Univention Bugzilla – Attachment 10951 Details for
Bug 54744
slapd fails if lines in slapd.conf are too long
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to the template file to split long ACL line
long_ACL_wrap.patch (text/plain), 2.15 KB, created by
Lukas Zumvorde
on 2022-05-12 13:18:14 CEST
(
hide
)
Description:
Patch to the template file to split long ACL line
Filename:
MIME Type:
Creator:
Lukas Zumvorde
Created:
2022-05-12 13:18:14 CEST
Size:
2.15 KB
patch
obsolete
>diff --git a/management/univention-admingrp-user-passwordreset/conffiles/etc/ldap/slapd.conf.d/65admingrp-user-passwordreset b/management/univention-admingrp-user-passwordreset/conffiles/etc/ldap/slapd.conf.d/65admingrp-user-passwordreset >index 9e68a37cd7..08e61d0294 100644 >--- a/management/univention-admingrp-user-passwordreset/conffiles/etc/ldap/slapd.conf.d/65admingrp-user-passwordreset >+++ b/management/univention-admingrp-user-passwordreset/conffiles/etc/ldap/slapd.conf.d/65admingrp-user-passwordreset >@@ -22,6 +22,17 @@ for key in configRegistry.keys(): > grouplist.append(configRegistry.get(key)) > > userfilter = '(&(|(&(objectClass=posixAccount)(objectClass=shadowAccount))(objectClass=univentionMail)(objectClass=sambaSamAccount)(objectClass=simpleSecurityObject)(&(objectClass=person)(objectClass=organizationalPerson)(objectClass=inetOrgPerson)))(!(uidNumber=0))(!(|%s)))' % uidexcludestr >+userfilter_lines = [] >+i = 0 >+n = 1024 >+while i < len(userfilter): >+ try: >+ j = userfilter[i:i+n].rindex(')') >+ except: >+ j = n >+ userfilter_lines.append(userfilter[i:i+j+1]) >+ i = i + j + 1 >+userfilter = "\n ".join(userfilter_lines) > > attr_fallback = 'krb5Key,userPassword,sambaPwdCanChange,sambaPwdMustChange,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,pwhistory,sambaPasswordHistory,krb5KDCFlags,krb5KeyVersionNumber,krb5PasswordEnd,shadowMax,shadowLastChange' > attrlist = configRegistry.get('ldap/acl/user/passwordreset/attributes', attr_fallback) >@@ -30,7 +41,8 @@ nestedgroups = configRegistry.is_true('ldap/acl/nestedgroups', False) > > if grouplist: > print('# helpdesk access: grant access to specified groups for password reset') >- print('access to dn.sub="%(ldap/base)s" filter="%(userfilter)s" attrs="%(attributelist)s"' % {'ldap/base': configRegistry.get('ldap/base'), 'userfilter': userfilter, 'attributelist': attrlist}) >+ print('access to dn.sub="%(ldap/base)s" filter="%(userfilter)s"' % {'ldap/base': configRegistry.get('ldap/base'), 'userfilter': userfilter}) >+ print(' attrs="%(attributelist)s"' % {'attributelist': attrlist}) > for dn in grouplist: > if nestedgroups: > print(' by set="user & [%s]/uniqueMember*" %s' % (dn, access))
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=10951">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 54744
: 10951