File Coverage

blib/lib/Auth/Krb5Afs.pm
Criterion Covered Total %
statement 3 39 7.6
branch 0 14 0.0
condition n/a
subroutine 1 4 25.0
pod 2 3 66.6
total 6 60 10.0


line stmt bran cond sub pod time code
1             #! /usr/bin/perl -w
2             # Auth::Krb5Afs - get krb5 and afs tokens
3             # Noel Burton-Krahn
4             # Dec 14, 2003
5             #
6             # see the pos docs at the __END__
7             #
8             # Copyright (C) 2003 Noel Burton-Krahn
9             #
10             # This program is free software; you can redistribute it and/or modify
11             # it under the terms of the GNU General Public License as published by
12             # the Free Software Foundation; either version 2 of the License, or
13             # (at your option) any later version.
14             #
15             # This program is distributed in the hope that it will be useful,
16             # but WITHOUT ANY WARRANTY; without even the implied warranty of
17             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18             # GNU General Public License for more details.
19             #
20             # You should have received a copy of the GNU General Public License
21             # along with this program; if not, write to the Free Software
22             # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23              
24             package Auth::Krb5Afs;
25 1     1   6536 use strict;
  1         3  
  1         601  
26              
27             require Exporter;
28             our @ISA = qw(Exporter);
29             our $VERSION = '1.0';
30              
31             sub new {
32 0     0 1   bless({}, shift);
33             }
34              
35             sub shell_esc {
36 0     0 0   my($s) = @_;
37 0           $s =~ s/'/'"'"'/g;
38 0           $s = "'$s'";
39 0           return $s;
40             }
41              
42             sub authenticate {
43 0     0 1   my($self) = shift;
44 0           my($user, $pass, $service) = @_;
45 0           my($s, $err, $pid);
46 0           my(%pwent);
47              
48             TRY: {
49 0 0         unless( @pwent{qw(name passwd uid gid
  0            
50             quota comment gcos home
51             shell expire)} = getpwnam($user) ) {
52 0           $err->{user} = "no such user: $user";
53 0           last;
54             }
55              
56 0           $pid = open(W, "|kinit -r 10h -l 20m " . shell_esc($user) . " >/dev/null 2>&1");
57 0           print(W "$pass\n");
58 0           close(W);
59 0 0         if( $? ) {
60 0           $s =~ s/kinit.*?://;
61 0           $err->{pass} = "unknown user or wrong password";
62 0           last;
63             }
64            
65 0           $s = `aklog -setpag 2>&1`;
66 0 0         if( $? ) {
67 0           $err->{pass} = "aklog failed: $s";
68             }
69              
70             # set the environment (remember to set the uid last)
71 0           $ENV{USER} = $pwent{name};
72 0           $ENV{HOME} = $pwent{home};
73 0           $ENV{SHELL} = $pwent{shell};
74            
75 0 0         if( $> == 0 ) {
76 0 0         if( -f $ENV{KRB5CCNAME} ) {
77 0 0         chown($pwent{uid}, $pwent{gid}, $ENV{KRB5CCNAME}) or die("chown $ENV{KRB5CCNAME}: $!");
78             }
79 0           $( = $) = $pwent{gid};
80 0           my $id = `id -G '$pwent{name}'`;
81 0           $( = $pwent{gid};
82 0           $) = "$pwent{gid} $id";
83 0           $< = $> = $pwent{uid};
84             }
85              
86             # done ok
87 0           $err = undef;
88             }
89 0 0         return wantarray ? ($err, \%pwent) : $err;
90             }
91              
92             1;
93              
94             __END__