1 |
dpavlin |
1.1 |
#!/usr/local/bin/perl -w |
2 |
|
|
|
3 |
|
|
# Dobrica Pavlinusic <dpavlin@pliva.hr> |
4 |
|
|
# 2000-01-31 DbP prva verzija |
5 |
|
|
# 2000-02-14 DbP mozda i radi? |
6 |
|
|
# 2000-03-06 DbP koristi DBD::pg |
7 |
|
|
# 2000-03-09 DbP e-mail alias samo od malih slova |
8 |
|
|
# 2000-03-13 DbP podrska za novu support/last_open tablicu |
9 |
|
|
# 2000-03-16 DbP cuva stare aliase iz /etc/aliases |
10 |
|
|
# 2000-03-20 DbP skida razmake prije/poslje imena/prezimena |
11 |
dpavlin |
1.2 |
|
12 |
dpavlin |
1.1 |
use DBI; |
13 |
|
|
use strict; |
14 |
|
|
|
15 |
|
|
my $debug=0; |
16 |
|
|
|
17 |
dpavlin |
1.9 |
my $res_uids=60000; # uids larger than this are for system use |
18 |
|
|
|
19 |
dpavlin |
1.3 |
if (defined($ARGV[0]) && $ARGV[0] eq "-d") { |
20 |
|
|
$debug++; |
21 |
|
|
shift @ARGV; |
22 |
|
|
} |
23 |
|
|
my $open_only_id=shift @ARGV if (defined($ARGV[0])); |
24 |
dpavlin |
1.1 |
|
25 |
dpavlin |
1.9 |
warn "DEBUG -- ne kreira ni¹ta!" if ($debug); |
26 |
dpavlin |
1.1 |
|
27 |
|
|
$|++; |
28 |
|
|
|
29 |
|
|
|
30 |
|
|
#---- |
31 |
|
|
|
32 |
|
|
sub xerror { print ERROR @_; print STDERR @_; } |
33 |
|
|
sub xdebug { print DEBUG @_; print STDOUT @_ if ($debug); } |
34 |
|
|
sub v { print STDOUT @_; print DEBUG @_; }; |
35 |
|
|
|
36 |
|
|
open(ERROR,"> error-log") || die "can't open error-log: $!"; |
37 |
|
|
open(DEBUG,"> debug-log") || die "can't open debug-log: $!"; |
38 |
|
|
|
39 |
|
|
my %etc_aliases; |
40 |
|
|
my $mail_alias; |
41 |
|
|
my $mail_login; |
42 |
|
|
|
43 |
dpavlin |
1.3 |
my @mail_to; # array to main initial message to |
44 |
|
|
open(WHO,"who am i |") || die "who am i? $!"; |
45 |
|
|
my $db_user=<WHO>; |
46 |
dpavlin |
1.7 |
chomp $db_user; |
47 |
dpavlin |
1.3 |
$db_user=~s/\s.+$//g; |
48 |
|
|
close(WHO); |
49 |
|
|
|
50 |
dpavlin |
1.9 |
xdebug "koristim korisnika $db_user\n"; |
51 |
dpavlin |
1.3 |
|
52 |
dpavlin |
1.7 |
open(HOSTNAME,"hostname |") || die "hostname: $!"; |
53 |
|
|
my $hostname=<HOSTNAME>; |
54 |
|
|
chomp $hostname; |
55 |
|
|
close(HOSTNAME); |
56 |
|
|
|
57 |
|
|
xdebug "koristim hostname $hostname\n"; |
58 |
dpavlin |
1.3 |
|
59 |
dpavlin |
1.1 |
v "/etc/aliases\n"; |
60 |
|
|
open(ALIAS,"/etc/aliases") || die "Can't open /etc/aliases: $!"; |
61 |
|
|
open(NALIAS,">aliases.new") || die "Can't open aliases.new: $!"; |
62 |
|
|
while(<ALIAS>) { |
63 |
|
|
chop; |
64 |
|
|
print NALIAS "$_\n"; |
65 |
|
|
next if (m!^#! || m!^$!); |
66 |
|
|
my ($mail_alias,$mail_login); |
67 |
|
|
if (m!\w+.\w+!) { |
68 |
|
|
($mail_alias,$mail_login) = split(/\s*:\s*/,$_,2); |
69 |
|
|
$mail_alias =~ tr [A-Z] [a-z]; |
70 |
|
|
} |
71 |
|
|
$etc_aliases{$mail_alias}=$mail_login; |
72 |
|
|
# xdebug "$mail_alias:$mail_login\n"; |
73 |
|
|
} |
74 |
|
|
close(ALIAS); |
75 |
|
|
|
76 |
|
|
my %etc_passwd; |
77 |
dpavlin |
1.9 |
my $max_uid = 0; # maximum uid |
78 |
dpavlin |
1.1 |
|
79 |
|
|
v "/etc/passwd\n"; |
80 |
|
|
open(PASSWD,"/etc/passwd") || die "Can't open /etc/passwd !"; |
81 |
|
|
open(NPASSWD,">passwd.new") || die "Can't open passwd.new !"; |
82 |
|
|
while(<PASSWD>) { |
83 |
|
|
chop; |
84 |
dpavlin |
1.9 |
my ($login,$uid,$gid,$full_name,$dir,$shell); |
85 |
dpavlin |
1.1 |
($login,undef,$uid,$gid,$full_name,$dir,$shell) = split(/:/,$_,7); |
86 |
|
|
$etc_passwd{$login}=$full_name; |
87 |
|
|
print NPASSWD "$_\n"; |
88 |
|
|
# xdebug "$login:$full_name\n"; |
89 |
dpavlin |
1.9 |
$max_uid = $uid if ($max_uid < $uid && $uid < $res_uids); |
90 |
dpavlin |
1.1 |
} |
91 |
|
|
close(PASSWD); |
92 |
|
|
|
93 |
|
|
my %group_id; |
94 |
|
|
|
95 |
|
|
v "/etc/group\n"; |
96 |
|
|
open(GROUP,"/etc/group") || die "Can't open /etc/group !"; |
97 |
|
|
while(<GROUP>) { |
98 |
|
|
my ($group,undef,$gid,undef) = split (/:/,$_,4); |
99 |
|
|
$group_id{$group}=$gid; |
100 |
|
|
# xdebug "$group:$gid\n"; |
101 |
|
|
} |
102 |
|
|
close(GROUP); |
103 |
|
|
|
104 |
|
|
sub nuke_chars { |
105 |
|
|
my $foo=$_[0]; |
106 |
|
|
$foo =~ tr/ðèæÐÈÆ/¹ðè澩ÐÈÆ®/; # cp1250 -> iso88592 |
107 |
|
|
$foo =~ s/ð/dj/g; |
108 |
|
|
$foo =~ s/Ð/Dj/g; |
109 |
|
|
$foo =~ tr/¹ðè澩ÐÈÆ®/sdcczSDCCZ/; # nuke iso88592 |
110 |
|
|
$foo =~ s/^\s+//g; |
111 |
|
|
$foo =~ s/\s+$//g; |
112 |
|
|
return $foo; |
113 |
|
|
} |
114 |
|
|
|
115 |
|
|
my $max_osoba_id=0; |
116 |
|
|
|
117 |
|
|
my $dbh = DBI->connect("DBI:Pg:dbname=informatika;host=support.pliva.hr;user=$db_user","","") || die $DBI::errstr; |
118 |
dpavlin |
1.7 |
|
119 |
|
|
my $sth = $dbh->prepare("select ko_id from unix2ko where login='$db_user' and host='$hostname'") || die $dbh->errstr(); |
120 |
|
|
$sth->execute() || die $sth->errstr(); |
121 |
|
|
my ($ko_id)=$sth->fetchrow_array; |
122 |
|
|
|
123 |
|
|
xdebug "upotrebljavam ID kontakt osobe: $ko_id\n"; |
124 |
|
|
|
125 |
|
|
$sth = $dbh->prepare("select max(id) from last_open") || die $dbh->errstr(); |
126 |
dpavlin |
1.1 |
$sth->execute() || die $sth->errstr(); |
127 |
|
|
my ($last_open)=$sth->fetchrow_array; |
128 |
dpavlin |
1.7 |
|
129 |
dpavlin |
1.2 |
if (! defined($open_only_id)) { |
130 |
|
|
$sth = $dbh->prepare("select id,ime,prezime,sifra,objekt,kat,soba,shell from view_otvori_nove where id > $last_open") || die $dbh->errstr(); |
131 |
|
|
} else { |
132 |
|
|
$sth = $dbh->prepare("select id,ime,prezime,sifra,objekt,kat,soba,shell from view_otvori_nove where id=$open_only_id") || die $dbh->errstr(); |
133 |
|
|
|
134 |
|
|
} |
135 |
dpavlin |
1.1 |
$sth->execute() || die $sth->errstr(); |
136 |
dpavlin |
1.3 |
|
137 |
|
|
|
138 |
|
|
my $sth2; |
139 |
|
|
|
140 |
dpavlin |
1.1 |
while (my ($osoba_id,$ime,$prezime,$sifra,$objekt,$kat,$soba,$shell) = $sth->fetchrow_array() ) { |
141 |
|
|
|
142 |
dpavlin |
1.3 |
$sth2 = $dbh->prepare("select max(status_tip_id) from status where osoba_id = $osoba_id") || die $dbh->errstr(); |
143 |
|
|
$sth2->execute() || die $sth2->errstr(); |
144 |
|
|
my ($max_status) = $sth2->fetchrow_array(); |
145 |
|
|
xdebug "max status zahtjeva $osoba_id je $max_status\n"; |
146 |
|
|
next if ($max_status > 3); # 3 .. otvoren |
147 |
|
|
|
148 |
dpavlin |
1.1 |
next if ($ime eq "ime" || $prezime eq "prezime"); |
149 |
|
|
|
150 |
|
|
if (!defined($ime) || !defined($prezime) || $ime eq "" || $prezime eq "") { |
151 |
|
|
xerror "preskacem red '$_'\n"; |
152 |
|
|
next; |
153 |
|
|
} |
154 |
|
|
|
155 |
|
|
$ime=nuke_chars($ime); |
156 |
|
|
$prezime=nuke_chars($prezime); |
157 |
|
|
|
158 |
dpavlin |
1.5 |
my ($prezime_za_login,$ime_za_login); |
159 |
dpavlin |
1.1 |
|
160 |
dpavlin |
1.4 |
if ($prezime =~ /[- ]/) { # dva prezimena prezime1-prezime2 |
161 |
|
|
($prezime_za_login,undef) = split(/[- ]/,$prezime,2); |
162 |
dpavlin |
1.1 |
} else { |
163 |
|
|
$prezime_za_login = $prezime; |
164 |
|
|
} |
165 |
|
|
|
166 |
dpavlin |
1.4 |
if ($ime =~ /[- ]/) { # dva imena ime1-ime2 |
167 |
|
|
($ime_za_login,undef) = split(/[- ]/,$ime,2); |
168 |
|
|
} else { |
169 |
|
|
$ime_za_login = $ime; |
170 |
|
|
} |
171 |
|
|
|
172 |
dpavlin |
1.1 |
my $add=""; |
173 |
|
|
my $login; |
174 |
|
|
|
175 |
|
|
do { |
176 |
dpavlin |
1.4 |
$login=substr($ime_za_login,0,1).substr($prezime_za_login,0,7-length($add)).$add; |
177 |
dpavlin |
1.2 |
$login =~ tr [A-Z] [a-z]; |
178 |
|
|
xdebug "$ime, $prezime login: $login\n"; |
179 |
|
|
$add++; |
180 |
dpavlin |
1.1 |
} while defined($etc_passwd{$login}); |
181 |
|
|
|
182 |
|
|
my $email_alias; |
183 |
|
|
|
184 |
|
|
$add=""; |
185 |
|
|
do { |
186 |
|
|
$email_alias="$ime.$prezime$add"; |
187 |
dpavlin |
1.4 |
$email_alias =~ s/ /./g; # space -> dot |
188 |
dpavlin |
1.1 |
$email_alias =~ tr [A-Z] [a-z]; |
189 |
|
|
xdebug "\t$email_alias\n"; |
190 |
|
|
$add++; |
191 |
|
|
} while defined($etc_aliases{$login}); |
192 |
|
|
|
193 |
|
|
|
194 |
|
|
my $group="users"; |
195 |
|
|
|
196 |
|
|
if (defined($etc_passwd{$login})) { |
197 |
dpavlin |
1.3 |
xerror "preskocen: $ime $prezime osoba_id=$osoba_id (postoji isti login $login)\n"; |
198 |
dpavlin |
1.1 |
$dbh->do("insert into status (osoba_id,kontakt_osoba_id,datum,status_tip_id) values ($osoba_id,3,'now'::datetime,4)") if (! $debug); |
199 |
|
|
next; |
200 |
|
|
} |
201 |
|
|
|
202 |
|
|
push @mail_to,$email_alias; |
203 |
|
|
|
204 |
|
|
my @saltch = ( 'a'..'z','0'..'9','A'..'Z' ); |
205 |
|
|
my @passwdch = ( 'a'..'k','m'..'z','2'..'9','A'..'H','J'..'N','P'..'Z', |
206 |
|
|
'!','#','$','%','&','(',')','=','-','/','?' ); |
207 |
|
|
|
208 |
|
|
my $passwd=""; |
209 |
|
|
for (1..8) { $passwd.=$passwdch[int(rand($#passwdch))] }; |
210 |
|
|
|
211 |
|
|
my $salt = $saltch[int(rand($#saltch))].$saltch[int(rand($#saltch))]; |
212 |
|
|
my $crypt_passwd = crypt($passwd,$salt); |
213 |
|
|
|
214 |
dpavlin |
1.9 |
$max_uid++; |
215 |
dpavlin |
1.1 |
my $loc=""; |
216 |
|
|
$loc.=$objekt if (defined($objekt)); |
217 |
|
|
$loc.=" $kat" if (defined($kat)); |
218 |
|
|
$loc.=" $soba" if (defined($soba)); |
219 |
|
|
my $full_name="$ime $prezime,$loc,$sifra"; |
220 |
|
|
$full_name=~s/, +/,/g; |
221 |
|
|
$full_name=~s/ +:/:/g; |
222 |
|
|
$full_name=~s/ +/ /g; |
223 |
|
|
$full_name=nuke_chars($full_name); |
224 |
dpavlin |
1.6 |
if ($shell) { |
225 |
dpavlin |
1.1 |
$shell="/usr/local/bin/bash"; |
226 |
|
|
} else { |
227 |
|
|
$shell="/usr/bin/false"; |
228 |
|
|
} |
229 |
|
|
my $dir="/usr/users/$login"; |
230 |
|
|
|
231 |
|
|
die "Nema grupe $group!" if (! defined($group_id{$group})); |
232 |
dpavlin |
1.9 |
xdebug "$login:$passwd:$max_uid:$group_id{$group}:$full_name:$dir:$shell\n"; |
233 |
dpavlin |
1.1 |
|
234 |
dpavlin |
1.9 |
print NPASSWD "$login:$crypt_passwd:$max_uid:$group_id{$group}:$full_name:$dir:$shell\n"; |
235 |
dpavlin |
1.1 |
$dbh->do("insert into racuni (osoba_id,login,passwd) values ($osoba_id,'$login','$passwd')") if (! $debug); |
236 |
|
|
$etc_passwd{$login}=$full_name; |
237 |
|
|
|
238 |
|
|
if (defined($etc_aliases{$email_alias})) { |
239 |
dpavlin |
1.3 |
xerror "upozorenje: $ime $prezime osoba_id=$osoba_id (postoji e-mail alias) -- $email_alias\n"; |
240 |
dpavlin |
1.1 |
print NALIAS "$email_alias:\t$login,$etc_aliases{$email_alias}\n"; |
241 |
|
|
} else { |
242 |
|
|
print NALIAS "$email_alias:\t$login\n"; |
243 |
|
|
} |
244 |
|
|
|
245 |
|
|
$dbh->do("insert into e_mail (osoba_id,alias) values ($osoba_id,'$email_alias')") if (! $debug); |
246 |
|
|
$etc_aliases{$email_alias}=$login; |
247 |
|
|
|
248 |
|
|
#---- C2 security |
249 |
|
|
# if (!$debug || 1) { |
250 |
|
|
# open(AUTH,">> $0.auth"); |
251 |
dpavlin |
1.9 |
# print AUTH "$login:u_name=$login:u_id#$max_uid:u_pwd=$crypt_passwd:u_succhg#",time,":u_lock\@:chkent:\n"; |
252 |
dpavlin |
1.1 |
# close(AUTH); |
253 |
|
|
# } |
254 |
|
|
|
255 |
|
|
system "mkdir -p $dir ; mkdir $dir/bin ; \ |
256 |
dpavlin |
1.9 |
chown -R $max_uid:$group_id{$group} $dir ; chmod 755 $dir" if (! $debug); |
257 |
dpavlin |
1.1 |
|
258 |
dpavlin |
1.7 |
$dbh->do("insert into status (osoba_id,kontakt_osoba_id,datum,status_tip_id) values ($osoba_id,$ko_id,'now'::datetime,3)") if (! $debug); |
259 |
dpavlin |
1.1 |
|
260 |
|
|
$max_osoba_id = $osoba_id if ($max_osoba_id < $osoba_id) ; |
261 |
|
|
} |
262 |
|
|
|
263 |
|
|
$dbh->do("insert into last_open values ('now',$max_osoba_id)") if (! $debug); |
264 |
|
|
|
265 |
|
|
close(NPASSWD); |
266 |
|
|
close(NALIAS); |
267 |
|
|
|
268 |
dpavlin |
1.8 |
$sth->finish; |
269 |
|
|
undef $sth; |
270 |
|
|
if (defined($sth2)) { |
271 |
|
|
$sth2->finish; |
272 |
|
|
undef $sth2; |
273 |
|
|
} |
274 |
dpavlin |
1.1 |
$dbh->disconnect; |
275 |
|
|
|
276 |
|
|
system "mv /etc/passwd passwd.orig" if (! $debug); |
277 |
|
|
system "cp passwd.new /etc/passwd" if (! $debug); |
278 |
|
|
system "chmod 644 /etc/passwd" if (! $debug); |
279 |
|
|
system "/usr/sbin/mkpasswd /etc/passwd" if (! $debug); |
280 |
|
|
system "mv /etc/aliases aliases.orig" if (! $debug); |
281 |
|
|
system "cp aliases.new /etc/aliases" if (! $debug); |
282 |
|
|
system "chmod 644 /etc/aliases" if (! $debug); |
283 |
|
|
system "/usr/sbin/newaliases" if (! $debug); |
284 |
|
|
#system "/tcb/bin/edauth -s < $0.auth" if (! $debug); |
285 |
|
|
|
286 |
|
|
foreach my $alias (@mail_to) { |
287 |
|
|
system "/usr/lib/sendmail $alias < mail.txt" if (! $debug); |
288 |
|
|
} |