Skip to content

prevent user/pi/org uid/gid conflicts, avoid debian reserved ranges #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 14 commits into from
Jun 4, 2025
Merged
26 changes: 9 additions & 17 deletions resources/lib/UnityLDAP.php
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ public function getNextUIDNumber($UnitySQL)
$max_uid = $UnitySQL->getSiteVar('MAX_UID');
$new_uid = $max_uid + 1;

while ($this->UIDNumInUse($new_uid)) {
while ($this->IDNumInUse($new_uid)) {
$new_uid++;
}

Expand All @@ -138,7 +138,7 @@ public function getNextPiGIDNumber($UnitySQL)
$max_pigid = $UnitySQL->getSiteVar('MAX_PIGID');
$new_pigid = $max_pigid + 1;

while ($this->PIGIDNumInUse($new_pigid)) {
while ($this->IDNumInUse($new_pigid)) {
$new_pigid++;
}

Expand All @@ -152,7 +152,7 @@ public function getNextOrgGIDNumber($UnitySQL)
$max_gid = $UnitySQL->getSiteVar('MAX_GID');
$new_gid = $max_gid + 1;

while ($this->GIDNumInUse($new_gid)) {
while ($this->IDNumInUse($new_gid)) {
$new_gid++;
}

Expand All @@ -161,32 +161,24 @@ public function getNextOrgGIDNumber($UnitySQL)
return $new_gid;
}

private function UIDNumInUse($id)
private function IDNumInUse($id)
{
// id reserved for debian packages
if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)) {
return true;
}
$users = $this->userOU->getChildrenArray(true);
foreach ($users as $user) {
if ($user["uidnumber"][0] == $id) {
return true;
}
}

return false;
}

private function PIGIDNumInUse($id)
{
$pi_groups = $this->pi_groupOU->getChildrenArray(true);
foreach ($pi_groups as $pi_group) {
if ($pi_group["gidnumber"][0] == $id) {
return true;
}
}

return false;
}

private function GIDNumInUse($id)
{
$groups = $this->groupOU->getChildrenArray(true);
foreach ($groups as $group) {
if ($group["gidnumber"][0] == $id) {
Expand All @@ -212,7 +204,7 @@ public function getUnassignedID($uid, $UnitySQL)

if ($uid == $netid_match || $netid == $netid_match) {
// found a match
if (!$this->UIDNumInUse($uid_match) && !$this->GIDNumInUse($uid_match)) {
if (!$this->IDNumInUse($uid_match)) {
return $uid_match;
}
}
Expand Down