smeserver-lazy_admin_tools/root/usr/sbin/lat-pptp

278 lines
9.9 KiB
Plaintext
Raw Permalink Normal View History

#!/usr/bin/perl -w
#==============================================================================
# lat-pptp
# ========
# 0.9.0 (2004-09-08)
# (c)2003-2004 Altiplano bvba
#==============================================================================
package esmith;
use strict;
use esmith::db;
use esmith::util;
use Getopt::Long;
use Pod::Usage;
my %conf;
tie %conf, 'esmith::config';
my %accounts;
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts';
my ($Hlp, $Cml, $Inp);
#==============================================================================
# Main
#==============================================================================
# Analyze commandline options
GetOptions ("help" => \$Hlp,
"command-line=s" => \$Cml,
"input-file=s" => \$Inp);
if ( $Hlp ) { &PrintPod(9); exit; }
# What (major) SME version are we running on?
db_get_prop(\%conf, "sysconfig", "ReleaseVersion");
my $MVer = db_get_prop(\%conf, "sysconfig", "ReleaseVersion");
$MVer=substr($MVer,0,1);
# We need one argument or the other, but not both
if (($Cml && $Inp) || (! $Cml && ! $Inp))
{ &PrintPod(1); exit; }
# Check if pptp is active
if (db_get_prop(\%conf, "pptpd", "status") ne "enabled") {
print "PPTP was not activated on your server. Please activate it by increasing the\n";
print "number of PPTP clients in the server-manager (Security / Remote Access).\n\a";
exit;
}
my @records;
if ($Inp) {
open(LIST,"< $Inp") || die "Can't find $Inp.\n";
@records = grep(!/(^\s*#)|(^\s*$)/,<LIST>);
close(LIST); }
elsif ($Cml) { @records=($Cml); }
else { &PrintPod(1); exit; }
&ExpandWildCard; # Check for wildcards and expand if necessary
# Process each user
foreach my $record (@records)
{
my @fields=split(/\|/,$record);
for (my $cnt=0; $cnt <= $#fields; ++$cnt) { for ($fields[$cnt]) { s/^\s+//; s/\s+$//; }}
my $username = $fields[0];
if ( @fields >= 2) { # Both arguments must be given
if ((db_get(\%accounts, $username)) &&
(db_get_type(\%accounts, $username) eq "user")) {
# Deactivate PPTP
if ($fields[1] =~ /off/i ) {
print "Deactivating VPN access for user '$username'.\n";
SWITCH: {
($MVer=="5") && do {
db_set_prop(\%accounts, $username, 'PPTPAccess', "off");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="6") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "no");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="7") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "no");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="8") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "no");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="9") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "no");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
}
}
# Activate PPTP
elsif ($fields[1] =~ /on/i ) {
print "Activating VPN access for user '$username'.\n";
SWITCH: {
($MVer=="5") && do {
db_set_prop(\%accounts, $username, 'PPTPAccess', "on");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="6") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "yes");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="7") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "yes");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="8") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "yes");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
($MVer=="9") && do {
db_set_prop(\%accounts, $username, 'VPNClientAccess', "yes");
system("/sbin/e-smith/signal-event", "remoteaccess-update", $username) == 0
or die ("An error occurred while updating account '$username'.\n");
last SWITCH;
};
}
}
else { print "Unknown argument '$fields[1]' for user $username"; }
}
else { print "User '$username' doesn't exist on this server.\n\a"; }
}
else { print "We need at least a user name and its VPN access status ('on' or 'off').\n\a"; }
}
#==============================================================================
# Subroutines
#==============================================================================
# Test for wildcards in the username. If any wildecards are found, the array
# @records is expanded with the user names that meet the conditions.
sub ExpandWildCard {
my $ctrec = 0;
foreach my $record (@records)
{
my @fld=split(/\|/,$record);
for (my $cnt=0; $cnt <= $#fld; ++$cnt) { for ($fld[$cnt]) { s/^\s+//; s/\s+$//; }}
if ($fld[0] =~ /\*|\?/) { # Does it contain the wildcards?
$fld[0] =~ s/\*/\.\*/g; # Replace * with .* to allow for grep.
$fld[0] =~ s/\?/\./g; # Replace ? with . to allow for grep.
open USRS, "</home/e-smith/db/accounts" or die "Can't open /home/e-smith/db/accounts: $!";
my @match = grep /^$fld[0]\=user\|/i, <USRS>;
close(USRS);
my $cu = 0;
foreach my $tst (@match) {
$tst =~ /\=/; $tst = $`;
for (my $cnt=1; $cnt <= $#fld; ++$cnt) { $tst = $tst." | ".$fld[$cnt]; };
if ($cu == 0 ) {
$records[$ctrec] = $tst;
$cu =1;
}
else {
push(@records, $tst);
}
}
}
++$ctrec;
}
}
#==============================================================================
# Print the pod text as a help screen
sub PrintPod {
my ($verbose, $message) = @_;
pod2usage(-verbose => $verbose, -message => $message, -exitval => 64);
}
#==============================================================================
=pod
=head1 NAME
B<lat-pptp> - The lazy administrator\'s tool to (de)activate pptp access
=head1 DESCRIPTION
PPTP access is by default deactivated on Mitel's SME servers (5.x/6.x).
Once activated in the server-manager pannel, you still need to grant or deny
VPN access to individual users. With lat-pptp you can enable or disable VPN
access on a per-user basis.
In SME 5.6 there is no functional equivalent for lat-pptp in the server-manager.
In SME 6.0 you can find this setting under Collaboration/Users.
See F</usr/doc/lazy-admin-tools/example.pptp> for the format of the input file.
=head1 SYNOPSIS
B<lat-pptp> -c "user | pptpaccess"
B<lat-pptp> -a -i /path/to/pptp.list
=head1 OPTIONS
The following options are supported:
=over 4
=item B<-c "Arguments">, B<--command-line="Arguments">
Take arguments from the command line.
See the 'Arguments' section below for the various arguments that are accepted.
=item B<-h>, B<--help>
Extended help for this tool
=item B<-i FILE>, B<--input-file=FILE>
Use the information from FILE to activaet pptp
=back
=head2 Arguments:
users* : Must be an existing account on the server.
Wildcards (* and ?) are accepted.
pptpaccess : Either 'on' or 'off'. Default is 'off'.
* mandatory field
=head1 EXAMPLES
B<lat-pptp -c "harry | on">
Activates pptp for user 'harry'.
B<lat-pptp -c "* | off">
Dectivates pptp for all users on the server.
B<lat-pptp -i /root/pptp.list>
Sets pptp access for the users as defined in F</root/pptp.list>.
Refer to F</usr/doc/lazy-admin-tools/example.users> for an example of an input file.
=head1 SEE ALSO
lat-group(8), lat-pseudonyms(8), lat-ibays(8), lat-quota(8), lat-domains(8), lat-hosts(8), lat-procmail(8), lat-pptp(8), lat-dump(8)
=head1 VERSION
Version 0.9.0 (2004-09-08). The latest version is hosted at B<http://www.contribs.org/contribs/mblotwijk/>
=head1 COPYRIGHT
(c)2003-2004, Altiplano bvba (B<http://www.altiplano.be>). Released under the terms of the GNU license.
=head1 BUGS
Please report bugs to <Bugs@Altiplano.Be>
=cut
#==============================================================================