1 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/events/actions/ldap-init-accounts mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/events/actions/ldap-init-accounts |
2 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/events/actions/ldap-init-accounts 2008-04-02 10:42:45.000000000 -0600 |
3 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/events/actions/ldap-init-accounts 1969-12-31 17:00:00.000000000 -0700 |
4 |
@@ -1,300 +0,0 @@ |
5 |
-#!/usr/bin/perl -w |
6 |
- |
7 |
-#---------------------------------------------------------------------- |
8 |
-# copyright (C) 1999, 2000 e-smith, inc. |
9 |
-# |
10 |
-# This program is free software; you can redistribute it and/or modify |
11 |
-# it under the terms of the GNU General Public License as published by |
12 |
-# the Free Software Foundation; either version 2 of the License, or |
13 |
-# (at your option) any later version. |
14 |
-# |
15 |
-# This program is distributed in the hope that it will be useful, |
16 |
-# but WITHOUT ANY WARRANTY; without even the implied warranty of |
17 |
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
18 |
-# GNU General Public License for more details. |
19 |
-# |
20 |
-# You should have received a copy of the GNU General Public License |
21 |
-# along with this program; if not, write to the Free Software |
22 |
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
23 |
-#---------------------------------------------------------------------- |
24 |
- |
25 |
-package esmith; |
26 |
- |
27 |
-use strict; |
28 |
-use Errno; |
29 |
-use esmith::ConfigDB; |
30 |
-use esmith::AccountsDB; |
31 |
-use esmith::util; |
32 |
-use Net::LDAP::LDIF; |
33 |
- |
34 |
-# Events: post-install, post-upgrade. |
35 |
-# We assume we cannot access to ldap during this action. |
36 |
- |
37 |
-my $c = esmith::ConfigDB->open_ro or die "Couldn't open config db\n"; |
38 |
- |
39 |
-my $domain = $c->get('DomainName') |
40 |
- || die("Couldn't determine domain name"); |
41 |
-$domain = $domain->value; |
42 |
-my $smb_server = $c->get('smb') |
43 |
- || die("Couldn't determine samba server name"); |
44 |
-$smb_server = $smb_server->prop("ServerName"); |
45 |
-$smb_server =~ tr/[a-z]/[A-Z]/; |
46 |
-my $base = esmith::util::ldapBase ($domain); |
47 |
- |
48 |
-# We specify an empty configuration file to assure no ldap connection. |
49 |
-my $g = `/usr/bin/net getlocalsid -s /dev/null`; |
50 |
-unless ($g =~ /SID.*is: (.+)/) { |
51 |
- warn "Unable to determine SID. Clearning cache to see if it helps."; |
52 |
- rename '/etc/samba/secrets.tdb','/etc/samba/secrets.'.time; |
53 |
- rename '/var/cache/samba/gencache.tdb','/var/cache/samba/gencache.'.time; |
54 |
- rename '/var/cache/samba/wins.dat','/var/cache/samba/wins.'.time; |
55 |
- $g = `/usr/bin/net getlocalsid -s /dev/null`; |
56 |
- $g =~ /SID.*is: (.+)/ or die "Could not get current sid\n"; |
57 |
-} |
58 |
-my $local_sid = $1; |
59 |
- |
60 |
-# Since we are adding entries directly to the database, to ensure consistency, |
61 |
-# slapd should not be running. |
62 |
-if (`ps -A|grep slapd`) |
63 |
-{ |
64 |
- unless (system("/usr/local/bin/svc -d /service/ldap") == 0) |
65 |
- { |
66 |
- die "Failed to init ldap base because slapd is running.\n"; |
67 |
- } |
68 |
-} |
69 |
- |
70 |
-# Be sure that relevant schemas are enabled. |
71 |
-unless (system("/sbin/e-smith/expand-template /etc/openldap/slapd.conf") == 0) |
72 |
-{ |
73 |
- die "Failed to expand /etc/openldap/slapd.conf.\n"; |
74 |
-} |
75 |
- |
76 |
-# See perldoc perlipc (search for 'Safe Pipe Opens'). |
77 |
-my $pid = open(DISCARD, "|-"); |
78 |
- |
79 |
-# Write to DISCARD ldif code corresponding to accounts to init. |
80 |
-if ($pid) # parent |
81 |
-{ |
82 |
- my $ldif = Net::LDAP::LDIF->new("/home/e-smith/db/ldap/$domain.ldif", |
83 |
- "r", onerror => 'undef'); |
84 |
- my $writer = Net::LDAP::LDIF->new(\*DISCARD, "w", onerror => 'undef'); |
85 |
- |
86 |
- # Entries to init. |
87 |
- my @ous = ("Groups", "People", "Users"); # ous for Organizational Units. |
88 |
- my @users = ("root", "ntp", "www", "admin", "public"); |
89 |
- my @groups = ("shared", "slocate", "nobody", @users); |
90 |
- |
91 |
- # Groups to map with samba, their names and their rids. |
92 |
- my %mapping = |
93 |
- ( |
94 |
- 'admin' => ['Domain Admins', "512"], |
95 |
- 'shared' => ['Domain Users', "513"], |
96 |
- 'nobody' => ['Domain Guests', "514"] |
97 |
- ); |
98 |
- |
99 |
- # Check for already initialized entries. |
100 |
- my %ou_done = (); |
101 |
- my %group_done = (); |
102 |
- my %user_done = (); |
103 |
- my $smb_domain_done; |
104 |
- while (not $ldif->eof()) |
105 |
- { |
106 |
- my $entry = $ldif->read_entry(); |
107 |
- if ($ldif->error()) |
108 |
- { |
109 |
- warn "Error msg: ", $ldif->error(), "\n"; |
110 |
- warn "Error lines:\n", $ldif->error_lines(), "\n"; |
111 |
- } |
112 |
- else |
113 |
- { |
114 |
- my $dn = $entry->dn || ""; |
115 |
- |
116 |
- $smb_domain_done = 1 |
117 |
- if ($dn eq "sambaDomainName=$smb_server,$base"); |
118 |
- |
119 |
- foreach (@ous) |
120 |
- { |
121 |
- $ou_done{$_} = 1 |
122 |
- if ($dn eq "ou=$_,$base"); |
123 |
- } |
124 |
- |
125 |
- foreach (@groups) |
126 |
- { |
127 |
- $group_done{$_} = 1 |
128 |
- if ($dn eq "cn=$_,ou=Groups,$base"); |
129 |
- } |
130 |
- |
131 |
- foreach (@users) |
132 |
- { |
133 |
- $user_done{$_} = 1 |
134 |
- if ($dn eq "uid=$_,ou=Users,$base"); |
135 |
- } |
136 |
- } |
137 |
- } |
138 |
- $ldif->done(); |
139 |
- |
140 |
- # Produce ldif code. |
141 |
- unless ($smb_domain_done) |
142 |
- { |
143 |
- my $smb_domain = Net::LDAP::Entry->new(); |
144 |
- $smb_domain->dn("sambaDomainName=$smb_server,$base"); |
145 |
- $smb_domain->add |
146 |
- ( |
147 |
- "objectClass" => "sambaDomain", |
148 |
- "sambaAlgorithmicRidBase" => "1000", |
149 |
- "sambaDomainName" => $smb_server, |
150 |
- "sambaSID" => $local_sid, |
151 |
- ); |
152 |
- |
153 |
- $writer->write($smb_domain); |
154 |
- } |
155 |
- |
156 |
- foreach (@ous) |
157 |
- { |
158 |
- next if $ou_done{$_}; |
159 |
- |
160 |
- my $ou = Net::LDAP::Entry->new(); |
161 |
- $ou->dn("ou=$_,$base"); |
162 |
- $ou->add |
163 |
- ( |
164 |
- "ou" => $_, |
165 |
- "objectClass" => ["organizationalUnit", "top"] |
166 |
- ); |
167 |
- |
168 |
- $writer->write($ou); |
169 |
- } |
170 |
- |
171 |
- my $group_info = parse_file("/etc/group", @groups); |
172 |
- |
173 |
- foreach (@groups) |
174 |
- { |
175 |
- next if $group_done{$_}; |
176 |
- |
177 |
- my ($name, $passwd, $gid, $members) = @{$group_info->{$_}}; |
178 |
- |
179 |
- die "Unable to find $_ informations in /etc/group.\n" |
180 |
- unless ($name ne "" && $gid ne ""); |
181 |
- |
182 |
- my $group = Net::LDAP::Entry->new(); |
183 |
- $group->dn("cn=$_,ou=Groups,$base"); |
184 |
- |
185 |
- if ($mapping{$_}) |
186 |
- { |
187 |
- my ($dname, $rid) = @{$mapping{$_}}; |
188 |
- $group->add |
189 |
- ( |
190 |
- "objectClass" => ["posixGroup", "sambaGroupMapping", "top"], |
191 |
- "cn" => $name, |
192 |
- "gidNumber" => $gid, |
193 |
- "memberUid" => [split(/,/, $members || "")], |
194 |
- "description" => "Local Unix group", |
195 |
- "displayName" => $dname, |
196 |
- "sambaGroupType" => "2", |
197 |
- "sambaSID" => $local_sid . "-" . $rid |
198 |
- ); |
199 |
- } |
200 |
- else |
201 |
- { |
202 |
- $group->add |
203 |
- ( |
204 |
- "objectClass" => ["posixGroup", "top"], |
205 |
- "cn" => $name, |
206 |
- "gidNumber" => $gid, |
207 |
- "memberUid" => [split(/,/, $members || "")] |
208 |
- ); |
209 |
- } |
210 |
- |
211 |
- $writer->write($group); |
212 |
- } |
213 |
- |
214 |
- my $passwd_info = parse_file("/etc/passwd", @users); |
215 |
- my $shadow_info = parse_file("/etc/shadow", @users); |
216 |
- |
217 |
- foreach (@users) |
218 |
- { |
219 |
- next if $user_done{$_}; |
220 |
- |
221 |
- my ($name, undef, $uid, $gid, $comment, $home, $shell) |
222 |
- = @{$passwd_info->{$_}}; |
223 |
- my (undef, $passwd, $lastchange, $min, $max, $warning, $inactive, |
224 |
- $expire, $flag) = @{$shadow_info->{$_}}; |
225 |
- |
226 |
- die "Unable to find $_ informations in /etc/passwd.\n" |
227 |
- unless ($name ne "" && $uid ne "" && $gid ne "" && $home ne ""); |
228 |
- |
229 |
- my $user = Net::LDAP::Entry->new(); |
230 |
- $user->dn("uid=$_,ou=Users,$base"); |
231 |
- $user->add |
232 |
- ( |
233 |
- "objectClass" => ["account", "posixAccount", "shadowAccount", |
234 |
- "top"], |
235 |
- "cn" => $name, |
236 |
- "uid" => $name, |
237 |
- "gecos" => $comment || "no comment", |
238 |
- "uidNumber" => $uid, |
239 |
- "gidNumber" => $gid, |
240 |
- "userPassword" => "{crypt}" . ($passwd || "*"), |
241 |
- "homeDirectory" => $home, |
242 |
- "loginShell" => $shell || "/bin/false", |
243 |
- "shadowLastChange" => $lastchange || int(time / (24 * 3600)), |
244 |
- "shadowMin" => $min || "-1", |
245 |
- "shadowMax" => $max || "99999", |
246 |
- "shadowWarning" => $warning || "7", |
247 |
- "shadowInactive" => $inactive || "-1", |
248 |
- "shadowExpire" => $expire || "-1", |
249 |
- "shadowFlag" => $flag || "-1" |
250 |
- ); |
251 |
- |
252 |
- $writer->write($user); |
253 |
- } |
254 |
- |
255 |
-$writer->done(); |
256 |
-close(DISCARD) || die "Child exited early."; |
257 |
-} |
258 |
-else # child |
259 |
-{ |
260 |
- # Add entries to slapd base. |
261 |
- unless (system("/usr/sbin/slapadd -b $base") == 0) |
262 |
- { |
263 |
- die "Failed to add ldif entries to $base via slapadd.\n"; |
264 |
- } |
265 |
- |
266 |
- # Make sure ldap db are owned by ldap |
267 |
- system("/bin/chown ldap:ldap /var/lib/ldap/*") == 0 |
268 |
- or die "Failed to chown ldap db.\n"; |
269 |
- |
270 |
- exit 0; |
271 |
-} |
272 |
- |
273 |
-# Update dump to assute consistency. |
274 |
-unless (system("/usr/sbin/slapcat", |
275 |
- "-b", $base, |
276 |
- "-l", "/home/e-smith/db/ldap/$domain.ldif") == 0) |
277 |
-{ |
278 |
- die "Failed to update slapd dump (/home/e-smith/db/ldap/$domain.ldif).\n"; |
279 |
-} |
280 |
- |
281 |
-# Parse a file with fields separated by ':' (ie /etc/{group,passwd,shadow}). |
282 |
-sub parse_file |
283 |
-{ |
284 |
- # We are only interested in @keep accounts. |
285 |
- my ($file, @keep) = @_; |
286 |
- |
287 |
- my %result = (); |
288 |
- |
289 |
- open(FILE, $file) or die("open: $!"); |
290 |
- |
291 |
- my @line; |
292 |
- while(<FILE>) |
293 |
- { |
294 |
- chomp; |
295 |
- @line = split(/:/); |
296 |
- foreach (@keep) |
297 |
- { |
298 |
- $result{$_} = [ @line ] |
299 |
- if ($line[0] eq $_); |
300 |
- } |
301 |
- } |
302 |
- |
303 |
- return \%result; |
304 |
-} |
305 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/11SambaDomain mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/11SambaDomain |
306 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/11SambaDomain 1969-12-31 17:00:00.000000000 -0700 |
307 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/11SambaDomain 2008-04-02 10:42:01.000000000 -0600 |
308 |
@@ -0,0 +1,10 @@ |
309 |
+{ |
310 |
+ my ($smb_server) = $smb{ServerName}; |
311 |
+ $smb_server =~ tr/[a-z]/[A-Z]/; |
312 |
+ |
313 |
+ $OUT .= "dn: sambaDomainName=$smb_server,$ldapBase\n"; |
314 |
+ $OUT .= "objectClass: sambaDomain\n"; |
315 |
+ $OUT .= "sambaAlgorithmicRidBase: 1000\n"; |
316 |
+ $OUT .= "sambaDomainName: $smb_server\n"; |
317 |
+ $OUT .= "sambaSID: $local_sid\n"; |
318 |
+} |
319 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/12UserGroupContainers mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/12UserGroupContainers |
320 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/12UserGroupContainers 1969-12-31 17:00:00.000000000 -0700 |
321 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/12UserGroupContainers 2008-04-02 10:42:01.000000000 -0600 |
322 |
@@ -0,0 +1,10 @@ |
323 |
+{ |
324 |
+ foreach (@ous) |
325 |
+ { |
326 |
+ $OUT .= "dn: ou=$_,$ldapBase\n"; |
327 |
+ $OUT .= "objectClass: top\n"; |
328 |
+ $OUT .= "objectClass: organizationalUnit\n"; |
329 |
+ $OUT .= "ou: $_\n\n"; |
330 |
+ } |
331 |
+} |
332 |
+ |
333 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups |
334 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups 1969-12-31 17:00:00.000000000 -0700 |
335 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups 2008-04-02 10:42:01.000000000 -0600 |
336 |
@@ -0,0 +1,44 @@ |
337 |
+{ |
338 |
+ my $group_info = parse_file("/etc/group", @groups); |
339 |
+ |
340 |
+ foreach my $group (@groups) |
341 |
+ { |
342 |
+ # Skip groups in db but not in /etc/group. |
343 |
+ next unless ($group_info->{$group}); |
344 |
+ |
345 |
+ my ($name, $passwd, $gid, $members) = @{$group_info->{$group}}; |
346 |
+ |
347 |
+ $OUT .= "dn: cn=$group,ou=Groups,$ldapBase\n"; |
348 |
+ |
349 |
+ if ($mapping{$group}) |
350 |
+ { |
351 |
+ my ($dname, $rid) = @{$mapping{$group}}; |
352 |
+ |
353 |
+ $OUT .= utf8("objectClass: posixGroup\n"); |
354 |
+ $OUT .= utf8("objectClass: sambaGroupMapping\n"); |
355 |
+ $OUT .= utf8("objectClass: top\n"); |
356 |
+ $OUT .= utf8("cn: $name\n"); |
357 |
+ $OUT .= utf8("gidNumber: $gid\n"); |
358 |
+ foreach (split(/,/, $members || "")) |
359 |
+ { |
360 |
+ $OUT .= utf8("memberUid: $_\n"); |
361 |
+ } |
362 |
+ $OUT .= utf8("description: Local Unix group\n"); |
363 |
+ $OUT .= utf8("displayName: $dname\n"); |
364 |
+ $OUT .= utf8("sambaGroupType: 2\n"); |
365 |
+ $OUT .= utf8("sambaSID: $local_sid" . "-" . "$rid\n\n"); |
366 |
+ } |
367 |
+ else |
368 |
+ { |
369 |
+ $OUT .= utf8("objectClass: posixGroup\n"); |
370 |
+ $OUT .= utf8("objectClass: top\n"); |
371 |
+ $OUT .= utf8("cn: $name\n"); |
372 |
+ $OUT .= utf8("gidNumber: $gid\n"); |
373 |
+ foreach (split(/,/, $members || "")) |
374 |
+ { |
375 |
+ $OUT .= utf8("memberUid: $_\n"); |
376 |
+ } |
377 |
+ $OUT .= "\n"; |
378 |
+ } |
379 |
+ } |
380 |
+} |
381 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50people mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50people |
382 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50people 1969-12-31 17:00:00.000000000 -0700 |
383 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50people 2008-04-02 10:42:01.000000000 -0600 |
384 |
@@ -0,0 +1,60 @@ |
385 |
+{ |
386 |
+ @peoples = ($a->users, $a->groups); |
387 |
+ |
388 |
+ foreach my $people (@peoples) |
389 |
+ { |
390 |
+ my $key = $people->key; |
391 |
+ my $type = $people->prop('type'); |
392 |
+ |
393 |
+ if ($type eq 'user') |
394 |
+ { |
395 |
+ my $first = $people->prop('FirstName') || ''; |
396 |
+ my $last = $people->prop('LastName') || ''; |
397 |
+ my $name = "$first $last"; |
398 |
+ my $phone = $people->prop('Phone') || ''; |
399 |
+ my $company = $people->prop('Company') || ''; |
400 |
+ my $dept = $people->prop('Dept') || ''; |
401 |
+ my $city = $people->prop('City') || ''; |
402 |
+ my $street = $people->prop('Street') || ''; |
403 |
+ |
404 |
+ $OUT .= utf8("dn: uid=$key,ou=People,$ldapBase\n"); |
405 |
+ $OUT .= utf8("objectClass: person\n"); |
406 |
+ $OUT .= utf8("objectClass: organizationalPerson\n"); |
407 |
+ $OUT .= utf8("objectClass: inetOrgPerson\n"); |
408 |
+ $OUT .= utf8("uid: $key\n"); |
409 |
+ $OUT .= utf8("cn: $name\n"); |
410 |
+ $OUT .= utf8("givenName: $first\n"); |
411 |
+ $OUT .= utf8("sn: $last\n"); |
412 |
+ $OUT .= utf8("mail: $key\@$DomainName\n"); |
413 |
+ $OUT .= utf8("telephoneNumber: $phone\n"); |
414 |
+ $OUT .= utf8("o: $company\n"); |
415 |
+ $OUT .= utf8("ou: $dept\n"); |
416 |
+ $OUT .= utf8("l: $city\n"); |
417 |
+ $OUT .= utf8("street: $street\n\n"); |
418 |
+ } |
419 |
+ elsif ($type eq 'group') |
420 |
+ { |
421 |
+ my $desc = $people->prop('Description') || ''; |
422 |
+ my $phone = $ldap{defaultPhoneNumber} || ''; |
423 |
+ my $company = $ldap{defaultCompany} || ''; |
424 |
+ my $dept = $ldap{defaultDepartment} || ''; |
425 |
+ my $city = $ldap{defaultCity} || ''; |
426 |
+ my $street = $ldap{defaultStreet} || ''; |
427 |
+ |
428 |
+ $OUT .= utf8("dn: uid=$key,ou=People,$ldapBase\n"); |
429 |
+ $OUT .= utf8("objectClass: person\n"); |
430 |
+ $OUT .= utf8("objectClass: organizationalPerson\n"); |
431 |
+ $OUT .= utf8("objectClass: inetOrgPerson\n"); |
432 |
+ $OUT .= utf8("uid: $key\n"); |
433 |
+ $OUT .= utf8("cn: $desc\n"); |
434 |
+ $OUT .= utf8("sn: $desc\n"); |
435 |
+ $OUT .= utf8("mail: $key\@$DomainName\n"); |
436 |
+ $OUT .= utf8("telephoneNumber: $phone\n"); |
437 |
+ $OUT .= utf8("o: $company\n"); |
438 |
+ $OUT .= utf8("ou: $dept\n"); |
439 |
+ $OUT .= utf8("l: $city\n"); |
440 |
+ $OUT .= utf8("street: $street\n\n"); |
441 |
+ } |
442 |
+ } |
443 |
+} |
444 |
+ |
445 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users |
446 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users 1969-12-31 17:00:00.000000000 -0700 |
447 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users 2008-04-02 10:42:01.000000000 -0600 |
448 |
@@ -0,0 +1,36 @@ |
449 |
+{ |
450 |
+ my $passwd_info = parse_file("/etc/passwd", @users); |
451 |
+ my $shadow_info = parse_file("/etc/shadow", @users); |
452 |
+ |
453 |
+ foreach my $user (@users) |
454 |
+ { |
455 |
+ # Skip users in db but not in /etc/passwd. |
456 |
+ next unless ($passwd_info->{$user}); |
457 |
+ |
458 |
+ my ($name, undef, $uid, $gid, $comment, $home, $shell) |
459 |
+ = @{$passwd_info->{$user}}; |
460 |
+ my (undef, $passwd, $lastchange, $min, $max, $warning, $inactive, |
461 |
+ $expire, $flag) = @{$shadow_info->{$user}}; |
462 |
+ |
463 |
+ $OUT .= utf8("dn: uid=$user,ou=Users,$ldapBase\n"); |
464 |
+ $OUT .= utf8("objectClass: account\n"); |
465 |
+ $OUT .= utf8("objectClass: posixAccount\n"); |
466 |
+ $OUT .= utf8("objectClass: shadowAccount\n"); |
467 |
+ $OUT .= utf8("objectClass: top\n"); |
468 |
+ $OUT .= utf8("cn: $name\n"); |
469 |
+ $OUT .= utf8("uid: $name\n"); |
470 |
+ $OUT .= utf8("gecos: " . ($comment || "no comment") . "\n"); |
471 |
+ $OUT .= utf8("uidNumber: $uid\n"); |
472 |
+ $OUT .= utf8("gidNumber: $gid\n"); |
473 |
+ $OUT .= utf8("userPassword: {crypt}" . ($passwd || "*") . "\n"); |
474 |
+ $OUT .= utf8("homeDirectory: $home\n"); |
475 |
+ $OUT .= utf8("loginShell: " . ($shell || "/bin/false") . "\n"); |
476 |
+ $OUT .= utf8("shadowLastChange: " . ($lastchange || int(time / (24 * 3600))) . "\n"); |
477 |
+ $OUT .= utf8("shadowMin: " . ($min || "-1") . "\n"); |
478 |
+ $OUT .= utf8("shadowMax: " . ($max || "99999") . "\n"); |
479 |
+ $OUT .= utf8("shadowWarning: " . ($warning || "7") . "\n"); |
480 |
+ $OUT .= utf8("shadowInactive: " . ($inactive || "-1") . "\n"); |
481 |
+ $OUT .= utf8("shadowExpire: " . ($expire || "-1") . "\n"); |
482 |
+ $OUT .= utf8("shadowFlag: " . ($flag || "-1") . "\n\n"); |
483 |
+ } |
484 |
+} |
485 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin |
486 |
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin 2008-04-02 10:42:47.000000000 -0600 |
487 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin 2008-04-02 10:42:01.000000000 -0600 |
488 |
@@ -1,14 +1,63 @@ |
489 |
{ |
490 |
+ use esmith::ConfigDB; |
491 |
use esmith::AccountsDB; |
492 |
use esmith::util; |
493 |
|
494 |
$a = esmith::AccountsDB->open_ro; |
495 |
+ $c = esmith::ConfigDB->open_ro; |
496 |
$ldapBase = esmith::util::ldapBase ($DomainName); |
497 |
+ $local_sid = `/usr/bin/net getlocalsid -s /dev/null -n $smb{ServerName}`; |
498 |
+ $local_sid =~ s/SID.*is: (.+)/$1/; |
499 |
+ chomp($local_sid); |
500 |
sub utf8 |
501 |
{ |
502 |
my $t = shift; |
503 |
utf8::encode($t); |
504 |
return $t; |
505 |
} |
506 |
+ # Basic entries to init. |
507 |
+ @ous = ("Groups", "People", "Users"); # ous for Organizational Units. |
508 |
+ @users = ("root", "ntp", "www", "admin", "public"); |
509 |
+ @groups = ("shared", "slocate", "nobody", @users); |
510 |
+ |
511 |
+ # Groups to map with samba, their names and their rids. |
512 |
+ %mapping = |
513 |
+ ( |
514 |
+ 'admin' => ['Domain Admins', "512"], |
515 |
+ 'shared' => ['Domain Users', "513"], |
516 |
+ 'nobody' => ['Domain Guests', "514"] |
517 |
+ ); |
518 |
+ |
519 |
+ # Add users and groups from db. |
520 |
+ foreach my $account ($a->users, $a->groups) |
521 |
+ { |
522 |
+ @users = (@users, $account->key); |
523 |
+ @groups = (@groups, $account->key); |
524 |
+ } |
525 |
+ |
526 |
+ # Parse a file with fields separated by ':' (ie /etc/{group,passwd,shadow}). |
527 |
+ sub parse_file |
528 |
+ { |
529 |
+ # We are only interested in @keep accounts. |
530 |
+ my ($file, @keep) = @_; |
531 |
+ |
532 |
+ my %result = (); |
533 |
+ |
534 |
+ open(FILE, $file) or die("open: $!"); |
535 |
+ |
536 |
+ my @line; |
537 |
+ while(<FILE>) |
538 |
+ { |
539 |
+ chomp; |
540 |
+ @line = split(/:/); |
541 |
+ foreach (@keep) |
542 |
+ { |
543 |
+ $result{$_} = [ @line ] |
544 |
+ if ($line[0] eq $_); |
545 |
+ } |
546 |
+ } |
547 |
+ |
548 |
+ return \%result; |
549 |
+ } |
550 |
$OUT = ""; |
551 |
} |
552 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/var/service/ldap/run mezzanine_patched_e-smith-base+ldap-4.19.1/root/var/service/ldap/run |
553 |
--- e-smith-base+ldap-4.19.1/root/var/service/ldap/run 2008-04-02 10:42:47.000000000 -0600 |
554 |
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/var/service/ldap/run 2008-04-02 10:42:01.000000000 -0600 |
555 |
@@ -38,7 +38,6 @@ |
556 |
fi |
557 |
sed -e 's/objectClass: group/objectClass: posixGroup/' < $ldif | \ |
558 |
setuidgid ldap slapadd -c |
559 |
- /etc/e-smith/events/actions/ldap-init-accounts |
560 |
fi |
561 |
fi |
562 |
|