X-Git-Url: https://git.hcoop.net/hcoop/scripts.git/blobdiff_plain/03807e61f416389221581187db64c3a051fd8237..652feaf609ebcfb07fab4b748d0dc312d2c46af2:/destroy-user diff --git a/destroy-user b/destroy-user index 15e4062..d53cbb6 100755 --- a/destroy-user +++ b/destroy-user @@ -1,16 +1,20 @@ #!/bin/bash # MUST be executed: -# - on deleuze +# - on the kerberos domain controller # - as a user with an /etc/sudoers line +# - as a user with domtool-admin rights # - while holding system:administrator tokens USER=$1 +if test -z "$USER"; then + echo Usage: destroy-user USERNAME + exit 1 +fi PATHBITS=`echo $USER | head -c 1`/`echo $USER | head -c 2`/$USER HOMEPATH=/afs/hcoop.net/user/$PATHBITS MAILPATH=/afs/hcoop.net/common/email/$PATHBITS -DBPATH=/afs/.hcoop.net/common/.databases/$PATHBITS # We don't use separate partitions for logs #LOGSPATH=/afs/.hcoop.net/common/.logs/$USER @@ -19,42 +23,55 @@ sudo rm -f /etc/keytabs/cgi/$USER sudo rm -f /etc/keytabs/user.daemon/$USER # LDAP -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - uid=$USER,ou=People,dc=hcoop,dc=net -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - uid=$USER.cgi,ou=People,dc=hcoop,dc=net -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - uid=$USER.mailfilter,ou=People,dc=hcoop,dc=net -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - cn=$USER,ou=Group,dc=hcoop,dc=net -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - cn=$USER.cgi,ou=Group,dc=hcoop,dc=net -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - cn=$USER.mailfilter,ou=Group,dc=hcoop,dc=net -sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ - cn=$USER.daemon,ou=Group,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# uid=$USER,ou=People,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# uid=$USER.cgi,ou=People,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# uid=$USER.mailfilter,ou=People,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# cn=$USER,ou=Group,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# cn=$USER.cgi,ou=Group,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# cn=$USER.mailfilter,ou=Group,dc=hcoop,dc=net +# sudo ldapdelete -v -x -D cn=admin,dc=hcoop,dc=net -y /etc/ldap.secret \ +# cn=$USER.daemon,ou=Group,dc=hcoop,dc=net + +# Remove from domtool +domtool-rmuser $USER # Invalidate nscd cache sudo nscd -i passwd sudo nscd -i group # Remove from databases -sudo -u postgres psql -c "DROP TABLESPACE user_$USER" +#sudo -u postgres psql -c "DROP TABLESPACE user_$USER" #sudo -u postgres psql -c "DROP USER $USER" #sudo -H mysql -e "DROP USER $USER@localhost" +# Remove privs before rm +fs sa $HOMEPATH -clear system:anyuser none +fs sa $MAILPATH -clear system:anyuser none +#XXX see what to do with db volume + fs rm $MAILPATH fs rm $HOMEPATH #fs rm $LOGSPATH -fs rm $DBPATH -fs rm /afs/hcoop.net/old/user/$PATHBITS -fs rm /afs/hcoop.net/old/mail/$PATHBITS -vos remove deleuze.hcoop.net /vicepa user.$USER -vos remove deleuze.hcoop.net /vicepa mail.$USER -vos remove deleuze.hcoop.net /vicepa db.$USER +#fs rm $DBPATH +fs rm /afs/.hcoop.net/old/user/$PATHBITS +fs rm /afs/.hcoop.net/old/mail/$PATHBITS + +# Don't delete volumes, rename them. +#vos remove deleuze.hcoop.net /vicepa user.$USER +#vos remove deleuze.hcoop.net /vicepa mail.$USER +#vos remove deleuze.hcoop.net /vicepa db.$USER #vos remove deleuze.hcoop.net /vicepa logs.$USER +vos rename user.$USER user.$USER.d +vos rename mail.$USER mail.$USER.d +#XXX vos rename db.$USER db.$USER.d -vos release common.databases +#vos release common.databases #vos release common.logs sudo kadmin.local -q "delprinc -force $USER@HCOOP.NET" @@ -71,7 +88,11 @@ pts delete $USER.daemon #fs rm /afs/hcoop.net/old/mail/$PATHBITS #fs rm /afs/hcoop.net/old/logs/$PATHBITS -vos syncserv deleuze -vos syncvldb deleuze +vos syncserv fritz +vos syncvldb fritz fs checkvolumes +# Remove user from all of our mailing lists +echo $USER@hcoop.net | ssh -K deleuze sudo -u list \ + /var/lib/mailman/bin/remove_members --fromall -f - +