|
|
|---|
| 42 |
import subprocess |
42 |
import subprocess |
| 43 |
import os |
43 |
import os |
| 44 |
import fcntl |
44 |
import fcntl |
| 45 |
import copy |
|
|
| 46 |
|
45 |
|
| 47 |
import univention.debug |
46 |
import univention.debug |
| 48 |
import univention.misc |
47 |
import univention.misc |
|
Lines 171-182
def process_dellog(dn):
|
Link Here
|
|---|
|
|---|
| 171 |
return (timestamp, dellog_id, modifier, action) |
170 |
return (timestamp, dellog_id, modifier, action) |
| 172 |
|
171 |
|
| 173 |
|
172 |
|
| 174 |
def handler(dn, new, old): |
173 |
def handler(dn, new_copy, old_copy): |
| 175 |
# Copy dictonaries because they will be modified |
174 |
if not listener.configRegistry.is_true('ldap/logging'): |
| 176 |
# see https://forge.univention.org/bugzilla/show_bug.cgi?id=22564 for details |
|
|
| 177 |
new_copy = copy.deepcopy(new) |
| 178 |
old_copy = copy.deepcopy(old) |
| 179 |
|
| 180 |
if listener.configRegistry['ldap/logging'] != 'yes': |
| 181 |
return |
175 |
return |
| 182 |
|
176 |
|
|
Lines 142-158
def handler(dn, new_copy, old_copy):
|
Link Here
|
|---|
|
|---|
| 142 |
if not listener.configRegistry.is_true('ldap/logging'): |
142 |
if not listener.configRegistry.is_true('ldap/logging'): |
| 143 |
return |
143 |
return |
| 144 |
|
144 |
|
| 145 |
# check for exclusion |
|
|
| 146 |
skip = 0 |
| 147 |
excludeKeys = [key for key in listener.configRegistry.keys() if excludeKeyPattern.search(key)] |
| 148 |
exclude = [listener.configRegistry[key] for key in excludeKeys] |
| 149 |
for base in exclude: |
| 150 |
if dn.rfind(base) != -1: |
| 151 |
skip = 1 |
| 152 |
|
| 153 |
listener.setuid(0) |
145 |
listener.setuid(0) |
| 154 |
try: |
146 |
try: |
| 155 |
if skip == 1: |
147 |
# check for exclusion |
|
|
148 |
if any( |
| 149 |
value in dn |
| 150 |
for key, value in listener.configRegistry.iteritems() |
| 151 |
if excludeKeyPattern.match(key) |
| 152 |
): |
| 156 |
if not new_copy: # there should be a dellog entry to remove |
153 |
if not new_copy: # there should be a dellog entry to remove |
| 157 |
process_dellog(dn) |
154 |
process_dellog(dn) |
| 158 |
# important: don't return a thing, otherwise this dn |
155 |
# important: don't return a thing, otherwise this dn |
|
Lines 168-181
def handler(dn, new_copy, old_copy):
|
Link Here
|
|---|
|
|---|
| 168 |
previoushash = cachefile.read() |
168 |
previoushash = cachefile.read() |
| 169 |
|
169 |
|
| 170 |
# get ID |
170 |
# get ID |
| 171 |
f = open(notifier_id, 'r') |
171 |
with open(notifier_id, 'r') as f: |
| 172 |
id = int(f.read()) + 1 |
172 |
id = int(f.read()) + 1 |
| 173 |
# matches notifier transaction id. Tested for UCS 1.3-2 and 2.0. |
173 |
# matches notifier transaction id. Tested for UCS 1.3-2 and 2.0. |
| 174 |
# Note about 1.3-2: |
174 |
# Note about 1.3-2: |
| 175 |
# For user removal this matches with ++last_id as seen by the dellog overlay, |
175 |
# For user removal this matches with ++last_id as seen by the dellog overlay, |
| 176 |
# but for user create dellog sees id-1, i.e. last_id has already been incremented before |
176 |
# but for user create dellog sees id-1, i.e. last_id has already been incremented before |
| 177 |
# we see it here |
177 |
# we see it here |
| 178 |
f.close() |
|
|
| 179 |
|
178 |
|
| 180 |
# 2. generate log record |
179 |
# 2. generate log record |
| 181 |
if new_copy: |
180 |
if new_copy: |
|
Lines 209-219
def handler(dn, new_copy, old_copy):
|
Link Here
|
|---|
|
|---|
| 209 |
record += endtag |
208 |
record += endtag |
| 210 |
|
209 |
|
| 211 |
# 3. write log file record |
210 |
# 3. write log file record |
| 212 |
try: |
211 |
with open(logname, 'a') as logfile: # append |
| 213 |
logfile = open(logname, 'a') # append |
|
|
| 214 |
logfile.write(record) |
212 |
logfile.write(record) |
| 215 |
finally: |
|
|
| 216 |
logfile.close() |
| 217 |
# 4. calculate nexthash, omitting the final line break to make validation of the |
213 |
# 4. calculate nexthash, omitting the final line break to make validation of the |
| 218 |
# record more intituive |
214 |
# record more intituive |
| 219 |
nexthash = hashlib.new(digest, record[:-1]).hexdigest() |
215 |
nexthash = hashlib.new(digest, record[:-1]).hexdigest() |
|
|
|---|
| 279 |
record += endtag |
275 |
record += endtag |
| 280 |
|
276 |
|
| 281 |
# 3. write log file record |
277 |
# 3. write log file record |
| 282 |
try: |
278 |
with open(logname, 'a') as logfile: # append |
| 283 |
logfile = open(logname, 'a') # append |
|
|
| 284 |
logfile.write(record) |
279 |
logfile.write(record) |
| 285 |
finally: |
|
|
| 286 |
logfile.close() |
| 287 |
|
| 288 |
# 4. calculate initial hash |
280 |
# 4. calculate initial hash |
| 289 |
nexthash = hashlib.new(digest, record).hexdigest() |
281 |
nexthash = hashlib.new(digest, record).hexdigest() |
| 290 |
# 5. cache nexthash (the actual logfile might be logrotated away..) |
282 |
# 5. cache nexthash (the actual logfile might be logrotated away..) |
|
Lines 222-231
def handler(dn, new_copy, old_copy):
|
Link Here
|
|---|
|
|---|
| 222 |
listener.unsetuid() |
222 |
listener.unsetuid() |
| 223 |
|
223 |
|
| 224 |
|
224 |
|
| 225 |
def createFile(filename, withdirs=False): |
225 |
def createFile(filename): |
| 226 |
global uidNumber |
|
|
| 227 |
global gidNumber |
226 |
global gidNumber |
| 228 |
global preferedGroup |
|
|
| 229 |
|
227 |
|
| 230 |
if gidNumber == 0: |
228 |
if gidNumber == 0: |
| 231 |
try: |
229 |
try: |