Change how system login update works

Use a wrapper script in vyatta_update_login.pl and per login method objects for the update.
author: Stephen Hemminger <stephen.hemminger@vyatta.com> 2009-06-01 15:17:13 -0700
committer: Stephen Hemminger <stephen.hemminger@vyatta.com> 2009-06-01 15:50:07 -0700
commit: bf4dd2a3dd0f36ebd5c1c7a6a3705d378d0453b2 (patch)
tree: 8130cda7cbf98ac64ca6c0c408b0befe8873174a /scripts/system/vyatta_update_login.pl
parent: 11b14df671c37a69dd9aaab0d36703d11465df93 (diff)
download: vyatta-cfg-system-bf4dd2a3dd0f36ebd5c1c7a6a3705d378d0453b2.tar.gz
vyatta-cfg-system-bf4dd2a3dd0f36ebd5c1c7a6a3705d378d0453b2.zip
1 files changed, 13 insertions, 103 deletions
diff --git a/scripts/system/vyatta_update_login.pl b/scripts/system/vyatta_update_login.pl
index c8c064a7..b2125de1 100755..100644
--- a/scripts/system/vyatta_update_login.pl
+++ b/scripts/system/vyatta_update_login.pl
@@ -20,111 +20,21 @@ use strict;
 use lib "/opt/vyatta/share/perl5";
 use Vyatta::Config;
 
-# handle "user"
-my $uconfig = new Vyatta::Config;
-$uconfig->setLevel("system login user");
+# This is just a simple wrapper that allows for extensiblility
+# of login types.
 
-my %users     = $uconfig->listNodeStatus();
-my @user_keys = sort keys %users;
+my $config = new Vyatta::Config;
+$config->setLevel("system login");
 
-if (   ( scalar(@user_keys) <= 0 )
-    || !( grep /^root$/, @user_keys )
-    || ( $users{'root'} eq 'deleted' ) )
-{
-    # root is deleted
-    die "User \"root\" cannot be deleted\n";
-}
-
-# Exit codes form useradd.8 man page
-my %reasons = (
-    0  => 'success',
-    1  => 'can´t update password file',
-    2  => 'invalid command syntax',
-    3  => 'invalid argument to option',
-    4  => 'UID already in use (and no -o)',
-    6  => 'specified group doesn´t exist',
-    9  => 'username already in use',
-    10 => 'can´t update group file',
-    12 => 'can´t create home directory',
-    13 => 'can´t create mail spool',
-);
+foreach my $type ($config->listNodes()) {
+    my $kind = ucfirst $type;
+    my $location = "Vyatta/Login/$kind.pm";
+    my $class    = "Vyatta::Login::$kind";
+    
+    require $location;
 
-# Map of level to additional groups
-my %level_map = (
-    'admin'    => [ 'quaggavty', 'vyattacfg', 'sudo', 'adm', 'dip', 'disk'],
-    'operator' => [ 'quaggavty', 'operator',  'adm', 'dip', ],
-);
+    my $obj =  $class->new();
+    die "Don't understand $type" unless $obj;
 
-# Construct a map from existing users to group membership
-# Use space seperated format
-my %group_map;
-while (my ($name, undef, undef, $members) = getgrent()) {
-    foreach my $user (split / /,$members) {
-	my $g = $group_map{$user};
-	if ($g) {
-	    my @l = split / /, $g;
-	    push @l, $name;
-	    $group_map{$user} = join(' ', sort @l);
-	} else {
-	    $group_map{$user} = $name;
-	}
-
-    }
+    $obj->update();
 }
-
-# we have some users
-for my $user (@user_keys) {
-    if ( $users{$user} eq 'deleted' ) {
-        system("sudo userdel -r '$user'") == 0
-	    or die "userdel failed: $?\n"
-    }
-    elsif ( $users{$user} eq 'added' || $users{$user} eq 'changed' ) {
-        $uconfig->setLevel("system login user $user");
-        my $pwd  = $uconfig->returnValue('authentication encrypted-password');
-	$pwd or die "Encrypted password not in configuration for $user";
-
-        my $level  = $uconfig->returnValue('level');
-	$level or die "Level not defined for $user";
-
-	# map level to group membership
-        my @groups = @{$level_map{$level}};
-	# add any additional groups from configuration
-        push( @groups, $uconfig->returnValues('group') );
-
-        my $fname = $uconfig->returnValue('full-name');
-        my $home = $uconfig->returnValue('home-directory');
-
-        # Read existing settings
-        my (undef, $opwd, $uid,  $gid, undef, $comment, 
-	    undef, $dir, $shell, undef) = getpwnam($user);
-
-        my $cmd;
-	# not found in existing passwd, must be new
-        if ( !defined $uid ) {
-	    # make new user using vyatta shell
-	    #  and make home directory (-m)
-            #  and with default group of 100 (users)
-            $cmd = 'useradd -s /bin/vbash -m -N';
-        } else {
-	    # If no part of password or group file changed
-	    # then there is nothing to do here.
-	    next if ( $opwd eq $pwd &&
-		      (!$fname || $fname eq $comment) &&
-		      (!$home  || $home eq $dir)  &&
-		      join(' ',  sort @groups) eq $group_map{$user} );
-
-            $cmd = "usermod";
-        }
-
-        $cmd .= " -p '$pwd'";
-        $cmd .= " -c \"$fname\"" if ( defined $fname );
-        $cmd .= " -d \"$home\"" if ( defined $home );
-        $cmd .= ' -G ' . join( ',', @groups );
-        system("sudo $cmd $user");
-	next if ($? == 0);
-	my $reason = $reasons{($? >> 8)};
-	die "Attempt to change user $user failed: $reason\n";
-    }
-}
-
-exit 0;
author	Stephen Hemminger <stephen.hemminger@vyatta.com>	2009-06-01 15:17:13 -0700
committer	Stephen Hemminger <stephen.hemminger@vyatta.com>	2009-06-01 15:50:07 -0700
commit	bf4dd2a3dd0f36ebd5c1c7a6a3705d378d0453b2 (patch)
tree	8130cda7cbf98ac64ca6c0c408b0befe8873174a /scripts/system/vyatta_update_login.pl
parent	11b14df671c37a69dd9aaab0d36703d11465df93 (diff)
download	vyatta-cfg-system-bf4dd2a3dd0f36ebd5c1c7a6a3705d378d0453b2.tar.gz vyatta-cfg-system-bf4dd2a3dd0f36ebd5c1c7a6a3705d378d0453b2.zip