The name of the file mentioned below should be cvsuseradmins, and not cvsadminusers. My bad :-(
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rudy Zung Sent: Wednesday, April 12, 2006 3:57 PM To: Troubled User; [email protected] Subject: RE: cvs passwd management Two scripts supplied gratis and as is. Written specifically for my needs, and I am unlikely to entertain any maintenance requests for it. Idiosyncracies: call cvsuser script with arguments (see below); cvsuser will call cryptout.pl, so you generally won't need to deal with cryptout directly. You must be in the CVSROOT directory where the cvs passwd (NOT the /etc/passwd) file is located when you invoke cvsuser. My implementation of cvsuser also requires your Unix login name be present in a file called cvsadminusers, which should be in the same directory as the CVSROOT/passwd file. It really doesn't give you much protection, just enough to prevent my people from accidentally running the script; you can probably comment out that whole block from cvsuser. Usage: Add user to CVSROOT: cvsuser <username> <password> Remove user from CVSROOT: cvsuser <username> Copy password from another CVSROOT: cvsuser <username> /<rootName> This last one has been hardcoded to my intallation where all my roots are under /cvs; so to copy joeuser from /cvs/someOtherProject, you use: cvsuser joeuser /someOtherProject This also precludes people from having a password that starts with an initial forward slash. ...Rudy First script: /usr/local/bin/cryptout.pl: ======= start script ======= #!/usr/bin/perl # take from fogel CVS book page 114 srand (time()); my $randletter = "(int rand(2) + 0.5) % 2 ? (int rand(10) + 48) : (int (rand(26)) + (int (rand(1) + .5) % 2 ? 65 : 97))"; my $salt = sprintf("%c%c", eval $randletter, eval $randletter); my $plaintext = shift; my $crypttext = crypt($plaintext, $salt); print "${crypttext}\n"; ======= end script ======= Second script: /usr/local/bin/cvsuser: ======= start script ======= #!/bin/sh CHGRP=/bin/chgrp CHMOD=/bin/chmod ECHO=/bin/echo GREP=/bin/grep LN=/bin/ln RM=/bin/rm if (( ($# < 1) || ($# > 3) )) ; then $ECHO "usage: $0 username [ password | /cvsrootname ]" $ECHO " blank password deletes user" exit 1 fi if [[ ( `/bin/pwd | cut -c 1-9` != /usr/cvs/ ) && \ ( `/bin/pwd | cut -c 1-5` != /cvs/ ) ]] ; then $ECHO Can only be run under /cvs tree exit 2 fi if [[ ! -e cvsuseradmins ]] ; then $ECHO No cvsuseradmins file found exit 3 fi if [ `/usr/bin/id -u` -ne 0 ] ; then if ( ! { $GREP `/usr/bin/whoami` cvsuseradmins > /dev/null ; } ) ; then $ECHO You are not a CVS user administrator for this CVSROOT exit 4 fi fi if [[ ! -e passwd ]] ; then $ECHO No passwd file found exit 5 fi #if [[ ! -O passwd ]] ; then # echo Unwilling to modify passwd file owned by \ # `/bin/ls -l passwd | cut -d " " -f 5` # exit 9 #fi if [ -e passwd.tmp ] ; then $RM -f passwd.tmp fi $GREP -v ^$1: passwd | $GREP -v ^\$ > passwd.tmp $CHGRP cvs passwd.tmp $CHMOD ug=rw,o-rwx passwd.tmp if [ -z $2 ] ; then if ( { /usr/bin/diff passwd passwd.tmp > /dev/null ; } ) ; then $ECHO No $1 to remove else $ECHO Removed $1 fi else if [[ `$ECHO $2 | cut -c 1` == '/' ]] ; then # /bin/grep ^$1: $2 >> passwd.tmp $GREP ^$1: ../../${2}/CVSROOT/passwd >> passwd.tmp if ( ! { $GREP $1: passwd.tmp > /dev/null ; } ) ; then $ECHO User $1 failed to appear in the passwd file $RM passwd.tmp exit 10 fi else $ECHO $1:`/usr/local/bin/cryptout.pl $2`:${3:-cvs} >> passwd.tmp if ( ! { $GREP $1: passwd.tmp > /dev/null ; } ) ; then $ECHO User $1 failed to appear in the passwd file\; reverting $RM passwd.tmp exit 11 fi fi fi # lossless operation to hardlink a backup, then hardlink passwd to the tmp /$LN -f passwd passwd.bak /$LN -f passwd.tmp passwd # this is correct: if we have a good passwd file, we can rm the tmp if [ -e passwd ] ; then $RM -f passwd.tmp fi ======= end script ======= ...Rudy -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Troubled User Sent: Wednesday, April 12, 2006 12:42 PM To: [email protected] Subject: cvs passwd management Im trying to find a tool that will help me edit the cvsroot/passwd file. (there are multiple cvsroots / passwd files involved) I'm in the middle of writing a perl script, but i don't like the way it works. It basically does the following: 1. copy passwd to passwd.tmp 2. read passwd.tmp. 2a. (for each line) if the user on the current line is Not the user im trying to edit, then print the current line to passwd. If it is the user im editing, then print a variable containing the new value to passwd instead of what was in passwd.tmp 2b. If the user was not in passwd.tmp, add an entry for the new user to the end of passwd 3. delete passwd.tmp this will work, but i just think it's sloppy, and would rather use a tool that is already been developed. _______________________________________________ info-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/info-cvs _______________________________________________ info-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/info-cvs _______________________________________________ info-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/info-cvs
