#!/bin/sh
#writen by Zane C. Bowers <vvelox@vvelox.net>
. `which sh-include`
include random
include lugtools
usage(){
echo "luadd: add a user to a POSIX user account to LDAP for use with NSS LDAP"
echo "version 0.1.2"
echo ""
echo "-c <file> the config file to use... the default is ~/.lugtools"
echo ""
echo "required:"
echo "-u <username> the username of the user"
echo "-g <group> the primary group of the user"
echo ""
echo "others:"
echo "-U <UID> the UID of the user... will be auto assigned if not specified"
echo "-s <shell> the shell of the user"
echo "-H <home> the homedir of the user"
echo "-S (true/false) override CREATEHOME"
echo "-G <camma seperated list> a camma seperated list of groups to add user to"
echo ""
echo "-h display this"
}
#create the tmp file
tmpfile=/tmp/luadd.$$
touch $tmpfile
chmod go-rwx $tmpfile
#default config file
config=~/.lugtools
NONROOTOK="false"
CREATEHOME="true"
#get the options
while getopts hc:U:u:g:s:H:RS:G: OPTION ; do
case "$OPTION" in
U) UID="$OPTARG" ;;
u) username="$OPTARG" ;;
g) group="$OPTARG" ;;
s) shell="$OPTARG" ;;
S) CREATEHOMEoverride="false" ;;
H) home="$OPTARG" ;;
R) NONROOTOK="true" ;;
G) GROUPlist="$OPTARG" ;;
h) usage=true ;;
\?) usage=true ;;
esac
done
#if usage is defined, print the usage info and exit
if [ ! -z $usage ]; then
usage;
exit 1;
fi
#includes the config file
if [ -e $config ]; then
. $config
else
echo $config does not exist
exit 1
fi
#override home with CREATEHOMEoverride
if [ ! -z $CREATEHOMEoverride ]; then
CREATEHOME=$CREATEHOMEoverride
fi
#determines if it should exit if the user is not root
if [ ! `whoami` = "root" ]; then
if [ "$NONROOTOK" = "false" ]; then
echo "It is not ok to run this from something other than root."
exit 1;
fi
fi
#exit if no username is specified
if [ -z $username ]; then
echo -u not used to specify a user name
exit 1
fi
#exits if the user already exists
if [ `userExists $username` = true ]; then
echo user $username already exists
exit 1
fi
#make sure the UID is not already in use and if one is not defined, find a free one.
if [ ! -z $UID ]; then
if [ `userExists $UID` = true ]; then
echo UID $username already exists
exit 1
fi
else
UID=`nextUID $UIDstart`
fi
#set the shell to use
if [ -z $shell ]; then
if [ ! -z $DEFAULTshell ]; then
shell=$DEFAULTshell
else
echo "-s not specified and DEFAULTshell is not defined in the config file, "$config
exit
fi
fi
#sets the homedir to use
if [ -z $home ]; then
if [ ! -z $HOMEproto ]; then
home=`echo $HOMEproto | sed s/%%USERNAME%%/$username/g`
else
echo "-h not specified and HOMEproto is not defined in the config file, "$config
exit
fi
fi
#sets the main group to the username, if one is not specified
if [ -z $group ]; then
group="$username"
fi
#handles adding the group
if [ `groupExists $group` = "true" ]; then
#figures out if it is in LDAP or
else
GID=`nextGID $GIDstart`
groupLDAPentryGenerate $group $GID $GROUPBASE $tmpfile $username
fi
echo "" >> $tmpfile
echo "dn: cn="$username","$USERBASE >> $tmpfile
echo "objectClass: account" >> $tmpfile
echo "objectClass: posixAccount" >> $tmpfile
echo "objectClass: top" >> $tmpfile
echo "uid: "$username >> $tmpfile
echo "cn: "$username >> $tmpfile
echo "uidNumber: "$UID >> $tmpfile
echo "gidNumber: "$GID >> $tmpfile
echo "homeDirectory: "$home >> $tmpfile
echo "loginShell: "$shell >> $tmpfile
echo "userPassword: " >> $tmpfile
ldapadd -y $PASSWDFILE -D $BIND -f $tmpfile
if [ ! $? = 0 ]; then
echo "Failed to add the user and group entries to LDAP."
exit 1
fi
#create homedir if CREATEHOME is true
if [ CREATEHOME = "true" ]; then
cp -vR $SKELETONHOME $home
chown -vR $username:$group $home
chmod -v $CHMODHOME $home
fi
if [ ! -z $GROUPlist ]; then
#make sure it has a , for cut to work
GROUPlist="$GROUPlist,"
GROUPlist=`echo $GROUPlist | sed 's/,,/,/g'`
GROUPlistLoop=1
GROUPlistCount=1
while [ $GROUPlistLoop = "1" ]; do
GROUPlistItem=`echo $GROUPlist | cut -d, -f $GROUPlistCount`
if [ -z $GROUPlistItem ]; then
GROUPlistLoop="0"
else
if [ `groupExists $GROUPlistItem` = "true" ]; then
groupAddCheck=`addUserToGroup "$username" "$GROUPlistItem" "$USERBASE" "$GROUPBASE" "$BIND" "$PASSWDFILE"`
if [ $groupAddCheck = "true" ]; then
echo "added $username to $GROUPlistItem"
else
echo "failed to add $username to $GROUPlistItem"
fi
else
echo "$GROUPlistItem does not exist and thus not added to it"
fi
fi
GROUPlistCount=`expr 1 + $GROUPlistCount`
done
fi
#cat $tmpfile
rm $tmpfile
syntax highlighted by Code2HTML, v. 0.9.1