|
version 1.6, 2002/09/09 17:57:33
|
version 1.7, 2002/10/12 16:23:21
|
|
Line 35 make_domain_coordinator.pl - Make a doma
|
Line 35 make_domain_coordinator.pl - Make a doma
|
| # |
# |
| # YEAR=2002 |
# YEAR=2002 |
| # 3/1,3/3,3/4 Scott Harrison |
# 3/1,3/3,3/4 Scott Harrison |
| |
# 10/12 Scott Harrison |
| # |
# |
| ### |
### |
| |
|
|
Line 52 These are the steps that are executed on
|
Line 53 These are the steps that are executed on
|
| =item * |
=item * |
| |
|
| Tests to see if user already exists for linux system or for |
Tests to see if user already exists for linux system or for |
| LON-CAPA, if so aborts |
LON-CAPA, if so aborts. A message is output that recommends following |
| |
a manual procedure enabling this user if so desired. |
| |
|
| =item * |
=item * |
| |
|
|
Line 83 Set roles.hist and roles.db
|
Line 85 Set roles.hist and roles.db
|
| |
|
| # This is a standalone script. It *could* alternatively use the |
# This is a standalone script. It *could* alternatively use the |
| # lcuseradd script, however lcuseradd relies on certain system |
# lcuseradd script, however lcuseradd relies on certain system |
| # dependencies. make_domain_coordinator.pl should be able |
# dependencies. In order to have a focused performance, I am trying |
| # to run freely as possible irrespective of the status of a LON-CAPA |
# to avoid system dependencies until the LON-CAPA code base becomes |
| |
# more robust and well-boundaried. make_domain_coordinator.pl should be able |
| |
# to run freely as possible, irrespective of the status of a LON-CAPA |
| # installation. |
# installation. |
| |
|
| # ---------------------------------------------------- Configure general values |
# ---------------------------------------------------- Configure general values |
| |
|
| my %perlvar; |
my %perlvar; # Holds network-wide and machine-specific configuration values. |
| |
# We only need one configuration value however, lonUsersDir. Rather than |
| |
# read this out of loncapa.conf, I am just going to hard-code this for now. |
| $perlvar{'lonUsersDir'}='/home/httpd/lonUsers'; |
$perlvar{'lonUsersDir'}='/home/httpd/lonUsers'; |
| |
|
| |
|
| =pod |
=pod |
| |
|
| =head1 OPTIONS |
=head1 OPTIONS |
|
Line 122 if (@ARGV!=2) {
|
Line 127 if (@ARGV!=2) {
|
| } |
} |
| my ($username,$domain)=(@ARGV); shift @ARGV; shift @ARGV; |
my ($username,$domain)=(@ARGV); shift @ARGV; shift @ARGV; |
| unless ($username=~/^\w+$/ and $username!~/\_/) { |
unless ($username=~/^\w+$/ and $username!~/\_/) { |
| die 'Username '.$username.' must consist only of alphanumeric characters'. |
die('**** ERROR **** '. |
| "\n"; |
'Username '.$username.' must consist only of alphanumeric characters'. |
| |
"\n"); |
| } |
} |
| unless ($domain=~/^\w+$/ and $domain!~/\_/) { |
unless ($domain=~/^\w+$/ and $domain!~/\_/) { |
| die 'Domain '.$domain.' must consist only of alphanumeric characters'. |
die('**** ERROR **** '. |
| "\n"; |
'Domain '.$domain.' must consist only of alphanumeric characters'. |
| |
"\n"); |
| } |
} |
| |
|
| print "Password: "; $|=1; |
# Output a warning message. |
| |
print('**** NOTE **** '. |
| |
'Generating a domain coordinator is "serious business".'."\n". |
| |
'Choosing a difficult-to-guess (and keeping it a secret) password '."\n". |
| |
'is highly recommended.'."\n"); |
| |
|
| |
print("Password: "); $|=1; |
| my $passwd=<>; # read in password from standard input |
my $passwd=<>; # read in password from standard input |
| chomp($passwd); |
chomp($passwd); |
| |
|
| if (length($passwd)<6 or length($passwd)>30) { |
if (length($passwd)<6 or length($passwd)>30) { |
| die 'Password is an unreasonable length.'."\n"; |
die('**** ERROR **** '.'Password is an unreasonable length.'."\n". |
| |
'It should be at least 6 characters in length.'."\n"); |
| } |
} |
| my $pbad=0; |
my $pbad=0; |
| foreach (split(//,$passwd)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
foreach (split(//,$passwd)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
| if ($pbad) { |
if ($pbad) { |
| die 'Password must consist of standard ASCII characters'."\n"; |
die('**** ERROR **** '. |
| |
'Password must consist of standard ASCII characters'."\n"); |
| } |
} |
| |
|
| # And does user already exist |
# And does user already exist |
| |
|
| |
my $caveat = |
| |
'For security reasons, this script will only automatically generate '."\n". |
| |
'new users, not pre-existing users.'."\n". |
| |
"If you want to make '$username' a domain coordinator, you "."\n". |
| |
'should do so manually by customizing the MANUAL PROCEDURE'."\n". |
| |
'described in the documentation. To view the documentation '."\n". |
| |
'for this script, type '. |
| |
"'perldoc ./make_domain_coordinator.pl'."."\n"; |
| |
|
| if (-d "/home/$username") { |
if (-d "/home/$username") { |
| die ($username.' is already a linux operating system user.'."\n"); |
die ('**** ERROR **** '.$username.' is already a linux operating system '. |
| |
'user.'."\n".$caveat); |
| } |
} |
| my $udpath=propath($domain,$username); |
my $udpath=propath($domain,$username); |
| if (-d $udpath) { |
if (-d $udpath) { |
| die ($username.' is already defined as a LON-CAPA user.'."\n"); |
die ('**** ERROR **** '.$username.' is already defined as a LON-CAPA '. |
| |
'user.'."\n".$caveat); |
| } |
} |
| |
|
| =pod |
=pod |
| |
|
| =head1 MANUAL PROCEDURE |
=head1 MANUAL PROCEDURE |
| |
|
| There are 10 steps to a manual procedure. |
There are 10 steps to manually recreating what this script performs |
| |
automatically. |
| |
|
| You need to decide on three pieces of information |
You need to decide on three pieces of information |
| to create a domain coordinator. |
to create a domain coordinator. |
|
Line 187 login as root on your Linux system
|
Line 214 login as root on your Linux system
|
| |
|
| # ------------------------------------------------------------ So, are we root? |
# ------------------------------------------------------------ So, are we root? |
| |
|
| if ($< != 0) { |
if ($< != 0) { # Am I root? |
| die 'You must be root in order to generate a domain coordinator.'."\n"; |
die 'You must be root in order to generate a domain coordinator.'."\n"; |
| } |
} |
| |
|
|
Line 203 if ($< != 0) {
|
Line 230 if ($< != 0) {
|
| # ----------------------------------------------------------- /usr/sbin/useradd |
# ----------------------------------------------------------- /usr/sbin/useradd |
| |
|
| $username=~s/\W//g; # an extra filter, just to be sure |
$username=~s/\W//g; # an extra filter, just to be sure |
| `/usr/sbin/useradd $username`; |
`/usr/sbin/useradd $username`; # Add the user with the 'useradd' command. |
| |
|
| =pod |
=pod |
| |
|
|
Line 218 $username=~s/\W//g; # an extra filter, j
|
Line 245 $username=~s/\W//g; # an extra filter, j
|
| |
|
| =cut |
=cut |
| |
|
| $username=~s/\W//g; # an extra filter, just to be sure |
# Process password (taint-check, then pass to the UNIX passwd command). |
| $pbad=0; |
$username =~ s/\W//g; # an extra filter, just to be sure |
| |
$pbad = 0; |
| foreach (split(//,$passwd)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
foreach (split(//,$passwd)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
| if ($pbad) { |
if ($pbad) { |
| die 'Password must consist of standard ASCII characters'."\n"; |
die('Password must consist of standard ASCII characters'."\n"); |
| } |
} |
| open OUT,"|passwd --stdin $username"; |
open(OUT,"|passwd --stdin $username"); |
| print OUT $passwd."\n"; |
print(OUT $passwd."\n"); |
| close OUT; |
close(OUT); |
| |
|
| =pod |
=pod |
| |
|
|
Line 247 close OUT;
|
Line 275 close OUT;
|
| Let S equal second letter of USERNAME |
Let S equal second letter of USERNAME |
| Let E equal third letter of USERNAME |
Let E equal third letter of USERNAME |
| Command: [prompt %] install -d DOMAIN/U/S/E/USERNAME |
Command: [prompt %] install -d DOMAIN/U/S/E/USERNAME |
| Example: [prompt %] install -d 103/d/c/1/dc103 |
|
| |
Here are three examples of the commands that would be needed |
| |
for different domain coordinator names (dc103, morphy, or ng): |
| |
|
| |
Example #1 (dc103): [prompt %] install -d 103/d/c/1/dc103 |
| |
Example #2 (morphy): [prompt %] install -d 103/m/o/r/morphy |
| |
Example #3 (ng): [prompt %] install -d 103/n/g/_/ng |
| |
|
| =cut |
=cut |
| |
|
| `install -o www -g www -d $udpath`; |
# Generate the user directory. |
| |
`install -o www -g www -d $udpath`; # Must be writeable by httpd process. |
| |
|
| =pod |
=pod |
| |
|
|
Line 266 close OUT;
|
Line 301 close OUT;
|
| |
|
| =cut |
=cut |
| |
|
| open OUT, ">$udpath/passwd"; |
# UNIX (/etc/passwd) style authentication is asserted for domain coordinators. |
| print OUT 'unix:'."\n"; |
open(OUT, ">$udpath/passwd"); |
| close OUT; |
print(OUT 'unix:'."\n"); |
| `chown www:www $udpath/passwd`; |
close(OUT); |
| |
`chown www:www $udpath/passwd`; # Must be writeable by httpd process. |
| |
|
| =pod |
=pod |
| |
|
|
Line 280 close OUT;
|
Line 316 close OUT;
|
| |
|
| =cut |
=cut |
| |
|
| use GDBM_File; |
use GDBM_File; # A simplistic key-value pairing database. |
| my %hash; |
my %hash; |
| tie(%hash,'GDBM_File',"$udpath/roles.db", |
|
| &GDBM_WRCREAT,0640); |
|
| |
|
| $hash{'/'.$domain.'/_dc'}='dc'; |
tie(%hash,'GDBM_File',"$udpath/roles.db", |
| open OUT, ">$udpath/roles.hist"; |
&GDBM_WRCREAT,0640); # Interface with GDBM database thru a hash variable. |
| |
|
| |
$hash{'/'.$domain.'/_dc'}='dc'; # Set the domain coordinator role. |
| |
open(OUT, ">$udpath/roles.hist"); # roles.hist is the synchronous plain text. |
| map { |
map { |
| print OUT $_.' : '.$hash{$_}."\n"; |
print(OUT $_.' : '.$hash{$_}."\n"); |
| } keys %hash; |
} keys %hash; |
| close OUT; |
close(OUT); |
| |
untie(%hash); # Finish interfacing with GDBM database. |
| |
|
| untie %hash; |
`chown www:www $udpath/roles.hist`; # Must be writeable by httpd process. |
| `chown www:www $udpath/roles.hist`; |
`chown www:www $udpath/roles.db`; # Must be writeable by httpd process. |
| `chown www:www $udpath/roles.db`; |
|
| |
|
| =pod |
=pod |
| |
|
|
Line 305 by going to http://MACHINENAME/adm/creat
|
Line 342 by going to http://MACHINENAME/adm/creat
|
| |
|
| =cut |
=cut |
| |
|
| print "$username is now a domain coordinator\n"; |
# Output success message, and inform sysadmin about how to further proceed. |
| my $hostname=`hostname`; chomp $hostname; |
print("$username is now a domain coordinator\n"); # Output success message. |
| print "http://$hostname/adm/createuser will allow you to further define". |
my $hostname=`hostname`; chomp($hostname); # Read in hostname. |
| " this user.\n"; |
print("http://$hostname/adm/createuser will allow you to further define". |
| |
" this user.\n"); # Output a suggested URL. |
| |
|
| # ----------------------------------------------------------------- SUBROUTINES |
# ================================================================= SUBROUTINES |
| |
# Subroutine propath: take in domain and username, and generate filesystem path |
| sub propath { |
sub propath { |
| my ($udom,$uname)=@_; |
my ($udom,$uname)=@_; # The lonDefDomain, and the domain coord. username. |
| $udom=~s/\W//g; |
$udom =~ s/\W//g; # Taint removal. |
| $uname=~s/\W//g; |
$uname =~ s/\W//g; # Taint removal. |
| my $subdir=$uname.'__'; |
my $subdir = $uname.'__'; |
| $subdir =~ s/(.)(.)(.).*/$1\/$2\/$3/; |
$subdir =~ s/(.)(.)(.).*/$1\/$2\/$3/; # The path must have three subdirs. |
| my $proname="$perlvar{'lonUsersDir'}/$udom/$subdir/$uname"; |
my $proname = "$perlvar{'lonUsersDir'}/$udom/$subdir/$uname"; # Total path. |
| return $proname; |
return $proname; # Return the total user directory filesystem path. |
| } |
} |
| |
|
| =pod |
=pod |
| |
|
| =head1 AUTHOR |
=head1 AUTHOR |
| |
|
| Scott Harrison, harris41@msu.edu |
Written to help the LON-CAPA project. |
| |
|
| |
Scott Harrison, sharrison@users.sourceforge.net |
| |
|
| =cut |
=cut |
![[BACK]](/icons/back.gif){kind=icon}
Return to make_domain_coordinator.pl CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / build