forked from ungleich-public/cdist
cleanup and rewrite
- add new --state parameter and support for deleting groups - add new --system parameter to create system groups if supported by the os - remove special case for legacy redhat/centos versions, they are long gone Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
This commit is contained in:
parent
0cf170b18e
commit
d247f083e8
7 changed files with 93 additions and 93 deletions
|
@ -1,2 +0,0 @@
|
|||
- delete groups
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -22,7 +22,6 @@
|
|||
#
|
||||
|
||||
name=$__object_id
|
||||
os_version="$($__explorer/os_version)"
|
||||
os="$($__explorer/os)"
|
||||
|
||||
if [ "$os" = "freebsd" ]; then
|
||||
|
@ -30,13 +29,4 @@ if [ "$os" = "freebsd" ]; then
|
|||
exit 0
|
||||
fi
|
||||
|
||||
case "$os_version" in
|
||||
"Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
|
||||
# TODO: find a way to get this information
|
||||
echo "$os_version does not have getent gshadow"
|
||||
;;
|
||||
*)
|
||||
getent gshadow "$name" || true
|
||||
;;
|
||||
esac
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
|
@ -23,91 +23,85 @@
|
|||
#
|
||||
|
||||
name="$__object_id"
|
||||
os_version="$(cat "$__global/explorer/os_version")"
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
|
||||
cd "$__object/parameter"
|
||||
if grep -q "^${name}:" "$__object/explorer/group"; then
|
||||
for property in $(ls .); do
|
||||
new_value="$(cat "$property")"
|
||||
# argument to pass the groupmod command for this property (exceptions
|
||||
# are made in the case statement below)
|
||||
proparg="--$property"
|
||||
|
||||
# Use short option names for portability
|
||||
shorten_property() {
|
||||
case "$1" in
|
||||
gid) echo "-g";;
|
||||
password) echo "-p";;
|
||||
system) echo "-r";;
|
||||
esac
|
||||
}
|
||||
|
||||
|
||||
if [ "$state" = "present" ]; then
|
||||
case "$os" in
|
||||
freebsd)
|
||||
supported_add_properties="gid"
|
||||
supported_change_properties="gid"
|
||||
;;
|
||||
*)
|
||||
supported_add_properties="gid password system"
|
||||
supported_change_properties="gid password"
|
||||
;;
|
||||
esac
|
||||
if grep -q "^${name}:" "$__object/explorer/group"; then
|
||||
# change existing
|
||||
for property in $supported_change_properties; do
|
||||
if [ -f "$__object/parameter/$property" ]; then
|
||||
new_value="$(cat "$__object/parameter/$property")"
|
||||
unset current_value
|
||||
case "$property" in
|
||||
password)
|
||||
if [ "$os" = "freebsd" ]; then
|
||||
echo "group/$name: FreeBSD doesn't support password modification" >&2
|
||||
exit 1
|
||||
fi
|
||||
case "$os_version" in
|
||||
"Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
|
||||
# TODO: Use gpasswd? Need to fix gshadow explorer first.
|
||||
echo "group/$name: '$os_version' groupmod does not support password modification" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
current_value="$(awk -F: '{ print $2 }' < "$__object/explorer/gshadow")"
|
||||
current_value="$(awk -F: '{ print $2 }' "$__object/explorer/gshadow")"
|
||||
;;
|
||||
gid)
|
||||
# set to -g to support older redhat/centos
|
||||
proparg="-g"
|
||||
current_value="$(awk -F: '{ print $3 }' < "$__object/explorer/group")"
|
||||
current_value="$(awk -F: '{ print $3 }' "$__object/explorer/group")"
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$new_value" != "$current_value" ]; then
|
||||
set -- "$@" "$proparg" \"$new_value\"
|
||||
set -- "$@" "$(shorten_property $property)" \'$new_value\'
|
||||
echo change $property $new_value $current_value >> "$__messages_out"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
if [ $# -gt 0 ]; then
|
||||
echo mod >> "$__messages_out"
|
||||
case $os in
|
||||
freebsd)
|
||||
echo pw group mod "$@" "$name"
|
||||
;;
|
||||
*)
|
||||
echo groupmod "$@" "$name"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
else
|
||||
echo add >> "$__messages_out"
|
||||
for property in $(ls .); do
|
||||
new_value="$(cat "$property")"
|
||||
if [ "$os" = "freebsd" ]; then
|
||||
case $property in
|
||||
gid)
|
||||
proparg="-g"
|
||||
;;
|
||||
password)
|
||||
echo "group/$name: FreeBSD doesn't support password setting" >&2
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
# The type has been updated to support more properties than it knows how to handle for FreeBSD
|
||||
# tell the user about this.
|
||||
echo "Currently unknown property: $property" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
echo pw groupmod "$@" "$name"
|
||||
else
|
||||
proparg="--$property"
|
||||
echo groupmod "$@" "$name"
|
||||
fi
|
||||
|
||||
set -- "$@" "$proparg" \"$new_value\"
|
||||
echo set $property $new_value >> "$__messages_out"
|
||||
done
|
||||
|
||||
case $os in
|
||||
freebsd)
|
||||
echo mod >> "$__messages_out"
|
||||
fi
|
||||
else
|
||||
# create new
|
||||
for property in $supported_change_properties; do
|
||||
if [ -f "$__object/parameter/$property" ]; then
|
||||
new_value="$(cat "$__object/parameter/$property")"
|
||||
if [ -z "$new_value" ]; then
|
||||
# Boolean parameters have no value
|
||||
set -- "$@" "$(shorten_property $property)"
|
||||
else
|
||||
set -- "$@" "$(shorten_property $property)" \'$new_value\'
|
||||
fi
|
||||
fi
|
||||
if [ "$os" = "freebsd" ]; then
|
||||
echo pw groupadd "$@" "$name"
|
||||
;;
|
||||
*)
|
||||
else
|
||||
echo groupadd "$@" "$name"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
done
|
||||
fi
|
||||
else
|
||||
# delete existing
|
||||
if grep -q "^${name}:" "$__object/explorer/group"; then
|
||||
if [ "$os" = "freebsd" ]; then
|
||||
echo pw groupdel "$name"
|
||||
else
|
||||
echo groupdel "$name"
|
||||
fi
|
||||
echo remove >> "$__messages_out"
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -20,18 +20,28 @@ None.
|
|||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state::
|
||||
absent or present, defaults to present
|
||||
gid::
|
||||
see groupmod(8)
|
||||
password::
|
||||
see above
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
system::
|
||||
see groupadd(8), apply only on group creation
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
mod::
|
||||
group is modified
|
||||
add::
|
||||
New group added
|
||||
remove::
|
||||
group is removed
|
||||
change <property> <new_value> <current_value>::
|
||||
Changed group property from current_value to new_value
|
||||
set <property> <new_value>::
|
||||
|
@ -45,6 +55,12 @@ EXAMPLES
|
|||
# Create a group 'foobar' with operating system default settings
|
||||
__group foobar
|
||||
|
||||
# Remove the 'foobar' group
|
||||
__group foobar --state absent
|
||||
|
||||
# Create a system group 'myservice' with operating system default settings
|
||||
__group myservice --system
|
||||
|
||||
# Same but with a specific gid
|
||||
__group foobar --gid 1234
|
||||
|
||||
|
@ -60,5 +76,5 @@ SEE ALSO
|
|||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2011 Steven Armstrong. Free use of this software is
|
||||
Copyright \(C) 2011-2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
||||
|
|
1
cdist/conf/type/__group/parameter/boolean
Normal file
1
cdist/conf/type/__group/parameter/boolean
Normal file
|
@ -0,0 +1 @@
|
|||
system
|
|
@ -1,2 +1,3 @@
|
|||
gid
|
||||
password
|
||||
state
|
||||
|
|
Loading…
Reference in a new issue