N
Nate St.germain
please bear with me on this. i'm blundering my way through learning
ruby.
i have a script intended to run on os x to restore local admin rights to
users who've had the rights removed by another script. it's sort of a
fallback measure. i'm using this as an opportunity to learn ruby in the
process.
the newest version of the removal script (bash) will add a plain text
file in /Library/Receipts containing the account short names on which it
just operated. i want the restore script to be flexible enough to either
read the list from the file if it exists or get the users from scratch
using the "/usr/sbin/jamf listUser" command (part of the Casper admin
suite), which outputs xml, unfortunately. at some point, i'll probably
switch to another method to avoid having to resort to regex matches on
the xml tags.
regardless, the issue is the getUsers() method works fine on its own but
then give me the following output when run from the script (below):
sam
norton
mary
Restoring admin rights for <name>sam</name>
Restoring admin rights for <name>norton</name>
Restoring admin rights for <name>mary</name>
so in the actual script, the names are returned once correctly, then
again with the xml tags and tabs intact. i'm not sure what i'm missing
here.
it's probably something obvious, and i'm sure this script can be written
more concisely. i appreciate any pointers you have. note, the actual
admin rights granting lines are commented below for testing.
=== script ===
#!/usr/bin/env ruby
# restore rights to local users who've recently had them removed.
# 5/25/10, nate@tsp
# 6/1/10, updated
# set system variable
# chops out the second digit in the version number, which is the only
differentiating factor here
def getos()
system=`/usr/bin/sw_vers
-productVersion`.chomp.split(".").slice(1).to_i
if system==4 then
return "tiger"
else
return "leo"
end
end
# cheating by using the jamf binary.
def getUsers()
userlist=`/usr/sbin/jamf listUsers`.to_a
users=userlist.grep /\<name/
users.each { |user| puts user.split(/<[^>]*[^>]*>/)[1] }
end
# method to read admins from a text file from a removal run
# this may not be necessary if included in the restoreAdmin methods
def readAdmins()
receipt=File.open('/Library/Receipts/org.company.removedadmins', 'r')
return receipt.readlines
end
# use dseditgroup for 10.[5-6] clients
def restoreAdmin5()
if File.exist?('/Library/Receipts/org.company.removedadmins') then
users=readAdmins
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(/usr/sbin/dseditgroup -o edit -a #{u} -t user admin)
end
else
users=getUsers
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(/usr/sbin/dseditgroup -o edit -a #{u} -t user admin)
end
end
end
# use nicl for 10.4 clients
def restoreAdmin4()
if File.exist?('/Library/Receipts/org.company.removedadmins') then
users=readAdmins
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(nicl -raw /var/db/netinfo/local.nidb -append /groups/admin
users #{u})
end
else
users=getUsers
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(nicl -raw /var/db/netinfo/local.nidb -append /groups/admin users
#{u})
end
end
end
# test the os with the getos() method and proceed accordingly based on
platform
result = case getos()
when "tiger" then
restoreAdmin4
when "leo" then
restoreAdmin5
else puts "no version specified. stopping..."
end
ruby.
i have a script intended to run on os x to restore local admin rights to
users who've had the rights removed by another script. it's sort of a
fallback measure. i'm using this as an opportunity to learn ruby in the
process.
the newest version of the removal script (bash) will add a plain text
file in /Library/Receipts containing the account short names on which it
just operated. i want the restore script to be flexible enough to either
read the list from the file if it exists or get the users from scratch
using the "/usr/sbin/jamf listUser" command (part of the Casper admin
suite), which outputs xml, unfortunately. at some point, i'll probably
switch to another method to avoid having to resort to regex matches on
the xml tags.
regardless, the issue is the getUsers() method works fine on its own but
then give me the following output when run from the script (below):
sam
norton
mary
Restoring admin rights for <name>sam</name>
Restoring admin rights for <name>norton</name>
Restoring admin rights for <name>mary</name>
so in the actual script, the names are returned once correctly, then
again with the xml tags and tabs intact. i'm not sure what i'm missing
here.
it's probably something obvious, and i'm sure this script can be written
more concisely. i appreciate any pointers you have. note, the actual
admin rights granting lines are commented below for testing.
=== script ===
#!/usr/bin/env ruby
# restore rights to local users who've recently had them removed.
# 5/25/10, nate@tsp
# 6/1/10, updated
# set system variable
# chops out the second digit in the version number, which is the only
differentiating factor here
def getos()
system=`/usr/bin/sw_vers
-productVersion`.chomp.split(".").slice(1).to_i
if system==4 then
return "tiger"
else
return "leo"
end
end
# cheating by using the jamf binary.
def getUsers()
userlist=`/usr/sbin/jamf listUsers`.to_a
users=userlist.grep /\<name/
users.each { |user| puts user.split(/<[^>]*[^>]*>/)[1] }
end
# method to read admins from a text file from a removal run
# this may not be necessary if included in the restoreAdmin methods
def readAdmins()
receipt=File.open('/Library/Receipts/org.company.removedadmins', 'r')
return receipt.readlines
end
# use dseditgroup for 10.[5-6] clients
def restoreAdmin5()
if File.exist?('/Library/Receipts/org.company.removedadmins') then
users=readAdmins
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(/usr/sbin/dseditgroup -o edit -a #{u} -t user admin)
end
else
users=getUsers
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(/usr/sbin/dseditgroup -o edit -a #{u} -t user admin)
end
end
end
# use nicl for 10.4 clients
def restoreAdmin4()
if File.exist?('/Library/Receipts/org.company.removedadmins') then
users=readAdmins
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(nicl -raw /var/db/netinfo/local.nidb -append /groups/admin
users #{u})
end
else
users=getUsers
users.each do |u|
puts "Restoring admin rights for #{u}"
# %x(nicl -raw /var/db/netinfo/local.nidb -append /groups/admin users
#{u})
end
end
end
# test the os with the getos() method and proceed accordingly based on
platform
result = case getos()
when "tiger" then
restoreAdmin4
when "leo" then
restoreAdmin5
else puts "no version specified. stopping..."
end