NCP Remove Trustees Script


This bash script will parse the trustees kept in the NCP trustee_database.xml file (media/nss/VOLUME/._NETWARE/.trusteee_database.xml) for the supplied NSS volume and create a script that will remove the trustees using the "ncpcon rights" commands.

WARNING: Make sure to backup your trustees before running the script with the "metamig" utility.

Save Example (backs up all NSS VOL1 metadata):

metamig save VOL1 > metamig-bu-VOL1.txt

Restore Example (restores only trustee NSS VOL1 metadata)
metaming restore VOL1 -m t < metamig-bu-VOL1.txt

Steps to use:

  1. Extract the ncp-remove-trustees.tgz file with "tar xzvf ncp-remove-trustees.tgz" Then make executable.

  • Execute the script as the "root" user and supply the volume name.

    Where you execute the script from will be where the script will be located. Other files needed for processing are /tmp/trusteepath-VOLUME.txt and /tmp/trusteename-VOLUME.txt (delete them when you no longer need them)

    The script will not remove any trustees from the volume. You have to execute that output script for trustees to actually be removed. This lets you see what it is going to do before you execute

  • Add the execute permission to

  • Run the script.


How To-Best Practice
Comment List
  • If a directory name contains the word "name" like /media/nss/VOL/xxxx/domainnames, the script fails with different lines count:
    Error: .....files do not have the same number of lines....

    Change line 10 from the script:
    cat /media/nss/$VOL/._NETWARE/.trustee_database.xml | egrep "name" | cut -d ">" -f2 | cut -d "<" -f1 | sed s/^.// > /tmp/trusteename-$VOL.txt

    cat /media/nss/$VOL/._NETWARE/.trustee_database.xml | egrep "" | cut -d ">" -f2 | cut -d "<" -f1 | sed s/^.// > /tmp/trusteename-$VOL.txt

    Hope, that nobody has a directory, that containsthe word ""....