[LON-CAPA-cvs] cvs: loncom(version_2_11_X) / lond

raeburn raeburn at source.lon-capa.org
Sat Aug 10 10:20:53 EDT 2013


raeburn		Sat Aug 10 14:20:53 2013 EDT

  Modified files:              (Branch: version_2_11_X)
    /loncom	lond 
  Log:
  - For 2.11
    - Backport 1.502.
  
  
Index: loncom/lond
diff -u loncom/lond:1.489.2.7 loncom/lond:1.489.2.8
--- loncom/lond:1.489.2.7	Thu Aug  8 18:55:22 2013
+++ loncom/lond	Sat Aug 10 14:20:52 2013
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.489.2.7 2013/08/08 18:55:22 raeburn Exp $
+# $Id: lond,v 1.489.2.8 2013/08/10 14:20:52 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -61,7 +61,7 @@
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.489.2.7 $'; #' stupid emacs
+my $VERSION='$Revision: 1.489.2.8 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -130,25 +130,6 @@
 		   "pwchange_failure - lcpasswd Error filename is invalid");
 
 
-#  The array below are lcuseradd error strings.:
-
-my $lastadderror = 13;
-my @adderrors    = ("ok",
-		    "User ID mismatch, lcuseradd must run as user www",
-		    "lcuseradd Incorrect number of command line parameters must be 3",
-		    "lcuseradd Incorrect number of stdinput lines, must be 3",
-		    "lcuseradd Too many other simultaneous pwd changes in progress",
-		    "lcuseradd User does not exist",
-		    "lcuseradd Unable to make www member of users's group",
-		    "lcuseradd Unable to su to root",
-		    "lcuseradd Unable to set password",
-		    "lcuseradd Username has invalid characters",
-		    "lcuseradd Password has an invalid character",
-		    "lcuseradd User already exists",
-		    "lcuseradd Could not add user.",
-		    "lcuseradd Password mismatch");
-
-
 # This array are the errors from lcinstallfile:
 
 my @installerrors = ("ok",
@@ -2135,10 +2116,9 @@
 	my $passfilename = &password_path($udom, $uname);
 	if ($passfilename) {	# Not allowed to create a new user!!
 	    # If just changing the unix passwd. need to arrange to run
-	    # passwd since otherwise make_passwd_file will run
-	    # lcuseradd which fails if an account already exists
-	    # (to prevent an unscrupulous LONCAPA admin from stealing
-	    # an existing account by overwriting it as a LonCAPA account).
+	    # passwd since otherwise make_passwd_file will fail as 
+	    # creation of unix authenticated users is no longer supported
+            # except from the command line, when running make_domain_coordinator.pl
 
 	    if(($oldauth =~/^unix/) && ($umode eq "unix")) {
 		my $result = &change_unix_password($uname, $npass);
@@ -2156,15 +2136,8 @@
 		#  re-run manage_permissions for that role in order to be able
 		#  to take ownership of the construction space back to www:www
 		#
-		
-		
-		if( (($oldauth =~ /^unix/) && ($umode eq "internal")) ||
-		    (($oldauth =~ /^internal/) && ($umode eq "unix")) ) { 
-		    if(&is_author($udom, $uname)) {
-			&Debug(" Need to manage author permissions...");
-			&manage_permissions("/$udom/_au", $udom, $uname, "$umode:");
-		    }
-		}
+
+
 		&Reply($client, \$result, $userinput);
 	    }
 	       
@@ -6015,18 +5988,6 @@
     }
 }
 
-#
-# Convert an error return code from lcuseradd to a string value:
-#
-sub lcuseraddstrerror {
-    my $ErrorCode = shift;
-    if(($ErrorCode < 0) || ($ErrorCode > $lastadderror)) {
-	return "lcuseradd - Unrecognized error code: ".$ErrorCode;
-    } else {
-	return $adderrors[$ErrorCode];
-    }
-}
-
 # grabs exception and records it to log before exiting
 sub catchexception {
     my ($error)=@_;
@@ -7316,56 +7277,8 @@
 	    }
 	}
     } elsif ($umode eq 'unix') {
-	{
-	    #
-	    #  Don't allow the creation of privileged accounts!!! that would
-	    #  be real bad!!!
-	    #
-	    my $uid = getpwnam($uname);
-	    if((defined $uid) && ($uid == 0)) {
-		&logthis(">>>Attempt to create privileged account blocked");
-		return "no_priv_account_error\n";
-	    }
-
-	    my $execpath       ="$perlvar{'lonDaemons'}/"."lcuseradd";
-
-	    my $lc_error_file  = $execdir."/tmp/lcuseradd".$$.".status";
-	    {
-		&Debug("Executing external: ".$execpath);
-		&Debug("user  = ".$uname.", Password =". $npass);
-		my $se = IO::File->new("|$execpath > $perlvar{'lonDaemons'}/logs/lcuseradd.log");
-		print $se "$uname\n";
-                print $se "$udom\n";
-		print $se "$npass\n";
-		print $se "$npass\n";
-		print $se "$lc_error_file\n"; # Status -> unique file.
-	    }
-	    if (-r $lc_error_file) {
-		&Debug("Opening error file: $lc_error_file");
-		my $error = IO::File->new("< $lc_error_file");
-		my $useraddok = <$error>;
-		$error->close;
-		unlink($lc_error_file);
-		
-		chomp $useraddok;
-	
-		if($useraddok > 0) {
-		    my $error_text = &lcuseraddstrerror($useraddok);
-		    &logthis("Failed lcuseradd: $error_text");
-		    $result = "lcuseradd_failed:$error_text";
-		}  else {
-		    my $pf = IO::File->new(">$passfilename");
-		    if($pf) {
-			print $pf "unix:\n";
-		    } else {
-			$result = "pass_file_failed_error";
-		    }
-		}
-	    }  else {
-		&Debug("Could not locate lcuseradd error: $lc_error_file");
-		$result="bug_lcuseradd_no_output_file";
-	    }
-	}
+	&logthis(">>>Attempt to create unix account blocked -- unix auth not available for new users.");
+	$result="no_new_unix_accounts";
     } elsif ($umode eq 'none') {
 	{
 	    my $pf = IO::File->new("> $passfilename");




More information about the LON-CAPA-cvs mailing list