#!/usr/bin/perl use MDK::Common; use lib "/usr/lib/libDrakX"; use keyboard; my $lib = (arch() =~ /x86_64/ ? "lib64" : "lib"); my $tmp = "/tmp/rescue_tmp"; my $rescue = "rescue.sqfs"; if ($>) { $ENV{PATH} = "/sbin:/usr/sbin:$ENV{PATH}"; } BEGIN { undef *_ } sub __ { print @_, "\n"; system(@_) } sub _ { __ @_; $? and die } sub installown($$) { my ($own, $dir) = @_; return if -e "$tmp$dir/" . basename($own); mkdir_p("$tmp$dir"); _ "cp -rL $own $tmp$dir"; } sub install_perl_script { my ($script, $dir) = @_; my @gi_modules; foreach (`../tools/get-needed-drakx-modules /usr/lib/libDrakX /usr/lib/libDrakX $script`) { chomp; my ($local, $dest) = split "\t"; installown($local, dirname($dest || $local)); push @gi_modules, "$tmp$dest" if $dest; } installown($script, $dir); system('../tools/simplify-drakx-modules', @gi_modules, "$tmp$dir/$script"); } _ "rm -rf $tmp" if -e $tmp; _ "mkdir $tmp"; _ 'find . -name "*~" | xargs rm -f'; mkdir_p($tmp . chomp_($_)) foreach cat_("dirs"); _ "cp -a tree/* $tmp"; _ "find $tmp -name .svn | xargs rm -rf"; _ "perl devices.pl $tmp/dev"; _ "mkfifo $tmp/dev/initctl"; substInFile { s/DISTRIB_DESCR/$ENV{DISTRIB_DESCR}/ } "$tmp/etc/issue"; _ "../tools/install-xml-file-list list.xml $tmp"; my %keytable_conflicts; my @less_important_keytables = qw(am_old am_phonetic no-dvorak); foreach (keyboard::loadkeys_files()) { my ($dir, $fname) = (dirname($_), basename($_)); my ($name) = $fname =~ /(.*)\.map\.gz/ or next; next if member($name, @less_important_keytables); if (my ($short2, $short) = $name =~ m|((.+?)[\W_][^\W_]*)|) { $keytable_conflicts{$short} && $short2 ne $name and $short = $short2; $keytable_conflicts{$short} and warn("conflict between $keytable_conflicts{$short} and $name for short name $short (choosing the first)\n"), next; $keytable_conflicts{$short} = $name; # create the short name based on the long one symlinkf($fname, "$tmp$dir/$short.map.gz"); } } foreach (cat_("aliases")) { chomp; my ($f, $dest) = split; symlink $dest, "$tmp$f"; } if (my ($LANGUAGE) = map { if_(/LANGUAGE_(.*)/, $1) } keys %ENV) { substInFile { $_ = "export LANGUAGE=$LANGUAGE\n" . "export LC_ALL=$LANGUAGE\n" if /^#LANGUAGE/; } "$tmp/etc/rc.sysinit"; } if ($ENV{PARTIMAGE_RPM}) { _ "rpm2cpio $ENV{PARTIMAGE_RPM} | (cd $tmp ; cpio -idu ./usr/sbin/partimage)"; my $server = 'partimaged'; $server = 'leia'; my $default_dir = '/data/box'; substInFile { $_ = " server=$server\n" . " default_dir=$default_dir\n" . <<'EOF' if /^\s*rescue-gui/; partimage_dir=`perl -lne 'print $1 if /BOX=(\S+)/' /proc/cmdline` [ -z "$partimage_dir" ] && partimage_dir=$default_dir if grep -q save_all /proc/cmdline; then partimage_whole_disk -s $server save_all $default_dir fi if grep -q rest_all /proc/cmdline; then if [ -d /tmp/image$partimage_dir ]; then partimage_whole_disk rest_all /tmp/image$partimage_dir else partimage_whole_disk -s $server rest_all $partimage_dir fi fi EOF } "$tmp/etc/rc.sysinit"; } exit 0 if $ARGV[0]; _ "mksquashfs $tmp $rescue -all-root -noappend >/dev/null"; _ "chmod 755 $rescue"; _ "rm -rf $tmp"; ic/mandrakesoft Mageia Installer and base platform for many utilitiesThierry Vignaud [tv]
summaryrefslogtreecommitdiffstats
path: root/perl-install/authentication.pm
diff options
context:
space:
mode:
authorVicent Guardiola <vguardiola@mandriva.com>2004-09-29 18:46:44 +0000
committerVicent Guardiola <vguardiola@mandriva.com>2004-09-29 18:46:44 +0000
commit4a39f0b18bb1e1e81bc4afe761fc6718b9c73f10 (patch)
treeaaa65b6e9555f96ddadea252ae823b47088fbe65 /perl-install/authentication.pm
parent5bf6b94df50930145d536b068d3108a5c3bb0885 (diff)
downloaddrakx-4a39f0b18bb1e1e81bc4afe761fc6718b9c73f10.tar
drakx-4a39f0b18bb1e1e81bc4afe761fc6718b9c73f10.tar.gz
drakx-4a39f0b18bb1e1e81bc4afe761fc6718b9c73f10.tar.bz2
drakx-4a39f0b18bb1e1e81bc4afe761fc6718b9c73f10.tar.xz
drakx-4a39f0b18bb1e1e81bc4afe761fc6718b9c73f10.zip
Add more new entry for LDAP
Diffstat (limited to 'perl-install/authentication.pm')
-rw-r--r--perl-install/authentication.pm64
1 files changed, 46 insertions, 18 deletions
diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index 9b8d3ab09..50f6e60de 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -52,12 +52,28 @@ sub ask_parameters {
}
if ($kind eq 'LDAP') {
- $authentication->{LDAP_server} ||= 'ldap.' . $netc->{DOMAINNAME};
- $netc->{LDAPDOMAIN} ||= domain_to_ldap_domain($netc->{DOMAINNAME});
+ $authentication->{LDAP_server} ||= $netc->{HOSTNAME};
+ $authentication->{LDAP_users_db} ||= domain_to_ldap_domain($netc->{DOMAINNAME});
+
+ my %scope = my @scope = (
+ scope_one => "one",
+ scope_base => "base",
+ scope_sub => "sub",
+ );
+
+ #$netc->{LDAPDOMAIN} = $s;
$in->ask_from('',
- N("Authentication LDAP"),
- [ { label => N("LDAP Base dn"), val => \$netc->{LDAPDOMAIN} },
- { label => N("LDAP Server"), val => \$authentication->{LDAP_server} },
+ N("\nAuthentication LDAP\n"),
+ [ { label => N("\nServer Information :")},
+ { label => N("\tLDAP Server\n"), val => \$authentication->{LDAP_server} },
+ { label => N("\tUse SSL connection"), val => \$authentication->{LDAP_ssl}, type => 'bool' },
+ { label => N("\nUser Base :")},
+ { label => N("\tBase :"), val => \$authentication->{LDAP_users_db} },
+ { label => N("\tScope :\n"), val => \$authentication->{LDAP_scope}, list => [map {$_->[0] } group_by2(@scope)], format => sub { $scope{$_[0]} } },
+ { label => N("\nBind Server :")},
+ { label => N("\tUse Anonymous Bind"), val => \$anonymous, type => 'bool' },
+ { label => N("\tDistinguished Name"), val => \$authentication->{LDAP_user}, disabled => sub { $anonymous } },
+ { label => N("\tPassword\n"), val => \$authentication->{LDAP_passwd}, disabled => sub { $anonymous } },
]) or return;
} elsif ($kind eq 'AD') {
@@ -84,9 +100,9 @@ sub ask_parameters {
[ { label => N("Domain"), val => \$authentication->{AD_domain} },
#{ label => N("Server"), val => \$authentication->{AD_server} },
{ label => N("Server"), type => 'combo', val => \$authentication->{AD_server}, list => \@srvs , not_edit => 0 },
- { label => N("LDAP users database"), val => \$authentication->{AD_users_db} },
+ { label => N("Users database"), val => \$authentication->{AD_users_db} },
{ label => N("Use Anonymous BIND "), val => \$anonymous, type => 'bool' },
- { label => N("LDAP user allowed to browse the Active Directory"), val => \$AD_user, disabled => sub { $anonymous } },
+ { label => N("User allowed to browse the Active Directory"), val => \$AD_user, disabled => sub { $anonymous } },
{ label => N("Password for user"), val => \$authentication->{AD_password}, disabled => sub { $anonymous } },
{ label => N("Encryption"), val => \$authentication->{sub_kind}, list => [ map { $_->[0] } group_by2(@sub_kinds) ], format => sub { $sub_kinds{$_[0]} } },
]) or return;
@@ -145,22 +161,34 @@ sub set {
if ($kind eq 'LDAP') {
$in->do_pkgs->install(qw(openldap-clients nss_ldap pam_ldap autofs));
- my $domain = $netc->{LDAPDOMAIN} || do {
- my $s = run_program::rooted_get_stdout($::prefix, 'ldapsearch', '-x', '-h', $authentication->{LDAP_server}, '-b', '', '-s', 'base', '+');
- first($s =~ /namingContexts: (.+)/);
- } or log::l("no ldap domain found on server $authentication->{LDAP_server}"), return;
-
+ my $domain = $netc->{LDAPDOMAIN} || do {
+ my $s = run_program::rooted_get_stdout($::prefix, 'ldapsearch', '-x', '-h', $authentication->{LDAP_server}, '-b', '', '-s', 'base', '+');
+ first($s =~ /namingContexts: (.+)/);
+ } or log::l("no ldap domain found on server $authentication->{LDAP_server}"), return;
+
+ if ($authentication->{LDAP_ssl} eq 'on') {
+ my $port = '636';
+ } else {
+ my $port = '389';
+ };
+
+ my $scope = {
+ scope_base => 'base',
+ scope_one => 'one',
+ scope_sub => 'sub',
+ }->{$authentication->{LDAP_scope}};
+
set_nsswitch_priority('ldap');
set_pam_authentication('ldap');
update_ldap_conf(
host => $authentication->{LDAP_server},
- base => $domain,
- port => 636,
- ssl => 'on',
- nss_base_shadow => "ou=People,$domain",
- nss_base_passwd => "ou=People,$domain",
- nss_base_group => "ou=Group,$domain",
+ base => $authentication->{LDAP_users_db},
+ port => $port,
+ scope => $scope,
+ nss_base_shadow => $authentication->{LDAP_users_db}."?".$scope,
+ nss_base_passwd => $authentication->{LDAP_users_db}."?".$scope,
+ nss_base_group => $authentication->{LDAP_users_db}."?".$scope,
);
} elsif ($kind eq 'AD') {
$in->do_pkgs->install(qw(nss_ldap pam_krb5 libsasl2-plug-gssapi));