1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
#!/usr/bin/ruby
#
# Copyright (c) 2004, 2006 Peter Palfrader <peter@palfrader.org>
#
# All rights reserved.
#
require "ldap"
require "getoptlong"
require "myldap"
require "yaml"
config = YAML::load( File.open( '/etc/noreply/config' ) )
def usage
puts "Usage: "+$0+" --help | --client <client> [--password <password>] [--description <description>]"
end
print_usage = false
client = nil
password = [File.new("/dev/urandom").read(config['module']['client']['pwlen'])].pack("m").chomp.delete('=')
description = nil
begin
GetoptLong.new(
[ "--help" , "-h", GetoptLong::NO_ARGUMENT ],
[ "--client" , "-c", GetoptLong::REQUIRED_ARGUMENT ],
[ "--password" , "-p", GetoptLong::REQUIRED_ARGUMENT ],
[ "--description" , "-D", GetoptLong::REQUIRED_ARGUMENT ]
).each { |option, argument|
case option
when "--help"
print_usage = true
when "--client"
client = argument
when "--password"
password = argument
when "--description"
description = argument
else
raise("Unexpected option "+option);
end
}
rescue GetoptLong::InvalidOption, GetoptLong::MissingArgument, GetoptLong::NeedlessArgument
usage
exit 1;
end
if print_usage or (ARGV.length > 0) or (!client) or (!password)
usage
exit 0 if print_usage
exit 1
end
ldap = MyLDAP.new(config)
# searching new uids
newuid = config['module']['client']['minuid']
begin
ldap.conn.search(config['basedn'], LDAP::LDAP_SCOPE_SUBTREE,
'(objectclass=tnClient)') {|e|
thiscn = e.vals("cn").pop;
thisuid = e.vals("uidNumber").pop.to_i;
thisgid = e.vals("gidNumber").pop.to_i;
STDERR.puts("warning: uid/gid mismatch for client "+thiscn) unless thisuid == thisgid;
thisuid = thisuid > thisgid ? thisuid : thisgid
newuid = newuid > thisuid ? newuid : thisuid;
}
rescue LDAP::ResultError => msg
$stderr.print(msg)
exit 1;
end
newuid += 1
data = {
'objectclass' => ['top', 'tnClient', 'posixAccount', 'posixGroup'],
'o' => [client],
'userPassword' => [password],
'homeDirectory' => [ config['module']['client']['basehome'] + '/' + client ],
'cn' => [ 'W' + client ],
'uid' => [ 'W' + client ],
'uidNumber' => [ newuid.to_s ],
'gidNumber' => [ newuid.to_s ]
}
data['description'] = [description] if description
dn = "o=%s,ou=hosting,%s"%[client, config['basedn']]
ldap.add(dn, data)
%w(mail vhosts ftp dns).each{ |ou|
ldap.add("ou="+ou+","+dn, {
'objectclass' => ['top', 'organizationalUnit'],
'ou' => [ou]})
}
%w(people domains uucp).each{ |ou|
ldap.add("ou="+ou+",ou=mail,"+dn, {
'objectclass' => ['top', 'organizationalUnit'],
'ou' => [ou]})
}
#ldap.add("ou=postgresql,"+dn, {
# 'objectclass' => ['top', 'organizationalUnit', 'tnPostgreSQLdatabase'],
# 'ou' => ['postgresql'],
# 'cn' => [client] })
|