|
|
@ -55,6 +55,7 @@
|
|
|
|
#define KDE_CONFDIR "/etc/trinity"
|
|
|
|
#define KDE_CONFDIR "/etc/trinity"
|
|
|
|
#define KRB5_FILE "/etc/krb5.conf"
|
|
|
|
#define KRB5_FILE "/etc/krb5.conf"
|
|
|
|
#define LDAP_FILE "/etc/ldap.conf"
|
|
|
|
#define LDAP_FILE "/etc/ldap.conf"
|
|
|
|
|
|
|
|
#define NSSWITCH_FILE "/etc/nsswitch.conf"
|
|
|
|
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
|
|
|
|
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
|
|
|
|
|
|
|
|
|
|
|
|
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
|
|
|
|
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
|
|
|
@ -337,6 +338,8 @@ void LDAPConfig::save() {
|
|
|
|
writeKrb5ConfFile();
|
|
|
|
writeKrb5ConfFile();
|
|
|
|
// Write the LDAP configuration file
|
|
|
|
// Write the LDAP configuration file
|
|
|
|
writeLDAPConfFile();
|
|
|
|
writeLDAPConfFile();
|
|
|
|
|
|
|
|
// Write the NSSwitch configuration file
|
|
|
|
|
|
|
|
writeNSSwitchFile();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
load();
|
|
|
|
load();
|
|
|
@ -397,6 +400,7 @@ void LDAPConfig::reBondToRealm() {
|
|
|
|
passdlg.m_base->ldapAdminRealm->setEnabled(false);
|
|
|
|
passdlg.m_base->ldapAdminRealm->setEnabled(false);
|
|
|
|
passdlg.m_base->ldapAdminRealm->setText(realmName);
|
|
|
|
passdlg.m_base->ldapAdminRealm->setText(realmName);
|
|
|
|
if (passdlg.exec() == TQDialog::Accepted) {
|
|
|
|
if (passdlg.exec() == TQDialog::Accepted) {
|
|
|
|
|
|
|
|
setEnabled(false);
|
|
|
|
if (bondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) {
|
|
|
|
if (bondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) {
|
|
|
|
// Success!
|
|
|
|
// Success!
|
|
|
|
realmcfg.bonded = true;
|
|
|
|
realmcfg.bonded = true;
|
|
|
@ -407,6 +411,7 @@ void LDAPConfig::reBondToRealm() {
|
|
|
|
else {
|
|
|
|
else {
|
|
|
|
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>Details: %1</qt>").arg(errorString), i18n("Unable to Bond to Realm"));
|
|
|
|
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>Details: %1</qt>").arg(errorString), i18n("Unable to Bond to Realm"));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
setEnabled(true);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
updateRealmList();
|
|
|
|
updateRealmList();
|
|
|
@ -434,6 +439,7 @@ void LDAPConfig::deactivateRealm() {
|
|
|
|
passdlg.m_base->ldapAdminRealm->setText(realmName);
|
|
|
|
passdlg.m_base->ldapAdminRealm->setText(realmName);
|
|
|
|
passdlg.m_base->passprompt->setText(i18n("Please provide LDAP realm administrator credentials below to complete the unbonding process"));
|
|
|
|
passdlg.m_base->passprompt->setText(i18n("Please provide LDAP realm administrator credentials below to complete the unbonding process"));
|
|
|
|
if (passdlg.exec() == TQDialog::Accepted) {
|
|
|
|
if (passdlg.exec() == TQDialog::Accepted) {
|
|
|
|
|
|
|
|
setEnabled(false);
|
|
|
|
if (unbondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) {
|
|
|
|
if (unbondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) {
|
|
|
|
// Success!
|
|
|
|
// Success!
|
|
|
|
realmcfg.bonded = false;
|
|
|
|
realmcfg.bonded = false;
|
|
|
@ -444,6 +450,7 @@ void LDAPConfig::deactivateRealm() {
|
|
|
|
else {
|
|
|
|
else {
|
|
|
|
KMessageBox::error(this, i18n("<qt><b>Unable to unbond from realm!</b><p>%1</qt>").arg(errorString), i18n("Unable to Unbond from Realm"));
|
|
|
|
KMessageBox::error(this, i18n("<qt><b>Unable to unbond from realm!</b><p>%1</qt>").arg(errorString), i18n("Unable to Unbond from Realm"));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
setEnabled(true);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -452,7 +459,7 @@ void LDAPConfig::deactivateRealm() {
|
|
|
|
|
|
|
|
|
|
|
|
TQString readFullLineFromPtyProcess(PtyProcess* proc) {
|
|
|
|
TQString readFullLineFromPtyProcess(PtyProcess* proc) {
|
|
|
|
TQString result = "";
|
|
|
|
TQString result = "";
|
|
|
|
while ((!result.contains("\n")) && (!result.contains(":"))) {
|
|
|
|
while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) {
|
|
|
|
result = result + TQString(proc->readLine(false));
|
|
|
|
result = result + TQString(proc->readLine(false));
|
|
|
|
tqApp->processEvents();
|
|
|
|
tqApp->processEvents();
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -479,7 +486,7 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons
|
|
|
|
if (prompt.endsWith(" Password:")) {
|
|
|
|
if (prompt.endsWith(" Password:")) {
|
|
|
|
kadminProc.writeLine(adminPassword, true);
|
|
|
|
kadminProc.writeLine(adminPassword, true);
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
prompt = readFullLineFromPtyProcess(&kadminProc);
|
|
|
|
prompt = kadminProc.readLine(true);
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (prompt.contains("authentication failed")) {
|
|
|
|
if (prompt.contains("authentication failed")) {
|
|
|
@ -489,15 +496,15 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (prompt.endsWith("Principal does not exist")) {
|
|
|
|
else if (prompt.endsWith("Principal does not exist")) {
|
|
|
|
kadminProc.writeLine(TQCString("ank --random-key "+hoststring), true);
|
|
|
|
kadminProc.writeLine(TQCString("ank --random-key "+hoststring), true);
|
|
|
|
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
|
|
|
|
prompt = readFullLineFromPtyProcess(&kadminProc);
|
|
|
|
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
// Use all defaults
|
|
|
|
// Use all defaults
|
|
|
|
while (prompt != "kadmin>") {
|
|
|
|
while (prompt != "kadmin>") {
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
|
|
|
|
prompt = readFullLineFromPtyProcess(&kadminProc);
|
|
|
|
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
|
|
|
|
if (prompt.endsWith(" Password:")) {
|
|
|
|
if (prompt.endsWith(" Password:")) {
|
|
|
|
kadminProc.writeLine(adminPassword, true);
|
|
|
|
kadminProc.writeLine(adminPassword, true);
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
prompt = readFullLineFromPtyProcess(&kadminProc);
|
|
|
|
prompt = kadminProc.readLine(true);
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (prompt.contains("authentication failed")) {
|
|
|
|
if (prompt.contains("authentication failed")) {
|
|
|
@ -506,7 +513,18 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons
|
|
|
|
return 1;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
else {
|
|
|
|
kadminProc.writeLine("", true);
|
|
|
|
// Extract whatever default is in the [brackets] and feed it back to kadmin
|
|
|
|
|
|
|
|
TQString defaultParam;
|
|
|
|
|
|
|
|
int leftbracket = prompt.find("[");
|
|
|
|
|
|
|
|
int rightbracket = prompt.find("]");
|
|
|
|
|
|
|
|
if ((leftbracket >= 0) && (rightbracket >= 0)) {
|
|
|
|
|
|
|
|
leftbracket++;
|
|
|
|
|
|
|
|
defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
kadminProc.writeLine(TQCString(defaultParam), true);
|
|
|
|
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
|
|
|
|
prompt = kadminProc.readLine(true);
|
|
|
|
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
kadminProc.writeLine(TQCString("ext "+hoststring), true);
|
|
|
|
kadminProc.writeLine(TQCString("ext "+hoststring), true);
|
|
|
@ -559,7 +577,7 @@ int LDAPConfig::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, co
|
|
|
|
if (prompt.endsWith(" Password:")) {
|
|
|
|
if (prompt.endsWith(" Password:")) {
|
|
|
|
kadminProc.writeLine(adminPassword, true);
|
|
|
|
kadminProc.writeLine(adminPassword, true);
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
prompt = kadminProc.readLine(true); // Discard our own input
|
|
|
|
prompt = readFullLineFromPtyProcess(&kadminProc);
|
|
|
|
prompt = kadminProc.readLine(true);
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
prompt = prompt.stripWhiteSpace();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (prompt != "kadmin>") {
|
|
|
|
if (prompt != "kadmin>") {
|
|
|
@ -660,6 +678,34 @@ void LDAPConfig::writeLDAPConfFile() {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void LDAPConfig::writeNSSwitchFile() {
|
|
|
|
|
|
|
|
TQFile file(NSSWITCH_FILE);
|
|
|
|
|
|
|
|
if (file.open(IO_WriteOnly)) {
|
|
|
|
|
|
|
|
TQTextStream stream( &file );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
LDAPRealmConfig realmcfg = m_realms[m_defaultRealm];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
stream << "# This file was automatically generated by TDE\n";
|
|
|
|
|
|
|
|
stream << "# All changes will be lost!\n";
|
|
|
|
|
|
|
|
stream << "\n";
|
|
|
|
|
|
|
|
stream << "passwd: files ldap [NOTFOUND=return] db" << "\n";
|
|
|
|
|
|
|
|
stream << "group: files ldap [NOTFOUND=return] db" << "\n";
|
|
|
|
|
|
|
|
stream << "shadow: files ldap [NOTFOUND=return] db" << "\n";
|
|
|
|
|
|
|
|
stream << "\n";
|
|
|
|
|
|
|
|
stream << "hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4" << "\n";
|
|
|
|
|
|
|
|
stream << "networks: files" << "\n";
|
|
|
|
|
|
|
|
stream << "\n";
|
|
|
|
|
|
|
|
stream << "protocols: db files" << "\n";
|
|
|
|
|
|
|
|
stream << "services: db files" << "\n";
|
|
|
|
|
|
|
|
stream << "ethers: db files" << "\n";
|
|
|
|
|
|
|
|
stream << "rpc: db files" << "\n";
|
|
|
|
|
|
|
|
stream << "\n";
|
|
|
|
|
|
|
|
stream << "netgroup: nis" << "\n";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
file.close();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int LDAPConfig::buttons() {
|
|
|
|
int LDAPConfig::buttons() {
|
|
|
|
return KCModule::Apply|KCModule::Help;
|
|
|
|
return KCModule::Apply|KCModule::Help;
|
|
|
|
}
|
|
|
|
}
|
|
|
|