YunoHost/moulinette
1
0
Fork 0
mirror of https://github.com/YunoHost/moulinette.git synced 2024-09-03 20:06:31 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #247 from YunoHost/auto-restart-ldap

Browse source 
[fix] try to autorestart ldap when the server is down
This commit is contained in:
Alexandre Aubin 2020-05-07 22:13:47 +02:00 committed by GitHub
commit 51bb878f15
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
locales/en.json
View file

@ -55,5 +55,6 @@
"command_unknown": "Command '{command:s}' unknown ?", "command_unknown": "Command '{command:s}' unknown ?",
"warn_the_user_about_waiting_lock": "Another YunoHost command is running right now, we are waiting for it to finish before running this one", "warn_the_user_about_waiting_lock": "Another YunoHost command is running right now, we are waiting for it to finish before running this one",
"warn_the_user_about_waiting_lock_again": "Still waiting...", "warn_the_user_about_waiting_lock_again": "Still waiting...",
"warn_the_user_that_lock_is_acquired": "the other command just completed, now starting this command" "warn_the_user_that_lock_is_acquired": "the other command just completed, now starting this command",
"ldap_server_is_down_restart_it": "the ldap service is down, attempt to restart it..."
} }

23
moulinette/authenticators/ldap.py
View file

@ -2,15 +2,18 @@
# TODO: Use Python3 to remove this fix! # TODO: Use Python3 to remove this fix!
from __future__ import absolute_import from __future__ import absolute_import
import os
import logging import logging
import random import random
import string import string
import crypt import crypt
import ldap import ldap
import ldap.sasl import ldap.sasl
import time
import ldap.modlist as modlist import ldap.modlist as modlist
from moulinette.core import MoulinetteError from moulinette import m18n
from moulinette.core import MoulinetteError, MoulinetteLdapIsDownError
from moulinette.authenticators import BaseAuthenticator from moulinette.authenticators import BaseAuthenticator
logger = logging.getLogger("moulinette.authenticator.ldap") logger = logging.getLogger("moulinette.authenticator.ldap")
@ -69,7 +72,7 @@ class Authenticator(BaseAuthenticator):
# Implement virtual methods # Implement virtual methods
def authenticate(self, password=None): def authenticate(self, password=None):
try: def _reconnect():
con = ldap.ldapobject.ReconnectLDAPObject( con = ldap.ldapobject.ReconnectLDAPObject(
self._get_uri(), retry_max=10, retry_delay=0.5 self._get_uri(), retry_max=10, retry_delay=0.5
) )
@ -80,11 +83,23 @@ class Authenticator(BaseAuthenticator):
con.simple_bind_s(self.userdn, password) con.simple_bind_s(self.userdn, password)
else: else:
con.simple_bind_s() con.simple_bind_s()
return con
try:
con = _reconnect()
except ldap.INVALID_CREDENTIALS: except ldap.INVALID_CREDENTIALS:
raise MoulinetteError("invalid_password") raise MoulinetteError("invalid_password")
except ldap.SERVER_DOWN: except ldap.SERVER_DOWN:
logger.exception("unable to reach the server to authenticate") # ldap is down, attempt to restart it before really failing
raise MoulinetteError("ldap_server_down") logger.warning(m18n.g("ldap_server_is_down_restart_it"))
os.system("systemctl restart slapd")
time.sleep(10) # waits 10 secondes so we are sure that slapd has restarted
try:
con = _reconnect()
except ldap.SERVER_DOWN:
raise MoulinetteLdapIsDownError("ldap_server_down")
# Check that we are indeed logged in with the right identity # Check that we are indeed logged in with the right identity
try: try:

4
moulinette/core.py
View file

@ -438,6 +438,10 @@ class MoulinetteError(Exception):
self.strerror = msg self.strerror = msg
class MoulinetteLdapIsDownError(MoulinetteError):
"""Used when ldap is down"""
class MoulinetteLock(object): class MoulinetteLock(object):
"""Locker for a moulinette instance """Locker for a moulinette instance