parent
a09210157b
commit
3f22bb9f23
12 changed files with 260 additions and 22 deletions
@ -1,2 +0,0 @@ |
||||
TEMPLATE_PATH="/home/e-smith/files/shares/tools/files/scripts/conf.bat" |
||||
OUTPUT_FILENAME="/home/e-smith/files/shares/tools/files/scripts/session/001conf.bat" |
@ -1,2 +0,0 @@ |
||||
TEMPLATE_PATH="/home/e-smith/files/shares/tools/files/scripts/conf.bat" |
||||
OUTPUT_FILENAME="/home/e-smith/files/shares/tools/files/scripts/wpkg/conf.bat" |
@ -0,0 +1,2 @@ |
||||
logon drive = { $smb{'HomeDrive'} || 'h:' } |
||||
|
@ -0,0 +1 @@ |
||||
root preexec = "/sbin/e-smith/generate_netlogon /home/e-smith/files/samba/netlogon/netlogon.template /home/e-smith/files/shares/tools/files/scripts/users/%U.bat %U %m %a %T" |
@ -0,0 +1,17 @@ |
||||
{ |
||||
|
||||
my $ip = $InternalInterface{'IPAddress'}; |
||||
$OUT .=<<"EOF"; |
||||
SET IPASSERELLE_IP=$ip |
||||
REM Scripts globaux |
||||
for /F "tokens=*" %%f in ('dir /B /ON \\\\%IPASSERELLE_IP%\\tools\\scripts\\session\\*.bat') do call %%f |
||||
|
||||
REM Script personnel |
||||
if exist \\\\%IPASSERELLE_IP%\\tools\\scripts\\users\\%USERNAME%.bat call \\\\%IPASSERELLE_IP%\\tools\\scripts\\users\\%USERNAME%.bat |
||||
|
||||
EOF |
||||
|
||||
# Unix2dos |
||||
$OUT =~ s/\n/\r\n/g; |
||||
|
||||
} |
@ -1,13 +0,0 @@ |
||||
{ |
||||
|
||||
my $ip = $InternalInterface{'IPAddress'}; |
||||
$OUT .=<<"EOF"; |
||||
SET IPASSERELLE_IP=$ip |
||||
for /F "tokens=*" %%f in ('dir /B /ON \\\\%IPASSERELLE_IP%\\tools\scripts\session\*.bat') do call %%f |
||||
|
||||
EOF |
||||
|
||||
# Unix2dos |
||||
$OUT =~ s/\n/\r\n/g; |
||||
|
||||
} |
@ -1,7 +1,5 @@ |
||||
set DOC=Mes Documents |
||||
if exist \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% ( |
||||
if exist %USERPROFILE%\Documents ( |
||||
set DOC=Documents |
||||
) |
||||
if exist %USERPROFILE%\Documents set DOC=Documents |
||||
xcopy /E /I /Y \\%IPASSERELLE_IP%\tools\signatures\%USERNAME% "%USERPROFILE%\%DOC%\signature" |
||||
) |
||||
|
@ -0,0 +1,239 @@ |
||||
#!/usr/bin/perl -w |
||||
|
||||
my $netlogonTemplate = $ARGV[0]; |
||||
my $netlogonFile = $ARGV[1]; |
||||
my $curUser = $ARGV[2]; |
||||
my $curMachine = $ARGV[3]; |
||||
my $curArch = $ARGV[4]; |
||||
my $time = $ARGV[5]; |
||||
|
||||
die "Netlogon template argument missing.\n" unless defined ($netlogonTemplate); |
||||
die "Netlogon file argument missing.\n" unless defined ($netlogonFile); |
||||
die "User argument missing.\n" unless defined ($curUser); |
||||
die "Machine argument missing.\n" unless defined ($curMachine); |
||||
die "Arch argument missing.\n" unless defined ($curArch); |
||||
die "Time argument missing.\n" unless defined ($time); |
||||
|
||||
package esmith; |
||||
|
||||
use strict; |
||||
|
||||
use esmith::util; |
||||
|
||||
BEGIN |
||||
{ |
||||
# Clear PATH and related environment variables so that calls to |
||||
# external programs do not cause results to be tainted. See |
||||
# "perlsec" manual page for details. |
||||
|
||||
$ENV {'PATH'} = ''; |
||||
$ENV {'SHELL'} = '/bin/bash'; |
||||
delete $ENV {'ENV'}; |
||||
} |
||||
|
||||
esmith::util::setRealToEffective (); |
||||
|
||||
my %accounts; |
||||
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; |
||||
|
||||
|
||||
# ------------------------------------------------ |
||||
# Open and read in the template netlogon.bat file. |
||||
# ------------------------------------------------ |
||||
|
||||
open ( INFILE, "< $netlogonTemplate" ) || |
||||
die "Couldn't open the input file '$netlogonTemplate' : $!\n"; |
||||
|
||||
my @infile = <INFILE>; |
||||
|
||||
close ( INFILE ); |
||||
|
||||
# -------------------------------------------------- |
||||
# Open an output file for the generated batch script |
||||
# -------------------------------------------------- |
||||
|
||||
open ( NETLOGON, "> $netlogonFile" ) || |
||||
die "Couldn't open the output batch file: '$netlogonFile' : $!\n"; |
||||
|
||||
print NETLOGON "\@REM $curUser logging in from a $curArch box \015\n"; |
||||
print NETLOGON "\@REM called $curMachine on $time\015\n"; |
||||
|
||||
my $line; |
||||
my @activelevels = ( 1 ); |
||||
my $level = 0; |
||||
|
||||
foreach $line ( @infile ) |
||||
{ |
||||
if ( ( index $line, '#if' ) == 0 ) |
||||
{ |
||||
if ( $activelevels[ $level ] ) |
||||
{ |
||||
if ( ( index $line, '#ifg' ) == 0 ) |
||||
{ |
||||
$level++; |
||||
my $grouplist = $line; |
||||
|
||||
### Clean the line and get a list of groups: |
||||
$grouplist =~ s/\#ifg|\s|\n|\015//g; |
||||
my @groups = split ( ',', $grouplist ); |
||||
|
||||
### Check if the curUser is in any of the groups: |
||||
$activelevels[ $level ] = 0; |
||||
my $group; |
||||
foreach $group ( @groups ) |
||||
{ |
||||
if ( !$activelevels[ $level ] ) |
||||
{ |
||||
$activelevels[ $level ] = isInGroup($curUser, $group); |
||||
} |
||||
} |
||||
|
||||
### If the user is in the list, add a comment to the batch file: |
||||
if ( $activelevels[ $level ] ) |
||||
{ |
||||
print NETLOGON "REM $line"; |
||||
} |
||||
} |
||||
elsif ( ( index $line, '#ifu' ) == 0 ) |
||||
{ |
||||
$level++; |
||||
my $userlist = $line; |
||||
|
||||
### Clean the line and get a list of users: |
||||
$userlist =~ s/\#ifu|\s|\n|\015//g; |
||||
my @users = split ( ',', $userlist ); |
||||
|
||||
### Check if the curUser matches any in the list: |
||||
$activelevels[ $level ] = 0; |
||||
my $user; |
||||
foreach $user ( @users ) |
||||
{ |
||||
if ( !$activelevels[ $level ] ) |
||||
{ |
||||
$activelevels[ $level ] = ( $curUser eq $user ); |
||||
} |
||||
} |
||||
|
||||
### If the user is in the list, add a comment to the batch file: |
||||
if ( $activelevels[ $level ] ) |
||||
{ |
||||
print NETLOGON "REM $line"; |
||||
} |
||||
} |
||||
elsif ( ( index $line, '#ifm' ) == 0 ) |
||||
{ |
||||
$level++; |
||||
my $machinelist = $line; |
||||
|
||||
### Clean the line and get a list of machines: |
||||
$machinelist =~ s/\#ifm|\s|\n|\015//g; |
||||
my @machines = split ( ',', $machinelist ); |
||||
|
||||
### Check if the curMachine matches any in the list: |
||||
$activelevels[ $level ] = 0; |
||||
my $machine; |
||||
foreach $machine ( @machines ) |
||||
{ |
||||
if ( !$activelevels[ $level ] ) |
||||
{ |
||||
$activelevels[ $level ] = ( $curMachine eq $machine ); |
||||
} |
||||
} |
||||
|
||||
### If the machine is in the list, add a comment to the batch file: |
||||
if ( $activelevels[ $level ] ) |
||||
{ |
||||
print NETLOGON "REM $line"; |
||||
} |
||||
} |
||||
elsif ( ( index $line, '#ifa' ) == 0 ) |
||||
{ |
||||
$level++; |
||||
my $archlist = $line; |
||||
|
||||
### Clean the line and get a list of architectures: |
||||
$archlist =~ s/\#ifa|\s|\n|\015//g; |
||||
my @archs = split ( ',', $archlist ); |
||||
|
||||
### Check if the curArch matches any in the list: |
||||
$activelevels[ $level ] = 0; |
||||
my $arch; |
||||
foreach $arch ( @archs ) |
||||
{ |
||||
if ( !$activelevels[ $level ] ) |
||||
{ |
||||
$activelevels[ $level ] = ( $curArch eq $arch ); |
||||
} |
||||
} |
||||
|
||||
### If the arch is in the list, add a comment to the batch file: |
||||
if ( $activelevels[ $level ] ) |
||||
{ |
||||
print NETLOGON "REM $line"; |
||||
} |
||||
} |
||||
else |
||||
{ |
||||
die "Unknown '#if' statement found!\n"; |
||||
} |
||||
|
||||
} |
||||
else |
||||
{ |
||||
$level++; |
||||
$activelevels[ $level ] = 0; |
||||
} |
||||
} |
||||
elsif ( ( index $line, '#endif' ) == 0 ) |
||||
{ |
||||
die "Stray '#endif' found!\n" unless ( $level > 0 ); |
||||
if ( $activelevels[ $level ] ) |
||||
{ |
||||
print NETLOGON "REM $line"; |
||||
} |
||||
$level--; |
||||
} |
||||
elsif ( $activelevels[ $level ] ) |
||||
{ |
||||
print NETLOGON "$line"; |
||||
} |
||||
} |
||||
|
||||
die "Not enough '#endif' lines in template!\n" unless $level == 0; |
||||
|
||||
close ( NETLOGON ); |
||||
|
||||
chmod ( 0744, "$netlogonFile" ); |
||||
|
||||
exit (0); |
||||
|
||||
# -------------------------------------------------- |
||||
# Subroutine to check if a given user is in a group: |
||||
# -------------------------------------------------- |
||||
|
||||
sub isInGroup($$) |
||||
{ |
||||
my ($user, $group) = @_; |
||||
|
||||
my $value = $accounts{$group}; |
||||
|
||||
if ( defined ($value) ) |
||||
{ |
||||
my ($type, %properties) = split (/\|/, $value); |
||||
if ($type eq 'group') |
||||
{ |
||||
my @members = split (/,/, $properties {'Members'}); |
||||
my $member; |
||||
# TODO: grep (/^$user$/, @members) |
||||
foreach $member ( @members ) |
||||
{ |
||||
if ( $member eq $user ) |
||||
{ |
||||
return 1; |
||||
} |
||||
} |
||||
} |
||||
} |
||||
return 0; |
||||
} |
||||
|
Loading…
Reference in new issue