Forum: Cfengine Help
Subject: Re: 3.0.2 too old?
Author: berntjernberg
Link to topic: https://cfengine.com/forum/read.php?3,20392,20399#msg-20399

Hi,

We use an LDAP-server to store all account info.  Application/group-accounts 
exist locally but personal accounts only have the home directory locally. If 
you remove a user in LDAP the home directory is owned by a uid. I use this 
bundle to clean local home directories in Solaris. I have created a group that 
only exist centrally which is used for checking connectivity to LDAP before I 
start to clean. I hope it helps.



bundle agent remove_recursive(dir)
{
    files:
        # Delete all files.
        "$(dir)"
        delete => tidy,
        file_select => plain,
        depth_search => recurse("inf");

        # Delete all subdirectories.
        "$(dir)"
        delete => tidy,
        file_select => dirs,
        depth_search => recurse("inf");

        # Delete parent.
        "$(dir)"
        delete => tidy;
}


bundle agent clean_home
{
    vars:
        "dirs_list" string => execresult("$(g.ls) -ld $(g.homebase)/* | 
$(g.nawk) '$3 !~ // { print $NF }'","useshell"),policy => "free";
        "dirs_to_remove" slist => splitstring("$(dirs_list)","\n","300"),policy 
=> "free";

    classes:
        "ldap_online" expression => returnszero("$(g.getent) group 
$(g.ldapchkgrp) > /dev/null 2>&1","useshell");

    methods:
        ldap_online.!uid_directories_removed::
            "remove_directories_with_uid_owner" usebundle => 
remove_recursive("$(dirs_to_remove)"),
            classes => if_repaired("uid_directories_removed");
}



_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to