sss_userdel.c revision 7ffaa2afb9e03a6f0b9c602c0f03b2074ea33eac
c06dd8856a03b72f6b3f69e874f8700f10cb8522Christian Maeder Copyright (C) Jakub Hrozek <jhrozek@redhat.com> 2009
1b05bdb88b90d3c947351f262d7ae7d68f0a4a6fTill Mossakowski This program is free software; you can redistribute it and/or modify
7bf4436b6f9987b070033a323757b206c898c1beChristian Maeder it under the terms of the GNU General Public License as published by
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder the Free Software Foundation; either version 3 of the License, or
f3a94a197960e548ecd6520bb768cb0d547457bbChristian Maeder (at your option) any later version.
679d3f541f7a9ede4079e045f7758873bb901872Till Mossakowski This program is distributed in the hope that it will be useful,
679d3f541f7a9ede4079e045f7758873bb901872Till Mossakowski but WITHOUT ANY WARRANTY; without even the implied warranty of
1bb1684c83317dfd1692ab53415027b67d8f2faeTill Mossakowski MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder GNU General Public License for more details.
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder You should have received a copy of the GNU General Public License
9d34a8049237647d0188ee2ec88db2dc45f1f848Till Mossakowski along with this program. If not, see <http://www.gnu.org/licenses/>.
c529224e0ec191fbaa87261f05c34f89c17b3f3aTill Mossakowskistatic int is_logged_in(TALLOC_CTX *mem_ctx, uid_t uid)
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder DEBUG(1, ("Cannot initialize hash table.\n"));
bfa9e03532243ceb487f0384d0f6a447f1ce7670Till Mossakowski ret = hash_lookup(uid_table, &key, &value);
8fe1a8e240ccd5f3682a936ef2fa4c22fee973bcTill Mossakowskistatic int kick_user(struct tools_ctx *tctx)
1bb1684c83317dfd1692ab53415027b67d8f2faeTill Mossakowski ret = usermod(tctx, tctx->ev, tctx->sysdb, tctx->handle, tctx->octx);
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder while((child_pid = waitpid(pid, &status, 0)) > 0) {
31c49f2fa23d4ac089f35145d80a224deb6ea7e4Till Mossakowski { "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &pc_debug,
b9804822fb178b0fc27ce967a6a8cedc42c5bf90Christian Maeder 0, _("The debug level to run with"), NULL },
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder _("Remove home directory and mail spool"), NULL },
6a57a555c8ef0a79aa5d20e1d721400dbffa564aMaciek Makowski { "no-remove", 'R', POPT_ARG_NONE, NULL, 'R',
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder _("Do not remove home directory and mail spool"), NULL },
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder _("Force removal of files not owned by the user"), NULL },
b9804822fb178b0fc27ce967a6a8cedc42c5bf90Christian Maeder _("Kill users' processes before removing him"), NULL },
1b05bdb88b90d3c947351f262d7ae7d68f0a4a6fTill Mossakowski DEBUG(1, ("set_locale failed (%d): %s\n", ret, strerror(ret)));
4ea99e115bbade1632815267d5e0dcb9931aac1eChristian Maeder /* parse parameters */
8a8880f1b6a0681e636480991d45dfea11d62ff8Christian Maeder pc = poptGetContext(NULL, argc, argv, long_options, 0);
d290f2ee3d1a4d60c77c5dd06979453f3fa34fafJorina Freya Gerken while ((ret = poptGetNextOpt(pc)) > 0) {
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder DEBUG(1, ("init_sss_tools failed (%d): %s\n", ret, strerror(ret)));
c0380b947eef252db81ee562246bb732555427f4Till Mossakowski ERROR("Error initializing the tools - no local domain\n");
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder /* if the domain was not given as part of FQDN, default to local domain */
c0380b947eef252db81ee562246bb732555427f4Till Mossakowski ret = parse_name_domain(tctx, pc_username);
8a8880f1b6a0681e636480991d45dfea11d62ff8Christian Maeder ERROR("Invalid domain specified in FQDN\n");
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder * Fills in defaults for ops_ctx user did not specify.
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder ret = userdel_defaults(tctx, tctx->confdb, tctx->octx, pc_remove);
58b671de3fe578346fef9642ffa3c5a0a0edb3cbTill Mossakowski /* Error message will be printed in the switch */
58b671de3fe578346fef9642ffa3c5a0a0edb3cbTill Mossakowski if ((tctx->octx->uid < tctx->local->id_min) ||
58b671de3fe578346fef9642ffa3c5a0a0edb3cbTill Mossakowski (tctx->local->id_max && tctx->octx->uid > tctx->local->id_max)) {
4ea99e115bbade1632815267d5e0dcb9931aac1eChristian Maeder ERROR("User %s is outside the defined ID range for domain\n",
58b671de3fe578346fef9642ffa3c5a0a0edb3cbTill Mossakowski /* cancel transaction */
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder /* userdel */
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder ret = userdel(tctx, tctx->sysdb, tctx->octx);
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder /* Set SELinux login context - must be done after transaction is done
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder * b/c libselinux calls getpwnam */
c0380b947eef252db81ee562246bb732555427f4Till Mossakowski ERROR("Cannot reset SELinux login context\n");
db7143998eee23e3d781f1f1e97e953bb831df1fTill Mossakowski ERROR("WARNING: The user (uid %lu) was still logged in when "
c0380b947eef252db81ee562246bb732555427f4Till Mossakowski "deleted.\n", (unsigned long) tctx->octx->uid);
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder ERROR("Cannot determine if the user was logged in on this "
95c3e5d11dcee331dc3876a9bf0c1d6daa38e2caChristian Maeder ERROR("Error while checking if the user was logged in\n");
c0380b947eef252db81ee562246bb732555427f4Till Mossakowski ERROR("The post-delete command failed: %s\n", strerror(ret));
b10d6cef708b7a659f2d3b367e8e0db0d03ae3f5Till Mossakowski ERROR("Not removing home dir - not owned by user\n");
e379124f467e5d0ef7d3c0ca238bff0521f70831Till Mossakowski ERROR("Cannot remove homedir: %s\n", strerror(ret));
b645cf3dc1e449038ed291bbd11fcc6e02b2fc7fChristian Maeder DEBUG(1, ("sysdb operation failed (%d)[%s]\n", ret, strerror(ret)));
b9804822fb178b0fc27ce967a6a8cedc42c5bf90Christian Maeder "Removing users only allowed in local domain.\n");
c1168130136b44bcfa8946dbda76be553aa7344bTill Mossakowski ERROR("Internal error. Could not remove user.\n");