1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147
|
#! /usr/local/bin/perl
# convert a passwd(5) and optional supplementary file into the new
# file format
# Please NOTE: None of the TACACS code available here comes with any
# warranty or support.
# Copyright (c) 1995-2000 by Cisco systems, Inc.
#
# Permission to use, copy, modify, and distribute modified and
# unmodified copies of this software for any purpose and without fee is
# hereby granted, provided that (a) this copyright and permission notice
# appear on all copies of the software and supporting documentation, (b)
# the name of Cisco Systems, Inc. not be used in advertising or
# publicity pertaining to distribution of the program without specific
# prior permission, and (c) notice be given in supporting documentation
# that use, modification, copying and distribution is by permission of
# Cisco Systems, Inc.
#
# Cisco Systems, Inc. makes no representations about the suitability of this
# software for any purpose. THIS SOFTWARE IS PROVIDED ``AS IS''
# AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
# LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE.
die 'Usage: convert.pl <password file> [-g] [ <supplementary file> ]'
if $#ARGV < 0;
$pwfile = '';
$supfile = '';
%sup = ();
$acl_valid = 0; # is acl valid in gid field?
$pwfile = shift(@ARGV);
while ($#ARGV >= 0) {
local($arg) = shift(@ARGV);
$acl_valid++, next if ($arg eq '-g');
$supfile = $arg;
}
if ($supfile) {
open(SUP, $supfile) || die "Can't read $supfile -- $!";
while(<SUP>) {
next if /^#/;
chop;
local($user, $inacl, $outacl, $arap, $chap) = split(/:/);
if (defined $sup{$user,'user'}) {
die "User $user is multiply defined on lines $sup{$user,'user'} and $. of $supfile";
}
$users{$user} = 1;
$sup{$user,'user'} = $.;
$sup{$user,'inacl'} = $inacl;
$sup{$user,'outacl'} = $outacl;
$sup{$user,'arap'} = $arap;
$sup{$user,'chap'} = $chap;
}
close(SUP);
}
open(PASSWD, $pwfile) || die "Can't read $pwfile -- $!";
while(<PASSWD>) {
chop;
next if ($_ eq '');
local($user, $pass, $uid, $gid, $gcos, $home, $exp) = split(/:/);
$users{$user} = 2;
print "user = $user {\n";
print " login = des $pass\n";
if (!$acl_valid) {
print " member = $gid\n";
$groups{$gid}++;
}
if ($gcos) {
if ($gcos =~ /[ ]/) {
print " name = \"$gcos\"\n";
} else {
print " name = $gcos\n";
}
}
if ($exp =~ /\S+\s+\d+\s+\d+/) {
print " expires = \"$exp\"\n";
}
if ($acl_valid) {
print " service = exec {\n";
print " acl = $gid\n";
print " }\n";
}
local($outacl) = $sup{$user,'outacl'};
local($inacl) = $sup{$user,'inacl'};
if ($inacl ne '' || $outacl ne '') {
print " service = slip {\n";
print " inacl = $inacl\n" if $inacl ne '';
print " outacl = $outacl\n" if $outacl ne '';
print " }\n";
print " service = ppp protocol = ip {\n";
print " inacl = $inacl\n" if $inacl ne '';
print " outacl = $outacl\n" if $outacl ne '';
print " }\n";
}
print " arap = $sup{$user,'arap'}\n" if $sup{$user,'arap'} ne '';
print " chap = $sup{$user,'chap'}\n" if $sup{$user,'chap'} ne '';
print "}\n";
}
close(PASSWD);
foreach $user (keys %users) {
next if $users{$user} != 1;
# This user only in supfile
print "user = $user {\n";
local($outacl) = $sup{$user,'outacl'};
local($inacl) = $sup{$user,'inacl'};
if ($inacl ne '' || $outacl ne '') {
print " service = slip {\n";
print " inacl = $inacl\n" if $inacl ne '';
print " outacl = $outacl\n" if $outacl ne '';
print " }\n";
print " service = ppp protocol = ip {\n";
print " inacl = $inacl\n" if $inacl ne '';
print " outacl = $outacl\n" if $outacl ne '';
print " }\n";
}
print " arap = $sup{$user,'arap'}\n" if $sup{$user,'arap'} ne '';
print " chap = $sup{$user,'chap'}\n" if $sup{$user,'chap'} ne '';
print "}\n";
}
exit 0 if ($acl_valid);
foreach $group (keys %groups) {
print "group = $group { }\n";
}
|