cdist/cdist/conf/type/__user/gencode-remote

143 lines
4.5 KiB
Bash
Executable File

#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
# 2013 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Manage users.
#
#set -x
name="$__object_id"
os="$(cat "$__global/explorer/os")"
state=$(cat "$__object/parameter/state")
# We need to shorten options for both usermod and useradd since on some
# systems (such as *BSD, Darwin) those commands do not handle GNU style long
# options.
shorten_property() {
unset ret
case "$1" in
comment) ret="-c";;
home) ret="-d";;
gid) ret="-g";;
groups) ret="-G";;
password) ret="-p";;
shell) ret="-s";;
uid) ret="-u";;
create-home) ret="-m";;
system) ret="-r";;
esac
echo "$ret"
}
if [ "$state" = "present" ]; then
cd "$__object/parameter"
if grep -q "^${name}:" "$__object/explorer/passwd"; then
for property in *; do
new_value="$(cat "$property")"
unset current_value
file="$__object/explorer/passwd"
case "$property" in
gid)
if $(echo "$new_value" | grep -q '^[0-9][0-9]*$'); then
field=4
else
# We were passed a group name. Compare the gid in
# the user's /etc/passwd entry with the gid of the
# group returned by the group explorer.
gid_from_group=$(awk -F: '{ print $3 }' "$__object/explorer/group")
gid_from_passwd=$(awk -F: '{ print $4 }' "$file")
if [ "$gid_from_group" != "$gid_from_passwd" ]; then
current_value="$gid_from_passwd"
else
current_value="$new_value"
fi
fi
;;
password)
field=2
file="$__object/explorer/shadow"
;;
comment) field=5 ;;
home) field=6 ;;
shell) field=7 ;;
uid) field=3 ;;
create-home) continue;; # Does not apply to user modification
system) continue;; # Does not apply to user modification
state) continue;; # Does not apply to user modification
remove-home) continue;; # Does not apply to user modification
esac
# If we haven't already set $current_value above, pull it from the
# appropriate file/field.
if [ -z "$current_value" ]; then
export field
current_value="$(awk -F: '{ print $ENVIRON["field"] }' < "$file")"
fi
if [ "$new_value" != "$current_value" ]; then
set -- "$@" "$(shorten_property "$property")" \'"$new_value"\'
fi
done
if [ $# -gt 0 ]; then
echo mod >> "$__messages_out"
if [ "$os" = "freebsd" ]; then
echo pw usermod "$@" -n "$name"
else
echo usermod "$@" "$name"
fi
else
true
fi
else
echo add >> "$__messages_out"
for property in *; do
[ "$property" = "state" ] && continue
[ "$property" = "remove-home" ] && continue
new_value="$(cat "$property")"
if [ -z "$new_value" ];then # Boolean values have no value
set -- "$@" "$(shorten_property "$property")"
else
set -- "$@" "$(shorten_property "$property")" \'"$new_value"\'
fi
done
if [ "$os" = "freebsd" ]; then
echo pw useradd "$@" -n "$name"
else
echo useradd "$@" "$name"
fi
fi
else
if grep -q "^${name}:" "$__object/explorer/passwd"; then
#user exists, but state != present, so delete it
if [ -f "$__object/parameter/remove-home" ]; then
echo userdel -r "${name}"
else
echo userdel "${name}"
fi
fi
fi