Bug#935080: slapcat used in gosa hook script gosa-modify-host

[Mike Gabriel]

Hi again,

On  Mo 27 Apr 2020 12:31:41 CEST, Wolfgang Schweer wrote:

Maybe you can test a follow-up one, based on your proposal to query LDAP
only once. (Host gateway considered too, just in case someone has added
a keytab.)

Here is a slight change...


```
#!/bin/bash

set -e

declare -a hosts
num_hosts=0
while read KEY VALUE ; do
        case "$KEY" in
                dn:) let "num_hosts+=1" ;;
                cn:) hosts[$(($num_hosts-1))]="$VALUE" ;;
                "")
                        :
                ;;
        esac
done < <(ldapsearch -xLLL "objectclass=dhcpHost")

# add gateway host manually
hosts[$num_hosts]=gateway

# and also tjener...
hosts[$num_hosts+1]=tjener

printf -v hosts_str -- ',,%q' "${hosts[@]}"
hosts_str=$(echo $hosts_str | tr 'A-Z' 'a-z')


        match_value=$(echo $i | tr 'A-Z' 'a-z')
        if [[ ! "${hosts_str},," =~ ",,${match_value},," ]]; then
                kadmin.local delprinc host/$i.intern@INTERN
                kadmin.local delprinc nfs/$i.intern@INTERN
                rm /etc/debian-edu/host-keytabs/$i.intern.keytab
        fi
done
```



Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

for i in $(basename -a /etc/debian-edu/host-keytabs/* | sed 's#.intern.keytab##') ; do The match_value part in the loop got introduced. We need to keep the case-sensitive string for exactly matching the file name and the principal name. But for matching, we want all to be lower-case.

pgpPRcW5phv_j.pgp
Description: Digitale PGP-Signatur