view release on metacpan or  search on metacpan

lib/Provision/Unix/User.pm  view on Meta::CPAN

   #        else {
        $r = {
            'error_code' => 500,
            'error_desc' => "enable: FAILED. $user not enabled."
        };
        return $r;

        #        }
    }
    else {
        return {
            'error_code' => 100,
            'error_desc' => "disable: $user does not exist."
        };
    }
}

sub install_ssh_key {
    my $self = shift;
    my %p = validate( @_, {
            homedir  => { type => SCALAR },
            ssh_key  => { type => SCALAR },
            ssh_restricted => { type => SCALAR|UNDEF, optional => 1 },
            debug    => { type => BOOLEAN, optional => 1 },
            fatal    => { type => BOOLEAN, optional => 1 },
            username => { type => SCALAR,  optional => 1 },
        }
    );

    my $homedir = $p{homedir};
    my $key   = $p{ssh_key};
    my $restricted = $p{ssh_restricted};
    my $debug = defined $p{debug} ? $p{debug} : $self->{debug};
    my $fatal = defined $p{fatal} ? $p{fatal} : $self->{fatal};

    if ( ! -d $homedir ) {
        return $prov->error( "dir '$homedir' does not exist!",
            debug => $debug,
            fatal => $fatal,
        );
    };

    my $ssh_dir = "$homedir/.ssh";
    mkpath($ssh_dir, 0, oct(700)) if ( ! -d $ssh_dir && ! -e $ssh_dir );
    -d $ssh_dir or return $prov->error( "unable to create $ssh_dir", fatal => $fatal );

    my $line;
    $line .= "command=\"$restricted\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding "
        if $restricted;
    $line .= "$key\n";
    $util->file_write( "$ssh_dir/authorized_keys",
        lines => [ $line ], 
        mode  => '0600',
        debug => 0,
        fatal => 0,
    ) or return;

    if ( $p{username} ) {
        my $uid = getpwnam $p{username};
        if ( $uid ) {
            $util->chown( $ssh_dir, uid => $uid, fatal => 0 );
            $util->chown( "$ssh_dir/authorized_keys", uid => $uid, fatal => 0 );
        }
        else {
            my $chown = $util->find_bin( 'chown', debug => 0 );
            $util->syscmd( "$chown -R $p{username} $homedir/.ssh", fatal => 0, debug => 0 );
        };
    };
};

sub is_valid_password {


    my ( $self, $pass, $user ) = @_;
    my %r = ( error_code => 400 );

    # min 6 characters
    if ( length($pass) < 6 ) {
        $r{error_desc}
            = "Passwords must have at least six characters. $pass is too short.";
        return \%r;
    }

    # max 128 characters
    if ( length($pass) > 128 ) {
        $r{error_desc}
            = "Passwords must have no more than 128 characters. $pass is too long.";
        return \%r;
    }

    # not purely alpha or numeric
    if ( $pass =~ /a-z/ or $pass =~ /A-Z/ or $pass =~ /0-9/ ) {
        $r{error_desc} = "Passwords must contain both letters and numbers!";
        return \%r;
    }

    # does not match username
    if ( $pass eq $user ) {
        $r{error_desc} = "The username and password must not match!";
        return \%r;
    }

    if ( -r "/usr/local/etc/passwd.badpass" ) {

        my @lines = $util->file_read( "/usr/local/etc/passwd.badpass" );
        foreach my $line (@lines) {
            chomp $line;
            if ( $pass eq $line ) {
                $r{error_desc}
                    = "$pass is a weak password. Please select another.";
                return \%r;
            }
        }
    }

    $r{error_code} = 100;
    return \%r;
}

sub get_crypted_password {


    my $self = shift;
    my $pass = shift;
    my $salt = shift || $self->get_salt(8);