`/usr/local/etc/freeside/conf.<i>datasource</i>', for example,
`/usr/local/etc/freeside/conf.DBI:Pg:dbname=freeside'
<ul>
- <li>address - Your company name and address, four lines.
- <li>apacheroot - The directory containing Apache virtual hosts
- <li>apachemachine - A machine with the apacheroot directory and user home directories. The existance of this file enables setup of virtual host directories, and, in conjunction with the `home' configuration file, symlinks into user home directories.
- <li>
apachemachines - Your Apache machines, one per line. This enables export of `/etc/apache/vhosts.conf', which can be included in your Apache configuration via the <a href="http://www.apache.org/docs/mod/core.html#include">Include</a> directive.
- <li>bindprimary - Your BIND primary nameserver. This enables export of /var/named/named.conf and zone files into /var/named
- <li>bindsecondaries - Your BIND secondary nameservers, one per line. This enables export of /var/named/named.conf
- <li>bsdshellmachines - Your BSD flavored shell (and mail) machines, one per line. This enables export of `/etc/passwd' and `/etc/master.passwd'.
- <li>countrydefault - Default two-letter country code (if not supplied, the default is `US')
- <li>
cybercash2 - <a href="http://www.cybercash.com/cybercash/services/cashreg214.html">CyberCash v2</a> support, four lines: paymentserverhost, paymentserverport, paymentserversecret, and transaction type (`mauthonly' or `mauthcapture'). CCLib.pm is required.
+ <li><a name="address">address</a> - Your company name and address, four lines.
+ <li><a name="apacheroot">apacheroot</a> - The directory containing Apache virtual hosts
+ <li><a name="apachemachine">apachemachine</a> - A machine with the apacheroot directory and user home directories. The existance of this file enables setup of virtual host directories, and, in conjunction with the `home' configuration file, symlinks into user home directories.
+ <li>
<a name="apachemachines">apachemachines</a> - Your Apache machines, one per line. This enables export of `/etc/apache/vhosts.conf', which can be included in your Apache configuration via the <a href="http://www.apache.org/docs/mod/core.html#include">Include</a> directive.
+ <li><a name="bindprimary">bindprimary</a> - Your BIND primary nameserver. This enables export of /var/named/named.conf and zone files into /var/named
+ <li><a name="bindsecondaries">bindsecondaries</a> - Your BIND secondary nameservers, one per line. This enables export of /var/named/named.conf
+ <li><a name="bsdshellmachines">bsdshellmachines</a> - Your BSD flavored shell (and mail) machines, one per line. This enables export of `/etc/passwd' and `/etc/master.passwd'.
+ <li><a name="countrydefault">countrydefault</a> - Default two-letter country code (if not supplied, the default is `US')
+ <li>
<a name="cybercash2">cybercash2</a> - <a href="http://www.cybercash.com/cybercash/services/cashreg214.html">CyberCash v2</a> support, four lines: paymentserverhost, paymentserverport, paymentserversecret, and transaction type (`mauthonly' or `mauthcapture'). CCLib.pm is required.
<li>cybercash3.2 - <a href="http://www.cybercash.com/cybercash/services/technology.html">CyberCash v3.2</a> support. Two lines: the full path and name of your merchant_conf file, and the transaction type (`mauthonly' or `mauthcapture'). CCMckLib3_2.pm, CCMckDirectLib3_2.pm and CCMckErrno3_2 are required.
- <li>deletecustomers - The existance of this file will enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customers' packages if they cancel service.
- <li>domain - Your domain name.
- <li>editreferrals - The existance of this file will allow you to change the referral of existing customers.
- <li>erpcdmachines - Your ERPCD authenticaion machines, one per line. This enables export of `/usr/annex/acp_passwd' and `/usr/annex/acp_dialup'.
- <li>hidecancelledpackages - The existance of this file will prevent cancelled packages from showing up in listings (though they will still be in the database)
- <li>hidecancelledcustomers - The existance of this file will prevent customers with only cancelled packages from showing up in listings (though they will still be in the database)
- <li>home - For new users, prefixed to usrename to create a directory name. Should have a leading but not a trailing slash.
- <li>
icradiusmachines - Your <a href="ftp://ftp.cheapnet.net/pub/icradius">ICRADIUS</a> machines, one per line. The existance of this file (even if empty) turns on radcheck table creation (in the freeside database - the radcheck table needs to be created manually). Machines listed in this file will have the radcheck table exported to them. Each line of this file should contain four items, separted by whitespace: machine name, MySQL database name, MySQL username, and MySQL password. For example: "<CODE>radius.isp.tld radius_db radius_user passw0rd</CODE>". Note that to use ICRADIUS export you need to be using MySQL.
- <li>icradius_mysqldest - Destination directory for the MySQL databases, on the ICRADIUS machines. Defaults to "/usr/local/var/".
- <li>icradius_mysqlsource - Source directory for for the MySQL radcheck table files, on the Freeside machine. Defaults to "/usr/local/var/freeside".
- <li>invoice_from - Return address on email invoices.
- <li>lpr - Print command for paper invoices, for example `lpr -h'.
- <li>maildisablecatchall - The existance of this file will disable the requirement that each virtual domain have a catch-all mailbox.
- <li>mxmachines - MX entries for new domains, weight and machine, one per line, with trailing `.'
- <li>nsmachines - NS nameservers for new domains, one per line, with trailing `.'
- <li>nismachines - Your NIS master (not slave master) machines, one per line. This enables export of `/etc/global/passwd' and `/etc/global/shadow'.
- <li>passwordmin - Minimum password length (default 6);
- <li>qmailmachines - Your qmail machines, one per line. This enables export of `/var/qmail/control/virtualdomains', `/var/qmail/control/recipientmap', and `/var/qmail/control/rcpthosts'. The existance of this file (even if empty) also turns on user `.qmail-extension' file maintenance in conjunction with `shellmachine'.
- <li>radiusmachines - Your RADIUS authentication machines, one per line. This enables export of `/etc/raddb/users'.
- <li>registries - Directory which contains domain registry information. Each registry is a directory.
+ <li><a name="deletecustomers">deletecustomers</a> - The existance of this file will enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customers' packages if they cancel service.
+ <li><a name="domain">domain</a> - Your domain name.
+ <li><a name="editreferrals">editreferrals</a> - The existance of this file will allow you to change the referral of existing customers.
+ <li><a name="erpcdmachines">erpcdmachines</a> - Your ERPCD authenticaion machines, one per line. This enables export of `/usr/annex/acp_passwd' and `/usr/annex/acp_dialup'.
+ <li><a name="hidecancelledpackages">hidecancelledpackages</a> - The existance of this file will prevent cancelled packages from showing up in listings (though they will still be in the database)
+ <li><a name="hidecancelledcustomers">hidecancelledcustomers</a> - The existance of this file will prevent customers with only cancelled packages from showing up in listings (though they will still be in the database)
+ <li><a name="home">home</a> - For new users, prefixed to usrename to create a directory name. Should have a leading but not a trailing slash.
+ <li>
<a name="icradiusmachines">icradiusmachines</a> - Your <a href="ftp://ftp.cheapnet.net/pub/icradius">ICRADIUS</a> machines, one per line. The existance of this file (even if empty) turns on radcheck table creation (in the freeside database - the radcheck table needs to be created manually). Machines listed in this file will have the radcheck table exported to them. Each line of this file should contain four items, separted by whitespace: machine name, MySQL database name, MySQL username, and MySQL password. For example: "<CODE>radius.isp.tld radius_db radius_user passw0rd</CODE>". Note that to use ICRADIUS export you need to be using MySQL.
+ <li><a name="icradius_mysqldest">icradius_mysqldest</a> - Destination directory for the MySQL databases, on the ICRADIUS machines. Defaults to "/usr/local/var/".
+ <li><a name="icradius_mysqlsource">icradius_mysqlsource</a> - Source directory for for the MySQL radcheck table files, on the Freeside machine. Defaults to "/usr/local/var/freeside".
+ <li><a name="invoice_from">invoice_from</a> - Return address on email invoices.
+ <li><a name="lpr">lpr</a> - Print command for paper invoices, for example `lpr -h'.
+ <li><a name="maildisablecatchall">maildisablecatchall</a> - The existance of this file will disable the requirement that each virtual domain have a catch-all mailbox.
+ <li><a name="mxmachines">mxmachines</a> - MX entries for new domains, weight and machine, one per line, with trailing `.'
+ <li><a name="nsmachines">nsmachines</a> - NS nameservers for new domains, one per line, with trailing `.'
+ <li><a name="nismachines">nismachines</a> - Your NIS master (not slave master) machines, one per line. This enables export of `/etc/global/passwd' and `/etc/global/shadow'.
+ <li><a name="passwordmin">passwordmin</a> - Minimum password length (default 6);
+ <li><a name="qmailmachines">qmailmachines</a> - Your qmail machines, one per line. This enables export of `/var/qmail/control/virtualdomains', `/var/qmail/control/recipientmap', and `/var/qmail/control/rcpthosts'. The existance of this file (even if empty) also turns on user `.qmail-extension' file maintenance in conjunction with `shellmachine'.
+ <li><a name="radiusmachines">radiusmachines</a> - Your RADIUS authentication machines, one per line. This enables export of `/etc/raddb/users'.
+ <li><a name="registries">registries</a> - Directory which contains domain registry information. Each registry is a directory.
<ul>
<li>registries/internic - Currently the only supported registry
<ul>
<li>registries/internic/to - Email address to which InterNIC domain registrations are sent.
</ul>
</ul>
- <li>sendmailconfigpath - Sendmail configuration file path - defaults to `/etc'. Many newer distributions use `/etc/mail'.
- <li>sendmailmachines - Your sendmail machines, one per line. This enables export of `/etc/virtusertable' and `/etc/sendmail.cw'.
- <li>sendmailrestart - If defined, the command which is run on sendmail machines after files are copied.
- <li>shellmachine - A single machine with user home directories mounted. This enables home directory creation, renaming and archiving/deletion. In conjunction with `qmailmachines', it also enables `.qmail-extension' file maintenance.
- <li>shellmachines - Your Linux and System V flavored shell (and mail) machines, one per line. This enables export of `/etc/passwd' and `/etc/shadow' files.
- <li>shells - Legal shells (think /etc/shells). You probably want to `cut -d: -f7 /etc/passwd | sort | uniq' initially so that importing doesn't fail with `Illegal shell' errors, then remove any special entries afterwords. A blank line specifies that an empty shell is permitted.
- <li>showpasswords - The existance of this file will allow unencrypted user passwords to be displayed.
- <li>smtpmachine - SMTP relay for Freeside's outgoing mail.
- <li>soadefaultttl - SOA default TTL for new domains.
- <li>soaemail - SOA email for new domains, in BIND form (`.' instead of `@'), with trailing `.'
- <li>soaexpire - SOA expire for new domains
- <li>soamachine - SOA machine for new domains, with trailing `.'
- <li>soarefresh - SOA refresh for new domains
- <li>soaretry - SOA retry for new domains
- <li>textradiusprepend - The contents of this file will be prepended to the first line of a user's RADIUS entry in text exports. If necessary, usually `Auth-Type = Local, '.
- <li>usernamemin - Minimum username length (default 2);
- <li>usernamemax - Maximum username length (default is the size of the SQL column, probably specified when fs-setup was run)
+ <li><a name="sendmailconfigpath">sendmailconfigpath</a> - Sendmail configuration file path - defaults to `/etc'. Many newer distributions use `/etc/mail'.
+ <li><a name="sendmailmachines">sendmailmachines</a> - Your sendmail machines, one per line. This enables export of `/etc/virtusertable' and `/etc/sendmail.cw'.
+ <li><a name="sendmailrestart">sendmailrestart</a> - If defined, the command which is run on sendmail machines after files are copied.
+ <li><a name="shellmachine">shellmachine</a> - A single machine with user home directories mounted. This enables home directory creation, renaming and archiving/deletion. In conjunction with `qmailmachines', it also enables `.qmail-extension' file maintenance.
+ <li>shellmachine-useradd - The command(s) to run on shellmachine when an account is created. If this file does not exist, <code>useradd -d $dir -m -s $shell -u $uid $username</code> is the default. If the file exists but is empty, <code>cp -pr /etc/skel $dir; chown -R $uid.$gid $dir</code> is the default instead. Otherwise the contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$username</code>, <code>$uid</code>, <code>$gid</code>, <code>$dir</code>, and <code>$shell</code>.
+ <li>shellmachine-userdel - The command(s) to run on shellmachine when an account is deleted. If this file does not exist, <code>userdel $username</code> is the default. If the file exists but is empty, <code>rm -rf $dir</code> is the default instead. Otherwise the contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$username</code> and <code>$dir</code>.
+ <li>shellmachine-usermod - The command(s) to run on shellmachine when an account is modified. If this file does not exist or is empty, <code>[ -d $old_dir ] && mv $old_dir $new_dir || ( chmod u+t $old_dir; mkdir $new_dir; cd $old_dir; find . -depth -print | cpio -pdm $new_dir; chmod u-t $new_dir; chown -R $uid.$gid $new_dir; rm -rf $old_dir )</code> is the default. Otherwise the contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$old_dir</code>, <code>$new_dir</code>, <code>$uid</code> and <code>$gid</code>.
+ <li><a name="shellmachines">shellmachines</a> - Your Linux and System V flavored shell (and mail) machines, one per line. This enables export of `/etc/passwd' and `/etc/shadow' files.
+ <li><a name="shells">shells</a> - Legal shells (think /etc/shells). You probably want to `cut -d: -f7 /etc/passwd | sort | uniq' initially so that importing doesn't fail with `Illegal shell' errors, then remove any special entries afterwords. A blank line specifies that an empty shell is permitted.
+ <li><a name="showpasswords">showpasswords</a> - The existance of this file will allow unencrypted user passwords to be displayed.
+ <li><a name="smtpmachine">smtpmachine</a> - SMTP relay for Freeside's outgoing mail.
+ <li><a name="soadefaultttl">soadefaultttl</a> - SOA default TTL for new domains.
+ <li><a name="soaemail">soaemail</a> - SOA email for new domains, in BIND form (`.' instead of `@'), with trailing `.'
+ <li><a name="soaexpire">soaexpire</a> - SOA expire for new domains
+ <li><a name="soamachine">soamachine</a> - SOA machine for new domains, with trailing `.'
+ <li><a name="soarefresh">soarefresh</a> - SOA refresh for new domains
+ <li><a name="soaretry">soaretry</a> - SOA retry for new domains
+ <li><a name="textradiusprepend">textradiusprepend</a> - The contents of this file will be prepended to the first line of a user's RADIUS entry in text exports. If necessary, usually `Auth-Type = Local, '.
+ <li><a name="usernamemin">usernamemin</a> - Minimum username length (default 2);
+ <li><a name="usernamemax">usernamemax</a> - Maximum username length (default is the size of the SQL column, probably specified when fs-setup was run)
</ul>
</body>
<li>nismachines - <b>passwd</b> and <b>shadow</b> are copied to the <b>/etc/global</b> directory on the remote machine. If no errors occur, the command <b>( cd /var/yp; make; )</b> is executed on the remote machine.
<li>erpcdmachines - <b>acp_passwd</b> and <b>acp_dialup</b> are copied to the <b>/usr/annex</b> directory on the remote machine. If no errors occur, the command <b>( kill -USR1 `cat /usr/annex/erpcd.pid` )</b> is executed on the remote machine.
<li>radiusmachines - <b>users</b> is copied to the <b>/etc/raddb</b> directory on the remote machine. If no errors occur, the command <b>( builddbm )</b> is executed on the remote machine.
- <li>icradiusmachines - Local radcheck and radreply tables will be created. If any machines are specified, the remote MySQL database will be locked and the radcheck table will be copied to the those machines. You may also need to set the icradius_mysqlsource and/or icradius_mysqldest <a href="config.html">configuration files</a>. Currently you need to be running MySQL for your Freeside database to use this feature.
+ <li>icradiusmachines - Local radcheck and radreply tables will be created. If any machines are specified, the remote MySQL database will be locked and the radcheck table will be copied to the those machines. You may also need to set the <a href="config.html#icradius_mysqlsource">icradius_mysqlsource</a> and/or <a href="config.html#icradius_mysqldest">icradius_mysqldest</a> configuration files. Currently you need to be running MySQL for your Freeside database to use this feature.
</ul>
<li>site_perl/svc_acct.pm - If a shellmachine is defined, users can be created, modified and deleted remotely; see below.
<ul>
- <li>The command <b>useradd -d <i>homedir</i> -s <i>shell</i> -u <i>uid</i> <i>username</i></b> is executed when a user is added.
- <li>The command <b>userdel <i>username</i></b> is executed with a user is deleted.
- <li>If a user's home directory changes, the command <b>[ -d <i>old_homedir</i> && ( chmod u+t <i>old_homedir</i>; umask 022; mkdir <i>new_homedir</i>; cd <i>old_homedir</i>; find . -depth -print | cpio -pdm <i>new_homedir</i>; chmod u-t <i>new_homedir</i>; chown -R <i>uid</i>.<i>gid</i> <i>new_homedir</i>; rm -rf <i>old_homedir</i> )</b> is executed.
+ <li>Account creation - If the <b>username</b>, <b>uid</b> and <b>dir</b> fields are defined for a new user, the command(s) specified in the <a href="config.html#shellmachine-useradd">shellmachine-useradd</a> configuration file are executed on shellmachine via ssh. If this file does not exist, <code>useradd -d $dir -m -s $shell -u $uid $username</code> is the default. If the file exists but is empty, <code>cp -pr /etc/skel $dir; chown -R $uid.$gid $dir</code> is the default instead. Otherwise the contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$username</code>, <code>$uid</code>, <code>$gid</code>, <code>$dir</code>, and <code>$shell</code>.
+ <li>Account deletion - The command(s) specified in the <a href="config.html#shellmachine-userdel">shellmachine-userdel</a> configuration file are executed on shellmachine via ssh. If this file does not exist, <code>userdel $username</code> is the default. If the file exists but is empty, <code>rm -rf $dir</code> is the default instead. Otherwise the contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$username</code> and <code>$dir</code>.
+ <li>Account modification - If a user's home directory changes, the command(s) specified in the <a href="config.html#shellmachine-usermod">shellmachine-usermod</a> configuration file are execute on shellmachine via ssh. If this file does not exist or is empty, <code>[ -d $old_dir ] && mv $old_dir $new_dir || ( chmod u+t $old_dir; mkdir $new_dir; cd $old_dir; find . -depth -print | cpio -pdm $new_dir; chmod u-t $new_dir; chown -R $uid.$gid $new_dir; rm -rf $old_dir )</code> is the default. Otherwise the contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$old_dir</code>, <code>$new_dir</code>, <code>$uid</code> and <code>$gid</code>.
</ul>
<li>bin/svc_acct_sm.export will create <a href="http://www.qmail.org">Qmail</a> <b>rcpthosts</b>, <b>recipientmap</b> and <b>virtualdomains</b> files and <a href="http://www.sendmail.org">Sendmail</a> <b>virtusertable</b> and <b>sendmail.cw</b> files in the <b>/usr/local/etc/freeside/export.<i>datasrc</i></b> directory. Using the appropriate <a href="config.html">configuration files</a>, you can export these files to your remote machines unattemded:
<ul>
<li>qmailmachines - <b>recipientmap</b>, <b>virtualdomains</b> and <b>rcpthosts</b> are copied to the <b>/var/qmail/control</b> directory on the remote machine. Note: If you <a href="legacy.html#svc_acct_sm">imported</a> qmail configuration files, run the generated <b>/usr/local/etc/freeside/export.<i>datasrc</i>/virtualdomains.FIX</b> on a machine with your user home directories before exporting qmail configuration files.
<li>shellmachine - The command <b>[ -e <i>homedir</i>/.qmail-default ] || { touch <i>homedir</i>/.qmail-default; chown <i>uid</i>.<i>gid</i> <i>homedir</i>/.qmail-default; }</b> will be run on this machine for users in the virtualdomains file.
- <li>sendmailmachines - <b>sendmail.cw</b> and <b>virtusertable</b> are copied to the remote machine as <b>/etc/sendmail.cw.new</b> and <b>/etc/virtusertable.new</b> and moved to <b>/etc/sendmail.cw</b> and <b>/etc/virtusertable</b> if no errors occur.
+ <li>sendmailmachines - <b>sendmail.cw</b> and <b>virtusertable</b> are copied to the remote machine as <b>/etc/sendmail.cw.new</b> and <b>/etc/virtusertable.new</b>. If no errors occur, they are moved to <b>/etc/sendmail.cw</b> and <b>/etc/virtusertable</b> and the command specified in the <a href="config.html#sendmailrestart">sendmailrestart</a> configuration file is executed. (The path can be changed from the default <b>/etc</b> with the <a href="config.html#sendmailconfigpath">sendmailconfigpath</a> configuration file.)
</ul>
<li>site_perl/svc_acct_sm.pm - If the qmailmachines configuration file exists and a shellmachine is defined, user <b>.qmail-</b> files can be updated.
<ul>
projects / freeside.git / commitdiff