destroy-user

   1 #!/bin/bash
   2
   3 # MUST be executed:
   4 #  - on deleuze
   5 #  - as a user with an /etc/sudoers line
   6 #  - while holding system:administrator tokens
   7
   8 USER=$1
   9 if test -z "$USER"; then
  10         echo Usage: destroy-user USERNAME
  11         exit 1
  12 fi
  13
  14 PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER
  15 HOMEPATH=/afs/hcoop.net/user/$PATHBITS
  16 MAILPATH=/afs/hcoop.net/common/email/$PATHBITS
  17 # We don't use separate partitions for logs
  18 #LOGSPATH=/afs/.hcoop.net/common/.logs/$USER
  19
  20 sudo rm -f /etc/keytabs/mailfilter/$USER
  21 sudo rm -f /etc/keytabs/cgi/$USER
  22 sudo rm -f /etc/keytabs/user.daemon/$USER
  23
  24 # LDAP
  25 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  26         uid=$USER,ou=People,dc=hcoop,dc=net
  27 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  28         uid=$USER.cgi,ou=People,dc=hcoop,dc=net
  29 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  30         uid=$USER.mailfilter,ou=People,dc=hcoop,dc=net
  31 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  32         cn=$USER,ou=Group,dc=hcoop,dc=net
  33 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  34         cn=$USER.cgi,ou=Group,dc=hcoop,dc=net
  35 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  36         cn=$USER.mailfilter,ou=Group,dc=hcoop,dc=net
  37 sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \
  38         cn=$USER.daemon,ou=Group,dc=hcoop,dc=net
  39
  40 # Remove from domtool
  41 domtool-rmuser $USER
  42
  43 # Invalidate nscd cache
  44 sudo nscd -i passwd
  45 sudo nscd -i group
  46
  47 # Remove from databases
  48 #sudo -u postgres psql -c "DROP TABLESPACE user_$USER"
  49 #sudo -u postgres psql -c "DROP USER $USER"
  50 #sudo -H mysql -e "DROP USER $USER@localhost"
  51
  52 # Remove privs before rm
  53 fs sa $HOMEPATH -clear system:anyuser none
  54 fs sa $MAILPATH -clear system:anyuser none
  55 #XXX see what to do with db volume
  56
  57 fs rm $MAILPATH
  58 fs rm $HOMEPATH
  59 #fs rm $LOGSPATH
  60 #fs rm $DBPATH
  61 fs rm /afs/.hcoop.net/old/user/$PATHBITS
  62 fs rm /afs/.hcoop.net/old/mail/$PATHBITS
  63
  64 # Don't delete volumes, rename them.
  65 #vos remove deleuze.hcoop.net /vicepa user.$USER
  66 #vos remove deleuze.hcoop.net /vicepa mail.$USER
  67 #vos remove deleuze.hcoop.net /vicepa db.$USER
  68 #vos remove deleuze.hcoop.net /vicepa logs.$USER
  69 vos rename user.$USER user.$USER.d
  70 vos rename mail.$USER mail.$USER.d
  71 #XXX vos rename db.$USER db.$USER.d
  72
  73 #vos release common.databases
  74 #vos release common.logs
  75
  76 sudo kadmin.local -q "delprinc -force $USER@HCOOP.NET"
  77 sudo kadmin.local -q "delprinc -force $USER/mailfilter@HCOOP.NET"
  78 sudo kadmin.local -q "delprinc -force $USER/cgi@HCOOP.NET"
  79 sudo kadmin.local -q "delprinc -force $USER/daemon@HCOOP.NET"
  80
  81 pts delete $USER
  82 pts delete $USER.mailfilter
  83 pts delete $USER.cgi
  84 pts delete $USER.daemon
  85
  86 #fs rm /afs/hcoop.net/old/user/$PATHBITS
  87 #fs rm /afs/hcoop.net/old/mail/$PATHBITS
  88 #fs rm /afs/hcoop.net/old/logs/$PATHBITS
  89
  90 vos syncserv deleuze
  91 vos syncvldb deleuze
  92 fs checkvolumes
  93
  94 # Remove user from all of our mailing lists
  95 echo $USER@hcoop.net | sudo -u list \
  96     /var/lib/mailman/bin/remove_members --fromall -f -
  97