C-spark v1.92.0.0

Name

Spark UI / C-spark -- User Management UI

Description

The Spark UI is a tool for the mass registration of users within the system user database. It finds the differences between a given list and the user database, adds and deletes users. It thus removes the need for adding each user manually. Currently, there is C-spark which runs on the console. It is planned to have support for single users in future, too.

This application may come handy in companies, schools/colleges and/or similar where there is a large amount of people to manage and adding them would otherwise take long.

Finding differences is group-based: select a group to match the list against. This allows for multiple groups and lists.

Program calling syntax

cspark [-S group:infile] [-P [style]:infile:outfile] [-U nname:vname:xuid[:sgroup]] [-c config]
-S group:infile Synchronizes user list from infile with group.
-P [style]:infile:outfile Transforms the logfile, as generated by -S or by other means into a nicer printout. The output format depends on style. Specify "help" for style to obtain a list of available styles.
-c config Loads configuration file (on top of the default hardcoded, /etc/spark.conf and cui/../vetc/spark.conf. See the CONFIGURATION FILE section for details.

Configuration file

Configuration files are done in textual key=value-pair style. (Described in ACCDB API.) There are a lot of configurations available. All configuration options are discussed in the following. The spark.cfg from CVS contains what I experimented with, so if it says "default" somewhere, the hardcoded value and/or spark.cfg from official file package releases are meant.

AUTOFLUSH option

This is a special option for the backend module usage. If AUTOFLUSH is on for a backend module, it flushes dirty data to disk (or instructs its parent to do so).

This flushing only becomes necessary, if other applications read the user database behind Vitalnix ACCDB, because a newly created user might only exist within memory and the scope of ACCDB until the DB is flushed to disk. (SLANED solves all this...) Possible values are:

off Explicitly disabled ACCDB's AUTOFLUSH option. This is the default, as the time used to run through a user list is pretty small (at least for my test environment).
on Explicitly enables ACCDB's AUTOFLUSH option. (Might result in performance loss.)
default Does not touch ACCDB's AUTOFLUSH in any way. The default autoflush value depends on the particular backend module.
postadd About the same as off, and only performs a flush request before a USER_POSTADD script is run. Use this if you have a postadd script that deals with login names in a way that it would not work otherwise.

User management helper programs

MASTER_{PRE,POST}{ADD,DEL} specify scripts that are to be executed { before, after } the { addition, deletion } process. The available positional parameters are concluded below.

USER_{PRE,POST}{ADD,DEL} specify scripts that are to be executed { before, after } a user is { added, deleted }. Some of these might not be called if there are no users to { add, delete }. The available positional parameters are concluded below.

MASTER_PREADD %1$u The number of users about to be added
MASTER_POSTADD %1$u The number of users that were actually added
MASTER_PREDEL %1$u The number of users about to be deleted
  %2$s "Current" (= start of deletion function import_ds_Delete()) date and time ("YYYYMMDD-HHMMSS" format)
MASTER_POSTDEL %1$u The number of users that were actually deleted
  %2$s "Current" date and time ("YYYYMMDD-HHMMSS" format)
USER_PREADD %1$s Login name
  %2$ld UID of the user (may be -1 to indicate automatic UID selection (which has not been done yet!))
  %3$ld GID of the user's primary group
  %4$s Name of the user's primary group
  %5$s Names of the user's supplementary groups, separated by comma. (May be empty)
  %6$s GECOS field
  %7$s Home directory
  %8$s Default shell
USER_POSTADD   Same fields as for USER_PREADD
USER_PREDEL %1$s Login name
  %2$ld UID of the user
  %3$ld GID of the user's primary group
  %4$s Name of the user's primary group
  %5$s Home directory
  %6$s "Current" date and time ("YYYYMMDD-HHMMSS" format)
USER_POSTDEL %1$s Login name
  %2$s "Current" date and time ("YYYYMMDD-HHMMSS" format)

Programs

PAGER is a shell command to be executed when the programs wants to display something with an external viewer. The environment(!) variable PAGER is NOT used in any way by C-spark, so if you want to temporarily change viewers, you will need to edit the config file. The filename is passed as first argument, or - to indicate stdin. The default is: /usr/bin/less -MSI %1$s.

SHELL points to the default command interpreter for the user when s/he logs in. Default is /bin/bash.

Password related options

Three options related to password creation and storage are available: PSWD_LEN, PSWD_PHON and PSWD_METH.

PSWD_LEN controls the length of newly generated passwords. Use -1 to disable newly generated accounts using a password that never matches. Use 0 to start with no password. The latter may not always work as remote services may disallow empty passwords. See their source or their respective PAM configuration file.

If PSWD_PHON is set to yes (or on), special subroutines to generate pronouncible, easy-rememberable (and on top, secure) passwords are used. If this is no, the standard total-random-chars-and-numbers-algorithm is taken.

PSWD_METH specifies the encryption method to use. This can be des, md5 or blowfish. (The last is the most secure.) If you use "samba encrypted passwords" you will need to use ntlm (absolutely weak and currently not implemented).

Directory options

HOME points to the path where new directories shall be added. In most cases, this will be /home.

SPLIT_LVL enables how to arrange home directories. If you have a large amount of users, it may become advisable to split them up, since listing such a big directory (/home) containing some thousand entries takes some time. The solution to this is to move them to sub directories, i.e. to create /home/j/jengelh. This speeds up single lookups, and searching all /home using find utilities does not get any slower. The maximum value SPLIT_LVL is 2 (which would create /home/j/je/jengelh). The default is 0, meaning not to use this feature.

SKEL points to the skeleton directory. All files from the skeleton directory are copied to the user's directory upon user creation. The default is /var/lib/empty. (If you want to have all the dot.crap files change to /etc/skel.)

Finding differences

Involving the diff utility could be quite an idea, but it is a general differencer, comparing line-by-line. Since we just need to compare fields, and that conditionally on their content, the use of diff would make the whole program a lot more complicated.

The first step is to take an input file, and compare it against the current user database. Users which are found in both repositories are kept, those who are only in the Data Source have to be added and the rest is deleted (archived on purpose).

Input data format

Data fed to C-spark is in XML format. See the specification for details. Or check out some data source examples from the doc/examples folder.


May 03 2004 http://vitalnix.sf.net/