row = $sth->fetchrow_array) {
push(@nodes,$row[0]);
print " $row[0] ";
}
print "\n";
##
## For each machine, ping to see if its alive.
## If alive, determine if its FreeBSD or Linux and
## create the user accounts.
##
my $last = "";
my $OS = "";
my $IP = "";
foreach $IP (@nodes) {
## If this machine is not the same as the last one, get the OS
## Check also that the IP address is valid (some interfaces might
## not have an IP address).
if ( $IP ne $last && $IP =~ /([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/) {
$IP = $1;
$last = $IP;
if (-e "/bin/ping") {
open(PING,"/bin/ping -c 1 $IP 2>&1 |");
} else {
open(PING,"/sbin/ping -c 1 $IP 2>&1 |");
}
do { } until ( <PING> =~ /transmitted, (\d+) packets received/ );
close(PING);
if ( $1 <= 0 ) {
die "Couldn't ping machine $IP\n";
} else {
print "Checking OS on $IP...";
open(UNAME,"/usr/local/bin/ssh $IP uname 2>&1 |");
$_ = <UNAME>;
print $_;
close(UNAME);
## FreeBSD says "155.99.214.129: Connection refused"
## and can also say "Host key doesn't match..."
## and can also say "@@@@@@... WARNING HOST ID CHANGED..."
if ( ($_=~/^Sorry/) || ($_=~/^$IP/) || ($_=~/^Host key/)
|| ($_ =~/^@+/) ) {
die("Uname failed on $IP:$_\n");
} else {
$OS = $_;
}
}
if ( $OS =~ /Linux/ ) {
## 1) Use groupadd to add group
## 2) Use useradd to add users
##
## Rather than use useradd's defaults (which are normally
## fine), we're explicit.
##
## If either the group or the user exists, groupadd and useradd
## will report it and move on.
print "Creating group $unix_gid on $IP.\n";
open(GROUPADD, "/usr/local/bin/ssh $IP /usr/sbin/groupadd -g $unix_gid $eid 2>&1 |");
while (<GROUPADD>) { print "$_"; }
close(GROUPADD);
my $i = 1;
foreach my $user (keys %passwd) {
print "Creating user $user on $IP.\n";
open(USERADD, "/usr/local/bin/ssh $IP /usr/sbin/useradd -c \"$fullname{$user}\" -d /users/$user -g $unix_gid -m -p $passwd{$user} -s /bin/tcsh -u $unix_uid{$user} $user 2>&1 |");
while (<USERADD>) { print "$_"; }
close(USERADD);
}
} elsif ($OS =~ /FreeBSD/) {
## 1) Append new account info to master.passwd
## 2) Create secure (spwd.db) and insecure (pwd.db) password
## databases and
## 4) Create home directories
## Fetch remote login information
open(SCP, "/usr/local/bin/scp -pq $IP:/etc/master.passwd /tmp/master.passwd.$IP |");
while ( <SCP> ) { print $_; }
close SCP;
my $addon = "";
foreach my $user (keys %passwd) {
## Check if the user account already exists.
my $prev = 0;
open(MPWD, "/tmp/master.passwd.$IP");
while ( <MPWD> ) {
if ( $_ =~ /^$user:/ ) {
$prev = 1;
print "Account $user exists on $IP\n";
}
}
close MPWD;
if ( $prev == 0 ) {
print "Adding $user to $IP\n";
$addon = "$user:$passwd{$user}:$unix_uid{$user}:" .
"$unix_gid:\:0:0:$fullname{$user}:/users/$user:" .
"/bin/tcsh\n";
open (CHPASS, "/usr/local/bin/ssh $IP /usr/bin/chpass -a '$addon' 2>&1 |");
while ( <CHPASS> ) {print "$_"; }
close(CHPASS)
}
## Create home directory
if ( -e "/users/$user" ) {
print "/users/$user already exists.\n";
} else {
print "Creating /users/$user.\n";
open(MKDIR, "/bin/mkdir /users/$user 2>&1 |");
while ( <MKDIR> ) { print "$_"; }
close(MKDIR);
## If created, chown and chgrp
if (-e "/users/$user") {
open(CHOWN, "/usr/sbin/chown $unix_uid{$user} /users/$user 2>&1 |" );
while ( <CHOWN> ) {print "$_"; }
close(CHOWN);
open(CHGRP, "/usr/bin/chgrp $unix_gid /users/$user 2>&1 |" );
while ( <CHGRP> ) {print "$_"; }
close(CHGRP);
}
}
}
} else {
print "$IP is unreachable or has an unknown OS ($OS).\n";
}
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment