move homedir via lamdaemon

lam/HISTORY

@@ -1,6 +1,7 @@
 June 2014 4.6
   - Unix groups: allow to disable membership management
   - Extended LAM's internal password policies
+  - Lamdaemon: move home directory on server if changed
   - LAM Pro:
    -> Password self reset and user self registration support to set a header text
    -> Sudo roles: support latest schema

lam/lib/lamdaemon.pl

@@ -4,7 +4,7 @@
 #
 #  This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
 #  Copyright (C) 2003 - 2006  Tilo Lutz
-#  Copyright (C) 2006 - 2013  Roland Gruber
+#  Copyright (C) 2006 - 2014  Roland Gruber
 #
 #  This program is free software; you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@@ -27,7 +27,7 @@ use Sys::Syslog;
 
 # Defines the protocol version of the lamdaemon script.
 # This will only be changed when additional commands are added etc.
-my $LAMDAEMON_PROTOCOL_VERSION = 3;
+my $LAMDAEMON_PROTOCOL_VERSION = 4;
 
 my $SPLIT_DELIMITER = "###x##y##x###";
 
@@ -196,6 +196,9 @@ sub manageHomedirs {
 	elsif ($vals[2] eq 'rem') {
 		removeHomedir();
 	}
+	elsif ($vals[2] eq 'move') {
+		moveHomedir();
+	}
 	elsif ($vals[2] eq 'check') {
 		checkHomedir();
 	}
@@ -207,7 +210,7 @@ sub manageHomedirs {
 }
 
 #
-# Creates the homedirectory of the user
+# Creates the home directory of the user
 #
 sub createHomedir {
 	my $homedir = $vals[3];
@@ -243,7 +246,7 @@ sub createHomedir {
 }
 
 #
-# Removes the homedirectory of the user
+# Removes the home directory of the user
 #
 sub removeHomedir {
 	if ($vals[3] eq '') {
@@ -254,7 +257,7 @@ sub removeHomedir {
 	($<, $>) = ($>, $<); # Get root previliges
 	if (-d $vals[3] && $vals[3] ne '/') {
 		if ((stat($vals[3]))[4] eq $vals[4]) {
-			system 'rm', '-R', $vals[3]; # Delete Homedirectory
+			system 'rm', '-R', $vals[3]; # delete home directory
 			if (-e '/usr/sbin/userdel.local') {
 				system '/usr/sbin/userdel.local', $vals[0];
 			}
@@ -274,7 +277,43 @@ sub removeHomedir {
 }
 
 #
-# Checks if the homedirectory of the user already exists.
+# Moves the home directory of the user
+#
+sub moveHomedir {
+	my $homedir = $vals[3];
+	my $owner = $vals[4];
+	my $homedirNew = $vals[5];
+	if ($homedir eq '') {
+		$return = "ERROR,Lamdaemon ($hostname),No home directory specified to move.";
+		logMessage(LOG_ERR, "No home directory specified to move.");
+		return;
+	}
+	if (-d $homedirNew) {
+		$return = "ERROR,Lamdaemon ($hostname),Directory $homedirNew already exists.";
+		logMessage(LOG_ERR, "Directory $homedirNew already exists.");
+		return;
+	}
+	($<, $>) = ($>, $<); # Get root previliges
+	if (-d $homedir && $homedir ne '/') {
+		if ((stat($homedir))[4] eq $owner) {
+			system 'mv', $homedir, $homedirNew; # move home directory
+			$return = "Ok";
+			logMessage(LOG_INFO, "Home directory moved ($homedir - $homedirNew)");
+		}
+		else {
+			$return = "ERROR,Lamdaemon ($hostname),Home directory not owned by $owner.";
+			logMessage(LOG_ERR, "Home directory owned by wrong user (" . $owner . ")");
+		}
+	}
+	else {
+		$return = "Ok";
+		logMessage(LOG_INFO, "The directory " . $homedir . " which should be moved was not found (skipped).");
+	}
+	($<, $>) = ($>, $<); # Give up root previleges
+}
+
+#
+# Checks if the home directory of the user already exists.
 #
 sub checkHomedir {
 	my $homedir = $vals[3];

lam/lib/modules/posixAccount.inc

@@ -796,6 +796,37 @@ class posixAccount extends baseModule implements passwordService {
 				}
 			}
 		}
+		// move home directory if needed
+		if (!empty($this->orig[$this->getHomedirAttrName()][0]) && !empty($this->attributes[$this->getHomedirAttrName()][0])
+			&& ($this->orig[$this->getHomedirAttrName()][0] != $this->attributes[$this->getHomedirAttrName()][0])) {
+			$lamdaemonServers = explode(";", $_SESSION['config']->get_scriptServers());
+			for ($i = 0; $i < sizeof($lamdaemonServers); $i++) {
+				if (empty($lamdaemonServers[$i])) {
+					continue;
+				}
+				$temp = explode(":", $lamdaemonServers[$i]);
+				$server = $temp[0];
+				$result = lamdaemon(
+					implode(
+						self::$SPLIT_DELIMITER,
+						array(
+							$this->attributes['uid'][0],
+							"home",
+							"move",
+							$this->orig[$this->getHomedirAttrName()][0],
+							$this->attributes['uidNumber'][0],
+							$this->attributes[$this->getHomedirAttrName()][0])
+						),
+					$server);
+				// lamdaemon results
+				if (is_array($result)) {
+					$singleresult = explode(",", $result[0]);
+					if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) {
+						$messages[] = $singleresult;
+					}
+				}
+			}
+		}
 		// set group of names
 		if (self::areGroupOfNamesActive()) {
 			$gons = $this->findGroupOfNames();

lam/templates/tests/lamdaemonTest.php

@@ -3,7 +3,7 @@
 $Id$
 
   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
-  Copyright (C) 2006 - 2013  Roland Gruber
+  Copyright (C) 2006 - 2014  Roland Gruber
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -171,7 +171,7 @@ function lamTestLamdaemon($command, $stopTest, $handle, $testText, $container) {
  */
 function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $container) {
 	$SPLIT_DELIMITER = "###x##y##x###";
-	$LAMDAEMON_PROTOCOL_VERSION = '3';
+	$LAMDAEMON_PROTOCOL_VERSION = '4';
 	$okImage = "../../graphics/pass.png";
 	$failImage = "../../graphics/fail.png";