changeuid.in 4.31 KB
Newer Older
1
#!/usr/bin/perl -wT
2 3
#
# EMULAB-COPYRIGHT
Leigh B. Stoller's avatar
Leigh B. Stoller committed
4
# Copyright (c) 2004, 2006, 2007, 2008 University of Utah and the Flux Group.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
# All rights reserved.
#
use English;
use Getopt::Std;

#
# Change the uid of an UNAPPROVED user. 
#
sub usage()
{
    print(STDERR "Usage: changeuid <olduid> <newuid>\n");
    exit(-1);
}
my $optlist = "df";
my $debug   = 0;
my $force   = 0;

#
# Configure variables
#
my $TB		= "@prefix@";

#
# Testbed Support libraries
#
use lib "@prefix@/lib";
use libaudit;
use libdb;
use libtestbed;
34 35 36 37
use User;

# Protos.
sub fatal($);
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59

#
# Turn off line buffering on output
#
$| = 1;

#
# Untaint the path
# 
$ENV{'PATH'} = "/bin:/sbin:/usr/bin:/usr/sbin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
    die("*** $0:\n".
	"    Please do not run this as root! Its already setuid!\n");
}

# Only admin types!
60
if (!TBAdmin()) {
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84
    die("*** $0:\n".
	"    Only TB administrators can run this script!\n");
}

#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
    usage();
}
if (defined($options{"d"})) {
    $debug = 1;
}
if (defined($options{"f"})) {
    $force = 1;
}
if (@ARGV != 2) {
    usage();
}
my $olduid = shift(@ARGV);
my $newuid = shift(@ARGV);

85 86 87 88 89 90 91 92 93
#
# Make sure that the new uid is valid!
#
if (! TBcheck_dbslot($newuid, "users", "uid",
		     TBDB_CHECKDBSLOT_WARN|TBDB_CHECKDBSLOT_ERROR)) {
    die("*** $0:\n".
	"    Invalid characters in new uid: $newuid!\n");
}

94 95 96 97 98 99 100 101 102 103
#
# This script is always audited. Mail is sent automatically upon exit.
#
if (AuditStart(0)) {
    #
    # Parent exits normally
    #
    exit(0);
}

104 105 106 107 108
# Map target user to object.
my $target_user = User->Lookup($olduid);
if (! defined($target_user)) {
    fatal("$olduid does not exist!");
}
109

110 111 112 113
# Map invoking user to object.
my $this_user = User->LookupByUnixId($UID);
if (! defined($this_user)) {
    fatal("You ($UID) do not exist!");
114
}
115
$target_dbid  = $target_user->dbid();
116 117 118 119 120 121

#
# Only operate on unapproved users (must be verified). Any other state
# is hard to deal with cause of exported homedirs, existing experiments,
# files that need to be changed on disk, etc. Maybe add this support later.
# 
122 123
if ($target_user->status() ne USERSTATUS_UNAPPROVED()) {
    fatal("User '$olduid' must be an unapproved (verified) user!");
124 125 126 127 128 129
}

#
# Obviously the new user must not exist in the users table. This is the
# last table we change below ...
#
130 131 132
my $new_user = User->Lookup($newuid);
if (defined($new_user)) {
    fatal("User '$newuid' is already in the DB!");
133 134 135 136 137 138 139
}

#
# Change a bunch of tables!
#
print "Updating group_membership table ...\n";
DBQueryFatal("update group_membership set uid='$newuid' ".
140
	     "where uid_idx='$target_dbid'");
141 142 143

print "Updating projects table ...\n";
DBQueryFatal("update projects set head_uid='$newuid' ".
144
	     "where head_idx='$target_dbid'");
145 146 147

print "Updating user_pubkeys table ...\n";
DBQueryFatal("update user_pubkeys set uid='$newuid' ".
148
	     "where uid_idx='$target_dbid'");
149 150 151

print "Updating user_sfskeys table ...\n";
DBQueryFatal("update user_sfskeys set uid='$newuid' ".
152
	     "where uid_idx='$target_dbid'");
153 154 155

print "Updating user_stats table ...\n";
DBQueryFatal("update user_stats set uid='$newuid' ".
156 157 158 159 160
	     "where uid_idx='$target_dbid'");

print "Updating user_sslcerts table ...\n";
DBQueryFatal("update user_sslcerts set uid='$newuid' ".
	     "where uid_idx='$target_dbid'");
161 162 163 164 165

print "Updating widearea_accounts table ...\n";
DBQueryFatal("update widearea_accounts set uid='$newuid' ".
	     "where uid='$olduid'");

166 167
print "Updating groups table ...\n";
DBQueryFatal("update groups set leader='$newuid' ".
168
	     "where leader_idx='$target_dbid'");
169

170 171
# Auto logout old user. 
print "Clearing logins table ...\n";
172
DBQueryFatal("delete from login where uid_idx='$target_dbid'");
173 174 175 176 177 178 179 180

#
# Lastly change users table; if anything breaks above we can still run
# this script to finish the job. Technically, we should lock these tables
# so that no one can sneak in and create a new user with the same uid
# as new one, but that is not likely to happen!
#
print "Updating users table ...\n";
181
DBQueryFatal("update users set uid='$newuid' where uid_idx='$target_dbid'");
182 183 184

exit(0);

185 186 187 188 189 190
sub fatal($) {
    my($mesg) = $_[0];

    die("*** $0:\n".
	"    $mesg\n");
}