![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 5a44052333167114324dcd279159b63be6af772a..7d41ffd9586ea098f34505e041639ae356a5199a 100644 (file)
}
-function is_schema_readable($server, $admin, $password)
+function is_schema_readable($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE)
{
- $ds= ldap_connect ($server);
- if (!$ds) {
- return (false);
- }
- ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
- $r= ldap_bind ($ds, $admin, $password);
-
- /* Get base to look for schema */
- $sr = @ldap_read ($ds, NULL, "objectClass=*", array("subschemaSubentry"));
- $attr= @ldap_get_entries($ds,$sr);
- if (!isset($attr[0]['subschemasubentry'][0])){
- return (false);
- }
+ $ldap = new LDAP($admin, $password, $server, $follow_referrals, $tls);
+ $tmp = $ldap->get_objectclasses();
- $nb= $attr[0]['subschemasubentry'][0];
- $objectclasses= array();
- $sr= ldap_read ($ds, $nb, "objectClass=*", array("objectclasses"));
- $attrs= ldap_get_entries($ds,$sr);
- if (!isset($attrs[0])){
- return (false);
+ if(count($tmp)){
+ return(true);
}
- return(true);
+ return(false);
}
-function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false)
+function schema_check($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE, $aff=0, $CalledByIndexPhP=false)
{
global $config;
"gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
"gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
- "GOhard" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "gotoTerminal" => array("version" => "2.0", "class" => "terminals","file" => "goto.schema"),
+ "GOhard" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
+ "gotoTerminal" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
"goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"),
"goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
"goShareServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
@@ -92,35 +77,13 @@ function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false
"goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
);
- /* Build LDAP connection */
- $ds= ldap_connect ($server);
- if (!$ds) {
- return (array(array("msg" => _("Can't bind to LDAP. No schema check possible!"), "status" => FALSE)));
- }
- ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
- $r= ldap_bind ($ds, $admin, $password);
-
- /* Get base to look for schema */
- $sr = @ldap_read ($ds, NULL, "objectClass=*", array("subschemaSubentry"));
- $attr= @ldap_get_entries($ds,$sr);
- if (!isset($attr[0]['subschemasubentry'][0])){
+ /* Get objectclasses */
+ $ldap = new LDAP($admin,$password, $server, $follow_referrals, $tls);
+ $objectclasses = $ldap->get_objectclasses();
+ if(count($objectclasses) == 0){
return (array(array("msg" => _("Can't get schema information from server. No schema check possible!"), "status" => FALSE)));
}
- /* Get list of objectclasses */
- $nb= $attr[0]['subschemasubentry'][0];
- $objectclasses= array();
- $sr= ldap_read ($ds, $nb, "objectClass=*", array("objectclasses"));
- $attrs= ldap_get_entries($ds,$sr);
- if (!isset($attrs[0])){
- return (array(array("msg" => _("Can't get schema information from server. No schema check possible!"), "status" => FALSE)));
- }
- foreach ($attrs[0]['objectclasses'] as $val){
- $name= preg_replace("/^.* NAME\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $val);
- if ($name != $val){
- $objectclasses[$name]= $val;
- }
- }
/* Walk through objectclasses and check if they are needed or not */
foreach ($required_classes as $key => $value){
if (isset($value['class'])){
@@ -247,6 +210,16 @@ function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false
$affich['nagioscontact']['status']= true;
}
+ if ((!isset($objectclasses['apple-user'])) || (!isset($objectclasses['mount'])) ){
+ $messages['netatalk']['msg']= _("Support for netatalk disabled, no schema seems to be installed");
+ $affich['netatalk']['msg']= $messages['netatalk']['msg']."<td class=\"check\">apple.schema</td>";
+ $messages['netatalk']['status']= FALSE;
+ $affich['netatalk']['status']= FALSE;
+ }else{
+ $affich['netatalk']['msg']= _("Support for netatalk enabled")."<td class=\"check\">apple.schema</td>";
+ $affich['netatalk']['status']= true;
+ }
+
/* Fix for PHP Fehler "Undefined index: ldapconf"
* Ablaufverfolgung[1]: Funktion schema_check Datei: /home/hickert/gosa/include/functions_setup.inc (Zeile 230)
*/
$msg= "";
$msg.= "<h1>"._("PHP setup inspection")."</h1>";
+
$msg.= check ( $faults, _("Checking for PHP version (>=4.1.0)"),
_("PHP must be of version 4.1.0 or above for some functions and known bugs in PHP language."),
version_compare(phpversion(), "4.1.0")>=0);
$msg.= check ( $faults, _("Checking if register_globals is set to 'off'"),
_("register_globals is a PHP mechanism to register all global varibales to be accessible from scripts without changing the scope. This may be a security risk. GOsa will run in both modes."),
$check_globals == 0, FALSE);
+
+ $msg.= check ( $faults, _("PHP session.gc_maxlifetime (>= 86400 seconds)."),
+ _("PHP uses this value for the garbage collector to delete old sessions, setting this value to one day will prevent loosing session and cookie before they really timeout."),
+ ini_get("session.gc_maxlifetime") >= 86400,FALSE);
$msg.= check ( $faults, _("Checking for ldap module"),
_("This is the main module used by GOsa and therefore really required."),
$result= "<a href='http://de.php.net/manual/en/function.";
/* Replace all underscores with hyphens (phpdoc convention) */
+ /* hjb: added alternative check for GraphicsMagick >= 1.1.2 */
$function_name= str_replace("_", "-", $function_name);
/* Append to base URL */
$output= shell_exec ($query);
if ($output != ""){
$lines= split ("\n", $output);
- $version= preg_replace ("/^Version:.+Magick ([^\s]+).*/", "\\1", $lines[0]);
- list($major, $minor)= split("\.", $version);
- $msg.= check ( $faults, _("Checking for ImageMagick (>=5.4.0)"),
- _("ImageMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
- ($major > 5 || ($major == 5 && $minor >= 4)));
+ $version= preg_replace ("/^Version: (.+Magick) ([^\s]+).*/", "\\1 \\2", $lines[0]);
+ list($prog, $version) = split(" ", $version);
+ list($major, $minor,$minor2)= split("\.", $version);
+ if (preg_match('/GraphicsMagick/', $prog)) {
+ $msg.= check ( $faults, _("Checking for GraphicsMagick (>=1.1.2)"),
+ _("GraphicsMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
+ ($major > 1 || ($major == 1 && $minor >= 1) || ($major == 1 && $minor == 1 && $minor2 >= 2) ) );
+ } else {
+ $msg.= check ( $faults, _("Checking for ImageMagick (>=5.4.0)"),
+ _("ImageMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
+ ($major > 5 || ($major == 5 && $minor >= 4)));
+ }
} else {
$msg.= check ( $faults, _("Checking imagick module for PHP"),
_("Imagick is used to convert user supplied images to fit the suggested size and the unified JPEG format from PHP script."), function_exists('imagick_blob2image'), TRUE);
$possible_plugins['pureftp'][] = "'\n.*<tab.*pureftp.*>.*\n'i";
$possible_plugins['webdav'][] = "'\n.*<tab.*webdav.*>.*\n'i";
$possible_plugins['phpgroupware'][]= "'\n.*<tab.*phpgroupware.*>.*\n'i";
+ $possible_plugins['netatalk'][0] = "'\n.*<plugin.*netatalk+.*\n.*>.*\n'i";
+ $possible_plugins['netatalk'][1] = "'\n.*<tab.*netatalk.*>.*\n'i";
/*Header information
Needed to send the generated gosa.conf to the browser */
}
/* Data readed, types replaced, samba version detected and checked if
- we need to add SID and RIDBASE. Check if there is an ivbbEntry in
+ we need to add SID and RIDBASE. Check if there is an ivbbentry in
the LDAP tree, in this case we will set the governmentmode to true.
Create LDAP connection, to check if theres a domain Objekt definen
in the LDAP schema. */
}
/* Try to find a Samba Domain Objekt */
- $ldap->search("(objectClass=ivbbEntry)");
+ $ldap->search("(objectClass=ivbbentry)");
/* Something found ??? so we need to define ridbase an SID by ourselfs */
if($ldap->count()> 0) {
$str = str_replace("mailMethod=\"{MAILMETHOD}\"","",$str);
}
-
/* Remove all unused plugins */
- foreach($possible_plugins as $key=> $plugin) {
- foreach($plugin as $key=>$val) {
- if(in_array($plugin,$classes)) {
+ foreach(array_keys($possible_plugins) as $akey) {
+ if(array_key_exists($akey,$classes)) {
+ foreach($possible_plugins[$akey] as $key=>$val) {
$str = preg_replace($val,"\n",$str);
}
}
/* Show setup_page 1 */
function show_setup_page1($withoutput = true)
{
- $faults = array();
+ $faults = false;
+ $faults2 = false;
$smarty = get_smarty();
$smarty->assign ("content", get_template_path('setup_introduction.tpl'));
$smarty->assign ("tests", perform_php_checks($faults));
- $smarty->assign ("detailed_tests", perform_additional_function_checks($faults));
+ $smarty->assign ("detailed_tests", perform_additional_function_checks($faults2));
+
+ $faults = $faults || $faults2;
/* This var is true if anything went wrong */
if ($faults){
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$faults);
+ return ($faults);
}
/* Show setup_page 2 */
function show_setup_page2($withoutput = true)
{
- $faults = array();
+ $faults = false;
$smarty = get_smarty();
$smarty->assign ("content", get_template_path('setup_step2.tpl'));
$smarty->assign ("tests", perform_additional_checks($faults));
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$faults);
+ return ($faults);
}
/* No error till now */
$fault = false;
- /* If we pushed the Button continue */
- if(isset($_POST['continue3'])){
- if(!isset($uri)) {
- $fault = true;
-
- /* Output the Error */
- if($withoutput) {
- print_red (_("You've to specify an ldap server before continuing!"));
- $smarty->assign ("content", get_template_path('setup_step3.tpl'));
- }
- }
- } elseif (!$ds = @ldap_connect (validate($uri))) {
+ if (!$ds = @ldap_connect (validate($uri))) {
$fault =true;
/* Output the Error */
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$fault);
+ return ($fault);
}
function show_setup_page4($withoutput = true)
{
$smarty= get_smarty();
+ $checkvars = array("location", "admin", "password", "peopleou", "base",
+ "peopledn", "arr_crypts", "uidbase","errorlvl");
+
+ $fault = false;
+ $uri = $_SESSION['ldapconf']['uri'];
+ $ldapconf = $_SESSION['ldapconf'];
+ $arr_crypts= array();
+ $temp = "";
+
+ /* check POST data */
+ if(isset($_POST['check'])) {
+
+ /* Check if all needed vars are submitted */
+ foreach($checkvars as $key) {
+ if($key == "peopleou"){
+ continue;
+ }
+ if($key == "groupou"){
+ continue;
+ }
+
+ if((isset($_POST[$key]))&&(!empty($_POST[$key]))) {
+ $_SESSION['ldapconf'][$key] = $_POST[$key];
+ } else {
+ if($withoutput) {
+ print_red(sprintf(_("You're missing the required attribute '%s' from this formular. Please complete!"), $key));
+ }
+ $fault = true;
+ }
+ }
+ }
+
+ /* Transfer base */
+ if(isset($_POST['base'])){
+ $_SESSION['ldapconf']['base']= $_POST['base'];
+ }
// ?
if(!isset($_SESSION['ldapconf']['base'])){
}
require_once("class_password-methods.inc");
- $fault = false;
- $uri = $_SESSION['ldapconf']['uri'];
- $ldapconf = $_SESSION['ldapconf'];
- $arr_crypts= array();
- $temp = "";
- $checkvars = array("location", "admin", "password", "peopleou", "base",
- "peopledn", "arr_crypts", "mail", "uidbase","errorlvl");
-
if(!isset($_SESSION['ldapconf']['arr_cryptkeys'])) {
require_once("class_password-methods.inc");
$tmp= passwordMethod::get_available_methods_if_not_loaded();
/* If there are some empty vars in ldapconnect -
these values also represent out default values */
- if(!$ds = @ldap_connect (validate($uri))){
+ if(!$ds = @ldap_connect (validate($uri))){
$fault = true;
if($withoutput){
print_red (_("Can't connect to the specified LDAP server! Please make sure that is reachable for GOsa."));
} elseif(!@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)){
$fault = true;
if($withoutput){
- print_red (_("Can't bind to the specified LDAP server! Please make sure that it is reachable for GOsa."));
+ print_red (_("Can't set ldap protocol version 3."));
}
} elseif(!$r= @ldap_bind ($ds)){
$fault = true;
if($withoutput){
- print_red (_("Can't bind to the specified LDAP server! Please make sure that it is reachable for GOsa."));
+ print_red (_("Could not bind to the specified LDAP server! Please make sure that it is reachable for GOsa."));
}
} else {
- $sr= @ldap_search ($ds, NULL, "objectClass=*", array("namingContexts"));
+ $sr= @ldap_search ($r, NULL, "objectClass=*", array("namingContexts"));
$attr= @ldap_get_entries($ds,$sr);
if((empty($attr))) {
- $base= "dc=example,dc=net";
if($withoutput){
- print_red(_("Bind to server successful, but the server seems to be completly empty, please check all information twice"));
+# print_red(_("Bind to server successful, but the server seems to be completly empty, please check all information twice"));
}
} else {
if(!isset($_SESSION['ldapconf']['mail'])){
$_SESSION['ldapconf']['mail']= 0;
}
- $tmp= array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
- if(!isset($_SESSION['ldapconf']['arr_crypts'])){
- $_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
+ if(!isset($_SESSION['ldapconf']['follow_referrals'])){
+ $_SESSION['ldapconf']['follow_referrals']= FALSE;
}
-
- /* check POST data */
- if(isset($_POST['check'])) {
-
- /* Check if all needed vars are submitted */
- foreach($checkvars as $key) {
- if($key == "peopleou"){
- continue;
- }
- if($key == "groupou"){
- continue;
- }
-
- if((isset($_POST[$key]))&&($_POST[$key]!="")) {
- $_SESSION['ldapconf'][$key] = $_POST[$key];
- } else {
- if($withoutput) {
- print_red(sprintf(_("You're missing the required attribute '%s' from this formular. Please complete!"), $key));
- }
- $fault = true;
- }
- }
+ if(!isset($_SESSION['ldapconf']['tls'])){
+ $_SESSION['ldapconf']['tls']= FALSE;
}
- /* Transfer base */
- if(isset($_POST['base'])){
- $_SESSION['ldapconf']['base']= $_POST['base'];
+ $tmp= array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
+ if(!isset($_SESSION['ldapconf']['arr_crypts'])){
+ $_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
}
$smarty->assign("arr_cryptkeys",$_SESSION['ldapconf']['arr_cryptkeys']);
$smarty->assign($key,$val);
}
- if(isset($_POST['check'])) {
+ if(isset($_POST['check']) || (isset($_POST['admin'])) && isset($_POST['password'])) {
$ldap= new LDAP($_SESSION['ldapconf']['admin'],
$_SESSION['ldapconf']['password'],
- $_SESSION['ldapconf']['uri']);
+ $_SESSION['ldapconf']['uri'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
$m= schema_check($_SESSION['ldapconf']['uri'],
$_SESSION['ldapconf']['admin'],
- $_SESSION['ldapconf']['password']);
+ $_SESSION['ldapconf']['password'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
+
$_SESSION['classes']= $m;
- if(!is_schema_readable($ldapconf['uri'],$ldapconf['admin'],$ldapconf['password'])){
+ //TODO: Ask user for referrals and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+ if(!is_schema_readable($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'])){
if($withoutput){
print_red(_("Can't read schema informations, GOsa needs to know your schema setup. Please verify that it is readable for GOsa"));
}
if($withoutput){
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$fault);
+
+ return ($fault);
}
$smarty->assign("webgroup", $info['name']);
$smarty->assign("path", CONFIG_DIR);
$message= "<table summary=\"\" class=\"check\">";
- $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'],1);
+
+ //TODO:Ask user for referral and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+
+ $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'], 1);
if($withoutput) {
$smarty->assign ("schemas", view_schema_check($m));
We check that, if this user or group is missing we ask for creating them */
$ldap= new LDAP($_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password'], $_SESSION['ldapconf']['uri']);
- /*
- Now we are testing for a group, with the rights :all
- */
-
+ /* Now we are testing for a group, with the rights :all */
$ldap->cd($ldapconf['base']);
$ldap->search("(&(objectClass=gosaObject)(gosaSubtreeACL=:all))");
$group_cnt = $ldap->count();
$data = $ldap->fetch();
-// $str_there = "Searching for Aminitrative users <br><br>";
-
- /*
- We need to create administrative user and group because theres no group found
- */
+ /* We need to create administrative user and group because there was no group found */
if($group_cnt < 1) {
- /*
- Set var to create user
- */
-// $str_there = "no group found<br>";
-
$need_to_create_group = true;
$need_to_create_user = true;
-
/* Output error */
- if(($withoutput)&&(!isset($_POST['new_admin']))){
- print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
- }
+# if(($withoutput)&&(!isset($_POST['new_admin']))){
+# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
+# }
} else {
-// $str_there = "Group found <br>".$data['dn'];
-
$need_to_create_group = false;
-
$ldap->clearResult();
- /* We found an Administrative Group, is there a user, too */
+ /* We found an Administrative Group, is there a user too ? */
if(isset($data['memberUid'][0])) {
- $str = "uid=".$data['memberUid']['0'];
+ $str = "uid=".$data['memberUid']['0'];
$ldap->search("(&(objectClass=gosaAccount)(objectClass=person)(".$str."))");
- $data2 = $ldap->fetch();
+ $data2 = $ldap->fetch();
/* We must create a user */
if (($ldap->count() < 1)||(!isset($data2))) {
-// $str_there.="Missing user";
-
$need_to_create_user = true;
-
- if(($withoutput)&&(!isset($_POST['new_admin']))){
- print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
- }
+# if(($withoutput)&&(!isset($_POST['new_admin']))){
+# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
+# }
}else {
-// $str_there.="<br>User found <br>".$data2['dn'];
$need_to_create_user = false;
}
} else {
$need_to_create_user=true;
- if(($withoutput)&&(!isset($_POST['new_admin']))){
- print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
- }
-// $str_there.="<br>No User found <br>";
+# if(($withoutput)&&(!isset($_POST['new_admin']))){
+# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
+# }
}
}
$ldap->cd($dn);
$ldap->add($arr);
if($ldap->error!="Success"){
- print_red($ldap->error);
- print_red("Can't create user, and / or Group, possibly this problem depends on an empty LDAP server. Check your configuration and try again!");
+ show_ldap_error($ldap->get_error(),_("User and/or group could not be created, please check your configuration twice !"));
}
}
}
return(true);
} else {
- if((!isset($create_user))||(!($create_user))) {
+ if((!isset($need_to_create_user))||(!($need_to_create_user))) {
$smarty->assign ("content", get_template_path('setup_useradmin.tpl'));
$smarty->assign("exists",true);
} else {