#!/bin/sh
# DocumentId:	$Id: update-dpsyco-users 2576 2008-04-07 20:00:51Z ola $
# Author:	$Author: ola $
# Date:		$Date: 2008-04-07 22:00:51 +0200 (mån, 07 apr 2008) $
# Summary:
#	Updates the dpsyco base users.
#
# Copyright (C) 2001-2004 Ola Lundqvist <opal@debian.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#

# When adding a user, just do adduser --disabled-password $USER
# With name from $USERSRC/$USER if that file exist.
# If not the name is the same as the login.

# Read the default dpsyco config.
. /etc/dpsyco/defaults.conf
. /usr/share/dpsyco/change.func
. /usr/share/dpsyco/owner.func

TESTNFS="/ $DHOME /var /var/mail /var/spool/mail /etc"
. /usr/share/dpsyco/checknfs.test

# Users that exist in password file.
EUSERS=$(grep "^[^:+]*:[^:]*:$UID_MATCH:" $PWDF | sed -e "s|:.*||g;")

# Users that should exist.
FUSERS=$(find $USERSRC -maxdepth 2 -path "$USERSRC/*/*" -type d | sed -e "s|/CVS||;" | sed -e "s|.*/||;" | sort -u)

# When removing a user do the following:
# * Sparka ut anvndaren, ps & kill.
# * Ta bort (flytta?) $DHOME/$USER/.ssh/authorized_keys
# * userdel $USER
# * Tarra ner $DHOME/$USER till $DHOME/user.tar.gz.
# * Ta bort $DHOME/$USER

for RU in $EUSERS ; do
    UPID=$(grep "^$RU:" $PWDF | sed -e "s|^[^:]*:[^:]*:\([^:]*\):.*|\1|;")
    if [ $(echo "$UPID" | wc -l) -gt 1 ] ; then
	echo "User $RU has multiple UIDS in /etc/passwd, skipping."
    elif [ $UPID -gt $LAST_UID ] ; then
	echo "User $RU is a ordinary user and should not be removed."
	echo "THIS SHOULD NEVER HAPPEN, error in update script."
    elif [ $UPID -lt $FIRST_UID ] ; then
	echo "User $RU is a system user and should not be removed."
	echo "THIS SHOULD NEVER HAPPEN, error in update script."
    elif ! echo "$FUSERS" | grep "^$RU$" > /dev/null 2>&1 ; then
	echo "dpsyco is deleting user $RU (moving $RU to $RU.disabled)"
	if [ "$SUDO_USER" = "$RU" -o "$USER" = "$RU" ] ; then
	    echo "The script does not kick out any process that the admin runs."
	    echo "FIX THIS MANUALLY:"
	    echo "Log out the user and kill all its processes."
	    echo "Run the following commands (as root, using an other admin account):"
	    echo "	userdel $RU"
	    if [ -d $DHOME/$RU ] ; then
		echo "	dpsyco-delhome $RU"
	    fi
	    if [ -e /var/mail/$RU ] ; then
		echo "	mv /var/mail/$RU $DHOME/$RU.mail"
	    fi
	    if [ -e /var/spool/mail/$RU ] ; then
		echo "	mv /var/spool/mail/$RU $DHOME/$RU.mailspool"
	    fi
	else
	    # First kill all root processes.
	    ps --user $RU -H | grep -v "^[[:space:]]*PID" | grep "[[:space:]]*[0-9][0-9]*[[:space:]][^[:space:]][^[:space:]]*[[:space:]][[:space:]]*[0-9][0-9]:[0-9][0-9]:[0-9][0-9][[:space:]][^[:space:]]" | sed -e "s|[[:space:]]*\([0-9][0-9]*\).*|\1|;" | {
		while read PL ; do
		    kill $PL
		done
	    }
	    sleep 1
	    # Then kill all processes that did not want to be killed.
	    ps --user $RU | grep -v "^[[:space:]]*PID" | sed -e "s|^[[:space:]]*\([0-9][0-9]*\).*|\1|;" | {
		while read PL ; do
		    kill -9 $PL
		done
	    }
	    userdel $RU
	    if [ -d $DHOME/$RU ] ; then
		dpsyco-delhome $RU
	    fi
	    if [ -e /var/mail/$RU ] ; then
		mv /var/mail/$RU $DHOME/$RU.mail
	    fi
	    if [ -e /var/spool/mail/$RU ] ; then
		mv /var/spool/mail/$RU $DHOME/$RU.mailspool
	    fi
	fi
    fi
done

# Users that exist in password file.
EUSERS=$(grep "^[^:+]*:[^:]*:$UID_MATCH:" $PWDF | sed -e "s|:.*||g;")

# Who should be added to or modified in the passwd file.

for AU in $FUSERS ; do
    . $USERSC
    if [ -f $USERSRC/$AU ] ; then
	. $USERSRC/$AU
    fi
    UPID=$(grep "^$AU:" $PWDF | sed -e "s|^[^:]*:[^:]*:\([^:]*\):.*|\1|;")
    if ! echo "$EUSERS" | grep "^$AU$" > /dev/null 2>&1 ; then
	# If the user is not in the passwd file.
	if grep "^$AU:" $PWDF > /dev/null 2>&1 ; then
	    if [ $UPID -ge $FIRST_SYSTEM_UID ] ; then
		echo "User $AU ($UPID) does already exist, FIX THIS MANUALLY!!!"
	    fi
	else
	    # CREATING USER.
	    dpsyco-restorehome $AU
	    adduser --conf $DPADDUSERCFG --gecos "$NAME" --disabled-password $AU
	    changeowner $AU $AU "$DHOME/$AU"
	    if [ -f $DHOME/$AU.mail ] ; then
		echo "Restore user $AU incoming mail."
		if [ -e /var/mail/$AU ] ; then
		    cat $DHOME/$AU.mail >> /var/mail/$AU
		    rm $DHOME/$AU.mail
		else
		    mv $DHOME/$AU.mail /var/mail/$AU
		fi
		changeowner $AU mail "/var/mail/$AU"
	    fi
	    if [ -f $DHOME/$AU.mailspool ] ; then
		echo "Restore user $AU incoming mailspool."
		if [ -e /var/spool/mail/$AU ] ; then
		    cat $DHOME/$AU.mailspool >> /var/spool/mail/$AU
		    rm $DHOME/$AU.mailspool
		else
		    mv $DHOME/$AU.mailspool /var/spool/mail/$AU
		fi
		changeowner $AU mail "/var/spool/mail/$AU"
	    fi
	fi
    else
	changeowner $AU mail "/var/spool/mail/$AU"
	changeowner $AU mail "/var/mail/$AU"
	if ! grep "^$AU:[^:]*:[^:]*:[^:]*:$NAME" $PWDF > /dev/null 2>&1 ; then
	    if [ $UPID -gt $LAST_UID ] ; then
		echo "User $AU is a ordinary user and should not be changed."
	    else
		echo "Changing information for user $AU."
		usermod -c "$NAME" $AU
	    fi
	fi
    fi
done
