Menu
▾
▴
[webmin-l] SeLinux and Dovecot problems on Fedora Core 5
|
From: Carlton T. <ca...@gi...> - 2007-01-31 11:18:11
|
Hi Jamie,
Some time ago you kindly helped me to put together a script to migrate
users from one Unix box to another, where each box used a different OS.
Basically, the script reads the password file on the source box, creates
the user on the destination box (using the encrypted password) and copies
all the user files (including mailboxes).
That script worked fine and all users were able to collect mail from the
new server using Dovecot with no problems. We are now adding users to the
new box using the Webmin adduser interface. However, Dovecot is having
problems reading from these mailboxes because of SeLinux restrictions.
My question is: What is the difference between the way the script creates
the user accounts and the way the Adduser interface creates the accounts
that causes Dovecot to have problems in one case but not the other.
A copy of the script is shown below (sorry, my Perl is not the best, but
it works):
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#!/usr/bin/perl
# migrate-users.pl
# Copy user account
$no_acl_check++;
$ENV{'WEBMIN_CONFIG'} ||= "/etc/webmin";
$ENV{'WEBMIN_VAR'} ||= "/var/webmin";
if ($0 =~ /^(.*\/)[^\/]+$/) {
chdir($1);
}
chop($pwd = `pwd`);
$0 = "$pwd/migrate-users.pl";
require './web-lib.pl';
&init_config();
$< == 0 || die "migrate-users.pl must be run as root";
&foreign_require("useradmin", "user-lib.pl");
&useradmin::making_changes();
$passwordfile = "XXXXXXXXXXXXXXXX";
open (MASTERPASS, "$passwordfile") || die "cant open password file";
USERNAME:
while ($line = <MASTERPASS>)
{
&useradmin::build_user_used(\%used);
# Parse user and create object
chop ($line);
($s1_user, $s1_encpass, $s1_gid, $s1_uid,
$s1_tbd_1, $s1_tbd_2, $s1_tbd_3, $s1_real, $s1_home, $s1_shell) = split (/:/, $line);
print "\n\n>>>> Create user: $s1_user? (y or n): ";
$a = <STDIN>;
if ($a eq "n\n") {next USERNAME;}
$user->{'user'} = $s1_user;
$user->{'uid'} = 550;
while($used{$user->{'uid'}})
{
$user->{'uid'}++;
}
$user->{'home'} = "/home/$s1_user";
$user->{'shell'} = "/bin/false";
$user->{'pass'} = $s1_encpass;
$user->{'gid'} = 100;
$user->{'real'} = $s1_real;
&useradmin::create_user($user);
&useradmin::create_home_directory(\%user, $user->{'home'});
&useradmin::set_ownership_permissions($user->{'uid'}, $user->{'gid'}, undef, $user->{'home'});
$uf = "/etc/skel.user";
$shell = $user->{'shell'}; $shell =~ s/^(.*)\///g;
$uf =~ s/\$group/$user->{'gid'}/g;
$uf =~ s/\$gid/$user->{'gid'}/g;
$uf =~ s/\$shell/$shell/g;
&useradmin::copy_skel_files($uf, $user->{'home'}, $user->{'uid'}, $user->{'gid'});
# copy home files
system ("rcp -rp source_server:$s1_home/* $user->{'home'}");
system ("chown -R $user->{'uid'}.$user->{'gid'} $user->{'home'}");
# copy mail
system ("rcp -rp source_server:/var/mail/$user->{'user'} /var/spool/mail");
system ("chown $user->{'uid'}.mail /var/spool/mail/$user->{'user'}");
&useradmin::set_ownership_permissions($user->{'uid'}, $user->{'gid'}, undef, $user->{'home'});
print "Created user: $s1_user\n";
}
}
&useradmin::made_changes();
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Regards !
--
Carlton
=============================
GIFFORD INTERNET SERVICES
Bristol, United Kingdom
Tel: 0845 868 2245
Fax: 0845 004 6843
Email: ad...@gi...
Web: http://www.gifford.co.uk
=============================
|
