X-Git-Url: http://git.hcoop.net/clinton/scripts.git/blobdiff_plain/ef64fd5f806bb6da6da699c4f8ddb3a50498752c..9445a2d9ee035090ac62a717d02e2b0690c82b88:/create-user

diff --git a/create-user b/create-user
index 97acdde..31c67e6 100755
--- a/create-user
+++ b/create-user
@@ -4,6 +4,7 @@
 #  - on deleuze
 #  - as a user with an /etc/sudoers line
 #  - member of wheel unix group
+#  - while holding tickets for a user who can 'ssh -K' to mire
 #  - while holding tokens for a user who is:
 #     - a member of system:administrator
 #     - listed in 'bos listusers deleuze'
@@ -75,7 +76,6 @@ objectClass: posixAccount
 cn: $USER
 uid: $USER
 gidNumber: $ID
-homeDirectory: $HOMEPATH
 sn: $USER
 host: abulafia
 host: mire
@@ -97,7 +97,6 @@ objectClass: posixAccount
 cn: $USER.mailfilter
 uid: $USER.mailfilter
 gidNumber: $ID_MF
-homeDirectory: $HOMEPATH
 sn: $USER.mailfilter
 
 dn: cn=$USER.mailfilter,ou=Group,dc=hcoop,dc=net
@@ -117,7 +116,6 @@ objectClass: posixAccount
 cn: $USER.cgi
 uid: $USER.cgi
 gidNumber: $ID_CGI
-homeDirectory: $HOMEPATH
 sn: $USER.cgi
 
 dn: cn=$USER.cgi,ou=Group,dc=hcoop,dc=net
@@ -135,6 +133,7 @@ memberUid: $USER.cgi
 
 # create a mailfilter keytab (used by /etc/exim4/get-token)
 sudo kadmin.local -p root/admin -q "ktadd -k /etc/keytabs/mailfilter/$USER $USER/mailfilter@HCOOP.NET"
+
 # create a cgi keytab
 sudo kadmin.local -p root/admin -q "ktadd -k /etc/keytabs/cgi/$USER $USER/cgi@HCOOP.NET"
 
@@ -143,7 +142,8 @@ sudo chown www-data:wheel /etc/keytabs/cgi/$USER
 sudo chown $USER:wheel    /etc/keytabs/mailfilter/$USER
 sudo chmod 440            /etc/keytabs/cgi/$USER /etc/keytabs/mailfilter/$USER
 
-# FIXME: rsync keytabs to mire?
+# rsync keytabs to mire
+rsync -e ssh -a /etc/keytabs/cgi/$USER mire.hcoop.net:/etc/keytabs/cgi/$USER
 
 #
 # Create/mount/set-perms on user's volumes (home, mail, databases, logs)
@@ -162,6 +162,12 @@ fs sa $HOMEPATH system:anyuser   rl
 mkdir -p $HOMEPATH/logs/apache
 fs sa    $HOMEPATH/logs/apache $USER.cgi rlwidk
 
+# public_html
+mkdir -p $HOMEPATH/public_html/
+fs sa $HOMEPATH/public_html system:anyuser rl
+mkdir -p $HOMEPATH/.procmail.d/
+fs sa $HOMEPATH/.procmail.d/ system:anyuser rl
+
 # MAIL VOLUME
 vos examine mail.$USER 2>/dev/null || \
   vos create deleuze.hcoop.net /vicepa mail.$USER -maxquota 400000
@@ -208,9 +214,13 @@ fs ls /afs/hcoop.net/old/user/$PATHBITS || \
 fs ls /afs/hcoop.net/old/mail/$PATHBITS || \
   fs mkm /afs/hcoop.net/old/mail/$PATHBITS mail.$USER.backup
 
+# technically this might not be necessary, but for good measure...
 vos syncserv deleuze
 vos syncvldb deleuze
+
+# refresh volume location cache (takes ~2hrs otherwise)
 fs checkvolumes
+ssh mire.hcoop.net fs checkvolumes
 
 #
 # Finally, set password for main user's principal