Commit 99aee1c9 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Remove batch/audit command line options. The script is now always

audited using libaudit. No more batchmode since the script is
generally very fast anyway. Remove all the sendmail stuff since that
is done by the audit library.
parent edf7f3e7
......@@ -19,10 +19,10 @@ use Getopt::Std;
#
sub usage()
{
print STDOUT "Usage: mkacct [-a] [-f] <name>\n";
print STDOUT "Usage: mkacct [-f] <name>\n";
exit(-1);
}
my $optlist = "af";
my $optlist = "f";
#
# Configure variables
......@@ -50,11 +50,9 @@ my $GENELISTS = "$TB/sbin/genelists";
my $SFSUPDATE = "$TB/sbin/sfskey_update";
my $NOLOGIN = "/sbin/nologin";
my $auditmode = 0;
my $sfschange = 0;
my $errors = 0;
my $wasfrozen = 0;
my $logname;
my $user;
my @db_row;
my $query_result;
......@@ -96,6 +94,7 @@ $| = 1;
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
......@@ -107,9 +106,6 @@ use libtestbed;
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"a"})) {
$auditmode = 1;
}
if (defined($options{"f"})) {
$sfschange = 1;
}
......@@ -131,37 +127,8 @@ my $SSHDIR = "$HOMEDIR/$user/.ssh";
my $SFSDIR = "$HOMEDIR/$user/.sfs";
#
# This script always does the right thing, but if a non admin runs it
# for someone else, force auditmode. Technically speaking, this should
# never happen since mere users do not have access to this script ...
#
if (!TBAdmin($UID)) {
my $dbuid;
if (! UNIX2DBUID($UID, \$dbuid)) {
die("You are not a valid emulab user!\n");
}
if ($dbuid ne $user) {
$auditmode = 1;
}
}
# This script always does the right thing ...
#
# In audit mode, go to background and wait so we can send email.
#
if ($auditmode) {
my $childpid;
#
# Create a temporary name for a log file.
#
$logname = TBMakeLogname("mkacct");
if ($childpid = TBBackGround($logname)) {
waitpid($childpid, 0);
exit($? >> 8);
}
}
#
# Get the user info (the user being created). This join picks out the
......@@ -183,9 +150,20 @@ my $user_email = $db_row[3];
my $status = $db_row[4];
my $webonly = $db_row[5];
#
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
#
# Parent exits normally
#
exit(0);
}
if ($webonly ||
$status eq USERSTATUS_FROZEN ||
$status eq USERSTATUS_NEWUSER ||
$status eq USERSTATUS_UNVERIFIED ||
$status eq USERSTATUS_UNAPPROVED) {
print "User $user status indicates he/she should not have an account!\n";
......@@ -226,10 +204,6 @@ if ($webonly ||
if ($errors) {
fatal("Error clearing account for $user!");
}
if ($auditmode) {
unlink($logname);
}
exit(0);
}
......@@ -403,37 +377,8 @@ if ($WITHSFS && $sfschange) {
or fatal("$SFSUPDATE failed!");
}
if ($auditmode) {
AUDIT("Account Create Completed!\n", 0);
unlink($logname);
}
exit(0);
sub fatal {
my($msg) = @_;
my $flist = ();
if (defined($logname)) {
$flist = ($logname);
}
SENDMAIL($TBOPS, "mkacct $user Failed", $msg, $TBOPS, undef, $flist);
if (defined($logname)) {
unlink($logname);
}
die("*** $0:\n".
" $msg\n");
}
sub AUDIT($)
{
my($msg) = @_;
SENDMAIL($TBLOGS, "mkacct $user Complete", $msg,
$TBOPS, undef, ($logname));
}
#
# Do some new account stuff.
#
......@@ -462,7 +407,7 @@ sub FirstTime()
print "Generating sfs key\n";
if (system("$SSH -host $control_node '$SFSKEYGEN -KPn ".
"$user\@ops.emulab.net $SFSDIR/identity'")) {
fatal("Failure in sfskey gen: $!");
fatal("Failure in sfskey gen!");
}
$sfschange = 1;
......@@ -520,6 +465,8 @@ sub FirstTime()
}
return;
}
# Avoid dups.
AuditFork();
$EUID = $user_number;
$UID = $EUID;
......@@ -652,3 +599,10 @@ sub NewsshKeyfile($$$$$)
}
return 0;
}
sub fatal($) {
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
......@@ -2,7 +2,7 @@
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -23,12 +23,12 @@ use Getopt::Std;
sub usage()
{
print STDOUT
"Usage: setgroups [-b | -a] -p <pid> [user ...]\n".
" setgroups [-b | -a] [user ...]\n";
"Usage: setgroups -p <pid> [user ...]\n".
" setgroups [user ...]\n";
exit(-1);
}
my $optlist = "bap:";
my $optlist = "p:";
#
# Configure variables
......@@ -43,8 +43,6 @@ my $ADMINGRP= "@TBADMINGROUP@";
my $SSH = "$TB/bin/sshtb";
my $USERMOD = "/usr/sbin/pw usermod";
my $batchmode = 0;
my $auditmode = 0;
my $dbuid;
my @userlist;
my $pid;
......@@ -74,6 +72,7 @@ $| = 1;
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
......@@ -102,12 +101,6 @@ if ($UID == 0) {
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"b"})) {
$batchmode = 1;
}
if (defined($options{"a"})) {
$auditmode = 1;
}
if (defined($options{"p"})) {
$pid = $options{"p"};
......@@ -164,33 +157,14 @@ if (! UserDBInfo($dbuid, \$user_name, \$user_email)) {
#
# This script always does the right thing, so it does not matter who
# calls it.
#
#
# In batch mode, go to background and send email later.
#
if ($batchmode || $auditmode) {
my $childpid;
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
#
# Create a temporary name for a log file.
# Parent exits normally
#
$logname = TBMakeLogname("setgroups");
if ($childpid = TBBackGround($logname)) {
if ($auditmode) {
waitpid($childpid, 0);
exit($? >> 8);
}
#
# Parent exits normally
#
print STDOUT
"Updating groups.\n".
"You will be notified via email when the update is complete.\n";
exit(0);
}
exit(0);
}
#
......@@ -338,50 +312,11 @@ foreach my $uid (@userlist) {
}
print "Group Update Completed!\n";
if ($batchmode || $auditmode) {
donotify("Group Update Completed!\n", 0);
unlink($logname);
}
exit(0);
sub fatal($)
{
sub fatal($) {
my($mesg) = $_[0];
print STDOUT "$mesg\n";
if ($batchmode || $auditmode) {
donotify($mesg, 1);
unlink($logname);
}
exit(-1);
}
sub donotify($$)
{
my($mesg, $iserr) = @_;
my($subject, $from, $to, $hdrs);
my $MAIL;
$from = $TBOPS;
$hdrs = "Reply-To: $TBOPS";
#
# An error goes just to Testbed Operations. Normal status messages go
# to the user and to the Testbed Logs address.
#
if ($iserr) {
$subtext = "Failure";
$to = "$TBOPS";
}
else {
$subtext = "Success";
$to = "$user_name <$user_email>";
$hdrs = "Bcc: $TBLOGS\n" . "$hdrs";
}
SENDMAIL($to,
"Group Update $subtext",
$mesg, $from, $hdrs,
($logname));
die("*** $0:\n".
" $mesg\n");
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment