/[pdpsoft]/trunk/nl.nikhef.ndpf.tools/mkgroup-sshlpk/mkhomedir-sshlpk
ViewVC logotype

Annotation of /trunk/nl.nikhef.ndpf.tools/mkgroup-sshlpk/mkhomedir-sshlpk

Parent Directory Parent Directory | Revision Log Revision Log

Revision 387 - (hide annotations) (download)
Wed Jun 3 08:50:07 2009 UTC (12 years, 11 months ago) by davidg
File size: 1735 byte(s) 
Added homedir ssh creation capability
1 davidg 387 #! /usr/bin/perl -w
2     #
3     # @(#)$Id$
4     #
5     use strict;
6    
7     use POSIX;
8     use Getopt::Long qw(:config no_ignore_case bundling);
9     use Net::LDAP qw(:all); # for all code
10     use Net::LDAP::Util qw(ldap_error_name
11     ldap_error_text); # for error handling
12    
13     my $verb=0;
14     my $ldapurl="ldaps://teugel.nikhef.nl/";
15     my $ldapbase="ou=LocalUsers,dc=farmnet,dc=nikhef,dc=nl";
16     my $def_uidldapfilter = '(&(authorizedService=sshd)(sshPublicKey=*))';
17    
18     my $ldap = Net::LDAP->new( $ldapurl, timeout=>20 );
19     $ldap or die "Cannot contact remote server at $ldapurl: $!\n".
20     " LDAP status: ".$ldap->error."\n";
21    
22    
23     my $results=$ldap->search(
24     base=>$ldapbase,
25     scope=>"sub",
26     filter=>$def_uidldapfilter
27     );
28     $results->code and die "Search failed: ".$results->error."\n";
29     $results->count() or die "No matching entries found, exiting\n";
30    
31     my @listentries=$results->entries;
32    
33     foreach my $entry ( @listentries ) {
34     my $uid = $entry->get_value("uid");
35     my $homeDirectory = $entry->get_value("homeDirectory");
36    
37     # only write down the ssh keys if the homedir and user exist
38     -d $homeDirectory or next;
39     (my $uidNumber = (getpwnam($uid))[2]) or next;
40    
41     -d "${homeDirectory}/.ssh" or mkdir "${homeDirectory}/.ssh", 0755;
42     -f "${homeDirectory}/.ssh/authorized_keys" or do {
43     my $FH;
44     sysopen($FH, "${homeDirectory}/.ssh/authorized_keys", O_RDWR|O_CREAT|O_EXCL,0644) or
45     die "Cannot create authorized_keys file for uid $uid: $_\n";
46     close($FH);
47     chown $uidNumber, 0, "${homeDirectory}/.ssh/authorized_keys";
48     print "Created ssh authorized keys file for $uid\n";
49     };
50    
51     system("mkgroup-sshlpk -o '${homeDirectory}/.ssh/authorized_keys' --uid '$uid'");
52     }
53    
grid.support@nikhef.nl
 ViewVC Help
Powered by ViewVC 1.1.28