#!/usr/bin/perl -w
#----------------------------------------------------------------------
# copyright (C) 2001 Mitel Networks Corporation
# 
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# 		
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 		
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
# 
# Technical support for this program is available from Mitel Networks 
# Please visit our web site www.e-smith.com for details.
#----------------------------------------------------------------------
package esmith;

use strict;
use Errno;
use esmith::config;
use esmith::util;
use esmith::db;

tie my %accounts, 'esmith::config', '/home/e-smith/accounts';

my $event = $ARGV [0];
my $machineName = $ARGV [1];

die "machine name $machineName is not a valid machine account name"
	unless ( $machineName =~ /\$$/ );

if ( defined db_get(\%accounts, $machineName) )
{
    die "$machineName is not a machine account" 
	unless ( db_get_type(\%accounts, $machineName) eq "machine");
}
else
{
    # Auto-create the accounts database entry. This is bad form, but
    # the Samba "add user script" is called as the user "admin", who
    # does not currently have permissions to write to the config database
    db_set(\%accounts, $machineName, 'machine');
}

# We really, really need to be root to run "passwd -l"
esmith::util::setRealToEffective();

warn "create-machine-account $machineName: Creating Unix user and group\n";

system(
	"/usr/sbin/useradd",
	"-c", "Hostname account for $machineName",
	"-M",
	"-d", "/noexistingpath",
	"-s", "/bin/false",
	"$machineName"
    ) == 0 or die "Failed to create account $machineName.\n";

warn "create-machine-account $machineName: Locking account\n";

system("/usr/bin/passwd", "-l", "$machineName") == 0
    or warn("Could not lock password for $machineName\n");

# warn "create-machine-account $machineName: Creating smbpasswd account\n";
#
# Samba adds the smbpasswd account after it calls this script.
# However, we may want to do this if we call this script directly
#
# system("/usr/bin/smbpasswd", "-a", "-m", "$machineName") == 0 
#     or warn("Could not create smb password entry for $machineName\n");;

exit (0);
