From 7bdd42a9b6f60ab66c76fd3b0cf2c76195469814 Mon Sep 17 00:00:00 2001 Message-Id: <7bdd42a9b6f60ab66c76fd3b0cf2c76195469814.1431942779.git.hahn@univention.de> From: Philipp Hahn Date: Mon, 18 May 2015 11:24:17 +0200 Subject: [PATCH 1/2] Bug #38094: Copyright 2015 Organization: Univention GmbH, Bremen, Germany --- branches/ucs-4.0/ucs-4.0-2/base/univention-server/check_connection | 2 +- branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/copyright | 2 +- branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/rules | 2 +- .../univention-server/debian/univention-role-server-common.postinst | 2 +- .../base/univention-server/debian/univention-server-backup.postinst | 2 +- .../base/univention-server/debian/univention-server-master.postinst | 2 +- .../base/univention-server/debian/univention-server-master.preinst | 2 +- .../base/univention-server/debian/univention-server-member.postinst | 2 +- .../base/univention-server/debian/univention-server-slave.postinst | 2 +- .../ucs-4.0/ucs-4.0-2/base/univention-server/server_password_change | 2 +- .../univention-directory-policy/univention-set-ldap-server | 2 +- .../ucs-4.0-2/base/univention-server/univention-ldap-server-available | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/check_connection b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/check_connection index 498b0b3..8ad0ebf 100755 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/check_connection +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/check_connection @@ -5,7 +5,7 @@ # connection fails 'ldap' is removed from the list of possible # authentication methods # -# Copyright 2004-2014 Univention GmbH +# Copyright 2004-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/copyright b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/copyright index 84eba2a..6442f85 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/copyright +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/copyright @@ -1,4 +1,4 @@ -Copyright 2003-2014 Univention GmbH +Copyright 2003-2015 Univention GmbH http://www.univention.de/ diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/rules b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/rules index 13a499f..1ba7291 100755 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/rules +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/rules @@ -3,7 +3,7 @@ # Univention Server # rules file for the debian package # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-role-server-common.postinst b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-role-server-common.postinst index d43acc4..79aa789 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-role-server-common.postinst +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-role-server-common.postinst @@ -3,7 +3,7 @@ # Univention Server Common # postinst script for the Debian package # -# Copyright 2014 Univention GmbH +# Copyright 2014-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-backup.postinst b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-backup.postinst index d5f7530..e1b203a 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-backup.postinst +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-backup.postinst @@ -3,7 +3,7 @@ # Univention Server Backup # postinst script for the debian package # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.postinst b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.postinst index 1410128..476d3af 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.postinst +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.postinst @@ -3,7 +3,7 @@ # Univention Server Master # postinst script for the debian package # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.preinst b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.preinst index ef93de0..5912ebe 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.preinst +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-master.preinst @@ -3,7 +3,7 @@ # Univention Server Master # preinst script for the debian package # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-member.postinst b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-member.postinst index a8f86f9..cb036a2 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-member.postinst +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-member.postinst @@ -3,7 +3,7 @@ # Univention Server Memberserver # postinst script for the debian package # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-slave.postinst b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-slave.postinst index 53d270a..2bbead4 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-slave.postinst +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/univention-server-slave.postinst @@ -3,7 +3,7 @@ # Univention Server Slave # postinst script for the debian package # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/server_password_change b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/server_password_change index 41e09ab..2e1c0ce 100755 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/server_password_change +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/server_password_change @@ -3,7 +3,7 @@ # Univention Server # helper script: creates new machine password # -# Copyright 2004-2014 Univention GmbH +# Copyright 2004-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server index 46f14c5..5db172e 100755 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server @@ -4,7 +4,7 @@ # Univention Server Memberserver # sets LDAP server according to policy # -# Copyright 2003-2014 Univention GmbH +# Copyright 2003-2015 Univention GmbH # # http://www.univention.de/ # diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-ldap-server-available b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-ldap-server-available index 6fdb261..c74c940 100755 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-ldap-server-available +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-ldap-server-available @@ -3,7 +3,7 @@ # Univention System Role Package # helper script: checks the connection to the LDAP server. # -# Copyright 2010-2014 Univention GmbH +# Copyright 2010-2015 Univention GmbH # # http://www.univention.de/ # -- 1.9.1 From 7e7e289ee3ea866389b5f7ccd270ef62d1f9f2eb Mon Sep 17 00:00:00 2001 Message-Id: <7e7e289ee3ea866389b5f7ccd270ef62d1f9f2eb.1431942779.git.hahn@univention.de> In-Reply-To: <7bdd42a9b6f60ab66c76fd3b0cf2c76195469814.1431942779.git.hahn@univention.de> References: <7bdd42a9b6f60ab66c76fd3b0cf2c76195469814.1431942779.git.hahn@univention.de> From: Philipp Hahn Date: Mon, 18 May 2015 11:22:24 +0200 Subject: [PATCH 2/2] Bug #38094 LDAP: Move ldap/server/additional into LDAP layer Organization: Univention GmbH, Bremen, Germany ldap/server/additional is generated by the LDAP policy, which currently overwrites any user configuration. --- .../base/univention-server/debian/changelog | 6 +++++ .../univention-set-ldap-server | 28 ++++++++++++---------- 2 files changed, 22 insertions(+), 12 deletions(-) diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/changelog b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/changelog index 7b72227..39436af 100644 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/changelog +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/debian/changelog @@ -1,3 +1,9 @@ +univention-server (10.0.3-2) unstable; urgency=low + + * Bug #38094: Move ldap/server/additional into LDAP layer + + -- Philipp Hahn Mon, 18 May 2015 11:18:25 +0200 + univention-server (10.0.3-1) unstable; urgency=medium * Removed lock_expired_passwords lock_expired_accounts cron job diff --git a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server index 5db172e..9da55a6 100755 --- a/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server +++ b/branches/ucs-4.0/ucs-4.0-2/base/univention-server/univention-directory-policy/univention-set-ldap-server @@ -31,10 +31,12 @@ # /usr/share/common-licenses/AGPL-3; if not, see # . -import sys, string, subprocess -import univention.config_registry +import sys +import subprocess +from univention.config_registry import ConfigRegistry +from univention.config_registry.frontend import ucr_update -configRegistry = univention.config_registry.ConfigRegistry() +configRegistry = ConfigRegistry(write_registry=ConfigRegistry.LDAP) configRegistry.load() found=0 @@ -53,24 +55,26 @@ if ldap_hostdn: if p1.returncode != 0: continue + updates = {} for line in result.split('\n'): line=line.strip(' ').strip('\n') if line.startswith('univentionLDAPServer='): new_ldap_server=line.replace('univentionLDAPServer=', '').replace('"','') if not found: ldap_server_name = configRegistry.get('ldap/server/name') - if not ldap_server_name: - out=univention.config_registry.handler_set(['ldap/server/name=%s' % new_ldap_server]) - elif not new_ldap_server == ldap_server_name: - out=univention.config_registry.handler_set(['ldap/server/name=%s' % new_ldap_server]) + if not ldap_server_name or new_ldap_server != ldap_server_name: + updates['ldap/server/name'] = new_ldap_server found=1 else: addition.append(new_ldap_server) - if addition: - out=univention.config_registry.handler_set(['ldap/server/addition=%s' % string.join(addition,' ')]) - else: - if configRegistry.get( 'ldap/server/addition' ): - out=univention.config_registry.handler_unset(['ldap/server/addition']) + + old = configRegistry.get('ldap/server/addition', '') + new = ' '.join(addition) + if new != old: + updates['ldap/server/addition'] = new + + if updates: + ucr_update(configRegistry, updates) sys.exit(0) -- 1.9.1