-#! /bin/bash
-#
-# $Id$
-#
-# Configure LDAP for GForge
-# Christian Bayle, Roland Mas
-# Initially written for debian-sf (Sourceforge for Debian)
-# Adapted as time went by for Gforge
-
-set -e
-
-if [ "$GFORGEDEBUG" != 1 ] ; then
- DEVNULL12="> /dev/null 2>&1"
- DEVNULL2="2> /dev/null"
-else
- set -x
-fi
-
-if [ $(id -u) != 0 -a "x$1" != "xlist" ] ; then
- echo "You must be root to run this, please enter passwd"
- exec su -c "$0 $1"
-fi
-
-PATH=$PATH:/usr/sbin
-
-setup_vars() {
- db_host=$(grep ^db_host= /etc/gforge/gforge.conf | cut -d= -f2-)
- db_name=$(grep ^db_name= /etc/gforge/gforge.conf | cut -d= -f2-)
- db_user=$(grep ^db_user= /etc/gforge/gforge.conf | cut -d= -f2-)
- db_password=$(grep ^db_password= /etc/gforge/gforge.conf | cut -d= -f2-)
-
- tmpfile_pattern=/tmp/$(basename $0).XXXXXX
-}
-
-# Should I do something for /etc/pam_pgsql.conf ?
-modify_pam_pgsql(){
- echo -n
- # echo "Nothing to do"
-}
-
-# Check/Modify /etc/libnss-ldap.conf
-configure_libnss_pgsql(){
- cat > /etc/nss-pgsql.conf.gforge-new <<EOF
-### NSS Configuration for Gforge
-
-#----------------- DB connection
-connectionstring = user=gforge_nss password=gforge_nss dbname=gforge
-
-#----------------- NSS queries
-getpwnam = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd WHERE login = \$1
-getpwuid = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd WHERE uid = \$1
-#allusers = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd
-getgroupmembersbygid = SELECT login AS username FROM nss_passwd WHERE gid = \$1
-getgrnam = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups WHERE name = \$1
-getgrgid = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups WHERE gid = \$1
-#allgroups = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups
-groups_dyn = SELECT ug.gid FROM nss_usergroups ug, nss_passwd p WHERE ug.uid = p.uid AND p.login = \$1 AND ug.gid <> \$2
-EOF
- cat > /etc/nss-pgsql-root.conf.gforge-new <<EOF
-### NSS Configuration for Gforge
-
-#----------------- DB connection
-shadowconnectionstring = user=gforge_nss password=gforge_nss dbname=gforge
-
-#----------------- NSS queries
-shadowbyname = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn, '' AS shadow_inact, '' AS shadow_expire, '' AS shadow_flag FROM nss_passwd WHERE login = $1
-shadow = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn, '' AS shadow_inact, '' AS shadow_expire, '' AS shadow_flag FROM nss_passwd
-EOF
-
- chmod 644 /etc/nss-pgsql.conf.gforge-new
- chmod 600 /etc/nss-pgsql-root.conf.gforge-new
- chown root:root /etc/nss-pgsql-root.conf.gforge-new
-}
-
-# Purge /etc/nss-pgsql.conf
-purge_libnss_pgsql(){
- echo -n > /etc/nss-pgsql.conf.gforge-new
- echo -n > /etc/nss-pgsql-root.conf.gforge-new
-}
-
-# Modify /etc/nsswitch.conf
-configure_nsswitch()
-{
- cp -a /etc/nsswitch.conf /etc/nsswitch.conf.gforge-new
- # This is sensitive file
- # By security i let priority to files
- # Should maybe enhance this to take in account nis
- # Maybe ask the order db/files/nis/pgsql
- if ! grep -q '^passwd:.*pgsql' /etc/nsswitch.conf.gforge-new ; then
- perl -pi -e "s/^(passwd:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new
- fi
- if ! grep -q '^group:.*pgsql' /etc/nsswitch.conf.gforge-new ; then
- perl -pi -e "s/^(group:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new
- fi
- if ! grep -q '^shadow:.*pgsql' /etc/nsswitch.conf.gforge-new ; then
- perl -pi -e "s/^(shadow:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new
- fi
-}
-
-# Purge /etc/nsswitch.conf
-purge_nsswitch()
-{
- cp -a /etc/nsswitch.conf /etc/nsswitch.conf.gforge-new
- perl -pi -e "s/^[^\n]*#Added by GForge install\n//" /etc/nsswitch.conf.gforge-new
- perl -pi -e "s/#Comment by GForge install#//" /etc/nsswitch.conf.gforge-new
-}
-
-# Main
-case "$1" in
- configure-files)
- setup_vars
- # echo "Modifying /etc/nss-pgsql.conf and /etc/nss-pgsql-root.conf"
- configure_libnss_pgsql
- # echo "Modifying /etc/nsswitch.conf"
- configure_nsswitch
- ;;
- configure)
- ;;
- purge-files)
- setup_vars
- # echo "Purging /etc/nsswitch.conf"
- purge_nsswitch
- # echo "Purging /etc/nss-pgsql.conf and /etc/nss-pgsql-root.conf"
- purge_libnss_pgsql
- ;;
- test|check)
- setup_vars
- check_server
- ;;
- setup)
- $0 configure-files
- $0 configure
- cp /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-old
- cp /etc/nss-pgsql-root.conf /etc/nss-pgsql-root.conf.gforge-old
- cp /etc/nsswitch.conf.gforge /etc/nsswitch.conf.gforge-old
- mv /etc/nss-pgsql.conf.gforge-new /etc/nss-pgsql.conf
- mv /etc/nss-pgsql-root.conf.gforge-new /etc/nss-pgsql-root.conf
- mv /etc/nsswitch.conf.gforge-new /etc/nsswitch.conf
- ;;
- cleanup)
- $0 purge-files
- cp /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-old
- cp /etc/nss-pgsql-root.conf /etc/nss-pgsql-root.conf.gforge-old
- cp /etc/nsswitch.conf.gforge /etc/nsswitch.conf.gforge-old
- mv /etc/nss-pgsql.conf.gforge-new /etc/nss-pgsql.conf
- mv /etc/nss-pgsql-root.conf.gforge-new /etc/nss-pgsql-root.conf
- mv /etc/nsswitch.conf.gforge-new /etc/nsswitch.conf
- ;;
- *)
- echo "Usage: $0 {configure|configure-files|purge-files|test|setup|cleanup}"
- exit 1
- ;;
-esac
+#! /bin/bash\r
+#\r
+# $Id: install-nsspgsql.sh 6586 2008-08-15 21:28:43Z cbayle $\r
+#\r
+# Configure LDAP for GForge\r
+# Christian Bayle, Roland Mas\r
+# Initially written for debian-sf (Sourceforge for Debian)\r
+# Adapted as time went by for Gforge\r
+\r
+set -e\r
+\r
+if [ "$GFORGEDEBUG" != 1 ] ; then\r
+ DEVNULL12="> /dev/null 2>&1"\r
+ DEVNULL2="2> /dev/null"\r
+else\r
+ set -x\r
+fi\r
+\r
+if [ $(id -u) != 0 -a "x$1" != "xlist" ] ; then\r
+ echo "You must be root to run this, please enter passwd"\r
+ exec su -c "$0 $1"\r
+fi\r
+\r
+PATH=$PATH:/usr/sbin\r
+\r
+setup_vars() {\r
+ db_host=$(grep ^db_host= /etc/gforge/gforge.conf | cut -d= -f2-)\r
+ db_name=$(grep ^db_name= /etc/gforge/gforge.conf | cut -d= -f2-)\r
+ db_user=$(grep ^db_user= /etc/gforge/gforge.conf | cut -d= -f2-)\r
+ db_password=$(grep ^db_password= /etc/gforge/gforge.conf | cut -d= -f2-)\r
+ \r
+ db_user_nss=$db_user"_nss"\r
+\r
+ tmpfile_pattern=/tmp/$(basename $0).XXXXXX\r
+}\r
+\r
+# Should I do something for /etc/pam_pgsql.conf ?\r
+modify_pam_pgsql(){\r
+ echo -n\r
+ # echo "Nothing to do"\r
+}\r
+\r
+# Check/Modify /etc/libnss-ldap.conf\r
+configure_libnss_pgsql(){\r
+ cat > /etc/nss-pgsql.conf.gforge-new <<EOF\r
+### NSS Configuration for Gforge\r
+\r
+#----------------- DB connection\r
+connectionstring = hostaddr=127.0.0.1 user=$db_user_nss password=$db_password dbname=$db_name\r
+\r
+#----------------- NSS queries\r
+getpwnam = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd WHERE login = \$1\r
+getpwuid = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd WHERE uid = \$1\r
+#allusers = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd\r
+getgroupmembersbygid = SELECT login AS username FROM nss_passwd WHERE gid = \$1\r
+getgrnam = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups WHERE name = \$1\r
+getgrgid = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups WHERE gid = \$1\r
+#allgroups = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups \r
+groups_dyn = SELECT ug.gid FROM nss_usergroups ug, nss_passwd p WHERE ug.uid = p.uid AND p.login = \$1 AND ug.gid <> \$2\r
+EOF\r
+ cat > /etc/nss-pgsql-root.conf.gforge-new <<EOF\r
+### NSS Configuration for Gforge\r
+\r
+#----------------- DB connection\r
+shadowconnectionstring = user=gforge_nss password=$db_password dbname=$db_name\r
+\r
+#----------------- NSS queries\r
+shadowbyname = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn, '' AS shadow_inact, '' AS shadow_expire, '' AS shadow_flag FROM nss_passwd WHERE login = \$1\r
+shadow = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn, '' AS shadow_inact, '' AS shadow_expire, '' AS shadow_flag FROM nss_passwd\r
+EOF\r
+\r
+ chmod 644 /etc/nss-pgsql.conf.gforge-new\r
+ chmod 600 /etc/nss-pgsql-root.conf.gforge-new\r
+ chown root:root /etc/nss-pgsql-root.conf.gforge-new\r
+}\r
+\r
+# Purge /etc/nss-pgsql.conf\r
+purge_libnss_pgsql(){\r
+ echo -n > /etc/nss-pgsql.conf.gforge-new\r
+ echo -n > /etc/nss-pgsql-root.conf.gforge-new\r
+}\r
+\r
+# Modify /etc/nsswitch.conf\r
+configure_nsswitch()\r
+{\r
+ cp -a /etc/nsswitch.conf /etc/nsswitch.conf.gforge-new\r
+ # This is sensitive file\r
+ # By security i let priority to files\r
+ # Should maybe enhance this to take in account nis\r
+ # Maybe ask the order db/files/nis/pgsql\r
+ if ! grep -q '^passwd:.*pgsql' /etc/nsswitch.conf.gforge-new ; then\r
+ perl -pi -e "s/^(passwd:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new\r
+ fi\r
+ if ! grep -q '^group:.*pgsql' /etc/nsswitch.conf.gforge-new ; then\r
+ perl -pi -e "s/^(group:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new\r
+ fi\r
+ if ! grep -q '^shadow:.*pgsql' /etc/nsswitch.conf.gforge-new ; then\r
+ perl -pi -e "s/^(shadow:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new\r
+ fi\r
+}\r
+\r
+# Purge /etc/nsswitch.conf\r
+purge_nsswitch()\r
+{\r
+ cp -a /etc/nsswitch.conf /etc/nsswitch.conf.gforge-new\r
+ perl -pi -e "s/^[^\n]*#Added by GForge install\n//" /etc/nsswitch.conf.gforge-new\r
+ perl -pi -e "s/#Comment by GForge install#//" /etc/nsswitch.conf.gforge-new\r
+}\r
+\r
+# Main\r
+case "$1" in\r
+ configure-files)\r
+ setup_vars\r
+ # echo "Modifying /etc/nss-pgsql.conf and /etc/nss-pgsql-root.conf"\r
+ configure_libnss_pgsql\r
+ # echo "Modifying /etc/nsswitch.conf"\r
+ configure_nsswitch\r
+ ;;\r
+ configure)\r
+ ;;\r
+ purge-files)\r
+ setup_vars\r
+ # echo "Purging /etc/nsswitch.conf"\r
+ purge_nsswitch\r
+ # echo "Purging /etc/nss-pgsql.conf and /etc/nss-pgsql-root.conf"\r
+ purge_libnss_pgsql\r
+ ;;\r
+ test|check)\r
+ setup_vars\r
+ check_server\r
+ ;;\r
+ setup)\r
+ $0 configure-files\r
+ $0 configure\r
+ if [ -f /etc/nss-pgsql.conf ] ; then\r
+ cp /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-old\r
+ fi\r
+ if [ -f /etc/nss-pgsql-root.conf ] ; then\r
+ cp /etc/nss-pgsql-root.conf /etc/nss-pgsql-root.conf.gforge-old\r
+ fi\r
+ if [ -f /etc/nsswitch.conf ] ; then\r
+ cp /etc/nsswitch.conf /etc/nsswitch.conf.gforge-old\r
+ fi\r
+ mv /etc/nss-pgsql.conf.gforge-new /etc/nss-pgsql.conf\r
+ mv /etc/nss-pgsql-root.conf.gforge-new /etc/nss-pgsql-root.conf\r
+ mv /etc/nsswitch.conf.gforge-new /etc/nsswitch.conf\r
+ ;;\r
+ cleanup)\r
+ $0 purge-files\r
+ cp /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-old\r
+ cp /etc/nss-pgsql-root.conf /etc/nss-pgsql-root.conf.gforge-old\r
+ cp /etc/nsswitch.conf.gforge /etc/nsswitch.conf.gforge-old\r
+ mv /etc/nss-pgsql.conf.gforge-new /etc/nss-pgsql.conf\r
+ mv /etc/nss-pgsql-root.conf.gforge-new /etc/nss-pgsql-root.conf\r
+ mv /etc/nsswitch.conf.gforge-new /etc/nsswitch.conf\r
+ ;;\r
+ *)\r
+ echo "Usage: $0 {configure|configure-files|purge-files|test|setup|cleanup}"\r
+ exit 1\r
+ ;;\r
+esac\r