amazing. thanks so much!
cheers, dan
On 21.02.2012 23:23, Phillip Wyman wrote:
> Here is a script I wrote for syncing the shadow file to SOGo's SQL database.
> I have it run in cron every minute, and redirect its output to a log file
> with the correct permissions.
> This is using SOGo's crypt password storage option (undocumented last time I
> checked).
>
> The variables at the top are fairly self-explanatory.
> The MIN_UID constant defines what the minimum uid in /etc/passwd to sync
> above is.
> The excluded users array allows you to specify certain users in /etc/passwd
> not to sync.
>
> Now for my brief disclaimer :
>
> I haven't scrutinized this script much for security, I take no responsibility
> for any side effects, and it comes with no warranty.
>
> Maybe it will help.
>
> #!/usr/bin/php
> <?php
> define ('SOGO_DBHOST', 'localhost');
> define ('SOGO_DBUSER', 'sogouser');
> define ('SOGO_DBPASS', '12345');
> define ('SOGO_DBNAME', 'sogo');
>
> define ('DOMAIN', 'yourdomain.com');
> define ('SHADOW_FILE', '/etc/shadow');
> define ('PASSWD_FILE', '/etc/passwd');
> define ('MIN_UID', '1000');
>
> $excluded_users = array ();
> $excluded_users[] = 'webadmin';
> $excluded_users[] = 'scanner';
> $excluded_users[] = 'temp';
> $excluded_users[] = 'sogo';
>
> $sogo_rows = array ();
>
> $fc = file(PASSWD_FILE);
>
> if (!($fc)) {
> echo "\n" . 'Could not obtain the contents of : ' . PASSWD_FILE . "\n";
> exit(1);
> }
>
> foreach ($fc as $line)
> {
> $line = rtrim($line);
> $line_slices = explode(':',$line);
>
> $username = $line_slices[0];
>
> if (in_array($username,$excluded_users)) {
> continue;
> }
>
> $uid = $line_slices[2];
>
> if ($uid < MIN_UID) {
> continue;
> }
>
> $comment = $line_slices[4];
>
> if (empty($comment)) {
> $comment = $username;
> }
>
> $email = $username . '@' . DOMAIN;
>
> $sogo_rows[$username] = array('uid' => $uid, 'comment' => $comment, 'email'
> => $email);
> }
>
> $fc = file(SHADOW_FILE);
>
> if (!($fc)) {
> echo "\n" . 'Could not obtain the contents of : ' . SHADOW_FILE . "\n";
> exit(1);
> }
>
> foreach ($fc as $line)
> {
> $line = rtrim($line);
> $line_slices = explode(':',$line);
>
> $username = $line_slices[0];
>
> if (!array_key_exists($username,$sogo_rows)) {
> continue;
> }
>
> $sogo_rows[$username]['hash'] = $line_slices[1];
> }
>
> if (sizeof($sogo_rows) == 0) {
> echo "\n" . 'No valid users to add were found.' . "\n";
> exit(1);
> }
>
> $sogo_dbcon = mysql_connect(SOGO_DBHOST,SOGO_DBUSER,SOGO_DBPASS,TRUE);
>
> if (!($sogo_dbcon)) {
> die('Error connecting to mysql: ' . mysql_error());
> }
>
> mysql_select_db(SOGO_DBNAME, $sogo_dbcon) or die('Error: Could not select
> database ' . $sogo_dbname);
>
> foreach ($sogo_rows as $username => $user_attrs) {
> $username = mysql_real_escape_string($username);
>
> $query = "SELECT c_password,c_cn FROM sogo_view WHERE c_uid='$username'";
> $result = mysql_query($query,$sogo_dbcon);
>
> $num_rows = mysql_num_rows($result);
>
> if ($num_rows == 0) {
> $user_attrs = array_map('mysql_real_escape_string', $user_attrs);
>
> $query = "INSERT into sogo_view (c_uid,c_name,c_password,c_cn,mail)
> VALUES
> ('$username','$username','$user_attrs[hash]','$user_attrs[comment]','$user_attrs[email]')";
> $result = mysql_query($query,$sogo_dbcon);
>
> if (!($result)) {
> mysql_close($sogo_dbcon);
> echo "\n" . 'Failed adding user : ' . $username . ' to sogo_view
> table.' . "\n";
> exit(1);
> }
>
> echo "\n" . 'Added user : ' . $username . ' to sogo_view table.' . "\n";
> }
> else {
> $row = mysql_fetch_assoc($result);
>
> $query_str = '';
>
> if ($user_attrs['hash'] != $row['c_password']) {
> $user_attrs['hash'] = mysql_real_escape_string($user_attrs['hash']);
>
> $query_str .= "c_password='$user_attrs[hash]',";
> }
>
> if ($user_attrs['comment'] != $row['c_cn']) {
> $user_attrs['comment'] =
> mysql_real_escape_string($user_attrs['comment']);
>
> $query_str .= "c_cn='$user_attrs[comment]',";
> }
>
> if (!empty($query_str)) {
> $query_str = rtrim($query_str,',');
>
> $query_str = 'UPDATE sogo_view set ' . $query_str . " WHERE
> c_uid='$username'";
> $result = mysql_query($query_str,$sogo_dbcon);
>
> if (!($result)) {
> mysql_close($sogo_dbcon);
> echo "\n" . 'Failed updating data for : ' . $username . ' in
> sogo_view table.' . "\n";
> exit(1);
> }
>
> echo "\n" . 'Updated data for : ' . $username . ' in sogo_view table.'
> . "\n";
>
> //Disabled reloading of memcached for now, instead the
> "SOGoCacheCleanupInterval" setting has been lowered
> //from the default of 300 seconds to 30
> //$result = system('/etc/init.d/memcached reload');
>
> //echo "\n" . $result . "\n";
> }
> }
> }
>
> ?>
>
> On 02/18/2012 02:54 AM, Daniel Erlacher wrote:
>> Hello
>>
>> I am running a ISPconfig installation and ideally it would
>> be possible to sync the usernames and passwords from /etc/shadow
>> with the mysql authentification that i am using for sogo.
>>
>> is there any chance that this is developed? it would be highly appreciated.
>>
>> there was a discussion on this list already, in 2010:
>> http://www.mail-archive.com/[email protected]/msg02552.html
>>
>> ISPconfig uses basically crypt-md5 with salt, which is the same that
>> debian uses in /etc/shadow or passwd.
>>
>> thanks
>> dan
>>
>>
>>
>>
>
>
>
>
> The information contained in this e-mail message may be privileged,
> confidential and protected from disclosure. If you are not the intended
> recipient, any dissemination, distribution or copying is strictly prohibited.
> If you think that you have received this e-mail message in error, please
> e-mail the sender at the above e-mail address.
>
--
>> http://skillz.biz <<
>> professional services & more <<
--
[email protected]
https://inverse.ca/sogo/lists
