diff options
Diffstat (limited to 'source4/setup')
-rwxr-xr-x | source4/setup/provision | 216 |
1 files changed, 175 insertions, 41 deletions
diff --git a/source4/setup/provision b/source4/setup/provision index 406473f050..b01ec97a86 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -5,7 +5,7 @@ Released under the GNU GPL v2 or later */ -var options = new Object(); +options = new Object(); ok = GetOptions(ARGV, options, "POPT_AUTOHELP", "POPT_COMMON_SAMBA", @@ -46,6 +46,142 @@ function message(s) } /* + find a username from a list of possibilities +*/ +function finduser() +{ + var i, name = arguments[0]; + if (options[name] != undefined) { + return options[name]; + } + for (i=1;i<arguments.length;i++) { + if (getpwnam(arguments[i]) != undefined) { + return arguments[i]; + } + } + println("Unable to find user for " + name); + exit(1); +} + +/* + find a group from a list of possibilities +*/ +function findgroup() +{ + var i, name = arguments[0]; + if (options[name] != undefined) { + return options[name]; + } + for (i=1;i<arguments.length;i++) { + if (getgrnam(arguments[i]) != undefined) { + return arguments[i]; + } + } + println("Unable to find group for " + name); + exit(1); +} + +/* + return a variable substitution +*/ +function sub_callback(key) +{ + var lkey = strlower(key); + if (options[lkey] != undefined) { + return options[lkey]; + } + println(key); + return "NOTFOUND{" + key + "}"; +} + + +/* + add a foreign security principle + */ +function add_foreign(str, sid, desc, unixname) +{ + return str + " +dn: CN=$sid,CN=ForeignSecurityPrincipals,${BASEDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: $sid +description: $desc +instanceType: 4 +whenCreated: ${LDAPTIME} +whenChanged: ${LDAPTIME} +uSNCreated: 1 +uSNChanged: 1 +showInAdvancedViewOnly: TRUE +name: $sid +objectGUID: ${NEWGUID} +objectSid: $sid +objectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration,${BASEDN} +unixName: $unixname + +"; +} + +/* + generate a random guid +*/ +function randguid() +{ + return "009876-7656"; +} + +/* + generate a random sid +*/ +function randsid() +{ + return "1-2-3"; +} + +/* + generate a random password +*/ +function randpass() +{ + return "penguin"; +} + +/* + return current time as a nt time string +*/ +function nttime() +{ + return "1st Feb"; +} + +/* + substitute strings of the form ${NAME} in str, replacing + with substitutions from subobj +*/ +function substitute_var(str) +{ + var list = split("${", str); + var i; + for (i=1;i<list.length;i++) { + var list2 = split("}", list[i]); + if (list2.length < 2) { + return undefined; + } + var key = list2[0]; + if (typeof(subobj[key]) == "string") { + list2[0] = subobj[key]; + } else { + println("KEY=" + key); + var fn = subobj[key]; + list2[0] = fn(); + println("list2fn=" + list2[0]); + } + list[i] = join("", list2); + println("XXX[" + key + "]=" + list[i]); + } + return join("", list); +} + +/* show some help */ function ShowHelp() @@ -88,8 +224,6 @@ if (options["realm"] == undefined || ShowHelp(); } -printVars(options); - options.realm = strlower(options.realm); options['host-name'] = strlower(options['host-name']); options.domain = strupper(options.domain); @@ -102,49 +236,49 @@ if (options.hostip == undefined) { message("Provisioning for " + options.domain + " in realm " + options.realm); -if (options["root"] == undefined) { - options.root = "root"; -} +options.root = finduser("root", "root"); +options.nobody = finduser("nobody", "nobody"); +options.nogroup = findgroup("nogroup", "nogroup", "nobody"); +options.wheel = findgroup("wheel", "wheel", "root"); +options.users = findgroup("users", "users", "guest", "other"); -if (options["nobody"] == undefined) { - if (getpwnam("nobody") != undefined) { - options.nobody = "nobody"; - } -} -printVars(options); -return 0; +options.dnsdomain = strlower(options.realm); +options.dnsname = strlower(options['host-name']) + "." + options.dnsdomain; +options.basedn = "DC=" + join(",DC=", split(".", options.realm)); -/* - -if (!$opt_nogroup) { - if (defined getgrnam("nogroup")) { - $opt_nogroup = "nogroup"; - } elsif (defined getgrnam("nobody")) { - $opt_nogroup = "nobody"; - } +var data = FileLoad("setup/provision.ldif"); +if (data == undefined) { + println("Unable to load provision.ldif"); + exit(1); } -if (!$opt_wheel) { - if (defined getgrnam("wheel")) { - $opt_wheel = "wheel"; - } elsif (defined getgrnam("root")) { - $opt_wheel = "root"; - } +/* + setup the substitution object +*/ +subobj = new Object(); +subobj.DOMAINGUID = randguid(); +subobj.DOMAINSID = randsid(); +subobj.HOSTGUID = randguid(); +subobj.INVOCATIONID = randguid(); +subobj.KRBTGTPASS = randpass(); +subobj.MACHINEPASS = randpass(); +subobj.ADMINPASS = randpass(); +subobj.DEFAULTSITE = "Default-First-Site-Name"; +subobj.NEWGUID = randguid; +subobj.NTTIME = nttime; +for (r in options) { + subobj[strupper(join("", split("-", r)))] = options[r]; } +printVars(subobj); -if (!$opt_users) { - if (defined getgrnam("users")) { - $opt_users = "users"; - } elsif (defined getgrnam("guest")) { - $opt_users = "guest"; - } elsif (defined getgrnam("other")) { - $opt_users = "other"; - } -} +data = add_foreign(data, "S-1-5-7", "Anonymous", "${NOBODY}"); +data = add_foreign(data, "S-1-1-0", "World", "${NOGROUP}"); +data = add_foreign(data, "S-1-5-2", "Network", "${NOGROUP}"); +data = add_foreign(data, "S-1-5-18", "System", "${ROOT}"); +data = add_foreign(data, "S-1-5-11", "Authenticated Users", "${USERS}"); -$opt_nobody || die "Unable to determine a user for 'nobody'\n"; -$opt_nogroup || die "Unable to determine a group for 'nogroup'\n"; -$opt_users || die "Unable to determine a group for 'users'\n"; -$opt_wheel || die "Unable to determine a group for 'wheel'\n"; -*/ +newdata = substitute_var(data); + +print(newdata); +return 0; |