|
|
|---|
|
|
1 |
#!/bin/sh |
| 2 |
# |
| 3 |
# Univention Client Basesystem |
| 4 |
# init script: setting up network connection for thin client |
| 5 |
# |
| 6 |
# Copyright (C) 2006-2010 Univention GmbH |
| 7 |
# |
| 8 |
# http://www.univention.de/ |
| 9 |
# |
| 10 |
# All rights reserved. |
| 11 |
# |
| 12 |
# This program is free software; you can redistribute it and/or modify |
| 13 |
# it under the terms of the GNU General Public License version 2 as |
| 14 |
# published by the Free Software Foundation. |
| 15 |
# |
| 16 |
# Binary versions of this file provided by Univention to you as |
| 17 |
# well as other copyrighted, protected or trademarked materials like |
| 18 |
# Logos, graphics, fonts, specific documentations and configurations, |
| 19 |
# cryptographic keys etc. are subject to a license agreement between |
| 20 |
# you and Univention. |
| 21 |
# |
| 22 |
# This program is distributed in the hope that it will be useful, |
| 23 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 24 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 25 |
# GNU General Public License for more details. |
| 26 |
# |
| 27 |
# You should have received a copy of the GNU General Public License |
| 28 |
# along with this program; if not, write to the Free Software |
| 29 |
|
| 30 |
. /lib/lsb/init-functions |
| 31 |
|
| 32 |
echo " |
| 33 |
dialog_color = (BLACK,WHITE,OFF) |
| 34 |
screen_color = (WHITE,BLACK,OFF) |
| 35 |
border_color = (BLACK,WHITE,OFF) |
| 36 |
title_color = (RED,WHITE,OFF) |
| 37 |
button_inactive_color = (RED,WHITE,OFF) |
| 38 |
button_key_active_color = (WHITE,RED,OFF) |
| 39 |
button_key_inactive_color = (RED,WHITE,OFF) |
| 40 |
button_label_active_color = (WHITE,RED,OFF) |
| 41 |
button_label_inactive_color = (RED,WHITE,OFF) |
| 42 |
button_active_color = (WHITE,RED,OFF) |
| 43 |
button_inactive_color = (RED,WHITE,OFF) |
| 44 |
inputbox_color = (RED,WHITE,OFF) |
| 45 |
use_shadow = OFF |
| 46 |
" > /root/dialogrc |
| 47 |
|
| 48 |
ramdisk="/ramdisk" |
| 49 |
export DIALOGRC=/root/dialogrc |
| 50 |
dialog="dialog --clear" |
| 51 |
btitle='Univention Thin Client Rollout' |
| 52 |
ldapServer=$(cat /proc/cmdline | grep ldapServer | sed -e 's|.*ldapServer=||;s| .*||;s|"||g') |
| 53 |
size="12 70" |
| 54 |
|
| 55 |
eval $(univention-baseconfig shell \ |
| 56 |
thinclient/rollout/ldap/base \ |
| 57 |
thinclient/rollout/ldap/bindpwfile \ |
| 58 |
thinclient/rollout/ldap/binduid \ |
| 59 |
thinclient/rollout/reboot \ |
| 60 |
thinclient/rollout/ldap/position) |
| 61 |
|
| 62 |
log_action_msg "Preparing Thin Client for rollout" |
| 63 |
|
| 64 |
# test nfs boot |
| 65 |
if ! grep -iq 'root=/dev/nfs' /proc/cmdline; then |
| 66 |
log_action_end_msg 0 |
| 67 |
exit 0 |
| 68 |
fi |
| 69 |
|
| 70 |
# test necessary vars |
| 71 |
if [ -z "$thinclient_rollout_ldap_base" -o -z "$ldapServer" ]; then |
| 72 |
log_action_end_msg 0 |
| 73 |
exit 0 |
| 74 |
fi |
| 75 |
|
| 76 |
# search mac address |
| 77 |
mymac=$(cat /sys/class/net/eth0/address) |
| 78 |
|
| 79 |
# password |
| 80 |
if [ -n "$thinclient_rollout_ldap_bindpwfile" -a -f "$thinclient_rollout_ldap_bindpwfile" ]; then |
| 81 |
password=$(cat $thinclient_rollout_ldap_bindpwfile) |
| 82 |
fi |
| 83 |
|
| 84 |
uid="$thinclient_rollout_ldap_binduid" |
| 85 |
position="$thinclient_rollout_ldap_position" |
| 86 |
|
| 87 |
# default position |
| 88 |
if [ -z "$position" ]; then |
| 89 |
position="cn=computers,$thinclient_rollout_ldap_base" |
| 90 |
fi |
| 91 |
|
| 92 |
# dialog |
| 93 |
while true; do |
| 94 |
|
| 95 |
# mac found -> normal boot |
| 96 |
if ldapsearch -x -h "$ldapServer" -b "$thinclient_rollout_ldap_base" macAddress="$mymac" | \ |
| 97 |
ldapsearch-wrapper | grep ^macAddress:; then |
| 98 |
log_action_end_msg 0 |
| 99 |
exit 0 |
| 100 |
fi |
| 101 |
|
| 102 |
# stop usplash |
| 103 |
usplash_write "QUIT" |
| 104 |
clear |
| 105 |
|
| 106 |
# check errors |
| 107 |
if [ -n "$errorMsg" ]; then |
| 108 |
$dialog --backtitle "$btitle" \ |
| 109 |
--title " Error while creating UCS Thin Client " --msgbox "\n$errorMsg" $size |
| 110 |
errorMsg="" |
| 111 |
fi |
| 112 |
|
| 113 |
# get infos |
| 114 |
ask=3 |
| 115 |
title=" Create UCS Thin Client object " |
| 116 |
while [ $ask -eq 3 ]; do |
| 117 |
name=$($dialog --backtitle "$btitle" --title "$title" --no-cancel \ |
| 118 |
--inputbox "\nName for the UCS Thin Client:" $size "$name" 3>&1 1>&2 2>&3) |
| 119 |
uid=$($dialog --backtitle "$btitle" --no-cancel \ |
| 120 |
--title "$title" --inputbox "\nName of an user with administrative rights:" \ |
| 121 |
$size "$uid" 3>&1 1>&2 2>&3) |
| 122 |
password=$($dialog --backtitle "$btitle" --no-cancel \ |
| 123 |
--title "$title" --insecure \ |
| 124 |
--passwordbox "\nPassword for user with administrative rights:" \ |
| 125 |
$size "$password" 3>&1 1>&2 2>&3) |
| 126 |
position=$($dialog --backtitle "$btitle" --no-cancel \ |
| 127 |
--title "$title" --inputbox "\nLDAP position for the UCS Thin Client object:" \ |
| 128 |
$size "$position" 3>&1 1>&2 2>&3) |
| 129 |
|
| 130 |
$dialog --backtitle "$btitle" --title "$title" --extra-button \ |
| 131 |
--extra-label "Reenter" --yesno \ |
| 132 |
"\nSettings:\n \ |
| 133 |
\nName of UCS Thin Client: $name \ |
| 134 |
\nUser for creation: $uid \ |
| 135 |
\nLDAP Position: $position \ |
| 136 |
\nLDAP Server: $ldapServer" $size |
| 137 |
|
| 138 |
ask=$? |
| 139 |
|
| 140 |
# cancel |
| 141 |
if [ $ask -eq 1 ]; then |
| 142 |
exit 0 |
| 143 |
fi |
| 144 |
|
| 145 |
if [ -z "$name" -o -z "$password" -o -z "$uid" ]; then |
| 146 |
ask=3 |
| 147 |
fi |
| 148 |
done |
| 149 |
|
| 150 |
# test name |
| 151 |
object=$(ldapsearch -x -h "$ldapServer" -b "$thinclient_rollout_ldap_base" \ |
| 152 |
"(&(objectClass=univentionHost)(cn=$name))" dn | ldapsearch-wrapper | grep ^dn:) |
| 153 |
if [ -n "$object" ]; then |
| 154 |
errorMsg="Name already exists!" |
| 155 |
object="" |
| 156 |
continue |
| 157 |
fi |
| 158 |
|
| 159 |
# get ldap dn |
| 160 |
userDn=$(ldapsearch -x -h "$ldapServer" -b "$thinclient_rollout_ldap_base" \ |
| 161 |
uid="$uid" dn | ldapsearch-wrapper | grep ^dn: | awk -F ": " {'print $2'}) |
| 162 |
if [ -z "$userDn" ]; then |
| 163 |
errorMsg="Could not get LDAP DN for UID $uid!" |
| 164 |
continue |
| 165 |
fi |
| 166 |
|
| 167 |
pwfile=$(mktemp) |
| 168 |
echo "$password" > "$pwfile" |
| 169 |
|
| 170 |
clear |
| 171 |
|
| 172 |
# run udm |
| 173 |
cmd="/usr/sbin/udm computers/thinclient create --binddn \\\"$userDn\\\" --bindpwd \\\"$password\\\"" |
| 174 |
if [ -n "$position" ]; then |
| 175 |
cmd="$cmd --position \\\"$position\\\"" |
| 176 |
fi |
| 177 |
cmd="$cmd --set name=\\\"$name\\\" --set mac=\\\"$mymac\\\"" |
| 178 |
errorMsg=$(univention-ssh "$pwfile" "$uid"@"$ldapServer" "$cmd") |
| 179 |
rm "$pwfile" |
| 180 |
|
| 181 |
# test if object was created |
| 182 |
sleep 1 |
| 183 |
object=$(ldapsearch -h "$ldapServer" -b "$thinclient_rollout_ldap_base" -x macAddress="$mymac" dn | ldapsearch-wrapper | grep ^dn:) |
| 184 |
|
| 185 |
if [ -n "$object" ]; then |
| 186 |
log_begin_msg "$object successfully created" |
| 187 |
log_end_msg 0 |
| 188 |
object="" |
| 189 |
|
| 190 |
if [ -n "$thinclient_rollout_reboot" -a "$thinclient_rollout_reboot" = "no" ]; then |
| 191 |
log_begin_msg "reboot disabled via thinclient/rollout/reboot" |
| 192 |
log_end_msg 0 |
| 193 |
else |
| 194 |
reboot |
| 195 |
fi |
| 196 |
exit 0 |
| 197 |
fi |
| 198 |
|
| 199 |
done |