Author: jsuchome Date: Tue Nov 20 11:27:03 2007 New Revision: 42205 URL: http://svn.opensuse.org/viewcvs/yast?rev=42205&view=rev Log: - correctly update nss_base_* values when base DN was changed, do not write when the values are same as base DN (#342727) - restart zmd only if installed - replace Domain in function names with BaseDN - 2.16.3 Modified: trunk/ldap-client/VERSION trunk/ldap-client/package/yast2-ldap-client.changes trunk/ldap-client/src/Ldap.ycp trunk/ldap-client/src/ui.ycp Modified: trunk/ldap-client/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-client/VERSION?rev=42205&r1=42204&r2=42205&view=diff ============================================================================== --- trunk/ldap-client/VERSION (original) +++ trunk/ldap-client/VERSION Tue Nov 20 11:27:03 2007 @@ -1 +1 @@ -2.16.2 +2.16.3 Modified: trunk/ldap-client/package/yast2-ldap-client.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-client/package/yast2-ldap-client.changes?rev=42205&r1=42204&r2=42205&view=diff ============================================================================== --- trunk/ldap-client/package/yast2-ldap-client.changes (original) +++ trunk/ldap-client/package/yast2-ldap-client.changes Tue Nov 20 11:27:03 2007 @@ -1,4 +1,13 @@ ------------------------------------------------------------------- +Tue Nov 20 11:18:26 CET 2007 - jsuchome@suse.cz + +- correctly update nss_base_* values when base DN was changed, + do not write when the values are same as base DN (#342727) +- restart zmd only if installed +- replace Domain in function names with BaseDN +- 2.16.3 + +------------------------------------------------------------------- Mon Nov 12 14:43:40 CET 2007 - jsuchome@suse.cz - do not override user modifications when creating default objects Modified: trunk/ldap-client/src/Ldap.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-client/src/Ldap.ycp?rev=42205&r1=42204&r2=42205&view=diff ============================================================================== --- trunk/ldap-client/src/Ldap.ycp (original) +++ trunk/ldap-client/src/Ldap.ycp Tue Nov 20 11:27:03 2007 @@ -100,9 +100,9 @@ global boolean openldap_modified = false; // base DN - string domain = ""; - string old_domain = nil; - boolean domain_changed = false; + string base_dn = ""; + string old_base_dn = nil; + boolean base_dn_changed = false; /* Do we have an v2 or v3 ldap server? */ global boolean ldap_v2 = false; @@ -300,33 +300,48 @@ //---------------------------------------------------------------- /** - * If the domain has changed from a nonempty one, it may only be + * If the base DN has changed from a nonempty one, it may only be * changed at boot time. Use this to warn the user. - * @return whether changed by SetDomain + * @return whether changed by SetBaseDN */ + global define boolean BaseDNChanged () { + return base_dn_changed; + } + + // obsolete, use BaseDNChanged global define boolean DomainChanged () ``{ - return domain_changed; + return BaseDNChanged (); } /** - * @return Get the LDAP domain. + * Get the Base DN */ + global define string GetBaseDN () { + return base_dn; + } + + // obsolete, use GetBaseDN global define string GetDomain () ``{ - return domain; + return GetBaseDN (); } /** - * Set the LDAP domain. - * @param new_domain a new domain + * Set new LDAP base DN + * @param new_base_dn a new base DN */ - global define void SetDomain (string new_domain) ``{ - domain = new_domain; - if (domain != old_domain && old_domain != "") + global define void SetBaseDN (string new_base_dn) { + base_dn = new_base_dn; + if (base_dn != old_base_dn && old_base_dn != "") { - domain_changed = true; + base_dn_changed = true; } } + // obsolete, use SetBaseDN + global define void SetDomain (string new_domain) { + return SetBaseDN (new_domain); + } + /** * Set the defualt values, which should replace the ones from Read () * Used during instalation, when we want to do a reasonable proposal @@ -356,7 +371,8 @@ global define void Set (map settings) ``{ start = settings ["start_ldap"]:false; server = settings ["ldap_server"]:""; - domain = settings ["ldap_domain"]:""; + // leaving "ldap_domain" for backward compatibility + base_dn = settings ["ldap_domain"]:""; ldap_v2 = settings ["ldap_v2"]:false; ldap_tls = settings ["ldap_tls"]:false; pam_password = settings ["pam_password"]:"crypt"; @@ -373,7 +389,7 @@ if (_start_autofs) required_packages = (list<string>) union (required_packages, ["autofs"]); - old_domain = domain; + old_base_dn = base_dn; old_server = server; old_member_attribute = member_attribute; modified = true; @@ -401,7 +417,7 @@ map e = $[ "start_ldap" : start, "ldap_server" : server, - "ldap_domain" : domain, + "ldap_domain" : base_dn, "ldap_v2" : ldap_v2, "ldap_tls" : ldap_tls, "bind_dn" : bind_dn, @@ -434,7 +450,7 @@ summary = Summary::AddLine(summary, (start) ? _("Yes") : Summary::NotConfigured()); // summary item summary = Summary::AddHeader(summary, _("LDAP Domain")); - summary = Summary::AddLine(summary, (domain != "") ? domain : Summary::NotConfigured()); + summary = Summary::AddLine(summary, (base_dn != "") ? base_dn : Summary::NotConfigured()); // summary item summary = Summary::AddHeader(summary, _("LDAP Server")); summary = Summary::AddLine(summary,( server!="") ? server : Summary::NotConfigured()); @@ -460,7 +476,7 @@ // summary text summary = sformat (_("<b>Servers</b>:%1<br>"), server!=""? server: nc) + // summary text - sformat (_("<b>Base DN</b>:%1<br>"), domain != "" ? domain : nc) + + sformat (_("<b>Base DN</b>:%1<br>"), base_dn != "" ? base_dn : nc) + // summary text (yes/no follows) sformat (_("<b>Client Enabled</b>:%1<br>"), start ? // summary (client enabled?) @@ -603,17 +619,17 @@ nis_available = nis_available && (Service::Status ("ypbind") == 0); server = ReadLdapConfEntry ("host", ""); - domain = ReadLdapConfEntry ("base", ""); + base_dn = ReadLdapConfEntry ("base", ""); - old_domain = domain; + old_base_dn = base_dn; old_server = server; ldap_v2 = (ReadLdapConfEntry ("ldap_version", "3") == "2"); ldap_tls = (ReadLdapConfEntry ("ssl", "no") == "start_tls"); - nss_base_passwd = ReadLdapConfEntry ("nss_base_passwd", ""); - nss_base_shadow = ReadLdapConfEntry ("nss_base_shadow",nss_base_passwd); - nss_base_group = ReadLdapConfEntry ("nss_base_group", ""); + nss_base_passwd = ReadLdapConfEntry ("nss_base_passwd", base_dn); + nss_base_shadow = ReadLdapConfEntry ("nss_base_shadow", base_dn); + nss_base_group = ReadLdapConfEntry ("nss_base_group", base_dn); pam_password = ReadLdapConfEntry ("pam_password", "crypt"); @@ -681,11 +697,11 @@ if (size (initial_defaults) > 0) { string old_s = old_server; - string old_d = old_domain; + string old_d = old_base_dn; string old_m = old_member_attribute; Set (initial_defaults); old_server = old_s; - old_domain = old_d; + old_base_dn = old_d; old_member_attribute = old_m; } } @@ -1488,7 +1504,7 @@ }); if (templs == []) templ_cn = "usertemplate"; - default_base = sformat ("ou=people,%1", domain); + default_base = sformat ("ou=people,%1", base_dn); // for eDirectory, we have to use cleartext passwords! if (nds && tolower (obj["susepasswordhash",0]:"") != "clear") @@ -1505,7 +1521,7 @@ }); if (templs == []) templ_cn = "grouptemplate"; - default_base = sformat ("ou=group,%1", domain); + default_base = sformat ("ou=group,%1", base_dn); } // create proposal for defaultTemplate DN if (templ_cn != "") @@ -1769,7 +1785,7 @@ if (!issubstring(out["stdout"]:"", "/etc/openldap/ldap.conf")) write_openldap_conf = true; // if there are same values as in /etc/ldap.conf - else if (old_server == open_host[0]:"" && old_domain == open_base[0]:"") + else if(old_server == open_host[0]:"" && old_base_dn == open_base[0]:"") { write_openldap_conf = true; } @@ -1780,7 +1796,7 @@ SCR::Write (.etc.ldap_conf.v."/etc/openldap/ldap.conf".host, [server]); SCR::Write(.etc.ldap_conf.v."/etc/openldap/ldap.conf".base, - [domain]); + [base_dn]); if (ldap_tls) { SCR::Write(.etc.ldap_conf.v."/etc/openldap/ldap.conf".TLS_REQCERT, ["allow"]); @@ -2217,7 +2233,7 @@ { // update ldap.conf WriteLdapConfEntry ("host", server); - WriteLdapConfEntry ("base", domain); + WriteLdapConfEntry ("base", base_dn); if (member_attribute != old_member_attribute) { @@ -2248,15 +2264,18 @@ } // save the user and group bases - user_base = domain; - group_base = domain; + user_base = base_dn; + group_base = base_dn; WriteLdapConfEntry ("nss_base_passwd", - (nss_base_passwd != "")? nss_base_passwd : user_base); + (nss_base_passwd != base_dn && nss_base_passwd != "") ? + nss_base_passwd : nil); WriteLdapConfEntry ("nss_base_shadow", - (nss_base_shadow != "")? nss_base_shadow : user_base); + (nss_base_shadow != base_dn && nss_base_shadow != "") ? + nss_base_shadow : nil); WriteLdapConfEntry ("nss_base_group", - (nss_base_group != "")? nss_base_group : user_base); + (nss_base_group != base_dn && nss_base_group != "") ? + nss_base_group : nil); } if (start) // ldap used for authentocation { @@ -2395,7 +2414,7 @@ Service::Restart ("dbus"); } - if (Service::Status ("novell-zmd") == 0) + if (Package::Installed ("zmd") && Service::Status("novell-zmd")== 0) { Service::RunInitScript ("novell-zmd", "try-restart"); } @@ -2459,7 +2478,7 @@ { ldap_initialized = false; old_server = server; - old_domain = domain; + old_base_dn = base_dn; } if (ldap_modified) { @@ -2472,7 +2491,7 @@ if (Stage::cont () && size (initial_defaults) > 0) { if (start && ldap_ok && - domain == initial_defaults["ldap_domain"]:"" && + base_dn == initial_defaults["ldap_domain"]:"" && (server == initial_defaults["ldap_server"]:"" || DNS::IsHostLocal (server))) { Modified: trunk/ldap-client/src/ui.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-client/src/ui.ycp?rev=42205&r1=42204&r2=42205&view=diff ============================================================================== --- trunk/ldap-client/src/ui.ycp (original) +++ trunk/ldap-client/src/ui.ycp Tue Nov 20 11:27:03 2007 @@ -227,7 +227,7 @@ Stage::cont () && !contains (WFM::Args (), "from_users"); boolean start = Ldap::start || installation; - string domain = Ldap::GetDomain (); + string base_dn = Ldap::GetBaseDN (); string server = Ldap::server; boolean ldap_tls = Ldap::ldap_tls; boolean ldap_v2 = Ldap::ldap_v2; @@ -291,7 +291,7 @@ ), `HBox ( // text entry label - `TextEntry (`id (`ldapd), _("LDAP Base &DN"), domain), + `TextEntry (`id (`ldapbasedn), _("LDAP Base &DN"), base_dn), `VBox ( `Label (""), // push button label @@ -368,7 +368,7 @@ "use_tls" : ldap_tls ? "yes" : "no" ]); if (dn != "") - UI::ChangeWidget (`id(`ldapd), `Value, dn); + UI::ChangeWidget (`id(`ldapbasedn), `Value, dn); // adapt the checkbox value if (Ldap::tls_switched_off) { @@ -377,11 +377,11 @@ } if (result == `next || result == `advanced) { - domain = (string) UI::QueryWidget(`id(`ldapd), `Value); + base_dn = (string) UI::QueryWidget(`id(`ldapbasedn), `Value); autofs = Ldap::_autofs_allowed && (boolean) UI::QueryWidget (`id (`autofs), `Value); - if (domain == "") + if (base_dn == "") { // error popup label Report::Error(_("Enter an LDAP base DN.")); @@ -456,7 +456,14 @@ if (result == `next || result == `advanced) { - if (Ldap::start != start || Ldap::GetDomain() != domain || + if (Ldap::GetBaseDN() != base_dn && + Ldap::nss_base_passwd == Ldap::GetBaseDN ()) + { + Ldap::nss_base_passwd = base_dn; + Ldap::nss_base_shadow = base_dn; + Ldap::nss_base_group = base_dn; + } + if (Ldap::start != start || Ldap::GetBaseDN() != base_dn || Ldap::server != server || Ldap::ldap_v2 != ldap_v2 || Ldap::ldap_tls != ldap_tls || Ldap::_start_autofs != autofs || Ldap::login_enabled != login_enabled || @@ -493,15 +500,15 @@ if (start && Stage::cont () && size (Ldap::initial_defaults) > 0 && Ldap::create_ldap && server != Ldap::initial_defaults["ldap_server"]:"" && - domain != Ldap::initial_defaults["ldap_domain"]:"" && + base_dn != Ldap::initial_defaults["ldap_domain"]:"" && Ldap::bind_dn == Ldap::initial_defaults["bind_dn"]:"" && - !issubstring (Ldap::bind_dn, domain)) + !issubstring (Ldap::bind_dn, base_dn)) { y2warning ("Server and base DN changed but bind_dn remains imported -> disabling LDAP objects creation..."); Ldap::create_ldap = false; } } - Ldap::SetDomain (domain); + Ldap::SetBaseDN (base_dn); Ldap::start = start; Ldap::server = server; Ldap::ldap_v2 = ldap_v2; @@ -588,7 +595,7 @@ ]; string bind_dn = Ldap::bind_dn; - string base_dn = Ldap::GetDomain (); + string base_dn = Ldap::GetBaseDN (); boolean file_server = Ldap::file_server; string member_attribute = Ldap::member_attribute; string base_config_dn = Ldap::GetMainConfigDN(); @@ -1099,7 +1106,7 @@ { // re-init/re-bind only when server information was changed (#39908) if (!Ldap::bound || Ldap::old_server != Ldap::server || - Ldap::DomainChanged ()) + Ldap::BaseDNChanged ()) { msg = Ldap::LDAPInitWithTLSCheck ($[]); if (msg != "") @@ -1271,7 +1278,7 @@ list offer = []; list conflicts = []; if (attr == "susesecondarygroup") - offer = Ldap::GetGroupsDN (Ldap::GetDomain()); + offer = Ldap::GetGroupsDN (Ldap::GetBaseDN()); if (attr == "susenamingattribute") { list classes = Ldap::GetDefaultObjectClasses (template); -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org