Browse Source

All sindominantes have shell

webdeploy
meskio 3 years ago
parent
commit
5d57151440
Signed by: meskio
GPG Key ID: 52B8F5AC97A2DA86
  1. 11
      main.go
  2. 17
      server/admin.go

11
main.go

@ -59,7 +59,7 @@ func main() {
}
g := gitea.Init(*giteaURL, *token, *cloneAddr, *webhookRepoURL, *webhookRepoSecret, *webhookURL, *webhookSecret)
go lockUsers(l)
go updateUsers(l)
ldb, err := db.Init(*dbpath)
if err != nil {
@ -71,7 +71,7 @@ func main() {
log.Fatal(server.Serve(*httpaddr, &l, m, ldb, g))
}
func lockUsers(l ldap.Ldap) {
func updateUsers(l ldap.Ldap) {
for {
users, err := l.ListUsers()
if err != nil {
@ -81,6 +81,13 @@ func lockUsers(l ldap.Ldap) {
}
for _, u := range users {
if u.Shell == "/bin/false" && u.Role == ldap.Sindominante {
err := l.ChangeShell(u.Name, "/bin/bash")
if err != nil {
log.Println("An error ocurred changing shell of '", u.Name, "': ", err)
}
}
// TODO: add deleted flag
if u.Locked != ldap.Unlocked ||
u.LastLogin.Add(accountBlockDuration).After(time.Now()) {

17
server/admin.go

@ -121,6 +121,23 @@ func (s *server) roleHandler(w http.ResponseWriter, r *http.Request) {
s.errorHandler(w, r)
return
}
user, err := s.ldap.GetUser(userName)
if err != nil {
log.Println("Error fetching user '", userName, "': ", err)
s.errorHandler(w, r)
return
}
if user.Shell == "/bin/false" && role == ldap.Sindominante {
err := s.ldap.ChangeShell(userName, "/bin/bash")
if err != nil {
log.Println("An error ocurred changing shell of '", userName, "': ", err)
s.errorHandler(w, r)
return
}
}
http.Redirect(w, r, "/users/"+userName, http.StatusFound)
}

Loading…
Cancel
Save