From 1f641814b2bfbbf2dc3347e11a3fe901bfdf1efc Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 18:35:33 +0200
Subject: Adding debian version 2.5.13+dfsg-5.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/ldiftopasswd | 174 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 174 insertions(+)
 create mode 100755 debian/ldiftopasswd

(limited to 'debian/ldiftopasswd')

diff --git a/debian/ldiftopasswd b/debian/ldiftopasswd
new file mode 100755
index 0000000..543bdd5
--- /dev/null
+++ b/debian/ldiftopasswd
@@ -0,0 +1,174 @@
+#!/usr/bin/perl -w
+#
+#
+# Comments on usage from the email we received:
+# I showed a friend the following script. He said I should submit it for
+# inclusion in openldap, because it might useful for others. 
+#
+# The attached perl script, when used like
+#
+# ldapsearch | ldiftopasswd
+#
+# will automatically:
+#
+# 1. create /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow
+#
+# 2. append /etc/passwd.top, /etc/shadow.top, /etc/group.top, and /etc/gshadow.top to respective files.
+#
+# 3. use data from ldap to create the files (note: gshadow isn't really
+# supported, because I don't use it, nor could I find any
+# documentation. Adding support for other files should be easy).
+#
+# (of course you need access to all fields including the password field
+# for this, so use correct parameters to ldapsearch).
+#
+# This could be useful for instance on laptop computers where you don't
+# want to run a slave slapd server for some reason (perhaps memory
+# constraints).
+# ----------------------------------------
+use strict;
+use Getopt::Long;
+use MIME::Base64;
+use IO::File;
+
+my $passwdfile="/etc/passwd";
+my $shadowfile="/etc/shadow";
+my $groupfile="/etc/group";
+my $gshadowfile="/etc/gshadow";
+my $help;
+GetOptions (
+		'--passwd=s',\$passwdfile,
+		'--shadow=s',\$shadowfile,
+		'--group=s',\$groupfile,
+		'--gshadow=s',\$gshadowfile,
+		'--help',\$help,
+            ) or die "Bad options\n";
+
+if ($help or $#ARGV != -1) {
+  print STDERR "usage: $0 [etcfile=filename] [--help]\n";
+  exit 255;
+}
+
+sub start_file($) {
+  my ($file) = @_;
+  my $outhandle = new IO::File;
+  $outhandle->open(">$file") or die "Cannot open $file for writing";
+
+  open(TMP,"<$file.top") or die "cannot open $file.top for reading";
+  while (<TMP>) { $outhandle->print($_); }
+  close(TMP) or die "cannot close $file for reading";
+
+  return($outhandle);
+}
+
+my $PASSWD  = start_file($passwdfile);
+my $SHADOW  = start_file($shadowfile);
+my $GROUP   = start_file($groupfile);
+my $GSHADOW = start_file($gshadowfile);
+
+sub dopasswd($) {
+      my ($record) = @_;
+      my $userPassword="*";
+
+      $PASSWD->print(
+      	$record->{"uid"},":",
+	"x",":",
+      	$record->{"uidNumber"},":",
+      	$record->{"gidNumber"},":",
+      	$record->{"gecos"},":",
+      	$record->{"homeDirectory"},":",
+      	$record->{"loginShell"},"\n");
+
+      if (defined($record->{"userPassword"}) &&
+          $record->{"userPassword"} =~ /^{(crypt)}(.*)$/)
+        { $userPassword = $2; }
+
+      $SHADOW->print(
+      	$record->{"uid"},":",
+      	$userPassword,":",
+	$record->{"shadowLastChange"} || "10706",":",
+      	$record->{"shadowMin"} || "0",":",
+      	$record->{"shadowMax"} || "99999",":",
+      	$record->{"shadowWarning"} || "7",":",
+      	$record->{"shadowInactive"} || "",":",
+      	$record->{"shadowExpire"} || "",":",
+	"","\n");
+}
+
+sub dogroup($) {
+      my ($record) = @_;
+      my $userPassword="*";
+
+      my $members="";
+      if (defined($record->{"memberUid"})) {
+        $members = join(",",@{$record->{"memberUid"}});
+      }
+
+      $GROUP->print(
+      	$record->{"cn"},":",
+	"x",":",
+      	$record->{"gidNumber"},":",
+      	$members,"\n");
+
+      if (defined($record->{"userPassword"}) &&
+          $record->{"userPassword"} =~ /^{(crypt)}(.*)$/)
+        { $userPassword = $2; }
+
+# !FIXME!
+#      $GSHADOW->print
+#      	$record->{"cn"},":",
+#	"*",":",
+#	"",":",
+#	"","\n";
+}
+
+
+my %record;
+my $user=0;
+my $group=0;
+
+while (<>) {
+  if (/^$/) {
+    if ($user) {
+      dopasswd(\%record);
+    }
+    if ($group) {
+      dogroup(\%record);
+    }
+
+    $user = $group = 0;
+    %record=();
+  }
+  elsif (/^objectClass: posixAccount$/) {
+    $user = 1;
+  }
+  elsif (/^objectClass: posixGroup$/) {
+    $group = 1;
+  }
+  elsif (/^(uid|uidNumber|gidNumber|gecos|homeDirectory|loginShell): (.*)$/) {
+    if (!defined($record{$1})) { $record{$1} = $2; }
+  }
+  elsif (/^(userPassword|shadowLastChange|shadowMin|shadowMax|shadowWarning|shadowInactive|shadowExpire): (.*)$/) {
+    if (!defined($record{$1})) { $record{$1} = $2; }
+  }
+  elsif (/^(cn): (.*)$/) {
+    if (!defined($record{$1})) { $record{$1} = $2; }
+  }
+  elsif (/^(uniqueMember): (.*)$/) {
+    push @{$record{$1}},$2;
+    if ($2 =~ /uid=([a-zA-Z]*),/) {
+	    push @{$record{"memberUid"}},$1;
+    }
+  }
+  elsif (/^(memberUid): (.*)$/) {
+    push @{$record{$1}},$2;
+  }
+  elsif (/^(userPassword):: (.*)$/) {
+    $record{$1} = decode_base64($2);
+  }
+}
+
+$PASSWD->close  or die "Cannot close $passwdfile for writing";
+$SHADOW->close  or die "Cannot close $shadowfile for writing";
+$GROUP->close   or die "Cannot close $groupfile for writing";
+$GSHADOW->close or die "Cannot close $gshadowfile for writing";
-- 
cgit v1.2.3