Commit 9f0487d1 authored by Leigh B. Stoller's avatar Leigh B. Stoller

More fixes to last revision; need to reorder operations a bit.

parent 0c267b15
......@@ -41,6 +41,8 @@ post-install:
chmod u+s $(INSTALL_SBINDIR)/genelists
chown root $(INSTALL_SBINDIR)/dhcpd_makeconf
chmod u+s $(INSTALL_SBINDIR)/dhcpd_makeconf
chown root $(INSTALL_SBINDIR)/elabinelab_bossinit
chmod u+s $(INSTALL_SBINDIR)/elabinelab_bossinit
#
# Control node installation (okay, plastic)
......
#!/usr/bin/perl -w
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
......@@ -25,6 +25,7 @@ my $debug = 0;
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $ELABINELAB = @ELABINELAB@;
my $SAVEUID = $UID;
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/sbin:/usr/local/bin';
......@@ -46,6 +47,13 @@ if (!TBAdmin($UID)) {
die("*** $0:\n".
" Only TB administrators can run this script!\n");
}
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be root! Maybe its a development version?\n");
}
#
# Parse command arguments. Once we return from getopts, all that should
......@@ -64,40 +72,72 @@ usage()
my $pid = shift();
#
# Build the project.
# Untaint the arguments.
#
mysystem("$TB/sbin/mkproj $pid");
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("Tainted argument $pid!\n");
}
#
# Get the list of subgroups in the project and create those groups.
# Shift to real user for these scripts.
#
my $query_result =
DBQueryFatal("select gid from groups where pid='$pid' and pid!=gid");
while (my ($gid) = $query_result->fetchrow_array()) {
mysystem("$TB/sbin/mkgroup $pid $gid");
}
$EUID = $UID;
#
# Build the project.
#
#mysystem("$TB/sbin/mkproj $pid");
#
# Get the list of users and admin status. Admin users get a real shell
# on boss. Create the users, and then set their groups.
# on boss. Create the users, and not that we have to do this before the
# groups are created (tbacct add does not do a setgroups).
#
$query_result =
my $users_result =
DBQueryFatal("select distinct u.uid,u.admin from group_membership as m ".
"left join users as u on u.uid=m.uid ".
"where u.status='" . USERSTATUS_ACTIVE() . "'");
while (my ($uid,$admin) = $query_result->fetchrow_array()) {
while (my ($uid,$admin) = $users_result->fetchrow_array()) {
next
if ($uid eq "elabman");
mysystem("$TB/sbin/tbacct add $uid");
if ($admin) {
# Add admin users to group wheel for convenience.
DBQueryFatal("insert into unixgroup_membership ".
DBQueryFatal("replace into unixgroup_membership ".
"values ('$uid','wheel')");
}
mysystem("$TB/sbin/setgroups $uid");
if ($admin) {
# Flip back to root for pw command.
$EUID = 0;
mysystem("pw usermod -n $uid -s /bin/tcsh");
$EUID = $UID;
}
}
#
# Get the list of subgroups in the project and create those groups.
#
my $query_result =
DBQueryFatal("select gid from groups where pid='$pid' and pid!=gid");
while (my ($gid) = $query_result->fetchrow_array()) {
mysystem("$TB/sbin/mkgroup $pid $gid");
}
#
# Now do a setgroups.
#
$users_result->dataseek(0);
while (my ($uid,$admin) = $users_result->fetchrow_array()) {
next
if ($uid eq "elabman");
mysystem("$TB/sbin/setgroups $uid");
}
#
# Run a command string.
#
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment