From 61c48fb5c0f1648fdd5d8acda632b95bbbe4b803 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Sat, 5 Dec 2009 17:42:18 +0000 Subject: [PATCH] allow setup-cli to install ldap based right away --- doc/rpm-build/post_install.php | 82 +++++++++++++++++++++++--- setup/inc/class.setup_cmd_ldap.inc.php | 31 +++++----- setup/setup-cli.php | 14 +++-- 3 files changed, 101 insertions(+), 26 deletions(-) diff --git a/doc/rpm-build/post_install.php b/doc/rpm-build/post_install.php index bddb99bf67..e0589aab60 100755 --- a/doc/rpm-build/post_install.php +++ b/doc/rpm-build/post_install.php @@ -42,6 +42,19 @@ $config = array( 'start_webserver' => '/etc/init.d/httpd', 'autostart_webserver' => '/sbin/chkconfig --level 345 httpd on', 'distro' => 'rh', + 'auth_type' => 'sql', + 'account_repository' => 'sql', + 'account_min_id' => '', + 'ldap_suffix' => 'dc=local', + 'ldap_host' => 'localhost', + 'ldap_admin' => 'cn=admin,$suffix', + 'ldap_admin_pw' => '', + 'ldap_base' => 'o=$domain,$suffix', + 'ldap_root_dn' => 'cn=admin,$base', + 'ldap_root_pw' => randomstring(), + 'ldap_context' => 'ou=accounts,$base', + 'ldap_search_filter' => '(uid=%user)', + 'ldap_group_context' => 'ou=groups,$base', ); // read language from LANG enviroment variable @@ -76,6 +89,12 @@ function set_distro_defaults($distro=null) $config['autostart_db'] = '/sbin/chkconfig --level 345 mysql on'; $config['start_webserver'] = '/etc/init.d/apache2'; $config['autostart_webserver'] = '/sbin/chkconfig --level 345 apache2 on'; + $config['ldap_suffix'] = 'dc=site'; + $config['ldap_admin'] = $config['ldap_root_dn'] = 'cn=Administrator,$suffix'; + $config['ldap_root_pw'] = '$admin_pw'; + $config['ldap_base'] = '$suffix'; + $config['ldap_context'] = 'ou=people,$base'; + $config['ldap_group_context'] = 'ou=group,$base'; break; case 'debian': $config['start_db'] = '/etc/init.d/mysql'; @@ -96,6 +115,7 @@ set_distro_defaults(); $argv = $_SERVER['argv']; $prog = array_shift($argv); +$auth_type_given = false; while(($arg = array_shift($argv))) { if ($arg == '-v' || $arg == '--verbose') @@ -117,6 +137,20 @@ while(($arg = array_shift($argv))) elseif(substr($arg,0,2) == '--' && isset($config[$name=substr($arg,2)])) { $config[$name] = array_shift($argv); + + switch($name) + { + case 'auth_type': + $auth_type_given = true; + break; + + case 'account_repository': // auth-type defaults to account-repository + if (!$auth_type_given) + { + $config['auth_type'] = $config[$name]; + } + break; + } } else { @@ -143,12 +177,7 @@ $setup_cli = $config['php'].' '.$config['setup-cli']; if (!file_exists($config['header']) || filesize($config['header']) < 200) // default header redirecting to setup is 147 bytes { // --> new install - - // create header - $setup_header = $setup_cli.' --create-header '.escapeshellarg($config['config_passwd'].','.$config['config_user']). - ' --domain '.escapeshellarg($config['domain'].','.$config['db_name'].','.$config['db_user'].','.$config['db_pass']. - ','.$config['db_type'].','.$config['db_host'].','.$config['db_port']); - run_cmd($setup_header); + $extra_config = ''; // check for localhost if database server is started and start it (permanent) if not if ($config['db_host'] == 'localhost' && file_exists($config['start_db'])) @@ -167,8 +196,47 @@ if (!file_exists($config['header']) || filesize($config['header']) < 200) // def } run_cmd($setup_db); + // check if ldap is required and initialise it + $extra_config .= ' '.escapeshellarg('auth_type='.$config['auth_type']); + $extra_config .= ' '.escapeshellarg('account_repository='.$config['account_repository']); + if ($config['auth_type'] == 'ldap' || $config['account_repository'] == 'ldap') + { + $extra_config .= ' '.escapeshellarg('account_min_id='.(!empty($config['account_min_id']) ? $config['account_min_id'] : 1100)); + + $setup_ldap = $setup_cli.' --setup-cmd-ldap sub_command='. + ($config['account_repository'] == 'ldap' ? 'create_ldap' : 'test_ldap'); + foreach(array( + 'domain','ldap_suffix','ldap_host','ldap_admin','ldap_admin_pw', // non-egw params: only used for create + 'ldap_base','ldap_root_dn','ldap_root_pw','ldap_context','ldap_search_filter','ldap_group_context', // egw params + ) as $name) + { + if (strpos($value=$config[$name],'$') !== false) + { + $config[$name] = $value = strtr($value,array( + '$suffix' => $config['ldap_suffix'], + '$base' => $config['ldap_base'], + '$admin_pw' => $config['ldap_admin_pw'], + )); + } + $setup_ldap .= ' '.escapeshellarg($name.'='.$value); + + if (!in_array($name,array('domain','ldap_suffix','ldap_admin','ldap_admin_pw'))) + { + $extra_config .= ' '.escapeshellarg($name.'='.$value); + } + } + run_cmd($setup_ldap); + } + + // create header + $setup_header = $setup_cli.' --create-header '.escapeshellarg($config['config_passwd'].','.$config['config_user']). + ' --domain '.escapeshellarg($config['domain'].','.$config['db_name'].','.$config['db_user'].','.$config['db_pass']. + ','.$config['db_type'].','.$config['db_host'].','.$config['db_port']); + run_cmd($setup_header); + // install egroupware - $setup_install = $setup_cli.' --install '.escapeshellarg($config['domain'].','.$config['config_user'].','.$config['config_passwd'].','.$config['backup'].','.$config['charset'].','.$config['lang']); + $setup_install = $setup_cli.' --install '.escapeshellarg($config['domain'].','.$config['config_user'].','.$config['config_passwd'].','.$config['backup'].','.$config['charset'].','.$config['lang']) + .$extra_config; run_cmd($setup_install); if ($config['data_dir'] != '/var/lib/egroupware') diff --git a/setup/inc/class.setup_cmd_ldap.inc.php b/setup/inc/class.setup_cmd_ldap.inc.php index 4fa40f34b7..6294805930 100644 --- a/setup/inc/class.setup_cmd_ldap.inc.php +++ b/setup/inc/class.setup_cmd_ldap.inc.php @@ -7,13 +7,13 @@ * @package setup * @copyright (c) 2007 by Ralf Becker * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License - * @version $Id$ + * @version $Id$ */ /** * setup command: test or create the ldap connection and hierarchy */ -class setup_cmd_ldap extends setup_cmd +class setup_cmd_ldap extends setup_cmd { /** * Allow to run this command via setup-cli @@ -31,7 +31,6 @@ class setup_cmd_ldap extends setup_cmd * Constructor * * @param string/array $domain domain-name to customize the defaults or array with all parameters - * @param string $ldap_type db-type (mysql, pgsql, ...) * @param string $ldap_host=null * @param string $ldap_suffix=null base of the whole ldap install, default "dc=local" * @param string $ldap_admin=null root-dn needed to create new entries in the suffix @@ -71,7 +70,7 @@ class setup_cmd_ldap extends setup_cmd /** * run the command: test or create the ldap connection and hierarchy - * + * * @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself * @return string success message * @throws Exception(lang('Wrong credentials to access the header.inc.php file!'),2); @@ -103,7 +102,7 @@ class setup_cmd_ldap extends setup_cmd } return $msg; } - + /** * Connect to ldap server * @@ -115,20 +114,20 @@ class setup_cmd_ldap extends setup_cmd { if (is_null($dn)) $dn = $this->ldap_root_dn; if (is_null($pw)) $pw = $this->ldap_root_pw; - + if (!$pw) // ldap::ldapConnect use the current eGW's pw otherwise { throw new egw_exception_wrong_userinput(lang('You need to specify a password!')); } $this->test_ldap = new ldap(); - + $error_rep = error_reporting(); //error_reporting($error_rep & ~E_WARNING); // switch warnings of, in case they are on ob_start(); $ds = $this->test_ldap->ldapConnect($this->ldap_host,$dn,$pw); ob_end_clean(); error_reporting($error_rep); - + if (!$ds) { throw new egw_exception_wrong_userinput(lang('Can not connect to LDAP server on host %1 using DN %2!', @@ -136,19 +135,19 @@ class setup_cmd_ldap extends setup_cmd } return lang('Successful connected to LDAP server on %1 using DN %2.',$this->ldap_host,$dn); } - + /** * Check and if does not yet exist create the new database and user * * The check will fail if the database exists, but already contains tables - * + * * @return string with success message * @throws egw_exception_wrong_userinput */ private function create() { $this->connect($this->ldap_admin,$this->ldap_admin_pw); - + foreach(array( $this->ldap_base => array(), $this->ldap_context => array(), @@ -165,7 +164,7 @@ class setup_cmd_ldap extends setup_cmd return lang('Successful connected to LDAP server on %1 and created/checked required structur %2.', $this->ldap_host,$this->ldap_base); } - + /** * array with objectclasses for the objects we can create * @@ -195,14 +194,14 @@ class setup_cmd_ldap extends setup_cmd return false; } list($node,$base) = explode(',',$dn,2); - + if (!@ldap_read($this->test_ldap->ds,$base,'objectClass=*')) { $this->_create_node($base); // create the base if it's not already there } // now we need to create the node itself list($name,$value) = explode('=',$node); - + if (!isset(self::$requiredObjectclasses[$name])) { throw new egw_exception_wrong_userinput(lang('Can not create DN %1!',$dn).' '. @@ -260,12 +259,14 @@ class setup_cmd_ldap extends setup_cmd '$domain', '$suffix', '$base', + '$admin_pw', ),array( $this->domain, $this->ldap_suffix, $this->ldap_base, + $this->ldap_admin_pw, ),$this->$name); } - } + } } } diff --git a/setup/setup-cli.php b/setup/setup-cli.php index a9128e1337..d5fe05dd1b 100755 --- a/setup/setup-cli.php +++ b/setup/setup-cli.php @@ -67,7 +67,7 @@ switch($action) break; case '--install': - do_install($arguments[0]); + do_install($arguments); break; case '--config': @@ -374,14 +374,20 @@ function _check_auth_config($arg,$stop,$set_lang=true) /** * Install eGroupWare * - * @param string $args domain,[config user(admin)],password,[backup-file],[charset],[lang] + * @param array $args array(0 => "domain,[config user(admin)],password,[backup-file],[charset],[lang]", "name=value", ...) */ function do_install($args) { - list($domain,$user,$password,$backup,$charset,$lang) = explode(',',$args); + list($domain,$user,$password,$backup,$charset,$lang) = explode(',',array_shift($args)); _fetch_user_password($user,$password); - $cmd = new setup_cmd_install($domain,$user,$password,$backup,$charset,true,array(),$lang); + $config = array(); + foreach($args as $arg) + { + list($name,$value) = explode('=',$arg,2); + $config[$name] = $value; + } + $cmd = new setup_cmd_install($domain,$user,$password,$backup,$charset,true,$config,$lang); echo $cmd->run()."\n"; }