Author: rhafer
Date: Wed Feb 10 12:20:15 2010
New Revision: 60780
URL: http://svn.opensuse.org/viewcvs/yast?rev=60780&view=rev
Log:
Merged inst-proposal changes for replication from sle-11-sp1 branch
(revisions 59745-59964)
Modified:
trunk/ldap-server/ (props changed)
trunk/ldap-server/src/LdapServer.pm
trunk/ldap-server/src/agent/SlapdConfigAgent.cc
trunk/ldap-server/src/dialogs.ycp
trunk/ldap-server/src/ldap-server_proposal.ycp
trunk/ldap-server/src/lib/slapd-config.cpp
trunk/ldap-server/src/lib/slapd-config.h
trunk/ldap-server/src/wizards.ycp
Modified: trunk/ldap-server/src/LdapServer.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=60780&r1=60779&r2=60780&view=diff
==============================================================================
--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Wed Feb 10 12:20:15 2010
@@ -35,6 +35,7 @@
my %error = ( msg => undef, details => undef );
my $ssl_check_command = "/usr/lib/YaST2/bin/ldap-server-ssl-check";
my $usingDefaults = 1;
+my $fqdn = "";
my $readConfig = 0;
my $restartRequired = 0;
my $configured = 0;
@@ -324,6 +325,28 @@
}
##
+ # @return the full qualified hostname of the machine or "" if not set
+ #
+BEGIN { $TYPEINFO{ReadHostnameFQ} = ["function", "string"]; }
+sub ReadHostnameFQ()
+{
+ if ( $fqdn eq "" )
+ {
+ my $rc = SCR->Execute( '.target.bash_output', "/bin/hostname -f" );
+ if ( $rc->{'stdout'} eq "" )
+ {
+ y2milestone("could determine fqdn, hostname -f returned: ". $rc->{'stderr'} );
+ }
+ else
+ {
+ $fqdn = $rc->{'stdout'};
+ chomp($fqdn);
+ }
+ }
+ return $fqdn;
+}
+
+##
# @return Set base DN that shoudl we written to /etc/openldap/ldap.conf
#
BEGIN { $TYPEINFO{WriteLdapConfBase} = ["function", "boolean", "string"]; }
@@ -1429,9 +1452,16 @@
}
}
my $oldtls = $self->ReadTlsConfig();
- if ( $oldtls->{'certKeyFile'} ne $tls->{'certKeyFile'} ||
- $oldtls->{'certFile'} ne $tls->{'certFile'} ||
- $oldtls->{'caCertFile'} ne $tls->{'caCertFile'})
+ if ( ref($oldtls) eq "HASH" )
+ {
+ if( $oldtls->{'certKeyFile'} ne $tls->{'certKeyFile'} ||
+ $oldtls->{'certFile'} ne $tls->{'certFile'} ||
+ $oldtls->{'caCertFile'} ne $tls->{'caCertFile'} )
+ {
+ $restartRequired = 1;
+ }
+ }
+ elsif ( $tls->{'tls_active'} )
{
$restartRequired = 1;
}
@@ -1591,6 +1621,7 @@
my $domain = $rc->{"stdout"};
if ( $domain eq "" )
{
+ y2milestone("\"hostname -d\" returned: \"". $rc->{'stderr'} . "\" falling back to default");
$domain = "site";
}
chomp($domain);
@@ -1665,121 +1696,146 @@
my $frontenddb = { 'type' => 'frontend' };
$self->InitGlobals();
- SCR->Execute('.ldapserver.initSchema' );
- my $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/core.ldif" );
- if ( ! $rc ) {
- my $err = SCR->Error(".ldapserver");
- y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
- $self->SetError( $err->{'summary'}, $err->{'description'} );
- return $rc;
- }
- $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/cosine.ldif" );
- if ( ! $rc ) {
- my $err = SCR->Error(".ldapserver");
- y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
- $self->SetError( $err->{'summary'}, $err->{'description'} );
- return $rc;
- }
- $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/inetorgperson.ldif" );
- if ( ! $rc ) {
- my $err = SCR->Error(".ldapserver");
- y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
- $self->SetError( $err->{'summary'}, $err->{'description'} );
- return $rc;
- }
- $rc = SCR->Write(".ldapserver.schema.addFromSchemafile", "/etc/openldap/schema/rfc2307bis.schema" );
- if ( ! $rc ) {
- my $err = SCR->Error(".ldapserver");
- y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
- $self->SetError( $err->{'summary'}, $err->{'description'} );
- return $rc;
- }
- $rc = SCR->Write(".ldapserver.schema.addFromSchemafile", "/etc/openldap/schema/yast.schema" );
- if ( ! $rc ) {
- my $err = SCR->Error(".ldapserver");
- y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
- $self->SetError( $err->{'summary'}, $err->{'description'} );
- return $rc;
- }
-
- SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase, $database ] );
- if ( $dbDefaults{'defaultIndex'} == 1 ||
- ( ref($dbDefaults{'defaultIndex'}) eq "YaST::YCP::Boolean" &&
- $dbDefaults{'defaultIndex'}->value == 1 )
- )
+
+ if ( $self->ReadSetupSlave() )
{
- foreach my $idx ( @$defaultIndexes )
+ SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase ] );
+ SCR->Write(".ldapserver.database.{0}.syncrepl", $syncreplbaseconfig );
+ my $ldif = SCR->Read('.ldapserver.configAsLdif' );
+ y2debug($ldif);
+ }
+ else #master or standalone
+ {
+ SCR->Execute('.ldapserver.initSchema' );
+ my $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/core.ldif" );
+ if ( ! $rc ) {
+ my $err = SCR->Error(".ldapserver");
+ y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return $rc;
+ }
+ $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/cosine.ldif" );
+ if ( ! $rc ) {
+ my $err = SCR->Error(".ldapserver");
+ y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return $rc;
+ }
+ $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/inetorgperson.ldif" );
+ if ( ! $rc ) {
+ my $err = SCR->Error(".ldapserver");
+ y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return $rc;
+ }
+ $rc = SCR->Write(".ldapserver.schema.addFromSchemafile", "/etc/openldap/schema/rfc2307bis.schema" );
+ if ( ! $rc ) {
+ my $err = SCR->Error(".ldapserver");
+ y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return $rc;
+ }
+ $rc = SCR->Write(".ldapserver.schema.addFromSchemafile", "/etc/openldap/schema/yast.schema" );
+ if ( ! $rc ) {
+ my $err = SCR->Error(".ldapserver");
+ y2error("Adding Schema failed: ".$err->{'summary'}." ".$err->{'description'});
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return $rc;
+ }
+
+ SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase, $database ] );
+ if ( $dbDefaults{'defaultIndex'} == 1 ||
+ ( ref($dbDefaults{'defaultIndex'}) eq "YaST::YCP::Boolean" &&
+ $dbDefaults{'defaultIndex'}->value == 1 )
+ )
{
- $self->ChangeDatabaseIndex(1, $idx );
+ foreach my $idx ( @$defaultIndexes )
+ {
+ $self->ChangeDatabaseIndex(1, $idx );
+ }
}
- }
- if ( defined $dbDefaults{'configpw'} && $dbDefaults{'configpw'} ne "" )
- {
- my $confPwHash = $self->HashPassword($dbDefaults{'pwenctype'}, $dbDefaults{'configpw'} );
- my $changes = { "secure_only" => 1, "rootpw" => $confPwHash };
- $self->UpdateDatabase(0 ,$changes);
- if ( $self->ReadSetupMaster() )
+ if ( defined $dbDefaults{'configpw'} && $dbDefaults{'configpw'} ne "" )
{
- my $syncprov = { 'enabled' => 1,
- 'checkpoint' => { 'ops' => YaST::YCP::Integer(100),
- 'min' => YaST::YCP::Integer(10) }
- };
+ my $confPwHash = $self->HashPassword($dbDefaults{'pwenctype'}, $dbDefaults{'configpw'} );
+ my $changes = { "secure_only" => 1, "rootpw" => $confPwHash };
+ $self->UpdateDatabase(0 ,$changes);
+ if ( $self->ReadSetupMaster() )
+ {
+ # create helpful indexes for syncrepl
+ $self->ChangeDatabaseIndex(1, { "name" => "entryUUID", "eq" => 1 } );
+ $self->ChangeDatabaseIndex(1, { "name" => "entryCSN", "eq" => 1 } );
+
+ my $syncprov = { 'enabled' => 1,
+ 'checkpoint' => { 'ops' => YaST::YCP::Integer(100),
+ 'min' => YaST::YCP::Integer(10) }
+ };
- SCR->Write( ".ldapserver.database.{0}.syncprov", $syncprov );
- SCR->Write( ".ldapserver.database.{1}.syncprov", $syncprov );
+ SCR->Write( ".ldapserver.database.{0}.syncprov", $syncprov );
+ SCR->Write( ".ldapserver.database.{1}.syncprov", $syncprov );
- my $syncpw = GenerateRandPassword();
- my $syncdn = "uid=syncrepl,ou=system,".$dbDefaults{'suffix'};
- my $rc = SCR->Execute( '.target.bash_output', "/bin/hostname -f" );
- my $fqdn = $rc->{"stdout"};
- chomp($fqdn);
- my $syncrepl = {
- "provider" => {
- "protocol" => "ldap",
- "target" => $fqdn,
- "port" => YaST::YCP::Integer(389)
- },
- "type" => "refreshAndPersist",
- "binddn" => $syncdn,
- "credentials" => $syncpw,
- "basedn" => "cn=config",
- "starttls" => YaST::YCP::Boolean(1),
- "updateref" => {}
- };
- SCR->Write(".ldapserver.database.{0}.syncrepl", $syncrepl );
- $syncrepl->{'basedn'} = $dbDefaults{'suffix'};
- SCR->Write(".ldapserver.database.{1}.syncrepl", $syncrepl );
- $syncreplaccount->{'syncdn'} = $syncdn;
- $syncreplaccount->{'syncpw'} = $syncpw;
- $syncreplaccount->{'syncpw_hash'} = $self->HashPassword($dbDefaults{'pwenctype'}, $syncpw );
- $syncreplaccount->{'basedn'} = $dbDefaults{'suffix'};
- my @syncacl = ({
- 'target' => {},
- 'access' => [
- { 'type' => "dn.base",
- 'value' => $syncdn,
- 'level' => "read",
- 'control' => "" },
- { 'type' => "*",
- 'value' => "",
- 'level' => "",
- 'control' => "break" }
- ]
- });
- $rc = SCR->Write(".ldapserver.database.{0}.acl", \@syncacl );
- push @syncacl, @$defaultDbAcls;
- $defaultDbAcls = \@syncacl;
+ my $syncpw = GenerateRandPassword();
+ my $syncdn = "uid=syncrepl,ou=system,".$dbDefaults{'suffix'};
+ my $hostname = $self->ReadHostnameFQ();
+ if ( $hostname eq "" )
+ {
+ $self->SetError( _("Could not determine own full qualified hostname"),
+ _("A master server for replication cannot work correctly without knowing the own full qualified hostname") );
+ return 0;
+ }
+ my $syncrepl = {
+ "provider" => {
+ "protocol" => "ldap",
+ "target" => $hostname,
+ "port" => YaST::YCP::Integer(389)
+ },
+ "type" => "refreshAndPersist",
+ "binddn" => $syncdn,
+ "credentials" => $syncpw,
+ "basedn" => "cn=config",
+ "starttls" => YaST::YCP::Boolean(1),
+ "updateref" => {}
+ };
+ SCR->Write(".ldapserver.database.{0}.syncrepl", $syncrepl );
+ $syncrepl->{'basedn'} = $dbDefaults{'suffix'};
+ SCR->Write(".ldapserver.database.{1}.syncrepl", $syncrepl );
+ $syncreplaccount->{'syncdn'} = $syncdn;
+ $syncreplaccount->{'syncpw'} = $syncpw;
+ $syncreplaccount->{'syncpw_hash'} = $self->HashPassword($dbDefaults{'pwenctype'}, $syncpw );
+ $syncreplaccount->{'basedn'} = $dbDefaults{'suffix'};
+ my @syncacl = ({
+ 'target' => {},
+ 'access' => [
+ { 'type' => "dn.base",
+ 'value' => $syncdn,
+ 'level' => "read",
+ 'control' => "" },
+ { 'type' => "*",
+ 'value' => "",
+ 'level' => "",
+ 'control' => "break" }
+ ]
+ });
+ $rc = SCR->Write(".ldapserver.database.{0}.acl", \@syncacl );
+ push @syncacl, @$defaultDbAcls;
+ $defaultDbAcls = \@syncacl;
+
+ my @newlimits = ( { 'selector' => "dn.exact=\"$syncdn\"",
+ 'limits' => [ { 'type' => "size.soft",
+ 'value' => "unlimited" } ] } );
+ SCR->Write(".ldapserver.database.{0}.limits", \@newlimits );
+ SCR->Write(".ldapserver.database.{1}.limits", \@newlimits );
+ }
}
+
+ # add default ACLs
+ $rc = SCR->Write(".ldapserver.database.{-1}.acl", $defaultGlobalAcls );
+ $rc = SCR->Write(".ldapserver.database.{1}.acl", $defaultDbAcls );
+ push @added_databases, $dbDefaults{'suffix'};
+ $self->WriteAuthInfo( $dbDefaults{'suffix'},
+ { bind_dn => $dbDefaults{'rootdn'},
+ bind_pw => $dbDefaults{'rootpw_clear'} } );
}
-
- # add default ACLs
- $rc = SCR->Write(".ldapserver.database.{-1}.acl", $defaultGlobalAcls );
- $rc = SCR->Write(".ldapserver.database.{1}.acl", $defaultDbAcls );
- push @added_databases, $dbDefaults{'suffix'};
- $self->WriteAuthInfo( $dbDefaults{'suffix'},
- { bind_dn => $dbDefaults{'rootdn'},
- bind_pw => $dbDefaults{'rootpw_clear'} } );
$usingDefaults = 0;
$readConfig = 1;
return 1;
@@ -2059,6 +2115,25 @@
$self->SetError( $err->{'summary'}, $err->{'description'} );
return YaST::YCP::Boolean(0);
}
+
+ ## Update indexes if the database supports it and if not deleting syncrepl
+ if ( keys %$syncprov )
+ {
+ my $db = $self->ReadDatabase( $dbindex );
+ if ( $db->{'type'} eq "bdb" || $db->{'type'} eq "hdb" )
+ {
+ my $indexes = SCR->Read(".ldapserver.database.{".$dbindex."}.indexes" );
+ y2milestone("indexes: ". Data::Dumper->Dump([$indexes]));
+ if ( ! $indexes->{'entrycsn'}->{'eq'} )
+ {
+ $self->ChangeDatabaseIndex($dbindex, { "name" => "entryCSN", "eq" => 1 } );
+ }
+ if ( ! $indexes->{'entryUUID'}->{'eq'} )
+ {
+ $self->ChangeDatabaseIndex($dbindex, { "name" => "entryUUID", "eq" => 1 } );
+ }
+ }
+ }
return YaST::YCP::Boolean(1);
}
@@ -2142,6 +2217,25 @@
$self->SetError( $err->{'summary'}, $err->{'description'} );
return YaST::YCP::Boolean(0);
}
+
+ ## Update indexes if the database supports it and if not deleting syncrepl
+ if ( keys %$syncrepl )
+ {
+ my $db = $self->ReadDatabase( $dbindex );
+ if ( $db->{'type'} eq "bdb" || $db->{'type'} eq "hdb" )
+ {
+ my $indexes = SCR->Read(".ldapserver.database.{".$dbindex."}.indexes" );
+ y2milestone("indexes: ". Data::Dumper->Dump([$indexes]));
+ if ( ! $indexes->{'entrycsn'}->{'eq'} )
+ {
+ $self->ChangeDatabaseIndex($dbindex, { "name" => "entryCSN", "eq" => 1 } );
+ }
+ if ( ! $indexes->{'entryUUID'}->{'eq'} )
+ {
+ $self->ChangeDatabaseIndex($dbindex, { "name" => "entryUUID", "eq" => 1 } );
+ }
+ }
+ }
return YaST::YCP::Boolean(1);
}
@@ -2815,26 +2909,63 @@
}
}
}
+ for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
+ {
+ my $type = $dbs->[$i+1]->{'type'};
+ my $suffix = $dbs->[$i+1]->{'suffix'};
+ if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
+ {
+ my $db = SCR->Read(".ldapserver.database.{".$i."}" );
+ my $needslimit = 1;
+ if ( lc($db->{'rootdn'}) eq lc($syncreplbaseconfig->{'binddn'}) )
+ {
+ y2milestone("Repl DN \"".$syncreplbaseconfig->{'binddn'}. "\" is rootdn of database $i. No limit needed");
+ }
+ else
+ {
+ my $limits = SCR->Read(".ldapserver.database.{".$i."}.limits" );
+ y2milestone("Database $i limits:". Data::Dumper->Dump([ $limits ]) );
+ foreach my $limit (@$limits)
+ {
+ if ( $limit->{'selector'} eq "dn.exact=\"".$syncreplbaseconfig->{'binddn'}."\"" )
+ {
+ my $limitvals = $limit->{'limits'};
+ foreach my $val (@$limitvals )
+ {
+ if ( $val->{'type'} eq "size.soft" && $val->{'value'} eq "unlimited" )
+ {
+ y2milestone("limit already present, no need to add");
+ $needslimit = 0;
+ last;
+ }
+ }
+ if (! $needslimit )
+ {
+ last;
+ }
+ }
+ }
+ if ($needslimit)
+ {
+ y2milestone("Setting sizelimit for syncrepuser to unlimited.");
+ my @newlimits = ( { 'selector' => "dn.exact=\"".$syncreplbaseconfig->{'binddn'}."\"",
+ 'limits' => [ { 'type' => "size.soft",
+ 'value' => "unlimited" } ] } );
+ push @newlimits, @$limits;
+ SCR->Write(".ldapserver.database.{".$i."}.limits", \@newlimits );
+ }
+ }
+ }
+ }
SCR->Execute(".ldapserver.commitChanges" );
SCR->Execute(".ldapserver.reset" );
+ $globals_initialized = 0;
$self->CreateSyncReplAccount();
- SCR->Execute(".ldapserver.initGlobals" );
- my $cfgdatabase = { 'type' => 'config',
- 'rootdn' => 'cn=config' };
- my $frontenddb = { 'type' => 'frontend' };
- SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase ] );
$syncreplbaseconfig->{'binddn'} = "cn=config";
$syncreplbaseconfig->{'credentials'} = $auth_info->{'cn=config'}->{'bind_pw'};
$syncreplbaseconfig->{'basedn'} = "cn=config";
- SCR->Write(".ldapserver.database.{0}.syncrepl", $syncreplbaseconfig );
- my $ldif = SCR->Read('.ldapserver.configAsLdif' );
- y2milestone($ldif);
- $overwriteConfig = 1;
-# $self->Write( {resetCsn => 1} );
-# SCR->Execute(".ldapserver.reset" );
-
return 1;
}
Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.cc
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.cc?rev=60780&r1=60779&r2=60780&view=diff
==============================================================================
--- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Wed Feb 10 12:20:15 2010
@@ -850,6 +850,37 @@
return YCPNull();
}
}
+ else if ( dbComponent == "limits" )
+ {
+ YCPList resList;
+ OlcLimitList limitList;
+ if ( (*i)->getLimits(limitList) )
+ {
+ OlcLimitList::const_iterator j;
+ for ( j = limitList.begin(); j != limitList.end(); j++ )
+ {
+ YCPMap limitMap;
+ YCPList limitVals;
+ pairlist limits = (*j)->getLimits();
+ pairlist::const_iterator k ;
+ for ( k = limits.begin(); k != limits.end(); k++ )
+ {
+ YCPMap valMap;
+ valMap.add(YCPString("type"), YCPString(k->first) );
+ valMap.add(YCPString("value"), YCPString(k->second) );
+ limitVals.add(valMap);
+ }
+ limitMap.add( YCPString("selector"), YCPString( (*j)->getSelector().c_str() ) );
+ limitMap.add( YCPString("limits"), limitVals);
+ resList.add(limitMap);
+ }
+ return resList;
+ }
+ else
+ {
+ return YCPNull();
+ }
+ }
else if ( dbComponent == "syncrepl" )
{
YCPMap resMap;
@@ -1089,6 +1120,10 @@
if ( path->length() == 0 ) {
return YCPNull();
} else {
+ if ( ! globals )
+ {
+ throw std::runtime_error("Configuration not initialized." );
+ }
if ( path->component_str(0) == "loglevel" )
{
y2milestone("Write loglevel");
@@ -1655,6 +1690,30 @@
(*i)->replaceAccessControl(aclList);
ret = true;
}
+ else if ( dbComponent == "limits" )
+ {
+ YCPList argList = arg->asList();
+ OlcLimitList limitList;
+ for ( int j = 0; j < argList->size(); j++ )
+ {
+ boost::shared_ptr<OlcLimits> limit( new OlcLimits() );
+ YCPMap limitMap = argList->value(j)->asMap();
+ limit->setSelector(limitMap->value(YCPString("selector"))->asString()->value_cstr() );
+
+ YCPList ycpLimitValues = limitMap->value(YCPString("limits"))->asList();
+ pairlist limitVals;
+ for ( int k=0; k < ycpLimitValues->size(); k++ )
+ {
+ YCPMap valMap = ycpLimitValues->value(k)->asMap();
+ limitVals.push_back( make_pair(valMap->value(YCPString("type"))->asString()->value_cstr(),
+ valMap->value(YCPString("value"))->asString()->value_cstr() ) );
+ }
+ limit->setLimits(limitVals);
+ limitList.push_back(limit);
+ }
+ (*i)->replaceLimits(limitList);
+ ret = true;
+ }
else if ( dbComponent == "syncrepl" )
{
YCPMap argMap = arg->asMap();
@@ -1685,7 +1744,10 @@
LDAPUrl prvuri;
prvuri.setScheme(protocol);
prvuri.setHost(target);
- prvuri.setPort(port);
+ if ( ( protocol == "ldap" && port != 389 ) || ( protocol == "ldaps" && port != 636 ) )
+ {
+ prvuri.setPort(port);
+ }
sr->setType( type );
sr->setProvider( prvuri );
@@ -1694,6 +1756,7 @@
sr->setCredentials( cred );
// default retry (every 120 seconds)
sr->setRetryString( "120 +" );
+ sr->setTlsReqCert("demand");
if ( starttls )
{
Modified: trunk/ldap-server/src/dialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/dialogs.ycp?rev=60780&r1=60779&r2=60780&view=diff
==============================================================================
--- trunk/ldap-server/src/dialogs.ycp (original)
+++ trunk/ldap-server/src/dialogs.ycp Wed Feb 10 12:20:15 2010
@@ -335,14 +335,26 @@
}
else if (UI::QueryWidget( `id( `rbg_servertype ), `CurrentButton) == `rb_master )
{
- LdapServer::WriteSetupMaster(true);
- LdapServer::WriteSetupSlave(false);
+ if ( size( LdapServer::ReadHostnameFQ() ) == 0 )
+ {
+ Popup::Notify(_("YaST was not able to determine the full qualified hostname of this\ncomputer. ") +
+ _("Setting up a replication master it not possible currently.") );
+ UI::ChangeWidget( `rb_master, `Enabled, false );
+ UI::ChangeWidget( `rbg_servertype, `CurrentButton, `rb_standalone );
+ continue;
+ }
+ else
+ {
+ LdapServer::WriteSetupMaster(true);
+ LdapServer::WriteSetupSlave(false);
+ }
}
else
{
LdapServer::WriteSetupMaster(false);
LdapServer::WriteSetupSlave(false);
}
+ SCR::Execute(.ldapserver.reset);
}
return ret;
}
@@ -1011,6 +1023,7 @@
any ret = nil;
LdapServer::SetupRemoteForReplication();
+ LdapServer::ReadFromDefaults();
ret = `next;
return ret;
}
Modified: trunk/ldap-server/src/ldap-server_proposal.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/ldap-server_proposal.ycp?rev=60780&r1=60779&r2=60780&view=diff
==============================================================================
--- trunk/ldap-server/src/ldap-server_proposal.ycp (original)
+++ trunk/ldap-server/src/ldap-server_proposal.ycp Wed Feb 10 12:20:15 2010
@@ -87,17 +87,42 @@
{
string rootPWString = "";
defaults = LdapServer::ReadInitialDefaults();
- if( defaults["rootpw_clear"]:"" == Users::GetRootPassword() )
+ if (! LdapServer::ReadSetupSlave() )
{
- rootPWString = _("[root password]");
- } else
- {
- rootPWString = _("[manually set]");
+ if( defaults["rootpw_clear"]:"" == Users::GetRootPassword() )
+ {
+ rootPWString = _("[root password]");
+ } else
+ {
+ rootPWString = _("[manually set]");
+ }
+ if( defaults["rootpw_clear"]:"" == "" )
+ {
+ warning = _("Unable to retrieve the system root password. Set an LDAP server password to continue.");
+ warning_level = `blocker;
+ }
+ if ( LdapServer::ReadSetupMaster() )
+ {
+ proposal = _("Setting up LDAP Master Server:");
+ }
+ else
+ {
+ proposal = _("Setting up standalone LDAP Server:");
+ }
+ proposal = proposal +
+ HTML::List( [ _("Base DN: ") + defaults["suffix"]:"",
+ _("Root DN: ") + defaults["rootdn"]:"",
+ _("LDAP Password: ") + rootPWString
+ ] );
}
- if( defaults["rootpw_clear"]:"" == "" )
+ else
{
- warning = _("Unable to retrieve the system root password. Set an LDAP server password to continue.");
- warning_level = `blocker;
+ map