|
|
|---|
| 53 |
ucr = univention.config_registry.ConfigRegistry() |
53 |
ucr = univention.config_registry.ConfigRegistry() |
| 54 |
ucr.load() |
54 |
ucr.load() |
| 55 |
modified_default_names = [] |
55 |
modified_default_names = [] |
|
|
56 |
set_ucr_key__value_list = [] |
| 57 |
unset_ucr_key_list = [] |
| 56 |
|
58 |
|
| 57 |
|
59 |
|
| 58 |
def sidToName(sid): |
60 |
def sidToName(sid): |
|
|
|---|
| 65 |
|
67 |
|
| 66 |
|
68 |
|
| 67 |
def checkAndSet(new, old): |
69 |
def checkAndSet(new, old): |
|
|
70 |
global set_ucr_key__value_list |
| 71 |
global unset_ucr_key_list |
| 72 |
|
| 68 |
obj = new or old |
73 |
obj = new or old |
| 69 |
if not obj: |
74 |
if not obj: |
| 70 |
return |
75 |
return |
|
Lines 115-136
def checkAndSet(new, old):
|
Link Here
|
|---|
|
|---|
| 115 |
ucr.load() |
120 |
ucr.load() |
| 116 |
ucr_value = ucr.get(unset_ucr_key) |
121 |
ucr_value = ucr.get(unset_ucr_key) |
| 117 |
if ucr_value: |
122 |
if ucr_value: |
| 118 |
ud.debug(ud.LISTENER, ud.PROCESS, "%s: ucr unset %s=%s" % (name, unset_ucr_key, ucr_value)) |
123 |
unset_ucr_key_list.append(unset_ucr_key) |
| 119 |
listener.setuid(0) |
124 |
modified_default_names.append(default_name) |
| 120 |
try: |
125 |
ud.debug(ud.LISTENER, ud.PROCESS, "%s: scheduling ucr unset %s=%s" % (name, unset_ucr_key, ucr_value)) |
| 121 |
univention.config_registry.handler_unset([unset_ucr_key]) |
|
|
| 122 |
return default_name |
| 123 |
finally: |
| 124 |
listener.unsetuid() |
| 125 |
else: |
126 |
else: |
| 126 |
ucr_key_value = "%s/%s=%s" % (ucr_base, default_name_lower, obj_name) |
127 |
ucr_key_value = "%s/%s=%s" % (ucr_base, default_name_lower, obj_name) |
| 127 |
ud.debug(ud.LISTENER, ud.PROCESS, "%s: ucr set %s" % (name, ucr_key_value)) |
128 |
modified_default_names.append(default_name) |
| 128 |
listener.setuid(0) |
129 |
ud.debug(ud.LISTENER, ud.PROCESS, "%s: scheduling ucr set %s" % (name, ucr_key_value)) |
| 129 |
try: |
130 |
set_ucr_key__value_list.append(ucr_key_value) |
| 130 |
univention.config_registry.handler_set([ucr_key_value]) |
|
|
| 131 |
return default_name |
| 132 |
finally: |
| 133 |
listener.unsetuid() |
| 134 |
|
131 |
|
| 135 |
|
132 |
|
| 136 |
def no_relevant_change(new, old): |
133 |
def no_relevant_change(new, old): |
|
Lines 157-164
def no_relevant_change(new, old):
|
Link Here
|
|---|
|
|---|
| 157 |
|
154 |
|
| 158 |
def handler(dn, new, old, command): |
155 |
def handler(dn, new, old, command): |
| 159 |
# type: (str, dict, dict, str) -> None |
156 |
# type: (str, dict, dict, str) -> None |
| 160 |
global modified_default_names |
|
|
| 161 |
|
| 162 |
if ucr.is_false("listener/module/wellknownsidnamemapping", False): |
157 |
if ucr.is_false("listener/module/wellknownsidnamemapping", False): |
| 163 |
ud.debug(ud.LISTENER, ud.INFO, '%s: deactivated by listener/module/wellknownsidnamemapping' % (name,)) |
158 |
ud.debug(ud.LISTENER, ud.INFO, '%s: deactivated by listener/module/wellknownsidnamemapping' % (name,)) |
| 164 |
return |
159 |
return |
|
Lines 209-239
def handler(dn, new, old, command):
|
Link Here
|
|---|
|
|---|
| 209 |
if new: |
204 |
if new: |
| 210 |
if not old: # add |
205 |
if not old: # add |
| 211 |
ud.debug(ud.LISTENER, ud.INFO, "%s: new %r" % (name, new.get("sambaSID"))) |
206 |
ud.debug(ud.LISTENER, ud.INFO, "%s: new %r" % (name, new.get("sambaSID"))) |
| 212 |
changed_default_name = checkAndSet(new, old) |
207 |
checkAndSet(new, old) |
| 213 |
if changed_default_name: |
|
|
| 214 |
modified_default_names.append(changed_default_name) |
| 215 |
|
208 |
|
| 216 |
else: # modify |
209 |
else: # modify |
| 217 |
if no_relevant_change(new, old): |
210 |
if no_relevant_change(new, old): |
| 218 |
return |
211 |
return |
| 219 |
|
212 |
checkAndSet(new, old) |
| 220 |
changed_default_name = checkAndSet(new, old) |
|
|
| 221 |
if changed_default_name: |
| 222 |
modified_default_names.append(changed_default_name) |
| 223 |
|
213 |
|
| 224 |
elif old: # delete |
214 |
elif old: # delete |
| 225 |
ud.debug(ud.LISTENER, ud.INFO, "%s: del %r" % (name, old.get("sambaSID"))) |
215 |
ud.debug(ud.LISTENER, ud.INFO, "%s: del %r" % (name, old.get("sambaSID"))) |
| 226 |
changed_default_name = checkAndSet(new, old) |
216 |
checkAndSet(new, old) |
| 227 |
if changed_default_name: |
|
|
| 228 |
modified_default_names.append(changed_default_name) |
| 229 |
|
217 |
|
| 230 |
|
218 |
|
| 231 |
def postrun(): |
219 |
def postrun(): |
| 232 |
# type: () -> None |
220 |
# type: () -> None |
| 233 |
global modified_default_names |
221 |
global modified_default_names |
|
|
222 |
global set_ucr_key__value_list |
| 223 |
global unset_ucr_key_list |
| 224 |
|
| 234 |
if not modified_default_names: |
225 |
if not modified_default_names: |
| 235 |
return |
226 |
return |
| 236 |
|
227 |
|
|
|
228 |
listener.setuid(0) |
| 229 |
try: |
| 230 |
if unset_ucr_key_list: |
| 231 |
ud.debug(ud.LISTENER, ud.INFO, "%s: Running ucs unset %s" % (name, unset_ucr_key_list)) |
| 232 |
univention.config_registry.handler_unset(unset_ucr_key_list) |
| 233 |
unset_ucr_key_list = [] |
| 234 |
if set_ucr_key__value_list: |
| 235 |
ud.debug(ud.LISTENER, ud.INFO, "%s: Running ucs set %s" % (name, set_ucr_key__value_list)) |
| 236 |
univention.config_registry.handler_set(set_ucr_key__value_list) |
| 237 |
set_ucr_key__value_list = [] |
| 238 |
finally: |
| 239 |
listener.unsetuid() |
| 240 |
|
| 237 |
hook_dir = '/usr/lib/univention-pam/well-known-sid-name-mapping.d' |
241 |
hook_dir = '/usr/lib/univention-pam/well-known-sid-name-mapping.d' |
| 238 |
if not os.path.isdir(hook_dir): |
242 |
if not os.path.isdir(hook_dir): |
| 239 |
return |
243 |
return |