summaryrefslogtreecommitdiff
path: root/bin/bsdshell.export
blob: 10c27671e5c87d679bd71c01584c2ca0e67fe356 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#!/usr/bin/perl -w

# bsdshell export

use strict;
use File::Rsync;
use Net::SSH qw(ssh);
use FS::UID qw(adminsuidsetup datasrc);
use FS::Record qw(qsearch qsearchs);
use FS::part_export;
use FS::cust_svc;
use FS::svc_acct;

my @saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );

my $user = shift or die &usage;
adminsuidsetup $user;

my $spooldir = "/usr/local/etc/freeside/export.". datasrc;
#my $spooldir = "/usr/local/etc/freeside/export.". datasrc. "/shell";

my @bsd_exports = qsearch('part_export', { 'exporttype' => 'bsdshell' } );

my $rsync = File::Rsync->new({
  rsh     => 'ssh',
#  dry_run => 1,
});

foreach my $export ( @bsd_exports ) {
  my $machine = $export->machine;
  my $prefix = "$spooldir/$machine";
  mkdir $prefix, 0700 unless -d $prefix;

  #LOCKING!!!

  ( open(MASTER,">$prefix/master.passwd")
    #!!!  and flock(MASTER,LOCK_EX|LOCK_NB)
  ) or die "Can't open $prefix/master.passwd: $!";
  ( open(PASSWD,">$prefix/passwd")
    #!!!  and flock(PASSWD,LOCK_EX|LOCK_NB)
  ) or die "Can't open $prefix/passwd: $!";

  chmod 0644, "$prefix/passwd";
  chmod 0600, "$prefix/master.passwd";

  #false laziness with  freeside-sqlradius-reset and bind.export
  my @svc_acct = 
    map { qsearchs('svc_acct', { 'svcnum' => $_->svcnum } ) }
      map { qsearch('cust_svc', { 'svcpart' => $_->svcpart } ) }
        grep { qsearch('cust_svc', { 'svcpart' => $_->svcpart } ) }
          $export->export_svc;

  next unless @svc_acct;

  foreach my $svc_acct ( sort { $a->uid <=> $b->uid } @svc_acct ) {

    my $password = $svc_acct->_password;
    my $cpassword;
    #if ( ( length($password) <= 8 )
    if ( ( length($password) <= 12 )
         && ( $password ne '*' )
         && ( $password ne '!!' )
         && ( $password ne '' )
    ) {
      $cpassword=crypt($password,
                       $saltset[int(rand(64))].$saltset[int(rand(64))]
      );
      # MD5 !!!!
    } else {
      $cpassword=$password;
    }

    ###
    # FORMAT OF THE PASSWD FILE HERE
    print PASSWD join(":",
      $svc_acct->username,
      'x', # "##". $username,
      $svc_acct->uid,
      $svc_acct->gid,
      $svc_acct->finger,
      $svc_acct->dir,
      $svc_acct->shell,
    ), "\n";

    ###
    # FORMAT OF FreeBSD MASTER PASSWD FILE HERE
    print MASTER join(":",
      $svc_acct->username,              # User name
      $cpassword,                       # Encrypted password
      $svc_acct->uid,                   # User ID
      $svc_acct->gid,                   # Group ID
      "",                               # Login Class
      "0",                              # Password Change Time
      "0",                              # Password Expiration Time
      $svc_acct->finger,                # Users name
      $svc_acct->dir,                   # Users home directory
      $svc_acct->shell,                 # shell
    ), "\n" ;
  
  }

  #!!! flock(MASTER,LOCK_UN);
  #!!! flock(PASSWD,LOCK_UN);
  close MASTER;
  close PASSWD;

  $rsync->exec( {
    src  => "$prefix/passwd",
    dest => "root\@$machine:/etc/passwd"
  } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);

  $rsync->exec( {
    src  => "$prefix/master.passwd",
    dest => "root\@$machine:/etc/master.passwd.new"
  } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
  ssh("root\@$machine", "pwd_mkdb /etc/master.passwd.new");

  # UNLOCK!!
}