Class: LDAPNetgroupPlugin

Inherits:

Architect::Plugin

Object
Architect::Plugin
LDAPNetgroupPlugin

show all

Defined in:: lib/architect/plugin/ldap_netgroup.rb

Overview

Manage host membership in the LDAP ‘Security Netgroup’ subtree

Instance Attribute Summary collapse

#log ⇒ Object

Returns the value of attribute log.

Attributes inherited from Architect::Plugin

#name

Instance Method Summary collapse

#configure(config_hash) ⇒ Object
#initialize ⇒ LDAPNetgroupPlugin constructor

A new instance of LDAPNetgroupPlugin.
#instance_create(fqdn) ⇒ Object

Add a [fqdn] to netgroups.
#instance_delete(fqdn) ⇒ Object

Delete a [fqdn] from all netgroups.
#instance_rename(old_fqdn, new_fqdn) ⇒ Object

Rename an instance.

Methods inherited from Architect::Plugin

#check, #design, #execute, #plan, #register

Constructor Details

#initialize ⇒ `LDAPNetgroupPlugin`

Returns a new instance of LDAPNetgroupPlugin.

# File 'lib/architect/plugin/ldap_netgroup.rb', line 10

def initialize
  @name = 'ldap_netgroup'
  @log = Architect::Log.log
  #log.level = Logger::DEBUG
end

Instance Attribute Details

#log ⇒ `Object`

Returns the value of attribute log.



8
9
10

# File 'lib/architect/plugin/ldap_netgroup.rb', line 8

def log
  @log
end

Instance Method Details

#configure(config_hash) ⇒ `Object`

# File 'lib/architect/plugin/ldap_netgroup.rb', line 16

def configure(config_hash)
  @config = OpenStruct.new({
      host: nil,
      port: nil,
      bind_dn: nil,
      bind_password: nil,
      base_dn: nil,
      nis_domain: nil,
  }.merge(config_hash))

  bind_to_server
end

#instance_create(fqdn) ⇒ `Object`

Add a [fqdn] to netgroups

# File 'lib/architect/plugin/ldap_netgroup.rb', line 53

def instance_create(fqdn)
  value = '(' + [fqdn.gsub(/\..*/, ''), '', config.nis_domain].join(',') + ')'
  netgroup_membership(fqdn).each do |dn|
    log.debug "adding #{value} to #{dn}"
    ops = [[:add, :nisNetgroupTriple, value]]
    ldap.modify :dn => dn, :operations => ops
    check_operation_result
  end
end

#instance_delete(fqdn) ⇒ `Object`

Delete a [fqdn] from all netgroups

# File 'lib/architect/plugin/ldap_netgroup.rb', line 30

def instance_delete(fqdn)
  shortname = fqdn.gsub(/\..*/, '')
  match = '(' + [shortname, '', config.nis_domain].join(',') + ')'
  treebase = config.base_dn
  filter = Net::LDAP::Filter.eq( 'nisnetgrouptriple', match )
  attrs = [ "nisnetgrouptriple" ]

  log.debug "searching for #{match}"
  ldap.search(base: treebase, filter: filter, attributes: attrs, return_result: false) do |entry|
         log.debug "deleting #{shortname} from #{entry.dn}"
         dn = entry.dn
         ops = [[:delete, :nisNetgroupTriple, match]]
         ldap.modify :dn => dn, :operations => ops
  end
end

#instance_rename(old_fqdn, new_fqdn) ⇒ `Object`

Rename an instance

# File 'lib/architect/plugin/ldap_netgroup.rb', line 47

def instance_rename(old_fqdn, new_fqdn)
  instance_delete old_fqdn
  instance_create new_fqdn
end