X-Git-Url: http://git.hcoop.net/hcoop/scripts.git/blobdiff_plain/e3f713a391757bdebd5e2c9a1305b0b9d571f2ee..HEAD:/freeze?ds=sidebyside

diff --git a/freeze b/freeze
index 2fb6ccd..bfe9ed3 100755
--- a/freeze
+++ b/freeze
@@ -3,7 +3,7 @@
 #
 # Purpose: freeze user (cancel user services except email), or unfreeze user.
 #
-# Usage (RUN AS _ADMIN USER ON DELEUZE WITHOUT SUDO):
+# Usage (RUN AS _ADMIN USER ON GIBRAN WITHOUT SUDO ... but it shouldn't matter where you run it):
 #
 # Display frozen users or details for one user (one user implies -verbose):
 #   freeze  [user], OR
@@ -94,11 +94,11 @@ use Getopt::Long qw/GetOptions/;
 
 use constant DEBUG => 1;
 use constant DRY => 0;
-use constant STORE => "/var/tmp/frozen/cache";
+use constant STORE => "/afs/hcoop.net/common/etc/frozen/cache";
 use constant DEFAULT_SHELL => '/bin/bash';
 use constant FROZEN_SHELL => '/afs/hcoop.net/common/etc/scripts/frozen_shell';
-use constant PUBLIC_ACCESS => (qw/mire/);
-use constant RUN_SERVER => 'deleuze';
+use constant PUBLIC_ACCESS => (qw/marsh/);
+use constant RUN_SERVER => 'gibran';
 
 my $store = {}; # cached info
 my $action = 'list'; # list, freeze, unfreeze
@@ -238,14 +238,15 @@ sub login {
 	}
 
 	elsif ($a =~ /^u/i) {
+	    if ( -l "$user[5]/.loginshell" or -e "$user[5]/.loginshell" ) {
+		if (!DRY) {
+		    system("rm '$user[5]/.loginshell'");
+		} else {
+		    warn qq{system("rm '$user[5]/.loginshell'")\n};
+		}
+	    }
+
 		if ( $$store{$u}{shell}) {
-			if ( -l "$user[5]/.loginshell" or -e "$user[5]/.loginshell" ) {
-				if (!DRY) {
-					system("rm '$user[5]/.loginshell'");
-				} else {
-					warn qq{system("rm '$user[5]/.loginshell'")\n};
-				}
-			}
 			if (!DRY) {
 				symlink($$store{$u}{shell}, "$user[5]/.loginshell")
 					or warn "symlink: $!";
@@ -278,28 +279,25 @@ sub domtool {
 			# As per adamc's suggestion, I should not be
 			# running rmdom explicitly.
 			# https://bugzilla.hcoop.net/show_bug.cgi?id=555
-			#if (!DRY) {
-			#	system("domtool-admin rmdom $_")
-			#} else {
-			#	warn qq|system("domtool-admin rmdom $_")\n|
-			#}
-		}
-
+			# adam was wrong, rmuser is too broad. rmdom + revoke
 			if (!DRY) {
-				system("domtool-rmuser $_")
+			    system("domtool-admin rmdom $_");
+			    system("domtool-admin revoke $u domain $_");
 			} else {
-				warn qq|system("domtool-rmuser $_")\n|
+			    warn qq|system("domtool-admin rmdom $_")\n|;
+			    warn qq|system("domtool-admin revoke $u domain $_")\n|
 			}
+		}
 
 		push @{ $$store{$u}{modules} }, 'domtool';
 	}
 
 	elsif ($a =~ /^u/i) {
-			if (!DRY) {
-				system("domtool-adduser $_")
-			} else {
-				warn qq|system("domtool-adduser $_")\n|
-			}
+		if (!DRY) {
+			system("domtool-adduser $u")
+		} else {
+			warn qq|system("domtool-adduser $u")\n|
+		}
 
 		for ( @{ $$store{$u}{domains} } ) {
 			if (!DRY) {