alterator-net-domain-0.4/000075500000000000000000000000001210215210300153645ustar00rootroot00000000000000alterator-net-domain-0.4/Makefile000064400000000000000000000002671210215210300170310ustar00rootroot00000000000000NAME=net-domain all: clean: install: install-module install-data include /usr/share/alterator/build/module.mak install-data: install -d $(libexecdir)/alterator/hooks/net-domain.d alterator-net-domain-0.4/applications/000075500000000000000000000000001210215210300200525ustar00rootroot00000000000000alterator-net-domain-0.4/applications/net-domain.desktop000064400000000000000000000003401210215210300234750ustar00rootroot00000000000000[Desktop Entry] Type=Application Categories=X-Alterator-System Terminal=false Name=Domain Icon=net-domain X-Alterator-URI=/net-domain X-Alterator-Weight=20 X-Alterator-Help=net-domain X-Alterator-UI=html Name[ru]=Домен alterator-net-domain-0.4/backend3/000075500000000000000000000000001210215210300170365ustar00rootroot00000000000000alterator-net-domain-0.4/backend3/net-domain000075500000000000000000000137261210215210300210300ustar00rootroot00000000000000#!/bin/sh network_file=/etc/sysconfig/network system_file=/etc/sysconfig/system resolvconf=/sbin/resolvconf etcnet_lo_resolvconf=/etc/net/ifaces/lo/resolv.conf max_hostname_length=64 alterator_api_version=1 . alterator-sh-functions . avahi-sh-functions . shell-config . shell-ini-config . alterator-openldap-functions test_resolver() { cat /etc/resolv.conf | grep -qs "^nameserver 127.0.0.1" if [ $? -eq 1 ]; then echo "ERROR: nameserver 127.0.0.1 not present in resolv.conf" else nameserver=`grep -s ^nameserver /etc/resolv.conf | head -n1` if echo $nameserver | grep -qs 127.0.0.1 ; then echo "OK" else echo "ERROR: 127.0.0.1 is not first in resolv.conf" fi fi } test_access() { ping -c 1 $(read_hostname) > /dev/null 2>&1 if [ $? -eq 1 ]; then echo "ERROR: fqdn is unpingable" else echo "OK" fi } test_ldap() { fqdn=$(read_hostname) domain="${fqdn#*.}" dn="$(host_2_dn "$domain")" slapd_conf=`ldap-dn find $dn` if [ $? -eq 1 ]; then echo "ERROR: no slapd conffile for dn: '$dn'" exit fi slapd_rootpw=`grep ^rootpw $slapd_conf | sed -e 's,^rootpw ,,'` if [ -z $slapd_rootpw ] ;then echo "ERROR: no rootpw specified" exit fi slapd_rootdn=`grep ^rootdn $slapd_conf | sed -e 's,^rootdn ,,' | sed -e 's,",,g'` if [ -z $slapd_rootdn ] ; then echo "ERROR: no rootdn specified" exit fi ldapsearch -x -H "ldaps://$fqdn" -b "$dn" -D "$slapd_rootdn" -w"$slapd_rootpw" > /dev/null 2>&1 if [ $? -ne 0 ]; then echo "Error: connect to ldaps://$fqdn failed" exit fi ldapsearch -x -H "ldaps://$fqdn" -b "$dn" -D "$slapd_rootdn" -w"$slapd_rootpw" ou=People | grep -v "^#" | grep "ou: People" > /dev/null 2>&1 if [ $? -eq 0 ]; then echo "OK" else echo "Error: failed to ldapsearch ou=People, slapd is broken" fi } test_kdc() { if ! service krb5kdc status &> /dev/null ; then echo "Error: krb5kdc service is stopped" fi fqdn=$(read_hostname) domain="${fqdn#*.}" dn="$(host_2_dn "$domain")" slapd_conf=`ldap-dn find $dn` if [ $? -eq 1 ]; then echo "ERROR: no slapd conffile for dn: '$dn'" exit fi slapd_rootpw=`grep ^rootpw $slapd_conf | sed -e 's,^rootpw ,,'` slapd_rootdn=`grep ^rootdn $slapd_conf | sed -e 's,^rootdn ,,' | sed -e 's,",,g'` ldapsearch -x -h localhost -b "$dn" -D "$slapd_rootdn" "ou=kdcroot" -w"$slapd_rootpw" | grep -v "^#" | grep "ou: kdcroot" > /dev/null 2>&1 if [ $? -ne 0 ]; then echo "Error: failed to ldapsearch ou=kdcroot, no KDC base in LDAP" exit fi ldapsearch -x -h localhost -b "$dn" -D "$slapd_rootdn" "objectClass=krbRealmContainer" -w"$slapd_rootpw" | grep -v "^#" | grep "objectClass: krbRealmContainer" > /dev/null 2>&1 if [ $? -eq 0 ]; then echo "OK" else echo "Error: failed to ldapsearch objectClass=krbRealmContainer, no realm container in LDAP" fi } test_smb() { if service smb status &> /dev/null ; then workgroup="$(ini_config_get /etc/samba/smb.conf global workgroup)" echo "OK ($workgroup)" else echo "Error: smbd service is stopped" fi } test_dhcpd() { fqdn=$(read_hostname) domain="${fqdn#*.}" grep -qs "option domain-name \"$domain\";" /etc/dhcp/dhcpd.conf if [ $? -ne 0 ]; then echo "Error: domain name $domain is not provided to clients" exit fi grep -qs "option domain-name-servers" /etc/dhcp/dhcpd.conf if [ $? -ne 0 ]; then echo "Error: domain server is not provided to clients" exit else echo "OK" fi } check_hostname() { local hn="$1" # Check valid hostname according RFC 1035 valid_hostname="$(echo "$hn"|egrep '^([a-zA-Z]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)*[a-zA-Z]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?$')" if [ -z "$valid_hostname" ]; then write_error "`_ "Domain name is not valid according RFC 1035"`" return 1 fi return 0 } read_hostname() { local value="$(shell_config_get "$network_file" HOSTNAME)" [ -n "$value" ] || value="localhost.localdomain" echo "$value" } read_domain() { local value="$(read_hostname)" local domain="${value#*.}" [ "$value" != "$domain" ] || domain="localdomain" echo "$domain" } write_domain() { local old_value="$(read_hostname)" local old_name="${old_value%%.*}" local new_value="$old_name.$1" check_hostname "$new_value" || return 1 shell_config_set "$network_file" HOSTNAME "$new_value" hostname "$new_value" if [ -f "$etcnet_lo_resolvconf" ]; then shell_config_set "$etcnet_lo_resolvconf" domain "$1" ' ' ' ' [ -x "$resolvconf" ] && "$resolvconf" -a lo <"$etcnet_lo_resolvconf" fi run-parts /etc/hooks/hostname.d "$old_value" "$new_value" return 0 } read_role() { shell_config_get "$system_file" SERVER_ROLE } write_role() { local old_server_role="$(read_role)" local new_server_role="$1";shift if [ "$old_server_role" != "$new_server_role" ];then shell_config_set "$system_file" SERVER_ROLE "$new_server_role" fi export old_server_role export new_server_role run-parts /usr/lib/alterator/hooks/net-domain.d } on_message() { case "$in_action" in type) write_type_item domain hostname ;; read) write_string_param domain "$(read_domain)" local role="$(read_role)" write_string_param resolver "$(test_resolver)" write_string_param access "$(test_access)" write_string_param ldap "$(test_ldap)" write_string_param kdc "$(test_kdc)" write_string_param smb "$(test_smb)" write_string_param dhcpd "$(test_dhcpd)" [ "$role" != "master" ] write_bool_param master $? ;; write) if [ -z "$in_domain" ]; then write_error "`_ "Please define domain name"`" return elif echo "$in_domain"|egrep -iwqs "localdomain|localhost|local"; then write_error "`_ "This domain name is registered for internal purposes"`" return fi # Note: write_role should be before write_domain, hooks can use server role value role=none if [ "$in_master" == "#t" ]; then role=master fi write_role "$role" write_domain "$in_domain" "1" && \ publish_service alterator-net-domain 'ALT Linux Server (%h)' '_server._tcp' '0' "role=$(read_role)" "domain=$(read_domain)" ;; esac } message_loop alterator-net-domain-0.4/ui/000075500000000000000000000000001210215210300160015ustar00rootroot00000000000000alterator-net-domain-0.4/ui/net-domain/000075500000000000000000000000001210215210300200345ustar00rootroot00000000000000alterator-net-domain-0.4/ui/net-domain/ajax.scm000064400000000000000000000030421210215210300214620ustar00rootroot00000000000000(define-module (ui net-domain ajax) :use-module (alterator ajax) :use-module (alterator woo) :use-module (alterator effect) :export (on-load)) (define *resolver* "unknown") (define *access* "unknown") (define *ldap* "unknown") (define *kdc* "unknown") (define *smb* "unknown") (define *dhcpd* "unknown") (define *master* "off") (define (ui-read) (catch/message (lambda() (form-update-value-list '("domain") (woo-read-first "/net-domain")) (let* ((data (woo-read"/net-domain" ))) (set! *resolver* (woo-get-option (car data) 'resolver)) (set! *access* (woo-get-option (car data) 'access)) (set! *ldap* (woo-get-option (car data) 'ldap)) (set! *kdc* (woo-get-option (car data) 'kdc)) (set! *smb* (woo-get-option (car data) 'smb)) (set! *dhcpd* (woo-get-option (car data) 'dhcpd)) (set! *master* (woo-get-option (car data) 'master)) ) (form-update-value "resolver" *resolver*) (form-update-value "access" *access*) (form-update-value "ldap" *ldap*) (form-update-value "kdc" *kdc*) (form-update-value "smb" *smb*) (form-update-value "dhcpd" *dhcpd*) (form-update-value "master" *master*) ))) (define (ui-write) (catch/message (lambda() (woo-write "/net-domain" 'language (form-value "language") 'master (form-value "master") 'domain (form-value "domain")) (ui-read) ))) (define (on-load) (ui-read) (effect-hide "status-page" "master" #f) (init-effect) (form-bind "submit" "click" ui-write) (form-bind "reset" "click" ui-read)) alterator-net-domain-0.4/ui/net-domain/index.html000064400000000000000000000060541210215210300220360ustar00rootroot00000000000000
 
Domain:
  Note: domain name should follows RFC 1035
  1. Domain name should contains one or more labels separated by dots.
  2. Labels must start with a latin letter (in upper and lower case), end with a letter or digit, and have as interior characters only letters, digits, and hyphen.
  3. Labels must be 63 characters or less.
  4. Domain should not has labels named 'localhost', 'localdomain' and 'local'. They are reserved for internal purposes.
Examples: domain, school-33, department.company
 
Serve kerberos domain:
 
  Attention: Domain change needs reboot for normal operation
   
  Current status:
  Resolver:
  Access:
  DHCPD:
  LDAP:
  KDC:
  Samba:
 
alterator-net-domain-0.4/ui/net-domain/index.scm000064400000000000000000000007471210215210300216570ustar00rootroot00000000000000(document:surround "/std/frame") (gridbox columns "0;100" margin 20 (label name "domain" align "right" text (_ "Domain:")) (edit name "domain") (label colspan "2") (spacer) (label text-wrap #t text (string-append (bold (_ "Attention:")) (_ "Domain change needs reboot for normal operation"))) (label colspan "2") (spacer) (hbox align "left" (button name "submit" text (_ "Apply")) (label text " ") (button name "reset" text (_ "Reset"))))