HPE Community
Operating System - HP-UX
1752290 Members
4650 Online
108786 Solutions
New Discussion юеВ

radius users file - want to script the edit.

 
SOLVED
Go to solution
rmueller58
Valued Contributor

тАО03-28-2011 07:33 AM

тАО03-28-2011 07:33 AM

radius users file - want to script the edit.

We have a radius auth box, as it stands when we add new devices to the network, we need to manually add a new entry, I want to INSERT a tmp file INTO to the radius users file at a specific line of the user primary users file



0012AB123456 Auth-Type := Local, User-Password == "WIFISECRET"
#Pat Jones Dell Laptop


I was thinking of just concatenating the file but there is header information based on department the guys who built this pig before have headers for departments strung through out the file.

Each Header is Marked with a
# OUR BUSINESS NAME - DEPARTMENT

there are 7 departments
# OUR BUSINESS NAME - Accounting
# OUR BUSINESS NAME - Information Systems
# OUR BUSINESS NAME - etc...


in my script I can find the "Department Section" using

grep "#OUR |grep ${DEPT}"
just not quit sure best way to insert the subcode file i build:


0012AB123456 Auth-Type := Local, User-Password == "WIFISECRET"
#Pat Jones Dell Laptop


any insight or suggestions appreciated.


0 Kudos
Reply
10 REPLIES 10
James R. Ferguson
Acclaimed Contributor

тАО03-28-2011 08:11 AM

тАО03-28-2011 08:11 AM

Re: radius users file - want to script the edit.

Hi Rex:

You could do:

# cat ./myfilter
#!/usr/bin/perl
use strict;
use warnings;
my $injectionpoint = shift;
my $file_to_inject = shift;
die unless $injectionpoint and $file_to_inject;
open ( my $fh, '<', $file_to_inject )
or die "Can't open '$file_to_inject': $!\n";
my @newtext = <$fh>;
close $fh;
while (<>) {
if ( m{OUR BUSINESS.+$injectionpoint}i ) {
print;
print @newtext;
}
else {
print;
}
}
1;

...where you run as:

# ./myfilter Accounting file_to_insert radius_file

...for example, assuming that you want to add the contents of 'file_to_insert' into the 'radius_file' after the line that begins with "Accounting".

Regards!

...JRF...
Reply
Hein van den Heuvel
Honored Contributor

тАО03-28-2011 08:15 AM

тАО03-28-2011 08:15 AM

Re: radius users file - want to script the edit.

I would problably just get into vi look for my spot and suck in the tmp file.

But here is one automated way to go about it....

Assume tmp file is called tmp.txt and data file is radius.txt, and department is Acco.

$ awk '/^# OUR/ && /Acco/ {print; while (getline < "tmp.txt" ) {print} $0="" } 1' radius.txt


So we look for a line starting with # OUR COMPANY,
And also having the department name.
If found print that line and,
loop over tmp.txt printing each line and,
clear the last $0 line.
The "1" is always true and makes awk take the default action of printing the current ($0) line.

Use shell quoting, or awk -v option to pass in variables, or just change the line.

fwiw,
Hein



0 Kudos
Reply
rmueller58
Valued Contributor

тАО03-28-2011 08:17 AM

тАО03-28-2011 08:17 AM

Re: radius users file - want to script the edit.

Thanks James,

I think I get the idea, build the insert file first then call the perl routine, to insert into the file.

This definitely will head me in the direction I need to go!!


0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО03-28-2011 08:20 AM

тАО03-28-2011 08:20 AM

Solution

Re: radius users file - want to script the edit.

Hi (again) Rex:

> I think I get the idea, build the insert file first then call the perl routine, to insert into the file.

Isn't that what you envisioned? If the file to insert always consists of the same text, we could build that too into the script (as a here-document).

Regards!

...JRF...
Reply
Hein van den Heuvel
Honored Contributor

тАО03-28-2011 08:26 AM

тАО03-28-2011 08:26 AM

Re: radius users file - want to script the edit.



$ awk 'BEGIN {RS="~"; getline tmp<"tmp.txt"; RS="\n"} /^# OUR/ && /Acco/ {print; $0=tmp } 1' radius.txt


RS="~"; record seperator = funky character getline new<"tmp.txt"; suck up tmp file into tmp variable
RS="\n"; record separator back to normal new-line
/^# OUR/ && /Acco/ ; right line?
print; right header
$0=new }; set up to print tmp
1; print current line.

Hein

Reply
rmueller58
Valued Contributor

тАО03-28-2011 09:09 AM

тАО03-28-2011 09:09 AM

Re: radius users file - want to script the edit.

james, that is exactly where I want to go with it!!

Hein, thanks for the info as well. I do have another thing I will post after I get the 1st portion working.
0 Kudos
Reply
Hein van den Heuvel
Honored Contributor

тАО03-28-2011 09:42 AM

тАО03-28-2011 09:42 AM

Re: radius users file - want to script the edit.

>> do have another thing

let me guess....
1)you want the new user after the existing department?
2) sorted?

1)hardcoded
$ awk 'BEGIN {RS="~"; getline new<"tmp.txt"; RS="\n"} END {if (x) print new} /^# OUR/ {if (/Acco/)
{x=1} else { if (x) print new; x=0}} 1' radius.txt

1) with variables

$ awk -vtmp=tmp.txt -vdept=Acco 'BEGIN {RS="~"; getline new/^# OUR/ {if (index($0,dept)) {x=1} else {print new; x=0}} 1' radius.txt

of course by now, as the complexity increases, you want use a full script instead of a 'one-liner' thus far.

[done with my lunch break]

Enjoy,

Hein



Reply
rmueller58
Valued Contributor

тАО03-28-2011 09:56 AM

тАО03-28-2011 09:56 AM

Re: radius users file - want to script the edit.

Hein,

yes, I am planning on building a menu to take the brains out of the picture. as I don't maintain the file, I've got peers who edit files and I wind up chasing mistakes when Radius doesn't restart!.

going to do a Menu that,

Selects the Department, then reads the "username" "Full name" and Password, puts these items in a "tmp file" and then puts this "tmpfile" at an the "insertpoint".

would like to put a check on the username, as we use a "1234567890abcdef" (mac address) to restrict access. (any thoughts on that?)
10 characters required, no more no less, and only typical mac address format.
0012AB123456, or 0021EF654321, etc, etc..

would like to force check, but that is for another day!

Sorting isn't important. the daemon will read the file so long as syntax is as described.


0 Kudos
Reply
Hein van den Heuvel
Honored Contributor

тАО03-28-2011 10:27 AM

тАО03-28-2011 10:27 AM

Re: radius users file - want to script the edit.

>> would like to put a check on the username, as we use a "1234567890abcdef" (mac address) to restrict access. (any thoughts on that?)

You can probably do that in the shell.
I would use a regular expression in PERL as in:

$ perl -le '$_ = uc shift; print /^[0-9A-F]{10,}$/'

This prints a 1 if the argument is ok.

Other example:

$ perl -le '$_ = uc shift; print ((/^[0-9A-F]{10,}$/) ? "Good" : "Bad")' 012345678
Bad


the 'uc' upcase function can be dropped if the case is know, or the regexpr is changed to [0-9A-Fa-f]

Hein

Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.