[pve-devel] r4851 - pve-access-control/trunk
svn-commits at proxmox.com
svn-commits at proxmox.com
Tue Jun 29 08:14:26 CEST 2010
Author: dietmar
Date: 2010-06-29 06:14:25 +0000 (Tue, 29 Jun 2010)
New Revision: 4851
Modified:
pve-access-control/trunk/AccessControl.pm
pve-access-control/trunk/ChangeLog
pve-access-control/trunk/pveum
Log:
* AccessControl.pm (add_user): moved functionality to modify_user and
removed subroutine (Seth)
* pveum: useradd command no longer requires a password and now uses
modify_user (Seth)
Modified: pve-access-control/trunk/AccessControl.pm
===================================================================
--- pve-access-control/trunk/AccessControl.pm 2010-06-28 09:21:00 UTC (rev 4850)
+++ pve-access-control/trunk/AccessControl.pm 2010-06-29 06:14:25 UTC (rev 4851)
@@ -432,77 +432,66 @@
return secure_exec($ticket, 'create_ticket', [ @param ]);
}
-sub add_user {
- my ($newusername, $passwd, $opts) = @_;
+sub modify_user {
+ my ($username, $opts) = @_;
+
my $domain;
- ($newusername, undef, $domain) = verify_username ($newusername);
+ ($username, undef, $domain) = verify_username ($username);
+ die "modify failed: username '$username' contains invalid characters\n" if !$username;
+
my $usercfg = load_user_config();
- die "user '$newusername' already exists\n"
- if $usercfg->{users}->{$newusername};
+ if ($opts->{create}) {
- if (!$domain) {
- die "missing password\n" if !$passwd;
+ die "user '$username' already exists\n"
+ if $usercfg->{users}->{$username};
+
+ warn "ignore password - can't set password on auth domain '$domain'\n" if $domain && $opts->{passwd};
- # fixme: store password somewhere into a protected file
- } else {
- die "can't set password on auth domain '$domain'\n" if $passwd;
- }
+ store_shadow_passwd() if !$domain && $opts->{passwd};
- warn "add user $newusername, $passwd not implemented\n";
+ enable_user ($username, $usercfg);
- $usercfg->{users}->{$newusername} = { enabled => 1 };
- if ($opts->{groups}) {
- foreach my $group (split_list ($opts->{groups})) {
- if ($usercfg->{groups}->{$group}) {
- add_user_group ($newusername,$usercfg,$group);
- } else {
- warn "ignore group '$group' - no such group\n";
- next;
+ if ($opts->{groups}) {
+ foreach my $group (split_list ($opts->{groups})) {
+ if ($usercfg->{groups}->{$group}) {
+ add_user_group ($username,$usercfg,$group);
+ } else {
+ warn "ignore group '$group' - no such group\n";
+ next;
+ }
}
}
- }
- save_user_config ($usercfg);
-}
+ } else {
-sub modify_user {
+ die "user '$username' does not exist\n" if !$usercfg->{users}->{$username};
- my ($username, $opts) = @_;
-
- ($username, undef, undef) = verify_username ($username);
-
- die "modify failed: username '$username' contains invalid characters\n" if !$username;
-
- my $usercfg = load_user_config();
-
- die "user '$username' does not exist\n" if !$usercfg->{users}->{$username};
-
- enable_user ($username,$usercfg) if $opts->{unlock} &&
- !$usercfg->{users}->{$username}->{enabled};
- disable_user ($username,$usercfg) if $opts->{lock} &&
- $usercfg->{users}->{$username}->{enabled};
- delete_user_group ($username,$usercfg) if (!$opts->{append} && $opts->{groups});
- if ($opts->{groups}) {
- foreach my $group (split_list ($opts->{groups})) {
- if ($usercfg->{groups}->{$group}) {
- add_user_group ($username,$usercfg,$group);
- } else {
- warn "ignore group '$group' - no such group\n";
- next;
+ enable_user ($username,$usercfg) if $opts->{unlock} &&
+ !$usercfg->{users}->{$username}->{enabled};
+ disable_user ($username,$usercfg) if $opts->{lock} &&
+ $usercfg->{users}->{$username}->{enabled};
+ delete_user_group ($username,$usercfg) if (!$opts->{append} && $opts->{groups});
+ if ($opts->{groups}) {
+ foreach my $group (split_list ($opts->{groups})) {
+ if ($usercfg->{groups}->{$group}) {
+ add_user_group ($username,$usercfg,$group);
+ } else {
+ warn "ignore group '$group' - no such group\n";
+ next;
+ }
}
}
+
+ change_password ($username,$usercfg) if $opts->{password};
+ name_user ($username,$usercfg) if $opts->{name};
+ comment_user ($username,$usercfg) if $opts->{comment};
}
- change_password ($username,$usercfg) if $opts->{password};
- name_user ($username,$usercfg) if $opts->{name};
- comment_user ($username,$usercfg) if $opts->{comment};
-
save_user_config ($usercfg);
-
}
sub delete_user {
@@ -523,6 +512,13 @@
}
+sub store_shadow_passwd {
+
+ warn "store shadow password not implemented yet\n";
+ # fixme: store password somewhere into a protected file
+
+}
+
sub add_user_group {
my ($username,$usercfg,$group) = @_;
Modified: pve-access-control/trunk/ChangeLog
===================================================================
--- pve-access-control/trunk/ChangeLog 2010-06-28 09:21:00 UTC (rev 4850)
+++ pve-access-control/trunk/ChangeLog 2010-06-29 06:14:25 UTC (rev 4851)
@@ -2,6 +2,12 @@
* pveum: new groupadd/groupdel (patch from Seth)
+ * AccessControl.pm (add_user): moved functionality to modify_user and
+ removed subroutine (Seth)
+
+ * pveum: useradd command no longer requires a password and now uses
+ modify_user (Seth)
+
2010-06-25 Proxmox Support Team <support at proxmox.com>
* AccessControl.pm (modify_user): include patch from Seth
Modified: pve-access-control/trunk/pveum
===================================================================
--- pve-access-control/trunk/pveum 2010-06-28 09:21:00 UTC (rev 4850)
+++ pve-access-control/trunk/pveum 2010-06-29 06:14:25 UTC (rev 4851)
@@ -69,7 +69,7 @@
my $opts = {};
- if (!GetOptions ($opts,'groups=s')) {
+ if (!GetOptions ($opts, 'groups=s', 'password')) {
exit (-1);
}
@@ -77,9 +77,9 @@
die "no username specified\n" if !$username;
- my $passwd = read_password();
-
- PVE::AccessControl::add_user($username, $passwd, $opts);
+ $opts->{password} = read_password() if $opts->{password};
+ $opts->{create} = 1;
+ PVE::AccessControl::modify_user($username, $opts);
exit(0);
More information about the pve-devel
mailing list