From owner-freebsd-questions Wed Oct 17 10: 8:35 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.fiducial.com (mail.fiducial.com [63.121.74.250]) by hub.freebsd.org (Postfix) with ESMTP id B056137B407 for ; Wed, 17 Oct 2001 10:08:14 -0700 (PDT) Received: from xonix.com (pool-162-83-203-248.ny5030.east.verizon.net [162.83.203.248]) by mail.fiducial.com (8.11.1/8.11.1) with ESMTP id f9HH19V42894; Wed, 17 Oct 2001 13:01:09 -0400 (EDT) (envelope-from ugen@xonix.com) Message-ID: <3BCDBCB4.5A6B3520@xonix.com> Date: Wed, 17 Oct 2001 13:15:32 -0400 From: Ugen X-Mailer: Mozilla 4.76 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Ken McGlothlen Cc: Keith Spencer , fbsd Subject: Re: For script wizards-> Parse a delimited list to add htusers References: <20010923005845.88867.qmail@web12006.mail.yahoo.com> <20011017165503.399001B9C52@ralf.artlogix.com> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG There should be PAM module for smb / NT domain auth. --ugen Ken McGlothlen wrote: > Keith Spencer writes: > > | Hi all, > | I have an interesting problem. > | I run a school network and have installed squid to > | proxy for our ADSL fbsd gateway (4.3 releng) > | I have figured out how to get a by-user/password > | access challenge from squid. I need to be able to kick > | kids off at times. > | I am into VB but know nix of Perl etc. > | The ideal thing would be to have a web driven user > | database on the gateway but It is likely too tricky > | for me to do. (see scenario at page bottom) > | How can I parse a delimited file like... > | user1,password1 > | user2,password2 > | .... etc > | using htpasswd to add each entry to my /etc/inetusers > | file > > Well, here's a Perl script that would do it. I'll heavily comment it for you: > > ------------------------------------------------------------------------------- > #!/usr/bin/perl -w > # The above line is necessary. Lines beginning with "#" are comments, but the > # first line is special if it starts with "#!"; the remainder of the line tells > # Unix what command interpreter runs this shell. The "-w" turns warnings on. > > use strict; > # This line makes Perl "strict" about various things. It's generally a good > # idea, since it helps with debugging and writing better code. > > my( $htpasswd ) = "/usr/local/bin/htpasswd"; > # Shorthand for where the htpasswd binary is. Best to specify this in absolute > # terms, since you don't want any unforeseen interactions. > > my( $passwdfile ) = "/etc/inetusers"; > # The file you're asking htpasswd to put things into. > > while( <> ) { > # This rather cryptic line means "while I'm still reading lines from the > # standard input into the default variable $_, do the block... > > chomp; > # This "chomps" the default variable $_, removing the newline. This sort > # of thing isn't usually necessary in BASIC, but Perl respects the newline > # character, whether you do or not. > > my( $username, $password ) = split( /,/ ); > # This "splits" the string on every "," character. If the file is > # delimited as you have it above (with no space on either side of the > # comma), and no leading and trailing spaces, this will split it into two > # components, which are then assigned to $username and $password, > # respectively. > > `$htpasswd -b $passwdfile $username $password`; > # The "backticks" are a common scripting method to execute a Unix command. > # It's sort of a sneaky shortcut in this case, but it works. > > } > # That's it for the loop, and the script. > ------------------------------------------------------------------------------- > > In uncommented form, this is simply: > > ------------------------------------------------------------------------------- > #!/usr/bin/perl -w > > use strict; > > my( $htpasswd ) = "/usr/local/bin/htpasswd"; > my( $passwdfile ) = "/etc/inetusers"; > > while( <> ) { > chomp; > my( $username, $password ) = split( /,/ ); > `$htpasswd -b $passwdfile $username $password`; > } > ------------------------------------------------------------------------------- > > | It would be even better if I could just somehow import the users from the NT > | domain. But again...know not how. > > Unfortunately, neither do I. > > | Anyway here is a scenario (best case) > | Maybe you have suggestions for this or a neat solution > | ############################# > | files = bannedlist , schooluserlist, inetusers > | student fires up browser > | challenged for user password > | if valid ok surf > | else if on banned list goodbye > | else if not in valid nor banned list then > | get them to supply password > | addit to htpassword file > | let them in > | ############################## > | What do you think? > > Well, if a simple password file isn't going to cut it, you're certainly going > to have to resort to CGI scripts at bare minimum. htpasswd is a very simple > authentication scheme; if you want to keep track of "banned" users, and allow > users to add accounts, it's gonna be a bit trickier than a simple Perl script. > > However, there's a lot of help out there. The Apache site is a good place to > start. > > http://www.apache.org/ > > Best of luck. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message