-
Côme Bernigaud authorede6bf8257
#!/usr/bin/perl######################################################################### fusiondirectory-insert-schema -- insert schema needed into the ldap server## Copyright (C) 2011-2013 FusionDirectory project## This program is free software: you can redistribute it and/or modify# it under the terms of the GNU General Public License as published by# the Free Software Foundation, either version 2 of the License, or# (at your option) any later version.## This program is distributed in the hope that it will be useful,# but WITHOUT ANY WARRANTY; without even the implied warranty of# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the# GNU General Public License for more details.## You should have received a copy of the GNU General Public License# along with this program. If not, see <http://www.gnu.org/licenses/>########################################################################use strict;use warnings;use 5.008;my $ldap_host_options = '-Y EXTERNAL -H ldapi:///';my $path = "/etc/ldap/schema/fusiondirectory/";my $full_cmd = "";my $schema2ldif = "schema2ldif";my $listschemas = 0;my $modify = 0;my $schemalist = 0;my $pathunset = 1;my @schemas = ();my @gen_files = ();foreach my $arg ( @ARGV ) { if (not defined $ldap_host_options) { $ldap_host_options = $arg; } elsif ((lc($arg) eq '-i') || (lc($arg) eq '--insert')) { if ($schemalist) { usage(); } $schemalist = 1; } elsif ((lc($arg) eq '-l') || (lc($arg) eq '--list')) { $listschemas = 1; } elsif ((lc($arg) eq '-m') || (lc($arg) eq '--modify')) { if ($schemalist) { usage(); } $modify = 1; $schemalist = 1; } elsif ((lc($arg) eq '-o') || (lc($arg) eq '--options')) { undef $ldap_host_options; } elsif ((lc($arg) eq '-h') || (lc($arg) eq '--help')) { usage(); } elsif ($schemalist) { if ($arg =~ /(.*).ldif/) { # ignore ".ldif" if it is there push @schemas, $1; } elsif ($arg =~ /(.*).schema/) { if (system("$schema2ldif $arg > $1.ldif") == 0) { push @schemas, $1; push @gen_files, $1; } else { die_with_error("Something went wrong while trying to convert $arg to ldif\n"); } } else {7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
push @schemas, $arg;
}
} elsif ($pathunset) {
$path = $arg."/";
$pathunset = 0;
} else {
usage();
}
}
# if --options is used with no value
usage () if (not defined $ldap_host_options);
# die if user is not "root"
die_with_error ("! You have to run this script as root\n") if ($<!=0);
my $add_cmd = "ldapadd $ldap_host_options -f ";
my $mod_cmd = "ldapmodify $ldap_host_options -f ";
my $ldapsearch = "ldapsearch $ldap_host_options ";
my $search_cmd = $ldapsearch." -b \"cn=schema,cn=config\" cn={*}";
my $list_cmd = $search_cmd."* cn 2>/dev/null";
my $cnconfig_cmd = $ldapsearch." -b \"cn=config\" cn=config dn 2>/dev/null | grep dn:";
if ($listschemas) {
list_schemas();
exit 0;
}
# die if the path doesn't exists
die_with_error ("! $path doesn't seems to exists\n") if (!-e $path);
#die if we are not in cn=config
my $cnconfig = `$cnconfig_cmd`;
if (!($cnconfig =~ m/^dn:\s*cn=config$/)) {
die_with_error ("! This tool is only intended to be with with a cn=config backend, cn=config could not be found in the LDAP");
}
if (scalar(@schemas) == 0) {
# insert the default schemas
@schemas = ("samba","core-fd","core-fd-conf","ldapns","recovery-fd");
foreach my $schema (@schemas) {
if (system("$schema2ldif $path$schema.schema > $path$schema.ldif") == 0) {
push @gen_files, $path.$schema;
} else {
die_with_error ("Something went wrong while trying to convert $path$schema.schema to ldif\n");
}
}
} elsif ($pathunset) {
$path = "";
}
foreach my $schema (@schemas) {
my $schema_name = "";
# Searching schema name in ldif file first line.
open FILE, '< '.$path.$schema.".ldif" or die "Count not open ldif file : $!\n";
my $dn = "";
while ($dn eq "") {
chomp($dn = <FILE>);
}
if ($dn =~ /^dn: cn=([^,]+),/) {
$schema_name = $1;
}
close(FILE);
# Fallback on file name
if ($schema_name eq "") {
$schema_name = $schema;
$schema_name =~ s|^.*/||;
}
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
insert_schema($schema, $schema_name);
}
remove_ldifs();
sub insert_schema
{
my($schema, $schema_name) = @_;
$full_cmd = $search_cmd.$schema_name." cn";
print ("\n");
my $search = `$full_cmd`;
if ($search !~ /# numEntries: 1/m) {
if ($modify) {
print "$schema_name does not exists in the LDAP, skipping…\n";
} else {
# if the schema doesn't already exists in the LDAP server, adding it
$full_cmd = $add_cmd.$path.$schema.".ldif";
print "executing '$full_cmd'\n";
if (system ($full_cmd) != 0) {
die_with_error ("Insertion failed!\n");
}
}
} else {
if ($modify) {
if ($search !~ m/dn: ([^,]+),cn=schema,cn=config/) {
print "Could not parse existing dn for $schema_name, skipping…\n";
return;
}
my $dn_part = $1;
# if the schema already exists in the LDAP server, modify it
open(SCHEMA, "<".$path.$schema.".ldif") or die_with_error('Could not open '."<".$path.$schema.".ldif: $!");
open(UPDATE, ">".$path.$schema."_update.ldif") or die_with_error('Could not open '.">".$path.$schema."_update.ldif: $!");
push @gen_files, $path.$schema."_update";
my $attrs = 0;
my $classes = 0;
while (<SCHEMA>) {
next if m/^#/; # remove comments
chomp;
next if m/^$/; # remove empty lines
if (m/^dn: cn=([^,]+),cn=schema,cn=config$/) {
print UPDATE "dn: $dn_part,cn=schema,cn=config\n";
print UPDATE "changetype: modify\n";
next;
}
if (!m/^olcAttributeTypes:/ && !m/^olcObjectClasses:/ && !m/^ /) {
#skip cn, objectClass, …
next;
}
if (!$attrs && $classes) {
die "Malformed schema\n";
}
if (!$attrs && m/^olcAttributeTypes:/) {
$attrs = 1;
print UPDATE "replace: olcAttributeTypes\n";
}
if (!$classes && m/^olcObjectClasses:/) {
$classes = 1;
print UPDATE "-\n";
print UPDATE "replace: olcObjectClasses\n";
}
print UPDATE;
print UPDATE "\n";
}
close SCHEMA;
211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280
close UPDATE;
$full_cmd = $mod_cmd.$path.$schema."_update.ldif";
print "executing '$full_cmd'\n";
if (system ($full_cmd) != 0) {
die_with_error ("Insertion failed!\n");
}
} else {
print "$schema_name already exists in the LDAP, skipping…\n";
}
}
}
sub remove_ldifs
{
foreach my $file (@gen_files) {
unlink "$file.ldif" or print "Could not delete $file.ldif\n";
}
}
sub die_with_error
{
my ($error) = @_;
remove_ldifs();
die $error;
}
sub list_schemas
{
my @schemas = `$list_cmd`;
foreach my $schema (@schemas) {
if ($schema =~ m/cn:\s*{[0-9]+}(.*)$/) {
print "$1\n";
}
}
}
sub usage
{
(@_) && print STDERR "\n@_\n\n";
print STDERR << "EOF";
usage: $0 [-h] [-l] [-o options] [path] [-i|-m schema1 schema2 …]
-h, --help : this (help) message
path : where to find the schemas
-i, --insert : specify the schemas to insert
-l, --list : list inserted schemas
-m, --modify : modify exising inserted schemas
-o, --options : set ldap options used (default is -Y EXTERNAL -H ldapi:///)
EOF
exit -1;
}
exit 0;
=head1 NAME
fusiondirectory-insert-schema - insert schema needed by FusionDirectory into the ldap server
=head1 SYNOPSIS
fusiondirectory-insert-schema [<path of your schema files>] [-l] [-i|-m schema1 schema2]
=head1 DESCRIPTION
This program will insert the schema needed by FusionDirectory into the ldap server
If -i is specified, insert the given list of schemas instead of the default list
If -m is specified, insert the given list of schemas, replacing already inserted versions of those schemas
If -l is specified, list inserted schemas
281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324
=head1 EXAMPLES
fusion@catbert$ fusiondirectory-insert-schema
Insert the core schemas in your LDAP directory
fusion@catbert$ fusiondirectory-insert-schema -i /etc/ldap/otherschema/myschema.ldif
Insert the schema /etc/ldap/otherschema/myschema.ldif
fusion@catbert$ fusiondirectory-insert-schema -i /etc/ldap/otherschema/myschema.schema
Convert /etc/ldap/otherschema/myschema.schema to ldif and insert it
fusion@catbert$ fusiondirectory-insert-schema -i myschema
Insert the schema myschema.ldif from working directory
fusion@catbert$ fusiondirectory-insert-schema -m /etc/ldap/otherschema/myschema.schema
Convert /etc/ldap/otherschema/myschema.schema to ldif and replace the existing schema by this one
=head1 BUGS
Please report any bugs, or post any suggestions, to the fusiondirectory mailing list fusiondirectory-users or to
<https://forge.fusiondirectory.org/projects/fdirectory/issues/new>
=head1 AUTHOR
Come Bernigaud
=head1 LICENCE AND COPYRIGHT
This code is part of FusionDirectory <http://www.fusiondirectory.org>
=over 1
=item Copyright (C) 2011-2013 FusionDirectory Project
=back
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
=cut