3 # Copyright 1995, 1996, 1997 Guy Helmer, Ames, Iowa 50014.
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions
9 # 1. Redistributions of source code must retain the above copyright
10 # notice, this list of conditions and the following disclaimer as
11 # the first lines of this file unmodified.
12 # 2. Redistributions in binary form must reproduce the above copyright
13 # notice, this list of conditions and the following disclaimer in the
14 # documentation and/or other materials provided with the distribution.
15 # 3. The name of the author may not be used to endorse or promote products
16 # derived from this software without specific prior written permission.
18 # THIS SOFTWARE IS PROVIDED BY GUY HELMER ``AS IS'' AND ANY EXPRESS OR
19 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 # IN NO EVENT SHALL GUY HELMER BE LIABLE FOR ANY DIRECT, INDIRECT,
22 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 # rmuser - Perl script to remove users
31 # Guy Helmer <ghelmer@cs.iastate.edu>, 02/23/97
41 $ENV{"PATH"} = "/bin:/sbin:/usr/bin:/usr/sbin";
44 $passwd_file = "/etc/master.passwd";
46 $group_file = "/etc/group";
47 $new_group_file = "${group_file}.new.$$";
48 $mail_dir = "/var/mail";
49 $crontab_dir = "/var/cron/tabs";
57 print STDERR "Caught signal SIG$sig -- cleaning up.\n";
59 if (-e $new_passwd_file) {
60 unlink $new_passwd_file;
66 # Open the password file for reading
67 if (!open(MASTER_PW, "$passwd_file")) {
68 print STDERR "${whoami}: Error: Couldn't open ${passwd_file}: $!\n";
71 # Set the close-on-exec flag just in case
72 fcntl(MASTER_PW, &F_SETFD, 1);
73 # Apply an advisory lock the password file
74 if (!flock(MASTER_PW, &LOCK_EX|&LOCK_NB)) {
75 print STDERR "${whoami}: Error: Couldn't lock ${passwd_file}: $!\n";
81 flock(MASTER_PW, &LOCK_UN);
84 $SIG{'INT'} = 'cleanup';
85 $SIG{'QUIT'} = 'cleanup';
86 $SIG{'HUP'} = 'cleanup';
87 $SIG{'TERM'} = 'cleanup';
89 if ($#ARGV == 1 && $ARGV[0] eq '-y') {
95 print STDERR "usage: ${whoami} [-y] [username]\n";
100 print STDERR "${whoami}: Error: you must be root to use ${whoami}\n";
107 # Username was given as a parameter
108 $login_name = pop(@ARGV);
111 print STDERR "${whoami}: Error: -y option given without username!\n";
115 # Get the user name from the user
116 $login_name = &get_login_name;
119 ($name, $password, $uid, $gid, $change, $class, $gecos, $home_dir, $shell) =
120 (getpwnam("$login_name"));
123 print STDERR "${whoami}: Error: User ${login_name} not in password database\n";
129 print "${whoami}: Error: I'd rather not remove a user with a uid of 0.\n";
135 print "Matching password entry:\n\n$name\:$password\:$uid\:$gid\:$class\:$change\:0\:$gecos\:$home_dir\:$shell\n\n";
137 $ans = &get_yn("Is this the entry you wish to remove? ");
140 print "${whoami}: Informational: User ${login_name} not removed.\n";
147 # Get owner of user's home directory; don't remove home dir if not
148 # owned by $login_name
150 $remove_directory = 1;
153 $real_home_dir = &resolvelink($home_dir);
155 $real_home_dir = $home_dir;
159 # If home_dir is a symlink and points to something that isn't a directory,
160 # or if home_dir is not a symlink and is not a directory, don't remove
161 # home_dir -- seems like a good thing to do, but probably isn't necessary...
163 if (((-l $home_dir) && ((-e $real_home_dir) && !(-d $real_home_dir))) ||
164 (!(-l $home_dir) && !(-d $home_dir))) {
165 print STDERR "${whoami}: Informational: Home ${home_dir} is not a directory, so it won't be removed\n";
166 $remove_directory = 0;
169 if (length($real_home_dir) && -d $real_home_dir) {
170 $dir_owner = (stat($real_home_dir))[4]; # UID
171 if ($dir_owner != $uid) {
172 print STDERR "${whoami}: Informational: Home dir ${real_home_dir} is" .
173 " not owned by ${login_name} (uid ${dir_owner})\n," .
174 "\tso it won't be removed\n";
175 $remove_directory = 0;
179 if ($remove_directory && ! $affirm) {
180 $ans = &get_yn("Remove user's home directory ($home_dir)? ");
182 $remove_directory = 0;
189 # Remove the user's crontab, if there is one
190 # (probably needs to be done before password databases are updated)
192 if (-e "$crontab_dir/$login_name") {
193 print STDERR "Removing user's crontab:";
194 system('/usr/bin/crontab', '-u', $login_name, '-r');
195 print STDERR " done.\n";
199 # Remove the user's at jobs, if any
200 # (probably also needs to be done before password databases are updated)
202 &remove_at_jobs($login_name);
205 # Kill all the user's processes
207 &kill_users_processes($login_name, $uid);
210 # Copy master password file to new file less removed user's entry
215 # Remove the user from all groups in /etc/group
217 &update_group_file($login_name);
220 # Remove the user's home directory
222 if ($remove_directory) {
223 print STDERR "Removing user's home directory ($home_dir):";
224 &remove_dir($home_dir);
225 print STDERR " done.\n";
229 # Remove files related to the user from the mail directory
231 #&remove_files_from_dir($mail_dir, $login_name, $uid);
232 $file = "$mail_dir/$login_name";
233 if (-e $file || -l $file) {
234 print STDERR "Removing user's incoming mail file ${file}:";
236 print STDERR "\n${whoami}: Warning: unlink on $file failed ($!) - continuing\n";
237 print STDERR " done.\n";
241 # Remove some pop daemon's leftover file
243 $file = "$mail_dir/.${login_name}.pop";
244 if (-e $file || -l $file) {
245 print STDERR "Removing pop daemon's temporary mail file ${file}:";
247 print STDERR "\n${whoami}: Warning: unlink on $file failed ($!) - continuing\n";
248 print STDERR " done.\n";
252 # Remove files belonging to the user from the directories /tmp, /var/tmp,
253 # and /var/tmp/vi.recover. Note that this doesn't take care of the
254 # problem where a user may have directories or symbolic links in those
255 # directories -- only regular files are removed.
257 &remove_files_from_dir('/tmp', $login_name, $uid);
258 &remove_files_from_dir('/var/tmp', $login_name, $uid);
259 &remove_files_from_dir('/var/tmp/vi.recover', $login_name, $uid)
260 if (-e '/var/tmp/vi.recover');
269 # Get new user's name
270 local($done, $login_name);
272 for ($done = 0; ! $done; ) {
273 print "Enter login name for user to remove: ";
276 if (not getpwnam("$login_name")) {
277 print STDERR "Sorry, login name not in password database.\n";
283 print "User name is ${login_name}\n" if $debug;
289 # Get a yes or no answer; return 'Y' or 'N'
293 for ($done = 0; ! $done; ) {
298 if (!($ans =~ /^[YN]/)) {
299 print STDERR "Please answer (y)es or (n)o.\n";
305 return(substr($ans, 0, 1));
308 sub update_passwd_file {
311 print STDERR "Updating password file,";
312 seek(MASTER_PW, 0, 0);
314 sysopen(NEW_PW, $etc_ptmp, O_RDWR|O_CREAT|O_EXCL, 0600) ||
315 die "\n${whoami}: Error: Couldn't open file ${etc_ptmp}:\n $!\n";
318 while (<MASTER_PW>) {
319 if (/^\Q$login_name:/o) {
320 print STDERR "Dropped entry for $login_name\n" if $debug;
324 # The other perl password tools assume all lowercase entries.
325 # Add a warning to help unsuspecting admins who might be
326 # using the wrong tool for the job, or might otherwise
327 # be unwittingly holding a loaded foot-shooting device.
328 if (/^\Q$login_name:/io) {
331 print STDERR "\n\n\tThere is also an entry for $name in your",
332 "password file.\n\tThis can cause problems in some ",
338 seek(MASTER_PW, 0, 0);
341 print STDERR "\n${whoami}: Whoops! Didn't find ${login_name}'s entry second time around!\n";
343 print STDERR "\n${whoami}: Warning: couldn't unlink $etc_ptmp ($!)\n\tPlease investigate, as this file should not be left in the filesystem\n";
349 # Run pwd_mkdb to install the updated password files and databases
351 print STDERR " updating databases,";
352 system('/usr/sbin/pwd_mkdb', '-p', ${passwd_file});
353 print STDERR " done.\n";
355 close(MASTER_PW); # Not useful anymore
358 sub update_group_file {
359 local($login_name) = @_;
361 local($i, $j, $grmember_list, $new_grent, $changes);
362 local($grname, $grpass, $grgid, $grmember_list, @grmembers);
365 print STDERR "Updating group file:";
366 open(GROUP, $group_file) ||
367 die "\n${whoami}: Error: couldn't open ${group_file}: $!\n";
368 if (!flock(GROUP, &LOCK_EX|&LOCK_NB)) {
369 print STDERR "\n${whoami}: Error: couldn't lock ${group_file}: $!\n";
372 local($group_perms, $group_uid, $group_gid) =
373 (stat(GROUP))[2, 4, 5]; # File Mode, uid, gid
374 open(NEW_GROUP, ">$new_group_file") ||
375 die "\n${whoami}: Error: couldn't open ${new_group_file}: $!\n";
376 chmod($group_perms, $new_group_file) ||
377 printf STDERR "\n${whoami}: Warning: could not set permissions of new group file to %o ($!)\n\tContinuing, but please check permissions of $group_file!\n", $group_perms;
378 chown($group_uid, $group_gid, $new_group_file) ||
379 print STDERR "\n${whoami}: Warning: could not set owner/group of new group file to ${group_uid}/${group_gid} ($!)\n\rContinuing, but please check ownership of $group_file!\n";
380 while ($i = <GROUP>) {
381 if (!($i =~ /$login_name/)) {
382 # Line doesn't contain any references to the user, so just add it
387 # Remove the user from the group
391 ($grname, $grpass, $grgid, $grmember_list) = split(/:/, $i);
392 @grmembers = split(/,/, $grmember_list);
393 undef @new_grmembers;
394 local(@new_grmembers);
395 foreach $j (@grmembers) {
396 if ($j ne $login_name) {
397 push(@new_grmembers, $j);
399 print STDERR " $grname";
403 if ($grname eq $login_name && $#new_grmembers == -1) {
404 # Remove a user's personal group if empty
405 print STDERR " (removing group $grname -- personal group is empty)";
408 $grmember_list = join(',', @new_grmembers);
409 $new_grent = join(':', $grname, $grpass, $grgid, $grmember_list);
410 print NEW_GROUP "$new_grent\n";
415 rename($new_group_file, $group_file) || # Replace old group file with new
416 die "\n${whoami}: Error: couldn't rename $new_group_file to $group_file ($!)\n";
417 close(GROUP); # File handle is worthless now
418 print STDERR " (no changes)" if (! $changes);
419 print STDERR " done.\n";
423 # Remove the user's home directory
428 $linkdir = &resolvelink($dir);
429 # Remove the symbolic link
431 warn "${whoami}: Warning: could not unlink symlink $dir: $!\n";
432 if (!(-e $linkdir)) {
434 # Dangling symlink - just return now
437 # Set dir to be the resolved pathname
441 print STDERR "${whoami}: Warning: $dir is not a directory\n";
442 unlink($dir) || warn "${whoami}: Warning: could not unlink $dir: $!\n";
445 system('/bin/rm', '-rf', $dir);
448 sub remove_files_from_dir {
449 local($dir, $login_name, $uid) = @_;
450 local($path, $i, $owner);
452 print STDERR "Removing files belonging to ${login_name} from ${dir}:";
454 if (!opendir(DELDIR, $dir)) {
455 print STDERR "\n${whoami}: Warning: couldn't open directory ${dir} ($!)\n";
458 while ($i = readdir(DELDIR)) {
462 $owner = (stat("$dir/$i"))[4]; # UID
463 if ($uid == $owner) {
467 print STDERR "\n${whoami}: Warning: unlink on ${dir}/${i} failed ($!) - continuing\n";
469 print STDERR " ($i not a regular file - skipped)";
475 printf STDERR " done.\n";
481 my($user) = (shift || "");
482 my($path_atq) = "/usr/bin/atq";
486 return @at if ($user eq "");
488 if (!defined($pid = open(ATQ, "-|"))) {
489 die("creating pipe to atq: $!\n");
490 } elsif ($pid == 0) {
491 exec($path_atq, $user);
492 die("executing $path_atq: $!\n");
495 while(defined($_ = <ATQ>)) {
497 if (/^\d\d:\d\d:\d\d\s+\d\d\/\d\d\/\d\d\s+(\S+)\s+\S+\s+(\d+)$/) {
498 push(@at, $2) if ($1 eq $user);
507 my($user) = (shift || "");
508 my($path_atrm) = "/usr/bin/atrm";
513 return "Invalid arguments" if (($user eq "") || ($#jobs == -1));
515 if (!defined($pid = open(ATRM, "-|"))) {
516 die("creating pipe to atrm: $!\n");
517 } elsif ($pid == 0) {
518 exec($path_atrm, $user, @jobs);
521 while(defined($_ = <ATRM>)) {
529 my($user) = (shift || "");
532 return 1 if ($user eq "");
534 print STDERR "Removing user's at jobs:";
535 @at = invoke_atq($user);
536 return 0 if ($#at == -1);
538 print STDERR " @at:";
539 $atrm = invoke_atrm($user, @at);
541 print STDERR " -- $atrm\n";
545 print STDERR "done.\n";
553 while (-l $path && -e $path) {
554 if (!defined($l = readlink($path))) {
555 die "${whoami}: readlink on $path failed (but it should have worked!): $!\n";
562 $path =~ s/\/[^\/]+\/?$/\/$l/; # Replace last component of path
568 sub kill_users_processes {
569 local($login_name, $uid) = @_;
570 local($pid, $result);
573 # Do something a little complex: fork a child that changes its
574 # real and effective UID to that of the removed user, then issues
575 # a "kill(9, -1)" to kill all processes of the same uid as the sender
576 # (see kill(2) for details).
577 # The parent waits for the exit of the child and then returns.
582 } elsif (defined $pid) {
586 if ($< != $uid || $> != $uid) {
587 print STDERR "${whoami}: Error (kill_users_processes):\n" .
588 "\tCouldn't reset uid/euid to ${uid}: current uid/euid's are $< and $>\n";
591 $result = kill(9, -1);
592 print STDERR "Killed process(es) belonging to $login_name.\n"
597 print STDERR "${whoami}: Error: couldn't fork to kill ${login_name}'s processes - continuing\n";