From 19e730f5e3fc58c4a348ac083720e87cd7ca6e56 Mon Sep 17 00:00:00 2001 From: Yunohost Date: Tue, 25 Jun 2013 13:25:18 +0200 Subject: [PATCH] sudo_ldap_scheme.yml --- ldap_scheme.yml | 2 +- sudo_ldap_scheme.yml | 26 ++++++++++++++++++++++++++ yunohost_tools.py | 14 +++++++++++++- 3 files changed, 40 insertions(+), 2 deletions(-) create mode 100644 sudo_ldap_scheme.yml diff --git a/ldap_scheme.yml b/ldap_scheme.yml index d5c5a7d7..adcd46b7 100644 --- a/ldap_scheme.yml +++ b/ldap_scheme.yml @@ -23,7 +23,7 @@ parents: - organizationalUnit - top -childs: +children: cn=admins,ou=groups: cn: admins gidNumber: "4001" diff --git a/sudo_ldap_scheme.yml b/sudo_ldap_scheme.yml new file mode 100644 index 00000000..546e03f5 --- /dev/null +++ b/sudo_ldap_scheme.yml @@ -0,0 +1,26 @@ +parents: + ou=sudo: + ou: sudo + objectClass: + - organizationalUnit + - top +children: + cn=admin,ou=sudo: + cn: admin + sudoUser: admin + sudoHost: ALL + sudoCommand: ALL + sudoOption: "!authenticate" + objectClass: + - sudoRole + - top + + cn=yunohost-admin,ou=sudo: + cn: yunohost-admin + sudoUser: yunohost-admin + sudoHost: ALL + sudoCommand: /usr/bin/yunohost + sudoOption: "!authenticate" + objectClass: + - sudoRole + - top diff --git a/yunohost_tools.py b/yunohost_tools.py index 67462d0c..77e9f9db 100644 --- a/yunohost_tools.py +++ b/yunohost_tools.py @@ -25,9 +25,21 @@ def tools_ldapinit(): for rdn, attr_dict in ldap_map['parents'].items(): yldap.add(rdn, attr_dict) - for rdn, attr_dict in ldap_map['childs'].items(): + for rdn, attr_dict in ldap_map['children'].items(): yldap.add(rdn, attr_dict) + try: + with open('/etc/yunohost/from_script') as f: pass + except IOError: + with open('sudo_ldap_scheme.yml') as f: + ldap_map = yaml.load(f) + + for rdn, attr_dict in ldap_map['parents'].items(): + yldap.add(rdn, attr_dict) + + for rdn, attr_dict in ldap_map['children'].items(): + yldap.add(rdn, attr_dict) + admin_dict = { 'cn': 'admin',