[SOLVED] Create user automatically via php web form
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I'm working on a server project for me and some friends for data backup and storage.
I want to create local users from information collected in a web form I intend to create with php.
I will plan on having a database of user information so they can make some changes to their account. Not sure exactly what, but just to make it seem more offical.
I want to give them access to rsync (so ssh by default), ftp, owncloud and http of their own directories. I intend to use quotas to regulate the amount of storage space available to each user.
To the best of my knowledge, it is not possible to directly create a user via php do to privledge restriction. The only way I can think to do it is have the form store the information to a file and have a cron job create the account for me. I'm not sure how well this will work unless I tell the cron job to run frequently enough to make it convenient.
Does anyone have a better idea of how I might do this?
I'm aware of the possibility of using virtual users, but then I loose some ability to control quotas.
I'm sure you'll get other posts about ensuring security etc. However to achieve what you've asked I would suggest:
When users complete the form display: "Your account may take up to X minutes to set-up, you will receive an e-mail when this is completed".
Store the information in a file and run your cron job to create users every X minutes (could even be every minute I suppose) and then notify the user by e-mail when it's created.
Alternatively could you specify that the user contect that PHP runs under (apache user?) has unpassworded sudo ability to run the relevant system commands?
I'd prefer the former soln (ie it'll take a while to setup an acct), rather than allowing php/Apache any privileged cmds.
If you really want instant and secure, look at dnotify http://linux.die.net/man/1/dnotify.
This is probably overkill unless you NEED (not just want) an instant response/acct.
I was thinking along those same lines. Just stating that it could take X amount of time for the account to become active. In the end it shouldn't really matter too much because it only occurs once. Of course, password changes could cause an account to be only accessable via an older password for X amount of time. But a small price to pay for security.