diff --git a/lam/docs/README.lamdaemon.pl b/lam/docs/README.lamdaemon.pl index e9b75687..ed486d8b 100644 --- a/lam/docs/README.lamdaemon.pl +++ b/lam/docs/README.lamdaemon.pl @@ -49,6 +49,19 @@ thins to get it work. * run make * run make install +4. Set up ssh + The ssh connection is done to remote hast as the user your + webserver is running as. In my case it's wwwrun. + You have to connect one time to remote host because in most + cases the host key has to added. + This can be done by connecting to remote host and confirm the + question about host authenticity. + Example (as root): + su wwwrun + ssh -l $admin-user $remotehost + Confirm all questions. + Exit the connection and connect again. You shouldn't be asked + about enything. Now everything should work fine diff --git a/lam/lib/lamdaemon.pl b/lam/lib/lamdaemon.pl index 8b1cd4d9..31f3e721 100755 --- a/lam/lib/lamdaemon.pl +++ b/lam/lib/lamdaemon.pl @@ -187,7 +187,7 @@ else { @username = split (',', $ARGV[0]); $username[0] =~ s/uid=//; my $ssh = Net::SSH::Perl->new($hostname, options=>[ - "IdentityFile /var/lib/wwwrun/.ssh/id_dsa", + #"IdentityFile /var/lib/wwwrun/.ssh/id_dsa", "UserKnownHostsFile /dev/null" ]); $ssh->login($username[0], $ARGV[1]); diff --git a/lam/templates/account/groupedit.php b/lam/templates/account/groupedit.php index df209c77..acbc964b 100644 --- a/lam/templates/account/groupedit.php +++ b/lam/templates/account/groupedit.php @@ -34,6 +34,13 @@ include_once('../../lib/ldap.inc'); // LDAP-functions // Start session session_save_path('../../sess'); @session_start(); + +// Redirect to startpage if user is not loged in +if (!isset($_SESSION['loggedIn'])) { + metaRefresh("../login.php"); + die; + } + // Set correct language, codepages, .... setlanguage(); @@ -321,8 +328,12 @@ do { // X-Or, only one if() can be true } if ($_POST['next_final']) { // Check if objectclasses are OK - if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) // Samba page not viewed; can not create group because if missing options + $stay = false; + if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) { + // Samba page not viewed; can not create group because if missing options $errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); + $stay = true; + } if (isset($account_old->general_objectClass)) { if (($config_intern->is_samba3()) && (!in_array('sambaGroupMapping', $account_old->general_objectClass))) $errors[] = array('WARN', _('ObjectClass sambaGroupMapping not found.'), _('Have to add objectClass sambaGroupMapping.')); @@ -334,7 +345,7 @@ do { // X-Or, only one if() can be true $errors[] = array('INFO', _('GID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), 'find / -gid ' . $account_old->general_uidNumber . ' -exec chgrp ' . $account_new->general_uidNumber . ' {} \;'); // Go from final to next page if no error did ocour - if (!isset($errors)) $select_local='final'; + if (!$stay)) $select_local='final'; else $select_local=$_POST['select']; break; } diff --git a/lam/templates/account/hostedit.php b/lam/templates/account/hostedit.php index 7321a826..a6c94e68 100644 --- a/lam/templates/account/hostedit.php +++ b/lam/templates/account/hostedit.php @@ -34,6 +34,13 @@ include_once('../../lib/ldap.inc'); // LDAP-functions // Start session session_save_path('../../sess'); @session_start(); + +// Redirect to startpage if user is not loged in +if (!isset($_SESSION['loggedIn'])) { + metaRefresh("login.php"); + die; + } + // Set correct language, codepages, .... setlanguage(); diff --git a/lam/templates/account/useredit.php b/lam/templates/account/useredit.php index 303e771d..073456e3 100644 --- a/lam/templates/account/useredit.php +++ b/lam/templates/account/useredit.php @@ -34,6 +34,13 @@ include_once('../../lib/ldap.inc'); // LDAP-functions // Start session session_save_path('../../sess'); @session_start(); + +// Redirect to startpage if user is not loged in +if (!isset($_SESSION['loggedIn'])) { + metaRefresh("../login.php"); + die; + } + // Set correct language, codepages, .... setlanguage(); @@ -537,6 +544,7 @@ do { // X-Or, only one if() can be true } if ($_POST['next_final']) { // Go from final to next page if no error did ocour + $stay = false; if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) $errors[] = array('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), 'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;'); @@ -546,10 +554,12 @@ do { // X-Or, only one if() can be true if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir)) $errors[] = array('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'), 'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir); - if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) + if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) { // Samba page not viewed; can not create user because if missing options $errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); - else { + $stay = true; + } + if (!$config_intern->is_samba3()) { $found = false; if (strstr($account_new->smb_scriptPath, '$group')) $found = true; if (strstr($account_new->smb_scriptPath, '$user')) $found = true; @@ -559,6 +569,7 @@ do { // X-Or, only one if() can be true if (strstr($account_new->smb_smbhome, '$user')) $found = true; if ($found) // Samba page not viewed; can not create group because if missing options + $stay = true; $errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); } if (isset($account_old->general_objectClass)) { @@ -575,7 +586,7 @@ do { // X-Or, only one if() can be true $errors[] = array('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.')); } } - if (!is_array($errors)) $select_local='final'; + if (!$stay) $select_local='final'; else $select_local=$_POST['select']; break; } diff --git a/lam/templates/delete.php b/lam/templates/delete.php index 88d3b855..a7221d45 100644 --- a/lam/templates/delete.php +++ b/lam/templates/delete.php @@ -29,6 +29,12 @@ include_once('../lib/config.inc'); // start session session_save_path('../sess'); @session_start(); +// Redirect to startpage if user is not loged in +if (!isset($_SESSION['loggedIn'])) { + metaRefresh("login.php"); + die; + } + // set language setlanguage(); @@ -177,10 +183,9 @@ if ($_POST['delete_yes']) { // Get group GIDNumber $groupgid = getgid($groupname); // Search for users which have gid set to current gid - $result = ldap_search($ldap_intern->server(), $dn, "gidNumber=$groupgid", array('')); - $entry = ldap_first_entry($ldap_intern->server(), $result); + $result = ldap_search($ldap_intern->server(), $config_intern->get_UserSuffix(), "gidNumber=$groupgid", array('')); // Print error if still users in group - if ($entry) $error = _('Could not delete group. Still users in group:').' '.$dn; + if (!$result) $error = _('Could not delete group. Still users in group:').' '.$dn; else { // continue if no primary users are in group // Remove quotas if lamdaemon.pl is used diff --git a/lam/templates/masscreate.php b/lam/templates/masscreate.php index f451802f..3086d7ba 100644 --- a/lam/templates/masscreate.php +++ b/lam/templates/masscreate.php @@ -34,6 +34,13 @@ include_once('../lib/pdf.inc'); // Return a pdf-file // Start Session session_save_path('../sess'); @session_start(); + +// Redirect to startpage if user is not loged in +if (!isset($_SESSION['loggedIn'])) { + metaRefresh("login.php"); + die; + } + // Set correct language, codepages, .... setlanguage(); @@ -443,7 +450,7 @@ echo ''; function loadfile() { if ($_FILES['userfile']['size']>0) { // Array with all OUs from users - $OUs = array(); + $OUs = $_SESSION['ldap']->search_units($_SESSION['config']->get_UserSuffix()); // fixme **** load all existing OUs in Array // open csv-file $handle = fopen($_FILES['userfile']['tmp_name'], 'r'); @@ -510,11 +517,11 @@ function loadfile() { // Expand DN of user with ou=$group $_SESSION['accounts'][$row]->general_dn = "ou=".$_SESSION['accounts'][$row]->general_group .','. $_POST['f_general_suffix']; // Create OUs if needed - if (!in_array($_SESSION['accounts'][$row]->general_group, $OUs)) { + if (!in_array("ou=".$_SESSION['accounts'][$row]->general_group.",".$_POST['f_general_suffix'], $OUs)) { $attr['objectClass']= 'organizationalUnit'; $attr['ou'] = $_SESSION['accounts'][$row]->general_group; - $success = @ldap_add($_SESSION['ldap']->server(), $_SESSION['accounts'][$row]->general_dn, $attr); - if ($success) $OUs[] = $_SESSION['accounts'][$row]->general_group; + $success = ldap_add($_SESSION['ldap']->server(), $_SESSION['accounts'][$row]->general_dn, $attr); + if ($success) $OUs[] = "ou=".$_SESSION['accounts'][$row]->general_group.",".$_POST['f_general_suffix']; } } // Set DN without uid=$username diff --git a/lam/templates/massdetail.php b/lam/templates/massdetail.php index d3a9ed4a..f0b958c8 100644 --- a/lam/templates/massdetail.php +++ b/lam/templates/massdetail.php @@ -34,6 +34,13 @@ include_once('../lib/ldap.inc'); // LDAP-functions // Start Session session_save_path('../sess'); @session_start(); + +// Redirect to startpage if user is not loged in +if (!isset($_SESSION['loggedIn'])) { + metaRefresh("login.php"); + die; + } + // Set correct language, codepages, .... setlanguage();