The following pages describe the modules, functions, and pages to be developed as part of the new system. Each of the following modules can be assigned to different developers as a self-contained system component.
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/index.html Assigned to: Reference: |
|
Description |
This pure HTML page contains the descriptions and navigation for users, prospective users and members to interact with the UMS. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
GPFN Main page, other pages on the GPFN web site |
Can Call: |
user/join.html |
Function Description |
Page invites viewer to join the GPFN listing the benefits of membership and other service upgrade options. (Phase 2)A link to the myacct.html page so users can view their account information is also present. |
Possible Exit Conditions and Return Values |
None required |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/join.html Assigned to: Reference: |
|
Description |
This HTML page contains the descriptions of the membership and user classes of the Great Plains Free-Net for which they wish to apply. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/index.html |
Can Call: |
user/agree.html |
Function Description |
The page describes the three classes of user: Registered User, Individual Member and Institutional Member and the benefits and features of each class. A Cancel link redirects users to the user/index.html page and a GPFN button takes the viewer back to the main GPFN page. |
Possible Exit Conditions and Return Values |
None |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/agree.html Assigned to: Reference: |
|
Description |
This page contains the user agreement, acceptable use policy and other requirements the viewer must agree to before obtaining a GPFN account. |
Implementation Skills |
HTML, HTML forms, Javascript |
Parameter List |
None |
Called By: |
user/join.html |
Can Call: |
user/apply.html |
Function Description |
The page contains the text to which a prospective user must agree before an account application is received and processed. The viewer notes acceptance of this agreement by clicking an “Accept” button at the bottom of the page. The Accept button directs them to the apply.html page with the value “UA_accept” appended to the URL as a Query String parameter. A “Decline” button returns them to the user/join.html page. A “GPFN Home” button returns them to the GPFN main page. |
Possible Exit Conditions and Return Values |
If the viewer clicks the “Accept” button, they are sent to user/apply.html?UA_accept. If the viewer clicks the “Decline” button, they are sent to user/join.html If the viewer clicks the “GPFN Home” button, they are sent to /index.html |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/apply.html Assigned to: Reference: |
|
Description |
This HTML page contains a form to gather the information required to process an application to the GPFN |
Implementation Skills |
HTML, HTML Forms, Javascript |
Parameter List |
Query String must contain value “UA_accept” |
Called By: |
user/agree.html |
Can Call: |
user/validate.cgi |
Function Description |
The URL to which the user arrives must be “user/apply.html?UA_accept”. If the “?UA_accept” portion of the URL is missing, they should be redirected to the user/join.html page. If the UA_accept parameter is received the page displays an HTML form. This form must first query the viewer for the type of account they want. A pop-up menu named “Membership_Class” should list “Registered User”, “Individual Member” and “Institutional Member and send values “Registered”, “Individual”, and “Institution” respectively. The form must also obtain the following data from the user. Items marked with a (*) are required and must be present before the form is processed: *User_FirstName If the application is for an individual or institutional membership the following fields must also be gathered |
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/upgrade.html Assigned to: Reference: |
|
Description |
This HTML page contains the terms and conditions related to any upgrade option including prices. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/index.html |
Can Call: |
user/login.cgi?upgrade.cgi |
Function Description |
The page lists all relevant details for users to be able to decide what options to select in upgrading their account. Users can click to move forward to the login.cgi page before formally request an upgrade, or click a cancel button to go back the user/index.html page or a GPFN home button. |
Possible Exit Conditions and Return Values |
If the user clicks to apply for an upgrade, control passes to URL: login.cgi?upgrade.cgi. The “upgrade.cgi” string allows the login.cgi script to redirect the user to the correct option page if the login is successful. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/myacct.html (Phase 2) Assigned to: Phase 2 Reference: |
|
Description |
This HTML page contains a description of the options available to the account holder in viewing or managing his or her account history and configuration |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/index.html |
Can Call: |
user/login.cgi?myacct.cgi |
Function Description |
Users can click to move forward to the login.cgi page before formally viewing their account history or settings or altering their account configuration, or click a cancel button to go back the user/index.html page or a GPFN home button. |
Possible Exit Conditions and Return Values |
If the user clicks to view their account, control passes to the login.cgi?myacct.cgi. The “myacct.cgi” string is used to allow the login.cgi script to redirect the user to the correct option page if the login is successful. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/index.html Assigned to: Reference: |
|
Description |
This pure HTML page allows the volunteer to choose between processing applications for accounts and upgrades and processing financial transactions. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
Directly by the user. Page is behind htaccess controls. |
Can Call: |
vol/listapps.cgi vol/invoices.html |
Function Description |
The volunteer can choose:
|
Possible Exit Conditions and Return Values |
None |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/invoices.html Assigned to: Reference: |
|
Description |
This HTML/Javascript page allows the volunteer to choose the options before generating new invoices or reminder notices. The volunteer can choose to generate an annual invoice cycle for all members, display an invoice for a particular user, generate an annual invoice for a particular user, display statements for all members, or display a statement for a particular user. As well, the form allows the volunteer to choose to e-mail the statements or invoices to the user, or to print them to the screen, or to print them to a tab delimited file which can be downloaded. The number and identity of the invoices or statements e-mailed or displayed in this way corresponds to the choices made in the preceding paragraph. |
Implementation Skills |
HTML, Javascript, HTML forms |
Parameter List |
None |
Called By: |
vol/index.html |
Can Call: |
vol/geninvoice.cgi |
Function Description |
The HTML form gathers the following information before passing the data to the geninvoice.cgi script:
A Submit button forwards the form data to the geninvoice.cgi. A Cancel button returns the volunteer to the vol/index.cgi page. |
Possible Exit Conditions and Return Values |
The form and Javascript should correctly handle all data exceptions. Data should be passed to the geninvoice.cgi script. Cancels should return control to index.html |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/invoice.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated invoice. The template file is used by the geninvoice.cgi developer to present an attractive and visually consistent invoice to the user. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
vol/geninvoice.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display an invoice on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, date of invoice, invoice charges and item descriptions, payment terms and options, instructions to print this page, and GPFN identification and remittance information |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/stmt.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated statement. The template file is used by the geninvoice.cgi developer to present an attractive and visually consistent statement to the user. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
vol/geninvoice.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display a statement on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, dates and amounts of invoices and receipts, payment terms and options, outstanding balance and the aging of the balance and GPFN identification, instructions to print this page, and remittance information |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/rcpt.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated receipt. The template file is used by the receipts.cgi developer to present an attractive and visually consistent statement to the user. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
vol/receipts.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display a receipt on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, date, instructions to print this page, amount and payment method as well as GPFN identification and a thank-you message. |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/accept.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated statement. The template file is used by the validate.cgi developer to present a user acceptance agreement for signature and mail-in by the new account applicant. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/validate.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display a user acceptance agreement on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, legal terms and obligations, provisions for under-age applicants, payment terms and options, and GPFN identification, instructions to print this page, and remittance information |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/acct.html (Phase 3) Assigned to: Phase 3) Reference: |
|
Description |
This HTML page lists the account management options available to the volunteer and collects the information on which user account to display. |
Implementation Skills |
HTML, HTML Forms |
Parameter List |
None |
Called By: |
vol/index.html |
Can Call: |
vol/history.cgi |
Function Description |
Not yet fully defined |
Possible Exit Conditions and Return Values |
Not yet fully defined |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: user/validate.cgi Assigned to: Reference: |
|
Description |
This script takes the information from the user/apply.html form, verifies that all required data is present before attempting to create a new user request. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
Membership_Class |
Called By: |
user/apply.html |
Can Call: |
lib/uname_generate.pl |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager & Membership Committee or Board Designate |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: user/login.cgi Assigned to: Reference: |
|
Description |
This script creates a form to which the user enters their username and password, validates the information against the system records and if the user is authenticated, sets up a set of credentials for the user’s current session. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
QueryString contains the URL (without the host portion) to which the user is redirected upon a successful authentication
|
Called By: |
user/upgrade.html |
Can Call: |
lib/Login.pm |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
[1] The Access_Level value is included so that access texture can be incorporated in the future when different users and different volunteers can be given different levels of access to the system.
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: user/upgrade.cgi Assigned to: Reference: |
|
Description |
This script shows the user the available system upgrades available to them. If the user selects any upgrades, an entry is added to the upgrade table so that the upgrades can be processed and applied to the users account. |
Implementation Skills |
PERL, CGI, SQL, Javascript |
Parameter List |
|
Called By: |
user/index.html |
Can Call: |
lib/Login.pm |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: vol/listapps.cgi Assigned to: Reference: |
|
Description |
This script lists the applications for accounts currently in a pending state and asks a volunteer to approve or delete the application |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
|
Called By: |
vol/index.html vol/listapps.cgi |
Can Call: |
add_ppp() |
Function Description |
If the volunteer has selected the Delete button from a previous invocation of the form:
If the volunteer has selected the Approve button from a previous invocation of the form, perform the following steps:
For all invocations of the script including the first:
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: vol/listupgrades.cgi Assigned to: Reference: |
|
Description |
This script lists the upgrades for existing accounts where an unapproved Upgrade_Request table record exists. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
|
Called By: |
vol/index.html vol/listupgrades.cgi |
Can Call: |
lib/add_alias |
Function Description |
If the volunteer has selected the Delete button from a previous invocation of the form:
If the volunteer has selected the Approve button:
For all invocations of the script including the first:
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page (X)CGI Script ( )Shared Library ( )System API Name: vol/geninvoices.cgi Assigned to: Reference: |
|
Description |
This script taking parameters from the form on invoice.html generates invoices or statements for one or all system users |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
Invoice_Count |
Called By: |
vol/invoices.html |
Can Call: |
vol/index.html |
Function Description |
Depending on the values of the Type_Switch and Invoice_Count parameters, create a temporary directory named after the current process_id in which to store the following generated invoices or statements. Only one of the following six steps will be used for each invocation of this script:
Regardless of which of the above six steps was selected, get the value of the Medium_Switch parameter:
Delete the temporary directory created above. |
Possible Exit Conditions and Return Values |
The script should always return successfully |
Sign Off by: |
Membership Committee or board designate |
[1] We don’t mind invoices going out in September for the coming year, but let’s make sure that we don’t have two volunteers thinking this way or we’ll be billing people for two years down the road.
[2] This requirement is intended to allow the Free-Net to query existing registered users to determine if they still want their free e-mail and dial-up account. The invoice should have some information for the user to either print the invoice, sign it and send it in, or else e-mail a confirmation that they want to keep their account.
Procedure Model Type: ( )Web Page (X)CGI Script ( )Shared Library ( )System API Name: vol/receipts.cgi Assigned to: Reference: |
|
Description |
This script gets a list of all unpaid invoices and displays them to the volunteer so that the volunteer can apply receipts against them. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
|
Called By: |
vol/index.html |
Can Call: |
vol/index.html |
Function Description |
If the script has been called by a previous invocation of this same script as determined by the value of the Submit button being “Apply Receipt”:
For all invocations through this script, even the first, perform the following steps:
|
Possible Exit Conditions and Return Values |
The script should always return successfully. If no outstanding invoices exist, an empty list should be presented. Volunteers can always click on a link to take them to the vol/index.html or GPFN main page. |
Sign Off by: |
Membership Committee or board designate |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/uname_test.pl Assigned to: Reference: |
|
Description |
This script verifies that a username passed as a string to the function would be a good username. The test of goodness requires that the proposed username is unique to the system (i.e. no existing user has this name), and that the username is comprised of only alphabetic characters, numbers, underscores and dots (period), and that the username is between 4 and 16 characters long. For the purpose of the test, uppercase and lowercase characters are equivalent so that if the user has chosen a username of upper-case characters, these characters will be replaced with their lower-case equivalents. |
Implementation Skills |
PERL |
Parameter List |
String containing the proposed username |
Called By: |
user/validate.cgi |
Can Call: |
|
Function Description |
Verify the appropriateness and uniqueness of the proposed username by performing the following steps:
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager. |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/uname_generate.pl Assigned to: Reference: |
|
Description |
This function returns a string containing the next available sequential username following the format aannn where “a” denotes an alphabetic, lowercase character and “n” denotes a digit. For example, if the last username assigned by this function was aa999, the function will test that ab000 is not assigned and if it is free, will assign it. Otherwise, the function will test for ab001 and so on. |
Implementation Skills |
PERL |
Parameter List |
none |
Called By: |
user/validate.cgi |
Can Call: |
lib/uname_test.pl |
Function Description |
|
Possible Exit Conditions and Return Values |
The function returns the value of the next available sequentially assigned username as a scalar value. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/pw_check Assigned to: Reference: |
|
Description |
This function takes a string parameter and runs it against the system pw_check utility to see if it is a sufficiently strong password. If not, the function returns a string describing the weakness(es) of the password. |
Implementation Skills |
C |
Parameter List |
password- a string containing the password string to test |
Called By: |
user/validate.cgi |
Can Call: |
crack.h |
Function Description |
#include <stdio.h> #include <stdlib.h> #include <crack.h> int main(int argc, char *argv[]) { int i; char* pw_check; char* password; char* dict_path = “/usr/lib/cracklib_dict”; char* null_string = “”; char* bad_usage = "Usage: pw_check [password]"; if (argc != 2) { fputs(bad_usage,stdout); return (-1); } password = argv[1]; pw_check = FascistCheck(password, dict_path); if (pw_check != NULL) fputs(pw_check,stdout); else fputs(null_string,stdout); exit(0); } Usage within a PERL or Shell Script: $output=`pw_check([password])`; if ($output eq “”) { # password is good } else { # password is bad. Reason is stored in $output } |
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/Login.pm Assigned to: Reference: |
|
Description |
This module manages login sessions for the system. Its public methods are called by CGI scripts to determine if the user is properly authenticated on the system and has currently valid credentials. The Constructor assumes that the user has been authenticated by the login.cgi script. As such, it accepts the call to create the session token, but does no additional checks on the authenticity of the user. |
Implementation Skills |
PERL, SQL, MySQL |
Parameter List |
Username, access_level |
Called By: |
user/login.cgi |
Can Call: |
Http_Sessions database. |
Function Description |
HTTP_Sessions database Sessions table: +-------------+---------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-------------+---------------+------+-----+---------+-------+ | User_Name | varchar(20) | | PRI | | | | Session_Tok | varchar(32) | | | | | | Access_Level| int | | | 0 | | | TimeStamp | timestamp(14) | YES | | NULL | | +-------------+---------------+------+-----+---------+-------+ Constructor(UserName, Access_Level) method:
getLogin() method:
getUserName(Login) method:
getAccessLevel(Login) method:
destroy(UserName) method:
|
Possible Exit Conditions and Return Values |
A Login object with undefined properties indicates that the system failed to find any credentials for this user. This test is usually performed by using the getLogin() method to get a Login object and then calling the getUserName(Login) method with the Login object returned by the getLogin method. If the getUserName method returns an undefined value, then the credentials do not exist or there is a system problem. Note that this class does not test for the age of a set of credentials although such a test can be included by having the getLogin method test the age of the session token by looking at the timestamp value in the Sessions table. |
Sign Off by: |
Project Manager. |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/auth_user Assigned to: |
|
Description |
This suid program takes the username and password and returns a 0 if the username and password match the system password for the stated user. Any other return code indicates an error. |
Implementation Skills |
C, PAM |
Parameter List |
Username and password as string values |
Called By: |
user/login.cgi |
Can Call: |
PAM system libraries |
Function Description |
Example of a proper function call from a calling PERL script: output=`/usr/local/csuite/lib/auth_user $user $passwd `; /***************************************************** ** Library functions to interact with the Linux-PAM ** ** modules in order to update a user's password on ** ** the system. ** ** ** ** Make sure you add the following lines to the ** ** pam.conf file (or equivalent): ** ** cs_password auth required ** ** /lib/security/pam_unix_auth.so ** ** cs_password account required ** ** /lib/security/pam_unix_acct.so ** ** cs_password password required ** ** /lib/security/pam_unix_passwd.so ** ** cs_password session required ** ** /lib/security/pam_unix_acct.so ** ** ** ** Author: Daryle Niedermayer (dpn) ** ** daryle@gpfn.ca ** ** Date: 2002-06-17 ** ** ** ******************************************************/ #include <stdio.h> #include <stdlib.h> #include <security/pam_appl.h> #include <security/pam_misc.h> #define CS_BAD_DATA -2 #define CS_BAD_USAGE -1 #define CS_SUCCESS 0 #define COPY_STRING(s) (s) ? strdup(s) : NULL /* DEFINE STATIC EXTERNAL STRUCTURES AND VARIABLES SO THAT THEY ONLY HAVE SCOPE WITHIN THE METHODS AND FUNCTIONS OF THIS SOURCE FILE */ static char* service_name = "cs_password"; static char* user; static char* old_password; static char* new_password; static int PAM_conv (int, const struct pam_message**, struct pam_response**, void*); static struct pam_conv PAM_converse = {PAM_conv, NULL}; /************************************************* ** PAM Conversation function ** *************************************************/ static int PAM_conv ( int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { int replies = 0; struct pam_response *reply = NULL; reply = malloc(sizeof(struct pam_response) * num_msg); if (!reply) return PAM_CONV_ERR; for (replies = 0; replies < num_msg; replies++) { if (! strcmp(msg[replies]->msg,"Password: ")) reply[replies].resp = COPY_STRING(old_password); if (! strcmp(msg[replies]->msg, "(current) UNIX password: ")) reply[replies].resp = COPY_STRING(old_password); } *resp = reply; return PAM_SUCCESS; } /************************************************* ** MAIN PROCEDURE ** *************************************************/ int main(int argc, char *argv[]) { /* DEFINITIONS */ pam_handle_t* pamh = NULL; int retval; char* pw_check; char* dict_path = "/usr/lib/cracklib_dict"; /* DETERMINE IF VARIABLE COUNT IS CORRECT */ if (argc != 3) { printf("Usage: auth_user <USER> <PASSWORD>\n"); exit (CS_BAD_USAGE); } /* PARSE PARAMETERS FROM INPUTS */ user = argv[1]; old_password = argv[2]; if (!(user && old_password && strlen(user) && strlen(old_password))) exit (CS_BAD_DATA); /* GET A HANDLE TO A PAM INSTANCE */ retval = pam_start(service_name, user, &PAM_converse, &pamh); /* IS THE USER REALLY A USER? */ if (retval == PAM_SUCCESS) retval = pam_authenticate(pamh, 0); else return retval; /* IS USER PERMITTED ACCESS? */ if (retval == PAM_SUCCESS) retval = pam_acct_mgmt(pamh, 0); else return retval; /* CLEAN UP OUR HANDLES AND VARIABLES */ if (pam_end(pamh, retval) != PAM_SUCCESS) pamh = NULL; else return retval; exit (CS_SUCCESS); } |
Possible Exit Conditions and Return Values |
This function returns a number of possible values:
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X)System API Name: sys/add_account Assigned to: Reference: |
|
Description |
This system configuration function runs with suid root permissions. It adds a new account to the system with the value of the username field passed in as a parameter, then sets the initial password on this account to the value of the password field passed in as a parameter. Finally, it uses the system edquota command to set the user quota on this new account to the value stored in the corresponding prototype account. |
Implementation Skills |
PERL, C |
Parameter List |
Username, password, and member_type. |
Called By: |
vol/listapps.cgi |
Can Call: |
/usr/bin/passwd prototype-user (non-login account profile) |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X)System API Name: sys/add_alias Assigned to: Reference: |
|
Description |
This system configuration function reads the system /etc/mail/aliases file, checks that no current entry matching old_address exists and if one does exist, deletes it. It then adds a new entry mapping old_address to new_address and rebuilds the newaliases database. The function must NOT be allowed to alter any of the system aliases. Because editing the aliases file and rebuilding new alias databases are protected procedures, this function will need suid permissions. |
Implementation Skills |
PERL, C |
Parameter List |
old_address and new_address where old_address is the address to which mail is sent and new_address is the address to which mail is delivered. |
Called By: |
vol/listapps.cgi |
Can Call: |
/usr/bin/newaliases |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/change_user Assigned to: Reference: |
|
Description |
This function renames the user’s home directory from old_username to new_username, effecting this change in the system password and shadow files and adding a system alias mapping the old_username to new_username. Because of the permissions involved, this command must be set to suid root. |
Implementation Skills |
C |
Parameter List |
old_username, new_username |
Called By: |
vol/listupgrades.cgi |
Can Call: |
sys/add_alias |
Function Description |
|
Possible Exit Conditions and Return Values |
This function should always return 0. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_virtualdomain Assigned to: Reference: |
|
Description |
This function is a stub to add a new virtualdomain to the webserver configuration. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL |
Parameter List |
Domainname, Username, Groupname |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the virtual domain name is already taken. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_ppp Assigned to: Reference: |
|
Description |
This function is a stub to grant ppp access to a new or existing member. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL |
Parameter List |
username |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if ppp access is not permitted for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_db Assigned to: Reference: |
|
Description |
This function is a stub to create a new database and provide read/write access to a new or existing member. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL |
Parameter List |
Database_name, Username, Password |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the database creation failed for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_quota Assigned to: Reference: |
|
Description |
This function is a stub to add disk quota to a user. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL, C |
Parameter List |
Mount_point, Mb to increase, Username |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the setquota command fails for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_ssl Assigned to: Reference: |
|
Description |
This function is a stub to add ssl access to a virtual domain. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL, C |
Parameter List |
Virtual_domain |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the configuration is not permitted for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_listserver Assigned to: Reference: |
|
Description |
This function is a stub to add a new mailing list to the listserver. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL, C |
Parameter List |
Listname, Username |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the configuration is not permitted for some reason. |
Sign Off by: |
Project Manager |
Links
[1] https://niedermayer.ca/user/login?destination=node/173%23comment-form
[2] https://niedermayer.ca/user/login?destination=node/174%23comment-form
[3] https://niedermayer.ca/user/login?destination=node/175%23comment-form
[4] https://niedermayer.ca/user/login?destination=node/176%23comment-form
[5] https://niedermayer.ca/user/login?destination=node/177%23comment-form
[6] https://niedermayer.ca/user/login?destination=node/178%23comment-form
[7] https://niedermayer.ca/user/login?destination=node/179%23comment-form
[8] https://niedermayer.ca/user/login?destination=node/180%23comment-form
[9] https://niedermayer.ca/user/login?destination=node/181%23comment-form
[10] https://niedermayer.ca/user/login?destination=node/182%23comment-form
[11] https://niedermayer.ca/user/login?destination=node/183%23comment-form
[12] https://niedermayer.ca/user/login?destination=node/184%23comment-form
[13] https://niedermayer.ca/user/login?destination=node/185%23comment-form
[14] https://niedermayer.ca/user/login?destination=node/186%23comment-form
[15] https://niedermayer.ca/user/login?destination=node/188%23comment-form
[16] https://niedermayer.ca/user/login?destination=node/189%23comment-form
[17] https://niedermayer.ca/user/login?destination=node/190%23comment-form
[18] https://niedermayer.ca/user/login?destination=node/191%23comment-form
[19] https://niedermayer.ca/user/login?destination=node/192%23comment-form
[20] https://niedermayer.ca/user/login?destination=node/193%23comment-form
[21] https://niedermayer.ca/user/login?destination=node/194%23comment-form
[22] https://niedermayer.ca/user/login?destination=node/195%23comment-form
[23] https://niedermayer.ca/user/login?destination=node/196%23comment-form
[24] https://niedermayer.ca/user/login?destination=node/197%23comment-form
[25] https://niedermayer.ca/user/login?destination=node/198%23comment-form
[26] https://niedermayer.ca/user/login?destination=node/199%23comment-form
[27] https://niedermayer.ca/user/login?destination=node/200%23comment-form
[28] https://niedermayer.ca/user/login?destination=node/201%23comment-form
[29] https://niedermayer.ca/user/login?destination=node/202%23comment-form
[30] https://niedermayer.ca/user/login?destination=node/203%23comment-form
[31] https://niedermayer.ca/user/login?destination=node/204%23comment-form
[32] https://niedermayer.ca/user/login?destination=node/205%23comment-form
[33] https://niedermayer.ca/user/login?destination=node/206%23comment-form
[34] https://niedermayer.ca/user/login?destination=node/207%23comment-form
[35] https://niedermayer.ca/user/login?destination=node/208%23comment-form