#!/bin/sh # # Short: Create Mac OS X NetInfo groups from a text file # Version: 2.04, 12-09-02 # Author: Mark J Swift, msw AT blackpool.ac.uk # Long: This script will create Mac OS X netinfo entries for every # group specified in a given text file. The text file must # have a line for every group that gives the following # information': group_realname,group_shortname,share_point,owner # Note, the script creates 3 group properties introduced in # OS X 10.2: realname, home_loc and home_loc_owner. # # 1. Log in as root # # 2. Copy this script into roots home directory # (/private/var/root/Documents). # # 3. Start a new shell process and change directory to roots home. # # cd ~/Documents # # 4. Set the execute flag is set on the script, type: # # chmod u+x mkgroups.sh # # 5. Create a text file containing a line for every group # that gives the following information': # # group_realname,group_shortname,owner,host_name,share_point ...i.e: # # art-staff,artstaff,superu,oak,share1 # art-ba-gd-2003,bagd2003,superu,oak,share1 # art-ba-gd-2004,bagd2004,superu,oak,share1 # art-ba-ph-2003,baph2003,superu,oak,share2 # art-ba-ph-2004,baph2004,superu,oak,share2 # # 6. Save the file as "groups.txt" in roots' home directory # # 7. Consider changing the value of "home_long_names" in the # "mkgroups.sh" script depending on whether you want group home # folders to be named after the group's short name (0) or # long name (1). The default is 0. # # 8. Execute the "mkgroups.sh" script and pass it the groups file # "groups.txt" with the following command: # # ~/Documents/mkgroups.sh groups.txt # # -------------------------------- # NOW WE BEGIN... # -------------------------------- # quit if wrong number of parameters NPARAMS=$# if [ $NPARAMS -ne 1 ] then echo usage: $0 \ exit 0 fi # check if group file exists INFILE=$1 if ! ( test -r $INFILE ) then echo file not found: $INFILE exit 0 fi # -------------------------------- # CHANGE: 0 if you want home folder # to be named after group's short name, # 1 if you want home folder to be # named after group's long name. home_long_names=1 # get the name of this workstation node_name=`uname -n` # -------------------------------- # debug - print host details to screen # -------------------------------- # echo " node_ip:$node_ip" # echo " node_name:$node_name" # -------------------------------- # NetInfo: are we sharing, are we master? # -------------------------------- ni_notshared=`niutil -rparent . | grep -c -y "[.]*no parent"` if [ $ni_notshared -eq 1 ] then ni_isshared=0 ni_ismaster=0 ni_host_name=$node_name else ni_isshared=1 ni_ismaster=`niutil -rparent . | grep -c -y "^$node_name[]*/[]*"` ni_host_name=`niutil -rparent . | cut -d/ -f1 | cut -d. -f1 ` fi if [ $ni_isshared -eq 0 -o $ni_ismaster -eq 1 ] then ni_canmodify=1 else ni_canmodify=0 fi # -------------------------------- # debug - print host NetInfo details to screen # -------------------------------- # echo " ni_is_shared:$ni_isshared" # echo " ni_is_master:$ni_ismaster" # echo " ni_canmodify:$ni_canmodify" # echo " ni_host_name:$ni_host_name" # -------------------------------- # find a group id that is free # -------------------------------- gidcount=`nireport / /groups gid | sort -n | tail -n 1` gidcount=`echo $gidcount + 1 | bc` if [ $gidcount -lt 1025 ] then gidcount=1025 fi if [ $ni_canmodify -eq 0 ] then echo " ERROR: This script must be run on the NetInfo Master server, $ni_host." else # -------------------------------- # read from file, line-by-line # -------------------------------- line_count=0 tr -s "\015" "\012" < "$1" | while read whole_line do line_count=`expr $line_count + 1` # -------------------------------- # get group details from file # -------------------------------- # change file input to lowercase and strip extra spaces whole_line=`echo "$whole_line" | tr -d "\040"` # extract (lower case) group real name fi_grup_realname=`echo $whole_line | tr [A-Z] [a-z] | cut -d, -f1` whole_line=`echo $whole_line | cut -d, -s -f2-` # extract group name fi_grup_name=`echo $whole_line | tr [A-Z] [a-z] | cut -d, -f1` whole_line=`echo $whole_line | cut -d, -s -f2-` # extract group owner fi_grup_owner=`echo $whole_line | cut -d, -f1` whole_line=`echo $whole_line | cut -d, -s -f2-` # extract host name fi_grup_host=`echo $whole_line | cut -d, -f1` whole_line=`echo $whole_line | cut -d, -s -f2-` # extract mount point fi_grup_mount=`echo $whole_line | cut -d, -f1` whole_line=`echo $whole_line | cut -d, -s -f2-` # debug - print machine details to screen # echo " group realname: $fi_grup_realname" # echo " group name: $fi_grup_name" # echo " group owner: $fi_grup_owner" # echo " group host: $fi_grup_host" # echo " group mount: $fi_grup_mount" # is the group mount defined in NetInfo? ni_dirid=`nigrep "^$fi_grup_host:[^.]*/$fi_grup_mount$" / /mounts | cut -d ' ' -f1 | tail -n 1` if test -z $ni_dirid then echo " ERROR: cannot create group $fi_grup_name. Create automount $fi_grup_mount on $fi_grup_host first." else ni_mount_host_name=`niutil -read / $ni_dirid | grep -y "^name: " | cut -d: -f2 | cut -c2-` ni_mount_host_ip=`niutil -read / $ni_dirid | grep -y "^opts: " | cut -d@ -f2 | cut -d/ -f1` ni_mount_share_fldr=`niutil -read / $ni_dirid | grep -y "^opts: " | cut -d@ -f2 | cut -d/ -f2-` ni_mount_share_pnt=`niutil -read / $ni_dirid | grep -y "^dir: " | cut -d: -f2 | cut -c2-` ni_mount_share_path=`niutil -read / $ni_dirid | grep -y "^name: " | cut -d: -f3` whole_line=ni_mount_share_path while [ "$whole_line" ]; do whole_line=`echo $whole_line | cut -d, -s -f2-` done # -------------------------------- # debug - print user home details to screen # -------------------------------- # echo " ni_mount_host_name: $ni_mount_host_name" # echo " ni_mount_host_ip: $ni_mount_host_ip" # echo " ni_mount_share_fldr: $ni_mount_share_fldr" # echo " ni_mount_share_pnt: $ni_mount_share_pnt" # echo " ni_mount_share_path: $ni_mount_share_path" # -------------------------------- # create groups NETINFO details # -------------------------------- if [ $ni_canmodify -eq 0 ] then echo " ERROR: cannot create group $fi_grup_name. Run script on $ni_host_name first." else # does the group already exist count=`nireport / /groups name | grep -c -y "^$fi_grup_name\b"` if [ $count -eq 0 ] then # group doesn't yet exist echo " : creating group $fi_grup_name" # create group while [ `niutil 2>&1 -create / /groups/"$fi_grup_name" | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done # create/overwrite gid property while [ `niutil 2>&1 -createprop / /groups/"$fi_grup_name" gid $gidcount | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done gidcount=`echo $gidcount + 1 | bc` # create/overwrite users property while [ `niutil 2>&1 -createprop / /groups/"$fi_grup_name" users | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done else # Everything is fine, group already exists echo " : updating group $fi_grup_name" fi # create/overwrite realname property while [ `niutil 2>&1 -createprop / /groups/"$fi_grup_name" realname $fi_grup_realname | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done if [ $home_long_names -eq 0 ] then # create/overwrite "home_loc" property while [ `niutil 2>&1 -createprop / /groups/"$fi_grup_name" home_loc "afp://$ni_mount_host_ip/$ni_mount_share_fldr$fi_grup_name" | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done else # create/overwrite "home_loc" property while [ `niutil 2>&1 -createprop / /groups/"$fi_grup_name" home_loc "afp://$ni_mount_host_ip/$ni_mount_share_fldr$fi_grup_realname" | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done fi # create/overwrite home_loc_owner property while [ `niutil 2>&1 -createprop / /groups/"$fi_grup_name" home_loc_owner $fi_grup_owner | grep -y -c " *Permission denied"` -ne 0 ]; do sleep 2 ; done fi fi done fi