| 1 | #!/bin/bash -ex |
| 2 | |
| 3 | # MUST be executed: |
| 4 | # - on fritz |
| 5 | # - as a user with an /etc/sudoers line |
| 6 | # - member of "wheel" unix group on deleuze (FIXME: TRUE?) |
| 7 | # - while holding tickets for a user who can 'ssh -K' to all nodes |
| 8 | # - while holding tokens for a user who is: |
| 9 | # - a member of system:administrator |
| 10 | # - listed in 'bos listusers fritz' |
| 11 | # - and who has been set up with Domtool admin privileges by: |
| 12 | # - running 'domtool-adduser $USER' while holding AFS admin tokens as |
| 13 | # someone who is already a Domtool admin |
| 14 | # - running 'domtool-admin grant $USER priv all' as someone who is already a |
| 15 | # Domtool admin |
| 16 | # (To bootstrap yourself into admindom: |
| 17 | # 1. Run '/etc/init.d/domtool-server stop' on deleuze. |
| 18 | # 2. Run '/etc/init.d/domtool-slave stop' on all Domtool slave machines |
| 19 | # 3. Edit ~domtool/acl, following the example of adamc_admin to grant |
| 20 | # yourself 'priv all'. |
| 21 | # 4. Run '/etc/init.d/domtool-server start' on deleuze. |
| 22 | # 5. Run '/etc/init.d/domtool-slave start' on all Domtool slave |
| 23 | # machines. |
| 24 | # 6. Run 'domtool-adduser' as above.) |
| 25 | |
| 26 | NEWUSER=$1 |
| 27 | |
| 28 | if test -z "$NEWUSER"; then |
| 29 | echo "Invoke as create-user <USERNAME>" |
| 30 | exit 1 |
| 31 | fi |
| 32 | |
| 33 | source /afs/hcoop.net/common/etc/scripts/lib/create-user-lib.sh |
| 34 | |
| 35 | create_pts_user |
| 36 | create_pts_user_daemon |
| 37 | export_user_keytabs |
| 38 | |
| 39 | create_home_volume |
| 40 | create_mail_volume |
| 41 | |
| 42 | ensure_afs_servers_synced |
| 43 | |
| 44 | seed_user_hcoop_directories |
| 45 | setup_user_databases |
| 46 | create_dav_locks |
| 47 | |
| 48 | enable_domtool |
| 49 | |
| 50 | subscribe_to_lists |