Re: LDAP/nss_ldap adduser script
Primarily, my aim is to keep it simple, do the basics, thats the itch that needs scratching for me at the moment. It could be the base of a more encompassing management system, but that would be a different project. Count me in on helping you with this. A nice command line utility for ldap is definitely needed. Something like ldapctl :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: LDAP/nss_ldap adduser script
On Tue, Aug 02, 2005 at 02:24:26PM +0200, Joerg Pulz wrote:
> >user_base=`awk '/nss_base_passwd/ {print $2}' /etc/ldap.conf | cut -f1 -d?`
> >get_next_uid() {
> >
> > lastuid=`ldapsearch -LLL -b "$user_base"
> >"objectclass=posixAccount" |\
> >awk '/uidNumber/ {print $2}' | sort | tail -n1`
> > if [ -z "$lastuid" ]; then
> > uid=$startuid
> > else
> > uid=`expr $lastuid + 1`
> > fi
> >}
#!/bin/sh
uid_min=1000
uid_max=2000
get_uid()
{
uid=${uid_min}
sort -g list-uid | while read uid_used; do
if [ ${uid} -eq ${uid_used} ]; then
uid=`expr ${uid} + 1`
if [ ${uid} -eq ${uid_max} ]; then
echo "Out of UID numbers";
exit 1
fi
else
echo "${uid}"
break;
fi
done
}
uid=`get_uid`
if [ $? -ne 0 ]; then
echo ${uid}
exit 1
fi
echo "Lowest unused UID: ${uid}"
> so, why all this scripting?? you could simply use the following line to
> get the next free uid (as long as the system is configured to use LDAP
> accounts)
Because everyone has own environment and not enough details about
his/her environment give many solutions, sometimes not optimal for
another environment. Yours idea is good (if LDAP accounts work on
the system), especially that pw uses bitmap to find first unused UID
(if reuseuids is 'yes').
> the 'cut' is necessary as 'pw usernext' reports the next free uid:gid in
> combination (is this a bug??)
This is documented in pw(8) manual page.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: LDAP/nss_ldap adduser script
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 2 Aug 2005, [EMAIL PROTECTED] wrote:
On Wed, Jul 27, 2005 at 10:39:14AM +0100, [EMAIL PROTECTED] wrote:
I've had a look at the adduser script and it should be straight
forward
enough to tailer to this purpose, and I can't see any difficulties in
writing them - check /etc/ldap.conf for the location of the users &
groups, pops the details into an ldif and runs it through the ldap
I'm not sure that such utilities exist, because each environment is
very different. On my systems, I'm planning to write own scripts for
creating, deleting users, etc. I will be much easier than adaption
someone's scripts for own purpose.
Each to their own, but most of the stuff is fairly generic. I've written
the scripts to read the ldap settings from the relevent files (the admin
user, and the user & group context).
client. The one thing I am not sure about is getting the next available
uid number, but I'm sure the answer will become apparent.
From my point of view the easiest solution is some directory with files,
a name of each file is equal to UID of user. A script should find non-
existent file with name from UID_min to UID_max and create it. As an
optimization it possible to keep list of unused numbers (in file).
Yuch! And what happens if the information gets out of sync. I've come up
with a solution, which was much easier than I had thought -
user_base=`awk '/nss_base_passwd/ {print $2}' /etc/ldap.conf | cut -f1 -d?`
get_next_uid() {
lastuid=`ldapsearch -LLL -b "$user_base"
"objectclass=posixAccount" |\
awk '/uidNumber/ {print $2}' | sort | tail -n1`
if [ -z "$lastuid" ]; then
uid=$startuid
else
uid=`expr $lastuid + 1`
fi
}
it pulls out all the uids already assigned, sorts them, takes the last
one, and adds one on (or sets it to startuid if none found). It might fall
over if huge numbers of users are in there, but should work for most.
So before I get into the meat of this, I wanted to check if anyone has
any suggestions or comments.
How do you export user home directories?
Thats another task - I'm just interested in easily adding and removing
users easily.
If you are interested, I can send you the full scripts - they are pretty
sparse and general, so should be easy to adapt.
Hi
so, why all this scripting?? you could simply use the following line to
get the next free uid (as long as the system is configured to use LDAP
accounts)
pw usernext | cut -f1 -d:
the 'cut' is necessary as 'pw usernext' reports the next free uid:gid in
combination (is this a bug??)
pw groupnext
reports only the next free gid
regards
Joerg
- --
The beginning is the most important part of the work.
-Plato
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (FreeBSD)
iD8DBQFC72X8SPOsGF+KA+MRAquVAKCv3jjm4V8INAEuHbAEY2kGk0heYgCfSYaX
yhF36rOl+da279CW6IsGAco=
=czue
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: LDAP/nss_ldap adduser script
> On Wed, Jul 27, 2005 at 10:39:14AM +0100, [EMAIL PROTECTED] wrote:
>
>> I've had a look at the adduser script and it should be straight
>> forward
>> enough to tailer to this purpose, and I can't see any difficulties in
>> writing them - check /etc/ldap.conf for the location of the users &
>> groups, pops the details into an ldif and runs it through the ldap
>
> I'm not sure that such utilities exist, because each environment is
> very different. On my systems, I'm planning to write own scripts for
> creating, deleting users, etc. I will be much easier than adaption
> someone's scripts for own purpose.
Each to their own, but most of the stuff is fairly generic. I've written
the scripts to read the ldap settings from the relevent files (the admin
user, and the user & group context).
>
>> client. The one thing I am not sure about is getting the next available
>> uid number, but I'm sure the answer will become apparent.
>
> From my point of view the easiest solution is some directory with files,
> a name of each file is equal to UID of user. A script should find non-
> existent file with name from UID_min to UID_max and create it. As an
> optimization it possible to keep list of unused numbers (in file).
Yuch! And what happens if the information gets out of sync. I've come up
with a solution, which was much easier than I had thought -
user_base=`awk '/nss_base_passwd/ {print $2}' /etc/ldap.conf | cut -f1 -d?`
get_next_uid() {
lastuid=`ldapsearch -LLL -b "$user_base"
"objectclass=posixAccount" |\
awk '/uidNumber/ {print $2}' | sort | tail -n1`
if [ -z "$lastuid" ]; then
uid=$startuid
else
uid=`expr $lastuid + 1`
fi
}
it pulls out all the uids already assigned, sorts them, takes the last
one, and adds one on (or sets it to startuid if none found). It might fall
over if huge numbers of users are in there, but should work for most.
>
>> So before I get into the meat of this, I wanted to check if anyone has
>> any suggestions or comments.
>
> How do you export user home directories?
Thats another task - I'm just interested in easily adding and removing
users easily.
If you are interested, I can send you the full scripts - they are pretty
sparse and general, so should be easy to adapt.
Cheers,
Martin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: LDAP/nss_ldap adduser script
> On Wed, Jul 27, 2005 at 10:39:14AM +0100, [EMAIL PROTECTED] typed: >> Hi all, >> >>I've been using an ldap directory for quite a while now for my >> network >> logins, and love it. Problem is, it can be quite cumbersome to work >> with, any ldap clients I have looked at are either very sketchy or >> overly cumbersome for simple tasks (adding/removing users etc.), and >> ldif file format is a major pain to work with. >> >> My first question is - is anyone aware of a good light and stable ldap >> client that is easy to setup and use. My own research suggests no, which >> leads onto my proposal - >> >> I'm planning on writing a few basic scripts for working with the >> system >> - a 'ldap_adduser', 'ldap_rmuser' etc. Nothing major, not a full suite >> of utilities, just the basics to make life a little easier. >> >> I've had a look at the adduser script and it should be straight >> forward >> enough to tailer to this purpose, and I can't see any difficulties in >> writing them - check /etc/ldap.conf for the location of the users & >> groups, pops the details into an ldif and runs it through the ldap >> client. The one thing I am not sure about is getting the next available >> uid number, but I'm sure the answer will become apparent. >> >> So before I get into the meat of this, I wanted to check if anyone has >> any suggestions or comments. > > Well, how would you go about determining the default user's set of > objectclasses > and attributes? e.g. we have in our ldap users with different combinations > of > sambaSamAccount, posixAccount and courierMailAccount. > If you want your script to be flexible enough to provide all possible > options, > you'll end up writing a very complex script. But good luck anyway ;-) > > Ruben Primarily, my aim is to keep it simple, do the basics, thats the itch that needs scratching for me at the moment. It could be the base of a more encompassing management system, but that would be a different project. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: LDAP/nss_ldap adduser script
On Wed, Jul 27, 2005 at 10:39:14AM +0100, [EMAIL PROTECTED] typed: > Hi all, > >I've been using an ldap directory for quite a while now for my network > logins, and love it. Problem is, it can be quite cumbersome to work > with, any ldap clients I have looked at are either very sketchy or > overly cumbersome for simple tasks (adding/removing users etc.), and > ldif file format is a major pain to work with. > > My first question is - is anyone aware of a good light and stable ldap > client that is easy to setup and use. My own research suggests no, which > leads onto my proposal - > > I'm planning on writing a few basic scripts for working with the system > - a 'ldap_adduser', 'ldap_rmuser' etc. Nothing major, not a full suite > of utilities, just the basics to make life a little easier. > > I've had a look at the adduser script and it should be straight forward > enough to tailer to this purpose, and I can't see any difficulties in > writing them - check /etc/ldap.conf for the location of the users & > groups, pops the details into an ldif and runs it through the ldap > client. The one thing I am not sure about is getting the next available > uid number, but I'm sure the answer will become apparent. > > So before I get into the meat of this, I wanted to check if anyone has > any suggestions or comments. Well, how would you go about determining the default user's set of objectclasses and attributes? e.g. we have in our ldap users with different combinations of sambaSamAccount, posixAccount and courierMailAccount. If you want your script to be flexible enough to provide all possible options, you'll end up writing a very complex script. But good luck anyway ;-) Ruben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
LDAP/nss_ldap adduser script
Hi all, I've been using an ldap directory for quite a while now for my network logins, and love it. Problem is, it can be quite cumbersome to work with, any ldap clients I have looked at are either very sketchy or overly cumbersome for simple tasks (adding/removing users etc.), and ldif file format is a major pain to work with. My first question is - is anyone aware of a good light and stable ldap client that is easy to setup and use. My own research suggests no, which leads onto my proposal - I'm planning on writing a few basic scripts for working with the system - a 'ldap_adduser', 'ldap_rmuser' etc. Nothing major, not a full suite of utilities, just the basics to make life a little easier. I've had a look at the adduser script and it should be straight forward enough to tailer to this purpose, and I can't see any difficulties in writing them - check /etc/ldap.conf for the location of the users & groups, pops the details into an ldif and runs it through the ldap client. The one thing I am not sure about is getting the next available uid number, but I'm sure the answer will become apparent. So before I get into the meat of this, I wanted to check if anyone has any suggestions or comments. Cheers, Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Adduser script
Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. joeandlane#:ROOT> ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Message: 3 Date: Sat, 17 Jul 2004 16:21:16 -0500 From: uidzero <[EMAIL PROTECTED]> Subject: Re: Root fs full -> free space always below 0 To: epilogue <[EMAIL PROTECTED]>, FreeBSD-Questions <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii; format=flowed epilogue wrote: On Sat, 17 Jul 2004 14:37:29 -0500 uidzero <[EMAIL PROTECTED]> wrote: Peter Schuller wrote: Hello, so during a portupgrade on my laptop the root fs, with soft updates enabled, became full. So I removed a bunch of stuff to make a few gigs available. I checked and df reported more than a gig of free space - so I re-ran portupgrade. Then I noticed it was full again, with df showing a negative amount of free space. I removed even more stuff, and rebooted just incase there were more blocks to be freed. After the reboot df showed a negative amount of space again. So I removed even more data (rm -rf /usr/ports/distfiles) and now I had 115 meg free df claimed. I then re-ran df in quick succession a few times and watched diskspace rapidly decrease to a negative 600 meg or so (note: the decrease was perhaps 150 meg/second, so it cannot have been a process writing data to disk in the background). After a couple more reboots and a manual fsck in single user mode I still have the same problem (on both CURRENT and 5.2.1-RELEASE kernels). What to do? Have you tried editing your ports-supfile and commenting out the "src-all" and the Chinese, German, etc... ports? Just make sure you have all the other ports uncommented. That will save you a lot of space, unless you need them. while this 'will' save space, it will 'almost certainly' break any local /usr/ports/INDEX builds you attempt. Michael -- Michael D. Whities [EMAIL PROTECTED] http://www.one-arm.com -- There are four colors of hats to watch for: Black, White, Grey, and Red. The meanings are: Cracker, Hacker, Guru, and Victim. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Just rebuild the INDEX... ? Michael Adduser script I need to script adding a 100 users on a system each with a random username and password with a max of 6 chars for each So far pw adduser seems to be the best bet as i can use pw.conf . I allso need the user names and passwords mailed to root of course so i know whats been done Terry ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: user organizer / decent adduser script
"Janine C.Buorditez" <[EMAIL PROTECTED]> writes: > is there some tool that organizes a systems users and their uids? and perhaps > updates all files belonging to a user with his/hers new user settings? I don't know of a tool like this. That's probably because it wouldn't be generally useful; to keep backups useful, sysadmins generally bend over backward to avoid changing UIDs or GIDs. If you need to do it once, brute force with find(1) and chown(8) is pretty easy. > also, what about a decent adduser script? enteruser complains about my `ninja' > class which i've set up in login.conf and as default class in pw.conf. also it > doesn't seem to make any use of my defaultshell set to tcsh. adduser(8) handles all of those issues fine in my experience. And it's just a perl script, so for my own specialized needs, I've had no problem just hacking up a customized version. > after a while the directory listing of my /var/mail looks like this: > > total 14 > -rw--- 1 iyun mail 584 Sep 7 13:44 alliance > -rw--- 1 power1006 574 Jun 22 12:49 gunn > -rw--- 1 1011 ninja 594 Aug 27 19:55 iyun > -rw--- 1 sharizan postfix 0 Jun 22 11:41 jasmin > -rw--- 1 janine mail 1470 Sep 17 14:05 janine > -rw--- 1 postfix 10060 Jun 14 01:00 nughaud > -rw--- 1 pgsqlpgsql 0 Sep 6 00:03 pgsql > -rw--- 1 thug ninja 575 Jun 21 21:08 power > -rw--- 1 jasmin ninja 590 Jun 13 16:25 sharizan > -rw--- 1 postfix postfix 578 Jun 21 21:08 thug > > now, this is all a mess. i'm tired of manual cleanups. any ideas people? How did those group names (and user names) change in the first place? I've *never* seen that happen, except when it was something I screwed up myself. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: user organizer / decent adduser script
> Date: Tue, 17 Sep 2002 14:26:03 +0200 > From: Janine C.Buorditez <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: user organizer / decent adduser script > > hi. > > is there some tool that organizes a systems users and their uids? and perhaps > updates all files belonging to a user with his/hers new user settings? > > also, what about a decent adduser script? enteruser complains about my `ninja' > class which i've set up in login.conf and as default class in pw.conf. also it > doesn't seem to make any use of my defaultshell set to tcsh. > > after a while the directory listing of my /var/mail looks like this: > > total 14 > -rw--- 1 iyun mail 584 Sep 7 13:44 alliance > -rw--- 1 power1006 574 Jun 22 12:49 gunn > -rw--- 1 1011 ninja 594 Aug 27 19:55 iyun > -rw--- 1 sharizan postfix 0 Jun 22 11:41 jasmin > -rw--- 1 janine mail 1470 Sep 17 14:05 janine > -rw--- 1 postfix 10060 Jun 14 01:00 nughaud > -rw--- 1 pgsqlpgsql 0 Sep 6 00:03 pgsql > -rw--- 1 thug ninja 575 Jun 21 21:08 power > -rw--- 1 jasmin ninja 590 Jun 13 16:25 sharizan > -rw--- 1 postfix postfix 578 Jun 21 21:08 thug > > now, this is all a mess. i'm tired of manual cleanups. any ideas people? > > thanks. > > -- janine > adduser(8), rmuser(8) ? I've simply scripted around these two utilities. IMHO keeping UIDs/GIDs straight and/or orderly is highly subjective and it's up to *you* to lay it out as you see fit. JB # John Bleichert # http://vonbek.dhs.org/latest.jpg To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
user organizer / decent adduser script
hi. is there some tool that organizes a systems users and their uids? and perhaps updates all files belonging to a user with his/hers new user settings? also, what about a decent adduser script? enteruser complains about my `ninja' class which i've set up in login.conf and as default class in pw.conf. also it doesn't seem to make any use of my defaultshell set to tcsh. after a while the directory listing of my /var/mail looks like this: total 14 -rw--- 1 iyun mail 584 Sep 7 13:44 alliance -rw--- 1 power1006 574 Jun 22 12:49 gunn -rw--- 1 1011 ninja 594 Aug 27 19:55 iyun -rw--- 1 sharizan postfix 0 Jun 22 11:41 jasmin -rw--- 1 janine mail 1470 Sep 17 14:05 janine -rw--- 1 postfix 10060 Jun 14 01:00 nughaud -rw--- 1 pgsqlpgsql 0 Sep 6 00:03 pgsql -rw--- 1 thug ninja 575 Jun 21 21:08 power -rw--- 1 jasmin ninja 590 Jun 13 16:25 sharizan -rw--- 1 postfix postfix 578 Jun 21 21:08 thug now, this is all a mess. i'm tired of manual cleanups. any ideas people? thanks. -- janine To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
