Offer to fix separate PAM and NSS config files

diff --git a/ldap-client/CHANGELOG b/ldap-client/CHANGELOG
index 74da8e5..c9d29af 100644 (file)
--- a/ldap-client/CHANGELOG
+++ b/ldap-client/CHANGELOG
@@ -3,3 +3,5 @@ First version of this module.
 ---- Changes since 1.290 ----
 Added Module Config options for specifying a different LDAP server to connect to for the browser and validation features.
 Object and attribute lists in the LDAP browser are now sorted.
+---- Changes since 1.400 ----
+On Debian/Ubuntu systems with separate PAM and NSS LDAP config files, offer to link them with a new button.

diff --git a/ldap-client/config-debian-linux-3.1-* b/ldap-client/config-debian-linux-3.1-*
index 5ddbe81..d535c38 100644 (file)
--- a/ldap-client/config-debian-linux-3.1-*
+++ b/ldap-client/config-debian-linux-3.1-*
@@ -1,2 +1,3 @@
 auth_ldap=/etc/libnss-ldap.conf
 secret=/etc/ldap.secret
+pam_ldap=/etc/pam_ldap.conf

diff --git a/ldap-client/config.info b/ldap-client/config.info
index aaff4de..772aa2c 100644 (file)
--- a/ldap-client/config.info
+++ b/ldap-client/config.info
@@ -1,4 +1,5 @@
 auth_ldap=LDAP client configuration file,8
+pam_ldap=PAM LDAP configuration file,3,Same as LDAP client file
 secret=Root LDAP client password file,8
 line0=LDAP browser and validation settings,11
 ldap_hosts=LDAP server hosts,3,From config file,50

diff --git a/ldap-client/fixpam.cgi b/ldap-client/fixpam.cgi
new file mode 100755 (executable)
index 0000000..76123eb
--- /dev/null
+++ b/ldap-client/fixpam.cgi
@@ -0,0 +1,20 @@
+#!/usr/local/bin/perl
+# Link PAM LDAP file to NSS file
+
+require './ldap-client-lib.pl';
+&ReadParse();
+
+if ($in{'ignore'}) {
+       # Don't show message anymore
+       $config{'nofixpam'} = 1;
+       &save_module_config();
+       }
+else {
+       # Fix up
+       &unlink_logged($config{'pam_ldap'});
+       &symlink_logged($config{'auth_ldap'}, $config{'pam_ldap'});
+       &webmin_log("fixpam");
+       }
+&redirect("");
+
+

diff --git a/ldap-client/index.cgi b/ldap-client/index.cgi
index 446203f..3c55ee6 100755 (executable)
--- a/ldap-client/index.cgi
+++ b/ldap-client/index.cgi
@@ -11,6 +11,19 @@ if (!-r $config{'auth_ldap'}) {
                        [ "<tt>$config{'auth_ldap'}</tt>", undef ]));
        }
 
+# Check for separate config files for PAM and NSS
+if ($config{'pam_ldap'} && -r $config{'pam_ldap'} && !$config{'nofixpam'} &&
+    !&same_file($config{'pam_ldap'}, $config{'auth_ldap'})) {
+       print "<center>\n";
+       print &ui_form_start("fixpam.cgi");
+       print &text('index_fixpam',
+               "<tt>".&html_escape($config{'auth_ldap'})."</tt>",
+               "<tt>".&html_escape($config{'pam_ldap'})."</tt>"),"<p>\n";
+       print &ui_form_end([ [ undef, $text{'index_fix'} ],
+                            [ "ignore", $text{'index_ignore'} ] ]);
+       print "</center>\n";
+       }
+
 # Show icons for option categories
 @pages = ( "server", "base", "pam", "switch", "browser" );
 @links = map { $_ eq "browser" ? "browser.cgi" :

diff --git a/ldap-client/lang/en b/ldap-client/lang/en
index 848029e..088b818 100644 (file)
--- a/ldap-client/lang/en
+++ b/ldap-client/lang/en
@@ -2,6 +2,9 @@ index_econf=The NSS-LDAP configuration file $1 was not found on your system. May
 index_check=Validate Configuration
 index_checkdesc=Click this button to have Webmin validate your LDAP server configuration, by ensuring that the server can be contacted and that it contains users and groups.
 index_return=module index
+index_fixpam=<b>Warning</b> - Webmin has detected two separate LDAP configuration files on your system. NSS-LDAP is configured using $1, while PAM-LDAP uses $2. This may cause in-consistencies between the two services.
+index_fix=Fix by Linking Files
+index_ignore=Don't Show This Message
 
 server_title=LDAP Server Configuration
 server_header=LDAP server and login options