I've modified create-user to make it idempotent. That is, you can run
it for a user who already exists, and it: a) won't fail and b) won't
have any [significant] effect.
Once we start creating significant numbers of users, if we make a
change to create-user, we'll want to apply those changes to all
existing users too. Idempotency lets us simply run create-user again
on all userids. If you add new commands to create-user, please ensure
that they are idempotent.
In doing so, I had to add "|| true" after the ldapadd commands because
I don't know how to tell ldapadd "create this entry only if it does
not exist, but do not fail if it already exists". The "|| true" is
non-optimal because it will mask *true* failures. If anybody who
knows more than I do about this can find a better solution, that would
be cool.
If $USER's desired password is in fyodor.hcoop.net:/home/$USER/.pass,
then
(ssh fyodor.hcoop.net cat /home/$USER/.pass\; cat /home/$USER/.pass) | \
/afs/hcoop.net/common/etc/create-user $USER
is all that is required to set up their account (assuming proper
permissions on .pass). If the command succeeds, we should remove
$USER/.pass and email the user to let them know that their account has
been created.
- a
--
PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380
_______________________________________________
HCoop-SysAdmin mailing list
[email protected]
http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
