removed at job creation because we dont have a good plan on automatic removal; added semiautomatic expiry instead
--- a/Build.PL Fri Jul 15 11:31:50 2011 +0200
+++ b/Build.PL Fri Jul 15 13:47:13 2011 +0200
@@ -18,7 +18,6 @@
defined $provides{$_} ? $provides{$_} : 'lib' . lc $d . '-perl'
=> $self->requires->{$_} == 0 ? '' : ' (>= ' . $self->requires->{$_} . ')'
} keys %{$self->requires} ),
- 'at' => ''
);
my $c = new File::Temp or die "Can't tempfile";
print $c "Package: libius-dav-htpasswd-perl-deps\n";
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/ius-dav-htuserexpiry Fri Jul 15 13:47:13 2011 +0200
@@ -0,0 +1,43 @@
+#!/usr/bin/perl
+
+# Copyright (C) 2011 Matthias Förste
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# Matthias Förste <foerste@schlittermann.de>
+
+use strict;
+use warnings;
+
+use Ius::Dav::Htpasswd qw(readconfig userexpiry usage);
+
+use Getopt::Long;
+use Pod::Usage;
+
+GetOptions(
+ 'h|help' => sub { usage(-exit => 0, -verbose => 1) },
+ 'm|man' => sub {
+ usage(
+ -exit => 0,
+
+ # "system('perldoc -V &>/dev/null')" appears shorter, but may not
+ # do what you expect ( it still returns 0 on debian squeeze with
+ # dash as system shell even if cannot find the command in $PATH)
+ -noperldoc => system('perldoc -V >/dev/null 2>&1'),
+ -verbose => 2
+ );
+ },
+) or usage;
+
+exit userexpiry readconfig;
--- a/lib/Ius/Dav/Htpasswd.pm Fri Jul 15 11:31:50 2011 +0200
+++ b/lib/Ius/Dav/Htpasswd.pm Fri Jul 15 13:47:13 2011 +0200
@@ -39,7 +39,7 @@
$VERSION = 0.1;
@ISA = qw(Exporter);
- @EXPORT_OK = qw(readconfig mkpasswd useradd userdel usage);
+ @EXPORT_OK = qw(readconfig mkpasswd useradd userdel userexpiry usage);
}
sub usage {
@@ -96,12 +96,6 @@
$expiry = $conf->{expiry} unless defined $expiry and $expiry ne '';
die 'Invalid input' unless validate $conf, $user, $expiry;
- my $at_cmd = "at now + " . 24 * 60 * $expiry . " minutes";
- open AT, "|$at_cmd"
- or die "Can't open AT, '|$at_cmd': $!";
- print AT "ius-dav-htuserdel";
- close AT;
-
my $user_dir = "$conf->{dav_base}/$user";
mkdir "$user_dir" or die "Can't mkdir '$user_dir': $!";
@@ -115,9 +109,12 @@
open H, '>>', $htpasswd_file or die "Can't create '$htpasswd_file': $!";
close H;
}
+
my $htpasswd = new Apache::Htpasswd $htpasswd_file;
$htpasswd->htpasswd($user, $pass)
or die $htpasswd->error;
+ $htpasswd->writeInfo($user, time + 24 * 60 * 60 * $expiry)
+ or die $htpasswd->error;
my $master_user = $conf->{master_user};
my $conf_file = "$conf->{conf_d}/$user.conf";
@@ -172,14 +169,36 @@
unlink $conf_file
or $rc = -1 and warn "Can't unlink '$conf_file': $!";
- # maybe TODO: remove at job if it still exists (record job# during #
- # 'useradd'?)
-
0 == system qw(apache2ctl graceful)
or $rc =-1 and warn "Can't 'apache2ctl graceful'!";
}
+sub userexpiry {
+
+ my ($conf) = @_;
+
+ for (qw(htpasswd)) {
+ die "Can't determine '$_' - please check configuration"
+ unless defined $conf->{$_};
+ }
+
+ my $htpasswd_file = $conf->{htpasswd};
+ my $htpasswd = new Apache::Htpasswd $htpasswd_file;
+ my @users = $htpasswd->fetchUsers
+ or die "Can't fetch htuser list: ", $htpasswd->error;
+ my $now = time;
+
+ for my $u (@users) {
+ if (my $e = $htpasswd->fetchInfo($u)) {
+ userdel($conf, $u) or warn "Can't 'userdel $conf, $u'\n" if $now >= $e;
+ } else {
+ warn "Can't get expiry for '$u': ", $htpasswd->error, "\n";
+ }
+ }
+
+}
+
1;
__END__
@@ -194,8 +213,10 @@
dav-userdel
-Ius::Dav::Htpasswd - Add dav users to htpasswd and remove them automatically
-after expiration or manually.
+dav-userexpiry
+
+Ius::Dav::Htpasswd - Add dav users to htpasswd and remove them after
+expiration.
=head1 SYNOPSIS
@@ -204,6 +225,8 @@
dav-userdel -u|--user user
+dav-userexpiry
+
common options
-m|--man
@@ -213,11 +236,11 @@
=head2 dav-useradd
-Add an at job to remove the user later. Make a directory for the user. Chown
-that directory to the webserver user and group. Add the user to an htpasswd
-file. Place a config snippet for the users directory inside a directory (which
-is included from the apache config). Reload apache (or maybe restart is
-required).
+Make a directory for the user. Chown that directory to the webserver user and
+group. Add the user to an htpasswd file. Add expiry information to that
+htpasswd file. Place a config snippet for the users directory inside a
+directory (which is included from the apache config). Reload apache (or maybe
+restart is required).
=head2 dav-useradd.cgi
@@ -226,9 +249,12 @@
=head2 dav-userdel
Removes the directory of the user. Removes the user from the htpasswd file.
-Removes the config snippet for the users directory. Removes the at job that is
-supposed to remove the user if it still exists. Reload apache (or maybe restart
-is required).
+Removes the config snippet for the users directory. Reload apache (or maybe
+restart is required).
+
+=head2 dav-userexpiry
+
+Check the htpasswd file and run deletion for any expired users found.
=head1 OPTIONS
@@ -262,7 +288,8 @@
=head1 REQUIRES
-at from the 'at' job scheduler package. Several perl modules (should be installed automatically).
+Several perl modules (should be installed automatically). Some kind of cron
+daemon to run the user expiry is recommended.
=head1 AUTHOR