#!/usr/bin/perl -w
#
-# $Id: svc_acct.export,v 1.12 2000-06-15 14:07:02 ivan Exp $
+# $Id: svc_acct.export,v 1.21 2001-07-30 06:07:46 ivan Exp $
#
# Create and export password files: passwd, passwd.adjunct, shadow,
# acp_passwd, acp_userinfo, acp_dialup, users
# ivan@sisd.com 98-sep-18
#
# $Log: svc_acct.export,v $
-# Revision 1.12 2000-06-15 14:07:02 ivan
+# Revision 1.21 2001-07-30 06:07:46 ivan
+# allow !! for locked accounts instead of changing to *SUSPENDED*
+#
+# Revision 1.20 2001/06/20 08:33:42 ivan
+# > Use of uninitialized value in concatenation (.) at svc_acct.export line
+# > 276.
+#
+# Revision 1.19 2001/05/08 10:44:17 ivan
+# fix for OO Net::SCP
+#
+# Revision 1.18 2001/04/22 01:56:15 ivan
+# get rid of FS::SSH.pm (became Net::SSH and Net::SCP on CPAN)
+#
+# Revision 1.17 2001/02/21 23:48:19 ivan
+# add icradius_secrets config file to export to a non-Freeside MySQL database for
+# ICRADIUS
+#
+# Revision 1.16 2000/07/06 13:23:29 ivan
+# tyop
+#
+# Revision 1.15 2000/07/06 08:57:28 ivan
+# support for radius check attributes (except importing). poorly documented.
+#
+# Revision 1.14 2000/06/29 15:01:25 ivan
+# another silly typo in svc_acct.export
+#
+# Revision 1.13 2000/06/28 12:37:28 ivan
+# add support for config option textradiusprepend
+#
+# Revision 1.12 2000/06/15 14:07:02 ivan
# added ICRADIUS radreply table support, courtesy of Kenny Elliott
#
# Revision 1.11 2000/03/06 16:00:39 ivan
use vars qw($conf);
use Fcntl qw(:flock);
use IO::Handle;
+use DBI;
use FS::Conf;
-use FS::SSH qw(scp ssh);
+use Net::SSH qw(ssh);
+use Net::SCP qw(scp);
use FS::UID qw(adminsuidsetup datasrc dbh);
use FS::Record qw(qsearch fields);
use FS::svc_acct;
my $icradius_mysqlsource =
$conf->config('icradius_mysqlsource') || "/usr/local/var/freeside"
if $icradiusmachines;
-my $icradius_dbh = dbh; #could eventually get it from a config file if you're
- #not running MySQL for your Freeside database
+my $icradius_dbh;
+if ( $icradiusmachines && $conf->exists('icradius_secrets') ) {
+ $icradius_dbh = DBI->connect($conf->config('icradius_secrets'))
+ or die $DBI::errstr;;
+} else {
+ $icradius_dbh = dbh;
+}
+
+my $textradiusprepend =
+ $conf->exists('textradiusprepend')
+ ? $conf->config('textradiusprepend')
+ : '';
my(@saltset)= ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );
require 5.004; #srand(time|$$);
my($cpassword,$rpassword);
if ( ( length($password) <= 8 )
&& ( $password ne '*' )
+ && ( $password ne '!!' )
&& ( $password ne '' )
) {
$cpassword=crypt($password,
print ACP_DIALUP $svc_acct->username, "\t*\t", $svc_acct->slipip, "\n";
}
- my %radius = $svc_acct->radius;
+ my %radreply = $svc_acct->radius_reply;
+ my %radcheck = $svc_acct->radius_check;
+
+ my $radcheck = join ", ", map { qq($_ = "$radcheck{$_}") } keys %radcheck;
+ $radcheck .= ", " if $radcheck;
###
# FORMAT OF THE USERS FILE HERE
print USERS
- $svc_acct->username, qq(\tPassword = "$rpassword"\n\t),
- join ",\n\t", map { qq($_ = "$radius{$_}") } keys %radius;
+ $svc_acct->username,
+ qq(\t${textradiusprepend}),
+ $radcheck,
+ qq(Password = "$rpassword"\n\t),
+ join ",\n\t", map { qq($_ = "$radreply{$_}") } keys %radreply;
if ( $ip && $ip ne '0e0' ) {
- print USERS qq(,\n\tFramed-Address = "$ip"\n\n);
+ #print USERS qq(,\n\tFramed-Address = "$ip"\n\n);
+ print USERS qq(,\n\tFramed-IP-Address = "$ip"\n\n);
} else {
print USERS qq(\n\n);
}
###
# ICRADIUS export
if ( $icradiusmachines ) {
+
my $sth = $icradius_dbh->prepare(
"INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ".
join(", ", map { $icradius_dbh->quote( $_ ) } (
);
$sth->execute or die "Can't insert into radcheck table: ". $sth->errstr;
- foreach my $attribute ( keys %radius ) {
+ foreach my $attribute ( keys %radcheck ) {
+ my $sth = $icradius_dbh->prepare(
+ "INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ".
+ join(", ", map { $icradius_dbh->quote( $_ ) } (
+ '',
+ $svc_acct->username,
+ $attribute,
+ $radcheck{$attribute},
+ ) ). " )"
+ );
+ $sth->execute or die "Can't insert into radcheck table: ". $sth->errstr;
+ }
+
+ foreach my $attribute ( keys %radreply ) {
my $sth = $icradius_dbh->prepare(
"INSERT INTO radreply (id, UserName, Attribute, Value) VALUES ( ".
join(", ", map { $icradius_dbh->quote( $_ ) } (
'',
$svc_acct->username,
$attribute,
- $radius{$attribute},
+ $radreply{$attribute},
) ). " )"
);
$sth->execute or die "Can't insert into radreply table: ". $sth->errstr;
my($shellmachine);
foreach $shellmachine (@shellmachines) {
- scp("$spooldir/passwd","root\@$shellmachine:/etc/passwd.new")
- == 0 or die "scp error: $!";
- scp("$spooldir/shadow","root\@$shellmachine:/etc/shadow.new")
- == 0 or die "scp error: $!";
+ my $scp = new Net::SCP;
+ $scp->scp("$spooldir/passwd","root\@$shellmachine:/etc/passwd.new")
+ or die "scp error: ". $scp->{errstr};
+ $scp->scp("$spooldir/shadow","root\@$shellmachine:/etc/shadow.new")
+ or die "scp error: ". $scp->{errstr};
ssh("root\@$shellmachine",
"( ".
"mv /etc/passwd.new /etc/passwd; ".
my($bsdshellmachine);
foreach $bsdshellmachine (@bsdshellmachines) {
- scp("$spooldir/passwd","root\@$bsdshellmachine:/etc/passwd.new")
- == 0 or die "scp error: $!";
- scp("$spooldir/master.passwd","root\@$bsdshellmachine:/etc/master.passwd.new")
- == 0 or die "scp error: $!";
+ my $scp = new Net::SCP;
+ $scp->scp("$spooldir/passwd","root\@$bsdshellmachine:/etc/passwd.new")
+ or die "scp error: ". $scp->{errstr};
+ $scp->scp("$spooldir/master.passwd","root\@$bsdshellmachine:/etc/master.passwd.new")
+ or die "scp error: ". $scp->{errstr};
ssh("root\@$bsdshellmachine",
"( ".
"mv /etc/passwd.new /etc/passwd; ".
my($nismachine);
foreach $nismachine (@nismachines) {
- scp("$spooldir/passwd","root\@$nismachine:/etc/global/passwd")
- == 0 or die "scp error: $!";
- scp("$spooldir/shadow","root\@$nismachine:/etc/global/shadow")
- == 0 or die "scp error: $!";
+ my $scp = new Net::SCP;
+ $scp->scp("$spooldir/passwd","root\@$nismachine:/etc/global/passwd")
+ or die "scp error: ". $scp->{errstr};
+ $scp->scp("$spooldir/shadow","root\@$nismachine:/etc/global/shadow")
+ or die "scp error: ". $scp->{errstr};
ssh("root\@$nismachine",
"( ".
"cd /var/yp; make; ".
my($erpcdmachine);
foreach $erpcdmachine (@erpcdmachines) {
- scp("$spooldir/acp_passwd","root\@$erpcdmachine:/usr/annex/acp_passwd")
- == 0 or die "scp error: $!";
- scp("$spooldir/acp_dialup","root\@$erpcdmachine:/usr/annex/acp_dialup")
- == 0 or die "scp error: $!";
+ my $scp = new Net::SCP;
+ $scp->scp("$spooldir/acp_passwd","root\@$erpcdmachine:/usr/annex/acp_passwd")
+ or die "scp error: ". $scp->{errstr};
+ $scp->scp("$spooldir/acp_dialup","root\@$erpcdmachine:/usr/annex/acp_dialup")
+ or die "scp error: ". $scp->{errstr};
ssh("root\@$erpcdmachine",
"( ".
"kill -USR1 \`cat /usr/annex/erpcd.pid\'".
my($radiusmachine);
foreach $radiusmachine (@radiusmachines) {
- scp("$spooldir/users","root\@$radiusmachine:/etc/raddb/users")
- == 0 or die "scp error: $!";
- ssh("root\@$erpcdmachine",
+ my $scp = new Net::SCP;
+ $scp->scp("$spooldir/users","root\@$radiusmachine:/etc/raddb/users")
+ or die "scp error: ". $scp->{errstr};
+ ssh("root\@$radiusmachine",
"( ".
"builddbm".
" )"
sleep 2;
print WRITER "LOCK TABLES radcheck WRITE, radreply WRITE;\n";
foreach my $file ( glob("radcheck.*") ) {
- scp($file,"root\@$machine:$icradius_mysqldest/$db/$file");
+ my $scp = new Net::SCP;
+ $scp->scp($file,"root\@$machine:$icradius_mysqldest/$db/$file")
+ or die "scp error: ". $scp->{errstr};
}
foreach my $file ( glob("radreply.*") ) {
- scp($file,"root\@$machine:$icradius_mysqldest/$db/$file");
+ my $scp = new Net::SCP;
+ $scp->scp($file,"root\@$machine:$icradius_mysqldest/$db/$file")
+ or die "scp error: ". $scp->{errstr};
}
close WRITER;
}