1. 23 Jan, 2003 1 commit
  2. 10 Dec, 2002 1 commit
  3. 09 Dec, 2002 1 commit
    • Leigh B. Stoller's avatar
      Wrap up mkacct calls with a function call, like ADDPUBKEY. Checks to · 356a9fc0
      Leigh B. Stoller authored
      see if user actually has an account (by checking user status user
      table). Avoids trying to run suexec as a user that does not actuall
      exist on boss cause they do not have an account (since we allow users
      to edit personal info before being approved and getting an account).
      For addpubkey, we have to run the program as someone, so when the user
      does not have an account, run it as nobody.
      356a9fc0
  4. 01 Oct, 2002 2 commits
  5. 26 Aug, 2002 1 commit
    • Leigh B. Stoller's avatar
      Rework all of the ssh key handling. Moved the parsing and verification · ae77bdb6
      Leigh B. Stoller authored
      to an external perl script, and use ssh-keygen to attempt conversion
      off SSH2/SECSH key formats. This is actually a simplification of the
      php code, which is not generally very good at this kind of thing (or
      maybe I mean perl is just better at it). The parsing and error
      handling it also much improved.
      ae77bdb6
  6. 10 Jul, 2002 1 commit
  7. 16 Jun, 2002 1 commit
  8. 22 May, 2002 1 commit
    • Leigh B. Stoller's avatar
      A large set of authorization changes. · d2360b6d
      Leigh B. Stoller authored
      * Cleanup! A lot of the structure derived from the early frame days,
        which had a noticable (and bad) effect on how I wrote the stuff.  I
        cleaned up most of that yuckyness.
      
      * In process, optimize a little bit on the queries. The old code did
        about 9 queries just to write out the menu options, and then
        repeated most of those queries again in the page guts. I've
        consolidated the queries as much as possible (to 3) and cache all
        the results.
      
      * Fix up problem with users who forget their passwords before
        verification. Basically, I fixed the more general problem of not
        being able to update your user info before verification/approval;
        users now get that menu option no matter their status.
      
      * Fix up problem of users being able to access pages before
        verification (but after approval) by going around the menu options.
        The page level check (after the menu is drawn) now checks all
        conditions (password expired, unverified, unapproved, timedout, and
        also nologins()).
      
      * Minor change in approveuser; do not show the new account to the
        project leader until the new user has verified his account.
      
      * Change verification method, as reqwuested by Dave.  In addition to
        providing the key, also provide a web link to take the user straight
        to verification. I actually take them direct to the login page, and
        pass the key in as an argument. If the user is already logged in,
        bypass and go directly to the verify page (not the form page of
        course).  If the user is not logged in, let him log in, and then
        forward the key onward to the verify page. Basically, bypass the
        form all the time, and just do the verification.
      
      * Minor change in showuser; Do not show pid/groups not approved in,
        and if the count is zero, do not draw the table headings.
      d2360b6d
  9. 17 Apr, 2002 1 commit
  10. 15 Apr, 2002 1 commit
  11. 27 Feb, 2002 1 commit
  12. 12 Feb, 2002 1 commit
  13. 08 Feb, 2002 1 commit
    • Leigh B. Stoller's avatar
      Add $TBMAINSITE=0 default. · d720a46b
      Leigh B. Stoller authored
      Fix up SUEXEC and TBERROR error handling so that <XMP> tags are not
      included in the email message!
      Add CHECKURL() function (which will eventually replace VERIFYURL())
      which returns error strings instead of calling USERERROR. This is
      in support of new forms code.
      Add CHECKPASSWORD() function; same code was in three different places.
      This version returns the error string from checkpass.
      d720a46b
  14. 11 Jan, 2002 1 commit
  15. 09 Jan, 2002 1 commit
  16. 20 Dec, 2001 1 commit
  17. 05 Dec, 2001 1 commit
    • Leigh B. Stoller's avatar
      More inventive ways to avoid real work; add password expiration · 3e2bb386
      Leigh B. Stoller authored
      capability. New DB field in the users table (pswd_expires) which is a
      date field that initially gets set to one year after the user account
      is created. When the password is changed via the web form, it gets
      bumped 1 more year into the future *unless* the current uid is
      different from the target_uid (ie: you are changing a password for
      someone else). In that case, the expiration is set to the current
      date, which forces the target user to change his password next time he
      logs in. I've changed the menu/auth code to look for password
      expiration, and when expired the menu options contain just a single
      option to change the password. All other https pages will fail with a
      password expired message. Normal text pages will work of course.
      3e2bb386
  18. 29 Oct, 2001 1 commit
    • Leigh B. Stoller's avatar
      A bunch of lastlogin changes! The user and experiment information · 4658545e
      Leigh B. Stoller authored
      pages now show the lastlogin info that is gathered from sshd syslog
      reporting to users. That info is parsed by security/genlastlog.c, and
      entered into the DB in the nodeuidlastlogin and uidnodelastlogin
      tables. If not obvious from the names, for each user we want the last time
      they logged in anyplace, and for each node we want the last time anyone
      logged into it. The latter is obviously more useful for scheduling
      purposes. All of the various images have new /etc/syslog.conf files,
      and the 6.2 got new sshd_configs (all cvsup'ed with kill -HUP). There
      is an entry in boss:/etc/crontab and users:/etc/syslog.conf. All of
      this is decribed in greater detail in security/genlastlog.c.
      4658545e
  19. 16 Oct, 2001 1 commit
  20. 01 Oct, 2001 2 commits
  21. 19 Sep, 2001 1 commit
  22. 30 Aug, 2001 1 commit
  23. 10 May, 2001 1 commit
    • Leigh B. Stoller's avatar
      Lots of little changes for sending email to the right places, with · 3285bc3e
      Leigh B. Stoller authored
      proper headers. Split out some of the mail into testbed-logs,
      testbed-ops, and testbed-approval. Added a library for including from
      our perl scripts. Contains a couple of mail helper functions, but will
      hopefully contain more as time goes by.
      
      Fixed a bug in the web interface that was causing breakage for people
      with multiple accounts. Mac and Jay have noticed this, when logging
      out and trying to join or create a project under a new or different
      name.
      3285bc3e
  24. 08 May, 2001 2 commits
  25. 04 May, 2001 1 commit
  26. 18 Apr, 2001 1 commit
  27. 10 Apr, 2001 1 commit
  28. 23 Mar, 2001 1 commit
  29. 15 Mar, 2001 1 commit
    • Leigh B. Stoller's avatar
      1) <basefont size=4> to all the pages before I go blind reading 8pt · af4a6ad7
      Leigh B. Stoller authored
         font. Don't like? Set you font prefs in netscape.
      2) Add link to Flux Utah Network Testbed page along bottom of all the
         pages.
      3) For the above, put in <base target=_top> tag just prior to the row
         of links along the bottom so that when you leave the testbed pages,
         you get a full window view instead of a framed view.
      af4a6ad7
  30. 14 Mar, 2001 1 commit
  31. 08 Feb, 2001 1 commit
  32. 03 Jan, 2001 1 commit
  33. 08 Dec, 2000 2 commits
  34. 30 Nov, 2000 1 commit
  35. 29 Nov, 2000 1 commit
  36. 15 Nov, 2000 1 commit