YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

[enh] Adding check that user is actually created + minor refactor of ldap/auth init

Browse source
This commit is contained in:
Alexandre Aubin 2016-11-28 02:35:19 +01:00
parent 504baefd87
commit f956fa7161
2 changed files with 22 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
locales/en.json
View file

@ -114,6 +114,7 @@
"ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it.", "ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it.",
"iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it.", "iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it.",
"ldap_initialized": "LDAP has been initialized", "ldap_initialized": "LDAP has been initialized",
"ldap_init_failed_to_create_admin": "LDAP initialization failed to create admin. Aborting.",
"license_undefined": "undefined", "license_undefined": "undefined",
"mail_alias_remove_failed": "Unable to remove mail alias '{mail:s}'", "mail_alias_remove_failed": "Unable to remove mail alias '{mail:s}'",
"mail_domain_unknown": "Unknown mail address domain '{domain:s}'", "mail_domain_unknown": "Unknown mail address domain '{domain:s}'",

31
src/yunohost/tools.py
View file

@ -33,6 +33,7 @@ import json
import errno import errno
import logging import logging
import subprocess import subprocess
import pwd
from collections import OrderedDict from collections import OrderedDict
import apt import apt
@ -53,12 +54,20 @@ apps_setting_path= '/etc/yunohost/apps/'
logger = getActionLogger('yunohost.tools') logger = getActionLogger('yunohost.tools')
def tools_ldapinit(auth): def tools_ldapinit():
""" """
YunoHost LDAP initialization YunoHost LDAP initialization
""" """
# Instantiate LDAP Authenticator
auth = init_authenticator(('ldap', 'default'),
{'uri': "ldap://localhost:389",
'base_dn': "dc=yunohost,dc=org",
'user_rdn': "cn=admin" })
auth.authenticate('yunohost')
with open('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') as f: with open('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') as f:
ldap_map = yaml.load(f) ldap_map = yaml.load(f)
@ -83,10 +92,19 @@ def tools_ldapinit(auth):
} }
auth.update('cn=admin', admin_dict) auth.update('cn=admin', admin_dict)
# Force nscd to refresh cache to take admin creation into account
subprocess.call(['nscd', '-i', 'passwd']) subprocess.call(['nscd', '-i', 'passwd'])
logger.success(m18n.n('ldap_initialized')) # Check admin actually exists now
try:
pwd.getpwnam("admin")
except KeyError:
raise MoulinetteError(errno.EINVAL,
m18n.n('ldap_init_failed_to_create_admin'))
logger.success(m18n.n('ldap_initialized'))
return auth
def tools_adminpw(auth, new_password): def tools_adminpw(auth, new_password):
""" """
@ -193,16 +211,9 @@ def tools_postinstall(domain, password, ignore_dyndns=False):
logger.info(m18n.n('yunohost_installing')) logger.info(m18n.n('yunohost_installing'))
# Instantiate LDAP Authenticator
auth = init_authenticator(('ldap', 'default'),
{'uri': "ldap://localhost:389",
'base_dn': "dc=yunohost,dc=org",
'user_rdn': "cn=admin" })
auth.authenticate('yunohost')
# Initialize LDAP for YunoHost # Initialize LDAP for YunoHost
# TODO: Improve this part by integrate ldapinit into conf_regen hook # TODO: Improve this part by integrate ldapinit into conf_regen hook
tools_ldapinit(auth) auth = tools_ldapinit()
# Create required folders # Create required folders
folders_to_create = [ folders_to_create = [