Commit b46a0641 authored by Kristin Wright's avatar Kristin Wright

ADded group deletion to freebsd; sanitized and turned on taint checking

parent 04ffe870
#!/usr/local/bin/perl -w #!/usr/local/bin/perl -wT
### ###
### $Id: rmacct,v 1.2 2000-09-22 22:06:40 kwright Exp $ ### $Id: rmacct,v 1.3 2000-11-21 10:38:16 kwright Exp $
### ###
### rmacct - Removes accounts for all users in given experiment. ### rmacct - Removes accounts for all users in given experiment.
### ###
...@@ -18,7 +18,7 @@ delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; ...@@ -18,7 +18,7 @@ delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
sub untaint_user { sub untaint_user {
my @row = @_; my @row = @_;
if ( @row != 1 ) { # expecting only 1 field if ( @row != 2 ) { # expecting only 1 field
return 0; return 0;
} }
...@@ -91,7 +91,7 @@ if ( $rows != 1 ) { ...@@ -91,7 +91,7 @@ if ( $rows != 1 ) {
## ##
print "Selecting users...\n"; print "Selecting users...\n";
$cmd = $cmd =
"select u.uid ". "select u.uid, p.pid ".
"from experiments as e ". "from experiments as e ".
"left join projects as p on e.pid = p.pid ". "left join projects as p on e.pid = p.pid ".
"left join proj_memb as pm on p.pid = pm.pid ". "left join proj_memb as pm on p.pid = pm.pid ".
...@@ -100,14 +100,26 @@ $cmd = ...@@ -100,14 +100,26 @@ $cmd =
$sth = $dbh->query($cmd); $sth = $dbh->query($cmd);
my @users = (); my @users = ();
while (@row = $sth->fetchrow_array) { while (@row = $sth->fetchrow_array) {
if ( untaint_user(@row) != 1 ) { if ( @row != 2 ) {
print "Invalid user data. Row skipped.\n"; die "User data query did not return correct number of elements.\n";
} else { }
push(@users, $row[0]);
print "\t$row[0]\n"; if ( $row[0] =~ /^(([a-z]|\d)+)$/ ) { # user
push(@users, $1);
print "\t$1\n";
} else {
print "Username from database invalid. Row skipped\n";
} }
if ( $row[1] =~ /^([a-z0-9]+)$/ ) { # project/group name
$group = $1;
} else {
die "Group name from database not valid.\n";
}
} }
print "Group: $group\n";
## ##
## Select machines. ## Select machines.
## ##
...@@ -133,7 +145,7 @@ if ( $savedir ) { ...@@ -133,7 +145,7 @@ if ( $savedir ) {
if ( -e "/users/$user" ) { if ( -e "/users/$user" ) {
print "Creating $user.tar in /tmp\n"; print "Creating $user.tar in /tmp\n";
open(TAR, "/usr/bin/tar cvf /tmp/$user.tar /users/$user 2>&1 |"); open(TAR, "/usr/bin/tar cvf /tmp/$user.tar /users/$user 2>&1 |");
while (<TAR>) { print "$_"; } while (<TAR>) { print "$_"; }
close(TAR); close(TAR);
} }
} }
...@@ -171,7 +183,7 @@ foreach $IP (@nodes) { ...@@ -171,7 +183,7 @@ foreach $IP (@nodes) {
} else { } else {
print "Checking OS on $IP..."; print "Checking OS on $IP...";
open(UNAME,"/usr/local/bin/ssh $IP uname 2>&1 |"); open(UNAME,"/usr/local/bin/sshtb $IP uname 2>&1 |");
$_ = <UNAME>; $_ = <UNAME>;
print $_; print $_;
close(UNAME); close(UNAME);
...@@ -196,13 +208,13 @@ foreach $IP (@nodes) { ...@@ -196,13 +208,13 @@ foreach $IP (@nodes) {
my $i = 1; my $i = 1;
foreach my $user (@users) { foreach my $user (@users) {
print "Removing user $user from $IP.\n"; print "Removing user $user from $IP.\n";
open(USERDEL, "/usr/local/bin/ssh $IP /usr/sbin/userdel -r $user 2>&1 |"); open(USERDEL, "/usr/local/bin/sshtb $IP /usr/sbin/userdel -r $user 2>&1 |");
while (<USERDEL>) { print "$_"; } while (<USERDEL>) { print "$_"; }
close(USERDEL); close(USERDEL);
} }
print "Removing group $eid on $IP.\n"; print "Removing group $eid on $IP.\n";
open(GROUPDEL, "/usr/local/bin/ssh $IP /usr/sbin/groupdel $eid 2>&1 |"); open(GROUPDEL, "/usr/local/bin/sshtb $IP /usr/sbin/groupdel $eid 2>&1 |");
while (<GROUPDEL>) { print "$_"; } while (<GROUPDEL>) { print "$_"; }
close(GROUPDEL); close(GROUPDEL);
...@@ -213,10 +225,18 @@ foreach $IP (@nodes) { ...@@ -213,10 +225,18 @@ foreach $IP (@nodes) {
foreach my $user (@users) { foreach my $user (@users) {
print "Removing $user from $IP\n"; print "Removing $user from $IP\n";
open (RMUSER, "/usr/local/bin/ssh $IP /usr/sbin/rmuser -y $user 2>&1 |"); open (RMUSER, "/usr/local/bin/sshtb $IP /usr/sbin/rmuser -y $user 2>&1 |");
while ( <RMUSER> ) {print "$_"; } while ( <RMUSER> ) {print "$_"; }
close(RMUSER); close(RMUSER);
} }
print "Removing group $group from $IP\n";
open (SED, "/usr/local/bin/sshtb $IP \"/usr/bin/sed '/^$group/d' /etc/group >! /tmp/newgroup\" 2>&1 |");
while ( <SED> ) {print "$_";}
close(SED);
open (CP, "/usr/local/bin/sshtb $IP /bin/cp /tmp/newgroup /etc/group 2>&1 |");
while (<CP>) {print "$_";}
close CP;
} else { } else {
print "$IP is unreachable or has an unknown OS ($OS).\n"; print "$IP is unreachable or has an unknown OS ($OS).\n";
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment