File exporting
- bin/svc_acct.export will create UNIX passwd, shadow and master.passwd files, ERPCD acp_passwd and acp_dialup files and a RADIUS users file in the /usr/local/etc/freeside/export.datasrc directory. Using the appropriate configuration files, you can export these files to your remote machines unattended; see below. Some RADIUS servers (such as Radiator) will authenticate directly out of an SQL database. In these cases,
it is reccommended that you copy the svc_acct table to an external RADIUS machine rather than run the RADIUS server on your Freeside machine.
- shellmachines - passwd and shadow are copied to the remote machine as /etc/passwd.new and /etc/shadow.new and then moved to /etc/passwd and /etc/shadow if no errors occur.
- bsdshellmachines - passwd and master.passwd are copied to the remote machine as /etc/passwd.new and /etc/master.passwd.new and moved to /etc/passwd and /etc/master.passwd if no errors occur.
- nismachines - passwd and shadow are copied to the /etc/global directory on the remote machine. If no errors occur, the command ( cd /var/yp; make; ) is executed on the remote machine.
- erpcdmachines - acp_passwd and acp_dialup are copied to the /usr/annex directory on the remote machine. If no errors occur, the command ( kill -USR1 `cat /usr/annex/erpcd.pid` ) is executed on the remote machine.
- radiusmachines - users is copied to the /etc/raddb directory on the remote machine. If no errors occur, the command ( builddbm ) is executed on the remote machine.
- site_perl/svc_acct.pm - If a shellmachine is defined, users can be created, modified and deleted remotely; see below.
- The command useradd -d homedir -s shell -u uid username is executed when a user is added.
- The command userdel username is executed with a user is deleted.
- If a user's home directory changes, the command [ -d old_homedir && ( chmod u+t old_homedir; umask 022; mkdir new_homedir; cd old_homedir; find . -depth -print | cpio -pdm new_homedir; chmod u-t new_homedir; chown -R uid.gid new_homedir; rm -rf old_homedir ) is executed.
- bin/svc_acct_sm.export will create Qmail rcpthosts, recipientmap and virtualdomains files and Sendmail virtusertable and sendmail.cw files in the /usr/local/etc/freeside/export.datasrc directory. Using the appropriate configuration files, you can export these files to your remote machines unattemded; see below.
- qmailmachines - recipientmap, virtualdomains and rcpthosts are copied to the /var/qmail/control directory on the remote machine. Note: If you imported qmail configuration files, run the generated /usr/local/etc/freeside/export.datasrc/virtualdomains.FIX on a machine with your user home directories before exporting qmail configuration files.
- shellmachine - The command [ -e homedir/.qmail-default ] || { touch homedir/.qmail-default; chown uid.gid homedir/.qmail-default; } will be run on this machine for users in the virtualdomains file.
- sendmailmachines - sendmail.cw and virtusertable are copied to the remote machine as /etc/sendmail.cw.new and /etc/virtusertable.new and moved to /etc/sendmail.cw and /etc/virtusertable if no errors occur.
- site_perl/svc_acct_sm.pm - If the qmailmachines configuration file exists and a shellmachine is defined, user .qmail- files can be updated.
- The command [ -e homedir/.qmail-domain-default ] || { touch homedir/.qmail-domain-default; chown uid.gid homedir/.qmail-domain-default; } is run.
Unattended remote login - Freeside can login to remote machines unattended using SSH. This can pose a security risk if not configured correctly, and will allow an intruder who breaks into your freeside machine full access to your remote machines. Do not use this feature unless you understand what you are doing!
- As the freeside user (on your freeside machine), generate an authentication key using ssh-keygen. Since this is for unattended operation, you need to use a blank passphrase.
- Append the newly-created identity.pub file to root's authorized_keys on the remote machine(s).