Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Perl Loop: Grep returning true;Variable filename

  • 16-06-2006 12:22pm
    #1
    Registered Users, Registered Users 2 Posts: 15,817 ✭✭✭✭


    The following is a loop which cycles through a list of userids.
    /tmp/lds is where the output from an ldap-search is stored each pass of the loop.
    #!/usr/bin/perl
    
    $ldaphost = a.b.c.d;
    open(USRIDS, "userids");
    
    while (<USRIDS>)
    {
            chop;
            print "$_\n";
            $currUsrId = $_;
            $ldscmd = "ldapsearch -h a.b.c.d -x -D \"cn=frjack,ou=abc\" -b o=abc \"cn=$currUsrId\" -LLL > /tmp/lds";
    ########Check for local HomeDir
            if ( -e "/home/$currUsrId")
            {
                    print "User's Home Directory Already Exists!\n";
            }
            else
            {
                    system("mkdir /home/$currUsrId");
                    system("cp -r /root/test/skel /home/$currUsrId/");
                    system("chown -R $currUsrId /home/$currUsrId");
                    print "Home Directory Created for user $currUsrId\n";
            }
    ########Check for POSIX Attributes
            system($ldscmd);
    
            if ( grep PosixAccount, "/tmp/lds" )
            {
                    print "POSIX LDAP attributes for $currUsrId already set - Good :)\n";
    
                    if ( grep PostalCode, "/tmp/lds" )
                    {
                            print "Local Home Directory path for $currUsrId already set\n\n";
                            done;
                    }
                    else
                    {
                            $dn = null;
                            $dn = system("$ldscmd dn");
                            $curr_filename = join(".",$currUsrId,"ldif");
    
    ########################filehandle for <currentuser>.ldif
                            open(USRLDIF, ">$curr_filename");
    
                            chop;
                            print USRLDIF "$dn\n";
                            print USRLDIF "changetype: modify\n";
                            print USRLDIF "add: attribute\n";
                            print USRLDIF "attribute: PostalCode\n";
                            print USRLDIF "PostalCode: /home/$currUsrId";
                            close USRLDIF;
    
                    }
            }
            else
            {
                    print "User $currUsrId requires POSIX Attributes to be set";
                    open(USRPSXRQ,">2bposxd.jc");
                    print USRPSRQ "&currUsrId\n";
                    close USRPSXRQ;
            }
    }
    
    
    The grep commands don't seem to be able to fail. They keep coming back as true. Even the 2nd (postalCode) will return true when the LDAP attribute hasn't been set.
    And/or the composite filename ($currUsrId.ldif) that is created each pass as needed is cocking up.
    I've tested using accounts with and without POSIXAccount objectClass and PostalCode attribute set. No joy.
    I've been learning perl over the last few days, and this is puzzling me greatly. Is very probably something trivial, but I only noticed this today and I need to fix it fast.
    What am I overlooking?


    Another problem is that chmod $currUsrId [homedir] doesn't work unless the user (Authing against LDAP, localhomedir though) has already logged in once.


Comments

  • Registered Users, Registered Users 2 Posts: 6,571 ✭✭✭daymobrew


    All your scripts should have the following at the top.
    [PHP]# Find many errors or amguities during compilation.
    use strict;
    # Display compile and runtime warnings.
    use warnings; # Or append '-w' to #! line.[/PHP]
    SyxPak wrote:
    The grep commands don't seem to be able to fail. They keep coming back as true.
    grep in perl does not work the same way as in shell - it does not search the contents of the /tmp/lds file. AFAIK it tries to convert the string "/tmp/lds" into a list and you get the wrong outcome.
    I'm not 100% sure why 'grep' is returning true here but you need to change the code to get the right result.

    [PHP]# Capture the output of ldapsearchm using backticks, instead of redirecting to a file.
    my @ldapoutput = `ldapsearch -h a.b.c.d -x -D \"cn=frjack,ou=abc\" -b o=abc \"cn=$currUsrId\" -LLL`;
    # No need for this line: system($ldscmd);

    # Change the grep line:
    if ( grep PosixAccount, @ldapoutput ) ..... [/PHP]

    Edit: I use 'PHP' tags because I find the coloured code easier to read than the monochrome output from 'CODE' tags.


  • Registered Users, Registered Users 2 Posts: 15,817 ✭✭✭✭po0k


    Thanks daymobrew, I'm fiddling with the loops at the moment.
    I had enabled use strict, but it was complaining about Global symbols requiring explicit package names at line xx.
    I simply don't know what to do. I thought when you call a global variable (ie not declared with preceding 'my' for a lexical var in a loop/subroutine) you just called it.


    On a seperate (more UNIX than programming), this script creates localhomedirs for users authenticating against LDAP. How can I chown ldapuser:ldapgid /home/LdapUser for an LDAP user who has not yet logged in? I have a make_home_dir.c implementation which can* be run by the user when they login.
    However, I need an ACL method by which PAM or PAM.d/sshd can check a file listing allowed userids, let them login and deny all others.

    *I think


  • Registered Users, Registered Users 2 Posts: 6,571 ✭✭✭daymobrew


    SyxPak wrote:
    Thanks daymobrew, I'm fiddling with the loops at the moment.
    I had enabled use strict, but it was complaining about Global symbols requiring explicit package names at line xx.
    I simply don't know what to do. I thought when you call a global variable (ie not declared with preceding 'my' for a lexical var in a loop/subroutine) you just called it.
    All variables need to be declared with 'my' whether in a loop/subroutine or not ('our' is another, less used option).
    [PHP]#!/usr/bin/perl -w

    my $GlobalVariable = 10;

    # Access the global variable directly, though it is bad practice.
    sub subroutine { print "Inside subroutine: $GlobalVariable\n"; }
    # Pass the data to the function. Error checking omitted.
    sub sub_with_params( $ ) { print "Inside sub_with_params: $_[0]\n"; }

    my $NotAvailableToFirstSub = 11;

    # Each subroutine prints '10'.
    subroutine;
    sub_with_params( $GlobalVariable );[/PHP]

    WRT the chown question, if it can be done in C, it should be possible to port it to perl.
    Note that you may need to be root to run the chown command.


Advertisement