@ -1,6 +1,6 @@
#!/bin/sh
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
@ -23,91 +23,85 @@
#
name="$__object_id"
os_version="$(cat "$__global/explorer/os_version")"
os="$(cat "$__global/explorer/os")"
cd "$__object/parameter"
if grep -q "^${name}:" "$__object/explorer/group"; then
for property in $(ls .); do
new_value="$(cat "$property")"
# argument to pass the groupmod command for this property (exceptions
# are made in the case statement below)
proparg="--$property"
case "$property" in
password)
if [ "$os" = "freebsd" ]; then
echo "group/$name: FreeBSD doesn't support password modification" >&2
exit 1
fi
case "$os_version" in
"Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
# TODO: Use gpasswd? Need to fix gshadow explorer first.
echo "group/$name: '$os_version' groupmod does not support password modification" >&2
exit 1
;;
esac
current_value="$(awk -F: '{ print $2 }' < "$__object/explorer/gshadow")"
;;
gid)
# set to -g to support older redhat/centos
proparg="-g"
current_value="$(awk -F: '{ print $3 }' < "$__object/explorer/group")"
;;
esac
# Use short option names for portability
shorten_property() {
case "$1" in
gid) echo "-g";;
password) echo "-p";;
system) echo "-r";;
esac
}
if [ "$new_value" != "$current_value" ]; then
set -- "$@" "$proparg" \"$new_value\"
echo change $property $new_value $current_value >> "$__messages_out"
fi
done
if [ $# -gt 0 ]; then
echo mod >> "$__messages_out"
case $os in
freebsd)
echo pw group mod "$@" "$name"
;;
*)
if [ "$state" = "present" ]; then
case "$os" in
freebsd)
supported_add_properties="gid"
supported_change_properties="gid"
;;
*)
supported_add_properties="gid password system"
supported_change_properties="gid password"
;;
esac
if grep -q "^${name}:" "$__object/explorer/group"; then
# change existing
for property in $supported_change_properties; do
if [ -f "$__object/parameter/$property" ]; then
new_value="$(cat "$__object/parameter/$property")"
unset current_value
case "$property" in
password)
current_value="$(awk -F: '{ print $2 }' "$__object/explorer/gshadow")"
;;
gid)
current_value="$(awk -F: '{ print $3 }' "$__object/explorer/group")"
;;
esac
if [ "$new_value" != "$current_value" ]; then
set -- "$@" "$(shorten_property $property)" \'$new_value\'
echo change $property $new_value $current_value >> "$__messages_out"
fi
fi
done
if [ $# -gt 0 ]; then
if [ "$os" = "freebsd" ]; then
echo pw groupmod "$@" "$name"
else
echo groupmod "$@" "$name"
;;
esac
fi
echo mod >> "$__messages_out"
fi
else
# create new
for property in $supported_change_properties; do
if [ -f "$__object/parameter/$property" ]; then
new_value="$(cat "$__object/parameter/$property")"
if [ -z "$new_value" ]; then
# Boolean parameters have no value
set -- "$@" "$(shorten_property $property)"
else
set -- "$@" "$(shorten_property $property)" \'$new_value\'
fi
fi
if [ "$os" = "freebsd" ]; then
echo pw groupadd "$@" "$name"
else
echo groupadd "$@" "$name"
fi
done
fi
else
echo add >> "$__messages_out"
for property in $(ls .); do
new_value="$(cat "$property")"
# delete existing
if grep -q "^${name}:" "$__object/explorer/group"; then
if [ "$os" = "freebsd" ]; then
case $property in
gid)
proparg="-g"
;;
password)
echo "group/$name: FreeBSD doesn't support password setting" >&2
exit 1
;;
*)
# The type has been updated to support more properties than it knows how to handle for FreeBSD
# tell the user about this.
echo "Currently unknown property: $property" >&2
exit 1
;;
esac
echo pw groupdel "$name"
else
proparg="--$property"
echo groupdel "$name"
fi
set -- "$@" "$proparg" \"$new_value\"
echo set $property $new_value >> "$__messages_out"
done
case $os in
freebsd)
echo pw group add "$@" "$name"
;;
*)
echo groupadd "$@" "$name"
;;
esac
echo remove >> "$__messages_out"
fi
fi
Steven Armstrong
10 years ago