From e116aa089337826e5a224180b8694e96589c3e9f Mon Sep 17 00:00:00 2001 From: katagia Date: Thu, 6 Nov 2003 10:58:21 +0000 Subject: [PATCH] changed way of lamdaemon.pl how to transfer variables Now ot's possible to set up quotas for more than one user in one call Not completly tested yet. masscreate.php should use this new behavior which should make creation of many users much faster. --- lam/lib/account.inc | 259 ++++++++++++++++++++-------- lam/lib/lamdaemon.pl | 245 +++++++++++++------------- lam/templates/account/groupedit.php | 52 +++--- lam/templates/account/hostedit.php | 2 +- lam/templates/account/useredit.php | 51 +++--- lam/templates/delete.php | 6 +- lam/templates/masscreate.php | 45 +++-- 7 files changed, 393 insertions(+), 267 deletions(-) diff --git a/lam/lib/account.inc b/lam/lib/account.inc index bcf20f97..a236129f 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -193,10 +193,10 @@ function RndInt($Format){ /* Whis function will return the quotas from the specified user If empty only filesystems with enabled quotas are returned * $type = 'user' or 'group' -* $user = user or groupname. If no user or groupname is defined, +* $users = array of users or groupnames. If no user or groupname is defined, * an array with all quota-enabled partitions will be returned in this case all returned values are 0 exept mointpoint[x][0] */ -function getquotas($type,$user='+') { +function getquotas($type,$users=array('+')) { // define new object $return = new account(); // get username and password of the current lam-admin @@ -205,13 +205,39 @@ function getquotas($type,$user='+') { * admin-username, admin-password, account with quotas, 'quota', operation='get', type=user|group * use escapeshellarg to make exec() shell-safe */ - $towrite = escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]).' '.escapeshellarg($user).' quota get '; - if ($type=='user') $towrite = $towrite.'u'; - else $towrite = $towrite.'g'; + $towrite = escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ". + escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]); /* scriptServer is the IP to remote-host to which lam should connect via ssh * scriptPath is Path to lamdaemon.pl on remote system */ - exec("perl ".escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".$towrite, $vals, $status); + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin + 1 => array("pipe", "w"), // stout + 2 => array("file", "/dev/null", "a") // sterr + ); + $process = proc_open(escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite, + $descriptorspec, + $pipes); + if (is_resource($process)) { + /* perl-script is running + * $pipes[0] is writeable handle to child stdin + * $pipes[1] is readable handle to child stdout + * any error is send to /dev/null + */ + foreach ($users as $user) { + // put string to trasmit together + $userstring = "$user quota get $type\n"; + // Write one output-line for every user + fwrite($pipes[0], $userstring); + } + fclose($pipes[0]); + while (!feof($pipes[1])) { + $output = fgets($pipes[1], 1024); + if ($output!='') $vals5[] = $output; + } + fclose($pipes[1]); + $return_value = proc_close($process); + } /* $vals is a string which contains a two dimensional array. * We have to recreate it with explode * @@ -220,101 +246,158 @@ function getquotas($type,$user='+') { * mountpoint, used blocks, soft block limit, hard block limit, grace block period, used inodes, * soft inode limit, hard inode limit, grace inode period */ - $vals = explode(':', $vals[0]); - for ($i=0; $iquota[$i][$j] = $vals2[$j]; + foreach ($vals5 as $vals3) { + $vals = explode(':', $vals3); + for ($i=0; $iquota[$i][$j] = $vals2[$j]; + } + if ($return->quota[$i][4]<$time) $return->quota[$i][4] = ''; + else $return->quota[$i][4] = strval(($return->quota[$i][4]-$time)/3600) .' '. _('hours'); + if ($return->quota[$i][8]<$time) $return->quota[$i][8] = ''; + else $return->quota[$i][8] = strval(($return->quota[$i][8]-$time)/3600) .' '. _('hours'); } - if ($return->quota[$i][4]<$time) $return->quota[$i][4] = ''; - else $return->quota[$i][4] = strval(($return->quota[$i][4]-$time)/3600) .' '. _('hours'); - if ($return->quota[$i][8]<$time) $return->quota[$i][8] = ''; - else $return->quota[$i][8] = strval(($return->quota[$i][8]-$time)/3600) .' '. _('hours'); + $return2[] = $return; } - return $return; + return $return2; } /* Whis function will set the quotas from the specified user. -* $values = object account with quotas which should be set -* $values_old = object account if set values and values_old will be compared. Quota will only be changed +* $values2 = array of object account with quotas which should be set +* $values2_old = array of object account if set values and values_old will be compared. Quota will only be changed * if values differ */ -function setquotas($values,$values_old=false) { +function setquotas($values2,$values2_old=false) { // get username and password of the current lam-admin $ldap_q = $_SESSION['ldap']->decrypt(); /* $towrite has the following syntax: * admin-username, admin-password, account with quotas, 'quota', operation='set', type=user|group * use escapeshellarg to make exec() shell-safe */ - $towrite = escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]).' '.escapeshellarg($values->general_username).' quota set '; - if ($values->type=='user') $towrite = $towrite.'u '; - else $towrite = $towrite.'g '; - $i=0; - /* Check wich quotas have changed - * Because we can not send an array to lamdaemon.pl we have to put all - * values in a string. ':' sepraeates the first array, ',' the second - * - * $values->quota[][] First array is an index for every chare with active quotas - * second array Contains values for every share: - * mountpoint, used blocks, soft block limit, hard block limit, grace block period, used inodes, - * soft inode limit, hard inode limit, grace inode period - */ - while ($values->quota[$i][0]) { - if ($values->quota[$i] != $values_old->quota[$i]) { - $quotastring = $quotastring. $values->quota[$i][0] .','.$values->quota[$i][2] .','.$values->quota[$i][3] - .','.$values->quota[$i][6] .','. $values->quota[$i][7] .':'; + $towrite = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ". + escapeshellarg($_SESSION['config']->scriptPath)." ".escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]); + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin + 1 => array("pipe", "w"), // stout + 2 => array("file", "/dev/null", "a") // sterr + ); + $process = proc_open(escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite, + $descriptorspec, + $pipes); + if (is_resource($process)) { + /* perl-script is running + * $pipes[0] is writeable handle to child stdin + * $pipes[1] is readable handle to child stdout + * any error is send to /dev/null + */ + foreach ($values2 as $values) { + $i=0; + /* Check wich quotas have changed + * Because we can not send an array to lamdaemon.pl we have to put all + * values in a string. ':' sepraeates the first array, ',' the second + * + * $values->quota[][] First array is an index for every chare with active quotas + * second array Contains values for every share: + * mountpoint, used blocks, soft block limit, hard block limit, grace block period, used inodes, + * soft inode limit, hard inode limit, grace inode period + */ + while ($values->quota[$i][0]) { + if ($values->quota[$i] != $values_old->quota[$i]) { + $quotastring = $quotastring. $values->quota[$i][0] .','.$values->quota[$i][2] .','.$values->quota[$i][3] + .','.$values->quota[$i][6] .','. $values->quota[$i][7] .':'; + } + $i++; + } + $userstring = $values->general_username." quota set ".$values->type." ".$quotastring."\n"; + // Write to stdin + fwrite($pipes[0], $userstring); } - $i++; } - $towrite = $towrite . escapeshellarg($quotastring); - /* scriptServer is the IP to remote-host to which lam should connect via ssh - * scriptPath is Path to lamdaemon.pl on remote system - * only run lamdaemon.pl if quotas are really set, $i!=0 - */ - if ($i!=0) exec(("perl ".escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".$towrite), $vals); + fclose($pipes[0]); + fclose($pipes[1]); + $return_value = proc_close($process); } /* Whis function will remove the quotas from the specified user. -* $user = username of which quta should be deleted +* $user = array of usernames of which quta should be deleted * $type = user or group * Delteing quotas means settings all values to 0 which means no quotas */ -function remquotas($user, $type) { +function remquotas($users, $type) { // get username and password of the current lam-admin $ldap_q = $_SESSION['ldap']->decrypt(); /* $towrite has the following syntax: * admin-username, admin-password, account with quotas, 'quota', operation='rem', type=user|group * use escapeshellarg to make exec() shell-safe */ - $towrite = escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]).' '.escapeshellarg($user).' quota rem '; - if ($type=='user') $towrite = $towrite.'u '; - else $towrite = $towrite.'g '; - /* scriptServer is the IP to remote-host to which lam should connect via ssh - * scriptPath is Path to lamdaemon.pl on remote system - */ - exec(("perl ".escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".$towrite), $vals); + $towrite = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ". + escapeshellarg($_SESSION['config']->scriptPath)." ".escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]); + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin + 1 => array("pipe", "w"), // stout + 2 => array("file", "/dev/null", "a") // sterr + ); + $process = proc_open(escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite, + $descriptorspec, + $pipes); + if (is_resource($process)) { + /* perl-script is running + * $pipes[0] is writeable handle to child stdin + * $pipes[1] is readable handle to child stdout + * any error is send to /dev/null + */ + foreach ($users as $user) { + $userstring = "$user quota rem $type\n"; + // Write to stdin + fwrite($pipes[0], $userstring); + } + } + fclose($pipes[0]); + fclose($pipes[1]); + $return_value = proc_close($process); } /* Create Homedirectory * lamdaemon.pl uses getpwnam on remote system to get homedir path. * Therefore ldap have to be used on remote system for user accounts -* $user = username +* $users = array of usernames */ -function addhomedir($user) { +function addhomedir($users) { // get username and password of the current lam-admin $ldap_q = $_SESSION['ldap']->decrypt(); /* $towrite has the following syntax: * admin-username, admin-password, owner of homedir, 'home', operation='add' * use escapeshellarg to make exec() shell-safe */ - $towrite = escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]).' '.escapeshellarg($user).' home add'; - /* scriptServer is the IP to remote-host to which lam should connect via ssh - * scriptPath is Path to lamdaemon.pl on remote system - */ - exec(("perl ".escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".$towrite), $vals); + $towrite = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ". + escapeshellarg($_SESSION['config']->scriptPath)." ".escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]); + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin + 1 => array("pipe", "w"), // stout + 2 => array("file", "/dev/null", "a") // sterr + ); + $process = proc_open(escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite, + $descriptorspec, + $pipes); + if (is_resource($process)) { + /* perl-script is running + * $pipes[0] is writeable handle to child stdin + * $pipes[1] is readable handle to child stdout + * any error is send to /dev/null + */ + foreach ($users as $user) { + $userstring = "$user home add\n"; + // Write to stdin + fwrite($pipes[0], $userstring); + } + } + fclose($pipes[0]); + fclose($pipes[1]); + $return_value = proc_close($process); } @@ -323,20 +406,40 @@ function addhomedir($user) { * Therefore ldap have to be used on remote system for user accounts * This also means you have to remove the homedirectory before the * account is removed from ldap -* $user = username +* $users = array of usernames */ function remhomedir($user) { // get username and password of the current lam-admin $ldap_q = $_SESSION['ldap']->decrypt(); /* $towrite has the following syntax: - * admin-username, admin-password, owner of homedir, 'home', operation='rem' + * admin-username, admin-password, owner of homedir, 'home', operation='add' * use escapeshellarg to make exec() shell-safe */ - $towrite = escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]).' '.escapeshellarg($user).' home rem'; - /* scriptServer is the IP to remote-host to which lam should connect via ssh - * scriptPath is Path to lamdaemon.pl on remote system - */ - exec(("perl ".escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".$towrite), $vals); + $towrite = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".escapeshellarg($_SESSION['config']->scriptServer)." ". + escapeshellarg($_SESSION['config']->scriptPath)." ".escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]); + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin + 1 => array("pipe", "w"), // stout + 2 => array("file", "/dev/null", "a") // sterr + ); + $process = proc_open(escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite, + $descriptorspec, + $pipes); + if (is_resource($process)) { + /* perl-script is running + * $pipes[0] is writeable handle to child stdin + * $pipes[1] is readable handle to child stdout + * any error is send to /dev/null + */ + foreach ($users as $user) { + $userstring = "$user home rem\n"; + // Write to stdin + fwrite($pipes[0], $userstring); + } + } + fclose($pipes[0]); + fclose($pipes[1]); + $return_value = proc_close($process); } @@ -1017,12 +1120,13 @@ function loadgroup($dn) { /* This function will create a new user acconut in ldap * $values is an account-object with all attributes of the user +* if lamdaemon.pl is false no quotas are set. Usefull for massupload and deletion * return-value is an integer * 1 == Account has been created * 2 == Account already exists at different location * 4 == Error while creating Account */ -function createuser($values) { +function createuser($values, $uselamdaemon=true) { // These Objectclasses are needed for an user account $attr['objectClass'][0] = 'posixAccount'; $attr['objectClass'][1] = 'shadowAccount'; @@ -1160,12 +1264,12 @@ function createuser($values) { // Continue if now error did ocour if (!$success) return 4; - if ($_SESSION['config']->scriptServer) { + if ($_SESSION['config']->scriptServer && $uselamdaemon) { // lamdaemon.pl should be used // Set quotas if quotas are used - if (is_array($values->quota)) setquotas($values); + if (is_array($values->quota)) setquotas(array($values)); // Create Homedirectory - addhomedir($values->general_username); + addhomedir(array($values->general_username)); } // Add User to Additional Groups @@ -1193,13 +1297,14 @@ function createuser($values) { /* This function will modify a user acconut in ldap * $values and $values_old are an account-object with all * attributes of the user. +* if lamdaemon.pl is false no quotas are set. Usefull for massupload and deletion * Only attributes which have changed will be written * return-value is an integer * 2 == Account already exists at different location * 3 == Account has been modified * 5 == Error while modifying Account */ -function modifyuser($values,$values_old) { // Will modify the LDAP-Account +function modifyuser($values,$values_old,$uselamdaemon=true) { // Will modify the LDAP-Account // Add missing objectclasses to user if (!in_array('posixAccount', $values->general_objectClass)) { $attr['objectClass'] = $values->general_objectClass; @@ -1631,7 +1736,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account } // Change quotas if quotas are set and lamdaemon.pl should be used - if ($_SESSION['config']->scriptServer && is_array($values->quota) ) setquotas($values,$values_old); + if ($_SESSION['config']->scriptServer && is_array($values->quota) && $uselamdaemon) setquotas(array($values),array($values_old)); //make required changes in cache-array if ((isset($_SESSION['userDN']))) { if ($values->general_dn != $values_old->general_dn) { @@ -1958,12 +2063,13 @@ function modifyhost($values,$values_old) { /* This function will create a new group acconut in ldap * $values is an account-object with all attributes of the group +* if lamdaemon.pl is false no quotas are set. Usefull for massupload and deletion * return-value is an integer * 1 == Account has been created * 2 == Account already exists at different location * 4 == Error while creating Account */ -function creategroup($values) { +function creategroup($values, $uselamdaemon=true) { // These Objectclasses are needed for an user account $attr['objectClass'][0] = 'posixGroup'; // Create DN for new user account @@ -1992,7 +2098,7 @@ function creategroup($values) { // Continue if now error did ocour if (!$success) return 4; // lamdaemon.pl should be used. Set quotas if quotas are used - if ($_SESSION['config']->scriptServer && is_array($values->quota)) setquotas($values); + if ($_SESSION['config']->scriptServer && is_array($values->quota) && $uselamdaemon) setquotas(array($values)); // Add new group to cache-array if ((isset($_SESSION['groupDN']))) { $_SESSION['groupDN'][$values->general_dn]['cn'] = $values->general_username; @@ -2005,13 +2111,14 @@ function creategroup($values) { /* This function will modify a group acconut in ldap * $values and $values_old are an account-object with all * attributes of the group. +* if lamdaemon.pl is false no quotas are set. Usefull for massupload and deletion * Only attributes which have changed will be written * return-value is an integer * 2 == Account already exists at different location * 3 == Account has been modified * 5 == Error while modifying Account */ -function modifygroup($values,$values_old) { +function modifygroup($values,$values_old, $uselamdaemon=true) { // Add missing objectclasses to group if (!in_array('posixGroup', $values->general_objectClass)) { $attr['objectClass'] = $values->general_objectClass; @@ -2101,7 +2208,7 @@ function modifygroup($values,$values_old) { } // Change quotas if quotas are set and lamdaemon.pl should be used - if ($_SESSION['config']->scriptServer && is_array($values->quota)) setquotas($values,$values_old); + if ($_SESSION['config']->scriptServer && is_array($values->quota) && $uselamdaemon) setquotas(array($values),array($values_old)); //make required changes in cache-array if ((isset($_SESSION['groupDN']))) { if ($values->general_dn != $values_old->general_dn) { diff --git a/lam/lib/lamdaemon.pl b/lam/lib/lamdaemon.pl index c00ad363..d217f06f 100755 --- a/lam/lib/lamdaemon.pl +++ b/lam/lib/lamdaemon.pl @@ -21,14 +21,12 @@ # # # LDAP Account Manager daemon to create and delete homedirecotries and quotas -$debug=true; # Show debug messages #use strict; # Use strict for security reasons @quota_grp; @quota_usr; # Filesystems with enabled userquotas -@vals = @ARGV; # vals = DN, PAssword, user, home, (add|rem), # quota, (set|get),(u|g), (mountpoint,blocksoft,blockhard,filesoft,filehard)+ # chown options @@ -67,121 +65,128 @@ sub get_fs { # Load mountpoints from mtab if enabled quotas } # ***************** Check values -if ($( == 0 ) { - if ($ARGV[2] eq "*test") { print "sudo set up correctly.\n"; } - if ($ARGV[2] eq "*test") { - print "Perl quota module successfully installed.\n"; - use Quota; # Needed to get and set quotas - } +if ($( == 0 ) { # we are root # Drop root Previleges ($<, $>) = ($>, $<); - switch: { - # Get user information - if (($vals[5] eq 'u') || ($vals[3] eq 'home')) { @user = getpwnam($vals[2]); } - else { @user = getgrnam($vals[2]); } - $vals[3] eq 'home' && do { - switch2: { - $vals[4] eq 'add' && do { - # split homedir to set all directories below the last dir. to 755 - my $path = $user[7]; - $path =~ s,/(?:[^/]*)$,,; - ($<, $>) = ($>, $<); # Get root privileges - if (! -e $path) { - system 'mkdir', '-m 755', '-p', $path; # Create paths to homedir - } - if (! -e $user[7]) { - system 'mkdir', '-m 755', $user[7]; # Create himdir itself - system "cp -a /etc/skel/* /etc/skel/.[^.]* $user[7]"; # Copy /etc/sekl into homedir - system 'chown', '-R', "$user[2]:$user[3]" , $user[7]; # Change owner to new user - if (-e '/usr/sbin/useradd.local') { - system '/usr/sbin/useradd.local', $user[0]; # run useradd-script - } - } - ($<, $>) = ($>, $<); # Give up root previleges - last switch2; - }; - $vals[4] eq 'rem' && do { - ($<, $>) = ($>, $<); # Get root previliges - if (-d $user[7]) { - system 'rm', '-R', $user[7]; # Delete Homedirectory - if (-e '/usr/sbin/userdel.local') { - system '/usr/sbin/userdel.local', $user[0]; - } - } - ($<, $>) = ($>, $<); # Give up root previleges - last switch2; - }; - } - last switch; - }; - $vals[3] eq 'quota' && do { - use Quota; # Needed to get and set quotas - get_fs(); # Load list of devices with enabled quotas - # Store quota information in array - @quota_temp1 = split (':', $vals[6]); - $group=0; - $i=0; - while ($quota_temp1[$i]) { - $j=0; - @temp = split (',', $quota_temp1[$i]); - while ($temp[$j]) { - $quota[$i][$j] = $temp[$j]; - $j++; - } - $i++; - } - if ($vals[5] eq 'u') { $group=false; } else { - $group=1; - @quota_usr = @quota_grp; - } - switch2: { - $vals[4] eq 'rem' && do { - $i=0; - ($<, $>) = ($>, $<); # Get root privileges - while ($quota_usr[$i][0]) { - $dev = Quota::getqcarg($quota_usr[$i][1]); - $return = Quota::setqlim($dev,$user[2],0,0,0,0,1,$group); - $i++; - } - ($<, $>) = ($>, $<); # Give up root previleges - last switch2; - }; - $vals[4] eq 'set' && do { - $i=0; - ($<, $>) = ($>, $<); # Get root privileges - while ($quota_usr[$i][0]) { - $dev = Quota::getqcarg($quota[$i][0]); - $return = Quota::setqlim($dev,$user[2],$quota[$i][1],$quota[$i][2],$quota[$i][3],$quota[$i][4],1,$group); - $i++; - } - ($<, $>) = ($>, $<); # Give up root previleges - last switch2; - }; - $vals[4] eq 'get' && do { - $i=0; - ($<, $>) = ($>, $<); # Get root privileges - while ($quota_usr[$i][0]) { - if ($vals[2]ne'+') { - $dev = Quota::getqcarg($quota_usr[$i][1]); - @temp = Quota::query($dev,$user[2],$group); - if ($temp[0]ne'') { - $return = "$quota_usr[$i][1],$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7]:$return"; + if ($ARGV[0] eq "*test") { + use Quota; # Needed to get and set quotas + print "Perl quota module successfully installed.\n"; + print "IF you haven't seen any errors lamdaemon.pl was set up successfully.\n"; + } + else { + # loop for every transmitted user + while (defined($input = )) { + $return = ""; + @vals = split (' ', $input); + switch: { + # Get user information + if (($vals[3] eq 'user') || ($vals[1] eq 'home')) { @user = getpwnam($vals[0]); } + else { @user = getgrnam($vals[0]); } + $vals[1] eq 'home' && do { + switch2: { + $vals[2] eq 'add' && do { + # split homedir to set all directories below the last dir. to 755 + my $path = $user[7]; + $path =~ s,/(?:[^/]*)$,,; + ($<, $>) = ($>, $<); # Get root privileges + if (! -e $path) { + system 'mkdir', '-m 755', '-p', $path; # Create paths to homedir } - else { $return = "$quota_usr[$i][1],0,0,0,0,0,0,0,0:$return"; } - } - else { $return = "$quota_usr[$i][1],0,0,0,0,0,0,0,0:$return"; } - $i++; + if (! -e $user[7]) { + system 'mkdir', '-m 755', $user[7]; # Create himdir itself + system "cp -a /etc/skel/* /etc/skel/.[^.]* $user[7]"; # Copy /etc/sekl into homedir + system 'chown', '-R', "$user[2]:$user[3]" , $user[7]; # Change owner to new user + if (-e '/usr/sbin/useradd.local') { + system '/usr/sbin/useradd.local', $user[0]; # run useradd-script + } + } + ($<, $>) = ($>, $<); # Give up root previleges + last switch2; + }; + $vals[2] eq 'rem' && do { + ($<, $>) = ($>, $<); # Get root previliges + if (-d $user[7]) { + system 'rm', '-R', $user[7]; # Delete Homedirectory + if (-e '/usr/sbin/userdel.local') { + system '/usr/sbin/userdel.local', $user[0]; + } + } + ($<, $>) = ($>, $<); # Give up root previleges + last switch2; + }; } - ($<, $>) = ($>, $<); # Give up root previleges - last switch2; + last switch; }; - } - last switch; - }; - last switch; - }; - if ($ARGV[2] eq "*test") { print "If you have'nt seen any error lamdaemon.pl should set up successfully.\n"; } - else { print "$return\n"; } + $vals[1] eq 'quota' && do { + use Quota; # Needed to get and set quotas + get_fs(); # Load list of devices with enabled quotas + # Store quota information in array + @quota_temp1 = split (':', $vals[6]); + $group=0; + $i=0; + while ($quota_temp1[$i]) { + $j=0; + @temp = split (',', $quota_temp1[$i]); + while ($temp[$j]) { + $quota[$i][$j] = $temp[$j]; + $j++; + } + $i++; + } + if ($vals[3] eq 'user') { $group=false; } + else { + $group=1; + @quota_usr = @quota_grp; + } + switch2: { + $vals[2] eq 'rem' && do { + $i=0; + ($<, $>) = ($>, $<); # Get root privileges + while ($quota_usr[$i][0]) { + $dev = Quota::getqcarg($quota_usr[$i][1]); + $return = Quota::setqlim($dev,$user[2],0,0,0,0,1,$group); + $i++; + } + ($<, $>) = ($>, $<); # Give up root previleges + last switch2; + }; + $vals[2] eq 'set' && do { + $i=0; + ($<, $>) = ($>, $<); # Get root privileges + while ($quota_usr[$i][0]) { + $dev = Quota::getqcarg($quota[$i][0]); + $return = Quota::setqlim($dev,$user[2],$quota[$i][1],$quota[$i][2],$quota[$i][3],$quota[$i][4],1,$group); + $i++; + } + ($<, $>) = ($>, $<); # Give up root previleges + last switch2; + }; + $vals[2] eq 'get' && do { + $i=0; + ($<, $>) = ($>, $<); # Get root privileges + while ($quota_usr[$i][0]) { + if ($vals[2]ne'+') { + $dev = Quota::getqcarg($quota_usr[$i][1]); + @temp = Quota::query($dev,$user[2],$group); + if ($temp[0]ne'') { + $return = "$quota_usr[$i][1],$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7]:$return"; + } + else { $return = "$quota_usr[$i][1],0,0,0,0,0,0,0,0:$return"; } + } + else { $return = "$quota_usr[$i][1],0,0,0,0,0,0,0,0:$return"; } + $i++; + } + ($<, $>) = ($>, $<); # Give up root previleges + last switch2; + }; + } + last switch; + }; + last switch; + }; + print "$return\n"; + } + } } else { $hostname = shift @ARGV; @@ -190,10 +195,18 @@ else { if ($ARGV[2] eq "*test") { print "Net::SSH::Perl successfully installed.\n"; } @username = split (',', $ARGV[0]); $username[0] =~ s/uid=//; + $password = $ARGV[1]; + # Put all transfered lines in one string + if ($ARGV[2] ne "*test") { + while (defined($input = )) { + $string = $string. $input; + } + } + else { $argv = "*test\n"; } my $ssh = Net::SSH::Perl->new($hostname, options=>[ - "UserKnownHostsFile /dev/null" - ]); - $ssh->login($username[0], $ARGV[1]); - ($stdout, $stderr, $exit) = $ssh->cmd("sudo $remotepath @ARGV"); + "UserKnownHostsFile /dev/null" + ]); + $ssh->login($username[0], $password); + ($stdout, $stderr, $exit) = $ssh->cmd("sudo $remotepath $argv", $string); print "$stdout"; } diff --git a/lam/templates/account/groupedit.php b/lam/templates/account/groupedit.php index ebe883d8..65283770 100644 --- a/lam/templates/account/groupedit.php +++ b/lam/templates/account/groupedit.php @@ -101,16 +101,16 @@ else if (count($_POST)==0) { while (isset($account_new->quota[$i])) { // search if quotas from profile fit to a real quota $found = (-1); - for ($j=0; $jquota); $j++) + for ($j=0; $jquota); $j++) if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; // unset quota from profile if quotas (mointpoint) doesn't exists anymore if ($found==-1) unset($account_new->quota[$i]); else { // Set missing part in quota-array - $account_new->quota[$i][1] = $values->quota[$found][1]; - $account_new->quota[$i][5] = $values->quota[$found][5]; - $account_new->quota[$i][4] = $values->quota[$found][4]; - $account_new->quota[$i][8] = $values->quota[$found][8]; + $account_new->quota[$i][1] = $values[0]->quota[$found][1]; + $account_new->quota[$i][5] = $values[0]->quota[$found][5]; + $account_new->quota[$i][4] = $values[0]->quota[$found][4]; + $account_new->quota[$i][8] = $values[0]->quota[$found][8]; $i++; } } @@ -119,8 +119,8 @@ else if (count($_POST)==0) { } else { // No quotas saved in profile // Display quotas for new users (Quota set to 0) - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } } @@ -162,7 +162,7 @@ switch ($_POST['select']) { case 'general': if (!$_POST['load']) { if (($account_new->general_username != $_POST['f_general_username']) && ereg('[A-Z]$', $_POST['f_general_username'])) - $errors[] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because user and uSer could have the same mail-address.')); + $errors[] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because not all programs are case-sensitive.')); // Write all general attributes into $account_new if no profile should be loaded $account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_username = $_POST['f_general_username']; @@ -284,13 +284,13 @@ switch ($_POST['select']) { if ($_POST['outputpdf']) { // Load quotas if not yet done because they are needed for the pdf-file if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas - $values = getquotas('group', $account_old->general_username); - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + $values = getquotas('group', array($account_old->general_username)); + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } - if (is_object($values) && isset($account_old)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0]) && isset($account_old)) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_old->$key = $val; } } @@ -409,16 +409,16 @@ do { // X-Or, only one if() can be true while (isset($account_new->quota[$i])) { // search if quotas from profile fit to a real quota $found = (-1); - for ($j=0; $jquota); $j++) - if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; + for ($j=0; $jquota); $j++) + if ($values[0]->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; // unset quota from profile if quotas (mointpoint) doesn't exists anymore if ($found==-1) unset($account_new->quota[$i]); else { // Set missing part in quota-array - $account_new->quota[$i][1] = $values->quota[$found][1]; - $account_new->quota[$i][5] = $values->quota[$found][5]; - $account_new->quota[$i][4] = $values->quota[$found][4]; - $account_new->quota[$i][8] = $values->quota[$found][8]; + $account_new->quota[$i][1] = $values[0]->quota[$found][1]; + $account_new->quota[$i][5] = $values[0]->quota[$found][5]; + $account_new->quota[$i][4] = $values[0]->quota[$found][4]; + $account_new->quota[$i][8] = $values[0]->quota[$found][8]; $i++; } } @@ -427,8 +427,8 @@ do { // X-Or, only one if() can be true } else { // No quotas saved in profile // Display quotas for new users (Quota set to 0) - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } } @@ -739,13 +739,13 @@ switch ($select_local) { // Quota Settings // Load quotas if not yet done if ($config_intern->scriptServer && !isset($account_new->quota[0]) ) { // load quotas - $values = getquotas('group', $account_new->general_username); - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + $values = getquotas('group', array($account_new->general_username)); + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } - if (is_object($values) && isset($account_old)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0]) && isset($account_old)) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_old->$key = $val; } } diff --git a/lam/templates/account/hostedit.php b/lam/templates/account/hostedit.php index b91ca216..087a421e 100644 --- a/lam/templates/account/hostedit.php +++ b/lam/templates/account/hostedit.php @@ -99,7 +99,7 @@ switch ($_POST['select']) { case 'general': if (!$_POST['load']) { if (($account_new->general_username != $_POST['f_general_username']) && ereg('[A-Z]$', $_POST['f_general_username'])) - $errors[] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because user and uSer could have the same mail-address.')); + $errors[] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because not all programs are case-sensitive.')); // Write all general values into $account_new if no profile should be loaded $account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_username = $_POST['f_general_username']; diff --git a/lam/templates/account/useredit.php b/lam/templates/account/useredit.php index 1c3a21d9..99780aae 100644 --- a/lam/templates/account/useredit.php +++ b/lam/templates/account/useredit.php @@ -104,16 +104,16 @@ if (isset($_GET['DN']) && $_GET['DN']!='') { while (isset($account_new->quota[$i])) { // search if quotas from profile fit to a real quota $found = (-1); - for ($j=0; $jquota); $j++) - if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; + for ($j=0; $jquota); $j++) + if ($values[0]->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; // unset quota from profile if quotas (mointpoint) doesn't exists anymore if ($found==-1) unset($account_new->quota[$i]); else { // Set missing part in quota-array - $account_new->quota[$i][1] = $values->quota[$found][1]; - $account_new->quota[$i][5] = $values->quota[$found][5]; - $account_new->quota[$i][4] = $values->quota[$found][4]; - $account_new->quota[$i][8] = $values->quota[$found][8]; + $account_new->quota[$i][1] = $values[0]->quota[$found][1]; + $account_new->quota[$i][5] = $values[0]->quota[$found][5]; + $account_new->quota[$i][4] = $values[0]->quota[$found][4]; + $account_new->quota[$i][8] = $values[0]->quota[$found][8]; $i++; } } @@ -122,8 +122,8 @@ if (isset($_GET['DN']) && $_GET['DN']!='') { } else { // No quotas saved in profile // Display quotas for new users (Quota set to 0) - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } } @@ -500,13 +500,13 @@ switch ($_POST['select']) { if ($_POST['outputpdf']) { // Load quotas if not yet done because they are needed for the pdf-file if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas - $values = getquotas('user', $account_old->general_username); - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + $values = getquotas('user', array($account_old->general_username)); + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } - if (is_object($values) && isset($account_old)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0]) && isset($account_old)) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_old->$key = $val; } } @@ -680,15 +680,15 @@ do { // X-Or, only one if() can be true // search if quotas from profile fit to a real quota $found = (-1); for ($j=0; $jquota); $j++) - if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; + if ($values[0]->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; // unset quota from profile if quotas (mointpoint) doesn't exists anymore if ($found==-1) unset($account_new->quota[$i]); else { // Set missing part in quota-array - $account_new->quota[$i][1] = $values->quota[$found][1]; - $account_new->quota[$i][5] = $values->quota[$found][5]; - $account_new->quota[$i][4] = $values->quota[$found][4]; - $account_new->quota[$i][8] = $values->quota[$found][8]; + $account_new->quota[$i][1] = $values[0]->quota[$found][1]; + $account_new->quota[$i][5] = $values[0]->quota[$found][5]; + $account_new->quota[$i][4] = $values[0]->quota[$found][4]; + $account_new->quota[$i][8] = $values[0]->quota[$found][8]; $i++; } } @@ -697,8 +697,8 @@ do { // X-Or, only one if() can be true } else { // No quotas saved in profile // Display quotas for new users (Quota set to 0) - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } } @@ -753,7 +753,6 @@ if (is_array($errors)) // print_r($account_new); //print_r($account_old); - switch ($select_local) { /* Select which part of page should be loaded and check values * groups = page with all groups to which user is additional member @@ -1393,13 +1392,13 @@ switch ($select_local) { // Quota Settings // Load quotas if not yet done if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas - $values = getquotas('user', $account_old->general_username); - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + $values = getquotas('user', array($account_old->general_username)); + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_new->$key = $val; } - if (is_object($values) && isset($account_old)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0]) && isset($account_old)) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $account_old->$key = $val; } } diff --git a/lam/templates/delete.php b/lam/templates/delete.php index a7221d45..740ceebe 100644 --- a/lam/templates/delete.php +++ b/lam/templates/delete.php @@ -151,9 +151,9 @@ if ($_POST['delete_yes']) { if ($config_intern->scriptServer) { // Remove homedir if required - if ($_POST['f_rem_home']) remhomedir($username); + if ($_POST['f_rem_home']) remhomedir(array($username)); // Remove quotas if lamdaemon.pl is used - if ($config_intern->scriptServer) remquotas($username, 'user'); + if ($config_intern->scriptServer) remquotas(array($username), 'user'); } // Search for groups which have memberUid set to username $result = ldap_search($ldap_intern->server(), $config_intern->get_GroupSuffix(), "(&(objectClass=PosixGroup)(memberUid=$username))", array('')); @@ -189,7 +189,7 @@ if ($_POST['delete_yes']) { else { // continue if no primary users are in group // Remove quotas if lamdaemon.pl is used - if ($config_intern->scriptServer) remquotas($groupname, 'group'); + if ($config_intern->scriptServer) remquotas(array($groupname), 'group'); // Delete group itself $success = ldap_delete($ldap_intern->server(), $dn); if (!$success) $error = _('Could not delete group:').' '.$dn; diff --git a/lam/templates/masscreate.php b/lam/templates/masscreate.php index 454bc425..dac8c20e 100644 --- a/lam/templates/masscreate.php +++ b/lam/templates/masscreate.php @@ -174,23 +174,23 @@ switch ($select) { if ($config_intern->scriptServer) { // load quotas and check if quotas from profile are valid $values = getquotas('group'); - if (isset($$group->quota[0])) { + if (isset($group->quota[0])) { // check quotas from profile $i=0; // check quota settings, loop for every partition with quotas - while (isset($$group->quota[$i])) { + while (isset($group->quota[$i])) { // search if quotas from profile fit to a real quota $found = (-1); - for ($j=0; $jquota); $j++) - if ($values->quota[$j][0]==$group->quota[$i][0]) $found = $j; + for ($j=0; $jquota); $j++) + if ($values[0]->quota[$j][0]==$group->quota[$i][0]) $found = $j; // unset quota from profile if quotas (mointpoint) doesn't exists anymore if ($found==-1) unset($group->quota[$i]); else { // Set missing part in quota-array - $group->quota[$i][1] = $values->quota[$found][1]; - $group->quota[$i][5] = $values->quota[$found][5]; - $group->quota[$i][4] = $values->quota[$found][4]; - $group->quota[$i][8] = $values->quota[$found][8]; + $group->quota[$i][1] = $values[0]->quota[$found][1]; + $group->quota[$i][5] = $values[0]->quota[$found][5]; + $group->quota[$i][4] = $values[0]->quota[$found][4]; + $group->quota[$i][8] = $values[0]->quota[$found][8]; $i++; } } @@ -199,8 +199,8 @@ switch ($select) { } else { // No quotas saved in profile // Display quotas for new users (Quota set to 0) - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $group->$key = $val; } } @@ -245,7 +245,7 @@ switch ($select) { $_SESSION['accounts'][$_SESSION['pointer']]->smb_password = $_SESSION['accounts'][$_SESSION['pointer']]->unix_password; // Only create user if we have at least 5sec time to create the user if ( (time()-$time)<(get_cfg_var('max_execution_time')-10)) { - $error = createuser($_SESSION['accounts'][$_SESSION['pointer']]); + $error = createuser($_SESSION['accounts'][$_SESSION['pointer']], false); // Show error or success message if ($error==1) { $_SESSION['pointer']++; @@ -271,6 +271,13 @@ switch ($select) { echo "\n"; } else { + // Write homedirs and quotas if needed + if ($_SESSION['config']->scriptServer) { + setquotas ($_SESSION['accounts']); + // Get array with new usernames + foreach ($_SESSION['accounts'] as $account) $users[] = $account->general_username; + addhomedir($users); + } // Show success-page echo ''; echo _('All Users have been created'); @@ -468,16 +475,16 @@ function loadfile() { while (isset($profile->quota[$i])) { // search if quotas from profile fit to a real quota $found = (-1); - for ($j=0; $jquota); $j++) - if ($values->quota[$j][0]==$profile->quota[$i][0]) $found = $j; + for ($j=0; $jquota); $j++) + if ($values[0]->quota[$j][0]==$profile->quota[$i][0]) $found = $j; // unset quota from profile if quotas (mointpoint) doesn't exists anymore if ($found==-1) unset($profile->quota[$i]); else { // Set missing part in quota-array - $profile->quota[$i][1] = $values->quota[$found][1]; - $profile->quota[$i][5] = $values->quota[$found][5]; - $profile->quota[$i][4] = $values->quota[$found][4]; - $profile->quota[$i][8] = $values->quota[$found][8]; + $profile->quota[$i][1] = $values[0]->quota[$found][1]; + $profile->quota[$i][5] = $values[0]->quota[$found][5]; + $profile->quota[$i][4] = $values[0]->quota[$found][4]; + $profile->quota[$i][8] = $values[0]->quota[$found][8]; $i++; } } @@ -486,8 +493,8 @@ function loadfile() { } else { // No quotas saved in profile // Display quotas for new users (Quota set to 0) - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values + if (is_object($values[0])) { + while (list($key, $val) = each($values[0])) // Set only defined values if (isset($val)) $profile->$key = $val; } }