[freeside] vpopmail with mysql integration

[ivan]

1 - you don't need to modify the code to do this, just use the
    `shellmachine-useradd' configuration value.

2 - passing passwords on the command line is a security risk as they can
    be captured with ps(1).  In addition, your code does not escape the
    password and thus opens a rather large security hole.  For example,
    what would happen if a user set their password to: `rm -rf /`
    (including the quotes) ?

On Tue, Feb 26, 2002 at 12:33:27PM -0600, Rick Eicher II wrote:
> Here is what I got so far on this:
> 
> 
> #!/usr/bin/perl -w
> 
> use strict;
> use FS::Record qw(qsearch qsearchs);
> use FS::svc_acct;
> use FS::svc_domain;
> use FS::UID qw(adminsuidsetup datasrc dbh);
> use Net::SSH qw(ssh);
> 
> adminsuidsetup "rick";
> my(@svc_acct) = qsearch('svc_acct', {});
> 
> foreach my $key  (@svc_acct) {
>    my ($username)=$key->getfield('username');
>    my ($password)=$key->getfield('_password');
>    my ($dom)=$key->getfield('domsvc');
>    my ($domain)=qsearchs('svc_domain',{'svcnum' => "$dom"});
>    my $emaildomain = $domain->getfield('domain');
>    ssh("root\@$machine", "/home/vpopmail/bin/vadduser
> $username\@$emaildomain $password") == 0 or die
> "ssh error: $!";
> }
> 
> This is just a test script that I will later insert near the bottom of the
> svc_acct.export file.
> 
> Things that still need to be addressed:
> 1. not running a million(I wish we were that large) ssh sessions
> 2. see if the email address already exists before trying to do the insert
> 3. integrate it into freeside so it is an option on the config page
> 
> Any and all comments or jokes about my code is welcomed.
> 
> Rick Eicher II
> www.pbol.net
> 
> 
> 

-- 
_ivan