1. 24 Oct, 2003 1 commit
  2. 13 Oct, 2003 2 commits
  3. 18 Aug, 2003 1 commit
  4. 06 Aug, 2003 1 commit
  5. 03 Jun, 2003 1 commit
  6. 10 Apr, 2003 1 commit
  7. 09 Apr, 2003 1 commit
    • Mac Newbold's avatar
      Add new script to notify users when they are over their quota. Runs from · 38310b4e
      Mac Newbold authored
      cron daily, on the fs node (ops) as root. Uses lots of configure variables
      so that it does the right thing in any installation, without any
      customization.
      
      One possible caveat regarding quotas: If FS_NODE != USERNODE, they don't
      have a login on the fs machine. So checking their quota won't work unless
      the rpc.rquotad(8) daemon is running on FS_NODE, which we currently don't
      do.
      
      In order to do this right, I had to add a new configure var,
      FS_WITH_QUOTAS, that has a space separated list of file systems that have
      quotas enabled. (Ie the default is 'FS_WITH_QUOTAS="/q /users"'.) It
      doesn't have any default, since I couldn't come up with a reasonable one.
      All the defs files have been updated appropriately to define this new
      variable.
      38310b4e
  8. 26 Mar, 2003 1 commit
  9. 25 Mar, 2003 1 commit
  10. 03 Mar, 2003 1 commit
  11. 13 Feb, 2003 1 commit
  12. 11 Feb, 2003 1 commit
    • Leigh Stoller's avatar
      Move addpubkey from the utils to account directory. Note that I copied · 2a534d88
      Leigh Stoller authored
      the RCS control file in the repository so the history is left intact.
      
      Two new modes, which used to be in the old mkacct. There is an init
      mode, which is used on new users to create the initial pub key. There
      is also a write mode, which is used regenerate the authkeys files for
      people after they add/delete keys via the web interface. Used to be
      that addpubkey wold add the key to the DB, but mkacct would deal with
      creating the authkeys files. All this functionality is now localized
      in this one script.
      2a534d88
  13. 10 Feb, 2003 1 commit
  14. 09 Feb, 2003 1 commit
    • Leigh Stoller's avatar
      Checkpoint (still neads testing and tweaking) vastly rewritten mkacct · b9ef7da1
      Leigh Stoller authored
      script, which is now called tbacct, and lives in the account directory
      instead of tbsetup (all account scripts are moving into this
      directory). The command line is different:
      
      	Usage: tbacct <add|del|mod|freeze|thaw|sfskey> <name>
      
      However, it is not really intended to be called from the command line,
      but if it is, it always does the right thing based on the DB. All of
      the ssh commands are localized here as well (mkproj and others will
      invoke this script instead of doing pw commands themselves on ops).
      
      My experience with this indicates a couple of things.
      
      * We should probably not invoke these backend scripts (which are
        setuid) as the user driving them from the web. This complicates
        things, especially in light of having to deal with users with no
        accounts (say, a new user, unapproved, who wants to change their
        password). Not sure what the right model is, but since the script
        always does the right thing, it really makes no difference who
        invokes it.
      
      * The actual pw commands should be driven from a script on the other
        side. This would make it easy to retarget to linux or whatever. I
        thought about doing that, but the shell quoting is a pain in the
        butt, and its not like I'm supposed to be doing this stuff.
      b9ef7da1
  15. 28 Jan, 2003 1 commit
  16. 06 Dec, 2002 1 commit
    • Leigh Stoller's avatar
      Allow this to be called as user nobody. This will happen in a couple · 888fd409
      Leigh Stoller authored
      of instances; when a user first joins, a pub key is entered before the
      user is approved and gets an account. The other case is for the new
      webonly accounts, which exist for people with access to specific
      widearea nodes. These people never have local accounts (for suxec),
      but still get to edit their personal info and public keys for
      distribution to those widearea nodes.
      888fd409
  17. 22 Oct, 2002 1 commit
  18. 04 Sep, 2002 1 commit
  19. 26 Aug, 2002 1 commit
    • Leigh Stoller's avatar
      Rework all of the ssh key handling. Moved the parsing and verification · ae77bdb6
      Leigh Stoller authored
      to an external perl script, and use ssh-keygen to attempt conversion
      off SSH2/SECSH key formats. This is actually a simplification of the
      php code, which is not generally very good at this kind of thing (or
      maybe I mean perl is just better at it). The parsing and error
      handling it also much improved.
      ae77bdb6