Perl module for managing user groups (UNIX)

Discussion in 'Perl Misc' started by J.D. Baldwin, Nov 19, 2008.

  1. J.D. Baldwin

    J.D. Baldwin Guest

    I'm looking for a module or maybe some good sample code to save me
    some labor in implementing a front-end for group management. For
    example, changing a user's primary group membership from 'foo' to
    'bar' or removing a user from one of his secondary groups, adding him
    to a new secondary group, etc.

    Seems this should be pretty straightforward, it's just that it's a lot
    of code, particularly for the error-checking. I'd rather not write it
    if I can steal-- er, "reuse" it.
    --
    _+_ From the catapult of |If anyone objects to any statement I make, I am
    _|70|___:)=}- J.D. Baldwin |quite prepared not only to retract it, but also
    \ / |to deny under oath that I ever made it.-T. Lehrer
    ***~~~~----------------------------------------------------------------------
     
    J.D. Baldwin, Nov 19, 2008
    #1
    1. Advertising

  2. J.D. Baldwin

    Tim Greer Guest

    J.D. Baldwin wrote:

    >
    >
    > I'm looking for a module or maybe some good sample code to save me
    > some labor in implementing a front-end for group management. For
    > example, changing a user's primary group membership from 'foo' to
    > 'bar' or removing a user from one of his secondary groups, adding him
    > to a new secondary group, etc.
    >
    > Seems this should be pretty straightforward, it's just that it's a lot
    > of code, particularly for the error-checking. I'd rather not write it
    > if I can steal-- er, "reuse" it.


    What OS are you using, specifically? There are likely commands that
    will do all of the error checking, file locking, etc. for you (i.e.,
    usermod, groupmod, etc.)
    --
    Tim Greer, CEO/Founder/CTO, BurlyHost.com, Inc.
    Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers
    and Custom Hosting. 24/7 support, 30 day guarantee, secure servers.
    Industry's most experienced staff! -- Web Hosting With Muscle!
     
    Tim Greer, Nov 19, 2008
    #2
    1. Advertising

  3. J.D. Baldwin

    smallpond Guest

    On Nov 19, 12:49 pm, (J.D.
    Baldwin) wrote:
    > I'm looking for a module or maybe some good sample code to save me
    > some labor in implementing a front-end for group management. For
    > example, changing a user's primary group membership from 'foo' to
    > 'bar' or removing a user from one of his secondary groups, adding him
    > to a new secondary group, etc.
    >
    > Seems this should be pretty straightforward, it's just that it's a lot
    > of code, particularly for the error-checking. I'd rather not write it
    > if I can steal-- er, "reuse" it.



    webmin is written in perl.
     
    smallpond, Nov 19, 2008
    #3
  4. On 2008-11-19, J.D. Baldwin <> wrote:
    *SKIP*
    > Seems this should be pretty straightforward, it's just that it's a lot
    > of code, particularly for the error-checking. I'd rather not write it
    > if I can steal-- er, "reuse" it.


    {50997:35} [0:1]$ file /usr/sbin/adduser
    /usr/sbin/adduser: a /usr/bin/perl script text executable
    {51006:36} [0:0]$ dpkg -S /usr/sbin/adduser
    adduser: /usr/sbin/adduser
    {51168:38} [0:0]$ apt-cache show -a=no adduser |grep Homepage
    Homepage: http://alioth.debian.org/projects/adduser/

    --
    Torvalds' goal for Linux is very simple: World Domination
     
    Eric Pozharski, Nov 19, 2008
    #4
  5. J.D. Baldwin

    J.D. Baldwin Guest

    In the previous article, Tim Greer <> wrote:
    > What OS are you using, specifically? There are likely commands that
    > will do all of the error checking, file locking, etc. for you (i.e.,
    > usermod, groupmod, etc.)


    While platform-independence is a nice-to-have objective for the longer
    term, all the hosts in the system in question are Solaris 8/9/10 at
    the moment.

    What I do now involves usermod -- but you can't just tell usermod "add
    this guy to this group." You have to say "Assign this guy to
    secondary membership of all these groups." As a result, I have to
    collect all the existing groups, figure out which ones are
    secondaries, error-check the request, then execute the comment. That
    error-checking is the most involved step by far; there are a lot of
    ways to malform a request. Then we have the case of asking to delete
    a user's primary group, which of course involves picking one of the
    secondary groups to assign in its place ... and so on and so forth.

    It's not that I can't do this, it's just that I'd rather not write 500
    lines of code if someone has module-ized the tasks.
    --
    _+_ From the catapult of |If anyone objects to any statement I make, I am
    _|70|___:)=}- J.D. Baldwin |quite prepared not only to retract it, but also
    \ / |to deny under oath that I ever made it.-T. Lehrer
    ***~~~~----------------------------------------------------------------------
     
    J.D. Baldwin, Dec 1, 2008
    #5
  6. On 2008-12-01 16:23, J.D. Baldwin <> wrote:
    > What I do now involves usermod -- but you can't just tell usermod "add
    > this guy to this group." You have to say "Assign this guy to
    > secondary membership of all these groups." As a result, I have to
    > collect all the existing groups, figure out which ones are
    > secondaries, error-check the request, then execute the comment. That
    > error-checking is the most involved step by far; there are a lot of
    > ways to malform a request. Then we have the case of asking to delete
    > a user's primary group, which of course involves picking one of the
    > secondary groups to assign in its place ... and so on and so forth.
    >
    > It's not that I can't do this, it's just that I'd rather not write 500
    > lines of code if someone has module-ized the tasks.


    Your estimate is remarkably correct:

    % wc -l sync_*
    [...]
    502 sync_hpux_user
    [...]

    My sync_hpux_user script has almost exactly 500 lines ;-). It does the
    stuff you describe. Unfortunately it is not well modularized, and the
    sync_* scripts in general are rather crufty. I've meant to rewrite the
    whole system for years, but there is never time.

    hp
     
    Peter J. Holzer, Dec 1, 2008
    #6
  7. J.D. Baldwin

    Tim Greer Guest

    J.D. Baldwin wrote:

    >
    > In the previous article, Tim Greer <> wrote:
    >> What OS are you using, specifically? There are likely commands that
    >> will do all of the error checking, file locking, etc. for you (i.e.,
    >> usermod, groupmod, etc.)

    >
    > While platform-independence is a nice-to-have objective for the longer
    > term, all the hosts in the system in question are Solaris 8/9/10 at
    > the moment.
    >
    > What I do now involves usermod -- but you can't just tell usermod "add
    > this guy to this group." You have to say "Assign this guy to
    > secondary membership of all these groups." As a result, I have to
    > collect all the existing groups, figure out which ones are
    > secondaries, error-check the request, then execute the comment. That
    > error-checking is the most involved step by far; there are a lot of
    > ways to malform a request. Then we have the case of asking to delete
    > a user's primary group, which of course involves picking one of the
    > secondary groups to assign in its place ... and so on and so forth.
    >
    > It's not that I can't do this, it's just that I'd rather not write 500
    > lines of code if someone has module-ized the tasks.


    Got ya. I can't see the earlier articles in this thread, as my news
    reader is configured to drop articles which I've already read after 30
    days has passed (that is intentional), so could you (re)post the
    relevant code you have now, if you have any? Pardon me if you've
    already posted it. Sorry, I don't personally know of an existing
    module for this, but there could be one. I'm sure there are some
    existing solutions out there posted, which could probably be modified
    if they aren't exactly what you need now... but your own code might be
    close enough now for that task, too.
    --
    Tim Greer, CEO/Founder/CTO, BurlyHost.com, Inc.
    Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers
    and Custom Hosting. 24/7 support, 30 day guarantee, secure servers.
    Industry's most experienced staff! -- Web Hosting With Muscle!
     
    Tim Greer, Dec 1, 2008
    #7
  8. J.D. Baldwin

    J.D. Baldwin Guest

    In the previous article, Tim Greer <> wrote:
    > Got ya. I can't see the earlier articles in this thread, as my news
    > reader is configured to drop articles which I've already read after
    > 30 days has passed (that is intentional), so could you (re)post the
    > relevant code you have now, if you have any? Pardon me if you've
    > already posted it. Sorry, I don't personally know of an existing
    > module for this, but there could be one. I'm sure there are some
    > existing solutions out there posted, which could probably be
    > modified if they aren't exactly what you need now... but your own
    > code might be close enough now for that task, too.


    The code I have is at work just now and is such a mess that my plan is
    to throw it out and start from scratch. Here's my original query,
    though:


    I'm looking for a module or maybe some good sample code to
    save me some labor in implementing a front-end for group
    management. For example, changing a user's primary group
    membership from 'foo' to 'bar' or removing a user from one of
    his secondary groups, adding him to a new secondary group,
    etc.

    Seems this should be pretty straightforward, it's just that
    it's a lot of code, particularly for the error-checking. I'd
    rather not write it if I can steal-- er, "reuse" it.
    --
    _+_ From the catapult of |If anyone objects to any statement I make, I am
    _|70|___:)=}- J.D. Baldwin |quite prepared not only to retract it, but also
    \ / |to deny under oath that I ever made it.-T. Lehrer
    ***~~~~----------------------------------------------------------------------
     
    J.D. Baldwin, Dec 1, 2008
    #8
  9. d (J.D. Baldwin) writes:

    > I'm looking for a module or maybe some good sample code to save me
    > some labor in implementing a front-end for group management. For
    > example, changing a user's primary group membership from 'foo' to
    > 'bar' or removing a user from one of his secondary groups, adding him
    > to a new secondary group, etc.
    >
    > Seems this should be pretty straightforward, it's just that it's a lot
    > of code, particularly for the error-checking. I'd rather not write it
    > if I can steal-- er, "reuse" it.


    Hmm.

    How about the Debian adduser and addgroup scripts? I just took a short
    look at them, and I think they could be ported to Solaris without too
    much trouble.

    Regards,

    Mart

    --
    "We will need a longer wall when the revolution comes."
    --- AJS, quoting an uncertain source.
     
    Mart van de Wege, Dec 3, 2008
    #9
  10. J.D. Baldwin

    J.D. Baldwin Guest

    In the previous article, Mart van de Wege
    <> wrote:
    > How about the Debian adduser and addgroup scripts? I just took a
    > short look at them, and I think they could be ported to Solaris
    > without too much trouble.


    Thanks. I'll give them a look.
    --
    _+_ From the catapult of |If anyone objects to any statement I make, I am
    _|70|___:)=}- J.D. Baldwin |quite prepared not only to retract it, but also
    \ / |to deny under oath that I ever made it.-T. Lehrer
    ***~~~~----------------------------------------------------------------------
     
    J.D. Baldwin, Dec 3, 2008
    #10
  11. J.D. Baldwin

    Dr.Ruud Guest

    J.D. Baldwin schreef:
    > I'm looking for a module or maybe some good sample code to save me
    > some labor in implementing a front-end for group management. For
    > example, changing a user's primary group membership from 'foo' to
    > 'bar' or removing a user from one of his secondary groups, adding him
    > to a new secondary group, etc.
    >
    > Seems this should be pretty straightforward, it's just that it's a lot
    > of code, particularly for the error-checking. I'd rather not write it
    > if I can steal-- er, "reuse" it.


    You could look into LDAP, several modules and front-ends available.

    --
    Affijn, Ruud

    "Gewoon is een tijger."
     
    Dr.Ruud, Dec 3, 2008
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Tim Daneliuk
    Replies:
    4
    Views:
    1,231
    Kanenas
    Mar 1, 2005
  2. Desperado

    managing local groups

    Desperado, Nov 29, 2006, in forum: C++
    Replies:
    1
    Views:
    309
    Victor Bazarov
    Nov 29, 2006
  3. Chris Angelico

    Re: Managing Google Groups headaches

    Chris Angelico, Nov 28, 2013, in forum: Python
    Replies:
    49
    Views:
    353
    Mark Lawrence
    Dec 4, 2013
  4. rusi
    Replies:
    39
    Views:
    300
  5. Cameron Simpson

    Re: Managing Google Groups headaches

    Cameron Simpson, Dec 4, 2013, in forum: Python
    Replies:
    4
    Views:
    115
Loading...

Share This Page