diff --git a/createlinks b/createlinks index 16431cf..c7cc19d 100644 --- a/createlinks +++ b/createlinks @@ -6,8 +6,6 @@ event_link("wpkg-init", "wpkg-update", "20"); event_link("wpkg-init", "ipasserelle-update", "20"); event_link("initialize-default-databases", "wpkg-update", "02"); -templates2events("/home/e-smith/files/shares/tools/files/scripts/session.bat", qw(wpkg-update bootstrap-console-save)); templates2events("/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat", qw(wpkg-update bootstrap-console-save)); -templates2events("/home/e-smith/files/shares/tools/files/scripts/session/conf.bat", qw(wpkg-update bootstrap-console-save)); templates2events("/home/e-smith/files/shares/wpkg/files/config.xml", qw(wpkg-update bootstrap-console-save)); templates2events("/home/e-smith/files/shares/wpkg/files/profiles/variables.xml", qw(wpkg-update bootstrap-console-save)); diff --git a/root/etc/e-smith/templates.metadata/home/e-smith/files/shares/tools/files/scripts/session/001conf.bat b/root/etc/e-smith/templates.metadata/home/e-smith/files/shares/tools/files/scripts/session/001conf.bat deleted file mode 100644 index ccab440..0000000 --- a/root/etc/e-smith/templates.metadata/home/e-smith/files/shares/tools/files/scripts/session/001conf.bat +++ /dev/null @@ -1,2 +0,0 @@ -TEMPLATE_PATH="/home/e-smith/files/shares/tools/files/scripts/conf.bat" -OUTPUT_FILENAME="/home/e-smith/files/shares/tools/files/scripts/session/001conf.bat" diff --git a/root/etc/e-smith/templates.metadata/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat b/root/etc/e-smith/templates.metadata/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat deleted file mode 100644 index b390fdf..0000000 --- a/root/etc/e-smith/templates.metadata/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat +++ /dev/null @@ -1,2 +0,0 @@ -TEMPLATE_PATH="/home/e-smith/files/shares/tools/files/scripts/conf.bat" -OUTPUT_FILENAME="/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat" diff --git a/root/etc/e-smith/templates/etc/smb.conf/22MapHomeDir b/root/etc/e-smith/templates/etc/smb.conf/22MapHomeDir new file mode 100644 index 0000000..77e109f --- /dev/null +++ b/root/etc/e-smith/templates/etc/smb.conf/22MapHomeDir @@ -0,0 +1,2 @@ +logon drive = { $smb{'HomeDrive'} || 'h:' } + diff --git a/root/etc/e-smith/templates/etc/smb.conf/50homesGenNetlogon b/root/etc/e-smith/templates/etc/smb.conf/50homesGenNetlogon new file mode 100644 index 0000000..0d709f1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/smb.conf/50homesGenNetlogon @@ -0,0 +1 @@ +root preexec = "/sbin/e-smith/generate_netlogon /home/e-smith/files/samba/netlogon/netlogon.template /home/e-smith/files/shares/tools/files/scripts/users/%U.bat %U %m %a %T" diff --git a/root/etc/e-smith/templates/home/e-smith/files/samba/netlogon/netlogon.bat/75CallSessionsScripts b/root/etc/e-smith/templates/home/e-smith/files/samba/netlogon/netlogon.bat/75CallSessionsScripts new file mode 100644 index 0000000..ed0f715 --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/files/samba/netlogon/netlogon.bat/75CallSessionsScripts @@ -0,0 +1,17 @@ +{ + +my $ip = $InternalInterface{'IPAddress'}; +$OUT .=<<"EOF"; +SET IPASSERELLE_IP=$ip +REM Scripts globaux +for /F "tokens=*" %%f in ('dir /B /ON \\\\%IPASSERELLE_IP%\\tools\\scripts\\session\\*.bat') do call %%f + +REM Script personnel +if exist \\\\%IPASSERELLE_IP%\\tools\\scripts\\users\\%USERNAME%.bat call \\\\%IPASSERELLE_IP%\\tools\\scripts\\users\\%USERNAME%.bat + +EOF + +# Unix2dos +$OUT =~ s/\n/\r\n/g; + +} diff --git a/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/session.bat/10All b/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/session.bat/10All deleted file mode 100644 index 28097e1..0000000 --- a/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/session.bat/10All +++ /dev/null @@ -1,13 +0,0 @@ -{ - -my $ip = $InternalInterface{'IPAddress'}; -$OUT .=<<"EOF"; -SET IPASSERELLE_IP=$ip -for /F "tokens=*" %%f in ('dir /B /ON \\\\%IPASSERELLE_IP%\\tools\scripts\session\*.bat') do call %%f - -EOF - -# Unix2dos -$OUT =~ s/\n/\r\n/g; - -} diff --git a/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/session.bat/template-begin b/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/session.bat/template-begin deleted file mode 100644 index e69de29..0000000 diff --git a/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/conf.bat/10All b/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat/10All similarity index 100% rename from root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/conf.bat/10All rename to root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat/10All diff --git a/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/conf.bat/template-begin b/root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat/template-begin similarity index 100% rename from root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/conf.bat/template-begin rename to root/etc/e-smith/templates/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat/template-begin diff --git a/root/home/e-smith/files/shares/tools/files/scripts/session/010signature.bat b/root/home/e-smith/files/shares/tools/files/scripts/session/010signature.bat index 9167cee..e9fe3fc 100644 --- a/root/home/e-smith/files/shares/tools/files/scripts/session/010signature.bat +++ b/root/home/e-smith/files/shares/tools/files/scripts/session/010signature.bat @@ -1,7 +1,5 @@ set DOC=Mes Documents if exist \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% ( - if exist %USERPROFILE%\Documents ( - set DOC=Documents - ) + if exist %USERPROFILE%\Documents set DOC=Documents xcopy /E /I /Y \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% "%USERPROFILE%\%DOC%\signature" ) diff --git a/root/sbin/e-smith/generate_netlogon b/root/sbin/e-smith/generate_netlogon new file mode 100755 index 0000000..9669553 --- /dev/null +++ b/root/sbin/e-smith/generate_netlogon @@ -0,0 +1,239 @@ +#!/usr/bin/perl -w + +my $netlogonTemplate = $ARGV[0]; +my $netlogonFile = $ARGV[1]; +my $curUser = $ARGV[2]; +my $curMachine = $ARGV[3]; +my $curArch = $ARGV[4]; +my $time = $ARGV[5]; + +die "Netlogon template argument missing.\n" unless defined ($netlogonTemplate); +die "Netlogon file argument missing.\n" unless defined ($netlogonFile); +die "User argument missing.\n" unless defined ($curUser); +die "Machine argument missing.\n" unless defined ($curMachine); +die "Arch argument missing.\n" unless defined ($curArch); +die "Time argument missing.\n" unless defined ($time); + +package esmith; + +use strict; + +use esmith::util; + +BEGIN +{ + # Clear PATH and related environment variables so that calls to + # external programs do not cause results to be tainted. See + # "perlsec" manual page for details. + + $ENV {'PATH'} = ''; + $ENV {'SHELL'} = '/bin/bash'; + delete $ENV {'ENV'}; +} + +esmith::util::setRealToEffective (); + +my %accounts; +tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; + + +# ------------------------------------------------ +# Open and read in the template netlogon.bat file. +# ------------------------------------------------ + +open ( INFILE, "< $netlogonTemplate" ) || + die "Couldn't open the input file '$netlogonTemplate' : $!\n"; + +my @infile = ; + +close ( INFILE ); + +# -------------------------------------------------- +# Open an output file for the generated batch script +# -------------------------------------------------- + +open ( NETLOGON, "> $netlogonFile" ) || + die "Couldn't open the output batch file: '$netlogonFile' : $!\n"; + +print NETLOGON "\@REM $curUser logging in from a $curArch box \015\n"; +print NETLOGON "\@REM called $curMachine on $time\015\n"; + +my $line; +my @activelevels = ( 1 ); +my $level = 0; + +foreach $line ( @infile ) +{ + if ( ( index $line, '#if' ) == 0 ) + { + if ( $activelevels[ $level ] ) + { + if ( ( index $line, '#ifg' ) == 0 ) + { + $level++; + my $grouplist = $line; + + ### Clean the line and get a list of groups: + $grouplist =~ s/\#ifg|\s|\n|\015//g; + my @groups = split ( ',', $grouplist ); + + ### Check if the curUser is in any of the groups: + $activelevels[ $level ] = 0; + my $group; + foreach $group ( @groups ) + { + if ( !$activelevels[ $level ] ) + { + $activelevels[ $level ] = isInGroup($curUser, $group); + } + } + + ### If the user is in the list, add a comment to the batch file: + if ( $activelevels[ $level ] ) + { + print NETLOGON "REM $line"; + } + } + elsif ( ( index $line, '#ifu' ) == 0 ) + { + $level++; + my $userlist = $line; + + ### Clean the line and get a list of users: + $userlist =~ s/\#ifu|\s|\n|\015//g; + my @users = split ( ',', $userlist ); + + ### Check if the curUser matches any in the list: + $activelevels[ $level ] = 0; + my $user; + foreach $user ( @users ) + { + if ( !$activelevels[ $level ] ) + { + $activelevels[ $level ] = ( $curUser eq $user ); + } + } + + ### If the user is in the list, add a comment to the batch file: + if ( $activelevels[ $level ] ) + { + print NETLOGON "REM $line"; + } + } + elsif ( ( index $line, '#ifm' ) == 0 ) + { + $level++; + my $machinelist = $line; + + ### Clean the line and get a list of machines: + $machinelist =~ s/\#ifm|\s|\n|\015//g; + my @machines = split ( ',', $machinelist ); + + ### Check if the curMachine matches any in the list: + $activelevels[ $level ] = 0; + my $machine; + foreach $machine ( @machines ) + { + if ( !$activelevels[ $level ] ) + { + $activelevels[ $level ] = ( $curMachine eq $machine ); + } + } + + ### If the machine is in the list, add a comment to the batch file: + if ( $activelevels[ $level ] ) + { + print NETLOGON "REM $line"; + } + } + elsif ( ( index $line, '#ifa' ) == 0 ) + { + $level++; + my $archlist = $line; + + ### Clean the line and get a list of architectures: + $archlist =~ s/\#ifa|\s|\n|\015//g; + my @archs = split ( ',', $archlist ); + + ### Check if the curArch matches any in the list: + $activelevels[ $level ] = 0; + my $arch; + foreach $arch ( @archs ) + { + if ( !$activelevels[ $level ] ) + { + $activelevels[ $level ] = ( $curArch eq $arch ); + } + } + + ### If the arch is in the list, add a comment to the batch file: + if ( $activelevels[ $level ] ) + { + print NETLOGON "REM $line"; + } + } + else + { + die "Unknown '#if' statement found!\n"; + } + + } + else + { + $level++; + $activelevels[ $level ] = 0; + } + } + elsif ( ( index $line, '#endif' ) == 0 ) + { + die "Stray '#endif' found!\n" unless ( $level > 0 ); + if ( $activelevels[ $level ] ) + { + print NETLOGON "REM $line"; + } + $level--; + } + elsif ( $activelevels[ $level ] ) + { + print NETLOGON "$line"; + } +} + +die "Not enough '#endif' lines in template!\n" unless $level == 0; + +close ( NETLOGON ); + +chmod ( 0744, "$netlogonFile" ); + +exit (0); + +# -------------------------------------------------- +# Subroutine to check if a given user is in a group: +# -------------------------------------------------- + +sub isInGroup($$) +{ + my ($user, $group) = @_; + + my $value = $accounts{$group}; + + if ( defined ($value) ) + { + my ($type, %properties) = split (/\|/, $value); + if ($type eq 'group') + { + my @members = split (/,/, $properties {'Members'}); + my $member; + # TODO: grep (/^$user$/, @members) + foreach $member ( @members ) + { + if ( $member eq $user ) + { + return 1; + } + } + } + } + return 0; +} +