Revert "Revert "oran-shell-release: release image for F""

[pti/rtp.git] / meta-starlingx / meta-stx-cloud / recipes-support / ldapscripts / files / sudo-support.patch

Index: ldapscripts-2.0.8/sbin/ldapaddsudo
===================================================================
--- /dev/null
+++ ldapscripts-2.0.8/sbin/ldapaddsudo
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+#  ldapaddsudo : adds a sudoRole to LDAP
+
+#  Copyright (C) 2005 Ganaël LAPLANCHE - Linagora
+#  Copyright (C) 2006-2013 Ganaël LAPLANCHE
+#  Copyright (c) 2014 Wind River Systems, Inc.
+#
+#  This program is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU General Public License
+#  as published by the Free Software Foundation; either version 2
+#  of the License, or (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+#  USA.
+
+if [ -z "$1" ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]
+then
+  echo "Usage : $0 <username>"
+  exit 1
+fi
+
+# Source runtime file
+_RUNTIMEFILE="/usr/lib/ldapscripts/runtime"
+. "$_RUNTIMEFILE"
+
+# Username = first argument
+_USER="$1"
+
+# Use template if necessary
+if [ -n "$STEMPLATE" ] && [ -r "$STEMPLATE" ]
+then
+  _getldif="cat $STEMPLATE"
+else
+  _getldif="_extractldif 2"
+fi
+
+# Add sudo entry to LDAP
+$_getldif | _filterldif | _askattrs | _utf8encode | _ldapadd
+
+[ $? -eq 0 ] || end_die "Error adding user $_USER to LDAP"
+echo_log "Successfully added sudo access for user $_USER to LDAP"
+
+end_ok
+
+# Ldif template ##################################
+##dn: cn=<user>,ou=SUDOers,<usuffix>,<suffix>
+##objectClass: top
+##objectClass: sudoRole
+##cn: <user>
+##sudoUser: <user>
+##sudoHost: ALL
+##sudoRunAsUser: ALL
+##sudoCommand: ALL
+###sudoOrder: <default: 0, if multiple entries match, this entry with the highest sudoOrder is used>
+###sudoOption: <specify other sudo specific attributes here>
Index: ldapscripts-2.0.8/sbin/ldapmodifyuser
===================================================================
--- ldapscripts-2.0.8.orig/sbin/ldapmodifyuser
+++ ldapscripts-2.0.8/sbin/ldapmodifyuser
@@ -19,9 +19,11 @@
 #  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
 #  USA.
 
-if [ -z "$1" ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]
+if [ "$1" = "-h" ] || [ "$1" = "--help" ] || \
+   [[ "$2" != "add" && "$2" != "replace" && "$2" != "delete" ]] || \
+   [ "$#" -ne 4 ]
 then
-  echo "Usage : $0 <username | uid>"
+  echo "Usage : $0 <username | uid> [<add | replace | delete> <field> <value>]"
   exit 1
 fi
 
@@ -33,21 +35,48 @@ _RUNTIMEFILE="/usr/lib/ldapscripts/runti
 _findentry "$USUFFIX,$SUFFIX" "(&(objectClass=posixAccount)(|(uid=$1)(uidNumber=$1)))"
 [ -z "$_ENTRY" ] && end_die "User $1 not found in LDAP"
 
-# Allocate and create temp file
-mktempf
-echo "dn: $_ENTRY" > "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
-
-# Display entry
-echo "# About to modify the following entry :"
-_ldapsearch "$_ENTRY"
-
-# Edit entry
-echo "# Enter your modifications here, end with CTRL-D."
-echo "dn: $_ENTRY"
-cat >> "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
+# Username = first argument
+_USER="$1"
+
+if [ "$#" -eq 1 ]
+then
+  # Allocate and create temp file
+  mktempf
+  echo "dn: $_ENTRY" > "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
+
+  # Display entry
+  echo "# About to modify the following entry :"
+  _ldapsearch "$_ENTRY"
+
+  # Edit entry
+  echo "# Enter your modifications here, end with CTRL-D."
+  echo "dn: $_ENTRY"
+  cat >> "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
+
+  # Send modifications
+  cat "$_TMPFILE" | _utf8encode | _ldapmodify
+else
+  # Action = second argument
+  _ACTION="$2"
+
+  # Field = third argument
+  _FIELD="$3"
+
+  # Value = fourth argument
+  _VALUE="$4"
+
+  # Use template if necessary
+  if [ -n "$UMTEMPLATE" ] && [ -r "$UMTEMPLATE" ]
+  then
+    _getldif="cat $UMTEMPLATE"
+  else
+    _getldif="_extractldif 2"
+  fi
+
+  # Modify user in LDAP
+  $_getldif | _filterldif | _utf8encode | _ldapmodify
+fi
 
-# Send modifications
-cat "$_TMPFILE" | _utf8encode | _ldapmodify
 if [ $? -ne 0 ]
 then
   reltempf
@@ -55,3 +84,9 @@ then
 fi
 reltempf
 end_ok "Successfully modified user entry $_ENTRY in LDAP"
+
+# Ldif template ##################################
+##dn: uid=<user>,<usuffix>,<suffix>
+##changeType: modify
+##<action>: <field>
+##<field>: <value>
Index: ldapscripts-2.0.8/lib/runtime
===================================================================
--- ldapscripts-2.0.8.orig/lib/runtime
+++ ldapscripts-2.0.8/lib/runtime
@@ -344,6 +344,9 @@ s|<msuffix>|$MSUFFIX|g
 s|<_msuffix>|$_MSUFFIX|g
 s|<gsuffix>|$GSUFFIX|g
 s|<_gsuffix>|$_GSUFFIX|g
+s|<action>|$_ACTION|g
+s|<field>|$_FIELD|g
+s|<value>|$_VALUE|g
 EOF
 
   # Use it
Index: ldapscripts-2.0.8/Makefile
===================================================================
--- ldapscripts-2.0.8.orig/Makefile
+++ ldapscripts-2.0.8/Makefile
@@ -37,11 +37,11 @@ LIBDIR = $(PREFIX)/lib/$(NAME)
 RUNFILE = runtime
 ETCFILE = ldapscripts.conf
 PWDFILE = ldapscripts.passwd
-SBINFILES =    ldapdeletemachine ldapmodifygroup ldapsetpasswd lsldap ldapadduser \
+SBINFILES =    ldapdeletemachine ldapmodifygroup ldapsetpasswd lsldap ldapadduser ldapaddsudo \
                        ldapdeleteuser ldapsetprimarygroup ldapfinger ldapid ldapgid ldapmodifymachine \
                        ldaprenamegroup ldapaddgroup ldapaddusertogroup ldapdeleteuserfromgroup \
                        ldapinit ldapmodifyuser ldaprenamemachine ldapaddmachine ldapdeletegroup \
-                       ldaprenameuser
+                       ldaprenameuser ldapmodifysudo
 MAN1FILES =    ldapdeletemachine.1 ldapmodifymachine.1 ldaprenamemachine.1 ldapadduser.1 \
                        ldapdeleteuserfromgroup.1 ldapfinger.1 ldapid.1 ldapgid.1 ldapmodifyuser.1 lsldap.1 \
                        ldapaddusertogroup.1 ldaprenameuser.1 ldapinit.1 ldapsetpasswd.1 ldapaddgroup.1 \
Index: ldapscripts-2.0.8/sbin/ldapmodifysudo
===================================================================
--- /dev/null
+++ ldapscripts-2.0.8/sbin/ldapmodifysudo
@@ -0,0 +1,93 @@
+#!/bin/sh
+
+#  ldapmodifyuser : modifies a sudo entry in an LDAP directory
+
+#  Copyright (C) 2007-2013 Ganaël LAPLANCHE
+#  Copyright (C) 2014 Stephen Crooks
+#
+#  This program is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU General Public License
+#  as published by the Free Software Foundation; either version 2
+#  of the License, or (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+#  USA.
+
+if [ "$1" = "-h" ] || [ "$1" = "--help" ] || \
+   [[ "$2" != "add" && "$2" != "replace" && "$2" != "delete" ]] || \
+   [ "$#" -ne 4 ]
+then
+  echo "Usage : $0 <username | uid> [<add | replace | delete> <field> <value>]"
+  exit 1
+fi
+
+# Source runtime file
+_RUNTIMEFILE="/usr/lib/ldapscripts/runtime"
+. "$_RUNTIMEFILE"
+
+# Find username : $1 must exist in LDAP !
+_findentry "$SUFFIX" "(&(objectClass=sudoRole)(|(cn=$1)(sudoUser=$1)))"
+[ -z "$_ENTRY" ] && end_die "Sudo user $1 not found in LDAP"
+
+# Username = first argument
+_USER="$1"
+
+if [ "$#" -eq 1 ]
+then
+  # Allocate and create temp file
+  mktempf
+  echo "dn: $_ENTRY" > "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
+
+  # Display entry
+  echo "# About to modify the following entry :"
+  _ldapsearch "$_ENTRY"
+
+  # Edit entry
+  echo "# Enter your modifications here, end with CTRL-D."
+  echo "dn: $_ENTRY"
+  cat >> "$_TMPFILE" || end_die "Error writing to temporary file $_TMPFILE"
+
+  # Send modifications
+  cat "$_TMPFILE" | _utf8encode | _ldapmodify
+else
+  # Action = second argument
+  _ACTION="$2"
+
+  # Field = third argument
+  _FIELD="$3"
+
+  # Value = fourth argument
+  _VALUE="$4"
+
+  # Use template if necessary
+  if [ -n "$SMTEMPLATE" ] && [ -r "$SMTEMPLATE" ]
+  then
+    _getldif="cat $SMTEMPLATE"
+  else
+    _getldif="_extractldif 2"
+  fi
+
+  # Modify user in LDAP
+  $_getldif | _filterldif | _utf8encode | _ldapmodify
+fi
+
+if [ $? -ne 0 ]
+then
+  reltempf
+  end_die "Error modifying sudo entry $_ENTRY in LDAP"
+fi
+reltempf
+end_ok "Successfully modified sudo entry $_ENTRY in LDAP"
+
+# Ldif template ##################################
+##dn: cn=<user>,ou=SUDOers,<suffix>
+##changeType: modify
+##<action>: <field>
+##<field>: <value>