From 8dd1636b32ac94f1b098e2e35eddfb2f9b6faa1c Mon Sep 17 00:00:00 2001 From: Alex Dehnert Date: Thu, 29 Oct 2009 11:08:26 -0400 Subject: [PATCH] Initial commit of various scripts --- card-access | 60 +++++++++++++++++++++++++++++++++++++++ grep-owners | 20 +++++++++++++ ldapfinger | 6 ++++ list-members | 9 ++++++ list-of-lists-updater | 48 ++++++++++++++++++++++++++++++++ lists-lint | 65 +++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 208 insertions(+) create mode 100755 card-access create mode 100755 grep-owners create mode 100755 ldapfinger create mode 100755 list-members create mode 100755 list-of-lists-updater create mode 100755 lists-lint diff --git a/card-access b/card-access new file mode 100755 index 0000000..7391328 --- /dev/null +++ b/card-access @@ -0,0 +1,60 @@ +import sys +import os +import csv +import subprocess +import ldap + +#columns = [ 'timestamp', 'first', 'last', 'email', 'constituency', 'year', 'major', 'cell', 'mitid', 'retreat', 'whynot', 'project', 'othermit', ] +format = "%(first_with_initial)s;%(last_canonical)s;%(mitid)s" + +def dictize_line(header, line,): + line_dict = {} + for key, elem in zip(header, line, ): + line_dict[key]=elem + return line_dict + + + +def get_ldap_data(username, fields): + con = ldap.open('ldap.mit.edu') + con.simple_bind_s("", "") + dn = "dc=mit,dc=edu" + result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, 'uid=%s'%username, fields) + if len(result) > 1: print "WARNING: More than one result returned for %s" % username + if len(result) < 1: print "WARNING: Only one result returned for %s" % username + ret = {} + for key in result[0][1]: + ret[key] = result[0][1][key][0] + return ret + +def get_data_dict(line_dict): + email = line_dict['email'] + username = email.replace('@mit.edu', '') + ldap = get_ldap_data(username, [ 'cn' , 'sn' , 'givenName' ]) + first = ldap['givenName'].replace(' ', '_').upper() + last = ldap['sn'].replace(' ', '_').upper() + mitid = line_dict['mitid'] + data_dict = { 'first_with_initial': first, 'last_canonical': last, 'mitid': mitid } + return data_dict + +def format_line(data_dict): + return format % data_dict + + +def do_produce_card_info(db = sys.stdin): + reader = csv.reader(db, ) + lines = [] + + header = reader.next() + line_dict = dictize_line(header, header, ) + data_dict = { 'first_with_initial': 'FIRST_M', 'last_canonical': 'LASTNAME', 'mitid': 'MIT ID' } + lines.append(format_line(data_dict)) + + for line in reader: + line_dict = dictize_line(header, line) + #print line_dict + lines.append(format_line(get_data_dict(line_dict))) + print '\n'.join(lines) + +if __name__== '__main__': + do_produce_card_info() diff --git a/grep-owners b/grep-owners new file mode 100755 index 0000000..71c14fe --- /dev/null +++ b/grep-owners @@ -0,0 +1,20 @@ +#!/bin/bash +# Alex Dehnert --- 2009-04-24 +# Return only lists owned by first argument + +wantowner=$1 + +for list in `cat`; do + hidden=$(athrun ops qy -s -f hidden glin $list) + if [[ "x$hidden" == "x" ]]; then + true + else + owner=$(athrun ops qy -s -f ace_name glin $list) + towner=$(athrun ops qy -s -f ace_type glin $list) + if [[ "$towner" == "LIST" ]]; then + if [[ "$owner" == "$wantowner" ]]; then + echo $list + fi + fi + fi +done diff --git a/ldapfinger b/ldapfinger new file mode 100755 index 0000000..0ed2581 --- /dev/null +++ b/ldapfinger @@ -0,0 +1,6 @@ +#!/bin/bash + + +for user in $@; do + ldapsearch -h ldap.mit.edu -b dc=mit,dc=edu uid=$user +done diff --git a/list-members b/list-members new file mode 100755 index 0000000..f5f6213 --- /dev/null +++ b/list-members @@ -0,0 +1,9 @@ +#!/bin/bash +# Alex Dehnert --- 2009-04-24 +# Print list members of a list +# Takes a container mailing list on the commandline + +cont=$1 +cont=${cont:-ua-lists} + +blanche $cont | grep ^LIST | sed -e "s/^LIST://" diff --git a/list-of-lists-updater b/list-of-lists-updater new file mode 100755 index 0000000..1ad1549 --- /dev/null +++ b/list-of-lists-updater @@ -0,0 +1,48 @@ +#!/bin/bash +# Alex Dehnert --- 2009-04-23 +# Attempt to update the list of UA lists +# Takes the container mailing lists on the commandline + +prev=$1 +anti=$2 +nativepat=$3 + +prev=${prev:-ua-lists} +anti=${anti:-ua-foreign-lists} +nativepat=${nativepat:-ua} + +function add_lists +{ + ( + for list in $(blanche $prev | grep LIST | cut -d : -f 2); do # for each list we already know about + # Add a list's sublists + for newlist in $(blanche $list | grep LIST | cut -d : -f 2); do + blanche $prev -a $newlist; + done; + # Add a list's owner and memacl + owner=$(athrun ops qy -s -f ace_name glin $list) + towner=$(athrun ops qy -s -f ace_type glin $list) + if [[ "$towner" == "LIST" ]]; then + blanche $prev -a $owner + fi + macl=$(athrun ops qy -s -f memace_name glin $list) + tmacl=$(athrun ops qy -s -f memace_type glin $list) + if [[ "$tmacl" == "LIST" ]]; then + blanche $prev -a $macl + fi + done + ) 2>&1 | grep -v "Record already exists" +} + +echo Current members: $(blanche $prev -m | wc) +echo Expanding out lists +add_lists +add_lists +echo New members: $(blanche $prev -m | wc) +echo Removing foreign lists +for list in $(blanche $anti | grep LIST | cut -d : -f 2); do blanche $prev -d $list; done +echo Finalized members: $(blanche $prev -m | wc) + +echo +echo Likely foreign members +blanche $prev | grep LIST: | sed -e "s/^LIST://" | grep -v $nativepat diff --git a/lists-lint b/lists-lint new file mode 100755 index 0000000..bbd6d7a --- /dev/null +++ b/lists-lint @@ -0,0 +1,65 @@ +#!/bin/bash +# Alex Dehnert --- 2009-04-24, 2009-06-27, and later +# Check the ownership and other properties of various mailing lists +# Takes a list-of-lists and allowed owners on the commandline + +cont=$1 +#ownerslist=$2 +publicpat=${3:-"-listeners$"} + +#owners=$(blanche $ownerslist -m | grep LIST | cut -d : -f 2) +owners=$2 +echo Allowed owners: $owners +owners="GUARD $owners GUARD" + +for list in $(blanche $cont | grep LIST | cut -d : -f 2); do + hidden=$(athrun ops qy -s -f hidden glin $list) + if [[ "x$hidden" == "x" ]]; then + echo $list is probably hidden + else + if [[ "$hidden" == 1 ]]; then + echo $list is definitely hidden, but I can see it, so continuing + fi + info=$(blanche $list -i) + public=$(athrun ops qy -s -f publicflg glin $list) + owner=$(athrun ops qy -s -f ace_name glin $list) + towner=$(athrun ops qy -s -f ace_type glin $list) + macl=$(athrun ops qy -s -f memace_name glin $list) + tmacl=$(athrun ops qy -s -f memace_type glin $list) + if [[ "$towner" == "USER" ]]; then + echo "$list is owned by a user ($owner)" + elif [[ "$tmacl" == "USER" ]]; then + echo "$list is memacl'd by a user ($macl)" + elif [[ "$towner" == "KERBEROS" || "$tmacl" == "KERBEROS" ]]; then + echo "$list is owned or memacl'd by a Kerberos principal" + elif [[ "$towner" == "LIST" && ( "$tmacl" == "LIST" || "$tmacl" == "NONE" ) ]]; then + true + else + echo "$list is owned or memacl'd by something funky" + fi + if [[ "$towner" == "LIST" ]]; then + if [[ "$owner" == "GUARD" ]]; then + echo "$list owned by GUARD, which shouldn't even exist" + elif ( echo $owners | grep -q -- " $owner " ); then + # Owned by standard owner + true + elif [[ "$owner" == "$list-chairs" || "$owner" == "$list-request" ]]; then + # Chair / request owned + true + #elif ( echo "$list" | sed -e 's/-\(listeners\|members\)$/-chairs/' | grep -q --fixed-strings --line-regexp -- "$owner" ); then + # # Chair owned, for a listeners/members structure + # true + else + echo $list owned by $owner, not one of the allowed owners + fi + fi + if [[ "$public" == "1" ]]; then + if ( echo $list | grep -q -- "$publicpat" ); then + # We're allowed to be public + true + else + echo $list is public + fi + fi + fi # hidden heuristic end +done -- 2.34.1