in reply to Re: Linux::usermod - user name ... already exists
in thread Linux::usermod - user name ... already exists

Yes, a shell script would be an option. It looks like the problem may be Linux::usermod not taking care of /etc/shadow properly. I'm doing some experiments to see if I can scope out the bug.

It's part of a larger, more complex task where the script can change the name of the account and then update all the groups in which it is a member.

  • Comment on Re^2: Linux::usermod - user name ... already exists

Replies are listed 'Best First'.
Re^3: Linux::usermod - user name ... already exists
by thanos1983 (Parson) on Mar 19, 2019 at 21:14 UTC

    Hello again mldvx4,

    I was thinking exactly like this. That your script will do something like that.

    Well an alternative solution would be to remove the user Linux::usermod->del(username); (I assume the module removes the user from all groups) and after that create a new user Linux::usermod->add(username, password, uid, gid, comment, home, shell); with the updated name. That could be a workaround (assuming there are no errors on this one as well). Not to forget you can assign the user to the desired groups 

    @users = qw(user1 user2 user3);
Linux::usermod->grpadd(groupname, gid, "@users")

    [download]
    . But again this is just theory I have not tested it so I do not know if there is a bug in all these commands.

    Let us know at the end what solution you came up with. BR / Thanos

    Seeking for Perl wisdom...on the process of learning...not there...yet!
[reply]
[d/l]
[select]

      Thanks. I gave Linux::usermod->del(username); a try and see that it leaves the groups in /etc/group and /etc/shadow untouched instead of removing / modifying them as needed. I took a look at the source for Linux::usermod and it's over my skill level to dig in and form a patch, at least in a timely manner.

      I'll look into several options now but it may take some time.

[reply]

      It looks like this is the distilled version of what I will try. The validation of the two variables takes place earlier in another function. 

      $ENV{'PATH'}=q(/sbin:/bin:/usr/sbin:/usr/bin);

my ($um,$gm);

qx/usermod --login $newname --home $newname $oldname/;
$um = $?;
if ($um==0) {
    qx/groupmod --new-name $newname $oldname/;
    $gm = $?;
}

      [download]

      Ideas or corrections?

      No output is produced, so I don't try to capture any. And the home directory gets reassigned and renamed elsewhere, too, since I have a little non-standard home directory arrangement for those groups.

[reply]
[d/l]

        Since you're setting a restricted PATH, are you running this under taint mode? If so, are $newname and $oldname user input? If yes, I would strongly recommend against putting them in a shell command like this (even though I assume you had to untaint them first). I'd suggest at the very least using system in the list form with more than one argument, e.g.:

        system('usermod','--login',$newname,'--home',$newname,$oldname)
    ==0 or die "usermod failed, \$?=$?";
system('groupmod','--new-name',$newname,$oldname)
    ==0 or die "groupmod failed, \$?=$?";

        [download]

        I wrote more on the topic of avoiding the shell here.

[reply]
[d/l]
[select]
        If you don't need the output, use system instead of qx. It returns the exit code directly, so no need to use $?.
        map{substr$_->[0],$_->[1]||0,1}[\*||{},3],[[]],[ref qr-1,-,-1],[{}],[sub{}^*ARGV,3]
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom