[hcoop/zz_old/config/exim4-hopper.git] / get-token

#!/bin/bash
# Get an AFS token for the given user.
#
# This is used to deliver mail with the appropriate credentials.
#
# Usage:
#
# get-token $USER
# - If user is root, call this script as $USER
#
# get-token $USER norecurse
# - Don't recursively call this script, even if user if root

REALUSER=$(whoami)
USER=$1
LOGFILE=/tmp/exim4/get-token-log.$USER

if [ "$REALUSER" = "root" ]; then
    if [ -n "$2" ]; then
        echo "Error: running as root even after trying to change to $USER" \
            > $LOGFILE
        exit 1
    fi

    # Decide whether the user exists: getent returns 0 error code if so
    getent passwd "$USER" >/dev/null
    if [ $? -ne 0 ]; then
        echo "$USER is not a local user, so ignoring them"
        exit 1
    else
        exec su $USER -c "$0 $1 norecurse"
    fi
fi

# fuse stdin and stderr
exec 2>&1

# all future output goes to this file
exec >& $LOGFILE

# print name of user
echo "Running as user $REALUSER"

# set the credentials cache
export KRB5CCNAME=FILE:/tmp/exim4/krb5cc_$USER.email

# eliminate any previous tokens
kdestroy
unlog
KEYTAB=/etc/keytabs/user.daemon/$USER

# display command-to-be-invoked as a sanity check
echo kinit -kt $KEYTAB $USER/daemon@HCOOP.NET

kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
aklog

# list tokens, for the sake of debugging
#tokens
Commit	Line	Data
8f42d430	1	#!/bin/bash
cf08a29f	2	# Get an AFS token for the given user.
	3	#
	4	# This is used to deliver mail with the appropriate credentials.
7a82fe65	5	#
	6	# Usage:
	7	#
	8	# get-token $USER
	9	# - If user is root, call this script as $USER
	10	#
	11	# get-token $USER norecurse
	12	# - Don't recursively call this script, even if user if root
	13
	14	REALUSER=$(whoami)
	15	USER=$1
	16	LOGFILE=/tmp/exim4/get-token-log.$USER
	17
	18	if [ "$REALUSER" = "root" ]; then
	19	if [ -n "$2" ]; then
	20	echo "Error: running as root even after trying to change to $USER" \
	21	> $LOGFILE
	22	exit 1
	23	fi
	24
	25	# Decide whether the user exists: getent returns 0 error code if so
	26	getent passwd "$USER" >/dev/null
	27	if [ $? -ne 0 ]; then
	28	echo "$USER is not a local user, so ignoring them"
	29	exit 1
	30	else
	31	exec su $USER -c "$0 $1 norecurse"
	32	fi
	33	fi
cf08a29f	34
c3a1fc9a	35	# fuse stdin and stderr
c3a1fc9a	36	exec 2>&1
c3a1fc9a	37
c3a1fc9a	38	# all future output goes to this file
7a82fe65	39	exec >& $LOGFILE
c3a1fc9a	40
7a82fe65	41	# print name of user
7a82fe65	42	echo "Running as user $REALUSER"
c3a1fc9a	43
c3a1fc9a	44	# set the credentials cache
7a82fe65	45	export KRB5CCNAME=FILE:/tmp/exim4/krb5cc_$USER.email
c3a1fc9a	46
c3a1fc9a	47	# eliminate any previous tokens
8f42d430	48	kdestroy
8f42d430	49	unlog
0a3b3788	50	KEYTAB=/etc/keytabs/user.daemon/$USER
c3a1fc9a	51
c3a1fc9a	52	# display command-to-be-invoked as a sanity check
0a3b3788	53	echo kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
c3a1fc9a	54
0a3b3788	55	kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
5092a970	56	aklog
5092a970	57
ff958aaf	58	# list tokens, for the sake of debugging
b612ef2b	59	#tokens