calculate
/
calculate-utils-2.1-server
6
0
Fork 0
Code Issues 3 Pull Requests Releases 1 Wiki Activity

git-svn-id: http://svn.calculate.ru/calculate2/calculate-server/trunk@304 c91db197-33c1-4113-bf15-f8a5c547ca64

Browse Source
develop
asamoukin 16 years ago
parent fad8d52aee
commit 5f02e6b792
32 changed files with 735 additions and 711 deletions
Show Stats Download Patch File Download Diff File

10
ldif/jabber_base.ldif
Unescape View File

@ -1,19 +1,19 @@
# Jabber server
dn: #-soft_ldap_admin_jabber-#
dn: #-ld_jabber_dn-#
objectClass: top
objectClass: organizationalUnit
ou: #-soft_ldap_admin_jabber_name-#
userPassword: #-soft_ldap_admin_jabberpw_hash-#
ou: #-ld_jabber_login-#
userPassword: #-ld_jabber_hash-#
# Users
dn: ou=Users,#-soft_ldap_admin_jabber-#
dn: ou=Users,#-ld_jabber_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Users
# Groups
dn: ou=Groups,#-soft_ldap_admin_jabber-#
dn: ou=Groups,#-ld_jabber_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Groups

8
ldif/jabber_group.ldif
Unescape View File

@ -1,5 +1,5 @@
# Jabber Group
dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_jabber-#
# Jabber group
dn: cn=#-ur_group-#,ou=Groups,#-ld_jabber_dn-#
objectClass: nisNetgroup
cn: #-soft_ldap_group_name-#
description: #-soft_ldap_group_desc-#
cn: #-ur_group-#
description: #-ur_group_comment-#

12
ldif/jabber_user.ldif
Unescape View File

@ -1,9 +1,9 @@
# Jabber user
dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_jabber-#
dn: uid=#-ur_name-#,ou=Users,#-ld_jabber_dn-#
objectClass: inetOrgPerson
uid: #-soft_ldap_user_login-#
cn: #-soft_ldap_user_full_name-#
sn: #-soft_ldap_user_full_name-#
mail: #-soft_ldap_user_login-#@#-net_host-#.#-sys_domain-#
uid: #-ur_name-#
cn: #-ur_fio-#
sn: #-ur_fio-#
mail: #-ur_name-#@#-os_net_hostname-#.#-os_net_domain-#
initials: Yes
userPassword: #-soft_ldap_user_pw_hash-#
userPassword: #-ur_hash-#

24
ldif/ldap_base.ldif
Unescape View File

@ -1,29 +1,29 @@
# Directory Server
dn: #-soft_ldap_base-#
dn: #-ld_base_dn-#
objectClass: dcObject
objectClass: organization
dc: #-soft_ldap_root-#
o: #-setup_sys_fullname-#
dc: #-ld_base_root-#
o: Calculate Directory Server
# Groups
dn: ou=Services,#-soft_ldap_base-#
dn: ou=Services,#-ld_base_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Services
dn: #-soft_ldap_admin-#
cn: #-soft_ldap_adminname-#
sn: #-soft_ldap_adminname-#
dn: #-ld_admin_dn-#
cn: #-ld_admin_login-#
sn: #-ld_admin_login-#
objectClass: person
objectClass: top
description: LDAP Administrator stuff
userPassword: #-soft_ldap_adminpw_hash-#
userPassword: #-ld_admin_hash-#
dn: #-soft_ldap_bind-#
cn: #-soft_ldap_bindname-#
sn: #-soft_ldap_bindname-#
dn: #-ld_bind_dn-#
cn: #-ld_bind_login-#
sn: #-ld_bind_login-#
objectClass: person
objectClass: top
description: LDAP Proxy User
userPassword: #-soft_ldap_bindpw_hash-#
userPassword: #-ld_bind_hash-#

10
ldif/mail_base.ldif
Unescape View File

@ -1,19 +1,19 @@
# Mail server
dn: #-soft_ldap_admin_mail-#
dn: #-ld_mail_dn-#
objectClass: top
objectClass: organizationalUnit
ou: #-soft_ldap_admin_mail_name-#
userPassword: #-soft_ldap_admin_mailpw_hash-#
ou: #-ld_mail_login-#
userPassword: #-ld_mail_hash-#
# Users
dn: ou=Users,#-soft_ldap_admin_mail-#
dn: ou=Users,#-ld_mail_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Users
# Groups
dn: ou=Groups,#-soft_ldap_admin_mail-#
dn: ou=Groups,#-ld_mail_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Groups

12
ldif/mail_group.ldif
Unescape View File

@ -1,9 +1,9 @@
#Mail group
dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_mail-#
dn: cn=#-ur_group-#,ou=Groups,#-ld_mail_dn-#
objectClass: nisNetgroup
objectClass: qmailGroup
cn: #-soft_ldap_group_name-#
mail: #-soft_ldap_group_name-#@#-net_host-#.#-sys_domain-#
mailAlternateAddress: #-soft_ldap_group_name-#@#-net_host-#.#-sys_domain-#
mailMessageStore: #-soft_ldap_group_name-#/
description: #-soft_ldap_group_desc-#
cn: #-ur_group-#
mail: #-ur_group-#@#-os_net_hostname-#.#-os_net_domain-#
mailAlternateAddress: #-ur_group-#@#-os_net_hostname-#.#-os_net_domain-#
mailMessageStore: #-ur_group-#/
description: #-ur_group_comment-#

13
ldif/mail_user.ldif
Unescape View File

@ -1,11 +1,10 @@
#Mail user
dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_mail-#
dn: uid=#-ur_name-#,ou=Users,#-ld_mail_dn-#
objectClass: inetOrgPerson
objectClass: qmailUser
uid: #-soft_ldap_user_login-#
cn: #-soft_ldap_user_full_name-#
sn: #-soft_ldap_user_full_name-#
uid: #-ur_name-#
cn: #-ur_fio-#
sn: #-ur_fio-#
accountStatus: active
#mailMessageStore: #-soft_ldap_user_login-#/
mail: #-soft_ldap_user_login-#@#-net_host-#.#-sys_domain-#
userPassword: #-soft_ldap_user_pw_hash-#
mail: #-ur_name-#@#-os_net_hostname-#.#-os_net_domain-#
userPassword: #-ur_hash-#

12
ldif/samba_base.ldif
Unescape View File

@ -1,24 +1,24 @@
# Samba server
dn: #-soft_ldap_admin_samba-#
dn: #-ld_samba_dn-#
objectClass: top
objectClass: organizationalUnit
ou: #-soft_ldap_admin_samba_name-#
userPassword: #-soft_ldap_admin_sambapw_hash-#
ou: #-ld_samba_login-#
userPassword: #-ld_samba_hash-#
# Users
dn: ou=Computers,#-soft_ldap_admin_samba-#
dn: ou=Computers,#-ld_samba_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Computers
# Users
dn: ou=Users,#-soft_ldap_admin_samba-#
dn: ou=Users,#-ld_samba_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Users
# Groups
dn: ou=Groups,#-soft_ldap_admin_samba-#
dn: ou=Groups,#-ld_samba_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Groups

12
ldif/samba_machine.ldif
Unescape View File

@ -1,13 +1,13 @@
# Add samba account
dn: uid=#-soft_ldap_machine_login-#,ou=Computers,ou=Samba,ou=Services,#-soft_ldap_base-#
# Add samba machine account
dn: uid=#-sr_samba_machine_login-#,ou=Computers,#-ld_samba_dn-#
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
cn: Computer
sn: #-soft_ldap_machine_login-#
uid: #-soft_ldap_machine_login-#
uidNumber: #-soft_ldap_machine_id-#
gidNumber: #-soft_ldap_machine_gid-#
sn: #-sr_samba_machine_login-#
uid: #-sr_samba_machine_login-#
uidNumber: #-sr_samba_machine_id-#
gidNumber: #-sr_samba_machine_gid-#
homeDirectory: /dev/null
loginShell: /bin/false

10
ldif/unix_base.ldif
Unescape View File

@ -1,19 +1,19 @@
# Unix Server
dn: #-soft_ldap_admin_unix-#
dn: #-ld_unix_dn-#
objectClass: top
objectClass: organizationalUnit
ou: #-soft_ldap_admin_unix_name-#
userPassword: #-soft_ldap_admin_unixpw_hash-#
ou: #-ld_unix_login-#
userPassword: #-ld_unix_hash-#
# Users
dn: ou=Users,#-soft_ldap_admin_unix-#
dn: ou=Users,#-ld_unix_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Users
# Groups
dn: ou=Groups,#-soft_ldap_admin_unix-#
dn: ou=Groups,#-ld_unix_dn-#
objectClass: top
objectClass: organizationalUnit
ou: Groups

10
ldif/unix_group.ldif
Unescape View File

@ -1,6 +1,6 @@
# LDAP Group
dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_unix-#
# Unix group
dn: cn=#-ur_group-#,ou=Groups,#-ld_unix_dn-#
objectClass: posixGroup
cn: #-soft_ldap_group_name-#
gidNumber: #-soft_ldap_group_id-#
description: #-soft_ldap_group_desc-#
cn: #-ur_group-#
gidNumber: #-ur_group_id-#
description: #-ur_group_comment-#

22
ldif/unix_user.ldif
Unescape View File

@ -1,17 +1,17 @@
# Add posix Account
dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_unix-#
# Unix account
dn: uid=#-ur_name-#,ou=Users,#-ld_unix_dn-#
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: #-soft_ldap_user_full_name-#
gidNumber: #-soft_ldap_user_gid-#
homeDirectory: #-soft_ldap_user_home-#
loginShell: #-soft_ldap_user_shell-#
cn: #-ur_fio-#
gidNumber: #-ur_gid-#
homeDirectory: #-ur_home_path-#
loginShell: #-ur_shell-#
# число дней с 1970 года в течении которых будет действовать пароль
shadowExpire: -1
# зарезервированный аттрибут (У нас это видимость пользователя другим компьютером)
shadowFlag: #-soft_ldap_user_visible-#
shadowFlag: #-ur_visible-#
# число дней, после устаревания пароля для блокировки учётной записи
shadowInactive: -1
# Дата последнего измения пароля в днях с 1970 года (26 августа 2008 года)
@ -22,7 +22,7 @@ shadowMax: 999999
shadowMin: 0
# число дней, за сколько пользователя начнут предупреждать, что пароль устаревает
shadowWarning: 7
sn: #-soft_ldap_user_login-#
uid: #-soft_ldap_user_login-#
uidNumber: #-soft_ldap_user_id-#
userPassword: #-soft_ldap_user_pw_hash-#
sn: #-ur_name-#
uid: #-ur_name-#
uidNumber: #-ur_id-#
userPassword: #-ur_hash-#

10
profile/backup/etc/openldap/slapd.conf
Unescape View File

@ -23,11 +23,11 @@ modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
by * auth
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
@ -35,9 +35,9 @@ defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
rootdn "#-soft_ldap_admin_tmp-#"
rootpw #-soft_ldap_adminpw_tmp_hash-#
suffix "#-ld_base_dn-#"
rootdn "#-ld_temp_dn-#"
rootpw #-ld_temp_hash-#
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data

12
profile/jabber/etc/jabber/ejabberd.cfg
Unescape View File

@ -4,7 +4,7 @@
%%%
{loglevel, 4}.
{hosts, ["localhost", "#-net_host-#.#-sys_domain-#"]}.
{hosts, ["localhost", "#-os_net_hostname-#.#-os_net_domain-#"]}.
{listen,
[
{5223, ejabberd_c2s, [
@ -26,14 +26,14 @@
]}.
{auth_method, ldap}.
{ldap_servers, ["localhost"]}.
{ldap_uids, [{"mail", "%u@#-net_host-#.#-sys_domain-#"}]}.
{ldap_base, "#-soft_ldap_admin_jabber-#"}.
{ldap_rootdn, "#-soft_ldap_admin_jabber-#"}.
{ldap_uids, [{"mail", "%u@#-os_net_hostname-#.#-os_net_domain-#"}]}.
{ldap_base, "#-ld_jabber_dn-#"}.
{ldap_rootdn, "#-ld_jabber_dn-#"}.
{ldap_filter, "(initials=Yes)"}.
{ldap_password, "#-soft_ldap_admin_jabberpw-#"}.
{ldap_password, "#-ld_jabber_pw-#"}.
{shaper, normal, {maxrate, 1000}}.
{shaper, fast, {maxrate, 50000}}.
{acl, admin, {user, "admin", "#-net_host-#.#-sys_domain-#"}}.
{acl, admin, {user, "admin", "#-os_net_hostname-#.#-os_net_domain-#"}}.
{acl, local, {user_regexp, ""}}.
{access, max_user_sessions, [{10, all}]}.
{access, local, [{allow, local}]}.

114
profile/jabber/etc/openldap/slapd.conf
Unescape View File

@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
include /etc/openldap/schema/samba.schema
#soft_samba_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
#sr_samba_set#
#?sr_mail_set==on||cl_pass_service==mail#
include /etc/openldap/schema/mail.schema
#soft_mail_setup#
#sr_mail_set#
schemacheck on
pidfile /var/run/openldap/slapd.pid
@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
by dn="#-soft_ldap_admin_samba-#" write
#soft_samba_setup#
#?sr_samba_set==on||cl_pass_service==samba#
by dn="#-ld_samba_dn-#" write
#sr_samba_set#
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
by dn="#-soft_ldap_admin_unix-#" write
#soft_unix_setup#
#?sr_unix_set==on||cl_pass_service==unix#
by dn="#-ld_unix_dn-#" write
#sr_unix_set#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
by dn="#-soft_ldap_admin_mail-#" read
#soft_mail_setup#
#?sr_mail_set==on||cl_pass_service==mail#
by dn="#-ld_mail_dn-#" read
#sr_mail_set#
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
by dn="#-soft_ldap_admin_jabber-#" read
#soft_jabber_setup#
#?sr_jabber_set==on||cl_pass_service==jabber#
by dn="#-ld_jabber_dn-#" read
#sr_jabber_set#
by * auth
# Доступ к аттрибутам Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
access to attrs=sambaLMPassword,sambaNTPassword
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к пользователю только для просмотра
access to dn.base="#-soft_ldap_bind-#"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_bind-#" read
access to dn.base="#-ld_bind_dn-#"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
# Доступ к администратору сервера LDAP
access to dn.base="#-soft_ldap_admin-#"
by dn="#-soft_ldap_admin-#" write
access to dn.base="#-ld_admin_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ к ветке Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to dn.regex=".*#-soft_ldap_admin_samba-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_samba_set==on||cl_pass_service==samba#
access to dn.regex=".*#-ld_samba_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к ветке Unix
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
access to dn.regex=".*#-soft_ldap_admin_unix-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_unix_set==on||cl_pass_service==unix#
access to dn.regex=".*#-ld_unix_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_unix_setup#
#sr_unix_set#
# Доступ к ветке Mail
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
access to dn.regex=".*#-soft_ldap_admin_mail-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_mail-#" read
#?sr_mail_set==on||cl_pass_service==mail#
access to dn.regex=".*#-ld_mail_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_mail_dn-#" read
by * none
#soft_mail_setup#
#sr_mail_set#
# Доступ к ветке Jabber
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
access to dn.regex=".*#-soft_ldap_admin_jabber-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_jabber-#" read
#?sr_jabber_set==on||cl_pass_service==jabber#
access to dn.regex=".*#-ld_jabber_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_jabber_dn-#" read
by * none
#soft_jabber_setup#
#sr_jabber_set#
# Доступ к остальным веткам сервисов
access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$"
by dn="#-soft_ldap_admin-#" write
by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write
access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn.regex="ou=$1,#-ld_services_dn-#" write
by * none
# Закрываем доступ к веткам
access to dn.regex=".*,#-soft_ldap_sevices_dn-#"
by dn="#-soft_ldap_admin-#" write
access to dn.regex=".*,#-ld_services_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
@ -121,7 +121,7 @@ defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
suffix "#-ld_base_dn-#"
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data

10
profile/mail/etc/dovecot/dovecot-ldap.conf
Unescape View File

@ -2,19 +2,19 @@
chmod=0600\
chown=root:root
# LDAP хост
hosts = #-net_host-#
hosts = #-os_net_hostname-#
# DN администратора
dn = #-soft_ldap_admin_mail-#
dn = #-ld_mail_dn-#
# Пароль администратора
dnpass = #-soft_ldap_admin_mailpw-#
dnpass = #-ld_mail_pw-#
# Включить аутенфикацию
auth_bind = yes
# Пользователь для аутенфикации
auth_bind_userdn = uid=%u,ou=Users,#-soft_ldap_admin_mail-#
auth_bind_userdn = uid=%u,ou=Users,#-ld_mail_dn-#
# Версия LDAP протокола
ldap_version = 2
# Базовый DN LDAP
base = ou=Users,#-soft_ldap_admin_mail-#
base = ou=Users,#-ld_mail_dn-#
# Тип поиска: base, onelevel, subtree
scope = subtree
# Фильтр для поиска пользователя

2
profile/mail/etc/dovecot/dovecot.conf
Unescape View File

@ -2,7 +2,7 @@
chmod=0644\
chown=root:root
# Тип хранения почты и расположение почтовых папок
mail_location = maildir:#-soft_ldap_mail_path-#/%u
mail_location = maildir:#-sr_mail_path-#/%u
# Аутенфикация по умолчанию
auth default {
# Удаляем аутенфикацию pam

114
profile/mail/etc/openldap/slapd.conf
Unescape View File

@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
include /etc/openldap/schema/samba.schema
#soft_samba_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
#sr_samba_set#
#?sr_mail_set==on||cl_pass_service==mail#
include /etc/openldap/schema/mail.schema
#soft_mail_setup#
#sr_mail_set#
schemacheck on
pidfile /var/run/openldap/slapd.pid
@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
by dn="#-soft_ldap_admin_samba-#" write
#soft_samba_setup#
#?sr_samba_set==on||cl_pass_service==samba#
by dn="#-ld_samba_dn-#" write
#sr_samba_set#
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
by dn="#-soft_ldap_admin_unix-#" write
#soft_unix_setup#
#?sr_unix_set==on||cl_pass_service==unix#
by dn="#-ld_unix_dn-#" write
#sr_unix_set#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
by dn="#-soft_ldap_admin_mail-#" read
#soft_mail_setup#
#?sr_mail_set==on||cl_pass_service==mail#
by dn="#-ld_mail_dn-#" read
#sr_mail_set#
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
by dn="#-soft_ldap_admin_jabber-#" read
#soft_jabber_setup#
#?sr_jabber_set==on||cl_pass_service==jabber#
by dn="#-ld_jabber_dn-#" read
#sr_jabber_set#
by * auth
# Доступ к аттрибутам Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
access to attrs=sambaLMPassword,sambaNTPassword
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к пользователю только для просмотра
access to dn.base="#-soft_ldap_bind-#"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_bind-#" read
access to dn.base="#-ld_bind_dn-#"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
# Доступ к администратору сервера LDAP
access to dn.base="#-soft_ldap_admin-#"
by dn="#-soft_ldap_admin-#" write
access to dn.base="#-ld_admin_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ к ветке Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to dn.regex=".*#-soft_ldap_admin_samba-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_samba_set==on||cl_pass_service==samba#
access to dn.regex=".*#-ld_samba_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к ветке Unix
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
access to dn.regex=".*#-soft_ldap_admin_unix-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_unix_set==on||cl_pass_service==unix#
access to dn.regex=".*#-ld_unix_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_unix_setup#
#sr_unix_set#
# Доступ к ветке Mail
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
access to dn.regex=".*#-soft_ldap_admin_mail-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_mail-#" read
#?sr_mail_set==on||cl_pass_service==mail#
access to dn.regex=".*#-ld_mail_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_mail_dn-#" read
by * none
#soft_mail_setup#
#sr_mail_set#
# Доступ к ветке Jabber
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
access to dn.regex=".*#-soft_ldap_admin_jabber-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_jabber-#" read
#?sr_jabber_set==on||cl_pass_service==jabber#
access to dn.regex=".*#-ld_jabber_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_jabber_dn-#" read
by * none
#soft_jabber_setup#
#sr_jabber_set#
# Доступ к остальным веткам сервисов
access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$"
by dn="#-soft_ldap_admin-#" write
by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write
access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn.regex="ou=$1,#-ld_services_dn-#" write
by * none
# Закрываем доступ к веткам
access to dn.regex=".*,#-soft_ldap_sevices_dn-#"
by dn="#-soft_ldap_admin-#" write
access to dn.regex=".*,#-ld_services_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
@ -121,7 +121,7 @@ defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
suffix "#-ld_base_dn-#"
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data

8
profile/mail/etc/postfix/ldap-aliases-gr.cf
Unescape View File

@ -1,12 +1,12 @@
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_host = #-os_net_hostname-#
server_port = 389
bind = yes
bind_dn = #-soft_ldap_admin_mail-#
bind_pw = #-soft_ldap_admin_mailpw-#
search_base = ou=Groups,#-soft_ldap_admin_mail-#
bind_dn = #-ld_mail_dn-#
bind_pw = #-ld_mail_pw-#
search_base = ou=Groups,#-ld_mail_dn-#
query_filter = (|(mail=%s)(mailAlternateAddress=%s))
result_attribute = rfc822member
#result_filter = %s,%u@cds.local.calculate.ru

8
profile/mail/etc/postfix/ldap-aliases.cf
Unescape View File

@ -1,11 +1,11 @@
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_host = #-os_net_hostname-#
server_port = 389
bind = yes
bind_dn = #-soft_ldap_admin_mail-#
bind_pw = #-soft_ldap_admin_mailpw-#
search_base = #-soft_ldap_admin_mail-#
bind_dn = #-ld_mail_dn-#
bind_pw = #-ld_mail_pw-#
search_base = #-ld_mail_dn-#
query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(AccountStatus=active))
result_attribute = mail

8
profile/mail/etc/postfix/ldap-recipient-gr.cf
Unescape View File

@ -1,11 +1,11 @@
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_host = #-os_net_hostname-#
server_port = 389
bind = yes
bind_dn = #-soft_ldap_admin_mail-#
bind_pw = #-soft_ldap_admin_mailpw-#
search_base = ou=Groups,#-soft_ldap_admin_mail-#
bind_dn = #-ld_mail_dn-#
bind_pw = #-ld_mail_pw-#
search_base = ou=Groups,#-ld_mail_dn-#
query_filter = (|(mail=%s)(mailAlternateAddress=%s))
result_attribute = cn

8
profile/mail/etc/postfix/ldap-recipient.cf
Unescape View File

@ -1,11 +1,11 @@
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_host = #-os_net_hostname-#
server_port = 389
bind = yes
bind_dn = #-soft_ldap_admin_mail-#
bind_pw = #-soft_ldap_admin_mailpw-#
search_base = ou=Users,#-soft_ldap_admin_mail-#
bind_dn = #-ld_mail_dn-#
bind_pw = #-ld_mail_pw-#
search_base = ou=Users,#-ld_mail_dn-#
query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(AccountStatus=active))
result_attribute = uid

4
profile/mail/etc/postfix/main.cf
Unescape View File

@ -22,7 +22,7 @@ daemon_directory = /usr/lib/postfix
mail_owner = postfix
#Имя хоста
myhostname = #-net_host-#.#-sys_domain-#
myhostname = #-os_net_hostname-#.#-os_net_domain-#
#Определяет домен данного компьютера. По умолчанию преобразуется из myhostname
#mydomain = local.calculate.ru
@ -55,7 +55,7 @@ unknown_local_recipient_reject_code = 550
#прописываем следующие сети 127.0.0.0 (для localhost, собственно сам
#сервер), 192.168.10.0 (для всех других компьютеров в нашей внешней сети),
#и 192.168.0.0 (для всех компьютеров во внутренней сети).
mynetworks = #-net_networks-#, 127.0.0.0/8#-soft_ldap_mail_relay-#
mynetworks = #-os_net_allow-#, 127.0.0.0/8#-sr_mail_relay-#
#По умолчанию, Postfix пытается посылать почту в Internet напрямую. В зависимости
#от окружения, в котором функционирует Ваш почтовый сервер, это может быть

2
profile/mail/etc/procmailrc
Unescape View File

@ -2,6 +2,6 @@
chmod=0644\
chown=root:root
# Директория хранения почты
DEFAULT=#-soft_ldap_mail_path-#/$LOGNAME/
DEFAULT=#-sr_mail_path-#/$LOGNAME/
MAILDIR=$DEFAULT

2
profile/samba/etc/ldap.conf
Unescape View File

@ -1,4 +1,4 @@
# Calculate format=ldap\
chmod=0644\
chown=root:root
+nss_base_passwd ou=Computers,#-soft_ldap_admin_samba-#?one
+nss_base_passwd ou=Computers,#-ld_samba_dn-#?one

114
profile/samba/etc/openldap/slapd.conf
Unescape View File

@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
include /etc/openldap/schema/samba.schema
#soft_samba_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
#sr_samba_set#
#?sr_mail_set==on||cl_pass_service==mail#
include /etc/openldap/schema/mail.schema
#soft_mail_setup#
#sr_mail_set#
schemacheck on
pidfile /var/run/openldap/slapd.pid
@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
by dn="#-soft_ldap_admin_samba-#" write
#soft_samba_setup#
#?sr_samba_set==on||cl_pass_service==samba#
by dn="#-ld_samba_dn-#" write
#sr_samba_set#
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
by dn="#-soft_ldap_admin_unix-#" write
#soft_unix_setup#
#?sr_unix_set==on||cl_pass_service==unix#
by dn="#-ld_unix_dn-#" write
#sr_unix_set#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
by dn="#-soft_ldap_admin_mail-#" read
#soft_mail_setup#
#?sr_mail_set==on||cl_pass_service==mail#
by dn="#-ld_mail_dn-#" read
#sr_mail_set#
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
by dn="#-soft_ldap_admin_jabber-#" read
#soft_jabber_setup#
#?sr_jabber_set==on||cl_pass_service==jabber#
by dn="#-ld_jabber_dn-#" read
#sr_jabber_set#
by * auth
# Доступ к аттрибутам Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
access to attrs=sambaLMPassword,sambaNTPassword
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к пользователю только для просмотра
access to dn.base="#-soft_ldap_bind-#"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_bind-#" read
access to dn.base="#-ld_bind_dn-#"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
# Доступ к администратору сервера LDAP
access to dn.base="#-soft_ldap_admin-#"
by dn="#-soft_ldap_admin-#" write
access to dn.base="#-ld_admin_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ к ветке Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to dn.regex=".*#-soft_ldap_admin_samba-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_samba_set==on||cl_pass_service==samba#
access to dn.regex=".*#-ld_samba_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к ветке Unix
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
access to dn.regex=".*#-soft_ldap_admin_unix-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_unix_set==on||cl_pass_service==unix#
access to dn.regex=".*#-ld_unix_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_unix_setup#
#sr_unix_set#
# Доступ к ветке Mail
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
access to dn.regex=".*#-soft_ldap_admin_mail-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_mail-#" read
#?sr_mail_set==on||cl_pass_service==mail#
access to dn.regex=".*#-ld_mail_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_mail_dn-#" read
by * none
#soft_mail_setup#
#sr_mail_set#
# Доступ к ветке Jabber
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
access to dn.regex=".*#-soft_ldap_admin_jabber-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_jabber-#" read
#?sr_jabber_set==on||cl_pass_service==jabber#
access to dn.regex=".*#-ld_jabber_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_jabber_dn-#" read
by * none
#soft_jabber_setup#
#sr_jabber_set#
# Доступ к остальным веткам сервисов
access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$"
by dn="#-soft_ldap_admin-#" write
by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write
access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn.regex="ou=$1,#-ld_services_dn-#" write
by * none
# Закрываем доступ к веткам
access to dn.regex=".*,#-soft_ldap_sevices_dn-#"
by dn="#-soft_ldap_admin-#" write
access to dn.regex=".*,#-ld_services_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
@ -121,7 +121,7 @@ defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
suffix "#-ld_base_dn-#"
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data

22
profile/samba/etc/samba/smb.conf
Unescape View File

@ -4,9 +4,9 @@ chown=root:root
[global]
# Имя сервера
# --------------------------------------------------------------------
workgroup = #-soft_samba_domain-#
netbios name = #-soft_samba_netbios-#
server string = #-setup_sys_fullname-#
workgroup = #-sr_samba_domain-#
netbios name = #-sr_samba_netbios-#
server string = Calculate Directory Server
# Права на создание файлов
# --------------------------------------------------------------------
@ -29,8 +29,8 @@ chown=root:root
passdb backend = ldapsam:ldap://127.0.0.1/
ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = #-soft_ldap_admin_samba-#
ldap suffix = #-soft_ldap_admin_samba-#
ldap admin dn = #-ld_samba_dn-#
ldap suffix = #-ld_samba_dn-#
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
@ -58,7 +58,7 @@ chown=root:root
logon home = \\%L\%U
logon drive = H:
hosts allow = #-net_networks-# 127.
hosts allow = #-os_net_allow-# 127.
hosts deny = 0.0.0.0/0
#interfaces = 127.0.0.1 eth0
map to guest = bad user
@ -82,7 +82,7 @@ chown=root:root
;time offset =
[homes]
path = #-soft_samba_home_path-#
path = #-sr_samba_home_path-#
comment = Home Directories
valid users = %U
read only = No
@ -91,7 +91,7 @@ chown=root:root
browseable = No
[profiles]
path = #-soft_samba_winprofile_path-#
path = #-sr_samba_winprof_path-#
create mask = 0600
directory mask = 0700
browseable = No
@ -103,7 +103,7 @@ chown=root:root
valid users = %U @"Domain Admins"
[unix]
path = #-soft_samba_linprofile_path-#
path = #-sr_samba_linprof_path-#
create mask = 0600
directory mask = 0700
browseable = No
@ -115,12 +115,12 @@ chown=root:root
valid users = %U @"Domain Admins"
[netlogon]
path = #-soft_samba_winlogon_path-#/%u
path = #-sr_samba_winlogon_path-#/%u
browseable = No
read only = yes
[share]
path = #-soft_samba_share_path-#
path = #-sr_samba_share_path-#
comment = Share Files
browseable = yes
writable = yes

14
profile/unix/etc/ldap.conf
Unescape View File

@ -2,17 +2,17 @@
chmod=0644\
chown=root:root
host localhost
base #-soft_ldap_sevices_dn-#
rootbinddn #-soft_ldap_admin_unix-#
binddn #-soft_ldap_bind-#
bindpw #-soft_ldap_bindpw-#
base #-ld_services_dn-#
rootbinddn #-ld_unix_dn-#
binddn #-ld_bind_dn-#
bindpw #-ld_bind_pw-#
port 389
ldap_version 3
bind_policy soft
#ускорим ограничив область поиска
nss_base_passwd ou=Users,#-soft_ldap_admin_unix-#?one
nss_base_shadow ou=Users,#-soft_ldap_admin_unix-#?one
nss_base_group ou=Groups,#-soft_ldap_admin_unix-#?one
nss_base_passwd ou=Users,#-ld_unix_dn-#?one
nss_base_shadow ou=Users,#-ld_unix_dn-#?one
nss_base_group ou=Groups,#-ld_unix_dn-#?one
pam_password md5

114
profile/unix/etc/openldap/slapd.conf
Unescape View File

@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
include /etc/openldap/schema/samba.schema
#soft_samba_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
#sr_samba_set#
#?sr_mail_set==on||cl_pass_service==mail#
include /etc/openldap/schema/mail.schema
#soft_mail_setup#
#sr_mail_set#
schemacheck on
pidfile /var/run/openldap/slapd.pid
@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
by dn="#-soft_ldap_admin_samba-#" write
#soft_samba_setup#
#?sr_samba_set==on||cl_pass_service==samba#
by dn="#-ld_samba_dn-#" write
#sr_samba_set#
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
by dn="#-soft_ldap_admin_unix-#" write
#soft_unix_setup#
#?sr_unix_set==on||cl_pass_service==unix#
by dn="#-ld_unix_dn-#" write
#sr_unix_set#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
by dn="#-soft_ldap_admin_mail-#" read
#soft_mail_setup#
#?sr_mail_set==on||cl_pass_service==mail#
by dn="#-ld_mail_dn-#" read
#sr_mail_set#
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
by dn="#-soft_ldap_admin_jabber-#" read
#soft_jabber_setup#
#?sr_jabber_set==on||cl_pass_service==jabber#
by dn="#-ld_jabber_dn-#" read
#sr_jabber_set#
by * auth
# Доступ к аттрибутам Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
#?sr_samba_set==on||cl_pass_service==samba#
access to attrs=sambaLMPassword,sambaNTPassword
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к пользователю только для просмотра
access to dn.base="#-soft_ldap_bind-#"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_bind-#" read
access to dn.base="#-ld_bind_dn-#"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
# Доступ к администратору сервера LDAP
access to dn.base="#-soft_ldap_admin-#"
by dn="#-soft_ldap_admin-#" write
access to dn.base="#-ld_admin_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ к ветке Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to dn.regex=".*#-soft_ldap_admin_samba-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_samba_set==on||cl_pass_service==samba#
access to dn.regex=".*#-ld_samba_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_samba_setup#
#sr_samba_set#
# Доступ к ветке Unix
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
access to dn.regex=".*#-soft_ldap_admin_unix-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
#?sr_unix_set==on||cl_pass_service==unix#
access to dn.regex=".*#-ld_unix_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_samba_dn-#" write
by dn="#-ld_unix_dn-#" write
by dn="#-ld_bind_dn-#" read
by * none
#soft_unix_setup#
#sr_unix_set#
# Доступ к ветке Mail
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
access to dn.regex=".*#-soft_ldap_admin_mail-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_mail-#" read
#?sr_mail_set==on||cl_pass_service==mail#
access to dn.regex=".*#-ld_mail_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_mail_dn-#" read
by * none
#soft_mail_setup#
#sr_mail_set#
# Доступ к ветке Jabber
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
access to dn.regex=".*#-soft_ldap_admin_jabber-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_jabber-#" read
#?sr_jabber_set==on||cl_pass_service==jabber#
access to dn.regex=".*#-ld_jabber_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn="#-ld_jabber_dn-#" read
by * none
#soft_jabber_setup#
#sr_jabber_set#
# Доступ к остальным веткам сервисов
access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$"
by dn="#-soft_ldap_admin-#" write
by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write
access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$"
by dn="#-ld_admin_dn-#" write
by dn.regex="ou=$1,#-ld_services_dn-#" write
by * none
# Закрываем доступ к веткам
access to dn.regex=".*,#-soft_ldap_sevices_dn-#"
by dn="#-soft_ldap_admin-#" write
access to dn.regex=".*,#-ld_services_dn-#"
by dn="#-ld_admin_dn-#" write
by * none
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by dn="#-ld_admin_dn-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
@ -121,7 +121,7 @@ defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
suffix "#-ld_base_dn-#"
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data

272
pym/cl_ldap.py
Unescape View File

@ -58,8 +58,8 @@ def adminConnectLdap(fun):
if not self.getLdapObjInFile():
flagError = True
if not self.baseDN:
if self.clVars.defined("soft_ldap_base"):
self.baseDN = self.clVars.Get("soft_ldap_base")
if self.clVars.defined("ld_base_dn"):
self.baseDN = self.clVars.Get("ld_base_dn")
if not self.baseDN:
self.printERROR (_('Not found LDAP base DN'))
if flagError:
@ -195,7 +195,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
strUid = resPasswd.split(":")[2]
if strUid:
delBackDir =\
os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"),
os.path.join(self.clVars.Get("sr_deleted_path"),
"%s-%s"%(userName,strUid),
service)
if strUid and os.path.exists(delBackDir) and os.listdir(delBackDir):
@ -234,7 +234,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
strUid = searchUnixUser[0][0][1]['uidNumber'][0]
if strUid:
delBackDir =\
os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"),
os.path.join(self.clVars.Get("sr_deleted_path"),
"%s-%s"%(userName,strUid),
service)
if os.path.exists(delBackDir) and os.listdir(delBackDir):
@ -245,19 +245,19 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
return False
else:
delBackDir =\
os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"),
os.path.join(self.clVars.Get("sr_deleted_path"),
"%s"%(userName),
service)
i = 0
while os.path.exists(delBackDir):
i += 1
delBackDir =\
os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"),
os.path.join(self.clVars.Get("sr_deleted_path"),
"%s_%s"%(userName,i),
service)
# Cоздаем директорию хранения удаленных пользователей
if not os.path.exists(self.clVars.Get("soft_ldap_delete_user_dir")):
os.makedirs(self.clVars.Get("soft_ldap_delete_user_dir"))
if not os.path.exists(self.clVars.Get("sr_deleted_path")):
os.makedirs(self.clVars.Get("sr_deleted_path"))
#Делаем сохранение директории
try:
self.copyDir(delBackDir,srcDir)
@ -338,7 +338,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
def getALLServices(self):
"""Получаем все сервисы которые описаны в профилях"""
# путь к директории профилей
profilePath = self.clVars.Get("setup_path_profinstall")[0]
profilePath = self.clVars.Get("cl_profile_path")[-1]
data = os.listdir(profilePath)
service = []
for fileData in data:
@ -597,7 +597,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
return True
def createUserDir(self, uid, gid, userDir, mode=0700):
"""Создание пользовательской директории для почты"""
"""Создание пользовательской директории"""
if not os.path.exists(userDir):
os.makedirs(userDir)
if mode:
@ -1226,7 +1226,7 @@ class servUnix(shareLdap):
_("group name %s is found in Unix service") %\
str(groupName) + " ...")
return True
self.clVars.Set("soft_ldap_group_name",groupName)
self.clVars.Set("ur_group",groupName)
# номер группы
gid = str(self.getMaxGid())
if options.has_key('g'):
@ -1242,12 +1242,12 @@ class servUnix(shareLdap):
if self.searchUnixGid(gid):
self.printERROR(_("GID is found in Unix service") + " ...")
return False
self.clVars.Set("soft_ldap_group_id", gid)
self.clVars.Set("ur_group_id", gid)
# Коментарий к группе
gecos = self.groupGecos
if options.has_key('c'):
gecos = options['c']
self.clVars.Set("soft_ldap_group_desc",gecos)
self.clVars.Set("ur_group_comment",gecos)
ldifFile = self.ldifFileGroup
groupLdif = self.createLdif(ldifFile)
@ -1270,7 +1270,7 @@ class servUnix(shareLdap):
def addMachineLdapServer(self, machineName, options):
"""Добавляет Unix машину в LDAP-сервер"""
machineLogin = machineName.replace('$','') + "$"
groupName = self.clVars.Get('soft_ldap_machine_group_name')
groupName = self.clVars.Get('sr_samba_machine_group')
resSearch = self.searchUnixGroupName(groupName)
if resSearch:
@ -1298,11 +1298,11 @@ class servUnix(shareLdap):
options = {'g':groupId,'c':self.groupCompGecos}
if not self.addGroupUnixServer(groupName, options):
return False
self.clVars.Set('soft_ldap_machine_login',machineLogin)
self.clVars.Set('sr_samba_machine_login',machineLogin)
# Находим последний добавленный id
userIdNumber = str(self.getMaxUid())
self.clVars.Set('soft_ldap_machine_id',userIdNumber)
self.clVars.Set('soft_ldap_machine_gid',groupId)
self.clVars.Set('sr_samba_machine_id',userIdNumber)
self.clVars.Set('sr_samba_machine_gid',groupId)
ldifFile = self.ldifFileMachine
userLdif = self.createLdif(ldifFile)
if not self.ldapObj.getError():
@ -1311,7 +1311,6 @@ class servUnix(shareLdap):
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
#clVars.Write("soft_ldap_user_id",str(int(userId)+1))
self.printSUCCESS(_("Added machine") + "...")
return True
@ -1326,7 +1325,7 @@ class servUnix(shareLdap):
return False
# id нового пользователя
userId = str(self.getMaxUid())
self.clVars.Set("soft_ldap_user_login", userName)
self.clVars.Set("ur_name", userName)
baseDir = self.baseDir
# Базовая домашняя директория
if options.has_key('b'):
@ -1341,23 +1340,23 @@ class servUnix(shareLdap):
homeDir = options['d']
else:
homeDir = os.path.join(baseDir, userName)
self.clVars.Set("soft_ldap_user_home",homeDir)
self.clVars.Set("ur_home_path",homeDir)
fullNameUser = self.fullNameUser
# Полное имя пользователя
if options.has_key('c'):
fullNameUser = options['c']
self.clVars.Set("soft_ldap_user_full_name",fullNameUser)
self.clVars.Set("ur_fio",fullNameUser)
# По умолчанию пользователя не видно
visible = '0'
if options.has_key('v'):
visible = '1'
self.clVars.Set("soft_ldap_user_visible",visible)
self.clVars.Set("ur_visible",visible)
# Оболочка пользователя
userShell = self.userShell
if options.has_key('s'):
userShell = options['s']
self.clVars.Set("soft_ldap_user_shell", userShell)
self.clVars.Set("ur_shell", userShell)
# id пользователя
if options.has_key('u'):
@ -1376,7 +1375,7 @@ class servUnix(shareLdap):
" /etc/passwd"+ " ...")
return False
self.clVars.Set("soft_ldap_user_id",userId)
self.clVars.Set("ur_id",userId)
# Добавляем пользователя в группы (находим имена групп)
if options.has_key('G'):
@ -1426,7 +1425,7 @@ class servUnix(shareLdap):
self.printERROR(_("ERROR") + ": " +\
_("create crypto password"))
return False
self.clVars.Set("soft_ldap_user_pw_hash",userPwdHash)
self.clVars.Set("ur_hash",userPwdHash)
# флаги добавления
flagAdd = {}
# Добавление основной группы пользователя
@ -1446,7 +1445,7 @@ class servUnix(shareLdap):
flagAdd['group'] = flagAddGroup
if not flagAddGroup:
return False
self.clVars.Set("soft_ldap_user_gid", userGid)
self.clVars.Set("ur_gid", userGid)
ldifFile = self.ldifFileUser
userLdif = self.createLdif(ldifFile)
@ -2143,12 +2142,12 @@ service"))
if options.has_key("f"):
forceOptions = True
# В случае если сервер установлен
if self.clVars.Get("soft_unix_setup") == "yes" and\
if self.clVars.Get("sr_unix_set") == "on" and\
not forceOptions:
self.printWARNING (_("WARNING") + ": " +\
_("Unix service already configured")+ ".")
return True
if not self.clVars.Get("soft_ldap_setup") == "yes":
if not self.clVars.Get("sr_ldap_set") == "on":
self.printERROR(_("LDAP service not setuped") +" ...")
return False
if not forceOptions:
@ -2174,10 +2173,8 @@ service"))
bakupObj = servLdap()
bakupObj.backupServer()
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","unix")
self.clVars.Write("soft_unix_setup","no")
# Для тестовых целей устанавливаем директорию инсталяции
#clVars.Set("setup_path_install","/tmp/test1/")
self.clVars.Set("cl_pass_service","unix")
self.clVars.Write("sr_unix_set","off")
# Cоздаем объект профиль устанавливая директорию ldap для
# файлов профилей
if not self.applyProfilesFromService('unix'):
@ -2217,10 +2214,10 @@ service"))
# Записываем данные администратора сервиса Unix
ldapParser = iniLdapParser()
ldapParser.setVar("unix",
{"DN":self.clVars.Get("soft_ldap_admin_unix"),
"PASS":self.clVars.Get("soft_ldap_admin_unixpw")})
{"DN":self.clVars.Get("ld_unix_dn"),
"PASS":self.clVars.Get("ld_unix_pw")})
self.printOK(_("Unix service configured") +" ...")
self.clVars.Write("soft_unix_setup","yes")
self.clVars.Write("sr_unix_set","on")
return True
def setShadowLastChange(self, userName):
@ -2309,7 +2306,7 @@ class servMail(shareLdap):
" ...")
return False
#почтовая директория пользователя
mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"),
mailDir = os.path.join(self.clVars.Get("sr_mail_path"),
userName)
if options.has_key('r'):
backup = False
@ -2632,8 +2629,8 @@ class servMail(shareLdap):
mail = altMail
else:
mail = "%s@%s.%s" %(altMail,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if not primaryMail:
primaryMail = mail
if self.searchUserToMail(mail) or\
@ -2680,8 +2677,8 @@ in Unix service ...") %str(primaryMail))
mail = altMail
else:
mail = "%s@%s.%s" %(altMail,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if self.searchUserToMail(mail) or\
self.searchGroupToMail(mail):
self.printERROR(
@ -2695,20 +2692,20 @@ in Unix service ...") %str(primaryMail))
str(groupName) + " ...")
return False
mail = "%s@%s.%s" %(groupName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if self.searchUserToMail(mail) or\
self.searchGroupToMail(mail):
self.printERROR(
_("Email address %s is found in Mail service")%\
str(mail) + " ...")
return False
self.clVars.Set("soft_ldap_group_name",groupName)
self.clVars.Set("ur_group",groupName)
# Комментарий к группе
groupGecos = self.servUnixObj.groupGecos
if options.has_key('c'):
groupGecos = options['c']
self.clVars.Set("soft_ldap_group_desc",groupGecos)
self.clVars.Set("ur_group_comment",groupGecos)
ldifFile = self.ldifFileGroup
groupRawLdif = self.createLdif(ldifFile)
if not groupRawLdif:
@ -2785,8 +2782,8 @@ in Unix service ...") %str(primaryMail))
usersInGroup = res[0][0][1]['rfc822member']
for userName in usersNames:
userMail = "%s@%s.%s" %(userName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if userMail in usersInGroup:
findUsers.append(userName)
return findUsers
@ -2835,7 +2832,7 @@ in Unix service ...") %str(primaryMail))
if flagError:
return False
return True
mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"),
mailDir = os.path.join(self.clVars.Get("sr_mail_path"),
userName)
flagError = False
if not self.createUserDir(uid, gid, mailDir):
@ -2885,8 +2882,8 @@ in Unix service ...") %str(primaryMail))
modAttrs = []
for userName in addUsers:
userMail = "%s@%s.%s" %(userName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
modAttrs.append((ldap.MOD_ADD, 'rfc822member', userMail))
if modAttrs:
groupDN = self.addDN("cn="+groupName, self.relGroupsDN)
@ -2919,8 +2916,8 @@ in Unix service ...") %str(primaryMail))
mail = altMail
else:
mail = "%s@%s.%s" %(altMail,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if not primaryMail:
primaryMail = mail
if self.searchUserToMail(mail) or\
@ -2940,8 +2937,8 @@ in Unix service ...") %str(primaryMail))
return False
else:
mail = "%s@%s.%s" %(userName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if self.searchUserToMail(mail) or\
self.searchGroupToMail(mail):
self.printERROR(
@ -2977,7 +2974,7 @@ in Unix service ...") %str(primaryMail))
_("User %s is not found in Unix service") % str(userName)+\
" ...")
return False
self.clVars.Set("soft_ldap_user_login", userName)
self.clVars.Set("ur_name", userName)
#Полное имя пользователя
fullNameUser = self.servUnixObj.fullNameUser
if options.has_key('c'):
@ -2985,7 +2982,7 @@ in Unix service ...") %str(primaryMail))
else:
if resUnix and resUnix[0][0][1].has_key('cn'):
fullNameUser = resUnix[0][0][1]['cn'][0]
self.clVars.Set("soft_ldap_user_full_name",fullNameUser)
self.clVars.Set("ur_fio",fullNameUser)
if not userPwd:
userPwdHash = "crypt{xxx}"
else:
@ -2997,7 +2994,7 @@ in Unix service ...") %str(primaryMail))
if flagCreateUnixUser:
self.servUnixObj.delUserUnixServer(userName, {}, False, False)
return False
self.clVars.Set("soft_ldap_user_pw_hash",userPwdHash)
self.clVars.Set("ur_hash",userPwdHash)
ldifFile = self.ldifFileUser
userRawLdif = self.createLdif(ldifFile)
if not userRawLdif:
@ -3028,7 +3025,7 @@ in Unix service ...") %str(primaryMail))
if not flagError:
# Востановим удаленного пользователя
# Почтовая директория пользователя
mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"),
mailDir = os.path.join(self.clVars.Get("sr_mail_path"),
userName)
message = _("Restored deleted user %s data")% userName + "\n" +\
_("(Y - yes, n - no, ctrl+c - cansel)")
@ -3074,7 +3071,7 @@ in Unix service ...") %str(primaryMail))
self.createClVars()
#self.clVars.printVars()
#return True
if self.clVars.Get("soft_unix_setup") != "yes":
if self.clVars.Get("sr_unix_set") != "on":
self.printERROR (_("ERROR") + ": " +\
_("LDAP server is not configured")+ ".")
self.printWARNING(_("Unix service is not setuped"))
@ -3082,7 +3079,7 @@ in Unix service ...") %str(primaryMail))
self.printWARNING(" cl-setup unix")
return False
# В случае если сервер установлен
if self.clVars.Get("soft_mail_setup") == "yes" and\
if self.clVars.Get("sr_mail_set") == "on" and\
not forceOptions:
self.printWARNING (_("WARNING") + ": " +\
_("Mail server is configured")+ ".")
@ -3120,8 +3117,8 @@ in Unix service ...") %str(primaryMail))
if not self.stopServices(["mail"]):
return False
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","mail")
self.clVars.Write("soft_mail_setup","no")
self.clVars.Set("cl_pass_service","mail")
self.clVars.Write("sr_mail_set","off")
# Cоздаем объект профиль устанавливая директорию mail для
# файлов профилей
if not self.applyProfilesFromService('mail'):
@ -3161,8 +3158,8 @@ in Unix service ...") %str(primaryMail))
# Записываем данные администратора сервиса Mail
ldapParser = iniLdapParser()
ldapParser.setVar("mail",
{"DN":self.clVars.Get("soft_ldap_admin_mail"),
"PASS":self.clVars.Get("soft_ldap_admin_mailpw")})
{"DN":self.clVars.Get("ld_mail_dn"),
"PASS":self.clVars.Get("ld_mail_pw")})
self.printOK(_("Added ldif file") +" ...")
textLine = self.execProg("newaliases")
if not (textLine == None):
@ -3186,7 +3183,7 @@ in Unix service ...") %str(primaryMail))
# Устанавливаем автозапуск демона
if not self.setDaemonAutostart("dovecot"):
return False
self.clVars.Write("soft_mail_setup","yes")
self.clVars.Write("sr_mail_set","on")
self.printOK(_("Mail service configured") + " ...")
return True
@ -3606,12 +3603,12 @@ class servJabber(shareLdap):
_("group name %s is found in Jabber service") %\
str(groupName) + " ...")
return False
self.clVars.Set("soft_ldap_group_name",groupName)
self.clVars.Set("ur_group",groupName)
# Комментарий к группе
groupGecos = self.servUnixObj.groupGecos
if options.has_key('c'):
groupGecos = options['c']
self.clVars.Set("soft_ldap_group_desc",groupGecos)
self.clVars.Set("ur_group_comment",groupGecos)
ldifFile = self.ldifFileGroup
groupLdif = self.createLdif(ldifFile)
if not groupLdif:
@ -3631,8 +3628,8 @@ class servJabber(shareLdap):
"""Добавляет jabber пользователя"""
#jabber id
jabberId = "%s@%s.%s" %(userName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
if self.searchUserToId(jabberId):
self.printERROR(_("User exists in Jabber service"))
return False
@ -3642,13 +3639,13 @@ class servJabber(shareLdap):
return False
if not userPwd:
userPwd = "crypt{xxx}"
self.clVars.Set("soft_ldap_user_pw_hash",userPwd)
self.clVars.Set("soft_ldap_user_login", userName)
self.clVars.Set("ur_hash",userPwd)
self.clVars.Set("ur_name", userName)
#Полное имя пользователя
fullNameUser = self.servUnixObj.fullNameUser
if options.has_key('c'):
fullNameUser = options['c']
self.clVars.Set("soft_ldap_user_full_name",fullNameUser)
self.clVars.Set("ur_fio",fullNameUser)
ldifFile = self.ldifFileUser
userLdif = self.createLdif(ldifFile)
if not self.ldapObj.getError():
@ -3680,7 +3677,7 @@ class servJabber(shareLdap):
self.createClVars()
#self.clVars.printVars()
#return True
if self.clVars.Get("soft_ldap_setup") != "yes":
if self.clVars.Get("sr_ldap_set") != "on":
self.printERROR (_("ERROR") + ": " +\
_("LDAP server is not configured")+ ".")
self.printWARNING(_("LDAP service is not setuped"))
@ -3688,7 +3685,7 @@ class servJabber(shareLdap):
self.printWARNING(" cl-setup ldap")
return False
# В случае если сервер установлен
if self.clVars.Get("soft_jabber_setup") == "yes" and\
if self.clVars.Get("sr_jabber_set") == "on" and\
not forceOptions:
self.printWARNING (_("WARNING") + ": " +\
_("Jabber server is configured")+ ".")
@ -3723,8 +3720,8 @@ class servJabber(shareLdap):
if not self.stopServices(["jabber"]):
return False
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","jabber")
self.clVars.Write("soft_jabber_setup","no")
self.clVars.Set("cl_pass_service","jabber")
self.clVars.Write("sr_jabber_set","off")
# Cоздаем объект профиль устанавливая директорию jabber для
# файлов профилей
if not self.applyProfilesFromService('jabber'):
@ -3764,16 +3761,16 @@ class servJabber(shareLdap):
# Администратор сервиса
adminName = "admin"
adminFullName = "%s@%s.%s" %(adminName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
self.clVars.Get("os_net_hostname"),
self.clVars.Get("os_net_domain"))
print _("Enter the %s password" % adminFullName)
if not self.addUserJabberServer(adminName,{'p':""}):
return False
# Записываем данные администратора сервиса Jabber
ldapParser = iniLdapParser()
ldapParser.setVar("jabber",
{"DN":self.clVars.Get("soft_ldap_admin_jabber"),
"PASS":self.clVars.Get("soft_ldap_admin_jabberpw")})
{"DN":self.clVars.Get("ld_jabber_dn"),
"PASS":self.clVars.Get("ld_jabber_pw")})
self.printOK(_("Added ldif file") +" ...")
# создаем сертификат если есть используем прежний
self.execProg("/bin/bash /etc/jabber/self-cert.sh")
@ -3789,7 +3786,7 @@ class servJabber(shareLdap):
# Устанавливаем автозапуск демона
if not self.setDaemonAutostart("ejabberd"):
return False
self.clVars.Write("soft_jabber_setup","yes")
self.clVars.Write("sr_jabber_set","on")
self.printOK(_("Jabber service configured") + " ...")
return True
@ -3841,16 +3838,16 @@ class servSamba(shareLdap):
str(delUser))
return False
winProfDir =\
os.path.join(self.clVars.Get("soft_samba_winprofile_path"),
os.path.join(self.clVars.Get("sr_samba_winprof_path"),
userName)
linProfDir =\
os.path.join(self.clVars.Get("soft_samba_linprofile_path"),
os.path.join(self.clVars.Get("sr_samba_linprof_path"),
userName)
userHomeDir =\
os.path.join(self.clVars.Get("soft_samba_home_path"),
os.path.join(self.clVars.Get("sr_samba_home_path"),
userName)
userNetlogonDir =\
os.path.join(self.clVars.Get("soft_samba_winlogon_path"),
os.path.join(self.clVars.Get("sr_samba_winlogon_path"),
userName)
if options.has_key('r'):
backup = False
@ -3964,16 +3961,16 @@ class servSamba(shareLdap):
if "Added" in str(textLine):
flagError = False
winProfDir =\
os.path.join(self.clVars.Get("soft_samba_winprofile_path"),
os.path.join(self.clVars.Get("sr_samba_winprof_path"),
userName)
linProfDir =\
os.path.join(self.clVars.Get("soft_samba_linprofile_path"),
os.path.join(self.clVars.Get("sr_samba_linprof_path"),
userName)
userHomeDir =\
os.path.join(self.clVars.Get("soft_samba_home_path"),
os.path.join(self.clVars.Get("sr_samba_home_path"),
userName)
userNetlogonDir =\
os.path.join(self.clVars.Get("soft_samba_winlogon_path"),
os.path.join(self.clVars.Get("sr_samba_winlogon_path"),
userName)
message = _("Restored deleted user %s")% userName + "\n" +\
_("(Y - yes, n - no, ctrl+c - cansel)")
@ -4144,7 +4141,7 @@ class servSamba(shareLdap):
self.createClVars()
if options.has_key("f"):
forceOptions = True
if self.clVars.Get("soft_unix_setup") != "yes":
if self.clVars.Get("sr_unix_set") != "on":
self.printERROR (_("ERROR") + ": " +\
_("LDAP server is not configured")+ ".")
self.printWARNING(_("Unix service is not setuped"))
@ -4152,7 +4149,7 @@ class servSamba(shareLdap):
self.printWARNING(" cl-setup unix")
return False
# В случае если сервер установлен
if self.clVars.Get("soft_samba_setup") == "yes" and\
if self.clVars.Get("sr_samba_set") == "on" and\
not forceOptions:
self.printWARNING (_("WARNING") + ": " +\
_("Samba server is configured")+ ".")
@ -4186,8 +4183,8 @@ class servSamba(shareLdap):
if not self.stopServices(["samba"]):
return False
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","samba")
self.clVars.Write("soft_samba_setup","no")
self.clVars.Set("cl_pass_service","samba")
self.clVars.Write("sr_samba_set","off")
# Cоздаем объект профиль устанавливая директорию samba для
# файлов профилей
if not self.applyProfilesFromService('samba'):
@ -4203,8 +4200,8 @@ class servSamba(shareLdap):
# Записываем данные администратора сервиса Samba
ldapParser = iniLdapParser()
ldapParser.setVar("samba",
{"DN":self.clVars.Get("soft_ldap_admin_samba"),
"PASS":self.clVars.Get("soft_ldap_admin_sambapw")})
{"DN":self.clVars.Get("ld_samba_dn"),
"PASS":self.clVars.Get("ld_samba_pw")})
ldapParser = iniLdapParser()
pswd = ldapParser.getVar("samba","PASS")
if not pswd:
@ -4258,7 +4255,7 @@ class servSamba(shareLdap):
# Устанавливаем автозапуск демона
if not self.setDaemonAutostart("samba"):
return False
self.clVars.Write("soft_samba_setup","yes")
self.clVars.Write("sr_samba_set","on")
self.printOK(_("Samba service configured") + " ...")
return True
@ -4364,7 +4361,7 @@ class servLdap(shareLdap):
"/usr/lib/calculate/calculate-server/ldif/ldap_base.ldif"
# Для backup
# Директория куда будет сохранен архив
self.backupDirectory = "/var/calculate/backup/LDAP"
self.backupDirectory = "/var/calculate/server-backup/ldap"
# ldif файл базы LDAP
self.archLdifFile = "/tmp/LDAP_DATABASE.ldif"
# приватная директория Samba
@ -4396,28 +4393,39 @@ class servLdap(shareLdap):
"""
servicePaths = []
servInstalled = []
# путь к директории профилей
profilePath = self.clVars.Get("setup_path_profinstall")[0]
if self.clVars.Get("soft_ldap_setup") == "yes":
serv = "ldap"
servicePaths.append(os.path.join(profilePath,serv))
servInstalled.append(serv)
if self.clVars.Get("soft_unix_setup") == "yes":
serv = "unix"
servicePaths.append(os.path.join(profilePath,serv))
servInstalled.append(serv)
if self.clVars.Get("soft_samba_setup") == "yes":
serv = "samba"
servicePaths.append(os.path.join(profilePath,serv))
servInstalled.append(serv)
if self.clVars.Get("soft_mail_setup") == "yes":
serv = "mail"
servicePaths.append(os.path.join(profilePath,serv))
servInstalled.append(serv)
if self.clVars.Get("soft_jabber_setup") == "yes":
serv = "jabber"
servicePaths.append(os.path.join(profilePath,serv))
servInstalled.append(serv)
# пути к директориям профилей
profilePaths = self.clVars.Get("cl_profile_path")
for profilePath in profilePaths:
if self.clVars.Get("sr_ldap_set") == "on":
serv = "ldap"
servPath = os.path.join(profilePath,serv)
if os.path.exists(servPath):
servicePaths.append(servPath)
servInstalled.append(serv)
if self.clVars.Get("sr_unix_set") == "on":
serv = "unix"
servPath = os.path.join(profilePath,serv)
if os.path.exists(servPath):
servicePaths.append(servPath)
servInstalled.append(serv)
if self.clVars.Get("sr_samba_set") == "on":
serv = "samba"
servPath = os.path.join(profilePath,serv)
if os.path.exists(servPath):
servicePaths.append(servPath)
servInstalled.append(serv)
if self.clVars.Get("sr_mail_set") == "on":
serv = "mail"
servPath = os.path.join(profilePath,serv)
if os.path.exists(servPath):
servicePaths.append(servPath)
servInstalled.append(serv)
if self.clVars.Get("sr_jabber_set") == "on":
serv = "jabber"
servPath = os.path.join(profilePath,serv)
if os.path.exists(servPath):
servicePaths.append(servPath)
servInstalled.append(serv)
return (servicePaths, servInstalled)
def backupServer(self):
@ -4467,13 +4475,13 @@ class servLdap(shareLdap):
ldapParser = iniLdapParser()
#iniPath = ldapParser.pathIniFile
#scanPrivDirs.append(iniPath)
dirDelUsers = self.clVars.Get("soft_ldap_delete_user_dir")
dirDelUsers = self.clVars.Get("sr_deleted_path")
if os.path.exists(dirDelUsers):
scanPrivDirs.append(dirDelUsers)
# Добавляем calulate.ldap
allArchFiles.append(ldapParser.nameIniFile)
# Добавляем calculate.env
iniFile = "/" + self.clVars.Get("sys_calculate_ini")
iniFile = "/" + self.clVars.Get("cl_env_path")[2]
allArchFiles.append(iniFile)
if "samba" in servInstalled:
scanPrivDirs.append(self.sambaPrivate)
@ -4687,7 +4695,7 @@ class servLdap(shareLdap):
def removeTmpRestoreFile(self):
"""Удаляем временные файлы нужные для восстановлеиня сервисов"""
profilePath = self.clVars.Get("setup_path_profinstall")[0]
profilePath = self.clVars.Get("cl_profile_path")[0]
backupDir = os.path.join(profilePath, self.backupDir)
fileObj = cl_profile._file()
scanObjs = fileObj.scanDirs([backupDir])
@ -4716,8 +4724,8 @@ class servLdap(shareLdap):
используем DN и пароль временного админстратора
"""
self.ldapObj = ldapFunction(self.clVars.Get("soft_ldap_admin_tmp"),
self.clVars.Get("soft_ldap_adminpw_tmp"))
self.ldapObj = ldapFunction(self.clVars.Get("ld_temp_dn"),
self.clVars.Get("ld_temp_pw"))
self.conLdap = self.ldapObj.conLdap
if self.ldapObj.getError():
self.printERROR(_("Can not connected to LDAP server") + " ...")
@ -4733,7 +4741,7 @@ class servLdap(shareLdap):
if options.has_key("f"):
forceOptions = True
if self.clVars.Get("soft_ldap_setup") == "yes" and\
if self.clVars.Get("sr_ldap_set") == "on" and\
not forceOptions:
self.printWARNING (_("WARNING") + ": " +\
_("LDAP server is configured")+ ".")
@ -4767,7 +4775,7 @@ class servLdap(shareLdap):
if not self.stopServices(self.getALLServices()):
return False
# Получим путь к ini файлу
iniFile = "/" + self.clVars.Get("sys_calculate_ini")
iniFile = "/" + self.clVars.Get("cl_env_path")[2]
# Удаляем ini файл
if os.path.exists(iniFile):
os.remove(iniFile)
@ -4778,10 +4786,10 @@ class servLdap(shareLdap):
if os.path.exists(ldapFile):
os.remove(ldapFile)
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","ldap")
self.clVars.Write("soft_ldap_setup","no")
self.clVars.Set("cl_pass_service","ldap")
self.clVars.Write("sr_ldap_set","off")
# Первый проход
self.clVars.Set("setup_pass_parser","1",True)
self.clVars.Set("cl_pass_step","1",True)
if not self.applyProfilesFromService('ldap'):
self.printERROR(_("Can not apply profiles") +":"+ _("first pass"))
return False
@ -4804,7 +4812,7 @@ class servLdap(shareLdap):
self.printOK(_("Added ldif file") +" ...")
# Второй проход,
# удаляем временного пользователя root из конфигурационного файла
self.clVars.Set("setup_pass_parser","2",True)
self.clVars.Set("cl_pass_step","2",True)
if not self.applyProfilesFromService('ldap'):
self.printERROR(_("Can not apply profiles") +":"+ _("second pass"))
return False
@ -4813,12 +4821,12 @@ class servLdap(shareLdap):
return False
# Записываем данные администратора сервера
ldapParser.setVar("admin",
{"DN":self.clVars.Get("soft_ldap_admin"),
"PASS":self.clVars.Get("soft_ldap_adminpw")})
{"DN":self.clVars.Get("ld_admin_dn"),
"PASS":self.clVars.Get("ld_admin_pw")})
# Устанавливаем автозапуск демона
if not self.setDaemonAutostart("slapd"):
return False
self.clVars.Write("soft_ldap_setup","yes")
self.clVars.Write("sr_ldap_set","on")
self.printOK(_("LDAP service configured") +" ...")
return True

431
pym/cl_vars_server.py
Unescape View File

@ -28,288 +28,305 @@
class Data:
#базовый суффикс LDAP
soft_ldap_base= {'mode':"r",
'type':('param','soft')
}
#Vl soft_ldap_base
ld_base_dn = {}
#bind суффикс LDAP
soft_ldap_bind= {'mode':"r",
'type':('param','soft'),
}
#Vl soft_ldap_bind
ld_bind_dn = {}
#пользователь только для чтения
soft_ldap_bindname= {'mode':"r",
'type':('param','soft'),
}
#Vl soft_ldap_bindname
ld_bind_login = {'value':'proxyuser'}
#hash пароля для пользователя для чтения
soft_ldap_bindpw_hash= {'mode':"r",
'type':('param','soft'),
}
#Vl soft_ldap_bindpw_hash
ld_bind_hash = {}
#пароль для пользователя для чтения
soft_ldap_bindpw= {'mode':"r",
'type':('param','soft'),
}
#Vl soft_ldap_bindpw
ld_bind_pw = {'value':'calculate'}
#алгоритм шифрования паролей
soft_ldap_hash_encrypt={'mode':"r",
'type':('param','soft'),
}
#временный пользователь root для инициализации базы данных
soft_ldap_admin_tmp= {'mode':"r",
'type':('param','soft'),
}
#Vl soft_ldap_hash_encrypt
ld_encrypt = {'value':'{SSHA}'}
#имя для базового суффикса LDAP
soft_ldap_root= {'mode':"r",
'type':('param','soft')}
#запись для пользователя root
soft_ldap_admin= {'mode':"r",
'type':('param','soft')}
#Vl soft_ldap_root
ld_base_root = {'value':'calculate'}
#временный пользователь root для инициализации базы данных
#V soft_ldap_admin_tmp
ld_temp_dn = {}
#hash пароля временного root
#V soft_ldap_adminpw_tmp_hash
ld_temp_hash = {}
#пароль временного пользователя root
#V soft_ldap_adminpw_tmp
ld_temp_pw = {}
#DN пользователя root
#V soft_ldap_admin
ld_admin_dn = {}
#имя пользователя root для LDAP
soft_ldap_adminname= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_adminname
ld_admin_login = {'value':'ldapadmin'}
#hash пароля root
soft_ldap_adminpw_hash= {'mode':"r",
'type':('param','soft'),
}
#hash пароля временного root
soft_ldap_adminpw_tmp_hash={'mode':"r",
'type':('param','soft'),
}
#пароль временный пользователя root
soft_ldap_adminpw_tmp= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_adminpw_hash
ld_admin_hash = {}
#пароль root
soft_ldap_adminpw= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_adminpw
ld_admin_pw = {}
#имя samba домена
soft_samba_domain= {'mode':"r",
'type':('param','soft'),
}
#V soft_samba_domain
sr_samba_domain = {'value':'CDS'}
#netbios имя samba домена
soft_samba_netbios= {'mode':"r",
'type':('param','soft'),
}
#V soft_samba_netbios
sr_samba_netbios = {'value':'PDC-CDS'}
#Логин LDAP пользователя
soft_ldap_user_login= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_login
ur_name = {'mode':"w"}
#Полное имя LDAP пользователя
soft_ldap_user_full_name={'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_full_name
ur_fio = {'mode':"w"}
#ID LDAP пользователя (номер пользователя)
soft_ldap_user_id= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_id
ur_id = {'mode':"w"}
#GID LDAP пользователя (номер группы пользователя)
soft_ldap_user_gid= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_gid
ur_gid = {'mode':"w"}
#Домашняя директория LDAP пользователя
soft_ldap_user_home= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_home
ur_home_path = {'mode':"w"}
#Оболочка LDAP пользователя
soft_ldap_user_shell= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_shell
ur_shell = {'mode':"w"}
#Хеш пароля LDAP пользователя
soft_ldap_user_pw_hash={'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_user_pw_hash
ur_hash = {'mode':"w"}
#Название группы
soft_ldap_group_name= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_group_name
ur_group = {'mode':"w"}
#ID группы
soft_ldap_group_id= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_group_id
ur_group_id = {'mode':"w"}
#Полное имя группы
soft_ldap_group_desc= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_group_desc
ur_group_comment = {'mode':"w"}
# Видимость пользователя с другого компьютера
#V soft_ldap_user_visible
ur_visible = {'mode':"w"}
#Логин компьютера
soft_ldap_machine_login={'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_machine_login
sr_samba_machine_login = {'mode':"w"}
#ID LDAP компьютера (номер компьютера)
soft_ldap_machine_id= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_machine_id
sr_samba_machine_id = {'mode':"w"}
#GID LDAP компьютера (номер первичной группы компьютера)
soft_ldap_machine_gid= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_machine_gid
sr_samba_machine_gid = {'mode':"w"}
#Название первичной группы компьютера
soft_ldap_machine_group_name={'mode':"w",
'type':('param','soft'),
'value':'Computers',
}
# Видимость пользователя с другого компьютера
soft_ldap_user_visible= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_machine_group_name
sr_samba_machine_group = {'mode':"w",
'value':'Computers'}
#-----------------------------------------------------
#Все сервисы Unix
#-----------------------------------------------------
#Имя для всех сервисов
soft_ldap_sevices_dn_name = {'mode':"r",
'type':('param','soft'),
'value' : 'Services'
}
#V soft_ldap_sevices_dn_name
ld_services= {'value' : 'Services'}
#DN всех сервисов
soft_ldap_sevices_dn= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_sevices_dn
ld_services_dn = {}
#Настроен или нет сервис LDAP
soft_ldap_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#V soft_ldap_setup
sr_ldap_set = {'mode':"w",'value':'off'}
#имя устанавливаемого сервиса
soft_ldap_setup_name= {'mode':"w",
'type':('param','soft'),
}
#V soft_ldap_setup_name
cl_pass_service = {'mode':"w"}
#проход при наложении профилей 1,2,3,4,5 и.т д
#V setup_pass_parser
cl_pass_step = {'mode':"w"}
#директория куда будут записаны данные удаленных пользователей
soft_ldap_delete_user_dir= {'mode':"w",
'type':('param','soft'),
'value':'/var/calculate/deleted'
}
#V soft_ldap_delete_user_dir
sr_deleted_path = {'mode':"w",
'value':'/var/calculate/server-backup/deleted'}
#-----------------------------------------------------
#Сервис Unix
#-----------------------------------------------------
#DN админстратора сервиса Unix (он, же DN сервиса)
soft_ldap_admin_unix= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_unix
ld_unix_dn = {}
#имя админстратора сервиса Unix
soft_ldap_admin_unix_name= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_unix_name
ld_unix_login = {'value':'Unix'}
#пароль админстратора сервиса Unix
soft_ldap_admin_unixpw= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_unixpw
ld_unix_pw = {}
#hash пароля админстратора сервиса Unix
soft_ldap_admin_unixpw_hash= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_unixpw_hash
ld_unix_hash = {}
#Настроен или нет сервис Unix
soft_unix_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#V soft_unix_setup
sr_unix_set = {'mode':"w",
'value':'off'}
#-----------------------------------------------------
#Сервис Samba
#-----------------------------------------------------
#DN админстратора сервиса Samba (он, же DN сервиса)
soft_ldap_admin_samba= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_samba
ld_samba_dn = {}
#имя админстратора сервиса Samba
soft_ldap_admin_samba_name= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_samba_name
ld_samba_login = {'value':'Samba'}
#пароль админстратора сервиса Samba
soft_ldap_admin_sambapw= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_sambapw
ld_samba_pw = {}
#hash пароля админстратора сервиса Samba
soft_ldap_admin_sambapw_hash= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_sambapw_hash
ld_samba_hash = {}
# Директория настроек пользователя windows
soft_samba_winprofile_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/win/profiles'
}
#V soft_samba_winprofile_path
sr_samba_winprof_path = {\
'value':'/var/calculate/server-data/samba/win/profiles'}
# Директория хранения настроек пользователя linux
soft_samba_linprofile_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/lin/profiles'}
#V soft_samba_linprofile_path
sr_samba_linprof_path = {\
'value':'/var/calculate/server-data/samba/lin/profiles'}
# Домашняя директория
soft_samba_home_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/home'
}
#V soft_samba_home_path
sr_samba_home_path = {\
'value':'/var/calculate/server-data/samba/home'}
# Директория netlogon
soft_samba_winlogon_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/win/netlogon'
}
#V soft_samba_winlogon_path
sr_samba_winlogon_path = {\
'value':'/var/calculate/server-data/samba/win/netlogon'}
# Директория share
soft_samba_share_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/share'
}
#V soft_samba_share_path
sr_samba_share_path= {\
'value':'/var/calculate/server-data/samba/share'}
# Настроен или нет сервис Samba
soft_samba_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#V soft_samba_setup
sr_samba_set = {'mode':"w",
'value':'off'}
#-----------------------------------------------------
#Сервис Mail
#-----------------------------------------------------
#DN админстратора сервиса Mail (он, же DN сервиса)
soft_ldap_admin_mail= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_mail
ld_mail_dn = {}
#имя админстратора сервиса Mail
soft_ldap_admin_mail_name= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_mail_name
ld_mail_login = {'value':'Mail'}
#пароль админстратора сервиса Mail
soft_ldap_admin_mailpw= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_mailpw
ld_mail_pw = {}
#hash пароля админстратора сервиса Mail
soft_ldap_admin_mailpw_hash= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_mailpw_hash
ld_mail_hash = {}
#почтовый релей
# Пример заполнения:
# value:', 212.113.122.130'
soft_ldap_mail_relay = {'mode':"r",
'type':('param','soft'),
'value':'' }
#soft_ldap_mail_relay
sr_mail_relay = {'value':''}
# Директория хранения писем
soft_ldap_mail_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/mail/imap'}
#V soft_ldap_mail_path
sr_mail_path = {'value':'/var/calculate/server-data/mail/imap'}
#Настроен или нет сервис Mail
soft_mail_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#V soft_mail_setup
sr_mail_set = {'mode':"w",
'value':'off'}
#-----------------------------------------------------
#Сервис Jabber
#-----------------------------------------------------
#DN админстратора сервиса Jabber (он, же DN сервиса)
soft_ldap_admin_jabber= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_jabber
ld_jabber_dn = {}
#имя админстратора сервиса Jabber
soft_ldap_admin_jabber_name= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_jabber_name
ld_jabber_login = {'value':'Jabber'}
#пароль админстратора сервиса Jabber
soft_ldap_admin_jabberpw= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_jabberpw
ld_jabber_pw = {}
#hash пароля админстратора сервиса Jabber
soft_ldap_admin_jabberpw_hash= {'mode':"r",
'type':('param','soft'),
}
#V soft_ldap_admin_jabberpw_hash
ld_jabber_hash = {}
#Настроен или нет сервис Jabber
soft_jabber_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#V soft_jabber_setup
sr_jabber_set = {'mode':"w",
'value':'off'}
##список накладываемых профилей при установке, наложении профилей
#setup_path_profinstall
cl_profile_path = {}
#путь к директории относительно которой происходит наложение профилей на
#файлы системы
#setup_path_install
cl_root_path = {'value':'/'}
# Calculate плюс версия калкулейта для записи в заголовок файла
# объединяемого с профилем
#setup_name
cl_ver = {'value':'Calculate 0.0.1 alpha 1'}
#-----------------------------------------------------
#Служебные переменные
#-----------------------------------------------------
#запущенные сервисы CDS
soft_service_allive= {'mode':"r",
'type':('param','soft'),
}
#? soft_service_allive
#sr_run = {}

22
setup.py
Unescape View File

@ -24,17 +24,17 @@ from distutils.core import setup
data_files = []
var_data_files = [("/var/calculate/profile/server",[]),
("/var/calculate/remote/profile",[]),
# services
("/var/calculate/services",[]),
var_data_files = [("/var/calculate/server-profile",[]),
#("/var/calculate/remote/server-profile",[]),
# server-data
("/var/calculate/server-data",[]),
# samba
("/var/calculate/services/samba",[]),
("/var/calculate/services/samba/home",[]),
("/var/calculate/services/samba/share",[]),
("/var/calculate/services/samba/win/profiles",[]),
("/var/calculate/services/samba/lin/profiles",[]),
("/var/calculate/services/samba/win/netlogon",[]),
("/var/calculate/server-data/samba",[]),
("/var/calculate/server-data/samba/home",[]),
("/var/calculate/server-data/samba/share",[]),
("/var/calculate/server-data/samba/win/profiles",[]),
("/var/calculate/server-data/samba/lin/profiles",[]),
("/var/calculate/server-data/samba/win/netlogon",[]),
]
data_dirs_local = ['profile','ldif']
@ -117,7 +117,7 @@ data_files += create_data_files (data_dirs_share, share_calculate_dir)
setup(
name = 'calculate-server',
version = "0.0.1",
description = "The program for configuring services linux",
description = "The program for configuring server-data linux",
author = "Calculate Pack",
author_email = "support@calculate.ru",
url = "http://calculate-linux.ru",

Write Preview
Loading…
Cancel
Save