e-smith-base/sme8/e-smith-base-5.2.0-better-ldap.patch

diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix.better-ldap    2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix        2010-11-02 13:10:24.000000000 -0600
@@ -34,6 +34,7 @@ my $accounts = esmith::AccountsDB->open
     or die "Could not open accounts DB";
 
 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = $ARGV [0];
 my $groupName = $ARGV [1];
@@ -68,36 +69,14 @@ unless ($gid = $group->prop('Gid'))
 my $uid = $group->prop('Uid');
 my $description = $group->prop('Description') || '';
 
-if ($ldapauth eq 'enabled')
-{
-    # Create the user's unique group first
-    system(
-            "/usr/sbin/cpu", "groupadd",
-            "-g", $gid,
-            $groupName
-        ) == 0 or die "Failed to create group $groupName.\n";
-
-    # Now create the dummy user account
-    system(
-            "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
-            "-u", $uid,
-            "-g", $gid,
-            "-c", $description,
-            "-d",
-            "/home/e-smith",
-            "-s",
-            "/bin/false",
-            "$groupName"
-        ) == 0 or die "Failed to create user $groupName.\n";
-}
-else
+if ($ldapauth ne 'enabled')
 {
     # Create the user's unique group first
     system(
             "/usr/sbin/groupadd",
             "-g", $gid,
             $groupName
-        ) == 0 or die "Failed to create group $groupName.\n";
+        ) == 0 or ( $x = 255, warn "Failed to create (unix) group $groupName.\n" );
 
     # Now create the dummy user account
     system(
@@ -110,9 +89,29 @@ else
             "-s",
             "/bin/false",
             "$groupName"
-        ) == 0 or die "Failed to create user $groupName.\n";
+        ) == 0 or ( $x = 255, warn "Failed to create (unix) user $groupName.\n" );
 }
 
+# Create the user's unique group first (in ldap)
+system(
+        "/usr/sbin/cpu", "groupadd",
+        "-g", $gid,
+        $groupName
+    ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $groupName.\n" );
+
+# Now create the dummy user account (in ldap)
+system(
+        "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
+        "-u", $uid,
+        "-g", $gid,
+        "-c", $description,
+        "-d",
+        "/home/e-smith",
+        "-s",
+        "/bin/false",
+        "$groupName"
+    ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) user $groupName.\n" );
+
 # Release lock if we have one
 $lock && esmith::lockfile::UnlockFile($lock);
 
@@ -148,26 +147,22 @@ foreach $member (@groupMembers)
     my @groupList = split (/\s+/, $groups);
     @groupList = grep (!/^$member$/, @groupList);
 
-    # root user/group isn't in ldap
-    if ($ldapauth eq 'enabled')
-    {
-        @groupList = grep (!/^root$/, @groupList);
-    }
-
     push @groupList, $groupName;
 
     $groups = join (',', sort (@groupList));
 
-    if ($ldapauth eq 'enabled')
-    {
-        system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
-            or die "Failed to modify supplementary group list for $member.\n";
-    }
-    else
+    if ($ldapauth ne 'enabled')
     {
         system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0
-            or die "Failed to modify supplementary group list for $member.\n";
+            or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" );
     }
+
+    # root user/group isn't in ldap
+    @groupList = grep (!/^root$/, @groupList);
+    $groups = join (',', sort (@groupList));
+
+    system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
+        or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" );
 }
 
-exit (0);
+exit ($x);
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix.better-ldap    2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix        2010-11-02 13:12:39.000000000 -0600
@@ -31,25 +31,24 @@ my $conf = esmith::ConfigDB->open_ro
     or die "Could not open Config DB";
 
 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = $ARGV [0];
 my $groupName = $ARGV [1] or die "Groupname argument missing.";
 
-if ($ldapauth eq 'enabled')
-{
-    system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0
-        or die "Failed to delete dummy user for group $groupName.\n";
-
-    system("/usr/sbin/cpu", "groupdel", "$groupName") == 0
-        or die "Failed to delete group $groupName.\n";
-}
-else
+if ($ldapauth ne 'enabled')
 {
     system("/usr/sbin/userdel", "$groupName") == 0
-        or die "Failed to delete dummy user for group $groupName.\n";
+        or ( $x = 255, warn "Failed to delete dummy user for (unix) group $groupName.\n" );
 
     system("/usr/sbin/groupdel", "$groupName") == 0
-        or die "Failed to delete group $groupName.\n";
+        or ( $x = 255, warn "Failed to delete (unix) group $groupName.\n" );
 }
 
-exit (0);
+system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0
+    or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete dummy user for (ldap) group $groupName.\n" );
+
+system("/usr/sbin/cpu", "groupdel", "$groupName") == 0
+    or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group $groupName.\n" );
+
+exit ($x);
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix.better-ldap    2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix        2010-11-02 13:13:15.000000000 -0600
@@ -32,6 +32,7 @@ my $c = esmith::ConfigDB->open_ro || die
 my $a = esmith::AccountsDB->open_ro || die "Couldn't open accounts db\n";
 
 my $ldapauth = $c->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = shift || die "Event name arg missing\n";;
 my @groups;
@@ -66,17 +67,15 @@ foreach my $group (@groups)
     my $groupDesc = $properties{'Description'}
        if (defined $properties{'Description'});
 
-    if ($ldapauth eq 'enabled')
-    {
-        system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", "$groupDesc", "$groupName") == 0
-            or die "Failed to modify group description for $groupName.\n";
-    }
-    else
+    if ($ldapauth ne 'enabled')
     {
         system("/usr/sbin/usermod", "-c", "$groupDesc", "$groupName") == 0
-            or die "Failed to modify group description for $groupName.\n";
+            or ( $x = 255, warn "Failed to modify (unix) group description for $groupName.\n" );
     }
 
+    system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", "$groupDesc", "$groupName") == 0
+        or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify (ldap) group description for $groupName.\n" );
+
     my ($name, $passwd, $gid, $members) = getgrnam ($groupName);
     my @oldMembers = split (/\s+/, $members);
     my @newMembers = split (/,/, $properties {'Members'});
@@ -121,12 +120,6 @@ foreach my $group (@groups)
        my @groupList = split (/\s+/, $groups);
        @groupList = grep (!/^$member$/, @groupList);
 
-        # root user/group isn't in ldap
-        if ($ldapauth eq 'enabled')
-        {
-            @groupList = grep (!/^root$/, @groupList);
-        }
-
        if ($oldMembers{$member})
        {
            @groupList = grep (!/^$groupName$/, @groupList);
@@ -137,17 +130,19 @@ foreach my $group (@groups)
        }
        $groups = join (',', sort (@groupList));
 
-        if ($ldapauth eq 'enabled')
-        {
-            system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
-                or die "Failed to modify supplementary group list for $member.\n";
-        }
-        else
+        if ($ldapauth ne 'enabled')
         {
             system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0
-                or die "Failed to modify supplementary group list for $member.\n";
+                or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" );
         }
+
+        # root user/group isn't in ldap
+        @groupList = grep (!/^root$/, @groupList);
+        $groups = join (',', sort (@groupList));
+
+        system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
+            or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" );
     }
 }
 
-exit (0);
+exit ($x);
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/init-accounts.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/init-accounts
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix.better-ldap     2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix 2010-11-02 13:15:06.000000000 -0600
@@ -32,6 +32,7 @@ my $conf = esmith::ConfigDB->open_ro;
 my $accounts = esmith::AccountsDB->open;
 
 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = $ARGV [0];
 my $userName = $ARGV [1];
@@ -64,33 +65,7 @@ my $last = $acct->prop('LastName') || ''
 my $shell = $acct->prop('Shell') || '/usr/bin/rssh';
 
 
-if ($ldapauth eq 'enabled')
-{
-    # Create the user's unique group first
-    system(
-            "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
-            "-g",
-            $gid,
-            $userName
-        ) == 0 or die "Failed to create group $userName.\n";
-
-    # Now create the user account
-    system(
-            "/usr/sbin/cpu", "useradd",
-            "-u", $uid,
-            "-g", $uid,
-            "-c", "$first $last",
-            "-f", "$first",
-            "-E", "$last",
-            "-d", "/home/e-smith/files/users/$userName",
-            "-G", "shared",
-            "-m",
-            "-k/etc/e-smith/skel/user",
-            "-s", "$shell",
-            $userName
-        ) == 0 or die "Failed to create account $userName.\n";
-}
-else
+if ($ldapauth ne 'enabled')
 {
     # Create the user's unique group first
     system(
@@ -98,7 +73,7 @@ else
             "-g",
             $gid,
             $userName
-        ) == 0 or die "Failed to create group $userName.\n";
+        ) == 0 or ( $x = 255, warn "Failed to create (unix) group $userName.\n" );
 
     # Now create the user account
     system(
@@ -112,9 +87,33 @@ else
             "-k", "/etc/e-smith/skel/user",
             "-s", "$shell",
             $userName
-        ) == 0 or die "Failed to create account $userName.\n";
+        ) == 0 or ( $x = 255, warn "Failed to create (unix) account $userName.\n" );
 }
 
+# Create the user's unique group first (in ldap)
+system(
+        "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
+        "-g",
+        $gid,
+        $userName
+    ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $userName.\n" );
+
+# Now create the user account (in ldap)
+system(
+        "/usr/sbin/cpu", "useradd",
+        "-u", $uid,
+        "-g", $uid,
+        "-c", "$first $last",
+        "-f", "$first",
+        "-E", "$last",
+        "-d", "/home/e-smith/files/users/$userName",
+        "-G", "shared",
+        "-m",
+        "-k/etc/e-smith/skel/user",
+        "-s", "$shell",
+        $userName
+    ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) account $userName.\n" );
+
 
 # Release lock if we have one
 $lock && esmith::lockfile::UnlockFile($lock);
@@ -123,17 +122,14 @@ $lock && esmith::lockfile::UnlockFile($l
 
 chmod 0700, "/home/e-smith/files/users/$userName";
 
-if ($ldapauth eq 'enabled')
-{
-    system("/usr/sbin/cpu", "usermod", "-L", "$userName")
-        and warn("Could not lock password for $userName\n");
-}
-else
+if ($ldapauth ne 'enabled')
 {
     system("/usr/bin/passwd", "-l", "$userName")
-        and warn("Could not lock password for $userName\n");
+        and ( $x = 255, warn "Could not lock (unix) password for $userName\n" );
 }
+system("/usr/sbin/cpu", "usermod", "-L", "$userName")
+    and ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Could not lock (ldap) password for $userName\n" );
 system("/usr/bin/smbpasswd", "-a", "-d", "$userName")
-    and warn("Could not lock smb password for $userName\n");;
+    and ( $x = 255, warn "Could not lock (smb) password for $userName\n" );
 
-exit (0);
+exit ($x);
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix.better-ldap     2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix 2010-11-02 13:15:38.000000000 -0600
@@ -32,6 +32,7 @@ my $conf = esmith::ConfigDB->open_ro
     or die "Could not open Config DB";
 
 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = $ARGV [0];
 my $userName = $ARGV [1];
@@ -42,23 +43,21 @@ my $userName = $ARGV [1];
 
 die "Username argument missing." unless defined ($userName);
 
-if ($ldapauth eq 'enabled')
-{
-    system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0
-        or die "Failed to delete account $userName.\n";
-
-    system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0
-        or die "Failed to delete group account $userName.\n";
-}
-else
+if ($ldapauth ne 'enabled')
 {
     esmith::util::cancelUserPassword ($userName);
 
     my $discard = `/usr/sbin/userdel -r '$userName'`;
     if ($? != 0)
     {
-        die "Failed to delete account $userName.\n";
+        ( $x = 255, warn "Failed to delete (unix) account $userName.\n" );
     }
 }
 
-exit (0);
+system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0
+    or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) account $userName.\n" );
+
+system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0
+    or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group account $userName.\n" );
+
+exit ($x);
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd.better-ldap     2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd 2010-11-02 13:16:30.000000000 -0600
@@ -30,6 +30,7 @@ my $a = esmith::AccountsDB->open or die 
 my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
 
 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = $ARGV [0];
 
@@ -53,18 +54,15 @@ sub lock_user
 
     my $u = $a->get($userName) or die "No account record for user $userName";
 
-    if ($ldapauth eq 'enabled')
-    {
-        system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0
-            or die "Error running /usr/sbin/cpu usermod -L command to lock account $userName";
-    }
-    else
+    if ($ldapauth ne 'enabled')
     {
         system("/usr/bin/passwd", "-l", $userName) == 0
-            or die "Error running /usr/bin/passwd command to lock account $userName";
+            or ( $x = 255, warn "Error locking (unix) account $userName" );
     }
+    system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0
+        or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Error locking (ldap) account $userName" );
     system("/usr/bin/smbpasswd", "-d", $userName) == 0
-        or die "Error running /usr/bin/smbpasswd command to lock account $userName";
+        or ( $x = 255, warn "Error locking (smb) account $userName" );
     $u->set_prop('PasswordSet', 'no');
 
     if ($userName eq 'admin')
@@ -97,3 +95,5 @@ sub bad_password_users
 
     return @users;
 }
+
+exit ($x);
diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix.better-ldap     2010-11-02 13:08:16.000000000 -0600
+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix 2010-11-02 13:17:03.000000000 -0600
@@ -26,6 +26,7 @@ use esmith::ConfigDB;
 my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
 
 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
 
 my $event = $ARGV [0];
 my $userName = $ARGV [1];
@@ -72,11 +73,7 @@ foreach my $u (@users)
     @groupList = grep (!/^$userName$/, @groupList);
 
     # root user/group isn't in ldap
-    if ($ldapauth eq 'enabled')
-    {
-        @groupList = grep (!/^root$/, @groupList);
-    }
-
+    @groupList = grep (!/^root$/, @groupList);
     $groups = join (',', sort (@groupList));
 
     setpwent;
@@ -92,16 +89,14 @@ foreach my $u (@users)
     #------------------------------------------------------------
     unless ($shell eq $new_shell)
     {
-        if ($ldapauth eq 'enabled')
-        {
-            system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", "-G", "$groups", $userName) == 0
-                or die "Failed to modify shell of account $userName.\n";
-        }
-        else
+        if ($ldapauth ne 'enabled')
         {
             system("/usr/sbin/usermod", '-s', "$new_shell", $userName) == 0
-                or die "Failed to modify shell of account $userName.\n";
+                or ( $x = 255, warn "Failed to modify shell of (unix) account $userName.\n" );
         }
+
+        system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", "-G", "$groups", $userName) == 0
+            or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify shell of (ldap) account $userName.\n" );
     }
 
     #------------------------------------------------------------
@@ -114,17 +109,15 @@ foreach my $u (@users)
 
     unless ($comment eq $new_comment)
     {
-        if ($ldapauth eq 'enabled')
-        {
-            system("/usr/sbin/cpu", "usermod", "-c", "$first $last", "-G", "$groups", $userName) == 0
-                or die "Failed to modify comment of account $userName.\n";
-        }
-        else
+        if ($ldapauth ne 'enabled')
         {
             system("/usr/sbin/usermod", "-c", "$first $last", $userName) == 0
-                or die "Failed to modify comment of account $userName.\n";
+                or ( $x = 255, warn "Failed to modify comment of (unix) account $userName.\n" );
         }
+
+        system("/usr/sbin/cpu", "usermod", "-c", "$first $last", "-G", "$groups", $userName) == 0
+            or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify comment of (ldap) account $userName.\n" );
     }
 }
 
-exit (0);
+exit ($x);
1	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix
2	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
3	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix 2010-11-02 13:10:24.000000000 -0600
4	@@ -34,6 +34,7 @@ my $accounts = esmith::AccountsDB->open
5	or die "Could not open accounts DB";
6
7	my $ldapauth = $conf->get('ldap')->prop('Authentication') \|\| 'disabled';
8	+my $x = 0; # exit value
9
10	my $event = $ARGV [0];
11	my $groupName = $ARGV [1];
12	@@ -68,36 +69,14 @@ unless ($gid = $group->prop('Gid'))
13	my $uid = $group->prop('Uid');
14	my $description = $group->prop('Description') \|\| '';
15
16	-if ($ldapauth eq 'enabled')
17	-{
18	- # Create the user's unique group first
19	- system(
20	- "/usr/sbin/cpu", "groupadd",
21	- "-g", $gid,
22	- $groupName
23	- ) == 0 or die "Failed to create group $groupName.\n";
24	-
25	- # Now create the dummy user account
26	- system(
27	- "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
28	- "-u", $uid,
29	- "-g", $gid,
30	- "-c", $description,
31	- "-d",
32	- "/home/e-smith",
33	- "-s",
34	- "/bin/false",
35	- "$groupName"
36	- ) == 0 or die "Failed to create user $groupName.\n";
37	-}
38	-else
39	+if ($ldapauth ne 'enabled')
40	{
41	# Create the user's unique group first
42	system(
43	"/usr/sbin/groupadd",
44	"-g", $gid,
45	$groupName
46	- ) == 0 or die "Failed to create group $groupName.\n";
47	+ ) == 0 or ( $x = 255, warn "Failed to create (unix) group $groupName.\n" );
48
49	# Now create the dummy user account
50	system(
51	@@ -110,9 +89,29 @@ else
52	"-s",
53	"/bin/false",
54	"$groupName"
55	- ) == 0 or die "Failed to create user $groupName.\n";
56	+ ) == 0 or ( $x = 255, warn "Failed to create (unix) user $groupName.\n" );
57	}
58
59	+# Create the user's unique group first (in ldap)
60	+system(
61	+ "/usr/sbin/cpu", "groupadd",
62	+ "-g", $gid,
63	+ $groupName
64	+ ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $groupName.\n" );
65	+
66	+# Now create the dummy user account (in ldap)
67	+system(
68	+ "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
69	+ "-u", $uid,
70	+ "-g", $gid,
71	+ "-c", $description,
72	+ "-d",
73	+ "/home/e-smith",
74	+ "-s",
75	+ "/bin/false",
76	+ "$groupName"
77	+ ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) user $groupName.\n" );
78	+
79	# Release lock if we have one
80	$lock && esmith::lockfile::UnlockFile($lock);
81
82	@@ -148,26 +147,22 @@ foreach $member (@groupMembers)
83	my @groupList = split (/\s+/, $groups);
84	@groupList = grep (!/^$member$/, @groupList);
85
86	- # root user/group isn't in ldap
87	- if ($ldapauth eq 'enabled')
88	- {
89	- @groupList = grep (!/^root$/, @groupList);
90	- }
91	-
92	push @groupList, $groupName;
93
94	$groups = join (',', sort (@groupList));
95
96	- if ($ldapauth eq 'enabled')
97	- {
98	- system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
99	- or die "Failed to modify supplementary group list for $member.\n";
100	- }
101	- else
102	+ if ($ldapauth ne 'enabled')
103	{
104	system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0
105	- or die "Failed to modify supplementary group list for $member.\n";
106	+ or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" );
107	}
108	+
109	+ # root user/group isn't in ldap
110	+ @groupList = grep (!/^root$/, @groupList);
111	+ $groups = join (',', sort (@groupList));
112	+
113	+ system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
114	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" );
115	}
116
117	-exit (0);
118	+exit ($x);
119	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix
120	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
121	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix 2010-11-02 13:12:39.000000000 -0600
122	@@ -31,25 +31,24 @@ my $conf = esmith::ConfigDB->open_ro
123	or die "Could not open Config DB";
124
125	my $ldapauth = $conf->get('ldap')->prop('Authentication') \|\| 'disabled';
126	+my $x = 0; # exit value
127
128	my $event = $ARGV [0];
129	my $groupName = $ARGV [1] or die "Groupname argument missing.";
130
131	-if ($ldapauth eq 'enabled')
132	-{
133	- system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0
134	- or die "Failed to delete dummy user for group $groupName.\n";
135	-
136	- system("/usr/sbin/cpu", "groupdel", "$groupName") == 0
137	- or die "Failed to delete group $groupName.\n";
138	-}
139	-else
140	+if ($ldapauth ne 'enabled')
141	{
142	system("/usr/sbin/userdel", "$groupName") == 0
143	- or die "Failed to delete dummy user for group $groupName.\n";
144	+ or ( $x = 255, warn "Failed to delete dummy user for (unix) group $groupName.\n" );
145
146	system("/usr/sbin/groupdel", "$groupName") == 0
147	- or die "Failed to delete group $groupName.\n";
148	+ or ( $x = 255, warn "Failed to delete (unix) group $groupName.\n" );
149	}
150
151	-exit (0);
152	+system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0
153	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete dummy user for (ldap) group $groupName.\n" );
154	+
155	+system("/usr/sbin/cpu", "groupdel", "$groupName") == 0
156	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group $groupName.\n" );
157	+
158	+exit ($x);
159	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix
160	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
161	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix 2010-11-02 13:13:15.000000000 -0600
162	@@ -32,6 +32,7 @@ my $c = esmith::ConfigDB->open_ro \|\| die
163	my $a = esmith::AccountsDB->open_ro \|\| die "Couldn't open accounts db\n";
164
165	my $ldapauth = $c->get('ldap')->prop('Authentication') \|\| 'disabled';
166	+my $x = 0; # exit value
167
168	my $event = shift \|\| die "Event name arg missing\n";;
169	my @groups;
170	@@ -66,17 +67,15 @@ foreach my $group (@groups)
171	my $groupDesc = $properties{'Description'}
172	if (defined $properties{'Description'});
173
174	- if ($ldapauth eq 'enabled')
175	- {
176	- system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", "$groupDesc", "$groupName") == 0
177	- or die "Failed to modify group description for $groupName.\n";
178	- }
179	- else
180	+ if ($ldapauth ne 'enabled')
181	{
182	system("/usr/sbin/usermod", "-c", "$groupDesc", "$groupName") == 0
183	- or die "Failed to modify group description for $groupName.\n";
184	+ or ( $x = 255, warn "Failed to modify (unix) group description for $groupName.\n" );
185	}
186
187	+ system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", "$groupDesc", "$groupName") == 0
188	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify (ldap) group description for $groupName.\n" );
189	+
190	my ($name, $passwd, $gid, $members) = getgrnam ($groupName);
191	my @oldMembers = split (/\s+/, $members);
192	my @newMembers = split (/,/, $properties {'Members'});
193	@@ -121,12 +120,6 @@ foreach my $group (@groups)
194	my @groupList = split (/\s+/, $groups);
195	@groupList = grep (!/^$member$/, @groupList);
196
197	- # root user/group isn't in ldap
198	- if ($ldapauth eq 'enabled')
199	- {
200	- @groupList = grep (!/^root$/, @groupList);
201	- }
202	-
203	if ($oldMembers{$member})
204	{
205	@groupList = grep (!/^$groupName$/, @groupList);
206	@@ -137,17 +130,19 @@ foreach my $group (@groups)
207	}
208	$groups = join (',', sort (@groupList));
209
210	- if ($ldapauth eq 'enabled')
211	- {
212	- system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
213	- or die "Failed to modify supplementary group list for $member.\n";
214	- }
215	- else
216	+ if ($ldapauth ne 'enabled')
217	{
218	system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0
219	- or die "Failed to modify supplementary group list for $member.\n";
220	+ or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" );
221	}
222	+
223	+ # root user/group isn't in ldap
224	+ @groupList = grep (!/^root$/, @groupList);
225	+ $groups = join (',', sort (@groupList));
226	+
227	+ system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
228	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" );
229	}
230	}
231
232	-exit (0);
233	+exit ($x);
234	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/init-accounts.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/init-accounts
235	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix
236	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
237	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix 2010-11-02 13:15:06.000000000 -0600
238	@@ -32,6 +32,7 @@ my $conf = esmith::ConfigDB->open_ro;
239	my $accounts = esmith::AccountsDB->open;
240
241	my $ldapauth = $conf->get('ldap')->prop('Authentication') \|\| 'disabled';
242	+my $x = 0; # exit value
243
244	my $event = $ARGV [0];
245	my $userName = $ARGV [1];
246	@@ -64,33 +65,7 @@ my $last = $acct->prop('LastName') \|\| ''
247	my $shell = $acct->prop('Shell') \|\| '/usr/bin/rssh';
248
249
250	-if ($ldapauth eq 'enabled')
251	-{
252	- # Create the user's unique group first
253	- system(
254	- "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
255	- "-g",
256	- $gid,
257	- $userName
258	- ) == 0 or die "Failed to create group $userName.\n";
259	-
260	- # Now create the user account
261	- system(
262	- "/usr/sbin/cpu", "useradd",
263	- "-u", $uid,
264	- "-g", $uid,
265	- "-c", "$first $last",
266	- "-f", "$first",
267	- "-E", "$last",
268	- "-d", "/home/e-smith/files/users/$userName",
269	- "-G", "shared",
270	- "-m",
271	- "-k/etc/e-smith/skel/user",
272	- "-s", "$shell",
273	- $userName
274	- ) == 0 or die "Failed to create account $userName.\n";
275	-}
276	-else
277	+if ($ldapauth ne 'enabled')
278	{
279	# Create the user's unique group first
280	system(
281	@@ -98,7 +73,7 @@ else
282	"-g",
283	$gid,
284	$userName
285	- ) == 0 or die "Failed to create group $userName.\n";
286	+ ) == 0 or ( $x = 255, warn "Failed to create (unix) group $userName.\n" );
287
288	# Now create the user account
289	system(
290	@@ -112,9 +87,33 @@ else
291	"-k", "/etc/e-smith/skel/user",
292	"-s", "$shell",
293	$userName
294	- ) == 0 or die "Failed to create account $userName.\n";
295	+ ) == 0 or ( $x = 255, warn "Failed to create (unix) account $userName.\n" );
296	}
297
298	+# Create the user's unique group first (in ldap)
299	+system(
300	+ "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
301	+ "-g",
302	+ $gid,
303	+ $userName
304	+ ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $userName.\n" );
305	+
306	+# Now create the user account (in ldap)
307	+system(
308	+ "/usr/sbin/cpu", "useradd",
309	+ "-u", $uid,
310	+ "-g", $uid,
311	+ "-c", "$first $last",
312	+ "-f", "$first",
313	+ "-E", "$last",
314	+ "-d", "/home/e-smith/files/users/$userName",
315	+ "-G", "shared",
316	+ "-m",
317	+ "-k/etc/e-smith/skel/user",
318	+ "-s", "$shell",
319	+ $userName
320	+ ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) account $userName.\n" );
321	+
322
323	# Release lock if we have one
324	$lock && esmith::lockfile::UnlockFile($lock);
325	@@ -123,17 +122,14 @@ $lock && esmith::lockfile::UnlockFile($l
326
327	chmod 0700, "/home/e-smith/files/users/$userName";
328
329	-if ($ldapauth eq 'enabled')
330	-{
331	- system("/usr/sbin/cpu", "usermod", "-L", "$userName")
332	- and warn("Could not lock password for $userName\n");
333	-}
334	-else
335	+if ($ldapauth ne 'enabled')
336	{
337	system("/usr/bin/passwd", "-l", "$userName")
338	- and warn("Could not lock password for $userName\n");
339	+ and ( $x = 255, warn "Could not lock (unix) password for $userName\n" );
340	}
341	+system("/usr/sbin/cpu", "usermod", "-L", "$userName")
342	+ and ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Could not lock (ldap) password for $userName\n" );
343	system("/usr/bin/smbpasswd", "-a", "-d", "$userName")
344	- and warn("Could not lock smb password for $userName\n");;
345	+ and ( $x = 255, warn "Could not lock (smb) password for $userName\n" );
346
347	-exit (0);
348	+exit ($x);
349	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix
350	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
351	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix 2010-11-02 13:15:38.000000000 -0600
352	@@ -32,6 +32,7 @@ my $conf = esmith::ConfigDB->open_ro
353	or die "Could not open Config DB";
354
355	my $ldapauth = $conf->get('ldap')->prop('Authentication') \|\| 'disabled';
356	+my $x = 0; # exit value
357
358	my $event = $ARGV [0];
359	my $userName = $ARGV [1];
360	@@ -42,23 +43,21 @@ my $userName = $ARGV [1];
361
362	die "Username argument missing." unless defined ($userName);
363
364	-if ($ldapauth eq 'enabled')
365	-{
366	- system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0
367	- or die "Failed to delete account $userName.\n";
368	-
369	- system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0
370	- or die "Failed to delete group account $userName.\n";
371	-}
372	-else
373	+if ($ldapauth ne 'enabled')
374	{
375	esmith::util::cancelUserPassword ($userName);
376
377	my $discard = `/usr/sbin/userdel -r '$userName'`;
378	if ($? != 0)
379	{
380	- die "Failed to delete account $userName.\n";
381	+ ( $x = 255, warn "Failed to delete (unix) account $userName.\n" );
382	}
383	}
384
385	-exit (0);
386	+system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0
387	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) account $userName.\n" );
388	+
389	+system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0
390	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group account $userName.\n" );
391	+
392	+exit ($x);
393	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd
394	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd.better-ldap 2010-11-02 13:08:16.000000000 -0600
395	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd 2010-11-02 13:16:30.000000000 -0600
396	@@ -30,6 +30,7 @@ my $a = esmith::AccountsDB->open or die
397	my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
398
399	my $ldapauth = $conf->get('ldap')->prop('Authentication') \|\| 'disabled';
400	+my $x = 0; # exit value
401
402	my $event = $ARGV [0];
403
404	@@ -53,18 +54,15 @@ sub lock_user
405
406	my $u = $a->get($userName) or die "No account record for user $userName";
407
408	- if ($ldapauth eq 'enabled')
409	- {
410	- system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0
411	- or die "Error running /usr/sbin/cpu usermod -L command to lock account $userName";
412	- }
413	- else
414	+ if ($ldapauth ne 'enabled')
415	{
416	system("/usr/bin/passwd", "-l", $userName) == 0
417	- or die "Error running /usr/bin/passwd command to lock account $userName";
418	+ or ( $x = 255, warn "Error locking (unix) account $userName" );
419	}
420	+ system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0
421	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Error locking (ldap) account $userName" );
422	system("/usr/bin/smbpasswd", "-d", $userName) == 0
423	- or die "Error running /usr/bin/smbpasswd command to lock account $userName";
424	+ or ( $x = 255, warn "Error locking (smb) account $userName" );
425	$u->set_prop('PasswordSet', 'no');
426
427	if ($userName eq 'admin')
428	@@ -97,3 +95,5 @@ sub bad_password_users
429
430	return @users;
431	}
432	+
433	+exit ($x);
434	diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix
435	--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
436	+++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix 2010-11-02 13:17:03.000000000 -0600
437	@@ -26,6 +26,7 @@ use esmith::ConfigDB;
438	my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
439
440	my $ldapauth = $conf->get('ldap')->prop('Authentication') \|\| 'disabled';
441	+my $x = 0; # exit value
442
443	my $event = $ARGV [0];
444	my $userName = $ARGV [1];
445	@@ -72,11 +73,7 @@ foreach my $u (@users)
446	@groupList = grep (!/^$userName$/, @groupList);
447
448	# root user/group isn't in ldap
449	- if ($ldapauth eq 'enabled')
450	- {
451	- @groupList = grep (!/^root$/, @groupList);
452	- }
453	-
454	+ @groupList = grep (!/^root$/, @groupList);
455	$groups = join (',', sort (@groupList));
456
457	setpwent;
458	@@ -92,16 +89,14 @@ foreach my $u (@users)
459	#------------------------------------------------------------
460	unless ($shell eq $new_shell)
461	{
462	- if ($ldapauth eq 'enabled')
463	- {
464	- system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", "-G", "$groups", $userName) == 0
465	- or die "Failed to modify shell of account $userName.\n";
466	- }
467	- else
468	+ if ($ldapauth ne 'enabled')
469	{
470	system("/usr/sbin/usermod", '-s', "$new_shell", $userName) == 0
471	- or die "Failed to modify shell of account $userName.\n";
472	+ or ( $x = 255, warn "Failed to modify shell of (unix) account $userName.\n" );
473	}
474	+
475	+ system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", "-G", "$groups", $userName) == 0
476	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify shell of (ldap) account $userName.\n" );
477	}
478
479	#------------------------------------------------------------
480	@@ -114,17 +109,15 @@ foreach my $u (@users)
481
482	unless ($comment eq $new_comment)
483	{
484	- if ($ldapauth eq 'enabled')
485	- {
486	- system("/usr/sbin/cpu", "usermod", "-c", "$first $last", "-G", "$groups", $userName) == 0
487	- or die "Failed to modify comment of account $userName.\n";
488	- }
489	- else
490	+ if ($ldapauth ne 'enabled')
491	{
492	system("/usr/sbin/usermod", "-c", "$first $last", $userName) == 0
493	- or die "Failed to modify comment of account $userName.\n";
494	+ or ( $x = 255, warn "Failed to modify comment of (unix) account $userName.\n" );
495	}
496	+
497	+ system("/usr/sbin/cpu", "usermod", "-c", "$first $last", "-G", "$groups", $userName) == 0
498	+ or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify comment of (ldap) account $userName.\n" );
499	}
500	}
501
502	-exit (0);
503	+exit ($x);