X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2Fpart_export%2Fshellcommands.pm;h=09fa71b94454c3c8dfe35fdd6d2a8acf6d948e8e;hb=1586961f12c742e45a38bc9cea0fcc49d5b1dd2a;hp=ca04e3869c1a2715f52e54ed456d07792e18b9fa;hpb=30ceabb9d40844452fae8e7c5535fd6a6738b0cd;p=freeside.git
diff --git a/FS/FS/part_export/shellcommands.pm b/FS/FS/part_export/shellcommands.pm
index ca04e3869..09fa71b94 100644
--- a/FS/FS/part_export/shellcommands.pm
+++ b/FS/FS/part_export/shellcommands.pm
@@ -2,29 +2,42 @@ package FS::part_export::shellcommands;
use vars qw(@ISA %info);
use Tie::IxHash;
+use Date::Format;
use String::ShellQuote;
+use Net::OpenSSH;
use FS::part_export;
+use FS::Record qw( qsearch qsearchs );
@ISA = qw(FS::part_export);
tie my %options, 'Tie::IxHash',
+
'user' => { label=>'Remote username', default=>'root' },
+
'useradd' => { label=>'Insert command',
default=>'useradd -c $finger -d $dir -m -s $shell -u $uid -p $crypt_password $username'
#default=>'cp -pr /etc/skel $dir; chown -R $uid.$gid $dir'
},
+ 'useradd_no_queue' => { label=>'Run immediately',
+ type => 'checkbox',
+ },
'useradd_stdin' => { label=>'Insert command STDIN',
type =>'textarea',
default=>'',
},
+
'userdel' => { label=>'Delete command',
default=>'userdel -r $username',
#default=>'rm -rf $dir',
},
+ 'userdel_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'userdel_stdin' => { label=>'Delete command STDIN',
type =>'textarea',
default=>'',
},
+
'usermod' => { label=>'Modify command',
default=>'usermod -c $new_finger -d $new_dir -m -l $new_username -s $new_shell -u $new_uid -g $new_gid -p $new_crypt_password $old_username',
#default=>'[ -d $old_dir ] && mv $old_dir $new_dir || ( '.
@@ -34,45 +47,90 @@ tie my %options, 'Tie::IxHash',
# 'rm -rf $old_dir'.
#')'
},
+ 'usermod_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'usermod_stdin' => { label=>'Modify command STDIN',
type =>'textarea',
default=>'',
},
- 'usermod_pwonly' => { label=>'Disallow username, domain, uid, gid, dir and RADIUS group changes',
+ 'usermod_pwonly' => { label=>'Disallow username, domain, uid, gid, and dir changes', #and RADIUS group changes',
type =>'checkbox',
},
'usermod_nousername' => { label=>'Disallow just username changes',
type =>'checkbox',
},
+
'suspend' => { label=>'Suspension command',
default=>'usermod -L $username',
},
+ 'suspend_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'suspend_stdin' => { label=>'Suspension command STDIN',
default=>'',
},
+
'unsuspend' => { label=>'Unsuspension command',
default=>'usermod -U $username',
},
+ 'unsuspend_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'unsuspend_stdin' => { label=>'Unsuspension command STDIN',
default=>'',
},
+
+ 'pkg_change' => { label=>'Package changed command',
+ default=>'',
+ },
+
+ # run commands on package change for multiple services and roll back the
+ # package change transaciton if one fails? yuck. no.
+ # if this was really needed, would need to restrict to a single service with
+ # this kind of export configured.
+ #'pkg_change_no_queue' => { label=>'Run immediately',
+ # type =>'checkbox',
+ # },
+ 'pkg_change_stdin' => { label=>'Package changed command STDIN',
+ default=>'',
+ },
+
'crypt' => { label => 'Default password encryption',
- type=>'select', options=>[qw(crypt md5)],
- default => 'crypt',
+ type=>'select', options=>[qw(crypt md5 sha512)],
+ default => 'sha512',
},
+ 'groups_susp_reason' => { label =>
+ 'Radius group mapping to reason (via template user)',
+ type => 'textarea',
+ },
+ 'fail_on_output' => {
+ label => 'Treat any output from the command as an error',
+ type => 'checkbox',
+ },
+ 'ignore_all_errors' => {
+ label => 'Ignore all errors from the command',
+ type => 'checkbox',
+ },
+ 'ignored_errors' => { label => 'Regexes of specific errors to ignore, separated by newlines',
+ type => 'textarea'
+ },
+# 'no_queue' => { label => 'Run command immediately',
+# type => 'checkbox',
+# },
;
%info = (
- 'svc' => 'svc_acct',
- 'desc' =>
- 'Real-time export via remote SSH (i.e. useradd, userdel, etc.)',
- 'options' => \%options,
- 'nodomain' => 'Y',
- 'notes' => <<'END'
+ 'svc' => 'svc_acct',
+ 'desc' => 'Real-time export via remote SSH (i.e. useradd, userdel, etc.)',
+ 'options' => \%options,
+ 'nodomain' => 'Y',
+ 'svc_machine' => 1,
+ 'notes' => <<'END'
Run remote commands via SSH. Usernames are considered unique (also see
shellcommands_withdomain). You probably want this if the commands you are
running will not accept a domain as a parameter. You will need to
-setup SSH for unattended operation.
+setup SSH for unattended operation.
Use these buttons for some useful presets:
@@ -90,24 +148,7 @@ running will not accept a domain as a parameter. You will need to
this.form.unsuspend_stdin.value="";
'>
-
- Note: On FreeBSD versions before 5.3 and 4.10 (4.10 is after 4.9, not
- 4.1!), due to deficient locking in pw(1), you must disable the chpass(1),
- chsh(1), chfn(1), passwd(1), and vipw(1) commands, or replace them with
- wrappers that prepend "lockf /etc/passwd.lock". Alternatively, apply the
- patch in
- FreeBSD PR#23501
- and use the "FreeBSD 4.10 / 5.3 or later" button below.
-
-
$username
$_password
-
$quoted_password - unencrypted password, already quoted for the shell (do not add additional quotes)
-
$crypt_password - encrypted password, already quoted for the shell (do not add additional quotes)
+
$quoted_password - unencrypted password, already quoted for the shell (do not add additional quotes).
+
$crypt_password - encrypted password. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
+
$ldap_password - Password in LDAP/RFC2307 format (for example, "{PLAIN}himom", "{CRYPT}94pAVyK/4oIBk" or "{MD5}5426824942db4253f87a1009fd5d2d4"). When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
$uid
$gid
-
$finger - GECOS, already quoted for the shell (do not add additional quotes)
-
$first - First name of GECOS, already quoted for the shell (do not add additional quotes)
-
$last - Last name of GECOS, already quoted for the shell (do not add additional quotes)
+
$finger - GECOS. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
+
$first - First name of GECOS. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
+
$last - Last name of GECOS. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
$dir - home directory
$shell
$quota
@radius_groups
-
All other fields in svc_acct are also available.
+
$reasonnum (when suspending)
+
$reasontext (when suspending)
+
$reasontypenum (when suspending)
+
$reasontypetext (when suspending)
+
$pkgnum
+
$locationnum
+
$custnum
+
All other fields in svc_acct are also available.
+
The following fields from cust_main are also available (except during replace): company, address1, address2, city, state, zip, county, daytime, night, fax, otaker, agent_custid, locale. When used on the command line (rather than STDIN), they will be quoted for the shell already (do not add additional quotes).
+
+For the package changed command only, the following fields are also available:
+