holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allow setup-cli to install ldap based right away

Browse Source
This commit is contained in:
Ralf Becker 2009-12-05 17:42:18 +00:00
parent 0deeb03379
commit 61c48fb5c0
3 changed files with 101 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
doc/rpm-build/post_install.php
View File

@ -42,6 +42,19 @@ $config = array(
'start_webserver' => '/etc/init.d/httpd', 'start_webserver' => '/etc/init.d/httpd',
'autostart_webserver' => '/sbin/chkconfig --level 345 httpd on', 'autostart_webserver' => '/sbin/chkconfig --level 345 httpd on',
'distro' => 'rh', 'distro' => 'rh',
'auth_type' => 'sql',
'account_repository' => 'sql',
'account_min_id' => '',
'ldap_suffix' => 'dc=local',
'ldap_host' => 'localhost',
'ldap_admin' => 'cn=admin,$suffix',
'ldap_admin_pw' => '',
'ldap_base' => 'o=$domain,$suffix',
'ldap_root_dn' => 'cn=admin,$base',
'ldap_root_pw' => randomstring(),
'ldap_context' => 'ou=accounts,$base',
'ldap_search_filter' => '(uid=%user)',
'ldap_group_context' => 'ou=groups,$base',
); );
// read language from LANG enviroment variable // read language from LANG enviroment variable
@ -76,6 +89,12 @@ function set_distro_defaults($distro=null)
$config['autostart_db'] = '/sbin/chkconfig --level 345 mysql on'; $config['autostart_db'] = '/sbin/chkconfig --level 345 mysql on';
$config['start_webserver'] = '/etc/init.d/apache2'; $config['start_webserver'] = '/etc/init.d/apache2';
$config['autostart_webserver'] = '/sbin/chkconfig --level 345 apache2 on'; $config['autostart_webserver'] = '/sbin/chkconfig --level 345 apache2 on';
$config['ldap_suffix'] = 'dc=site';
$config['ldap_admin'] = $config['ldap_root_dn'] = 'cn=Administrator,$suffix';
$config['ldap_root_pw'] = '$admin_pw';
$config['ldap_base'] = '$suffix';
$config['ldap_context'] = 'ou=people,$base';
$config['ldap_group_context'] = 'ou=group,$base';
break; break;
case 'debian': case 'debian':
$config['start_db'] = '/etc/init.d/mysql'; $config['start_db'] = '/etc/init.d/mysql';
@ -96,6 +115,7 @@ set_distro_defaults();
$argv = $_SERVER['argv']; $argv = $_SERVER['argv'];
$prog = array_shift($argv); $prog = array_shift($argv);
$auth_type_given = false;
while(($arg = array_shift($argv))) while(($arg = array_shift($argv)))
{ {
if ($arg == '-v' || $arg == '--verbose') if ($arg == '-v' || $arg == '--verbose')
@ -117,6 +137,20 @@ while(($arg = array_shift($argv)))
elseif(substr($arg,0,2) == '--' && isset($config[$name=substr($arg,2)])) elseif(substr($arg,0,2) == '--' && isset($config[$name=substr($arg,2)]))
{ {
$config[$name] = array_shift($argv); $config[$name] = array_shift($argv);
switch($name)
{
case 'auth_type':
$auth_type_given = true;
break;
case 'account_repository': // auth-type defaults to account-repository
if (!$auth_type_given)
{
$config['auth_type'] = $config[$name];
}
break;
}
} }
else else
{ {
@ -143,12 +177,7 @@ $setup_cli = $config['php'].' '.$config['setup-cli'];
if (!file_exists($config['header']) || filesize($config['header']) < 200) // default header redirecting to setup is 147 bytes if (!file_exists($config['header']) || filesize($config['header']) < 200) // default header redirecting to setup is 147 bytes
{ {
// --> new install // --> new install
$extra_config = '';
// create header
$setup_header = $setup_cli.' --create-header '.escapeshellarg($config['config_passwd'].','.$config['config_user']).
' --domain '.escapeshellarg($config['domain'].','.$config['db_name'].','.$config['db_user'].','.$config['db_pass'].
','.$config['db_type'].','.$config['db_host'].','.$config['db_port']);
run_cmd($setup_header);
// check for localhost if database server is started and start it (permanent) if not // check for localhost if database server is started and start it (permanent) if not
if ($config['db_host'] == 'localhost' && file_exists($config['start_db'])) if ($config['db_host'] == 'localhost' && file_exists($config['start_db']))
@ -167,8 +196,47 @@ if (!file_exists($config['header']) || filesize($config['header']) < 200) // def
} }
run_cmd($setup_db); run_cmd($setup_db);
// check if ldap is required and initialise it
$extra_config .= ' '.escapeshellarg('auth_type='.$config['auth_type']);
$extra_config .= ' '.escapeshellarg('account_repository='.$config['account_repository']);
if ($config['auth_type'] == 'ldap' || $config['account_repository'] == 'ldap')
{
$extra_config .= ' '.escapeshellarg('account_min_id='.(!empty($config['account_min_id']) ? $config['account_min_id'] : 1100));
$setup_ldap = $setup_cli.' --setup-cmd-ldap sub_command='.
($config['account_repository'] == 'ldap' ? 'create_ldap' : 'test_ldap');
foreach(array(
'domain','ldap_suffix','ldap_host','ldap_admin','ldap_admin_pw', // non-egw params: only used for create
'ldap_base','ldap_root_dn','ldap_root_pw','ldap_context','ldap_search_filter','ldap_group_context', // egw params
) as $name)
{
if (strpos($value=$config[$name],'$') !== false)
{
$config[$name] = $value = strtr($value,array(
'$suffix' => $config['ldap_suffix'],
'$base' => $config['ldap_base'],
'$admin_pw' => $config['ldap_admin_pw'],
));
}
$setup_ldap .= ' '.escapeshellarg($name.'='.$value);
if (!in_array($name,array('domain','ldap_suffix','ldap_admin','ldap_admin_pw')))
{
$extra_config .= ' '.escapeshellarg($name.'='.$value);
}
}
run_cmd($setup_ldap);
}
// create header
$setup_header = $setup_cli.' --create-header '.escapeshellarg($config['config_passwd'].','.$config['config_user']).
' --domain '.escapeshellarg($config['domain'].','.$config['db_name'].','.$config['db_user'].','.$config['db_pass'].
','.$config['db_type'].','.$config['db_host'].','.$config['db_port']);
run_cmd($setup_header);
// install egroupware // install egroupware
$setup_install = $setup_cli.' --install '.escapeshellarg($config['domain'].','.$config['config_user'].','.$config['config_passwd'].','.$config['backup'].','.$config['charset'].','.$config['lang']); $setup_install = $setup_cli.' --install '.escapeshellarg($config['domain'].','.$config['config_user'].','.$config['config_passwd'].','.$config['backup'].','.$config['charset'].','.$config['lang'])
.$extra_config;
run_cmd($setup_install); run_cmd($setup_install);
if ($config['data_dir'] != '/var/lib/egroupware') if ($config['data_dir'] != '/var/lib/egroupware')

31
setup/inc/class.setup_cmd_ldap.inc.php
View File

@ -7,13 +7,13 @@
* @package setup * @package setup
* @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de> * @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
* @version $Id$ * @version $Id$
*/ */
/** /**
* setup command: test or create the ldap connection and hierarchy * setup command: test or create the ldap connection and hierarchy
*/ */
class setup_cmd_ldap extends setup_cmd class setup_cmd_ldap extends setup_cmd
{ {
/** /**
* Allow to run this command via setup-cli * Allow to run this command via setup-cli
@ -31,7 +31,6 @@ class setup_cmd_ldap extends setup_cmd
* Constructor * Constructor
* *
* @param string/array $domain domain-name to customize the defaults or array with all parameters * @param string/array $domain domain-name to customize the defaults or array with all parameters
* @param string $ldap_type db-type (mysql, pgsql, ...)
* @param string $ldap_host=null * @param string $ldap_host=null
* @param string $ldap_suffix=null base of the whole ldap install, default "dc=local" * @param string $ldap_suffix=null base of the whole ldap install, default "dc=local"
* @param string $ldap_admin=null root-dn needed to create new entries in the suffix * @param string $ldap_admin=null root-dn needed to create new entries in the suffix
@ -71,7 +70,7 @@ class setup_cmd_ldap extends setup_cmd
/** /**
* run the command: test or create the ldap connection and hierarchy * run the command: test or create the ldap connection and hierarchy
* *
* @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself * @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself
* @return string success message * @return string success message
* @throws Exception(lang('Wrong credentials to access the header.inc.php file!'),2); * @throws Exception(lang('Wrong credentials to access the header.inc.php file!'),2);
@ -103,7 +102,7 @@ class setup_cmd_ldap extends setup_cmd
} }
return $msg; return $msg;
} }
/** /**
* Connect to ldap server * Connect to ldap server
* *
@ -115,20 +114,20 @@ class setup_cmd_ldap extends setup_cmd
{ {
if (is_null($dn)) $dn = $this->ldap_root_dn; if (is_null($dn)) $dn = $this->ldap_root_dn;
if (is_null($pw)) $pw = $this->ldap_root_pw; if (is_null($pw)) $pw = $this->ldap_root_pw;
if (!$pw) // ldap::ldapConnect use the current eGW's pw otherwise if (!$pw) // ldap::ldapConnect use the current eGW's pw otherwise
{ {
throw new egw_exception_wrong_userinput(lang('You need to specify a password!')); throw new egw_exception_wrong_userinput(lang('You need to specify a password!'));
} }
$this->test_ldap = new ldap(); $this->test_ldap = new ldap();
$error_rep = error_reporting(); $error_rep = error_reporting();
//error_reporting($error_rep & ~E_WARNING); // switch warnings of, in case they are on //error_reporting($error_rep & ~E_WARNING); // switch warnings of, in case they are on
ob_start(); ob_start();
$ds = $this->test_ldap->ldapConnect($this->ldap_host,$dn,$pw); $ds = $this->test_ldap->ldapConnect($this->ldap_host,$dn,$pw);
ob_end_clean(); ob_end_clean();
error_reporting($error_rep); error_reporting($error_rep);
if (!$ds) if (!$ds)
{ {
throw new egw_exception_wrong_userinput(lang('Can not connect to LDAP server on host %1 using DN %2!', throw new egw_exception_wrong_userinput(lang('Can not connect to LDAP server on host %1 using DN %2!',
@ -136,19 +135,19 @@ class setup_cmd_ldap extends setup_cmd
} }
return lang('Successful connected to LDAP server on %1 using DN %2.',$this->ldap_host,$dn); return lang('Successful connected to LDAP server on %1 using DN %2.',$this->ldap_host,$dn);
} }
/** /**
* Check and if does not yet exist create the new database and user * Check and if does not yet exist create the new database and user
* *
* The check will fail if the database exists, but already contains tables * The check will fail if the database exists, but already contains tables
* *
* @return string with success message * @return string with success message
* @throws egw_exception_wrong_userinput * @throws egw_exception_wrong_userinput
*/ */
private function create() private function create()
{ {
$this->connect($this->ldap_admin,$this->ldap_admin_pw); $this->connect($this->ldap_admin,$this->ldap_admin_pw);
foreach(array( foreach(array(
$this->ldap_base => array(), $this->ldap_base => array(),
$this->ldap_context => array(), $this->ldap_context => array(),
@ -165,7 +164,7 @@ class setup_cmd_ldap extends setup_cmd
return lang('Successful connected to LDAP server on %1 and created/checked required structur %2.', return lang('Successful connected to LDAP server on %1 and created/checked required structur %2.',
$this->ldap_host,$this->ldap_base); $this->ldap_host,$this->ldap_base);
} }
/** /**
* array with objectclasses for the objects we can create * array with objectclasses for the objects we can create
* *
@ -195,14 +194,14 @@ class setup_cmd_ldap extends setup_cmd
return false; return false;
} }
list($node,$base) = explode(',',$dn,2); list($node,$base) = explode(',',$dn,2);
if (!@ldap_read($this->test_ldap->ds,$base,'objectClass=*')) if (!@ldap_read($this->test_ldap->ds,$base,'objectClass=*'))
{ {
$this->_create_node($base); // create the base if it's not already there $this->_create_node($base); // create the base if it's not already there
} }
// now we need to create the node itself // now we need to create the node itself
list($name,$value) = explode('=',$node); list($name,$value) = explode('=',$node);
if (!isset(self::$requiredObjectclasses[$name])) if (!isset(self::$requiredObjectclasses[$name]))
{ {
throw new egw_exception_wrong_userinput(lang('Can not create DN %1!',$dn).' '. throw new egw_exception_wrong_userinput(lang('Can not create DN %1!',$dn).' '.
@ -260,12 +259,14 @@ class setup_cmd_ldap extends setup_cmd
'$domain', '$domain',
'$suffix', '$suffix',
'$base', '$base',
'$admin_pw',
),array( ),array(
$this->domain, $this->domain,
$this->ldap_suffix, $this->ldap_suffix,
$this->ldap_base, $this->ldap_base,
$this->ldap_admin_pw,
),$this->$name); ),$this->$name);
} }
} }
} }
} }

14
setup/setup-cli.php
View File

@ -67,7 +67,7 @@ switch($action)
break; break;
case '--install': case '--install':
do_install($arguments[0]); do_install($arguments);
break; break;
case '--config': case '--config':
@ -374,14 +374,20 @@ function _check_auth_config($arg,$stop,$set_lang=true)
/** /**
* Install eGroupWare * Install eGroupWare
* *
* @param string $args domain,[config user(admin)],password,[backup-file],[charset],[lang] * @param array $args array(0 => "domain,[config user(admin)],password,[backup-file],[charset],[lang]", "name=value", ...)
*/ */
function do_install($args) function do_install($args)
{ {
list($domain,$user,$password,$backup,$charset,$lang) = explode(',',$args); list($domain,$user,$password,$backup,$charset,$lang) = explode(',',array_shift($args));
_fetch_user_password($user,$password); _fetch_user_password($user,$password);
$cmd = new setup_cmd_install($domain,$user,$password,$backup,$charset,true,array(),$lang); $config = array();
foreach($args as $arg)
{
list($name,$value) = explode('=',$arg,2);
$config[$name] = $value;
}
$cmd = new setup_cmd_install($domain,$user,$password,$backup,$charset,true,$config,$lang);
echo $cmd->run()."\n"; echo $cmd->run()."\n";
} }