Removed a lot of errors and made

homedirs and quotas hopefully working
This commit is contained in:
katagia 2003-05-15 20:59:26 +00:00
parent 49a05114f0
commit 62d5586ddb
4 changed files with 114 additions and 50 deletions

View File

@ -389,14 +389,22 @@ function setquotas($user) { // Whis function will set the quotas from the specif
while ($_SESSION['account']->quota[$i][0]) {
if ($_SESSION['account']->quota[$i] != $_SESSION['account_old']->quota[$i]) {
$towrite = $towrite. $_SESSION['account']->quota[$i][0] .','.$_SESSION['account']->quota[$i][2] .','.$_SESSION['account']->quota[$i][3]
.','.$_SESSION['account']->quota[$i][6] .','. $_SESSION['account']->quota[$i][7] .':'.
.','.$_SESSION['account']->quota[$i][6] .','. $_SESSION['account']->quota[$i][7] .':';
}
$i++;
}
}
echo("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite");
if ($i!=0) exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals);
}
function remquotas($user, $kind) { // Whis function will remove the quotas from the specified user.
$ldap_q = $_SESSION['ldap']->decrypt();
//$towrite = $ldap_q[0].' '.$ldap_q[1].' '.$user.' quota set ';
$towrite = 'cn=Manager,dc=my-domain,dc=com secret '.$user.' quota rem ';
if ($_SESSION['type2']=='user') $towrite = $towrite.'u ';
else $towrite = $towrite.'g ';
exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals);
}
function addhomedir($user) { // Create Homedirectory
$ldap_q = $_SESSION['ldap']->decrypt();
@ -590,7 +598,6 @@ function loaduser($dn) { // Will load all needed values from an existing account
$_SESSION['account_old'] = $_SESSION['account'];
if ($attr['userPassword'][0]) $_SESSION['account_old']->unix_password = $attr['userPassword'][0];
if ($attr['ntPassword'][0]) $_SESSION['account_old']->smb_password = $attr['ntPassword'][0];
if ($_SESSION['config']->scriptServer) getquotas($attr['uid'][0]);
}
function loadhost($dn) { // Will load all needed values from an existing account
@ -649,7 +656,10 @@ function loadgroup($dn) { // Will load all needed values from an existing group
$result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixGroup");
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
if ($attr['gidNumber'][0]) $_SESSION['account']->general_uidNumber = $attr['gidNumber'][0];
if ($attr['gidNumber'][0]) {
$_SESSION['account']->general_uidNumber = $attr['gidNumber'][0];
if ($_SESSION['config']->scriptServer) getquotas($attr['uid'][0]);
}
if ($attr['description'][0]) $_SESSION['account']->general_gecos = $attr['description'][0];
if ($attr['cn'][0]) {
$_SESSION['account']->general_username = $attr['cn'][0];
@ -659,7 +669,6 @@ function loadgroup($dn) { // Will load all needed values from an existing group
if (is_array($_SESSION['account']->general_memberUid)) array_shift($_SESSION['account']->general_memberUid);
$_SESSION['account']->general_dn = $dn;
$_SESSION['account_old'] = $_SESSION['account'];
if ($_SESSION['config']->scriptServer) getquotas($attr['uid'][0]);
}
@ -670,7 +679,7 @@ function createuser() { // Will create the LDAP-Account
// 4 == Error while creating Account
// 5 == Error while modifying Account
// Value stored in shadowExpire, days since 1.1.1970
$date = mktime(0,0,0, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ;
$date = mktime(10,0,0, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ;
settype($date, 'integer');
$_SESSION['account']->general_dn = 'cn=' . $_SESSION['account']->general_username . ',' . $_SESSION['config']->get_UserSuffix();
@ -763,9 +772,12 @@ function createuser() { // Will create the LDAP-Account
}
if (!$success) return 5;
// Write Groupmemberchips
if ($_SESSION['account']->general_groupadd) {
$allgroups = $_SESSION['account']->general_groupadd;
if (!in_array($_SESSION['account']->general_group, $allgroups)) $allgroups[] = $_SESSION['account']->general_group;
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('uidNumber'));
}
else $allgroups[0] = $_SESSION['account']->general_group;
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('memberUid'));
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
while ($entry) {
$modifygroup=0;
@ -773,8 +785,8 @@ function createuser() { // Will create the LDAP-Account
if ($attr2['memberUid']) {
array_shift($attr2['memberUid']);
foreach ($attr2['memberUid'] as $nam) {
if ( ($attr2['memberUid'][$nam]==$_SESSION['account']->general_username) && !in_array($attr2['memberUid'][$nam], $allgroups)) {
$todelete['memberUid'] = $attr2['memberUid'][$nam];
if ( ($nam==$_SESSION['account']->general_username) && !in_array($nam, $allgroups)) {
$todelete['memberUid'] = $nam;
$success = ldap_mod_del($_SESSION['ldap']->server(), ldap_get_dn($_SESSION['ldap']->server(), $entry) ,$todelete);
}
}
@ -799,7 +811,6 @@ function createuser() { // Will create the LDAP-Account
else {
// Write a new entry if user doesn't exists
$success = ldap_add($_SESSION['ldap']->server(),$_SESSION['account']->general_dn, $attr);
if (!$success) return 4;
if ($_SESSION['config']->scriptServer) {
setquotas($_SESSION['account']->general_username);
addhomedir($_SESSION['account']->general_username);
@ -809,7 +820,7 @@ function createuser() { // Will create the LDAP-Account
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$group = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
if ($group['memberUid']) array_shift($group['memberUid']);
if (! in_array($_SESSION['account']->general_username, $group['memberUid'])) {
if (! in_array($_SESSION['account']->general_username, $group)) {
$toadd['memberUid'] = $_SESSION['account']->general_username;
$success = ldap_mod_add($_SESSION['ldap']->server(), 'cn='.$_SESSION['account']->general_group.','.$_SESSION['config']->get_GroupSuffix(), $toadd);
}
@ -839,7 +850,7 @@ function createhost() { // Will create the LDAP-Host
// 5 == Error while modifying Host
// Value stored in shadowExpire, days since 1.1.1970
$date = mktime(0,0,0, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ;
$date = mktime(10,0,0, $_SESSION['account']->unix_pwdexpire_mon, $_SESSION['account']->unix_pwdexpire_day, $_SESSION['account']->unix_pwdexpire_yea) / 86400 ;
settype($date, 'integer');
$_SESSION['account']->general_dn = 'cn=' . $_SESSION['account']->general_username . ',' . $_SESSION['config']->get_HostSuffix();
@ -913,8 +924,11 @@ function createhost() { // Will create the LDAP-Host
if ($success) ldap_delete($_SESSION['ldap']->server(),$_SESSION['account_old']->general_dn);
}
if (!$success) return 5;
if ($_SESSION['account']->general_groupadd) {
$allgroups = $_SESSION['account']->general_groupadd;
if (!in_array($_SESSION['account']->general_group, $allgroups)) $allgroups[] = $_SESSION['account']->general_group;
}
else $allgroups[0] = $_SESSION['account']->general_group;
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('memberUid'));
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
while ($entry) {
@ -923,8 +937,8 @@ function createhost() { // Will create the LDAP-Host
if ($attr2['memberUid']) {
array_shift($attr2['memberUid']);
foreach ($attr2['memberUid'] as $nam) {
if ( ($attr2['memberUid'][$nam]==$_SESSION['account']->general_username) && !in_array($attr2['memberUid'][$nam], $allgroups)) {
$todelete['memberUid'] = $attr2['memberUid'][$nam];
if ( ($nam==$_SESSION['account']->general_username) && !in_array($nam, $allgroups)) {
$todelete['memberUid'] = $nam;
$success = ldap_mod_del($_SESSION['ldap']->server(), ldap_get_dn($_SESSION['ldap']->server(), $entry) ,$todelete);
}
}
@ -1002,8 +1016,9 @@ function creategroup() { // Will create the LDAP-Group
$success = ldap_add($_SESSION['ldap']->server(),$_SESSION['account']->general_dn, $attr);
if ($success) ldap_delete($_SESSION['ldap']->server(),$_SESSION['account_old']->general_dn);
}
// Fragen, ob bei geänderter gid die gids der Beutzer in der Gruppe geändert werden sollen. *********************************
if ( $_SESSION['account']->final_changegids==true ) {
echo "draussen";
if ( $_SESSION['final_changegids']==true ) {
echo "drin";
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), 'gidNumber=' . $_SESSION['account_old']->general_uidNumber, array('gidNumber'));
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
while ($entry) {

View File

@ -42,8 +42,8 @@ use Quota; # Needed to get and set quotas
use Net::LDAP; # Needed to connect to ldap-server
#use strict; # Use strict for security reasons
@quota_grp;
@quota_usr; # Filesystems with enabled userquotas
@quota_grp; # Filesystems with enabled userquotas
@vals = @ARGV;
# vals = DN, PAssword, user, home, (add|rem),
# quota, (set|get),(u|g), (mountpoint,blocksoft,blockhard,filesoft,filehard)+
@ -107,9 +107,9 @@ if ($found==true) {
my $path = $user[7];
$path =~ s,/(?:[^/]*)$,,;
($<, $>) = ($>, $<); # Get root privileges
system 'mkdir', '-m 755 -p', $patch; # Create paths to homedir
system 'mkdir', '-m 755', '-p', $path; # Create paths to homedir
system 'mkdir', '-m 700', $user[7]; # Create himdir itself
system 'cp', '-a', '/etc/skel/*', $user[7]; # Copy /etc/sekl into homedir
system "cp -a /etc/skel/* /etc/skel/.[^.]* $user[7]"; # Copy /etc/sekl into homedir
system 'chown', '-R', "$user[2]:$user[3]" , $user[7]; # Change owner to new user
system '/usr/sbin/useradd.local', $user[0]; # run useradd-script
($<, $>) = ($>, $<); # Give up root previleges
@ -139,8 +139,23 @@ if ($found==true) {
}
$i++;
}
if ($vals[5] eq 'u') { $group=false; } else { $group=true; }
if ($vals[5] eq 'u') { $group=false; } else {
$group=true;
@quota_usr = @quota_grp;
}
switch2: {
$vals[4] eq 'rem' && do {
$i=0;
($<, $>) = ($>, $<); # Get root privileges
while ($quota_usr[$i][0]) {
$dev = Quota::getqcarg($quota_usr[$i][0]);
print "$user[2]\n";
$return = Quota::setqlim($dev,$user[2],0,0,0,0,1,$group);
$i++;
}
($<, $>) = ($>, $<); # Give up root previleges
last switch2;
};
$vals[4] eq 'set' && do {
$i=0;
($<, $>) = ($>, $<); # Get root privileges
@ -157,7 +172,8 @@ if ($found==true) {
($<, $>) = ($>, $<); # Get root privileges
while ($quota_usr[$i][0]) {
if ($vals[2]ne'+') {
@temp = Quota::query($quota_usr[$i][0],$user[2],$group);
$dev = Quota::getqcarg($quota_usr[$i][0]);
@temp = Quota::query($dev,$user[2],$group);
$return = "$quota_usr[$i][1],$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7]:$return";
}
else { $return = "$quota_usr[$i][1],0,0,0,0,0,0,0,0:$return"; }

View File

@ -40,7 +40,7 @@ if ( $_GET['type'] ) { // Type is true if account.php was called from Users/Grou
$_SESSION['account_temp'] = ""; // Delete $_SESSION['account_temp'] because values are now invalid
$_SESSION['modify'] = 0; // Set modify back to false
$_SESSION['shelllist'] = getshells(); // Write List of all valid shells in variable
if ((($_GET['type']=='user')||($_GET['type']=='group')) && ($_SESSION['config']->scriptServer)) getquotas();
if ((($_GET['type']=='user')||($_GET['type']=='group')) && ($_SESSION['config']->scriptServer) && (!$_GET['DN'])) getquotas();
}
if ( $_GET['DN'] ) { // $DN is true if an entry should be modified and account.php was called from Users/Group/Host-List
@ -48,7 +48,11 @@ if ( $_GET['DN'] ) { // $DN is true if an entry should be modified and account.p
$DN = str_replace("\'", '',$_GET['DN']);
switch ($_SESSION['type2']) {
case 'user': loaduser($DN); break;
case 'group': loadgroup($DN); break;
case 'group':
loadgroup($DN);
if (!session_is_registered('final_changegids')) session_register('final_changegids');
else $_SESSION['final_changegids'] = '';
break;
case 'host': loadhost($DN); break;
}
}
@ -203,6 +207,7 @@ switch ($_POST['select']) {
if ($_POST['next'] && ($error=="0")) $select_local = 'final';
break;
case 'final':
if ($_POST['f_final_changegids']) $_SESSION['final_changegids'] = $_POST['f_final_changegids'] ;
if ($_POST['back'] && ($error=="0"))
switch ($_SESSION['type2']) {
case 'user': $select_local = 'personal'; break;
@ -215,7 +220,6 @@ switch ($_POST['select']) {
if ( $_POST['create'] ) { // Create-Button was pressed
$_SESSION['account']->final_changegids = $_POST['f_final_changegids'];
switch ($_SESSION['type2']) {
case 'user':
$result = createuser(); // account.inc
@ -750,7 +754,8 @@ switch ($select_local) {
// Final Settings
echo '<input name="select" type="hidden" value="final">
<tr><td>';
echo _('Create');
if ($_SESSION['modify']==1) echo _('Modify');
else echo _('Create');
echo '</td></tr>';
switch ( $_SESSION['type2'] ) {
case 'user' :
@ -770,12 +775,12 @@ switch ($select_local) {
case 'group' :
if (($_SESSION['modify']==1) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) {
echo '<tr>';
StausMessage ('INFO', _('GID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
StatusMessage ('INFO', _('GID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chgrp ' . $_SESSION['account']->general_uidNumber . ' {} \;');
echo '</tr>';
echo '<tr><td>';
echo '<input name="f_final_changegids" type="checkbox"';
if ($_SESSION['account']->final_changegids) echo ' checked ';
if ($_SESSION['final_changegids']) echo ' checked ';
echo ' >';
echo _('Change GID-Number of all users in group to new value');
echo '</td></tr>';
@ -800,7 +805,10 @@ switch ($select_local) {
echo '">';
}
echo '</td><td>
<input name="create" type="submit" value="'; echo _('Create Account'); echo '">
<input name="create" type="submit" value="';
if ($_SESSION['modify']==1) echo _('Modify Account');
else echo _('Create Account');
echo '">
</td></tr>';
break;
case 'finish':
@ -814,12 +822,14 @@ switch ($select_local) {
echo '<tr><td>';
echo _('User ');
echo $_SESSION['account']->general_username;
echo _('has been created');
if ($_SESSION['modify']==1) echo _('has been modified');
else echo _('has been created');
echo '</td></tr>';
foreach (file('../config/print.html') as $line) eval("?".">".$line."<"."?");
echo '<tr><td>
<input name="createagain" type="submit" value="'; echo _('Create another user'); echo '">
</td><td>
echo '<tr><td>';
if ($_SESSION['modify']!=1)
{ echo '<input name="createagain" type="submit" value="'; echo _('Create another user'); echo '">'; }
echo '</td><td>
<a href ="javascript:self.print();">';
echo _('Print');
echo '</a></td><td>
@ -830,10 +840,12 @@ switch ($select_local) {
echo '<tr><td>';
echo _('Group ');
echo $_SESSION['account']->general_username;
echo _('has been created');
echo '</td></tr><tr><td>
<input name="createagain" type="submit" value="'; echo _('Create another group'); echo '">
</td><td></td><td>
if ($_SESSION['modify']==1) echo _('has been modified');
else echo _('has been created');
echo '</td></tr><tr><td>';
if ($_SESSION['modify']!=1)
{ echo' <input name="createagain" type="submit" value="'; echo _('Create another group'); echo '">'; }
echo '</td><td></td><td>
<input name="backmain" type="submit" value="'; echo _('Back to grouplist'); echo '">
</td></tr>';
break;
@ -841,10 +853,12 @@ switch ($select_local) {
echo '<tr><td>';
echo _('Host ');
echo $_SESSION['account']->general_username;
echo _('has been created');
echo '</td></tr><tr><td>
<input name="createagain" type="submit" value="'; echo _('Create another host'); echo '">
</td><td></td><td>
if ($_SESSION['modify']==1) echo _('has been modified');
else echo _('has been created');
echo '</td></tr><tr><td>';
if ($_SESSION['modify']!=1)
{ echo '<input name="createagain" type="submit" value="'; echo _('Create another host'); echo '">'; }
echo '</td><td></td><td>
<input name="backmain" type="submit" value="'; echo _('Back to hostlist'); echo '">
</td></tr>';
break;

View File

@ -69,25 +69,44 @@ if ($_POST['delete_yes']) {
foreach ($DN2 as $dn) {
switch ($_POST['type5']) {
case 'user':
$success = ldap_delete($_SESSION['ldap']->server(), $dn);
if (!$success) $error = _('Could not delete user: ').$dn;
else {
$temp=explode(',', $dn);
$username = str_replace('cn=', '', $temp[0]);
if ($_SESSION['config']->scriptServer) remhomedir($username);
if ($_SESSION['config']->scriptServer) {
remhomedir($username);
remquotas($username, $_POST['type5']);
}
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_GroupSuffix(), 'objectClass=PosixGroup', array('memberUid'));
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
while ($entry) {
$attr2 = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
if ($attr2['memberUid']) {
array_shift($attr2['memberUid']);
foreach ($attr2['memberUid'] as $nam) {
if ($nam==$username) {
$todelete['memberUid'] = $nam;
$success = ldap_mod_del($_SESSION['ldap']->server(), ldap_get_dn($_SESSION['ldap']->server(), $entry) ,$todelete);
}
}
}
$entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
}
$success = ldap_delete($_SESSION['ldap']->server(), $dn);
if (!$success) $error = _('Could not delete user: ').$dn;
break;
case 'host':
$success = ldap_delete($_SESSION['ldap']->server(), $dn);
if (!$success) $error = _('Could not delete host: ').$dn;
break;
case 'group':
$temp=explode(',', $dn);
$username = str_replace('cn=', '', $temp[0]);
$result = ldap_search($_SESSION['ldap']->server(), $dn, 'objectClass=*');
if (!$result) $error = _('Could not delete group: ').$dn;
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
if ($attr['memberUid']) $error = _('Could not delete group. Still users in group: ').$dn;
else {
if ($_SESSION['config']->scriptServer) remquotas($username, $_POST['type5']);
$success = ldap_delete($_SESSION['ldap']->server(), $dn);
if (!$success) $error = _('Could not delete user: ').$dn;
}