added prefix for lamdaemon

This commit is contained in:
Roland Gruber 2019-10-26 17:28:24 +02:00
parent 624c94bff0
commit b91b28d013
7 changed files with 46 additions and 17 deletions

View File

@ -1,4 +1,5 @@
December 2019 7.0
- Lamdaemon can be configured with directory prefix for homedirs
- Fixed bugs:
-> Missing CSS for Duo

View File

@ -489,6 +489,30 @@
is located. The default rights for new home directories can be set,
too.</para>
<para><emphasis role="bold">Note:</emphasis> This requires lamdaemon
to be installed on the remote server. This comes as separate package
for DEB/RPM. See <link linkend="a_lamdaemon">here</link>.</para>
<para>Script server format:</para>
<itemizedlist>
<listitem>
<para>"server": "server" is the DNS name of your script
server</para>
</listitem>
<listitem>
<para>"server:NAME": NAME is the display name of this
server</para>
</listitem>
<listitem>
<para>"server:NAME:/prefix": /prefix is the directory prefix for
all operations. E.g. creating a home directory "/home/user" would
create "/prefix/home/user" then.</para>
</listitem>
</itemizedlist>
<para>You can provide a fixed user name. If you leave the field empty
then LAM will use your current account (the account you used to login
to LAM).</para>

View File

@ -610,7 +610,7 @@
intermediate release.</para>
<section>
<title>6.7 -&gt; 6.9</title>
<title>6.7 -&gt; 7.0</title>
<para>No actions required.</para>
</section>

View File

@ -120,7 +120,7 @@ $helpArray = array (
"218" => array ("Headline" => _("Script servers"),
"Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "<br>"
. _("If your server runs on another port then add a comma and the port number after the server.") . "<br><br>"
. _("Example") . ": <b>127.0.0.1:LOCAL;192.168.0.2,12345:Servername;192.168.0.5</b>"),
. _("Examples") . ": <br><b>my.server.name<br>127.0.0.1:LOCAL;192.168.0.2,12345:Servername<br>my.server.name:SERVER:/prefix</b>"),
"219" => array ("Headline" => _("Rights for the home directory"),
"Text" => _("This defines the rights for the home directories which are created by lamdaemon.")),
"220" => array ("Headline" => _("Login method"),

View File

@ -722,7 +722,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"add",
$this->attributes[$homeDirAttr][0],
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
"0".$_SESSION['config']->get_scriptRights(),
$this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0])
@ -753,9 +753,9 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"move",
$this->orig[$homeDirAttr][0],
$lamdaemonServer->getHomeDirPrefix() . $this->orig[$homeDirAttr][0],
$this->attributes['uidNumber'][0],
$this->attributes[$homeDirAttr][0])
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0])
));
$remote->disconnect();
// lamdaemon results
@ -780,7 +780,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"chgrp",
$this->attributes[$homeDirAttr][0],
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0])
));
@ -939,7 +939,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"rem",
$this->attributes[$homeDirAttr][0],
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0]
)
));
@ -1475,7 +1475,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"add",
$this->attributes[$homeDirAttr][0],
$lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
"0".$_SESSION['config']->get_scriptRights(),
$this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0])
@ -1501,7 +1501,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"rem",
$this->attributes[$homeDirAttr][0],
$lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0]
)
));
@ -1657,7 +1657,7 @@ class posixAccount extends baseModule implements passwordService {
$return->addLabel($homeDirLabel);
$homeServerContainer = new htmlTable();
for ($h = 0; $h < sizeof($lamdaemonServers); $h++) {
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h], $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false));
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h]->getServer(), $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false));
if ($h === 0) {
$homeDirHelp = new htmlHelpLink('createhomedir');
$homeServerContainer->addElement($homeDirHelp);
@ -1915,7 +1915,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"check",
$this->attributes[$homeDirAttr][0])
$lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0])
));
$remote->disconnect();
// lamdaemon results
@ -2890,7 +2890,7 @@ class posixAccount extends baseModule implements passwordService {
$data[$pos][$ids['posixAccount_userName']],
"home",
"add",
$accounts[$pos][$homeDirAttr],
$remoteServer->getHomeDirPrefix() . $accounts[$pos][$homeDirAttr],
"0".$_SESSION['config']->get_scriptRights(),
$accounts[$pos]['uidNumber'],
$accounts[$pos]['gidNumber'],

View File

@ -1555,7 +1555,7 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"check",
$this->attributes['sambaProfilePath'][0])
$remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0])
));
$remote->disconnect();
// remote command results
@ -1626,7 +1626,7 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"directory",
"add",
$this->attributes['sambaProfilePath'][0],
$remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0],
"0".$_SESSION['config']->get_scriptRights(),
$uidNumber,
$gidNumber)
@ -1651,7 +1651,7 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['uid'][0],
"home",
"rem",
$this->attributes['sambaProfilePath'][0],
$remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0],
$uidNumber
)
));

View File

@ -70,7 +70,9 @@ lam_start_session();
setlanguage();
// get password
if (isset($_POST['passwd'])) $passwd = $_POST['passwd'];
if (isset($_POST['passwd'])) {
$passwd = $_POST['passwd'];
}
// check if password was entered
// if not: load login page
@ -91,7 +93,9 @@ $conf = &$_SESSION['conf_config'];
if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) {
$sessionKeys = array_keys($_SESSION);
for ($i = 0; $i < sizeof($sessionKeys); $i++) {
if (substr($sessionKeys[$i], 0, 5) == "conf_") unset($_SESSION[$sessionKeys[$i]]);
if (substr($sessionKeys[$i], 0, 5) == "conf_") {
unset($_SESSION[$sessionKeys[$i]]);
}
}
$_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again."));
/** go back to login if password is invalid */