--- loncom/Attic/lcuseradd 2000/10/29 22:20:43 1.3 +++ loncom/Attic/lcuseradd 2000/10/30 02:42:17 1.9 @@ -20,23 +20,287 @@ use strict; # Second line is PASSWORD # Third line is PASSWORD +# Valid passwords must consist of the +# ascii characters within the inclusive +# range of 0x20 (32) to 0x7E (126). +# These characters are: +# SPACE and +# !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO +# PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ + +# Valid user names must consist of ascii +# characters that are alphabetical characters +# (A-Z,a-z), numeric (0-9), or the underscore +# mark (_). (Essentially, the perl regex \w). + # Command-line arguments [USERNAME] [PASSWORD] [PASSWORD] # Yes, but be very careful here (don't pass shell commands) # and this is only supported to allow perl-system calls. +# Usage within code +# +# $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256; +# print "uh-oh" if $exitcode; + +# These are the exit codes. + # Security $ENV{'PATH'}=""; # Nullify path information. $ENV{'BASH_ENV'}=""; # Nullify shell environment information. +# Do not print error messages if there are command-line arguments +my $noprint=0; +if (@ARGV) { + $noprint=1; +} + +# Read in /etc/passwd, and make sure this process is running from user=www +open (IN, "; +close IN; +my $wwwid; +for my $l (@lines) { + chop $l; + my @F=split(/\:/,$l); + if ($F[0] eq 'www') {$wwwid=$F[2];} +} +if ($wwwid!=$<) { + print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint; + exit 1; +} +&disable_root_capability; + +# Handle case of another lcpasswd process +unless (&try_to_lock("/tmp/lock_lcpasswd")) { + print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint; + exit 4; +} + +# Gather input. Should be 3 values (user name, password 1, password 2). +my @input; +if (@ARGV==3) { + @input=@ARGV; +} +elsif (@ARGV) { + print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 2; +} +else { + @input=<>; + if (@input!=3) { + print("Error. Three lines should be entered into standard input.\n") unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 3; + } + map {chop} @input; +} + +my ($username,$password1,$password2)=@input; +$username=~/^(\w+)$/; +my $safeusername=$1; +if ($username ne $safeusername) { + print "Error. The user name specified has invalid characters.\n"; + unlink('/tmp/lock_lcpasswd'); + exit 9; +} +my $pbad=0; +map {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} (split(//,$password1)); +map {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} (split(//,$password2)); +if ($pbad) { + print "Error. A password entry had an invalid character.\n"; + unlink('/tmp/lock_lcpasswd'); + exit 10; +} + +# Only add user if we can create a brand new home directory (/home/username). +if (-e "/home/$safeusername") { + print "Error. User already exists.\n" unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 8; +} + +# Only add user if the two password arguments match. +if ($password1 ne $password2) { + print "Error. Password mismatch.\n" unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 7; +} + +&enable_root_capability; + # Add user entry to /etc/passwd and /etc/groups in such # a way that www is a member of the user-specific group -# useradd [-c comment] [-d home_dir] -# [-e expire_date] [-f inactive_time] -# [-g initial_group] [-G group[,...]] -# [-m [-k skeleton_dir] | -M] [-p passwd] -# [-s shell] [-u uid [ -o]] [-n] [-r] login -system('/usr/sbin/useradd','-c','LON-CAPA user','-G','www','junk'); +if (system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername)) { + print "Error. Something went wrong with the addition of user \"$safeusername\".\n" unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 5; +} + +# Make www a member of that user group. +if (system('/usr/sbin/usermod','-G',$safeusername,'www')) { + print "Error. Could not make www a member of the group \"$safeusername\".\n" unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 6; +} + +# Set password with lcpasswd-style algorithm (which creates smbpasswd entry). +# I cannot place a direct shell call to lcpasswd since I have to allow +# for crazy characters in the password, and the setuid environment of perl +# requires me to make everything safe. + +# Grab the line corresponding to username +open (IN, "; +close IN; +my ($userid,$useroldcryptpwd); +my @F; my @U; +for my $l (@lines) { + @F=split(/\:/,$l); + if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;} +} + +# Verify existence of user +if (!defined($userid)) { + print "Error. User $username does not exist.\n" unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 5; +} + +# Construct new password entry (random salt) +my $newcryptpwd=crypt($newpwd,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64])); +$U[1]=$newcryptpwd; +my $userline=join(':',@U); +my $rootid=&enable_root_capability; +if ($rootid!=0) { + print "Error. Root was not successfully enabled.\n" unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 7; +} +open PASSWORDFILE, '>/etc/passwd' or (print("Error. Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8)); +for my $l (@lines) { + @F=split(/\:/,$l); + if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";} + else {print PASSWORDFILE "$l\n";} +} +close PASSWORDFILE; + +($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment +unless (-e '/etc/smbpasswd') { + open (OUT,'>/etc/smbpasswd'); close OUT; +} +my $smbexist=0; +open (IN, '; +close IN; +for my $l (@lines) { + chop $l; + my @F=split(/\:/,$l); + if ($F[0] eq $username) {$smbexist=1;} +} +unless ($smbexist) { + open(OUT,'>>/etc/smbpasswd'); + print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n"; + close OUT; +} +open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null"); +print OUT $newpwd; print OUT "\n"; +print OUT $newpwd; print OUT "\n"; +close OUT; +$<=$wwwid; # unfool the program + +# Make final modifications to the user directory. +# Add a public_html file with a stand-in index.html file. + +system('/bin/chmod','-R','0640',"/home/$safeusername"); +system('/bin/chmod','0750',"/home/$safeusername"); +mkdir "/home/$safeusername/public_html",0750; +open OUT,">/home/$safeusername/public_html"; +print OUT< + +$safeusername + + +

$safeusername

+

+Learning Online Network +

+

+This area provides for: +

+ + + +END +close OUT; + +&disable_root_capability; +unlink('/tmp/lock_lcpasswd'); +exit 0; + +# ----------------------------------------------------------- have setuid script run as root +sub enable_root_capability { + if ($wwwid==$>) { + ($<,$>)=($>,$<); + ($(,$))=($),$(); + } + else { + # root capability is already enabled + } + return $>; +} -# Set password with lcpasswd (which creates smbpasswd entry). +# ----------------------------------------------------------- have setuid script run as www +sub disable_root_capability { + if ($wwwid==$<) { + ($<,$>)=($>,$<); + ($(,$))=($),$(); + } + else { + # root capability is already disabled + } +} +# ----------------------------------- make sure that another lcpasswd process isn't running +sub try_to_lock { + my ($lockfile)=@_; + my $currentpid; + my $lastpid; + # Do not manipulate lock file as root + if ($>==0) { + return 0; + } + # Try to generate lock file. + # Wait 3 seconds. If same process id is in + # lock file, then assume lock file is stale, and + # go ahead. If process id's fluctuate, try + # for a maximum of 10 times. + for (0..10) { + if (-e $lockfile) { + open(LOCK,"<$lockfile"); + $currentpid=; + close LOCK; + if ($currentpid==$lastpid) { + last; + } + sleep 3; + $lastpid=$currentpid; + } + else { + last; + } + if ($_==10) { + return 0; + } + } + open(LOCK,">$lockfile"); + print LOCK $$; + close LOCK; + return 1; +}