The three files used for ZEUS
Introduction to ZEUS
If you set up configuration files with this system or anything that you value please ensure that your put a password on the webspace that holds the files. I would also suggest that you use ssl for communication with the website.
Some files that are suitable candidates for this are aliases, exim.conf and associated files, and any others you can think of. The idea behind these files was brought about by necessity. I have had many contracts where the resident staff or the staff that will have to administer the systems I install often have no previous experience of anything other than point and click. Every location has been genuinely shocked that the computers do not fall over weekly / monthly as they used to when using other operating systems; however there is always the difficulty of how do they make the daily changes. While many people would not think twice about logging in using ssh or putty there is a tremendous learning curve to using vi or emacs before one even considers explaining how an email is formed and why they should know what headers are (for things like spamassassin etc.) I needed an interface that could be reached from a variety of operating systems and be easily configurable to allow for the differences between sites.
I know that I could use a database or webmin; however many sites need something even more simple to provide just aliases configuration or smtp passwords etc.
Here are the files and how it works:
I have yet to fix the register_globals for these scripts. I do not use them at the moment and so have not invested the time, though it is an easy fix.
For the unixheads out there – no it does not read email yet
I had a peek about and could not find a web interface for smbpasswd. I have been helping a friend run a school network and after a year they would still rather use something that a text interface.
I had a look at webmin; however although I could add unix users I could not change samba passwords and the swat interface was not helpful. (In addition I did not want people playing with shares or other configuration options in SWAT). There is also smbpasswd.php as an rpm package, which had a load of pear dependencies, which were not a standard part of a distribution and I did not want random items to break on upgrade.
I have three files that require amendments to the sudoers file and server side includes enabled. I should also mention that this has been thrown together and is on a local network and is only accessed using ssl and is behind a password protected page. It is not secure and will allow people to do nasty things to your smbpasswd file.
The files are here: smbpasswd.php; write_data.php; final.shtml.
The changes to sudoers is as follows (using visudo):
apache ALL= NOPASSWD: /usr/bin/smbpasswd -s -a
The changes to the httpd.conf file to enable includes is:
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
<html> <head> <title> Changing Windows' User's password </title> </head> <body> <strong>Changing a Samba Password</strong> <form method="post" action="smbpasswd.php"> <br>Username is <input type="text" Name="username"><br> <br>Password is <input type="password" Name="pass1"> <br>Password is <input type="password" Name="pass2"> (confirmation)<br> <br><input type="submit" value="Step two"> </form> </body> </html> ___ write_data.php
<html> <head> <title> Change Password - Step two </title> </head> <body> <?php //create a file with data $file = @fopen("/full/path/htdocs/pass.dat","w"); $file2 = @fopen("/full/path/htdocs/user.dat","w"); fputs($file,$pass1."\n".$pass2 . "\n"); fputs($file2,$username."\n"); ?> <form method="post" action="changepass.html"> <br>You are about to add a new samba user or change the password on an existing user. <br><strongAre you sure?</strong> <br>Username is <?php echo "$username" ?> //<br>Password is <?php echo "$pass" ?> <br><input type="submit" value="Yes, I am Sure"> </body> </html> ___ final.shtml
<html> <head> <title> Changing Passwords Final Step </title> </head> <body> <br> <!--#exec cmd="sudo smbpasswd -s -a `cat /full/path/htdocs/user.dat` < /full/path/htdocs/pass.dat" --> <!--#exec cmd=" > /full/path/htdocs/user.dat; > /full/path/htdocs/pass.dat" --> <br> </body> </html>