Commit 75081528 authored by Leigh Stoller's avatar Leigh Stoller

Fixup the mailman support so that instead of using @emulab.net

addresses in the list, use real email addresses. Why? Well, cause I'm
a dope.  Oh, the real reason is that people cannot post to the lists
if we use their @emulab.net addresses cause we close the lists (to
avoid spammers). I did it this way originally cause it was easier;
there is a lot more bookkeeping to do if using real addresses, and I
never consider problem of not being able to post.
parent 4d7dd46b
......@@ -43,6 +43,7 @@ my $WITHSFS = @SFSSUPPORT@;
my $WIKISUPPORT = @WIKISUPPORT@;
my $BUGDBSUPPORT= @BUGDBSUPPORT@;
my $CHATSUPPORT = @CHATSUPPORT@;
my $MAILMANSUPPORT= @MAILMANSUPPORT@;
my $PROTOUSER = 'elabman';
my $SAMBANODE = "fs"; # DNS makes this do the right thing in E-in-E.
......@@ -56,7 +57,6 @@ my $USERDEL = "/usr/sbin/pw userdel";
my $USERMOD = "/usr/sbin/pw usermod";
my $CHPASS = "/usr/bin/chpass";
my $SFSKEYGEN = "/usr/local/bin/sfskey gen";
my $SETGROUPS = "$TB/sbin/setgroups";
my $GENELISTS = "$TB/sbin/genelists";
my $MKUSERCERT = "$TB/sbin/mkusercert";
my $SFSUPDATE = "$TB/sbin/sfskey_update";
......@@ -68,6 +68,9 @@ my $ADDBUGDBUSER= "$TB/sbin/addbugdbuser";
my $DELBUGDBUSER= "$TB/sbin/delbugdbuser";
my $ADDCHATUSER = "$TB/sbin/addjabberuser";
my $DELCHATUSER = "$TB/sbin/deljabberuser";
my $MMMODIFYUSER= "$TB/sbin/mmmodifymember";
my $ADDMMUSER = "$TB/sbin/addmmuser";
my $DELMMUSER = "$TB/sbin/delmmuser";
my $NOLOGIN = "/sbin/nologin";
my $SSH = "$TB/bin/sshtb";
my $SAVEUID = $UID;
......@@ -371,6 +374,10 @@ sub AddUser()
system("$ADDCHATUSER $user")
if ($CHATSUPPORT && !$batch && $user ne $PROTOUSER);
# And the mailman lists if enabled.
system("$ADDMMUSER $user")
if ($MAILMANSUPPORT);
# Generate the SSL cert for the user.
system("$MKUSERCERT $user");
......@@ -455,6 +462,10 @@ sub DelUser()
system("$DELCHATUSER $user")
if ($CHATSUPPORT);
# And the mailman lists if enabled.
system("$DELMMUSER $user")
if ($MAILMANSUPPORT);
$EUID = 0;
$sfsupdate = 1;
......@@ -603,6 +614,10 @@ sub UpdateUser(;$)
$UID = $SAVEUID;
$EUID = $UID;
# Update elists in case email changed.
system("$MMMODIFYUSER $user")
if ($MAILMANSUPPORT && !$batch);
# Update elists in case email changed.
system("$GENELISTS -m -u $user");
$EUID = 0;
......
......@@ -12,7 +12,8 @@ SUBDIR = collab/mailman
include $(OBJDIR)/Makeconf
SBIN_SCRIPTS = addmmlist delmmlist setmmlistmembers mmsetup \
setmmpasswd mmlistmembership
setmmpasswd mmlistmembership mmmodifymember \
addmmuser delmmuser
LIBEXEC_SCRIPTS = webaddmmlist webdelmmlist websetmmpasswd mmxlogin \
webmmlistmembership
CTRL_LIBEXEC_SCRIPTS = genaliases
......@@ -38,6 +39,10 @@ install: $(addprefix $(INSTALL_SBINDIR)/, $(SBIN_SCRIPTS)) \
boss-install: install
post-install:
chown root $(INSTALL_SBINDIR)/addmmuser
chmod u+s $(INSTALL_SBINDIR)/addmmuser
chown root $(INSTALL_SBINDIR)/delmmuser
chmod u+s $(INSTALL_SBINDIR)/delmmuser
chown root $(INSTALL_SBINDIR)/addmmlist
chmod u+s $(INSTALL_SBINDIR)/addmmlist
chown root $(INSTALL_SBINDIR)/delmmlist
......@@ -50,6 +55,8 @@ post-install:
chmod u+s $(INSTALL_SBINDIR)/mmlistmembership
chown root $(INSTALL_LIBEXECDIR)/mmxlogin
chmod u+s $(INSTALL_LIBEXECDIR)/mmxlogin
chown root $(INSTALL_SBINDIR)/mmmodifymember
chmod u+s $(INSTALL_SBINDIR)/mmmodifymember
#
# Control node installation (okay, plastic)
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use Errno qw(EEXIST);
#
# Add a mailman user.
#
sub usage()
{
print STDOUT "Usage: addmmuser <uid>\n";
exit(-1);
}
my $optlist = "d";
my $debug = 0;
my $dbuid;
my $target_uid;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBAUDIT = "@TBAUDITEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $OURDOMAIN = "@OURDOMAIN@";
my $MAILMANSUPPORT= @MAILMANSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $MMPROXY = "$TB/sbin/mailmanproxy";
# Protos
sub fatal($);
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libdb;
use libtestbed;
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# If no mailman support, just exit.
#
if (! $MAILMANSUPPORT) {
print "MailMan support is not enabled. Exit ...\n";
exit(0);
}
#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
usage()
if (@ARGV != 1);
$target_uid = $ARGV[0];
#
# Untaint args.
#
if ($target_uid =~ /^([-\w]+)$/) {
$target_uid= $1;
}
else {
die("Bad data in uid: $target_uid");
}
my $query_result =
DBQueryFatal("select usr_email, mailman_password, usr_name ".
"from users where uid='$target_uid'");
fatal("No such user in DB: $target_uid!")
if (!$query_result->numrows);
my ($email, $password, $fullname) = $query_result->fetchrow_array();
#
# Note that since we are sending cleartext passwords over, pipe the info
# into its STDIN so that the passwords are not visible in a ps listing.
#
# For ssh.
#
$UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
my $optarg = ($debug ? "-d" : "");
print "Adding user $target_uid to Mailman DB on $CONTROL.\n";
# Must serialize some of the mailman stuff. Be sure to use the same token!
TBScriptLock("mailman_update") == 0 or
fatal("Could not get the lock!");
system("echo \"$password \'$fullname\'\" | ".
"$SSH -host $CONTROL $MMPROXY $optarg adduser $target_uid $email");
my $status = $?;
TBScriptUnlock();
$? = $status;
if ($?) {
if ($? >> 8 == EEXIST()) {
print "addmmuser: $target_uid already exists in the mailman DB\n"
if ($debug);
exit(0);
}
fatal("$MMPROXY failed on $CONTROL!");
}
}
exit(0);
sub fatal($)
{
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use Errno qw(EEXIST);
#
# Add a mailman user.
#
sub usage()
{
print STDOUT "Usage: delmmuser <uid>\n";
exit(-1);
}
my $optlist = "d";
my $debug = 0;
my $dbuid;
my $target_uid;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBAUDIT = "@TBAUDITEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $OURDOMAIN = "@OURDOMAIN@";
my $MAILMANSUPPORT= @MAILMANSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $MMPROXY = "$TB/sbin/mailmanproxy";
# Protos
sub fatal($);
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libdb;
use libtestbed;
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# If no mailman support, just exit.
#
if (! $MAILMANSUPPORT) {
print "MailMan support is not enabled. Exit ...\n";
exit(0);
}
#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
usage()
if (@ARGV != 1);
$target_uid = $ARGV[0];
#
# Untaint args.
#
if ($target_uid =~ /^([-\w]+)$/) {
$target_uid= $1;
}
else {
die("Bad data in uid: $target_uid");
}
my $query_result =
DBQueryFatal("select usr_email, mailman_password, usr_name ".
"from users where uid='$target_uid'");
fatal("No such user in DB: $target_uid!")
if (!$query_result->numrows);
my ($email, $password, $fullname) = $query_result->fetchrow_array();
#
# Note that since we are sending cleartext passwords over, pipe the info
# into its STDIN so that the passwords are not visible in a ps listing.
#
# For ssh.
#
$UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
my $optarg = ($debug ? "-d" : "");
print "Removing user $target_uid from Mailman DB on $CONTROL.\n";
# Must serialize some of the mailman stuff. Be sure to use the same token!
TBScriptLock("mailman_update") == 0 or
fatal("Could not get the lock!");
system("$SSH -host $CONTROL $MMPROXY $optarg deluser $target_uid $email");
my $status = $?;
TBScriptUnlock();
$? = $status;
if ($?) {
fatal("$MMPROXY failed on $CONTROL!");
}
}
exit(0);
sub fatal($)
{
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
This diff is collapsed.
......@@ -105,16 +105,16 @@ else {
die("Bad data in uid: $user_uid");
}
my $email = "${user_uid}\@${OURDOMAIN}";
#
# For ssh.
#
$UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
open(LISTS, "$SSH -host $CONTROL $MMPROXY ".
"membership $email |") or
my $optarg = ($debug ? "-d" : "");
open(LISTS, "$SSH -host $CONTROL $MMPROXY $optarg ".
"membership $user_uid |") or
fatal("$MMPROXY failed on $CONTROL!");
while (<LISTS>) {
# Send back to PHP.
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
#
# Change user details (fullname, password, email).
#
sub usage()
{
print STDOUT "Usage: mmmodifymember <uid>\n";
exit(-1);
}
my $optlist = "d";
my $debug = 0;
my $dbuid;
my $target_uid;
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBAUDIT = "@TBAUDITEMAIL@";
my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $OURDOMAIN = "@OURDOMAIN@";
my $MAILMANSUPPORT= @MAILMANSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $MMPROXY = "$TB/sbin/mailmanproxy";
# Protos
sub fatal($);
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Turn off line buffering on output
#
$| = 1;
#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use libdb;
use libtestbed;
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be setuid! Maybe its a development version?\n");
}
#
# This script is setuid, so please do not run it as root. Hard to track
# what has happened.
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this as root! Its already setuid!\n");
}
#
# If no mailman support, just exit.
#
if (! $MAILMANSUPPORT) {
print "MailMan support is not enabled. Exit ...\n";
exit(0);
}
#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"d"})) {
$debug = 1;
}
usage()
if (@ARGV != 1);
$target_uid = $ARGV[0];
#
# Untaint args.
#
if ($target_uid =~ /^([-\w]+)$/) {
$target_uid= $1;
}
else {
die("Bad data in uid: $target_uid");
}
my $query_result =
DBQueryFatal("select usr_email, mailman_password, usr_name ".
"from users where uid='$target_uid'");
fatal("No such user in DB: $target_uid!")
if (!$query_result->numrows);
my ($email, $password, $fullname) = $query_result->fetchrow_array();
#
# Note that since we are sending cleartext passwords over, pipe the info
# into its STDIN so that the passwords are not visible in a ps listing.
#
# For ssh.
#
$UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
my $optarg = ($debug ? "-d" : "");
print "Resetting details for user $target_uid on $CONTROL.\n";
# Must serialize some of the mailman stuff. Be sure to use the same token!
TBScriptLock("mailman_update") == 0 or
fatal("Could not get the lock!");
system("echo \"$password \'$fullname\'\" | ".
" $SSH -host $CONTROL $MMPROXY ".
" $optarg modifymember $target_uid $email");
my $status = $?;
TBScriptUnlock();
$? = $status;
if ($?) {
fatal("$MMPROXY failed on $CONTROL!");
}
}
exit(0);
sub fatal($)
{
my($mesg) = $_[0];
die("*** $0:\n".
" $mesg\n");
}
......@@ -5,6 +5,7 @@ from Mailman import Message
from Mailman import Errors
from Mailman import UserDesc
import sha
import sys
def addmember(mlist, addr, name, passwd):
userdesc = UserDesc.UserDesc(address=addr, fullname=name, password=passwd)
......@@ -25,13 +26,16 @@ def addmember(mlist, addr, name, passwd):
pass
pass
def modmember(mlist, addr, name, passwd):
def modmember(mlist, oldaddr, newaddr, name, passwd):
try:
mlist.setMemberPassword(addr, passwd)
mlist.setMemberName(addr, name)
mlist.setMemberPassword(oldaddr, passwd)
mlist.setMemberName(oldaddr, name)
if oldaddr <> newaddr:
mlist.ApprovedChangeMemberAddress(oldaddr, newaddr, False)
pass
mlist.Save()
except Errors.NotAMemberError:
print 'Not a member:', addr
print 'Not a member:', oldaddr
sys.exit(1);
except:
print 'Error resetting name/password'
......
......@@ -28,6 +28,7 @@ my $CONTROL = "@USERNODE@";
my $BOSSNODE = "@BOSSNODE@";
my $MAILMANSUPPORT= @MAILMANSUPPORT@;
my $SSH = "$TB/bin/sshtb";
my $ADDMMUSER = "$TB/sbin/addmmuser";
my $ADDMMLIST = "$TB/sbin/addmmlist";
my $GENELISTS = "$TB/sbin/genelists";
......@@ -82,6 +83,7 @@ if (defined($options{"d"})) {
if (@ARGV) {
usage();
}
my $optarg = ($debug ? "-d" : "");
#
# Initialize a mailman password for all users.
......@@ -100,7 +102,22 @@ while (my ($uid) = $query_result->fetchrow_array()) {
"where uid='$uid'");
}
my $optarg = ($debug ? "-d" : "");
#
# Now add all active users.
#
$query_result =
DBQueryFatal("select distinct g.uid,u.usr_email ".
" from group_membership as g ".
"left join users as u on u.uid=g.uid ".
"where u.status='active' ".
# " and (g.pid='testbed' or g.pid='emulab-ops' or ".
# " g.pid='tbres' or g.pid='utahstud')" .
"order by u.admin");
while (my ($uid,$email) = $query_result->fetchrow_array()) {
system("$ADDMMUSER $optarg $uid") == 0
or fatal("Could not add user $uid to mailman DB!");
}
#
# Add project (and group) lists.
......@@ -138,7 +155,7 @@ while (my ($pid,$gid) = $query_result->fetchrow_array()) {
# And populate all the lists!
#
foreach my $pid (@projects) {
system("$GENELISTS $optarg -d -p $pid") == 0
system("$GENELISTS $optarg -p $pid") == 0
or fatal("Could not populate lists for project $pid!");
}
......
......@@ -124,8 +124,6 @@ else {
die("Bad data in xtype: $xtype");
}
my $email = "${user_uid}\@${OURDOMAIN}";
#
# For ssh.
#
......@@ -133,7 +131,7 @@ $UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
open(COOKIE, "$SSH -host $CONTROL $MMPROXY ".
"xlogin $email $xtype $listname |") or
"xlogin $user_uid $xtype $listname |") or
fatal("$MMPROXY failed on $CONTROL!");
my $cookie = <COOKIE>;
close(COOKIE) or
......
......@@ -128,8 +128,8 @@ $UID = $EUID;
if ($CONTROL ne $BOSSNODE) {
my $optarg = ($debug ? "-d" : "");
if (system("$SSH -host $CONTROL $MMPROXY setlistmembers $listname ".
"< $listfile")) {
if (system("$SSH -host $CONTROL $MMPROXY $optarg ".
"setlistmembers $listname < $listfile")) {
fatal("$MMPROXY failed on $CONTROL!");
}
}
......
......@@ -472,7 +472,7 @@ sub genelist($$$$)
next;
}
if ($usemailman && $MAILMANSUPPORT) {
print LIST "${uid}\@${OURDOMAIN} $mailman_password '$user_name'\n";
print LIST "$uid $user_email $mailman_password '$user_name'\n";
}
else {
print LIST "$user_email\n";
......
......@@ -55,12 +55,18 @@ if (isset($pid) && $pid != "") {
# By default, we want the user interface to the archives. However, an
# admin can request access to the list admin interface, and we need
# a different cookie for that.
#
#
TBUserInfo($uid, $user_name, $user_email);
$user_email = rawurlencode($user_email);
$cookietype = "user";
$listiface = "private";
$optargs = "?username=${user_email}";
if (isset($wantadmin) && $isadmin) {
$cookietype = "admin";
$listiface = "admin";
$optargs = "";
}
SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
......@@ -71,7 +77,7 @@ if (isset($pid) && $pid != "") {
#
# Set-Cookie: foo=2802; Path=/mailman/; Version=1;
#
if (!preg_match("/^Set-Cookie: ([-\w\+\.]+)=(\w*); ".
if (!preg_match("/^Set-Cookie: ([-\w\+\.\%]+)=(\w*); ".