diff options
Diffstat (limited to 'ldap_wizard')
-rw-r--r-- | ldap_wizard/Ldap.pm | 268 |
1 files changed, 133 insertions, 135 deletions
diff --git a/ldap_wizard/Ldap.pm b/ldap_wizard/Ldap.pm index 9992bd27..cf5b8b06 100644 --- a/ldap_wizard/Ldap.pm +++ b/ldap_wizard/Ldap.pm @@ -20,8 +20,6 @@ use Net::LDAP::Util qw(ldap_error_text); # die "You are not root Exiting\n"; #} - - my $o = { name => N("Add POSIX account"), var => { @@ -66,14 +64,12 @@ my $hostname = `hostname`; $o->{var}{srv} = $hostname; if (-f $conf_file) { - - my %conf = getVarsFromSh($conf_file); - $o->{var}{suffix} = $conf{suffix}; - $o->{var}{rootdn} = $conf{rootdn}; - $o->{var}{rootpass} = $conf{rootpass}; - $o->{var}{srv} = $conf{srv}; - $o->{var}{defou} = $conf{users}; - + my %conf = getVarsFromSh($conf_file); + $o->{var}{suffix} = $conf{suffix}; + $o->{var}{rootdn} = $conf{rootdn}; + $o->{var}{rootpass} = $conf{rootpass}; + $o->{var}{srv} = $conf{srv}; + $o->{var}{defou} = $conf{users}; } else { my $hostname = chomp_(`hostname`); $o->{var}{srv} = $hostname; @@ -81,8 +77,8 @@ if (-f $conf_file) { } my %level = ( - 1 => N("Server - Set configuration of LDAP server"), - 2 => N("Add - Add user in LDAP server"), + 1 => N("Configure a LDAP server"), + 2 => N("Add user in LDAP server"), ); $o->{pages} = { @@ -92,87 +88,89 @@ $o->{pages} = { pre => sub { $o->{var}{wiz_level} ||= 1; }, - post => sub { + post => sub { if ($o->{var}{wiz_level} == 2) { - return 'add_userposix'; + ! -f $conf_file and $::in->ask_warn(N("Error"), N("You must setup a LDAP server first.")) and return 'set_srv'; + return 'add_userposix'; } }, data => [ - { - label => N("Your choice:") . "\n\n", val => \$o->{var}{wiz_level}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } }, + { label => N("Your choice:") . "\n\n", val => \$o->{var}{wiz_level}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } }, ], next => 'set_srv', }, add_userposix => { - name => N("LDAP User Add") . "\n\n" . N("User Create in: ") . $o->{var}{defou} . "," . $o->{var}{suffix}, - data => [ - { - label => N("First Name:"), val => \$o->{var}{sn} }, - { - label => N("Name:"), val => \$o->{var}{cn} }, - { - label => N("User Name:"), val => \$o->{var}{uid} }, + name => N("LDAP User Add") . "\n\n" . N("User Create in: ") . $o->{var}{defou} . ", " . $o->{var}{suffix}, + data => [ + { label => N("First Name:"), val => \$o->{var}{sn}, help => N("aide p") }, + { label => N("Name:"), val => \$o->{var}{cn}, help => N("aide p") }, + { label => N("User Name:"), val => \$o->{var}{uid}, help => N("aide p") }, ], + complete => sub { + if (!$o->{var}{sn}) { + $::in->ask_warn(N("Error"), N("You must enter a valid First Name.")); + return 1; + if (!$o->{var}{cn}) { + $::in->ask_warn(N("Error"), N("You must enter a valid Name.")); + return 1; + } + if (!$o->{var}{uid}) { + $::in->ask_warn(N("Error"), N("You must enter a valid User Name.")); + return 1; + } + } + }, next => 'password' }, - password => { - name => N("LDAP User Password") . "\n\n" . N("Password for Users: ") . $o->{var}{cn} . $o->{var}{defou} . "," . $o->{var}{suffix}, - data => [ - { - label => N("Password:"), val => \$o->{var}{uidpass}, hidden => 1 }, - { - label => N("Password (again):"), val => \$o->{var}{uidpass2}, hidden => 1 }, + password => { + name => N("LDAP User Password"), + data => [ + { label => N("Password:"), val => \$o->{var}{uidpass}, hidden => 1, help => N("passwords must match") }, + { label => N("Password (again):"), val => \$o->{var}{uidpass2}, hidden => 1, help => N("passwords must match") }, ], complete => sub { - if (!$o->{var}{uidpass}) { - $::in->ask_warn(N("Error"), N("You must enter a password for LDAP.")); + if (!$o->{var}{uidpass}) { + $::in->ask_warn(N("Error"), N("You must enter a password for LDAP.")); + return 1; + } + if (!($o->{var}{uidpass} eq $o->{var}{uidpass2})) { + $::in->ask_warn(N("Error"), N("The passwords do not match")); return 1; - } - if (!($o->{var}{uidpass} eq $o->{var}{uidpass2})) { - $::in->ask_warn(N("Error"), N("The passwords do not match")); - return 1; - } + } }, - next => 'summary_add_user' }, - set_srv => { name => N("Configuring LDAP Server"), data => [ - { - label => N("LDAP Suffix:")."\n".("ex: dc=example,dc=com")."\n", val => \$o->{var}{suffix} }, - { - label => N("LDAP Administrator:")."\n".("ex: cn=root,dc=example,dc=com")."\n\n", val => \$o->{var}{rootdn} }, - { - label => N("LDAP Password:"), hidden => 1, val => \$o->{var}{rootpass} }, - { - label => N("LDAP Password (again):"), hidden => 1, val => \$o->{var}{rootpass2} }, + { label => N("LDAP Suffix:\n ex: dc=example,dc=com\n"), val => \$o->{var}{suffix}, help => N("aide p") }, + { label => N("LDAP Administrator:\n ex: cn=root,dc=example,dc=com"), val => \$o->{var}{rootdn}, help => N("aide p") }, + { label => N("LDAP Password:"), hidden => 1, val => \$o->{var}{rootpass}, help => N("aide p") }, + { label => N("LDAP Password (again):"), hidden => 1, val => \$o->{var}{rootpass2}, help => N("aide p") }, ], complete => sub { - if (!$o->{var}{suffix}) { - $::in->ask_warn(N("Error"), N("You must enter a suffix for LDAP.")); - return 1; - } - if (!$o->{var}{rootpass}) { - $::in->ask_warn(N("Error"), N("You must enter a password for LDAP.")); - return 1; - } - if (!($o->{var}{rootpass} eq $o->{var}{rootpass2})) { - $::in->ask_warn(N("Error"), N("The passwords do not match")); - return 1; - } - }, + if (!$o->{var}{suffix}) { + $::in->ask_warn(N("Error"), N("You must enter a suffix for LDAP.")); + return 1; + } + if (!$o->{var}{rootpass}) { + $::in->ask_warn(N("Error"), N("You must enter a password for LDAP.")); + return 1; + } + if (!($o->{var}{rootpass} eq $o->{var}{rootpass2})) { + $::in->ask_warn(N("Error"), N("The passwords do not match")); + return 1; + } + }, next => 'summary_set_srv', - }, summary_add_user => { name => N("Confirmation of the user to create"), data => [ - {label => N("Name:"), type => 'field', fixed_val => \$o->{var}{sn} }, - {label => N("First name:"), type => 'field', fixed_val => \$o->{var}{cn} }, - {label => N("User Name:"), type => 'field', fixed_val => \$o->{var}{uid} }, - {label => N("Create in:"), type => 'field', val => $o->{var}{defou}.$o->{var}{suffix} }, + { label => N("Name:"), type => 'field', fixed_val => \$o->{var}{sn} }, + { label => N("First name:"), type => 'field', fixed_val => \$o->{var}{cn} }, + { label => N("User Name:"), type => 'field', fixed_val => \$o->{var}{uid} }, + { label => N("Create in:"), type => 'field', fixed_val => \$o->{var}{defou} }, #. \$o->{var}{suffix} }, ], post => \&do_it_user_add, next => 'endadd' @@ -180,14 +178,13 @@ $o->{pages} = { summary_set_srv => { name => N("Confirmation Information for create LDAP server"), data => [ - {label => N("Organisation LDAP:"), type => 'field', val => $o->{var}{suffix} }, - {label => N("Administrator LDAP:"), type => 'field', val => $o->{var}{rootdn} }, - {label => N("Arbo LDAP:")."\n", type => 'field', val => " " }, - {label => N(""), type => 'field', val => $o->{var}{suffix} }, - {label => N(""), type => 'field', val => " ou=hosts" }, - {label => N(""), type => 'field', val => " ou=groups" }, - {label => N(""), type => 'field', val => " ou=users" }, - + { label => N("Organisation LDAP:"), type => 'field', fixed_val => \$o->{var}{suffix} }, + { label => N("Administrator LDAP:"), type => 'field', fixed_val => \$o->{var}{rootdn} }, +# { label => N("Arbo LDAP:"), type => 'field', fixed_val => " " }, + { label => N(""), type => 'field', fixed_val => $o->{var}{suffix} }, + { label => N(""), type => 'field', fixed_val => " ou=hosts" }, + { label => N(""), type => 'field', fixed_val => " ou=groups" }, + { label => N(""), type => 'field', fixed_val => " ou=users" }, ], post => \&do_it_setldap, next => 'end' @@ -209,53 +206,54 @@ $o->{pages} = { }; sub do_it_setldap { - if (!-f $LDAPCONF) { - die "no $LDAPCONF found"; - } - cp_af($LDAPCONF, $LDAPCONF . '.save'); - if (!-f "$LDAPCONF.example") { - cp_af($LDAPCONF, $LDAPCONF . '.example'); - } - cp_af($LDAPCONF . '.example', $LDAPCONF); - # set suffix - if (any { /^suffix/ } cat_($LDAPCONF)) { - substInFile { - s/suffix.*/suffix\t"$o->{var}{suffix}"/; - } $LDAPCONF; - } else { - append_to_file($LDAPCONF, qq(suffix\t"$o->{var}{suffix}")); - } - - # s/example/$dcall + return if $::testing; + if (!-f $LDAPCONF) { + die "no $LDAPCONF found"; + } + cp_af($LDAPCONF, $LDAPCONF . '.save'); + if (!-f "$LDAPCONF.example") { + cp_af($LDAPCONF, $LDAPCONF . '.example'); + } + cp_af($LDAPCONF . '.example', $LDAPCONF); + # set suffix + if (any { /^suffix/ } cat_($LDAPCONF)) { substInFile { - s/example/$o->{var}{suffix}/g; + s/suffix.*/suffix\t"$o->{var}{suffix}"/; } $LDAPCONF; + } else { + append_to_file($LDAPCONF, qq(suffix\t"$o->{var}{suffix}")); + } + + # s/example/$dcall + substInFile { + s/example/$o->{var}{suffix}/g; + } $LDAPCONF; + + # set rootdn + if (any { /^rootdn/ } cat_($LDAPCONF)) { + substInFile { + s/rootdn.*/rootdn\t"$o->{var}{rootdn}"/; + } $LDAPCONF; + } else { + append_to_file($LDAPCONF, qq(rootdn\t"$o->{var}{rootdn},$o->{var}{suffix}")); + } - # set rootdn - if (any { /^rootdn/ } cat_($LDAPCONF)) { - substInFile { - s/rootdn.*/rootdn\t"$o->{var}{rootdn}"/; - } $LDAPCONF; - } else { - append_to_file($LDAPCONF, qq(rootdn\t"$o->{var}{rootdn},$o->{var}{suffix}")); - } - - # set rootpass - my $cryptpass = crypt($o->{var}{rootpass}, "crypt"); - if (any { /^rootpw/ } cat_($LDAPCONF)) { - substInFile { - #s/rootpw.*/rootpw $cryptpass/; - s/rootpw.*/rootpw $o->{var}{rootpass}/; - } $LDAPCONF; - } else { - #append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass"); - append_to_file($LDAPCONF, "rootpw $o->{var}{rootpass}"); - } + # set rootpass + my $cryptpass = crypt($o->{var}{rootpass}, "crypt"); + if (any { /^rootpw/ } cat_($LDAPCONF)) { + substInFile { + #s/rootpw.*/rootpw $cryptpass/; + s/rootpw.*/rootpw $o->{var}{rootpass}/; + } $LDAPCONF; + } else { + #append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass"); + append_to_file($LDAPCONF, "rootpw $o->{var}{rootpass}"); + } # create config file in /etc/sysconfig/ldapconf - output($conf_file, <<EOF); + output($conf_file, <<EOF); srv=$o->{var}{srv} suffix=$o->{var}{suffix} rootdn=$o->{var}{rootdn} @@ -263,23 +261,23 @@ rootpass=$o->{var}{rootpass} users=$o->{var}{defou} EOF - # reset premisions - system("chown -R root.ldap /etc/openldap"); - system("service ldap restart"); - init_ldap(); + # reset premisions + system("chown -R root.ldap /etc/openldap"); + system("service ldap restart"); + init_ldap(); } sub init_ldap { - my $root_cn = (split('=', (split(/,/, $o->{var}{rootdn}))[0]))[1]; - my $ldap_dc = (split('=', (split(/,/, $o->{var}{suffix}))[0]))[1]; - - $o->{var}{rootdn} =~ /cn=(\w+),/ and my $cnadmin = $1; - - my $LDAP; - open($LDAP, "| ldapadd -x -D '$o->{var}{rootdn}' -w $o->{var}{rootpass}"); - - print $LDAP <<RootLdif; + my $root_cn = (split('=', (split(/,/, $o->{var}{rootdn}))[0]))[1]; + my $ldap_dc = (split('=', (split(/,/, $o->{var}{suffix}))[0]))[1]; + + $o->{var}{rootdn} =~ /cn=(\w+),/ and my $cnadmin = $1; + + my $LDAP; + open($LDAP, "| ldapadd -x -D '$o->{var}{rootdn}' -w $o->{var}{rootpass}"); + + print $LDAP <<RootLdif; dn: $o->{var}{suffix} dc: $ldap_dc objectClass: dcObject @@ -311,23 +309,23 @@ objectClass: organizationalUnit RootLdif - close($LDAP) + close($LDAP) } sub do_it_user_add { - return if $::testing; - my $ldap = ldap_connect($o); - my $mesg = add_user($o); + return if $::testing; + my $ldap = ldap_connect($o); + my $mesg = add_user($o); } sub new { - my ($class) = @_; - bless { - o => $o, - }, $class; + my ($class) = @_; + bless { + o => $o, + }, $class; } 1; |