/************************************************************************** LDAPCONF - Linuxconf module for LDAP operations. Copyright (C) 1999,2000,2001 Stein Vråle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. **************************************************************************/ #pragma implementation #include "ldapconf_defs.h" #include #include #include #include const char subsys_ldap[]="ldapconf"; const char PAM_SERVICES[]="/etc/pam.d"; const char PAM_MODULES[]="/lib/security"; const char OPENLDAP_DATA_DIR[]="/var/lib/ldap"; const char OPENLDAP_CONF_DIR[]="/etc/openldap"; const char LDAPCONF_CONF_DIR[]="/etc/ldapconf"; const char DBCONF_DIR[]="/etc/ldapconf/db"; const char DBBIND_DIR[]="/etc/ldapconf/bind"; const char DBFORM_DIR[]="/etc/ldapconf/form"; const char PROFILE_DIR[]="/etc/ldapconf/profile"; const char DBCONF_SUFFIX[]=".db.conf"; // File extension on directory config-files LINUXCONF_SUBSYS sub_ldap (subsys_ldap,P_MSG_U(M_LDAP_SUBSYS,"LDAP subsystem")); PRIVILEGE p_ldap_admin (subsys_ldap,P_MSG_U(M_LDAP_ADMIN,"LDAP Admin"),P_MSG_U(T_PMISC,"9-Miscellaneous")); PRIVILEGE p_ldap_user (subsys_ldap,P_MSG_U(M_LDAP_USER,"LDAP user"),P_MSG_R(T_PMISC)); CONFIG_FILE f_ldap_conf ("ldap.conf",help_ldapclient ,CONFIGF_OPTIONAL|CONFIGF_MANAGED ,subsys_ldap); CONFIG_FILE f_ldap_sec ("ldap.sec",help_ldapsystem ,CONFIGF_OPTIONAL|CONFIGF_MANAGED ,subsys_ldap); CONFIG_FILE f_nss_conf ("nsswitch.conf",help_ldap ,CONFIGF_OPTIONAL|CONFIGF_MANAGED ,subsys_ldap); CONFIG_FILE f_ldapconf ("/etc/ldapconf/conf.ldapconf",help_setup ,CONFIGF_OPTIONAL|CONFIGF_MANAGED ,subsys_ldap); // Module setup modes char mode_ldap_system; char mode_ldap_client; char mode_ldap_server; char mode_ldap_devel; int mode_ldap_debug; char mode_ldap_directory; char mode_ldap_profile; char mode_ldap_userinfo; char mode_ldap_pwsync; char mode_ldap_formclient; char mode_ldap_useraccount; char mode_ldap_wwwclient; SSTRING mode_ldap_protocol; SSTRING mode_openldap_version; SSTRING mode_openldap_params; SSTRING mode_slapd_user; SSTRING mode_slapd_group; SSTRING mode_logfile; int mode_loglevel; char mode_posix_accounts; // Menu keys static const char *key_ldap_main = NULL; static const char *key_ldap_client_config = NULL; static const char *key_ldap_system_config = NULL; static const char *key_ldap_server_config = NULL; static const char *key_ldap_server_control = NULL; static const char *key_ldap_server_status = NULL; static const char *key_userinfo_config = NULL; static const char *key_ldap_useradmin = NULL; MODULE_DEFINE_VERSION(ldapconf); PUBLIC MODULE_ldapconf::MODULE_ldapconf() : LINUXCONF_MODULE("ldapconf") { linuxconf_loadmsg ("ldapconf",PACKAGE_REV); ldapconf_setup_read(); /* Configure the logfiles before use - we need one mainlog and one debuglog for now. use logf(level,0,msg,...) for ordinary logs use D(debugf(level,0,msg,...)) for debug level can go from 0 to 7: 1 is serious problems/short messages, 7 is info/long messages/many messages in loop for instance. level 0 will always be written. See loghandler.h and .cc for more info. */ loghandler_init(0,mode_logfile.get(),MAIN_LOG,mode_loglevel,SHOW_DATE | SHOW_TIME | SHOW_LEVEL); D(loghandler_init(1,"/var/log/ldapconf.debug",MAIN_LOG,mode_ldap_debug + 8, SHOW_CLASS | SHOW_LEVEL)); if (mode_posix_accounts) posix_init(); module_register_api (ACCTEXTRA_API_KEY,ACCTEXTRA_API_REV ,acctextra_api_get,acctextra_api_release); } PUBLIC void MODULE_ldapconf::setmenu ( DIALOG &dia, MENU_CONTEXT context) { if (context == MENU_MISCSERV){ key_ldap_main = MSG_U(M_LDAP_MAIN,"LDAPconf"); dia.new_menuitem ("ldapconf","",key_ldap_main); } if (context == MENU_NETWORK_CLIENT && mode_ldap_system){ key_ldap_system_config = MSG_U(M_LDAP_SYSTEM_CONFIG,"LDAP auth"); dia.new_menuitem ("ldapconf","",key_ldap_system_config); } if (context == MENU_NETWORK_CLIENT && mode_ldap_client){ key_ldap_client_config = MSG_U(M_LDAP_CLIENT_CONFIG,"LDAP client"); dia.new_menuitem ("ldapconf","",key_ldap_client_config); } if (context == MENU_NETWORK_SERVER && mode_ldap_server){ key_ldap_server_config = MSG_U(M_LDAP_SERVER_CONFIG,"LDAP server"); dia.new_menuitem ("ldapconf","",key_ldap_server_config); } if (context == MENU_CONTROL_PANEL && mode_ldap_server){ key_ldap_server_control = MSG_U(M_LDAP_SERVER_CONTROL,"LDAP control"); dia.new_menuitem ("ldapconf","",key_ldap_server_control); } if (context == MENU_SYS_STATUS && mode_ldap_server){ key_ldap_server_status = MSG_U(M_LDAP_STATUS,"LDAP status"); dia.new_menuitem ("ldapconf","",key_ldap_server_status); } if (context == MENU_USER_POLICIES && mode_ldap_userinfo){ key_userinfo_config = MSG_U(M_LDAP_USERINFO,"LDAP userconf"); dia.new_menuitem ("ldapconf","",key_userinfo_config); } if (context == MENU_USER_SPC && mode_ldap_formclient){ key_ldap_useradmin = MSG_U(M_LDAP_USERS,"LDAP accounts"); dia.new_menuitem ("ldapconf","",key_ldap_useradmin); } } PUBLIC int MODULE_ldapconf::domenu ( MENU_CONTEXT context, const char *key) { if (context == MENU_MISCSERV){ if (key == key_ldap_main){ ldap_mainmenu(); } } else if (context == MENU_NETWORK_CLIENT){ if (key == key_ldap_client_config){ ldap_client_config(); } else if (key == key_ldap_system_config){ ldap_system_config(); } } else if (context == MENU_NETWORK_SERVER){ if (key == key_ldap_server_config){ ldap_mainmenu_server(); } } else if (context == MENU_CONTROL_PANEL){ if (key == key_ldap_server_control){ ldap_server_control(); } } else if (context == MENU_SYS_STATUS){ if (key == key_ldap_server_status){ ldap_status(); } } else if (context == MENU_USER_POLICIES){ if (key == key_userinfo_config){ profile_edit("userinfo"); } } else if (context == MENU_USER_SPC){ if (key == key_ldap_useradmin){ profile_select(); } } return 0; } PUBLIC int MODULE_ldapconf::dohtml (const char *key) { int ret = LNCF_NOT_APPLICABLE; if (strcmp(key,"ldapconf")==0){ profile_select(); ret = 0; } return ret; } static void usage() { xconf_error (MSG_U(T_USAGE, "ldapconf usage\n" "\n" " --add --profile profname --dn dn\n" " [ --allocuid ]\n" " --attr attribut=value ...\n" " [ --mkntpwd ] [ --setrid ]\n" )); } PUBLIC void MODULE_ldapconf::usage (SSTRINGS &tb) { tb.add (new SSTRING (MSG_R(T_USAGE))); } PUBLIC int MODULE_ldapconf::execmain (int argc , char *argv[],bool sa) { int ret = LNCF_NOT_APPLICABLE; const char *pt = strrchr(argv[0],'/'); if (pt != NULL){ pt++; }else{ pt = argv[0]; } if (strcmp(pt,"ldapconf")==0){ ret = -1; if (argc == 1){ ldap_mainmenu(); }else if (argc > 2 && strcmp(argv[1],"--add")==0){ if (perm_rootaccess(MSG_U(P_MSGLDAP,"Manage LDAP"))){ error_setmode (true); ret = batch_addrecord (argc-2,argv+2); } }else if (argc > 2 && strcmp(argv[1],"--del")==0){ }else if (argc > 2 && strcmp(argv[1],"--mod")==0){ }else{ ::usage(); } } else if (strcmp(pt,"ldapuser")==0){ ret = -1; if (argc == 1){ profile_select(); }else{ ::usage(); } } return ret; } PUBLIC int MODULE_ldapconf::message ( const char *msg, // message int argc, // argc const char *argv[]) // argv[] { int ret = LNCF_NOT_APPLICABLE; if (strcmp(msg,"listspc")==0 && mode_ldap_wwwclient){ ret = 0; html_printf ("
\n"); html_printf ("
%s" ,MSG_U(T_HTMLMENU,"LDAP tools")); html_printf ("

\n"); } else if (strcmp(msg,"chgpasswd")==0 && mode_ldap_pwsync){ const char *username = NULL; const char *newpassword = NULL; const char *locked = NULL; const char *domain = NULL; if (argc >= 1) username = argv[0]; if (argc >= 2) newpassword = argv[1]; if (argc >= 3) locked = argv[2]; if (argc >= 4) domain = argv[3]; ret = ldap_pwsync(username,domain,newpassword); } else if (strcmp(msg,"accountbatch")==0){ posix_batchmode (atoi(argv[0])!=0); } return ret; } static MODULE_ldapconf ldapconf;