|
42 |
import subprocess |
42 |
import subprocess |
43 |
import os |
43 |
import os |
44 |
import fcntl |
44 |
import fcntl |
45 |
import copy |
|
|
46 |
|
45 |
|
47 |
import univention.debug |
46 |
import univention.debug |
48 |
import univention.misc |
47 |
import univention.misc |
Lines 171-182
def process_dellog(dn):
|
Link Here
|
---|
|
171 |
return (timestamp, dellog_id, modifier, action) |
170 |
return (timestamp, dellog_id, modifier, action) |
172 |
|
171 |
|
173 |
|
172 |
|
174 |
def handler(dn, new, old): |
173 |
def handler(dn, new_copy, old_copy): |
175 |
# Copy dictonaries because they will be modified |
174 |
if not listener.configRegistry.is_true('ldap/logging'): |
176 |
# see https://forge.univention.org/bugzilla/show_bug.cgi?id=22564 for details |
|
|
177 |
new_copy = copy.deepcopy(new) |
178 |
old_copy = copy.deepcopy(old) |
179 |
|
180 |
if listener.configRegistry['ldap/logging'] != 'yes': |
181 |
return |
175 |
return |
182 |
|
176 |
|
Lines 142-158
def handler(dn, new_copy, old_copy):
|
Link Here
|
---|
|
142 |
if not listener.configRegistry.is_true('ldap/logging'): |
142 |
if not listener.configRegistry.is_true('ldap/logging'): |
143 |
return |
143 |
return |
144 |
|
144 |
|
145 |
# check for exclusion |
|
|
146 |
skip = 0 |
147 |
excludeKeys = [key for key in listener.configRegistry.keys() if excludeKeyPattern.search(key)] |
148 |
exclude = [listener.configRegistry[key] for key in excludeKeys] |
149 |
for base in exclude: |
150 |
if dn.rfind(base) != -1: |
151 |
skip = 1 |
152 |
|
153 |
listener.setuid(0) |
145 |
listener.setuid(0) |
154 |
try: |
146 |
try: |
155 |
if skip == 1: |
147 |
# check for exclusion |
|
|
148 |
if any( |
149 |
value in dn |
150 |
for key, value in listener.configRegistry.iteritems() |
151 |
if excludeKeyPattern.match(key) |
152 |
): |
156 |
if not new_copy: # there should be a dellog entry to remove |
153 |
if not new_copy: # there should be a dellog entry to remove |
157 |
process_dellog(dn) |
154 |
process_dellog(dn) |
158 |
# important: don't return a thing, otherwise this dn |
155 |
# important: don't return a thing, otherwise this dn |
Lines 168-181
def handler(dn, new_copy, old_copy):
|
Link Here
|
---|
|
168 |
previoushash = cachefile.read() |
168 |
previoushash = cachefile.read() |
169 |
|
169 |
|
170 |
# get ID |
170 |
# get ID |
171 |
f = open(notifier_id, 'r') |
171 |
with open(notifier_id, 'r') as f: |
172 |
id = int(f.read()) + 1 |
172 |
id = int(f.read()) + 1 |
173 |
# matches notifier transaction id. Tested for UCS 1.3-2 and 2.0. |
173 |
# matches notifier transaction id. Tested for UCS 1.3-2 and 2.0. |
174 |
# Note about 1.3-2: |
174 |
# Note about 1.3-2: |
175 |
# For user removal this matches with ++last_id as seen by the dellog overlay, |
175 |
# For user removal this matches with ++last_id as seen by the dellog overlay, |
176 |
# but for user create dellog sees id-1, i.e. last_id has already been incremented before |
176 |
# but for user create dellog sees id-1, i.e. last_id has already been incremented before |
177 |
# we see it here |
177 |
# we see it here |
178 |
f.close() |
|
|
179 |
|
178 |
|
180 |
# 2. generate log record |
179 |
# 2. generate log record |
181 |
if new_copy: |
180 |
if new_copy: |
Lines 209-219
def handler(dn, new_copy, old_copy):
|
Link Here
|
---|
|
209 |
record += endtag |
208 |
record += endtag |
210 |
|
209 |
|
211 |
# 3. write log file record |
210 |
# 3. write log file record |
212 |
try: |
211 |
with open(logname, 'a') as logfile: # append |
213 |
logfile = open(logname, 'a') # append |
|
|
214 |
logfile.write(record) |
212 |
logfile.write(record) |
215 |
finally: |
|
|
216 |
logfile.close() |
217 |
# 4. calculate nexthash, omitting the final line break to make validation of the |
213 |
# 4. calculate nexthash, omitting the final line break to make validation of the |
218 |
# record more intituive |
214 |
# record more intituive |
219 |
nexthash = hashlib.new(digest, record[:-1]).hexdigest() |
215 |
nexthash = hashlib.new(digest, record[:-1]).hexdigest() |
|
279 |
record += endtag |
275 |
record += endtag |
280 |
|
276 |
|
281 |
# 3. write log file record |
277 |
# 3. write log file record |
282 |
try: |
278 |
with open(logname, 'a') as logfile: # append |
283 |
logfile = open(logname, 'a') # append |
|
|
284 |
logfile.write(record) |
279 |
logfile.write(record) |
285 |
finally: |
|
|
286 |
logfile.close() |
287 |
|
288 |
# 4. calculate initial hash |
280 |
# 4. calculate initial hash |
289 |
nexthash = hashlib.new(digest, record).hexdigest() |
281 |
nexthash = hashlib.new(digest, record).hexdigest() |
290 |
# 5. cache nexthash (the actual logfile might be logrotated away..) |
282 |
# 5. cache nexthash (the actual logfile might be logrotated away..) |
Lines 222-231
def handler(dn, new_copy, old_copy):
|
Link Here
|
---|
|
222 |
listener.unsetuid() |
222 |
listener.unsetuid() |
223 |
|
223 |
|
224 |
|
224 |
|
225 |
def createFile(filename, withdirs=False): |
225 |
def createFile(filename): |
226 |
global uidNumber |
|
|
227 |
global gidNumber |
226 |
global gidNumber |
228 |
global preferedGroup |
|
|
229 |
|
227 |
|
230 |
if gidNumber == 0: |
228 |
if gidNumber == 0: |
231 |
try: |
229 |
try: |