I've started writing the deluser script I mentioned a while back. As one would expect, it has a configuration file which can control precisely what it does. At the moment I intend that the configuration file be, in fact, a piece of Perl which is executed by the script as it runs - this is the most general possible solution, of course, but if anyone has any good reasons why it's a bad idea then they should speak now.
(One obvious objection: not everyone speaks perl. I think it should be possible to provides examples and recipes to achieve simple configuration.) My intention is to support two types of deletion, which I shall call cancellation and deletion. Cancellation doesn't actually remove any user files, it just sets the users shell to CANCELLED and prevents any further logins. Deletion, on the other hand, deletes all traces of the user from the system. Typical operation might be to cancel users and then delete all cancelled users (say) a month later. I feel this is the best way of solving the question of precisely what should be deleted on account termination (IIRC this was the principal area of discussion when I first stated the intention to write this program.) (These are not the only ways of using the script; its precise behaviour can be quite finely tuned both by the configuration file and from the command line, if necessary.) -- Richard Kettlewell [EMAIL PROTECTED] http://www.elmail.co.uk/staff/richard/
