notdcc: misc/newwebuser.in comparison

comparison misc/newwebuser.in @ 0:c7f6b056b673

First import of vendor version

author	Peter Gervai <grin@grin.hu>
date	Tue, 10 Mar 2009 13:49:58 +0100
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:c7f6b056b673
+#! /bin/sh -e
+# create a per-user whitelist target directory, password, and so forth.
+# This script creates the directories needed for per-addressee white
+#   lists and log directories.  It also runs htpasswd to create an entry
+#   in the Apache password file for the userdirs directory.
+# The files and directories must be writable by both the httpd and dccm
+#   processes.  That is assumed to be arranged by having the processes share
+#   a group such as "www" and using a umask of 007.
+#   The dccm log directories and files should not be globally readable
+#   to protect the privacy of mail.
+#   If dccm is run by a "user" such as "dcc", you might be able to
+#   use suEXEC.  You might need to make a symbolic of ~dcc/public_html"
+#   to ~dcc/userdirs.
+# The web "usernames" are related the per-user white list directory names
+#   see in DCC log files.  The white list and log directory in
+#   "userdirs/local/xxx" is accessed with the user name "xxx".
+#   "userdirs/esmtp/xxx@example.com" uses the user name "esmtp/xxx@example.com
+# One additional directory named @prefix@/userdirs/tmp is created for the
+#   CGI scripts that manage the per-user white lists and logs.
+# Copyright (c) 2008 by Rhyolite Software, LLC
+#
+# This agreement is not applicable to any entity which sells anti-spam
+# solutions to others or provides an anti-spam solution as part of a
+# security solution sold to other entities, or to a private network
+# which employs the DCC or uses data provided by operation of the DCC
+# but does not provide corresponding data to other users.
+#
+# Permission to use, copy, modify, and distribute this software without
+# changes for any purpose with or without fee is hereby granted, provided
+# that the above copyright notice and this permission notice appear in all
+# copies and any distributed versions or copies are either unchanged
+# or not called anything similar to "DCC" or "Distributed Checksum
+# Clearinghouse".
+#
+# Parties not eligible to receive a license under this agreement can
+# obtain a commercial license to use DCC by contacting Rhyolite Software
+# at sales@rhyolite.com.
+#
+# A commercial license would be for Distributed Checksum and Reputation
+# Clearinghouse software.  That software includes additional features.  This
+# free license for Distributed ChecksumClearinghouse Software does not in any
+# way grant permision to use Distributed Checksum and Reputation Clearinghouse
+# software
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND RHYOLITE SOFTWARE, LLC DISCLAIMS ALL
+# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL RHYOLITE SOFTWARE, LLC
+# BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
+# OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
+# ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
+#	Rhyolite Software DCC 1.3.103-1.11 $Revision$
+#	@configure_input@
+exec 1>&2 </dev/null
+# Since the CGI scripts cannot accept args and so must rely on the
+#   DCC parameter file in the built-in homedir, do the same here.
+DCC_HOMEDIR=@prefix@
+. $DCC_HOMEDIR/dcc_conf
+USAGE="`basename $0`: [-x] [-p htpasswd-pgm] [-g group] [-P whitelist-prototype] username"
+HTPASSWD=@HTPASSWD@
+GROUP=www
+while getopts "xp:g:P:" c; do
+case $c in
+	x) set -x;;
+	p) HTPASSWD=$OPTARG;;
+	g) GROUP="$OPTARG";;	    #GID shared with httpd
+	P) PROTO="$OPTARG";;
+	*) echo "$USAGE" 1>&2; exit 1;;
+esac
+done
+shift `expr $OPTIND - 1 || true`
+if test "$#" -ne 1 -o -z "$1"; then
+echo "$USAGE" 1>&2
+exit 1
+fi
+USER=$1
+if test -z "$DCCM_USERDIRS"; then
+cat <<EOF 1>&2
+Per-user white lists require DCCM_USERDIRS defined in$DCC_HOMEDIR/dcc_conf.
+Please consider installing a new version of dcc_conf.
+EOF
+exit 1
+fi
+if test ! -r $DCC_HOMEDIR/ids; then
+if test -n "$DCCUID"; then
+	echo "`basename $0: must be run by root or $DCCUID" 1>&2
+else
+	echo "`basename $0: must be run by root" 1>&2
+fi
+exit 1
+fi
+USERDIRS=$DCC_HOMEDIR/$DCCM_USERDIRS
+WEBUSERS=$USERDIRS/webusers
+TMP_DIR=$USERDIRS/tmp
+USER=`expr "$USER" : "$DCCM_USERDIRS/\(.*\)" \| "$USER"`
+LOCAL_DIR=`expr "$USER" : '\(..*\)/..*' || true`
+if test -z "$LOCAL_DIR"; then
+LOCAL_DIR="$USERDIRS/local"
+PER_USER="$USERDIRS/local/$USER"
+else
+USER=`expr "$USER" : 'local/\(.*\)' \| "$USER"`
+LOCAL_DIR="$USERDIRS/$LOCAL_DIR"
+PER_USER="$USERDIRS/$USER"
+fi
+# create the directories
+#   (some systems don't have `mkdir -p`)
+for nm in "$USERDIRS" "$TMP_DIR" "$LOCAL_DIR" "$PER_USER" "$PER_USER/log"; do
+if test ! -d "$nm"; then
+	mkdir "$nm"
+fi
+done
+# create the initial whiteclnt file
+#   copy the prototype
+if test ! -s $PER_USER/whiteclnt; then
+date "+# white list for $USER%n#%n#%n#webuser created %x %X %Z%n" \
+	> "$PER_USER/whiteclnt"
+if test "$PROTO" != ""; then
+	cat "$PROTO" >> "$PER_USER/whiteclnt"
+fi
+fi
+# Add the username and password to the htpasswd file
+#   Create the htpasswd file for the first user.
+if test ! -f $WEBUSERS; then
+$HTPASSWD -c $WEBUSERS "$USER"
+else
+$HTPASSWD $WEBUSERS "$USER"
+fi
+# set permissions of existing files and directories in case they're wrong
+chgrp $GROUP "$USERDIRS" "$TMP_DIR" "$PER_USER" "$PER_USER/log"
+chgrp $GROUP "$PER_USER/whiteclnt" $WEBUSERS
+if test -n "$DCCUID"; then
+chown $DCCUID $WEBUSERS "$USERDIRS" "$TMP_DIR" "$LOCAL_DIR"
+chown $DCCUID "$PER_USER" "$PER_USER/log" "$PER_USER/whiteclnt"
+fi
+chmod g=rwx "$USERDIRS" "$TMP_DIR" "$PER_USER" "$PER_USER/log"
+chmod g=rw "$PER_USER/whiteclnt" $WEBUSERS
+chmod o= "$PER_USER/log" $WEBUSERS

Mercurial > notdcc

comparison misc/newwebuser.in @ 0:c7f6b056b673