fix apache2 davlockdb path in chowns

[hcoop/scripts.git] / freeze

diff --git a/freeze b/freeze
index 660619a..bfe9ed3 100755 (executable)
--- a/freeze
+++ b/freeze
@@ -3,7 +3,7 @@
 #
 # Purpose: freeze user (cancel user services except email), or unfreeze user.
 #
-# Usage (RUN AS _ADMIN USER ON DELEUZE WITHOUT SUDO):
+# Usage (RUN AS _ADMIN USER ON GIBRAN WITHOUT SUDO ... but it shouldn't matter where you run it):
 #
 # Display frozen users or details for one user (one user implies -verbose):
 #   freeze  [user], OR
@@ -94,11 +94,11 @@ use Getopt::Long qw/GetOptions/;
 
 use constant DEBUG => 1;
 use constant DRY => 0;
-use constant STORE => "/var/tmp/frozen/cache";
+use constant STORE => "/afs/hcoop.net/common/etc/frozen/cache";
 use constant DEFAULT_SHELL => '/bin/bash';
 use constant FROZEN_SHELL => '/afs/hcoop.net/common/etc/scripts/frozen_shell';
-use constant PUBLIC_ACCESS => (qw/mire/);
-use constant RUN_SERVER => 'deleuze';
+use constant PUBLIC_ACCESS => (qw/marsh/);
+use constant RUN_SERVER => 'gibran';
 
 my $store = {}; # cached info
 my $action = 'list'; # list, freeze, unfreeze
@@ -238,14 +238,15 @@ sub login {
        }
 
        elsif ($a =~ /^u/i) {
+           if ( -l "$user[5]/.loginshell" or -e "$user[5]/.loginshell" ) {
+               if (!DRY) {
+                   system("rm '$user[5]/.loginshell'");
+               } else {
+                   warn qq{system("rm '$user[5]/.loginshell'")\n};
+               }
+           }
+
                if ( $$store{$u}{shell}) {
-                       if ( -l "$user[5]/.loginshell" or -e "$user[5]/.loginshell" ) {
-                               if (!DRY) {
-                                       system("rm '$user[5]/.loginshell'");
-                               } else {
-                                       warn qq{system("rm '$user[5]/.loginshell'")\n};
-                               }
-                       }
                        if (!DRY) {
                                symlink($$store{$u}{shell}, "$user[5]/.loginshell")
                                        or warn "symlink: $!";
@@ -278,17 +279,14 @@ sub domtool {
                        # As per adamc's suggestion, I should not be
                        # running rmdom explicitly.
                        # https://bugzilla.hcoop.net/show_bug.cgi?id=555
-                       #if (!DRY) {
-                       #       system("domtool-admin rmdom $_")
-                       #} else {
-                       #       warn qq|system("domtool-admin rmdom $_")\n|
-                       #}
-               }
-
-               if (!DRY) {
-                       system("domtool-rmuser $u")
-               } else {
-                       warn qq|system("domtool-rmuser $u")\n|
+                       # adam was wrong, rmuser is too broad. rmdom + revoke
+                       if (!DRY) {
+                           system("domtool-admin rmdom $_");
+                           system("domtool-admin revoke $u domain $_");
+                       } else {
+                           warn qq|system("domtool-admin rmdom $_")\n|;
+                           warn qq|system("domtool-admin revoke $u domain $_")\n|
+                       }
                }
 
                push @{ $$store{$u}{modules} }, 'domtool';