-my $user = shift or die &usage;
-adminsuidsetup $user;
-
-$conf = new FS::Conf;
-
-my @shellmachines = $conf->config('shellmachines')
- if $conf->exists('shellmachines');
-
-my @bsdshellmachines = $conf->config('bsdshellmachines')
- if $conf->exists('bsdshellmachines');
-
-my @nismachines = $conf->config('nismachines')
- if $conf->exists('nismachines');
-
-my @erpcdmachines = $conf->config('erpcdmachines')
- if $conf->exists('erpcdmachines');
-
-my @radiusmachines = $conf->config('radiusmachines')
- if $conf->exists('radiusmachines');
-
-my $icradiusmachines = $conf->exists('icradiusmachines');
-my @icradiusmachines = $conf->config('icradiusmachines') if $icradiusmachines;
-my $icradius_mysqldest =
- $conf->config('icradius_mysqldest') || "/usr/local/var/"
- if $icradiusmachines;
-my $icradius_mysqlsource =
- $conf->config('icradius_mysqlsource') || "/usr/local/var/freeside"
- if $icradiusmachines;
-my $icradius_dbh = dbh; #could eventually get it from a config file if you're
- #not running MySQL for your Freeside database
-
-my(@saltset)= ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );
-require 5.004; #srand(time|$$);
-
-my $spooldir = "/usr/local/etc/freeside/export.". datasrc;
-my $spoollock = "/usr/local/etc/freeside/svc_acct.export.lock.". datasrc;
-
-open(EXPORT,"+>>$spoollock") or die "Can't open $spoollock: $!";
-select(EXPORT); $|=1; select(STDOUT);
-unless ( flock(EXPORT,LOCK_EX|LOCK_NB) ) {
- seek(EXPORT,0,0);
- my($pid)=<EXPORT>;
- chop($pid);
- #no reason to start loct of blocking processes
- die "Is another export process running under pid $pid?\n";
-}
-seek(EXPORT,0,0);
-print EXPORT $$,"\n";
-
-my(@svc_acct)=qsearch('svc_acct',{});
-
-( open(MASTER,">$spooldir/master.passwd")
- and flock(MASTER,LOCK_EX|LOCK_NB)
-) or die "Can't open $spooldir/master.passwd: $!";
-( open(PASSWD,">$spooldir/passwd")
- and flock(PASSWD,LOCK_EX|LOCK_NB)
-) or die "Can't open $spooldir/passwd: $!";
-( open(SHADOW,">$spooldir/shadow")
- and flock(SHADOW,LOCK_EX|LOCK_NB)
-) or die "Can't open $spooldir/shadow: $!";
-( open(ACP_PASSWD,">$spooldir/acp_passwd")
- and flock (ACP_PASSWD,LOCK_EX|LOCK_NB)
-) or die "Can't open $spooldir/acp_passwd: $!";
-( open (ACP_DIALUP,">$spooldir/acp_dialup")
- and flock(ACP_DIALUP,LOCK_EX|LOCK_NB)
-) or die "Can't open $spooldir/acp_dialup: $!";
-( open (USERS,">$spooldir/users")
- and flock(USERS,LOCK_EX|LOCK_NB)
-) or die "Can't open $spooldir/users: $!";
-
-chmod 0644, "$spooldir/passwd",
- "$spooldir/acp_dialup",
-;
-chmod 0600, "$spooldir/master.passwd",
- "$spooldir/acp_passwd",
- "$spooldir/shadow",
- "$spooldir/users",
-;
-
-if ( $icradiusmachines ) {
- my $sth = $icradius_dbh->prepare("DELETE FROM radcheck");
- $sth->execute or die "Can't reset radcheck table: ". $sth->errstr;
-}
-
-setpriority(0,0,10);
-
-my($svc_acct);
-foreach $svc_acct (@svc_acct) {
-
- my($password)=$svc_acct->getfield('_password');
- my($cpassword,$rpassword);
- if ( ( length($password) <= 8 )
- && ( $password ne '*' )
- && ( $password ne '' )
- ) {
- $cpassword=crypt($password,
- $saltset[int(rand(64))].$saltset[int(rand(64))]
- );
- $rpassword=$password;
- } else {
- $cpassword=$password;
- $rpassword='UNIX';
- }
-
- if ( $svc_acct->uid =~ /^(\d+)$/ ) {
-
- die "Non-root user ". $svc_acct->username. " has 0 UID!"
- if $svc_acct->uid == 0 && $svc_acct->username ne 'root';
-
- ###
- # FORMAT OF FreeBSD MASTER PASSWD FILE HERE
- print MASTER join(":",
- $svc_acct->username, # User name
- $cpassword, # Encrypted password
- $svc_acct->uid, # User ID
- $svc_acct->gid, # Group ID
- "", # Login Class
- "0", # Password Change Time
- "0", # Password Expiration Time
- $svc_acct->finger, # Users name
- $svc_acct->dir, # Users home directory
- $svc_acct->shell, # shell
- ), "\n" ;
-
- ###
- # FORMAT OF THE PASSWD FILE HERE
- print PASSWD join(":",
- $svc_acct->username,
- 'x', # "##". $svc_acct->$username,
- $svc_acct->uid,
- $svc_acct->gid,
- $svc_acct->finger,
- $svc_acct->dir,
- $svc_acct->shell,
- ), "\n";
-
- ###
- # FORMAT OF THE SHADOW FILE HERE
- print SHADOW join(":",
- $svc_acct->username,
- $cpassword,
- '',
- '',
- '',
- '',
- '',
- '',
- '',
- ), "\n";
-
- }
-
- if ( $svc_acct->slipip ne '' ) {
-
- ###
- # FORMAT OF THE ACP_* FILES HERE
- print ACP_PASSWD join(":",
- $svc_acct->username,
- $cpassword,
- "0",
- "0",
- "",
- "",
- "",
- ), "\n";
-
- my($ip)=$svc_acct->slipip;
-
- unless ( $ip eq '0.0.0.0' || $svc_acct->slipip eq '0e0' ) {
- print ACP_DIALUP $svc_acct->username, "\t*\t", $svc_acct->slipip, "\n";
- }
-
- ###
- # FORMAT OF THE USERS FILE HERE
- print USERS
- $svc_acct->username, qq(\tPassword = "$rpassword"\n\t),
-
- join ",\n\t",
- map {
- /^(radius_(.*))$/;
- my($field,$attrib)=($1,$2);
- $attrib =~ s/_/\-/g;
- "$attrib = \"". $svc_acct->getfield($field). "\"";
- } grep /^radius_/ && $svc_acct->getfield($_), fields('svc_acct')
- ;
- if ( $ip && $ip ne '0e0' ) {
- print USERS qq(,\n\tFramed-Address = "$ip"\n\n);
- } else {
- print USERS qq(\n\n);
- }
-
- ###
- # ICRADIUS export
- if ( $icradiusmachines ) {
- my $sth = $icradius_dbh->prepare(
- "INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ".
- join(", ", map { $icradius_dbh->quote( $_ ) } (
- $svc_acct->svcnum,
- $svc_acct->username,
- "Password",
- $svc_acct->_password,
- ) ). " )"
- );
- $sth->execute or die "Can't insert into radcheck table: ". $sth->errstr;
- }
-
- }
-
-}
-
-flock(MASTER,LOCK_UN);
-flock(PASSWD,LOCK_UN);
-flock(SHADOW,LOCK_UN);
-flock(ACP_DIALUP,LOCK_UN);
-flock(ACP_PASSWD,LOCK_UN);
-flock(USERS,LOCK_UN);
-
-close MASTER;
-close PASSWD;
-close SHADOW;
-close ACP_DIALUP;
-close ACP_PASSWD;
-close USERS;
-
-###
-# export stuff
-#
-
-my($shellmachine);
-foreach $shellmachine (@shellmachines) {
- scp("$spooldir/passwd","root\@$shellmachine:/etc/passwd.new")
- == 0 or die "scp error: $!";
- scp("$spooldir/shadow","root\@$shellmachine:/etc/shadow.new")
- == 0 or die "scp error: $!";
- ssh("root\@$shellmachine",
- "( ".
- "mv /etc/passwd.new /etc/passwd; ".
- "mv /etc/shadow.new /etc/shadow; ".
- " )"