/[smeserver]/rpms/e-smith-base/sme8/e-smith-base-5.2.0-better-ldap.patch
ViewVC logotype

Contents of /rpms/e-smith-base/sme8/e-smith-base-5.2.0-better-ldap.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.4 - (show annotations) (download)
Tue Feb 18 06:21:34 2014 UTC (10 years, 8 months ago) by wellsi
Branch: MAIN
CVS Tags: HEAD
Changes since 1.3: +0 -0 lines
FILE REMOVED
Remove obsolete patch files

1 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix
2 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
3 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-create-unix 2010-11-02 13:10:24.000000000 -0600
4 @@ -34,6 +34,7 @@ my $accounts = esmith::AccountsDB->open
5 or die "Could not open accounts DB";
6
7 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
8 +my $x = 0; # exit value
9
10 my $event = $ARGV [0];
11 my $groupName = $ARGV [1];
12 @@ -68,36 +69,14 @@ unless ($gid = $group->prop('Gid'))
13 my $uid = $group->prop('Uid');
14 my $description = $group->prop('Description') || '';
15
16 -if ($ldapauth eq 'enabled')
17 -{
18 - # Create the user's unique group first
19 - system(
20 - "/usr/sbin/cpu", "groupadd",
21 - "-g", $gid,
22 - $groupName
23 - ) == 0 or die "Failed to create group $groupName.\n";
24 -
25 - # Now create the dummy user account
26 - system(
27 - "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
28 - "-u", $uid,
29 - "-g", $gid,
30 - "-c", $description,
31 - "-d",
32 - "/home/e-smith",
33 - "-s",
34 - "/bin/false",
35 - "$groupName"
36 - ) == 0 or die "Failed to create user $groupName.\n";
37 -}
38 -else
39 +if ($ldapauth ne 'enabled')
40 {
41 # Create the user's unique group first
42 system(
43 "/usr/sbin/groupadd",
44 "-g", $gid,
45 $groupName
46 - ) == 0 or die "Failed to create group $groupName.\n";
47 + ) == 0 or ( $x = 255, warn "Failed to create (unix) group $groupName.\n" );
48
49 # Now create the dummy user account
50 system(
51 @@ -110,9 +89,29 @@ else
52 "-s",
53 "/bin/false",
54 "$groupName"
55 - ) == 0 or die "Failed to create user $groupName.\n";
56 + ) == 0 or ( $x = 255, warn "Failed to create (unix) user $groupName.\n" );
57 }
58
59 +# Create the user's unique group first (in ldap)
60 +system(
61 + "/usr/sbin/cpu", "groupadd",
62 + "-g", $gid,
63 + $groupName
64 + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $groupName.\n" );
65 +
66 +# Now create the dummy user account (in ldap)
67 +system(
68 + "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
69 + "-u", $uid,
70 + "-g", $gid,
71 + "-c", $description,
72 + "-d",
73 + "/home/e-smith",
74 + "-s",
75 + "/bin/false",
76 + "$groupName"
77 + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) user $groupName.\n" );
78 +
79 # Release lock if we have one
80 $lock && esmith::lockfile::UnlockFile($lock);
81
82 @@ -148,26 +147,22 @@ foreach $member (@groupMembers)
83 my @groupList = split (/\s+/, $groups);
84 @groupList = grep (!/^$member$/, @groupList);
85
86 - # root user/group isn't in ldap
87 - if ($ldapauth eq 'enabled')
88 - {
89 - @groupList = grep (!/^root$/, @groupList);
90 - }
91 -
92 push @groupList, $groupName;
93
94 $groups = join (',', sort (@groupList));
95
96 - if ($ldapauth eq 'enabled')
97 - {
98 - system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
99 - or die "Failed to modify supplementary group list for $member.\n";
100 - }
101 - else
102 + if ($ldapauth ne 'enabled')
103 {
104 system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0
105 - or die "Failed to modify supplementary group list for $member.\n";
106 + or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" );
107 }
108 +
109 + # root user/group isn't in ldap
110 + @groupList = grep (!/^root$/, @groupList);
111 + $groups = join (',', sort (@groupList));
112 +
113 + system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
114 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" );
115 }
116
117 -exit (0);
118 +exit ($x);
119 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix
120 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
121 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-delete-unix 2010-11-02 13:12:39.000000000 -0600
122 @@ -31,25 +31,24 @@ my $conf = esmith::ConfigDB->open_ro
123 or die "Could not open Config DB";
124
125 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
126 +my $x = 0; # exit value
127
128 my $event = $ARGV [0];
129 my $groupName = $ARGV [1] or die "Groupname argument missing.";
130
131 -if ($ldapauth eq 'enabled')
132 -{
133 - system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0
134 - or die "Failed to delete dummy user for group $groupName.\n";
135 -
136 - system("/usr/sbin/cpu", "groupdel", "$groupName") == 0
137 - or die "Failed to delete group $groupName.\n";
138 -}
139 -else
140 +if ($ldapauth ne 'enabled')
141 {
142 system("/usr/sbin/userdel", "$groupName") == 0
143 - or die "Failed to delete dummy user for group $groupName.\n";
144 + or ( $x = 255, warn "Failed to delete dummy user for (unix) group $groupName.\n" );
145
146 system("/usr/sbin/groupdel", "$groupName") == 0
147 - or die "Failed to delete group $groupName.\n";
148 + or ( $x = 255, warn "Failed to delete (unix) group $groupName.\n" );
149 }
150
151 -exit (0);
152 +system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0
153 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete dummy user for (ldap) group $groupName.\n" );
154 +
155 +system("/usr/sbin/cpu", "groupdel", "$groupName") == 0
156 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group $groupName.\n" );
157 +
158 +exit ($x);
159 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix
160 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
161 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/group-modify-unix 2010-11-02 13:13:15.000000000 -0600
162 @@ -32,6 +32,7 @@ my $c = esmith::ConfigDB->open_ro || die
163 my $a = esmith::AccountsDB->open_ro || die "Couldn't open accounts db\n";
164
165 my $ldapauth = $c->get('ldap')->prop('Authentication') || 'disabled';
166 +my $x = 0; # exit value
167
168 my $event = shift || die "Event name arg missing\n";;
169 my @groups;
170 @@ -66,17 +67,15 @@ foreach my $group (@groups)
171 my $groupDesc = $properties{'Description'}
172 if (defined $properties{'Description'});
173
174 - if ($ldapauth eq 'enabled')
175 - {
176 - system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", "$groupDesc", "$groupName") == 0
177 - or die "Failed to modify group description for $groupName.\n";
178 - }
179 - else
180 + if ($ldapauth ne 'enabled')
181 {
182 system("/usr/sbin/usermod", "-c", "$groupDesc", "$groupName") == 0
183 - or die "Failed to modify group description for $groupName.\n";
184 + or ( $x = 255, warn "Failed to modify (unix) group description for $groupName.\n" );
185 }
186
187 + system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", "$groupDesc", "$groupName") == 0
188 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify (ldap) group description for $groupName.\n" );
189 +
190 my ($name, $passwd, $gid, $members) = getgrnam ($groupName);
191 my @oldMembers = split (/\s+/, $members);
192 my @newMembers = split (/,/, $properties {'Members'});
193 @@ -121,12 +120,6 @@ foreach my $group (@groups)
194 my @groupList = split (/\s+/, $groups);
195 @groupList = grep (!/^$member$/, @groupList);
196
197 - # root user/group isn't in ldap
198 - if ($ldapauth eq 'enabled')
199 - {
200 - @groupList = grep (!/^root$/, @groupList);
201 - }
202 -
203 if ($oldMembers{$member})
204 {
205 @groupList = grep (!/^$groupName$/, @groupList);
206 @@ -137,17 +130,19 @@ foreach my $group (@groups)
207 }
208 $groups = join (',', sort (@groupList));
209
210 - if ($ldapauth eq 'enabled')
211 - {
212 - system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
213 - or die "Failed to modify supplementary group list for $member.\n";
214 - }
215 - else
216 + if ($ldapauth ne 'enabled')
217 {
218 system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0
219 - or die "Failed to modify supplementary group list for $member.\n";
220 + or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" );
221 }
222 +
223 + # root user/group isn't in ldap
224 + @groupList = grep (!/^root$/, @groupList);
225 + $groups = join (',', sort (@groupList));
226 +
227 + system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0
228 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" );
229 }
230 }
231
232 -exit (0);
233 +exit ($x);
234 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/init-accounts.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/init-accounts
235 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix
236 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
237 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-create-unix 2010-11-02 13:15:06.000000000 -0600
238 @@ -32,6 +32,7 @@ my $conf = esmith::ConfigDB->open_ro;
239 my $accounts = esmith::AccountsDB->open;
240
241 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
242 +my $x = 0; # exit value
243
244 my $event = $ARGV [0];
245 my $userName = $ARGV [1];
246 @@ -64,33 +65,7 @@ my $last = $acct->prop('LastName') || ''
247 my $shell = $acct->prop('Shell') || '/usr/bin/rssh';
248
249
250 -if ($ldapauth eq 'enabled')
251 -{
252 - # Create the user's unique group first
253 - system(
254 - "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
255 - "-g",
256 - $gid,
257 - $userName
258 - ) == 0 or die "Failed to create group $userName.\n";
259 -
260 - # Now create the user account
261 - system(
262 - "/usr/sbin/cpu", "useradd",
263 - "-u", $uid,
264 - "-g", $uid,
265 - "-c", "$first $last",
266 - "-f", "$first",
267 - "-E", "$last",
268 - "-d", "/home/e-smith/files/users/$userName",
269 - "-G", "shared",
270 - "-m",
271 - "-k/etc/e-smith/skel/user",
272 - "-s", "$shell",
273 - $userName
274 - ) == 0 or die "Failed to create account $userName.\n";
275 -}
276 -else
277 +if ($ldapauth ne 'enabled')
278 {
279 # Create the user's unique group first
280 system(
281 @@ -98,7 +73,7 @@ else
282 "-g",
283 $gid,
284 $userName
285 - ) == 0 or die "Failed to create group $userName.\n";
286 + ) == 0 or ( $x = 255, warn "Failed to create (unix) group $userName.\n" );
287
288 # Now create the user account
289 system(
290 @@ -112,9 +87,33 @@ else
291 "-k", "/etc/e-smith/skel/user",
292 "-s", "$shell",
293 $userName
294 - ) == 0 or die "Failed to create account $userName.\n";
295 + ) == 0 or ( $x = 255, warn "Failed to create (unix) account $userName.\n" );
296 }
297
298 +# Create the user's unique group first (in ldap)
299 +system(
300 + "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
301 + "-g",
302 + $gid,
303 + $userName
304 + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $userName.\n" );
305 +
306 +# Now create the user account (in ldap)
307 +system(
308 + "/usr/sbin/cpu", "useradd",
309 + "-u", $uid,
310 + "-g", $uid,
311 + "-c", "$first $last",
312 + "-f", "$first",
313 + "-E", "$last",
314 + "-d", "/home/e-smith/files/users/$userName",
315 + "-G", "shared",
316 + "-m",
317 + "-k/etc/e-smith/skel/user",
318 + "-s", "$shell",
319 + $userName
320 + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) account $userName.\n" );
321 +
322
323 # Release lock if we have one
324 $lock && esmith::lockfile::UnlockFile($lock);
325 @@ -123,17 +122,14 @@ $lock && esmith::lockfile::UnlockFile($l
326
327 chmod 0700, "/home/e-smith/files/users/$userName";
328
329 -if ($ldapauth eq 'enabled')
330 -{
331 - system("/usr/sbin/cpu", "usermod", "-L", "$userName")
332 - and warn("Could not lock password for $userName\n");
333 -}
334 -else
335 +if ($ldapauth ne 'enabled')
336 {
337 system("/usr/bin/passwd", "-l", "$userName")
338 - and warn("Could not lock password for $userName\n");
339 + and ( $x = 255, warn "Could not lock (unix) password for $userName\n" );
340 }
341 +system("/usr/sbin/cpu", "usermod", "-L", "$userName")
342 + and ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Could not lock (ldap) password for $userName\n" );
343 system("/usr/bin/smbpasswd", "-a", "-d", "$userName")
344 - and warn("Could not lock smb password for $userName\n");;
345 + and ( $x = 255, warn "Could not lock (smb) password for $userName\n" );
346
347 -exit (0);
348 +exit ($x);
349 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix
350 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
351 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-delete-unix 2010-11-02 13:15:38.000000000 -0600
352 @@ -32,6 +32,7 @@ my $conf = esmith::ConfigDB->open_ro
353 or die "Could not open Config DB";
354
355 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
356 +my $x = 0; # exit value
357
358 my $event = $ARGV [0];
359 my $userName = $ARGV [1];
360 @@ -42,23 +43,21 @@ my $userName = $ARGV [1];
361
362 die "Username argument missing." unless defined ($userName);
363
364 -if ($ldapauth eq 'enabled')
365 -{
366 - system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0
367 - or die "Failed to delete account $userName.\n";
368 -
369 - system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0
370 - or die "Failed to delete group account $userName.\n";
371 -}
372 -else
373 +if ($ldapauth ne 'enabled')
374 {
375 esmith::util::cancelUserPassword ($userName);
376
377 my $discard = `/usr/sbin/userdel -r '$userName'`;
378 if ($? != 0)
379 {
380 - die "Failed to delete account $userName.\n";
381 + ( $x = 255, warn "Failed to delete (unix) account $userName.\n" );
382 }
383 }
384
385 -exit (0);
386 +system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0
387 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) account $userName.\n" );
388 +
389 +system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0
390 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group account $userName.\n" );
391 +
392 +exit ($x);
393 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd
394 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd.better-ldap 2010-11-02 13:08:16.000000000 -0600
395 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-lock-passwd 2010-11-02 13:16:30.000000000 -0600
396 @@ -30,6 +30,7 @@ my $a = esmith::AccountsDB->open or die
397 my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
398
399 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
400 +my $x = 0; # exit value
401
402 my $event = $ARGV [0];
403
404 @@ -53,18 +54,15 @@ sub lock_user
405
406 my $u = $a->get($userName) or die "No account record for user $userName";
407
408 - if ($ldapauth eq 'enabled')
409 - {
410 - system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0
411 - or die "Error running /usr/sbin/cpu usermod -L command to lock account $userName";
412 - }
413 - else
414 + if ($ldapauth ne 'enabled')
415 {
416 system("/usr/bin/passwd", "-l", $userName) == 0
417 - or die "Error running /usr/bin/passwd command to lock account $userName";
418 + or ( $x = 255, warn "Error locking (unix) account $userName" );
419 }
420 + system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0
421 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Error locking (ldap) account $userName" );
422 system("/usr/bin/smbpasswd", "-d", $userName) == 0
423 - or die "Error running /usr/bin/smbpasswd command to lock account $userName";
424 + or ( $x = 255, warn "Error locking (smb) account $userName" );
425 $u->set_prop('PasswordSet', 'no');
426
427 if ($userName eq 'admin')
428 @@ -97,3 +95,5 @@ sub bad_password_users
429
430 return @users;
431 }
432 +
433 +exit ($x);
434 diff -up e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix.better-ldap e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix
435 --- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix.better-ldap 2010-11-02 13:08:16.000000000 -0600
436 +++ e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix 2010-11-02 13:17:03.000000000 -0600
437 @@ -26,6 +26,7 @@ use esmith::ConfigDB;
438 my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
439
440 my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
441 +my $x = 0; # exit value
442
443 my $event = $ARGV [0];
444 my $userName = $ARGV [1];
445 @@ -72,11 +73,7 @@ foreach my $u (@users)
446 @groupList = grep (!/^$userName$/, @groupList);
447
448 # root user/group isn't in ldap
449 - if ($ldapauth eq 'enabled')
450 - {
451 - @groupList = grep (!/^root$/, @groupList);
452 - }
453 -
454 + @groupList = grep (!/^root$/, @groupList);
455 $groups = join (',', sort (@groupList));
456
457 setpwent;
458 @@ -92,16 +89,14 @@ foreach my $u (@users)
459 #------------------------------------------------------------
460 unless ($shell eq $new_shell)
461 {
462 - if ($ldapauth eq 'enabled')
463 - {
464 - system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", "-G", "$groups", $userName) == 0
465 - or die "Failed to modify shell of account $userName.\n";
466 - }
467 - else
468 + if ($ldapauth ne 'enabled')
469 {
470 system("/usr/sbin/usermod", '-s', "$new_shell", $userName) == 0
471 - or die "Failed to modify shell of account $userName.\n";
472 + or ( $x = 255, warn "Failed to modify shell of (unix) account $userName.\n" );
473 }
474 +
475 + system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", "-G", "$groups", $userName) == 0
476 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify shell of (ldap) account $userName.\n" );
477 }
478
479 #------------------------------------------------------------
480 @@ -114,17 +109,15 @@ foreach my $u (@users)
481
482 unless ($comment eq $new_comment)
483 {
484 - if ($ldapauth eq 'enabled')
485 - {
486 - system("/usr/sbin/cpu", "usermod", "-c", "$first $last", "-G", "$groups", $userName) == 0
487 - or die "Failed to modify comment of account $userName.\n";
488 - }
489 - else
490 + if ($ldapauth ne 'enabled')
491 {
492 system("/usr/sbin/usermod", "-c", "$first $last", $userName) == 0
493 - or die "Failed to modify comment of account $userName.\n";
494 + or ( $x = 255, warn "Failed to modify comment of (unix) account $userName.\n" );
495 }
496 +
497 + system("/usr/sbin/cpu", "usermod", "-c", "$first $last", "-G", "$groups", $userName) == 0
498 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify comment of (ldap) account $userName.\n" );
499 }
500 }
501
502 -exit (0);
503 +exit ($x);

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed