From 385c3534feda76934476fd3a058574fc84e302da Mon Sep 17 00:00:00 2001 From: Adam Chlipala Date: Sat, 16 Dec 2006 19:58:52 +0000 Subject: [PATCH 1/1] User add/remove scripts --- Makefile | 4 ++++ scripts/domtool-addacl | 5 +++++ scripts/domtool-addcert | 29 +++++++++++++++++++++++++++++ scripts/domtool-adduser | 4 ++++ scripts/domtool-rmuser | 5 +++++ 5 files changed, 47 insertions(+) create mode 100755 scripts/domtool-addacl create mode 100755 scripts/domtool-addcert create mode 100755 scripts/domtool-adduser create mode 100755 scripts/domtool-rmuser diff --git a/Makefile b/Makefile index 4dd594b..70a347c 100644 --- a/Makefile +++ b/Makefile @@ -94,6 +94,10 @@ install: cp scripts/domtool-publish /usr/local/sbin/ cp scripts/domtool-reset-global /usr/local/sbin/ cp scripts/domtool-reset-local /usr/local/sbin/ + cp scripts/domtool-adduser /usr/local/bin/ + cp scripts/domtool-addcert /usr/local/bin/ + cp scripts/domtool-addacl /usr/local/bin/ + cp scripts/domtool-rmuser /usr/local/bin/ cp openssl/openssl_sml.so /usr/local/lib/ cp bin/domtool-server /usr/local/sbin/ cp bin/domtool-slave /usr/local/sbin/ diff --git a/scripts/domtool-addacl b/scripts/domtool-addacl new file mode 100755 index 0000000..6675de0 --- /dev/null +++ b/scripts/domtool-addacl @@ -0,0 +1,5 @@ +#!/bin/sh -e + +domtool-admin grant $1 user $1 +domtool-admin grant $1 group $1 +domtool-admin grant $1 path /afs/hcoop.net/usr/$1 diff --git a/scripts/domtool-addcert b/scripts/domtool-addcert new file mode 100755 index 0000000..535d825 --- /dev/null +++ b/scripts/domtool-addcert @@ -0,0 +1,29 @@ +#!/bin/sh -e + + KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$1 + KEYFILE=$KEYDIR/key.pem +CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$1.pem + NEWREQ=~/.newreq.pem + NEW=~/.new.pem + KEYIN=~/.keyin + +mkdir $KEYDIR || echo Already exists +openssl genrsa -out $KEYFILE +chown -R domtool.domtool $KEYDIR +fs sa $KEYDIR $1 read +echo "." >$KEYIN +echo "." >>$KEYIN +echo "." >>$KEYIN +echo "." >>$KEYIN +echo "." >>$KEYIN +echo "$1" >>$KEYIN +echo "$1@hcoop.net" >>$KEYIN +echo "" >>$KEYIN +echo "" >>$KEYIN +openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN +rm $KEYIN +cat $NEWREQ $KEYFILE >$NEW +rm $NEWREQ +openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW +rm $NEW +chown domtool.domtool $CERTFILE diff --git a/scripts/domtool-adduser b/scripts/domtool-adduser new file mode 100755 index 0000000..3133cff --- /dev/null +++ b/scripts/domtool-adduser @@ -0,0 +1,4 @@ +#!/bin/sh -e + +domtool-addcert $* +domtool-addacl $* diff --git a/scripts/domtool-rmuser b/scripts/domtool-rmuser new file mode 100755 index 0000000..a296a3a --- /dev/null +++ b/scripts/domtool-rmuser @@ -0,0 +1,5 @@ +#!/bin/sh -e + +rm -rf /afs/hcoop.net/common/etc/domtool/keys/$1 +rm /afs/hcoop.net/common/etc/domtool/certs/$1.pem +domtool-admin rmuser $1 -- 2.20.1