def _add_all_ldap(users, dumps, connection, shell = "/bin/bash"): for user, dumps in zip(users, dumps): dn = "uid={0},{1}".format(user["account_name"], OCF_DN) attrs = { "objectClass": ["ocfAccount", "account", "posixAccount"], "cn": [user["owner"]], "uid": [user["account_name"]], "uidNumber": [str(user["uid_number"])], "gidNumber": [str(getgrnam("ocf").gr_gid)], "homeDirectory": [home_dir(user["account_name"])], "loginShell": [shell], "mail": [user["email"]], "userPassword": [str("{SASL}" + user["account_name"] + "@OCF.BERKELEY.EDU")] } if not user["is_group"]: if "university_uid" in user: attrs["calnetUid"] = [str(user["university_uid"])] else: raise KeyError("User does not have university uid set") else: if "university_uid" in user: attrs["callinkOid"] = [str(user["university_uid"])] # Enter it into LDAP ldif = ldap.modlist.addModlist(attrs) try: connection.add_s(dn, ldif) except ldap.ALREADY_EXISTS: print("LDAP account already exists", file = sys.stderr) # Invalidate the local cache so we can chown their files later # (this is probably not necessary since nscd won't cache "DNE" responses) check_call(["nscd", "-i", "passwd"], stderr=open(os.devnull, "w"))
def _rm_home_dir(user): # Probably want to copy their homedir to a tmp directory...or maybe # we can just forgo the dump/add paradigm for files try: shutil.rmtree(home_dir(user["account_name"])) except OSError as e: if e.errno != errno.ENOENT: raise e
def _add_forward(user, dump = None): if dump is None and user["forward"]: forward = os.path.join(home_dir(user["account_name"]), ".forward") tmp = tempfile.mkstemp()[1] with open(tmp, "w") as f: f.write(user["email"] + "\n") check_call( ["sudo", "install", "--group=ocf", "--owner=" + user["account_name"], tmp, forward], stdout = sys.stderr )
def _add_home_dir(user, dump = None): # Probably want to copy their homedir to a tmp directory...or maybe # we can just forgo the dump/add paradigm for files home = home_dir(user["account_name"]) check_call( ["sudo", "install", "-d", "--mode=0700", "--group=ocf", "--owner=" + user["account_name"], home], stdout = sys.stderr ) if dump is None: for name in [".cshrc", ".bashrc", ".bash_profile", ".bash_logout"]: path = os.path.join(os.path.dirname(__file__), "rc", name) check_call( ["sudo", "install", "--mode=0600", "--group=ocf", "--owner=" + user["account_name"], path, home], stdout = sys.stderr )