Moved the various administrative scripts into Debian packaging.

12 files changed, 0 insertions, 490 deletions

diff --git a/usr/local/bin/addaccess b/usr/local/bin/addaccess
deleted file mode 100755
index 6f734f6..0000000
--- a/usr/local/bin/addaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec /usr/bin/sudo /usr/local/sbin/addaccess "$@"
diff --git a/usr/local/bin/createuser b/usr/local/bin/createuser
deleted file mode 120000
index e9d7937..0000000
--- a/usr/local/bin/createuser
+++ /dev/null
@@ -1 +0,0 @@
-newuser
\ No newline at end of file
diff --git a/usr/local/bin/newrepo b/usr/local/bin/newrepo
deleted file mode 100755
index 05ce120..0000000
--- a/usr/local/bin/newrepo
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec /usr/bin/sudo /usr/local/sbin/newrepo "$@"
diff --git a/usr/local/bin/newuser b/usr/local/bin/newuser
deleted file mode 100755
index 841b47d..0000000
--- a/usr/local/bin/newuser
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec /usr/bin/sudo /usr/local/sbin/newuser
diff --git a/usr/local/bin/pinyshell b/usr/local/bin/pinyshell
deleted file mode 100755
index 0db88a8..0000000
--- a/usr/local/bin/pinyshell
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-cd /srv/rbin
-export PATH=/srv/rbin
-
-exec /bin/rbash "$@"
diff --git a/usr/local/bin/rmaccess b/usr/local/bin/rmaccess
deleted file mode 100755
index 6c40690..0000000
--- a/usr/local/bin/rmaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec /usr/bin/sudo /usr/local/sbin/rmaccess "$@"
diff --git a/usr/local/bin/rmrepo b/usr/local/bin/rmrepo
deleted file mode 100755
index 53bf029..0000000
--- a/usr/local/bin/rmrepo
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec /usr/bin/sudo /usr/local/sbin/rmrepo "$@"
diff --git a/usr/local/sbin/addaccess b/usr/local/sbin/addaccess
deleted file mode 100755
index 8d0cef9..0000000
--- a/usr/local/sbin/addaccess
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-use Piny;
-
-my $env = Piny::Environment->new( );
-
-my ( $reponame, @users ) = @ARGV;
-
-my $repo = Piny::Repo->new( $reponame );
-
-if ( $repo->owner->uid != $env->user->uid ) {
-  print "You are not the owner of that repo!\n";
-  exit( 3 );
-};
-
-$repo->add_access( map { Piny::User->new( $_ ) } @users );
diff --git a/usr/local/sbin/newrepo b/usr/local/sbin/newrepo
deleted file mode 100755
index 15bbde6..0000000
--- a/usr/local/sbin/newrepo
+++ /dev/null
@@ -1,243 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-my( $errorto ) = 'jrayhawk+piny.be@omgwallhack.org'; # Email address to send horrible errors to.
-my( $reponame, $email, @errors, $wikilisttempfile, $cgitrctempfile, $description );
-
-if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) {
-  print( "Usage: newrepo REPONAME\n" );
-  print( "  REPONAME must consist only of lower case letters (a-z), digits (0-9), and minus (-) signs.\n" );
-  print( "  REPONAME must be at least two characters long and must start with an alphanumeric character.\n" );
-  exit( 1 );
-} else {
-  $reponame = $ARGV[0];
-};
-
-# We want to check to see if
-#   1) $reponame already exists in some form so we don't try to create it, and
-#   2) $reponame is only partially created, in which case we want to email someone who can sanity check and fix it.
-open (PASSWD, '/etc/passwd');
-while(<PASSWD>) {
-  if( $_ =~ /^$ENV{SUDO_USER}:.+?:.+?:.+?:(.+?):/ ) { $email = $1; }; # While we're here, may as well grab the email address.
-  if( $_ =~ /^ikiwiki-$reponame:/				) { push( @errors, "user ikiwiki-$reponame already exists!\n"); };
-};
-close(PASSWD);
-open (GROUP, '/etc/group');
-while(<GROUP>) {
-  if( $_ =~ /^git-$reponame:/					) { push( @errors, "group git-$reponame already exists!\n"); };
-};
-close(GROUP);
-if( -d "/srv/git/$reponame.git"					) { push( @errors, "/srv/git/$reponame.git already exists!\n"); };
-if( -d "/srv/ikiwiki/$reponame"					) { push( @errors, "/srv/ikiwiki/$reponame already exists!\n"); };
-if( -d "/srv/www/piny.be/$reponame"		) { push( @errors, "/srv/www/piny.svcs.cs.pdx.edu/$reponame already exists!\n"); };
-if( -d "/srv/www/secure.piny.be/repos/$reponame"	) { push( @errors, "/srv/www/cgi.piny.be/repos/$reponame already exists!\n"); };
-if( -f "/etc/ikiwiki/piny/$reponame.setup"			) { push( @errors, "/etc/ikiwiki/piny/$reponame.setup already exists!\n"); };
-if( -f "/etc/ikiwiki/wikilist.d/$reponame"			) { push( @errors, "/etc/ikiwiki/wikilist.d/$reponame already exists!\n"); };
-if( -f "/etc/apache2/piny-available/$reponame"			) { push( @errors, "/etc/apache2/piny-available/$reponame already exists!\n"); };
-if( -f "/etc/cgitrc.d/$reponame"			        ) { push( @errors, "/etc/cgitrc.d/$reponame already exists!\n"); };
-
-if( @errors ) {
-  if( @errors == 10 ) { # Everything's fine, nothing is broken
-    print( "$reponame already exists!\n" );
-  } else {              # IT'S ARMAGEDDON
-    open ( MAIL, "|/usr/lib/sendmail -t" );
-    print( MAIL "To: $errorto\n" );
-    print( MAIL "From: newrepo\@piny.be\n" );
-    print( MAIL "Subject: Piny error: $ENV{SUDO_USER} found inconsistent $reponame in the creation process!\n" );
-    print( MAIL "MIME-Version: 1.0\n" );
-    print( MAIL "Content-Type: text/plain; charset=us-ascii\n" );
-    print( MAIL "\n" );
-    print( MAIL "@errors\n" );
-    close( MAIL );
-    print( "$reponame already exists but is in an inconsistent state! The Piny admins probably screwed up; they have been notified and will take a look at it.\n" );
-  };
-  exit( 2 );
-};
-
-while( 1 ) {
-
-  print( "Provide a one-line description to be used in repo listings, the shorter the better:\n" );
-  chomp( $description = <STDIN> );
-
-  if( $description !~ /^[\x{0020}-\x{FDCF}\x{FDF0}-\x{FFFD}]{1,80}$/ ) { # everything but control characters and unicode-defined non-characters
-    print( "Must be 1-80 characters long; control characters (including tab) not allowed.\n" );
-    next;
-  };
-
-  print( "Okay! Working, please wait...\n" );
-  last;
-
-};
-
-# CREATE USER/GROUPS
-unless( system( "mkdir /srv/git/$reponame.git" ) == 0 ) { # We need a locking or atomic operation as our first to check against simultaneous execution.
-  print( "Somebody else has created the same repo as you in the course of executing this program!\n" );
-  exit( 3 );
-};
-system( "/usr/sbin/addgroup --quiet git-$reponame" );
-system( "/usr/sbin/adduser --quiet --system --group --gecos $reponame ikiwiki-$reponame" );
-system( "/usr/sbin/adduser --quiet ikiwiki-$reponame git-$reponame | grep -v 'Adding user'" );
-system( "/usr/sbin/adduser --quiet $ENV{SUDO_USER} git-$reponame | grep -v 'Adding user '" );
-
-# CREATE REPO
-system( "GIT_DIR=/srv/git/$reponame.git /usr/bin/git init --template=/srv/git-template.git --quiet --shared" );
-open ( DESC, ">/srv/git/$reponame.git/description" );
-print( DESC "$description" );
-close( DESC );
-# ln -f post-receive /srv/git/$reponame.git/hooks/ # turn on e-mail commit notices
-system( "/bin/chown -R $ENV{SUDO_USER}.git-$reponame /srv/git/$reponame.git/" );
-system( "/bin/chown -R ikiwiki-$reponame.ikiwiki-$reponame /srv/git/$reponame.git/hooks/" );
-system( "/bin/touch /srv/git/$reponame.git/git-daemon-export-ok" );
-
-# WRITE IKIWIKI SETUP FILE
-open ( SETUP, ">/etc/ikiwiki/piny/$reponame.setup" );
-print( SETUP
-'#!/usr/bin/perl
-# Configuration file for ikiwiki.
-# Passing this to ikiwiki --setup will make ikiwiki generate wrappers and
-# build the wiki.
-#
-# Remember to re-run ikiwiki --setup any time you edit this file.
-
-use IkiWiki::Setup::Standard {
-	wikiname => \'' . $reponame . '\', # PINY
-	adminemail => \'' . $email . '\', # PINY
-	srcdir => \'/srv/ikiwiki/' . $reponame . '\', # PINY
-	destdir => \'/srv/www/piny.be/' . $reponame . '\', # PINY
-	url => \'http://piny.be/' . $reponame . '\', # PINY
-	cgiurl => \'https://secure.piny.be/repos/' . $reponame . '/ikiwiki.cgi\', # PINY
-	historyurl => \'https://secure.piny.be/cgit/' . $reponame . '/log/[[file]]\', # PINY
-        diffurl => \'https://secure.piny.be/cgit/' . $reponame . '/diff/?id=[[sha1_commit]]\', # PINY
-
-	templatedir => "/srv/templates",
-	underlaydir => "/etc/ikiwiki/share/underlay",
-
-	rcs => "git",
-	gitorigin_branch => "origin",
-	gitmaster_branch => "master",
-
-	wrappers => [
-		{
-			cgi => 1,
-			wrapper => \'/srv/www/secure.piny.be/repos/' . $reponame . '/ikiwiki.cgi\', # PINY
-			wrappermode => "06755",
-                        wrappergroup => \'git-' . $reponame . '\', # PINY
-		},
-		{
-			wrapper => \'/srv/git/' . $reponame . '.git/hooks/post-update\', # PINY
-			wrappermode => "06755",
-                        wrappergroup => \'git-' . $reponame . '\', # PINY
-
-			notify => 0,
-		},
-	],
-
-	# Generate rss feeds for blogs?
-	rss => 1,
-	# Generate atom feeds for blogs?
-	atom => 0,
-	# Include discussion links on all pages?
-	discussion => 0,
-	# To exclude files matching a regexp from processing. This adds to
-	# the default exclude list.
-	#exclude => qr/*\.wav/,
-	# To change the extension used for generated html files.
-	#htmlext => "htm",
-	# Time format (for strftime)
-	#timeformat => "%c",
-	# Locale to use. Must be a UTF-8 locale.
-	#locale => "en_US.UTF-8",
-	# Only send cookies over SSL connections.
-	sslcookie => 1,
-	# Logging settings:
-	verbose => 0,
-	syslog => 1,
-	# To link to user pages in a subdirectory of the wiki.
-	#userdir => "users",
-	# To create output files named page.html rather than page/index.html.
-	usedirs => 1,
-	# Simple spam prevention: require an account-creation password.
-	#account_creation_password => "example",
-	# Use new "!"-prefixed preprocessor directive syntax
-	prefix_directives => 1,
-	httpauth => 1,
-	# To add plugins, list them here.
-	add_plugins => [qw{sidebar toc meta table tag graphviz httpauth img attachment rename remove autoindex map teximg version edittemplate}],
-	disable_plugins => [qw{openid passwordauth}],
-	teximg_prefix => \'\\documentclass{scrartcl}
-\\usepackage[version=3]{mhchem}
-\\usepackage{amsmath}
-\\usepackage{amsfonts}
-\\usepackage{amssymb}
-\\pagestyle{empty}
-\\newcommand{\unit}[1]{\\ensuremath{\\, \\mathrm{#1}}}
-\\begin{document}\',
-
-	teximg_dvipng => 1,
-
-	# For use with the tag plugin, make all tags be located under a
-	# base page.
-	tagbase => "tag",
-
-	# For use with the search plugin if your estseek.cgi is located
-	# somewhere else.
-	#estseek => "/usr/lib/estraier/estseek.cgi",
-}');
-close( SETUP );
-open ( WIKILIST, '>>/etc/ikiwiki/wikilist' );
-print( WIKILIST "ikiwiki-$reponame /etc/ikiwiki/piny/$reponame.setup\n" );
-close( WIKILIST );
-
-# WRITE APACHE CONFIG
-open ( APACHE, ">/etc/apache2/piny-available/$reponame" );
-print( APACHE '<Directory /srv/www/secure.piny.be/repos/' . $reponame . '>
-	AuthPAM_Enabled on
-	AuthGROUP_Enabled on
-	AuthPAM_FallThrough off
-	AuthBasicAuthoritative off
-	AuthType Basic
-	AuthName "User access to ' . $reponame . ' repository needed."
-	Require group git-' . $reponame . '
-</Directory>' );
-close( APACHE );
-link( "/etc/apache2/piny-available/$reponame", "/etc/apache2/piny-enabled/$reponame");
-system( '/etc/init.d/apache2 reload | grep -v "Reloading web server config: apache2."' );
-
-
-# CREATE IKIWIKI WORKING DIR
-system( "/usr/bin/git clone --quiet /srv/git/$reponame /srv/ikiwiki/$reponame" );
-mkdir( "/srv/www/piny.be/$reponame" );
-mkdir( "/srv/www/secure.piny.be/repos/$reponame" );
-system( "/bin/chown -R ikiwiki-$reponame /srv/ikiwiki/$reponame /srv/www/piny.be/$reponame /srv/www/secure.piny.be/repos/$reponame" );
-
-open ( WIKILIST, ">/etc/ikiwiki/wikilist.d/$reponame" ); # Maybe someday ikiwiki will support wikilist.d.
-print( WIKILIST "ikiwiki-$reponame /etc/ikiwiki/piny/$reponame.setup\n" ); # In the meantime, we fake it.
-close( WIKILIST );
-$wikilisttempfile = `/bin/mktemp`;
-chomp( $wikilisttempfile );
-chmod ( 0644, $wikilisttempfile );
-system( "/bin/cat /etc/ikiwiki/wikilist.d/* > $wikilisttempfile" );
-system( "/bin/mv $wikilisttempfile /etc/ikiwiki/wikilist" ); # This is marginally racy, but the consequences are probably ignorable.
-
-open ( CGITRC, ">/etc/cgitrc.d/$reponame" ); # Maybe someday cgit will support cgitrc.d.
-print( CGITRC # In the meantime, we fake it.
-"repo.url=$reponame
-repo.path=/srv/git/$reponame.git
-repo.desc=$description
-repo.owner=$email
-
-" ); # cgit already escapes HTML, so we don't need to do it on $description
-close( CGITRC );
-$cgitrctempfile = `/bin/mktemp`;
-chomp( $cgitrctempfile );
-chmod ( 0644, $cgitrctempfile );
-system( "/bin/cat /etc/cgitrc.d/* > $cgitrctempfile" );
-system( "/bin/mv $cgitrctempfile /etc/cgitrepos" ); # This is marginally racy, but the consequences are minor.
-
-# COMPILE
-system( "/usr/bin/sudo -u ikiwiki-$reponame /usr/bin/ikiwiki --setup /etc/ikiwiki/piny/$reponame.setup | grep -v 'successfully generated'" );
-
-print( "Web interface: http://piny.be/$reponame/\n" );
-print( "Repo information: https://secure.piny.be/cgit/$reponame/\n" );
diff --git a/usr/local/sbin/newuser b/usr/local/sbin/newuser
deleted file mode 100755
index e0b175b..0000000
--- a/usr/local/sbin/newuser
+++ /dev/null
@@ -1,129 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-use Email::Valid::Loose qw( );
-
-# If they passed any arguments, complain and exit.
-if ( scalar @ARGV ) {
-  print "You can't pass any arguments to this script!\n";
-  exit 2;
-};
-
-# If they didn't provide a terminal definition, then assume xterm.
-# Everybody emulates xterm to at least a basic extent.
-if ( not exists $ENV{"TERM"} ) {
-  $ENV{"TERM"} = "xterm";
-  print "I don't know what terminal you're using; guessing xterm...\n";
-};
-
-# Disable buffering.
-$|++;
-
-# Configure the strictness of our email checks.
-my $checker = Email::Valid::Loose->new
-  ( "-fqdn"        => 1
-  , "-fudge"       => 0
-  , "-local_rules" => 0
-  , "-mxcheck"     => 1
-  , "-tldcheck"    => 0
-  );
-
-my ( $email, $username, $password1, $password2 );
-
-while ( 1 ) {
-
-  print "Your email address: ";
-  chomp ( $email = <STDIN> );
-
-  if ( $email eq "" ) {
-    print "You must provide an email address!\n";
-    next;
-  };
-
-  $email = $checker->address( $email );
-  if ( not defined $email ) {
-    print "Please, at least pretend to provide a valid email address.\n";
-    next;
-  };
-
-  last;
-
-};
-
-while ( 1 ) {
-
-  print "Desired username: ";
-  chomp ( $username = <STDIN> );
-
-  if ( $username eq "" ) {
-    print "You have to enter a username!\n";
-    next;
-  };
-  
-  if ( $username =~ /^git-|^ikiwiki-/ ) {
-    print "Your username cannot start with git- or ikiwiki-!\n";
-    next
-  };
-
-  if ( $username !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) {
-    print( "Usernames must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash. Usernames are case sensitive.\n" );
-    next
-  };
-
-  last;
-
-};
-
-while ( 1 ) {
-
-  system( "stty", "-echo" );
-  print "Desired password: ";
-  chomp ( $password1 = <STDIN> );
-  print "\nRetype password: ";
-  chomp ( $password2 = <STDIN> );
-  print "\n";
-  system( "stty", "echo" );
-
-  if ( $password1 ne $password2 ) {
-    print "Provided passwords do not match; try again.\n";
-    next;
-  };
-
-  if ( $password1 eq "" ) {
-    print "You have to enter a password!\n";
-    next;
-  };
-
-  last;
-
-};
-
-my @saltchars =
-  ( 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'
-  , 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'
-  , '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'
-  , '.', '/'
-  );
-
-my $salt = "\$6\$";
-
-foreach my $n ( 1 .. 16 ) {
-  $salt .= $saltchars[int ( rand ( scalar @saltchars ) )];
-};
-
-$salt .= "\$";
-
-my $crypt = crypt( $password1, $salt );
-
-my $ret = system( "/usr/sbin/useradd", "-c", "$email", "-k", "/var/empty", "-g", "users", "-m", "-p", $crypt, "-s", "/usr/local/bin/pinyshell", $username );
-
-if ( $ret ) {
-  print "An error occured creating the user; most likely, that username is already taken.\n";
-  exit 1;
-};
-
-print "Your user has been created. Try logging in!\n";
-
-exit 0;
diff --git a/usr/local/sbin/rmaccess b/usr/local/sbin/rmaccess
deleted file mode 100755
index f84fba0..0000000
--- a/usr/local/sbin/rmaccess
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-use Piny;
-
-my $env = Piny::Environment->new( );
-
-my ( $reponame, @users ) = @ARGV;
-
-my $repo = Piny::Repo->new( $reponame );
-
-if ( $repo->owner->uid != $env->user->uid ) {
-  print "You are not the owner of that repo!\n";
-  exit( 3 );
-};
-
-$repo->remove_access( map { Piny::User->new( $_ ) } @users );
diff --git a/usr/local/sbin/rmrepo b/usr/local/sbin/rmrepo
deleted file mode 100755
index 864830f..0000000
--- a/usr/local/sbin/rmrepo
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-my( $reponame, $uid, $gitowner, $wikilisttempfile, $cgitrctempfile);
-
-if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) {
-  print( "Usage: rmrepo REPONAME\n" );
-  exit( 1 );
-} else {
-  $reponame = $ARGV[0];
-};
-
-open (PASSWD, '/etc/passwd');
-while(<PASSWD>) {
-  if( $_ =~ /^$ENV{SUDO_USER}:.+?:(.+?):/ ) { $uid = $1; }; # grabbing uid.
-};
-close(PASSWD);
-
-unless( -d "/srv/git/$reponame.git" ) {
-  print( "/srv/git/$reponame.git doesn't exist!\n" );
-  exit( 2 );
-};
-
-$gitowner = (stat "/srv/git/$reponame.git")[4];
-
-if( ( $gitowner != $uid ) and ( $gitowner != 65534 ) ) {
-  print( "$reponame is not owned by you!\n" );
-  exit( 3 );
-};
-
-# We have to be careful about how we delete things; we don't want have post-update or ikiwiki.cgi thrashing, and we REALLY don't want to leave remappable owner UIDs around, but we're also keying security on /srv/git/$reponame
-system( "/bin/chown -R nobody.nogroup /srv/git/$reponame.git" );
-
-unlink( "/etc/ikiwiki/wikilist.d/$reponame" );
-$wikilisttempfile = `/bin/mktemp`;
-chomp ( $wikilisttempfile );
-chmod ( 0644, $wikilisttempfile );
-system( "/bin/cat /etc/ikiwiki/wikilist.d/* > $wikilisttempfile" );
-system( "/bin/mv $wikilisttempfile /etc/ikiwiki/wikilist" ); # This is marginally racy, but the consequences are probably ignorable.
-
-unlink( "/etc/cgitrc.d/$reponame" );
-$cgitrctempfile = `/bin/mktemp`;
-chomp ( $cgitrctempfile );
-chmod ( 0644, $cgitrctempfile );
-system( "/bin/cat /etc/cgitrc.d/* > $cgitrctempfile" );
-system( "/bin/mv $cgitrctempfile /etc/cgitrepos" ); # This is marginally racy, but the consequences are probably ignorable.
-
-system( "/bin/rm -r /srv/www/piny.be/$reponame" );
-system( "/bin/rm -r /srv/www/secure.piny.be/repos/$reponame" );
-
-unlink( "/etc/ikiwiki/piny/$reponame.setup" );
-system( "/bin/rm -r /srv/ikiwiki/$reponame" );
-
-unlink( "/etc/apache2/piny-available/$reponame" );
-unlink( "/etc/apache2/piny-enabled/$reponame" );
-system( '/etc/init.d/apache2 reload | grep -v "Reloading web server config: apache2."' );
-
-system( "/usr/sbin/delgroup --quiet git-$reponame" );
-system( "/usr/sbin/deluser --quiet --remove-home ikiwiki-$reponame" );
-system( "/usr/sbin/delgroup --quiet ikiwiki-$reponame" );
-
-system( "/bin/rm -rf /srv/git/$reponame.git" );