package FS::part_export::shellcommands;
-use vars qw(@ISA %info @saltset);
+use vars qw(@ISA %info)
use Tie::IxHash;
use String::ShellQuote;
use FS::part_export;
'unsuspend_stdin' => { label=>'Unsuspension command STDIN',
default=>'',
},
+ 'crypt' => { label => 'Default password encryption',
+ type=>'select', options=>[qw(crypt md5)],
+ default => 'crypt',
+ },
;
%info = (
this.form.unsuspend_stdin.value="";
'>
<LI>
- <INPUT TYPE="button" VALUE="FreeBSD before 5.2.1" onClick='
+ <INPUT TYPE="button" VALUE="FreeBSD before 4.10 / 5.3" onClick='
this.form.useradd.value = "lockf /etc/passwd.lock pw useradd $username -d $dir -m -s $shell -u $uid -g $gid -c $finger -h 0";
this.form.useradd_stdin.value = "$_password\n";
this.form.userdel.value = "lockf /etc/passwd.lock pw userdel $username -r"; this.form.userdel_stdin.value="";
this.form.suspend_stdin.value="";
this.form.unsuspend.value = "lockf /etc/passwd.lock pw unlock $username"; this.form.unsuspend_stdin.value="";
'>
- Note: On FreeBSD versions before 5.2.1, due to deficient locking in pw(1),
- you must disable the chpass(1), chsh(1), chfn(1), passwd(1), and vipw(1)
- commands, or replace them with wrappers that prepend
- "lockf /etc/passwd.lock". Alternatively, apply the patch in
+ Note: On FreeBSD versions before 5.3 and 4.10 (4.10 is after 4.9, not
+ 4.1!), due to deficient locking in pw(1), you must disable the chpass(1),
+ chsh(1), chfn(1), passwd(1), and vipw(1) commands, or replace them with
+ wrappers that prepend "lockf /etc/passwd.lock". Alternatively, apply the
+ patch in
<A HREF="http://www.freebsd.org/cgi/query-pr.cgi?pr=23501">FreeBSD PR#23501</A>
- and use the "FreeBSD 5.2.1 or later" button below.
+ and use the "FreeBSD 4.10 / 5.3 or later" button below.
<LI>
- <INPUT TYPE="button" VALUE="FreeBSD 5.2.1 or later" onClick='
+ <INPUT TYPE="button" VALUE="FreeBSD 4.10 / 5.3 or later" onClick='
this.form.useradd.value = "pw useradd $username -d $dir -m -s $shell -u $uid -g $gid -c $finger -h 0";
this.form.useradd_stdin.value = "$_password\n";
this.form.userdel.value = "pw userdel $username -r";
<LI><code>$username</code>
<LI><code>$_password</code>
<LI><code>$quoted_password</code> - unencrypted password quoted for the shell
- <LI><code>$crypt_password</code> - encrypted password
+ <LI><code>$crypt_password</code> - encrypted password (quoted for the shell)
<LI><code>$uid</code>
<LI><code>$gid</code>
<LI><code>$finger</code> - GECOS, already quoted for the shell (do not add additional quotes)
+ <LI><code>$first</code> - First name of GECOS, already quoted for the shell (do not add additional quotes)
+ <LI><code>$last</code> - Last name of GECOS, already quoted for the shell (do not add additional quotes)
<LI><code>$dir</code> - home directory
<LI><code>$shell</code>
<LI><code>$quota</code>
+ <LI><code>@radius_groups</code>
<LI>All other fields in <a href="../docs/schema.html#svc_acct">svc_acct</a> are also available.
</UL>
END
);
-@saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );
-
sub rebless { shift; }
sub _export_insert {
sub _export_suspend {
my($self) = shift;
- $self->_export_command('suspend', @_);
+ $self->_export_command_or_super('suspend', @_);
}
sub _export_unsuspend {
my($self) = shift;
- $self->_export_command('unsuspend', @_);
+ $self->_export_command_or_super('unsuspend', @_);
}
+sub _export_command_or_super {
+ my($self, $action) = (shift, shift);
+ if ( $self->option($action) =~ /^\s*$/ ) {
+ my $method = "SUPER::_export_$action";
+ $self->$method(@_);
+ } else {
+ $self->_export_command($action, @_);
+ }
+};
+
+
sub _export_command {
my ( $self, $action, $svc_acct) = (shift, shift, shift);
my $command = $self->option($action);
my $cust_pkg = $svc_acct->cust_svc->cust_pkg;
if ( $cust_pkg ) {
- $email = ( grep { $_ ne 'POST' } $cust_pkg->cust_main->invoicing_list )[0];
+ $email = ( grep { $_ !~ /^(POST|FAX)$/ } $cust_pkg->cust_main->invoicing_list )[0];
} else {
$email = '';
}
+ $finger =~ /^(.*)\s+(\S+)$/ or $finger =~ /^((.*))$/;
+ ($first, $last ) = ( $1, $2 );
+ $first = shell_quote $first;
+ $last = shell_quote $last;
$finger = shell_quote $finger;
$quoted_password = shell_quote $_password;
$domain = $svc_acct->domain;
- #eventually should check a "password-encoding" field
- if ( length($svc_acct->_password) == 13
- || $svc_acct->_password =~ /^\$(1|2a?)\$/ ) {
- $crypt_password = shell_quote $svc_acct->_password;
- } else {
- $crypt_password = crypt(
- $svc_acct->_password,
- $saltset[int(rand(64))].$saltset[int(rand(64))]
- );
- }
+ $crypt_password =
+ shell_quote( $svc_acct->crypt_password( $self->option('crypt') ) );
+
+ @radius_groups = $svc_acct->radius_groups;
$self->shellcommands_queue( $svc_acct->svcnum,
user => $self->option('user')||'root',
${"old_$_"} = $old->getfield($_) foreach $old->fields;
${"new_$_"} = $new->getfield($_) foreach $new->fields;
}
+ $new_finger =~ /^(.*)\s+(\S+)$/ or $finger =~ /^((.*))$/;
+ ($new_first, $new_last ) = ( $1, $2 );
+ $new_first = shell_quote $new_first;
+ $new_last = shell_quote $new_last;
$new_finger = shell_quote $new_finger;
$quoted_new__password = shell_quote $new__password; #old, wrong?
$new_quoted_password = shell_quote $new__password; #new, better?
$old_domain = $old->domain;
$new_domain = $new->domain;
- #eventuall should check a "password-encoding" field
- if ( length($new->_password) == 13
- || $new->_password =~ /^\$(1|2a?)\$/ ) {
- $new_crypt_password = shell_quote $new->_password;
- } else {
- $new_crypt_password =
- crypt( $new->_password, $saltset[int(rand(64))].$saltset[int(rand(64))]
- );
- }
+ $new_crypt_password =
+ shell_quote( $new->crypt_password( $self->option('crypt') ) );
+
+ @old_radius_groups = $old->radius_groups;
+ @new_radius_groups = $new->radius_groups;
if ( $self->option('usermod_pwonly') ) {
my $error = '';
if ( $old_dir ne $new_dir ) {
$error ||= "can't change dir";
}
+ if ( join("\n", sort @old_radius_groups) ne
+ join("\n", sort @new_radius_groups) ) {
+ $error ||= "can't change RADIUS groups";
+ }
return $error. ' ('. $self->exporttype. ' to '. $self->machine. ')'
if $error;
}
projects / freeside.git / blobdiff