diff --git a/lam/lib/account.inc b/lam/lib/account.inc index 557684ab..dde79461 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -389,14 +389,22 @@ function setquotas($user) { // Whis function will set the quotas from the specif while ($_SESSION['account']->quota[$i][0]) { if ($_SESSION['account']->quota[$i] != $_SESSION['account_old']->quota[$i]) { $towrite = $towrite. $_SESSION['account']->quota[$i][0] .','.$_SESSION['account']->quota[$i][2] .','.$_SESSION['account']->quota[$i][3] - .','.$_SESSION['account']->quota[$i][6] .','. $_SESSION['account']->quota[$i][7] .':'. - $i++; + .','.$_SESSION['account']->quota[$i][6] .','. $_SESSION['account']->quota[$i][7] .':'; } + $i++; } - echo("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite"); if ($i!=0) exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals); } +function remquotas($user, $kind) { // Whis function will remove the quotas from the specified user. + $ldap_q = $_SESSION['ldap']->decrypt(); + //$towrite = $ldap_q[0].' '.$ldap_q[1].' '.$user.' quota set '; + $towrite = 'cn=Manager,dc=my-domain,dc=com secret '.$user.' quota rem '; + if ($_SESSION['type2']=='user') $towrite = $towrite.'u '; + else $towrite = $towrite.'g '; + exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals); + } + function addhomedir($user) { // Create Homedirectory $ldap_q = $_SESSION['ldap']->decrypt(); @@ -590,7 +598,6 @@ function loaduser($dn) { // Will load all needed values from an existing account $_SESSION['account_old'] = $_SESSION['account']; if ($attr['userPassword'][0]) $_SESSION['account_old']->unix_password = $attr['userPassword'][0]; if ($attr['ntPassword'][0]) $_SESSION['account_old']->smb_password = $attr['ntPassword'][0]; - if ($_SESSION['config']->scriptServer) getquotas($attr['uid'][0]); } function loadhost($dn) { // Will load all needed values from an existing account @@ -649,7 +656,10 @@ function loadgroup($dn) { // Will load all needed values from an existing group $result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixGroup"); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); - if ($attr['gidNumber'][0]) $_SESSION['account']->general_uidNumber = $attr['gidNumber'][0]; + if ($attr['gidNumber'][0]) { + $_SESSION['account']->general_uidNumber = $attr['gidNumber'][0]; + if ($_SESSION['config']->scriptServer) getquotas($attr['uid'][0]); + } if ($attr['description'][0]) $_SESSION['account']->general_gecos = $attr['description'][0]; if ($attr['cn'][0]) { $_SESSION['account']->general_username = $attr['cn'][0]; @@ -659,7 +669,6 @@ function loadgroup($dn) { // Will load all needed values from an existing group if (is_array($_SESSION['account']->general_memberUid)) array_shift($_SESSION['account']->general_memberUid); $_SESSION['account']->general_dn = $dn; $_SESSION['account_old'] = $_SESSION['account']; - if ($_SESSION['config']->scriptServer) getquotas($attr['uid'][0]); } @@ -670,7 +679,7 @@ function createuser() { // Will create the LDAP-Account // 4 == Error while creating Account // 5 == Error while modifying Account // Value stored in shadowExpire, days since 1.1.1970 - $date = mktime(0,0,0, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ; + $date = mktime(10,0,0, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ; settype($date, 'integer'); $_SESSION['account']->general_dn = 'cn=' . $_SESSION['account']->general_username . ',' . $_SESSION['config']->get_UserSuffix(); @@ -763,9 +772,12 @@ function createuser() { // Will create the LDAP-Account } if (!$success) return 5; // Write Groupmemberchips - $allgroups = $_SESSION['account']->general_groupadd; - if (!in_array($_SESSION['account']->general_group, $allgroups)) $allgroups[] = $_SESSION['account']->general_group; - $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('uidNumber')); + if ($_SESSION['account']->general_groupadd) { + $allgroups = $_SESSION['account']->general_groupadd; + if (!in_array($_SESSION['account']->general_group, $allgroups)) $allgroups[] = $_SESSION['account']->general_group; + } + else $allgroups[0] = $_SESSION['account']->general_group; + $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('memberUid')); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); while ($entry) { $modifygroup=0; @@ -773,8 +785,8 @@ function createuser() { // Will create the LDAP-Account if ($attr2['memberUid']) { array_shift($attr2['memberUid']); foreach ($attr2['memberUid'] as $nam) { - if ( ($attr2['memberUid'][$nam]==$_SESSION['account']->general_username) && !in_array($attr2['memberUid'][$nam], $allgroups)) { - $todelete['memberUid'] = $attr2['memberUid'][$nam]; + if ( ($nam==$_SESSION['account']->general_username) && !in_array($nam, $allgroups)) { + $todelete['memberUid'] = $nam; $success = ldap_mod_del($_SESSION['ldap']->server(), ldap_get_dn($_SESSION['ldap']->server(), $entry) ,$todelete); } } @@ -799,7 +811,6 @@ function createuser() { // Will create the LDAP-Account else { // Write a new entry if user doesn't exists $success = ldap_add($_SESSION['ldap']->server(),$_SESSION['account']->general_dn, $attr); - if (!$success) return 4; if ($_SESSION['config']->scriptServer) { setquotas($_SESSION['account']->general_username); addhomedir($_SESSION['account']->general_username); @@ -809,7 +820,7 @@ function createuser() { // Will create the LDAP-Account $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $group = ldap_get_attributes($_SESSION['ldap']->server(), $entry); if ($group['memberUid']) array_shift($group['memberUid']); - if (! in_array($_SESSION['account']->general_username, $group['memberUid'])) { + if (! in_array($_SESSION['account']->general_username, $group)) { $toadd['memberUid'] = $_SESSION['account']->general_username; $success = ldap_mod_add($_SESSION['ldap']->server(), 'cn='.$_SESSION['account']->general_group.','.$_SESSION['config']->get_GroupSuffix(), $toadd); } @@ -839,7 +850,7 @@ function createhost() { // Will create the LDAP-Host // 5 == Error while modifying Host // Value stored in shadowExpire, days since 1.1.1970 - $date = mktime(0,0,0, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ; + $date = mktime(10,0,0, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ; settype($date, 'integer'); $_SESSION['account']->general_dn = 'cn=' . $_SESSION['account']->general_username . ',' . $_SESSION['config']->get_HostSuffix(); @@ -913,8 +924,11 @@ function createhost() { // Will create the LDAP-Host if ($success) ldap_delete($_SESSION['ldap']->server(),$_SESSION['account_old']->general_dn); } if (!$success) return 5; - $allgroups = $_SESSION['account']->general_groupadd; - if (!in_array($_SESSION['account']->general_group, $allgroups)) $allgroups[] = $_SESSION['account']->general_group; + if ($_SESSION['account']->general_groupadd) { + $allgroups = $_SESSION['account']->general_groupadd; + if (!in_array($_SESSION['account']->general_group, $allgroups)) $allgroups[] = $_SESSION['account']->general_group; + } + else $allgroups[0] = $_SESSION['account']->general_group; $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('memberUid')); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); while ($entry) { @@ -923,8 +937,8 @@ function createhost() { // Will create the LDAP-Host if ($attr2['memberUid']) { array_shift($attr2['memberUid']); foreach ($attr2['memberUid'] as $nam) { - if ( ($attr2['memberUid'][$nam]==$_SESSION['account']->general_username) && !in_array($attr2['memberUid'][$nam], $allgroups)) { - $todelete['memberUid'] = $attr2['memberUid'][$nam]; + if ( ($nam==$_SESSION['account']->general_username) && !in_array($nam, $allgroups)) { + $todelete['memberUid'] = $nam; $success = ldap_mod_del($_SESSION['ldap']->server(), ldap_get_dn($_SESSION['ldap']->server(), $entry) ,$todelete); } } @@ -1002,8 +1016,9 @@ function creategroup() { // Will create the LDAP-Group $success = ldap_add($_SESSION['ldap']->server(),$_SESSION['account']->general_dn, $attr); if ($success) ldap_delete($_SESSION['ldap']->server(),$_SESSION['account_old']->general_dn); } - // Fragen, ob bei geänderter gid die gids der Beutzer in der Gruppe geändert werden sollen. ********************************* - if ( $_SESSION['account']->final_changegids==true ) { + echo "draussen"; + if ( $_SESSION['final_changegids']==true ) { + echo "drin"; $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), 'gidNumber=' . $_SESSION['account_old']->general_uidNumber, array('gidNumber')); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); while ($entry) { diff --git a/lam/lib/lamdaemon.pl b/lam/lib/lamdaemon.pl index 0c640543..c8641905 100755 --- a/lam/lib/lamdaemon.pl +++ b/lam/lib/lamdaemon.pl @@ -42,8 +42,8 @@ use Quota; # Needed to get and set quotas use Net::LDAP; # Needed to connect to ldap-server #use strict; # Use strict for security reasons +@quota_grp; @quota_usr; # Filesystems with enabled userquotas -@quota_grp; # Filesystems with enabled userquotas @vals = @ARGV; # vals = DN, PAssword, user, home, (add|rem), # quota, (set|get),(u|g), (mountpoint,blocksoft,blockhard,filesoft,filehard)+ @@ -107,9 +107,9 @@ if ($found==true) { my $path = $user[7]; $path =~ s,/(?:[^/]*)$,,; ($<, $>) = ($>, $<); # Get root privileges - system 'mkdir', '-m 755 -p', $patch; # Create paths to homedir + system 'mkdir', '-m 755', '-p', $path; # Create paths to homedir system 'mkdir', '-m 700', $user[7]; # Create himdir itself - system 'cp', '-a', '/etc/skel/*', $user[7]; # Copy /etc/sekl into homedir + system "cp -a /etc/skel/* /etc/skel/.[^.]* $user[7]"; # Copy /etc/sekl into homedir system 'chown', '-R', "$user[2]:$user[3]" , $user[7]; # Change owner to new user system '/usr/sbin/useradd.local', $user[0]; # run useradd-script ($<, $>) = ($>, $<); # Give up root previleges @@ -139,8 +139,23 @@ if ($found==true) { } $i++; } - if ($vals[5] eq 'u') { $group=false; } else { $group=true; } + if ($vals[5] eq 'u') { $group=false; } else { + $group=true; + @quota_usr = @quota_grp; + } switch2: { + $vals[4] eq 'rem' && do { + $i=0; + ($<, $>) = ($>, $<); # Get root privileges + while ($quota_usr[$i][0]) { + $dev = Quota::getqcarg($quota_usr[$i][0]); + print "$user[2]\n"; + $return = Quota::setqlim($dev,$user[2],0,0,0,0,1,$group); + $i++; + } + ($<, $>) = ($>, $<); # Give up root previleges + last switch2; + }; $vals[4] eq 'set' && do { $i=0; ($<, $>) = ($>, $<); # Get root privileges @@ -157,7 +172,8 @@ if ($found==true) { ($<, $>) = ($>, $<); # Get root privileges while ($quota_usr[$i][0]) { if ($vals[2]ne'+') { - @temp = Quota::query($quota_usr[$i][0],$user[2],$group); + $dev = Quota::getqcarg($quota_usr[$i][0]); + @temp = Quota::query($dev,$user[2],$group); $return = "$quota_usr[$i][1],$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7]:$return"; } else { $return = "$quota_usr[$i][1],0,0,0,0,0,0,0,0:$return"; } diff --git a/lam/templates/account.php b/lam/templates/account.php index e3d9fc28..362c496b 100644 --- a/lam/templates/account.php +++ b/lam/templates/account.php @@ -40,7 +40,7 @@ if ( $_GET['type'] ) { // Type is true if account.php was called from Users/Grou $_SESSION['account_temp'] = ""; // Delete $_SESSION['account_temp'] because values are now invalid $_SESSION['modify'] = 0; // Set modify back to false $_SESSION['shelllist'] = getshells(); // Write List of all valid shells in variable - if ((($_GET['type']=='user')||($_GET['type']=='group')) && ($_SESSION['config']->scriptServer)) getquotas(); + if ((($_GET['type']=='user')||($_GET['type']=='group')) && ($_SESSION['config']->scriptServer) && (!$_GET['DN'])) getquotas(); } if ( $_GET['DN'] ) { // $DN is true if an entry should be modified and account.php was called from Users/Group/Host-List @@ -48,7 +48,11 @@ if ( $_GET['DN'] ) { // $DN is true if an entry should be modified and account.p $DN = str_replace("\'", '',$_GET['DN']); switch ($_SESSION['type2']) { case 'user': loaduser($DN); break; - case 'group': loadgroup($DN); break; + case 'group': + loadgroup($DN); + if (!session_is_registered('final_changegids')) session_register('final_changegids'); + else $_SESSION['final_changegids'] = ''; + break; case 'host': loadhost($DN); break; } } @@ -203,6 +207,7 @@ switch ($_POST['select']) { if ($_POST['next'] && ($error=="0")) $select_local = 'final'; break; case 'final': + if ($_POST['f_final_changegids']) $_SESSION['final_changegids'] = $_POST['f_final_changegids'] ; if ($_POST['back'] && ($error=="0")) switch ($_SESSION['type2']) { case 'user': $select_local = 'personal'; break; @@ -215,7 +220,6 @@ switch ($_POST['select']) { if ( $_POST['create'] ) { // Create-Button was pressed - $_SESSION['account']->final_changegids = $_POST['f_final_changegids']; switch ($_SESSION['type2']) { case 'user': $result = createuser(); // account.inc @@ -750,7 +754,8 @@ switch ($select_local) { // Final Settings echo ' '; - echo _('Create'); + if ($_SESSION['modify']==1) echo _('Modify'); + else echo _('Create'); echo ''; switch ( $_SESSION['type2'] ) { case 'user' : @@ -770,12 +775,12 @@ switch ($select_local) { case 'group' : if (($_SESSION['modify']==1) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) { echo ''; - StausMessage ('INFO', _('GID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), + StatusMessage ('INFO', _('GID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), 'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chgrp ' . $_SESSION['account']->general_uidNumber . ' {} \;'); echo ''; echo ''; echo 'final_changegids) echo ' checked '; + if ($_SESSION['final_changegids']) echo ' checked '; echo ' >'; echo _('Change GID-Number of all users in group to new value'); echo ''; @@ -800,7 +805,10 @@ switch ($select_local) { echo '">'; } echo ' - + '; break; case 'finish': @@ -814,12 +822,14 @@ switch ($select_local) { echo ''; echo _('User '); echo $_SESSION['account']->general_username; - echo _('has been created'); + if ($_SESSION['modify']==1) echo _('has been modified'); + else echo _('has been created'); echo ''; foreach (file('../config/print.html') as $line) eval("?".">".$line."<"."?"); - echo ' - - + echo ''; + if ($_SESSION['modify']!=1) + { echo ''; } + echo ' '; echo _('Print'); echo ' @@ -830,10 +840,12 @@ switch ($select_local) { echo ''; echo _('Group '); echo $_SESSION['account']->general_username; - echo _('has been created'); - echo ' - - + if ($_SESSION['modify']==1) echo _('has been modified'); + else echo _('has been created'); + echo ''; + if ($_SESSION['modify']!=1) + { echo' '; } + echo ' '; break; @@ -841,10 +853,12 @@ switch ($select_local) { echo ''; echo _('Host '); echo $_SESSION['account']->general_username; - echo _('has been created'); - echo ' - - + if ($_SESSION['modify']==1) echo _('has been modified'); + else echo _('has been created'); + echo ''; + if ($_SESSION['modify']!=1) + { echo ''; } + echo ' '; break; diff --git a/lam/templates/delete.php b/lam/templates/delete.php index c77d2453..e50bb19d 100644 --- a/lam/templates/delete.php +++ b/lam/templates/delete.php @@ -69,25 +69,44 @@ if ($_POST['delete_yes']) { foreach ($DN2 as $dn) { switch ($_POST['type5']) { case 'user': + $temp=explode(',', $dn); + $username = str_replace('cn=', '', $temp[0]); + if ($_SESSION['config']->scriptServer) { + remhomedir($username); + remquotas($username, $_POST['type5']); + } + $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('memberUid')); + $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); + while ($entry) { + $attr2 = ldap_get_attributes($_SESSION['ldap']->server(), $entry); + if ($attr2['memberUid']) { + array_shift($attr2['memberUid']); + foreach ($attr2['memberUid'] as $nam) { + if ($nam==$username) { + $todelete['memberUid'] = $nam; + $success = ldap_mod_del($_SESSION['ldap']->server(), ldap_get_dn($_SESSION['ldap']->server(), $entry) ,$todelete); + } + } + } + $entry = ldap_next_entry($_SESSION['ldap']->server(), $entry); + } $success = ldap_delete($_SESSION['ldap']->server(), $dn); if (!$success) $error = _('Could not delete user: ').$dn; - else { - $temp=explode(',', $dn); - $username = str_replace('cn=', '', $temp[0]); - if ($_SESSION['config']->scriptServer) remhomedir($username); - } break; case 'host': $success = ldap_delete($_SESSION['ldap']->server(), $dn); if (!$success) $error = _('Could not delete host: ').$dn; break; case 'group': + $temp=explode(',', $dn); + $username = str_replace('cn=', '', $temp[0]); $result = ldap_search($_SESSION['ldap']->server(), $dn, 'objectClass=*'); if (!$result) $error = _('Could not delete group: ').$dn; $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); if ($attr['memberUid']) $error = _('Could not delete group. Still users in group: ').$dn; else { + if ($_SESSION['config']->scriptServer) remquotas($username, $_POST['type5']); $success = ldap_delete($_SESSION['ldap']->server(), $dn); if (!$success) $error = _('Could not delete user: ').$dn; }