[debian-edu-commits] r82905 - branches/wheezy/debian-edu-config/share/debian-edu-config/tools
dash-guest at alioth.debian.org
dash-guest at alioth.debian.org
Mon Jan 6 07:50:29 UTC 2014
Author: dash-guest
Date: 2014-01-06 07:50:29 +0000 (Mon, 06 Jan 2014)
New Revision: 82905
Modified:
branches/wheezy/debian-edu-config/share/debian-edu-config/tools/ldap-migrate-squeeze-wheezy
Log:
Include nisNetgroup objects in the LDAP migration
Modified: branches/wheezy/debian-edu-config/share/debian-edu-config/tools/ldap-migrate-squeeze-wheezy
===================================================================
--- branches/wheezy/debian-edu-config/share/debian-edu-config/tools/ldap-migrate-squeeze-wheezy 2014-01-06 05:33:29 UTC (rev 82904)
+++ branches/wheezy/debian-edu-config/share/debian-edu-config/tools/ldap-migrate-squeeze-wheezy 2014-01-06 07:50:29 UTC (rev 82905)
@@ -12,7 +12,7 @@
Usage: $0
Migrate LDAP information from a Debian Edu Squeeze main server to a
-Wheezy main server.
+Debian Edu Wheezy main server.
How to use it:
@@ -27,9 +27,9 @@
# Get a copy of the current Wheezy LDAP database
service slapd stop
slapcat > tjener-wheezy.ldif
- service slapd start # Restart local LDAP server
+ service slapd start # Restart local LDAP server
- ldap-migrate-squeeze-wheezy # Merge the two databases
+ ldap-migrate-squeeze-wheezy # Create input file for ldapmodify to merge
ldapadmindn=$(ldapsearch -H ldap://localhost/ -x "(&(cn=admin)(objectClass=simpleSecurityObject))" 2>/dev/null | perl -p0e 's/\n //g' | awk '/^dn: / {print $2}')
ldapmodify -H ldap://localhost/ -ZZ -D "$ldapadmindn" -W -v -x < tjener-wheezy-ldapmodify.ldif # Load the new/changed entries into LDAP
@@ -90,12 +90,14 @@
my %curuser;
my %curgroup;
my %cursudorole;
+my %curnisnetgroup;
my %curhost;
while (not $curldif->eof() ) {
- my $entry = $curldif->read_entry ( );
+ my $entry = $curldif->read_entry();
if ( ! $curldif->error() ) {
my %cls;
map { $cls{$_} = 1 } $entry->get_value('objectClass');
+ print Data::Dumper->Dump([\%cls], [qw(*cls)]) if $debug;
if (exists $cls{'posixAccount'} && exists $cls{'person'}
&& ! exists $cls{'gosaUserTemplate'}
&& ! exists $cls{'gotoWorkstation'}) {
@@ -104,6 +106,8 @@
$curgroup{$entry->get_value('cn')} = $entry;
} elsif (exists $cls{'sudoRole'} ) {
$cursudorole{$entry->get_value('cn')} = $entry;
+ } elsif (exists $cls{'nisNetgroup'} ) {
+ $curnisnetgroup{$entry->get_value('cn')} = $entry;
} elsif (exists $cls{'device'}
|| exists $cls{'goServer'}
|| exists $cls{'gotoWorkstation'}) {
@@ -111,19 +115,19 @@
}
}
}
-print Dumper(\%curuser);
-#print Dumper(\%curgroup);
+print Data::Dumper->Dump([\%curuser], [qw(*curuser)]) if $debug;
+print Data::Dumper->Dump([\%curgroup], [qw(*curgroup)]) if $debug;
+print Data::Dumper->Dump([\%curnisnetgroup], [qw(*curnisnetgroup)]) if $debug;
+
# Extract every user and group LDAP object not already in the LDAP
# database.
-while (not $oldldif->eof ( ) ) {
- my $entry = $oldldif->read_entry ( );
- if ( $oldldif->error ( ) ) {
- print "Error msg: ", $oldldif->error ( ), "\n";
- print "Error lines:\n", $oldldif->error_lines ( ), "\n";
+while (not $oldldif->eof() ) {
+ my $entry = $oldldif->read_entry();
+ if ( $oldldif->error() ) {
+ print "Error msg: ", $oldldif->error( ), "\n";
+ print "Error lines:\n", $oldldif->error_lines( ), "\n";
} else {
- #foreach my $attr ( $entry->attribute ) {
- #}
my %cls;
map { $cls{$_} = 1 } $entry->get_value('objectClass');
if (exists $cls{'posixAccount'} && exists $cls{'person'}
@@ -134,47 +138,16 @@
$entry = trim_internal_attributes_from_entry($entry);
$newldif->write_entry($entry);
}
- } elsif (exists $cls{'posixGroup'} ) {
- my $cn = $entry->get_value('cn');
- if (exists ($curgroup{$cn})) {
- # check membership of both, figure out how to create
- # change records.
- print "G: $cn\n";
- my $curentry = $curgroup{$cn};
- my @oldmembers = sort $entry->get_value('memberUid');
- my @curmembers = sort $curentry->get_value('memberUid');
- print "Cur: ", Dumper(\@curmembers), "\n";
- print "Old: ", Dumper(\@oldmembers), "\n";
- my %curmemhash;
- map { $curmemhash{$_} = 1 } @curmembers;
- my $newentry;
- my @newmembers;
- for my $oldmember (@oldmembers) {
- if (!exists $curmemhash{$oldmember}) {
- print "Adding $oldmember to group $cn\n";
- if (! defined $newentry) {
- $newentry = $entry->clone();
- $newentry->changetype('modify');
- }
- push(@newmembers, $oldmember);
- }
- }
- if (@newmembers) {
- $newentry->replace('memberUid' =>
- [@curmembers, @newmembers]);
- $newldif->write_entry($newentry);
- }
- } else {
- # Missing entry, just add it
- $entry = trim_internal_attributes_from_entry($entry);
- $newldif->write_entry($entry);
- }
} elsif (exists $cls{'sudoRole'}) {
my $cn = $entry->get_value('cn');
if (!exists ($cursudorole{$cn})) {
$entry = trim_internal_attributes_from_entry($entry);
$newldif->write_entry($entry);
}
+ } elsif (exists $cls{'posixGroup'} ) {
+ change_or_add($newldif, $entry, \%curgroup, ['memberUid']);
+ } elsif (exists $cls{'nisNetgroup'}) {
+ change_or_add($newldif, $entry, \%curnisnetgroup, ['memberNisNetgroup', 'nisNetgroupTriple']);
} elsif (exists $cls{'device'}
|| exists $cls{'goServer'}
|| exists $cls{'gotoWorkstation'}) {
@@ -184,7 +157,7 @@
$newldif->write_entry($entry);
}
}
-# print Dumper($entry);
+ print Data::Dumper->Dump([\$entry], [qw(*entry)]) if $debug;
}
}
@@ -206,3 +179,45 @@
}
return $entry;
}
+
+
+sub change_or_add {
+ my ($newldif, $entry, $group, $attr_names_aref) = @_;
+
+ my $cn = $entry->get_value('cn');
+
+ if (exists ($group->{$cn})) {
+ # check membership of both groups and create change records
+ my $curentry = $group->{$cn};
+
+ for my $attr_name (@$attr_names_aref) {
+ my @oldmembers = sort $entry->get_value($attr_name);
+ my @curmembers = sort $curentry->get_value($attr_name);
+ print "Cur: ", Dumper(\@curmembers), "\n" if $debug;
+ print "Old: ", Dumper(\@oldmembers), "\n" if $debug;
+ my %curmemhash;
+ map { $curmemhash{$_} = 1 } @curmembers;
+ my $newentry;
+ my @newmembers;
+ for my $oldmember (@oldmembers) {
+ if (!exists $curmemhash{$oldmember}) {
+ print "Adding $oldmember to group $cn\n" if $debug;
+ if (! defined $newentry) {
+ $newentry = $entry->clone();
+ $newentry->changetype('modify');
+ }
+ push(@newmembers, $oldmember);
+ }
+ }
+ if (@newmembers) {
+ $newentry->replace($attr_name =>
+ [@curmembers, @newmembers]);
+ $newldif->write_entry($newentry);
+ }
+ }
+ } else {
+ # Missing entry, just add it
+ $entry = trim_internal_attributes_from_entry($entry);
+ $newldif->write_entry($entry);
+ }
+}
More information about the debian-edu-commits
mailing list