Compare commits

...

4 Commits

7 changed files with 93 additions and 34 deletions

1
debian/compat vendored Normal file
View File

@ -0,0 +1 @@
7

14
debian/control vendored Normal file
View File

@ -0,0 +1,14 @@
Source: eole-cadolesldap
Section: web
Priority: optional
Maintainer: CADOLES <contact@cadoles.com>
Build-Depends: debhelper (>= 7.0.50)
Standards-Version: 3.8.4
Homepage: https://forge.cadoles.com/Cadoles/cadolesldap
Vcs-Git: https://forge.cadoles.com/Cadoles/cadolesldap.git
Vcs-Browser: https://forge.cadoles.com/Cadoles/cadolesldap.git
Package: eole-cadolesldap
Architecture: all
Depends: ${misc:Depends}, eole-annuaire
Description: Templates cadolesldap.

44
debian/copyright vendored Normal file
View File

@ -0,0 +1,44 @@
Format: http://dep.debian.net/deps/dep5
Upstream-Name: {PROJECT}
Source: {URL}
Files: *
Copyright: YEAR {UPSTREAM} {AUTHOR} <{MAIL}>
License: {UPSTREAM LICENSE}
Files: debian/*
Copyright: Cadoles <contact@cadoles.com>
License: CeCILL-2
License: {UPSTREAM LICENSE}
{TEXT OF THE LICENSE}
License: CeCILL-2
This software is governed by the CeCILL-2 license under French law and
abiding by the rules of distribution of free software. You can use,
modify and or redistribute the software under the terms of the CeCILL-2
license as circulated by CEA, CNRS and INRIA at the following URL
"http://www.cecill.info";.
.
As a counterpart to the access to the source code and rights to copy,
modify and redistribute granted by the license, users are provided only
with a limited warranty and the software's author, the holder of the
economic rights, and the successive licensors have only limited
liability.
.
In this respect, the user's attention is drawn to the risks associated
with loading, using, modifying and/or developing or reproducing the
software by the user in light of its specific status of free software,
that may mean that it is complicated to manipulate, and that also
therefore means that it is reserved for developers and experienced
professionals having in-depth computer knowledge. Users are therefore
encouraged to load and test the software's suitability as regards their
requirements in conditions enabling the security of their systems and/or
data to be ensured and, more generally, to use and operate it in the
same conditions as regards security.
.
The fact that you are presently reading this means that you have had
knowledge of the CeCILL-2 license and that you accept its terms.
.
On Eole systems, the complete text of the CeCILL-2 License can be found
in '/usr/share/common-licenses/CeCILL-2-en'.

3
debian/gbp.conf vendored Normal file
View File

@ -0,0 +1,3 @@
# Set per distribution debian tag
[DEFAULT]
debian-tag = debian/envole/%(version)s

20
debian/rules vendored Executable file
View File

@ -0,0 +1,20 @@
#!/usr/bin/make -f
# -*- makefile -*-
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
%:
dh $@
override_dh_install:
dh_install -peole-draaf --exclude=slapd.conf.patch \
--exclude=cas.inc.php.tmpl.patch \
--exclude=25-bdd-admin \
--exclude=25_bdd_server.xml
dh_install -pdraaf-apps
dh_install -pdraaf-lemontheme
dh_install -pdraaf-envoletheme
dh_install -pdraaf-ldap
dh_install -pdraaf-patchsso
dh_install -pdraaf-bdd

1
debian/source/format vendored Normal file
View File

@ -0,0 +1 @@
3.0 (native)

View File

@ -1,26 +1,14 @@
--- distrib/slapd.conf 2019-06-04 11:18:04.000000000 +0200 --- distrib/slapd.conf 2019-06-04 11:18:04.000000000 +0200
+++ modif/slapd.conf 2021-01-12 11:06:19.496162295 +0100 +++ modif/slapd.conf 2020-03-24 09:10:44.724586266 +0100
@@ -23,11 +23,19 @@ @@ -23,6 +23,7 @@
%elif %%ldap_schema == 'zephir' %elif %%ldap_schema == 'zephir'
include /etc/ldap/schema/openldap.schema include /etc/ldap/schema/openldap.schema
%end if %end if
+include /etc/ldap/schema/cadoles.schema +include /etc/ldap/schema/cadoles.schema
## Support du TLS ## Support du TLS
+%if %%cert_type == "manuel"
+TLSCertificateFile %%server_cert
+TLSCertificateKeyFile %%server_key
+TLSCACertificateFile %%server_pem
+%else
TLSCertificateFile /etc/ldap/ssl/certs/openldap.crt TLSCertificateFile /etc/ldap/ssl/certs/openldap.crt
TLSCertificateKeyFile /etc/ldap/ssl/private/openldap.key @@ -46,6 +47,7 @@
TLSCACertificateFile /etc/ssl/certs/ca.crt
+%end if
+
TLSVerifyClient never
TLSCipherSuite SECURE256:+SIGN-ALL:-VERS-SSL3.0:!AES-128-CBC:!3DES-CBC:!DES-CBC:!ARCFOUR-128:!ARCFOUR-40:!RC2-40:!CAMELLIA-128-CBC:!NULL
@@ -46,6 +54,7 @@
%if %%ldap_replication == 'oui' or %%ldap_replication_client == 'oui' %if %%ldap_replication == 'oui' or %%ldap_replication_client == 'oui'
moduleload syncprov moduleload syncprov
%end if %end if
@ -28,23 +16,11 @@
# Sample security restrictions # Sample security restrictions
# Require integrity protection (prevent hijacking) # Require integrity protection (prevent hijacking)
@@ -80,6 +89,7 @@ @@ -219,3 +221,7 @@
# compatibilite EAD1 et appli PHP
allow bind_v2
+allow bind_anon_dn
database bdb
# The base of your directory
@@ -216,6 +226,10 @@
syncprov-sessionlog 100
%end if
+overlay memberof
+memberof-group-oc cadolesGroup
+memberof-member-ad cadolesMember
+
%if %%ldap_replication_client == 'oui' %if %%ldap_replication_client == 'oui'
include /etc/ldap/replication.conf include /etc/ldap/replication.conf
%end if %end if
+
+overlay memberof
+memberof-group-oc cadolesGroup
+memberof-member-ad cadolesMember