summaryrefslogtreecommitdiffstats
path: root/src/ldap.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/ldap.cpp')
-rw-r--r--src/ldap.cpp64
1 files changed, 5 insertions, 59 deletions
diff --git a/src/ldap.cpp b/src/ldap.cpp
index 4a77b74..9895f0f 100644
--- a/src/ldap.cpp
+++ b/src/ldap.cpp
@@ -54,13 +54,11 @@
// Connect this to CMake/Automake
#define KDE_CONFDIR "/etc/trinity"
#define KRB5_FILE "/etc/krb5.conf"
-#define LDAP_FILE "/etc/ldap.conf"
#define NSSWITCH_FILE "/etc/nsswitch.conf"
#define PAMD_DIRECTORY "/etc/pam.d/"
#define PAMD_COMMON_ACCOUNT "common-account"
#define PAMD_COMMON_AUTH "common-auth"
#define CRON_UPDATE_NSS_FILE "/etc/cron.daily/upd-local-nss-db"
-#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
@@ -302,40 +300,7 @@ void LDAPConfig::save() {
systemconfig->writeEntry("ConnectionPasswordHash", m_passwordHash);
systemconfig->writeEntry("ConnectionIgnoredUsers", m_ignoredUsers);
- LDAPRealmConfigList::Iterator it;
- for (it = m_realms.begin(); it != m_realms.end(); ++it) {
- LDAPRealmConfig realmcfg = it.data();
- TQString configRealmName = realmcfg.name;
- configRealmName.prepend("LDAPRealm-");
- systemconfig->setGroup(configRealmName);
- // Save realm settings
- systemconfig->writeEntry("bonded", realmcfg.bonded);
- systemconfig->writeEntry("uid_offset", realmcfg.uid_offset);
- systemconfig->writeEntry("gid_offset", realmcfg.gid_offset);
- systemconfig->writeEntry("domain_mappings", realmcfg.domain_mappings);
- systemconfig->writeEntry("kdc", realmcfg.kdc);
- systemconfig->writeEntry("kdc_port", realmcfg.kdc_port);
- systemconfig->writeEntry("admin_server", realmcfg.admin_server);
- systemconfig->writeEntry("admin_server_port", realmcfg.admin_server_port);
- systemconfig->writeEntry("pkinit_require_eku", realmcfg.pkinit_require_eku);
- systemconfig->writeEntry("pkinit_require_krbtgt_otherName", realmcfg.pkinit_require_krbtgt_otherName);
- systemconfig->writeEntry("win2k_pkinit", realmcfg.win2k_pkinit);
- systemconfig->writeEntry("win2k_pkinit_require_binding", realmcfg.win2k_pkinit_require_binding);
- }
-
- // Delete any realms that do not exist in the m_realms database
- TQStringList cfgRealms = systemconfig->groupList();
- for (TQStringList::Iterator it(cfgRealms.begin()); it != cfgRealms.end(); ++it) {
- if ((*it).startsWith("LDAPRealm-")) {
- systemconfig->setGroup(*it);
- TQString realmName=*it;
- realmName.remove(0,strlen("LDAPRealm-"));
- if (!m_realms.contains(realmName)) {
- systemconfig->deleteGroup(*it);
- }
- }
- }
-
+ LDAPManager::writeTDERealmList(m_realms, systemconfig);
systemconfig->sync();
if (base->systemEnableSupport->isChecked()) {
@@ -349,13 +314,15 @@ void LDAPConfig::save() {
writePAMFiles();
// Write the cron files
writeCronFiles();
+ // RAJA FIXME
+ // Update the SUDOERS file with the domain-wide computer local admin group!
}
load();
}
void LDAPConfig::processLockouts() {
- bool panelIsEnabled = base->systemEnableSupport->isChecked();
+ bool panelIsEnabled = (base->systemEnableSupport->isEnabled() && base->systemEnableSupport->isChecked());
base->groupRealms->setEnabled(panelIsEnabled);
base->groupKrbDefaults->setEnabled(panelIsEnabled);
@@ -663,28 +630,7 @@ void LDAPConfig::writeKrb5ConfFile() {
}
void LDAPConfig::writeLDAPConfFile() {
- TQFile file(LDAP_FILE);
- if (file.open(IO_WriteOnly)) {
- TQTextStream stream( &file );
-
- LDAPRealmConfig realmcfg = m_realms[m_defaultRealm];
-
- stream << "# This file was automatically generated by TDE\n";
- stream << "# All changes will be lost!\n";
- stream << "\n";
-
- stream << "host " << realmcfg.admin_server << "\n";
- TQStringList domainChunks = TQStringList::split(".", realmcfg.name.lower());
- stream << "base dc=" << domainChunks.join(",dc=") << "\n";
- stream << "ldap_version " << m_ldapVersion << "\n";
- stream << "timelimit " << m_ldapTimeout << "\n";
- stream << "bind_timelimit " << m_ldapBindTimeout << "\n";
- stream << "bind_policy " << m_bindPolicy.lower() << "\n";
- stream << "pam_password " << m_passwordHash.lower() << "\n";
- stream << "nss_initgroups_ignoreusers " << m_ignoredUsers << "\n";
-
- file.close();
- }
+ LDAPManager::writeLDAPConfFile(m_realms[m_defaultRealm]);
}
void LDAPConfig::writeNSSwitchFile() {
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-28 01:34:47 +0000