bo: server/kolab/kolab ChangeLog, NONE, 1.1 amavisd.conf.template, NONE, 1.1 clamav.conf.template, NONE, 1.1 dirservnotify, NONE, 1.1 dirservupdate, NONE, 1.1 freshclam.conf.template, NONE, 1.1 kolab-cf.schema, NONE, 1.1 kolab.globals, NONE, 1.1 kolabconf, NONE, 1.1 kolabd, NONE, 1.1 kolabdcachetool, NONE, 1.1 cyrus.conf.template, 1.3, 1.4 httpd.conf.template, 1.14, 1.15 imapd.conf.template, 1.7, 1.8 kolab, 1.18, 1.19 kolab.schema, 1.5, 1.6 kolab_bootstrap, 1.14, 1.15 kolab_sslcert.sh, 1.9, 1.10 legacy.conf.template, 1.2, 1.3 main.cf.template, 1.7, 1.8 master.cf.template, 1.3, 1.4 proftpd.conf.template, 1.7, 1.8 saslauthd.conf.template, 1.4, 1.5 slapd.conf.template, 1.11, 1.12
cvs at intevation.de
cvs at intevation.de
Wed Mar 31 15:23:15 CEST 2004
Author: bo
Update of /kolabrepository/server/kolab/kolab
In directory doto:/tmp/cvs-serv1072
Modified Files:
cyrus.conf.template httpd.conf.template imapd.conf.template
kolab kolab.schema kolab_bootstrap kolab_sslcert.sh
legacy.conf.template main.cf.template master.cf.template
proftpd.conf.template saslauthd.conf.template
slapd.conf.template
Added Files:
ChangeLog amavisd.conf.template clamav.conf.template
dirservnotify dirservupdate freshclam.conf.template
kolab-cf.schema kolab.globals kolabconf kolabd kolabdcachetool
Log Message:
Merging in the CodeFusion changes
--- NEW FILE: ChangeLog ---
2004-03-18 Steffen Hansen <steffen at klaralvdalens-datakonsult.se>
* Added template files for amavids and clamav
2004-02-16 Stephan Buys <s.buys at codefusion.co.za>
* OpenPKG 2.0 Prep
* Fix saslauthd login problems
* Fix imapd virtual domain settings
* Fix deprecated postfix settings
--- NEW FILE: amavisd.conf.template ---
# this file is automatically written by the Kolab config backend
# manual additions are lost unless made to the template in the Kolab config directory
use strict;
# Configuration file for amavisd-new
#
# This software is licensed under the GNU General Public License (GPL).
# See comments at the start of amavisd-new for the whole license text.
#Sections:
# Section I - Essential daemon and MTA settings
# Section II - MTA specific
# Section III - Logging
# Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
# Section V - Per-recipient and per-sender handling, whitelisting, etc.
# Section VI - Resource limits
# Section VII - External programs, virus scanners, SpamAssassin
# Section VIII - Debugging
[...1440 lines suppressed...]
# The most useful debugging tool is to run amavisd-new non-detached
# from a terminal window: # amavisd debug
# Some more refined approaches:
# If sender matches ACL, turn debugging fully up, just for this one message
#@debug_sender_acl = ( "test-sender\@$mydomain" );
#@debug_sender_acl = qw( debug at example.com );
# May be useful along with @debug_sender_acl:
# Prevent all decoded originals being deleted (replaced by decoded part)
#$keep_decoded_original_re = new_RE( qr/.*/ );
# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd debug')
#$sa_debug = 1; # defaults to false
#-------------
1; # insure a defined return
--- NEW FILE: clamav.conf.template ---
# this file is automatically written by the Kolab config backend
# manual additions are lost unless made to the template in the Kolab config directory
##
## Example config file for the Clam AV daemon
## Please read the clamav.conf(5) manual before editing this file.
##
# Comment or remove the line below.
#Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running the daemon.
# Full path is required.
LogFile @l_prefix@/var/clamav/clamd.log
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option). That's why you shouldn't uncomment
# this option.
LogFile @l_prefix@/var/clamav/clamd.log
# Maximal size of the log file. Default is 1 Mb.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers.
LogFile @l_prefix@/var/clamav/clamd.log
# Log time with an each message.
#LogTime
# Log also clean files. May be useful in debugging but will drastically
# increase the log size.
#LogClean
# Use system logger (can work together with LogFile).
#LogSyslog
# Enable verbose logging.
#LogVerbose
# This option allows you to save the process identifier of the listening
# daemon (main thread).
PidFile @l_prefix@/var/clamav/clamd.pid
# Optional path to the global temporary directory.
# Default is system specific - usually /var/tmp or /tmp.
#TemporaryDirectory /var/tmp
# Path to the database directory.
# Default is the hardcoded directory (mostly /usr/local/share/clamav,
# but it depends on installation options).
#DatabaseDirectory /var/lib/clamav
# The daemon works in local or network mode. Currently the local mode is
# recommended for security reasons.
# Path to the local socket. The daemon doesn't change the mode of the
# created file (portability reasons). You may want to create it in a directory
# which is only accessible for a user running daemon.
LocalSocket @l_prefix@/var/clamav/clamd.sock
# Remove stale socket after unclean shutdown.
#FixStaleSocket
# TCP port address.
#TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
#TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to.
# Default is 15.
#MaxConnectionQueueLength 30
# When activated, input stream (see STREAM command) will be saved to disk before
# scanning - this allows scanning within archives.
#StreamSaveToDisk
# Close the connection if this limit is exceeded.
#StreamMaxLength 10M
# Maximal number of a threads running at the same time.
# Default is 5, and it should be sufficient for a typical workstation.
# You may need to increase threads number for a server machine.
#MaxThreads 10
# Thread (scanner - single task) will be stopped after this time (seconds).
# Default is 180. Value of 0 disables the timeout. SECURITY HINT: Increase the
# timeout instead of disabling it.
#ThreadTimeout 500
# Maximal depth the directories are scanned at.
MaxDirectoryRecursion 15
# Follow a directory symlinks.
# SECURITY HINT: You should have enabled directory recursion limit to
# avoid potential problems.
#FollowDirectorySymlinks
# Follow regular file symlinks.
#FollowFileSymlinks
# Do internal checks (eg. check the integrity of the database structures)
# By default clamd checks itself every 3600 seconds (1 hour).
#SelfCheck 600
# Execute a command when virus is found. In the command string %v and %f will
# be replaced by the virus name and the infected file name respectively.
#
# SECURITY WARNING: Make sure the virus event command cannot be exploited,
# eg. by using some special file name when %f is used.
# Always use a full path to the command.
# Never delete/move files with this directive !
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %f: %v"
# Run as selected user (clamd must be started by root).
# By default it doesn't drop privileges.
User kolab-r
# Initialize the supplementary group access (for all groups in /etc/group
# user is added in. clamd must be started by root).
#AllowSupplementaryGroups
# Don't fork into background. Useful in debugging.
#Foreground
# Enable debug messages in libclamav.
#Debug
##
## Mail support
##
# Uncomment this option if you are planning to scan mail files.
#ScanMail
##
## Archive support
##
# Comment this line to disable scanning of the archives.
ScanArchive
# By default the built-in RAR unpacker is disabled by default because the code
# terribly leaks, however it's probably a good idea to enable it.
#ScanRAR
# Options below protect your system against Denial of Service attacks
# with archive bombs.
# Files in archives larger than this limit won't be scanned.
# Value of 0 disables the limit.
# WARNING: Due to the unrarlib implementation, whole files (one by one) in RAR
# archives are decompressed to the memory. That's why never disable
# this limit (but you may increase it of course!)
ArchiveMaxFileSize 10M
# Archives are scanned recursively - e.g. if Zip archive contains RAR file,
# the RAR file will be decompressed, too (but only if recursion limit is set
# at least to 1). With this option you may set the recursion level.
# Value of 0 disables the limit.
ArchiveMaxRecursion 5
# Number of files to be scanned within archive.
# Value of 0 disables the limit.
ArchiveMaxFiles 1000
# Mark potential archive bombs as viruses (0 disables the limit)
ArchiveMaxCompressionRatio 200
# Use slower decompression algorithm which uses less memory. This option
# affects bzip2 decompressor only.
#ArchiveLimitMemoryUsage
##
## Clamuko settings
## WARNING: This is experimental software. It is very likely it will hang
## up your system !!!
##
# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
#ClamukoScanOnLine
# Set access mask for Clamuko.
ClamukoScanOnOpen
ClamukoScanOnClose
ClamukoScanOnExec
# Set the include paths (all files in them will be scanned). You can have
# multiple ClamukoIncludePath options, but each directory must be added
# in a seperate option. All subdirectories are scanned, too.
ClamukoIncludePath /home
#ClamukoIncludePath /students
# Set the exclude paths. All subdirectories are also excluded.
#ClamukoExcludePath /home/guru
# Limit the file size to be scanned (probably you don't want to scan your movie
# files ;))
# Value of 0 disables the limit. 1 Mb should be fine.
ClamukoMaxFileSize 1M
# Enable archive support. It uses the limits from clamd section.
# (This option doesn't depend on ScanArchive, you can have archive support
# in clamd disabled).
ClamukoScanArchive
--- NEW FILE: dirservnotify ---
#!/kolab/bin/perl -w
use strict;
use Getopt::Long;
use URI;
use Net::LDAP;
use Net::LDAP::LDIF;
use Net::LDAP::Entry;
use Kolab;
use Kolab::DirServ;
use Kolab::LDAP;
use vars qw($name $mode);
GetOptions(
"name=s" => \$name,
"mode=s" => \$mode
);
exit 0 if !defined $mode;
my $ldap;
$ldap = Kolab::LDAP::create(
$Kolab::config{'ldap_ip'},
$Kolab::config{'ldap_port'},
$Kolab::config{'bind_dn'},
$Kolab::config{'bind_pw'}
) || die;
my $mesg = $ldap->search(
base => $Kolab::config{'base_dn'},
scope => 'one',
filter => "(&(cn=*$name*)(mail=*))"
);
$mesg->code && die $mesg->error;
my $max = $mesg->count;
$max || die "Nothing to do!";
for (my $i = 0; $i < $max; $i++) {
my $entry = $mesg->entry($i);
if ($mode =~ /add/) {
Kolab::DirServ::notifyNew($entry);
}
if ($mode =~ /del/) {
Kolab::DirServ::notifyRemove($entry);
}
if ($mode =~ /upd/) {
Kolab::DirServ::notifyModify($entry);
}
}
--- NEW FILE: dirservupdate ---
#!/kolab/bin/perl -w
use strict;
use Getopt::Long;
use Kolab::DirServ;
use Kolab;
use Kolab::Util;
use vars qw($server $user $password);
GetOptions(
"server=s" => \$server,
"user=s" => \$user,
"password=s" => \$password
);
#easy default values for development
$server = $Kolab::config{'dirserv_mailbox_server'} if !$server;
$user = $Kolab::config{'dirserv_mailbox_user'} if !$user;
$password = $Kolab::config{'dirserv_mailbox_password'} if !$password;
Kolab::DirServ::handleNotifications($server, $user, $password);
--- NEW FILE: freshclam.conf.template ---
# this file is automatically written by the Kolab config backend
# manual additions are lost unless made to the template in the Kolab config directory
##
## Example config file for freshclam
## Please read the clamav.conf(5) manual before editing this file.
## This file may be optionally merged with clamav.conf.
##
# You can change the default database directory here.
#DatabaseDirectory /var/lib/clamav
# Path to the config file (make sure it has proper permissions)
#UpdateLogFile /var/log/freshclam.log
# Enable verbose logging.
#LogVerbose
# By default when freshclam is started by root it drops privileges and
# switches to the "clamav" user. You can change this behaviour here.
#DatabaseOwner clamav
# The main database mirror is database.clamav.net (this is a round-robin
# DNS that points to many mirrors on the world) and in most cases you
# SHOULD NOT change it.
DatabaseMirror database.clamav.net
# How many attempts to make before giving up.
MaxAttempts 3
# How often check for a new database. We suggest checking for it every
# two hours.
Checks 12
# Proxy settings
#HTTPProxyServer myproxy.com
#HTTPProxyPort 1234
#HTTPProxyUsername myusername
#HTTPProxyPassword mypass
# Send the RELOAD command to clamd.
#NotifyClamd [/optional/config/file/path]
# Run command after database update.
#OnUpdateExecute command
# Run command if database update failed.
#OnErrorExecute command
--- NEW FILE: kolab-cf.schema ---
# Copyright (c) 2003 Code Fusion cc. All rights reserved.
attributetype ( 1.3.6.1.4.1.18501.1.1.1.1
NAME 'homeServer'
DESC 'mailbox host'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( 1.3.6.1.4.1.18501.1.1.1.2
NAME 'unrestrictedMailSize'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
objectclass ( 1.3.6.1.4.1.18501.1.1.2.1
NAME 'kolabPerson'
DESC 'Kolab User'
AUXILIARY
MAY ( homeServer $ unrestrictedMailSize )
)
--- NEW FILE: kolab.globals ---
conn_refresh_period : 60
cyrus-admins : manager
cyrus-autocreatequota : 100000
cyrus-imap : TRUE
cyrus-imaps : TRUE
cyrus-pop3 : FALSE
cyrus-pop3s : TRUE
cyrus-sieve : TRUE
directory_mode : slurpd
gyard_deletion_period : 10080
ldap_uri : ldap://127.0.0.1:389
log_level : 2
postfix-mydestination : $mydomain
proftpd-ftp : FALSE
proftpd-userPassword :
sf_field_deleted : deleteflag
sf_field_guid : entryUUID
sf_field_modified : modifytimestamp
sf_field_quota : userquota
sf_object_class : sharedfolder
slurpd_port : 9999
uid : freebusy
userPassword : freebusy
user_field_deleted : deleteflag
user_field_guid : entryUUID
user_field_modified : modifytimestamp
user_field_quota : userquota
user_object_class : inetOrgPerson
dirserv_mailbox_server :
dirserv_mailbox_user :
dirserv_mailbox_password :
dirserv_poll_period : 120
maildefer_size:
maildefer_header:
maildefer_listen: 127.0.0.1:10024
maildefer_talk: 127.0.0.1:10025
--- NEW FILE: kolabconf ---
#!@l_prefix@/bin/perl
##
## Copyright (c) 2003 Code Fusion cc
##
## Writen by Stuart Binge <s.binge at codefusion.co.za>
## Portions based on work by the following people:
##
## (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
## (c) 2003 Martin Konold <martin.konold at erfrakon.de>
## (c) 2003 Achim Frank <achim.frank at erfrakon.de>
##
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
##
use strict;
use Getopt::Std;
use Sys::Syslog;
use IO::File;
use Kolab;
use Kolab::Util;
use Kolab::Conf;
use Kolab::LDAP;
use vars qw($opt_d);
openlog('kolabconf', 'cons, pid', 'user');
getopts('d');
if ($opt_d) {
foreach my $key (sort keys %Kolab::config) {
print "$key : " . $Kolab::config{$key} . "\n";
}
exit 0;
}
print 'kolabconf - Kolab Configuration Generator
Copyright (c) 2003 Code Fusion cc
Copyright (c) 2003 Tassilo Erlewein, Martin Konold, Achim Frank
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
';
Kolab::log('KC', 'Rebuilding templates');
Kolab::Conf::rebuildTemplates;
Kolab::log('KC', 'Reloading kolab components');
Kolab::reload;
#if ($pid) {
# Kolab::log('KC', "Refreshing the kolab daemon (w/ PID $pid)");
# kill('HUP', $pid);
#} else {
# Kolab::log('KC', "Unable to determine the PID of the kolab daemon; skipping refresh", KOLAB_WARN);
#}
Kolab::log('KC', 'Finished');
--- NEW FILE: kolabd ---
#!@l_prefix@/bin/perl
##
## Copyright (c) 2003 Code Fusion cc
##
## Writen by Stuart Bingë <s.binge at codefusion.co.za>
## Portions based on work by the following people:
##
## (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
## (c) 2003 Martin Konold <martin.konold at erfrakon.de>
## (c) 2003 Achim Frank <achim.frank at erfrakon.de>
##
##
## This program is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2, or
## (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You can view the GNU General Public License, online, at the GNU
## Project's homepage; see <http://www.gnu.org/licenses/gpl.html>.
##
#
# Module prefixes in the logs:
# K: kolabd
# C: Config
# T: Templates
# L: LDAP
# Y: Cyrus
# B: Backend
# KC: kolabconf
# DS: DirServ
# Anything else: the various backends
#
use strict;
use Sys::Syslog;
use IO::File;
use Kolab;
use Kolab::Util;
use Kolab::DirServ;
use Kolab::LDAP;
use Kolab::LDAP::Backend;
use vars qw(%pids);
openlog('kolabd', 'cons, pid', 'user');
my $prefix = $Kolab::config{'prefix'};
my $pidfile = IO::File->new("$prefix/var/kolab/kolab.pid", 'w+')
|| die "Unable to open PID file `$prefix/var/kolab/kolab.pid'";
print $pidfile $$;
undef $pidfile;
sub sigInt
{
Kolab::superLog('Kolab is shutting down');
Kolab::log('K', 'SIGINT/SIGTERM detected, kill()ing children');
foreach my $pid (keys %pids) {
kill('INT', $pid);
waitpid($pid, 0);
}
Kolab::LDAP::shutdown;
Kolab::log('K', 'Exiting');
exit(0);
}
sub sigHup
{
Kolab::log('K', 'Refreshing configuration');
foreach my $pid (keys %pids) {
kill('INT', $pid);
waitpid($pid, 0);
}
%pids = ();
Kolab::reloadConfig;
Kolab::log('K', 'Synchronising');
Kolab::LDAP::sync;
Kolab::log('K', 'Reloading addressbook.peers');
Kolab::DirServ::reloadPeers;
Kolab::log('K', 'Finished refresh');
&run;
}
sub run
{
my $pid;
my $finished = 0;
foreach my $backend (keys %Kolab::LDAP::Backend::backends) {
Kolab::log('K', "Forking `$backend' listener");
$pid = fork;
if (!defined($pid)) {
Kolab::log('K', "Unable to fork `$backend' listener", KOLAB_ERROR);
exit(1);
}
if ($pid) {
$pids{$pid} = 1;
$finished++;
next;
}
Kolab::LDAP::Backend::run($backend);
}
$SIG{'INT'} = \&sigInt;
$SIG{'TERM'} = \&sigInt;
$SIG{'HUP'} = \&sigHup;
Kolab::log('K', 'Listeners spawned, wait()ing');
while ($finished > 0) {
wait;
if ($?) {
Kolab::log('K', 'Abnormal child exit status encountered, aborting');
kill('INT', $$);
} else {
Kolab::log('K', 'Child terminated normally');
}
}
}
print 'kolabd - Kolab Backend Daemon
Copyright (c) 2003 Code Fusion cc
Copyright (c) 2003 Tassilo Erlewein, Martin Konold, Achim Frank
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
';
Kolab::superLog('Kolab is starting up');
Kolab::LDAP::startup;
Kolab::log('K', 'Loading backends');
Kolab::LDAP::Backend::load;
Kolab::LDAP::Backend::load('user');
Kolab::LDAP::Backend::load('sf');
Kolab::LDAP::Backend::load('dirservd',1);
Kolab::log('K', 'Performing backend startup');
&Kolab::LDAP::Backend::startup;
Kolab::log('K', 'Synchronising');
Kolab::LDAP::sync;
Kolab::log('K', 'Synchronisation complete, starting up daemon');
run;
--- NEW FILE: kolabdcachetool ---
#!/kolab/bin/perl -w
use strict;
use Getopt::Long;
use DB_File;
use POSIX qw(strftime);
my $progname = `basename $0`;
chomp($progname);
sub usage
{
print "Usage: $progname CACHE FUNCTION
where CACHE is one of `mbox' or `gyard' (i.e. the cache to operate
on) and FUNCION is one of `list', `delete' or `flush' (i.e. the
function to perform on CACHE)\n";
exit(1);
1;
}
my $cache = shift || usage;
my $func = shift || usage;
my (%db, %db2, %sorted);
usage if ($func !~ /list/i && $func !~ /del/i && $func !~ /flush/i);
if ($cache =~ /mbox/i) {
dbmopen(%db, '/kolab/var/kolab/mailbox-uidcache.db', 0666)
|| die "Unable to open mail uid cache";
} elsif ($cache =~ /gyard/i) {
dbmopen(%db, '/kolab/var/kolab/graveyard-uidcache.db', 0666)
|| die "Unable to open graveyard uid cache";
dbmopen(%db2, '/kolab/var/kolab/graveyard-tscache.db', 0666)
|| die "Unable to open graveyard timestamp cache";
} else { usage; }
my ($guid, $ts);
foreach $guid (keys %db) {
$sorted{
$ts = "";
$ts = ", deleted " . strftime("%F %T", localtime($db2{$guid})) if exists($db2{$guid});
print "GUID: `$guid', mailbox: `" . $db{$guid} . "'$ts\n";
}
dbmclose(%db);
dbmclose(%db2);
Index: cyrus.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/cyrus.conf.template,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- cyrus.conf.template 22 May 2003 18:49:51 -0000 1.3
+++ cyrus.conf.template 31 Mar 2004 13:23:12 -0000 1.4
@@ -25,7 +25,7 @@
@@@cyrus-sieve@@@
# LMTP is required for delivery
- lmtpunix cmd="lmtpd" listen="@@@kolab_prefix@@@/var/kolab/lmtp" prefork=0
+ lmtpunix cmd="lmtpd" listen="@l_prefix@/var/kolab/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/openpkg/var/imapd/socket/notify" proto="udp" prefork=1
Index: httpd.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/httpd.conf.template,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- httpd.conf.template 25 Oct 2003 07:44:00 -0000 1.14
+++ httpd.conf.template 31 Mar 2004 13:23:12 -0000 1.15
@@ -8,28 +8,28 @@
# manual additions are lost unless made to the template in the Kolab config directory
### Section 1: Global Environment
-ServerRoot "@@@kolab_prefix@@@"
+ServerRoot "@l_prefix@"
# do not require SSL as default for now
SSLVerifyClient none
-#SSLCACertificateFile @@@kolab_prefix@@@/etc/kolab/server.pem
-SSLSessionCache dbm:@@@kolab_prefix@@@/var/apache/log/ssl_scache
+#SSLCACertificateFile @l_prefix@/etc/kolab/server.pem
+SSLSessionCache dbm:@l_prefix@/var/apache/log/ssl_scache
SSLSessionCacheTimeout 300
-SSLMutex file:@@@kolab_prefix@@@/var/apache/log/ssl_mutex
+SSLMutex file:@l_prefix@/var/apache/log/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<VirtualHost _default_:443>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-SSLCertificateFile @@@kolab_prefix@@@/etc/kolab/cert.pem
-SSLCertificateKeyFile @@@kolab_prefix@@@/etc/kolab/key.pem
+SSLCertificateFile @l_prefix@/etc/kolab/cert.pem
+SSLCertificateKeyFile @l_prefix@/etc/kolab/key.pem
<Files ~ "\.(cgi|shtml|phtml|php4|php3?)$">
SSLOptions +StdEnvVars
</Files>
-<Directory "@@@kolab_prefix@@@/var/kolab/www/cgi-bin">
+<Directory "@l_prefix@/var/kolab/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
@@ -99,14 +99,14 @@
ServerAdmin root at localhost
#ServerName new.host.name:80
UseCanonicalName Off
-DocumentRoot "@@@kolab_prefix@@@/var/kolab/www"
+DocumentRoot "@l_prefix@/var/kolab/www"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
-#<Directory "@@@kolab_prefix@@@/var/kolab/www">
+#<Directory "@l_prefix@/var/kolab/www">
# Options Indexes FollowSymLinks
# AllowOverride None
# Order allow,deny
@@ -128,44 +128,44 @@
TypesConfig etc/apache/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
- MIMEMagicFile @@@kolab_prefix@@@/etc/apache/mime.magic
+ MIMEMagicFile @l_prefix@/etc/apache/mime.magic
</IfModule>
HostnameLookups On
-ErrorLog @@@kolab_prefix@@@/var/apache/log/apache-error.log
+ErrorLog @l_prefix@/var/apache/log/apache-error.log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
-CustomLog @@@kolab_prefix@@@/var/apache/log/apache-access.log common
+CustomLog @l_prefix@/var/apache/log/apache-access.log common
ServerTokens Full
ServerSignature On
-Alias /icons/ "@@@kolab_prefix@@@/var/kolab/www/icons/"
+Alias /icons/ "@l_prefix@/var/kolab/www/icons/"
-<Directory "@@@kolab_prefix@@@/var/kolab/www/icons">
+<Directory "@l_prefix@/var/kolab/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
-ScriptAlias /cgi-bin/ "@@@kolab_prefix@@@/var/kolab/www/cgi-bin/"
+ScriptAlias /cgi-bin/ "@l_prefix@/var/kolab/www/cgi-bin/"
-<Directory "@@@kolab_prefix@@@/var/kolab/www/cgi-bin">
+<Directory "@l_prefix@/var/kolab/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
-DavLockDB @@@kolab_prefix@@@/var/kolab/www/locks/DAVlock
+DavLockDB @l_prefix@/var/kolab/www/locks/DAVlock
@@@legacy-mode@@@
-<Directory "@@@kolab_prefix@@@/var/kolab/www/freebusy">
+<Directory "@l_prefix@/var/kolab/www/freebusy">
Dav On
AllowOverride None
@@ -193,7 +193,7 @@
AddDefaultCharset Off
</Directory>
-<Directory "@@@kolab_prefix@@@/var/kolab/www/webcalendar">
+<Directory "@l_prefix@/var/kolab/www/webcalendar">
Dav On
AllowOverride None
Options None
@@ -219,7 +219,7 @@
AddDefaultCharset Off
</Directory>
-<Directory "@@@kolab_prefix@@@/var/kolab/www/admin">
+<Directory "@l_prefix@/var/kolab/www/admin">
AllowOverride None
Options None
Order allow,deny
@@ -239,19 +239,6 @@
require valid-user
SSLRequireSSL
</Directory>
-
-<Directory "@@@kolab_prefix@@@/var/kolab/www/horde>
- Options +FollowSymLinks
- AllowOverride None
-
- php_value include_path '@@@kolab_prefix@@@/lib/php/pear/:.'
- php_flag magic_quotes_gpc Off
- php_flag track_vars On
-
- Order allow,deny
- Allow from all
-</Directory>
-
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
Index: imapd.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/imapd.conf.template,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- imapd.conf.template 25 Oct 2003 07:44:00 -0000 1.7
+++ imapd.conf.template 31 Mar 2004 13:23:12 -0000 1.8
@@ -8,13 +8,13 @@
# manual additions are lost unless made to the template in the Kolab config directory
# Warning: Do not use a trailing slash in paths!
-configdirectory: @@@kolab_prefix@@@/var/imapd
-partition-default: @@@kolab_prefix@@@/var/imapd/spool
+configdirectory: @l_prefix@/var/imapd
+partition-default: @l_prefix@/var/imapd/spool
admins: @@@cyrus-admins@@@
sasl_pwcheck_method: saslauthd
sasl_mech_list: plain
-sendmail: @@@kolab_prefix@@@/sbin/sendmail
+sendmail: @l_prefix@/sbin/sendmail
allowanonymouslogin: no
allowplaintext: yes
servername: @@@fqhostname@@@
@@ -23,15 +23,16 @@
munge8bit: no
quotawarn: 90
timeout: 30
-sievedir: @@@kolab_prefix@@@/var/imapd/sieve
-lmtpsocket: @@@kolab_prefix@@@/var/kolab/lmtp
+sievedir: @l_prefix@/var/imapd/sieve
+lmtpsocket: @l_prefix@/var/kolab/lmtp
-#tls_ca_file: @@@kolab_prefix@@@/etc/kolab/server.pem
-tls_cert_file: @@@kolab_prefix@@@/etc/kolab/cert.pem
-tls_key_file: @@@kolab_prefix@@@/etc/kolab/key.pem
+#tls_ca_file: @l_prefix@/etc/kolab/server.pem
+tls_cert_file: @l_prefix@/etc/kolab/cert.pem
+tls_key_file: @l_prefix@/etc/kolab/key.pem
#altnamespace
unixhierarchysep: yes
lmtp_downcase_rcpt: yes
+virtdomains: yes
loginrealms: @@@postfix-mydomain@@@
Index: kolab
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/kolab,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- kolab 29 Jul 2003 14:22:03 -0000 1.18
+++ kolab 31 Mar 2004 13:23:12 -0000 1.19
@@ -1,751 +1,40 @@
-#!@@@kolab_prefix@@@/bin/perl
-
-# (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
-# (c) 2003 Martin Konold <martin.konold at erfrakon.de>
-# (c) 2003 Achim Frank <achim.frank at erfrakon.de>
-## This program is Free Software under the GNU General Public License (>=v2).
-## Read the file COPYING that comes with this packages for details.
+#!@l_prefix@/bin/perl
-# kolab Version 1.0
+##
+## Copyright (c) 2003 Code Fusion cc
+##
+## Writen by Stuart Bingë <s.binge at codefusion.co.za>
+## Portions based on work by the following people:
+##
+## (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
+## (c) 2003 Martin Konold <martin.konold at erfrakon.de>
+## (c) 2003 Achim Frank <achim.frank at erfrakon.de>
+##
+##
+## This program is free software; you can redistribute it and/or
+## modify it under the terms of the GNU General Public License as
+## published by the Free Software Foundation; either version 2, or
+## (at your option) any later version.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+## General Public License for more details.
+##
+## You can view the GNU General Public License, online, at the GNU
+## Project's homepage; see <http://www.gnu.org/licenses/gpl.html>.
+##
-#use strict;
-use URI;
-use IO::Select;
-use IO::Socket;
-use IO::File;
-use Convert::ASN1 qw(:io);
-use Net::LDAP::ASN qw(LDAPRequest LDAPResponse LDAPResult);
-use Net::LDAP::Constant;
-use Net::LDAP;
-use File::Copy;
+use strict;
use Getopt::Std;
-use Cyrus::IMAP::Admin;
-use Sys::Syslog;
-use Data::Dumper;
-use vars qw($opt_v $opt_o $opt_l);
+use vars qw($opt_o);
getopts('vol:');
-my $kolab_prefix="@@@kolab_prefix@@@";
-my %kolab_config;
-my %configdata=();
-my %haschanged=();
-my $postmap="$kolab_prefix/sbin/postmap";
-my $newaliases="$kolab_prefix/sbin/newaliases";
-my $conn;
-my $server;
-my $reinit=0;
-sub PROTOCOLOP_BINDREQUEST () { 0x00 }
-sub PROTOCOLOP_BINDRESPONSE () { 0x01 }
-sub PROTOCOLOP_UNBINDREQUEST () { 0x02 }
-sub PROTOCOLOP_SEARCHREQUEST () { 0x03 }
-sub PROTOCOLOP_SEARCHRESENTRY () { 0x04 }
-sub PROTOCOLOP_SEARCHRESDONE () { 0x05 }
-sub PROTOCOLOP_SEARCHRESREF () { 0x06 }
-sub PROTOCOLOP_MODIFYREQUEST () { 0x07 }
-sub PROTOCOLOP_MODIFYRESPONSE () { 0x08 }
-sub PROTOCOLOP_ADDREQUEST () { 0x09 }
-sub PROTOCOLOP_ADDRESPONSE () { 0x10 }
-sub PROTOCOLOP_DELREQUEST () { 0x11 }
-sub PROTOCOLOP_DELRESPONSE () { 0x12 }
-sub PROTOCOLOP_MODDNREQUEST () { 0x13 }
-sub PROTOCOLOP_MODDNRESPONSE () { 0x14 }
-sub PROTOCOLOP_COMPAREREQUEST () { 0x15 }
-sub PROTOCOLOP_COMPARERESPONSE () { 0x16 }
-sub PROTOCOLOP_ABANDONREQUEST () { 0x17 }
-sub PROTOCOLOP_EXTENDEDREQ () { 0x18 }
-sub PROTOCOLOP_EXTENDEDRESP () { 0x19 }
-
-
-#############
-# FUNCTIONS #
-#############
-
-sub dolog
-{
- syslog('info', "$_[0]");
-}
-
-sub sigfunction
-{
- if ($conn) { undef $conn; }
- if ($server) { undef $server; }
- dolog("exiting");
- exit(0);
-}
-$SIG{'INT'} = 'sigfunction';
-$SIG{'TERM'} = 'sigfunction';
-
-sub reinit
-{
- dolog("HUP signal received, closeing socket and restart listening");
- configchange();
- $reinit=1;
-}
-$SIG{'HUP'} = 'reinit';
-
-sub debug
-{
- #my $a = shift;
- #print "$a\n";
- #dolog($a);
-}
-
-sub debug_response
-{
- #my $p = shift;
- #$Data::Dumper::Indent=1;
- #$Data::Dumper::Quotekeys=0;
- #print Dumper($LDAPResponse->decode($p));
-}
-
-sub debug_request
-{
- #my $p = shift;
- #$Data::Dumper::Indent=1;
- #$Data::Dumper::Quotekeys=0;
- #print Dumper($LDAPRequest->decode($p));
-}
-
-sub get_request_type
-{
- my $op = shift;
- if ($op->{bindRequest}) { return "bindRequest"; }
- if ($op->{unbindRequest}) { return "unbindRequest"; }
- if ($op->{addRequest}) { return "addRequest"; }
- if ($op->{delRequest}) { return "delRequest"; }
- if ($op->{modifyRequest}) { return "modifyRequest"; }
- if ($op->{modDNRequest}) { return "modDNRequest"; }
- if ($op->{searchRequest}) { return "searchRequest"; }
- if ($op->{compareRequest}) { return "compareRequest"; }
- if ($op->{abandonRequest}) { return "abandonRequest"; }
- if ($op->{extendedRequest}) { return "extendedRequest"; }
- return "";
-}
-
-sub bind_response
-{
- my $req = shift;
- debug("got bind request");
- my $pdu = $LDAPResponse->encode(
- messageID => $req->{messageID},
- protocolOp => {
- choiceID => PROTOCOLOP_BINDRESPONSE,
- bindResponse => {
- resultCode => Net::LDAP::Constant::LDAP_SUCCESS,
- matchedDN => $req->{bindRequest}{name},
- errorMessage => "",
- serverSaslCreds => "" }}) || die $LDAPResponse->error;
- return $pdu;
-}
-
-sub add_response
-{
- my $req = shift;
- debug("got add request");
- my $pdu = $LDAPResponse->encode(
- messageID => $req->{messageID},
- protocolOp => {
- choiceID => PROTOCOLOP_ADDRESPONSE,
- addResponse => {
- resultCode => Net::LDAP::Constant::LDAP_SUCCESS,
- matchedDN => $req->{addRequest}{objectName},
- errorMessage => "" }}) || die $LDAPResponse->error;
- return $pdu;
-}
-
-sub del_response
-{
- my $req = shift;
- debug("got del request");
- my $pdu = $LDAPResponse->encode(
- messageID => $req->{messageID},
- protocolOp => {
- choiceID => PROTOCOLOP_DELRESPONSE,
- delResponse => {
- resultCode => Net::LDAP::Constant::LDAP_SUCCESS,
- matchedDN => $req->{delRequest},
- errorMessage => "" }}) || die $LDAPResponse->error;
- return $pdu;
-}
-
-sub mod_response
-{
- my $req = shift;
- debug("got mod request");
- my $pdu = $LDAPResponse->encode(
- messageID => $req->{messageID},
- protocolOp => {
- choiceID => PROTOCOLOP_MODIFYRESPONSE,
- modifyResponse => {
- resultCode => Net::LDAP::Constant::LDAP_SUCCESS,
- matchedDN => $req->{modifyRequest}{object},
- errorMessage => "" }}) || die $LDAPResponse->error;
- return $pdu;
-}
-
-sub moddn_response
-{
- my $req = shift;
- debug("got moddn request");
- my $pdu = $LDAPResponse->encode(
- messageID => $req->{messageID},
- protocolOp => {
- choiceID => PROTOCOLOP_MODDNRESPONSE,
- modDNResponse => {
- resultCode => Net::LDAP::Constant::LDAP_SUCCESS,
- matchedDN => $req->{modDNRequest}{entry},
- errorMessage => "" }}) || die $LDAPResponse->error;
- return $pdu;
-}
-
-# we will often trim strings and kill leading and trailing whitespace
-sub trim {
- my $string = $_[0];
- $string =~ s/^\s+//g;
- $string =~ s/\s+$//g;
- chomp $string;
- return $string;
-}
-
-# build ( <template name> , <new config file name> )
-sub build {
- my $templ = $_[0];
- my $conf = $_[1];
- my $uid = (getpwnam("kolab"))[2];
- my $gid = (getgrnam("kolab"))[2];
- $opt_v && print "creating new $conf from $templ\n";
-
- # make a copy of the last config file to detect differences
- # we want to avoid restarting services unless necessary
- if (!$opt_o) {
- copy($conf, $conf.".old");
- chown($uid,$gid,$conf.".old");
- }
-
- my $template = IO::File->new($templ, "r") || die "could not open $templ";
- my $config = IO::File->new($kolab_prefix."/etc/kolab/.tmp", "w+") || die "could not open $conf";
- while (<$template>) {
- if (/\@{3}(\S+)\@{3}/) {
- if ($configdata{$1}) {
- s/\@{3}(\S+)\@{3}/$configdata{$1}/g;
- } else {
- dolog("no replacement for substitute $1");
- s/\@{3}(\S+)\@{3}//g;
- }
- }
- print $config $_;
- }
- undef $template;
- undef $config;
- move($kolab_prefix."/etc/kolab/.tmp", $conf);
- chown($uid,$gid,$conf);
-
- # find out about changes
- if (!$opt_o && -f $conf.".old") {
- my $rc = `diff -q $conf $conf.old`;
- if ($rc) {
- if ($conf =~ /postfix/) {
- $haschanged{'postfix'} = 1;
- } elsif ($conf =~ /saslauthd/) {
- $haschanged{'saslauthd'} = 1;
- } elsif ($conf =~ /apache/) {
- $haschanged{'apache'} = 1;
- } elsif ($conf =~ /proftpd/) {
- $haschanged{'proftpd'} = 1;
- } elsif ($conf =~ /openldap/) {
- $haschanged{'slapd'} = 1;
- } elsif ($conf =~ /imapd/) {
- $haschanged{'imapd'} =1;
- }
- chomp($rc);
- dolog($rc);
- }
- }
-}
-
-sub configchange
-{
- my $ldap;
- my $ldapuri;
- my $key;
- my $value;
- my $section="";
- my $ldapobject;
- my $mesg;
- my %config_files = (
- "$kolab_prefix/etc/kolab/session_vars.php.template" => "$kolab_prefix/var/kolab/www/admin/include/session_vars.php",
-
- "$kolab_prefix/etc/kolab/main.cf.template" => "$kolab_prefix/etc/postfix/main.cf",
- "$kolab_prefix/etc/kolab/master.cf.template" => "$kolab_prefix/etc/postfix/master.cf",
-
- "$kolab_prefix/etc/kolab/saslauthd.conf.template" => "$kolab_prefix/etc/sasl/saslauthd.conf",
-
- "$kolab_prefix/etc/kolab/imapd.conf.template" => "$kolab_prefix/etc/imapd/imapd.conf",
-
- "$kolab_prefix/etc/kolab/httpd.conf.template" => "$kolab_prefix/etc/apache/apache.conf",
- "$kolab_prefix/etc/kolab/legacy.conf.template" => "$kolab_prefix/etc/apache/legacy.conf",
- "$kolab_prefix/etc/kolab/php.ini.template" => "$kolab_prefix/etc/apache/php.ini",
-
- "$kolab_prefix/etc/kolab/proftpd.conf.template" => "$kolab_prefix/etc/proftpd/proftpd.conf",
-
- "$kolab_prefix/etc/kolab/slapd.conf.template" => "$kolab_prefix/etc/openldap/slapd.conf");
-
- dolog("generating new config");
-
- $ldapuri = URI->new($configdata{'ldap_uri'}) || die "error: could not parse given uri";
- $ldap = Net::LDAP->new($ldapuri->host, port=> $ldapuri->port) || die "could not connect ldap server";
- $ldap->bind($configdata{'bind_dn'}, password=> $configdata{'bind_pw'}) || die "could not bind to ldap";
-
- $mesg = $ldap->search(base=> "k=kolab,".$configdata{'base_dn'}, scope=> 'base', filter=> "(objectclass=*)");
- $ldapobject = $mesg->pop_entry;
- foreach my $attr ($ldapobject->attributes) {
- $configdata{$attr} = $ldapobject->get_value($attr);
- }
- my $salt = substr $configdata{'proftpd-userPassword'}, 0, 2;
- $configdata{'proftpd-userPassword'} = crypt($configdata{'proftpd-userPassword'}, $salt);
-
- if ($opt_o) { $configdata{'ldap_uri'} =~ s/7777/389/g; }
- my $dummy = URI->new($configdata{'ldap_uri'});
- $configdata{'ldap_ip'} = $dummy->host;
- $configdata{'ldap_port'} = $dummy->port;
-
- $configdata{'legacy-mode'} = "# no legacy configuration";
- if ($configdata{'apache-http'} =~ /true/i) {
- $configdata{'legacy-mode'} = "Include \"$kolab_prefix/etc/apache/legacy.conf\"";
- }
- $configdata{'fqdn'} = `hostname -f`;
- chomp($configdata{'fqdn'});
-
- foreach $key (keys %config_files) {
- build($key, $config_files{$key});
- }
- my $uid = (getpwnam("kolab"))[2];
- my $gid = (getgrnam("kolab"))[2];
-
- # put together the transport map for postfix
- my $configname="$kolab_prefix/etc/postfix/transport";
- copy($configname, $configname.".old");
- chown($uid,$gid,$configname.".old");
- copy("$kolab_prefix/etc/kolab/transport.template", $configname);
- my $transport = IO::File->new($configname, "a")
- || die "could not write to postfix transport map";
- $mesg = $ldap->search(base=> "k=kolab,".$configdata{'base_dn'}, scope=> 'sub', filter=> "(objectclass=*)")
- || dolog("could not find any transport table entries in ldap");
- if ($mesg->code <= 0) {
- foreach $ldapobject ($mesg->entries) {
- my $routes = $ldapobject->get_value('postfix-transport', asref => 1);
- foreach (@$routes) {
- $_=trim($_);
- defined($opt_v) && print "adding smtp route '$_'\n";
- print $transport $_."\n";
- }
- }
- }
- undef $ldapobject;
- undef $transport;
- system("chown root.root $kolab_prefix/etc/postfix/*");
- system("$postmap $kolab_prefix/etc/postfix/transport");
- if (!$opt_o) {
- if (-f $configname.".old") {
- my $rc = `diff -q $configname $configname.old`;
- chomp($rc);
- if ($rc) {
- dolog($rc);
- $haschanged{'postfix'}=1;
- }
- } else { $haschanged{'postfix'}=1; }
- }
-
- my $cyrustemplate = IO::File->new("$kolab_prefix/etc/kolab/cyrus.conf.template","r")
- || die "could not open imapd cyrus.conf template";
- $configname = "$kolab_prefix/etc/imapd/cyrus.conf";
- copy($configname, $configname.".old");
- chown($uid,$gid,$configname.".old");
- $opt_v && printf "creating new $configname from cyrus.conf.template\n";
- my $cyrusconf = IO::File->new($configname,"w") || die "could not open $configname";
- while (<$cyrustemplate>) {
- if (/\@{3}cyrus-imap\@{3}/ && ($configdata{"cyrus-imap"} =~ /true/i)) {
- $_ = "imap cmd=\"imapd -C $kolab_prefix/etc/imapd/imapd.conf\" listen=\"143\" prefork=0\n";
- }
- elsif (/\@{3}cyrus-pop3\@{3}/ && ($configdata{"cyrus-pop3"} =~ /true/i)) {
- $_ = "pop3 cmd=\"pop3d -C $kolab_prefix/etc/imapd/imapd.conf\" listen=\"110\" prefork=0\n";
- }
- elsif (/\@{3}cyrus-imaps\@{3}/ && ($configdata{"cyrus-imaps"} =~ /true/i)) {
- $_ = "imaps cmd=\"imapd -s -C $kolab_prefix/etc/imapd/imapd.conf\" listen=\"993\" prefork=0\n";
- }
- elsif (/\@{3}cyrus-pop3s\@{3}/ && ($configdata{"cyrus-pop3s"} =~ /true/i)) {
- $_ = "pop3s cmd=\"pop3d -s -C $kolab_prefix/etc/imapd/imapd.conf\" listen=\"995\" prefork=0\n";
- }
- elsif (/\@{3}cyrus-sieve\@{3}/ && ($configdata{"cyrus-sieve"} =~ /true/i)) {
- $_ = "sieve cmd=\"timsieved -C $kolab_prefix/etc/imapd/imapd.conf\" listen=\"2000\" prefork=0";
- }
- $_ =~ s/\@{3}.*\@{3}//;
- print $cyrusconf $_;
- }
- undef $cyrustemplate;
- undef $cyrusconf;
- chown($uid,$gid,$configname);
- if (!$opt_o) {
- if (-f $configname.".old") {
- my $rc = `diff -q $configname $configname.old`;
- chomp($rc);
- if ($rc) {
- dolog($rc);
- $haschanged{'imapd'}=1;
- }
- } else { $haschanged{'imapd'}=1; }
- }
-
- # collect group information from LDAP
- $configname = "$kolab_prefix/etc/imapd/imapd.group";
- copy($configname, $configname.".old");
- chown($uid,$gid,$configname.".old");
- copy("$kolab_prefix/etc/kolab/imapd.group.template", $configname);
- my $groupconf = IO::File->new($configname, "a")
- || die "could not write to $configname";
- my $count = 60000;
- $mesg = $ldap->search(base=> $configdata{'base_dn'}, scope=> 'sub', filter=> '(objectclass=groupofnames)')
- || die "could not query LDAP for group information";
- if ($mesg->code > 0) {
- dolog("warning: could not find groups in LDAP tree");
- } else {
- foreach $ldapobject ($mesg->entries) {
- my $group = $ldapobject->get_value('cn').":*:$count:";
- my $userlist = $ldapobject->get_value('uid', asref => 1);
- foreach (@$userlist) { $group .= "$_,"; }
- $group =~ s/,$//;
- print $groupconf $group."\n";
- $opt_v && printf("added group $group\n");
- $count++;
- }
- }
- undef $ldapobject;
- undef $groupconf;
- chown($uid,$gid,$configname);
- if (!$opt_o) {
- if (-f $configname.".old") {
- my $rc = `diff -q $configname $configname.old`;
- if ($rc) {
- dolog($rc);
- $haschanged{'imapd'}=1;
- }
- } else { $haschanged{'imapd'}=1; }
- } else { return; }
-
- # open admin channel to local Cyrus IMAP daemon
- my $cyrus = Cyrus::IMAP::Admin->new('localhost')
- || die "could not connect to Cyrus IMAP daemon";
- $cyrus->authenticate('User' => 'manager', 'Password' => $configdata{'bind_pw'},
- 'mechanisms' => "plaintext")
- || die "could not authenticate with Cyrus IMAP daemon ($cyrus->{'error'})";
-
- # get LDAP user data for checking the mailboxes
- $mesg = $ldap->search(base=> $configdata{'base_dn'}, scope=> 'sub', filter=> '(uid=*)')
- || die "could not query LDAP for all uid's";
- if ($mesg->code > 0) {
- $opt_v && print "warning: could not find uid's in LDAP tree\n";
- } else {
- foreach $ldapobject ($mesg->entries) {
- my $uid = $ldapobject->get_value('mail');
- $uid = trim($uid);
- my $cyruid = "user/".$uid;
- my $deleteflag = $ldapobject->get_value('deleteflag');
- if (defined($deleteflag) && ($deleteflag =~ /true/i)) {
- $opt_v && print "removing mailbox $cyruid\n";
- $cyrus->setaclmailbox($cyruid, 'manager', 'c')
- || dolog("could not reset acl to delete imap user $cyruid");
- $cyrus->deletemailbox($cyruid) || dolog("could not delete imap user $cyruid");
- next;
- }
- my $mailbox = ($cyrus->listmailbox($cyruid))[0];
- if ($uid && ($uid ne "manager") && ($uid ne "freebusy") && ($uid ne "nobody") && !defined($mailbox)) {
- $opt_v && print "create mailbox for user $cyruid\n";
- $cyrus->createmailbox($cyruid)
- || die "could not create Cyrus mailbox for $cyruid ($cyrus->{'error'})";
- }
- my $quota = $ldapobject->get_value('userquota');
- if (defined($quota) && ($quota > 0)) {
- (my $root, my %quota) = $cyrus->quotaroot($cyruid);
- my $setquota = $quota{'STORAGE'}[1];
- if (!defined($setquota) || ($setquota != $quota)) {
- $opt_v && print "resetting quota for user $cyruid to $quota\n";
- $cyrus->setquota($cyruid, 'STORAGE', $quota)
- || die "could not set quota for $cyruid ($cyrus->{'error'})";
- }
- }
- }
- }
-
- # get shared folder configuration and check it against Cyrus
- $mesg = $ldap->search(base=> $configdata{'base_dn'}, scope=> 'sub', filter=> '(objectclass=sharedfolder)')
- || die "could not qeury LDAP for sharedfolder configuration";
- if ($mesg->code > 0) {
- $opt_v && print "warning: could not find shared folders in LDAP tree\n";
- } else {
- foreach $ldapobject ($mesg->entries) {
- my $folder = $ldapobject->get_value('cn');
- my $deleteflag = $ldapobject->get_value('deleteflag');
- $folder = trim($folder);
- my $cyrfolder = "user.".$folder;
- if (defined($deleteflag) && ($deleteflag =~ /true/i)) {
- $opt_v && print "removing shared folder $cyrfolder\n";
- $cyrus->setacl($cyrfolder, 'manager', 'c')
- || dolog("could not reset acl to delete imap $cyrfolder");
- $cyrus->delete($cyrfolder)
- || dolog("could not delete imap folder $cyrfolder");
- next;
- }
- my $fo = ($cyrus->list($cyrfolder))[0];
- if (!defined($fo)) {
- $opt_v && print "create folder: $cyrfolder\n";
- $cyrus->create($cyrfolder)
- || die "could not create Cyrus shared folder for $cyrfolder ($cyrus->{'error'})";
- }
- my $quota = $ldapobject->get_value('userquota');
- if (defined($quota) && ($quota > 0)) {
- (my $root, my %quota) = $cyrus->quotaroot($cyrfolder);
- my $setquota = $quota{'STORAGE'}[1];
- if (!defined($setquota) || ($setquota != $quota)) {
- $opt_v && print "resetting quota for shared folder $cyrfolder to $quota\n";
- $cyrus->setquota($cyrfolder, 'STORAGE', $quota)
- || die "could not set quota for folder $cyrfolder ($cyrus->{'error'})";
- }
- }
- # first reset current acl
- my @acl = `$kolab_prefix/etc/kolab/workaround.sh $cyrfolder $configdata{'bind_pw'} | sed -e /localhost/d`;
- foreach (@acl) {
- $_ = trim($_);
- (my $user, ) = split / /;
- $opt_v && print "remove acl $user from folder $cyrfolder\n";
- $cyrus->deleteacl($cyrfolder, $user)
- || dolog("could not remove acl from imap folder $cyrfolder ($cyrus->{'error'})");
- }
- #my %acl = $cyrus->listacl($folder) || print "imap folder $folder seems to not have acl\n";
- #foreach my $acl (keys %acl) {
- # defined($opt_v) && print "remove acl $acl from folder $folder\n";
- # $cyrus->deleteacl($folder, $acl) || print "could not remove acl from imap folder $folder ($cyrus->{'error'})\n";
- #}
- my $acls = $ldapobject->get_value('acl', asref => 1);
- foreach (@$acls) {
- (my $user, my $acl) = split (/ /,$_,2);
- $user = trim($user);
- $acl = trim($acl);
- $opt_v && print "set $cyrfolder acl to $user $acl\n";
- $cyrus->setacl($cyrfolder, $user, $acl);
- }
- }
- }
-
- # remove all LDAP objects marked for deletion
- $mesg = $ldap->search(base=> $configdata{'base_dn'}, scope=> 'sub', filter=> '(deleteflag=TRUE)')
- || dolog("could not query LDAP for to be deleted objects");
- if ($mesg->code <= 0) {
- foreach $ldapobject ($mesg->entries) {
- my $dn = $ldapobject->dn;
- $opt_v && print "removing $dn from ldap\n";
- $mesg = $ldap->delete($dn) || dolog("could not delete $dn");
- }
- }
-
- # find aliases and put together the virtual map for postfix
- # also fill up aliases
- $configname = "$kolab_prefix/etc/postfix/virtual";
- #$configname2 = "$kolab_prefix/etc/postfix/aliases";
- copy("$kolab_prefix/etc/kolab/virtual.template",$configname);
- #copy("$kolab_prefix/etc/kolab/aliases.template",$configname2);
- my $virtual = IO::File->new($configname, "a") || die "could not write to $configname";
- #my $aliasdb = IO::File->new($configname2, "a") || die "could not write to $configname2";
- $mesg = $ldap->search(base=> $configdata{'base_dn'}, scope=> 'sub', filter=> '(mail=*)');
- if ($mesg->code <= 0) {
- foreach $ldapobject ($mesg->entries) {
- #my $uidval = $ldapobject->get_value('uid');
- my $mail = $ldapobject->get_value('mail');
- if (defined($mail)) {
- $mail = trim($mail);
- my $aliases = $ldapobject->get_value('alias', asref => 1);
- #push @$aliases, $ldapobject->get_value('mail');
- foreach (@$aliases) {
- $_ = trim($_);
- my $rule = $_." ".$mail;
- defined($opt_v) && print "adding virtual entry '$rule'\n";
- print $virtual $rule."\n";
- }
- #(my $rule, my $dom,) = split(/@/,$mail);
- #if ($mail) {
- # $rule .= ": ".$uidval."@".$dom."\n";
- # defined($opt_v) && print "adding aliases entry '$rule'\n";
- # print $aliasdb $rule;
- #}
- }
- }
- } elsif ($opt_v) { print "warning: could not find any aliases in ldap\n"; }
- $virtual->close;
- #$aliasdb->close;
- system("chown root.root $kolab_prefix/etc/postfix/*");
- system("$postmap $configname");
- #system("$newaliases");
- if (!$opt_o && -f $configname.old) {
- my $rc = `diff -q $configname $configname.old`;
- if ($rc) {
- dolog($rc);
- $haschanged{'postfix'}=1;
- }
- }
-
- $ldap->unbind;
- dolog("done generating new kolab config");
-}
-
-sub kolab_reload
-{
- # trigger server config reload
- if ($haschanged{'slapd'}) {
- dolog("restarting openldap");
- system("$kolab_prefix/etc/rc.d/rc.openldap restart");
- }
- if($haschanged{'saslauthd'}) {
- dolog("restarting saslauthd");
- system("$kolab_prefix/etc/rc.d/rc.sasl stop; sleep 1; $kolab_prefix/sbin/saslauthd -a ldap -n 5");
- }
- if ($haschanged{'apache'}) {
- dolog("reloading apache");
- system("$kolab_prefix/sbin/apachectl graceful");
- }
- if ($haschanged{'postfix'}) {
- dolog("reloading postfix");
- system("$kolab_prefix/sbin/postfix reload");
- }
- if ($haschanged{'imapd'}) {
- dolog("restarting imapd");
- system("$kolab_prefix/etc/rc.d/rc.imapd restart");
- }
- if ($configdata{'proftpd-ftp'} =~ /true/i) {
- dolog("make sure proftpd is running");
- system("$kolab_prefix/etc/rc.d/rc.proftpd start");
- if ($haschanged{'proftpd'}) {
- dolog("reloading proftpd");
- kill("SIGHUP",`cat $kolab_prefix/var/proftpd/proftpd.pid`);
- }
- } else {
- dolog("make sure proftpd isn't running");
- system("$kolab_prefix/etc/rc.d/rc.proftpd stop");
- }
-}
-
-
-################
-# MAIN PROGRAM #
-################
-
-openlog("kolab", 'cons, pid', 'user');
-my $pidfile = IO::File->new("$kolab_prefix/var/kolab/kolab.pid", "w+")
- || die "could not open pid file";
-print $pidfile $$;
-undef $pidfile;
-
-my $kolab_config = $kolab_prefix."/etc/kolab/kolab.conf";
-my $fd = IO::File->new($kolab_config, "r") || die "could not open $kolab_config";
-foreach (<$fd>) {
- if (/(.*) : (.*)/) { $kolab_config{$1} = $2; }
-}
-undef $fd;
-$configdata{'bind_dn'} = $kolab_config{'bind_dn'} || die "could not read bind_dn from $kolab_config";
-$configdata{'bind_pw'} = $kolab_config{'bind_pw'} || die "could not read bind_pw from $kolab_config";
-$configdata{'ldap_uri'} = $kolab_config{'ldap_uri'} || die "could not read ldap_uri from $kolab_config";
-$configdata{'base_dn'} = $kolab_config{'base_dn'} || die "could not read base_dn from $kolab_config";
-$configdata{'php_dn'} = $kolab_config{'php_dn'} || die "could not read php_dn from $kolab_config";
-$configdata{'php_pw'} = $kolab_config{'php_pw'} || die "could not read php_pw from $kolab_config";
-if (defined($opt_l)) { $configdata{'ldap_uri'} = $opt_l; }
-
-dolog("kolab initialization starts");
-configchange();
-$opt_o && exit(0);
-
-kolab_reload();
-dolog("kolab started");
-
-my $request;
-my $response;
-my $pdu;
-my $changes = 0;
-
-my $kolab_port = 9999;
-$server = IO::Socket::INET->new(
- LocalPort => $kolab_port, Proto => "tcp", ReuseAddr =>1, Type => SOCK_STREAM, LocalAddr => "127.0.0.1", Listen => 10)
- || die "Couldn't be a tcp server on port $kolab_port : $@\n";
-
-dolog("waiting for incoming connection");
-
-while ($conn = $server->accept()) {
-
- dolog("got incoming connection");
- my $select = IO::Select->new($conn);
-
- while ($conn) {
-
- undef $pdu;
- my $ready;
- my $offset = 0;
-
- # we only trigger the config activation if no ldap requests are pending
- if (!($select->can_read(1)) && $changes) {
- configchange($changes);
- kolab_reload();
- %haschanged = ();
- $changes = 0;
- }
-
- dolog("waiting for ldap updates ...");
- for( $ready = 1 ; $ready ; $ready = $select->can_read(1)) {
- $offset = asn_read($conn, $pdu, $offset);
- defined($offset) or $offset = 0;
- sleep 1
- }
-
- if ($pdu) {
- #debug_request($pdu);
- $request = $LDAPRequest->decode($pdu) || die $LDAPRequest->error;
- $_ = get_request_type($request);
- undef $pdu;
- debug("got $_");
-
- SWITCH: {
- if (/bindRequest/) { $pdu = bind_response($request); last SWITCH; }
- if (/addRequest/) { $pdu = add_response($request); $changes = 1; last SWITCH; }
- if (/delRequest/) { $pdu = del_response($request); $changes = 1; last SWITCH; }
- if (/modifyRequest/) { $pdu = mod_response($request); $changes = 1; last SWITCH; }
- if (/modDNRequest/) { $pdu = moddn_response($request); $changes = 1; last SWITCH; }
-
- if (/unbindRequest/) {
- debug("Got unbindRequest");
- } else {
- debug("Unhandled Request!");
- #$pdu = $LDAPResult->encode(
- # resultCode => Net::LDAP::Constant::LDAP_PROTOCOL_ERROR,
- # matchedDN => '', errorMessage => "Invald Request received")
- # || die $LDAPRequest->error;
- #asn_send($conn,$pdu,0);
- #undef $pdu;
- }
- #$select->remove($conn);
- $conn->close;
- undef $conn;
- } # SWITCH
- } # if pdu
-
- if ($pdu) {
- syswrite($conn, $pdu, length($pdu));
- $changes && dolog("config change detected");
- #debug_response($pdu);
- $response = $LDAPResponse->decode($pdu) || die $LDAPResponse->error;
- }
- if ($reinit) {
- $conn->close;
- undef $conn;
- $reinit=0;
- }
- } # while conn
+if ($opt_o) {
+ print "NOTE: USE OF THIS SCRIPT IS DEPRECATED. Please use `@l_prefix@/sbin/kolabconf' in the future.\n";
+ system("@l_prefix@/sbin/kolabconf");
+} else {
+ print "NOTE: USE OF THIS SCRIPT IS DEPRECATED. Please use `@l_prefix@/sbin/kolabd' in the future.\n";
+ system("@l_prefix@/sbin/kolabd");
}
-$server->close;
-exit 0;
Index: kolab.schema
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/kolab.schema,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- kolab.schema 22 May 2003 18:49:51 -0000 1.5
+++ kolab.schema 31 Mar 2004 13:23:12 -0000 1.6
@@ -244,10 +244,10 @@
DESC 'RFC2256: name of DMD'
SUP name )
-attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
- DESC 'RFC2079: Uniform Resource Identifier with optional label'
- EQUALITY caseExactMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
+# DESC 'RFC2079: Uniform Resource Identifier with optional label'
+# EQUALITY caseExactMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype ( 0.9.2342.19200300.100.1.1
NAME ( 'uid' 'userid' )
@@ -562,16 +562,16 @@
# kolab attributes #
####################
-attributetype ( 1.3.6.1.4.1.60000.2.1.1
+attributetype ( 1.3.6.1.4.1.19414.2.1.1
NAME ( 'k' 'kolab' )
SUP name )
-attributetype ( 1.3.6.1.4.1.60000.2.1.2
+attributetype ( 1.3.6.1.4.1.19414.2.1.2
NAME 'deleteflag'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
-attributetype ( 1.3.6.1.4.1.60000.2.1.3
+attributetype ( 1.3.6.1.4.1.19414.2.1.3
NAME 'alias'
DESC 'RFC1274: RFC822 Mailbox'
EQUALITY caseIgnoreIA5Match
@@ -580,98 +580,98 @@
# global attributes
-attributetype ( 1.3.6.1.4.1.60000.2.1.5
+attributetype ( 1.3.6.1.4.1.19414.2.1.5
NAME 'fqhostname'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# postfix specific attributes
-attributetype ( 1.3.6.1.4.1.60000.2.1.501
+attributetype ( 1.3.6.1.4.1.19414.2.1.501
NAME 'postfix-mydomain'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.502
+attributetype ( 1.3.6.1.4.1.19414.2.1.502
NAME 'postfix-relaydomains'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.503
+attributetype ( 1.3.6.1.4.1.19414.2.1.503
NAME 'postfix-mydestination'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.504
+attributetype ( 1.3.6.1.4.1.19414.2.1.504
NAME 'postfix-mynetworks'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.505
+attributetype ( 1.3.6.1.4.1.19414.2.1.505
NAME 'postfix-relayhost'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.506
+attributetype ( 1.3.6.1.4.1.19414.2.1.506
NAME 'postfix-transport'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
# imapd specific attributes
-attributetype ( 1.3.6.1.4.1.60000.2.1.601
+attributetype ( 1.3.6.1.4.1.19414.2.1.601
NAME 'cyrus-autocreatequota'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
-attributetype ( 1.3.6.1.4.1.60000.2.1.602
+attributetype ( 1.3.6.1.4.1.19414.2.1.602
NAME 'cyrus-admins'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.603
+attributetype ( 1.3.6.1.4.1.19414.2.1.603
NAME 'cyrus-imap'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
-attributetype ( 1.3.6.1.4.1.60000.2.1.604
+attributetype ( 1.3.6.1.4.1.19414.2.1.604
NAME 'cyrus-pop3'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
-attributetype ( 1.3.6.1.4.1.60000.2.1.605
+attributetype ( 1.3.6.1.4.1.19414.2.1.605
NAME 'userquota'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
-attributetype ( 1.3.6.1.4.1.60000.2.1.651
+attributetype ( 1.3.6.1.4.1.19414.2.1.651
NAME 'acl'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-attributetype ( 1.3.6.1.4.1.60000.2.1.606
+attributetype ( 1.3.6.1.4.1.19414.2.1.606
NAME 'cyrus-imaps'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
-attributetype ( 1.3.6.1.4.1.60000.2.1.607
+attributetype ( 1.3.6.1.4.1.19414.2.1.607
NAME 'cyrus-pop3s'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
-attributetype ( 1.3.6.1.4.1.60000.2.1.608
+attributetype ( 1.3.6.1.4.1.19414.2.1.608
NAME 'cyrus-sieve'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
# apache2 and php specific attributes
-attributetype ( 1.3.6.1.4.1.60000.2.1.701
+attributetype ( 1.3.6.1.4.1.19414.2.1.701
NAME 'apache-http'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
# proftpd specific attributes
-attributetype ( 1.3.6.1.4.1.60000.2.1.901
+attributetype ( 1.3.6.1.4.1.19414.2.1.901
NAME 'proftpd-defaultquota'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
-attributetype ( 1.3.6.1.4.1.60000.2.1.902
+attributetype ( 1.3.6.1.4.1.19414.2.1.902
NAME 'proftpd-ftp'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch )
-attributetype ( 1.3.6.1.4.1.60000.2.1.903
+attributetype ( 1.3.6.1.4.1.19414.2.1.903
NAME 'proftpd-userPassword'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
@@ -679,7 +679,7 @@
# kolab object classes #
########################
-objectclass ( 1.3.6.1.4.1.60000.2.2.1 NAME 'kolab'
+objectclass ( 1.3.6.1.4.1.19414.2.2.1 NAME 'kolab'
DESC 'Kolab server config'
MUST k
SUP top STRUCTURAL
@@ -703,7 +703,7 @@
uid $
userPassword ) )
-objectclass ( 1.3.6.1.4.1.60000.2.2.9 NAME 'sharedfolder'
+objectclass ( 1.3.6.1.4.1.19414.2.2.9 NAME 'sharedfolder'
DESC 'IMAP shared folder'
SUP top STRUCTURAL
MUST cn
Index: kolab_bootstrap
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/kolab_bootstrap,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- kolab_bootstrap 25 Oct 2003 07:44:00 -0000 1.14
+++ kolab_bootstrap 31 Mar 2004 13:23:12 -0000 1.15
@@ -1,4 +1,4 @@
-#!@@@kolab_prefix@@@/bin/perl
+#!@l_prefix@/bin/perl
# (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
# (c) 2003 Martin Konold <martin.konold at erfrakon.de>
@@ -24,7 +24,7 @@
use Sys::Hostname;
use Term::ReadKey;
-my $kolab_prefix = "@@@kolab_prefix@@@";
+my $kolab_prefix = "@l_prefix@";
my $kolab_config = $kolab_prefix."/etc/kolab/kolab.conf";
print "\nKOLAB BOOTSTRAP\n\n";
@@ -49,7 +49,7 @@
print "Please check $kolab_config (seems to be incomplete)\n";
die "and run kolab_bootstrap afterwards, manually";
}
-my $fqdn = `hostname -f`;
+my $fqdn = `hostname`;
chomp($fqdn);
print "Please enter Hostname [$fqdn]:";
@@ -80,7 +80,7 @@
print " bind_dn : $bind_dn\n";
}
if ($bind_pw =~ /\@\@\@/) {
- $bind_pw = `@@@kolab_prefix@@@/bin/openssl passwd kolab`;
+ $bind_pw = `@l_prefix@/bin/openssl passwd kolab`;
chomp $bind_pw;
print "Please choose a manager password [$bind_pw]:";
my $tmp = ReadLine;
@@ -92,7 +92,7 @@
$php_dn =~ s/\@\@\@kolab_basedn\@\@\@/$base_dn/g;
}
if ($php_pw =~ /\@\@\@/) {
- $php_pw = `@@@kolab_prefix@@@/bin/openssl passwd nobody`;
+ $php_pw = `@l_prefix@/bin/openssl passwd nobody`;
chomp $php_pw;
}
@@ -129,13 +129,13 @@
print "prepare LDAP database...\n";
if ($ldap_uri =~ /127\.0\.0\.1/ || $ldap_uri =~ /localhost/) {
print "kill running slapd (if any)\n";
- system("killall -INT slapd >/dev/null 2>&1");
+ system("$kolab_prefix/etc/rc openldap stop");
sleep 1;
- system("killall -INT slapd >/dev/null 2>&1");
+ system("$kolab_prefix/etc/rc openldap stop");
sleep 1;
- system("killall -9 slapd >/dev/null 2>&1");
+ #system("killall -9 slapd >/dev/null 2>&1");
sleep 1;
- system("killall -9 slapd >/dev/null 2>&1");
+ #system("killall -9 slapd >/dev/null 2>&1");
sleep 1;
my $tmpl = IO::File->new("$kolab_prefix/etc/kolab/slapd.conf.template", "r")
|| die "could not read $kolab_prefix/etc/kolab/slapd.conf.template";
@@ -153,7 +153,7 @@
# now we must startup slapd
print "temporarily start slapd\n";
$ldap_uri = "ldap://127.0.0.1:389/";
- system("$kolab_prefix/libexec/slapd -h ldap://127.0.0.1:389/ -f $kolab_prefix/etc/openldap/slapd.conf");
+ system("$kolab_prefix/libexec/openldap/slapd -h ldap://127.0.0.1:389/ -f $kolab_prefix/etc/openldap/slapd.conf");
sleep 3;
}
@@ -282,19 +282,34 @@
print "LDAP setup finished\n\n";
print "Create initial config files for postfix, apache, proftpd, cyrus imap, saslauthd\n";
- print " running $kolab_prefix/etc/kolab/kolab -v -o -l$ldap_uri\n";
+
+ my $cfg;
+ open(FH, "<@l_prefix@/etc/rc.conf") || die;
+ $cfg .= $_ while (<FH>);
+ close(FH);
+
+ $cfg =~ s/\n((openldap_url|sasl_authmech)\S*=[^\n]*)/#\1\n/sg;
+ $cfg .= "openldap_url=\"\"\nsasl_authmech=\"ldap\"\n";
+
+ open(FH, ">@l_prefix@/etc/rc.conf") || die;
+ print FH $cfg;
+ close(FH);
+ undef $cfg;
+
+ print " running $kolab_prefix/etc/kolab/kolab -v -o -l$ldap_uri\n";
+
system("$kolab_prefix/etc/kolab/kolab -v -o -l$ldap_uri");
if ($ldap_uri =~ /127\.0\.0\.1/ || $ldap_uri =~ /localhost/) {
print "\nkill temporary slapd\n\n";
- system("killall -INT slapd >/dev/null 2>&1");
+ system("$kolab_prefix/etc/rc openldap stop");
sleep 5;
- system("killall -9 slapd >/dev/null 2>&1");
+ #system("killall -9 slapd >/dev/null 2>&1");
}
system("$kolab_prefix/etc/kolab/kolab_sslcert.sh $fqdn");
print "kolab should now be ready to run\n";
- print "please run '$kolab_prefix/etc/rc.d/rc.kolab start'\n";
+ print "please run '$kolab_prefix/etc/rc all start'\n";
exit;
}
Index: kolab_sslcert.sh
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/kolab_sslcert.sh,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- kolab_sslcert.sh 9 Jun 2003 12:53:42 -0000 1.9
+++ kolab_sslcert.sh 31 Mar 2004 13:23:12 -0000 1.10
@@ -6,7 +6,7 @@
## Read the file COPYING that comes with this packages for details.
-cd @@@kolab_prefix@@@/etc/kolab
+cd @l_prefix@/etc/kolab
if [ $1 ];then
HN=$1
@@ -30,18 +30,18 @@
echo -n "generate self-signed certificate for hostname $HN... "
- @@@kolab_prefix@@@/bin/openssl req -new -x509 -outform PEM -keyform PEM -nodes \
+ @l_prefix@/bin/openssl req -new -x509 -outform PEM -keyform PEM -nodes \
-days 3650 -out cert.pem -keyout key.pem \
-config tmp.req.cnf >/dev/null 2>&1
echo "done"
-chgrp kolab key.pem
-chmod 0644 key.pem
-chgrp kolab cert.pem
-chmod 0644 cert.pem
+chgrp @l_rusr@ key.pem
+chmod 0640 key.pem
+chgrp @l_rusr@ cert.pem
+chmod 0640 cert.pem
rm -f tmp.req.cnf
cd -
-echo "New certificate has been installed under @@@kolab_prefix@@@/etc/kolab/"
+echo "New certificate has been installed under @l_prefix@/etc/kolab/"
Index: legacy.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/legacy.conf.template,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- legacy.conf.template 25 Jan 2003 21:49:12 -0000 1.2
+++ legacy.conf.template 31 Mar 2004 13:23:12 -0000 1.3
@@ -1,4 +1,4 @@
-<Directory "@@@kolab_prefix@@@/var/kolab/www/freebusy">
+<Directory "@l_prefix@/var/kolab/www/freebusy">
AllowOverride None
Options None
Index: main.cf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/main.cf.template,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- main.cf.template 25 Oct 2003 07:44:00 -0000 1.7
+++ main.cf.template 31 Mar 2004 13:23:12 -0000 1.8
@@ -9,14 +9,14 @@
# manual additions are lost unless made to the template in the Kolab config directory
# paths
-command_directory = @@@kolab_prefix@@@/sbin
-daemon_directory = @@@kolab_prefix@@@/libexec/postfix
-queue_directory = @@@kolab_prefix@@@/var/postfix
+command_directory = @l_prefix@/sbin
+daemon_directory = @l_prefix@/libexec/postfix
+queue_directory = @l_prefix@/var/postfix
# users
-mail_owner= @@@l_musr@@@
-setgid_group= @@@l_rgrp@@@
-default_privs= @@@l_nusr@@@
+mail_owner= @l_musr@
+setgid_group= @l_rgrp@
+default_privs= @l_nusr@
# local host
myhostname = @@@fqhostname@@@
@@ -39,35 +39,36 @@
# check_relay_domains
# maps
-canonical_maps = hash:@@@kolab_prefix@@@/etc/postfix/canonical
-virtual_maps = hash:@@@kolab_prefix@@@/etc/postfix/virtual
-relocated_maps = hash:@@@kolab_prefix@@@/etc/postfix/relocated
-transport_maps = hash:@@@kolab_prefix@@@/etc/postfix/transport
-alias_maps = hash:@@@kolab_prefix@@@/etc/postfix/aliases
-alias_database = hash:@@@kolab_prefix@@@/etc/postfix/aliases
+canonical_maps = hash:@l_prefix@/etc/postfix/canonical
+virtual_maps = ldap:ldapsource
+# virtual_maps = hash:@l_prefix@/etc/postfix/virtual
+relocated_maps = hash:@l_prefix@/etc/postfix/relocated
+transport_maps = hash:@l_prefix@/etc/postfix/transport
+alias_maps = hash:@l_prefix@/etc/postfix/aliases
+alias_database = hash:@l_prefix@/etc/postfix/aliases
local_recipient_maps =
# local delivery
recipient_delimiter = +
-mailbox_transport = lmtp:unix:@@@kolab_prefix@@@/var/kolab/lmtp
+mailbox_transport = lmtp:unix:@l_prefix@/var/kolab/lmtp
#TLS settings
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_starttls_timeout = 300s
smtpd_timeout = 300s
-#smtpd_tls_CAfile = @@@kolab_prefix@@@/etc/kolab/server.pem
+#smtpd_tls_CAfile = @l_prefix@/etc/kolab/server.pem
#smtpd_tls_CApath =
#smtpd_tls_ask_ccert = no
#smtpd_tls_ccert_verifydepth = 5
-smtpd_tls_cert_file = @@@kolab_prefix@@@/etc/kolab/cert.pem
+smtpd_tls_cert_file = @l_prefix@/etc/kolab/cert.pem
#smtpd_tls_cipherlist =
#smtpd_tls_dcert_file =
#smtpd_tls_dh1024_param_file =
#smtpd_tls_dh512_param_file =
#smtpd_tls_dkey_file = $smtpd_tls_dcert_file
#smtpd_tls_key_file = $smtpd_tls_cert_file
-smtpd_tls_key_file = @@@kolab_prefix@@@/etc/kolab/key.pem
+smtpd_tls_key_file = @l_prefix@/etc/kolab/key.pem
#smtpd_tls_loglevel = 3
smtpd_tls_received_header = no
#smtpd_tls_req_ccert = no
@@ -100,9 +101,28 @@
#smtp_tls_session_cache_timeout = 3600s
# authentication via sasl
-smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_relay_domains
+smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
#smtpd_restriction_classes =
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
+
+#
+# LDAP Alias support
+#
+
+ldapsource_search_base = @@@user_dn_list@@@
+ldapsource_query_filter = (alias=%s)
+ldapsource_result_attribute = mail
+ldapsource_result_filter = %s
+ldapsource_search_timeout = 2
+ldapsource_scope = one
+ldapsource_bind = no
+ldapsource_version = 3
+
+#
+# Amavis virus scan
+#
+
+content_filter=smtp-amavis:[127.0.0.1]:10024
Index: master.cf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/master.cf.template,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- master.cf.template 22 May 2003 18:49:51 -0000 1.3
+++ master.cf.template 31 Mar 2004 13:23:12 -0000 1.4
@@ -30,3 +30,22 @@
#bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/kolab/bin/bsmtp -f $sender $nexthop $recipient
465 inet n - n - - smtpd -v -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#587 inet n - n - - smtpd -v -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
+smtp-amavis unix - - n - 2 smtp
+ -o smtp_data_done_timeout=1200
+ -o smtp_send_xforward_command=yes
+ -o disable_dns_lookups=yes
+
+127.0.0.1:10025 inet n - n - - smtpd
+ -o content_filter=
+ -o local_recipient_maps=
+ -o relay_recipient_maps=
+ -o smtpd_restriction_classes=
+ -o smtpd_client_restrictions=
+ -o smtpd_helo_restrictions=
+ -o smtpd_sender_restrictions=
+ -o smtpd_recipient_restrictions=permit_mynetworks,reject
+ -o mynetworks=127.0.0.0/8
+ -o strict_rfc821_envelopes=yes
+ -o smtpd_error_sleep_time=0
+ -o smtpd_soft_error_limit=1001
+ -o smtpd_hard_error_limit=1000
Index: proftpd.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/proftpd.conf.template,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- proftpd.conf.template 27 May 2003 23:06:11 -0000 1.7
+++ proftpd.conf.template 31 Mar 2004 13:23:12 -0000 1.8
@@ -14,25 +14,25 @@
PersistentPasswd off
-#AuthUserFile @@@kolab_prefix@@@/etc/proftpd/proftpd.passwd
-#AuthGroupFile @@@kolab_prefix@@@/etc/proftpd/proftpd.group
+#AuthUserFile @l_prefix@/etc/proftpd/proftpd.passwd
+#AuthGroupFile @l_prefix@/etc/proftpd/proftpd.group
LDAPServer @@@ldap_ip@@@
LDAPDNinfo "@@@php_dn@@@" "@@@php_pw@@@"
LDAPDoAuth on "@@@base_dn@@@" "(uid=freebusy)"
# need to switch over to kolab-n !!
-ScoreBoardFile @@@kolab_prefix@@@/var/proftpd/score
+ScoreBoardFile @l_prefix@/var/proftpd/score
-LDAPDefaultUID @@@l_nuid@@@
+LDAPDefaultUID @l_nuid@
LDAPForceDefaultUID on
-LDAPDefaultGID @@@l_ngid@@@
+LDAPDefaultGID @l_ngid@
LDAPForceDefaultGID on
LDAPHomedirOnDemand on
LDAPHomedirOnDemandPrefix /tmp
MaxInstances 40
-User @@@l_nusr@@@
-Group @@@l_ngrp@@@
+User @l_nusr@
+Group @l_ngrp@
Umask 022
UseReverseDNS off
@@ -50,9 +50,9 @@
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
-SystemLog @@@kolab_prefix@@@/var/proftpd/proftpd.log
+SystemLog @l_prefix@/var/proftpd/proftpd.log
-DefaultRoot @@@kolab_prefix@@@/var/kolab/www/freebusy
+DefaultRoot @l_prefix@/var/kolab/www/freebusy
<Global>
IdentLookups off
Index: saslauthd.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/saslauthd.conf.template,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- saslauthd.conf.template 16 Jul 2003 22:07:34 -0000 1.4
+++ saslauthd.conf.template 31 Mar 2004 13:23:12 -0000 1.5
@@ -8,16 +8,16 @@
# this file is automatically written by the Kolab config backend
# manual additions are lost unless made to the template in the Kolab config directory
-ldap_servers: @@@ldap_uri@@@
+ldap_servers: @@@user_ldap_uri@@@
#ldap_servers: <ldap://localhost/>
# Specify URI(s) refering to LDAP server(s), e.g. ldaps://10.1.1.2:999/.
# You can specify multiple servers separated by a space.
-ldap_bind_dn: @@@php_dn@@@
+ldap_bind_dn: @@@user_bind_dn@@@
# Specify DN (distinguished name) to bind to the LDAP directory. Do not
# specify this parameter for the anonymous bind.
-ldap_bind_pw: @@@php_pw@@@
+ldap_bind_pw: @@@user_bind_pw@@@
# Specify the password for ldap_bind_dn. Do not specify this parameter
# for the anonymous bind.
@@ -31,6 +31,7 @@
#ldap_time_limit: <5>
# Specify a number of seconds for a search request to complete.
+ldap_deref: always
#ldap_deref: <none> <search|find|always|never>
# Specify how aliases dereferencing is handled during a search.
@@ -54,17 +55,18 @@
#ldap_scope: <sub> <sub|one|base>
# Search scope.
-ldap_search_base: @@@base_dn@@@
+ldap_search_base: @@@user_dn_list@@@
#ldap_search_base: <none>
# Specify a starting point for the search. e.g. dc=foo,dc=com
+ldap_auth_method: bind
#ldap_auth_method: <bind> <bind|custom>
# Specify an authentication method. The default 'bind' method uses the
# LDAP simple bind facility to verify the password. The custom method
# uses userPassword attribute to verify the password. Currently, {CRYPT}
# hash is supported.
-ldap_filter: (|(uid=%u)(mail=%u)(alias=%u))
+ldap_filter: (|(mail=%u@%d)(mail=%u)(uid=%u@%d)(uid=%u))
#ldap_filter: <uid=%u>
# Specify a filter. Use the %u and %r tokens for the username and realm
# substitution. The %u token has to be used at minimum for the filter to
Index: slapd.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/slapd.conf.template,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- slapd.conf.template 19 Mar 2004 11:04:12 -0000 1.11
+++ slapd.conf.template 31 Mar 2004 13:23:12 -0000 1.12
@@ -1,5 +1,5 @@
# (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
-# (c) 2004 Martin Konold <martin.konold at erfrakon.de>
+# (c) 2003 Martin Konold <martin.konold at erfrakon.de>
# (c) 2003 Achim Frank <achim.frank at erfrakon.de>
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.
@@ -7,30 +7,31 @@
# this file is automatically written by the Kolab config backend
# manual additions are lost unless made to the template in the Kolab config directory
-# the template is @@@kolab_prefix@@@/etc/kolab/slapd.conf.template
+# the template is @l_prefix@/etc/kolab/slapd.conf.template
-include @@@kolab_prefix@@@/etc/kolab/kolab.schema
+include @l_prefix@/etc/openldap/schema/kolab.schema
+include @l_prefix@/etc/openldap/schema/kolab-cf.schema
-pidfile @@@kolab_prefix@@@/var/openldap/slapd.pid
-argsfile @@@kolab_prefix@@@/var/openldap/slapd.args
-replogfile @@@kolab_prefix@@@/var/openldap/replog
+
+pidfile @l_prefix@/var/openldap/slapd.pid
+replica-pidfile @l_prefix@/var/openldap/slurpd.pid
+argsfile @l_prefix@/var/openldap/slapd.args
+replogfile @l_prefix@/var/openldap/replog
schemacheck on
lastmod on
-TLSCertificateFile @@@kolab_prefix@@@/etc/kolab/cert.pem
-TLSCertificateKeyFile @@@kolab_prefix@@@/etc/kolab/key.pem
+TLSCertificateFile @l_prefix@/etc/kolab/cert.pem
+TLSCertificateKeyFile @l_prefix@/etc/kolab/key.pem
require none
allow bind_v2
loglevel 0
-password-hash {sha}
-
database ldbm
suffix "@@@base_dn@@@"
-directory @@@kolab_prefix@@@/var/openldap/openldap-data
+directory @l_prefix@/var/openldap/openldap-data
rootdn "@@@bind_dn@@@"
rootpw "@@@bind_pw@@@"
@@ -87,14 +88,14 @@
by self write
by anonymous auth stop
-access to dn.regexp="(.*,)?cn=internal,@@@base_dn@@@"
+access to dn.regex="(.*,)?cn=internal,@@@base_dn@@@"
by group="cn=admin,@@@base_dn@@@" write
by group="cn=maintainer,@@@base_dn@@@" write
by self write
by dn="cn=nobody,@@@base_dn@@@" read
by anonymous auth stop
-access to dn.regexp="(.*,)?cn=external,@@@base_dn@@@"
+access to dn.regex="(.*,)?cn=external,@@@base_dn@@@"
by group="cn=admin,@@@base_dn@@@" write
by group="cn=maintainer,@@@base_dn@@@" write
by * read stop
More information about the commits
mailing list