diff options
-rw-r--r-- | ldap_wizard/Ldap.pm | 333 |
1 files changed, 333 insertions, 0 deletions
diff --git a/ldap_wizard/Ldap.pm b/ldap_wizard/Ldap.pm new file mode 100644 index 00000000..9992bd27 --- /dev/null +++ b/ldap_wizard/Ldap.pm @@ -0,0 +1,333 @@ +#!/usr/bin/perl +# version 0.1 +# GPL like +# aginies@mandrakesoft.com + +package MDK::Wizard::Ldap; +use lib qw(/usr/lib/libDrakX); +use ugtk2; +use strict; +use ldapdef; +use common; +use standalone; +use MDK::Wizard::Varspaceval; +use MDK::Wizard::Wizcommon; +use Expect; +require Net::LDAP; +use Net::LDAP::Util qw(ldap_error_text); + +#unless ($> == 0) { +# die "You are not root Exiting\n"; +#} + + + +my $o = { + name => N("Add POSIX account"), + var => { + defou => 'ou=Users', + srv => '', + dom => 'mandrakesoft.com', + suffix => '', + rootdn => '', + rootpass => '', + rootpass2 => '', + cn => '', + sn => '', + uid => '', + uidpass => '', + lshell => '/bin/bash', + home => '/home/', + uidnb => '1004', + gidnb => '1004', + container => 'container', + objectclass => 'top,account,posixaccount', + shadowmax => '99999', + shadowmin => '-1', + plop => '', + tmp => '', + nom => '', + prenom => '', + }, + needed_rpm => [ 'openldap-server' ], + defaultimage => "/usr/share/wizards/proxy_wizard/images/proxy.png" + }; + + + +my $ldap_suffix=join(',dc=', split(/\./, chomp_(`hostname -f`))); +$ldap_suffix =~ s/[^,]*,//; +my $conf_file = "/etc/sysconfig/ldapconf"; +my $LDAPCONF = "/etc/openldap/slapd.conf"; + +##### Read conf file is exist + +my $hostname = `hostname`; +$o->{var}{srv} = $hostname; + +if (-f $conf_file) { + + my %conf = getVarsFromSh($conf_file); + $o->{var}{suffix} = $conf{suffix}; + $o->{var}{rootdn} = $conf{rootdn}; + $o->{var}{rootpass} = $conf{rootpass}; + $o->{var}{srv} = $conf{srv}; + $o->{var}{defou} = $conf{users}; + +} else { + my $hostname = chomp_(`hostname`); + $o->{var}{srv} = $hostname; + $o->{var}{suffix} = $ldap_suffix; +} + +my %level = ( + 1 => N("Server - Set configuration of LDAP server"), + 2 => N("Add - Add user in LDAP server"), + ); + +$o->{pages} = { + welcome => { + name => N("LDAP configuration wizard") . "\n\n" . N("Setup a LDAP server."), + no_back => 1, + pre => sub { + $o->{var}{wiz_level} ||= 1; + }, + post => sub { + if ($o->{var}{wiz_level} == 2) { + return 'add_userposix'; + } + }, + data => [ + { + label => N("Your choice:") . "\n\n", val => \$o->{var}{wiz_level}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } }, + ], + next => 'set_srv', + }, + add_userposix => { + name => N("LDAP User Add") . "\n\n" . N("User Create in: ") . $o->{var}{defou} . "," . $o->{var}{suffix}, + data => [ + { + label => N("First Name:"), val => \$o->{var}{sn} }, + { + label => N("Name:"), val => \$o->{var}{cn} }, + { + label => N("User Name:"), val => \$o->{var}{uid} }, + ], + next => 'password' + }, + password => { + name => N("LDAP User Password") . "\n\n" . N("Password for Users: ") . $o->{var}{cn} . $o->{var}{defou} . "," . $o->{var}{suffix}, + data => [ + { + label => N("Password:"), val => \$o->{var}{uidpass}, hidden => 1 }, + { + label => N("Password (again):"), val => \$o->{var}{uidpass2}, hidden => 1 }, + ], + complete => sub { + if (!$o->{var}{uidpass}) { + $::in->ask_warn(N("Error"), N("You must enter a password for LDAP.")); + return 1; + } + if (!($o->{var}{uidpass} eq $o->{var}{uidpass2})) { + $::in->ask_warn(N("Error"), N("The passwords do not match")); + return 1; + } + }, + + next => 'summary_add_user' + }, + + set_srv => { + name => N("Configuring LDAP Server"), + data => [ + { + label => N("LDAP Suffix:")."\n".("ex: dc=example,dc=com")."\n", val => \$o->{var}{suffix} }, + { + label => N("LDAP Administrator:")."\n".("ex: cn=root,dc=example,dc=com")."\n\n", val => \$o->{var}{rootdn} }, + { + label => N("LDAP Password:"), hidden => 1, val => \$o->{var}{rootpass} }, + { + label => N("LDAP Password (again):"), hidden => 1, val => \$o->{var}{rootpass2} }, + ], + complete => sub { + if (!$o->{var}{suffix}) { + $::in->ask_warn(N("Error"), N("You must enter a suffix for LDAP.")); + return 1; + } + if (!$o->{var}{rootpass}) { + $::in->ask_warn(N("Error"), N("You must enter a password for LDAP.")); + return 1; + } + if (!($o->{var}{rootpass} eq $o->{var}{rootpass2})) { + $::in->ask_warn(N("Error"), N("The passwords do not match")); + return 1; + } + }, + next => 'summary_set_srv', + + }, + summary_add_user => { + name => N("Confirmation of the user to create"), + data => [ + {label => N("Name:"), type => 'field', fixed_val => \$o->{var}{sn} }, + {label => N("First name:"), type => 'field', fixed_val => \$o->{var}{cn} }, + {label => N("User Name:"), type => 'field', fixed_val => \$o->{var}{uid} }, + {label => N("Create in:"), type => 'field', val => $o->{var}{defou}.$o->{var}{suffix} }, + ], + post => \&do_it_user_add, + next => 'endadd' + }, + summary_set_srv => { + name => N("Confirmation Information for create LDAP server"), + data => [ + {label => N("Organisation LDAP:"), type => 'field', val => $o->{var}{suffix} }, + {label => N("Administrator LDAP:"), type => 'field', val => $o->{var}{rootdn} }, + {label => N("Arbo LDAP:")."\n", type => 'field', val => " " }, + {label => N(""), type => 'field', val => $o->{var}{suffix} }, + {label => N(""), type => 'field', val => " ou=hosts" }, + {label => N(""), type => 'field', val => " ou=groups" }, + {label => N(""), type => 'field', val => " ou=users" }, + + ], + post => \&do_it_setldap, + next => 'end' + }, + end => { + name => N("Congratulations"), + data => [ { label => N("The wizard successfully configured the LDAP.") } ], + no_back => 1, + end => 1, + next => 0 + }, + endadd => { + name => N("Successfully added User"), + data => [ { label => N("The wizard successfully added an user in LDAP") } ], + no_back => 1, + end => 1, + next => 0, + }, + }; + +sub do_it_setldap { + if (!-f $LDAPCONF) { + die "no $LDAPCONF found"; + } + cp_af($LDAPCONF, $LDAPCONF . '.save'); + if (!-f "$LDAPCONF.example") { + cp_af($LDAPCONF, $LDAPCONF . '.example'); + } + cp_af($LDAPCONF . '.example', $LDAPCONF); + # set suffix + if (any { /^suffix/ } cat_($LDAPCONF)) { + substInFile { + s/suffix.*/suffix\t"$o->{var}{suffix}"/; + } $LDAPCONF; + } else { + append_to_file($LDAPCONF, qq(suffix\t"$o->{var}{suffix}")); + } + + # s/example/$dcall + substInFile { + s/example/$o->{var}{suffix}/g; + } $LDAPCONF; + + # set rootdn + if (any { /^rootdn/ } cat_($LDAPCONF)) { + substInFile { + s/rootdn.*/rootdn\t"$o->{var}{rootdn}"/; + } $LDAPCONF; + } else { + append_to_file($LDAPCONF, qq(rootdn\t"$o->{var}{rootdn},$o->{var}{suffix}")); + } + + # set rootpass + my $cryptpass = crypt($o->{var}{rootpass}, "crypt"); + if (any { /^rootpw/ } cat_($LDAPCONF)) { + substInFile { + #s/rootpw.*/rootpw $cryptpass/; + s/rootpw.*/rootpw $o->{var}{rootpass}/; + } $LDAPCONF; + } else { + #append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass"); + append_to_file($LDAPCONF, "rootpw $o->{var}{rootpass}"); + } + + + # create config file in /etc/sysconfig/ldapconf + + output($conf_file, <<EOF); +srv=$o->{var}{srv} +suffix=$o->{var}{suffix} +rootdn=$o->{var}{rootdn} +rootpass=$o->{var}{rootpass} +users=$o->{var}{defou} +EOF + + # reset premisions + system("chown -R root.ldap /etc/openldap"); + system("service ldap restart"); + init_ldap(); +} + + +sub init_ldap { + my $root_cn = (split('=', (split(/,/, $o->{var}{rootdn}))[0]))[1]; + my $ldap_dc = (split('=', (split(/,/, $o->{var}{suffix}))[0]))[1]; + + $o->{var}{rootdn} =~ /cn=(\w+),/ and my $cnadmin = $1; + + my $LDAP; + open($LDAP, "| ldapadd -x -D '$o->{var}{rootdn}' -w $o->{var}{rootpass}"); + + print $LDAP <<RootLdif; +dn: $o->{var}{suffix} +dc: $ldap_dc +objectClass: dcObject +objectClass: organization +o: Company + +dn: $o->{var}{rootdn} +objectClass: organizationalRole +cn: $cnadmin + +dn: ou=Hosts,$o->{var}{suffix} +ou: Hosts +description: OU Hosts +objectClass: top +objectClass: organizationalUnit + +dn: ou=Users,$o->{var}{suffix} +ou: Users +description: OU Users +objectClass: top +objectClass: organizationalUnit + +dn: ou=Groups,$o->{var}{suffix} +ou: Groups +description: OU Groups +objectClass: top +objectClass: organizationalUnit + + +RootLdif + + close($LDAP) +} + + + + +sub do_it_user_add { + return if $::testing; + my $ldap = ldap_connect($o); + my $mesg = add_user($o); +} + +sub new { + my ($class) = @_; + bless { + o => $o, + }, $class; +} + +1; |