Server IP : 85.214.239.14 / Your IP : 18.118.166.51 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /usr/share/quota/ldap/ |
Upload File : |
#!/usr/bin/perl -w # $0 -b "ou=People,dc=borgia,dc=com" -Q /dev/with/quota=0:0:0:0 -F '(attr=value)' # Synopsis # setSystemQuotas.pl is a script solely for modifying the quota attribute in # LDAP. It expects that the users you intend to have quotas already have the # systemQuotas objectClass set. # This tool is capable of applying standard LDAP filters to the user-supplied # base DN for modifying multiple users' quotas at once. # Examples: # Set quota on /dev/sda7 and /dev/sda8 for user stefan # ./setSystemQuotas.pl -b "uid=stefan,ou=People,dc=borgia,dc=com" -Q /dev/sda7=4000000:4400000:10000:11000 -Q /dev/sda8=4000000:4400000:10000:11000 # # Set quota on /dev/sda8 for user all People with description of Student # ./setSystemQuotas.pl -b "ou=People,dc=borgia,dc=com" -Q /dev/sda8=40000:44000:1000:1100 -F "(description=Student)" # # Delete quotas for user stefan # ./setSystemQuotas.pl -b "uid=stefan,ou=People,dc=borgia,dc=com" use strict; use Net::LDAP; use Getopt::Long; chomp(my $Password = `cat /etc/ldap.secret`); my $Host = 'localhost'; my $Port = '389'; my $BindDN = 'cn=Manager,dc=borgia,dc=com'; my $SSL = 0; my $b = ''; my %Q = (); my $F = ''; GetOptions( 'b=s' => \$b, 'Q=s' => \%Q, 'F=s' => \$F, ); die "Usage: $0 -b userdn [-F '(extrafilter)'] [-Q /fs=sb:hb:sf:hf ...]\n" unless $b; foreach ( keys %Q ) { local @_ = split /:/, $Q{$_}; unless ( $#_ == 3 ) { print "Ignoring $_: invalid format\n"; delete $Q{$_}; } } my $ldap = connectLDAP(); my $quota = {}; my $search; $search = $ldap->search( base => $b, filter => "(&(objectClass=systemQuotas)$F)", attrs => ['*', 'quota'], ); $search->code && die $search->error; my $i = 0; my $max = $search->count; for ( $i=0; $i<$max; $i++ ) { my $entry = $search->entry($i); my $dn = $entry->dn; if ( keys %Q ) { $quota->{$dn} = 1; foreach ( $entry->get_value('quota') ) { my @quota = split /:/; my $fs = shift @quota; delete $quota->{$dn} if $quota->{$dn} == 1; $quota->{$dn}->{$fs} = join ':', @quota; } } else { $quota->{$dn} = 0; delete $quota->{$dn} unless $entry->get_value('quota'); } } foreach my $dn ( keys %{$quota} ) { if ( ref $quota->{$dn} eq 'HASH' ) { print STDERR "Modify $dn:\n"; foreach ( keys %Q ) { print STDERR "\t$_:$Q{$_}\n"; $quota->{$dn}->{$_} = $Q{$_}; } my @quota = map { "$_:$quota->{$dn}->{$_}" } keys %{$quota->{$dn}}; my $modify = $ldap->modify( $dn, replace => { quota => [@quota], }, ); $modify->code && warn "Failed to modify quota: ", $modify->error, "\n"; } else { if ( $quota->{$dn} == 1 ) { delete $quota->{$dn}; print STDERR "Add $dn:\n"; foreach ( keys %Q ) { print STDERR "\t$_:$Q{$_}\n"; $quota->{$dn}->{$_} = $Q{$_} } my @quota = map { "$_:$quota->{$dn}->{$_}" } keys %{$quota->{$dn}}; my $modify = $ldap->modify( $dn, add => { quota => [@quota], }, ); $modify->code && warn "Failed to modify quota: ", $modify->error, "\n"; } elsif ( $quota->{$dn} == 0 ) { print STDERR "Delete $dn:\n"; my $modify = $ldap->modify( $dn, delete => ['quota'], ); $modify->code && warn "Failed to modify quota: ", $modify->error, "\n"; } } } $ldap->unbind; sub connectLDAP { # bind to a directory with dn and password my $ldap = Net::LDAP->new( $Host, port => $Port, version => 3, # debug => 0xffff, ) or die "Can't contact LDAP server ($@)\n"; if ( $SSL ) { $ldap->start_tls( # verify => 'require', # clientcert => 'mycert.pem', # clientkey => 'mykey.pem', # decryptkey => sub { 'secret'; }, # capath => '/usr/local/cacerts/' ); } $ldap->bind($BindDN, password=>$Password); return $ldap; }