Stacken/make-user
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Working script.

Browse source 
* Add the AFS-script
* Make the script idempotent
* Fix a few bugs
This commit is contained in:
Stefan Berggren 2016-09-01 22:00:00 +02:00
parent da980ed894
commit d36e713a62
2 changed files with 36 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
make-user
View file

@ -4,7 +4,7 @@
# POC - Make a user, never tested # POC - Make a user, never tested
abort() { abort() {
echo "ABORT: $@" echo -e "ABORT: $@"
exit 1 exit 1
} }
@ -47,22 +47,19 @@ log "Query finger.json for $1"
log "Check for $1 in KDC" log "Check for $1 in KDC"
if echo get $1 | kadmin | grep -q "$1@STACKEN.KTH.SE"; then if echo get $1 | kadmin | grep -q "$1@STACKEN.KTH.SE"; then
abort "Principal $1 exists in KDC, abort!" log "Principal $1 exists in KDC, ignore"
else
log "Add $1 to KDC"
kadmin add \
--max-ticket-life="10 hours" \
--max-renewable-life=unlimited \
--expiration-time="$(date +%Y --date="2 years")-03-15" \
--pw-expiration-time=never \
--attributes="requires-pre-auth, disallow-postdated" \
--policy=default \
$1
fi fi
log "Add $1 to KDC"
kadmin add \
--max-ticket-life="10 hours" \
--max-renewable-life=unlimited \
--expiration-time="$(date +%Y --date="2 years")-03-15" \
--pw-expiration-time=never \
--attributes="requires-pre-auth, disallow-postdated" \
--policy=default \
$1
cd /afs/stacken.kth.se/admin/passwd/
grep -qE "^$1" master.passwd && abort "User $1 is already part of master.passwd"
next_passwd_uid() { next_passwd_uid() {
for n in $(seq 18000 19000); do for n in $(seq 18000 19000); do
if ! grep -q $n master.passwd; then if ! grep -q $n master.passwd; then
@ -72,13 +69,28 @@ next_passwd_uid() {
done done
} }
PASSWD_UID=$(next_passwd_uid) cd /afs/stacken.kth.se/admin/passwd/
log "Add $1 ($2) to master.passwd with UID $PASSWD_UID" if grep -qE "^$1" master.passwd; then
[ -z $PASSWD_UID ] && abort "No free UID found" log "User $1 is already part of master.passwd"
co -u master.passwd else
echo "$1:*:$PASSWD_UID:30::0:0:$2:/afs/stacken.kth.se/home/$1:/bin/bash" \ PASSWD_UID=$(next_passwd_uid)
>> master.passwd log "Add $1 ($2) to master.passwd with UID $PASSWD_UID"
ci -l -m "Added user $1 ($2) with $0" master.passwd [ -z $PASSWD_UID ] && abort "No free UID found"
co -u master.passwd
echo "$1:*:$PASSWD_UID:30::0:0:$2:/afs/stacken.kth.se/home/$1:/bin/bash" \
>> master.passwd
ci -l -m "Added user $1 ($2) with $0" master.passwd
log "Build database"
make
fi
log "Setup AFS volume" log "Setup AFS volume"
# TODO
if [ -e "/afs/stacken.kth.se/home/$1" ]; then
log "Home dir for user $1 exists"
else
/afs/stacken.kth.se/src/script/createuser $1 beef.stacken.kth.se vicepa
vos release home
fi
log "Looks good, all done!"

2
query_finger
View file

@ -5,7 +5,7 @@ import json
import sys import sys
from optparse import OptionParser from optparse import OptionParser
finger = "/afs/stacken.kth.se/home/stacken/Private/finger.json" finger = "/afs/stacken.kth.se/home/stacken/Private/finger_txt/finger.json"
fd = open(finger, 'r') fd = open(finger, 'r')
data = json.load(fd) data = json.load(fd)