From 44db1b5fafa7e3ff64411b48214961da8d553138 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Mon, 21 May 2012 00:41:50 -0500 Subject: [PATCH] Fix bonding and write nsswitch file --- src/ldap.cpp | 62 +++++++++++++++++++++++++++++++++++++++++++++------- src/ldap.h | 1 + 2 files changed, 55 insertions(+), 8 deletions(-) diff --git a/src/ldap.cpp b/src/ldap.cpp index c7fad59..5834407 100644 --- a/src/ldap.cpp +++ b/src/ldap.cpp @@ -55,6 +55,7 @@ #define KDE_CONFDIR "/etc/trinity" #define KRB5_FILE "/etc/krb5.conf" #define LDAP_FILE "/etc/ldap.conf" +#define NSSWITCH_FILE "/etc/nsswitch.conf" #define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data" typedef KGenericFactory ldapFactory; @@ -337,6 +338,8 @@ void LDAPConfig::save() { writeKrb5ConfFile(); // Write the LDAP configuration file writeLDAPConfFile(); + // Write the NSSwitch configuration file + writeNSSwitchFile(); } load(); @@ -397,6 +400,7 @@ void LDAPConfig::reBondToRealm() { passdlg.m_base->ldapAdminRealm->setEnabled(false); passdlg.m_base->ldapAdminRealm->setText(realmName); if (passdlg.exec() == TQDialog::Accepted) { + setEnabled(false); if (bondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) { // Success! realmcfg.bonded = true; @@ -407,6 +411,7 @@ void LDAPConfig::reBondToRealm() { else { KMessageBox::error(this, i18n("Unable to bond to realm!

Details: %1").arg(errorString), i18n("Unable to Bond to Realm")); } + setEnabled(true); } } updateRealmList(); @@ -434,6 +439,7 @@ void LDAPConfig::deactivateRealm() { passdlg.m_base->ldapAdminRealm->setText(realmName); passdlg.m_base->passprompt->setText(i18n("Please provide LDAP realm administrator credentials below to complete the unbonding process")); if (passdlg.exec() == TQDialog::Accepted) { + setEnabled(false); if (unbondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) { // Success! realmcfg.bonded = false; @@ -444,6 +450,7 @@ void LDAPConfig::deactivateRealm() { else { KMessageBox::error(this, i18n("Unable to unbond from realm!

%1").arg(errorString), i18n("Unable to Unbond from Realm")); } + setEnabled(true); } } } @@ -452,7 +459,7 @@ void LDAPConfig::deactivateRealm() { TQString readFullLineFromPtyProcess(PtyProcess* proc) { TQString result = ""; - while ((!result.contains("\n")) && (!result.contains(":"))) { + while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) { result = result + TQString(proc->readLine(false)); tqApp->processEvents(); } @@ -479,7 +486,7 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons if (prompt.endsWith(" Password:")) { kadminProc.writeLine(adminPassword, true); prompt = kadminProc.readLine(true); // Discard our own input - prompt = readFullLineFromPtyProcess(&kadminProc); + prompt = kadminProc.readLine(true); prompt = prompt.stripWhiteSpace(); } if (prompt.contains("authentication failed")) { @@ -489,15 +496,15 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons } else if (prompt.endsWith("Principal does not exist")) { kadminProc.writeLine(TQCString("ank --random-key "+hoststring), true); + prompt = kadminProc.readLine(true); // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + prompt = prompt.stripWhiteSpace(); // Use all defaults while (prompt != "kadmin>") { - prompt = kadminProc.readLine(true); // Discard our own input - prompt = readFullLineFromPtyProcess(&kadminProc); - prompt = prompt.stripWhiteSpace(); if (prompt.endsWith(" Password:")) { kadminProc.writeLine(adminPassword, true); prompt = kadminProc.readLine(true); // Discard our own input - prompt = readFullLineFromPtyProcess(&kadminProc); + prompt = kadminProc.readLine(true); prompt = prompt.stripWhiteSpace(); } if (prompt.contains("authentication failed")) { @@ -506,7 +513,18 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons return 1; } else { - kadminProc.writeLine("", true); + // Extract whatever default is in the [brackets] and feed it back to kadmin + TQString defaultParam; + int leftbracket = prompt.find("["); + int rightbracket = prompt.find("]"); + if ((leftbracket >= 0) && (rightbracket >= 0)) { + leftbracket++; + defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket); + } + kadminProc.writeLine(TQCString(defaultParam), true); + prompt = kadminProc.readLine(true); // Discard our own input + prompt = kadminProc.readLine(true); + prompt = prompt.stripWhiteSpace(); } } kadminProc.writeLine(TQCString("ext "+hoststring), true); @@ -559,7 +577,7 @@ int LDAPConfig::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, co if (prompt.endsWith(" Password:")) { kadminProc.writeLine(adminPassword, true); prompt = kadminProc.readLine(true); // Discard our own input - prompt = readFullLineFromPtyProcess(&kadminProc); + prompt = kadminProc.readLine(true); prompt = prompt.stripWhiteSpace(); } if (prompt != "kadmin>") { @@ -660,6 +678,34 @@ void LDAPConfig::writeLDAPConfFile() { } } +void LDAPConfig::writeNSSwitchFile() { + TQFile file(NSSWITCH_FILE); + if (file.open(IO_WriteOnly)) { + TQTextStream stream( &file ); + + LDAPRealmConfig realmcfg = m_realms[m_defaultRealm]; + + stream << "# This file was automatically generated by TDE\n"; + stream << "# All changes will be lost!\n"; + stream << "\n"; + stream << "passwd: files ldap [NOTFOUND=return] db" << "\n"; + stream << "group: files ldap [NOTFOUND=return] db" << "\n"; + stream << "shadow: files ldap [NOTFOUND=return] db" << "\n"; + stream << "\n"; + stream << "hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4" << "\n"; + stream << "networks: files" << "\n"; + stream << "\n"; + stream << "protocols: db files" << "\n"; + stream << "services: db files" << "\n"; + stream << "ethers: db files" << "\n"; + stream << "rpc: db files" << "\n"; + stream << "\n"; + stream << "netgroup: nis" << "\n"; + + file.close(); + } +} + int LDAPConfig::buttons() { return KCModule::Apply|KCModule::Help; } diff --git a/src/ldap.h b/src/ldap.h index e974034..d451774 100644 --- a/src/ldap.h +++ b/src/ldap.h @@ -93,6 +93,7 @@ class LDAPConfig: public KCModule void updateRealmList(); void writeKrb5ConfFile(); void writeLDAPConfFile(); + void writeNSSwitchFile(); private: KAboutData *myAboutData;