parent
a09210157b
commit
3f22bb9f23
12 changed files with 260 additions and 22 deletions
@ -1,2 +0,0 @@ |
|||||||
TEMPLATE_PATH="/home/e-smith/files/shares/tools/files/scripts/conf.bat" |
|
||||||
OUTPUT_FILENAME="/home/e-smith/files/shares/tools/files/scripts/session/001conf.bat" |
|
@ -1,2 +0,0 @@ |
|||||||
TEMPLATE_PATH="/home/e-smith/files/shares/tools/files/scripts/conf.bat" |
|
||||||
OUTPUT_FILENAME="/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat" |
|
@ -0,0 +1,2 @@ |
|||||||
|
logon drive = { $smb{'HomeDrive'} || 'h:' } |
||||||
|
|
@ -0,0 +1 @@ |
|||||||
|
root preexec = "/sbin/e-smith/generate_netlogon /home/e-smith/files/samba/netlogon/netlogon.template /home/e-smith/files/shares/tools/files/scripts/users/%U.bat %U %m %a %T" |
@ -0,0 +1,17 @@ |
|||||||
|
{ |
||||||
|
|
||||||
|
my $ip = $InternalInterface{'IPAddress'}; |
||||||
|
$OUT .=<<"EOF"; |
||||||
|
SET IPASSERELLE_IP=$ip |
||||||
|
REM Scripts globaux |
||||||
|
for /F "tokens=*" %%f in ('dir /B /ON \\\\%IPASSERELLE_IP%\\tools\\scripts\\session\\*.bat') do call %%f |
||||||
|
|
||||||
|
REM Script personnel |
||||||
|
if exist \\\\%IPASSERELLE_IP%\\tools\\scripts\\users\\%USERNAME%.bat call \\\\%IPASSERELLE_IP%\\tools\\scripts\\users\\%USERNAME%.bat |
||||||
|
|
||||||
|
EOF |
||||||
|
|
||||||
|
# Unix2dos |
||||||
|
$OUT =~ s/\n/\r\n/g; |
||||||
|
|
||||||
|
} |
@ -1,13 +0,0 @@ |
|||||||
{ |
|
||||||
|
|
||||||
my $ip = $InternalInterface{'IPAddress'}; |
|
||||||
$OUT .=<<"EOF"; |
|
||||||
SET IPASSERELLE_IP=$ip |
|
||||||
for /F "tokens=*" %%f in ('dir /B /ON \\\\%IPASSERELLE_IP%\\tools\scripts\session\*.bat') do call %%f |
|
||||||
|
|
||||||
EOF |
|
||||||
|
|
||||||
# Unix2dos |
|
||||||
$OUT =~ s/\n/\r\n/g; |
|
||||||
|
|
||||||
} |
|
@ -1,7 +1,5 @@ |
|||||||
set DOC=Mes Documents |
set DOC=Mes Documents |
||||||
if exist \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% ( |
if exist \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% ( |
||||||
if exist %USERPROFILE%\Documents ( |
if exist %USERPROFILE%\Documents set DOC=Documents |
||||||
set DOC=Documents |
|
||||||
) |
|
||||||
xcopy /E /I /Y \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% "%USERPROFILE%\%DOC%\signature" |
xcopy /E /I /Y \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% "%USERPROFILE%\%DOC%\signature" |
||||||
) |
) |
||||||
|
@ -0,0 +1,239 @@ |
|||||||
|
#!/usr/bin/perl -w |
||||||
|
|
||||||
|
my $netlogonTemplate = $ARGV[0]; |
||||||
|
my $netlogonFile = $ARGV[1]; |
||||||
|
my $curUser = $ARGV[2]; |
||||||
|
my $curMachine = $ARGV[3]; |
||||||
|
my $curArch = $ARGV[4]; |
||||||
|
my $time = $ARGV[5]; |
||||||
|
|
||||||
|
die "Netlogon template argument missing.\n" unless defined ($netlogonTemplate); |
||||||
|
die "Netlogon file argument missing.\n" unless defined ($netlogonFile); |
||||||
|
die "User argument missing.\n" unless defined ($curUser); |
||||||
|
die "Machine argument missing.\n" unless defined ($curMachine); |
||||||
|
die "Arch argument missing.\n" unless defined ($curArch); |
||||||
|
die "Time argument missing.\n" unless defined ($time); |
||||||
|
|
||||||
|
package esmith; |
||||||
|
|
||||||
|
use strict; |
||||||
|
|
||||||
|
use esmith::util; |
||||||
|
|
||||||
|
BEGIN |
||||||
|
{ |
||||||
|
# Clear PATH and related environment variables so that calls to |
||||||
|
# external programs do not cause results to be tainted. See |
||||||
|
# "perlsec" manual page for details. |
||||||
|
|
||||||
|
$ENV {'PATH'} = ''; |
||||||
|
$ENV {'SHELL'} = '/bin/bash'; |
||||||
|
delete $ENV {'ENV'}; |
||||||
|
} |
||||||
|
|
||||||
|
esmith::util::setRealToEffective (); |
||||||
|
|
||||||
|
my %accounts; |
||||||
|
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; |
||||||
|
|
||||||
|
|
||||||
|
# ------------------------------------------------ |
||||||
|
# Open and read in the template netlogon.bat file. |
||||||
|
# ------------------------------------------------ |
||||||
|
|
||||||
|
open ( INFILE, "< $netlogonTemplate" ) || |
||||||
|
die "Couldn't open the input file '$netlogonTemplate' : $!\n"; |
||||||
|
|
||||||
|
my @infile = <INFILE>; |
||||||
|
|
||||||
|
close ( INFILE ); |
||||||
|
|
||||||
|
# -------------------------------------------------- |
||||||
|
# Open an output file for the generated batch script |
||||||
|
# -------------------------------------------------- |
||||||
|
|
||||||
|
open ( NETLOGON, "> $netlogonFile" ) || |
||||||
|
die "Couldn't open the output batch file: '$netlogonFile' : $!\n"; |
||||||
|
|
||||||
|
print NETLOGON "\@REM $curUser logging in from a $curArch box \015\n"; |
||||||
|
print NETLOGON "\@REM called $curMachine on $time\015\n"; |
||||||
|
|
||||||
|
my $line; |
||||||
|
my @activelevels = ( 1 ); |
||||||
|
my $level = 0; |
||||||
|
|
||||||
|
foreach $line ( @infile ) |
||||||
|
{ |
||||||
|
if ( ( index $line, '#if' ) == 0 ) |
||||||
|
{ |
||||||
|
if ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
if ( ( index $line, '#ifg' ) == 0 ) |
||||||
|
{ |
||||||
|
$level++; |
||||||
|
my $grouplist = $line; |
||||||
|
|
||||||
|
### Clean the line and get a list of groups: |
||||||
|
$grouplist =~ s/\#ifg|\s|\n|\015//g; |
||||||
|
my @groups = split ( ',', $grouplist ); |
||||||
|
|
||||||
|
### Check if the curUser is in any of the groups: |
||||||
|
$activelevels[ $level ] = 0; |
||||||
|
my $group; |
||||||
|
foreach $group ( @groups ) |
||||||
|
{ |
||||||
|
if ( !$activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
$activelevels[ $level ] = isInGroup($curUser, $group); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
### If the user is in the list, add a comment to the batch file: |
||||||
|
if ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
print NETLOGON "REM $line"; |
||||||
|
} |
||||||
|
} |
||||||
|
elsif ( ( index $line, '#ifu' ) == 0 ) |
||||||
|
{ |
||||||
|
$level++; |
||||||
|
my $userlist = $line; |
||||||
|
|
||||||
|
### Clean the line and get a list of users: |
||||||
|
$userlist =~ s/\#ifu|\s|\n|\015//g; |
||||||
|
my @users = split ( ',', $userlist ); |
||||||
|
|
||||||
|
### Check if the curUser matches any in the list: |
||||||
|
$activelevels[ $level ] = 0; |
||||||
|
my $user; |
||||||
|
foreach $user ( @users ) |
||||||
|
{ |
||||||
|
if ( !$activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
$activelevels[ $level ] = ( $curUser eq $user ); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
### If the user is in the list, add a comment to the batch file: |
||||||
|
if ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
print NETLOGON "REM $line"; |
||||||
|
} |
||||||
|
} |
||||||
|
elsif ( ( index $line, '#ifm' ) == 0 ) |
||||||
|
{ |
||||||
|
$level++; |
||||||
|
my $machinelist = $line; |
||||||
|
|
||||||
|
### Clean the line and get a list of machines: |
||||||
|
$machinelist =~ s/\#ifm|\s|\n|\015//g; |
||||||
|
my @machines = split ( ',', $machinelist ); |
||||||
|
|
||||||
|
### Check if the curMachine matches any in the list: |
||||||
|
$activelevels[ $level ] = 0; |
||||||
|
my $machine; |
||||||
|
foreach $machine ( @machines ) |
||||||
|
{ |
||||||
|
if ( !$activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
$activelevels[ $level ] = ( $curMachine eq $machine ); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
### If the machine is in the list, add a comment to the batch file: |
||||||
|
if ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
print NETLOGON "REM $line"; |
||||||
|
} |
||||||
|
} |
||||||
|
elsif ( ( index $line, '#ifa' ) == 0 ) |
||||||
|
{ |
||||||
|
$level++; |
||||||
|
my $archlist = $line; |
||||||
|
|
||||||
|
### Clean the line and get a list of architectures: |
||||||
|
$archlist =~ s/\#ifa|\s|\n|\015//g; |
||||||
|
my @archs = split ( ',', $archlist ); |
||||||
|
|
||||||
|
### Check if the curArch matches any in the list: |
||||||
|
$activelevels[ $level ] = 0; |
||||||
|
my $arch; |
||||||
|
foreach $arch ( @archs ) |
||||||
|
{ |
||||||
|
if ( !$activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
$activelevels[ $level ] = ( $curArch eq $arch ); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
### If the arch is in the list, add a comment to the batch file: |
||||||
|
if ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
print NETLOGON "REM $line"; |
||||||
|
} |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
die "Unknown '#if' statement found!\n"; |
||||||
|
} |
||||||
|
|
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
$level++; |
||||||
|
$activelevels[ $level ] = 0; |
||||||
|
} |
||||||
|
} |
||||||
|
elsif ( ( index $line, '#endif' ) == 0 ) |
||||||
|
{ |
||||||
|
die "Stray '#endif' found!\n" unless ( $level > 0 ); |
||||||
|
if ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
print NETLOGON "REM $line"; |
||||||
|
} |
||||||
|
$level--; |
||||||
|
} |
||||||
|
elsif ( $activelevels[ $level ] ) |
||||||
|
{ |
||||||
|
print NETLOGON "$line"; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
die "Not enough '#endif' lines in template!\n" unless $level == 0; |
||||||
|
|
||||||
|
close ( NETLOGON ); |
||||||
|
|
||||||
|
chmod ( 0744, "$netlogonFile" ); |
||||||
|
|
||||||
|
exit (0); |
||||||
|
|
||||||
|
# -------------------------------------------------- |
||||||
|
# Subroutine to check if a given user is in a group: |
||||||
|
# -------------------------------------------------- |
||||||
|
|
||||||
|
sub isInGroup($$) |
||||||
|
{ |
||||||
|
my ($user, $group) = @_; |
||||||
|
|
||||||
|
my $value = $accounts{$group}; |
||||||
|
|
||||||
|
if ( defined ($value) ) |
||||||
|
{ |
||||||
|
my ($type, %properties) = split (/\|/, $value); |
||||||
|
if ($type eq 'group') |
||||||
|
{ |
||||||
|
my @members = split (/,/, $properties {'Members'}); |
||||||
|
my $member; |
||||||
|
# TODO: grep (/^$user$/, @members) |
||||||
|
foreach $member ( @members ) |
||||||
|
{ |
||||||
|
if ( $member eq $user ) |
||||||
|
{ |
||||||
|
return 1; |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
return 0; |
||||||
|
} |
||||||
|
|
Loading…
Reference in new issue