mise à jour des excercices tronc-commun-2

This commit is contained in:
Emmanuel Garette 2017-01-26 18:06:37 +01:00 committed by Benjamin Bohard
parent 7157bb6725
commit 15f0448816
31 changed files with 318 additions and 877 deletions

View File

@ -1,26 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<files>
<file name='/etc/sysconfig/eole/services/4_ircd.srv'/>
<service servicelist="ircd">ircd</service>
</files>
<variables>
<family name='services'>
<variable name='activate_ircd' type='string' description="Activer IRCD">
<value>non</value>
</variable>
</family>
</variables>
<constraints>
<check name='valid_enum' target='activate_ircd'>
<param>['oui','non']</param>
</check>
<condition name='hidden_if_in' source='activate_ircd'>
<param>non</param>
<target type='servicelist'>ircd</target>
</condition>
</constraints>
<help>
</help>
</creole>

View File

@ -1,33 +0,0 @@
<creole>
<containers>
<container name="web">
<file name='/etc/phpldapadmin/apache.conf'/>
<file name='/etc/phpldapadmin/config.php' source='phpldapadmin.php' filelist='phpldapadmin'/>
<package>phpldapadmin</package>
</container>
</containers>
<variables>
<family name='applications web'>
<variable name='activate_phpldapadmin' type='oui/non' description="Activer phpldapadmin">
<value>non</value>
</variable>
</family>
<family name='phpldapadmin'>
<variable name="phpldapadmin_host" type="string" description="Adresse IP ou DNS du serveur ldap" mandatory="True">
<value>localhost</value>
</variable>
<variable name="phpldapadmin_name" type="string" description="Nom du serveur ldap"/>
</family>
</variables>
<constraints>
<condition name='disabled_if_in' source='activate_phpldapadmin'>
<param>non</param>
<target type='family'>phpldapadmin</target>
<target type='filelist'>phpldapadmin</target>
</condition>
</constraints>
<help>
</help>
</creole>

View File

@ -1,6 +0,0 @@
%if %%activate_phpldapadmin == 'oui'
...
%end if

View File

@ -1,17 +0,0 @@
...
/*********************************************/
/* Define your LDAP servers in this section */
/*********************************************/
%if %%getVar("phpldapadmin_name", "") == ""
$ldapservers->SetValue(0,'server','name','Serveur LDAP');
%else
$ldapservers->SetValue(0,'server','name','%%phpldapadmin_name');
%end if
$ldapservers->SetValue(0,'server','host','ldap://%%phpldapadmin_host');
$ldapservers->SetValue(0,'server','tls',false);
...

View File

@ -1,37 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<containers>
<container name="web">
<file name='/etc/phpldapadmin/apache.conf'/>
<file name='/etc/phpldapadmin/config.php' source='phpldapadmin.php' filelist='phpldapadmin'/>
<package>phpldapadmin</package>
</container>
</containers>
<variables>
<family name='applications web'>
<variable name='activate_phpldapadmin' type='oui/non' description="Activer phpldapadmin">
<value>non</value>
</variable>
</family>
<family name='phpldapadmin'>
<variable name="phpldapadmin_host" type="string" description="Adresse IP ou DNS du serveur ldap" multi='True' mandatory="True">
<value>localhost</value>
</variable>
<variable name="phpldapadmin_name" type="string" description="Nom du serveur ldap" mandatory="True"/>
</family>
</variables>
<constraints>
<condition name='disabled_if_in' source='activate_phpldapadmin'>
<param>non</param>
<target type='family'>phpldapadmin</target>
<target type='filelist'>phpldapadmin</target>
</condition>
<group master='phpldapadmin_host'>
<slave>phpldapadmin_name</slave>
</group>
</constraints>
<help>
</help>
</creole>

View File

@ -1,17 +0,0 @@
/*********************************************/
/* Define your LDAP servers in this section */
/*********************************************/
%for %%phpldapadmin in %%phpldapadmin_host
%if %%phpldapadmin.phpldapadmin_name == ""
$ldapservers->SetValue(0,'server','name','Serveur LDAP');
%else
$ldapservers->SetValue(0,'server','name','%%phpldapadmin.phpldapadmin_name');
%end if
$ldapservers->SetValue(0,'server','host','ldap://%%phpldapadmin');
$ldapservers->SetValue(0,'server','tls',false);
%end for
...

View File

@ -1,36 +0,0 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
###########################################################################
# Eole NG - 2007
# Copyright Pole de Competence Eole (Ministere Education - Academie Dijon)
# Licence CeCill cf /root/LicenceEole.txt
# eole@ac-dijon.fr
#
# test_perso.zephir
#
# exemple de script personnalisé pour le client zephir
#
###########################################################################
import os, sys
from zephir.lib_zephir import *
from creole import fonctionseole
if fonctionseole.init_proc('PERSO') == False:
fonctionseole.zephir("MSG" , "procédure sample bloquée par zephir", "PERSO")
sys.exit(1)
fonctionseole.zephir("INIT" , "script test_perso en cours d'execution", "PERSO")
try:
message = sys.argv[1]
fonctionseole.zephir("MSG" , "sample lancé avec l'argument %s" % message, "PERSO")
except:
fonctionseole.zephir("ERR" , "sample lancé sans argument", "PERSO")
exit(1)
if is_locked(['reconfigure']):
fonctionseole.zephir("ERR" , "sample stoppé : reconfigure en cours", "PERSO")
exit(1)
else:
fonctionseole.zephir("FIN" , "sample : OK", "PERSO")

View File

@ -0,0 +1,10 @@
Include {
Options {
aclsupport = no
@/etc/bareos/include-options.conf
}
File = /tmp/repertoire
}
Exclude {
File = /tmp/repertoire/toto.txt
}

View File

@ -0,0 +1,10 @@
#!/bin/bash
if [ $(CreoleGet activer_ircd) = "oui" ];then
. /usr/lib/eole/diagnose.sh
EchoGras "*** Serveur IRCD"
TestService IRCD 127.0.0.1:$(CreoleGet ircd_port)
echo
fi
exit 0

View File

@ -0,0 +1,73 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<files>
<package>ircd-irc2</package>
<service servicelist="ircd">ircd-irc2</service>
<service_access service='ircd-irc2'>
<port port_type="SymLinkOption">ircd_port</port>
</service_access>
<file filelist="ircd" name='/etc/ircd/ircd.conf'/>
<file filelist="ircd" name='/etc/ircd/ircd.motd'/>
</files>
<variables>
<family name='services'>
<variable name='activer_ircd' type='oui/non' description="Activer le serveur IRC" >
<value>oui</value>
</variable>
</family>
<family name='ircd'>
<variable name='ircd_domaine' type='domain' description="Nom de domaine utilisé pour accéder au serveur IRC"/>
<variable name='ircd_libelle' type='string' description="Libellé du serveur IRC"/>
<variable name='ircd_port' type='port' description="Port du serveur IRC" mode='expert'>
<value>6667</value>
</variable>
<variable name='ircd_banned_hostname' type='domain' description="Hote banni sur le serveur IRC" multi="True" mandatory="True"/>
<variable name='ircd_banned_comment' type='string' description="Motif du bannissement du serveur IRC">
<value>Vous êtes banni, contacter votre administrateur</value>
</variable>
<variable name='ircd_motd_message' type='string' description="Message de bienvenu"/>
<variable name='ircd_motd_personnalise' type='string' description="Message de bienvenu personnalisé"/>
</family>
</variables>
<constraints>
<check name='valid_enum' target='ircd_motd_message'>
<param>['message 1', 'message 2', 'personnalisé']</param>
</check>
<fill name='calc_val' target='ircd_domaine'>
<param type='eole' name='valeur' hidden="False">web_url</param>
</fill>
<fill name='ma_fonction' target='ircd_motd_personnalise'>
</fill>
<auto name="concat" target='ircd_libelle'>
<param name='valeur1'>Serveur IRC pour </param>
<param type='eole' name='valeur2'>libelle_etab</param>
</auto>
<group master='ircd_banned_hostname'>
<slave>ircd_banned_comment</slave>
</group>
<condition name='disabled_if_in' source='activer_ircd'>
<param>non</param>
<target type='filelist'>ircd</target>
<target type='servicelist'>ircd</target>
<target type='family'>ircd</target>
</condition>
<condition name='disabled_if_not_in' source='ircd_motd_message'>
<param>personnalisé</param>
<target>ircd_motd_personnalise</target>
</condition>
<check name="valid_differ" target="ircd_libelle">
<param type='eole' hidden="False">ircd_motd_personnalise</param>
</check>
</constraints>
<help>
<variable name="activer_ircd">Cette variable permet d'activer un serveur IRC</variable>
</help>
</creole>
<!-- vim: ts=4 sw=4 expandtab
-->

View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<files>
</files>
<variables>
<family name="services">
<variable name="activer_clam" redefine="True" hidden="True">
<value>non</value>
</variable>
</family>
<family name="applications web">
<variable name="web_url" description="l'url web specifique à Rennes" redefine="True"/>
</family>
</variables>
<constraints>
</constraints>
<help>
</help>
</creole>
<!-- vim: ts=4 sw=4 expandtab
-->

View File

@ -0,0 +1,30 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<variables>
<family name='ircd_start'>
<variable name="description" type="string"><value>Démarrage du service IRCD</value></variable>
<variable name="day" type="schedule"></variable>
<variable name="mode" type="schedulemod"><value>post</value></variable>
</family>
<family name='ircd_stop'>
<variable name="description" type="string"><value>Arrêt du service IRCD</value></variable>
<variable name="day" type="schedule"></variable>
<variable name="mode" type="schedulemod"><value>pre</value></variable>
</family>
</variables>
<constraints>
<fill name='calc_multi_condition' target='schedule.ircd_stop.day'>
<param>non</param>
<param type='eole' name='condition_1'>activer_ircd</param>
<param name='match'>none</param>
<param name='mismatch'>daily</param>
</fill>
<fill name='calc_multi_condition' target='schedule.ircd_start.day'>
<param>non</param>
<param type='eole' name='condition_1'>activer_ircd</param>
<param name='match'>none</param>
<param name='mismatch'>daily</param>
</fill>
</constraints>
</creole>

View File

@ -0,0 +1,4 @@
#!/usr/bin/python
def ma_fonction():
return u'Ma phrase de ma fonction'

View File

@ -1,7 +1,4 @@
#!/bin/bash #!/bin/bash
DESC="Démarrage du serveur IRC"
CreoleService ircd-irc2 start CreoleService ircd-irc2 start
exit 0 exit 0

View File

@ -1,7 +1,4 @@
#!/bin/bash #!/bin/bash
DESC="Arrêt du serveur IRC"
CreoleService ircd-irc2 stop CreoleService ircd-irc2 stop
exit 0 exit 0

View File

@ -1,23 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<files>
<file filelist="ircd-irc2" name="/usr/share/eole/firewall/00_root_ircd.fw" rm="True"/>
<service servicelist='ircd-irc2'>ircd-irc2</service>
</files>
<variables>
<family name="services">
<variable name="activate_ircd" description="Activer IRCD" type="oui/non">
<value>non</value>
</variable>
</family>
</variables>
<constraints>
<condition name='hidden_if_in' source='activate_ircd'>
<param>non</param>
<target type='servicelist'>ircd-irc2</target>
<target type='filelist'>ircd-irc2</target>
</condition>
</constraints>
</creole>

View File

@ -1 +0,0 @@
allow_src(ip='0/0', port="6667")

View File

@ -1,14 +0,0 @@
#!/bin/bash
. /usr/share/eole/FonctionsEoleNg
. ParseDico
EchoGras "*** Serveur IRC"
if [ "$activate_ircd" = "oui" ]; then
TestService IRCD 127.0.0.1:6667
else
Inactif "IRCD"
fi
echo
exit 0

View File

@ -1,20 +0,0 @@
--- distrib/clamd.conf 2012-12-03 14:58:06.000000000 +0100
+++ modif/clamd.conf 2013-02-13 16:44:18.370654335 +0100
@@ -23,7 +23,7 @@
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers.
# Default: 1M
-LogFileMaxSize 2M
+LogFileMaxSize 10M
# Log time with each message.
# Default: no
@@ -228,7 +228,7 @@
# Scan urls found in mails for phishing attempts.
-# (available in experimental builds only)
+# (available in experimental builds only)
# Default: yes
#PhishingScanURLs yes

View File

@ -1,39 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<containers>
<container name="web">
<package>phpldapadmin</package>
<service method='apache' servicelist="phpldapadmin">phpldapadmin</service>
<file name="/etc/apache2/sites-available/phpldapadmin" source="phpldapadmin-apache.conf" filelist='phpldapadmin'/>
<file name="/etc/phpldapadmin/config.php" source="phpldapadmin-config.php" filelist='phpldapadmin'/>
</container>
</containers>
<variables>
<family name="applications web">
<variable name="activer_phpldapadmin" description="Activer phpldapadmin" type="oui/non">
<value>non</value>
</variable>
</family>
<family name="phpldapadmin">
<variable name="phpldapadmin_name" description="Nom du serveur LDAP" type="string" mandatory="True" multi='True'/>
<variable name="phpldapadmin_ip" description="IP du serveur LDAP" type="ip" mandatory='True'/>
</family>
</variables>
<constraints>
<group master="phpldapadmin_name">
<slave>phpldapadmin_ip</slave>
</group>
<condition name='hidden_if_in' source='activer_phpldapadmin'>
<param>non</param>
<target type='family'>phpldapadmin</target>
<target type='filelist'>phpldapadmin</target>
<target type='servicelist'>phpldapadmin</target>
</condition>
<fill name='calc_val' target='phpldapadmin_ip'>
<param type='eole' name='valeur'>adresse_ip_ldap</param>
</fill>
</constraints>
<help/>
</creole>

View File

@ -1,53 +0,0 @@
%if %%activer_phpldapadmin == "oui"
# Define /phpldapadmin alias, this is the default
<IfModule mod_alias.c>
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
</IfModule>
# You can also use phpLDAPadmin as a VirtualHost
# <VirtualHost *:*>
# ServerName ldap.example.com
# ServerAdmin root@example.com
# DocumentRoot /usr/share/phpldapadmin
# ErrorLog logs/ldap.example.com-error.log
# CustomLog logs/ldap.example.com-access.log common
# </VirtualHost>
<Directory /usr/share/phpldapadmin/htdocs/>
DirectoryIndex index.php
Options +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
<IfModule mod_mime.c>
<IfModule mod_php5.c>
AddType application/x-httpd-php .php
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals On
php_value include_path .
php_value memory_limit 32M
</IfModule>
<IfModule !mod_php5.c>
<IfModule mod_actions.c>
<IfModule mod_cgi.c>
AddType application/x-httpd-php .php
Action application/x-httpd-php /cgi-bin/php5
</IfModule>
<IfModule mod_cgid.c>
AddType application/x-httpd-php .php
Action application/x-httpd-php /cgi-bin/php5
</IfModule>
</IfModule>
</IfModule>
</IfModule>
</Directory>
%end if

View File

@ -1,549 +0,0 @@
<?php
/** NOTE **
** Make sure that <?php is the FIRST line of this file!
** IE: There should NOT be any blank lines or spaces BEFORE <?php
**/
/**
* The phpLDAPadmin config file
* See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
*
* This is where you can customise some of the phpLDAPadmin defaults
* that are defined in config_default.php.
*
* To override a default, use the $config->custom variable to do so.
* For example, the default for defining the language in config_default.php
*
* $this->default->appearance['language'] = array(
* 'desc'=>'Language',
* 'default'=>'auto');
*
* to override this, use $config->custom->appearance['language'] = 'en_EN';
*
* This file is also used to configure your LDAP server connections.
*
* You must specify at least one LDAP server there. You may add
* as many as you like. You can also specify your language, and
* many other options.
*
* NOTE: Commented out values in this file prefixed by //, represent the
* defaults that have been defined in config_default.php.
* Commented out values prefixed by #, dont reflect their default value, you can
* check config_default.php if you want to see what the default is.
*
* DONT change config_default.php, you changes will be lost by the next release
* of PLA. Instead change this file - as it will NOT be replaced by a new
* version of phpLDAPadmin.
*/
/*********************************************/
/* Useful important configuration overrides */
/*********************************************/
/* If you are asked to put PLA in debug mode, this is how you do it: */
# $config->custom->debug['level'] = 255;
# $config->custom->debug['syslog'] = true;
# $config->custom->debug['file'] = '/tmp/pla_debug.log';
/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
to a big random string. */
// $config->custom->session['blowfish'] = null;
/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
to determine your language automatically. Otherwise, available lanaguages
are: 'ct', 'de', 'en', 'es', 'fr', 'it', 'nl', and 'ru'
Localization is not complete yet, but most strings have been translated.
Please help by writing language files. See lang/en.php for an example. */
// $config->custom->appearance['language'] = 'auto';
/* The temporary storage directory where we will put jpegPhoto data
This directory must be readable and writable by your web server. */
// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems
# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems
/* Set this to (bool)true if you do NOT want a random salt used when
calling crypt(). Instead, use the first two letters of the user's
password. This is insecure but unfortunately needed for some older
environments. */
# $config->custom->password['no_random_crypt_salt'] = true;
/* PHP script timeout control. If php runs longer than this many seconds then
PHP will stop with an Maximum Execution time error. Increase this value from
the default if queries to your LDAP server are slow. The default is either
30 seconds or the setting of max_exection_time if this is null. */
// $config->custom->session['timelimit'] = 30;
/* Our local timezone
This is to make sure that when we ask the system for the current time, we
get the right local time. If this is not set, all time() calculations will
assume UTC if you have not set PHP date.timezone. */
// $config->custom->appearance['timezone'] = null;
# $config->custom->appearance['timezone'] = 'Australia/Melbourne';
/*********************************************/
/* Commands */
/*********************************************/
/* Command availability ; if you don't authorize a command the command
links will not be shown and the command action will not be permitted.
For better security, set also ACL in your ldap directory. */
/*
$config->custom->commands['cmd'] = array(
'entry_internal_attributes_show' => true,
'entry_refresh' => true,
'oslinks' => true,
'switch_template' => true
);
$config->custom->commands['script'] = array(
'add_attr_form' => true,
'add_oclass_form' => true,
'add_value_form' => true,
'collapse' => true,
'compare' => true,
'compare_form' => true,
'copy' => true,
'copy_form' => true,
'create' => true,
'create_confirm' => true,
'delete' => true,
'delete_attr' => true,
'delete_form' => true,
'draw_tree_node' => true,
'expand' => true,
'export' => true,
'export_form' => true,
'import' => true,
'import_form' => true,
'login' => true,
'logout' => true,
'login_form' => true,
'mass_delete' => true,
'mass_edit' => true,
'mass_update' => true,
'modify_member_form' => true,
'monitor' => true,
'purge_cache' => true,
'query_engine' => true,
'rename' => true,
'rename_form' => true,
'rdelete' => true,
'refresh' => true,
'schema' => true,
'server_info' => true,
'show_cache' => true,
'template_engine' => true,
'update_confirm' => true,
'update' => true
);
*/
/*********************************************/
/* Appearance */
/*********************************************/
/* If you want to choose the appearance of the tree, specify a class name which
inherits from the Tree class. */
// $config->custom->appearance['tree'] = 'AJAXTree';
# $config->custom->appearance['tree'] = 'HTMLTree';
/* Just show your custom templates. */
// $config->custom->appearance['custom_templates_only'] = false;
/* Disable the default template. */
// $config->custom->appearance['disable_default_template'] = false;
/* Hide the warnings for invalid objectClasses/attributes in templates. */
// $config->custom->appearance['hide_template_warning'] = false;
/* Configure what objects are shown in left hand tree */
// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
/* The height and width of the tree. If these values are not set, then
no tree scroll bars are provided. */
// $config->custom->appearance['tree_height'] = null;
# $config->custom->appearance['tree_height'] = 600;
// $config->custom->appearance['tree_width'] = null;
# $config->custom->appearance['tree_width'] = 250;
/*********************************************/
/* User-friendly attribute translation */
/*********************************************/
/* Use this array to map attribute names to user friendly names. For example, if
you don't want to see "facsimileTelephoneNumber" but rather "Fax". */
// $config->custom->appearance['friendly_attrs'] = array();
$config->custom->appearance['friendly_attrs'] = array(
'facsimileTelephoneNumber' => 'Fax',
'gid' => 'Group',
'mail' => 'Email',
'telephoneNumber' => 'Telephone',
'uid' => 'User Name',
'userPassword' => 'Password'
);
/*********************************************/
/* Hidden attributes */
/*********************************************/
/* You may want to hide certain attributes from being edited. If you want to
hide attributes from the user, you should use your LDAP servers ACLs.
NOTE: The user must be able to read the hide_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['hide_attrs'] = array();
# $config->custom->appearance['hide_attrs'] = array('objectClass');
/* Members of this list will be exempt from the hidden attributes.*/
// $config->custom->appearance['hide_attrs_exempt'] = null;
# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU';
/*********************************************/
/* Read-only attributes */
/*********************************************/
/* You may want to phpLDAPadmin to display certain attributes as read only,
meaning that users will not be presented a form for modifying those
attributes, and they will not be allowed to be modified on the "back-end"
either. You may configure this list here:
NOTE: The user must be able to read the readonly_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['readonly_attrs'] = array();
/* Members of this list will be exempt from the readonly attributes.*/
// $config->custom->appearance['readonly_attrs_exempt'] = null;
# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU';
/*********************************************/
/* Group attributes */
/*********************************************/
/* Add "modify group members" link to the attribute. */
// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid');
/* Configure filter for member search. This only applies to "modify group members" feature */
// $config->custom->modify_member['filter'] = '(objectclass=Person)';
/* Attribute that is added to the group member attribute. */
// $config->custom->modify_member['attr'] = 'dn';
/* For Posix attributes */
// $config->custom->modify_member['posixattr'] = 'uid';
// $config->custom->modify_member['posixfilter'] = '(uid=*)';
// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
/*********************************************/
/* Support for attrs display order */
/*********************************************/
/* Use this array if you want to have your attributes displayed in a specific
order. You can use default attribute names or their fridenly names.
For example, "sn" will be displayed right after "givenName". All the other
attributes that are not specified in this array will be displayed after in
alphabetical order. */
// $config->custom->appearance['attr_display_order'] = array();
# $config->custom->appearance['attr_display_order'] = array(
# 'givenName',
# 'sn',
# 'cn',
# 'displayName',
# 'uid',
# 'uidNumber',
# 'gidNumber',
# 'homeDirectory',
# 'mail',
# 'userPassword'
# );
/*********************************************/
/* Define your LDAP servers in this section */
/*********************************************/
$servers = new Datastore();
/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
declaration. */
$servers->newServer('ldap_pla');
/* A convenient name that will appear in the tree viewer and throughout
phpLDAPadmin to identify this LDAP server to users. */
%for %%phpldapadmin_master in %%phpldapadmin_name
$servers->setValue('server','name','%%phpldapadmin_master');
/* Examples:
'ldap.example.com',
'ldaps://ldap.example.com/',
'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
(Unix socket at /usr/local/var/run/ldap) */
$servers->setValue('server','host','%%phpldapadmin_master.phpldapadmin_ip');
%end for
/* The port your LDAP server listens on (no quotes). 389 is standard. */
// $servers->setValue('server','port',389);
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
auto-detect it for you. */
$servers->setValue('server','base',array('dc=example,dc=com'));
/* Four options for auth_type:
1. 'cookie': you will login via a web form, and a client-side cookie will
store your login dn and password.
2. 'session': same as cookie but your login dn and password are stored on the
web server in a persistent session variable.
3. 'http': same as session but your login dn and password are retrieved via
HTTP authentication.
4. 'config': specify your login dn and password here in this config file. No
login will be required to use phpLDAPadmin for this server.
Choose wisely to protect your authentication information appropriately for
your situation. If you choose 'cookie', your cookie contents will be
encrypted using blowfish and the secret your specify above as
session['blowfish']. */
$servers->setValue('login','auth_type','session');
/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
'cookie' or 'session' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS BLANK. If
you specify a login_attr in conjunction with a cookie or session auth_type,
then you can also specify the bind_id/bind_pass here for searching the
directory for users (ie, if your LDAP server does not allow anonymous binds. */
$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');
# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
/* Your LDAP password. If you specified an empty bind_id above, this MUST also
be blank. */
// $servers->setValue('login','bind_pass','');
# $servers->setValue('login','bind_pass','secret');
/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
// $servers->setValue('server','tls',false);
/************************************
* SASL Authentication *
************************************/
/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
false), then all other sasl options are ignored. */
// $servers->setValue('server','sasl_auth',false);
/* SASL auth mechanism */
// $servers->setValue('server','sasl_mech','PLAIN');
/* SASL authentication realm name */
// $servers->setValue('server','sasl_realm','');
# $servers->setValue('server','sasl_realm','example.com');
/* SASL authorization ID name
If this option is undefined, authorization id will be computed from bind DN,
using sasl_authz_id_regex and sasl_authz_id_replacement. */
// $servers->setValue('server','sasl_authz_id', null);
/* SASL authorization id regex and replacement
When sasl_authz_id property is not set (default), phpLDAPAdmin will try to
figure out authorization id by itself from bind distinguished name (DN).
This procedure is done by calling preg_replace() php function in the
following way:
$authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
$bind_dn);
For info about pcre regexes, see:
- pcre(3), perlre(3)
- http://www.php.net/preg_replace */
// $servers->setValue('server','sasl_authz_id_regex',null);
// $servers->setValue('server','sasl_authz_id_replacement',null);
# $servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
# $servers->setValue('server','sasl_authz_id_replacement','$1');
/* SASL auth security props.
See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
// $servers->setValue('server','sasl_props',null);
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
blowfish, crypt or leave blank for now default algorithm. */
// $servers->setValue('appearance','password_hash','md5');
/* If you specified 'cookie' or 'session' as the auth_type above, you can
optionally specify here an attribute to use when logging in. If you enter
'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
and log in as that user.
Leave blank or specify 'dn' to use full DN for logging in. Note also that if
your LDAP server requires you to login to perform searches, you can enter the
DN to use when searching in 'bind_id' and 'bind_pass' above.
// $servers->setValue('login','attr','dn');
/* Base DNs to used for logins. If this value is not set, then the LDAP server
Base DNs are used. */
// $servers->setValue('login','base',array());
/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN
at login, you may restrict the search to a specific objectClasses. EG, set this
to array('posixAccount') or array('inetOrgPerson',..), depending upon your
setup. */
// $servers->setValue('login','class',array());
/* If you specified something different from 'dn', for example 'uid', as the
login_attr above, you can optionally specify here to fall back to
authentication with dn.
This is useful, when users should be able to log in with their uid, but
the ldap administrator wants to log in with his root-dn, that does not
necessarily have the uid attribute.
When using this feature, login_class is ignored. */
// $servers->setValue('login','fallback_dn',false);
/* Specify true If you want phpLDAPadmin to not display or permit any
modification to the LDAP server. */
// $servers->setValue('server','read_only',false);
/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links
in the tree viewer. */
// $servers->setValue('appearance','show_create',true);
/* This feature allows phpLDAPadmin to automatically determine the next
available uidNumber for a new entry. */
// $servers->setValue('auto_number','enable',true);
/* The mechanism to use when finding the next available uidNumber. Two possible
values: 'uidpool' or 'search'.
The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
blindly lookup the next available uidNumber. The 'search' mechanism searches
for entries with a uidNumber value and finds the first available uidNumber
(slower). */
// $servers->setValue('auto_number','mechanism','search');
/* The DN of the search base when the 'search' mechanism is used above. */
# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
/* The minimum number to use when searching for the next available number
(only when 'search' is used for auto_number */
// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
searching for the uidnumber. The idea is, this user id would have full
(readonly) access to uidnumber in your ldap directory (the logged in user
may not), so that you can be guaranteed to get a unique uidnumber for your
directory. */
// $servers->setValue('auto_number','dn',null);
/* The password for the dn above. */
// $servers->setValue('auto_number','pass',null);
/* Enable anonymous bind login. */
// $servers->setValue('login','anon_bind',true);
/* Use customized page with prefix when available. */
# $servers->setValue('custom','pages_prefix','custom_');
/* If you set this, then only these DNs are allowed to log in. This array can
contain individual users, groups or ldap search filter(s). Keep in mind that
the user has not authenticated yet, so this will be an anonymous search to
the LDAP server, so make your ACLs allow these searches to return results! */
# $servers->setValue('login','allowed_dns',array(
# 'uid=stran,ou=People,dc=example,dc=com',
# '(&(gidNumber=811)(objectClass=groupOfNames))',
# '(|(uidNumber=200)(uidNumber=201))',
# 'cn=callcenter,ou=Group,dc=example,dc=com'));
/* Set this if you dont want this LDAP server to show in the tree */
// $servers->setValue('server','visible',true);
/* This is the time out value in minutes for the server. After as many minutes
of inactivity you will be automatically logged out. If not set, the default
value will be ( session_cache_expire()-1 ) */
# $servers->setValue('login','timeout',30);
/* Set this if you want phpldapadmin to perform rename operation on entry which
has children. Certain servers are known to allow it, certain are not */
// $servers->setValue('server','branch_rename',false);
/* If you set this, then phpldapadmin will show these attributes as
internal attributes, even if they are not defined in your schema. */
// $servers->setValue('server','custom_sys_attrs',array(''));
# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
/* If you set this, then phpldapadmin will show these attributes on
objects, even if they are not defined in your schema. */
// $servers->setValue('server','custom_attrs',array(''));
# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
/* These attributes will be forced to MAY attributes and become option in the
templates. If they are not defined in the templates, then they wont appear
as per normal template processing. You may want to do this becuase your LDAP
server may automatically calculate a default value.
In Fedora Directory Server using the DNA Plugin one could ignore uidNumber,
gidNumber and sambaSID. */
// $servers->setValue('force_may','attrs',array(''));
# $servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
/*********************************************/
/* Unique attributes */
/*********************************************/
/* You may want phpLDAPadmin to enforce some attributes to have unique values
(ie: not belong to other entries in your tree. This (together with
'unique','dn' and 'unique','pass' option will not let updates to
occur with other attributes have the same value. */
# $servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
searching for attribute uniqueness. The idea is, this user id would have full
(readonly) access to your ldap directory (the logged in user may not), so
that you can be guaranteed to get a unique uidnumber for your directory. */
// $servers->setValue('unique','dn',null);
/* The password for the dn above. */
// $servers->setValue('unique','pass',null);
/**************************************************************************
* If you want to configure additional LDAP servers, do so below. *
* Remove the commented lines and use this section as a template for all *
* your other LDAP servers. *
**************************************************************************/
/*
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array(''));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
# SASL auth
$servers->setValue('server','sasl_auth',true);
$servers->setValue('server','sasl_mech','PLAIN');
$servers->setValue('server','sasl_realm','EXAMPLE.COM');
$servers->setValue('server','sasl_authz_id',null);
$servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
$servers->setValue('server','sasl_authz_id_replacement','$1');
$servers->setValue('server','sasl_props',null);
$servers->setValue('appearance','password_hash','md5');
$servers->setValue('login','attr','dn');
$servers->setValue('login','fallback_dn',false);
$servers->setValue('login','class',null);
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
$servers->setValue('auto_number','enable',true);
$servers->setValue('auto_number','mechanism','search');
$servers->setValue('auto_number','search_base',null);
$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
$servers->setValue('auto_number','dn',null);
$servers->setValue('auto_number','pass',null);
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
*/
?>

View File

@ -0,0 +1,163 @@
\documentclass[a4paper,11pt]{report}
\usepackage{ifxetex}
\ifxetex
%\usepackage{fontspec}
%\usepackage{xunicode}
\usepackage{xltxtra}
\defaultfontfeatures{Mapping=tex-text} % To support LaTeX quoting style
\setmainfont{Caviar Dreams}
\else
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage{amsfonts}
\fi
\usepackage{pifont}
\usepackage{geometry}
\usepackage{fancybox}
\usepackage{verbatim}
\usepackage{eurosym}
\usepackage[english, francais]{babel}
\usepackage{listings}
\usepackage{color}
\usepackage{graphicx}
\usepackage{hyperref}
\usepackage{titlesec}
\usepackage{fancyhdr}
\usepackage{lastpage}
\usepackage{minted}
\setlength{\hoffset}{-18pt}
\setlength{\oddsidemargin}{0pt} % Marge gauche sur pages impaires
\setlength{\evensidemargin}{9pt} % Marge gauche sur pages paires
\setlength{\marginparwidth}{54pt} % Largeur de note dans la marge
\setlength{\textwidth}{481pt} % Largeur de la zone de texte (17cm)
\setlength{\voffset}{-18pt} % Bon pour DOS
\setlength{\marginparsep}{7pt} % Séparation de la marge
\setlength{\topmargin}{0pt} % Pas de marge en haut
\setlength{\headheight}{13pt} % Haut de page
\setlength{\headsep}{10pt} % Entre le haut de page et le texte
\setlength{\footskip}{27pt} % Bas de page + séparation
\setlength{\textheight}{708pt} % Hauteur de la zone de texte (25cm)
\definecolor{bg}{rgb}{0.9,0.9,0.9}
% TITRE DU DOCUMENT !
\title{Corrigé des exercices : créer un script Zéphir}
%\date{}
\begin{document}
\maketitle
\normalsize
\vspace{2cm}
\textbf{Rédacteurs :}
\begin{itemize}
\item Emmanuel Garette (egarette@cadoles.com)
\item Vincent Febvre (vfebvre@cadoles.com) \newline
\end{itemize}
\vspace{2cm}
\textbf{Version} : 1.0 \newline
\chapter{Création d'un script Zéphir : un script python}
Un script Zéphir est un script python. Des fonctions de base se proposer pour faciliter l'écriture de ce script.
\begin{minted}{xml}
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
from zephir.lib_zephir import *
from creole import fonctionseole
\end{minted}
\chapter{Création d'un script Zéphir : vérification}
Avant il faut vérifier qu'aucun blocage ne soit mis en place pour éviter l'exécuter de l'action.
\begin{minted}{xml}
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
from zephir.lib_zephir import *
from creole import fonctionseole
\end{minted}
\begin{minted}[bgcolor=bg]{xml}
if fonctionseole.init_proc('PERSO') == False:
fonctionseole.zephir("ERR" , "procédure supprimer_fichier bloquée par zephir", "PERSO")
sys.exit(1)
\end{minted}
\chapter{Création d'un script Zéphir : début}
Avant d'exécuter le script, emettre un message sur le Zéphir.
\begin{minted}{xml}
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
from zephir.lib_zephir import *
from creole import fonctionseole
if fonctionseole.init_proc('PERSO') == False:
fonctionseole.zephir("ERR" , "procédure supprimer_fichier bloquée par zephir", "PERSO")
sys.exit(1)
\end{minted}
\begin{minted}[bgcolor=bg]{xml}
fonctionseole.zephir("INIT" , "script supprimer_fichier en cours d'execution", "PERSO")
\end{minted}
\chapter{Création d'un script Zéphir : lancement du script en root}
Le script principal est exécuter avec l'utilisateur "uucp". Il faut utiliser la fonction sudo\_script pour avoir les droits "root".
Si tout se passe bien, deux messages seront remontés :
\begin{itemize}
\item un message d'information avec le nom du fichier ;
\item un message annonçant que le fichier est correctement supprimer.
\end{itemize}
En cas d'erreur, un message d'erreur est remonté sur le Zéphir.
\begin{minted}{xml}
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
from zephir.lib_zephir import *
from creole import fonctionseole
if fonctionseole.init_proc('PERSO') == False:
fonctionseole.zephir("ERR" , "procédure supprimer_fichier bloquée par zephir", "PERSO")
sys.exit(1)
fonctionseole.zephir("INIT" , "script supprimer_fichier en cours d'execution", "PERSO")
\end{minted}
\begin{minted}[bgcolor=bg]{xml}
try:
filename = sys.argv[1]
fonctionseole.zephir("MSG" , "supprimer_fichier lancé avec l'argument {}".format(filename), "PERSO")
sudo_script('supprimer_fichier_sudo.zephir %s' % filename)
except Exception, err:
fonctionseole.zephir("ERR" , "supprimer_fichier a généré une erreur {}".format(err), "PERSO")
sys.exit(1)
fonctionseole.zephir("FIN" , "supprimer_fichier {}: OK".format(filename), "PERSO")
\end{minted}
\chapter{Création du script de suppression des fichiers}
Un second script bash est nécessaire. Ce script est utilisé pour supprimer effectivement le fichier sur le serveur.
\begin{minted}{bash}
#!/bin/bash
[ -f "$1" ] && rm -f "$1"
\end{minted}
\end{document}