examples/scripts/idmap/idmap_nis.sh

   1 #!/bin/bash
   2 # idmap script to map SIDs to UIDs/GIDs using NIS
   3 # tridge@samba.org June 2009
   4
   5 DOMAIN=$(ypdomainname)
   6
   7 (
   8     date
   9     echo $*
  10 ) >> /var/log/samba/idmap.log
  11
  12 cmd=$1
  13 shift
  14
  15 PATH=/usr/bin:bin:$PATH
  16
  17 shopt -s nocasematch || {
  18     echo "shell option nocasematch not supported"
  19     exit 1
  20 }
  21
  22 # map from a domain and name to a uid/gid
  23 map_name() {
  24     domain="$1"
  25     name="$2"
  26     ntype="$3"
  27     case $ntype in
  28         1)
  29             rtype="UID"
  30             map="passwd"
  31             ;;
  32         2)
  33             rtype="GID"
  34             map="group"
  35             ;;
  36         *)
  37             echo "ERR: bad name type $ntype"
  38             exit 1
  39             ;;
  40     esac
  41     id=$(ypmatch "$name" "$map".byname 2>/dev/null | cut -d: -f3)
  42     [ -z "$id" ] && {
  43         echo "ERR: bad match for $name in map $map"
  44         exit 1
  45     }
  46     echo "$rtype":"$id"
  47 }
  48
  49 # map from a unix id to a name
  50 map_id() {
  51     ntype="$1"
  52     id="$2"
  53     case $ntype in
  54         UID)
  55             map="passwd.byuid"
  56             ;;
  57         GID)
  58             map="group.bygid"
  59             ;;
  60         *)
  61             echo "ERR: bad name type $ntype"
  62             exit 1
  63             ;;
  64     esac
  65     name="$(ypmatch "$id" "$map" 2>/dev/null | cut -d: -f1)"
  66     [ -z "$name" ] && {
  67         echo "ERR: bad match for $name in map $map"
  68         exit 1
  69     }
  70     echo "$name"
  71 }
  72
  73
  74 case $cmd in
  75     SIDTOID)
  76         sid=$1
  77         rid=`echo $sid | cut -d- -f8`
  78         [ -z "$rid" ] && {
  79             echo "ERR: bad rid in SID $sid"
  80             exit 1
  81         }
  82
  83         unset _NO_WINBINDD
  84         # oh, this is ugly. Shell is just not meant for parsing text
  85         fullname=`wbinfo -s $sid 2> /dev/null`
  86         domain=`echo $fullname | cut -d'\' -f1`
  87         [[ "$domain" = $DOMAIN ]] || {
  88             echo "ERR: bad domain $domain"
  89             exit 1
  90         }
  91         name=`echo $fullname | cut -d'\' -f2`
  92         nwords=`echo $name | wc -w`
  93         ntype=`echo $name | cut -d' ' -f$nwords`
  94         nminusone=`expr $nwords - 1`
  95         name=`echo $name | cut -d' ' -f-$nminusone`
  96         [ -z "$name" ] && {
  97             echo "ERR: bad name $fullname for SID $sid"
  98             exit 1
  99         }
 100         map_name "$domain" "$name" "$ntype"
 101         ;;
 102     IDTOSID)
 103         ntype=$1
 104         id=$2
 105         name="$(map_id "$ntype" "$id")"
 106         sid="$(wbinfo -n "$name" 2>/dev/null | cut -d' ' -f1)"
 107         [ -z "$sid" ] && {
 108             echo "ERR: name $name not found in ADS"
 109             exit 1
 110         }
 111         echo "SID:$sid"
 112         ;;
 113     *)
 114         echo "ERR: Unknown command $cmd"
 115         exit 1;
 116         ;;
 117 esac
 118
 119 exit 0