[Freeipa-users] Add user -> custom script

Sigbjorn Lie sigbjorn at nixtra.com
Fri Sep 16 20:58:21 UTC 2011 

On 09/16/2011 10:29 AM, Alexander Bokovoy wrote:
> On Fri, 16 Sep 2011, Dmitri Pal wrote:
>> On 09/15/2011 04:14 PM, Sigbjorn Lie wrote:
>>> On 09/15/2011 09:59 PM, Dmitri Pal wrote:
>>>> On 09/15/2011 03:45 PM, Sigbjorn Lie wrote:
>>>>> Hi,
>>>>>
>>>>> Is there a custom script hook for when a user account is added using
>>>>> either the cli, webui, or the winsync module?
>>>>>
>>>>> I have a custom script I run when creating a user account, and having
>>>>> this run automatically by IPA would make my life a lot easier.
>>>>>
>>>>>
>>>> Can you describe what kind of operations you need to do?
>>>> Have you looked at the automembership plugin?
>>>>
>>> I'm doing a SSH login on to a filer, creating a home folder ZFS
>>> dataset for the new user, setting quota and ACL on the newly created
>>> dataset, and adding files from a skeleton folder into the home folder.
>>>
>> It might be a stupid question but... you seem to do all the operation
>> described above on the filer. I am not quite clear what part of it, if
>> any, needs to be run on the server side, I mean on the IPA. Or you
>> actually want to be able to create an account on the server side and
>> make it trapped and send the event to the filer and run a script there?
>>
>> We can't do it now. AFAIR there was a ticket about something like this
>> in the deferred bucket... Could not find it... But I remember a discussion.
>> We might need to file a ticket to track this but sound like something
>> that will take a lot of time to accomplish.
> Attached untested patch is a proof of concept. If /etc/ipa/server.conf
> has following setting:
>
> ipa_user_script=/path/to/script
>
> then during add/delete/modify of an user, it will be called with
> add/del/mod as first parameter and user's dn as second. Result of
> the call is ignored but return from IPA server is blocked by the
> execution so be quick in ipa_user_script!
>

I got the patch installed OK, env variable set, and the script is being 
run when do user modifications. Great! :) But the action (add/del/mod) 
and the dn is not being supplied as arguments.

For testing's sake I've made a very simple script just to capture the 
env variables.

Do you have any suggestion to why the arguments is not getting supplied 
to the script?


#!/bin/bash

echo "a:$1 u:$2" >> /tmp/ipa_custom_$$
env >> /tmp/ipa_custom_$$

More information about the Freeipa-users mailing list