--- /dev/null
+Index: ldapscripts-2.0.8/sbin/ldapaddsudo
+===================================================================
+--- /dev/null
++++ ldapscripts-2.0.8/sbin/ldapaddsudo
+@@ -0,0 +1,63 @@
++#!/bin/sh
++
++# ldapaddsudo : adds a sudoRole to LDAP
++
++# Copyright (C) 2005 Ganaël LAPLANCHE - Linagora
++# Copyright (C) 2006-2013 Ganaël LAPLANCHE
++# Copyright (c) 2014 Wind River Systems, Inc.
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License
++# as published by the Free Software Foundation; either version 2
++# of the License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
++# USA.
++
++if [ -z "$1" ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]
++then
++ echo "Usage : $0 <username>"
++ exit 1
++fi
++
++# Source runtime file
++_RUNTIMEFILE="/usr/lib/ldapscripts/runtime"
++. "$_RUNTIMEFILE"
++
++# Username = first argument
++_USER="$1"
++
++# Use template if necessary
++if [ -n "$STEMPLATE" ] && [ -r "$STEMPLATE" ]
++then
++ _getldif="cat $STEMPLATE"
++else
++ _getldif="_extractldif 2"
++fi
++
++# Add sudo entry to LDAP
++$_getldif | _filterldif | _askattrs | _utf8encode | _ldapadd
++
++[ $? -eq 0 ] || end_die "Error adding user $_USER to LDAP"
++echo_log "Successfully added sudo access for user $_USER to LDAP"
++
++end_ok
++
++# Ldif template ##################################
++##dn: cn=<user>,ou=SUDOers,<usuffix>,<suffix>
++##objectClass: top
++##objectClass: sudoRole
++##cn: <user>
++##sudoUser: <user>
++##sudoHost: ALL
++##sudoRunAsUser: ALL
++##sudoCommand: ALL
++###sudoOrder: <default: 0, if multiple entries match, this entry with the highest sudoOrder is used>
++###sudoOption: <specify other sudo specific attributes here>
+Index: ldapscripts-2.0.8/sbin/ldapmodifyuser
+===================================================================
+--- ldapscripts-2.0.8.orig/sbin/ldapmodifyuser
++++ ldapscripts-2.0.8/sbin/ldapmodifyuser
+@@ -19,9 +19,11 @@
+ # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ # USA.
+
+-if [ -z "$1" ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]
++if [ "$1" = "-h" ] || [ "$1" = "--help" ] || \
++ [[ "$2" != "add" && "$2" != "replace" && "$2" != "delete" ]] || \
++ [ "$#" -ne 4 ]
+ then
+- echo "Usage : $0 <username | uid>"
++ echo "Usage : $0 <username | uid> [<add | replace | delete> <field> <value>]"
+ exit 1
+ fi
+
+@@ -33,21 +35,48 @@ _RUNTIMEFILE="/usr/lib/ldapscripts/runti
+ _findentry "$USUFFIX,$SUFFIX" "(&(objectClass=posixAccount)(|(uid=$1)(uidNumber=$1)))"
+ [ -z "$_ENTRY" ] && end_die "User $1 not found in LDAP"
+
+-# Allocate and create temp file
+-mktempf
+-echo "dn: $_ENTRY" > "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
+-
+-# Display entry
+-echo "# About to modify the following entry :"
+-_ldapsearch "$_ENTRY"
+-
+-# Edit entry
+-echo "# Enter your modifications here, end with CTRL-D."
+-echo "dn: $_ENTRY"
+-cat >> "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
++# Username = first argument
++_USER="$1"
++
++if [ "$#" -eq 1 ]
++then
++ # Allocate and create temp file
++ mktempf
++ echo "dn: $_ENTRY" > "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
++
++ # Display entry
++ echo "# About to modify the following entry :"
++ _ldapsearch "$_ENTRY"
++
++ # Edit entry
++ echo "# Enter your modifications here, end with CTRL-D."
++ echo "dn: $_ENTRY"
++ cat >> "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
++
++ # Send modifications
++ cat "$_TMPFILE" | _utf8encode | _ldapmodify
++else
++ # Action = second argument
++ _ACTION="$2"
++
++ # Field = third argument
++ _FIELD="$3"
++
++ # Value = fourth argument
++ _VALUE="$4"
++
++ # Use template if necessary
++ if [ -n "$UMTEMPLATE" ] && [ -r "$UMTEMPLATE" ]
++ then
++ _getldif="cat $UMTEMPLATE"
++ else
++ _getldif="_extractldif 2"
++ fi
++
++ # Modify user in LDAP
++ $_getldif | _filterldif | _utf8encode | _ldapmodify
++fi
+
+-# Send modifications
+-cat "$_TMPFILE" | _utf8encode | _ldapmodify
+ if [ $? -ne 0 ]
+ then
+ reltempf
+@@ -55,3 +84,9 @@ then
+ fi
+ reltempf
+ end_ok "Successfully modified user entry $_ENTRY in LDAP"
++
++# Ldif template ##################################
++##dn: uid=<user>,<usuffix>,<suffix>
++##changeType: modify
++##<action>: <field>
++##<field>: <value>
+Index: ldapscripts-2.0.8/lib/runtime
+===================================================================
+--- ldapscripts-2.0.8.orig/lib/runtime
++++ ldapscripts-2.0.8/lib/runtime
+@@ -344,6 +344,9 @@ s|<msuffix>|$MSUFFIX|g
+ s|<_msuffix>|$_MSUFFIX|g
+ s|<gsuffix>|$GSUFFIX|g
+ s|<_gsuffix>|$_GSUFFIX|g
++s|<action>|$_ACTION|g
++s|<field>|$_FIELD|g
++s|<value>|$_VALUE|g
+ EOF
+
+ # Use it
+Index: ldapscripts-2.0.8/Makefile
+===================================================================
+--- ldapscripts-2.0.8.orig/Makefile
++++ ldapscripts-2.0.8/Makefile
+@@ -37,11 +37,11 @@ LIBDIR = $(PREFIX)/lib/$(NAME)
+ RUNFILE = runtime
+ ETCFILE = ldapscripts.conf
+ PWDFILE = ldapscripts.passwd
+-SBINFILES = ldapdeletemachine ldapmodifygroup ldapsetpasswd lsldap ldapadduser \
++SBINFILES = ldapdeletemachine ldapmodifygroup ldapsetpasswd lsldap ldapadduser ldapaddsudo \
+ ldapdeleteuser ldapsetprimarygroup ldapfinger ldapid ldapgid ldapmodifymachine \
+ ldaprenamegroup ldapaddgroup ldapaddusertogroup ldapdeleteuserfromgroup \
+ ldapinit ldapmodifyuser ldaprenamemachine ldapaddmachine ldapdeletegroup \
+- ldaprenameuser
++ ldaprenameuser ldapmodifysudo
+ MAN1FILES = ldapdeletemachine.1 ldapmodifymachine.1 ldaprenamemachine.1 ldapadduser.1 \
+ ldapdeleteuserfromgroup.1 ldapfinger.1 ldapid.1 ldapgid.1 ldapmodifyuser.1 lsldap.1 \
+ ldapaddusertogroup.1 ldaprenameuser.1 ldapinit.1 ldapsetpasswd.1 ldapaddgroup.1 \
+Index: ldapscripts-2.0.8/sbin/ldapmodifysudo
+===================================================================
+--- /dev/null
++++ ldapscripts-2.0.8/sbin/ldapmodifysudo
+@@ -0,0 +1,93 @@
++#!/bin/sh
++
++# ldapmodifyuser : modifies a sudo entry in an LDAP directory
++
++# Copyright (C) 2007-2013 Ganaël LAPLANCHE
++# Copyright (C) 2014 Stephen Crooks
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License
++# as published by the Free Software Foundation; either version 2
++# of the License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
++# USA.
++
++if [ "$1" = "-h" ] || [ "$1" = "--help" ] || \
++ [[ "$2" != "add" && "$2" != "replace" && "$2" != "delete" ]] || \
++ [ "$#" -ne 4 ]
++then
++ echo "Usage : $0 <username | uid> [<add | replace | delete> <field> <value>]"
++ exit 1
++fi
++
++# Source runtime file
++_RUNTIMEFILE="/usr/lib/ldapscripts/runtime"
++. "$_RUNTIMEFILE"
++
++# Find username : $1 must exist in LDAP !
++_findentry "$SUFFIX" "(&(objectClass=sudoRole)(|(cn=$1)(sudoUser=$1)))"
++[ -z "$_ENTRY" ] && end_die "Sudo user $1 not found in LDAP"
++
++# Username = first argument
++_USER="$1"
++
++if [ "$#" -eq 1 ]
++then
++ # Allocate and create temp file
++ mktempf
++ echo "dn: $_ENTRY" > "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
++
++ # Display entry
++ echo "# About to modify the following entry :"
++ _ldapsearch "$_ENTRY"
++
++ # Edit entry
++ echo "# Enter your modifications here, end with CTRL-D."
++ echo "dn: $_ENTRY"
++ cat >> "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
++
++ # Send modifications
++ cat "$_TMPFILE" | _utf8encode | _ldapmodify
++else
++ # Action = second argument
++ _ACTION="$2"
++
++ # Field = third argument
++ _FIELD="$3"
++
++ # Value = fourth argument
++ _VALUE="$4"
++
++ # Use template if necessary
++ if [ -n "$SMTEMPLATE" ] && [ -r "$SMTEMPLATE" ]
++ then
++ _getldif="cat $SMTEMPLATE"
++ else
++ _getldif="_extractldif 2"
++ fi
++
++ # Modify user in LDAP
++ $_getldif | _filterldif | _utf8encode | _ldapmodify
++fi
++
++if [ $? -ne 0 ]
++then
++ reltempf
++ end_die "Error modifying sudo entry $_ENTRY in LDAP"
++fi
++reltempf
++end_ok "Successfully modified sudo entry $_ENTRY in LDAP"
++
++# Ldif template ##################################
++##dn: cn=<user>,ou=SUDOers,<suffix>
++##changeType: modify
++##<action>: <field>
++##<field>: <value>
Code Review / pti / rtp.git / blobdiff