From 92a1f2bfa4e3687b35f0ae13521d81ff805c17f1 Mon Sep 17 00:00:00 2001 Message-Id: <92a1f2bfa4e3687b35f0ae13521d81ff805c17f1.1489047939.git.hahn@univention.de> From: Philipp Hahn Date: Thu, 9 Mar 2017 08:56:48 +0100 Subject: [PATCH] Bug #43689 USS: Fix shell issues Organization: Univention GmbH, Bremen, Germany Don't clobber variables. Reduce number of forked sub processes. Fix handling of long DNs. --- .../univention-system-setup/scripts/setup_utils.sh | 39 ++++++++++------------ 1 file changed, 17 insertions(+), 22 deletions(-) diff --git a/base/univention-system-setup/usr/lib/univention-system-setup/scripts/setup_utils.sh b/base/univention-system-setup/usr/lib/univention-system-setup/scripts/setup_utils.sh index fd0480f..7732d32 100644 --- a/base/univention-system-setup/usr/lib/univention-system-setup/scripts/setup_utils.sh +++ b/base/univention-system-setup/usr/lib/univention-system-setup/scripts/setup_utils.sh @@ -1,4 +1,4 @@ -#!/bin/sh -e +#!/bin/sh # # Univention System Setup # setup utils helper script @@ -136,12 +136,9 @@ is_profile_var_true () { if [ -z "$value" ]; then return 2 fi - value=$(echo "$value" | tr '[:upper:]' '[:lower:]') - for falsevalue in no false 0 disable disabled off; do - if [ "$value" = "$falsevalue" ]; then - return 1 - fi - done + case "$(echo "$value" | tr '[:upper:]' '[:lower:]')" in + no|false|0|disable|disabled|off) return 1 ;; + esac return 0 } @@ -168,26 +165,24 @@ service_start () { service start "$@"; } service_stop () { service stop "$@"; } ldap_binddn () { + local server_role ldap_base ldap_master ldap_hostdn ldap_username eval "$(univention-config-registry shell server/role ldap/base ldap/master ldap/hostdn)" - if [ "$server_role" = "domaincontroller_master" ] || [ "$server_role" = "domaincontroller_backup" ]; then + case "$server_role" in + domaincontroller_master|domaincontroller_backup) echo "cn=admin,$ldap_base" - else - ldap_username=`get_profile_var ldap_username` + ;; + *) + ldap_username="$(get_profile_var ldap_username)" if [ -n "$ldap_username" ]; then - dn=`ldapsearch -x -ZZ -D "$ldap_hostdn" -y /etc/machine.secret -h $ldap_master "(&(objectClass=person)(uid=$ldap_username))" | grep "dn: " | sed -e 's|dn: ||' | head -n 1` - echo "$dn" + ldapsearch -h "$ldap_master" -ZZ -x -D "$ldap_hostdn" -y /etc/machine.secret -LLLo ldif-wrap=no "(&(objectClass=person)(uid=$ldap_username))" dn | sed -ne 's|^dn: ||p;T;q' fi - fi + ;; + esac } ldap_bindpwd () { - eval "$(univention-config-registry shell server/role ldap/base ldap/master)" - if [ "$server_role" = "domaincontroller_master" ] || [ "$server_role" = "domaincontroller_backup" ]; then - echo "`cat /etc/ldap.secret`" - else - ldap_password=`get_profile_var ldap_password` - if [ -n "$ldap_password" ]; then - echo "$ldap_password" - fi - fi + case "$(univention-config-registry get server/role)" in + domaincontroller_master|domaincontroller_backup) cat /etc/ldap.secret ;; + *) get_profile_var ldap_password ;; + esac } -- 2.1.4