| | 1 | #!/bin/bash |
| | 2 | |
| | 3 | # MUST be executed: |
| | 4 | # - on deleuze |
| | 5 | # - as a user with an /etc/sudoers line |
| | 6 | # - while holding system:administrator tokens |
| | 7 | |
| | 8 | USER=$1 |
| | 9 | if test -z "$USER"; then |
| | 10 | echo Usage: destroy-user USERNAME |
| | 11 | exit 1 |
| | 12 | fi |
| | 13 | |
| | 14 | PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER |
| | 15 | HOMEPATH=/afs/hcoop.net/user/$PATHBITS |
| | 16 | MAILPATH=/afs/hcoop.net/common/email/$PATHBITS |
| | 17 | # We don't use separate partitions for logs |
| | 18 | #LOGSPATH=/afs/.hcoop.net/common/.logs/$USER |
| | 19 | |
| | 20 | sudo rm -f /etc/keytabs/mailfilter/$USER |
| | 21 | sudo rm -f /etc/keytabs/cgi/$USER |
| | 22 | sudo rm -f /etc/keytabs/user.daemon/$USER |
| | 23 | |
| | 24 | # LDAP |
| | 25 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 26 | uid=$USER,ou=People,dc=hcoop,dc=net |
| | 27 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 28 | uid=$USER.cgi,ou=People,dc=hcoop,dc=net |
| | 29 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 30 | uid=$USER.mailfilter,ou=People,dc=hcoop,dc=net |
| | 31 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 32 | cn=$USER,ou=Group,dc=hcoop,dc=net |
| | 33 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 34 | cn=$USER.cgi,ou=Group,dc=hcoop,dc=net |
| | 35 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 36 | cn=$USER.mailfilter,ou=Group,dc=hcoop,dc=net |
| | 37 | sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ |
| | 38 | cn=$USER.daemon,ou=Group,dc=hcoop,dc=net |
| | 39 | |
| | 40 | # Remove from domtool |
| | 41 | domtool-rmuser $USER |
| | 42 | |
| | 43 | # Invalidate nscd cache |
| | 44 | sudo nscd -i passwd |
| | 45 | sudo nscd -i group |
| | 46 | |
| | 47 | # Remove from databases |
| | 48 | #sudo -u postgres psql -c "DROP TABLESPACE user_$USER" |
| | 49 | #sudo -u postgres psql -c "DROP USER $USER" |
| | 50 | #sudo -H mysql -e "DROP USER $USER@localhost" |
| | 51 | |
| | 52 | # Remove privs before rm |
| | 53 | fs sa $HOMEPATH -clear system:anyuser none |
| | 54 | fs sa $MAILPATH -clear system:anyuser none |
| | 55 | #XXX see what to do with db volume |
| | 56 | |
| | 57 | fs rm $MAILPATH |
| | 58 | fs rm $HOMEPATH |
| | 59 | #fs rm $LOGSPATH |
| | 60 | #fs rm $DBPATH |
| | 61 | fs rm /afs/.hcoop.net/old/user/$PATHBITS |
| | 62 | fs rm /afs/.hcoop.net/old/mail/$PATHBITS |
| | 63 | |
| | 64 | # Don't delete volumes, rename them. |
| | 65 | #vos remove deleuze.hcoop.net /vicepa user.$USER |
| | 66 | #vos remove deleuze.hcoop.net /vicepa mail.$USER |
| | 67 | #vos remove deleuze.hcoop.net /vicepa db.$USER |
| | 68 | #vos remove deleuze.hcoop.net /vicepa logs.$USER |
| | 69 | vos rename user.$USER user.$USER.d |
| | 70 | vos rename mail.$USER mail.$USER.d |
| | 71 | #XXX vos rename db.$USER db.$USER.d |
| | 72 | |
| | 73 | #vos release common.databases |
| | 74 | #vos release common.logs |
| | 75 | |
| | 76 | sudo kadmin.local -q "delprinc -force $USER@HCOOP.NET" |
| | 77 | sudo kadmin.local -q "delprinc -force $USER/mailfilter@HCOOP.NET" |
| | 78 | sudo kadmin.local -q "delprinc -force $USER/cgi@HCOOP.NET" |
| | 79 | sudo kadmin.local -q "delprinc -force $USER/daemon@HCOOP.NET" |
| | 80 | |
| | 81 | pts delete $USER |
| | 82 | pts delete $USER.mailfilter |
| | 83 | pts delete $USER.cgi |
| | 84 | pts delete $USER.daemon |
| | 85 | |
| | 86 | #fs rm /afs/hcoop.net/old/user/$PATHBITS |
| | 87 | #fs rm /afs/hcoop.net/old/mail/$PATHBITS |
| | 88 | #fs rm /afs/hcoop.net/old/logs/$PATHBITS |
| | 89 | |
| | 90 | vos syncserv fritz |
| | 91 | vos syncvldb fritz |
| | 92 | fs checkvolumes |
| | 93 | |
| | 94 | # Remove user from all of our mailing lists |
| | 95 | echo $USER@hcoop.net | sudo -u list \ |
| | 96 | /var/lib/mailman/bin/remove_members --fromall -f - |
| | 97 | |
HCoop / clinton / scripts.git / blame_incremental