Univention Bugzilla – Bug 32581
Hook support for ldap-group-to-file.py
Last modified: 2013-11-19 06:42:50 CET
We should add a simple hook mechanism for ldap-group-to-file.py. We have often the problem that we need all members of a group including groups in groups. With such a mechanism we could simple add a script which reads all group members with 'getent group grp'.
Needed for Bug #29710
fixed root@master151:~# echo -e '#!/bin/sh\necho "TEST"' >/var/lib/ldap-group-to-file-hooks.d/test root@master151:~# chmod +x /var/lib/ldap-group-to-file-hooks.d/test root@master151:~# /usr/lib/univention-pam/ldap-group-to-file.py --verbose Found 39 ldap groups The file /var/lib/extrausers/group was created. run-parts: executing /var/lib/ldap-group-to-file-hooks.d/admingrp-user-passwordreset run-parts: executing /var/lib/ldap-group-to-file-hooks.d/test TEST root@master151:~# Code: r43995 Test Case: r44042 Changelog: r44041
FAIL: r43995 + stdout_pipe = subprocess.PIPE + stderr_pipe = subprocess.PIPE + p = subprocess.Popen(... stdout=stdout_pipe, stderr=stderr_pipe) + returncode = p.wait() <http://docs.python.org/2.6/library/subprocess.html#subprocess.Popen.wait> Either use os.path.devnull or communicate(); first one is preferred. And please move the whole addition into a separate function and call it from the __main__ CLOB. OK: Otherwise works as expected. OK: ChangeLog FYI: The recursion prevention looks fishy; see attached version for some cleanups.
Created attachment 5465 [details] ldap-group-to-file.py 1. Use /dev/null instead of PIPE 2. Don't use deprecated string module 3. Split into smaller functions 4. Log to STDERR 5. Really prevent recursively double resolving the same group
With r44423 I changed the code to use os.path.devnull and a separate function for the hook handling. (In reply to Philipp Hahn from comment #3) > FYI: The recursion prevention looks fishy; see attached version for some > cleanups. If we have a problem please create a new bug. I won't change it with this bug.
OK: r44423,44436 OK: /usr/lib/univention-pam/ldap-group-to-file.py --file /tmp/tmp OK: /usr/lib/univention-pam/ldap-group-to-file.py --file /tmp/tmp --verbose OK: 7.0.3-2.221.201309241707
UCS 3.2 has been released: http://docs.univention.de/release-notes-3.2-en.html http://docs.univention.de/release-notes-3.2-de.html If this error occurs again, please use "Clone This Bug".