Coda File System

Re: scriptable user additions/password changes?

From: Jan Harkes <jaharkes_at_cs.cmu.edu>
Date: Thu, 19 Aug 1999 10:29:56 -0400
On Wed, Aug 18, 1999 at 11:05:20PM -0700, Coda wrote:
> 
> Hi.  I'd like to be able to incorporate username, uid, password, and
> access assignments for coda users into some perl scripts that I currently
> use to make administration on my system easy (your basic adduser, deluser,
> password change kind of scripts)
> 
> what is the best way to add coda users, delete coda users, change
> coda passwords, and modify the acls of volumes, by way of a perl script?
> 
> -- Jonathan

Hi Jonathan,

I saw that Clement already followed up, but here is the sequence I use:

#!/bin/sh
# assuming the 5.2.x version of pdbtool
# a coda-client installed on the SCM.

USER=$1
USERID=$2
#########################################################
# Add user and add the user to the appropriate groups
pdbtool << EOF
aui $USER $USERID			#   Add user with userid
ag -221 $USERID				#   Add userid to groupid
EOF

# Activate the user in the auth2 database
au -h $SCM nu << EOF
jaharkes				#   Administrator name
......					#   Administrators password
$USER					#   New user id
random					#   New user's password
					#   Empty info line (not used afaik)
EOF

# the following stuff needs to be run on a Coda client (the SCM could
# also run this client)

# Create a new volume for this user
createvol_rep u.$USER E0000157 /vicepa << EOF
y					# yes, we want backups
Wed					# We still have some space on wednesday
EOF

# Mount the user's volume
cfs mkm /coda/usr/$USER u.$USER		# create mountpoint for the new volume
cfs sa /coda/usr/$USER sa $USER all     # give the user access to his volume

echo "done"
exit
#########################################################
# In 5.3.x I would use pdbtool something like:

pdbtool aui $USER $USERID
for group in System:coda Braam:Developers ; do
    groupid=`pdbtool l System:coda | cut -d' ' -f 4`
    pdbtool ag $groupid $USERID
done


Ofcourse, there are so many things that can go wrong in this sequence.
Especially in the 'cfs mkm/cfs sa' phases, since the new user/volume
information is not alway promptly propagated (f.i. a server's
updateclnt, or the SCM's updatesrv might have crashed).

So I normally just do it by hand. I also don't have 100's of users to
add ;). Looking at this sequence, Some tools could be improved:

pdbtool:
 - add a user _name_ to a _named_ group. The best solution would
   probably be to `generalize' the processing of id-numbers, by allowing
   names to be entered in places we currently expect an id. Whenever the
   id is not a numeric value, assume it is a name, and perform a lookup.

au:
 - Accept on the commandline:
     au nu <adminname> <username> <userpassword> [<userinfo>]

   And only query for the administrator's password. This way the
   password doesn't need to be stored in the script.

createvol_rep:
 - Accept a dumpday on the commandline. If dayname is None, no backups,
   and when not specified query like we do now.

Jan
Received on 1999-08-19 10:31:22