From 5f02e6b792d2201c104b6c508033d4c1b3a5a51e Mon Sep 17 00:00:00 2001 From: asamoukin Date: Thu, 30 Oct 2008 13:07:27 +0000 Subject: [PATCH] git-svn-id: http://svn.calculate.ru/calculate2/calculate-server/trunk@304 c91db197-33c1-4113-bf15-f8a5c547ca64 --- ldif/jabber_base.ldif | 10 +- ldif/jabber_group.ldif | 8 +- ldif/jabber_user.ldif | 12 +- ldif/ldap_base.ldif | 24 +- ldif/mail_base.ldif | 10 +- ldif/mail_group.ldif | 12 +- ldif/mail_user.ldif | 13 +- ldif/samba_base.ldif | 12 +- ldif/samba_machine.ldif | 12 +- ldif/unix_base.ldif | 10 +- ldif/unix_group.ldif | 10 +- ldif/unix_user.ldif | 22 +- profile/backup/etc/openldap/slapd.conf | 10 +- profile/jabber/etc/jabber/ejabberd.cfg | 12 +- profile/jabber/etc/openldap/slapd.conf | 114 ++--- profile/mail/etc/dovecot/dovecot-ldap.conf | 10 +- profile/mail/etc/dovecot/dovecot.conf | 2 +- profile/mail/etc/openldap/slapd.conf | 114 ++--- profile/mail/etc/postfix/ldap-aliases-gr.cf | 8 +- profile/mail/etc/postfix/ldap-aliases.cf | 8 +- profile/mail/etc/postfix/ldap-recipient-gr.cf | 8 +- profile/mail/etc/postfix/ldap-recipient.cf | 8 +- profile/mail/etc/postfix/main.cf | 4 +- profile/mail/etc/procmailrc | 2 +- profile/samba/etc/ldap.conf | 2 +- profile/samba/etc/openldap/slapd.conf | 114 ++--- profile/samba/etc/samba/smb.conf | 22 +- profile/unix/etc/ldap.conf | 14 +- profile/unix/etc/openldap/slapd.conf | 114 ++--- pym/cl_ldap.py | 272 +++++------ pym/cl_vars_server.py | 431 +++++++++--------- setup.py | 22 +- 32 files changed, 735 insertions(+), 711 deletions(-) diff --git a/ldif/jabber_base.ldif b/ldif/jabber_base.ldif index 6e0382f..ad9a41d 100644 --- a/ldif/jabber_base.ldif +++ b/ldif/jabber_base.ldif @@ -1,19 +1,19 @@ # Jabber server -dn: #-soft_ldap_admin_jabber-# +dn: #-ld_jabber_dn-# objectClass: top objectClass: organizationalUnit -ou: #-soft_ldap_admin_jabber_name-# -userPassword: #-soft_ldap_admin_jabberpw_hash-# +ou: #-ld_jabber_login-# +userPassword: #-ld_jabber_hash-# # Users -dn: ou=Users,#-soft_ldap_admin_jabber-# +dn: ou=Users,#-ld_jabber_dn-# objectClass: top objectClass: organizationalUnit ou: Users # Groups -dn: ou=Groups,#-soft_ldap_admin_jabber-# +dn: ou=Groups,#-ld_jabber_dn-# objectClass: top objectClass: organizationalUnit ou: Groups diff --git a/ldif/jabber_group.ldif b/ldif/jabber_group.ldif index b7d07f1..d7b0f5a 100644 --- a/ldif/jabber_group.ldif +++ b/ldif/jabber_group.ldif @@ -1,5 +1,5 @@ -# Jabber Group -dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_jabber-# +# Jabber group +dn: cn=#-ur_group-#,ou=Groups,#-ld_jabber_dn-# objectClass: nisNetgroup -cn: #-soft_ldap_group_name-# -description: #-soft_ldap_group_desc-# +cn: #-ur_group-# +description: #-ur_group_comment-# diff --git a/ldif/jabber_user.ldif b/ldif/jabber_user.ldif index a7d4f25..5bd4e68 100644 --- a/ldif/jabber_user.ldif +++ b/ldif/jabber_user.ldif @@ -1,9 +1,9 @@ # Jabber user -dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_jabber-# +dn: uid=#-ur_name-#,ou=Users,#-ld_jabber_dn-# objectClass: inetOrgPerson -uid: #-soft_ldap_user_login-# -cn: #-soft_ldap_user_full_name-# -sn: #-soft_ldap_user_full_name-# -mail: #-soft_ldap_user_login-#@#-net_host-#.#-sys_domain-# +uid: #-ur_name-# +cn: #-ur_fio-# +sn: #-ur_fio-# +mail: #-ur_name-#@#-os_net_hostname-#.#-os_net_domain-# initials: Yes -userPassword: #-soft_ldap_user_pw_hash-# +userPassword: #-ur_hash-# diff --git a/ldif/ldap_base.ldif b/ldif/ldap_base.ldif index b1806a2..66040ad 100644 --- a/ldif/ldap_base.ldif +++ b/ldif/ldap_base.ldif @@ -1,29 +1,29 @@ # Directory Server -dn: #-soft_ldap_base-# +dn: #-ld_base_dn-# objectClass: dcObject objectClass: organization -dc: #-soft_ldap_root-# -o: #-setup_sys_fullname-# +dc: #-ld_base_root-# +o: Calculate Directory Server # Groups -dn: ou=Services,#-soft_ldap_base-# +dn: ou=Services,#-ld_base_dn-# objectClass: top objectClass: organizationalUnit ou: Services -dn: #-soft_ldap_admin-# -cn: #-soft_ldap_adminname-# -sn: #-soft_ldap_adminname-# +dn: #-ld_admin_dn-# +cn: #-ld_admin_login-# +sn: #-ld_admin_login-# objectClass: person objectClass: top description: LDAP Administrator stuff -userPassword: #-soft_ldap_adminpw_hash-# +userPassword: #-ld_admin_hash-# -dn: #-soft_ldap_bind-# -cn: #-soft_ldap_bindname-# -sn: #-soft_ldap_bindname-# +dn: #-ld_bind_dn-# +cn: #-ld_bind_login-# +sn: #-ld_bind_login-# objectClass: person objectClass: top description: LDAP Proxy User -userPassword: #-soft_ldap_bindpw_hash-# +userPassword: #-ld_bind_hash-# diff --git a/ldif/mail_base.ldif b/ldif/mail_base.ldif index 9cab32d..d2e8e16 100644 --- a/ldif/mail_base.ldif +++ b/ldif/mail_base.ldif @@ -1,19 +1,19 @@ # Mail server -dn: #-soft_ldap_admin_mail-# +dn: #-ld_mail_dn-# objectClass: top objectClass: organizationalUnit -ou: #-soft_ldap_admin_mail_name-# -userPassword: #-soft_ldap_admin_mailpw_hash-# +ou: #-ld_mail_login-# +userPassword: #-ld_mail_hash-# # Users -dn: ou=Users,#-soft_ldap_admin_mail-# +dn: ou=Users,#-ld_mail_dn-# objectClass: top objectClass: organizationalUnit ou: Users # Groups -dn: ou=Groups,#-soft_ldap_admin_mail-# +dn: ou=Groups,#-ld_mail_dn-# objectClass: top objectClass: organizationalUnit ou: Groups diff --git a/ldif/mail_group.ldif b/ldif/mail_group.ldif index 8996234..98ab492 100644 --- a/ldif/mail_group.ldif +++ b/ldif/mail_group.ldif @@ -1,9 +1,9 @@ #Mail group -dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_mail-# +dn: cn=#-ur_group-#,ou=Groups,#-ld_mail_dn-# objectClass: nisNetgroup objectClass: qmailGroup -cn: #-soft_ldap_group_name-# -mail: #-soft_ldap_group_name-#@#-net_host-#.#-sys_domain-# -mailAlternateAddress: #-soft_ldap_group_name-#@#-net_host-#.#-sys_domain-# -mailMessageStore: #-soft_ldap_group_name-#/ -description: #-soft_ldap_group_desc-# \ No newline at end of file +cn: #-ur_group-# +mail: #-ur_group-#@#-os_net_hostname-#.#-os_net_domain-# +mailAlternateAddress: #-ur_group-#@#-os_net_hostname-#.#-os_net_domain-# +mailMessageStore: #-ur_group-#/ +description: #-ur_group_comment-# \ No newline at end of file diff --git a/ldif/mail_user.ldif b/ldif/mail_user.ldif index 29297c2..1f5dcd8 100644 --- a/ldif/mail_user.ldif +++ b/ldif/mail_user.ldif @@ -1,11 +1,10 @@ #Mail user -dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_mail-# +dn: uid=#-ur_name-#,ou=Users,#-ld_mail_dn-# objectClass: inetOrgPerson objectClass: qmailUser -uid: #-soft_ldap_user_login-# -cn: #-soft_ldap_user_full_name-# -sn: #-soft_ldap_user_full_name-# +uid: #-ur_name-# +cn: #-ur_fio-# +sn: #-ur_fio-# accountStatus: active -#mailMessageStore: #-soft_ldap_user_login-#/ -mail: #-soft_ldap_user_login-#@#-net_host-#.#-sys_domain-# -userPassword: #-soft_ldap_user_pw_hash-# +mail: #-ur_name-#@#-os_net_hostname-#.#-os_net_domain-# +userPassword: #-ur_hash-# diff --git a/ldif/samba_base.ldif b/ldif/samba_base.ldif index e267b10..d370cb5 100644 --- a/ldif/samba_base.ldif +++ b/ldif/samba_base.ldif @@ -1,24 +1,24 @@ # Samba server -dn: #-soft_ldap_admin_samba-# +dn: #-ld_samba_dn-# objectClass: top objectClass: organizationalUnit -ou: #-soft_ldap_admin_samba_name-# -userPassword: #-soft_ldap_admin_sambapw_hash-# +ou: #-ld_samba_login-# +userPassword: #-ld_samba_hash-# # Users -dn: ou=Computers,#-soft_ldap_admin_samba-# +dn: ou=Computers,#-ld_samba_dn-# objectClass: top objectClass: organizationalUnit ou: Computers # Users -dn: ou=Users,#-soft_ldap_admin_samba-# +dn: ou=Users,#-ld_samba_dn-# objectClass: top objectClass: organizationalUnit ou: Users # Groups -dn: ou=Groups,#-soft_ldap_admin_samba-# +dn: ou=Groups,#-ld_samba_dn-# objectClass: top objectClass: organizationalUnit ou: Groups \ No newline at end of file diff --git a/ldif/samba_machine.ldif b/ldif/samba_machine.ldif index 15d4c44..052a173 100644 --- a/ldif/samba_machine.ldif +++ b/ldif/samba_machine.ldif @@ -1,13 +1,13 @@ -# Add samba account -dn: uid=#-soft_ldap_machine_login-#,ou=Computers,ou=Samba,ou=Services,#-soft_ldap_base-# +# Add samba machine account +dn: uid=#-sr_samba_machine_login-#,ou=Computers,#-ld_samba_dn-# objectClass: top objectClass: person objectClass: posixAccount objectClass: shadowAccount cn: Computer -sn: #-soft_ldap_machine_login-# -uid: #-soft_ldap_machine_login-# -uidNumber: #-soft_ldap_machine_id-# -gidNumber: #-soft_ldap_machine_gid-# +sn: #-sr_samba_machine_login-# +uid: #-sr_samba_machine_login-# +uidNumber: #-sr_samba_machine_id-# +gidNumber: #-sr_samba_machine_gid-# homeDirectory: /dev/null loginShell: /bin/false \ No newline at end of file diff --git a/ldif/unix_base.ldif b/ldif/unix_base.ldif index bc29956..fe99c9d 100644 --- a/ldif/unix_base.ldif +++ b/ldif/unix_base.ldif @@ -1,19 +1,19 @@ # Unix Server -dn: #-soft_ldap_admin_unix-# +dn: #-ld_unix_dn-# objectClass: top objectClass: organizationalUnit -ou: #-soft_ldap_admin_unix_name-# -userPassword: #-soft_ldap_admin_unixpw_hash-# +ou: #-ld_unix_login-# +userPassword: #-ld_unix_hash-# # Users -dn: ou=Users,#-soft_ldap_admin_unix-# +dn: ou=Users,#-ld_unix_dn-# objectClass: top objectClass: organizationalUnit ou: Users # Groups -dn: ou=Groups,#-soft_ldap_admin_unix-# +dn: ou=Groups,#-ld_unix_dn-# objectClass: top objectClass: organizationalUnit ou: Groups diff --git a/ldif/unix_group.ldif b/ldif/unix_group.ldif index a1b68d6..d9b1943 100644 --- a/ldif/unix_group.ldif +++ b/ldif/unix_group.ldif @@ -1,6 +1,6 @@ -# LDAP Group -dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_unix-# +# Unix group +dn: cn=#-ur_group-#,ou=Groups,#-ld_unix_dn-# objectClass: posixGroup -cn: #-soft_ldap_group_name-# -gidNumber: #-soft_ldap_group_id-# -description: #-soft_ldap_group_desc-# +cn: #-ur_group-# +gidNumber: #-ur_group_id-# +description: #-ur_group_comment-# diff --git a/ldif/unix_user.ldif b/ldif/unix_user.ldif index 08ccc7e..897154f 100644 --- a/ldif/unix_user.ldif +++ b/ldif/unix_user.ldif @@ -1,17 +1,17 @@ -# Add posix Account -dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_unix-# +# Unix account +dn: uid=#-ur_name-#,ou=Users,#-ld_unix_dn-# objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount -cn: #-soft_ldap_user_full_name-# -gidNumber: #-soft_ldap_user_gid-# -homeDirectory: #-soft_ldap_user_home-# -loginShell: #-soft_ldap_user_shell-# +cn: #-ur_fio-# +gidNumber: #-ur_gid-# +homeDirectory: #-ur_home_path-# +loginShell: #-ur_shell-# # число дней с 1970 года в течении которых будет действовать пароль shadowExpire: -1 # зарезервированный аттрибут (У нас это видимость пользователя другим компьютером) -shadowFlag: #-soft_ldap_user_visible-# +shadowFlag: #-ur_visible-# # число дней, после устаревания пароля для блокировки учётной записи shadowInactive: -1 # Дата последнего измения пароля в днях с 1970 года (26 августа 2008 года) @@ -22,7 +22,7 @@ shadowMax: 999999 shadowMin: 0 # число дней, за сколько пользователя начнут предупреждать, что пароль устаревает shadowWarning: 7 -sn: #-soft_ldap_user_login-# -uid: #-soft_ldap_user_login-# -uidNumber: #-soft_ldap_user_id-# -userPassword: #-soft_ldap_user_pw_hash-# \ No newline at end of file +sn: #-ur_name-# +uid: #-ur_name-# +uidNumber: #-ur_id-# +userPassword: #-ur_hash-# \ No newline at end of file diff --git a/profile/backup/etc/openldap/slapd.conf b/profile/backup/etc/openldap/slapd.conf index 7539623..3c702f6 100644 --- a/profile/backup/etc/openldap/slapd.conf +++ b/profile/backup/etc/openldap/slapd.conf @@ -23,11 +23,11 @@ modulepath /usr/lib/openldap/modules # Доступ к аттрибуту userPassword access to attrs=userPassword by self write - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write by * auth # Доступ ко всем аттрибутам access to * - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write by self write by * read # Доступ по умолчанию только для чтения @@ -35,9 +35,9 @@ defaultaccess read # Тип базы данных database ldbm -suffix "#-soft_ldap_base-#" -rootdn "#-soft_ldap_admin_tmp-#" -rootpw #-soft_ldap_adminpw_tmp_hash-# +suffix "#-ld_base_dn-#" +rootdn "#-ld_temp_dn-#" +rootpw #-ld_temp_hash-# checkpoint 1024 5 cachesize 10000 directory /var/lib/openldap-data diff --git a/profile/jabber/etc/jabber/ejabberd.cfg b/profile/jabber/etc/jabber/ejabberd.cfg index 39260b0..da4ba94 100644 --- a/profile/jabber/etc/jabber/ejabberd.cfg +++ b/profile/jabber/etc/jabber/ejabberd.cfg @@ -4,7 +4,7 @@ %%% {loglevel, 4}. -{hosts, ["localhost", "#-net_host-#.#-sys_domain-#"]}. +{hosts, ["localhost", "#-os_net_hostname-#.#-os_net_domain-#"]}. {listen, [ {5223, ejabberd_c2s, [ @@ -26,14 +26,14 @@ ]}. {auth_method, ldap}. {ldap_servers, ["localhost"]}. -{ldap_uids, [{"mail", "%u@#-net_host-#.#-sys_domain-#"}]}. -{ldap_base, "#-soft_ldap_admin_jabber-#"}. -{ldap_rootdn, "#-soft_ldap_admin_jabber-#"}. +{ldap_uids, [{"mail", "%u@#-os_net_hostname-#.#-os_net_domain-#"}]}. +{ldap_base, "#-ld_jabber_dn-#"}. +{ldap_rootdn, "#-ld_jabber_dn-#"}. {ldap_filter, "(initials=Yes)"}. -{ldap_password, "#-soft_ldap_admin_jabberpw-#"}. +{ldap_password, "#-ld_jabber_pw-#"}. {shaper, normal, {maxrate, 1000}}. {shaper, fast, {maxrate, 50000}}. -{acl, admin, {user, "admin", "#-net_host-#.#-sys_domain-#"}}. +{acl, admin, {user, "admin", "#-os_net_hostname-#.#-os_net_domain-#"}}. {acl, local, {user_regexp, ""}}. {access, max_user_sessions, [{10, all}]}. {access, local, [{allow, local}]}. diff --git a/profile/jabber/etc/openldap/slapd.conf b/profile/jabber/etc/openldap/slapd.conf index b567675..ddf0efb 100644 --- a/profile/jabber/etc/openldap/slapd.conf +++ b/profile/jabber/etc/openldap/slapd.conf @@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# include /etc/openldap/schema/samba.schema -#soft_samba_setup# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# +#sr_samba_set# +#?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema -#soft_mail_setup# +#sr_mail_set# schemacheck on pidfile /var/run/openldap/slapd.pid @@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules # Доступ к аттрибуту userPassword access to attrs=userPassword by self write - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# - by dn="#-soft_ldap_admin_samba-#" write -#soft_samba_setup# +#?sr_samba_set==on||cl_pass_service==samba# + by dn="#-ld_samba_dn-#" write +#sr_samba_set# -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# - by dn="#-soft_ldap_admin_unix-#" write -#soft_unix_setup# +#?sr_unix_set==on||cl_pass_service==unix# + by dn="#-ld_unix_dn-#" write +#sr_unix_set# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# - by dn="#-soft_ldap_admin_mail-#" read -#soft_mail_setup# +#?sr_mail_set==on||cl_pass_service==mail# + by dn="#-ld_mail_dn-#" read +#sr_mail_set# -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# - by dn="#-soft_ldap_admin_jabber-#" read -#soft_jabber_setup# +#?sr_jabber_set==on||cl_pass_service==jabber# + by dn="#-ld_jabber_dn-#" read +#sr_jabber_set# by * auth # Доступ к аттрибутам Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# access to attrs=sambaLMPassword,sambaNTPassword - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к пользователю только для просмотра -access to dn.base="#-soft_ldap_bind-#" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_bind-#" read +access to dn.base="#-ld_bind_dn-#" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_bind_dn-#" read by * none # Доступ к администратору сервера LDAP -access to dn.base="#-soft_ldap_admin-#" - by dn="#-soft_ldap_admin-#" write +access to dn.base="#-ld_admin_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ к ветке Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# -access to dn.regex=".*#-soft_ldap_admin_samba-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_samba_set==on||cl_pass_service==samba# +access to dn.regex=".*#-ld_samba_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к ветке Unix -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# -access to dn.regex=".*#-soft_ldap_admin_unix-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_unix_set==on||cl_pass_service==unix# +access to dn.regex=".*#-ld_unix_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_unix_setup# +#sr_unix_set# # Доступ к ветке Mail -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# -access to dn.regex=".*#-soft_ldap_admin_mail-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_mail-#" read +#?sr_mail_set==on||cl_pass_service==mail# +access to dn.regex=".*#-ld_mail_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_mail_dn-#" read by * none -#soft_mail_setup# +#sr_mail_set# # Доступ к ветке Jabber -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# -access to dn.regex=".*#-soft_ldap_admin_jabber-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_jabber-#" read +#?sr_jabber_set==on||cl_pass_service==jabber# +access to dn.regex=".*#-ld_jabber_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_jabber_dn-#" read by * none -#soft_jabber_setup# +#sr_jabber_set# # Доступ к остальным веткам сервисов -access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$" - by dn="#-soft_ldap_admin-#" write - by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write +access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn.regex="ou=$1,#-ld_services_dn-#" write by * none # Закрываем доступ к веткам -access to dn.regex=".*,#-soft_ldap_sevices_dn-#" - by dn="#-soft_ldap_admin-#" write +access to dn.regex=".*,#-ld_services_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ ко всем аттрибутам access to * - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write by self write by * read # Доступ по умолчанию только для чтения @@ -121,7 +121,7 @@ defaultaccess read # Тип базы данных database ldbm -suffix "#-soft_ldap_base-#" +suffix "#-ld_base_dn-#" checkpoint 1024 5 cachesize 10000 directory /var/lib/openldap-data diff --git a/profile/mail/etc/dovecot/dovecot-ldap.conf b/profile/mail/etc/dovecot/dovecot-ldap.conf index 27f77a4..3be8c33 100644 --- a/profile/mail/etc/dovecot/dovecot-ldap.conf +++ b/profile/mail/etc/dovecot/dovecot-ldap.conf @@ -2,19 +2,19 @@ chmod=0600\ chown=root:root # LDAP хост -hosts = #-net_host-# +hosts = #-os_net_hostname-# # DN администратора -dn = #-soft_ldap_admin_mail-# +dn = #-ld_mail_dn-# # Пароль администратора -dnpass = #-soft_ldap_admin_mailpw-# +dnpass = #-ld_mail_pw-# # Включить аутенфикацию auth_bind = yes # Пользователь для аутенфикации -auth_bind_userdn = uid=%u,ou=Users,#-soft_ldap_admin_mail-# +auth_bind_userdn = uid=%u,ou=Users,#-ld_mail_dn-# # Версия LDAP протокола ldap_version = 2 # Базовый DN LDAP -base = ou=Users,#-soft_ldap_admin_mail-# +base = ou=Users,#-ld_mail_dn-# # Тип поиска: base, onelevel, subtree scope = subtree # Фильтр для поиска пользователя diff --git a/profile/mail/etc/dovecot/dovecot.conf b/profile/mail/etc/dovecot/dovecot.conf index 28210c5..25f298a 100644 --- a/profile/mail/etc/dovecot/dovecot.conf +++ b/profile/mail/etc/dovecot/dovecot.conf @@ -2,7 +2,7 @@ chmod=0644\ chown=root:root # Тип хранения почты и расположение почтовых папок -mail_location = maildir:#-soft_ldap_mail_path-#/%u +mail_location = maildir:#-sr_mail_path-#/%u # Аутенфикация по умолчанию auth default { # Удаляем аутенфикацию pam diff --git a/profile/mail/etc/openldap/slapd.conf b/profile/mail/etc/openldap/slapd.conf index b567675..ddf0efb 100644 --- a/profile/mail/etc/openldap/slapd.conf +++ b/profile/mail/etc/openldap/slapd.conf @@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# include /etc/openldap/schema/samba.schema -#soft_samba_setup# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# +#sr_samba_set# +#?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema -#soft_mail_setup# +#sr_mail_set# schemacheck on pidfile /var/run/openldap/slapd.pid @@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules # Доступ к аттрибуту userPassword access to attrs=userPassword by self write - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# - by dn="#-soft_ldap_admin_samba-#" write -#soft_samba_setup# +#?sr_samba_set==on||cl_pass_service==samba# + by dn="#-ld_samba_dn-#" write +#sr_samba_set# -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# - by dn="#-soft_ldap_admin_unix-#" write -#soft_unix_setup# +#?sr_unix_set==on||cl_pass_service==unix# + by dn="#-ld_unix_dn-#" write +#sr_unix_set# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# - by dn="#-soft_ldap_admin_mail-#" read -#soft_mail_setup# +#?sr_mail_set==on||cl_pass_service==mail# + by dn="#-ld_mail_dn-#" read +#sr_mail_set# -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# - by dn="#-soft_ldap_admin_jabber-#" read -#soft_jabber_setup# +#?sr_jabber_set==on||cl_pass_service==jabber# + by dn="#-ld_jabber_dn-#" read +#sr_jabber_set# by * auth # Доступ к аттрибутам Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# access to attrs=sambaLMPassword,sambaNTPassword - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к пользователю только для просмотра -access to dn.base="#-soft_ldap_bind-#" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_bind-#" read +access to dn.base="#-ld_bind_dn-#" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_bind_dn-#" read by * none # Доступ к администратору сервера LDAP -access to dn.base="#-soft_ldap_admin-#" - by dn="#-soft_ldap_admin-#" write +access to dn.base="#-ld_admin_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ к ветке Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# -access to dn.regex=".*#-soft_ldap_admin_samba-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_samba_set==on||cl_pass_service==samba# +access to dn.regex=".*#-ld_samba_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к ветке Unix -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# -access to dn.regex=".*#-soft_ldap_admin_unix-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_unix_set==on||cl_pass_service==unix# +access to dn.regex=".*#-ld_unix_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_unix_setup# +#sr_unix_set# # Доступ к ветке Mail -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# -access to dn.regex=".*#-soft_ldap_admin_mail-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_mail-#" read +#?sr_mail_set==on||cl_pass_service==mail# +access to dn.regex=".*#-ld_mail_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_mail_dn-#" read by * none -#soft_mail_setup# +#sr_mail_set# # Доступ к ветке Jabber -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# -access to dn.regex=".*#-soft_ldap_admin_jabber-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_jabber-#" read +#?sr_jabber_set==on||cl_pass_service==jabber# +access to dn.regex=".*#-ld_jabber_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_jabber_dn-#" read by * none -#soft_jabber_setup# +#sr_jabber_set# # Доступ к остальным веткам сервисов -access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$" - by dn="#-soft_ldap_admin-#" write - by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write +access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn.regex="ou=$1,#-ld_services_dn-#" write by * none # Закрываем доступ к веткам -access to dn.regex=".*,#-soft_ldap_sevices_dn-#" - by dn="#-soft_ldap_admin-#" write +access to dn.regex=".*,#-ld_services_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ ко всем аттрибутам access to * - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write by self write by * read # Доступ по умолчанию только для чтения @@ -121,7 +121,7 @@ defaultaccess read # Тип базы данных database ldbm -suffix "#-soft_ldap_base-#" +suffix "#-ld_base_dn-#" checkpoint 1024 5 cachesize 10000 directory /var/lib/openldap-data diff --git a/profile/mail/etc/postfix/ldap-aliases-gr.cf b/profile/mail/etc/postfix/ldap-aliases-gr.cf index 78852fb..83fb293 100644 --- a/profile/mail/etc/postfix/ldap-aliases-gr.cf +++ b/profile/mail/etc/postfix/ldap-aliases-gr.cf @@ -1,12 +1,12 @@ # Calculate format=postfix\ chmod=0640\ chown=root:postfix -server_host = #-net_host-# +server_host = #-os_net_hostname-# server_port = 389 bind = yes -bind_dn = #-soft_ldap_admin_mail-# -bind_pw = #-soft_ldap_admin_mailpw-# -search_base = ou=Groups,#-soft_ldap_admin_mail-# +bind_dn = #-ld_mail_dn-# +bind_pw = #-ld_mail_pw-# +search_base = ou=Groups,#-ld_mail_dn-# query_filter = (|(mail=%s)(mailAlternateAddress=%s)) result_attribute = rfc822member #result_filter = %s,%u@cds.local.calculate.ru diff --git a/profile/mail/etc/postfix/ldap-aliases.cf b/profile/mail/etc/postfix/ldap-aliases.cf index 6861b00..29c0e52 100644 --- a/profile/mail/etc/postfix/ldap-aliases.cf +++ b/profile/mail/etc/postfix/ldap-aliases.cf @@ -1,11 +1,11 @@ # Calculate format=postfix\ chmod=0640\ chown=root:postfix -server_host = #-net_host-# +server_host = #-os_net_hostname-# server_port = 389 bind = yes -bind_dn = #-soft_ldap_admin_mail-# -bind_pw = #-soft_ldap_admin_mailpw-# -search_base = #-soft_ldap_admin_mail-# +bind_dn = #-ld_mail_dn-# +bind_pw = #-ld_mail_pw-# +search_base = #-ld_mail_dn-# query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(AccountStatus=active)) result_attribute = mail diff --git a/profile/mail/etc/postfix/ldap-recipient-gr.cf b/profile/mail/etc/postfix/ldap-recipient-gr.cf index d439378..7af76da 100644 --- a/profile/mail/etc/postfix/ldap-recipient-gr.cf +++ b/profile/mail/etc/postfix/ldap-recipient-gr.cf @@ -1,11 +1,11 @@ # Calculate format=postfix\ chmod=0640\ chown=root:postfix -server_host = #-net_host-# +server_host = #-os_net_hostname-# server_port = 389 bind = yes -bind_dn = #-soft_ldap_admin_mail-# -bind_pw = #-soft_ldap_admin_mailpw-# -search_base = ou=Groups,#-soft_ldap_admin_mail-# +bind_dn = #-ld_mail_dn-# +bind_pw = #-ld_mail_pw-# +search_base = ou=Groups,#-ld_mail_dn-# query_filter = (|(mail=%s)(mailAlternateAddress=%s)) result_attribute = cn \ No newline at end of file diff --git a/profile/mail/etc/postfix/ldap-recipient.cf b/profile/mail/etc/postfix/ldap-recipient.cf index 1e9cd71..5517b5f 100644 --- a/profile/mail/etc/postfix/ldap-recipient.cf +++ b/profile/mail/etc/postfix/ldap-recipient.cf @@ -1,11 +1,11 @@ # Calculate format=postfix\ chmod=0640\ chown=root:postfix -server_host = #-net_host-# +server_host = #-os_net_hostname-# server_port = 389 bind = yes -bind_dn = #-soft_ldap_admin_mail-# -bind_pw = #-soft_ldap_admin_mailpw-# -search_base = ou=Users,#-soft_ldap_admin_mail-# +bind_dn = #-ld_mail_dn-# +bind_pw = #-ld_mail_pw-# +search_base = ou=Users,#-ld_mail_dn-# query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(AccountStatus=active)) result_attribute = uid diff --git a/profile/mail/etc/postfix/main.cf b/profile/mail/etc/postfix/main.cf index 7ae5b59..5196279 100644 --- a/profile/mail/etc/postfix/main.cf +++ b/profile/mail/etc/postfix/main.cf @@ -22,7 +22,7 @@ daemon_directory = /usr/lib/postfix mail_owner = postfix #Имя хоста -myhostname = #-net_host-#.#-sys_domain-# +myhostname = #-os_net_hostname-#.#-os_net_domain-# #Определяет домен данного компьютера. По умолчанию преобразуется из myhostname #mydomain = local.calculate.ru @@ -55,7 +55,7 @@ unknown_local_recipient_reject_code = 550 #прописываем следующие сети 127.0.0.0 (для localhost, собственно сам #сервер), 192.168.10.0 (для всех других компьютеров в нашей внешней сети), #и 192.168.0.0 (для всех компьютеров во внутренней сети). -mynetworks = #-net_networks-#, 127.0.0.0/8#-soft_ldap_mail_relay-# +mynetworks = #-os_net_allow-#, 127.0.0.0/8#-sr_mail_relay-# #По умолчанию, Postfix пытается посылать почту в Internet напрямую. В зависимости #от окружения, в котором функционирует Ваш почтовый сервер, это может быть diff --git a/profile/mail/etc/procmailrc b/profile/mail/etc/procmailrc index 8a014d0..6ed7717 100644 --- a/profile/mail/etc/procmailrc +++ b/profile/mail/etc/procmailrc @@ -2,6 +2,6 @@ chmod=0644\ chown=root:root # Директория хранения почты -DEFAULT=#-soft_ldap_mail_path-#/$LOGNAME/ +DEFAULT=#-sr_mail_path-#/$LOGNAME/ MAILDIR=$DEFAULT diff --git a/profile/samba/etc/ldap.conf b/profile/samba/etc/ldap.conf index 557aed4..89feb95 100644 --- a/profile/samba/etc/ldap.conf +++ b/profile/samba/etc/ldap.conf @@ -1,4 +1,4 @@ # Calculate format=ldap\ chmod=0644\ chown=root:root -+nss_base_passwd ou=Computers,#-soft_ldap_admin_samba-#?one \ No newline at end of file ++nss_base_passwd ou=Computers,#-ld_samba_dn-#?one \ No newline at end of file diff --git a/profile/samba/etc/openldap/slapd.conf b/profile/samba/etc/openldap/slapd.conf index b567675..ddf0efb 100644 --- a/profile/samba/etc/openldap/slapd.conf +++ b/profile/samba/etc/openldap/slapd.conf @@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# include /etc/openldap/schema/samba.schema -#soft_samba_setup# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# +#sr_samba_set# +#?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema -#soft_mail_setup# +#sr_mail_set# schemacheck on pidfile /var/run/openldap/slapd.pid @@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules # Доступ к аттрибуту userPassword access to attrs=userPassword by self write - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# - by dn="#-soft_ldap_admin_samba-#" write -#soft_samba_setup# +#?sr_samba_set==on||cl_pass_service==samba# + by dn="#-ld_samba_dn-#" write +#sr_samba_set# -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# - by dn="#-soft_ldap_admin_unix-#" write -#soft_unix_setup# +#?sr_unix_set==on||cl_pass_service==unix# + by dn="#-ld_unix_dn-#" write +#sr_unix_set# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# - by dn="#-soft_ldap_admin_mail-#" read -#soft_mail_setup# +#?sr_mail_set==on||cl_pass_service==mail# + by dn="#-ld_mail_dn-#" read +#sr_mail_set# -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# - by dn="#-soft_ldap_admin_jabber-#" read -#soft_jabber_setup# +#?sr_jabber_set==on||cl_pass_service==jabber# + by dn="#-ld_jabber_dn-#" read +#sr_jabber_set# by * auth # Доступ к аттрибутам Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# access to attrs=sambaLMPassword,sambaNTPassword - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к пользователю только для просмотра -access to dn.base="#-soft_ldap_bind-#" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_bind-#" read +access to dn.base="#-ld_bind_dn-#" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_bind_dn-#" read by * none # Доступ к администратору сервера LDAP -access to dn.base="#-soft_ldap_admin-#" - by dn="#-soft_ldap_admin-#" write +access to dn.base="#-ld_admin_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ к ветке Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# -access to dn.regex=".*#-soft_ldap_admin_samba-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_samba_set==on||cl_pass_service==samba# +access to dn.regex=".*#-ld_samba_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к ветке Unix -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# -access to dn.regex=".*#-soft_ldap_admin_unix-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_unix_set==on||cl_pass_service==unix# +access to dn.regex=".*#-ld_unix_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_unix_setup# +#sr_unix_set# # Доступ к ветке Mail -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# -access to dn.regex=".*#-soft_ldap_admin_mail-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_mail-#" read +#?sr_mail_set==on||cl_pass_service==mail# +access to dn.regex=".*#-ld_mail_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_mail_dn-#" read by * none -#soft_mail_setup# +#sr_mail_set# # Доступ к ветке Jabber -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# -access to dn.regex=".*#-soft_ldap_admin_jabber-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_jabber-#" read +#?sr_jabber_set==on||cl_pass_service==jabber# +access to dn.regex=".*#-ld_jabber_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_jabber_dn-#" read by * none -#soft_jabber_setup# +#sr_jabber_set# # Доступ к остальным веткам сервисов -access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$" - by dn="#-soft_ldap_admin-#" write - by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write +access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn.regex="ou=$1,#-ld_services_dn-#" write by * none # Закрываем доступ к веткам -access to dn.regex=".*,#-soft_ldap_sevices_dn-#" - by dn="#-soft_ldap_admin-#" write +access to dn.regex=".*,#-ld_services_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ ко всем аттрибутам access to * - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write by self write by * read # Доступ по умолчанию только для чтения @@ -121,7 +121,7 @@ defaultaccess read # Тип базы данных database ldbm -suffix "#-soft_ldap_base-#" +suffix "#-ld_base_dn-#" checkpoint 1024 5 cachesize 10000 directory /var/lib/openldap-data diff --git a/profile/samba/etc/samba/smb.conf b/profile/samba/etc/samba/smb.conf index d9eabe9..6d2379a 100644 --- a/profile/samba/etc/samba/smb.conf +++ b/profile/samba/etc/samba/smb.conf @@ -4,9 +4,9 @@ chown=root:root [global] # Имя сервера # -------------------------------------------------------------------- - workgroup = #-soft_samba_domain-# - netbios name = #-soft_samba_netbios-# - server string = #-setup_sys_fullname-# + workgroup = #-sr_samba_domain-# + netbios name = #-sr_samba_netbios-# + server string = Calculate Directory Server # Права на создание файлов # -------------------------------------------------------------------- @@ -29,8 +29,8 @@ chown=root:root passdb backend = ldapsam:ldap://127.0.0.1/ ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) - ldap admin dn = #-soft_ldap_admin_samba-# - ldap suffix = #-soft_ldap_admin_samba-# + ldap admin dn = #-ld_samba_dn-# + ldap suffix = #-ld_samba_dn-# ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers @@ -58,7 +58,7 @@ chown=root:root logon home = \\%L\%U logon drive = H: - hosts allow = #-net_networks-# 127. + hosts allow = #-os_net_allow-# 127. hosts deny = 0.0.0.0/0 #interfaces = 127.0.0.1 eth0 map to guest = bad user @@ -82,7 +82,7 @@ chown=root:root ;time offset = [homes] - path = #-soft_samba_home_path-# + path = #-sr_samba_home_path-# comment = Home Directories valid users = %U read only = No @@ -91,7 +91,7 @@ chown=root:root browseable = No [profiles] - path = #-soft_samba_winprofile_path-# + path = #-sr_samba_winprof_path-# create mask = 0600 directory mask = 0700 browseable = No @@ -103,7 +103,7 @@ chown=root:root valid users = %U @"Domain Admins" [unix] - path = #-soft_samba_linprofile_path-# + path = #-sr_samba_linprof_path-# create mask = 0600 directory mask = 0700 browseable = No @@ -115,12 +115,12 @@ chown=root:root valid users = %U @"Domain Admins" [netlogon] - path = #-soft_samba_winlogon_path-#/%u + path = #-sr_samba_winlogon_path-#/%u browseable = No read only = yes [share] - path = #-soft_samba_share_path-# + path = #-sr_samba_share_path-# comment = Share Files browseable = yes writable = yes diff --git a/profile/unix/etc/ldap.conf b/profile/unix/etc/ldap.conf index 2e8fa2d..61b425b 100644 --- a/profile/unix/etc/ldap.conf +++ b/profile/unix/etc/ldap.conf @@ -2,17 +2,17 @@ chmod=0644\ chown=root:root host localhost -base #-soft_ldap_sevices_dn-# -rootbinddn #-soft_ldap_admin_unix-# -binddn #-soft_ldap_bind-# -bindpw #-soft_ldap_bindpw-# +base #-ld_services_dn-# +rootbinddn #-ld_unix_dn-# +binddn #-ld_bind_dn-# +bindpw #-ld_bind_pw-# port 389 ldap_version 3 bind_policy soft #ускорим ограничив область поиска -nss_base_passwd ou=Users,#-soft_ldap_admin_unix-#?one -nss_base_shadow ou=Users,#-soft_ldap_admin_unix-#?one -nss_base_group ou=Groups,#-soft_ldap_admin_unix-#?one +nss_base_passwd ou=Users,#-ld_unix_dn-#?one +nss_base_shadow ou=Users,#-ld_unix_dn-#?one +nss_base_group ou=Groups,#-ld_unix_dn-#?one pam_password md5 diff --git a/profile/unix/etc/openldap/slapd.conf b/profile/unix/etc/openldap/slapd.conf index b567675..ddf0efb 100644 --- a/profile/unix/etc/openldap/slapd.conf +++ b/profile/unix/etc/openldap/slapd.conf @@ -7,12 +7,12 @@ include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# include /etc/openldap/schema/samba.schema -#soft_samba_setup# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# +#sr_samba_set# +#?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema -#soft_mail_setup# +#sr_mail_set# schemacheck on pidfile /var/run/openldap/slapd.pid @@ -26,94 +26,94 @@ modulepath /usr/lib/openldap/modules # Доступ к аттрибуту userPassword access to attrs=userPassword by self write - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# - by dn="#-soft_ldap_admin_samba-#" write -#soft_samba_setup# +#?sr_samba_set==on||cl_pass_service==samba# + by dn="#-ld_samba_dn-#" write +#sr_samba_set# -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# - by dn="#-soft_ldap_admin_unix-#" write -#soft_unix_setup# +#?sr_unix_set==on||cl_pass_service==unix# + by dn="#-ld_unix_dn-#" write +#sr_unix_set# -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# - by dn="#-soft_ldap_admin_mail-#" read -#soft_mail_setup# +#?sr_mail_set==on||cl_pass_service==mail# + by dn="#-ld_mail_dn-#" read +#sr_mail_set# -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# - by dn="#-soft_ldap_admin_jabber-#" read -#soft_jabber_setup# +#?sr_jabber_set==on||cl_pass_service==jabber# + by dn="#-ld_jabber_dn-#" read +#sr_jabber_set# by * auth # Доступ к аттрибутам Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# +#?sr_samba_set==on||cl_pass_service==samba# access to attrs=sambaLMPassword,sambaNTPassword - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к пользователю только для просмотра -access to dn.base="#-soft_ldap_bind-#" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_bind-#" read +access to dn.base="#-ld_bind_dn-#" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_bind_dn-#" read by * none # Доступ к администратору сервера LDAP -access to dn.base="#-soft_ldap_admin-#" - by dn="#-soft_ldap_admin-#" write +access to dn.base="#-ld_admin_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ к ветке Samba -#?soft_samba_setup==yes||soft_ldap_setup_name==samba# -access to dn.regex=".*#-soft_ldap_admin_samba-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_samba_set==on||cl_pass_service==samba# +access to dn.regex=".*#-ld_samba_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_samba_setup# +#sr_samba_set# # Доступ к ветке Unix -#?soft_unix_setup==yes||soft_ldap_setup_name==unix# -access to dn.regex=".*#-soft_ldap_admin_unix-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_samba-#" write - by dn="#-soft_ldap_admin_unix-#" write - by dn="#-soft_ldap_bind-#" read +#?sr_unix_set==on||cl_pass_service==unix# +access to dn.regex=".*#-ld_unix_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_samba_dn-#" write + by dn="#-ld_unix_dn-#" write + by dn="#-ld_bind_dn-#" read by * none -#soft_unix_setup# +#sr_unix_set# # Доступ к ветке Mail -#?soft_mail_setup==yes||soft_ldap_setup_name==mail# -access to dn.regex=".*#-soft_ldap_admin_mail-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_mail-#" read +#?sr_mail_set==on||cl_pass_service==mail# +access to dn.regex=".*#-ld_mail_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_mail_dn-#" read by * none -#soft_mail_setup# +#sr_mail_set# # Доступ к ветке Jabber -#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber# -access to dn.regex=".*#-soft_ldap_admin_jabber-#$" - by dn="#-soft_ldap_admin-#" write - by dn="#-soft_ldap_admin_jabber-#" read +#?sr_jabber_set==on||cl_pass_service==jabber# +access to dn.regex=".*#-ld_jabber_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_jabber_dn-#" read by * none -#soft_jabber_setup# +#sr_jabber_set# # Доступ к остальным веткам сервисов -access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$" - by dn="#-soft_ldap_admin-#" write - by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write +access to dn.regex=".*ou=([^,]+),#-ld_services_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn.regex="ou=$1,#-ld_services_dn-#" write by * none # Закрываем доступ к веткам -access to dn.regex=".*,#-soft_ldap_sevices_dn-#" - by dn="#-soft_ldap_admin-#" write +access to dn.regex=".*,#-ld_services_dn-#" + by dn="#-ld_admin_dn-#" write by * none # Доступ ко всем аттрибутам access to * - by dn="#-soft_ldap_admin-#" write + by dn="#-ld_admin_dn-#" write by self write by * read # Доступ по умолчанию только для чтения @@ -121,7 +121,7 @@ defaultaccess read # Тип базы данных database ldbm -suffix "#-soft_ldap_base-#" +suffix "#-ld_base_dn-#" checkpoint 1024 5 cachesize 10000 directory /var/lib/openldap-data diff --git a/pym/cl_ldap.py b/pym/cl_ldap.py index c639b35..0f7a8bb 100644 --- a/pym/cl_ldap.py +++ b/pym/cl_ldap.py @@ -58,8 +58,8 @@ def adminConnectLdap(fun): if not self.getLdapObjInFile(): flagError = True if not self.baseDN: - if self.clVars.defined("soft_ldap_base"): - self.baseDN = self.clVars.Get("soft_ldap_base") + if self.clVars.defined("ld_base_dn"): + self.baseDN = self.clVars.Get("ld_base_dn") if not self.baseDN: self.printERROR (_('Not found LDAP base DN')) if flagError: @@ -195,7 +195,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon): strUid = resPasswd.split(":")[2] if strUid: delBackDir =\ - os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"), + os.path.join(self.clVars.Get("sr_deleted_path"), "%s-%s"%(userName,strUid), service) if strUid and os.path.exists(delBackDir) and os.listdir(delBackDir): @@ -234,7 +234,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon): strUid = searchUnixUser[0][0][1]['uidNumber'][0] if strUid: delBackDir =\ - os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"), + os.path.join(self.clVars.Get("sr_deleted_path"), "%s-%s"%(userName,strUid), service) if os.path.exists(delBackDir) and os.listdir(delBackDir): @@ -245,19 +245,19 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon): return False else: delBackDir =\ - os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"), + os.path.join(self.clVars.Get("sr_deleted_path"), "%s"%(userName), service) i = 0 while os.path.exists(delBackDir): i += 1 delBackDir =\ - os.path.join(self.clVars.Get("soft_ldap_delete_user_dir"), + os.path.join(self.clVars.Get("sr_deleted_path"), "%s_%s"%(userName,i), service) # Cоздаем директорию хранения удаленных пользователей - if not os.path.exists(self.clVars.Get("soft_ldap_delete_user_dir")): - os.makedirs(self.clVars.Get("soft_ldap_delete_user_dir")) + if not os.path.exists(self.clVars.Get("sr_deleted_path")): + os.makedirs(self.clVars.Get("sr_deleted_path")) #Делаем сохранение директории try: self.copyDir(delBackDir,srcDir) @@ -338,7 +338,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon): def getALLServices(self): """Получаем все сервисы которые описаны в профилях""" # путь к директории профилей - profilePath = self.clVars.Get("setup_path_profinstall")[0] + profilePath = self.clVars.Get("cl_profile_path")[-1] data = os.listdir(profilePath) service = [] for fileData in data: @@ -597,7 +597,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon): return True def createUserDir(self, uid, gid, userDir, mode=0700): - """Создание пользовательской директории для почты""" + """Создание пользовательской директории""" if not os.path.exists(userDir): os.makedirs(userDir) if mode: @@ -1226,7 +1226,7 @@ class servUnix(shareLdap): _("group name %s is found in Unix service") %\ str(groupName) + " ...") return True - self.clVars.Set("soft_ldap_group_name",groupName) + self.clVars.Set("ur_group",groupName) # номер группы gid = str(self.getMaxGid()) if options.has_key('g'): @@ -1242,12 +1242,12 @@ class servUnix(shareLdap): if self.searchUnixGid(gid): self.printERROR(_("GID is found in Unix service") + " ...") return False - self.clVars.Set("soft_ldap_group_id", gid) + self.clVars.Set("ur_group_id", gid) # Коментарий к группе gecos = self.groupGecos if options.has_key('c'): gecos = options['c'] - self.clVars.Set("soft_ldap_group_desc",gecos) + self.clVars.Set("ur_group_comment",gecos) ldifFile = self.ldifFileGroup groupLdif = self.createLdif(ldifFile) @@ -1270,7 +1270,7 @@ class servUnix(shareLdap): def addMachineLdapServer(self, machineName, options): """Добавляет Unix машину в LDAP-сервер""" machineLogin = machineName.replace('$','') + "$" - groupName = self.clVars.Get('soft_ldap_machine_group_name') + groupName = self.clVars.Get('sr_samba_machine_group') resSearch = self.searchUnixGroupName(groupName) if resSearch: @@ -1298,11 +1298,11 @@ class servUnix(shareLdap): options = {'g':groupId,'c':self.groupCompGecos} if not self.addGroupUnixServer(groupName, options): return False - self.clVars.Set('soft_ldap_machine_login',machineLogin) + self.clVars.Set('sr_samba_machine_login',machineLogin) # Находим последний добавленный id userIdNumber = str(self.getMaxUid()) - self.clVars.Set('soft_ldap_machine_id',userIdNumber) - self.clVars.Set('soft_ldap_machine_gid',groupId) + self.clVars.Set('sr_samba_machine_id',userIdNumber) + self.clVars.Set('sr_samba_machine_gid',groupId) ldifFile = self.ldifFileMachine userLdif = self.createLdif(ldifFile) if not self.ldapObj.getError(): @@ -1311,7 +1311,6 @@ class servUnix(shareLdap): if self.ldapObj.getError(): print _("LDAP Error") + ": " + self.ldapObj.getError().strip() return False - #clVars.Write("soft_ldap_user_id",str(int(userId)+1)) self.printSUCCESS(_("Added machine") + "...") return True @@ -1326,7 +1325,7 @@ class servUnix(shareLdap): return False # id нового пользователя userId = str(self.getMaxUid()) - self.clVars.Set("soft_ldap_user_login", userName) + self.clVars.Set("ur_name", userName) baseDir = self.baseDir # Базовая домашняя директория if options.has_key('b'): @@ -1341,23 +1340,23 @@ class servUnix(shareLdap): homeDir = options['d'] else: homeDir = os.path.join(baseDir, userName) - self.clVars.Set("soft_ldap_user_home",homeDir) + self.clVars.Set("ur_home_path",homeDir) fullNameUser = self.fullNameUser # Полное имя пользователя if options.has_key('c'): fullNameUser = options['c'] - self.clVars.Set("soft_ldap_user_full_name",fullNameUser) + self.clVars.Set("ur_fio",fullNameUser) # По умолчанию пользователя не видно visible = '0' if options.has_key('v'): visible = '1' - self.clVars.Set("soft_ldap_user_visible",visible) + self.clVars.Set("ur_visible",visible) # Оболочка пользователя userShell = self.userShell if options.has_key('s'): userShell = options['s'] - self.clVars.Set("soft_ldap_user_shell", userShell) + self.clVars.Set("ur_shell", userShell) # id пользователя if options.has_key('u'): @@ -1376,7 +1375,7 @@ class servUnix(shareLdap): " /etc/passwd"+ " ...") return False - self.clVars.Set("soft_ldap_user_id",userId) + self.clVars.Set("ur_id",userId) # Добавляем пользователя в группы (находим имена групп) if options.has_key('G'): @@ -1426,7 +1425,7 @@ class servUnix(shareLdap): self.printERROR(_("ERROR") + ": " +\ _("create crypto password")) return False - self.clVars.Set("soft_ldap_user_pw_hash",userPwdHash) + self.clVars.Set("ur_hash",userPwdHash) # флаги добавления flagAdd = {} # Добавление основной группы пользователя @@ -1446,7 +1445,7 @@ class servUnix(shareLdap): flagAdd['group'] = flagAddGroup if not flagAddGroup: return False - self.clVars.Set("soft_ldap_user_gid", userGid) + self.clVars.Set("ur_gid", userGid) ldifFile = self.ldifFileUser userLdif = self.createLdif(ldifFile) @@ -2143,12 +2142,12 @@ service")) if options.has_key("f"): forceOptions = True # В случае если сервер установлен - if self.clVars.Get("soft_unix_setup") == "yes" and\ + if self.clVars.Get("sr_unix_set") == "on" and\ not forceOptions: self.printWARNING (_("WARNING") + ": " +\ _("Unix service already configured")+ ".") return True - if not self.clVars.Get("soft_ldap_setup") == "yes": + if not self.clVars.Get("sr_ldap_set") == "on": self.printERROR(_("LDAP service not setuped") +" ...") return False if not forceOptions: @@ -2174,10 +2173,8 @@ service")) bakupObj = servLdap() bakupObj.backupServer() # Имя устанавливаемого сервиса - self.clVars.Set("soft_ldap_setup_name","unix") - self.clVars.Write("soft_unix_setup","no") - # Для тестовых целей устанавливаем директорию инсталяции - #clVars.Set("setup_path_install","/tmp/test1/") + self.clVars.Set("cl_pass_service","unix") + self.clVars.Write("sr_unix_set","off") # Cоздаем объект профиль устанавливая директорию ldap для # файлов профилей if not self.applyProfilesFromService('unix'): @@ -2217,10 +2214,10 @@ service")) # Записываем данные администратора сервиса Unix ldapParser = iniLdapParser() ldapParser.setVar("unix", - {"DN":self.clVars.Get("soft_ldap_admin_unix"), - "PASS":self.clVars.Get("soft_ldap_admin_unixpw")}) + {"DN":self.clVars.Get("ld_unix_dn"), + "PASS":self.clVars.Get("ld_unix_pw")}) self.printOK(_("Unix service configured") +" ...") - self.clVars.Write("soft_unix_setup","yes") + self.clVars.Write("sr_unix_set","on") return True def setShadowLastChange(self, userName): @@ -2309,7 +2306,7 @@ class servMail(shareLdap): " ...") return False #почтовая директория пользователя - mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"), + mailDir = os.path.join(self.clVars.Get("sr_mail_path"), userName) if options.has_key('r'): backup = False @@ -2632,8 +2629,8 @@ class servMail(shareLdap): mail = altMail else: mail = "%s@%s.%s" %(altMail, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if not primaryMail: primaryMail = mail if self.searchUserToMail(mail) or\ @@ -2680,8 +2677,8 @@ in Unix service ...") %str(primaryMail)) mail = altMail else: mail = "%s@%s.%s" %(altMail, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if self.searchUserToMail(mail) or\ self.searchGroupToMail(mail): self.printERROR( @@ -2695,20 +2692,20 @@ in Unix service ...") %str(primaryMail)) str(groupName) + " ...") return False mail = "%s@%s.%s" %(groupName, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if self.searchUserToMail(mail) or\ self.searchGroupToMail(mail): self.printERROR( _("Email address %s is found in Mail service")%\ str(mail) + " ...") return False - self.clVars.Set("soft_ldap_group_name",groupName) + self.clVars.Set("ur_group",groupName) # Комментарий к группе groupGecos = self.servUnixObj.groupGecos if options.has_key('c'): groupGecos = options['c'] - self.clVars.Set("soft_ldap_group_desc",groupGecos) + self.clVars.Set("ur_group_comment",groupGecos) ldifFile = self.ldifFileGroup groupRawLdif = self.createLdif(ldifFile) if not groupRawLdif: @@ -2785,8 +2782,8 @@ in Unix service ...") %str(primaryMail)) usersInGroup = res[0][0][1]['rfc822member'] for userName in usersNames: userMail = "%s@%s.%s" %(userName, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if userMail in usersInGroup: findUsers.append(userName) return findUsers @@ -2835,7 +2832,7 @@ in Unix service ...") %str(primaryMail)) if flagError: return False return True - mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"), + mailDir = os.path.join(self.clVars.Get("sr_mail_path"), userName) flagError = False if not self.createUserDir(uid, gid, mailDir): @@ -2885,8 +2882,8 @@ in Unix service ...") %str(primaryMail)) modAttrs = [] for userName in addUsers: userMail = "%s@%s.%s" %(userName, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) modAttrs.append((ldap.MOD_ADD, 'rfc822member', userMail)) if modAttrs: groupDN = self.addDN("cn="+groupName, self.relGroupsDN) @@ -2919,8 +2916,8 @@ in Unix service ...") %str(primaryMail)) mail = altMail else: mail = "%s@%s.%s" %(altMail, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if not primaryMail: primaryMail = mail if self.searchUserToMail(mail) or\ @@ -2940,8 +2937,8 @@ in Unix service ...") %str(primaryMail)) return False else: mail = "%s@%s.%s" %(userName, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if self.searchUserToMail(mail) or\ self.searchGroupToMail(mail): self.printERROR( @@ -2977,7 +2974,7 @@ in Unix service ...") %str(primaryMail)) _("User %s is not found in Unix service") % str(userName)+\ " ...") return False - self.clVars.Set("soft_ldap_user_login", userName) + self.clVars.Set("ur_name", userName) #Полное имя пользователя fullNameUser = self.servUnixObj.fullNameUser if options.has_key('c'): @@ -2985,7 +2982,7 @@ in Unix service ...") %str(primaryMail)) else: if resUnix and resUnix[0][0][1].has_key('cn'): fullNameUser = resUnix[0][0][1]['cn'][0] - self.clVars.Set("soft_ldap_user_full_name",fullNameUser) + self.clVars.Set("ur_fio",fullNameUser) if not userPwd: userPwdHash = "crypt{xxx}" else: @@ -2997,7 +2994,7 @@ in Unix service ...") %str(primaryMail)) if flagCreateUnixUser: self.servUnixObj.delUserUnixServer(userName, {}, False, False) return False - self.clVars.Set("soft_ldap_user_pw_hash",userPwdHash) + self.clVars.Set("ur_hash",userPwdHash) ldifFile = self.ldifFileUser userRawLdif = self.createLdif(ldifFile) if not userRawLdif: @@ -3028,7 +3025,7 @@ in Unix service ...") %str(primaryMail)) if not flagError: # Востановим удаленного пользователя # Почтовая директория пользователя - mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"), + mailDir = os.path.join(self.clVars.Get("sr_mail_path"), userName) message = _("Restored deleted user %s data")% userName + "\n" +\ _("(Y - yes, n - no, ctrl+c - cansel)") @@ -3074,7 +3071,7 @@ in Unix service ...") %str(primaryMail)) self.createClVars() #self.clVars.printVars() #return True - if self.clVars.Get("soft_unix_setup") != "yes": + if self.clVars.Get("sr_unix_set") != "on": self.printERROR (_("ERROR") + ": " +\ _("LDAP server is not configured")+ ".") self.printWARNING(_("Unix service is not setuped")) @@ -3082,7 +3079,7 @@ in Unix service ...") %str(primaryMail)) self.printWARNING(" cl-setup unix") return False # В случае если сервер установлен - if self.clVars.Get("soft_mail_setup") == "yes" and\ + if self.clVars.Get("sr_mail_set") == "on" and\ not forceOptions: self.printWARNING (_("WARNING") + ": " +\ _("Mail server is configured")+ ".") @@ -3120,8 +3117,8 @@ in Unix service ...") %str(primaryMail)) if not self.stopServices(["mail"]): return False # Имя устанавливаемого сервиса - self.clVars.Set("soft_ldap_setup_name","mail") - self.clVars.Write("soft_mail_setup","no") + self.clVars.Set("cl_pass_service","mail") + self.clVars.Write("sr_mail_set","off") # Cоздаем объект профиль устанавливая директорию mail для # файлов профилей if not self.applyProfilesFromService('mail'): @@ -3161,8 +3158,8 @@ in Unix service ...") %str(primaryMail)) # Записываем данные администратора сервиса Mail ldapParser = iniLdapParser() ldapParser.setVar("mail", - {"DN":self.clVars.Get("soft_ldap_admin_mail"), - "PASS":self.clVars.Get("soft_ldap_admin_mailpw")}) + {"DN":self.clVars.Get("ld_mail_dn"), + "PASS":self.clVars.Get("ld_mail_pw")}) self.printOK(_("Added ldif file") +" ...") textLine = self.execProg("newaliases") if not (textLine == None): @@ -3186,7 +3183,7 @@ in Unix service ...") %str(primaryMail)) # Устанавливаем автозапуск демона if not self.setDaemonAutostart("dovecot"): return False - self.clVars.Write("soft_mail_setup","yes") + self.clVars.Write("sr_mail_set","on") self.printOK(_("Mail service configured") + " ...") return True @@ -3606,12 +3603,12 @@ class servJabber(shareLdap): _("group name %s is found in Jabber service") %\ str(groupName) + " ...") return False - self.clVars.Set("soft_ldap_group_name",groupName) + self.clVars.Set("ur_group",groupName) # Комментарий к группе groupGecos = self.servUnixObj.groupGecos if options.has_key('c'): groupGecos = options['c'] - self.clVars.Set("soft_ldap_group_desc",groupGecos) + self.clVars.Set("ur_group_comment",groupGecos) ldifFile = self.ldifFileGroup groupLdif = self.createLdif(ldifFile) if not groupLdif: @@ -3631,8 +3628,8 @@ class servJabber(shareLdap): """Добавляет jabber пользователя""" #jabber id jabberId = "%s@%s.%s" %(userName, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) if self.searchUserToId(jabberId): self.printERROR(_("User exists in Jabber service")) return False @@ -3642,13 +3639,13 @@ class servJabber(shareLdap): return False if not userPwd: userPwd = "crypt{xxx}" - self.clVars.Set("soft_ldap_user_pw_hash",userPwd) - self.clVars.Set("soft_ldap_user_login", userName) + self.clVars.Set("ur_hash",userPwd) + self.clVars.Set("ur_name", userName) #Полное имя пользователя fullNameUser = self.servUnixObj.fullNameUser if options.has_key('c'): fullNameUser = options['c'] - self.clVars.Set("soft_ldap_user_full_name",fullNameUser) + self.clVars.Set("ur_fio",fullNameUser) ldifFile = self.ldifFileUser userLdif = self.createLdif(ldifFile) if not self.ldapObj.getError(): @@ -3680,7 +3677,7 @@ class servJabber(shareLdap): self.createClVars() #self.clVars.printVars() #return True - if self.clVars.Get("soft_ldap_setup") != "yes": + if self.clVars.Get("sr_ldap_set") != "on": self.printERROR (_("ERROR") + ": " +\ _("LDAP server is not configured")+ ".") self.printWARNING(_("LDAP service is not setuped")) @@ -3688,7 +3685,7 @@ class servJabber(shareLdap): self.printWARNING(" cl-setup ldap") return False # В случае если сервер установлен - if self.clVars.Get("soft_jabber_setup") == "yes" and\ + if self.clVars.Get("sr_jabber_set") == "on" and\ not forceOptions: self.printWARNING (_("WARNING") + ": " +\ _("Jabber server is configured")+ ".") @@ -3723,8 +3720,8 @@ class servJabber(shareLdap): if not self.stopServices(["jabber"]): return False # Имя устанавливаемого сервиса - self.clVars.Set("soft_ldap_setup_name","jabber") - self.clVars.Write("soft_jabber_setup","no") + self.clVars.Set("cl_pass_service","jabber") + self.clVars.Write("sr_jabber_set","off") # Cоздаем объект профиль устанавливая директорию jabber для # файлов профилей if not self.applyProfilesFromService('jabber'): @@ -3764,16 +3761,16 @@ class servJabber(shareLdap): # Администратор сервиса adminName = "admin" adminFullName = "%s@%s.%s" %(adminName, - self.clVars.Get("net_host"), - self.clVars.Get("sys_domain")) + self.clVars.Get("os_net_hostname"), + self.clVars.Get("os_net_domain")) print _("Enter the %s password" % adminFullName) if not self.addUserJabberServer(adminName,{'p':""}): return False # Записываем данные администратора сервиса Jabber ldapParser = iniLdapParser() ldapParser.setVar("jabber", - {"DN":self.clVars.Get("soft_ldap_admin_jabber"), - "PASS":self.clVars.Get("soft_ldap_admin_jabberpw")}) + {"DN":self.clVars.Get("ld_jabber_dn"), + "PASS":self.clVars.Get("ld_jabber_pw")}) self.printOK(_("Added ldif file") +" ...") # создаем сертификат если есть используем прежний self.execProg("/bin/bash /etc/jabber/self-cert.sh") @@ -3789,7 +3786,7 @@ class servJabber(shareLdap): # Устанавливаем автозапуск демона if not self.setDaemonAutostart("ejabberd"): return False - self.clVars.Write("soft_jabber_setup","yes") + self.clVars.Write("sr_jabber_set","on") self.printOK(_("Jabber service configured") + " ...") return True @@ -3841,16 +3838,16 @@ class servSamba(shareLdap): str(delUser)) return False winProfDir =\ - os.path.join(self.clVars.Get("soft_samba_winprofile_path"), + os.path.join(self.clVars.Get("sr_samba_winprof_path"), userName) linProfDir =\ - os.path.join(self.clVars.Get("soft_samba_linprofile_path"), + os.path.join(self.clVars.Get("sr_samba_linprof_path"), userName) userHomeDir =\ - os.path.join(self.clVars.Get("soft_samba_home_path"), + os.path.join(self.clVars.Get("sr_samba_home_path"), userName) userNetlogonDir =\ - os.path.join(self.clVars.Get("soft_samba_winlogon_path"), + os.path.join(self.clVars.Get("sr_samba_winlogon_path"), userName) if options.has_key('r'): backup = False @@ -3964,16 +3961,16 @@ class servSamba(shareLdap): if "Added" in str(textLine): flagError = False winProfDir =\ - os.path.join(self.clVars.Get("soft_samba_winprofile_path"), + os.path.join(self.clVars.Get("sr_samba_winprof_path"), userName) linProfDir =\ - os.path.join(self.clVars.Get("soft_samba_linprofile_path"), + os.path.join(self.clVars.Get("sr_samba_linprof_path"), userName) userHomeDir =\ - os.path.join(self.clVars.Get("soft_samba_home_path"), + os.path.join(self.clVars.Get("sr_samba_home_path"), userName) userNetlogonDir =\ - os.path.join(self.clVars.Get("soft_samba_winlogon_path"), + os.path.join(self.clVars.Get("sr_samba_winlogon_path"), userName) message = _("Restored deleted user %s")% userName + "\n" +\ _("(Y - yes, n - no, ctrl+c - cansel)") @@ -4144,7 +4141,7 @@ class servSamba(shareLdap): self.createClVars() if options.has_key("f"): forceOptions = True - if self.clVars.Get("soft_unix_setup") != "yes": + if self.clVars.Get("sr_unix_set") != "on": self.printERROR (_("ERROR") + ": " +\ _("LDAP server is not configured")+ ".") self.printWARNING(_("Unix service is not setuped")) @@ -4152,7 +4149,7 @@ class servSamba(shareLdap): self.printWARNING(" cl-setup unix") return False # В случае если сервер установлен - if self.clVars.Get("soft_samba_setup") == "yes" and\ + if self.clVars.Get("sr_samba_set") == "on" and\ not forceOptions: self.printWARNING (_("WARNING") + ": " +\ _("Samba server is configured")+ ".") @@ -4186,8 +4183,8 @@ class servSamba(shareLdap): if not self.stopServices(["samba"]): return False # Имя устанавливаемого сервиса - self.clVars.Set("soft_ldap_setup_name","samba") - self.clVars.Write("soft_samba_setup","no") + self.clVars.Set("cl_pass_service","samba") + self.clVars.Write("sr_samba_set","off") # Cоздаем объект профиль устанавливая директорию samba для # файлов профилей if not self.applyProfilesFromService('samba'): @@ -4203,8 +4200,8 @@ class servSamba(shareLdap): # Записываем данные администратора сервиса Samba ldapParser = iniLdapParser() ldapParser.setVar("samba", - {"DN":self.clVars.Get("soft_ldap_admin_samba"), - "PASS":self.clVars.Get("soft_ldap_admin_sambapw")}) + {"DN":self.clVars.Get("ld_samba_dn"), + "PASS":self.clVars.Get("ld_samba_pw")}) ldapParser = iniLdapParser() pswd = ldapParser.getVar("samba","PASS") if not pswd: @@ -4258,7 +4255,7 @@ class servSamba(shareLdap): # Устанавливаем автозапуск демона if not self.setDaemonAutostart("samba"): return False - self.clVars.Write("soft_samba_setup","yes") + self.clVars.Write("sr_samba_set","on") self.printOK(_("Samba service configured") + " ...") return True @@ -4364,7 +4361,7 @@ class servLdap(shareLdap): "/usr/lib/calculate/calculate-server/ldif/ldap_base.ldif" # Для backup # Директория куда будет сохранен архив - self.backupDirectory = "/var/calculate/backup/LDAP" + self.backupDirectory = "/var/calculate/server-backup/ldap" # ldif файл базы LDAP self.archLdifFile = "/tmp/LDAP_DATABASE.ldif" # приватная директория Samba @@ -4396,28 +4393,39 @@ class servLdap(shareLdap): """ servicePaths = [] servInstalled = [] - # путь к директории профилей - profilePath = self.clVars.Get("setup_path_profinstall")[0] - if self.clVars.Get("soft_ldap_setup") == "yes": - serv = "ldap" - servicePaths.append(os.path.join(profilePath,serv)) - servInstalled.append(serv) - if self.clVars.Get("soft_unix_setup") == "yes": - serv = "unix" - servicePaths.append(os.path.join(profilePath,serv)) - servInstalled.append(serv) - if self.clVars.Get("soft_samba_setup") == "yes": - serv = "samba" - servicePaths.append(os.path.join(profilePath,serv)) - servInstalled.append(serv) - if self.clVars.Get("soft_mail_setup") == "yes": - serv = "mail" - servicePaths.append(os.path.join(profilePath,serv)) - servInstalled.append(serv) - if self.clVars.Get("soft_jabber_setup") == "yes": - serv = "jabber" - servicePaths.append(os.path.join(profilePath,serv)) - servInstalled.append(serv) + # пути к директориям профилей + profilePaths = self.clVars.Get("cl_profile_path") + for profilePath in profilePaths: + if self.clVars.Get("sr_ldap_set") == "on": + serv = "ldap" + servPath = os.path.join(profilePath,serv) + if os.path.exists(servPath): + servicePaths.append(servPath) + servInstalled.append(serv) + if self.clVars.Get("sr_unix_set") == "on": + serv = "unix" + servPath = os.path.join(profilePath,serv) + if os.path.exists(servPath): + servicePaths.append(servPath) + servInstalled.append(serv) + if self.clVars.Get("sr_samba_set") == "on": + serv = "samba" + servPath = os.path.join(profilePath,serv) + if os.path.exists(servPath): + servicePaths.append(servPath) + servInstalled.append(serv) + if self.clVars.Get("sr_mail_set") == "on": + serv = "mail" + servPath = os.path.join(profilePath,serv) + if os.path.exists(servPath): + servicePaths.append(servPath) + servInstalled.append(serv) + if self.clVars.Get("sr_jabber_set") == "on": + serv = "jabber" + servPath = os.path.join(profilePath,serv) + if os.path.exists(servPath): + servicePaths.append(servPath) + servInstalled.append(serv) return (servicePaths, servInstalled) def backupServer(self): @@ -4467,13 +4475,13 @@ class servLdap(shareLdap): ldapParser = iniLdapParser() #iniPath = ldapParser.pathIniFile #scanPrivDirs.append(iniPath) - dirDelUsers = self.clVars.Get("soft_ldap_delete_user_dir") + dirDelUsers = self.clVars.Get("sr_deleted_path") if os.path.exists(dirDelUsers): scanPrivDirs.append(dirDelUsers) # Добавляем calulate.ldap allArchFiles.append(ldapParser.nameIniFile) # Добавляем calculate.env - iniFile = "/" + self.clVars.Get("sys_calculate_ini") + iniFile = "/" + self.clVars.Get("cl_env_path")[2] allArchFiles.append(iniFile) if "samba" in servInstalled: scanPrivDirs.append(self.sambaPrivate) @@ -4687,7 +4695,7 @@ class servLdap(shareLdap): def removeTmpRestoreFile(self): """Удаляем временные файлы нужные для восстановлеиня сервисов""" - profilePath = self.clVars.Get("setup_path_profinstall")[0] + profilePath = self.clVars.Get("cl_profile_path")[0] backupDir = os.path.join(profilePath, self.backupDir) fileObj = cl_profile._file() scanObjs = fileObj.scanDirs([backupDir]) @@ -4716,8 +4724,8 @@ class servLdap(shareLdap): используем DN и пароль временного админстратора """ - self.ldapObj = ldapFunction(self.clVars.Get("soft_ldap_admin_tmp"), - self.clVars.Get("soft_ldap_adminpw_tmp")) + self.ldapObj = ldapFunction(self.clVars.Get("ld_temp_dn"), + self.clVars.Get("ld_temp_pw")) self.conLdap = self.ldapObj.conLdap if self.ldapObj.getError(): self.printERROR(_("Can not connected to LDAP server") + " ...") @@ -4733,7 +4741,7 @@ class servLdap(shareLdap): if options.has_key("f"): forceOptions = True - if self.clVars.Get("soft_ldap_setup") == "yes" and\ + if self.clVars.Get("sr_ldap_set") == "on" and\ not forceOptions: self.printWARNING (_("WARNING") + ": " +\ _("LDAP server is configured")+ ".") @@ -4767,7 +4775,7 @@ class servLdap(shareLdap): if not self.stopServices(self.getALLServices()): return False # Получим путь к ini файлу - iniFile = "/" + self.clVars.Get("sys_calculate_ini") + iniFile = "/" + self.clVars.Get("cl_env_path")[2] # Удаляем ini файл if os.path.exists(iniFile): os.remove(iniFile) @@ -4778,10 +4786,10 @@ class servLdap(shareLdap): if os.path.exists(ldapFile): os.remove(ldapFile) # Имя устанавливаемого сервиса - self.clVars.Set("soft_ldap_setup_name","ldap") - self.clVars.Write("soft_ldap_setup","no") + self.clVars.Set("cl_pass_service","ldap") + self.clVars.Write("sr_ldap_set","off") # Первый проход - self.clVars.Set("setup_pass_parser","1",True) + self.clVars.Set("cl_pass_step","1",True) if not self.applyProfilesFromService('ldap'): self.printERROR(_("Can not apply profiles") +":"+ _("first pass")) return False @@ -4804,7 +4812,7 @@ class servLdap(shareLdap): self.printOK(_("Added ldif file") +" ...") # Второй проход, # удаляем временного пользователя root из конфигурационного файла - self.clVars.Set("setup_pass_parser","2",True) + self.clVars.Set("cl_pass_step","2",True) if not self.applyProfilesFromService('ldap'): self.printERROR(_("Can not apply profiles") +":"+ _("second pass")) return False @@ -4813,12 +4821,12 @@ class servLdap(shareLdap): return False # Записываем данные администратора сервера ldapParser.setVar("admin", - {"DN":self.clVars.Get("soft_ldap_admin"), - "PASS":self.clVars.Get("soft_ldap_adminpw")}) + {"DN":self.clVars.Get("ld_admin_dn"), + "PASS":self.clVars.Get("ld_admin_pw")}) # Устанавливаем автозапуск демона if not self.setDaemonAutostart("slapd"): return False - self.clVars.Write("soft_ldap_setup","yes") + self.clVars.Write("sr_ldap_set","on") self.printOK(_("LDAP service configured") +" ...") return True diff --git a/pym/cl_vars_server.py b/pym/cl_vars_server.py index f0de751..78fb5f9 100644 --- a/pym/cl_vars_server.py +++ b/pym/cl_vars_server.py @@ -28,288 +28,305 @@ class Data: #базовый суффикс LDAP - soft_ldap_base= {'mode':"r", - 'type':('param','soft') - } + #Vl soft_ldap_base + ld_base_dn = {} + #bind суффикс LDAP - soft_ldap_bind= {'mode':"r", - 'type':('param','soft'), - } + #Vl soft_ldap_bind + ld_bind_dn = {} + #пользователь только для чтения - soft_ldap_bindname= {'mode':"r", - 'type':('param','soft'), - } + #Vl soft_ldap_bindname + ld_bind_login = {'value':'proxyuser'} + #hash пароля для пользователя для чтения - soft_ldap_bindpw_hash= {'mode':"r", - 'type':('param','soft'), - } + #Vl soft_ldap_bindpw_hash + ld_bind_hash = {} + #пароль для пользователя для чтения - soft_ldap_bindpw= {'mode':"r", - 'type':('param','soft'), - } + #Vl soft_ldap_bindpw + ld_bind_pw = {'value':'calculate'} + #алгоритм шифрования паролей - soft_ldap_hash_encrypt={'mode':"r", - 'type':('param','soft'), - } - #временный пользователь root для инициализации базы данных - soft_ldap_admin_tmp= {'mode':"r", - 'type':('param','soft'), - } + #Vl soft_ldap_hash_encrypt + ld_encrypt = {'value':'{SSHA}'} + #имя для базового суффикса LDAP - soft_ldap_root= {'mode':"r", - 'type':('param','soft')} - #запись для пользователя root - soft_ldap_admin= {'mode':"r", - 'type':('param','soft')} + #Vl soft_ldap_root + ld_base_root = {'value':'calculate'} + + #временный пользователь root для инициализации базы данных + #V soft_ldap_admin_tmp + ld_temp_dn = {} + + #hash пароля временного root + #V soft_ldap_adminpw_tmp_hash + ld_temp_hash = {} + + #пароль временного пользователя root + #V soft_ldap_adminpw_tmp + ld_temp_pw = {} + + #DN пользователя root + #V soft_ldap_admin + ld_admin_dn = {} + #имя пользователя root для LDAP - soft_ldap_adminname= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_adminname + ld_admin_login = {'value':'ldapadmin'} + #hash пароля root - soft_ldap_adminpw_hash= {'mode':"r", - 'type':('param','soft'), - } - #hash пароля временного root - soft_ldap_adminpw_tmp_hash={'mode':"r", - 'type':('param','soft'), - } - #пароль временный пользователя root - soft_ldap_adminpw_tmp= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_adminpw_hash + ld_admin_hash = {} + #пароль root - soft_ldap_adminpw= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_adminpw + ld_admin_pw = {} + #имя samba домена - soft_samba_domain= {'mode':"r", - 'type':('param','soft'), - } + #V soft_samba_domain + sr_samba_domain = {'value':'CDS'} + #netbios имя samba домена - soft_samba_netbios= {'mode':"r", - 'type':('param','soft'), - } + #V soft_samba_netbios + sr_samba_netbios = {'value':'PDC-CDS'} + #Логин LDAP пользователя - soft_ldap_user_login= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_login + ur_name = {'mode':"w"} + #Полное имя LDAP пользователя - soft_ldap_user_full_name={'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_full_name + ur_fio = {'mode':"w"} + #ID LDAP пользователя (номер пользователя) - soft_ldap_user_id= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_id + ur_id = {'mode':"w"} + #GID LDAP пользователя (номер группы пользователя) - soft_ldap_user_gid= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_gid + ur_gid = {'mode':"w"} + #Домашняя директория LDAP пользователя - soft_ldap_user_home= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_home + ur_home_path = {'mode':"w"} + #Оболочка LDAP пользователя - soft_ldap_user_shell= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_shell + ur_shell = {'mode':"w"} + #Хеш пароля LDAP пользователя - soft_ldap_user_pw_hash={'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_user_pw_hash + ur_hash = {'mode':"w"} + #Название группы - soft_ldap_group_name= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_group_name + ur_group = {'mode':"w"} + #ID группы - soft_ldap_group_id= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_group_id + ur_group_id = {'mode':"w"} + #Полное имя группы - soft_ldap_group_desc= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_group_desc + ur_group_comment = {'mode':"w"} + + # Видимость пользователя с другого компьютера + #V soft_ldap_user_visible + ur_visible = {'mode':"w"} + #Логин компьютера - soft_ldap_machine_login={'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_machine_login + sr_samba_machine_login = {'mode':"w"} + #ID LDAP компьютера (номер компьютера) - soft_ldap_machine_id= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_machine_id + sr_samba_machine_id = {'mode':"w"} + #GID LDAP компьютера (номер первичной группы компьютера) - soft_ldap_machine_gid= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_machine_gid + sr_samba_machine_gid = {'mode':"w"} + #Название первичной группы компьютера - soft_ldap_machine_group_name={'mode':"w", - 'type':('param','soft'), - 'value':'Computers', - } - # Видимость пользователя с другого компьютера - soft_ldap_user_visible= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_machine_group_name + sr_samba_machine_group = {'mode':"w", + 'value':'Computers'} + #----------------------------------------------------- #Все сервисы Unix #----------------------------------------------------- #Имя для всех сервисов - soft_ldap_sevices_dn_name = {'mode':"r", - 'type':('param','soft'), - 'value' : 'Services' - } + #V soft_ldap_sevices_dn_name + ld_services= {'value' : 'Services'} + #DN всех сервисов - soft_ldap_sevices_dn= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_sevices_dn + ld_services_dn = {} + #Настроен или нет сервис LDAP - soft_ldap_setup= {'mode':"w", - 'type':('param','soft'), - 'value':'no' - } + #V soft_ldap_setup + sr_ldap_set = {'mode':"w",'value':'off'} + #имя устанавливаемого сервиса - soft_ldap_setup_name= {'mode':"w", - 'type':('param','soft'), - } + #V soft_ldap_setup_name + cl_pass_service = {'mode':"w"} + + #проход при наложении профилей 1,2,3,4,5 и.т д + #V setup_pass_parser + cl_pass_step = {'mode':"w"} + #директория куда будут записаны данные удаленных пользователей - soft_ldap_delete_user_dir= {'mode':"w", - 'type':('param','soft'), - 'value':'/var/calculate/deleted' - } + #V soft_ldap_delete_user_dir + sr_deleted_path = {'mode':"w", + 'value':'/var/calculate/server-backup/deleted'} + #----------------------------------------------------- #Сервис Unix #----------------------------------------------------- #DN админстратора сервиса Unix (он, же DN сервиса) - soft_ldap_admin_unix= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_unix + ld_unix_dn = {} + #имя админстратора сервиса Unix - soft_ldap_admin_unix_name= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_unix_name + ld_unix_login = {'value':'Unix'} + #пароль админстратора сервиса Unix - soft_ldap_admin_unixpw= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_unixpw + ld_unix_pw = {} + #hash пароля админстратора сервиса Unix - soft_ldap_admin_unixpw_hash= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_unixpw_hash + ld_unix_hash = {} + #Настроен или нет сервис Unix - soft_unix_setup= {'mode':"w", - 'type':('param','soft'), - 'value':'no' - } + #V soft_unix_setup + sr_unix_set = {'mode':"w", + 'value':'off'} + #----------------------------------------------------- #Сервис Samba #----------------------------------------------------- #DN админстратора сервиса Samba (он, же DN сервиса) - soft_ldap_admin_samba= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_samba + ld_samba_dn = {} + #имя админстратора сервиса Samba - soft_ldap_admin_samba_name= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_samba_name + ld_samba_login = {'value':'Samba'} + #пароль админстратора сервиса Samba - soft_ldap_admin_sambapw= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_sambapw + ld_samba_pw = {} + #hash пароля админстратора сервиса Samba - soft_ldap_admin_sambapw_hash= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_sambapw_hash + ld_samba_hash = {} + # Директория настроек пользователя windows - soft_samba_winprofile_path = {'mode':"r", - 'type':('param','soft'), - 'value':'/var/calculate/services/samba/win/profiles' - } + #V soft_samba_winprofile_path + sr_samba_winprof_path = {\ + 'value':'/var/calculate/server-data/samba/win/profiles'} + # Директория хранения настроек пользователя linux - soft_samba_linprofile_path = {'mode':"r", - 'type':('param','soft'), - 'value':'/var/calculate/services/samba/lin/profiles'} + #V soft_samba_linprofile_path + sr_samba_linprof_path = {\ + 'value':'/var/calculate/server-data/samba/lin/profiles'} + # Домашняя директория - soft_samba_home_path = {'mode':"r", - 'type':('param','soft'), - 'value':'/var/calculate/services/samba/home' - } + #V soft_samba_home_path + sr_samba_home_path = {\ + 'value':'/var/calculate/server-data/samba/home'} + # Директория netlogon - soft_samba_winlogon_path = {'mode':"r", - 'type':('param','soft'), - 'value':'/var/calculate/services/samba/win/netlogon' - } + #V soft_samba_winlogon_path + sr_samba_winlogon_path = {\ + 'value':'/var/calculate/server-data/samba/win/netlogon'} + # Директория share - soft_samba_share_path = {'mode':"r", - 'type':('param','soft'), - 'value':'/var/calculate/services/samba/share' - } + #V soft_samba_share_path + sr_samba_share_path= {\ + 'value':'/var/calculate/server-data/samba/share'} + # Настроен или нет сервис Samba - soft_samba_setup= {'mode':"w", - 'type':('param','soft'), - 'value':'no' - } + #V soft_samba_setup + sr_samba_set = {'mode':"w", + 'value':'off'} + #----------------------------------------------------- #Сервис Mail #----------------------------------------------------- #DN админстратора сервиса Mail (он, же DN сервиса) - soft_ldap_admin_mail= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_mail + ld_mail_dn = {} + #имя админстратора сервиса Mail - soft_ldap_admin_mail_name= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_mail_name + ld_mail_login = {'value':'Mail'} + #пароль админстратора сервиса Mail - soft_ldap_admin_mailpw= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_mailpw + ld_mail_pw = {} + #hash пароля админстратора сервиса Mail - soft_ldap_admin_mailpw_hash= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_mailpw_hash + ld_mail_hash = {} + #почтовый релей # Пример заполнения: # value:', 212.113.122.130' - soft_ldap_mail_relay = {'mode':"r", - 'type':('param','soft'), - 'value':'' } + #soft_ldap_mail_relay + sr_mail_relay = {'value':''} + # Директория хранения писем - soft_ldap_mail_path = {'mode':"r", - 'type':('param','soft'), - 'value':'/var/calculate/services/mail/imap'} + #V soft_ldap_mail_path + sr_mail_path = {'value':'/var/calculate/server-data/mail/imap'} + #Настроен или нет сервис Mail - soft_mail_setup= {'mode':"w", - 'type':('param','soft'), - 'value':'no' - } + #V soft_mail_setup + sr_mail_set = {'mode':"w", + 'value':'off'} + #----------------------------------------------------- #Сервис Jabber #----------------------------------------------------- #DN админстратора сервиса Jabber (он, же DN сервиса) - soft_ldap_admin_jabber= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_jabber + ld_jabber_dn = {} + #имя админстратора сервиса Jabber - soft_ldap_admin_jabber_name= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_jabber_name + ld_jabber_login = {'value':'Jabber'} + #пароль админстратора сервиса Jabber - soft_ldap_admin_jabberpw= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_jabberpw + ld_jabber_pw = {} + #hash пароля админстратора сервиса Jabber - soft_ldap_admin_jabberpw_hash= {'mode':"r", - 'type':('param','soft'), - } + #V soft_ldap_admin_jabberpw_hash + ld_jabber_hash = {} + #Настроен или нет сервис Jabber - soft_jabber_setup= {'mode':"w", - 'type':('param','soft'), - 'value':'no' - } + #V soft_jabber_setup + sr_jabber_set = {'mode':"w", + 'value':'off'} + + ##список накладываемых профилей при установке, наложении профилей + #setup_path_profinstall + cl_profile_path = {} + + #путь к директории относительно которой происходит наложение профилей на + #файлы системы + #setup_path_install + cl_root_path = {'value':'/'} + + # Calculate плюс версия калкулейта для записи в заголовок файла + # объединяемого с профилем + #setup_name + cl_ver = {'value':'Calculate 0.0.1 alpha 1'} #----------------------------------------------------- #Служебные переменные #----------------------------------------------------- #запущенные сервисы CDS - soft_service_allive= {'mode':"r", - 'type':('param','soft'), - } + #? soft_service_allive + #sr_run = {} diff --git a/setup.py b/setup.py index 1934a8c..d5acdfe 100755 --- a/setup.py +++ b/setup.py @@ -24,17 +24,17 @@ from distutils.core import setup data_files = [] -var_data_files = [("/var/calculate/profile/server",[]), - ("/var/calculate/remote/profile",[]), - # services - ("/var/calculate/services",[]), +var_data_files = [("/var/calculate/server-profile",[]), + #("/var/calculate/remote/server-profile",[]), + # server-data + ("/var/calculate/server-data",[]), # samba - ("/var/calculate/services/samba",[]), - ("/var/calculate/services/samba/home",[]), - ("/var/calculate/services/samba/share",[]), - ("/var/calculate/services/samba/win/profiles",[]), - ("/var/calculate/services/samba/lin/profiles",[]), - ("/var/calculate/services/samba/win/netlogon",[]), + ("/var/calculate/server-data/samba",[]), + ("/var/calculate/server-data/samba/home",[]), + ("/var/calculate/server-data/samba/share",[]), + ("/var/calculate/server-data/samba/win/profiles",[]), + ("/var/calculate/server-data/samba/lin/profiles",[]), + ("/var/calculate/server-data/samba/win/netlogon",[]), ] data_dirs_local = ['profile','ldif'] @@ -117,7 +117,7 @@ data_files += create_data_files (data_dirs_share, share_calculate_dir) setup( name = 'calculate-server', version = "0.0.1", - description = "The program for configuring services linux", + description = "The program for configuring server-data linux", author = "Calculate Pack", author_email = "support@calculate.ru", url = "http://calculate-linux.ru",