You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 lines
2.2 KiB
68 lines
2.2 KiB
#!/usr/local/bin/perl -w
|
|
|
|
use strict;
|
|
use Net::LDAP;
|
|
use Sys::Hostname;
|
|
use Quota;
|
|
|
|
my $server = 'ldap://ldap.domain.tld';
|
|
my $base = 'dc=domain,dc=tld';
|
|
my $dn = 'cn=quota,ou=DSA,dc=domain,dc=tld';
|
|
my $pass = 'secret';
|
|
|
|
my $ldap = Net::LDAP->new($server) or die "Couldn't connect to $server: $!";
|
|
|
|
$ldap->start_tls(
|
|
verify => 'require',
|
|
cafile => '/etc/pki/tls/certs/ca-bundle.crt');
|
|
|
|
$ldap->bind(
|
|
dn => $dn,
|
|
password => $pass);
|
|
|
|
my $res = $ldap->search(
|
|
base => "ou=People,$base",
|
|
filter => '(objectClass=systemQuotas)',
|
|
attrs => ['uid', 'quota']);
|
|
|
|
$res->code && die "Error while looking for quota entries: " . $res->error;
|
|
|
|
foreach my $entry ($res->entries){
|
|
my $user = $entry->get_value('uid');
|
|
#print "Checking quota for user $user\n";
|
|
foreach my $quota ($entry->get_value('quota')){
|
|
unless ($quota =~ m/^(\/.*):(\d+):(\d+):(\d+):(\d+):(\w+)$/){
|
|
print "$quota doesn't look like a valid quota entry\n";
|
|
next;
|
|
}
|
|
my ($dir,$blksoft,$blkhard,$inodesoft,$inodehard,$fileserver) = ($1, $2, $3, $4, $5, $6);
|
|
my $hostname = hostname;
|
|
unless ($fileserver eq $hostname or $hostname =~ /^$fileserver\..*/){
|
|
print "$quota doesn't match $hostname, skiping\n";
|
|
next;
|
|
}
|
|
unless (-d $dir){
|
|
print "$dir doesn't exists, skiping this rule\n";
|
|
}
|
|
my $uid = getpwnam($user);
|
|
my $dev = Quota::getqcarg($dir);
|
|
Quota::sync($dev);
|
|
if ($!){
|
|
print "Quota are not enabled on $dev, skiping this rule (error is " . Quota::strerr() . "\n";
|
|
next;
|
|
}
|
|
my ($curblk,$curblksoft,$curblkhard,undef,$curinode,$curinodesoft,$curinodehard,undef) =
|
|
Quota::query($dev, $uid);
|
|
#print "User $user is using $curblk out of its $blkhard allowed\n";
|
|
if ($curblksoft ne $blksoft ||
|
|
$curblkhard ne $blkhard ||
|
|
$curinodesoft ne $inodesoft ||
|
|
$curinodehard ne $inodehard){
|
|
print "Quota for user $user on $dir needs to be updated\n";
|
|
Quota::setqlim($dev,$uid,$blksoft,$blkhard,$inodesoft,$inodehard);
|
|
}
|
|
}
|
|
}
|
|
|
|
$ldap->unbind;
|
|
|
|
|