projects / webmin.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af47318)
Support multiple secrets files, as seen on Debian 6
authorJamie Cameron <jcameron@webmin.com>
Fri, 11 Feb 2011 00:13:01 +0000 (16:13 -0800)
committerJamie Cameron <jcameron@webmin.com>
Fri, 11 Feb 2011 00:13:01 +0000 (16:13 -0800)
ldap-client/config-debian-linux-6.0-* patch | blob | history
ldap-client/config.info patch | blob | history
ldap-client/ldap-client-lib.pl patch | blob | history
ldap-client/save_server.cgi patch | blob | history

diff --git a/ldap-client/config-debian-linux-6.0-* b/ldap-client/config-debian-linux-6.0-*
index 9c2908c..a599069 100644 (file)
--- a/ldap-client/config-debian-linux-6.0-*
+++ b/ldap-client/config-debian-linux-6.0-*
@@ -1,3 +1,3 @@
 auth_ldap=/etc/libnss-ldap.conf
 pam_ldap=/etc/pam_ldap.conf
-secret=/etc/libnss-ldap.secret
+secret=/etc/libnss-ldap.secret /etc/pam_ldap.secret
diff --git a/ldap-client/config.info b/ldap-client/config.info
index f6b0500..bc92807 100644 (file)
--- a/ldap-client/config.info
+++ b/ldap-client/config.info
@@ -1,6 +1,6 @@
 auth_ldap=LDAP client configuration file,8
 pam_ldap=PAM LDAP configuration file,3,Same as LDAP client file
-secret=Root LDAP client password file,8
+secret=Root LDAP client password files,9,50,2,\t
 line0=LDAP browser and validation settings,11
 ldap_hosts=LDAP server hosts,3,From config file,50
 ldap_port=LDAP server port,3,From config file,5
diff --git a/ldap-client/ldap-client-lib.pl b/ldap-client/ldap-client-lib.pl
index 9c9b34a..fac85fe 100755 (executable)
--- a/ldap-client/ldap-client-lib.pl
+++ b/ldap-client/ldap-client-lib.pl
@@ -118,7 +118,8 @@ foreach my $c (@$conf) {
 # Returns the password used when the root user connects to the LDAP server
 sub get_rootbinddn_secret
 {
-&open_readfile(SECRET, $config{'secret'}) || return undef;
+local @secrets = split(/\t+/, $config{'secret'});
+&open_readfile(SECRET, $secrets[0]) || return undef;
 local $secret = <SECRET>;
 close(SECRET);
 $secret =~ s/\r|\n//g;
@@ -129,14 +130,17 @@ return $secret;
 # Saves the password used when the root user connects to the LDAP server
 sub save_rootbinddn_secret
 {
+local @secrets = split(/\t+/, $config{'secret'});
 if (defined($_[0])) {
-       &open_tempfile(SECRET, ">$config{'secret'}");
-       &print_tempfile(SECRET, $_[0],"\n");
-       &close_tempfile(SECRET);
-       &set_ownership_permissions(0, 0, 0600, $config{'secret'});
+       foreach my $secret (@secrets) {
+               &open_tempfile(SECRET, ">$secret");
+               &print_tempfile(SECRET, $_[0],"\n");
+               &close_tempfile(SECRET);
+               &set_ownership_permissions(0, 0, 0600, $secret);
+               }
        }
 else {
-       &unlink_file($config{'secret'});
+       &unlink_file(@secrets);
        }
 }
 
diff --git a/ldap-client/save_server.cgi b/ldap-client/save_server.cgi
index 2ed87ca..d27e29d 100755 (executable)
--- a/ldap-client/save_server.cgi
+++ b/ldap-client/save_server.cgi
@@ -6,7 +6,10 @@ require './ldap-client-lib.pl';
 &ReadParse();
 
 &lock_file($config{'auth_ldap'});
-&lock_file($config{'secret'});
+@secrets = split(/\t+/, $config{'secret'});
+foreach $secret (@secrets) {
+       &lock_file($secret);
+       }
 $conf = &get_config();
 $uri = &find_svalue("uri", $conf);
 
@@ -116,7 +119,9 @@ else {
 # Write out config
 &flush_file_lines();
 &unlock_file($config{'auth_ldap'});
-&unlock_file($config{'secret'});
+foreach $secret (@secrets) {
+       &unlock_file($secret);
+       }
 
 &webmin_log("server");
 &redirect("");
Webmin PERL server management