1 |
unnilennium |
1.1 |
diff -up smeserver-lazy_admin_tools-1.0/root/usr/doc/lazy-admin-tools/example.shadow.patch1 smeserver-lazy_admin_tools-1.0/root/usr/doc/lazy-admin-tools/example.shadow |
2 |
|
|
--- smeserver-lazy_admin_tools-1.0/root/usr/doc/lazy-admin-tools/example.shadow.patch1 2013-02-02 20:13:49.000000000 -0500 |
3 |
|
|
+++ smeserver-lazy_admin_tools-1.0/root/usr/doc/lazy-admin-tools/example.shadow 2013-02-02 20:17:19.000000000 -0500 |
4 |
|
|
@@ -0,0 +1,12 @@ |
5 |
|
|
+# User : Must contain only lower-case letters, numbers, hyphens, periods |
6 |
|
|
+# and underscores, and should start with a lower-case letter. |
7 |
|
|
+# Wildcards (* and ?) can only be used to delete users! |
8 |
|
|
+# EncPassword : Encrypted password in the /etc/shadow file for this user |
9 |
|
|
+# @ Mandatory field |
10 |
|
|
+# |
11 |
|
|
+#-------------------, |
12 |
|
|
+# User@ |EncPasswd@ | |
13 |
|
|
+#-------------------, |
14 |
|
|
+nathalie|gsdt42r5tdsf |
15 |
|
|
+delete_me* |
16 |
|
|
+delet?_me2 |
17 |
|
|
diff -up smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-dump.patch1 smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-dump |
18 |
|
|
--- smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-dump.patch1 2006-02-09 23:19:23.000000000 -0500 |
19 |
|
|
+++ smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-dump 2013-02-02 20:06:14.000000000 -0500 |
20 |
|
|
@@ -53,6 +53,7 @@ if ($Dump) { |
21 |
|
|
&ReadIbays; |
22 |
|
|
&ReadDomains; |
23 |
|
|
&ReadHosts; |
24 |
|
|
+ &ReadShadow; |
25 |
|
|
|
26 |
|
|
open (REST, "> $OutDir/lat-restore"); |
27 |
|
|
print REST "#!/bin/bash\n"; |
28 |
|
|
@@ -70,6 +71,7 @@ if ($Dump) { |
29 |
|
|
print REST " /usr/sbin/lat-ibays -a -i=$HostName.Ibays\n"; |
30 |
|
|
print REST " /usr/sbin/lat-domains -a -i=$HostName.Domains\n"; |
31 |
|
|
print REST " /usr/sbin/lat-hosts -a -i=$HostName.Hosts\n"; |
32 |
|
|
+ print REST " /usr/sbin/lat-shadow -a -i=$HostName.shadow\n"; |
33 |
|
|
print REST "else\n"; |
34 |
|
|
print REST " echo 'Action cancelled!'\n"; |
35 |
|
|
print REST "fi\n"; |
36 |
|
|
@@ -83,6 +85,36 @@ else { &PrintPod(1); exit; } |
37 |
|
|
#============================================================================== |
38 |
|
|
# Subroutines |
39 |
|
|
#============================================================================== |
40 |
|
|
+sub ReadShadow { |
41 |
|
|
+ open(BACACC, "> $OutDir/$HostName.shadow"); |
42 |
|
|
+ print BACACC "#--------------------------------#\n"; |
43 |
|
|
+ print BACACC "#User |Encrypted Password |\n"; |
44 |
|
|
+ print BACACC "#--------------------------------#\n"; |
45 |
|
|
+ |
46 |
|
|
+use esmith::ConfigDB; |
47 |
|
|
+use esmith::AccountsDB; |
48 |
|
|
+my $adb = esmith::AccountsDB->open_ro(); |
49 |
|
|
+ foreach my $user ($adb->users) |
50 |
|
|
+ { |
51 |
|
|
+ my %properties = $user->props; |
52 |
|
|
+ my $key = $user->key; |
53 |
|
|
+ |
54 |
|
|
+ # lecture shadow |
55 |
|
|
+ open(ACC, "< /etc/shadow") || die "Can't find /etc/shadow.\a\n"; |
56 |
|
|
+ my $line = ""; |
57 |
|
|
+ while (<ACC>){ |
58 |
|
|
+ $line = $_; |
59 |
|
|
+ if($line =~ /^$key:(.*):(.*):(.*):(.*):(.*):(.*):(.*):$/){ |
60 |
|
|
+ print BACACC $key.(' ' x (12 - length($key))); |
61 |
|
|
+ print BACACC " |"; |
62 |
|
|
+ print BACACC $1."\n"; |
63 |
|
|
+ |
64 |
|
|
+ } |
65 |
|
|
+ } |
66 |
|
|
+ close(ACC); |
67 |
|
|
+ } |
68 |
|
|
+} |
69 |
|
|
+#============================================================================== |
70 |
|
|
sub ReadUsers { |
71 |
|
|
my @fldinf = ("User", 12, |
72 |
|
|
"FirstName", 10, |
73 |
|
|
diff -up smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-shadow.patch1 smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-shadow |
74 |
|
|
--- smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-shadow.patch1 2013-02-02 20:09:38.000000000 -0500 |
75 |
|
|
+++ smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-shadow 2013-02-02 20:09:13.000000000 -0500 |
76 |
|
|
@@ -0,0 +1,276 @@ |
77 |
|
|
+#!/usr/bin/perl -w |
78 |
|
|
+#============================================================================== |
79 |
|
|
+# lat-shadow |
80 |
|
|
+# ========= |
81 |
|
|
+# 0.0.1 (2012-11-10) |
82 |
|
|
+# (copyleft)2012 Jean-Philippe Pialasse, inspired by Altiplano bvba |
83 |
|
|
+#============================================================================== |
84 |
|
|
+package esmith; |
85 |
|
|
+use strict; |
86 |
|
|
+#use Cwd; |
87 |
|
|
+use esmith::db; |
88 |
|
|
+use esmith::util; |
89 |
|
|
+use Getopt::Long; |
90 |
|
|
+use Pod::Usage; |
91 |
|
|
+use POSIX; |
92 |
|
|
+use constant DATETIME => strftime("%Y-%m-%d_%H-%M-%S", localtime); |
93 |
|
|
+my %conf; |
94 |
|
|
+tie %conf, 'esmith::config'; |
95 |
|
|
+my %accounts; |
96 |
|
|
+tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; |
97 |
|
|
+my ($Hlp, $Cml, $Frc, $Inp, $Pwf); |
98 |
|
|
+my $Add =0; |
99 |
|
|
+my $passwlist="./passwords.new"; |
100 |
|
|
+my $shadowfile="./shadow_tmp"; # copy of shadow file to read |
101 |
|
|
+my $newshadow="/etc/shadow"; # shadow file in place |
102 |
|
|
+my $original_cp="./shadow_before_" . DATETIME; # copy in case |
103 |
|
|
+ |
104 |
|
|
+#============================================================================== |
105 |
|
|
+# Main |
106 |
|
|
+#============================================================================== |
107 |
|
|
+# Analyze commandline options |
108 |
|
|
+GetOptions ("help" => \$Hlp, |
109 |
|
|
+ "add" => \$Add, |
110 |
|
|
+ "force" => \$Frc, |
111 |
|
|
+ "command-line=s" => \$Cml, |
112 |
|
|
+ "input-file=s" => \$Inp); |
113 |
|
|
+ |
114 |
|
|
+if ( $Hlp ) { &PrintPod(9); exit; } |
115 |
|
|
+ |
116 |
|
|
+# We need one argument or the other, but not both |
117 |
|
|
+if ((($Cml && $Inp) || (! $Cml && ! $Inp)) |
118 |
|
|
+ ) |
119 |
|
|
+ { &PrintPod(1); exit; } |
120 |
|
|
+ |
121 |
|
|
+my @records; |
122 |
|
|
+if ($Inp) { |
123 |
|
|
+ open(LIST,"< $Inp") || die "Can't find $Inp.\n"; |
124 |
|
|
+ @records = grep(!/(^\s*#)|(^\s*$)/,<LIST>); |
125 |
|
|
+ close(LIST); } |
126 |
|
|
+elsif ($Cml) { @records=($Cml); } |
127 |
|
|
+else { &PrintPod(1); exit; } |
128 |
|
|
+ |
129 |
|
|
+# Add accounts |
130 |
|
|
+if ($Add) { |
131 |
|
|
+ getcwd; |
132 |
|
|
+ die("change current directory, can not work in /etc/") unless getcwd ne "/etc"; |
133 |
|
|
+ # make a copy of shadow file in current directory |
134 |
|
|
+ system("cp -f $newshadow $original_cp"); |
135 |
|
|
+ system("cp -f $newshadow $shadowfile"); |
136 |
|
|
+ |
137 |
|
|
+ |
138 |
|
|
+ #Process each user |
139 |
|
|
+ foreach my $record (@records) |
140 |
|
|
+ { |
141 |
|
|
+ my @fields=split(/\|/,$record); |
142 |
|
|
+ for (my $cnt=0; $cnt <= $#fields; ++$cnt) { for ($fields[$cnt]) { s/^\s+//; s/\s+$//; }} |
143 |
|
|
+ my $username = $fields[0]; |
144 |
|
|
+ |
145 |
|
|
+ if ( @fields >= 1) { |
146 |
|
|
+ if ( &TestName($username) )# if username is with legal characters |
147 |
|
|
+ { |
148 |
|
|
+ if ( db_get_type(\%accounts, $username) eq "user" ) |
149 |
|
|
+ { |
150 |
|
|
+ my $PasswordSet=db_get_prop(\%accounts, $username,'PasswordSet'); |
151 |
|
|
+ my $password = $fields[1]; |
152 |
|
|
+ # checkif present in shadow and password is empty (!!) ( if not forced) |
153 |
|
|
+ print $username ." : " ;#." ". $password . " " .$PasswordSet . "\n"; |
154 |
|
|
+ open(SHADOWFILE,"$shadowfile") || die; |
155 |
|
|
+ open(SHADOWNEW,">$newshadow") || die; |
156 |
|
|
+ flock(SHADOWFILE,1)||die; |
157 |
|
|
+ flock(SHADOWNEW,2)||die; |
158 |
|
|
+ while(<SHADOWFILE>) { |
159 |
|
|
+ if(m/^$username:!!:/ ) { # one of our users no password set |
160 |
|
|
+ #print $_ ; |
161 |
|
|
+ s/^$username:(!!):/$username:$password:/i; |
162 |
|
|
+ #print $_ ; |
163 |
|
|
+ (print SHADOWNEW $_) or die "can not write $newshadow: $!"; |
164 |
|
|
+ $PasswordSet="yes"; |
165 |
|
|
+ print "password set.\n"; |
166 |
|
|
+ } |
167 |
|
|
+ elsif (m/^$username:/ ) { # one of our users if there is already a pass set |
168 |
|
|
+ #print $_ ; |
169 |
|
|
+ if ($Frc) { # if we force |
170 |
|
|
+ s/^$username:(.*):/$username:$password:/i; |
171 |
|
|
+ #print $_ ; |
172 |
|
|
+ (print SHADOWNEW $_) or die "can not write $newshadow: $!"; |
173 |
|
|
+ $PasswordSet="yes"; |
174 |
|
|
+ print "password set.\n"; |
175 |
|
|
+ } |
176 |
|
|
+ else { # if force not set |
177 |
|
|
+ print "$username has already a password, you need to force.\n"; |
178 |
|
|
+ (print SHADOWNEW $_) or die "can not write $newshadow: $!"; |
179 |
|
|
+ } |
180 |
|
|
+ } |
181 |
|
|
+ else # not a user we want to change |
182 |
|
|
+ { |
183 |
|
|
+ (print SHADOWNEW $_) or die "can not write $newshadow: $!"; |
184 |
|
|
+ |
185 |
|
|
+ } |
186 |
|
|
+ } |
187 |
|
|
+ close(SHADOWFILE)or die "can not close $shadowfile"; |
188 |
|
|
+ close(SHADOWNEW) or die "can not close $newshadow"; |
189 |
|
|
+ system("cp -f $newshadow $shadowfile"); |
190 |
|
|
+ |
191 |
|
|
+ # Set password |
192 |
|
|
+ #esmith::util::setUserPassword($username, $fields[3]); |
193 |
|
|
+ db_set_prop(\%accounts, $username, 'PasswordSet', $PasswordSet); |
194 |
|
|
+ # if success set db accounts to say password is set |
195 |
|
|
+ } |
196 |
|
|
+ else { print "'$username' is not present in db or is not set as user.\a\n"; } |
197 |
|
|
+ } |
198 |
|
|
+ else { print "'$username' contain illegal characters.\a\n"; } |
199 |
|
|
+ } |
200 |
|
|
+ else { print "Please provide at least an account username and encrypted password to transfert.\n\a";} |
201 |
|
|
+ } |
202 |
|
|
+system("rm -f $shadowfile "); |
203 |
|
|
+} |
204 |
|
|
+#============================================================================== |
205 |
|
|
+# Test name for illegal characters and length |
206 |
|
|
+sub TestName { |
207 |
|
|
+ if ( ! $_[0] =~ /^[a-z][a-z\-\d]*$/ ) { |
208 |
|
|
+ print "The name '$_[0]' contains illegal characters.\n"; |
209 |
|
|
+ print "User names should contain only lower-case letters, "; |
210 |
|
|
+ print "numbers, hyphens or periods\n"; |
211 |
|
|
+ print "and should start with a lower-case letter.\n\a"; |
212 |
|
|
+ return 0; |
213 |
|
|
+ } |
214 |
|
|
+ if ( length($_[0]) > 31 ) { |
215 |
|
|
+ print "The name '$_[0]' is too long. The maximum is 31 characters.\n"; |
216 |
|
|
+ return 0; |
217 |
|
|
+ } |
218 |
|
|
+ return -1; |
219 |
|
|
+} |
220 |
|
|
+#============================================================================== |
221 |
|
|
+# Print the pod text as a help screen |
222 |
|
|
+sub PrintPod { |
223 |
|
|
+ my ($verbose, $message) = @_; |
224 |
|
|
+ pod2usage(-verbose => $verbose, -message => $message, -exitval => 64); |
225 |
|
|
+} |
226 |
|
|
+ |
227 |
|
|
+#============================================================================== |
228 |
|
|
+ |
229 |
|
|
+=pod |
230 |
|
|
+ |
231 |
|
|
+=head1 NAME |
232 |
|
|
+ |
233 |
|
|
+B<lat-shadow> - The lazy administrator's tool to transfer crypted password from a box to another |
234 |
|
|
+ |
235 |
|
|
+=head1 DESCRIPTION |
236 |
|
|
+ |
237 |
|
|
+Transfer an user encrypted password fom one SME box shadow file to another box shadow file on SME servers (7.x/8.x). |
238 |
|
|
+This tool is functionally equivalent some python script that allow this kind of manipulation. This could be used when the adminsitrator do not know the plain apssword of its users and want to migrate a SME box. |
239 |
|
|
+It can be run from the command line or called from an other script. |
240 |
|
|
+It allows you, for example, to tranfert all your users password after creating them with lat-users and dump files obtains from the older box. |
241 |
|
|
+ |
242 |
|
|
+See F</usr/doc/lazy-admin-tools/example.shadow> for the format of the input file. |
243 |
|
|
+ |
244 |
|
|
+=head1 SYNOPSIS |
245 |
|
|
+ |
246 |
|
|
+B<lat-shadow> -a -c "username | encryptedPassword" |
247 |
|
|
+ |
248 |
|
|
+B<lat-shadow> -a [-f] -i /path/to/password.list |
249 |
|
|
+ |
250 |
|
|
+ |
251 |
|
|
+=head1 OPTIONS |
252 |
|
|
+ |
253 |
|
|
+The following options are supported: |
254 |
|
|
+ |
255 |
|
|
+=over 4 |
256 |
|
|
+ |
257 |
|
|
+=item B<-a>, B<--add> |
258 |
|
|
+ |
259 |
|
|
+Add the encrypted passwords for user account to the server. |
260 |
|
|
+ |
261 |
|
|
+=item |
262 |
|
|
+B<-c "Arguments">, B<--command-line="Arguments"> |
263 |
|
|
+ |
264 |
|
|
+Take arguments from the command line. |
265 |
|
|
+See the 'Arguments' section below for the various arguments that are accepted. |
266 |
|
|
+ |
267 |
|
|
+=item B<-f>, B<--force> |
268 |
|
|
+ |
269 |
|
|
+Force update if password is not empty in the shadow file on the SME box |
270 |
|
|
+ |
271 |
|
|
+=item B<-h>, B<--help> |
272 |
|
|
+ |
273 |
|
|
+Extended help for this tool |
274 |
|
|
+ |
275 |
|
|
+=item B<-i=FILE>, B<--input-file=FILE> |
276 |
|
|
+ |
277 |
|
|
+Use the information from FILE to create or delete the user accounts. |
278 |
|
|
+See F</usr/doc/lazy-admin-tools> for an example of an input file. |
279 |
|
|
+ |
280 |
|
|
+ |
281 |
|
|
+=back |
282 |
|
|
+ |
283 |
|
|
+=head2 Arguments: |
284 |
|
|
+ |
285 |
|
|
+ user* - Must contain only lower-case letters, numbers, |
286 |
|
|
+ hyphens, periods and underscores, and should start |
287 |
|
|
+ with a lower-case letter. Wildcards (* and ?) can |
288 |
|
|
+ only be used to delete users. |
289 |
|
|
+ first* - First name |
290 |
|
|
+ last* - Last name |
291 |
|
|
+ password - Password for the user (in clear-text!) |
292 |
|
|
+ department - Department |
293 |
|
|
+ company - Company |
294 |
|
|
+ street - Street name and number |
295 |
|
|
+ city - Zip & City |
296 |
|
|
+ tel - Telephone number |
297 |
|
|
+ forward - E-mail delivery: 'local', 'forward' or 'both' |
298 |
|
|
+ email - Forwarding e-mail adres |
299 |
|
|
+ uid - User ID. If omitted, a suitable uid will be generated. |
300 |
|
|
+ group(s) - Group name(s) to which the user should be added. If the |
301 |
|
|
+ group doesn't exist, it will be created. |
302 |
|
|
+ |
303 |
|
|
+ * mandatory field |
304 |
|
|
+ |
305 |
|
|
+=head1 EXAMPLES |
306 |
|
|
+ |
307 |
|
|
+B<lat-users -a -c "harry | Harry | Potter | Quidditch"> |
308 |
|
|
+ |
309 |
|
|
+Creates user 'harry' from the command line, with password 'Quidditch'. |
310 |
|
|
+ |
311 |
|
|
+B<lat-users -a -i /root/users.list> |
312 |
|
|
+ |
313 |
|
|
+Uses the arguments specified in F</root/users.list> to create user accounts. |
314 |
|
|
+Please refer to F</usr/doc/lazy-admin-tools/example.users> for an example of an input file. |
315 |
|
|
+ |
316 |
|
|
+B<lat-users -d -f -c "user*"> |
317 |
|
|
+ |
318 |
|
|
+Deletes all user accounts that start with 'user'. All users and their files will be deleted without prompting (-f). |
319 |
|
|
+ |
320 |
|
|
+B<lat-users -a -p -i /root/users.list> |
321 |
|
|
+ |
322 |
|
|
+Creates user accounts as defined in F</root/users.list> and generates a random password for each user. |
323 |
|
|
+The names and passwords are written to F<./passwords.new>. |
324 |
|
|
+ |
325 |
|
|
+B<lat-users -a -c "ron | Ron | Weasley ||||||||| 6005"> |
326 |
|
|
+ |
327 |
|
|
+Creates user 'ron' with user ID 6005. All other fields (company, departments, etc.) are left empty. |
328 |
|
|
+ |
329 |
|
|
+B<lat-users -a -c "ron | Ron | Weasley |||||||||| quiddich | dada "> |
330 |
|
|
+ |
331 |
|
|
+Creates user 'ron' and assigns him to groups quiddich and dada. If any of these groups doesn't exist, it will be created. |
332 |
|
|
+ |
333 |
|
|
+=head1 SEE ALSO |
334 |
|
|
+ |
335 |
|
|
+lat-group(8), lat-pseudonyms(8), lat-ibays(8), lat-quota(8), lat-domains(8), lat-hosts(8), lat-procmail(8), lat-pptp(8), lat-dump(8) |
336 |
|
|
+ |
337 |
|
|
+=head1 VERSION |
338 |
|
|
+ |
339 |
|
|
+Version 0.9.0 (2004-09-08). The latest version is hosted at B<http://www.contribs.org/contribs/mblotwijk/> |
340 |
|
|
+ |
341 |
|
|
+=head1 COPYRIGHT |
342 |
|
|
+ |
343 |
|
|
+(c)2003-2004, Altiplano bvba (B<http://www.altiplano.be>). Released under the terms of the GNU license. |
344 |
|
|
+ |
345 |
|
|
+ |
346 |
|
|
+=head1 BUGS |
347 |
|
|
+ |
348 |
|
|
+Please report bugs to <Bugs@Altiplano.Be> |
349 |
|
|
+ |
350 |
|
|
+=cut |
351 |
|
|
+ |
352 |
|
|
+#============================================================================== |
353 |
|
|
diff -up smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-users.patch1 smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-users |
354 |
|
|
--- smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-users.patch1 2013-02-02 19:54:06.000000000 -0500 |
355 |
|
|
+++ smeserver-lazy_admin_tools-1.0/root/usr/sbin/lat-users 2013-02-02 20:05:25.000000000 -0500 |
356 |
|
|
@@ -99,7 +99,6 @@ if ($Add) { |
357 |
|
|
$user{"Uid"} = db_get_prop(\%accounts, $username, "Uid"); |
358 |
|
|
} |
359 |
|
|
|
360 |
|
|
- $user{"Gid"} = db_get_prop(\%accounts, $username, 'Gid');; |
361 |
|
|
db_set(\%accounts, $username, 'user', \%user); |
362 |
|
|
system("/sbin/e-smith/signal-event", "user-modify", $username) == 0 |
363 |
|
|
or die ("An error occurred while modifying account '$username'.\n"); |
364 |
|
|
@@ -119,7 +118,7 @@ if ($Add) { |
365 |
|
|
} |
366 |
|
|
} |
367 |
|
|
} |
368 |
|
|
- else { print "User '$username' already exists on this server.\a\n"; } |
369 |
|
|
+ else { print "User '$username' is not a correct username.\a\n"; } |
370 |
|
|
} |
371 |
|
|
else { print "Please provide at least an account name and the first and last name of the user.\n\a";} |
372 |
|
|
} |