rssh
This commit is contained in:
parent
097e08312b
commit
9a56b9e87b
@ -315,7 +315,6 @@ event_link("rmmod-bonding", $event, "10");
|
|||||||
event_link("conf-startup", $event, "10");
|
event_link("conf-startup", $event, "10");
|
||||||
event_link("user-lock-passwd", $event, "15");
|
event_link("user-lock-passwd", $event, "15");
|
||||||
event_link("group-modify-unix", $event, "15");
|
event_link("group-modify-unix", $event, "15");
|
||||||
event_link("user-rsshd", $event, "16");
|
|
||||||
event_link("update-passwd", $event, "20");
|
event_link("update-passwd", $event, "20");
|
||||||
event_link("count-active-user-accounts", $event, "25");
|
event_link("count-active-user-accounts", $event, "25");
|
||||||
event_link("conf-modules", $event, "30");
|
event_link("conf-modules", $event, "30");
|
||||||
@ -343,7 +342,6 @@ templates2events("/etc/smartmontools/smartd.conf", $event);
|
|||||||
templates2events("/home/e-smith/ssl.pem/pem", $event);
|
templates2events("/home/e-smith/ssl.pem/pem", $event);
|
||||||
templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event);
|
templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event);
|
||||||
event_link("set-hostname", $event, "10");
|
event_link("set-hostname", $event, "10");
|
||||||
event_link("user-rsshd", $event, "16");
|
|
||||||
event_link("conf-modules", $event, "30");
|
event_link("conf-modules", $event, "30");
|
||||||
event_link("conf-startup", $event, "60");
|
event_link("conf-startup", $event, "60");
|
||||||
event_link("systemd-default", $event, "88");
|
event_link("systemd-default", $event, "88");
|
||||||
@ -454,7 +452,6 @@ event_link("init-accounts", $event, "05");
|
|||||||
event_link("rotate_logfiles", $event, "07");
|
event_link("rotate_logfiles", $event, "07");
|
||||||
event_link("init-passwords", $event, "10");
|
event_link("init-passwords", $event, "10");
|
||||||
event_link("conf-startup", $event, "10");
|
event_link("conf-startup", $event, "10");
|
||||||
event_link("user-rsshd", $event, "16");
|
|
||||||
event_link("conf-modules", $event, "30");
|
event_link("conf-modules", $event, "30");
|
||||||
event_link("create-mnt-floppy", $event, "50");
|
event_link("create-mnt-floppy", $event, "50");
|
||||||
event_link("systemd-default", $event, "88");
|
event_link("systemd-default", $event, "88");
|
||||||
@ -476,7 +473,6 @@ event_link("rotate_logfiles", $event, "07");
|
|||||||
event_link("conf-startup", $event, "10");
|
event_link("conf-startup", $event, "10");
|
||||||
event_link("user-lock-passwd", $event, "15");
|
event_link("user-lock-passwd", $event, "15");
|
||||||
event_link("group-modify-unix", $event, "15");
|
event_link("group-modify-unix", $event, "15");
|
||||||
event_link("user-rsshd", $event, "16");
|
|
||||||
event_link("update-passwd", $event, "20");
|
event_link("update-passwd", $event, "20");
|
||||||
event_link("count-active-user-accounts", $event, "25");
|
event_link("count-active-user-accounts", $event, "25");
|
||||||
event_link("conf-modules", $event, "30");
|
event_link("conf-modules", $event, "30");
|
||||||
@ -513,7 +509,6 @@ event_link("systemd-reload", $event, "89");
|
|||||||
$event = "user-create";
|
$event = "user-create";
|
||||||
|
|
||||||
event_link("user-create-unix", $event, "04");
|
event_link("user-create-unix", $event, "04");
|
||||||
event_link("user-rsshd", $event, "16");
|
|
||||||
event_link("count-active-user-accounts", $event, "25");
|
event_link("count-active-user-accounts", $event, "25");
|
||||||
event_link("user-group-modify", $event, "85");
|
event_link("user-group-modify", $event, "85");
|
||||||
|
|
||||||
@ -535,7 +530,6 @@ event_link("count-active-user-accounts", $event, "25");
|
|||||||
$event = "user-modify";
|
$event = "user-modify";
|
||||||
|
|
||||||
event_link("user-modify-unix", $event, "15");
|
event_link("user-modify-unix", $event, "15");
|
||||||
event_link("user-rsshd", $event, "16");
|
|
||||||
event_link("user-group-modify", $event, "85");
|
event_link("user-group-modify", $event, "85");
|
||||||
|
|
||||||
$event = "user-modify-admin";
|
$event = "user-modify-admin";
|
||||||
|
@ -72,7 +72,7 @@ my $company = $acct->prop('Company') || '';
|
|||||||
my $dept = $acct->prop('Dept') || '';
|
my $dept = $acct->prop('Dept') || '';
|
||||||
my $city = $acct->prop('City') || '';
|
my $city = $acct->prop('City') || '';
|
||||||
my $street = $acct->prop('Street') || '';
|
my $street = $acct->prop('Street') || '';
|
||||||
my $shell = $acct->prop('Shell') || '/usr/bin/rssh';
|
my $shell = $acct->prop('Shell') || '/usr/bin/false';
|
||||||
my $groups = "shared";
|
my $groups = "shared";
|
||||||
|
|
||||||
if ($ldapauth ne 'enabled')
|
if ($ldapauth ne 'enabled')
|
||||||
|
@ -39,7 +39,7 @@ my ($user, $colon, @old_groups) = split(' ', `/usr/bin/groups $userName`);
|
|||||||
# actions for all these groups
|
# actions for all these groups
|
||||||
my %modified_groups = map { $_, 1 } @old_groups, $acctdb->user_group_list($userName);
|
my %modified_groups = map { $_, 1 } @old_groups, $acctdb->user_group_list($userName);
|
||||||
# but omit "shared" and user private group
|
# but omit "shared" and user private group
|
||||||
foreach ('shared', $userName, 'rsshusers')
|
foreach ('shared', $userName)
|
||||||
{
|
{
|
||||||
delete $modified_groups{$_} if exists $modified_groups{$_};
|
delete $modified_groups{$_} if exists $modified_groups{$_};
|
||||||
}
|
}
|
||||||
|
@ -79,9 +79,9 @@ foreach my $u (@users)
|
|||||||
my ($comment, $shell) = (getpwnam($userName))[6,8];
|
my ($comment, $shell) = (getpwnam($userName))[6,8];
|
||||||
endpwent;
|
endpwent;
|
||||||
my $new_shell = $u->prop('Shell')
|
my $new_shell = $u->prop('Shell')
|
||||||
|| (($shell eq "/bin/sshell") ? "/usr/bin/rssh" : $shell);
|
|| (($shell eq "/bin/sshell") ? "/usr/bin/false" : $shell);
|
||||||
|
|
||||||
$u->set_prop('Shell', $new_shell) unless (not defined $u->prop('Shell') && $new_shell eq "/usr/bin/rssh" ) ;
|
$u->set_prop('Shell', $new_shell) unless (not defined $u->prop('Shell') && $new_shell eq "/usr/bin/false" ) ;
|
||||||
|
|
||||||
my $result;
|
my $result;
|
||||||
#------------------------------------------------------------
|
#------------------------------------------------------------
|
||||||
|
@ -1,57 +0,0 @@
|
|||||||
#!/usr/bin/perl -w
|
|
||||||
|
|
||||||
package esmith;
|
|
||||||
|
|
||||||
use strict;
|
|
||||||
use Errno;
|
|
||||||
use esmith::ConfigDB;
|
|
||||||
use esmith::AccountsDB;
|
|
||||||
use File::Temp;
|
|
||||||
|
|
||||||
sub trim { my $s = shift; $s =~ s/^\s+|\s+$//g; return $s };
|
|
||||||
|
|
||||||
my $conf = esmith::ConfigDB->open_ro;
|
|
||||||
my $accounts = esmith::AccountsDB->open;
|
|
||||||
|
|
||||||
my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
|
|
||||||
my $x = 0; # exit value
|
|
||||||
|
|
||||||
my $groupName = 'rsshusers';
|
|
||||||
my $gid = getgrnam($groupName);
|
|
||||||
my $tmpattr = File::Temp->new();
|
|
||||||
|
|
||||||
my $event = $ARGV[0];
|
|
||||||
my $userName = $ARGV[1];
|
|
||||||
# finallement get all user
|
|
||||||
my @users = (not defined $ARGV[1])? $accounts->get_all_by_prop(type => "user" ) : map { $accounts->get($_); } $userName;
|
|
||||||
my @currents=split /\n/, `/usr/sbin/lid -ng rsshusers`;
|
|
||||||
@currents=map { trim($_) } @currents;
|
|
||||||
|
|
||||||
# here we could be emptying group, but we might want to let system user on this list.
|
|
||||||
#if ( $event ~~ ['user-modify','user-create'] ) {
|
|
||||||
# system("/usr/bin/gpasswd","-M ''", "rsshusers");
|
|
||||||
# print "deleting rsshusers group content ...";
|
|
||||||
#}
|
|
||||||
|
|
||||||
foreach my $user (@users) {
|
|
||||||
my $cuser=$user->key;
|
|
||||||
# we remove users that should not be there
|
|
||||||
if ( defined $user->prop('Shell') && $user->prop('Shell') ne '/usr/bin/rssh') {
|
|
||||||
next unless ( "$cuser" ~~ @currents ) ;
|
|
||||||
system("/usr/bin/gpasswd", "-d", $cuser, "rsshusers");
|
|
||||||
next;
|
|
||||||
}
|
|
||||||
# next if the user is already there
|
|
||||||
print $tmpattr "memberUid: $cuser\n";
|
|
||||||
next if ( "$cuser" ~~ @currents ) ;
|
|
||||||
print "Adding user $cuser to group rsshusers";
|
|
||||||
system("/usr/sbin/usermod", "-a", "-G", "rsshusers", $cuser);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
# add all users to rsshusers
|
|
||||||
system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupmod", "-a", "$tmpattr", "$groupName") == 0
|
|
||||||
or
|
|
||||||
system( "/usr/sbin/cpu", "groupadd", "-g", $gid, "-a", "$tmpattr", $groupName ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255 , warn "Failed to create (ldap) group $groupName.\n" );
|
|
||||||
|
|
||||||
exit ($x);
|
|
@ -1 +1 @@
|
|||||||
DEFAULT_SHELL = /usr/bin/rssh
|
DEFAULT_SHELL = /usr/bin/false
|
||||||
|
@ -1 +0,0 @@
|
|||||||
/usr/bin/rssh
|
|
@ -4,7 +4,7 @@ Summary: smeserver server and gateway - base module
|
|||||||
%define name smeserver-base
|
%define name smeserver-base
|
||||||
Name: %{name}
|
Name: %{name}
|
||||||
%define version 5.8.1
|
%define version 5.8.1
|
||||||
%define release 32
|
%define release 33
|
||||||
Version: %{version}
|
Version: %{version}
|
||||||
Release: %{release}%{?dist}
|
Release: %{release}%{?dist}
|
||||||
License: GPL
|
License: GPL
|
||||||
@ -30,7 +30,6 @@ Requires: /usr/sbin/irqbalance
|
|||||||
Requires: /usr/sbin/smartd
|
Requires: /usr/sbin/smartd
|
||||||
Requires: dbus
|
Requires: dbus
|
||||||
Requires: acpid
|
Requires: acpid
|
||||||
Requires: rssh
|
|
||||||
Requires: bridge-utils
|
Requires: bridge-utils
|
||||||
Requires: vconfig
|
Requires: vconfig
|
||||||
Requires: e-smith-bootloader
|
Requires: e-smith-bootloader
|
||||||
@ -180,6 +179,9 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Mar 14 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.8.1-33.sme
|
||||||
|
- drop rssh support and requirement [SME: 12509]
|
||||||
|
|
||||||
* Tue Mar 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.8.1-32.sme
|
* Tue Mar 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.8.1-32.sme
|
||||||
- add gcc -g flag to allow el8 build
|
- add gcc -g flag to allow el8 build
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user