[LON-CAPA-cvs] cvs: doc /loncapafiles loncapafiles.lpml removenolongerused.piml loncom lond

Fri Aug 9 21:27:36 EDT 2013

raeburn		Sat Aug 10 01:27:36 2013 EDT

  Modified files:              
    /loncom	lond 
    /doc/loncapafiles	loncapafiles.lpml removenolongerused.piml 
  Log:
  - Web interface to support switching users to filesystem authenticated was
    removed in LON-CAPA 2.6.0 (same for new filesystem auth users, except via CLI).
    - Eliminate the LON-CAPA internals which supported the old web interface.
  
  
Index: loncom/lond
diff -u loncom/lond:1.501 loncom/lond:1.502

--- loncom/lond:1.501	Thu Jul 25 19:11:07 2013
+++ loncom/lond	Sat Aug 10 01:27:31 2013
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.501 2013/07/25 19:11:07 raeburn Exp $
+# $Id: lond,v 1.502 2013/08/10 01:27:31 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -61,7 +61,7 @@
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.501 $'; #' stupid emacs
+my $VERSION='$Revision: 1.502 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -130,25 +130,6 @@
 		   "pwchange_failure - lcpasswd Error filename is invalid");
 
 
-#  The array below are lcuseradd error strings.:
-
-my $lastadderror = 13;
-my @adderrors    = ("ok",
-		    "User ID mismatch, lcuseradd must run as user www",
-		    "lcuseradd Incorrect number of command line parameters must be 3",
-		    "lcuseradd Incorrect number of stdinput lines, must be 3",
-		    "lcuseradd Too many other simultaneous pwd changes in progress",
-		    "lcuseradd User does not exist",
-		    "lcuseradd Unable to make www member of users's group",
-		    "lcuseradd Unable to su to root",
-		    "lcuseradd Unable to set password",
-		    "lcuseradd Username has invalid characters",
-		    "lcuseradd Password has an invalid character",
-		    "lcuseradd User already exists",
-		    "lcuseradd Could not add user.",
-		    "lcuseradd Password mismatch");
-
-
 # This array are the errors from lcinstallfile:
 
 my @installerrors = ("ok",
@@ -2131,10 +2112,9 @@
 	my $passfilename = &password_path($udom, $uname);
 	if ($passfilename) {	# Not allowed to create a new user!!
 	    # If just changing the unix passwd. need to arrange to run
-	    # passwd since otherwise make_passwd_file will run
-	    # lcuseradd which fails if an account already exists
-	    # (to prevent an unscrupulous LONCAPA admin from stealing
-	    # an existing account by overwriting it as a LonCAPA account).
+	    # passwd since otherwise make_passwd_file will fail as 
+	    # creation of unix authenticated users is no longer supported
+            # except from the command line, when running make_domain_coordinator.pl
 
 	    if(($oldauth =~/^unix/) && ($umode eq "unix")) {
 		my $result = &change_unix_password($uname, $npass);
@@ -2152,15 +2132,8 @@
 		#  re-run manage_permissions for that role in order to be able
 		#  to take ownership of the construction space back to www:www
 		#
-		
-		
-		if( (($oldauth =~ /^unix/) && ($umode eq "internal")) ||
-		    (($oldauth =~ /^internal/) && ($umode eq "unix")) ) { 
-		    if(&is_author($udom, $uname)) {
-			&Debug(" Need to manage author permissions...");
-			&manage_permissions("/$udom/_au", $udom, $uname, "$umode:");
-		    }
-		}
+
+
 		&Reply($client, \$result, $userinput);
 	    }
 	       
@@ -6033,18 +6006,6 @@
     }
 }
 
-#
-# Convert an error return code from lcuseradd to a string value:
-#
-sub lcuseraddstrerror {
-    my $ErrorCode = shift;
-    if(($ErrorCode < 0) || ($ErrorCode > $lastadderror)) {
-	return "lcuseradd - Unrecognized error code: ".$ErrorCode;
-    } else {
-	return $adderrors[$ErrorCode];
-    }
-}
-
 # grabs exception and records it to log before exiting
 sub catchexception {
     my ($error)=@_;
@@ -7338,56 +7299,8 @@
 	    }
 	}
     } elsif ($umode eq 'unix') {
-	{
-	    #
-	    #  Don't allow the creation of privileged accounts!!! that would
-	    #  be real bad!!!
-	    #
-	    my $uid = getpwnam($uname);
-	    if((defined $uid) && ($uid == 0)) {
-		&logthis(">>>Attempt to create privileged account blocked");
-		return "no_priv_account_error\n";
-	    }
-
-	    my $execpath       ="$perlvar{'lonDaemons'}/"."lcuseradd";
-
-	    my $lc_error_file  = $execdir."/tmp/lcuseradd".$$.".status";
-	    {
-		&Debug("Executing external: ".$execpath);
-		&Debug("user  = ".$uname.", Password =". $npass);
-		my $se = IO::File->new("|$execpath > $perlvar{'lonDaemons'}/logs/lcuseradd.log");
-		print $se "$uname\n";
-                print $se "$udom\n";
-		print $se "$npass\n";
-		print $se "$npass\n";
-		print $se "$lc_error_file\n"; # Status -> unique file.
-	    }
-	    if (-r $lc_error_file) {
-		&Debug("Opening error file: $lc_error_file");
-		my $error = IO::File->new("< $lc_error_file");
-		my $useraddok = <$error>;
-		$error->close;
-		unlink($lc_error_file);
-		
-		chomp $useraddok;
-	
-		if($useraddok > 0) {
-		    my $error_text = &lcuseraddstrerror($useraddok);
-		    &logthis("Failed lcuseradd: $error_text");
-		    $result = "lcuseradd_failed:$error_text";
-		}  else {
-		    my $pf = IO::File->new(">$passfilename");
-		    if($pf) {
-			print $pf "unix:\n";
-		    } else {
-			$result = "pass_file_failed_error";
-		    }
-		}
-	    }  else {
-		&Debug("Could not locate lcuseradd error: $lc_error_file");
-		$result="bug_lcuseradd_no_output_file";
-	    }
-	}
+	&logthis(">>>Attempt to create unix account blocked -- unix auth not available for new users.");
+	$result="no_new_unix_accounts";
     } elsif ($umode eq 'none') {
 	{
 	    my $pf = IO::File->new("> $passfilename");
Index: doc/loncapafiles/loncapafiles.lpml
diff -u doc/loncapafiles/loncapafiles.lpml:1.845 doc/loncapafiles/loncapafiles.lpml:1.846
--- doc/loncapafiles/loncapafiles.lpml:1.845	Wed Jul 24 20:06:19 2013
+++ doc/loncapafiles/loncapafiles.lpml	Sat Aug 10 01:27:36 2013
@@ -2,7 +2,7 @@
  "http://lpml.sourceforge.net/DTD/lpml.dtd">
 <!-- loncapafiles.lpml -->
 
-<!-- $Id: loncapafiles.lpml,v 1.845 2013/07/24 20:06:19 lira Exp $ -->
+<!-- $Id: loncapafiles.lpml,v 1.846 2013/08/10 01:27:36 raeburn Exp $ -->
 
 <!--
 
@@ -2118,16 +2118,6 @@
 <status>being updated</status>
 </file>
 <file>
-<source>loncom/lcuseradd</source>
-<target dist='default'>home/httpd/perl/lcuseradd</target>
-<categoryname>setuid script</categoryname>
-<description>
-Coordinates the system services and files in order to allow lond to add a
-new user.
-</description>
-<status>being updated</status>
-</file>
-<file>
 <source>loncom/lciptables</source>
 <target dist='default'>home/httpd/perl/lciptables</target>
 <categoryname>setuid script</categoryname>
Index: doc/loncapafiles/removenolongerused.piml
diff -u doc/loncapafiles/removenolongerused.piml:1.2 doc/loncapafiles/removenolongerused.piml:1.3
--- doc/loncapafiles/removenolongerused.piml:1.2	Fri Aug  9 06:24:21 2013
+++ doc/loncapafiles/removenolongerused.piml	Sat Aug 10 01:27:36 2013
@@ -17,7 +17,7 @@
             );
  
 my %files = (
-              'londaemons' => ['lonManage','lchtmldir','lonhttpd'],
+              'londaemons' => ['lonManage','lchtmldir','lonhttpd','lcadduser'],
               'apache'     => ['londropadd.pm','lonconstruct.pm',
                                'lonremote.pm','admbookmarks.pm'],
               'londocroot' => ['adm/rat/extpickcode.html',
@@ -84,7 +84,7 @@
         print "$dir  -- delete? Enter: Y or N:\n";
         my $choice=<>;
         chomp($choice);
-        $choice =~ s/\s+//g; 
+        $choice =~ s/\s+//g;
         if ($choice eq 'Y') {
             File::Path::remove_tree($dir);
         }


