mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
We don't need this ugly trick anymore if we forgot the adminpw
This commit is contained in:
Alexandre Aubin
Alexandre Aubin
parent
8212010979
commit
1cb0a26b06
1 changed files with 1 additions and 67 deletions
|
|
@ -1,69 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
################################
|
||||
# Set a temporary password #
|
||||
################################
|
||||
|
||||
# Generate a random temporary password (won't be valid after this script ends !)
|
||||
# and hash it
|
||||
TMP_LDAPROOT_PASSWORD=`slappasswd -g`
|
||||
TMP_LDAPROOT_PASSWORD_HASH=`slappasswd -h {SSHA} -s ${TMP_LDAPROOT_PASSWORD}`
|
||||
|
||||
# Stop slapd service...
|
||||
service slapd stop
|
||||
|
||||
# Backup slapd.conf (to be restored at the end of script)
|
||||
cp /etc/ldap/slapd.conf /root/slapd.conf.bkp
|
||||
|
||||
# Append lines to slapd.conf to manually define root password hash
|
||||
echo 'rootdn "cn=admin,dc=yunohost,dc=org"' >> /etc/ldap/slapd.conf
|
||||
echo "rootpw $TMP_LDAPROOT_PASSWORD_HASH" >> /etc/ldap/slapd.conf
|
||||
|
||||
# Test conf (might not be entirely necessary though :P)
|
||||
slaptest -Q -u -f /etc/ldap/slapd.conf
|
||||
|
||||
# Regenerate slapd.d directory
|
||||
rm -Rf /etc/ldap/slapd.d
|
||||
mkdir /etc/ldap/slapd.d
|
||||
slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
|
||||
|
||||
# Set permissions to slapd.d
|
||||
chown -R openldap:openldap /etc/ldap/slapd.d/
|
||||
|
||||
# Restore slapd.conf
|
||||
mv /root/slapd.conf.bkp /etc/ldap/slapd.conf
|
||||
|
||||
# Restart slapd service
|
||||
service slapd start
|
||||
|
||||
#######################################
|
||||
# Properly set new admin password #
|
||||
#######################################
|
||||
|
||||
# Display tmp password to user
|
||||
# NB : we do NOT pass it as a command line argument for "yunohost tools adminpw"
|
||||
# as a malicious user could run a script in background waiting for this command
|
||||
# to pop in ps -ef and automatically do nasty stuff in the ldap database
|
||||
# meanwhile.
|
||||
echo "Use this temporary password when asked for the administration password : $TMP_LDAPROOT_PASSWORD"
|
||||
|
||||
# Call yunohost tools adminpw for user to set new password
|
||||
echo "Warning: this script is now deprecated. You can simply type 'yunohost tools adminpw' to change the root/admin password."
|
||||
yunohost tools adminpw
|
||||
|
||||
###########################
|
||||
# Forget tmp password #
|
||||
###########################
|
||||
|
||||
# Stop slapd service
|
||||
service slapd stop
|
||||
|
||||
# Regenerate slapd.d directory
|
||||
rm -Rf /etc/ldap/slapd.d
|
||||
mkdir /etc/ldap/slapd.d
|
||||
slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
|
||||
|
||||
# Set permissions to slapd.d
|
||||
chown -R openldap:openldap /etc/ldap/slapd.d/
|
||||
|
||||
# Restart slapd service
|
||||
service slapd start
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue