ldap/admin/src/scripts/DSCreate.pm.in | 10 ++++++++++
ldap/admin/src/scripts/DSUtil.pm.in | 33 +++++++++++++++++++++++++++++++--
2 files changed, 41 insertions(+), 2 deletions(-)
New commits:
commit a36c6df3732a13b2c09832136dd705a07b55d08f
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Tue Mar 1 13:30:19 2011 -0800
Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically
When the SuiteSpotGroup directive is not specified in the inf file
used by setup, the group permissions do not get set on certain
directories (such as the rundir). This can break instances if you
are running more than one on the same system.
This patch makes setup use the primary group of the SuiteSpot
user if the group is not specified. I also added validation of
the group parameter.
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in
b/ldap/admin/src/scripts/DSCreate.pm.in
index bda23a5..fcad74d 100644
--- a/ldap/admin/src/scripts/DSCreate.pm.in
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
@@ -121,6 +121,10 @@ sub sanityCheckParams {
return @errs;
}
+ if (@errs = isValidGroup($inf->{General}->{SuiteSpotGroup})) {
+ return @errs;
+ }
+
if (!isValidDN($inf->{slapd}->{Suffix})) {
return ('dialog_dssuffix_error', $inf->{slapd}->{Suffix});
}
@@ -795,6 +799,12 @@ sub setDefaults {
# otherwise, the uid must be specified
}
+ if (!$inf->{General}->{SuiteSpotGroup}) {
+ # If the group wasn't specified, use the primary group
+ # of the SuiteSpot user
+ $inf->{General}->{SuiteSpotGroup} =
getGroup($inf->{General}->{SuiteSpotUserID});
+ }
+
if (!$inf->{slapd}->{RootDN}) {
$inf->{slapd}->{RootDN} = "cn=Directory Manager";
}
diff --git a/ldap/admin/src/scripts/DSUtil.pm.in b/ldap/admin/src/scripts/DSUtil.pm.in
index 04d6f7b..e65f7e0 100644
--- a/ldap/admin/src/scripts/DSUtil.pm.in
+++ b/ldap/admin/src/scripts/DSUtil.pm.in
@@ -48,11 +48,13 @@ require Exporter;
@EXPORT = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries addErr
getHashedPassword debug createInfFromConfig shellEscape
- isValidServerID isValidUser makePaths getLogin remove_tree
remove_pidfile);
+ isValidServerID isValidUser isValidGroup makePaths getLogin getGroup
+ remove_tree remove_pidfile);
@EXPORT_OK = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries addErr
getHashedPassword debug createInfFromConfig shellEscape
- isValidServerID isValidUser makePaths getLogin remove_tree
remove_pidfile);
+ isValidServerID isValidUser isValidGroup makePaths getLogin getGroup
+ remove_tree remove_pidfile);
use strict;
@@ -124,6 +126,13 @@ sub getLogin {
return (getpwuid($>))[0] || $ENV{USER} || confess "Error: could not determine
the current user ID: $!";
}
+# Look up the primary group name for the supplied user
+sub getGroup {
+ my $user = shift;
+ my $gid = (getpwnam($user))[3] || confess "Error: could not determine the
current group ID: $!";
+ return (getgrgid($gid))[0] || confess "Error: could not determine the current
group name: $!";
+}
+
sub isValidUser {
my $user = shift;
# convert numeric uid to string
@@ -152,6 +161,26 @@ sub isValidUser {
return ();
}
+sub isValidGroup {
+ my $group = shift;
+ my $ngid;
+ # convert numeric gid to string
+ my $strans = $group;
+ if ($group =~ /^\d+$/) { # numeric - convert to string
+ $strans = (getgrgid($group))[0];
+ if (!$strans) {
+ return ("dialog_ssgroup_error", $group);
+ }
+ }
+ # ensure the specified group is a defined group
+ $ngid = getgrnam $strans;
+ if (!defined($ngid)) {
+ return ("dialog_ssgroup_error", $group);
+ }
+
+ return ();
+}
+
# delete the subtree starting from the passed entry
sub delete_all
{
Show replies by date