448 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
		
		
			
		
	
	
			448 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
|   | #!/usr/bin/perl -w | ||
|  | #============================================================================== | ||
|  | # lat-users | ||
|  | # ========= | ||
|  | # 0.9.0 (2004-09-08) | ||
|  | # (c)2003-2004 Altiplano bvba | ||
|  | #============================================================================== | ||
|  | package esmith; | ||
|  | use strict; | ||
|  | use esmith::db; | ||
|  | use esmith::util; | ||
|  | use Getopt::Long; | ||
|  | use Pod::Usage; | ||
|  | my %conf; | ||
|  | tie %conf, 'esmith::config'; | ||
|  | my %accounts; | ||
|  | tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; | ||
|  | my ($Hlp, $Cml, $Frc, $Inp, $Pwf); | ||
|  | my $Add =0; | ||
|  | my $Del =0; | ||
|  | my $Kaa =0; | ||
|  | my $passwlist="./passwords.new"; | ||
|  | 
 | ||
|  | #============================================================================== | ||
|  | #  Main | ||
|  | #============================================================================== | ||
|  | # Analyze commandline options | ||
|  | GetOptions  ("help"           => \$Hlp, | ||
|  |              "add"            => \$Add, | ||
|  |              "delete"         => \$Del, | ||
|  |              "force"          => \$Frc, | ||
|  |              "nickname"	      => \$Kaa, | ||
|  | 	     "passwords"      => \$Pwf, | ||
|  |              "command-line=s" => \$Cml, | ||
|  |              "input-file=s"   => \$Inp); | ||
|  | 
 | ||
|  | if ( $Hlp ) { &PrintPod(9); exit; } | ||
|  | 
 | ||
|  | # We need one argument or the other, but not both | ||
|  | if ((($Cml && $Inp) || (! $Cml && ! $Inp)) || | ||
|  |     ($Add + $Del != 1)) | ||
|  | 	{ &PrintPod(1); exit; } | ||
|  | 
 | ||
|  | my @records; | ||
|  | if ($Inp) { | ||
|  |     open(LIST,"< $Inp")  ||  die "Can't find $Inp.\n"; | ||
|  |     @records = grep(!/(^\s*#)|(^\s*$)/,<LIST>); | ||
|  |     close(LIST); } | ||
|  | elsif ($Cml) { @records=($Cml); } | ||
|  | else { &PrintPod(1); exit; } | ||
|  | 
 | ||
|  | # Add accounts | ||
|  | if ($Add) { | ||
|  |     # Process each user | ||
|  |     foreach my $record (@records) | ||
|  |     { | ||
|  |         my @fields=split(/\|/,$record); | ||
|  |         for (my $cnt=0; $cnt <= $#fields; ++$cnt) { for ($fields[$cnt]) { s/^\s+//; s/\s+$//; }} | ||
|  |         my $username = $fields[0]; | ||
|  | 
 | ||
|  |         if ( @fields >= 1) {  | ||
|  |             if ( &TestName($username)) | ||
|  |             { | ||
|  |                 my $uid; | ||
|  |                 if ($fields[11]) { $uid = $fields[11]; } | ||
|  |                 else { $uid = &FindUid;} | ||
|  |                 if (&TestUid($uid)) { | ||
|  |                     my %user = ("FirstName", $fields[1], | ||
|  |                                 "LastName", $fields[2], | ||
|  |                                 "PasswordSet", "no", | ||
|  |                                 "Uid",$uid, | ||
|  |                                 "Dept", $fields[4], | ||
|  |                                 "Company", $fields[5], | ||
|  | 				"Shell", "/usr/bin/rssh", | ||
|  | 				"VPNClientAccess","no", | ||
|  |                                 "Street", $fields[6], | ||
|  |                                 "City", $fields[7], | ||
|  |                                 "Phone", $fields[8], | ||
|  |                                 "EmailForward", $fields[9], | ||
|  |                                 "ForwardAddress", $fields[10]); | ||
|  |                     if ( ! $user{'FirstName'}    ) { $user{"FirstName"} = $username; } | ||
|  |                     if ( ! $user{'LastName' }    ) { $user{"LastName"} =  $username; } | ||
|  |                     if ( ! $user{'EmailForward'} ) { $user{"EmailForward"} = "local"; } | ||
|  |                     if ( ! $user{'EmailForward'} =~/^(local)$|^(forward)$|^(both)$/) | ||
|  |                        { $user{"EmailForward"} = "local"; } | ||
|  | 
 | ||
|  |                     # Create or update account | ||
|  |                     if ( ! db_get(\%accounts, $username)) { | ||
|  |                         print "Creating user account for $username (Uid:$uid).\n"; | ||
|  |                         db_set(\%accounts, $username, 'user', \%user); | ||
|  |                         system("/sbin/e-smith/signal-event", "user-create", $username) == 0 | ||
|  |                             or die ("An error occurred while creating account '$username'.\n"); | ||
|  |                     } | ||
|  |                     else { | ||
|  |                         print "Updating user account $username.\n"; | ||
|  |                         foreach my $value (keys %user) { | ||
|  |                             if ( ! $user{$value} ) { $user{$value} = "" } | ||
|  |                             if ($user{$value} eq "" ) | ||
|  |                                 { $user{$value} = db_get_prop(\%accounts, $username, $value) } | ||
|  |                             $user{"PasswordSet"} = db_get_prop(\%accounts, $username, "PasswordSet"); | ||
|  |                             $user{"Uid"} = db_get_prop(\%accounts, $username, "Uid"); | ||
|  |                         } | ||
|  |                          | ||
|  |                         db_set(\%accounts, $username, 'user', \%user); | ||
|  |                         system("/sbin/e-smith/signal-event", "user-modify", $username) == 0 | ||
|  |                             or die ("An error occurred while modifying account '$username'.\n"); | ||
|  |                     } | ||
|  |                      | ||
|  |                     # Set password | ||
|  |                     if ((! $fields[3]) && ($Pwf)) { $fields[3] = &RandomPassword($username);} | ||
|  |                     if ($fields[3]) { | ||
|  |                         esmith::util::setUserPassword($username, $fields[3]); | ||
|  |                         db_set_prop(\%accounts, $username, 'PasswordSet', 'yes'); | ||
|  |                     } | ||
|  |                     # Should we assign the user to a group? | ||
|  |                     if ( @fields > 11) { | ||
|  |                         for (my $cntgrps=12; $cntgrps < @fields; $cntgrps++) { | ||
|  |                             system("/usr/sbin/lat-groups -a -c='$fields[$cntgrps]|$fields[$cntgrps]||$username'"); | ||
|  |                         } | ||
|  |                     } | ||
|  | 		   if ($Kaa) { | ||
|  | 			 | ||
|  | 			print "creating SME default pseudonyms\a\n"; | ||
|  |                         $user{"FirstName"} = lc($user{"FirstName"}) ; | ||
|  |                         $user{"LastName"} = lc($user{"LastName"}); | ||
|  |  			system("/usr/sbin/lat-pseudonyms -a -c='$username|".$user{"FirstName"}.".".$user{"LastName"}."|".$user{"FirstName"}."_".$user{"LastName"}."'");  | ||
|  | 			 | ||
|  | 		   } | ||
|  |                 } | ||
|  |             } | ||
|  |             else { print "User '$username' is not a correct username.\a\n"; } | ||
|  |         } | ||
|  |         else { print "Please provide at least an account name and the first and last name of the user.\n\a";} | ||
|  |     } | ||
|  | } | ||
|  | 
 | ||
|  | # Delete  accounts | ||
|  | if ($Del) { | ||
|  |     &ExpandWildCard;  # Check for wildcards and expand if necessary | ||
|  | 
 | ||
|  |     foreach my $record (@records) | ||
|  |     { | ||
|  |         my @fields=split(/\|/,$record); | ||
|  |         for (my $cnt=0; $cnt <= $#fields; ++$cnt) { for ($fields[$cnt]) { s/^\s+//; s/\s+$//; }} | ||
|  |         my $username = $fields[0]; | ||
|  | 
 | ||
|  |         if ((db_get(\%accounts, $username)) && (db_get_type(\%accounts, $username) eq "user")) { | ||
|  |             my $yn = 'yes'; | ||
|  | 	    my $userdir = `cat /etc/passwd|grep "^$username:"|cut -d":" -f6|tr -d '\n'`; | ||
|  | 	    #print "user folder: '$userdir'\n"; | ||
|  | 	    if ( $userdir eq "/home/e-smith/files/users/$username" ) | ||
|  |             	{ | ||
|  |             	if (! $Frc) { | ||
|  |                 	print "Do you want to delete user '$username'?\n"; | ||
|  |                 	print "All files belonging to this user account will be deleted! [yes/NO/all] "; | ||
|  |                 	$yn = <STDIN>; | ||
|  |                 	if ($yn =~ /^a/i) { $Frc = -1; $yn="yes"; } | ||
|  |             	} | ||
|  |             	if ($yn =~ /^y/i) { | ||
|  |                 	print "Deleting user account '$username'.\n"; | ||
|  |                 	db_delete(\%accounts, $username); | ||
|  |                 	system("/sbin/e-smith/signal-event", "user-delete", $username); | ||
|  |             	} | ||
|  | 	    } | ||
|  | 	    else { print "'$username' is not a regular SME user with its home in /home/e-smith/files/users/, can not remove it\n\a";}	 | ||
|  |         } | ||
|  |         else { print "Can't find user '$username'.\n\a";} | ||
|  |     } | ||
|  | } | ||
|  | #============================================================================== | ||
|  | # Subroutines | ||
|  | #============================================================================== | ||
|  | # Find a unused Uid/Gid | ||
|  | sub FindUid { | ||
|  |     open(ACC,"/home/e-smith/db/accounts")  ||  die "Can't find /home/e-smith/db/accounts"; | ||
|  |     my @recs = grep(/Uid\|\d*/,<ACC>); | ||
|  |     close(ACC); | ||
|  |     open(PWD,"/etc/passwd")  ||  die "Can't find /etc/passwd"; | ||
|  |     my @pwds = grep(/\:\d*\:/,<PWD>); | ||
|  |     close(PWD); | ||
|  |     open(GRP,"/etc/group")  ||  die "Can't find /etc/group"; | ||
|  |     my @grps = grep(/\:\d*\:/,<GRP>); | ||
|  |     close(GRP); | ||
|  | 
 | ||
|  |     my $newuid=db_get(\%conf, 'MinUid'); | ||
|  |     do { ++$newuid;} until ((! grep(/Uid\|$newuid\D/,@recs)) && | ||
|  |                 (! grep(/\:$newuid\:/,@pwds)) && | ||
|  |                 (! grep(/\:$newuid\:/,@grps))); | ||
|  |     return $newuid; | ||
|  | } | ||
|  | #============================================================================== | ||
|  | # Test the uid/gid for availability and legality | ||
|  | sub TestUid { | ||
|  |     open(ACC,"/home/e-smith/db/accounts")  ||  die "Can't find /home/e-smith/db/accounts"; | ||
|  |     my @recs = grep(/Uid\|\d*/,<ACC>); | ||
|  |     close(ACC); | ||
|  |     open(PWD,"/etc/passwd")  ||  die "Can't find /etc/passwd"; | ||
|  |     my @pwds = grep(/\:\d*\:/,<PWD>); | ||
|  |     close(PWD); | ||
|  |     open(GRP,"/etc/group")  ||  die "Can't find /etc/group"; | ||
|  |     my @grps = grep(/\:\d*\:/,<GRP>); | ||
|  |     close(GRP); | ||
|  | 
 | ||
|  |     if (! ($_[0] =~ /^\d*$/)) { | ||
|  |         print "Error: A user ID should contain only numbers.\a\n"; | ||
|  |         return 0; | ||
|  |     } | ||
|  |     elsif ( $_[0] < db_get(\%conf, 'MinUid')) { | ||
|  |         print "Error: The user ID should be greater or equal to ".&FindUid."\a\n"; | ||
|  |         return 0; | ||
|  |     } | ||
|  | 
 | ||
|  |     elsif ((grep(/Uid\|$_[0]\D/,@recs)) or | ||
|  |         (grep(/\:$_[0]\:/,@pwds)) or | ||
|  |         (grep(/\:$_[0]\:/,@grps))) { | ||
|  |         print "Error: The uid/gid '$_[0]' is already in use\a\n"; | ||
|  |         return 0; | ||
|  |     } | ||
|  |     else { return 1 }; | ||
|  | } | ||
|  | #============================================================================== | ||
|  | # Test name for illegal characters and length | ||
|  | sub TestName { | ||
|  |     if ( ! $_[0] =~ /^[a-z][a-z\-\d]*$/ ) { | ||
|  |         print "The name '$_[0]' contains illegal characters.\n"; | ||
|  |     	print "User names should contain only lower-case letters, "; | ||
|  |     	print "numbers, hyphens or periods\n"; | ||
|  |         print "and should start with a lower-case letter.\n\a"; | ||
|  |         return 0; | ||
|  |     } | ||
|  |     if ( length($_[0]) > 31 ) { | ||
|  |         print "The name '$_[0]' is too long. The maximum is 31 characters.\n"; | ||
|  |         return 0; | ||
|  |     } | ||
|  |     return -1; | ||
|  | } | ||
|  | #============================================================================== | ||
|  | # Create a random password | ||
|  | sub RandomPassword { | ||
|  |     my $password; | ||
|  |     my $_rand; | ||
|  |     my $password_length = 8; | ||
|  | 
 | ||
|  |     my @chars = split(" ", | ||
|  |     "a b c d e f g h i j k l m n o p q r s t u v w x y z | ||
|  |     A B C D E F G H I J K L M N O P Q R S T U V W X Y Z | ||
|  |     0 1 2 3 4 5 6 7 8 9 | ||
|  |     , . ; - & ! ?"); | ||
|  | 
 | ||
|  |     srand; | ||
|  |     $_rand = int(rand 62); | ||
|  |     for (my $i=0; $i <= $password_length-1 ;$i++) { | ||
|  |         $password .= $chars[$_rand]; | ||
|  |         $_rand = int(rand 69); | ||
|  |     } | ||
|  | 
 | ||
|  |     open(PWD, ">> $passwlist") or die "Can't create or open $passwlist.\n"; | ||
|  |     print PWD "Username: $_[0]\nPassword: $password\n\n"; | ||
|  |     close(PWD); | ||
|  | 
 | ||
|  |     return $password; | ||
|  | } | ||
|  | #============================================================================== | ||
|  | # Test for wildcards in the username. If any wildecards are found, the array | ||
|  | # @records is expanded with the user names that meet the conditions. | ||
|  | sub ExpandWildCard { | ||
|  |     my $ctrec = 0; | ||
|  |     foreach my $record (@records) | ||
|  |     { | ||
|  |         my @fld=split(/\|/,$record); | ||
|  |         for (my $cnt=0; $cnt <= $#fld; ++$cnt) { for ($fld[$cnt]) { s/^\s+//; s/\s+$//; }} | ||
|  | 
 | ||
|  |         if ($fld[0] =~ /\*|\?/) {   # Does it contain the wildcards? | ||
|  |             $fld[0] =~ s/\*/\.\*/g; # Replace * with .* to allow for grep. | ||
|  |             $fld[0] =~ s/\?/\./g;   # Replace ? with . to allow for grep. | ||
|  | 
 | ||
|  |             open USRS, "</home/e-smith/db/accounts" or die "Can't open /home/e-smith/db/accounts: $!"; | ||
|  |             my @match = grep /^$fld[0]\=user\|/i, <USRS>; | ||
|  |             close(USRS); | ||
|  | 
 | ||
|  |             my $cu = 0; | ||
|  |             foreach my $tst (@match) { | ||
|  |                 $tst =~ /\=/; $tst = $`; | ||
|  |                 for (my $cnt=1; $cnt <= $#fld; ++$cnt) { $tst = $tst." | ".$fld[$cnt]; }; | ||
|  |                 if ($cu == 0 ) { | ||
|  |                     $records[$ctrec] = $tst; | ||
|  |                     $cu =1; | ||
|  |                 } | ||
|  |                 else { | ||
|  |                     push(@records, $tst); | ||
|  |                 } | ||
|  |             } | ||
|  |         } | ||
|  |         ++$ctrec; | ||
|  |     } | ||
|  | } | ||
|  | #============================================================================== | ||
|  | # Print the pod text as a help screen | ||
|  | sub PrintPod { | ||
|  |     my ($verbose, $message) = @_; | ||
|  |     pod2usage(-verbose => $verbose, -message => $message, -exitval => 64); | ||
|  | } | ||
|  | 
 | ||
|  | #============================================================================== | ||
|  | 
 | ||
|  | =pod | ||
|  | 
 | ||
|  | =head1 NAME | ||
|  | 
 | ||
|  | B<lat-users> - The lazy administrator's tool to add user accounts | ||
|  | 
 | ||
|  | =head1 DESCRIPTION | ||
|  | 
 | ||
|  | Creates or deletes user accounts on Mitel's SME servers (5.x/6.x). | ||
|  | This tool is functionally equivalent to the 'User accounts' option in the server-manager, but can be run from the command line or called from an other script. | ||
|  | It allows you, for example, to create a large number of accounts in a batch process, or delete accounts on a remote machine via an ssh console. | ||
|  | 
 | ||
|  | See F</usr/doc/lazy-admin-tools/example.users> for the format of the input file. | ||
|  | 
 | ||
|  | =head1 SYNOPSIS | ||
|  | 
 | ||
|  | B<lat-tools> -a [-p] -c "user | first | last | password | department | company | street | city | tel | forward | email | uid | group1 [| group..]" | ||
|  | 
 | ||
|  | B<lat-users> -a [-p] -i /path/to/users.list | ||
|  | 
 | ||
|  | B<lat-users> -d [-f] -c "user" | ||
|  | 
 | ||
|  | B<lat-users> -d [-f] -i /path/to/users.list | ||
|  | 
 | ||
|  | =head1 OPTIONS | ||
|  | 
 | ||
|  | The following options are supported: | ||
|  | 
 | ||
|  | =over 4 | ||
|  | 
 | ||
|  | =item B<-a>, B<--add> | ||
|  | 
 | ||
|  | Add a user account to the server. | ||
|  | 
 | ||
|  | =item | ||
|  | B<-c "Arguments">, B<--command-line="Arguments"> | ||
|  | 
 | ||
|  | Take arguments from the command line. | ||
|  | See the 'Arguments' section below for the various arguments that are accepted. | ||
|  | 
 | ||
|  | =item B<-d>, B<--delete> | ||
|  | 
 | ||
|  | Delete a user account from the server. Wildcards (* and ?) are accepted. | ||
|  | 
 | ||
|  | =item B<-f>, B<--force> | ||
|  | 
 | ||
|  | Don't prompt before deleting. | ||
|  | 
 | ||
|  | =item B<-h>, B<--help> | ||
|  | 
 | ||
|  | Extended help for this tool | ||
|  | 
 | ||
|  | =item B<-i=FILE>, B<--input-file=FILE> | ||
|  | 
 | ||
|  | Use the information from FILE to create or delete the user accounts. | ||
|  | See F</usr/doc/lazy-admin-tools> for an example of an input file. | ||
|  | 
 | ||
|  | =item B<-p>, B<--passwords> | ||
|  | 
 | ||
|  | Generate random passwords for the users and write them to F<./passwords.new>. If a password was supplied, this option will be ignored. | ||
|  | 
 | ||
|  | =item B<-n>, B<--nickname> | ||
|  | 
 | ||
|  | Generate standard pseudonyms for the user: firstname_lastname and firstname.lastname. | ||
|  | 
 | ||
|  | =back | ||
|  | 
 | ||
|  | =head2 Arguments: | ||
|  | 
 | ||
|  |    user*      - Must contain only lower-case letters, numbers, | ||
|  |                 hyphens, periods and underscores, and should start | ||
|  |                 with a lower-case letter. Wildcards (* and ?) can | ||
|  |                 only be used to delete users. | ||
|  |    first*     - First name | ||
|  |    last*      - Last name | ||
|  |    password   - Password for the user (in clear-text!) | ||
|  |    department - Department | ||
|  |    company    - Company | ||
|  |    street     - Street name and number | ||
|  |    city       - Zip & City | ||
|  |    tel        - Telephone number | ||
|  |    forward    - E-mail delivery: 'local', 'forward' or 'both' | ||
|  |    email      - Forwarding e-mail adres | ||
|  |    uid        - User ID. If omitted, a suitable uid will be generated. | ||
|  |    group(s)   - Group name(s) to which the user should be added. If the  | ||
|  |                 group doesn't exist, it will be created.  | ||
|  | 
 | ||
|  |    * mandatory field | ||
|  | 
 | ||
|  | =head1 EXAMPLES | ||
|  | 
 | ||
|  | B<lat-users -a -c "harry | Harry | Potter | Quidditch"> | ||
|  | 
 | ||
|  | Creates user 'harry' from the command line, with password 'Quidditch'. | ||
|  | 
 | ||
|  | B<lat-users -a -i /root/users.list> | ||
|  | 
 | ||
|  | Uses the arguments specified in F</root/users.list> to create user accounts. | ||
|  | Please refer to F</usr/doc/lazy-admin-tools/example.users> for an example of an input file. | ||
|  | 
 | ||
|  | B<lat-users -d -f -c "user*"> | ||
|  | 
 | ||
|  | Deletes all user accounts that start with 'user'. All users and their files will be deleted without prompting (-f). | ||
|  | 
 | ||
|  | B<lat-users -a -p -i /root/users.list> | ||
|  | 
 | ||
|  | Creates user accounts as defined in F</root/users.list> and generates a random password for each user. | ||
|  | The names and passwords are written to F<./passwords.new>. | ||
|  | 
 | ||
|  | B<lat-users -a -c "ron | Ron | Weasley ||||||||| 6005"> | ||
|  | 
 | ||
|  | Creates user 'ron' with user ID 6005. All other fields (company, departments, etc.)  are left empty. | ||
|  | 
 | ||
|  | B<lat-users -a -c "ron | Ron | Weasley |||||||||| quiddich | dada "> | ||
|  | 
 | ||
|  | Creates user 'ron' and assigns him to groups quiddich and dada. If any of these groups doesn't exist, it will be created. | ||
|  | 
 | ||
|  | B<lat-users -a -n -c "ron | Ron | Weasley |||||||||| quiddich | dada "> | ||
|  | 
 | ||
|  | Creates user 'ron' and assigns him to groups quiddich and dada. If any of these groups doesn't exist, it will be created.  | ||
|  | Also create pseudonyms ron_weasley and ron.weasley associated with user ron if available, else produces an alert. | ||
|  | 
 | ||
|  | =head1 SEE ALSO | ||
|  | 
 | ||
|  | lat-group(8), lat-pseudonyms(8), lat-ibays(8), lat-quota(8), lat-domains(8), lat-hosts(8), lat-procmail(8), lat-pptp(8), lat-dump(8) | ||
|  | 
 | ||
|  | =head1 VERSION | ||
|  | 
 | ||
|  | Version 0.9.0 (2004-09-08). The latest version is hosted at B<http://www.contribs.org/contribs/mblotwijk/> | ||
|  | 
 | ||
|  | =head1 COPYRIGHT | ||
|  | 
 | ||
|  | (c)2003-2004, Altiplano bvba (B<http://www.altiplano.be>). Released under the terms of the GNU license. | ||
|  | 
 | ||
|  | 
 | ||
|  | =head1 BUGS | ||
|  | 
 | ||
|  | Please report bugs to <Bugs@Altiplano.Be> | ||
|  | 
 | ||
|  | =cut | ||
|  | 
 | ||
|  | #============================================================================== |