diff options
| author | Rich Megginson <rmeggins@redhat.com> | 2007-06-19 18:24:58 +0000 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2007-06-19 18:24:58 +0000 |
| commit | 72da2df3bae21741217e3175e020cdc3b83ac172 (patch) | |
| tree | 4e12d324257ca8cfe4ba39ceb4337adfe0df588e /ldap/admin/src | |
| parent | 0046d389d23bd217e3109949064c33de07dbc017 (diff) | |
| download | ds-72da2df3bae21741217e3175e020cdc3b83ac172.tar.gz ds-72da2df3bae21741217e3175e020cdc3b83ac172.tar.xz ds-72da2df3bae21741217e3175e020cdc3b83ac172.zip | |
Resolves: bug 237356
Description: Move DS Admin Code into Admin Server - ldif templates, pwdhash
Reviewed by: nhosoi (Thanks!)
Fix Description: These changes are primarily to allow the admin server setup to run completely in perl with no more setuputil code.
1) Added LDIF templates for DS config. template-dse.ldif is the core minimal directory server configuration. Values can be replaced with parameters in the same style as used with register_server.pl - %token%. For the plugin entries, the plugin shared library name is now just a name. There is no more full path. The code in dynalib.c handles this case by using the compiled in PLUGINDIR. The NSPR function PR_GetLibraryName knows the correct shared lib suffix for the platform. All of this allows us to do 2).
2) Added ability to run pwdhash with no server configuration. If no configuration is given, it uses the template-dse.ldif above. And instead of having to worry about where the plugins are installed and the shared lib suffix, it just depends on the above changes. This allows us to generate password hashes during setup before the directory server instance is created, and also to keep clear text password usage to a minimum.
3) Added defaultuser and defaultgroup.
4) Added support for continuation lines in Inf files.
5) All user visible messages during setup should be localizable
Platforms tested: RHEL4
Flag Day: Yes, autotool file changes.
Doc impact: Yes, along with the previous fixes for this bug.
Diffstat (limited to 'ldap/admin/src')
| -rw-r--r-- | ldap/admin/src/scripts/DialogManager.pm | 4 | ||||
| -rw-r--r-- | ldap/admin/src/scripts/Inf.pm | 37 | ||||
| -rw-r--r-- | ldap/admin/src/scripts/Setup.pm.in | 16 | ||||
| -rw-r--r-- | ldap/admin/src/scripts/SetupDialogs.pm.in (renamed from ldap/admin/src/scripts/SetupDialogs.pm) | 4 | ||||
| -rw-r--r-- | ldap/admin/src/scripts/Util.pm.in (renamed from ldap/admin/src/scripts/Util.pm) | 34 | ||||
| -rw-r--r-- | ldap/admin/src/scripts/setup-ds.res.in | 2 |
6 files changed, 73 insertions, 24 deletions
diff --git a/ldap/admin/src/scripts/DialogManager.pm b/ldap/admin/src/scripts/DialogManager.pm index 7c68cdac..bbf85c9f 100644 --- a/ldap/admin/src/scripts/DialogManager.pm +++ b/ldap/admin/src/scripts/DialogManager.pm @@ -94,6 +94,10 @@ sub isBack { my $self = shift; my $ans = shift; + if (!$ans) { + return 0; + } + # the word "back" if ($ans =~ /back/i) { return 1; diff --git a/ldap/admin/src/scripts/Inf.pm b/ldap/admin/src/scripts/Inf.pm index b5f10136..4c6bd2c6 100644 --- a/ldap/admin/src/scripts/Inf.pm +++ b/ldap/admin/src/scripts/Inf.pm @@ -67,7 +67,7 @@ sub read { # and the value is the config param value my $self = shift; my $filename = shift; - my $curSection; + my $curSection = ""; if ($filename) { $self->{filename} = $filename; @@ -75,17 +75,36 @@ sub read { $filename = $self->{filename}; } + my $incontinuation = 0; + my $curkey; open INF, $filename or die "Error: could not open inf file $filename: $!"; while (<INF>) { - # e.g. [General] - if (/^\[(.*?)\]/) { + my $iscontinuation; + chop; # trim trailing newline + if (/^\s*$/) { # skip blank/empty lines + $incontinuation = 0; + next; + } + if (/^\s*\#/) { # skip comment lines + $incontinuation = 0; + next; + } + if (/\\$/) { # line ends in \ - continued on next line + chop; + $iscontinuation = 1; + } + if ($incontinuation) { + $self->{$curSection}->{$curkey} .= "\n" . $_; # add line in entirety to current value + } elsif (/^\[(.*?)\]/) { # e.g. [General] $curSection = $1; - } elsif (/^\s*$/) { - next; # skip blank lines - } elsif (/^\s*\#/) { - next; # skip comment lines - } elsif (/^\s*(.*?)\s*=\s*(.*?)\s*$/) { - $self->{$curSection}->{$1} = $2; + } elsif (/^\s*(.*?)\s*=\s*(.*?)\s*$/) { # key = value + $curkey = $1; + $self->{$curSection}->{$curkey} = $2; + } + if ($iscontinuation) { # if line ends with a backslash, continue the data on the next line + $incontinuation = 1; + } else { + $incontinuation = 0; } } close INF; diff --git a/ldap/admin/src/scripts/Setup.pm.in b/ldap/admin/src/scripts/Setup.pm.in index 2e1ea646..f1a60719 100644 --- a/ldap/admin/src/scripts/Setup.pm.in +++ b/ldap/admin/src/scripts/Setup.pm.in @@ -111,6 +111,7 @@ EOF sub new { my $type = shift; my $self = {}; + $self->{res} = shift; my ($debuglevel, $silent, $inffile, $keep, $preonly, $logfile); my @otherargs; @@ -147,7 +148,7 @@ sub new { # arguments override those passed in via an inf file - this # allows the reuse of .inf files with some parameters overridden for (@ARGV) { - if (/^(\w+)\.(\w+)=(.*)$/) { # e.g. section.param=value + if (/^(\w_-+)\.(\w_-+)=(.*)$/) { # e.g. section.param=value $self->{inf}->{$1}->{$2} = $3; } else { # error print STDERR "Error: unknown command line option $_\n"; @@ -176,6 +177,11 @@ sub log { # if you use msg like this: # msg($WARN, "some message") # it will go to the screen and to the log at the $WARN level +# all messages are localizable - you must define a resource key +# the first string passed to this method is a resource key +# additional strings are used as "arguments" to that resource key +# if you want to print un-localizable messages, use debug or write +# directly to the log or screen sub msg { my $self = shift; my $level = shift; @@ -189,16 +195,16 @@ sub msg { unshift @text, $level; $level = $INFO; } + my $string = $self->{res}->getText(@text); if ($level) { - $self->log($level, @text); + $self->log($level, $string); } - print @text; + print $string; } sub doExit { my $self = shift; - $self->msg($FATAL, "Exiting . . .\n"); - $self->msg("Log file is " . $self->{log}->{filename} . "\n"); + $self->msg($FATAL, 'setup_exiting', $self->{log}->{filename}); exit 1; } diff --git a/ldap/admin/src/scripts/SetupDialogs.pm b/ldap/admin/src/scripts/SetupDialogs.pm.in index 360c780c..86f9ebae 100644 --- a/ldap/admin/src/scripts/SetupDialogs.pm +++ b/ldap/admin/src/scripts/SetupDialogs.pm.in @@ -216,7 +216,7 @@ my $usergroup = new Dialog ( my $username = $self->{manager}->{inf}->{General}->{SuiteSpotUserID}; if (!$username) { if ($> == 0) { # if root, use the default user - $username = "\@defaultuser\@"; + $username = "@defaultuser@"; } else { # if not root, use the user's uid $username = getlogin; } @@ -226,7 +226,7 @@ my $usergroup = new Dialog ( my $groupname = $self->{manager}->{inf}->{General}->{SuiteSpotGroup}; if (!$groupname) { if ($> == 0) { # if root, use the default group - $groupname = "\@defaultgroup\@"; + $groupname = "@defaultgroup@"; } else { # if not root, use the user's gid $groupname = getgrgid $(; } diff --git a/ldap/admin/src/scripts/Util.pm b/ldap/admin/src/scripts/Util.pm.in index 5217c198..7897c5ab 100644 --- a/ldap/admin/src/scripts/Util.pm +++ b/ldap/admin/src/scripts/Util.pm.in @@ -46,9 +46,11 @@ use Mozilla::LDAP::LDIF; require Exporter; @ISA = qw(Exporter); @EXPORT = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries - process_maptbl check_and_add_entry getMappedEntries); + process_maptbl check_and_add_entry getMappedEntries + getHashedPassword); @EXPORT_OK = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries - process_maptbl check_and_add_entry getMappedEntries); + process_maptbl check_and_add_entry getMappedEntries + getHashedPassword); use strict; @@ -88,7 +90,7 @@ sub isValidDN { } sub debug { - print @_, "\n"; +# print @_, "\n"; } # delete the subtree starting from the passed entry @@ -143,10 +145,9 @@ sub comp_entries next if ( $ignorelist{lc($akey)} ); my $aval0 = $e0->{$akey}; my $aval1 = $e1->{$akey}; - my $amin; - my $amax; my $a0max = $#{$aval0}; my $a1max = $#{$aval1}; + my $amin = $#{$aval0}; if ( $a0max != $a1max ) { if ( $speciallist{lc($akey)} ) @@ -155,12 +156,10 @@ sub comp_entries if ( $a0max < $a1max ) { $amin = $a0max; - $amax = $a1max; } else { $amin = $a1max; - $amax = $a0max; } } else @@ -168,7 +167,7 @@ sub comp_entries $rc = -1; return $rc; } - } + } my @sval0 = sort { $a cmp $b } @{$aval0}; my @sval1 = sort { $a cmp $b } @{$aval1}; for ( my $i = 0; $i <= $amin; $i++ ) @@ -609,4 +608,23 @@ sub process_maptbl return $mapper; } +sub getHashedPassword { + my $pwd = shift; + my $alg = shift; + + if ($pwd =~ /\{\w+\}.+/) { + return $pwd; # already hashed + } + + my $cmd = "@bindir@/pwdhash"; + if ($alg) { + $cmd .= " -s $alg"; + } + $cmd .= " \'$pwd\'"; + my $hashedpwd = `$cmd`; + chomp($hashedpwd); + + return $hashedpwd; +} + 1; diff --git a/ldap/admin/src/scripts/setup-ds.res.in b/ldap/admin/src/scripts/setup-ds.res.in index 80eb9fde..1915be3c 100644 --- a/ldap/admin/src/scripts/setup-ds.res.in +++ b/ldap/admin/src/scripts/setup-ds.res.in @@ -85,3 +85,5 @@ backend_already_exists = A database backend with the name '%s' already exists. suffix_already_exists = The suffix '%s' already exists. Config entry DN '%s'.\n\n error_creating_suffix_backend = Could not create the suffix '%s'. There was an error creating the backend database named '%s' for the suffix. Error: %s\n\n error_creating_suffix = Could not create the suffix '%s'. Error: %s\n\n + +setup_exiting = Exiting . . .\nLog file is '%s'\n\n |