mise à jour des excercices tronc-commun-2
This commit is contained in:
parent
7157bb6725
commit
15f0448816
|
@ -1,26 +0,0 @@
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
|
||||||
<creole>
|
|
||||||
<files>
|
|
||||||
<file name='/etc/sysconfig/eole/services/4_ircd.srv'/>
|
|
||||||
<service servicelist="ircd">ircd</service>
|
|
||||||
</files>
|
|
||||||
<variables>
|
|
||||||
<family name='services'>
|
|
||||||
<variable name='activate_ircd' type='string' description="Activer IRCD">
|
|
||||||
<value>non</value>
|
|
||||||
</variable>
|
|
||||||
</family>
|
|
||||||
</variables>
|
|
||||||
<constraints>
|
|
||||||
<check name='valid_enum' target='activate_ircd'>
|
|
||||||
<param>['oui','non']</param>
|
|
||||||
</check>
|
|
||||||
<condition name='hidden_if_in' source='activate_ircd'>
|
|
||||||
<param>non</param>
|
|
||||||
<target type='servicelist'>ircd</target>
|
|
||||||
</condition>
|
|
||||||
</constraints>
|
|
||||||
<help>
|
|
||||||
</help>
|
|
||||||
</creole>
|
|
||||||
|
|
|
@ -1,33 +0,0 @@
|
||||||
<creole>
|
|
||||||
<containers>
|
|
||||||
<container name="web">
|
|
||||||
<file name='/etc/phpldapadmin/apache.conf'/>
|
|
||||||
<file name='/etc/phpldapadmin/config.php' source='phpldapadmin.php' filelist='phpldapadmin'/>
|
|
||||||
<package>phpldapadmin</package>
|
|
||||||
</container>
|
|
||||||
</containers>
|
|
||||||
<variables>
|
|
||||||
|
|
||||||
<family name='applications web'>
|
|
||||||
<variable name='activate_phpldapadmin' type='oui/non' description="Activer phpldapadmin">
|
|
||||||
<value>non</value>
|
|
||||||
</variable>
|
|
||||||
</family>
|
|
||||||
<family name='phpldapadmin'>
|
|
||||||
<variable name="phpldapadmin_host" type="string" description="Adresse IP ou DNS du serveur ldap" mandatory="True">
|
|
||||||
<value>localhost</value>
|
|
||||||
</variable>
|
|
||||||
<variable name="phpldapadmin_name" type="string" description="Nom du serveur ldap"/>
|
|
||||||
</family>
|
|
||||||
</variables>
|
|
||||||
<constraints>
|
|
||||||
<condition name='disabled_if_in' source='activate_phpldapadmin'>
|
|
||||||
<param>non</param>
|
|
||||||
<target type='family'>phpldapadmin</target>
|
|
||||||
<target type='filelist'>phpldapadmin</target>
|
|
||||||
</condition>
|
|
||||||
</constraints>
|
|
||||||
<help>
|
|
||||||
</help>
|
|
||||||
</creole>
|
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
%if %%activate_phpldapadmin == 'oui'
|
|
||||||
|
|
||||||
...
|
|
||||||
|
|
||||||
%end if
|
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
...
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Define your LDAP servers in this section */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
%if %%getVar("phpldapadmin_name", "") == ""
|
|
||||||
$ldapservers->SetValue(0,'server','name','Serveur LDAP');
|
|
||||||
%else
|
|
||||||
$ldapservers->SetValue(0,'server','name','%%phpldapadmin_name');
|
|
||||||
%end if
|
|
||||||
|
|
||||||
$ldapservers->SetValue(0,'server','host','ldap://%%phpldapadmin_host');
|
|
||||||
|
|
||||||
$ldapservers->SetValue(0,'server','tls',false);
|
|
||||||
|
|
||||||
...
|
|
|
@ -1,37 +0,0 @@
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
|
||||||
<creole>
|
|
||||||
<containers>
|
|
||||||
<container name="web">
|
|
||||||
<file name='/etc/phpldapadmin/apache.conf'/>
|
|
||||||
<file name='/etc/phpldapadmin/config.php' source='phpldapadmin.php' filelist='phpldapadmin'/>
|
|
||||||
<package>phpldapadmin</package>
|
|
||||||
</container>
|
|
||||||
</containers>
|
|
||||||
<variables>
|
|
||||||
|
|
||||||
<family name='applications web'>
|
|
||||||
<variable name='activate_phpldapadmin' type='oui/non' description="Activer phpldapadmin">
|
|
||||||
<value>non</value>
|
|
||||||
</variable>
|
|
||||||
</family>
|
|
||||||
<family name='phpldapadmin'>
|
|
||||||
<variable name="phpldapadmin_host" type="string" description="Adresse IP ou DNS du serveur ldap" multi='True' mandatory="True">
|
|
||||||
<value>localhost</value>
|
|
||||||
</variable>
|
|
||||||
<variable name="phpldapadmin_name" type="string" description="Nom du serveur ldap" mandatory="True"/>
|
|
||||||
</family>
|
|
||||||
</variables>
|
|
||||||
<constraints>
|
|
||||||
<condition name='disabled_if_in' source='activate_phpldapadmin'>
|
|
||||||
<param>non</param>
|
|
||||||
<target type='family'>phpldapadmin</target>
|
|
||||||
<target type='filelist'>phpldapadmin</target>
|
|
||||||
</condition>
|
|
||||||
<group master='phpldapadmin_host'>
|
|
||||||
<slave>phpldapadmin_name</slave>
|
|
||||||
</group>
|
|
||||||
</constraints>
|
|
||||||
<help>
|
|
||||||
</help>
|
|
||||||
</creole>
|
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
/*********************************************/
|
|
||||||
/* Define your LDAP servers in this section */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
%for %%phpldapadmin in %%phpldapadmin_host
|
|
||||||
%if %%phpldapadmin.phpldapadmin_name == ""
|
|
||||||
$ldapservers->SetValue(0,'server','name','Serveur LDAP');
|
|
||||||
%else
|
|
||||||
$ldapservers->SetValue(0,'server','name','%%phpldapadmin.phpldapadmin_name');
|
|
||||||
%end if
|
|
||||||
|
|
||||||
$ldapservers->SetValue(0,'server','host','ldap://%%phpldapadmin');
|
|
||||||
|
|
||||||
$ldapservers->SetValue(0,'server','tls',false);
|
|
||||||
%end for
|
|
||||||
|
|
||||||
...
|
|
|
@ -1,36 +0,0 @@
|
||||||
#!/usr/bin/env python
|
|
||||||
# -*- coding: utf-8 -*-
|
|
||||||
###########################################################################
|
|
||||||
# Eole NG - 2007
|
|
||||||
# Copyright Pole de Competence Eole (Ministere Education - Academie Dijon)
|
|
||||||
# Licence CeCill cf /root/LicenceEole.txt
|
|
||||||
# eole@ac-dijon.fr
|
|
||||||
#
|
|
||||||
# test_perso.zephir
|
|
||||||
#
|
|
||||||
# exemple de script personnalisé pour le client zephir
|
|
||||||
#
|
|
||||||
###########################################################################
|
|
||||||
|
|
||||||
import os, sys
|
|
||||||
from zephir.lib_zephir import *
|
|
||||||
from creole import fonctionseole
|
|
||||||
|
|
||||||
if fonctionseole.init_proc('PERSO') == False:
|
|
||||||
fonctionseole.zephir("MSG" , "procédure sample bloquée par zephir", "PERSO")
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
fonctionseole.zephir("INIT" , "script test_perso en cours d'execution", "PERSO")
|
|
||||||
|
|
||||||
try:
|
|
||||||
message = sys.argv[1]
|
|
||||||
fonctionseole.zephir("MSG" , "sample lancé avec l'argument %s" % message, "PERSO")
|
|
||||||
except:
|
|
||||||
fonctionseole.zephir("ERR" , "sample lancé sans argument", "PERSO")
|
|
||||||
exit(1)
|
|
||||||
if is_locked(['reconfigure']):
|
|
||||||
fonctionseole.zephir("ERR" , "sample stoppé : reconfigure en cours", "PERSO")
|
|
||||||
exit(1)
|
|
||||||
else:
|
|
||||||
fonctionseole.zephir("FIN" , "sample : OK", "PERSO")
|
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
Include {
|
||||||
|
Options {
|
||||||
|
aclsupport = no
|
||||||
|
@/etc/bareos/include-options.conf
|
||||||
|
}
|
||||||
|
File = /tmp/repertoire
|
||||||
|
}
|
||||||
|
Exclude {
|
||||||
|
File = /tmp/repertoire/toto.txt
|
||||||
|
}
|
|
@ -0,0 +1,10 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [ $(CreoleGet activer_ircd) = "oui" ];then
|
||||||
|
. /usr/lib/eole/diagnose.sh
|
||||||
|
EchoGras "*** Serveur IRCD"
|
||||||
|
TestService IRCD 127.0.0.1:$(CreoleGet ircd_port)
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
|
@ -0,0 +1,73 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
|
||||||
|
<creole>
|
||||||
|
|
||||||
|
<files>
|
||||||
|
<package>ircd-irc2</package>
|
||||||
|
<service servicelist="ircd">ircd-irc2</service>
|
||||||
|
<service_access service='ircd-irc2'>
|
||||||
|
<port port_type="SymLinkOption">ircd_port</port>
|
||||||
|
</service_access>
|
||||||
|
<file filelist="ircd" name='/etc/ircd/ircd.conf'/>
|
||||||
|
<file filelist="ircd" name='/etc/ircd/ircd.motd'/>
|
||||||
|
</files>
|
||||||
|
|
||||||
|
<variables>
|
||||||
|
<family name='services'>
|
||||||
|
<variable name='activer_ircd' type='oui/non' description="Activer le serveur IRC" >
|
||||||
|
<value>oui</value>
|
||||||
|
</variable>
|
||||||
|
</family>
|
||||||
|
<family name='ircd'>
|
||||||
|
<variable name='ircd_domaine' type='domain' description="Nom de domaine utilisé pour accéder au serveur IRC"/>
|
||||||
|
<variable name='ircd_libelle' type='string' description="Libellé du serveur IRC"/>
|
||||||
|
<variable name='ircd_port' type='port' description="Port du serveur IRC" mode='expert'>
|
||||||
|
<value>6667</value>
|
||||||
|
</variable>
|
||||||
|
<variable name='ircd_banned_hostname' type='domain' description="Hote banni sur le serveur IRC" multi="True" mandatory="True"/>
|
||||||
|
<variable name='ircd_banned_comment' type='string' description="Motif du bannissement du serveur IRC">
|
||||||
|
<value>Vous êtes banni, contacter votre administrateur</value>
|
||||||
|
</variable>
|
||||||
|
<variable name='ircd_motd_message' type='string' description="Message de bienvenu"/>
|
||||||
|
<variable name='ircd_motd_personnalise' type='string' description="Message de bienvenu personnalisé"/>
|
||||||
|
</family>
|
||||||
|
</variables>
|
||||||
|
|
||||||
|
<constraints>
|
||||||
|
<check name='valid_enum' target='ircd_motd_message'>
|
||||||
|
<param>['message 1', 'message 2', 'personnalisé']</param>
|
||||||
|
</check>
|
||||||
|
<fill name='calc_val' target='ircd_domaine'>
|
||||||
|
<param type='eole' name='valeur' hidden="False">web_url</param>
|
||||||
|
</fill>
|
||||||
|
<fill name='ma_fonction' target='ircd_motd_personnalise'>
|
||||||
|
</fill>
|
||||||
|
<auto name="concat" target='ircd_libelle'>
|
||||||
|
<param name='valeur1'>Serveur IRC pour </param>
|
||||||
|
<param type='eole' name='valeur2'>libelle_etab</param>
|
||||||
|
</auto>
|
||||||
|
<group master='ircd_banned_hostname'>
|
||||||
|
<slave>ircd_banned_comment</slave>
|
||||||
|
</group>
|
||||||
|
<condition name='disabled_if_in' source='activer_ircd'>
|
||||||
|
<param>non</param>
|
||||||
|
<target type='filelist'>ircd</target>
|
||||||
|
<target type='servicelist'>ircd</target>
|
||||||
|
<target type='family'>ircd</target>
|
||||||
|
</condition>
|
||||||
|
<condition name='disabled_if_not_in' source='ircd_motd_message'>
|
||||||
|
<param>personnalisé</param>
|
||||||
|
<target>ircd_motd_personnalise</target>
|
||||||
|
</condition>
|
||||||
|
<check name="valid_differ" target="ircd_libelle">
|
||||||
|
<param type='eole' hidden="False">ircd_motd_personnalise</param>
|
||||||
|
</check>
|
||||||
|
</constraints>
|
||||||
|
|
||||||
|
<help>
|
||||||
|
<variable name="activer_ircd">Cette variable permet d'activer un serveur IRC</variable>
|
||||||
|
</help>
|
||||||
|
|
||||||
|
</creole>
|
||||||
|
<!-- vim: ts=4 sw=4 expandtab
|
||||||
|
-->
|
|
@ -0,0 +1,28 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
|
||||||
|
<creole>
|
||||||
|
|
||||||
|
<files>
|
||||||
|
</files>
|
||||||
|
|
||||||
|
<variables>
|
||||||
|
<family name="services">
|
||||||
|
<variable name="activer_clam" redefine="True" hidden="True">
|
||||||
|
<value>non</value>
|
||||||
|
</variable>
|
||||||
|
</family>
|
||||||
|
<family name="applications web">
|
||||||
|
<variable name="web_url" description="l'url web specifique à Rennes" redefine="True"/>
|
||||||
|
</family>
|
||||||
|
</variables>
|
||||||
|
|
||||||
|
<constraints>
|
||||||
|
</constraints>
|
||||||
|
|
||||||
|
<help>
|
||||||
|
</help>
|
||||||
|
|
||||||
|
</creole>
|
||||||
|
<!-- vim: ts=4 sw=4 expandtab
|
||||||
|
-->
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
|
||||||
|
<creole>
|
||||||
|
<variables>
|
||||||
|
<family name='ircd_start'>
|
||||||
|
<variable name="description" type="string"><value>Démarrage du service IRCD</value></variable>
|
||||||
|
<variable name="day" type="schedule"></variable>
|
||||||
|
<variable name="mode" type="schedulemod"><value>post</value></variable>
|
||||||
|
</family>
|
||||||
|
<family name='ircd_stop'>
|
||||||
|
<variable name="description" type="string"><value>Arrêt du service IRCD</value></variable>
|
||||||
|
<variable name="day" type="schedule"></variable>
|
||||||
|
<variable name="mode" type="schedulemod"><value>pre</value></variable>
|
||||||
|
</family>
|
||||||
|
</variables>
|
||||||
|
<constraints>
|
||||||
|
<fill name='calc_multi_condition' target='schedule.ircd_stop.day'>
|
||||||
|
<param>non</param>
|
||||||
|
<param type='eole' name='condition_1'>activer_ircd</param>
|
||||||
|
<param name='match'>none</param>
|
||||||
|
<param name='mismatch'>daily</param>
|
||||||
|
</fill>
|
||||||
|
<fill name='calc_multi_condition' target='schedule.ircd_start.day'>
|
||||||
|
<param>non</param>
|
||||||
|
<param type='eole' name='condition_1'>activer_ircd</param>
|
||||||
|
<param name='match'>none</param>
|
||||||
|
<param name='mismatch'>daily</param>
|
||||||
|
</fill>
|
||||||
|
</constraints>
|
||||||
|
</creole>
|
|
@ -0,0 +1,4 @@
|
||||||
|
#!/usr/bin/python
|
||||||
|
|
||||||
|
def ma_fonction():
|
||||||
|
return u'Ma phrase de ma fonction'
|
|
@ -1,7 +1,4 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
DESC="Démarrage du serveur IRC"
|
|
||||||
|
|
||||||
CreoleService ircd-irc2 start
|
CreoleService ircd-irc2 start
|
||||||
|
|
||||||
exit 0
|
exit 0
|
|
@ -1,7 +1,4 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
DESC="Arrêt du serveur IRC"
|
|
||||||
|
|
||||||
CreoleService ircd-irc2 stop
|
CreoleService ircd-irc2 stop
|
||||||
|
|
||||||
exit 0
|
exit 0
|
|
@ -1,23 +0,0 @@
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
|
||||||
|
|
||||||
<creole>
|
|
||||||
|
|
||||||
<files>
|
|
||||||
<file filelist="ircd-irc2" name="/usr/share/eole/firewall/00_root_ircd.fw" rm="True"/>
|
|
||||||
<service servicelist='ircd-irc2'>ircd-irc2</service>
|
|
||||||
</files>
|
|
||||||
<variables>
|
|
||||||
<family name="services">
|
|
||||||
<variable name="activate_ircd" description="Activer IRCD" type="oui/non">
|
|
||||||
<value>non</value>
|
|
||||||
</variable>
|
|
||||||
</family>
|
|
||||||
</variables>
|
|
||||||
<constraints>
|
|
||||||
<condition name='hidden_if_in' source='activate_ircd'>
|
|
||||||
<param>non</param>
|
|
||||||
<target type='servicelist'>ircd-irc2</target>
|
|
||||||
<target type='filelist'>ircd-irc2</target>
|
|
||||||
</condition>
|
|
||||||
</constraints>
|
|
||||||
</creole>
|
|
|
@ -1 +0,0 @@
|
||||||
allow_src(ip='0/0', port="6667")
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
. /usr/share/eole/FonctionsEoleNg
|
|
||||||
. ParseDico
|
|
||||||
|
|
||||||
EchoGras "*** Serveur IRC"
|
|
||||||
|
|
||||||
if [ "$activate_ircd" = "oui" ]; then
|
|
||||||
TestService IRCD 127.0.0.1:6667
|
|
||||||
else
|
|
||||||
Inactif "IRCD"
|
|
||||||
fi
|
|
||||||
echo
|
|
||||||
exit 0
|
|
|
@ -1,20 +0,0 @@
|
||||||
--- distrib/clamd.conf 2012-12-03 14:58:06.000000000 +0100
|
|
||||||
+++ modif/clamd.conf 2013-02-13 16:44:18.370654335 +0100
|
|
||||||
@@ -23,7 +23,7 @@
|
|
||||||
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
|
|
||||||
# in bytes just don't use modifiers.
|
|
||||||
# Default: 1M
|
|
||||||
-LogFileMaxSize 2M
|
|
||||||
+LogFileMaxSize 10M
|
|
||||||
|
|
||||||
# Log time with each message.
|
|
||||||
# Default: no
|
|
||||||
@@ -228,7 +228,7 @@
|
|
||||||
|
|
||||||
|
|
||||||
# Scan urls found in mails for phishing attempts.
|
|
||||||
-# (available in experimental builds only)
|
|
||||||
+# (available in experimental builds only)
|
|
||||||
# Default: yes
|
|
||||||
#PhishingScanURLs yes
|
|
||||||
|
|
|
@ -1,39 +0,0 @@
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
|
||||||
|
|
||||||
<creole>
|
|
||||||
<containers>
|
|
||||||
<container name="web">
|
|
||||||
<package>phpldapadmin</package>
|
|
||||||
<service method='apache' servicelist="phpldapadmin">phpldapadmin</service>
|
|
||||||
<file name="/etc/apache2/sites-available/phpldapadmin" source="phpldapadmin-apache.conf" filelist='phpldapadmin'/>
|
|
||||||
<file name="/etc/phpldapadmin/config.php" source="phpldapadmin-config.php" filelist='phpldapadmin'/>
|
|
||||||
</container>
|
|
||||||
</containers>
|
|
||||||
<variables>
|
|
||||||
<family name="applications web">
|
|
||||||
<variable name="activer_phpldapadmin" description="Activer phpldapadmin" type="oui/non">
|
|
||||||
<value>non</value>
|
|
||||||
</variable>
|
|
||||||
</family>
|
|
||||||
<family name="phpldapadmin">
|
|
||||||
<variable name="phpldapadmin_name" description="Nom du serveur LDAP" type="string" mandatory="True" multi='True'/>
|
|
||||||
<variable name="phpldapadmin_ip" description="IP du serveur LDAP" type="ip" mandatory='True'/>
|
|
||||||
</family>
|
|
||||||
</variables>
|
|
||||||
<constraints>
|
|
||||||
<group master="phpldapadmin_name">
|
|
||||||
<slave>phpldapadmin_ip</slave>
|
|
||||||
</group>
|
|
||||||
<condition name='hidden_if_in' source='activer_phpldapadmin'>
|
|
||||||
<param>non</param>
|
|
||||||
<target type='family'>phpldapadmin</target>
|
|
||||||
<target type='filelist'>phpldapadmin</target>
|
|
||||||
<target type='servicelist'>phpldapadmin</target>
|
|
||||||
</condition>
|
|
||||||
<fill name='calc_val' target='phpldapadmin_ip'>
|
|
||||||
<param type='eole' name='valeur'>adresse_ip_ldap</param>
|
|
||||||
</fill>
|
|
||||||
</constraints>
|
|
||||||
<help/>
|
|
||||||
</creole>
|
|
||||||
|
|
|
@ -1,53 +0,0 @@
|
||||||
%if %%activer_phpldapadmin == "oui"
|
|
||||||
# Define /phpldapadmin alias, this is the default
|
|
||||||
<IfModule mod_alias.c>
|
|
||||||
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# You can also use phpLDAPadmin as a VirtualHost
|
|
||||||
# <VirtualHost *:*>
|
|
||||||
# ServerName ldap.example.com
|
|
||||||
# ServerAdmin root@example.com
|
|
||||||
# DocumentRoot /usr/share/phpldapadmin
|
|
||||||
# ErrorLog logs/ldap.example.com-error.log
|
|
||||||
# CustomLog logs/ldap.example.com-access.log common
|
|
||||||
# </VirtualHost>
|
|
||||||
|
|
||||||
<Directory /usr/share/phpldapadmin/htdocs/>
|
|
||||||
|
|
||||||
DirectoryIndex index.php
|
|
||||||
Options +FollowSymLinks
|
|
||||||
AllowOverride None
|
|
||||||
|
|
||||||
Order allow,deny
|
|
||||||
Allow from all
|
|
||||||
|
|
||||||
<IfModule mod_mime.c>
|
|
||||||
|
|
||||||
<IfModule mod_php5.c>
|
|
||||||
AddType application/x-httpd-php .php
|
|
||||||
|
|
||||||
php_flag magic_quotes_gpc Off
|
|
||||||
php_flag track_vars On
|
|
||||||
php_flag register_globals On
|
|
||||||
php_value include_path .
|
|
||||||
php_value memory_limit 32M
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
<IfModule !mod_php5.c>
|
|
||||||
<IfModule mod_actions.c>
|
|
||||||
<IfModule mod_cgi.c>
|
|
||||||
AddType application/x-httpd-php .php
|
|
||||||
Action application/x-httpd-php /cgi-bin/php5
|
|
||||||
</IfModule>
|
|
||||||
<IfModule mod_cgid.c>
|
|
||||||
AddType application/x-httpd-php .php
|
|
||||||
Action application/x-httpd-php /cgi-bin/php5
|
|
||||||
</IfModule>
|
|
||||||
</IfModule>
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
</Directory>
|
|
||||||
%end if
|
|
|
@ -1,549 +0,0 @@
|
||||||
<?php
|
|
||||||
/** NOTE **
|
|
||||||
** Make sure that <?php is the FIRST line of this file!
|
|
||||||
** IE: There should NOT be any blank lines or spaces BEFORE <?php
|
|
||||||
**/
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The phpLDAPadmin config file
|
|
||||||
* See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
|
|
||||||
*
|
|
||||||
* This is where you can customise some of the phpLDAPadmin defaults
|
|
||||||
* that are defined in config_default.php.
|
|
||||||
*
|
|
||||||
* To override a default, use the $config->custom variable to do so.
|
|
||||||
* For example, the default for defining the language in config_default.php
|
|
||||||
*
|
|
||||||
* $this->default->appearance['language'] = array(
|
|
||||||
* 'desc'=>'Language',
|
|
||||||
* 'default'=>'auto');
|
|
||||||
*
|
|
||||||
* to override this, use $config->custom->appearance['language'] = 'en_EN';
|
|
||||||
*
|
|
||||||
* This file is also used to configure your LDAP server connections.
|
|
||||||
*
|
|
||||||
* You must specify at least one LDAP server there. You may add
|
|
||||||
* as many as you like. You can also specify your language, and
|
|
||||||
* many other options.
|
|
||||||
*
|
|
||||||
* NOTE: Commented out values in this file prefixed by //, represent the
|
|
||||||
* defaults that have been defined in config_default.php.
|
|
||||||
* Commented out values prefixed by #, dont reflect their default value, you can
|
|
||||||
* check config_default.php if you want to see what the default is.
|
|
||||||
*
|
|
||||||
* DONT change config_default.php, you changes will be lost by the next release
|
|
||||||
* of PLA. Instead change this file - as it will NOT be replaced by a new
|
|
||||||
* version of phpLDAPadmin.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Useful important configuration overrides */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* If you are asked to put PLA in debug mode, this is how you do it: */
|
|
||||||
# $config->custom->debug['level'] = 255;
|
|
||||||
# $config->custom->debug['syslog'] = true;
|
|
||||||
# $config->custom->debug['file'] = '/tmp/pla_debug.log';
|
|
||||||
|
|
||||||
/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
|
|
||||||
to a big random string. */
|
|
||||||
// $config->custom->session['blowfish'] = null;
|
|
||||||
|
|
||||||
/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
|
|
||||||
to determine your language automatically. Otherwise, available lanaguages
|
|
||||||
are: 'ct', 'de', 'en', 'es', 'fr', 'it', 'nl', and 'ru'
|
|
||||||
Localization is not complete yet, but most strings have been translated.
|
|
||||||
Please help by writing language files. See lang/en.php for an example. */
|
|
||||||
// $config->custom->appearance['language'] = 'auto';
|
|
||||||
|
|
||||||
/* The temporary storage directory where we will put jpegPhoto data
|
|
||||||
This directory must be readable and writable by your web server. */
|
|
||||||
// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems
|
|
||||||
# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems
|
|
||||||
|
|
||||||
/* Set this to (bool)true if you do NOT want a random salt used when
|
|
||||||
calling crypt(). Instead, use the first two letters of the user's
|
|
||||||
password. This is insecure but unfortunately needed for some older
|
|
||||||
environments. */
|
|
||||||
# $config->custom->password['no_random_crypt_salt'] = true;
|
|
||||||
|
|
||||||
/* PHP script timeout control. If php runs longer than this many seconds then
|
|
||||||
PHP will stop with an Maximum Execution time error. Increase this value from
|
|
||||||
the default if queries to your LDAP server are slow. The default is either
|
|
||||||
30 seconds or the setting of max_exection_time if this is null. */
|
|
||||||
// $config->custom->session['timelimit'] = 30;
|
|
||||||
|
|
||||||
/* Our local timezone
|
|
||||||
This is to make sure that when we ask the system for the current time, we
|
|
||||||
get the right local time. If this is not set, all time() calculations will
|
|
||||||
assume UTC if you have not set PHP date.timezone. */
|
|
||||||
// $config->custom->appearance['timezone'] = null;
|
|
||||||
# $config->custom->appearance['timezone'] = 'Australia/Melbourne';
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Commands */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* Command availability ; if you don't authorize a command the command
|
|
||||||
links will not be shown and the command action will not be permitted.
|
|
||||||
For better security, set also ACL in your ldap directory. */
|
|
||||||
/*
|
|
||||||
$config->custom->commands['cmd'] = array(
|
|
||||||
'entry_internal_attributes_show' => true,
|
|
||||||
'entry_refresh' => true,
|
|
||||||
'oslinks' => true,
|
|
||||||
'switch_template' => true
|
|
||||||
);
|
|
||||||
|
|
||||||
$config->custom->commands['script'] = array(
|
|
||||||
'add_attr_form' => true,
|
|
||||||
'add_oclass_form' => true,
|
|
||||||
'add_value_form' => true,
|
|
||||||
'collapse' => true,
|
|
||||||
'compare' => true,
|
|
||||||
'compare_form' => true,
|
|
||||||
'copy' => true,
|
|
||||||
'copy_form' => true,
|
|
||||||
'create' => true,
|
|
||||||
'create_confirm' => true,
|
|
||||||
'delete' => true,
|
|
||||||
'delete_attr' => true,
|
|
||||||
'delete_form' => true,
|
|
||||||
'draw_tree_node' => true,
|
|
||||||
'expand' => true,
|
|
||||||
'export' => true,
|
|
||||||
'export_form' => true,
|
|
||||||
'import' => true,
|
|
||||||
'import_form' => true,
|
|
||||||
'login' => true,
|
|
||||||
'logout' => true,
|
|
||||||
'login_form' => true,
|
|
||||||
'mass_delete' => true,
|
|
||||||
'mass_edit' => true,
|
|
||||||
'mass_update' => true,
|
|
||||||
'modify_member_form' => true,
|
|
||||||
'monitor' => true,
|
|
||||||
'purge_cache' => true,
|
|
||||||
'query_engine' => true,
|
|
||||||
'rename' => true,
|
|
||||||
'rename_form' => true,
|
|
||||||
'rdelete' => true,
|
|
||||||
'refresh' => true,
|
|
||||||
'schema' => true,
|
|
||||||
'server_info' => true,
|
|
||||||
'show_cache' => true,
|
|
||||||
'template_engine' => true,
|
|
||||||
'update_confirm' => true,
|
|
||||||
'update' => true
|
|
||||||
);
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Appearance */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* If you want to choose the appearance of the tree, specify a class name which
|
|
||||||
inherits from the Tree class. */
|
|
||||||
// $config->custom->appearance['tree'] = 'AJAXTree';
|
|
||||||
# $config->custom->appearance['tree'] = 'HTMLTree';
|
|
||||||
|
|
||||||
/* Just show your custom templates. */
|
|
||||||
// $config->custom->appearance['custom_templates_only'] = false;
|
|
||||||
|
|
||||||
/* Disable the default template. */
|
|
||||||
// $config->custom->appearance['disable_default_template'] = false;
|
|
||||||
|
|
||||||
/* Hide the warnings for invalid objectClasses/attributes in templates. */
|
|
||||||
// $config->custom->appearance['hide_template_warning'] = false;
|
|
||||||
|
|
||||||
/* Configure what objects are shown in left hand tree */
|
|
||||||
// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
|
|
||||||
|
|
||||||
/* The height and width of the tree. If these values are not set, then
|
|
||||||
no tree scroll bars are provided. */
|
|
||||||
// $config->custom->appearance['tree_height'] = null;
|
|
||||||
# $config->custom->appearance['tree_height'] = 600;
|
|
||||||
// $config->custom->appearance['tree_width'] = null;
|
|
||||||
# $config->custom->appearance['tree_width'] = 250;
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* User-friendly attribute translation */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* Use this array to map attribute names to user friendly names. For example, if
|
|
||||||
you don't want to see "facsimileTelephoneNumber" but rather "Fax". */
|
|
||||||
// $config->custom->appearance['friendly_attrs'] = array();
|
|
||||||
$config->custom->appearance['friendly_attrs'] = array(
|
|
||||||
'facsimileTelephoneNumber' => 'Fax',
|
|
||||||
'gid' => 'Group',
|
|
||||||
'mail' => 'Email',
|
|
||||||
'telephoneNumber' => 'Telephone',
|
|
||||||
'uid' => 'User Name',
|
|
||||||
'userPassword' => 'Password'
|
|
||||||
);
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Hidden attributes */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* You may want to hide certain attributes from being edited. If you want to
|
|
||||||
hide attributes from the user, you should use your LDAP servers ACLs.
|
|
||||||
NOTE: The user must be able to read the hide_attrs_exempt entry to be
|
|
||||||
excluded. */
|
|
||||||
// $config->custom->appearance['hide_attrs'] = array();
|
|
||||||
# $config->custom->appearance['hide_attrs'] = array('objectClass');
|
|
||||||
|
|
||||||
/* Members of this list will be exempt from the hidden attributes.*/
|
|
||||||
// $config->custom->appearance['hide_attrs_exempt'] = null;
|
|
||||||
# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU';
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Read-only attributes */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* You may want to phpLDAPadmin to display certain attributes as read only,
|
|
||||||
meaning that users will not be presented a form for modifying those
|
|
||||||
attributes, and they will not be allowed to be modified on the "back-end"
|
|
||||||
either. You may configure this list here:
|
|
||||||
NOTE: The user must be able to read the readonly_attrs_exempt entry to be
|
|
||||||
excluded. */
|
|
||||||
// $config->custom->appearance['readonly_attrs'] = array();
|
|
||||||
|
|
||||||
/* Members of this list will be exempt from the readonly attributes.*/
|
|
||||||
// $config->custom->appearance['readonly_attrs_exempt'] = null;
|
|
||||||
# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU';
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Group attributes */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* Add "modify group members" link to the attribute. */
|
|
||||||
// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid');
|
|
||||||
|
|
||||||
/* Configure filter for member search. This only applies to "modify group members" feature */
|
|
||||||
// $config->custom->modify_member['filter'] = '(objectclass=Person)';
|
|
||||||
|
|
||||||
/* Attribute that is added to the group member attribute. */
|
|
||||||
// $config->custom->modify_member['attr'] = 'dn';
|
|
||||||
|
|
||||||
/* For Posix attributes */
|
|
||||||
// $config->custom->modify_member['posixattr'] = 'uid';
|
|
||||||
// $config->custom->modify_member['posixfilter'] = '(uid=*)';
|
|
||||||
// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Support for attrs display order */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* Use this array if you want to have your attributes displayed in a specific
|
|
||||||
order. You can use default attribute names or their fridenly names.
|
|
||||||
For example, "sn" will be displayed right after "givenName". All the other
|
|
||||||
attributes that are not specified in this array will be displayed after in
|
|
||||||
alphabetical order. */
|
|
||||||
// $config->custom->appearance['attr_display_order'] = array();
|
|
||||||
# $config->custom->appearance['attr_display_order'] = array(
|
|
||||||
# 'givenName',
|
|
||||||
# 'sn',
|
|
||||||
# 'cn',
|
|
||||||
# 'displayName',
|
|
||||||
# 'uid',
|
|
||||||
# 'uidNumber',
|
|
||||||
# 'gidNumber',
|
|
||||||
# 'homeDirectory',
|
|
||||||
# 'mail',
|
|
||||||
# 'userPassword'
|
|
||||||
# );
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Define your LDAP servers in this section */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
$servers = new Datastore();
|
|
||||||
|
|
||||||
/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
|
|
||||||
declaration. */
|
|
||||||
$servers->newServer('ldap_pla');
|
|
||||||
|
|
||||||
/* A convenient name that will appear in the tree viewer and throughout
|
|
||||||
phpLDAPadmin to identify this LDAP server to users. */
|
|
||||||
%for %%phpldapadmin_master in %%phpldapadmin_name
|
|
||||||
$servers->setValue('server','name','%%phpldapadmin_master');
|
|
||||||
|
|
||||||
/* Examples:
|
|
||||||
'ldap.example.com',
|
|
||||||
'ldaps://ldap.example.com/',
|
|
||||||
'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
|
|
||||||
(Unix socket at /usr/local/var/run/ldap) */
|
|
||||||
$servers->setValue('server','host','%%phpldapadmin_master.phpldapadmin_ip');
|
|
||||||
%end for
|
|
||||||
/* The port your LDAP server listens on (no quotes). 389 is standard. */
|
|
||||||
// $servers->setValue('server','port',389);
|
|
||||||
|
|
||||||
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
|
|
||||||
auto-detect it for you. */
|
|
||||||
$servers->setValue('server','base',array('dc=example,dc=com'));
|
|
||||||
|
|
||||||
/* Four options for auth_type:
|
|
||||||
1. 'cookie': you will login via a web form, and a client-side cookie will
|
|
||||||
store your login dn and password.
|
|
||||||
2. 'session': same as cookie but your login dn and password are stored on the
|
|
||||||
web server in a persistent session variable.
|
|
||||||
3. 'http': same as session but your login dn and password are retrieved via
|
|
||||||
HTTP authentication.
|
|
||||||
4. 'config': specify your login dn and password here in this config file. No
|
|
||||||
login will be required to use phpLDAPadmin for this server.
|
|
||||||
|
|
||||||
Choose wisely to protect your authentication information appropriately for
|
|
||||||
your situation. If you choose 'cookie', your cookie contents will be
|
|
||||||
encrypted using blowfish and the secret your specify above as
|
|
||||||
session['blowfish']. */
|
|
||||||
$servers->setValue('login','auth_type','session');
|
|
||||||
|
|
||||||
/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
|
|
||||||
'cookie' or 'session' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS BLANK. If
|
|
||||||
you specify a login_attr in conjunction with a cookie or session auth_type,
|
|
||||||
then you can also specify the bind_id/bind_pass here for searching the
|
|
||||||
directory for users (ie, if your LDAP server does not allow anonymous binds. */
|
|
||||||
$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');
|
|
||||||
# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
|
|
||||||
|
|
||||||
/* Your LDAP password. If you specified an empty bind_id above, this MUST also
|
|
||||||
be blank. */
|
|
||||||
// $servers->setValue('login','bind_pass','');
|
|
||||||
# $servers->setValue('login','bind_pass','secret');
|
|
||||||
|
|
||||||
/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
|
|
||||||
// $servers->setValue('server','tls',false);
|
|
||||||
|
|
||||||
/************************************
|
|
||||||
* SASL Authentication *
|
|
||||||
************************************/
|
|
||||||
|
|
||||||
/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
|
|
||||||
configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
|
|
||||||
false), then all other sasl options are ignored. */
|
|
||||||
// $servers->setValue('server','sasl_auth',false);
|
|
||||||
|
|
||||||
/* SASL auth mechanism */
|
|
||||||
// $servers->setValue('server','sasl_mech','PLAIN');
|
|
||||||
|
|
||||||
/* SASL authentication realm name */
|
|
||||||
// $servers->setValue('server','sasl_realm','');
|
|
||||||
# $servers->setValue('server','sasl_realm','example.com');
|
|
||||||
|
|
||||||
/* SASL authorization ID name
|
|
||||||
If this option is undefined, authorization id will be computed from bind DN,
|
|
||||||
using sasl_authz_id_regex and sasl_authz_id_replacement. */
|
|
||||||
// $servers->setValue('server','sasl_authz_id', null);
|
|
||||||
|
|
||||||
/* SASL authorization id regex and replacement
|
|
||||||
When sasl_authz_id property is not set (default), phpLDAPAdmin will try to
|
|
||||||
figure out authorization id by itself from bind distinguished name (DN).
|
|
||||||
|
|
||||||
This procedure is done by calling preg_replace() php function in the
|
|
||||||
following way:
|
|
||||||
|
|
||||||
$authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
|
|
||||||
$bind_dn);
|
|
||||||
|
|
||||||
For info about pcre regexes, see:
|
|
||||||
- pcre(3), perlre(3)
|
|
||||||
- http://www.php.net/preg_replace */
|
|
||||||
// $servers->setValue('server','sasl_authz_id_regex',null);
|
|
||||||
// $servers->setValue('server','sasl_authz_id_replacement',null);
|
|
||||||
# $servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
|
|
||||||
# $servers->setValue('server','sasl_authz_id_replacement','$1');
|
|
||||||
|
|
||||||
/* SASL auth security props.
|
|
||||||
See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
|
|
||||||
// $servers->setValue('server','sasl_props',null);
|
|
||||||
|
|
||||||
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
|
|
||||||
blowfish, crypt or leave blank for now default algorithm. */
|
|
||||||
// $servers->setValue('appearance','password_hash','md5');
|
|
||||||
|
|
||||||
/* If you specified 'cookie' or 'session' as the auth_type above, you can
|
|
||||||
optionally specify here an attribute to use when logging in. If you enter
|
|
||||||
'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
|
|
||||||
and log in as that user.
|
|
||||||
Leave blank or specify 'dn' to use full DN for logging in. Note also that if
|
|
||||||
your LDAP server requires you to login to perform searches, you can enter the
|
|
||||||
DN to use when searching in 'bind_id' and 'bind_pass' above.
|
|
||||||
// $servers->setValue('login','attr','dn');
|
|
||||||
|
|
||||||
/* Base DNs to used for logins. If this value is not set, then the LDAP server
|
|
||||||
Base DNs are used. */
|
|
||||||
// $servers->setValue('login','base',array());
|
|
||||||
|
|
||||||
/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN
|
|
||||||
at login, you may restrict the search to a specific objectClasses. EG, set this
|
|
||||||
to array('posixAccount') or array('inetOrgPerson',..), depending upon your
|
|
||||||
setup. */
|
|
||||||
// $servers->setValue('login','class',array());
|
|
||||||
|
|
||||||
/* If you specified something different from 'dn', for example 'uid', as the
|
|
||||||
login_attr above, you can optionally specify here to fall back to
|
|
||||||
authentication with dn.
|
|
||||||
This is useful, when users should be able to log in with their uid, but
|
|
||||||
the ldap administrator wants to log in with his root-dn, that does not
|
|
||||||
necessarily have the uid attribute.
|
|
||||||
When using this feature, login_class is ignored. */
|
|
||||||
// $servers->setValue('login','fallback_dn',false);
|
|
||||||
|
|
||||||
/* Specify true If you want phpLDAPadmin to not display or permit any
|
|
||||||
modification to the LDAP server. */
|
|
||||||
// $servers->setValue('server','read_only',false);
|
|
||||||
|
|
||||||
/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links
|
|
||||||
in the tree viewer. */
|
|
||||||
// $servers->setValue('appearance','show_create',true);
|
|
||||||
|
|
||||||
/* This feature allows phpLDAPadmin to automatically determine the next
|
|
||||||
available uidNumber for a new entry. */
|
|
||||||
// $servers->setValue('auto_number','enable',true);
|
|
||||||
|
|
||||||
/* The mechanism to use when finding the next available uidNumber. Two possible
|
|
||||||
values: 'uidpool' or 'search'.
|
|
||||||
The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
|
|
||||||
blindly lookup the next available uidNumber. The 'search' mechanism searches
|
|
||||||
for entries with a uidNumber value and finds the first available uidNumber
|
|
||||||
(slower). */
|
|
||||||
// $servers->setValue('auto_number','mechanism','search');
|
|
||||||
|
|
||||||
/* The DN of the search base when the 'search' mechanism is used above. */
|
|
||||||
# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
|
|
||||||
|
|
||||||
/* The minimum number to use when searching for the next available number
|
|
||||||
(only when 'search' is used for auto_number */
|
|
||||||
// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
|
|
||||||
|
|
||||||
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
|
|
||||||
searching for the uidnumber. The idea is, this user id would have full
|
|
||||||
(readonly) access to uidnumber in your ldap directory (the logged in user
|
|
||||||
may not), so that you can be guaranteed to get a unique uidnumber for your
|
|
||||||
directory. */
|
|
||||||
// $servers->setValue('auto_number','dn',null);
|
|
||||||
|
|
||||||
/* The password for the dn above. */
|
|
||||||
// $servers->setValue('auto_number','pass',null);
|
|
||||||
|
|
||||||
/* Enable anonymous bind login. */
|
|
||||||
// $servers->setValue('login','anon_bind',true);
|
|
||||||
|
|
||||||
/* Use customized page with prefix when available. */
|
|
||||||
# $servers->setValue('custom','pages_prefix','custom_');
|
|
||||||
|
|
||||||
/* If you set this, then only these DNs are allowed to log in. This array can
|
|
||||||
contain individual users, groups or ldap search filter(s). Keep in mind that
|
|
||||||
the user has not authenticated yet, so this will be an anonymous search to
|
|
||||||
the LDAP server, so make your ACLs allow these searches to return results! */
|
|
||||||
# $servers->setValue('login','allowed_dns',array(
|
|
||||||
# 'uid=stran,ou=People,dc=example,dc=com',
|
|
||||||
# '(&(gidNumber=811)(objectClass=groupOfNames))',
|
|
||||||
# '(|(uidNumber=200)(uidNumber=201))',
|
|
||||||
# 'cn=callcenter,ou=Group,dc=example,dc=com'));
|
|
||||||
|
|
||||||
/* Set this if you dont want this LDAP server to show in the tree */
|
|
||||||
// $servers->setValue('server','visible',true);
|
|
||||||
|
|
||||||
/* This is the time out value in minutes for the server. After as many minutes
|
|
||||||
of inactivity you will be automatically logged out. If not set, the default
|
|
||||||
value will be ( session_cache_expire()-1 ) */
|
|
||||||
# $servers->setValue('login','timeout',30);
|
|
||||||
|
|
||||||
/* Set this if you want phpldapadmin to perform rename operation on entry which
|
|
||||||
has children. Certain servers are known to allow it, certain are not */
|
|
||||||
// $servers->setValue('server','branch_rename',false);
|
|
||||||
|
|
||||||
/* If you set this, then phpldapadmin will show these attributes as
|
|
||||||
internal attributes, even if they are not defined in your schema. */
|
|
||||||
// $servers->setValue('server','custom_sys_attrs',array(''));
|
|
||||||
# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
|
|
||||||
|
|
||||||
/* If you set this, then phpldapadmin will show these attributes on
|
|
||||||
objects, even if they are not defined in your schema. */
|
|
||||||
// $servers->setValue('server','custom_attrs',array(''));
|
|
||||||
# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
|
|
||||||
|
|
||||||
/* These attributes will be forced to MAY attributes and become option in the
|
|
||||||
templates. If they are not defined in the templates, then they wont appear
|
|
||||||
as per normal template processing. You may want to do this becuase your LDAP
|
|
||||||
server may automatically calculate a default value.
|
|
||||||
In Fedora Directory Server using the DNA Plugin one could ignore uidNumber,
|
|
||||||
gidNumber and sambaSID. */
|
|
||||||
// $servers->setValue('force_may','attrs',array(''));
|
|
||||||
# $servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
|
|
||||||
|
|
||||||
/*********************************************/
|
|
||||||
/* Unique attributes */
|
|
||||||
/*********************************************/
|
|
||||||
|
|
||||||
/* You may want phpLDAPadmin to enforce some attributes to have unique values
|
|
||||||
(ie: not belong to other entries in your tree. This (together with
|
|
||||||
'unique','dn' and 'unique','pass' option will not let updates to
|
|
||||||
occur with other attributes have the same value. */
|
|
||||||
# $servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
|
|
||||||
|
|
||||||
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
|
|
||||||
searching for attribute uniqueness. The idea is, this user id would have full
|
|
||||||
(readonly) access to your ldap directory (the logged in user may not), so
|
|
||||||
that you can be guaranteed to get a unique uidnumber for your directory. */
|
|
||||||
// $servers->setValue('unique','dn',null);
|
|
||||||
|
|
||||||
/* The password for the dn above. */
|
|
||||||
// $servers->setValue('unique','pass',null);
|
|
||||||
|
|
||||||
/**************************************************************************
|
|
||||||
* If you want to configure additional LDAP servers, do so below. *
|
|
||||||
* Remove the commented lines and use this section as a template for all *
|
|
||||||
* your other LDAP servers. *
|
|
||||||
**************************************************************************/
|
|
||||||
|
|
||||||
/*
|
|
||||||
$servers->newServer('ldap_pla');
|
|
||||||
$servers->setValue('server','name','LDAP Server');
|
|
||||||
$servers->setValue('server','host','127.0.0.1');
|
|
||||||
$servers->setValue('server','port',389);
|
|
||||||
$servers->setValue('server','base',array(''));
|
|
||||||
$servers->setValue('login','auth_type','cookie');
|
|
||||||
$servers->setValue('login','bind_id','');
|
|
||||||
$servers->setValue('login','bind_pass','');
|
|
||||||
$servers->setValue('server','tls',false);
|
|
||||||
|
|
||||||
# SASL auth
|
|
||||||
$servers->setValue('server','sasl_auth',true);
|
|
||||||
$servers->setValue('server','sasl_mech','PLAIN');
|
|
||||||
$servers->setValue('server','sasl_realm','EXAMPLE.COM');
|
|
||||||
$servers->setValue('server','sasl_authz_id',null);
|
|
||||||
$servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
|
|
||||||
$servers->setValue('server','sasl_authz_id_replacement','$1');
|
|
||||||
$servers->setValue('server','sasl_props',null);
|
|
||||||
|
|
||||||
$servers->setValue('appearance','password_hash','md5');
|
|
||||||
$servers->setValue('login','attr','dn');
|
|
||||||
$servers->setValue('login','fallback_dn',false);
|
|
||||||
$servers->setValue('login','class',null);
|
|
||||||
$servers->setValue('server','read_only',false);
|
|
||||||
$servers->setValue('appearance','show_create',true);
|
|
||||||
|
|
||||||
$servers->setValue('auto_number','enable',true);
|
|
||||||
$servers->setValue('auto_number','mechanism','search');
|
|
||||||
$servers->setValue('auto_number','search_base',null);
|
|
||||||
$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
|
|
||||||
$servers->setValue('auto_number','dn',null);
|
|
||||||
$servers->setValue('auto_number','pass',null);
|
|
||||||
|
|
||||||
$servers->setValue('login','anon_bind',true);
|
|
||||||
$servers->setValue('custom','pages_prefix','custom_');
|
|
||||||
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
|
|
||||||
$servers->setValue('unique','dn',null);
|
|
||||||
$servers->setValue('unique','pass',null);
|
|
||||||
|
|
||||||
$servers->setValue('server','visible',true);
|
|
||||||
$servers->setValue('login','timeout',30);
|
|
||||||
$servers->setValue('server','branch_rename',false);
|
|
||||||
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
|
|
||||||
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
|
|
||||||
$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
|
|
||||||
*/
|
|
||||||
?>
|
|
|
@ -0,0 +1,163 @@
|
||||||
|
\documentclass[a4paper,11pt]{report}
|
||||||
|
\usepackage{ifxetex}
|
||||||
|
\ifxetex
|
||||||
|
%\usepackage{fontspec}
|
||||||
|
%\usepackage{xunicode}
|
||||||
|
\usepackage{xltxtra}
|
||||||
|
\defaultfontfeatures{Mapping=tex-text} % To support LaTeX quoting style
|
||||||
|
\setmainfont{Caviar Dreams}
|
||||||
|
\else
|
||||||
|
\usepackage[utf8]{inputenc}
|
||||||
|
\usepackage[T1]{fontenc}
|
||||||
|
\usepackage{amsfonts}
|
||||||
|
\fi
|
||||||
|
\usepackage{pifont}
|
||||||
|
\usepackage{geometry}
|
||||||
|
\usepackage{fancybox}
|
||||||
|
\usepackage{verbatim}
|
||||||
|
\usepackage{eurosym}
|
||||||
|
\usepackage[english, francais]{babel}
|
||||||
|
\usepackage{listings}
|
||||||
|
\usepackage{color}
|
||||||
|
\usepackage{graphicx}
|
||||||
|
\usepackage{hyperref}
|
||||||
|
\usepackage{titlesec}
|
||||||
|
\usepackage{fancyhdr}
|
||||||
|
\usepackage{lastpage}
|
||||||
|
\usepackage{minted}
|
||||||
|
|
||||||
|
\setlength{\hoffset}{-18pt}
|
||||||
|
\setlength{\oddsidemargin}{0pt} % Marge gauche sur pages impaires
|
||||||
|
\setlength{\evensidemargin}{9pt} % Marge gauche sur pages paires
|
||||||
|
\setlength{\marginparwidth}{54pt} % Largeur de note dans la marge
|
||||||
|
\setlength{\textwidth}{481pt} % Largeur de la zone de texte (17cm)
|
||||||
|
\setlength{\voffset}{-18pt} % Bon pour DOS
|
||||||
|
\setlength{\marginparsep}{7pt} % Séparation de la marge
|
||||||
|
\setlength{\topmargin}{0pt} % Pas de marge en haut
|
||||||
|
\setlength{\headheight}{13pt} % Haut de page
|
||||||
|
\setlength{\headsep}{10pt} % Entre le haut de page et le texte
|
||||||
|
\setlength{\footskip}{27pt} % Bas de page + séparation
|
||||||
|
\setlength{\textheight}{708pt} % Hauteur de la zone de texte (25cm)
|
||||||
|
\definecolor{bg}{rgb}{0.9,0.9,0.9}
|
||||||
|
|
||||||
|
% TITRE DU DOCUMENT !
|
||||||
|
\title{Corrigé des exercices : créer un script Zéphir}
|
||||||
|
|
||||||
|
%\date{}
|
||||||
|
|
||||||
|
\begin{document}
|
||||||
|
\maketitle
|
||||||
|
\normalsize
|
||||||
|
\vspace{2cm}
|
||||||
|
\textbf{Rédacteurs :}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Emmanuel Garette (egarette@cadoles.com)
|
||||||
|
\item Vincent Febvre (vfebvre@cadoles.com) \newline
|
||||||
|
\end{itemize}
|
||||||
|
\vspace{2cm}
|
||||||
|
\textbf{Version} : 1.0 \newline
|
||||||
|
|
||||||
|
\chapter{Création d'un script Zéphir : un script python}
|
||||||
|
|
||||||
|
Un script Zéphir est un script python. Des fonctions de base se proposer pour faciliter l'écriture de ce script.
|
||||||
|
|
||||||
|
\begin{minted}{xml}
|
||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from zephir.lib_zephir import *
|
||||||
|
from creole import fonctionseole
|
||||||
|
\end{minted}
|
||||||
|
|
||||||
|
\chapter{Création d'un script Zéphir : vérification}
|
||||||
|
|
||||||
|
Avant il faut vérifier qu'aucun blocage ne soit mis en place pour éviter l'exécuter de l'action.
|
||||||
|
|
||||||
|
\begin{minted}{xml}
|
||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from zephir.lib_zephir import *
|
||||||
|
from creole import fonctionseole
|
||||||
|
|
||||||
|
\end{minted}
|
||||||
|
\begin{minted}[bgcolor=bg]{xml}
|
||||||
|
if fonctionseole.init_proc('PERSO') == False:
|
||||||
|
fonctionseole.zephir("ERR" , "procédure supprimer_fichier bloquée par zephir", "PERSO")
|
||||||
|
sys.exit(1)
|
||||||
|
\end{minted}
|
||||||
|
|
||||||
|
\chapter{Création d'un script Zéphir : début}
|
||||||
|
|
||||||
|
Avant d'exécuter le script, emettre un message sur le Zéphir.
|
||||||
|
|
||||||
|
\begin{minted}{xml}
|
||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from zephir.lib_zephir import *
|
||||||
|
from creole import fonctionseole
|
||||||
|
|
||||||
|
if fonctionseole.init_proc('PERSO') == False:
|
||||||
|
fonctionseole.zephir("ERR" , "procédure supprimer_fichier bloquée par zephir", "PERSO")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
\end{minted}
|
||||||
|
\begin{minted}[bgcolor=bg]{xml}
|
||||||
|
fonctionseole.zephir("INIT" , "script supprimer_fichier en cours d'execution", "PERSO")
|
||||||
|
\end{minted}
|
||||||
|
|
||||||
|
\chapter{Création d'un script Zéphir : lancement du script en root}
|
||||||
|
|
||||||
|
Le script principal est exécuter avec l'utilisateur "uucp". Il faut utiliser la fonction sudo\_script pour avoir les droits "root".
|
||||||
|
|
||||||
|
Si tout se passe bien, deux messages seront remontés :
|
||||||
|
|
||||||
|
\begin{itemize}
|
||||||
|
\item un message d'information avec le nom du fichier ;
|
||||||
|
\item un message annonçant que le fichier est correctement supprimer.
|
||||||
|
\end{itemize}
|
||||||
|
|
||||||
|
En cas d'erreur, un message d'erreur est remonté sur le Zéphir.
|
||||||
|
|
||||||
|
\begin{minted}{xml}
|
||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from zephir.lib_zephir import *
|
||||||
|
from creole import fonctionseole
|
||||||
|
|
||||||
|
if fonctionseole.init_proc('PERSO') == False:
|
||||||
|
fonctionseole.zephir("ERR" , "procédure supprimer_fichier bloquée par zephir", "PERSO")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
fonctionseole.zephir("INIT" , "script supprimer_fichier en cours d'execution", "PERSO")
|
||||||
|
|
||||||
|
\end{minted}
|
||||||
|
\begin{minted}[bgcolor=bg]{xml}
|
||||||
|
try:
|
||||||
|
filename = sys.argv[1]
|
||||||
|
fonctionseole.zephir("MSG" , "supprimer_fichier lancé avec l'argument {}".format(filename), "PERSO")
|
||||||
|
sudo_script('supprimer_fichier_sudo.zephir %s' % filename)
|
||||||
|
except Exception, err:
|
||||||
|
fonctionseole.zephir("ERR" , "supprimer_fichier a généré une erreur {}".format(err), "PERSO")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
fonctionseole.zephir("FIN" , "supprimer_fichier {}: OK".format(filename), "PERSO")
|
||||||
|
\end{minted}
|
||||||
|
|
||||||
|
\chapter{Création du script de suppression des fichiers}
|
||||||
|
|
||||||
|
Un second script bash est nécessaire. Ce script est utilisé pour supprimer effectivement le fichier sur le serveur.
|
||||||
|
|
||||||
|
\begin{minted}{bash}
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
[ -f "$1" ] && rm -f "$1"
|
||||||
|
\end{minted}
|
||||||
|
|
||||||
|
\end{document}
|
Loading…
Reference in New Issue