66 lines
1.4 KiB
Ruby
66 lines
1.4 KiB
Ruby
def whyrun_supported?
|
|
true
|
|
end
|
|
|
|
use_inline_resources
|
|
|
|
action :remove do
|
|
Chef::Log.warn('Remove ipa_user triggered')
|
|
end
|
|
|
|
action :create do
|
|
Chef::Log.debug('Add ipa_user triggered')
|
|
if ipa_krblogin then
|
|
if ipa_userexist?(new_resource.name) then
|
|
Chef::Log.info("User " + new_resource.name + " already exists in IPA")
|
|
new_resource.updated_by_last_action(false)
|
|
else
|
|
Chef::Log.info("User " + new_resource.name + " being added to IPA")
|
|
new_resource.updated_by_last_action(true)
|
|
end
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def ipa_krblogin
|
|
#File.open("/tmp/ipa.admin", "w") do |f|
|
|
# f.write(passwords["ipa_user_pwd"]
|
|
#end
|
|
|
|
if ::File.exist?('/etc/ipa/admin.password') then
|
|
system 'kinit admin -l 1h < /etc/ipa/admin.password &>/dev/null'
|
|
if $? == 0 then
|
|
Chef::Log.info('IPA login successful')
|
|
true
|
|
else
|
|
Chef::Log.fatal('IPA login failed')
|
|
false
|
|
end
|
|
else
|
|
Chef::Log.fatal('IPA Admin Password file does not exist')
|
|
false
|
|
end
|
|
end
|
|
|
|
def ipa_userexist?(username)
|
|
check = `/usr/bin/ipa user-find --pkey-only --raw | /usr/bin/tr -d " " | /bin/grep "^uid:" | /bin/cut -b 5-`.split
|
|
if check.include?(username) then
|
|
true
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
def ipaFirstName(name)
|
|
name.gsub(/\s+/m, ' ').strip.split(" ")[0]
|
|
end
|
|
|
|
def ipaLastName(name)
|
|
name.gsub(/\s+/m, ' ').strip.split(" ")[-1]
|
|
end
|
|
|
|
def ipaInitials(name)
|
|
ipaFirstName(name)[0].upcase + ipaLastName(name)[0].upcase
|
|
end
|
|
|