summaryrefslogtreecommitdiff
path: root/bin/sysvshell.export
blob: c13912c3fef84aaac6896bb733ba6f5f23dae6b7 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

#!/usr/bin/perl -w

# sysvshell export

use strict;
use File::Rsync;
use Net::SSH qw(ssh);
use FS::UID qw(adminsuidsetup datasrc);
use FS::Record qw(qsearch qsearchs);
use FS::part_export;
use FS::cust_svc;
use FS::svc_acct;

my @saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );

my $user = shift or die &usage;
adminsuidsetup $user;

my $spooldir = "/usr/local/etc/freeside/export.". datasrc;
#my $spooldir = "/usr/local/etc/freeside/export.". datasrc. "/shell";

my @sysv_exports = qsearch('part_export', { 'exporttype' => 'sysvshell' } );

my $rsync = File::Rsync->new({
  rsh     => 'ssh',
#  dry_run => 1,
});

foreach my $export ( @sysv_exports ) {
  my $machine = $export->machine;
  my $prefix = "$spooldir/$machine";
  mkdir $prefix, 0700 unless -d $prefix;

  #LOCKING!!!

  ( open(SHADOW,">$prefix/shadow")
    #!!!  and flock(SHADOW,LOCK_EX|LOCK_NB)
  ) or die "Can't open $prefix/shadow: $!";
  ( open(PASSWD,">$prefix/passwd")
    #!!!  and flock(PASSWD,LOCK_EX|LOCK_NB)
  ) or die "Can't open $prefix/passwd: $!";

  chmod 0644, "$prefix/passwd";
  chmod 0600, "$prefix/shadow";

  my @svc_acct = $export->svc_x;

  next unless @svc_acct;

  foreach my $svc_acct ( sort { $a->uid <=> $b->uid } @svc_acct ) {

    my $password = $svc_acct->_password;
    my $cpassword;
    #if ( ( length($password) <= 8 )
    if ( ( length($password) <= 12 )
         && ( $password ne '*' )
         && ( $password ne '!!' )
         && ( $password ne '' )
    ) {
      $cpassword=crypt($password,
                       $saltset[int(rand(64))].$saltset[int(rand(64))]
      );
      # MD5 !!!!
    } else {
      $cpassword=$password;
    }

    ###
    # FORMAT OF THE PASSWD FILE HERE
    print PASSWD join(":",
      $svc_acct->username,
      'x', # "##". $username,
      $svc_acct->uid,
      $svc_acct->gid,
      $svc_acct->finger,
      $svc_acct->dir,
      $svc_acct->shell,
    ), "\n";

    ###
    # FORMAT OF THE SHADOW FILE HERE
    print SHADOW join(":",
      $svc_acct->username,
      $cpassword,
      '',
      '',
      '',
      '',
      '',
      '',
      '',
    ), "\n";

  }

  #!!! flock(SHADOW,LOCK_UN);
  #!!! flock(PASSWD,LOCK_UN);
  close SHADOW;
  close PASSWD;

  $rsync->exec( {
    src  => "$prefix/shadow",
    dest => "root\@$machine:/etc/shadow"
  } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);

  $rsync->exec( {
    src  => "$prefix/passwd",
    dest => "root\@$machine:/etc/passwd"
  } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);

  # UNLOCK!!
}
generated by cgit v1.2.1 (git 2.18.0) at 2024-11-11 21:55:58 +0000