File:  [LON-CAPA] / loncom / Attic / lcuseradd
Revision 1.13: download - view: text, annotated - select for diffs
Mon Oct 30 03:30:26 2000 UTC (23 years, 5 months ago) by harris41
Branches: MAIN
CVS tags: HEAD
scripts are almost all working. lcuserdel still has some problems, and lcuseradd
doesn't get the permissions quite right yet.

#!/usr/bin/perl
#
# lcuseradd
#
# Scott Harrison
# SH: October 27, 2000
# SH: October 29, 2000

use strict;

# This script is a setuid script that should
# be run by user 'www'.  It creates a /home/USERNAME directory
# as well as a /home/USERNAME/public_html directory.
# It adds user entries to
# /etc/passwd and /etc/groups.
# Passwords are set with lcpasswd.
# www becomes a member of this user group.

# Standard input usage
# First line is USERNAME
# Second line is PASSWORD
# Third line is PASSWORD

# Valid passwords must consist of the
# ascii characters within the inclusive
# range of 0x20 (32) to 0x7E (126).
# These characters are:
# SPACE and
# !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
# PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

# Valid user names must consist of ascii
# characters that are alphabetical characters
# (A-Z,a-z), numeric (0-9), or the underscore
# mark (_). (Essentially, the perl regex \w).

# Command-line arguments [USERNAME] [PASSWORD] [PASSWORD]
# Yes, but be very careful here (don't pass shell commands)
# and this is only supported to allow perl-system calls.

# Usage within code
#
# $exitcode=system("/home/httpd/perl/lcuseradd","NAME","PASSWORD1","PASSWORD2")/256;
# print "uh-oh" if $exitcode;

# These are the exit codes.
# ( (0,"ok"),
# (1,"User ID mismatch.  This program must be run as user 'www'"),
# (2,"Error. This program needs 3 command-line arguments (username, password 1, password 2)."),
# (3,"Error. Three lines should be entered into standard input."),
# (4,"Error. Too many other simultaneous password change requests being made."),
# (5,"Error. User $username does not exist."),
# (6,"Error. Could not make www a member of the group \"$safeusername\"."),
# (7,"Error. Root was not successfully enabled.),
# (8,"Error. Cannot open /etc/passwd."),
# (9,"Error. The user name specified has invalid characters."),
# (10,"Error. A password entry had an invalid character."),
# (11,"Error. User already exists.),
# (12,"Error. Something went wrong with the addition of user \"$safeusername\"."),
# (13,"Error. Password mismatch."),

# Security
$ENV{'PATH'}=""; # Nullify path information.
$ENV{'BASH_ENV'}=""; # Nullify shell environment information.

# Do not print error messages if there are command-line arguments
my $noprint=0;
if (@ARGV) {
    $noprint=1;
}

# Read in /etc/passwd, and make sure this process is running from user=www
open (IN, "</etc/passwd");
my @lines=<IN>;
close IN;
my $wwwid;
for my $l (@lines) {
    chop $l;
    my @F=split(/\:/,$l);
    if ($F[0] eq 'www') {$wwwid=$F[2];}
}
if ($wwwid!=$<) {
    print("User ID mismatch.  This program must be run as user 'www'\n") unless $noprint;
    exit 1;
}
&disable_root_capability;

# Handle case of another lcpasswd process
unless (&try_to_lock("/tmp/lock_lcpasswd")) {
    print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
    exit 4;
}

# Gather input.  Should be 3 values (user name, password 1, password 2).
my @input;
if (@ARGV==3) {
    @input=@ARGV;
}
elsif (@ARGV) {
    print("Error. This program needs 3 command-line arguments (username, password 1, password 2).\n") unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 2;
}
else {
    @input=<>;
    if (@input!=3) {
	print("Error. Three lines should be entered into standard input.\n") unless $noprint;
	unlink('/tmp/lock_lcpasswd');
	exit 3;
    }
    map {chop} @input;
}

my ($username,$password1,$password2)=@input;
$username=~/^(\w+)$/;
my $safeusername=$1;
if ($username ne $safeusername) {
    print "Error. The user name specified has invalid characters.\n";
    unlink('/tmp/lock_lcpasswd');
    exit 9;
}
my $pbad=0;
map {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} (split(//,$password1));
map {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} (split(//,$password2));
if ($pbad) {
    print "Error. A password entry had an invalid character.\n";
    unlink('/tmp/lock_lcpasswd');
    exit 10;
}

# Only add user if we can create a brand new home directory (/home/username).
if (-e "/home/$safeusername") {
    print "Error. User already exists.\n" unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 11;
}

# Only add user if the two password arguments match.
if ($password1 ne $password2) {
    print "Error. Password mismatch.\n" unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 13;
}

&enable_root_capability;

# Add user entry to /etc/passwd and /etc/groups in such
# a way that www is a member of the user-specific group

if (system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername)) {
    print "Error.  Something went wrong with the addition of user \"$safeusername\".\n" unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 12;
}

# Make www a member of that user group.
if (system('/usr/sbin/usermod','-G',$safeusername,'www')) {
    print "Error. Could not make www a member of the group \"$safeusername\".\n" unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 6;
}

# Set password with lcpasswd-style algorithm (which creates smbpasswd entry).
# I cannot place a direct shell call to lcpasswd since I have to allow
# for crazy characters in the password, and the setuid environment of perl
# requires me to make everything safe.

# Grab the line corresponding to username
open (IN, "</etc/passwd");
@lines=<IN>;
close IN;
my ($userid,$useroldcryptpwd);
my @F; my @U;
for my $l (@lines) {
    chop $l;
    @F=split(/\:/,$l);
    if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
}

# Verify existence of user
if (!defined($userid)) {
    print "Error. User $username does not exist.\n" unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 5;
}

# Construct new password entry (random salt)
my $newcryptpwd=crypt($password1,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
$U[1]=$newcryptpwd;
my $userline=join(':',@U);
my $rootid=&enable_root_capability;
if ($rootid!=0) {
    print "Error.  Root was not successfully enabled.\n" unless $noprint;
    unlink('/tmp/lock_lcpasswd');
    exit 7;
}
open PASSWORDFILE, '>/etc/passwd' or (print("Error.  Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8));
for my $l (@lines) {
    @F=split(/\:/,$l);
    if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
    else {print PASSWORDFILE "$l\n";}
}
close PASSWORDFILE;

($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
unless (-e '/etc/smbpasswd') {
    open (OUT,'>/etc/smbpasswd'); close OUT;
}
my $smbexist=0;
open (IN, '</etc/smbpasswd');
my @lines=<IN>;
close IN;
for my $l (@lines) {
    chop $l;
    my @F=split(/\:/,$l);
    if ($F[0] eq $username) {$smbexist=1;}
}
unless ($smbexist) {
    open(OUT,'>>/etc/smbpasswd');
    print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
    close OUT;
}
open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
print OUT $password1; print OUT "\n";
print OUT $password1; print OUT "\n";
close OUT;
$<=$wwwid; # unfool the program

# Make final modifications to the user directory.
# Add a public_html file with a stand-in index.html file.

system('/bin/chmod','-R','0660',"/home/$safeusername");
system('/bin/chmod','0770',"/home/$safeusername");
mkdir "/home/$safeusername/public_html",0770;
open OUT,">/home/$safeusername/public_html/index.html";
print OUT<<END;
<HTML>
<HEAD>
<TITLE>$safeusername</TITLE>
</HEAD>
<BODY>
<H1>$safeusername</H1>
<P>
Learning Online Network
</P>
<P>
This area provides for:
</P>
<UL>
<LI>resource construction
<LI>resource publication
<LI>record-keeping
</UL>
</BODY>
</HTML>
END
close OUT;
system('/bin/chown','-R',"$safeusername:$safeusername","/home/$safeusername");
&disable_root_capability;
unlink('/tmp/lock_lcpasswd');
exit 0;

# ----------------------------------------------------------- have setuid script run as root
sub enable_root_capability {
    if ($wwwid==$>) {
	($<,$>)=($>,$<);
	($(,$))=($),$();
    }
    else {
	# root capability is already enabled
    }
    return $>;
}

# ----------------------------------------------------------- have setuid script run as www
sub disable_root_capability {
    if ($wwwid==$<) {
	($<,$>)=($>,$<);
	($(,$))=($),$();
    }
    else {
	# root capability is already disabled
    }
}

# ----------------------------------- make sure that another lcpasswd process isn't running
sub try_to_lock {
    my ($lockfile)=@_;
    my $currentpid;
    my $lastpid;
    # Do not manipulate lock file as root
    if ($>==0) {
	return 0;
    }
    # Try to generate lock file.
    # Wait 3 seconds.  If same process id is in
    # lock file, then assume lock file is stale, and
    # go ahead.  If process id's fluctuate, try
    # for a maximum of 10 times.
    for (0..10) {
	if (-e $lockfile) {
	    open(LOCK,"<$lockfile");
	    $currentpid=<LOCK>;
	    close LOCK;
	    if ($currentpid==$lastpid) {
		last;
	    }
	    sleep 3;
	    $lastpid=$currentpid;
	}
	else {
	    last;
	}
	if ($_==10) {
	    return 0;
	}
    }
    open(LOCK,">$lockfile");
    print LOCK $$;
    close LOCK;
    return 1;
}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>