[PC-BSD Commits] r18393 - pcbsd/current/src-sh/pc-adctl/scripts
svn at pcbsd.org
svn at pcbsd.org
Thu Aug 9 20:53:05 PDT 2012
Author: johnh
Date: 2012-08-10 03:52:49 +0000 (Fri, 10 Aug 2012)
New Revision: 18393
Modified:
pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap
Log:
This is nearly complete.
Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap 2012-08-09 15:32:45 UTC (rev 18392)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap 2012-08-10 03:52:49 UTC (rev 18393)
@@ -97,6 +97,7 @@
return 1
fi
+ chmod 644 "${dst}"
return 0
}
@@ -116,10 +117,14 @@
-c -m "^HOST=$(ldap_get hostname)" \
-c -m "^BASE=$(ldap_get basedn)" \
-o "${tmp}"
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
local em=$(ldap_get encryption_mode)
case "${em}" in
@@ -129,10 +134,14 @@
-c -m "^TLS_CACERT=$(ldap_get tls_cacertfile)" \
-c -m "^TLS_REQCERT=allow" \
-o "${tmp}"
- if ! [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
;;
on)
@@ -142,10 +151,14 @@
-c -m "^TLS_CACERT=$(ldap_get tls_cacertfile)" \
-c -m "^TLS_REQCERT=allow" \
-o "${tmp}"
- if ! [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
;;
esac
@@ -156,6 +169,7 @@
{
local tmp
local conf="${NSS_LDAP_CONF}"
+ local secret="${NSS_LDAP_SECRET}"
local host=$(ldap_get hostname)
local basedn=$(ldap_get basedn)
@@ -174,7 +188,7 @@
local cmd="${NSSLDAPCONF}"
if [ -f "${conf}" ]
then
- cmd="${cmd} -f ${conf}"
+ cmd="${NSSLDAPCONF} -f ${conf}"
fi
tmp=$(mktemp /tmp/tmp.XXXXXX)
@@ -185,11 +199,17 @@
-c -m "^pam_password=${pwencryption}" \
-c -t "^nss_override_attribute_value=loginShell=/bin/sh" \
-o "${tmp}"
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
+ cmd="${NSSLDAPCONF} -f ${conf}"
+
tmp=$(mktemp /tmp/tmp.XXXXXX)
if [ -z "${usersuffix}" ]
then
@@ -197,10 +217,14 @@
else
${cmd} -c -m "^nss_base_passwd=${usersuffix},${basedn}" -o "${tmp}"
fi
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
tmp=$(mktemp /tmp/tmp.XXXXXX)
if [ -z "${groupsuffix}" ]
@@ -209,10 +233,14 @@
else
${cmd} -c -m "^nss_base_group=${groupsuffix},${basedn}" -o "${tmp}"
fi
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
if [ "${encryption_mode}" = "start_tls" ]
then
@@ -221,10 +249,14 @@
-c -m "^ssl=${encryption_mode}" \
-c -m "^tls_cacertfile=${certfile}" \
-o "${tmp}"
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
elif [ "${encryption_mode}" = "on" ]
then
@@ -234,10 +266,14 @@
-c -m "^ssl=${encryption_mode}" \
-c -m "^tls_cacertfile=${certfile}" \
-o "${tmp}"
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
fi
for opt in ${options}
@@ -251,13 +287,23 @@
for v in ${val}
do
n=$((n + 1))
- tmp="${tv}${v}="
+ tv="${tv}${v}="
done
if [ "${n}" = "1" ]
then
- ${cmd} -c -m "^${var}=${val}"
+ tmp=$(mktemp /tmp/tmp.XXXXXX)
+ ${cmd} -c -m "^${var}=${val}" -o "${tmp}"
+ if [ "$?" != "0" ]
+ then
+ return 1
+ fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
+
elif [ "${n}" -gt "1" ]
then
tmp=$(mktemp /tmp/tmp.XXXXXX)
@@ -265,10 +311,14 @@
tv=$(echo "${tv}"|sed -E 's|=$||')
${cmd} -c -t "^${var}=${tv}" -o "${tmp}"
- if [ "$?" != "0" -o ! $(safe_save "${tmp}" "${conf}") ]
+ if [ "$?" != "0" ]
then
return 1
fi
+ if ! safe_save "${tmp}" "${conf}"
+ then
+ return 1
+ fi
fi
done
More information about the Commits
mailing list