Annotation of loncom/lcuseradd, revision 1.27
1.1 harris41 1: #!/usr/bin/perl
1.16 harris41 2:
3: # The Learning Online Network with CAPA
1.1 harris41 4: #
1.16 harris41 5: # lcuseradd - LON-CAPA setuid script to coordinate all actions
6: # with adding a user with filesystem privileges (e.g. author)
1.1 harris41 7: #
1.16 harris41 8: #
1.27 ! albertel 9: # $Id: lcuseradd,v 1.26 2004/08/05 10:56:55 foxr Exp $
1.16 harris41 10: ###
1.15 harris41 11:
12: ###############################################################################
13: ## ##
14: ## ORGANIZATION OF THIS PERL SCRIPT ##
15: ## ##
16: ## 1. Description of script ##
17: ## 2. Invoking script (standard input) ##
18: ## 3. Example usage inside another piece of code ##
19: ## 4. Description of functions ##
20: ## 5. Exit codes ##
21: ## 6. Initializations ##
22: ## 7. Make sure this process is running from user=www ##
23: ## 8. Start running script with www permissions ##
24: ## 9. Handle case of another lcpasswd process (locking) ##
25: ## 10. Error-check input, need 3 values (user name, password 1, password 2) ##
26: ## 11. Start running script with root permissions ##
27: ## 12. Add user and make www a member of the user-specific group ##
28: ## 13. Set password ##
29: ## 14. Make final modifications to the user directory ##
30: ## 15. Exit script (unlock) ##
31: ## ##
32: ###############################################################################
1.1 harris41 33:
34: use strict;
35:
1.15 harris41 36: # ------------------------------------------------------- Description of script
37: #
1.1 harris41 38: # This script is a setuid script that should
1.20 foxr 39: # be run by user 'www'. It creates a /home/USERNAME directory.
1.15 harris41 40: # It adds a user to the unix system.
1.2 harris41 41: # Passwords are set with lcpasswd.
42: # www becomes a member of this user group.
1.1 harris41 43:
1.15 harris41 44: # -------------- Invoking script (standard input versus command-line arguments)
1.26 foxr 45: # Otherwise sensitive information will be available to ps-ers for
46: # a small but exploitable time window.
1.15 harris41 47: #
48: # Standard input (STDIN) usage
1.1 harris41 49: # First line is USERNAME
50: # Second line is PASSWORD
1.3 harris41 51: # Third line is PASSWORD
1.26 foxr 52: # Fouth line is the name of a file to which an error code will be written.
53: # If the fourth line is omitted, no error file will be written.
54: # In either case, the program Exits with the code as its Exit status.
55: # The error file will just be a single line containing an
56: # error code.
57: #
58: #
1.15 harris41 59: #
60: # Command-line arguments [USERNAME] [PASSWORD] [PASSWORD]
61: # Yes, but be very careful here (don't pass shell commands)
62: # and this is only supported to allow perl-system calls.
63: #
1.7 harris41 64: # Valid passwords must consist of the
65: # ascii characters within the inclusive
66: # range of 0x20 (32) to 0x7E (126).
67: # These characters are:
68: # SPACE and
69: # !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
70: # PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
1.15 harris41 71: #
1.7 harris41 72: # Valid user names must consist of ascii
73: # characters that are alphabetical characters
74: # (A-Z,a-z), numeric (0-9), or the underscore
75: # mark (_). (Essentially, the perl regex \w).
1.15 harris41 76: # User names must begin with an alphabetical character
77: # (A-Z,a-z).
1.7 harris41 78:
1.15 harris41 79: # ---------------------------------- Example usage inside another piece of code
1.4 harris41 80: # Usage within code
81: #
1.26 foxr 82: # $Exitcode=
1.15 harris41 83: # system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256;
1.26 foxr 84: # print "uh-oh" if $Exitcode;
1.4 harris41 85:
1.15 harris41 86: # ---------------------------------------------------- Description of functions
87: # enable_root_capability() : have setuid script run as root
88: # disable_root_capability() : have setuid script run as www
89: # try_to_lock() : make sure that another lcpasswd process isn't running
90:
91: # ------------------------------------------------------------------ Exit codes
1.26 foxr 92: # These are the Exit codes.
1.13 harris41 93: # ( (0,"ok"),
94: # (1,"User ID mismatch. This program must be run as user 'www'"),
1.15 harris41 95: # (2,"Error. This program needs 3 command-line arguments (username, ".
96: # "password 1, password 2)."),
1.13 harris41 97: # (3,"Error. Three lines should be entered into standard input."),
1.15 harris41 98: # (4,"Error. Too many other simultaneous password change requests being ".
99: # "made."),
1.13 harris41 100: # (5,"Error. User $username does not exist."),
101: # (6,"Error. Could not make www a member of the group \"$safeusername\"."),
102: # (7,"Error. Root was not successfully enabled.),
1.15 harris41 103: # (8,"Error. Cannot set password."),
1.13 harris41 104: # (9,"Error. The user name specified has invalid characters."),
105: # (10,"Error. A password entry had an invalid character."),
106: # (11,"Error. User already exists.),
1.15 harris41 107: # (12,"Error. Something went wrong with the addition of user ".
108: # "\"$safeusername\"."),
1.13 harris41 109: # (13,"Error. Password mismatch."),
1.26 foxr 110: # (14, "Error filename is invalid")
1.4 harris41 111:
1.15 harris41 112: # ------------------------------------------------------------- Initializations
1.1 harris41 113: # Security
1.15 harris41 114: $ENV{'PATH'}='/bin/:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
115: # information
1.16 harris41 116: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
1.2 harris41 117:
1.15 harris41 118: # Do not print error messages.
119: my $noprint=1;
120:
1.26 foxr 121: # Error file:
122:
123: my $error_file; # This is either the error file name or undef.
124:
1.23 foxr 125: print "In lcuseradd\n" unless $noprint;
126:
1.15 harris41 127: # ----------------------------- Make sure this process is running from user=www
128: my $wwwid=getpwnam('www');
129: &disable_root_capability;
130: if ($wwwid!=$>) {
131: print("User ID mismatch. This program must be run as user 'www'\n")
132: unless $noprint;
1.26 foxr 133: &Exit(1);
1.4 harris41 134: }
1.15 harris41 135:
136: # ----------------------------------- Start running script with www permissions
1.4 harris41 137: &disable_root_capability;
138:
1.15 harris41 139: # --------------------------- Handle case of another lcpasswd process (locking)
1.4 harris41 140: unless (&try_to_lock("/tmp/lock_lcpasswd")) {
1.15 harris41 141: print "Error. Too many other simultaneous password change requests being ".
142: "made.\n" unless $noprint;
1.26 foxr 143: &Exit(4);
1.4 harris41 144: }
145:
1.15 harris41 146: # ------- Error-check input, need 3 values (user name, password 1, password 2).
1.4 harris41 147: my @input;
1.26 foxr 148: if (@ARGV>=3) {
1.4 harris41 149: @input=@ARGV;
150: }
151: elsif (@ARGV) {
1.26 foxr 152: print("Error. This program needs at least 3 command-line arguments (username, ".
153: "password 1, password 2 [errorfile]).\n") unless $noprint;
1.4 harris41 154: unlink('/tmp/lock_lcpasswd');
1.26 foxr 155: &Exit(2);
1.4 harris41 156: }
157: else {
158: @input=<>;
1.26 foxr 159: if (@input < 3) {
160: print("Error. At least three lines should be entered into standard input.\n")
1.15 harris41 161: unless $noprint;
1.4 harris41 162: unlink('/tmp/lock_lcpasswd');
1.26 foxr 163: &Exit(3);
1.4 harris41 164: }
1.19 harris41 165: foreach (@input) {chomp;}
1.4 harris41 166: }
167:
1.26 foxr 168: my ($username,$password1,$password2, $error_file)=@input;
1.23 foxr 169: print "Username = ".$username."\n" unless $noprint;
1.4 harris41 170: $username=~/^(\w+)$/;
1.22 foxr 171: print "Username after substitution - ".$username unless $noprint;
1.4 harris41 172: my $safeusername=$1;
1.23 foxr 173: print "Safe username = $safeusername \n" unless $noprint;
1.22 foxr 174:
1.15 harris41 175: if (($username ne $safeusername) or ($safeusername!~/^[A-Za-z]/)) {
1.22 foxr 176: print "Error. The user name specified $username $safeusername has invalid characters.\n"
1.15 harris41 177: unless $noprint;
1.8 harris41 178: unlink('/tmp/lock_lcpasswd');
1.26 foxr 179: &Exit(9);
1.8 harris41 180: }
181: my $pbad=0;
1.19 harris41 182: foreach (split(//,$password1)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
183: foreach (split(//,$password2)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
1.8 harris41 184: if ($pbad) {
1.26 foxr 185: print "Error. A password entry had an invalid character.\n" unless $noprint;
1.8 harris41 186: unlink('/tmp/lock_lcpasswd');
1.26 foxr 187: &Exit(10);
1.8 harris41 188: }
1.5 harris41 189:
1.26 foxr 190: #
191: # Safe the filename. For our case, it must only have alpha, numeric, period
192: # and path sparators..
193: #
194:
195: print "Error file is $error_file \n" unless $noprint;
196:
197: if($error_file) {
198: if($error_file =~ /^([(\w)(\d)\.\/]+)$/) {
199: print "Error file matched pattern $error_file : $1\n" unless $noprint;
200: my $safe_error_file = $1; # Untainted I think.
201: print "Error file after transform $safe_error_file\n"
202: unless $noprint;
203: if($error_file == $safe_error_file) {
204: $error_file = $safe_error_file; # untainted error_file.
205: } else {
206: $error_file ="";
207: print "Invalid error filename\n" unless $noprint;
208: Exit(14);
209: }
210:
211: }
212: else {
213: $error_file="";
214: print "Invalid error filename\n" unless $noprint;
215: Exit(14);
216: }
217: }
218:
219:
1.15 harris41 220: # -- Only add user if we can create a brand new home directory (/home/username)
1.7 harris41 221: if (-e "/home/$safeusername") {
222: print "Error. User already exists.\n" unless $noprint;
223: unlink('/tmp/lock_lcpasswd');
1.26 foxr 224: &Exit(11);
1.7 harris41 225: }
226:
1.15 harris41 227: # -- Only add user if the two password arguments match.
1.23 foxr 228:
1.5 harris41 229: if ($password1 ne $password2) {
1.6 harris41 230: print "Error. Password mismatch.\n" unless $noprint;
1.5 harris41 231: unlink('/tmp/lock_lcpasswd');
1.26 foxr 232: &Exit(13);
1.5 harris41 233: }
1.23 foxr 234: print "enabling root\n" unless $noprint;
1.15 harris41 235: # ---------------------------------- Start running script with root permissions
1.4 harris41 236: &enable_root_capability;
237:
1.15 harris41 238: # ------------------- Add user and make www a member of the user-specific group
239: # -- Add user
1.23 foxr 240:
241: print "adding user: $safeusername \n" unless $noprint;
242: my $status = system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername);
243: if ($status) {
1.15 harris41 244: print "Error. Something went wrong with the addition of user ".
245: "\"$safeusername\".\n" unless $noprint;
1.23 foxr 246: print "Final status of useradd = $status";
1.4 harris41 247: unlink('/tmp/lock_lcpasswd');
1.26 foxr 248: &Exit(12);
1.4 harris41 249: }
1.23 foxr 250: print "Done adding user\n" unless $noprint;
1.7 harris41 251: # Make www a member of that user group.
1.26 foxr 252: my $groups=`/usr/bin/groups www` or &Exit(6);
1.27 ! albertel 253: # untaint
! 254: my ($safegroups)=($groups=~/([\s\w]+)/);
! 255: $groups=$safegroups;
1.17 harris41 256: chomp $groups; $groups=~s/^\S+\s+\:\s+//;
257: my @grouplist=split(/\s+/,$groups);
258: my @ugrouplist=grep {!/www|$safeusername/} @grouplist;
259: my $gl=join(',',(@ugrouplist,$safeusername));
1.23 foxr 260: print "Putting user in its own group\n" unless $noprint;
1.17 harris41 261: if (system('/usr/sbin/usermod','-G',$gl,'www')) {
1.15 harris41 262: print "Error. Could not make www a member of the group ".
263: "\"$safeusername\".\n" unless $noprint;
1.5 harris41 264: unlink('/tmp/lock_lcpasswd');
1.26 foxr 265: &Exit(6);
1.5 harris41 266: }
267:
1.15 harris41 268: # ---------------------------------------------------------------- Set password
269: # Set password with lcpasswd (which creates smbpasswd entry).
1.2 harris41 270:
1.15 harris41 271: unlink('/tmp/lock_lcpasswd');
272: &disable_root_capability;
1.16 harris41 273: ($>,$<)=($wwwid,$wwwid);
1.23 foxr 274: print "Opening lcpasswd pipeline\n" unless $noprint;
1.16 harris41 275: open OUT,"|/home/httpd/perl/lcpasswd";
1.15 harris41 276: print OUT $safeusername;
277: print OUT "\n";
278: print OUT $password1;
279: print OUT "\n";
280: print OUT $password1;
281: print OUT "\n";
282: close OUT;
283: if ($?) {
1.26 foxr 284: print "abnormal Exit from close lcpasswd\n" unless $noprint;
285: &Exit(8);
1.8 harris41 286: }
1.18 harris41 287: ($>,$<)=($wwwid,0);
1.15 harris41 288: &enable_root_capability;
1.8 harris41 289:
1.20 foxr 290: # -- Don't add public_html... that can be added either by the user
291: # or by lchtmldir when the user is granted an authorship role.
292:
1.15 harris41 293: # ------------------------------ Make final modifications to the user directory
294: # -- Add a public_html file with a stand-in index.html file
1.8 harris41 295:
1.21 foxr 296: system('/bin/chmod','-R','0660',"/home/$safeusername");
297: system('/bin/chmod','0710',"/home/$safeusername");
298: mkdir "/home/$safeusername/public_html",0755;
299: system('/bin/chmod','02770',"/home/$safeusername/public_html");
300: open OUT,">/home/$safeusername/public_html/index.html";
301: print OUT<<END;
302: <html>
303: <head>
304: <title>$safeusername</title>
305: </head>
306: <body>
1.24 www 307: <h1>Construction Space</h1>
308: <h3>$safeusername</h3>
1.21 foxr 309: </body>
310: </html>
311: END
312: close OUT;
1.20 foxr 313:
1.24 www 314: print "lcuseradd ownership\n" unless $noprint;
1.11 harris41 315: system('/bin/chown','-R',"$safeusername:$safeusername","/home/$safeusername");
1.24 www 316: # ---------------------------------------------------- Gracefull Apache Restart
317: if (-e '/var/run/httpd.pid') {
318: print "lcuseradd Apache restart\n" unless $noprint;
319: open(PID,'/var/run/httpd.pid');
320: my $pid=<PID>;
321: close(PID);
1.27 ! albertel 322: my ($safepid)=($pid=~s/(\D+)//g);
1.24 www 323: if ($pid) {
1.27 ! albertel 324: system('kill','-USR1',"$safepid");
1.24 www 325: }
326: }
1.15 harris41 327: # -------------------------------------------------------- Exit script
1.26 foxr 328: print "lcuseradd Exiting\n" unless $noprint;
1.8 harris41 329: &disable_root_capability;
1.26 foxr 330: &Exit(0);
1.1 harris41 331:
1.15 harris41 332: # ---------------------------------------------- Have setuid script run as root
1.5 harris41 333: sub enable_root_capability {
334: if ($wwwid==$>) {
1.23 foxr 335: ($<,$>)=($>,0);
336: ($(,$))=($),0);
1.5 harris41 337: }
338: else {
339: # root capability is already enabled
340: }
341: return $>;
342: }
343:
1.15 harris41 344: # ----------------------------------------------- Have setuid script run as www
1.5 harris41 345: sub disable_root_capability {
346: if ($wwwid==$<) {
347: ($<,$>)=($>,$<);
348: ($(,$))=($),$();
349: }
350: else {
351: # root capability is already disabled
352: }
353: }
354:
1.15 harris41 355: # ----------------------- Make sure that another lcpasswd process isn't running
1.5 harris41 356: sub try_to_lock {
357: my ($lockfile)=@_;
358: my $currentpid;
359: my $lastpid;
360: # Do not manipulate lock file as root
361: if ($>==0) {
362: return 0;
363: }
364: # Try to generate lock file.
365: # Wait 3 seconds. If same process id is in
366: # lock file, then assume lock file is stale, and
367: # go ahead. If process id's fluctuate, try
368: # for a maximum of 10 times.
369: for (0..10) {
370: if (-e $lockfile) {
371: open(LOCK,"<$lockfile");
372: $currentpid=<LOCK>;
373: close LOCK;
374: if ($currentpid==$lastpid) {
375: last;
376: }
377: sleep 3;
378: $lastpid=$currentpid;
379: }
380: else {
381: last;
382: }
383: if ($_==10) {
384: return 0;
385: }
386: }
387: open(LOCK,">$lockfile");
388: print LOCK $$;
389: close LOCK;
390: return 1;
391: }
1.26 foxr 392: #-------------------------- Exit...
393: #
394: # Write the file if the error_file is defined. Regardless
395: # Exit with the status code.
396: #
397: sub Exit {
398: my ($code) = @_; # Status code.
399:
400: print "Exiting with status $code error file is $error_file\n" unless $noprint;
401: if($error_file) {
402: open(FH, ">$error_file");
403: print FH "$code\n";
404: close(FH);
405: }
406: exit $code;
407: }
1.16 harris41 408:
409: =head1 NAME
410:
411: lcuseradd - LON-CAPA setuid script to coordinate all actions
412: with adding a user with filesystem privileges (e.g. author)
413:
414: =head1 DESCRIPTION
415:
416: lcuseradd - LON-CAPA setuid script to coordinate all actions
417: with adding a user with filesystem privileges (e.g. author)
418:
419: =head1 README
420:
421: lcuseradd - LON-CAPA setuid script to coordinate all actions
422: with adding a user with filesystem privileges (e.g. author)
423:
424: =head1 PREREQUISITES
425:
426: =head1 COREQUISITES
427:
428: =pod OSNAMES
429:
430: linux
431:
432: =pod SCRIPT CATEGORIES
433:
434: LONCAPA/Administrative
435:
436: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lcuseradd CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom