From c03648006f9abc429276679cfa34f305d9ce2a6f Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Thu, 29 Mar 2018 12:34:05 +0200 Subject: [PATCH] adding sync-unix-accounts.php, synchronize unix accounts with AlternC ones. not enabled by default, not even installed yet --- src/sync-unix-accounts.php | 167 +++++++++++++++++++++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 src/sync-unix-accounts.php diff --git a/src/sync-unix-accounts.php b/src/sync-unix-accounts.php new file mode 100644 index 00000000..14918394 --- /dev/null +++ b/src/sync-unix-accounts.php @@ -0,0 +1,167 @@ +#!/usr/bin/php +query("SELECT uid,login FROM membres;"); +while ($db->next_record()) { + if (in_array($db->Record["login"],$skip)) continue; + $members[$db->Record["uid"]]=$db->Record["login"]; +} + +$f=fopen("/etc/passwd","rb"); +while ($s=fgets($f,1024)) { + list($user,$pass,$uid,$gid,$gecos,$home,$shell)=explode(":",$s,7); + if ($uid<2000 || $uid>32000 || $uid!=$gid || substr($home,0,strlen($L_ALTERNC_HTML))!=$L_ALTERNC_HTML) continue; + $unix[$uid]=$user; +} + +// print_r($unix); print_r($members); +// $L_ALTERNC_HTML + +// What shall we create / delete ? +$create=array(); +$delete=array(); + +foreach($members as $muid=>$mlogin) { + if (!isset($unix[$muid])) { + $create[$muid]=$mlogin; + } else { + if ($unix[$muid]!=$mlogin) { + $delete[$muid]=1; + } + } +} +foreach($unix as $uuid=>$ulogin) { + if (!isset($members[$uuid])) { + $delete[$uuid]=$ulogin; + } +} + +if (!count($create) && !count($delete)) { + @unlink($lock); + exit(0); +} + +syslog(LOG_INFO,"Will create ".count($create)." Unix account and delete ".count($delete)."."); + + +// print_r($create); print_r($delete); + +// ------------------------------------------------------------ +// /ETC/PASSWD +copy("/etc/passwd","/etc/passwd.bak"); +$f=fopen("/etc/passwd","rb"); +flock($f,LOCK_EX); +$g=fopen("/etc/passwd.alternc","wb"); +$lastwascr=false; +while ($s=fgets($f,1024)) { + list($user,$pass,$uid,$gid,$gecos,$home,$shell)=explode(":",$s,7); + if ($uid<2000 || $uid>32000 || $uid!=$gid + || substr($home,0,strlen($L_ALTERNC_HTML))!=$L_ALTERNC_HTML + || !isset($delete[$uid]) + ) { + fputs($g,$s); + $lastwascr = (substr($s,-1)=="\n"); + } +} +if (!$lastwascr) { // last line didn't end by \n !! normalize it: + fputs($g,"\n"); +} +foreach($create as $uid=>$login) { + fputs($g,$login.":x:".$uid.":".$uid.":,,,:".$L_ALTERNC_HTML."/".substr($login,0,1)."/".$login.":$newshell\n"); +} +fclose($f); +fclose($g); +rename("/etc/passwd.alternc","/etc/passwd"); +syslog(LOG_INFO,"Wrote /etc/passwd"); + +// ------------------------------------------------------------ +// /ETC/GROUP +copy("/etc/group","/etc/group.bak"); +$f=fopen("/etc/group","rb"); +flock($f,LOCK_EX); +$g=fopen("/etc/group.alternc","wb"); +$lastwascr=false; +while ($s=fgets($f,1024)) { + list($user,$pass,$gid,$users)=explode(":",$s,4); + if ($gid<2000 || $gid>32000 + || !isset($delete[$gid]) + ) { + fputs($g,$s); + $lastwascr = (substr($s,-1)=="\n"); + } +} +if (!$lastwascr) { // last line didn't end by \n !! normalize it: + fputs($g,"\n"); +} +foreach($create as $uid=>$login) { + fputs($g,$login.":x:".$uid.":\n"); +} +fclose($f); +fclose($g); +rename("/etc/group.alternc","/etc/group"); +syslog(LOG_INFO,"Wrote /etc/group"); + +// ------------------------------------------------------------ +// /ETC/SHADOW +copy("/etc/shadow","/etc/shadow.bak"); +$f=fopen("/etc/shadow","rb"); +flock($f,LOCK_EX); +$g=fopen("/etc/shadow.alternc","wb"); +$lastwascr=false; +while ($s=fgets($f,1024)) { + list($user,$pass,$rest)=explode(":",$s,3); + if ( + !in_array($user,$delete) + ) { + fputs($g,$s); + $lastwascr = (substr($s,-1)=="\n"); + } +} +if (!$lastwascr) { // last line didn't end by \n !! normalize it: + fputs($g,"\n"); +} +foreach($create as $uid=>$login) { + fputs($g,$login.":*:17380:0:99999:7:::\n"); +} +fclose($f); +fclose($g); +chmod("/etc/shadow.alternc",0640); +rename("/etc/shadow.alternc","/etc/shadow"); +syslog(LOG_INFO,"Wrote /etc/shadow"); + +if (count($create)) syslog(LOG_INFO,"Wrote unix system files, ADDED:".implode(" ",$create)); +if (count($delete)) syslog(LOG_INFO,"Wrote unix system files, DELETED:".implode(" ",$delete)); + + +@unlink($lock);