(Illustration by Gaich Muramatsu)
On Wed, Aug 18, 1999 at 11:05:20PM -0700, Coda wrote: > > Hi. I'd like to be able to incorporate username, uid, password, and > access assignments for coda users into some perl scripts that I currently > use to make administration on my system easy (your basic adduser, deluser, > password change kind of scripts) > > what is the best way to add coda users, delete coda users, change > coda passwords, and modify the acls of volumes, by way of a perl script? > > -- Jonathan Hi Jonathan, I saw that Clement already followed up, but here is the sequence I use: #!/bin/sh # assuming the 5.2.x version of pdbtool # a coda-client installed on the SCM. USER=$1 USERID=$2 ######################################################### # Add user and add the user to the appropriate groups pdbtool << EOF aui $USER $USERID # Add user with userid ag -221 $USERID # Add userid to groupid EOF # Activate the user in the auth2 database au -h $SCM nu << EOF jaharkes # Administrator name ...... # Administrators password $USER # New user id random # New user's password # Empty info line (not used afaik) EOF # the following stuff needs to be run on a Coda client (the SCM could # also run this client) # Create a new volume for this user createvol_rep u.$USER E0000157 /vicepa << EOF y # yes, we want backups Wed # We still have some space on wednesday EOF # Mount the user's volume cfs mkm /coda/usr/$USER u.$USER # create mountpoint for the new volume cfs sa /coda/usr/$USER sa $USER all # give the user access to his volume echo "done" exit ######################################################### # In 5.3.x I would use pdbtool something like: pdbtool aui $USER $USERID for group in System:coda Braam:Developers ; do groupid=`pdbtool l System:coda | cut -d' ' -f 4` pdbtool ag $groupid $USERID done Ofcourse, there are so many things that can go wrong in this sequence. Especially in the 'cfs mkm/cfs sa' phases, since the new user/volume information is not alway promptly propagated (f.i. a server's updateclnt, or the SCM's updatesrv might have crashed). So I normally just do it by hand. I also don't have 100's of users to add ;). Looking at this sequence, Some tools could be improved: pdbtool: - add a user _name_ to a _named_ group. The best solution would probably be to `generalize' the processing of id-numbers, by allowing names to be entered in places we currently expect an id. Whenever the id is not a numeric value, assume it is a name, and perform a lookup. au: - Accept on the commandline: au nu <adminname> <username> <userpassword> [<userinfo>] And only query for the administrator's password. This way the password doesn't need to be stored in the script. createvol_rep: - Accept a dumpday on the commandline. If dayname is None, no backups, and when not specified query like we do now. JanReceived on 1999-08-19 10:31:22