[yast-commit] r48650 - in /trunk/ldap-server/src: LdapServer.pm complex.ycp
Author: rhafer
Date: Fri Jun 27 16:00:40 2008
New Revision: 48650
URL: http://svn.opensuse.org/viewcvs/yast?rev=48650&view=rev
Log:
- Add some default ACLs to frontend
- Set checkpoint for initial BDB database
Modified:
trunk/ldap-server/src/LdapServer.pm
trunk/ldap-server/src/complex.ycp
Modified: trunk/ldap-server/src/LdapServer.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=48650&r1=48649&r2=48650&view=diff
==============================================================================
--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Fri Jun 27 16:00:40 2008
@@ -21,7 +21,7 @@
use MIME::Base64;
use X500::DN;
use ycp;
-use YaST::YCP qw(Boolean);
+use YaST::YCP;
our %TYPEINFO;
@@ -84,6 +84,44 @@
my @databases = ();
my @schema = ();
+my @globalAcl = (
+ { 'what' =>
+ { 'filter' => undef,
+ 'attr' => undef,
+ 'dn' =>
+ {
+ 'style' => "base",
+ 'dn' => ""
+ }
+ },
+ 'who' =>
+ [
+ { 'whotype' => "all",
+ 'whovalue' => undef,
+ 'level' => "read",
+ 'priv' => undef
+ }
+ ]
+ },
+ { 'what' =>
+ { 'filter' => undef,
+ 'attr' => undef,
+ 'dn' =>
+ { 'style' => "base",
+ 'dn' => "cn=Subschema"
+ }
+ },
+ 'who' =>
+ [
+ { 'whotype' => "all",
+ 'whovalue' => undef,
+ 'level' => "read",
+ 'priv' => undef
+ }
+ ]
+ }
+);
+
##
# Read all ldap-server settings
# @return true on success
@@ -226,8 +264,10 @@
"/usr/sbin/slapadd -F /etc/openldap/slapd.d -b cn=config -l $tmpfile" );
if ( $rc->{'exit'} )
{
+ $self->SetError( _("Error while populating the configurations database with \"slapadd\"."),
+ $rc->{'stderr'} );
y2error("Error during slapadd:" .$rc->{'stderr'});
- $ret = 0;
+ return 0;
}
}
else
@@ -557,6 +597,8 @@
my $defaults = shift;
$defaults->{'serviceEnabled'} = YaST::YCP::Boolean($defaults->{'serviceEnabled'});
$defaults->{'slpRegister'} = YaST::YCP::Boolean($defaults->{'slpRegister'});
+ $defaults->{'checkpoint'} = [ YaST::YCP::Integer($defaults->{'checkpoint'}->[0]),
+ YaST::YCP::Integer($defaults->{'checkpoint'}->[1]) ];
y2milestone("SetInitialDefaults: ". Data::Dumper->Dump([$defaults]));
%dbDefaults = %$defaults;
return 1;
@@ -591,6 +633,8 @@
$dbDefaults{'pwenctype'} = "SSHA";
$dbDefaults{'entrycache'} = 10000;
$dbDefaults{'idlcache'} = 10000;
+ $dbDefaults{'checkpoint'} = [ YaST::YCP::Integer(1024),
+ YaST::YCP::Integer(5) ];
$dbDefaults{'defaultIndex'} = YaST::YCP::Boolean(1);
$dbDefaults{'serviceEnabled'} = YaST::YCP::Boolean(0);
@@ -608,16 +652,26 @@
'rootdn' => $dbDefaults{'rootdn'},
'rootpw' => $pwHash,
'directory' => '/var/lib/ldap',
- 'entrycache' => $dbDefaults{'entrycache'},
- 'idlcache' => $dbDefaults{'idlcache'} };
+ 'entrycache' => YaST::YCP::Integer($dbDefaults{'entrycache'}),
+ 'idlcache' => YaST::YCP::Integer($dbDefaults{'idlcache'}),
+ 'checkpoint' => $dbDefaults{'checkpoint'} };
my $cfgdatabase = { 'type' => 'config',
'rootdn' => 'cn=config' };
+ my $frontenddb = { 'type' => 'frontend',
+ 'access' => [
+ 'to dn.base="" by * read',
+ 'to dn.base="cn=Subschema" by * read',
+ 'to attrs=userPassword,userPKCS12 by self write by * auth',
+ # 'to attrs=shadowLastChange by self write by * read',
+ 'to * by * read'
+ ]
+ };
@schema = ( "core", "cosine", "inetorgperson" );
SCR->Execute('.ldapserver.initGlobals' );
SCR->Execute('.ldapserver.initSchema', \@schema );
- SCR->Execute('.ldapserver.initDatabases', [ $cfgdatabase, $database ] );
+ SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase, $database ] );
my $rc = SCR->Read('.ldapserver.databases');
if ( $dbDefaults{'defaultIndex'} == 1 )
{
Modified: trunk/ldap-server/src/complex.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/complex.ycp?rev=48650&r1=48649&r2=48650&view=diff
==============================================================================
--- trunk/ldap-server/src/complex.ycp (original)
+++ trunk/ldap-server/src/complex.ycp Fri Jun 27 16:00:40 2008
@@ -404,6 +404,16 @@
// LdapServer::AbortFunction = PollAbort;
boolean ret = LdapServer::Write();
if (! ret ) {
+ map
participants (1)
-
rhafer@svn.opensuse.org