#!/bin/sh -ef

. alterator-openldap-functions

init_groups_file=/etc/alterator/ldap-groups/group-init-list
system_groups_file=/etc/group

set_dn_conf()
{
    local dn="$(system-auth status|cut -f2 -d' ')"
    [ -n "$dn" ] || fatal "set_dn_conf: couldn't detect dn"

    DN_CONF="$(/usr/sbin/ldap-dn find "$dn")"
    [ -f "$DN_CONF" ] || fatal "set_dn_conf: $DN_CONF doesn't exist"

    export DN_CONF
    base_rootdn_rootpw
}

set_dn_conf


write_init_groups()
{
    local temp_file="$(mktemp -t ldap-groups.XXXXXX)"

    cat "$init_groups_file" | egrep -v '^$|^#' | sort >"$temp_file"
    sort -t: -k1,1 "$system_groups_file"|join -j1 -t: - "$temp_file"

    rm -f -- "$temp_file"
}

write_other_groups()
{
    local temp_file="$(mktemp -t ldap-groups.XXXXXX)"
    local temp_file2="$(mktemp -t ldap-groups.XXXXXX)"

    cat "$init_groups_file" | egrep -v '^$|^#' | sort >"$temp_file"
    sed 's/:.*$//' "$system_groups_file" | sort >"$temp_file2"
    comm -2 -3 "$temp_file" "$temp_file2"

    rm -f -- "$temp_file"
    rm -f -- "$temp_file2"
}

# Create mapped system groups
write_init_groups|
while IFS=: read group _ gid _ ;do
    ldap-groupadd "$group" "$gid" ||:
done

# Create other LDAP groups
write_other_groups|
while IFS=: read group;do
    ldap-groupadd "$group" ||:
done
