From b91b28d0130f23b3ebc1899eb6ecc913936ca8b7 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 26 Oct 2019 17:28:24 +0200 Subject: [PATCH] added prefix for lamdaemon --- lam/HISTORY | 1 + .../manual-sources/chapter-configuration.xml | 24 +++++++++++++++++++ .../manual-sources/chapter-installation.xml | 2 +- lam/help/help.inc | 2 +- lam/lib/modules/posixAccount.inc | 20 ++++++++-------- lam/lib/modules/sambaSamAccount.inc | 6 ++--- lam/templates/config/confmain.php | 8 +++++-- 7 files changed, 46 insertions(+), 17 deletions(-) diff --git a/lam/HISTORY b/lam/HISTORY index e685c610..10591170 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -1,4 +1,5 @@ December 2019 7.0 + - Lamdaemon can be configured with directory prefix for homedirs - Fixed bugs: -> Missing CSS for Duo diff --git a/lam/docs/manual-sources/chapter-configuration.xml b/lam/docs/manual-sources/chapter-configuration.xml index 91f5334f..d0ccf6ce 100644 --- a/lam/docs/manual-sources/chapter-configuration.xml +++ b/lam/docs/manual-sources/chapter-configuration.xml @@ -489,6 +489,30 @@ is located. The default rights for new home directories can be set, too. + Note: This requires lamdaemon + to be installed on the remote server. This comes as separate package + for DEB/RPM. See here. + + Script server format: + + + + "server": "server" is the DNS name of your script + server + + + + "server:NAME": NAME is the display name of this + server + + + + "server:NAME:/prefix": /prefix is the directory prefix for + all operations. E.g. creating a home directory "/home/user" would + create "/prefix/home/user" then. + + + You can provide a fixed user name. If you leave the field empty then LAM will use your current account (the account you used to login to LAM). diff --git a/lam/docs/manual-sources/chapter-installation.xml b/lam/docs/manual-sources/chapter-installation.xml index f133529b..5528d3ce 100644 --- a/lam/docs/manual-sources/chapter-installation.xml +++ b/lam/docs/manual-sources/chapter-installation.xml @@ -610,7 +610,7 @@ intermediate release.
- 6.7 -> 6.9 + 6.7 -> 7.0 No actions required.
diff --git a/lam/help/help.inc b/lam/help/help.inc index 797f0bd7..24227e2f 100644 --- a/lam/help/help.inc +++ b/lam/help/help.inc @@ -120,7 +120,7 @@ $helpArray = array ( "218" => array ("Headline" => _("Script servers"), "Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "
" . _("If your server runs on another port then add a comma and the port number after the server.") . "

" - . _("Example") . ": 127.0.0.1:LOCAL;192.168.0.2,12345:Servername;192.168.0.5"), + . _("Examples") . ":
my.server.name
127.0.0.1:LOCAL;192.168.0.2,12345:Servername
my.server.name:SERVER:/prefix
"), "219" => array ("Headline" => _("Rights for the home directory"), "Text" => _("This defines the rights for the home directories which are created by lamdaemon.")), "220" => array ("Headline" => _("Login method"), diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index bf4c6cea..7c6e333e 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -722,7 +722,7 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "add", - $this->attributes[$homeDirAttr][0], + $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0], "0".$_SESSION['config']->get_scriptRights(), $this->attributes['uidNumber'][0], $this->attributes['gidNumber'][0]) @@ -753,9 +753,9 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "move", - $this->orig[$homeDirAttr][0], + $lamdaemonServer->getHomeDirPrefix() . $this->orig[$homeDirAttr][0], $this->attributes['uidNumber'][0], - $this->attributes[$homeDirAttr][0]) + $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0]) )); $remote->disconnect(); // lamdaemon results @@ -780,7 +780,7 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "chgrp", - $this->attributes[$homeDirAttr][0], + $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0], $this->attributes['uidNumber'][0], $this->attributes['gidNumber'][0]) )); @@ -939,7 +939,7 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "rem", - $this->attributes[$homeDirAttr][0], + $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0], $this->attributes['uidNumber'][0] ) )); @@ -1475,7 +1475,7 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "add", - $this->attributes[$homeDirAttr][0], + $lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0], "0".$_SESSION['config']->get_scriptRights(), $this->attributes['uidNumber'][0], $this->attributes['gidNumber'][0]) @@ -1501,7 +1501,7 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "rem", - $this->attributes[$homeDirAttr][0], + $lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0], $this->attributes['uidNumber'][0] ) )); @@ -1657,7 +1657,7 @@ class posixAccount extends baseModule implements passwordService { $return->addLabel($homeDirLabel); $homeServerContainer = new htmlTable(); for ($h = 0; $h < sizeof($lamdaemonServers); $h++) { - $homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h], $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false)); + $homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h]->getServer(), $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false)); if ($h === 0) { $homeDirHelp = new htmlHelpLink('createhomedir'); $homeServerContainer->addElement($homeDirHelp); @@ -1915,7 +1915,7 @@ class posixAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "check", - $this->attributes[$homeDirAttr][0]) + $lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0]) )); $remote->disconnect(); // lamdaemon results @@ -2890,7 +2890,7 @@ class posixAccount extends baseModule implements passwordService { $data[$pos][$ids['posixAccount_userName']], "home", "add", - $accounts[$pos][$homeDirAttr], + $remoteServer->getHomeDirPrefix() . $accounts[$pos][$homeDirAttr], "0".$_SESSION['config']->get_scriptRights(), $accounts[$pos]['uidNumber'], $accounts[$pos]['gidNumber'], diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc index f98f9d75..33c0de6b 100644 --- a/lam/lib/modules/sambaSamAccount.inc +++ b/lam/lib/modules/sambaSamAccount.inc @@ -1555,7 +1555,7 @@ class sambaSamAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "check", - $this->attributes['sambaProfilePath'][0]) + $remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0]) )); $remote->disconnect(); // remote command results @@ -1626,7 +1626,7 @@ class sambaSamAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "directory", "add", - $this->attributes['sambaProfilePath'][0], + $remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0], "0".$_SESSION['config']->get_scriptRights(), $uidNumber, $gidNumber) @@ -1651,7 +1651,7 @@ class sambaSamAccount extends baseModule implements passwordService { $this->attributes['uid'][0], "home", "rem", - $this->attributes['sambaProfilePath'][0], + $remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0], $uidNumber ) )); diff --git a/lam/templates/config/confmain.php b/lam/templates/config/confmain.php index 3599fefe..76dc4480 100644 --- a/lam/templates/config/confmain.php +++ b/lam/templates/config/confmain.php @@ -70,7 +70,9 @@ lam_start_session(); setlanguage(); // get password -if (isset($_POST['passwd'])) $passwd = $_POST['passwd']; +if (isset($_POST['passwd'])) { + $passwd = $_POST['passwd']; +} // check if password was entered // if not: load login page @@ -91,7 +93,9 @@ $conf = &$_SESSION['conf_config']; if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) { $sessionKeys = array_keys($_SESSION); for ($i = 0; $i < sizeof($sessionKeys); $i++) { - if (substr($sessionKeys[$i], 0, 5) == "conf_") unset($_SESSION[$sessionKeys[$i]]); + if (substr($sessionKeys[$i], 0, 5) == "conf_") { + unset($_SESSION[$sessionKeys[$i]]); + } } $_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again.")); /** go back to login if password is invalid */