mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r2808: added auto-detection of unix user and groups names during provision.
This commit is contained in:
parent
c09f0f355b
commit
036e953fac
@ -249,7 +249,7 @@ systemFlags: 0x8c000000
|
||||
groupType: 0x80000005
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: root
|
||||
unixName: ${WHEEL}
|
||||
|
||||
dn: CN=Users,CN=Builtin,${BASEDN}
|
||||
objectClass: top
|
||||
@ -293,7 +293,7 @@ systemFlags: 0x8c000000
|
||||
groupType: 0x80000005
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: nogroup
|
||||
unixName: ${NOGROUP}
|
||||
|
||||
dn: CN=Print Operators,CN=Builtin,${BASEDN}
|
||||
objectClass: top
|
||||
@ -566,7 +566,7 @@ sAMAccountType: 268435456
|
||||
groupType: -2147483646
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: root
|
||||
unixName: ${WHEEL}
|
||||
|
||||
dn: CN=Enterprise Admins,CN=Users,${BASEDN}
|
||||
objectClass: top
|
||||
@ -589,7 +589,7 @@ sAMAccountType: 268435456
|
||||
groupType: -2147483646
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: root
|
||||
unixName: ${WHEEL}
|
||||
|
||||
dn: CN=Cert Publishers,CN=Users,${BASEDN}
|
||||
objectClass: top
|
||||
@ -631,7 +631,7 @@ sAMAccountType: 268435456
|
||||
groupType: -2147483646
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: root
|
||||
unixName: ${WHEEL}
|
||||
|
||||
dn: CN=Domain Users,CN=Users,${BASEDN}
|
||||
objectClass: top
|
||||
@ -652,7 +652,7 @@ sAMAccountType: 268435456
|
||||
groupType: -2147483646
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: users
|
||||
unixName: ${USERS}
|
||||
|
||||
dn: CN=Domain Guests,CN=Users,${BASEDN}
|
||||
objectClass: top
|
||||
@ -693,7 +693,7 @@ sAMAccountType: 268435456
|
||||
groupType: -2147483646
|
||||
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
unixName: root
|
||||
unixName: ${WHEEL}
|
||||
|
||||
dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
|
||||
objectClass: top
|
||||
|
@ -8,6 +8,10 @@ chomp $opt_hostname;
|
||||
my $opt_realm;
|
||||
my $opt_domain;
|
||||
my $opt_adminpass;
|
||||
my $opt_nobody;
|
||||
my $opt_nogroup;
|
||||
my $opt_wheel;
|
||||
my $opt_users;
|
||||
my $dnsname;
|
||||
my $basedn;
|
||||
|
||||
@ -107,6 +111,22 @@ sub substitute($)
|
||||
return "" . nttime();
|
||||
}
|
||||
|
||||
if ($var eq "WHEEL") {
|
||||
return $opt_wheel;
|
||||
}
|
||||
|
||||
if ($var eq "NOBODY") {
|
||||
return $opt_nobody;
|
||||
}
|
||||
|
||||
if ($var eq "NOGROUP") {
|
||||
return $opt_nogroup;
|
||||
}
|
||||
|
||||
if ($var eq "USERS") {
|
||||
return $opt_users;
|
||||
}
|
||||
|
||||
die "ERROR: Uknown substitution variable $var\n";
|
||||
}
|
||||
|
||||
@ -174,10 +194,14 @@ sub ShowHelp()
|
||||
Samba4 provisioning
|
||||
|
||||
provision.pl [options]
|
||||
--realm REALM set realm
|
||||
--domain DOMAIN set domain
|
||||
--hostname HOSTNAME set hostname
|
||||
--adminpass PASSWORD choose admin password (otherwise random)
|
||||
--realm REALM set realm
|
||||
--domain DOMAIN set domain
|
||||
--hostname HOSTNAME set hostname
|
||||
--adminpass PASSWORD choose admin password (otherwise random)
|
||||
--nobody USERNAME choose 'nobody' user
|
||||
--nogroup GROUPNAME choose 'nogroup' group
|
||||
--wheel GROUPNAME choose 'wheel' privileged group
|
||||
--users GROUPNAME choose 'users' group
|
||||
|
||||
You must provide at least a realm and domain
|
||||
|
||||
@ -193,6 +217,10 @@ GetOptions(
|
||||
'domain=s' => \$opt_domain,
|
||||
'hostname=s' => \$opt_hostname,
|
||||
'adminpass=s' => \$opt_adminpass,
|
||||
'nobody=s' => \$opt_nobody,
|
||||
'nogroup=s' => \$opt_nogroup,
|
||||
'wheel=s' => \$opt_wheel,
|
||||
'users=s' => \$opt_users,
|
||||
);
|
||||
|
||||
if ($opt_help ||
|
||||
@ -204,6 +232,41 @@ if ($opt_help ||
|
||||
|
||||
print "Provisioning host '$opt_hostname' for domain '$opt_domain' in realm '$opt_realm'\n";
|
||||
|
||||
if (!$opt_nobody) {
|
||||
if (defined getpwnam("nobody")) {
|
||||
$opt_nobody = "nobody";
|
||||
}
|
||||
}
|
||||
|
||||
if (!$opt_nogroup) {
|
||||
if (defined getgrnam("nogroup")) {
|
||||
$opt_nogroup = "nogroup";
|
||||
} elsif (defined getgrnam("nobody")) {
|
||||
$opt_nogroup = "nobody";
|
||||
}
|
||||
}
|
||||
|
||||
if (!$opt_wheel) {
|
||||
if (defined getgrnam("wheel")) {
|
||||
$opt_wheel = "wheel";
|
||||
} elsif (defined getgrnam("root")) {
|
||||
$opt_wheel = "root";
|
||||
}
|
||||
}
|
||||
|
||||
if (!$opt_users) {
|
||||
if (defined getgrnam("users")) {
|
||||
$opt_users = "users";
|
||||
}
|
||||
}
|
||||
|
||||
$opt_nobody || die "Unable to determine a user for 'nobody'\n";
|
||||
$opt_nogroup || die "Unable to determine a group for 'nogroup'\n";
|
||||
$opt_users || die "Unable to determine a group for 'user'\n";
|
||||
$opt_wheel || die "Unable to determine a group for 'wheel'\n";
|
||||
|
||||
print "Using nobody='$opt_nobody' nogroup='$opt_nogroup' wheel='$opt_wheel' users='$opt_users'\n";
|
||||
|
||||
print "generating ldif ...\n";
|
||||
|
||||
$dnsname = "$opt_hostname.$opt_realm";
|
||||
@ -211,9 +274,9 @@ $basedn = "DC=" . join(",DC=", split(/\./, $opt_realm));
|
||||
|
||||
my $data = FileLoad("provision.ldif") || die "Unable to load provision.ldif\n";
|
||||
|
||||
$data .= add_foreign("S-1-5-7", "Anonymous", "nobody");
|
||||
$data .= add_foreign("S-1-5-7", "Anonymous", "\${NOBODY}");
|
||||
$data .= add_foreign("S-1-5-18", "System", "root");
|
||||
$data .= add_foreign("S-1-5-11", "Authenticated Users", "users");
|
||||
$data .= add_foreign("S-1-5-11", "Authenticated Users", "\${USERS}");
|
||||
|
||||
if (!$opt_adminpass) {
|
||||
$opt_adminpass = randpass();
|
||||
|
Loading…
Reference in New Issue
Block a user