|
|
|
1 |
#!/bin/sh |
2 |
# |
3 |
# Univention Client Basesystem |
4 |
# init script: setting up network connection for thin client |
5 |
# |
6 |
# Copyright (C) 2006-2010 Univention GmbH |
7 |
# |
8 |
# http://www.univention.de/ |
9 |
# |
10 |
# All rights reserved. |
11 |
# |
12 |
# This program is free software; you can redistribute it and/or modify |
13 |
# it under the terms of the GNU General Public License version 2 as |
14 |
# published by the Free Software Foundation. |
15 |
# |
16 |
# Binary versions of this file provided by Univention to you as |
17 |
# well as other copyrighted, protected or trademarked materials like |
18 |
# Logos, graphics, fonts, specific documentations and configurations, |
19 |
# cryptographic keys etc. are subject to a license agreement between |
20 |
# you and Univention. |
21 |
# |
22 |
# This program is distributed in the hope that it will be useful, |
23 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
24 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
25 |
# GNU General Public License for more details. |
26 |
# |
27 |
# You should have received a copy of the GNU General Public License |
28 |
# along with this program; if not, write to the Free Software |
29 |
|
30 |
. /lib/lsb/init-functions |
31 |
|
32 |
echo " |
33 |
dialog_color = (BLACK,WHITE,OFF) |
34 |
screen_color = (WHITE,BLACK,OFF) |
35 |
border_color = (BLACK,WHITE,OFF) |
36 |
title_color = (RED,WHITE,OFF) |
37 |
button_inactive_color = (RED,WHITE,OFF) |
38 |
button_key_active_color = (WHITE,RED,OFF) |
39 |
button_key_inactive_color = (RED,WHITE,OFF) |
40 |
button_label_active_color = (WHITE,RED,OFF) |
41 |
button_label_inactive_color = (RED,WHITE,OFF) |
42 |
button_active_color = (WHITE,RED,OFF) |
43 |
button_inactive_color = (RED,WHITE,OFF) |
44 |
inputbox_color = (RED,WHITE,OFF) |
45 |
use_shadow = OFF |
46 |
" > /root/dialogrc |
47 |
|
48 |
ramdisk="/ramdisk" |
49 |
export DIALOGRC=/root/dialogrc |
50 |
dialog="dialog --clear" |
51 |
btitle='Univention Thin Client Rollout' |
52 |
ldapServer=$(cat /proc/cmdline | grep ldapServer | sed -e 's|.*ldapServer=||;s| .*||;s|"||g') |
53 |
size="12 70" |
54 |
|
55 |
eval $(univention-baseconfig shell \ |
56 |
thinclient/rollout/ldap/base \ |
57 |
thinclient/rollout/ldap/bindpwfile \ |
58 |
thinclient/rollout/ldap/binduid \ |
59 |
thinclient/rollout/reboot \ |
60 |
thinclient/rollout/ldap/position) |
61 |
|
62 |
log_action_msg "Preparing Thin Client for rollout" |
63 |
|
64 |
# test nfs boot |
65 |
if ! grep -iq 'root=/dev/nfs' /proc/cmdline; then |
66 |
log_action_end_msg 0 |
67 |
exit 0 |
68 |
fi |
69 |
|
70 |
# test necessary vars |
71 |
if [ -z "$thinclient_rollout_ldap_base" -o -z "$ldapServer" ]; then |
72 |
log_action_end_msg 0 |
73 |
exit 0 |
74 |
fi |
75 |
|
76 |
# search mac address |
77 |
mymac=$(cat /sys/class/net/eth0/address) |
78 |
|
79 |
# password |
80 |
if [ -n "$thinclient_rollout_ldap_bindpwfile" -a -f "$thinclient_rollout_ldap_bindpwfile" ]; then |
81 |
password=$(cat $thinclient_rollout_ldap_bindpwfile) |
82 |
fi |
83 |
|
84 |
uid="$thinclient_rollout_ldap_binduid" |
85 |
position="$thinclient_rollout_ldap_position" |
86 |
|
87 |
# default position |
88 |
if [ -z "$position" ]; then |
89 |
position="cn=computers,$thinclient_rollout_ldap_base" |
90 |
fi |
91 |
|
92 |
# dialog |
93 |
while true; do |
94 |
|
95 |
# mac found -> normal boot |
96 |
if ldapsearch -x -h "$ldapServer" -b "$thinclient_rollout_ldap_base" macAddress="$mymac" | \ |
97 |
ldapsearch-wrapper | grep ^macAddress:; then |
98 |
log_action_end_msg 0 |
99 |
exit 0 |
100 |
fi |
101 |
|
102 |
# stop usplash |
103 |
usplash_write "QUIT" |
104 |
clear |
105 |
|
106 |
# check errors |
107 |
if [ -n "$errorMsg" ]; then |
108 |
$dialog --backtitle "$btitle" \ |
109 |
--title " Error while creating UCS Thin Client " --msgbox "\n$errorMsg" $size |
110 |
errorMsg="" |
111 |
fi |
112 |
|
113 |
# get infos |
114 |
ask=3 |
115 |
title=" Create UCS Thin Client object " |
116 |
while [ $ask -eq 3 ]; do |
117 |
name=$($dialog --backtitle "$btitle" --title "$title" --no-cancel \ |
118 |
--inputbox "\nName for the UCS Thin Client:" $size "$name" 3>&1 1>&2 2>&3) |
119 |
uid=$($dialog --backtitle "$btitle" --no-cancel \ |
120 |
--title "$title" --inputbox "\nName of an user with administrative rights:" \ |
121 |
$size "$uid" 3>&1 1>&2 2>&3) |
122 |
password=$($dialog --backtitle "$btitle" --no-cancel \ |
123 |
--title "$title" --insecure \ |
124 |
--passwordbox "\nPassword for user with administrative rights:" \ |
125 |
$size "$password" 3>&1 1>&2 2>&3) |
126 |
position=$($dialog --backtitle "$btitle" --no-cancel \ |
127 |
--title "$title" --inputbox "\nLDAP position for the UCS Thin Client object:" \ |
128 |
$size "$position" 3>&1 1>&2 2>&3) |
129 |
|
130 |
$dialog --backtitle "$btitle" --title "$title" --extra-button \ |
131 |
--extra-label "Reenter" --yesno \ |
132 |
"\nSettings:\n \ |
133 |
\nName of UCS Thin Client: $name \ |
134 |
\nUser for creation: $uid \ |
135 |
\nLDAP Position: $position \ |
136 |
\nLDAP Server: $ldapServer" $size |
137 |
|
138 |
ask=$? |
139 |
|
140 |
# cancel |
141 |
if [ $ask -eq 1 ]; then |
142 |
exit 0 |
143 |
fi |
144 |
|
145 |
if [ -z "$name" -o -z "$password" -o -z "$uid" ]; then |
146 |
ask=3 |
147 |
fi |
148 |
done |
149 |
|
150 |
# test name |
151 |
object=$(ldapsearch -x -h "$ldapServer" -b "$thinclient_rollout_ldap_base" \ |
152 |
"(&(objectClass=univentionHost)(cn=$name))" dn | ldapsearch-wrapper | grep ^dn:) |
153 |
if [ -n "$object" ]; then |
154 |
errorMsg="Name already exists!" |
155 |
object="" |
156 |
continue |
157 |
fi |
158 |
|
159 |
# get ldap dn |
160 |
userDn=$(ldapsearch -x -h "$ldapServer" -b "$thinclient_rollout_ldap_base" \ |
161 |
uid="$uid" dn | ldapsearch-wrapper | grep ^dn: | awk -F ": " {'print $2'}) |
162 |
if [ -z "$userDn" ]; then |
163 |
errorMsg="Could not get LDAP DN for UID $uid!" |
164 |
continue |
165 |
fi |
166 |
|
167 |
pwfile=$(mktemp) |
168 |
echo "$password" > "$pwfile" |
169 |
|
170 |
clear |
171 |
|
172 |
# run udm |
173 |
cmd="/usr/sbin/udm computers/thinclient create --binddn \\\"$userDn\\\" --bindpwd \\\"$password\\\"" |
174 |
if [ -n "$position" ]; then |
175 |
cmd="$cmd --position \\\"$position\\\"" |
176 |
fi |
177 |
cmd="$cmd --set name=\\\"$name\\\" --set mac=\\\"$mymac\\\"" |
178 |
errorMsg=$(univention-ssh "$pwfile" "$uid"@"$ldapServer" "$cmd") |
179 |
rm "$pwfile" |
180 |
|
181 |
# test if object was created |
182 |
sleep 1 |
183 |
object=$(ldapsearch -h "$ldapServer" -b "$thinclient_rollout_ldap_base" -x macAddress="$mymac" dn | ldapsearch-wrapper | grep ^dn:) |
184 |
|
185 |
if [ -n "$object" ]; then |
186 |
log_begin_msg "$object successfully created" |
187 |
log_end_msg 0 |
188 |
object="" |
189 |
|
190 |
if [ -n "$thinclient_rollout_reboot" -a "$thinclient_rollout_reboot" = "no" ]; then |
191 |
log_begin_msg "reboot disabled via thinclient/rollout/reboot" |
192 |
log_end_msg 0 |
193 |
else |
194 |
reboot |
195 |
fi |
196 |
exit 0 |
197 |
fi |
198 |
|
199 |
done |