summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDerek Jennings <djennings@mageia.org>2013-08-31 13:59:16 +0100
committerDerek Jennings <djennings@mageia.org>2013-08-31 13:59:16 +0100
commit72ea5fb83d926327079b5632a9e81a029ec965d9 (patch)
tree14c07d932a7cd9e7994f5adc5cc1fc10d4eec3e7
parenta58c0a1eb4216b68d52c4eeb6343ddc71a70f7ff (diff)
downloaddrakx-72ea5fb83d926327079b5632a9e81a029ec965d9.tar
drakx-72ea5fb83d926327079b5632a9e81a029ec965d9.tar.gz
drakx-72ea5fb83d926327079b5632a9e81a029ec965d9.tar.bz2
drakx-72ea5fb83d926327079b5632a9e81a029ec965d9.tar.xz
drakx-72ea5fb83d926327079b5632a9e81a029ec965d9.zip
fix drakauth ldap configuration (mga#10005)
-rw-r--r--perl-install/NEWS1
-rw-r--r--perl-install/authentication.pm20
2 files changed, 11 insertions, 10 deletions
diff --git a/perl-install/NEWS b/perl-install/NEWS
index 9847c1bca..6cd23c7b9 100644
--- a/perl-install/NEWS
+++ b/perl-install/NEWS
@@ -1,3 +1,4 @@
+- fix drakauth ldap configuration (mga#10005)
- ensure files are installed for nfs (mga#10301)
- stage2: add Feature:Independently_install_desktop_environments
- add images for LXDE,E17,Razorqt,MATE for Feature:Independently_install_desktop_environments
diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index 714e815e9..048072aab 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -649,7 +649,7 @@ sub read_ldap_conf() {
my %conf = map {
s/^\s*#.*//;
if_(_after_read_ldap_line($_) =~ /(\S+)\s+(.*)/, $1 => $2);
- } cat_("$::prefix/etc/ldap.conf");
+ } cat_("$::prefix/etc/nslcd.conf");
\%conf;
}
@@ -669,7 +669,7 @@ sub update_ldap_conf {
$_ .= _pre_write_ldap_line("$cmd $val\n");
}
}
- } "$::prefix/etc/ldap.conf";
+ } "$::prefix/etc/nslcd.conf";
}
sub configure_krb5_for_AD {
@@ -897,23 +897,23 @@ sub fetch_dn {
sub configure_nss_ldap {
my ($authentication) = @_;
update_ldap_conf(
- host => $authentication->{LDAP_server},
+ uri => "ldaps://" . $authentication->{LDAP_server} . "/",
base => $authentication->{LDAPDOMAIN},
);
if ($authentication->{nssgrp} eq '1') {
update_ldap_conf(
- nss_base_shadow => $authentication->{nss_shadow} . "?sub",
- nss_base_passwd => $authentication->{nss_pwd} . "?sub",
- nss_base_group => $authentication->{nss_grp} . "?sub",
+ 'base shadow' => $authentication->{nss_shadow},
+ 'base passwd' => $authentication->{nss_pwd},
+ 'base group' => $authentication->{nss_grp},
);
} else {
update_ldap_conf(
- nss_base_shadow => $authentication->{LDAPDOMAIN} . "?sub",
- nss_base_passwd => $authentication->{LDAPDOMAIN} . "?sub",
- nss_base_group => $authentication->{LDAPDOMAIN} . "?sub",
+ 'base shadow' => $authentication->{LDAPDOMAIN},
+ 'base passwd' => $authentication->{LDAPDOMAIN},
+ 'base group' => $authentication->{LDAPDOMAIN},
);
}
if ($authentication->{anonymous} eq '1') {
@@ -926,7 +926,7 @@ sub configure_nss_ldap {
if ($authentication->{cafile} eq '1') {
update_ldap_conf(
ssl => "on",
- tls_checkpeer => "yes",
+ tls_reqcert => "demand",
tls_cacertfile => $authentication->{file},
);
}