ActiveSambaLdap 0.0.7

data/bin/asl-groupadd

@@ -0,0 +1,73 @@
+#!/usr/bin/env ruby
+
+require 'active_samba_ldap'
+require 'active_samba_ldap/command'
+
+include ActiveSambaLdap::GetTextSupport
+
+argv, opts, options = ActiveSambaLdap::Command.parse_options do |opts, options|
+  options.gid = nil
+  options.group_type = "domain"
+  options.print_gid_number = false
+
+  opts.banner += " GROUP_NAME"
+
+  opts.on("-g", "--gid=GID", Integer, _("GID number")) {|options.gid|}
+  opts.on("-t", "--type=TYPE",
+          _("group type"),
+          "(#{options.group_type})") {|options.group_type|}
+  opts.on("-p", "--[no-]print-gid-number",
+          _("print the gid number to stdout"),
+          "(#{options.print_gid_number})") {|options.print_gid_number|}
+end
+
+name = nil
+if argv.size == 1
+  name = argv.first
+else
+  $stderr.puts opts
+  exit 1
+end
+
+unless Process.uid.zero?
+  $stderr.puts(_("need root authority."))
+  exit 1
+end
+
+ActiveSambaLdap::Base.setup_connection("update")
+
+class Group < ActiveSambaLdap::Group
+  ldap_mapping
+end
+
+class UnixIdPool < ActiveSambaLdap::UnixIdPool
+  ldap_mapping
+end
+
+if Group.exists?(name)
+  $stderr.puts(_("group already exists: %s") % name)
+  exit 1
+end
+
+create_options = {
+  :cn => name,
+  :gid_number => options.gid,
+  :pool_class => UnixIdPool,
+  :group_type => options.group_type,
+}
+group = Group.create(create_options)
+
+unless group.errors.empty?
+  group.errors.each_full do |message|
+    $stderr.puts(message)
+  end
+  exit 1
+end
+
+if options.print_gid_number
+  puts group.gid_number
+end
+
+ActiveSambaLdap::Base.restart_nscd
+
+ActiveSambaLdap::Base.clear_active_connections!

data/bin/asl-groupadd.help

@@ -0,0 +1 @@
+

data/bin/asl-groupdel

@@ -0,0 +1,61 @@
+#!/usr/bin/env ruby
+
+require 'active_samba_ldap'
+require 'active_samba_ldap/command'
+
+include ActiveSambaLdap::GetTextSupport
+
+argv, opts, options = ActiveSambaLdap::Command.parse_options do |opts, options|
+  options.force = false
+
+  opts.banner += " GROUP_NAME"
+
+  opts.on("-f", "--[no-]force",
+          _("force delete group"),
+          "(#{options.force})") {|options.force|}
+end
+
+name = nil
+if argv.size == 1
+  name = argv.first
+else
+  $stderr.puts opts
+  exit 1
+end
+
+unless Process.uid.zero?
+  $stderr.puts(_("need root authority."))
+  exit 1
+end
+
+ActiveSambaLdap::Base.setup_connection("update")
+
+class Group < ActiveSambaLdap::Group
+  ldap_mapping
+end
+
+class User < ActiveSambaLdap::User
+  ldap_mapping
+end
+
+class Computer < ActiveSambaLdap::Computer
+  ldap_mapping
+end
+
+unless Group.exists?(name)
+  $stderr.puts(_("group doesn't exist: %s") % name)
+  exit 1
+end
+group = Group.find(name)
+
+begin
+  group.destroy(:remove_members => true,
+                :force_change_primary_members => options.force)
+rescue ActiveSambaLdap::Error
+  $stderr.puts $!
+  exit 1
+end
+
+ActiveSambaLdap::Base.restart_nscd
+
+ActiveSambaLdap::Base.clear_active_connections!

data/bin/asl-groupdel.help

@@ -0,0 +1 @@
+

data/bin/asl-groupmod

@@ -0,0 +1,137 @@
+#!/usr/bin/env ruby
+
+require 'active_samba_ldap'
+require 'active_samba_ldap/command'
+
+include ActiveSambaLdap::GetTextSupport
+
+argv, opts, options = ActiveSambaLdap::Command.parse_options do |opts, options|
+  options.gid = nil
+  options.allow_non_unique_gid_number = false
+  options.new_group_name = nil
+  options.members_to_add = nil
+  options.members_to_delete = nil
+
+  opts.banner += " GROUP_NAME"
+
+  opts.on("-g", "--gid=GID", _("GID number")) {|options.gid|}
+  opts.on("--[no-]allow-non-unique-gid",
+          _("gid can be non unique"),
+          "(#{options.allow_non_unique_gid_number})") do |bool|
+    options.allow_non_unique_gid_number = bool
+  end
+  opts.on("-r", "--rename=NEW_NAME",
+          _("new group name")) {|options.new_group_name|}
+  opts.on("-a", "--add-members=MEMBER1,MEMBER2,MEBMER3", Array,
+          _("add members (comma delimited)")) {|options.members_to_add|}
+  opts.on("-d", "--delete-members=MEMBER1,MEMBER2,MEBMER3", Array,
+          _("delete members (comma delimited)")) {|options.members_to_delete|}
+end
+
+name = nil
+if argv.size == 1
+  name = argv.first
+else
+  $stderr.puts opts
+  exit 1
+end
+
+unless Process.uid.zero?
+  $stderr.puts(_("need root authority."))
+  exit 1
+end
+
+ActiveSambaLdap::Base.setup_connection("update")
+
+class Group < ActiveSambaLdap::Group
+  ldap_mapping
+end
+
+class User < ActiveSambaLdap::User
+  ldap_mapping
+end
+
+class Computer < ActiveSambaLdap::Computer
+  ldap_mapping
+end
+
+unless Group.exists?(name)
+  $stderr.puts(_("group doesn't exist: %s") % name)
+  exit 1
+end
+group = Group.find(name)
+
+if options.gid
+  begin
+    group.change_gid_number(options.gid, options.allow_non_unique_gid_number)
+  rescue ActiveSambaLdap::GidNumberAlreadyExists
+    $stderr.puts $!.message
+    exit 1
+  end
+end
+
+if options.members_to_add and options.members_to_delete
+  duplicated_members = options.members_to_add & options.members_to_delete
+  unless duplicated_members.empty?
+    format =
+      n_("there is duplicated member in adding and deleting members: %s",
+         "there are duplicated members in adding and deleting members: %s",
+         duplicated_members.size)
+    $stderr.puts(format % duplicated_members.join(", "))
+    exit 1
+  end
+end
+
+if options.members_to_add
+  users = []
+  computers = []
+  options.members_to_add.each do |member|
+    if /\$$/ =~ member
+      computers << Computer.find(member)
+    else
+      users << User.find(member)
+    end
+  end
+  group.users.concat(users)
+  group.computers.concat(computers)
+end
+
+if options.members_to_delete
+  users = []
+  computers = []
+  options.members_to_delete.each do |member|
+    if /\$$/ =~ member
+      computers << Computer.find(member)
+    else
+      users << User.find(member)
+    end
+  end
+  group.users -= users
+  group.computers -= computers
+end
+
+group.save!
+
+if options.new_group_name
+  if Group.exists?(options.new_group_name)
+    $stderr.puts(_("group already exists: %s") % options.new_group_name)
+    exit 1
+  end
+
+  new_group = Group.new(options.new_group_name)
+  new_group.attributes = group.attributes.reject do |key, value|
+    %w(cn).include?(key)
+  end
+  primary_members = group.primary_members
+  group.gid_number = nil
+  new_group.save!
+  primary_members.each do |member|
+    member.primary_group = new_group
+    member.save!
+  end
+  group.destroy(:remove_members => true)
+end
+
+ActiveSambaLdap::Base.restart_nscd
+
+ActiveSambaLdap::Base.clear_active_connections!

data/bin/asl-groupmod.help

@@ -0,0 +1 @@
+

data/bin/asl-groupshow

@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+
+require 'active_samba_ldap'
+require 'active_samba_ldap/command'
+
+include ActiveSambaLdap::GetTextSupport
+
+argv, opts, options = ActiveSambaLdap::Command.parse_options do |opts, options|
+  opts.banner += " GROUP_NAME"
+end
+
+name = nil
+if argv.size == 1
+  name = argv.first
+else
+  $stderr.puts opts
+  exit 1
+end
+
+ActiveSambaLdap::Base.setup_connection("reference")
+
+class Group < ActiveSambaLdap::Group
+  ldap_mapping
+end
+
+unless Group.exists?(name)
+  $stderr.puts(_("group doesn't exist: %s") % name)
+  exit 1
+end
+group = Group.find(name)
+puts group.to_ldif
+
+ActiveSambaLdap::Base.clear_active_connections!

data/bin/asl-groupshow.help

@@ -0,0 +1 @@
+

data/bin/asl-passwd

@@ -0,0 +1,90 @@
+#!/usr/bin/env ruby
+
+require 'etc'
+
+require 'active_samba_ldap'
+require 'active_samba_ldap/command'
+
+include ActiveSambaLdap::GetTextSupport
+
+argv, opts, options = ActiveSambaLdap::Command.parse_options do |opts, options|
+  options.update_samba_password = true
+  options.update_unix_password = true
+
+  opts.banner += " [USER_NAME]"
+
+  opts.on("-s", "--[no-]samba-password",
+          _("update samba password"),
+          "(#{options.update_samba_password})") do |bool|
+    options.update_samba_password = bool
+  end
+
+  opts.on("-u", "--[no-]unix-password",
+          _("update UNIX password"),
+          "(#{options.update_unix_password})") do |bool|
+    options.update_unix_password = bool
+  end
+end
+
+name = nil
+case argv.size
+when 0
+  name = Etc.getpwuid(Process.uid).name
+when 1
+  name = argv.first
+else
+  $stderr.puts opts
+  exit 1
+end
+
+if !options.update_samba_password and !options.update_unix_password
+  $stderr.puts(_("do nothing."))
+  exit
+end
+
+ActiveSambaLdap::Base.setup_connection("update")
+
+class User < ActiveSambaLdap::User
+  ldap_mapping
+end
+
+unless User.exists?(name)
+  $stderr.puts(_("user doesn't exist: %s") % name)
+  exit 1
+end
+user = User.find(name)
+
+unless Process.uid.zero?
+  prompt = _("Enter your current password: ")
+  old_password = ActiveSambaLdap::Command.read_password(prompt)
+  begin
+    user.bind(old_password)
+  rescue ActiveLdap::AuthenticationError
+    $stderr.puts(_("password doesn't match."))
+    exit 1
+  end
+end
+
+password = ActiveSambaLdap::Command.read_password(_("New password: "))
+password2 = ActiveSambaLdap::Command.read_password(_("Retype new password: "))
+
+unless password == password2
+  $stderr.puts(_("New passwords don't match."))
+  exit 1
+end
+
+changed = false
+
+if options.update_unix_password
+  user.change_password(password)
+  changed = true
+end
+
+if options.update_samba_password
+  user.change_samba_password(password)
+  changed = true
+end
+
+user.save! if changed
+
+ActiveSambaLdap::Base.clear_active_connections!

data/bin/asl-passwd.help

@@ -0,0 +1 @@
+

data/bin/asl-populate

@@ -0,0 +1,101 @@
+#!/usr/bin/env ruby
+
+require 'fileutils'
+require 'etc'
+require 'time'
+
+require 'active_samba_ldap'
+require 'active_samba_ldap/command'
+
+include ActiveSambaLdap::GetTextSupport
+
+argv, opts, options = ActiveSambaLdap::Command.parse_options do |opts, options|
+  default = ActiveSambaLdap::Configuration::ClassMethods::Private.new({})
+  options.start_uid = Integer(default.start_uid)
+  options.start_gid = Integer(default.start_gid)
+  options.administrator = ActiveSambaLdap::User::DOMAIN_ADMIN_NAME
+  admin_rid = ActiveSambaLdap::User::DOMAIN_ADMIN_RID
+  admins_rid = ActiveSambaLdap::Group::DOMAIN_ADMINS_RID
+  guest_rid = ActiveSambaLdap::User::DOMAIN_GUEST_RID
+  guests_rid = ActiveSambaLdap::Group::DOMAIN_GUESTS_RID
+  options.administrator_uid = ActiveSambaLdap::User.rid2uid(admin_rid)
+  options.administrator_gid = ActiveSambaLdap::Group.rid2gid(admins_rid)
+  options.guest = ActiveSambaLdap::User::DOMAIN_GUEST_NAME
+  options.guest_uid = ActiveSambaLdap::User.rid2uid(guest_rid)
+  options.guest_gid = ActiveSambaLdap::Group.rid2gid(guests_rid)
+  options.export_ldif = nil
+  options.import_ldif = nil
+
+  opts.on("-u", "--start-uid=UID", Integer,
+          _("first uid number to allocate"),
+          "(#{options.start_uid})") {|options.start_uid|}
+  opts.on("-g", "--start-gid=GID", Integer,
+          _("first gid number to allocate"),
+          "(#{options.start_gid})") {|options.start_gid|}
+  opts.on("-a", "--administrator=NAME",
+          _("administrator login name"),
+          "(#{options.administrator})") {|options.administrator|}
+  opts.on("--administrator-uid=UID", Integer,
+          _("administrator's uid number"),
+          "(#{options.administrator_uid})") {|options.administrator_uid|}
+  opts.on("--administrator-gid=GID", Integer,
+          _("administrator's gid number"),
+          "(#{options.administrator_gid})") {|options.administrator_gid|}
+  opts.on("--guest=NAME",
+          _("guest login name"),
+          "(#{options.guest})") {|options.guest|}
+  opts.on("--guest-uid=UID", Integer,
+          _("guest's uid number"),
+          "(#{options.guest_uid})") {|options.guest_uid|}
+  opts.on("--guest-gid=GID", Integer,
+          _("guest's gid number"),
+          "(#{options.guest_gid})") {|options.guest_gid|}
+  opts.on("-e", "--export-ldif=LDIF",
+          _("export LDIF file")) {|options.export_ldif|}
+#   opts.on("-i", "--import-ldif=LDIF",
+#           _("import LDIF file")) {|options.import_ldif|}
+end
+
+unless Process.uid.zero?
+  $stderr.puts(_("need root authority."))
+  exit 1
+end
+
+ActiveSambaLdap::Base.setup_connection("update")
+
+entries, opts = ActiveSambaLdap::Base.populate(options.marshal_dump)
+
+def init_administrator(opts, entries)
+  admin_name = opts[:administrator]
+  user_class = opts[:user_class]
+  admin = entries.find do |entry|
+    entry.is_a?(user_class) and entry.uid == admin_name
+  end
+  return if admin.new_entry?
+
+  prompt = _("Password for %s: ") % admin_name
+  password = ActiveSambaLdap::Command.read_password(prompt)
+  prompt2 = _("Retype password for %s: ") % admin_name
+  password2 = ActiveSambaLdap::Command.read_password(prompt2)
+  unless password == password2
+    $stderr.puts(_("Passwords don't match."))
+    exit 1
+  end
+
+  admin.change_password(password)
+  admin.change_samba_password(password)
+  admin.enable
+  admin.save!
+end
+
+init_administrator(opts, entries)
+
+if options.export_ldif
+  File.open(options.export_ldif, "w") do |out|
+    out.puts(entries.join("\n"))
+  end
+end
+
+ActiveSambaLdap::Base.restart_nscd
+
+ActiveSambaLdap::Base.clear_active_connections!