#!/bin/sh -ef

. alterator-openldap-functions

init_groups_file=/etc/alterator/ldap-groups/group-init-list
system_groups_file=/etc/group

set_dn_conf()
{
    local dn="$(system-auth status|cut -f2 -d' ')"
    [ -n "$dn" ] || fatal "set_dn_conf: couldn't detect dn"

    DN_CONF="$(/usr/sbin/ldap-dn find "$dn")"
    [ -f "$DN_CONF" ] || fatal "set_dn_conf: $DN_CONF doesn't exist"

    export DN_CONF
    base_rootdn_rootpw
}

set_dn_conf


write_init_groups()
{
    local temp_file="$(mktemp -t ldap-groups.XXXXXX)"

    sort "$init_groups_file" >"$temp_file"
    sort -t: -k1,1 "$system_groups_file"|join -j1 -t: - "$temp_file"

    rm -f -- "$temp_file"
}

write_init_groups|
while IFS=: read group _ gid _ ;do
    ldap-groupadd "$group" "$gid"
done
