From ff0ad50838b219ec6457e55176f3628a519b0061 Mon Sep 17 00:00:00 2001
From: Clinton Ebadi <clinton@unknownlamer.org>
Date: Sun, 4 Oct 2009 17:18:38 -0400
Subject: [PATCH] HCoop delivery scripts

---
 deliver-once | 16 +++++++++++
 get-token    | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 93 insertions(+)
 create mode 100755 deliver-once
 create mode 100755 get-token

diff --git a/deliver-once b/deliver-once
new file mode 100755
index 0000000..409c51b
--- /dev/null
+++ b/deliver-once
@@ -0,0 +1,16 @@
+#/bin/sh
+#
+# Cause a single email message from stdin to be delivered, after
+# pausing one second to allow the mail daemon to cope.
+#
+# Usage: deliver-once USER
+#
+# USER is the person to deliver this email message to.
+
+if test -n "$2" || test -z "$1"; then
+    echo Incorrect number of arguments
+    exit 1
+fi
+
+sleep 1
+/usr/sbin/exim4 -bm $1
diff --git a/get-token b/get-token
new file mode 100755
index 0000000..b7b5e02
--- /dev/null
+++ b/get-token
@@ -0,0 +1,77 @@
+#!/bin/bash
+# Get an AFS token for the given user.
+#
+# This is used to deliver mail with the appropriate credentials.
+#
+# Usage:
+#
+# get-token $USER
+# - If user is root, call this script as $USER
+#
+# get-token $USER norecurse
+# - Don't recursively call this script, even if user if root
+
+REALUSER=$(whoami)
+USER=$1
+LOGFILE=/tmp/exim4/weird-error.log
+
+if test "$REALUSER" = "root"; then
+    if test "$2" = "norecurse"; then
+        echo "Error: running as root even after trying to change to $USER" \
+            >> $LOGFILE
+        exit 1
+    fi
+
+    # Decide whether the user exists: getent returns 0 error code if so
+    getent passwd "$USER" >/dev/null
+    if test $? -ne 0; then
+        echo "$USER is not a local user, so ignoring them" \
+            >> $LOGFILE
+        exit 1
+    else
+        USER=$(getent passwd "$1" | cut -d':' -f 1)
+        exec su $USER -c "$0 $1 norecurse"
+    fi
+fi
+
+# Make sure USER exists, and resolve UIDs to a login name
+USER=$(getent passwd "$USER" | cut -d':' -f 1)
+LOGFILE=/tmp/exim4/get-token-log.$USER
+
+if test -z "$USER"; then
+    echo "$USER is not a local user, so ignoring them" \
+        >> /tmp/exim4/weird-error.log
+    exit 1
+fi
+
+# fuse stdin and stderr
+exec 2>&1
+
+# all future output goes to this file
+exec >& $LOGFILE
+
+# print name of user
+echo "Running as user $REALUSER"
+
+# debugging output
+if test "$2" = "debug"; then
+    shift; shift
+    echo "Debugging output: $*"
+fi
+
+# set the credentials cache
+export KRB5CCNAME=FILE:/tmp/exim4/krb5cc_$USER.email
+
+# eliminate any previous tokens
+kdestroy
+unlog
+KEYTAB=/etc/keytabs/user.daemon/$USER
+
+# display command-to-be-invoked as a sanity check
+echo kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
+
+kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
+aklog
+
+# list tokens, for the sake of debugging
+#tokens
-- 
2.20.1