[yast-commit] r48650 - in /trunk/ldap-server/src: LdapServer.pm complex.ycp - YaST Commits

27 Jun 2008

Author: rhafer
Date: Fri Jun 27 16:00:40 2008
New Revision: 48650

URL: http://svn.opensuse.org/viewcvs/yast?rev=48650&view=rev
Log:
- Add some default ACLs to frontend
- Set checkpoint for initial BDB database

Modified:
    trunk/ldap-server/src/LdapServer.pm
    trunk/ldap-server/src/complex.ycp

Modified: trunk/ldap-server/src/LdapServer.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev...
==============================================================================

--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Fri Jun 27 16:00:40 2008
@@ -21,7 +21,7 @@
 use MIME::Base64;
 use X500::DN;
 use ycp;
-use YaST::YCP qw(Boolean);
+use YaST::YCP;
 
 our %TYPEINFO;
 
@@ -84,6 +84,44 @@
 my @databases = ();
 my @schema = ();
 
+my @globalAcl = (
+    { 'what' => 
+        { 'filter' => undef,
+          'attr' => undef,
+          'dn' => 
+            { 
+              'style' => "base",
+              'dn'    => ""
+            }
+        },
+      'who' => 
+      [
+        { 'whotype' => "all",
+          'whovalue' => undef,
+          'level' => "read",
+          'priv' => undef
+        }
+      ]
+    },
+    { 'what' => 
+        { 'filter' => undef,
+          'attr' => undef,
+          'dn' => 
+            { 'style' => "base",
+              'dn'    => "cn=Subschema"
+            }
+        },
+      'who' => 
+      [
+        { 'whotype' => "all",
+          'whovalue' => undef,
+          'level' => "read",
+          'priv' => undef
+        }
+      ]
+    }
+);
+
 ##
  # Read all ldap-server settings
  # @return true on success
@@ -226,8 +264,10 @@
                         "/usr/sbin/slapadd -F /etc/openldap/slapd.d -b cn=config -l $tmpfile" );
                 if ( $rc->{'exit'} )
                 {
+                    $self->SetError( _("Error while populating the configurations database with \"slapadd\"."),
+                            $rc->{'stderr'} );
                     y2error("Error during slapadd:" .$rc->{'stderr'});
-                    $ret = 0;
+                    return 0;
                 }
             }
             else
@@ -557,6 +597,8 @@
     my $defaults = shift;
     $defaults->{'serviceEnabled'} =  YaST::YCP::Boolean($defaults->{'serviceEnabled'});
     $defaults->{'slpRegister'} =  YaST::YCP::Boolean($defaults->{'slpRegister'});
+    $defaults->{'checkpoint'} = [ YaST::YCP::Integer($defaults->{'checkpoint'}->[0]),
+                                  YaST::YCP::Integer($defaults->{'checkpoint'}->[1]) ];
     y2milestone("SetInitialDefaults: ". Data::Dumper->Dump([$defaults]));
     %dbDefaults = %$defaults;
     return 1;
@@ -591,6 +633,8 @@
     $dbDefaults{'pwenctype'} = "SSHA";
     $dbDefaults{'entrycache'} = 10000;
     $dbDefaults{'idlcache'} = 10000;
+    $dbDefaults{'checkpoint'} = [ YaST::YCP::Integer(1024),
+            YaST::YCP::Integer(5) ];
     
     $dbDefaults{'defaultIndex'} = YaST::YCP::Boolean(1);
     $dbDefaults{'serviceEnabled'} = YaST::YCP::Boolean(0);
@@ -608,16 +652,26 @@
                      'rootdn' => $dbDefaults{'rootdn'},
                      'rootpw' => $pwHash,
                      'directory' => '/var/lib/ldap',
-                     'entrycache' => $dbDefaults{'entrycache'},
-                     'idlcache' => $dbDefaults{'idlcache'} };
+                     'entrycache' => YaST::YCP::Integer($dbDefaults{'entrycache'}),
+                     'idlcache' => YaST::YCP::Integer($dbDefaults{'idlcache'}),
+                     'checkpoint' => $dbDefaults{'checkpoint'} };
     my $cfgdatabase = { 'type' => 'config',
                         'rootdn' => 'cn=config' };
+    my $frontenddb = { 'type' => 'frontend',
+                       'access' => [
+                            'to dn.base="" by * read',
+                            'to dn.base="cn=Subschema" by * read', 
+                            'to attrs=userPassword,userPKCS12 by self write by * auth', 
+                            # 'to attrs=shadowLastChange by self write by * read', 
+                            'to * by * read'
+                        ]
+                      };
 
     @schema = ( "core", "cosine", "inetorgperson" );
 
     SCR->Execute('.ldapserver.initGlobals' );
     SCR->Execute('.ldapserver.initSchema', \@schema );
-    SCR->Execute('.ldapserver.initDatabases', [ $cfgdatabase, $database ] );
+    SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase, $database ] );
     my $rc = SCR->Read('.ldapserver.databases');
     if ( $dbDefaults{'defaultIndex'} == 1 )
     {

Modified: trunk/ldap-server/src/complex.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/complex.ycp?rev=4...
==============================================================================
--- trunk/ldap-server/src/complex.ycp (original)
+++ trunk/ldap-server/src/complex.ycp Fri Jun 27 16:00:40 2008
@@ -404,6 +404,16 @@
     // LdapServer::AbortFunction = PollAbort;
     boolean ret = LdapServer::Write();
     if (! ret ) {
+        map<string,string> err = LdapServer::GetError();
+        if (err["details"]:"" != "" )
+        {
+            Popup::ErrorDetails( err["msg"]:"", err["details"]:"" );
+        }
+        else
+        {
+            Popup::Error( err["msg"]:"unknown" );
+        }
+
         return `abort;
     }
 //    ret = LdapServer::WritePPolicyObjects();

-- 
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org

    

[yast-commit] r48650 - in /trunk/ldap-server/src: LdapServer.pm complex.ycp

rhafer＠svn.opensuse.org

tags

participants (1)