diff options
Diffstat (limited to 'scripts/system/vyatta_check_username.pl')
| -rwxr-xr-x | scripts/system/vyatta_check_username.pl | 87 |
1 files changed, 0 insertions, 87 deletions
diff --git a/scripts/system/vyatta_check_username.pl b/scripts/system/vyatta_check_username.pl deleted file mode 100755 index 9ecc42db..00000000 --- a/scripts/system/vyatta_check_username.pl +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/bin/perl - -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2010 Vyatta, Inc. -# All Rights Reserved. -# -# **** End License **** - -use strict; -use warnings; - -my $passwdFile = '/etc/passwd'; - -# Lookup user in password file which may not give same -# result as getpw* which uses NSS -sub finduser { - my $user = shift; - my $uid; - - open( my $f, '<', $passwdFile ) - or die "Can't open $passwdFile: $!"; - - while (<$f>) { - chomp; - my ( $name, undef, $id ) = split /:/; - - next unless ( $name eq $user ); - $uid = $id; - last; - } - close $f; - - return $uid; -} - -foreach my $user (@ARGV) { - # enforce recommendations from useradd man page - - # Debian, the only constraints are that usernames must neither start - # with a dash (-) nor contain a colon (:) or a whitespace (space: , end - # of line: \n, tabulation: \t, etc.). Note that using a slash (/) may - # break the default algorithm for the definition of the users home - # directory. - die "$user : illegal characters in username\n" - unless ($user =~ /^\w[^ \t\n\r\v\f:\/]*$/); - - # Usernames may only be up to 32 characters long. - die "$user: username may only be up to 32 characters long\n" - if (length($user) > 32); - - # It is usually recommended to only use usernames that begin with a - # lower case letter or an underscore followed by lower case letters, - # digits, underscores, or dashes. They can end with a dollar sign. - # In regular expression terms: [a-z_][a-z0-9_-]*[$]? - warn "$user: username contains unusual characters\n" - . " should only contain lower case letters, digits, underscores or dashes\n" - unless ($user =~ /^[a-z_][a-z0-9_-]*\$?$/); - - # User does not exist in system, its okay - my $uid = getpwnam($user); - next unless defined($uid) and $uid ne "1001"; - - # System accounts should not be listed in vyatta configuration - # 1000 is SYS_UID_MIN - die "$user : account is already reserved for system use\n" - if ($uid > 0 && $uid < 1000); - - my $pwuid = finduser($user); - - die "$user : account exists but is not local (change on server)\n" - unless defined ($pwuid); - - die "$user : exists but has different uid on local versus remote\n" - unless ($pwuid eq $uid); -} - -exit 0; |