[BACK]Return to sudoers2ldif CVS log [TXT][DIR] Up to [local] / src / usr.bin / sudo

Diff for /src/usr.bin/sudo/Attic/sudoers2ldif between version 1.2 and 1.3

version 1.2, 2007/07/26 16:10:16 version 1.3, 2008/11/14 11:58:08
Line 5 
Line 5 
 # Converts a sudoers file to LDIF format in prepration for loading into  # Converts a sudoers file to LDIF format in prepration for loading into
 # the LDAP server.  # the LDAP server.
 #  #
 # $Sudo: sudoers2ldif,v 1.2.2.1 2007/06/28 14:45:19 millert Exp $  # $Sudo: sudoers2ldif,v 1.5 2007/12/08 00:09:28 millert Exp $
 #  #
   
 # BUGS:  # BUGS:
Line 14 
Line 14 
 #   Does not yet escape + at the beginning of a dn  #   Does not yet escape + at the beginning of a dn
 #   Does not yet handle line wraps correctly  #   Does not yet handle line wraps correctly
 #   Does not yet handle multiple roles with same name (needs tiebreaker)  #   Does not yet handle multiple roles with same name (needs tiebreaker)
 #   Sudoers entries can have multiple Runas entries that override former ones,  #
 #       with LDAP sudoRunas applies to all commands in a sudoRole  # CAVEATS:
   #   Sudoers entries can have multiple RunAs entries that override former ones,
   #       with LDAP sudoRunAs{Group,User} applies to all commands in a sudoRole
   
   my %RA;
 my %UA;  my %UA;
 my %HA;  my %HA;
 my %CA;  my %CA;
Line 51 
Line 54 
     $p2=~s/\s+$//; # remove trailing whitespace      $p2=~s/\s+$//; # remove trailing whitespace
     $p3=~s/\s+$//; # remove trailing whitespace      $p3=~s/\s+$//; # remove trailing whitespace
   
     if      ($p1 eq "User_Alias") {      if ($p1 eq "User_Alias") {
       $UA{$p2}=$p3;        $UA{$p2}=$p3;
       } elsif ($p1 eq "Runas_Alias") {
         $RA{$p2}=$p3;
     } elsif ($p1 eq "Host_Alias") {      } elsif ($p1 eq "Host_Alias") {
       $HA{$p2}=$p3;        $HA{$p2}=$p3;
     } elsif ($p1 eq "Cmnd_Alias") {      } elsif ($p1 eq "Cmnd_Alias") {
Line 80 
Line 85 
       # will clobber options        # will clobber options
       print "sudoUser: $_\n"   foreach expand(\%UA,@users);        print "sudoUser: $_\n"   foreach expand(\%UA,@users);
       print "sudoHost: $_\n"   foreach expand(\%HA,@hosts);        print "sudoHost: $_\n"   foreach expand(\%HA,@hosts);
       my $runas = undef;  
       foreach (@cmds) {        foreach (@cmds) {
         if (s/^\(([^\)]+)\)\s*//) {          if (s/^\(([^\)]+)\)\s*//) {
           print "sudoRunas: $_\n" foreach expand(\%UA, split(/,\s*/, $1));            my @runas = split(/:\s*/, $1);
             if (defined($runas[0])) {
               print "sudoRunAsUser: $_\n" foreach expand(\%RA, split(/,\s*/, $runas[0]));
             }
             if (defined($runas[1])) {
               print "sudoRunAsGroup: $_\n" foreach expand(\%RA, split(/,\s*/, $runas[1]));
             }
         }          }
       }        }
       print "sudoCommand: $_\n" foreach expand(\%CA,@cmds);        print "sudoCommand: $_\n" foreach expand(\%CA,@cmds);
Legend:
Removed from v.1.2  
changed lines
  Added in v.1.3