3 # $Id: svc_acct.import,v 1.16 2001-08-17 10:57:40 ivan Exp $
5 # ivan@sisd.com 98-mar-9
7 # changed 'password' field to '_password' because PgSQL 6.3 reserves this word
8 # bmccane@maxbaud.net 98-Apr-3
10 # generalized svcparts (still needs radius import) ivan@sisd.com 98-mar-23
12 # radius import, now an interactive script. still needs erpcd import?
13 # ivan@sisd.com 98-jun-24
15 # arbitrary radius attributes ivan@sisd.com 98-aug-9
17 # don't import /var/spool/freeside/conf/shells! ivan@sisd.com 98-aug-13
19 # $Log: svc_acct.import,v $
20 # Revision 1.16 2001-08-17 10:57:40 ivan
23 # Revision 1.15 2001/07/30 06:07:47 ivan
24 # allow !! for locked accounts instead of changing to *SUSPENDED*
26 # Revision 1.14 2001/05/07 15:24:15 ivan
29 # Revision 1.13 2001/05/05 08:51:16 ivan
30 # http://www.sisd.com/freeside/list-archive/msg01915.html
32 # Revision 1.12 2001/04/22 01:56:15 ivan
33 # get rid of FS::SSH.pm (became Net::SSH and Net::SCP on CPAN)
35 # Revision 1.11 2000/06/29 12:27:01 ivan
36 # s/password/_password/ for PostgreSQL wasn't done in the import.
38 # Revision 1.10 2000/06/28 12:32:30 ivan
39 # allow RADIUS lines with "Auth-Type = Local" too
41 # Revision 1.8 2000/02/03 05:16:52 ivan
42 # beginning of DNS and Apache support
44 # Revision 1.7 1999/07/08 02:32:26 ivan
45 # import fix, noticed by Ben Leibig and Joel Griffiths
47 # Revision 1.6 1999/07/08 01:49:00 ivan
48 # updates to avoid -w warnings from Joel Griffiths <griff@aver-computer.com>
50 # Revision 1.5 1999/03/25 08:42:19 ivan
51 # import stuff uses Term::Query and spits out (some kinds of) nonsensical input
53 # Revision 1.4 1999/03/24 00:43:38 ivan
54 # die if no relevant services
56 # Revision 1.3 1998/12/10 07:23:16 ivan
57 # use FS::Conf, need user (for datasrc)
59 # Revision 1.2 1998/10/13 12:07:51 ivan
60 # Assigns password from the shadow file for RADIUS password "UNIX"
64 use vars qw(%part_svc);
66 use Term::Query qw(query);
67 use Net::SCP qw(iscp);
68 use FS::UID qw(adminsuidsetup datasrc);
69 use FS::Record qw(qsearch);
73 my $user = shift or die &usage;
76 my($spooldir)="/usr/local/etc/freeside/export.". datasrc;
78 $FS::svc_acct::nossh_hack = 1;
82 %part_svc=map { $_->svcpart, $_ } qsearch('part_svc',{'svcdb'=>'svc_acct'});
84 die "No services with svcdb svc_acct!\n" unless %part_svc;
86 print "\n\n", &menu_svc, "\n", <<END;
87 Most accounts probably have entries in passwd and users (with Port-Limit
90 my($ppp_svcpart)=&getpart;
92 print "\n\n", &menu_svc, "\n", <<END;
93 Some accounts have entries in passwd and users, but with Port-Limit 2 (or
96 my($isdn_svcpart)=&getpart;
98 print "\n\n", &menu_svc, "\n", <<END;
99 Some accounts might have entries in users only (Port-Limit 1)
101 my($oppp_svcpart)=&getpart;
103 print "\n\n", &menu_svc, "\n", <<END;
104 Some accounts might have entries in users only (Port-Limit >= 2)
106 my($oisdn_svcpart)=&getpart;
108 print "\n\n", &menu_svc, "\n", <<END;
109 POP mail accounts have entries in passwd only, and have a particular shell.
111 my($pop_shell)=&getvalue("Enter that shell:");
112 my($popmail_svcpart)=&getpart;
114 print "\n\n", &menu_svc, "\n", <<END;
115 Everything else in passwd is a shell account.
117 my($shell_svcpart)=&getpart;
120 Enter the location and name of your _user_ passwd file, for example
121 "mail.isp.com:/etc/passwd" or "nis.isp.com:/etc/global/passwd"
123 my($loc_passwd)=&getvalue(":");
124 iscp("root\@$loc_passwd", "$spooldir/passwd.import");
127 Enter the location and name of your _user_ shadow file, for example
128 "mail.isp.com:/etc/shadow" or "bsd.isp.com:/etc/master.passwd"
130 my($loc_shadow)=&getvalue(":");
131 iscp("root\@$loc_shadow", "$spooldir/shadow.import");
134 Enter the location and name of your radius "users" file, for example
135 "radius.isp.com:/etc/raddb/users"
137 my($loc_users)=&getvalue(":");
138 iscp("root\@$loc_users", "$spooldir/users.import");
141 ( join "\n", map "$_: ".$part_svc{$_}->svc, sort keys %part_svc ). "\n";
144 $^W=0; # Term::Query isn't -w-safe
145 my $return = query "Enter part number:", 'irk', [ keys %part_svc ];
151 $^W=0; # Term::Query isn't -w-safe
152 my $return = query $prompt, '';
161 open(PASSWD,"<$spooldir/passwd.import");
162 open(SHADOW,"<$spooldir/shadow.import");
163 open(USERS,"<$spooldir/users.import");
165 my(%upassword,%ip,%allparam);
166 my(%param,$username);
172 /^(\w+)\s+(Auth-Type\s+=\s+Local,\s+)?Password\s+=\s+"([^"]+)"(,\s+Expiration\s+=\s+"([^"]*")\s*)?$/
173 or die "1Unexpected line in users.import: $_";
174 my($password,$expiration);
175 ($username,$password,$expiration)=(lc($1),$3,$5);
176 $password = '' if $password eq 'UNIX';
177 $upassword{$username}=$password;
180 die "2Unexpected line in users.import: $_";
185 if ( defined $param{'radius_Framed_IP_Address'} ) {
186 $ip{$username} = $param{'radius_Framed_IP_Address'};
187 delete $param{'radius_Framed_IP_Address'};
189 $ip{$username} = '0e0';
191 $allparam{$username}={ %param };
193 } elsif ( /^\s+([\w\-]+)\s=\s"?([\w\.\-\s]+)"?,?\s*$/ ) {
194 my($attribute,$value)=($1,$2);
195 $attribute =~ s/\-/_/g;
196 $param{'radius_'.$attribute}=$value;
198 die "3Unexpected line in users.import: $_";
202 #? incase there isn't a terminating blank line ?
203 if ( defined $param{'radius_Framed_IP_Address'} ) {
204 $ip{$username} = $param{'radius_Framed_IP_Address'};
205 delete $param{'radius_Framed_IP_Address'};
207 $ip{$username} = '0e0';
209 $allparam{$username}={ %param };
214 my($username,$password)=split(/:/);
215 #$password =~ s/^\!$/\*/;
216 #$password =~ s/\!+/\*SUSPENDED\* /;
217 $password{$username}=$password;
222 my($username,$x,$uid,$gid,$finger,$dir,$shell)=split(/:/);
223 my($password)=$upassword{$username} || $password{$username};
225 my($maxb)=${$allparam{$username}}{'radius_Port_Limit'};
227 if ( exists $upassword{$username} ) {
229 $svcpart = $isdn_svcpart
230 } elsif ( ! $maxb || $maxb == 1 ) {
231 $svcpart = $ppp_svcpart
233 die "Illegal Port-Limit in users ($username)!\n";
235 } elsif ( $shell eq $pop_shell ) {
236 $svcpart = $popmail_svcpart;
238 $svcpart = $shell_svcpart;
241 my($svc_acct) = new FS::svc_acct ({
242 'svcpart' => $svcpart,
243 'username' => $username,
244 '_password' => $password,
250 'slipip' => $ip{$username},
251 %{$allparam{$username}},
254 $error=$svc_acct->insert;
255 die $error if $error;
257 delete $allparam{$username};
258 delete $upassword{$username};
262 foreach $username ( keys %upassword ) {
263 my($password)=$upassword{$username};
265 my($maxb)=${$allparam{$username}}{'radius_Port_Limit'} || 0;
268 $svcpart = $oisdn_svcpart
269 } elsif ( ! $maxb || $maxb == 1 ) {
270 $svcpart = $oppp_svcpart
272 die "Illegal Port-Limit in users!\n";
275 my($svc_acct) = new FS::svc_acct ({
276 'svcpart' => $svcpart,
277 'username' => $username,
278 '_password' => $password,
279 'slipip' => $ip{$username},
280 %{$allparam{$username}},
283 $error=$svc_acct->insert;
284 die $error, if $error;
286 delete $allparam{$username};
287 delete $upassword{$username};
293 die "Usage:\n\n svc_acct.import user\n";