sudo_ldap_scheme.yml

ldap_scheme.yml

@@ -23,7 +23,7 @@ parents:
             - organizationalUnit
             - top
 
-childs:
+children:
     cn=admins,ou=groups:
         cn: admins
         gidNumber: "4001"

sudo_ldap_scheme.yml

@@ -0,0 +1,26 @@
+parents:
+    ou=sudo:
+        ou: sudo
+        objectClass:
+            - organizationalUnit
+            - top
+children:
+    cn=admin,ou=sudo:
+        cn: admin
+        sudoUser: admin
+        sudoHost: ALL
+        sudoCommand: ALL
+        sudoOption: "!authenticate"
+        objectClass:
+            - sudoRole
+            - top
+
+    cn=yunohost-admin,ou=sudo:
+        cn: yunohost-admin
+        sudoUser: yunohost-admin
+        sudoHost: ALL
+        sudoCommand: /usr/bin/yunohost
+        sudoOption: "!authenticate"
+        objectClass:
+            - sudoRole
+            - top

yunohost_tools.py

@@ -25,9 +25,21 @@ def tools_ldapinit():
         for rdn, attr_dict in ldap_map['parents'].items():
             yldap.add(rdn, attr_dict)
 
-        for rdn, attr_dict in ldap_map['childs'].items():
+        for rdn, attr_dict in ldap_map['children'].items():
             yldap.add(rdn, attr_dict)
 
+        try:
+            with open('/etc/yunohost/from_script') as f: pass
+        except IOError:
+            with open('sudo_ldap_scheme.yml') as f:
+                ldap_map = yaml.load(f)
+
+            for rdn, attr_dict in ldap_map['parents'].items():
+                yldap.add(rdn, attr_dict)
+
+            for rdn, attr_dict in ldap_map['children'].items():
+                yldap.add(rdn, attr_dict)
+
 
         admin_dict = {
             'cn': 'admin',