e-smith-ldap/sme8/e-smith-ldap-5.2.0-add_www_move_nobody.patch

diff -up e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update.add_www_move_nobody e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update
--- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update.add_www_move_nobody  2010-10-27 10:22:53.000000000 -0600
+++ e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update      2010-10-27 10:34:49.000000000 -0600
@@ -164,6 +164,69 @@ foreach my $obj ( qw(Users Groups Comput
 }
 
 #------------------------------------------------------------
+# Ensure nobody, shared, www objects are there
+#------------------------------------------------------------
+foreach my $user (qw/www/){
+    my $dn = "cn=$group,ou=Users,$base";
+    utf8::upgrade($dn);
+    $updates->{$dn}->{objectClass} = ['account', 'posixAccount', 'shadowAccount'];
+
+    # Read information from getent passwd
+    @{$updates->{$dn}}{'uid','userPassword','uidNumber','gidNumber','junk','junk','gecos','homeDirectory','loginShell'} = getpwnam($key);
+    $updates->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $updates->{$dn}->{userPassword} =~ m/^{/;
+    $desc = $updates->{$dn}->{cn} = $updates->{$dn}->{gecos};
+
+    # Samba parameters if we find the samba.schema
+    if ( -f "$schema" and -x '/usr/bin/pdbedit' )
+    {
+        my $line = `/usr/bin/pdbedit -wu '$key' 2> /dev/null`;
+        chomp($line);
+        if ($line)
+        {
+            @{$updates->{$dn}}{'junk','junk','sambaLMPassword','sambaNTPassword'} = split(/:/,$line);
+            foreach $line (`/usr/bin/pdbedit -vu '$key' 2> /dev/null`)
+            {
+                chomp($line);
+                $updates->{$dn}->{sambaSID} = $1 if $line =~ m{User SID:\s+(S-.*)$};
+                $updates->{$dn}->{displayName} = $1 if $line =~ m{Full Name:\s+(.*)$};
+                $updates->{$dn}->{sambaPrimaryGroupSID} = $1 if $line =~ m{Primary Group SID:\s+(S-.*)$};
+                $updates->{$dn}->{sambaAcctFlags} = $1 if $line =~ m{Account Flags:\s+(.*)$};
+                $updates->{$dn}->{sambaPwdLastSet} = str2time($1) if $line =~ m{Password last set:\s+(.*)$};
+            }
+            push @{$updates->{$dn}->{objectClass}}, 'sambaSamAccount';
+        }
+    }
+}
+endpwent();
+
+foreach my $group (qw/nobody shared www/){
+    my $dn = "cn=$group,ou=Groups,$base";
+    utf8::upgrade($dn);
+    $updates->{$dn}->{objectClass} = ['posixGroup'];
+
+    # Read information from getent group
+    @{$updates->{$dn}}{'cn','userPassword','gidNumber','memberUid'} = getgrnam($group);
+    $updates->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $updates->{$dn}->{userPassword} =~ m/^{/;
+    $updates->{$dn}->{memberUid} = [ split /\s+/, $updates->{$dn}->{memberUid} ];
+
+    # Ensure groups have the needed properties
+    if ($group eq 'shared'){
+        push @{$updates->{$dn}->{objectClass}}, 'mailboxRelatedObject';
+        $updates->{$dn}->{mail} = "everyone\@$domain";
+    }
+
+    # Samba parameters if we find the samba.schema
+    if ( -f "$schema" and exists $groupmap->{$group} )
+    {   
+        push @{$updates->{$dn}->{objectClass}}, 'sambaGroupMapping';
+        $updates->{$dn}->{displayName} = $groupmap->{$group}->{name};
+        $updates->{$dn}->{sambaSID} = $groupmap->{$group}->{sid};
+        $updates->{$dn}->{sambaGroupType} = '2';
+    }
+}
+endgrent();
+
+#------------------------------------------------------------
 # Create a list of updates that need to happen
 #------------------------------------------------------------
 my $updates;
@@ -274,29 +337,6 @@ endpwent();
 endgrent();
 
 
-# Nobody and shared are special groups used by samba
-foreach my $group (qw/nobody shared/){
-    my $dn = "cn=$group,ou=Groups,$base";
-    @{$updates->{$dn}}{'cn','userPassword','gidNumber','memberUid'} = getgrnam($group);
-    utf8::upgrade($dn);
-    $updates->{$dn}->{objectClass} = ['posixGroup'];
-    if ($group eq 'shared'){
-        push @{$updates->{$dn}->{objectClass}}, 'mailboxRelatedObject';
-        $updates->{$dn}->{mail} = "everyone\@$domain";
-    }
-    $updates->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $updates->{$dn}->{userPassword} =~ m/^{/;
-    $updates->{$dn}->{memberUid} = [ split /\s+/, $updates->{$dn}->{memberUid} ];
-    if ( -f "$schema" and exists $groupmap->{$group} )
-    {   
-        push @{$updates->{$dn}->{objectClass}}, 'sambaGroupMapping';
-        $updates->{$dn}->{displayName} = $groupmap->{$group}->{name};
-        $updates->{$dn}->{sambaSID} = $groupmap->{$group}->{sid};
-        $updates->{$dn}->{sambaGroupType} = '2';
-    }
-}
-endgrent();
-
-
 #------------------------------------------------------------
 # Update LDAP database entry.
 #------------------------------------------------------------
diff -up e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin.add_www_move_nobody e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin.add_www_move_nobody  2010-10-27 10:22:53.000000000 -0600
+++ e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin      2010-10-27 10:48:06.000000000 -0600
@@ -81,6 +81,21 @@
     }
     endpwent();
 
+    # www is a special user for all accounts
+    foreach my $user (qw/www/)
+    {   
+        $dn = "uid=$key,ou=Users,$ldapBase";
+        utf8::upgrade($dn);
+
+        $dnmap->{$user}->{user} = $dn;
+
+        $ldif->{$dn}->{objectClass} = [ qw(account posixAccount shadowAccount) ];
+        @{$ldif->{$dn}}{'uid','userPassword','uidNumber','gidNumber','junk','junk','gecos','homeDirectory','loginShell'} = getpwnam($key);
+        $ldif->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $ldif->{$dn}->{userPassword} =~ m/^{/;
+        $ldif->{$dn}->{cn} = $ldif->{$dn}->{gecos} || '';
+    }
+    endpwent();
+
     # Read in group details
     while(my ($key,$pwd,$gid,$members) = getgrent())
     {
@@ -110,23 +125,26 @@
     endgrent();
 
     # Nobody and shared are special groups used by samba
-    foreach my $group (qw/nobody shared/)
+    foreach my $group (qw/nobody shared www/)
     {   
-        my $dn = "cn=$group,ou=Groups,$ldapBase";
+        $dn = "cn=$group,ou=Groups,$ldapBase";
         utf8::upgrade($dn);
+
         $dnmap->{$group}->{group} = $dn;
+
+        $ldif->{$dn}->{objectClass} = [ qw(posixGroup) ];
         @{$ldif->{$dn}}{'cn','userPassword','gidNumber','memberUid'} = getgrnam($group);
-        push @{$ldif->{$dn}->{objectClass}}, 'posixGroup';
+        $ldif->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $ldif->{$dn}->{userPassword} =~ m/^\{/;
+        $ldif->{$dn}->{description} = $ldif->{$dnmap->{$key}->{user}}->{cn} if exists $ldif->{$dnmap->{$key}->{user}}->{cn};
+        $ldif->{$dn}->{memberUid} = [ split /\s+/, $ldif->{$dn}->{memberUid} ];
+
         if ($group eq 'shared'){
             push @{$ldif->{$dn}->{objectClass}}, 'mailboxRelatedObject';
             $ldif->{$dn}->{mail} = "everyone\@$DomainName";
         }
-        $ldif->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $ldif->{$dn}->{userPassword} =~ m/^\{/;
-        $ldif->{$dn}->{memberUid} = [ split /\s+/, $ldif->{$dn}->{memberUid} ];
     }
     endgrent();
 
-
     # Read in samba user details
     if ( -f "$schema" and -x '/usr/bin/pdbedit' )
     {
1	diff -up e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update.add_www_move_nobody e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update
2	--- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update.add_www_move_nobody 2010-10-27 10:22:53.000000000 -0600
3	+++ e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update 2010-10-27 10:34:49.000000000 -0600
4	@@ -164,6 +164,69 @@ foreach my $obj ( qw(Users Groups Comput
5	}
6
7	#------------------------------------------------------------
8	+# Ensure nobody, shared, www objects are there
9	+#------------------------------------------------------------
10	+foreach my $user (qw/www/){
11	+ my $dn = "cn=$group,ou=Users,$base";
12	+ utf8::upgrade($dn);
13	+ $updates->{$dn}->{objectClass} = ['account', 'posixAccount', 'shadowAccount'];
14	+
15	+ # Read information from getent passwd
16	+ @{$updates->{$dn}}{'uid','userPassword','uidNumber','gidNumber','junk','junk','gecos','homeDirectory','loginShell'} = getpwnam($key);
17	+ $updates->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $updates->{$dn}->{userPassword} =~ m/^{/;
18	+ $desc = $updates->{$dn}->{cn} = $updates->{$dn}->{gecos};
19	+
20	+ # Samba parameters if we find the samba.schema
21	+ if ( -f "$schema" and -x '/usr/bin/pdbedit' )
22	+ {
23	+ my $line = `/usr/bin/pdbedit -wu '$key' 2> /dev/null`;
24	+ chomp($line);
25	+ if ($line)
26	+ {
27	+ @{$updates->{$dn}}{'junk','junk','sambaLMPassword','sambaNTPassword'} = split(/:/,$line);
28	+ foreach $line (`/usr/bin/pdbedit -vu '$key' 2> /dev/null`)
29	+ {
30	+ chomp($line);
31	+ $updates->{$dn}->{sambaSID} = $1 if $line =~ m{User SID:\s+(S-.*)$};
32	+ $updates->{$dn}->{displayName} = $1 if $line =~ m{Full Name:\s+(.*)$};
33	+ $updates->{$dn}->{sambaPrimaryGroupSID} = $1 if $line =~ m{Primary Group SID:\s+(S-.*)$};
34	+ $updates->{$dn}->{sambaAcctFlags} = $1 if $line =~ m{Account Flags:\s+(.*)$};
35	+ $updates->{$dn}->{sambaPwdLastSet} = str2time($1) if $line =~ m{Password last set:\s+(.*)$};
36	+ }
37	+ push @{$updates->{$dn}->{objectClass}}, 'sambaSamAccount';
38	+ }
39	+ }
40	+}
41	+endpwent();
42	+
43	+foreach my $group (qw/nobody shared www/){
44	+ my $dn = "cn=$group,ou=Groups,$base";
45	+ utf8::upgrade($dn);
46	+ $updates->{$dn}->{objectClass} = ['posixGroup'];
47	+
48	+ # Read information from getent group
49	+ @{$updates->{$dn}}{'cn','userPassword','gidNumber','memberUid'} = getgrnam($group);
50	+ $updates->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $updates->{$dn}->{userPassword} =~ m/^{/;
51	+ $updates->{$dn}->{memberUid} = [ split /\s+/, $updates->{$dn}->{memberUid} ];
52	+
53	+ # Ensure groups have the needed properties
54	+ if ($group eq 'shared'){
55	+ push @{$updates->{$dn}->{objectClass}}, 'mailboxRelatedObject';
56	+ $updates->{$dn}->{mail} = "everyone\@$domain";
57	+ }
58	+
59	+ # Samba parameters if we find the samba.schema
60	+ if ( -f "$schema" and exists $groupmap->{$group} )
61	+ {
62	+ push @{$updates->{$dn}->{objectClass}}, 'sambaGroupMapping';
63	+ $updates->{$dn}->{displayName} = $groupmap->{$group}->{name};
64	+ $updates->{$dn}->{sambaSID} = $groupmap->{$group}->{sid};
65	+ $updates->{$dn}->{sambaGroupType} = '2';
66	+ }
67	+}
68	+endgrent();
69	+
70	+#------------------------------------------------------------
71	# Create a list of updates that need to happen
72	#------------------------------------------------------------
73	my $updates;
74	@@ -274,29 +337,6 @@ endpwent();
75	endgrent();
76
77
78	-# Nobody and shared are special groups used by samba
79	-foreach my $group (qw/nobody shared/){
80	- my $dn = "cn=$group,ou=Groups,$base";
81	- @{$updates->{$dn}}{'cn','userPassword','gidNumber','memberUid'} = getgrnam($group);
82	- utf8::upgrade($dn);
83	- $updates->{$dn}->{objectClass} = ['posixGroup'];
84	- if ($group eq 'shared'){
85	- push @{$updates->{$dn}->{objectClass}}, 'mailboxRelatedObject';
86	- $updates->{$dn}->{mail} = "everyone\@$domain";
87	- }
88	- $updates->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $updates->{$dn}->{userPassword} =~ m/^{/;
89	- $updates->{$dn}->{memberUid} = [ split /\s+/, $updates->{$dn}->{memberUid} ];
90	- if ( -f "$schema" and exists $groupmap->{$group} )
91	- {
92	- push @{$updates->{$dn}->{objectClass}}, 'sambaGroupMapping';
93	- $updates->{$dn}->{displayName} = $groupmap->{$group}->{name};
94	- $updates->{$dn}->{sambaSID} = $groupmap->{$group}->{sid};
95	- $updates->{$dn}->{sambaGroupType} = '2';
96	- }
97	-}
98	-endgrent();
99	-
100	-
101	#------------------------------------------------------------
102	# Update LDAP database entry.
103	#------------------------------------------------------------
104	diff -up e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin.add_www_move_nobody e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin
105	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin.add_www_move_nobody 2010-10-27 10:22:53.000000000 -0600
106	+++ e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin 2010-10-27 10:48:06.000000000 -0600
107	@@ -81,6 +81,21 @@
108	}
109	endpwent();
110
111	+ # www is a special user for all accounts
112	+ foreach my $user (qw/www/)
113	+ {
114	+ $dn = "uid=$key,ou=Users,$ldapBase";
115	+ utf8::upgrade($dn);
116	+
117	+ $dnmap->{$user}->{user} = $dn;
118	+
119	+ $ldif->{$dn}->{objectClass} = [ qw(account posixAccount shadowAccount) ];
120	+ @{$ldif->{$dn}}{'uid','userPassword','uidNumber','gidNumber','junk','junk','gecos','homeDirectory','loginShell'} = getpwnam($key);
121	+ $ldif->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $ldif->{$dn}->{userPassword} =~ m/^{/;
122	+ $ldif->{$dn}->{cn} = $ldif->{$dn}->{gecos} \|\| '';
123	+ }
124	+ endpwent();
125	+
126	# Read in group details
127	while(my ($key,$pwd,$gid,$members) = getgrent())
128	{
129	@@ -110,23 +125,26 @@
130	endgrent();
131
132	# Nobody and shared are special groups used by samba
133	- foreach my $group (qw/nobody shared/)
134	+ foreach my $group (qw/nobody shared www/)
135	{
136	- my $dn = "cn=$group,ou=Groups,$ldapBase";
137	+ $dn = "cn=$group,ou=Groups,$ldapBase";
138	utf8::upgrade($dn);
139	+
140	$dnmap->{$group}->{group} = $dn;
141	+
142	+ $ldif->{$dn}->{objectClass} = [ qw(posixGroup) ];
143	@{$ldif->{$dn}}{'cn','userPassword','gidNumber','memberUid'} = getgrnam($group);
144	- push @{$ldif->{$dn}->{objectClass}}, 'posixGroup';
145	+ $ldif->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $ldif->{$dn}->{userPassword} =~ m/^\{/;
146	+ $ldif->{$dn}->{description} = $ldif->{$dnmap->{$key}->{user}}->{cn} if exists $ldif->{$dnmap->{$key}->{user}}->{cn};
147	+ $ldif->{$dn}->{memberUid} = [ split /\s+/, $ldif->{$dn}->{memberUid} ];
148	+
149	if ($group eq 'shared'){
150	push @{$ldif->{$dn}->{objectClass}}, 'mailboxRelatedObject';
151	$ldif->{$dn}->{mail} = "everyone\@$DomainName";
152	}
153	- $ldif->{$dn}->{userPassword} =~ s/^/{CRYPT}/ unless $ldif->{$dn}->{userPassword} =~ m/^\{/;
154	- $ldif->{$dn}->{memberUid} = [ split /\s+/, $ldif->{$dn}->{memberUid} ];
155	}
156	endgrent();
157
158	-
159	# Read in samba user details
160	if ( -f "$schema" and -x '/usr/bin/pdbedit' )
161	{