X-Git-Url: http://git.hcoop.net/clinton/scripts.git/blobdiff_plain/86a0f2e2d64c035e30dc4dc9634de8b1fb1e5c39..8a24cd39bdac42aa559cb2dfdec7c9fe70b592d2:/freeze?ds=sidebyside

diff --git a/freeze b/freeze
index 5f0c282..5e2ff8b 100755
--- a/freeze
+++ b/freeze
@@ -7,7 +7,7 @@
 #
 # Display frozen users or details for one user (one user implies -verbose):
 #   freeze  [user], OR
-#   freeze --action list [--verbose] | freeze -a l   [-v | user]
+#   freeze [ --action list | -a ] [--verbose | -v] [user]
 #
 # Freeze user:
 #   freeze -a f user
@@ -56,10 +56,10 @@
 # unfreezed.
 #
 # Module 'record' creates or deletes initial user entry in $$store.
-# If you create a new module that will use the store (announce it's
+# If you create a new module that will use the store, announce its
 # hash key by creating it empty in record().
 #
-# For additional help, here's how the stored hash might look like:
+# For additional detail, here's how the stored hash might look like:
 #
 #
 # $store = {
@@ -93,12 +93,12 @@ use Storable qw/lock_nstore lock_retrieve/;
 use Getopt::Long qw/GetOptions/;
 
 use constant DEBUG => 1;
-use constant DRY => 1;
-use constant STORE => "/tmp/store";
+use constant DRY => 0;
+use constant STORE => "/var/tmp/frozen/cache";
 use constant DEFAULT_SHELL => '/bin/bash';
 use constant FROZEN_SHELL => '/afs/hcoop.net/common/etc/scripts/frozen_shell';
-use constant PUBLIC_ACCESS => [qw/mire/];
-use constant RUN_SERVER => 'handgun';
+use constant PUBLIC_ACCESS => (qw/mire/);
+use constant RUN_SERVER => 'deleuze';
 
 my $store = {}; # cached info
 my $action = 'list'; # list, freeze, unfreeze
@@ -121,6 +121,10 @@ unless ( GetOptions (
 
 $user = shift ;
 
+if ( $> == 0 or $< == 0 ) {
+	die "Run script under admin account without sudo.\n";
+}
+
 if ( -e STORE ) {
 	$store = lock_retrieve(STORE);
 } else {
@@ -188,7 +192,7 @@ lock_nstore $store, STORE;
 ###########################################################################
 # Helpers below
 
-# GETENT:
+# GETENT (available to modules automatically in @user):
 #    0    1   2    3      4                    5                     6
 # docelic:x:10235:65534:docelic:/afs/hcoop.net/user/d/do/docelic:/bin/bash
 
@@ -264,7 +268,7 @@ sub domtool {
 	# XXX how to restart services after that?
 
 	if ($a =~ /^f/i) {
-		my $domains = `domtool-admin perms docelic  | grep '^domain: '`;
+		my $domains = `domtool-admin perms $u  | grep '^domain: '`;
 		chomp $domains;
 		my @domains = split / +/, $domains;
 
@@ -280,7 +284,7 @@ sub domtool {
 			if (!DRY) {
 				system("domtool-rmuser $_")
 			} else {
-				warn qq|system("domtool-rmuser $_"\n|
+				warn qq|system("domtool-rmuser $_")\n|
 			}
 
 		push @{ $$store{$u}{modules} }, 'domtool';
@@ -346,9 +350,9 @@ sub slay {
 	if ($a =~ /^f/i) {
 		for ( PUBLIC_ACCESS ) {
 			if (!DRY) {
-				qx{ssh -K $_ slay $u}; sleep 5; qx{ssh -K $_ slay -9 $u};
+				qx{ssh -K $_ sudo slay $u}; sleep 5; qx{ssh -K $_ sudo slay -9 $u};
 			} else {
-				warn qq|ssh -K $_ slay $u; sleep 5; ssh -K $_ slay -9 $u\n|
+				warn qq|ssh -K $_ sudo slay $u; sleep 5; ssh -K $_ sudo slay -9 $u\n|
 			}
 		}