From: hno <> Date: Fri, 5 Jul 2002 15:20:56 +0000 (+0000) Subject: wbinfo group external_acl helper by Jerry Murdock X-Git-Tag: SQUID_3_0_PRE1~923 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ee28ce13cf029a086eb32f0f28dcb9cc481a1718;p=thirdparty%2Fsquid.git wbinfo group external_acl helper by Jerry Murdock --- diff --git a/CONTRIBUTORS b/CONTRIBUTORS index 30ec39e506..7d82246496 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -87,5 +87,6 @@ and ideas to make this software available. Brian Ian Castle Brad Smitch + Jerry Murdock Duane Wessels diff --git a/CREDITS b/CREDITS index ea0eb11e75..3a6b4a935f 100644 --- a/CREDITS +++ b/CREDITS @@ -1,4 +1,4 @@ -$Id: CREDITS,v 1.6 2002/06/23 13:32:23 hno Exp $ +$Id: CREDITS,v 1.7 2002/07/05 09:20:56 hno Exp $ ============================================================================== @@ -302,3 +302,13 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. + +============================================================================== + +helpers/external_acl/wbinfo_group/wbinfo_group.pl + + This program is put in the public domain by Jerry Murdock + . It is distributed in the hope that it will + be useful, but WITHOUT ANY WARRANTY; without even the implied warranty + of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + diff --git a/helpers/external_acl/wbinfo_group/wbinfo_group.pl b/helpers/external_acl/wbinfo_group/wbinfo_group.pl new file mode 100644 index 0000000000..5089433216 --- /dev/null +++ b/helpers/external_acl/wbinfo_group/wbinfo_group.pl @@ -0,0 +1,55 @@ +#!/usr/bin/perl -w +# +# external_acl helper to Squid to verify NT Domain group +# membership using wbinfo +# +# This program is put in the public domain by Jerry Murdock +# . It is distributed in the hope that it will +# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty +# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Author: +# Jerry Murdock +# +# Version history: +# 2002-07-05 Jerry Murdock +# Initial release +# + +# external_acl uses shell style lines in it's protocol +require 'shellwords.pl'; + +# Disable output buffering +$|=1; + +sub debug { + # Uncomment this to enable debugging + #print STDERR "@_\n"; +} + +# +# Check if a user belongs to a group +# +sub check { + local($user, $group) = @_; + $groupSID = `wbinfo -n "$group"`; + chop $groupSID; + $groupGID = `wbinfo -Y $groupSID`; + chop $groupGID; + &debug( "User: -$user-\nGroup: -$group-\nSID: -$groupSID-\nGID: -$groupGID-"); + return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m); + return 'ERR'; +} + +# +# Main loop +# +while () { + chop; + &debug ("Got $_ from squid"); + ($user, $group) = &shellwords; + $ans = &check($user, $group); + &debug ("Sending $ans to squid"); + print "$ans\n"; +} +