X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=bin%2Fsvc_acct.export;h=53fd1f0c7a50a22d76e6bebfc29168776380f136;hp=3f65a08ba519899439ac832121697adf9cd2f63e;hb=ba0e7c68fa1a7dd9beff5084ac1a846960f3a477;hpb=ab21af64cd80035d8f713e4704919f3b9733a936 diff --git a/bin/svc_acct.export b/bin/svc_acct.export index 3f65a08ba..53fd1f0c7 100755 --- a/bin/svc_acct.export +++ b/bin/svc_acct.export @@ -1,4 +1,6 @@ -#!/usr/bin/perl -Tw +#!/usr/bin/perl -w +# +# $Id: svc_acct.export,v 1.14 2000-06-29 15:01:25 ivan Exp $ # # Create and export password files: passwd, passwd.adjunct, shadow, # acp_passwd, acp_userinfo, acp_dialup, users @@ -34,75 +36,72 @@ # # OOPS! added arbitrary radius fields (pry 98-aug-16) but forgot to say so. # ivan@sisd.com 98-sep-18 +# +# $Log: svc_acct.export,v $ +# Revision 1.14 2000-06-29 15:01:25 ivan +# another silly typo in svc_acct.export +# +# Revision 1.13 2000/06/28 12:37:28 ivan +# add support for config option textradiusprepend +# +# Revision 1.12 2000/06/15 14:07:02 ivan +# added ICRADIUS radreply table support, courtesy of Kenny Elliott +# +# Revision 1.11 2000/03/06 16:00:39 ivan +# sync up with working versoin +# +# Revision 1.2 1998/12/10 07:23:15 ivan +# use FS::Conf, need user (for datasrc) +# use strict; +use vars qw($conf); use Fcntl qw(:flock); +use IO::Handle; +use FS::Conf; use FS::SSH qw(scp ssh); -use FS::UID qw(adminsuidsetup); +use FS::UID qw(adminsuidsetup datasrc dbh); use FS::Record qw(qsearch fields); +use FS::svc_acct; -my($fshellmachines)="/var/spool/freeside/conf/shellmachines"; -my(@shellmachines); -if ( -e $fshellmachines ) { - open(SHELLMACHINES,$fshellmachines); - @shellmachines=map { - /^(.*)$/ or die "Illegal line in conf/shellmachines"; #we trust the file - $1; - } grep $_ !~ /^(#|$)/, ; - close SHELLMACHINES; -} +my $user = shift or die &usage; +adminsuidsetup $user; -my($fbsdshellmachines)="/var/spool/freeside/conf/bsdshellmachines"; -my(@bsdshellmachines); -if ( -e $fbsdshellmachines ) { - open(BSDSHELLMACHINES,$fbsdshellmachines); - @bsdshellmachines=map { - /^(.*)$/ or die "Illegal line in conf/bsdshellmachines"; #we trust the file - $1; - } grep $_ !~ /^(#|$)/, ; - close BSDSHELLMACHINES; -} +$conf = new FS::Conf; -my($fnismachines)="/var/spool/freeside/conf/nismachines"; -my(@nismachines); -if ( -e $fnismachines ) { - open(NISMACHINES,$fnismachines); - @nismachines=map { - /^(.*)$/ or die "Illegal line in conf/nismachines"; #we trust the file - $1; - } grep $_ !~ /^(#|$)/, ; - close NISMACHINES; -} +my @shellmachines = $conf->config('shellmachines') + if $conf->exists('shellmachines'); -my($ferpcdmachines)="/var/spool/freeside/conf/erpcdmachines"; -my(@erpcdmachines); -if ( -e $ferpcdmachines ) { - open(ERPCDMACHINES,$ferpcdmachines); - @erpcdmachines=map { - /^(.*)$/ or die "Illegal line in conf/erpcdmachines"; #we trust the file - $1; - } grep $_ !~ /^(#|$)/, ; - close ERPCDMACHINES; -} +my @bsdshellmachines = $conf->config('bsdshellmachines') + if $conf->exists('bsdshellmachines'); -my($fradiusmachines)="/var/spool/freeside/conf/radiusmachines"; -my(@radiusmachines); -if ( -e $fradiusmachines ) { - open(RADIUSMACHINES,$fradiusmachines); - @radiusmachines=map { - /^(.*)$/ or die "Illegal line in conf/radiusmachines"; #we trust the file - $1; - } grep $_ !~ /^(#|$)/, ; - close RADIUSMACHINES; -} +my @nismachines = $conf->config('nismachines') + if $conf->exists('nismachines'); + +my @erpcdmachines = $conf->config('erpcdmachines') + if $conf->exists('erpcdmachines'); -my($spooldir)="/var/spool/freeside/export"; -my($spoollock)="/var/spool/freeside/svc_acct.export.lock"; +my @radiusmachines = $conf->config('radiusmachines') + if $conf->exists('radiusmachines'); -adminsuidsetup; +my $icradiusmachines = $conf->exists('icradiusmachines'); +my @icradiusmachines = $conf->config('icradiusmachines') if $icradiusmachines; +my $icradius_mysqldest = + $conf->config('icradius_mysqldest') || "/usr/local/var/" + if $icradiusmachines; +my $icradius_mysqlsource = + $conf->config('icradius_mysqlsource') || "/usr/local/var/freeside" + if $icradiusmachines; +my $icradius_dbh = dbh; #could eventually get it from a config file if you're + #not running MySQL for your Freeside database + +my $textradiusprepend = $conf->config('textradiusprepend'); my(@saltset)= ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' ); -srand(time|$$); +require 5.004; #srand(time|$$); + +my $spooldir = "/usr/local/etc/freeside/export.". datasrc; +my $spoollock = "/usr/local/etc/freeside/svc_acct.export.lock.". datasrc; open(EXPORT,"+>>$spoollock") or die "Can't open $spoollock: $!"; select(EXPORT); $|=1; select(STDOUT); @@ -146,6 +145,13 @@ chmod 0600, "$spooldir/master.passwd", "$spooldir/users", ; +if ( $icradiusmachines ) { + my $sth = $icradius_dbh->prepare("DELETE FROM radcheck"); + $sth->execute or die "Can't reset radcheck table: ". $sth->errstr; + my $sth2 = $icradius_dbh->prepare("DELETE FROM radreply"); + $sth2->execute or die "Can't reset radreply table: ". $sth2->errstr; +} + setpriority(0,0,10); my($svc_acct); @@ -234,25 +240,49 @@ foreach $svc_acct (@svc_acct) { print ACP_DIALUP $svc_acct->username, "\t*\t", $svc_acct->slipip, "\n"; } + my %radius = $svc_acct->radius; + ### # FORMAT OF THE USERS FILE HERE print USERS - $svc_acct->username, qq(\tPassword = "$rpassword"\n\t), - - join ",\n\t", - map { - /^(radius_(.*))$/; - my($field,$attrib)=($1,$2); - $attrib =~ s/_/\-/g; - "$attrib = \"". $svc_acct->getfield($field). "\""; - } grep /^radius_/ && $svc_acct->getfield($_), fields('svc_acct') - ; + $svc_acct->username, qq(\t${textradiusprepend}Password = "$rpassword"\n\t), + join ",\n\t", map { qq($_ = "$radius{$_}") } keys %radius; + if ( $ip && $ip ne '0e0' ) { print USERS qq(,\n\tFramed-Address = "$ip"\n\n); } else { print USERS qq(\n\n); } + ### + # ICRADIUS export + if ( $icradiusmachines ) { + my $sth = $icradius_dbh->prepare( + "INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ". + join(", ", map { $icradius_dbh->quote( $_ ) } ( + '', + $svc_acct->username, + "Password", + $svc_acct->_password, + ) ). " )" + ); + $sth->execute or die "Can't insert into radcheck table: ". $sth->errstr; + + foreach my $attribute ( keys %radius ) { + my $sth = $icradius_dbh->prepare( + "INSERT INTO radreply (id, UserName, Attribute, Value) VALUES ( ". + join(", ", map { $icradius_dbh->quote( $_ ) } ( + '', + $svc_acct->username, + $attribute, + $radius{$attribute}, + ) ). " )" + ); + $sth->execute or die "Can't insert into radreply table: ". $sth->errstr; + } + + } + } } @@ -337,7 +367,7 @@ my($radiusmachine); foreach $radiusmachine (@radiusmachines) { scp("$spooldir/users","root\@$radiusmachine:/etc/raddb/users") == 0 or die "scp error: $!"; - ssh("root\@$erpcdmachine", + ssh("root\@$radiusmachine", "( ". "builddbm". " )" @@ -345,7 +375,30 @@ foreach $radiusmachine (@radiusmachines) { == 0 or die "ssh error: $!"; } +foreach my $icradiusmachine ( @icradiusmachines ) { + my( $machine, $db, $user, $pass ) = split(/\s+/, $icradiusmachine); + chdir $icradius_mysqlsource or die "Can't cd $icradius_mysqlsource: $!"; + open(WRITER,"|ssh root\@$machine mysql -v --user=$user -p $db"); + my $oldfh = select WRITER; $|=1; select $oldfh; + print WRITER "$pass\n"; + sleep 2; + print WRITER "LOCK TABLES radcheck WRITE, radreply WRITE;\n"; + foreach my $file ( glob("radcheck.*") ) { + scp($file,"root\@$machine:$icradius_mysqldest/$db/$file"); + } + foreach my $file ( glob("radreply.*") ) { + scp($file,"root\@$machine:$icradius_mysqldest/$db/$file"); + } + close WRITER; +} + unlink $spoollock; flock(EXPORT,LOCK_UN); close EXPORT; +# + +sub usage { + die "Usage:\n\n svc_acct.export user\n"; +} +