1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
#!/usr/bin/perl -w
#
# -d: dry-run: make no changes
# -r: replace: overwrite existing passwords (otherwise only "*" passwords will
# be changed)
# -b: blowfish replace: overwrite existing passwords only if they are
# blowfish-encrypted
use strict;
use vars qw(%part_svc);
use Getopt::Std;
use Term::Query qw(query);
use Net::SCP qw(iscp);
use FS::UID qw(adminsuidsetup datasrc);
use FS::Record qw(qsearch qsearchs);
use FS::svc_acct;
use FS::part_svc;
use vars qw($opt_d $opt_r $opt_b);
getopts("drb");
my $user = shift or die &usage;
adminsuidsetup $user;
push @FS::svc_acct::shells, qw(/bin/sync /sbin/shutdown /bin/halt /sbin/halt); #others?
my($spooldir)="/usr/local/etc/freeside/export.". datasrc;
#$FS::svc_acct::nossh_hack = 1;
$FS::svc_Common::noexport_hack = 1;
###
%part_svc=map { $_->svcpart, $_ } qsearch('part_svc',{'svcdb'=>'svc_acct'});
die "No services with svcdb svc_acct!\n" unless %part_svc;
print "\n\n", &menu_svc, "\n", <<END;
Enter part number or part numbers to import.
END
my($shell_svcpart)=&getvalue;
my @shell_svcpart = split(/[,\s]+/, $shell_svcpart);
print "\n\n", <<END;
Enter the location and name of your _user_ shadow file, for example
"mail.isp.com:/etc/shadow" or "bsd.isp.com:/etc/master.passwd"
END
my($loc_shadow)=&getvalue(":");
iscp("root\@$loc_shadow", "$spooldir/shadow.import");
sub menu_svc {
( join "\n", map "$_: ".$part_svc{$_}->svc, sort keys %part_svc ). "\n";
}
sub getpart {
$^W=0; # Term::Query isn't -w-safe
my $return = query "Enter part number:", 'irk', [ keys %part_svc ];
$^W=1;
$return;
}
sub getvalue {
my $prompt = shift;
$^W=0; # Term::Query isn't -w-safe
my $return = query $prompt, '';
$^W=1;
$return;
}
print "\n\n";
###
open(SHADOW,"<$spooldir/shadow.import");
my($line, $updated);
while (<SHADOW>) {
$line++;
chop;
my($username,$password)=split(/:/);
# my @svc_acct = grep { $_->cust_svc->svcpart == $shell_svcpart }
# qsearch('svc_acct', { 'username' => $username } );
my @svc_acct = grep {
my $svcpart = $_->cust_svc->svcpart;
grep { $_ == $svcpart } @shell_svcpart;
} qsearch('svc_acct', { 'username' => $username } );
next unless @svc_acct;
if ( scalar(@svc_acct) > 1 ) {
die "more than one $username found!\n";
next;
}
my $svc_acct = shift @svc_acct;
next unless $svc_acct->_password eq '*'
|| $opt_r
|| ( $opt_b && $svc_acct->_password =~ /^\$2a?\$/ );
next if $svc_acct->username eq 'root';
next if $password eq 'NP' || $password eq '*LK*';
next if $svc_acct->_password eq $password;
next if $svc_acct->_password =~ /^\*SUSPENDED\*/;
my $new_svc_acct = new FS::svc_acct( { $svc_acct->hash } );
$new_svc_acct->_password($password);
#warn "$username: ". $svc_acct->_password. " -> $password\n";
warn "changing password for $username\n";
unless ( $opt_d ) {
my $error = $new_svc_acct->replace($svc_acct);
die "$username: $error" if $error;
}
$updated++;
}
warn "$updated of $line passwords changed\n";
sub usage {
die "Usage:\n\n shadow.reimport [ -d ] [ -r ] user\n";
}
|
