Customizing passwd users with editfiles

Relevant classes: any Suppose you have a group of machines that you only want a limited number of users to be able to log onto. Often you have lists of users in a file (e.g. a mail alias list, or a list from a groups database etc). Suppose that the master password and shadow files are located at some server, then we begin by copying them to a private location control: actionsequence = ( copy editfiles ) srcserver = ( master.domain.tla ) realsrcpasswd = ( /etc/passwdsrc ) realsrcshadow = ( /etc/shadowsrc ) realpasswd = ( /tmp/passwd ) realshadow = ( /tmp/shadow ) temppasswd = ( /tmp/workfile1 ) tempshadow = ( /tmp/workfile2 ) listfile = ( "/iu/nexus/local/iu/aliases/kurs/MS009A" ) editfilesize = ( 0 ) copy: # First make a copy of the complete passwd file as tmp $(realsrcpasswd) dest=$(temppasswd) mode=600 server=$(srcserver) $(realsrcshadow) dest=$(tempshadow) mode=600 server=$(srcserver) ####################################################### editfiles: specialhosts.do:: # Add special users { $(temppasswd) # $(listfile) contains a list of users whom we want to # have accounts on this subset of machines # So get rid of all the accounts that are not in our # special list DeleteLinesNotStartingFileItems "$(listfile)" } { $(tempshadow) # Same for the shadow file.... DeleteLinesNotStartingFileItems "$(listfile)" } { $(realpasswd) # Add the restricted list to the password file, if the user does # not already exist there... DeleteLinesStartingFileItems "$(listfile)" AppendIfNoSuchLinesFromFile "$(temppasswd)" } { $(realshadow) DeleteLinesStartingFileItems "$(listfile)" AppendIfNoSuchLinesFromFile "$(tempshadow)" } ####################################################### specialhosts.undo:: # Remove special users { $(realpasswd) DeleteLinesStartingFileItems "$(listfile)" } { $(realshadow) DeleteLinesStartingFileItems "$(listfile)" } Back to documentation