03-17-2011
I talked to my colleague and we would like to solicit help with alternatives to a plain bash script (because of security concerns). You mentioned a web server as one alternative. How would we authenticate against an active directory security group with a freebsd machine that utilizes radius and not LDAP?
How would we actually write the code to add/remove/modify users? Would the web server spawn a shell and do the commands useradd/userdel/usermod commands or is there another way? I've been looking in the perl CPAN API's and I could not find the actual function to add/remove users. One would think that perl packages with names like Provision::Unix::User::FreeBSD or
Provision::Unix::User would have functions like add_user or remove_user or modify_user but these don't!
Also: I don't understand what you mean by a "non-tty batch spin-off". Should we be considering these options too?
thanks,
siegfried
Last edited by siegfried; 03-17-2011 at 03:43 PM..
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello..
I dont know if i can ask this question in this session..if wrong please correct me..
This is my question..
When iam creating a user with command " adduser xxx"
Where are the changes happening..
I know in /etc/passwd , /etc/shadow...
in /home
Is there any i missed..
please... (1 Reply)
Discussion started by: esham
1 Replies
2. Programming
Hi,
Let me know any urls where i can get the source code for "adduser" program..
Please help..
esham (1 Reply)
Discussion started by: esham
1 Replies
3. Programming
Hello there,
My mulithreaded application (which is too large to represent the source code here) is crashing after installing FreeBSD 7.1-RELEASE/amd64.
It worked properly on others machines (Dual Cores with 4GB of RAM - FreeBSD 6.2-RELEASE/i386).
The current machine has 2x Core 2 Duo... (1 Reply)
Discussion started by: Seenquev
1 Replies
4. Shell Programming and Scripting
I took a stab at writing a script to automate the interactive process of adding users to Nessus - I have zero previous coding experience. So far, it doesn't get me anywhere.
I took small sections of code from posts I found on this site and others:... (1 Reply)
Discussion started by: nolamiami
1 Replies
5. Shell Programming and Scripting
Hi,
With a awk script i create a "adduser line"
$ cat /tmp/tmp.ldif | awk -f ldif2adduser.awk
adduser --uid 1002 --gid 1000 --gecos "ROUSSIN Guy" --home /homeL/guy --shell /bin/bash --disabled-password guy
If i cut and paste this line, all is fine. But in a shell script i get errors :
... (2 Replies)
Discussion started by: guyr
2 Replies
6. SuSE
Hello!!
Is posible to automate ispell?? I have a lot of misspelled text and I want to launch a script that runs ispell choosing for example the first option, all that automatically. Is possible??
Thanks :) (4 Replies)
Discussion started by: elblo
4 Replies
7. Red Hat
hi,
I have a problem with any user i created on a linux server RH.
With the user root i did:
adduser toto
passwd toto (to give it a password - message : "all authentication tokens updated successfully")
I can do a "su - toto", but when I try to connect it directly by ssh i have the message... (3 Replies)
Discussion started by: Castelior
3 Replies
8. Solaris
Brain teaser,
I was given the task below. I believe the consultant runs software on his laptop that probes our QA tier web servers for xxx The two web servers are xxx
I attempt useradd command on XXX which seems to work, but when I attempt to assign a pwd, the OS denies it and says user... (1 Reply)
Discussion started by: yellow_mustard
1 Replies
9. UNIX for Dummies Questions & Answers
I am just wondering why there are two similar commands for creating a user. Could you please point me when I should choose adduser and when useradd? This puzzles me a little.
Thanks,
Panos (6 Replies)
Discussion started by: Zeldforged
6 Replies
10. UNIX for Advanced & Expert Users
hi,
when i want to "adduser newuser" i receved this warning :
event type "audit_buf" is a fixed event and may not be manipulated
help me please (2 Replies)
Discussion started by: rezasadeghi
2 Replies
LEARN ABOUT DEBIAN
spawn-fcgi.standalone
spawn-fcgi(1) General Commands Manual spawn-fcgi(1)
NAME
spawn-fcgi - Spawns FastCGI processes
SYNOPSIS
spawn-fcgi [options] [ -- <fcgiapp> [fcgi app arguments]]
spawn-fcgi -v
spawn-fcgi -h
DESCRIPTION
spawn-fcgi is used to spawn remote and local FastCGI processes.
While it is obviously needed to spawn remote FastCGI backends (the web server can only spawn local ones), it is recommended to spawn local
backends with spawn-fcgi, too.
Reasons why you may want to use spawn-fcgi instead of something else:
* Privilege separation without needing a suid-binary or running a server as root.
* You can restart your web server and the FastCGI applications without restarting the others.
* You can run them in different chroot()s.
* Running your FastCGI applications doesn't depend on the web server you are running, which allows for easier testing of other web
servers.
OPTIONS
spawn-fcgi accepts the following options:
-f <path>
Filename of the FastCGI application to spawn. This option is deprecated and it is recommend to always specify the application
(absolute path) and its parameters after "--"; the fcgiapp parameter is directly used for the exec() call, while for starting the
binary given with -f /bin/sh is needed (which may not be available in a chroot).
This option is ignored if fcgiapp is given.
-d <path>
Change the current directory before spawning the application.
-a <address>
IPv4/IPv6 address to bind to; only used if -p is given too. Defaults to "0.0.0.0" (IPv4).
-p <port>
TCP port to bind to; you cannot combine this with the -s option.
-s <path>
Path to the Unix domain socket to bind to; you cannot combine this with the -p option.
-C <children>
(PHP only) Number of children to spawn by setting the PHP_FCGI_CHILDREN environment variable. Default is not to overwrite the envi-
ronment variable; php will spawn no children if the variable is not set (same as setting it to 0).
-F <children>
Number of children to fork, defaults to 1. This option doesn't work with -n, have a look at multiwatch(1) if you want to supervise
multiple forks on the same socket.
-P <path>
Name of the PID file for spawned processes (ignored in no-fork mode)
-n No forking should take place (for daemontools)
-M <mode>
Change file mode of the Unix domain socket; only used if -s is given too.
-?, -h General usage instructions
-v Shows version information and exits
The following options are only available if you invoke spawn-fcgi as root:
-c <directory>
Chroot to specified directory; the Unix domain socket is created inside the chroot unless -S is given.
-S Create Unix domain socket before chroot().
-u User ID to change to.
-g Group ID to change to. Defaults to primary group of the user given for -u.
-U Change user of the Unix domain socket, defaults to the value of -u. (only used if -s is given)
-G Change group of the Unix domain socket, defaults to the primary group of the user given for -U; if -U wasn't given, defaults to the
value of -g. (only used if -s is given)
SEE ALSO
svc(8), supervise(8), see http://cr.yp.to/daemontools.html
multiwatch(1), see http://cgit.stbuehler.de/gitosis/multiwatch/about/
26 March 2009 spawn-fcgi(1)