35 lines
1.1 KiB
Bash
Executable File
35 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# get the script dirname
|
|
BINPATH="$(readlink "$0" || echo "$0")"
|
|
DIRPATH="$(dirname "$BINPATH")"
|
|
|
|
if ! [ -r "$DIRPATH/config" ]; then echo "Unable to read config file"; exit 128; fi
|
|
source "$DIRPATH/config"
|
|
|
|
# run as root
|
|
if [ "$EUID" -ne 0 ]; then echo "Must be run as root"; exit 64; fi
|
|
# Get user details
|
|
GROUPNAME=$1
|
|
if [ -z "$GROUPNAME" ]; then echo "No groupname supplied"; exit 1; fi
|
|
|
|
# Get group info
|
|
GROUPDB="$(getent group "$GROUPNAME")"
|
|
if [ -z "$GROUPDB" ]; then echo "$USERNAME gid $GIDNUMBER not found"; exit 16; fi
|
|
|
|
GIDNUMBER="$(echo "$GROUPDB" | cut -f 3 -d :)"
|
|
GROUPMEMBERS="$(echo "$GROUPDB" | cut -f 4 -d :)"
|
|
|
|
# enforce gid limits
|
|
#GIDNUMBER_MIN=1000
|
|
#GIDNUMBER_MAX=10000
|
|
#if [ "$GIDNUMBER" -lt "$GIDNUMBER_MIN" ]; then echo "Refusing to add group below $GIDNUMBER_MIN"; exit 32; fi
|
|
#if [ "$GIDNUMBER" -gt "$GIDNUMBER_MAX" ]; then echo "Refusing to add group above $GIDNUMBER_MAX"; exit 32; fi
|
|
|
|
ldapadd -D "$BIND" -w "$PASS" -H ldapi:/// <<-LDIF
|
|
dn: cn=$GROUPNAME,$GROUP_BASEDN
|
|
objectClass: posixGroup
|
|
cn: $GROUPNAME
|
|
gidNumber: $GIDNUMBER
|
|
LDIF
|