ALT Linux Sisyphus - Package cl-user-tools

cl-user-tools-0.2/000075500000000000000000000000001113633740600140655ustar00rootroot00000000000000cl-user-tools-0.2/scripts/000075500000000000000000000000001113633740600155545ustar00rootroot00000000000000cl-user-tools-0.2/scripts/cl-config000075500000000000000000000015031113633740600173420ustar00rootroot00000000000000#!/bin/sh -efu

if [ -z "${__included_cl_config-}" ]; then
__included_cl_config=1

. shell-config

cl_slapd_config() {

		local SLAPD_CONF="/etc/openldap/sldap-generated.conf"
		[ "$#" -ge 1 ] && SLAPD_CONF="$1"
		base=$(shell_config_get "$SLAPD_CONF" suffix ' '|sed -e 's/"//g')
	  binddn=$(shell_config_get "$SLAPD_CONF" rootdn ' '|sed -e 's/"//g')
	  bindpw=$(shell_config_get "$SLAPD_CONF" rootpw ' '|sed -e 's/"//g')

		[ -n "$bindpw" ] && bindpw="-w $bindpw" || bindpw="-W"
		export base binddn bindpw
}

local_getent_group()
{
	local group="$1"
	if [ -n "$group" ]; then
		grep -v "^#" /etc/group | grep "^$group:"
	else
		grep -v "^#" /etc/group
	fi
}

local_getent_passwd()
{
	local user="$1"
	if [ -n "$user" ]; then
		grep -v "^#" /etc/passwd | grep "^$user:"
	else
		grep -v "^#" /etc/passwd
	fi
}
fi #__included_cl_config
cl-user-tools-0.2/scripts/cl-groupadd000075500000000000000000000023721113633740600177070ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
group="$2"
shift 2

cl_slapd_config "$config"

#check for name
local_getent_group "$group" | grep -qs "^$group:" && fatal "same name already exists"
ldap-getent-group "$config" "$group" | grep -qs "^$group:" && fatal "same name already exists"

#calculate gid
local_gid_avail="$(local_getent_group| cut -f3 -d: |sort -unr|head -n1)"
ldap_gid_avail="$(ldap-getent-group "$config"| cut -f3 -d: |sort -unr|head -n1)"
#[ "$local_gid_avail" -gt "$ldap_gid_avail" ] && gid_avail="$local_gid_avail" || gid_avail="$ldap_gid_avail"
[ -n "$ldap_gid_avail" ] && [ "$local_gid_avail" -lt "$ldap_gid_avail" ] && gid_avail="$ldap_gid_avail" || gid_avail="$local_gid_avail"

gid_min="${gid_min:-$(sed -rn 's,^GID_MIN[[:space:]]+([^[:space:]]+),\1,p' /etc/login.defs)}"
gid_max="${gid_max:-$(sed -rn 's,^GID_MAX[[:space:]]+([^[:space:]]+),\1,p' /etc/login.defs)}"

gid=$(( $gid_avail + 1 ))

[ "$gid" -le "$gid_max" ] || fatal "not free gid available"
[ "$gid" -lt "$gid_min" ] && gid="$gid_min"

message "using gid - $gid"

#edit ldap
ldapadd -a -D "$binddn" $bindpw -x <<EOF
dn: cn=$group,ou=Group,$base
objectClass: posixGroup
objectClass: top
cn: $group
userPassword: {crypt}x
gidNumber: $gid
EOF
cl-user-tools-0.2/scripts/cl-groupdel000075500000000000000000000010321113633740600177130ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
group="$2"
shift 2

cl_slapd_config "$config"

gid="$(ldap-getent-group "$config" "$group"|cut -f3 -d:)"

[ -n "$gid" ] || fatal "cannot find group's gid"
message "group's gid - $gid"

local_getent_passwd|cut -f4 -d:|fgrep -xqs "$gid" && fatal "cannot remove user's primary group"
ldap-getent-passwd "$config"|cut -f4 -d:|fgrep -xqs "$gid" && fatal "cannot remove user's primary group"

ldapdelete -D "$binddn" $bindpw -x "cn=$group,ou=Group,$base"
cl-user-tools-0.2/scripts/cl-init000075500000000000000000000011351113633740600170410ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 1 ] || fatal "more arguments required"
config="$1"
shift

cl_slapd_config "$config"

ldapadd -a -D "$binddn" $bindpw -x <<EOF
dn: $base
objectclass: organization
objectclass: dcObject
$(printf %s\\n "$base" | sed -r 's/^dc=([^[:space:],]*).*$/dc: \1/')
$(printf %s\\n "$base" | sed -r 's/^.*dc=([^[:space:],]*)/o: \1/')

dn: $binddn
objectclass: organizationalRole
$(printf %s\\n "$binddn" | sed -r 's/^cn=([^[:space:],]*).*$/cn: \1/')

dn: ou=People,$base
objectClass: organizationalUnit
ou: People

dn: ou=Group,$base
objectClass: organizationalUnit
ou: Group
EOF

cl-user-tools-0.2/scripts/cl-passwd000075500000000000000000000004731113633740600174030ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
user="$2"
shift 2

cl_slapd_config "$config"

pw="$(slappasswd -h '{CRYPT}')"

[ -n "$pw" ] || fatal "No password given"

#edit ldap
ldapmodify -D "$binddn" $bindpw -x <<EOF
dn: uid=$user,ou=People,$base
userPassword: $pw
EOF
cl-user-tools-0.2/scripts/cl-sshkeygen000075500000000000000000000010021113633740600200670ustar00rootroot00000000000000#!/bin/sh -e

. shell-error
. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
user="$2"
shift 2

cl_slapd_config "$config"

uid="$(ldap-getent-passwd "$config" "$user"|cut -f3 -d:)"

[ -n "$uid" ] || fatal "user not found in database"
[ -d "/home/$user" ] || fatal "home directory doesn't exists"

message "using uid - $uid"

su -l "$user" -c "ssh-keygen -t dsa -b 1024 -f /home/$user/.ssh/id_dsa -N \"\""
su -l "$user" -c "cp /home/$user/.ssh/id_dsa.pub /home/$user/.ssh/authorized_keys"
cl-user-tools-0.2/scripts/cl-useradd000075500000000000000000000036571113633740600175400ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
user="$2"
shift 2

cl_slapd_config "$config"

#check for name
local_getent_passwd "$user" | grep -qs "^$user:" && fatal "same name already exists"
ldap-getent-passwd "$config" "$user" | grep -qs "^$user:" && fatal "same name already exists"

#calculate uid
local_uid_avail="$(local_getent_passwd| cut -f3 -d: |sort -unr|head -n1)"
ldap_uid_avail="$(ldap-getent-passwd "$config"| cut -f3 -d: |sort -unr|head -n1)"
[ -n "$ldap_uid_avail" ] && [ "$local_uid_avail" -lt "$ldap_uid_avail" ] && uid_avail="$ldap_uid_avail" || uid_avail="$local_uid_avail"

uid_min="${uid_min:-$(sed -rn 's,^UID_MIN[[:space:]]+([^[:space:]]+),\1,p' /etc/login.defs)}"
uid_max="${uid_max:-$(sed -rn 's,^UID_MAX[[:space:]]+([^[:space:]]+),\1,p' /etc/login.defs)}"

uid=$(( $uid_avail + 1 ))

[ "$uid" -le "$uid_max" ] || fatal "not free uid available"
[ "$uid" -lt "$uid_min" ] && uid="$uid_min"

message "using uid - $uid"

#add group and calculate gid
ldap-getent-group "$config" "$user" | grep -qs "^$user:" && fatal "same name in group database already exists"
cl-groupadd "$config" "$user"
gid="$(ldap-getent-group "$config" "$user"|cut -f3 -d:)"

message "using gid - $gid"

#edit ldap
ldapadd -a -D "$binddn" $bindpw -x <<EOF
dn: uid=$user,ou=People,$base
uid: $user
cn: $user
objectClass: account
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
userPassword: {crypt}x
uidNumber: $uid
gidNumber: $gid
homeDirectory: /home/$user
EOF

if [ -d "/home/$user" ]; then
    message "home directory already exists"
else
    cp -r /etc/skel "/home/$user"
    chown -R "$uid:$gid" "/home/$user"
fi

spool="$(/usr/sbin/postconf -h mail_spool_directory)"

if [ ! -n "$spool" ]; then
	message "unknown spool directory, using default"
	spool="/var/mail"
fi

if [ -r "$spool/$user" ];then
	message "mail spool already exists"
else
	install -m 0660 -o "$uid" -g mail /dev/null "$spool/$user"
fi

cl-user-tools-0.2/scripts/cl-userdel000075500000000000000000000003711113633740600175420ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
user="$2"
shift 2

cl_slapd_config "$config"

ldapdelete -D "$binddn" $bindpw -x "uid=$user,ou=People,$base"
cl-groupdel "$config" "$user"
rm -rf "/home/$user"
cl-user-tools-0.2/scripts/cl-usermod000075500000000000000000000004041113633740600175520ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
user="$2"
shift 2

cl_slapd_config "$config"

#edit ldap
(echo "dn: uid=$user,ou=People,$base"
while read line; do
	echo $line
done ) |
ldapmodify -D "$binddn" $bindpw -x
cl-user-tools-0.2/scripts/ldap-getent-group000075500000000000000000000010501113633740600210340ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 1 ] || fatal "more arguments required"
config="$1"
shift

if [ -n "$1" ]; then
	filter="(&(objectClass=posixGroup)(cn=$1))"
else
	filter="objectClass=posixGroup"
fi

cl_slapd_config "$config"

ldapsearch -b "$base" -x "$filter" cn gidNumber | \
		while read key value; do
			if [ "$key" = "dn:" -o "$key" = "result:" ]; then
				if [ -n "$cn" -a -n "$gid" ]; then
					echo "$cn:x:$gid:"
						
				fi
				cn=
				gid=
			fi
			[ "$key" = "cn:" ] && cn="$value"
			[ "$key" = "gidNumber:" ] && gid="$value"
		done
cl-user-tools-0.2/scripts/ldap-getent-passwd000075500000000000000000000026371113633740600212150ustar00rootroot00000000000000#!/bin/sh -e

. cl-config

[ "$#" -ge 1 ] || fatal "more arguments required"
config="$1"
shift

if [ -n "$1" ]; then
	filter="(&(objectClass=posixAccount)(uid=$1))"
else
	filter="objectClass=posixAccount"
fi

cl_slapd_config "$config"

base64=0
ldapsearch -b "$base" -x "$filter" cn userPassword uidNumber gidNumber homeDirectory loginShell uid | \
		while IFS=':' read key value tail; do
				# skip comments
				[ "${key#\#}" = "$key" ] || continue
				# append line continue
				if [ "${key#[[:space:]]}" != "$key" ]; then
					string="$string$key"
				else
					# decode string if base64 detected
					[ $base64 -eq 0 ] || string="$(echo $string|base64 -d -i)"
					# set getent fields
					case "$attribute" in
						uid) user="$string" ;;
						uidNumber) uid="$string" ;;
						gidNumber) gid="$string" ;;
						cn) gecos="$string" ;;
						homeDirectory) home="$string" ;;
						loginShell) shell="$string" ;;
						# print the entry on new one begining or on the command end
						dn|result)
							[ -z "$user" -o -z "$uid" -o -z "$gid" ] || \
								echo "$user:x:$uid:$gid:$gecos:$home:$shell"
							;;
						*)
					esac
					# get the attribute name
					attribute="$key"
					# detect base64 by two colons ::
					# remove leading space from attribute value
					if [ "$value" = "" ]; then
						string="${tail#[[:space:]]}"
						base64=1
					else
						string="${value#[[:space:]]}"
						base64=0
					fi
				fi
		done

S:	0.1-alt8
5.0:	0.1-alt8
4.1:	0.2-alt7.M41.1
4.0:	0.2-alt4.M40.2