2021-08-03 03:22:53 +00:00
|
|
|
#!/usr/bin/python3
|
|
|
|
|
2021-11-22 21:15:48 +00:00
|
|
|
import sys
|
2021-08-03 03:22:53 +00:00
|
|
|
import os
|
|
|
|
|
|
|
|
|
2021-11-22 21:15:48 +00:00
|
|
|
# Determine if running in interactive mode
|
|
|
|
interactive = len(sys.argv) == 1
|
|
|
|
|
2021-08-03 03:22:53 +00:00
|
|
|
# Get user details
|
2021-11-22 21:15:48 +00:00
|
|
|
if interactive:
|
|
|
|
username = input('Enter username: ')
|
|
|
|
firstname = input('Enter first name: ')
|
|
|
|
lastname = input('Enter last name: ')
|
|
|
|
email = input('Enter email: ')
|
|
|
|
else:
|
|
|
|
username = sys.argv[1]
|
|
|
|
firstname = sys.argv[2]
|
|
|
|
lastname = sys.argv[3]
|
|
|
|
email = sys.argv[4]
|
2021-10-07 00:05:05 +00:00
|
|
|
|
|
|
|
# Get UID
|
2021-11-22 21:15:48 +00:00
|
|
|
if interactive:
|
|
|
|
custom_uid = input('Would you like to enter a custom UID? (y/N) ')
|
|
|
|
else:
|
|
|
|
custom_uid = 'n'
|
2021-10-07 00:05:05 +00:00
|
|
|
if custom_uid == 'y' or custom_uid == 'Y':
|
|
|
|
uid = input('Enter UID: ')
|
|
|
|
else:
|
2021-11-30 04:17:26 +00:00
|
|
|
output = os.popen('getent passwd').read()
|
2021-11-30 00:27:39 +00:00
|
|
|
uid = [u for u in range(1000, 10000) if str(u) not in output][0]
|
2021-08-03 03:22:53 +00:00
|
|
|
|
2021-08-20 22:01:29 +00:00
|
|
|
# Password
|
2021-11-22 21:15:48 +00:00
|
|
|
if interactive:
|
|
|
|
password = os.popen('tr -dc A-Za-z0-9 </dev/urandom | head -c 16; echo ""').read()[:-1]
|
|
|
|
print('Password:', password)
|
2021-11-30 04:17:26 +00:00
|
|
|
hashedpassword = os.popen('slappasswd -s "' + password + '"').read()[:-1]
|
2021-11-22 21:15:48 +00:00
|
|
|
else:
|
2021-11-23 21:58:25 +00:00
|
|
|
hashedpassword = sys.argv[5]
|
2021-08-03 03:22:53 +00:00
|
|
|
|
2021-08-20 22:03:44 +00:00
|
|
|
|
2021-08-03 03:22:53 +00:00
|
|
|
# Construct LDIF
|
|
|
|
ldif = '''dn: uid={username},ou=People,dc=exozy,dc=me
|
|
|
|
objectClass: top
|
|
|
|
objectClass: person
|
|
|
|
objectClass: organizationalPerson
|
|
|
|
objectClass: inetOrgPerson
|
|
|
|
objectClass: posixAccount
|
|
|
|
objectClass: shadowAccount
|
|
|
|
uid: {username}
|
|
|
|
cn: {firstname} {lastname}
|
|
|
|
sn: {lastname}
|
|
|
|
givenName: {firstname}
|
2021-08-20 22:01:29 +00:00
|
|
|
userPassword: {hashedpassword}
|
2021-08-03 03:22:53 +00:00
|
|
|
mail: {email}
|
2021-08-20 21:29:46 +00:00
|
|
|
loginShell: /bin/fish
|
2021-08-03 03:22:53 +00:00
|
|
|
uidNumber: {uid}
|
|
|
|
gidNumber: {uid}
|
|
|
|
homeDirectory: /home/{username}
|
|
|
|
|
|
|
|
dn: cn={username},ou=Group,dc=exozy,dc=me
|
|
|
|
objectClass: top
|
|
|
|
objectClass: posixGroup
|
|
|
|
cn: {username}
|
|
|
|
gidNumber: {uid}'''.format(username=username,
|
|
|
|
firstname=firstname,
|
|
|
|
lastname=lastname,
|
|
|
|
email=email,
|
2021-08-20 22:01:29 +00:00
|
|
|
uid=uid,
|
|
|
|
hashedpassword=hashedpassword)
|
2021-08-03 03:22:53 +00:00
|
|
|
|
|
|
|
|
|
|
|
# Write to file and get confirmation
|
|
|
|
filename = username + '.ldif'
|
|
|
|
with open(filename, 'w') as f:
|
|
|
|
f.write(ldif)
|
|
|
|
|
2021-11-22 21:15:48 +00:00
|
|
|
if interactive:
|
|
|
|
os.system('vim ' + filename)
|
|
|
|
confirm = input('OK? (y/N) ')
|
|
|
|
if confirm != 'y' and confirm != 'Y':
|
|
|
|
os.system('gio trash ' + filename)
|
|
|
|
print('Cancelled')
|
|
|
|
exit(0)
|
2021-08-03 03:22:53 +00:00
|
|
|
|
|
|
|
|
|
|
|
# Add user
|
2021-11-22 21:15:48 +00:00
|
|
|
if interactive:
|
2021-11-23 01:38:04 +00:00
|
|
|
ret = os.system('ldapadd -D "cn=Manager,dc=exozy,dc=me" -W -f ' + filename)
|
|
|
|
if ret != 0:
|
2021-11-23 21:59:23 +00:00
|
|
|
os.remove(filename)
|
2021-11-23 01:38:04 +00:00
|
|
|
exit(0)
|
2021-11-22 21:15:48 +00:00
|
|
|
else:
|
2021-11-23 01:38:04 +00:00
|
|
|
ret = os.system('ldapadd -D "cn=Manager,dc=exozy,dc=me" -w "' + sys.argv[6] + '" -f ' + filename)
|
|
|
|
if ret != 0:
|
2021-11-23 21:59:23 +00:00
|
|
|
os.remove(filename)
|
2021-11-23 01:38:04 +00:00
|
|
|
exit(0)
|
2021-11-22 21:54:11 +00:00
|
|
|
os.system('chown ta180m:ta180m ' + filename)
|
|
|
|
os.system('mv ' + filename + ' /home/ta180m/git/LDAP/Users')
|
2021-08-03 03:22:53 +00:00
|
|
|
|
|
|
|
# Configure user
|
2021-08-15 16:05:36 +00:00
|
|
|
os.system('sudo mkhomedir_helper ' + username + ' 077')
|
2021-08-03 14:08:35 +00:00
|
|
|
os.system('sudo -u ' + username + ' mkdir /home/' + username + '/.config')
|
2021-08-03 03:22:53 +00:00
|
|
|
os.system('sudo -u ' + username + ' flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo --user')
|
|
|
|
os.system('sudo -u ' + username + ' xdg-settings set default-web-browser firefox.desktop')
|
|
|
|
|
|
|
|
# Set up rootless Podman
|
|
|
|
# https://wiki.archlinux.org/title/Podman#Set_subuid_and_subgid
|
2021-08-03 14:08:35 +00:00
|
|
|
start = str((int(uid) - 999) * 100000)
|
2021-08-03 13:50:39 +00:00
|
|
|
end = str(int(start) + 65535) # Allocate 65536 UIDs
|
2021-08-03 14:08:35 +00:00
|
|
|
os.system('sudo usermod --add-subuids ' + start + '-' + end + ' --add-subgids ' + start + '-' + end + ' ' + username)
|
2021-08-03 03:22:53 +00:00
|
|
|
|