1 |
unnilennium |
1.1 |
--- smeserver-password-1.0.0/root/etc/e-smith/events/actions/user-passwd-expiration.Acctinfo 2008-05-24 10:23:10.000000000 +1000 |
2 |
|
|
+++ smeserver-password-1.0.0/root/etc/e-smith/events/actions/user-passwd-expiration 2008-05-24 10:24:28.000000000 +1000 |
3 |
|
|
@@ -1,4 +1,10 @@ |
4 |
|
|
#!/usr/bin/perl -w |
5 |
|
|
+# modified on 23/05/2008 |
6 |
|
|
+# direct access to /etc/shadow file |
7 |
|
|
+# thanks to Jeremy D. Zawodny, <jzawodn@wcnet.org> |
8 |
|
|
+# for his Acctinfo.pm (getpwnams and ChopDec functions) |
9 |
|
|
+# http://jeremy.zawodny.com/perl/AcctInfo/index.html |
10 |
|
|
+ |
11 |
|
|
package esmith; |
12 |
|
|
use strict; |
13 |
|
|
use Errno; |
14 |
|
|
@@ -23,7 +29,8 @@ |
15 |
|
|
# date/time parameters |
16 |
|
|
my @lt = localtime(time); |
17 |
|
|
my $template = '%s'; |
18 |
|
|
-my $today = strftime('%b %d, %Y',@lt); |
19 |
|
|
+my $today = time() / 86400; # Today's date. |
20 |
|
|
+$today = &ChopDec($today); # no decimals |
21 |
|
|
|
22 |
|
|
# system parameters |
23 |
|
|
my $domain = $db->get_value("DomainName") || 'localhost'; |
24 |
|
|
@@ -32,7 +39,7 @@ |
25 |
|
|
|
26 |
|
|
# who is sending mail? :-) |
27 |
|
|
my $sender = "admin\@$domain"; |
28 |
|
|
- |
29 |
|
|
+ |
30 |
|
|
# mail body template for user |
31 |
|
|
my $templates = '/etc/e-smith/templates'; |
32 |
|
|
my $source = '/usr/lib/e-smith-passexpire/passExpire.tmpl'; |
33 |
|
|
@@ -40,64 +47,86 @@ |
34 |
|
|
-f "${templates}-custom${source}" and $templates .= "-custom"; |
35 |
|
|
|
36 |
|
|
if ($isactive eq 'yes') { |
37 |
|
|
- foreach my $account (@accounts) |
38 |
|
|
- { |
39 |
|
|
- next unless (($account->prop('PasswordSet') || 'no') eq 'yes'); |
40 |
|
|
- my $name = $account->key; |
41 |
|
|
- if (!($name eq 'admin')) |
42 |
|
|
- { |
43 |
|
|
- next unless (($account->prop('PasswordAge') || 'no') eq 'yes'); |
44 |
|
|
- my $cmd = "chage -l $name | grep -i 'last' | cut -d ':' -f 2"; |
45 |
|
|
- my $lastchange = `$cmd 2>/dev/null`; |
46 |
|
|
- my $age = ((str2time($today) - str2time($lastchange))/86400); |
47 |
|
|
- my $realaging = $pwdage - $pwdwarn; |
48 |
|
|
- my $days = $pwdage - $age; |
49 |
|
|
- my $time2warn = $age - $realaging; |
50 |
|
|
- if ($time2warn >= 0) { |
51 |
|
|
- |
52 |
|
|
- if ($days < 0) { |
53 |
|
|
- $days = -1 * $days; |
54 |
|
|
- } |
55 |
|
|
- my $t = new Text::Template(TYPE => 'FILE', SOURCE => "${templates}${source}"); |
56 |
|
|
- |
57 |
|
|
- open(QMAIL, "|/var/qmail/bin/qmail-inject -f$sender $name") || die "Could not send mail via qmail-inject!\n"; |
58 |
|
|
- |
59 |
|
|
- print QMAIL $t->fill_in( HASH => { |
60 |
|
|
- conf => \$db, |
61 |
|
|
- user => $name, |
62 |
|
|
- ip => $ipaddress, |
63 |
|
|
- number => $days, |
64 |
|
|
- }); |
65 |
|
|
- |
66 |
|
|
- close QMAIL; |
67 |
|
|
- # if time2warn >= pwdwarn then send email to admin too |
68 |
|
|
- if ($time2warn >= $pwdwarn) { |
69 |
|
|
- |
70 |
|
|
- #message to admin is hardcoded in english; not so bad.. |
71 |
|
|
- |
72 |
|
|
- my $t1 = "To: admin\n"; |
73 |
|
|
- $t1 .= "From: \"Administrator\" <admin\@$domain>\n"; |
74 |
|
|
- $t1 .= "Subject: Password for user $name expired\n\n"; |
75 |
|
|
- $t1 .= "This is an automatically generated mail message\n\n"; |
76 |
|
|
- $t1 .= "Dear Admin,\n password for user $name has expired since $days days\n"; |
77 |
|
|
- $t1 .= "Regards"; |
78 |
|
|
- |
79 |
|
|
- open(QMAIL, "|/var/qmail/bin/qmail-inject -f$sender admin") || die "Could not send mail via qmail-inject!\n"; |
80 |
|
|
- |
81 |
|
|
- print QMAIL $t1; |
82 |
|
|
- close QMAIL; |
83 |
|
|
- |
84 |
|
|
- # if $lockaccount eq yes, call signal-event to lock the account |
85 |
|
|
- if ($lockaccount eq 'yes'){ |
86 |
|
|
- system "/sbin/e-smith/signal-event user-lock $name"; |
87 |
|
|
- } |
88 |
|
|
- |
89 |
|
|
- |
90 |
|
|
- } |
91 |
|
|
- } |
92 |
|
|
- } |
93 |
|
|
- } |
94 |
|
|
+ foreach my $account (@accounts) |
95 |
|
|
+ { |
96 |
|
|
+ next unless (($account->prop('PasswordSet') || 'no') eq 'yes'); |
97 |
|
|
+ my $name = $account->key; |
98 |
|
|
+ if (!($name eq 'admin')) |
99 |
|
|
+ { |
100 |
|
|
+ next unless (($account->prop('PasswordAge') || 'no') eq 'yes'); |
101 |
|
|
+ my @pw = split(/:/ , &getpwnams($name)); |
102 |
|
|
+ my $lastchange = $pw[2]; # Date of last change. |
103 |
|
|
+ # Calculate days until expiration. |
104 |
|
|
+ my $age = $today - $lastchange; |
105 |
|
|
+ my $realaging = $pwdage - $pwdwarn; |
106 |
|
|
+ my $days = $pwdage - $age; |
107 |
|
|
+ my $time2warn = $age - $realaging; |
108 |
|
|
+ if ($time2warn >= 0) { |
109 |
|
|
+ |
110 |
|
|
+ if ($days < 0) { |
111 |
|
|
+ $days = -1 * $days; |
112 |
|
|
+ } |
113 |
|
|
+ my $t = new Text::Template(TYPE => 'FILE', SOURCE => "${templates}${source}"); |
114 |
|
|
+ |
115 |
|
|
+ open(QMAIL, "|/var/qmail/bin/qmail-inject -f$sender $name") || die "Could not send mail via qmail-inject!\n"; |
116 |
|
|
+ |
117 |
|
|
+ print QMAIL $t->fill_in( HASH => { |
118 |
|
|
+ conf => \$db, |
119 |
|
|
+ user => $name, |
120 |
|
|
+ ip => $ipaddress, |
121 |
|
|
+ number => $days, |
122 |
|
|
+ }); |
123 |
|
|
+ |
124 |
|
|
+ close QMAIL; |
125 |
|
|
+ # if time2warn >= pwdwarn then send email to admin too |
126 |
|
|
+ if ($time2warn >= $pwdwarn) { |
127 |
|
|
+ |
128 |
|
|
+ #message to admin is hardcoded in english; not so bad.. |
129 |
|
|
+ |
130 |
|
|
+ my $t1 = "To: admin\n"; |
131 |
|
|
+ $t1 .= "From: \"Administrator\" <admin\@$domain>\n"; |
132 |
|
|
+ $t1 .= "Subject: Password for user $name expired\n\n"; |
133 |
|
|
+ $t1 .= "This is an automatically generated mail message\n\n"; |
134 |
|
|
+ $t1 .= "Dear Admin,\n password for user $name has expired since $days days\n"; |
135 |
|
|
+ $t1 .= "Regards"; |
136 |
|
|
+ |
137 |
|
|
+ open(QMAIL, "|/var/qmail/bin/qmail-inject -f$sender admin") || die "Could not send mail via qmail-inject!\n"; |
138 |
|
|
+ |
139 |
|
|
+ print QMAIL $t1; |
140 |
|
|
+ close QMAIL; |
141 |
|
|
+ |
142 |
|
|
+ # if $lockaccount eq yes, call signal-event to lock the account |
143 |
|
|
+ if ($lockaccount eq 'yes'){ |
144 |
|
|
+ system "/sbin/e-smith/signal-event user-lock $name"; |
145 |
|
|
+ } |
146 |
|
|
+ } |
147 |
|
|
+ } |
148 |
|
|
+ } |
149 |
|
|
+ } |
150 |
|
|
} |
151 |
|
|
|
152 |
|
|
exit 0; |
153 |
|
|
|
154 |
|
|
+sub getpwnams { |
155 |
|
|
+ my $name = $_[0]; |
156 |
|
|
+ my $line; |
157 |
|
|
+ $name .= ":"; |
158 |
|
|
+ open(SHADOW, "/etc/shadow"); |
159 |
|
|
+ while(<SHADOW>) { |
160 |
|
|
+ last if (/^$name/); |
161 |
|
|
+ } # end while |
162 |
|
|
+ close(SHADOW); |
163 |
|
|
+ $line = $_; |
164 |
|
|
+ chop($line); |
165 |
|
|
+ return($line); |
166 |
|
|
+} |
167 |
|
|
+ |
168 |
|
|
+sub ChopDec { |
169 |
|
|
+ my $num = $_[0]; |
170 |
|
|
+ if ($num =~ /\./) { |
171 |
|
|
+ $num =~ /(.*)\.(.*)/; |
172 |
|
|
+ $num = $1; |
173 |
|
|
+ } # end if |
174 |
|
|
+ return $num; |
175 |
|
|
+} |
176 |
|
|
+ |