--- loncom/Attic/lcuseradd 2004/08/06 10:29:37 1.28 +++ loncom/Attic/lcuseradd 2005/01/25 11:39:52 1.32 @@ -6,7 +6,7 @@ # with adding a user with filesystem privileges (e.g. author) # # -# $Id: lcuseradd,v 1.28 2004/08/06 10:29:37 foxr Exp $ +# $Id: lcuseradd,v 1.32 2005/01/25 11:39:52 foxr Exp $ ### ############################################################################### @@ -214,13 +214,20 @@ if($error_file) { } -# -- Only add user if we can create a brand new home directory (/home/username) -if (-e "/home/$safeusername") { - print "Error. User already exists.\n" unless $noprint; +# -- Only add the user if they are >not< in /etc/passwd. +# Used to look for the ability to create a new directory for the +# user, however that disallows authentication changes from i +# internal->fs.. so just check the passwd file instead. +# +my $not_found = system("grep -q $safeusername: /etc/passwd"); +if (!$not_found) { + print "Error user already exists\n" unless $noprint; unlink('/tmp/lock_lcpasswd'); &Exit(11); } + + # -- Only add user if the two password arguments match. if ($password1 ne $password2) { @@ -248,7 +255,7 @@ print "Done adding user\n" unless $nopri # Make www a member of that user group. my $groups=`/usr/bin/groups www` or &Exit(6); # untaint -my ($safegroups)=($groups=~/([\s\w]+)/); +my ($safegroups)=($groups=~/:\s*([\s\w]+)/); $groups=$safegroups; chomp $groups; $groups=~s/^\S+\s+\:\s+//; my @grouplist=split(/\s+/,$groups); @@ -307,9 +314,15 @@ print OUT< END close OUT; - +system('/bin/chown','0660', "/home/$safeusername/public_html/index.html"); +# +# In order to allow the loncapa daemons appropriate access +# to public_html, Top level and public_html directories should +# be owned by safeusername:www as should the smaple index.html.. print "lcuseradd ownership\n" unless $noprint; -system('/bin/chown','-R',"$safeusername:$safeusername","/home/$safeusername"); +system('/bin/chown','-R',"$safeusername:$safeusername","/home/$safeusername"); # First set std ownership on everything. +system('/bin/chown',"$safeusername:www","/home/$safeusername"); # Now adust top level... +system('/bin/chown','-R',"$safeusername:www","/home/$safeusername/public_html"); # And web dir. # ---------------------------------------------------- Gracefull Apache Restart if (-e '/var/run/httpd.pid') { print "lcuseradd Apache restart\n" unless $noprint;