Forum: Cfengine Help Subject: Re: 3.0.2 too old? Author: berntjernberg Link to topic: https://cfengine.com/forum/read.php?3,20392,20399#msg-20399
Hi, We use an LDAP-server to store all account info. Application/group-accounts exist locally but personal accounts only have the home directory locally. If you remove a user in LDAP the home directory is owned by a uid. I use this bundle to clean local home directories in Solaris. I have created a group that only exist centrally which is used for checking connectivity to LDAP before I start to clean. I hope it helps. bundle agent remove_recursive(dir) { files: # Delete all files. "$(dir)" delete => tidy, file_select => plain, depth_search => recurse("inf"); # Delete all subdirectories. "$(dir)" delete => tidy, file_select => dirs, depth_search => recurse("inf"); # Delete parent. "$(dir)" delete => tidy; } bundle agent clean_home { vars: "dirs_list" string => execresult("$(g.ls) -ld $(g.homebase)/* | $(g.nawk) '$3 !~ // { print $NF }'","useshell"),policy => "free"; "dirs_to_remove" slist => splitstring("$(dirs_list)","\n","300"),policy => "free"; classes: "ldap_online" expression => returnszero("$(g.getent) group $(g.ldapchkgrp) > /dev/null 2>&1","useshell"); methods: ldap_online.!uid_directories_removed:: "remove_directories_with_uid_owner" usebundle => remove_recursive("$(dirs_to_remove)"), classes => if_repaired("uid_directories_removed"); } _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine