|
|
@ -54,7 +54,6 @@
|
|
|
|
#define PAMD_DIRECTORY "/etc/pam.d/"
|
|
|
|
#define PAMD_DIRECTORY "/etc/pam.d/"
|
|
|
|
#define PAMD_COMMON_ACCOUNT "common-account"
|
|
|
|
#define PAMD_COMMON_ACCOUNT "common-account"
|
|
|
|
#define PAMD_COMMON_AUTH "common-auth"
|
|
|
|
#define PAMD_COMMON_AUTH "common-auth"
|
|
|
|
#define CRON_UPDATE_NSS_FILE "/etc/cron.daily/upd-local-nss-db"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
|
|
|
|
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
|
|
|
|
|
|
|
|
|
|
|
@ -243,6 +242,8 @@ void LDAPConfig::defaults() {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void LDAPConfig::save() {
|
|
|
|
void LDAPConfig::save() {
|
|
|
|
|
|
|
|
TQString errorstring;
|
|
|
|
|
|
|
|
|
|
|
|
// Write system configuration
|
|
|
|
// Write system configuration
|
|
|
|
systemconfig->setGroup(NULL);
|
|
|
|
systemconfig->setGroup(NULL);
|
|
|
|
systemconfig->writeEntry("EnableLDAP", base->systemEnableSupport->isChecked());
|
|
|
|
systemconfig->writeEntry("EnableLDAP", base->systemEnableSupport->isChecked());
|
|
|
@ -285,9 +286,24 @@ void LDAPConfig::save() {
|
|
|
|
// Write the PAM configuration files
|
|
|
|
// Write the PAM configuration files
|
|
|
|
writePAMFiles();
|
|
|
|
writePAMFiles();
|
|
|
|
// Write the cron files
|
|
|
|
// Write the cron files
|
|
|
|
writeCronFiles();
|
|
|
|
LDAPManager::writeCronFiles();
|
|
|
|
// RAJA FIXME
|
|
|
|
|
|
|
|
// Update the SUDOERS file with the domain-wide computer local admin group!
|
|
|
|
// Bind anonymously to LDAP
|
|
|
|
|
|
|
|
LDAPCredentials* credentials = new LDAPCredentials;
|
|
|
|
|
|
|
|
credentials->username = "";
|
|
|
|
|
|
|
|
credentials->password = "";
|
|
|
|
|
|
|
|
credentials->realm = m_defaultRealm.upper();
|
|
|
|
|
|
|
|
LDAPManager* ldap_mgr = new LDAPManager(m_defaultRealm.upper(), "ldap://", credentials);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Add the domain-wide computer local admin group to local sudoers
|
|
|
|
|
|
|
|
ldap_mgr->writeSudoersConfFile(&errorstring);
|
|
|
|
|
|
|
|
// Get and install the CA root certificate from LDAP
|
|
|
|
|
|
|
|
mkdir(TDE_CERTIFICATE_DIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
|
|
|
|
|
|
|
|
mkdir(KERBEROS_PKI_PUBLICDIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
|
|
|
|
|
|
|
|
ldap_mgr->getTDECertificate("publicRootCertificate", KERBEROS_PKI_PUBLICDIR + m_realms[m_defaultRealm].admin_server + ".ldap.crt", &errorstring);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
delete ldap_mgr;
|
|
|
|
|
|
|
|
delete credentials;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
load();
|
|
|
|
load();
|
|
|
@ -664,21 +680,6 @@ void LDAPConfig::writePAMFiles() {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void LDAPConfig::writeCronFiles() {
|
|
|
|
|
|
|
|
TQFile file(CRON_UPDATE_NSS_FILE);
|
|
|
|
|
|
|
|
if (file.open(IO_WriteOnly)) {
|
|
|
|
|
|
|
|
TQTextStream stream( &file );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
stream << "# This file was automatically generated by TDE\n";
|
|
|
|
|
|
|
|
stream << "# All changes will be lost!\n";
|
|
|
|
|
|
|
|
stream << "\n";
|
|
|
|
|
|
|
|
stream << "#!/bin/sh" << "\n";
|
|
|
|
|
|
|
|
stream << "/usr/sbin/nss_updatedb ldap" << "\n";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
file.close();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int LDAPConfig::buttons() {
|
|
|
|
int LDAPConfig::buttons() {
|
|
|
|
return KCModule::Apply|KCModule::Help;
|
|
|
|
return KCModule::Apply|KCModule::Help;
|
|
|
|
}
|
|
|
|
}
|
|
|
|