From owner-svn-src-user@freebsd.org Sun May 6 11:21:33 2018
Return-Path: <owner-svn-src-user@freebsd.org>
Delivered-To: svn-src-user@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4ADCFFB6BD6
for <svn-src-user@mailman.ysv.freebsd.org>;
Sun, 6 May 2018 11:21:33 +0000 (UTC) (envelope-from des@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
[IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mxrelay.nyi.freebsd.org",
Issuer "Let's Encrypt Authority X3" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id F190A7B75C;
Sun, 6 May 2018 11:21:32 +0000 (UTC) (envelope-from des@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
[IPv6:2610:1c1:1:6068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D323641F6;
Sun, 6 May 2018 11:21:32 +0000 (UTC) (envelope-from des@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w46BLWKa005222;
Sun, 6 May 2018 11:21:32 GMT (envelope-from des@FreeBSD.org)
Received: (from des@localhost)
by repo.freebsd.org (8.15.2/8.15.2/Submit) id w46BLWdB005220;
Sun, 6 May 2018 11:21:32 GMT (envelope-from des@FreeBSD.org)
Message-Id: <201805061121.w46BLWdB005220@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org
using -f
From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@FreeBSD.org>
Date: Sun, 6 May 2018 11:21:32 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-user@freebsd.org
Subject: svn commit: r333292 - user/des/fbce/db
X-SVN-Group: user
X-SVN-Commit-Author: des
X-SVN-Commit-Paths: user/des/fbce/db
X-SVN-Commit-Revision: 333292
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-user@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "SVN commit messages for the experimental " user"
src tree" <svn-src-user.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-user>,
<mailto:svn-src-user-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-user/>
List-Post: <mailto:svn-src-user@freebsd.org>
List-Help: <mailto:svn-src-user-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-user>,
<mailto:svn-src-user-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 06 May 2018 11:21:33 -0000
Author: des
Date: Sun May 6 11:21:32 2018
New Revision: 333292
URL: https://svnweb.freebsd.org/changeset/base/333292
Log:
Add gjb@'s LDAP-snarfing scripts.
Added:
user/des/fbce/db/genuserlist.pl (contents, props changed)
user/des/fbce/db/genuserlist.sh (contents, props changed)
Added: user/des/fbce/db/genuserlist.pl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ user/des/fbce/db/genuserlist.pl Sun May 6 11:21:32 2018 (r333292)
@@ -0,0 +1,72 @@
+#!/usr/bin/env perl
+#
+# $Id$
+#
+
+my $file = "$ARGV[0]";
+my $haveuid = 0;
+my $havekey = 0;
+my $uid = '';
+
+sub usage() {
+ print "Usage: $ARGV[0] /path/to/ldap/data\n";
+ exit (1);
+}
+
+sub main() {
+ if (!$ARGV[0]) {
+ &usage();
+ }
+ open(FILE, $file) or die("Could not open $file\n");
+ while(<FILE>) {
+ chomp($_);
+
+ # Skip commented lines.
+ if ($_ =~ m/^#/) {
+ next;
+ }
+
+ # Skip empty lines, reset vars.
+ if ($_ =~ m/^$/) {
+ $haveuid = 0;
+ $uid = '';
+ $havekey = 0;
+ next;
+ }
+
+ # Found the uid field. Make sure it is not empty, then set
+ # haveuid=1.
+ if ($_ =~ m/^uid: /) {
+ $_ =~ s/^uid: //;
+ # The one unfortunate account *with* an ssh key.
+ if ($_ =~ m/backup/) {
+ next;
+ }
+ $uid = $_;
+ $haveuid = 1;
+ }
+
+ # No need to search for a key if haveuid=0.
+ if ($haveuid eq 1) {
+ # Have the key.
+ if ($_ =~ m/^sshPublicKey::? /) {
+ $_ =~ s/^sshPublicKey::? //;
+ # It should not happen, but if a key datafield exists
+ # without a key, bail.
+ if ($_ =~ m//) {
+ $haveuid = 0;
+ next;
+ }
+ # Great. We have found a key for the UID. Since they
+ # have login access, they can vote. Good for them.
+ $havekey = 1;
+ print "$uid\n";
+ $haveuid = 0;
+ }
+ }
+ }
+ close(FILE);
+}
+
+&main();
+
Added: user/des/fbce/db/genuserlist.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ user/des/fbce/db/genuserlist.sh Sun May 6 11:21:32 2018 (r333292)
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+set -e
+
+users=
+tmpfile="$(mktemp $HOME/tmp.XXXXXXXXXX)"
+
+main() {
+ cd $(realpath $(dirname $(basename ${0})))
+ userlist="$(ldapsearch -x -b \
+ ou=users,dc=freebsd,dc=org \
+ -s children \
+ '(&(objectClass=freebsdAccount)(cn=*)(uid=*)(sshPublicKey=*)(loginShell=*)(!(loginShell=/usr/sbin/nologin))(!(uid=*test))(!(uid=socsvn-import)))' \
+ uid uidNumber loginShell sshPublicKey)"
+ printf "${userlist}" > ${tmpfile}
+ echo "Output written to: ${tmpfile}"
+
+ ./genuserlist.pl ${tmpfile} > ./users.txt
+
+ echo "Final output written to: users.txt"
+
+}
+
+main "$@"