[LON-CAPA-cvs] cvs: loncom /build make_domain_coordinator.pl
harris41
lon-capa-cvs@mail.lon-capa.org
Sat, 02 Mar 2002 03:49:18 -0000
harris41 Fri Mar 1 22:49:18 2002 EDT
Added files:
/loncom/build make_domain_coordinator.pl
Log:
tested; also gives manual procedure with perldoc make_domain_coordinator.pl;
also removes author-specific steps (e.g. ~/public_html, g+rwxs, etc)
Index: loncom/build/make_domain_coordinator.pl
+++ loncom/build/make_domain_coordinator.pl
#!/usr/bin/perl
=pod
=head1 NAME
make_domain_coordinator.pl - Make a domain coordinator on a LON-CAPA system
=head1 DESCRIPTION
Automates the steps for domain coordinator creation. This
program also describes a manual procedure (see below).
These are the steps that are executed on the linux operating system:
=over 4
=item *
Tests to see if user already exists for linux system or for
LON-CAPA, if so aborts
=item *
Creates a linux system user
=item *
Sets password
=item *
Creates a LON-CAPA lonUsers directory for user
=item *
Sets LON-CAPA password mechanism to be "unix"
=item *
Set roles.hist and roles.db
=back
=cut
# The LearningOnline Network
# make_domain_coordinator.pl - Make a domain coordinator on a system
#
# $Id: make_domain_coordinator.pl,v 1.1 2002/03/02 03:49:18 harris41 Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
# YEAR=2002
# 3/1 Scott Harrison
# NOTE: I am interspersing the manual procedure with the automation.
# To see the manual procedure, do perldoc ./make_domain_coordinator.pl
# This is a standalone script. It *could* alternatively use the
# lcuseradd script, however lcuseradd relies on certain system
# dependencies. make_domain_coordinator.pl should be able
# to run freely as possible irrespective of the status of a LON-CAPA
# installation.
# ---------------------------------------------------- Configure general values
my %perlvar;
$perlvar{'lonUsersDir'}='/home/httpd/lonUsers';
=pod
=head1 OPTIONS
There are no flags to this script.
usage: make_domain_coordinator.pl [USERNAME] [DOMAIN]
The password is accepted through standard input.
The first argument
specifies the user name of the domain coordinator and
should consist of only alphanumeric characters.
The second argument specifies the password for the domain
coordinator and should only consist of printable ASCII
characters and be a string of length greater than 5 characters.
=cut
# ----------------------------------------------- So, are we invoked correctly?
# Two arguments or abort
if (@ARGV!=2) {
die 'usage: make_domain_coordinator.pl [USERNAME] [DOMAIN] '."\n".
'(and password through standard input)'."\n";
}
my ($username,$domain)=(@ARGV); shift @ARGV; shift @ARGV;
unless ($username=~/^\w+$/ and $username!~/\_/) {
die 'Username '.$username.' must consist only of alphanumeric characters'.
"\n";
}
unless ($domain=~/^\w+$/ and $domain!~/\_/) {
die 'Domain '.$domain.' must consist only of alphanumeric characters'.
"\n";
}
my $passwd=<>; # read in password from standard input
chomp($passwd);
if (length($passwd)<6 or length($passwd)>30) {
die 'Password is an unreasonable length.'."\n";
}
my $pbad=0;
foreach (split(//,$passwd)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
if ($pbad) {
die 'Password must consist of standard ASCII characters'."\n";
}
# And does user already exist
if (-d "/home/$username") {
die ($username.' is already a linux operating system user.'."\n");
}
my $udpath=propath($domain,$username);
if (-d $udpath) {
die ($username.' is already defined as a LON-CAPA user.'."\n");
}
=pod
=head1 MANUAL PROCEDURE
There are 10 steps to a manual procedure.
You need to decide on three pieces of information
to create a domain coordinator.
* USERNAME (kermit, albert, joe, etc)
* DOMAIN (should be the same as lonDefDomain in /etc/httpd/conf/access.conf)
* PASSWORD (don't tell me)
The examples in these instructions will be based
on three example pieces of information:
* USERNAME=dc103
* DOMAIN=103
* PASSWORD=sesame
You will also need to know your "root" password
and your "www" password.
=over 4
=item 1.
login as root on your Linux system
[prompt %] su
=cut
# ------------------------------------------------------------ So, are we root?
if ($< != 0) {
die 'You must be root in order to generate a domain coordinator.'."\n";
}
=pod
=item 2 (as root). add the user
Command: [prompt %] /usr/sbin/useradd USERNAME
Example: [prompt %] /usr/sbin/useradd dc103
=cut
# ----------------------------------------------------------- /usr/sbin/useradd
$username=~s/\W//g; # an extra filter, just to be sure
`/usr/sbin/useradd $username`;
=pod
=item 3 (as root). enter in a password
Command: [prompt %] passwd USERNAME
New UNIX password: PASSWORD
Retype new UNIX passwd: PASSWORD
Example: [prompt %] passwd dc103
New UNIX password: sesame
Retype new UNIX passwd: sesame
=cut
$username=~s/\W//g; # an extra filter, just to be sure
$pbad=0;
foreach (split(//,$passwd)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
if ($pbad) {
die 'Password must consist of standard ASCII characters'."\n";
}
open OUT,"|passwd --stdin $username";
print OUT $passwd."\n";
close OUT;
=pod
=cut
=pod
=item 4. login as user=www
Command: [prompt %] su www
Password: WWWPASSWORD
=item 5. (as www). cd /home/httpd/lonUsers
=item 6. (as www) Create user directory for your new user.
Let U equal first letter of USERNAME
Let S equal second letter of USERNAME
Let E equal third letter of USERNAME
Command: [prompt %] install -d DOMAIN/U/S/E/USERNAME
Example: [prompt %] install -d 103/d/c/1/dc103
=cut
`install -o www -g www -d $udpath`;
=pod
=item 7. (as www) Enter the newly created user directory.
Command: [prompt %] cd DOMAIN/U/S/E/USERNAME
Example: [prompt %] cd 103/d/c/1/dc103
=item 8. (as www). Set your password mechanism to 'unix'
Command: [prompt %] echo "unix:" > passwd
=cut
open OUT, ">$udpath/passwd";
print OUT 'unix:'."\n";
close OUT;
`chown www:www $udpath/passwd`;
=pod
=item 9. (as www). Run CVS:loncapa/doc/rolesmanip.pl:
Command: [prompt %] perl rolesmanip.pl DOMAIN USERNAME
Example: [prompt %] perl rolesmanip.pl 103 dc103
=cut
use GDBM_File;
my %hash;
tie(%hash,'GDBM_File',"$udpath/roles.db",
&GDBM_WRCREAT,0640);
$hash{'/'.$domain.'/_dc'}='dc';
open OUT, ">$udpath/roles.hist";
map {
print OUT $_.' : '.$hash{$_}."\n";
} keys %hash;
close OUT;
untie %hash;
`chown www:www $udpath/roles.hist`;
`chown www:www $udpath/roles.db`;
=pod
=item 10.
You may further define the domain coordinator user (i.e. dc103)
by going to http://MACHINENAME/adm/createuser.
=cut
print "$username is now a domain coordinator\n";
my $hostname=`hostname`; chomp $hostname;
print "http://$hostname/adm/createuser will allow you to further define".
" this user.\n";
# ----------------------------------------------------------------- SUBROUTINES
sub propath {
my ($udom,$uname)=@_;
$udom=~s/\W//g;
$uname=~s/\W//g;
my $subdir=$uname.'__';
$subdir =~ s/(.)(.)(.).*/$1\/$2\/$3/;
my $proname="$perlvar{'lonUsersDir'}/$udom/$subdir/$uname";
return $proname;
}
=pod
AUTHOR
Scott Harrison, harris41@msu.edu
=cut