--- loncom/Attic/lcuseradd 2000/10/29 22:20:43 1.3 +++ loncom/Attic/lcuseradd 2000/10/29 22:38:21 1.4 @@ -24,19 +24,85 @@ use strict; # Yes, but be very careful here (don't pass shell commands) # and this is only supported to allow perl-system calls. +# Usage within code +# +# $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256; +# print "uh-oh" if $exitcode; + +# These are the exit codes. + # Security $ENV{'PATH'}=""; # Nullify path information. $ENV{'BASH_ENV'}=""; # Nullify shell environment information. +# Do not print error messages if there are command-line arguments +my $noprint=0; +if (@ARGV) { + $noprint=1; +} + +# Read in /etc/passwd, and make sure this process is running from user=www +open (IN, "; +close IN; +my $wwwid; +for my $l (@lines) { + chop $l; + my @F=split(/\:/,$l); + if ($F[0] eq 'www') {$wwwid=$F[2];} +} +if ($wwwid!=$<) { + print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint; + exit 1; +} +&disable_root_capability; + +# Handle case of another lcpasswd process +unless (&try_to_lock("/tmp/lock_lcpasswd")) { + print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint; + exit 4; +} + +# Gather input. Should be 3 values (user name, password 1, password 2). +my @input; +if (@ARGV==1) { + @input=@ARGV; +} +elsif (@ARGV) { + print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 2; +} +else { + @input=<>; + if (@input!=1) { + print("Error. Three lines should be entered into standard input.\n") unless $noprint; + unlink('/tmp/lock_lcpasswd'); + exit 3; + } + map {chop} @input; +} + +my ($username,$password1,$password2)=@input; +$username=~/^(\w+)$/; +my $safeusername=$1; +$password1=~/^(\w+)$/; +my $password1=$1; +$password2=~/^(\w+)$/; +my $safepassword2=$1; + +&enable_root_capability; + # Add user entry to /etc/passwd and /etc/groups in such # a way that www is a member of the user-specific group -# useradd [-c comment] [-d home_dir] -# [-e expire_date] [-f inactive_time] -# [-g initial_group] [-G group[,...]] -# [-m [-k skeleton_dir] | -M] [-p passwd] -# [-s shell] [-u uid [ -o]] [-n] [-r] login -system('/usr/sbin/useradd','-c','LON-CAPA user','-G','www','junk'); +# This command 'should' make the user be a member of just + +if (system('/usr/sbin/useradd','-c','LON-CAPA user','-G','www',$safeusername)) { + print "Error. Something went wrong with the addition of user \"$safeusername\".\n"; + unlink('/tmp/lock_lcpasswd'); + exit 5; +} # Set password with lcpasswd (which creates smbpasswd entry).