#!/opt/bin/perl # ######################################################################### # # # Programm zur Ueberpruefung der neuen Passwd- und Group-Datei # # # ######################################################################### # # # Version 1.0 - Written 02.04.95 by Steffen Beyer # # Version 1.0.1 - Written 04.04.95 by Steffen Beyer # # Version 1.0.2 - Written 11.04.95 by Steffen Beyer # # Version 1.0.3 - Written 13.04.95 by Steffen Beyer # # Version 1.0.4 - Written 15.04.95 by Steffen Beyer # # Version 1.0.5 - Written 04.05.95 by Steffen Beyer # # # ######################################################################### # # # Copyright (C) 1995 by software design & management GmbH & Co. KG # # # ######################################################################### # # Einige wichtige Defaulteinstellungen: # $version = 'Version 1.0.5'; # $self = $0; # if ($self =~ /^.*\/([^\/]+)$/) { $self = $1; } # $PWD_FILE = '/g/sysadm/etc.passwd.new'; $GRP_FILE = '/g/sysadm/etc.group.new'; # $pwd_file = $PWD_FILE; $grp_file = $GRP_FILE; # $site_name{'HH'} = 'Hamburg'; $site_name{'RAT'} = 'Ratingen'; $site_name{'FFM'} = 'Frankfurt a.M.'; $site_name{'BI'} = 'Muenchen (BI)'; $site_name{'FI'} = 'Muenchen (FI)'; # $site_special{'HH'} = 8000; $site_special{'RAT'} = 7000; $site_special{'FFM'} = 7500; $site_special{'BI'} = 5000; $site_special{'FI'} = 5500; # $site_normal{'HH'} = 13000; $site_normal{'RAT'} = 12000; $site_normal{'FFM'} = 12500; $site_normal{'BI'} = 10000; $site_normal{'FI'} = 10500; # $site_groups{'HH'} = 23000; $site_groups{'RAT'} = 22000; $site_groups{'FFM'} = 22500; $site_groups{'BI'} = 20000; $site_groups{'FI'} = 20500; # $site_min{'HH'} = 0; $site_min{'RAT'} = 0; $site_min{'FFM'} = 0; $site_min{'BI'} = 0; $site_min{'FI'} = 0; # $site_max{'HH'} = 249; $site_max{'RAT'} = 249; $site_max{'FFM'} = 249; $site_max{'BI'} = 499; $site_max{'FI'} = 499; # # Aufruf ohne Parameter ==> Hilfe ausgeben: # if (@ARGV == 0) { $help = 1; } # # Optionen aus der Kommandozeile ueberpruefen und uebernehmen: # while (@ARGV) { $_ = shift; if (/^-p$/) { $pwd_file = shift; } elsif (/^-g$/) { $grp_file = shift; } elsif (/^-p\S+$/) { $pwd_file = substr($_,2); } elsif (/^-g\S+$/) { $grp_file = substr($_,2); } elsif (/^-hh$/) { if ($site) { $error = 1; } else { $site = 'HH'; } } elsif (/^-rat$/) { if ($site) { $error = 1; } else { $site = 'RAT'; } } elsif (/^-ffm$/) { if ($site) { $error = 1; } else { $site = 'FFM'; } } elsif (/^-bi$/) { if ($site) { $error = 1; } else { $site = 'BI'; } } elsif (/^-fi$/) { if ($site) { $error = 1; } else { $site = 'FI'; } } elsif (/^-\?$/) { $help = 1; } elsif (/^-h$/) { $help = 1; } else { $error = 1; unless (defined $option) { $option = $_; } } } # # Hilfe gewuenscht? # if ($help) { print <<"@@"; Usage: $self [ ]* where is one of the following: -p Explicitly specifies the name of the new passwd file to check (default is '$PWD_FILE') -g Explicitly specifies the name of the new group file to check (default is '$GRP_FILE') (white space between option letter and file name is optional) -hh Selects site = '$site_name{'HH'}' -rat Selects site = '$site_name{'RAT'}' -ffm Selects site = '$site_name{'FFM'}' -bi Selects site = '$site_name{'BI'}' -fi Selects site = '$site_name{'FI'}' (use of one of the options above is required!) @@ exit; } # # Unbekannte Option gefunden? # if (($error) && ($option)) { die "Error: Unknown option '$option' encountered!\nEnter '$self -h' for help.\n"; } # # Geschaeftsstelle mehrmals selektiert? # if (($error) && ($site)) { die "Error: Multiple definitions for 'site' encountered!\n"; } # # Keine Geschaeftsstelle selektiert? # unless ($site) { die "Error: No 'site' selected!\nEnter '$self -h' for help.\n"; } # # Sind die Angaben der id-Dateien sinnvoll? # unless (($pwd_file ne "") && (-f $pwd_file)) { die "Error: Can't find new passwd file '$pwd_file'!\n"; } # unless (($grp_file ne "") && (-f $grp_file)) { die "Error: Can't find new group file '$grp_file'!\n"; } # # Parameter fuer Geschaeftsstelle berechnen: # $min_special = $site_special{$site}; $max_special = $site_special{$site} + $site_max{$site} - $site_min{$site}; # $min_normal = $site_normal{$site}; $max_normal = $site_normal{$site} + $site_max{$site} - $site_min{$site}; # $min_groups = $site_groups{$site}; $max_groups = $site_groups{$site} + $site_max{$site} - $site_min{$site}; # # Aktuelle (alte!) Passwort- und Gruppendatei einlesen (slurp): # setgrent; # while (($group) = getgrent) { $group_exists{$group} = 1; } # endgrent; # setpwent; # while (($user) = getpwent) { $user_exists{$user} = 1; } # endpwent; # # Ausgabe der aktiven Parameter: # printf("\n'%s' %s\n\n", $self, $version); printf("New passwd file name = '%s'\n", $pwd_file); printf("New group file name = '%s'\n", $grp_file); printf("Site = '%s'\n\n", $site_name{$site}); # # Neue group-Datei einlesen: # open(GRP, "<$grp_file") || die "Can't open '$grp_file': $!\n"; # while () { chop; ($group, $passwd, $gid) = split(/:/); if ($group_gid{$gid} ne "") { $group_gid{$gid} .= ", " . $group; ++$warnings; printf("Warning: Group id '%s' is not unique!\n", $gid); } else { $group_gid{$gid} = $group; } if ($gid_group{$group} ne "") { if ($gid_group{$group} == $gid) { ++$warnings; printf("Warning: Group name '%s' is not unique!\n", $group); } else { ++$errors; printf("Error: Group name '%s' is not unique!\n", $group); } } else { $gid_group{$group} = $gid; if ($group_exists{$group} ne "") { delete $group_exists{$group}; } else { ++$warnings; printf("Warning: Group name '%s' didn't exist before!\n", $group); } } if ($gid != 0) { if (($gid < $min_groups) || ($gid > $max_groups)) { ++$errors; printf( "Error: Group '%s' has GID '%s' off range (%s..%s)!\n", $group, $gid, $min_groups, $max_groups); } } } # close(GRP); # # Neue passwd-Datei einlesen: # open(PWD, "<$pwd_file") || die "Can't open '$pwd_file': $!\n"; # while () { chop; ($user, $passwd, $uid, $gid) = split(/:/); if ($user_uid{$uid} ne "") { $user_uid{$uid} .= ", " . $user; ++$warnings; printf("Warning: User id '%s' is not unique!\n", $uid); } else { $user_uid{$uid} = $user; } if ($uid_user{$user} ne "") { if ($uid_user{$user} == $uid) { ++$warnings; printf("Warning: User name '%s' is not unique!\n", $user); } else { ++$errors; printf("Error: User name '%s' is not unique!\n", $user); } } else { $uid_user{$user} = $uid; if ($user_exists{$user} ne "") { delete $user_exists{$user}; } else { ++$warnings; printf("Warning: User name '%s' didn't exist before!\n", $user); } } if ($group_gid{$gid} eq "") { ++$errors; printf("Error: User '%s' belongs to non-existent group '%s'!\n", $user, $gid); } $ggg = $gid_group{$user}; if ( ($uid != 0) && ($gid != 0) && ($ggg ne "") && ($gid == $ggg) ) { if ($uid != $gid) { ++$errors; printf( "Error: Group user '%s' has UID <> GID (%s <> %s)!\n", $user, $uid, $gid); } if (($uid < $min_groups) || ($uid > $max_groups)) { ++$errors; printf( "Error: Group user '%s' has UID '%s' off range (%s..%s)!\n", $user, $uid, $min_groups, $max_groups); } if (($gid < $min_groups) || ($gid > $max_groups)) { ++$errors; printf( "Error: Group user '%s' has GID '%s' off range (%s..%s)!\n", $user, $gid, $min_groups, $max_groups); } } else { if (($uid == 0) || (($uid >= $min_special) && ($uid <= $max_special))) { if (($gid < $min_groups) || ($gid > $max_groups)) { ++$errors; printf( "Error: Special user '%s' has GID '%s' off range (%s..%s)!\n", $user, $gid, $min_groups, $max_groups); } } elsif (($uid >= $min_normal) && ($uid <= $max_normal)) { if (($gid < $min_groups) || ($gid > $max_groups)) { ++$errors; printf( "Error: Normal user '%s' has GID '%s' off range (%s..%s)!\n", $user, $gid, $min_groups, $max_groups); } } else { ++$errors; printf( "Error: User '%s' has UID '%s' off range (%s..%s, %s..%s)!\n", $user, $uid, $min_special, $max_special, $min_normal, $max_normal); if (($gid < $min_groups) || ($gid > $max_groups)) { ++$errors; printf( "Error: User '%s' has GID '%s' off range (%s..%s)!\n", $user, $gid, $min_groups, $max_groups); } } } } # close(PWD); # # Fehlende Gruppen anmahnen: # foreach $group (sort keys(%group_exists)) { ++$errors; printf("Error: Group '%s' is missing!\n", $group); } # # Fehlende User anmahnen: # foreach $user (sort keys(%user_exists)) { ++$errors; printf("Error: User '%s' is missing!\n", $user); } # # Fertig: # printf("\n%s warning%s encountered.\n", ($warnings) ? "$warnings" : "NO", ($warnings!=1) ? "s" : ""); printf("%s error%s encountered.\n\n", ($errors) ? "$errors" : "NO", ($errors!=1) ? "s" : ""); # # Fertig. #