3 # $0 -b "ou=People,dc=borgia,dc=com" -Q /dev/with/quota=0:0:0:0 -F '(attr=value)'
6 # setSystemQuotas.pl is a script solely for modifying the quota attribute in
7 # LDAP. It expects that the users you intend to have quotas already have the
8 # systemQuotas objectClass set.
9 # This tool is capable of applying standard LDAP filters to the user-supplied
10 # base DN for modifying multiple users' quotas at once.
13 # Set quota on /dev/sda7 and /dev/sda8 for user stefan
14 # ./setSystemQuotas.pl -b "uid=stefan,ou=People,dc=borgia,dc=com" -Q /dev/sda7=4000000:4400000:10000:11000 -Q /dev/sda8=4000000:4400000:10000:11000
16 # Set quota on /dev/sda8 for user all People with description of Student
17 # ./setSystemQuotas.pl -b "ou=People,dc=borgia,dc=com" -Q /dev/sda8=40000:44000:1000:1100 -F "(description=Student)"
19 # Delete quotas for user stefan
20 # ./setSystemQuotas.pl -b "uid=stefan,ou=People,dc=borgia,dc=com"
26 chomp(my $Password = `cat /etc/ldap.secret`);
27 my $Host = 'localhost';
29 my $BindDN = 'cn=Manager,dc=borgia,dc=com';
40 die "Usage: $0 -b userdn [-F '(extrafilter)'] [-Q /fs=sb:hb:sf:hf ...]\n" unless $b;
42 local @_ = split /:/, $Q{$_};
44 print "Ignoring $_: invalid format\n";
49 my $ldap = connectLDAP();
53 $search = $ldap->search(
55 filter => "(&(objectClass=systemQuotas)$F)",
56 attrs => ['*', 'quota'],
58 $search->code && die $search->error;
60 my $max = $search->count;
61 for ( $i=0; $i<$max; $i++ ) {
62 my $entry = $search->entry($i);
66 foreach ( $entry->get_value('quota') ) {
67 my @quota = split /:/;
68 my $fs = shift @quota;
69 delete $quota->{$dn} if $quota->{$dn} == 1;
70 $quota->{$dn}->{$fs} = join ':', @quota;
74 delete $quota->{$dn} unless $entry->get_value('quota');
78 foreach my $dn ( keys %{$quota} ) {
79 if ( ref $quota->{$dn} eq 'HASH' ) {
80 print STDERR "Modify $dn:\n";
82 print STDERR "\t$_:$Q{$_}\n";
83 $quota->{$dn}->{$_} = $Q{$_};
85 my @quota = map { "$_:$quota->{$dn}->{$_}" } keys %{$quota->{$dn}};
86 my $modify = $ldap->modify(
92 $modify->code && warn "Failed to modify quota: ", $modify->error, "\n";
94 if ( $quota->{$dn} == 1 ) {
96 print STDERR "Add $dn:\n";
98 print STDERR "\t$_:$Q{$_}\n";
99 $quota->{$dn}->{$_} = $Q{$_}
101 my @quota = map { "$_:$quota->{$dn}->{$_}" } keys %{$quota->{$dn}};
102 my $modify = $ldap->modify(
108 $modify->code && warn "Failed to modify quota: ", $modify->error, "\n";
109 } elsif ( $quota->{$dn} == 0 ) {
110 print STDERR "Delete $dn:\n";
111 my $modify = $ldap->modify(
115 $modify->code && warn "Failed to modify quota: ", $modify->error, "\n";
122 # bind to a directory with dn and password
123 my $ldap = Net::LDAP->new(
128 ) or die "Can't contact LDAP server ($@)\n";
131 # verify => 'require',
132 # clientcert => 'mycert.pem',
133 # clientkey => 'mykey.pem',
134 # decryptkey => sub { 'secret'; },
135 # capath => '/usr/local/cacerts/'
138 $ldap->bind($BindDN, password=>$Password);