 |  |
At 12:09 AM 9/25/98 -0400, you wrote:
Re: Unix Scripts, etc...
From: Robert Hough
Date: Friday, September 25, 1998
Time: 10:43:00 am
>rsh dns.michweb.net -l radius "sudo /usr/sbin/adduser -p <Pass> -g
>user -s /bin/resh -h /usr/home -G <FName> <LName>,,, <Login> ;
>/etc/update.passwd"
Uhhhm, I posted that to the list a long time ago. :)
Here's what I was looking to do:
I have an entry of say ->
rch:mY.p4s5w3rd:100:0:Robert Hough,Staff,,:/usr/home/staff/rch:/bin/bash
What I want to do is cancel the user for non-payment issues, at our office,
we make those entries look like this ->
rch:*mY.p4s5w3rd:100:0:Robert Hough,Staff,,:/usr/home/staff/rch:/bin/cancel
Basically, sticking an * in front of their encrypted password, and changing
their shell to cancel...
Now, in the place for Extra Mailboxes, this try this, say I'm a user, and
call asking for a new EMB. Here's what that entry would look like ->
rch:mY.p4s5w3rd:100:0:Robert Hough,Staff,,:/usr/home/staff/rch:/bin/bash
robh:mY.p4s5w3rd:100:0:Robert Hough,EMB,,:/usr/home/staff/rch:/bin/nologin
Then of course, we change the password to whatever they wanted it to be.
Anyways, this is what I was looking, but thanks for the reply regardless.
I'm sure someone on the list found that information usefull.
>
>Hold:
>
>rsh dns.michweb.net -l radius "sudo /usr/local/sbin/modify_user -h
><Login>; /etc/update.passwd"
>
>Restore:
>
>rsh dns.michweb.net -l radius "sudo /usr/local/sbin/modify_user -r
><Login>; sudo /etc/update.passwd"
>
>Cancel:
>
>rsh dns.michweb.net -l radius "sudo rm -r ~<Login>; sudo /usr/sbin/rmuser
><Login>; sudo /etc/update.passwd"
>
>Email Only:
>
>rsh dns.michweb.net -l radius "sudo /usr/sbin/adduser -p <EPass> -g
>emailonly -s /bin/ush -h /usr/home -G <FName> <LName>,,, <Email> ;
>/etc/update.passwd"
>
>Delete Email:
>
>rsh dns.michweb.net -l radius "sudo rm -r ~<Email>; sudo /usr/sbin/rmuser
><Email>; sudo /etc/update.passwd"
>
>
>Allow me to explain a few things. The systax of rsh is:
>
> rsh host.domain.com -l username "command"
>
>So, I'm running the command in quotes as the user "radius" on the host
>dns.michweb.net. Make sure you have tcpwrappers and your .rhosts file(s)
>set up to allow the command execution from your NT host.
>
>You'll also notice I'm running sudo. Since I'm allowing the NT host
>permission to rsh and the commands require root priviledges you need a way
>of securely allowing the user to execute scripts as root.
>
>The update.passwd script is merely a bash script that uses rdist to copy
>the updated passwd files to each of my servers through a ssh tunnel.
>
>You'll notice the only differences between a full user and a email only
>user is group membership and shell. I use group membership with Cistron
>radius to disallow emailonly accounts from logging on and a custom program
>called "ush" that gives users a message telling them they don't get shell
>access. If they log into a mail server, ush is symlinked to pine so they
>can check their email that way.
>
>I haven't gotten ambitious enough to write scripts to automatically add a
>domain to my server(s). I'm halfway there in that I have scripts to auto
>update dns for adding domains but I need to write one that appends the
>httpd.conf stuff to the end of the file and adds domain->user mappings to
>the qmail config files. When I get around to it I'll post it here but it
>will be BSDI specific and it will only support bind 8, apache 1.3 and
>qmail.
>
>Matt
>
>On Thu, 24 Sep 1998, Robert Hough wrote:
>
>> At 10:29 PM 9/24/98 -0400, you wrote:
>> >Since passwd files aren't the same between various flavors, it would be
>> >helpful to mention your flavor of choice.
>>
>> FreeBSD 2.2.7, I assume too much sometimes. hehe
>>
>> __ _______
>>
Messages In This Thread:
Return to Digital Point Solutions' Home Page