1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
#!/usr/bin/perl -w
# $0 -b "ou=People,dc=borgia,dc=com" -F '(attr=value)'
# Synopsis
# applyQuotas.pl is a script solely for making the quota set within LDAP take
# affect by running the linuxquota tool edquota with the figures set in LDAP.
# This tool is capable of applying standard LDAP filters to the user-supplied
# base DN for applying multiple users' quotas at once.
# Examples:
# Apply the quotas using the linuxquota tool edquota for user stefan
# ./applySystemQuotas.pl -b "uid=stefan,ou=People,dc=borgia,dc=com"
#
# Apply the quotas using the linuxquota tool edquota for all People with description of Student
# ./applySystemQuotas.pl -b "ou=People,dc=borgia,dc=com" -F "(description=Student)"
use strict;
use Net::LDAP;
use Getopt::Long;
chomp(my $Password = `cat /etc/ldap.secret`);
my $Host = 'localhost';
my $Port = '389';
my $BindDN = 'cn=Manager,dc=borgia,dc=com';
my $SSL = 0;
my $edquota_editor = '/usr/sbin/edquota_editor';
my $edquota = '/usr/sbin/edquota';
my $b = '';
my $F = '';
GetOptions(
'b=s' => \$b,
'F=s' => \$F,
);
die "Usage: $0 -b basedn [-F '(extrafilter)']\n" unless $b;
my $ldap = connectLDAP();
my $search;
$search = $ldap->search(
base => $b,
filter => "(&(objectClass=systemQuotas)$F)",
attrs => ['uid', 'quota'],
);
$search->code && die $search->error;
my $i = 0;
my $max = $search->count;
for ( $i=0; $i<$max; $i++ ) {
my $entry = $search->entry($i);
my $editor = $ENV{'VISUAL'} if $ENV{'VISUAL'};
$ENV{'VISUAL'} = $edquota_editor;
$ENV{'QUOTA_USER'} = $entry->get_value('uid');
# Delete all existing quotas for QUOTA_USER
$ENV{'QUOTA_FILESYS'} = '*';
$ENV{'QUOTA_SBLOCKS'} = 0;
$ENV{'QUOTA_HBLOCKS'} = 0;
$ENV{'QUOTA_SFILES'} = 0;
$ENV{'QUOTA_HFILES'} = 0;
print "$ENV{'QUOTA_USER'}: $ENV{'QUOTA_FILESYS'}:$ENV{'QUOTA_SBLOCKS'},$ENV{'QUOTA_HBLOCKS'},$ENV{'QUOTA_SFILES'},$ENV{'QUOTA_HFILES'}\n";
qx(/usr/sbin/edquota -u $ENV{'QUOTA_USER'});
my @quotas = $entry->get_value('quota');
if ( $#quotas >= 0 ) {
foreach ( @quotas ) {
my @quota = split /:/;
$ENV{'QUOTA_FILESYS'} = $quota[0];
$ENV{'QUOTA_SBLOCKS'} = $quota[1];
$ENV{'QUOTA_HBLOCKS'} = $quota[2];
$ENV{'QUOTA_SFILES'} = $quota[3];
$ENV{'QUOTA_HFILES'} = $quota[4];
print "$ENV{'QUOTA_USER'}: $ENV{'QUOTA_FILESYS'}:$ENV{'QUOTA_SBLOCKS'},$ENV{'QUOTA_HBLOCKS'},$ENV{'QUOTA_SFILES'},$ENV{'QUOTA_HFILES'}\n";
qx($edquota -u $ENV{'QUOTA_USER'});
}
}
if ($editor) {
$ENV{'VISUAL'} = $editor;
}
else {
delete $ENV{'VISUAL'};
}
}
$search = $ldap->unbind;
sub connectLDAP {
# bind to a directory with dn and password
my $ldap = Net::LDAP->new(
$Host,
port => $Port,
version => 3,
# debug => 0xffff,
) or die "Can't contact LDAP server ($@)\n";
if ( $SSL ) {
$ldap->start_tls(
# verify => 'require',
# clientcert => 'mycert.pem',
# clientkey => 'mykey.pem',
# decryptkey => sub { 'secret'; },
# capath => '/usr/local/cacerts/'
);
}
$ldap->bind($BindDN, password=>$Password);
return $ldap;
}
|
