Commit b9db3c88 authored by Benoit Mortier's avatar Benoit Mortier

Merge branch '1.3-dev' into HEAD

Signed-off-by: Benoit Mortier's avatarBenoit Mortier <benoit.mortier@opensides.be>
parents d0ae8b6a 245569a8
......@@ -43,6 +43,22 @@ create_php_lint_rapport_stretch:
script:
- find . -type f -name '*.php' -o -name '*.inc' -print0 | xargs -0 -n1 php -l
# generate man pages to test validity
create_manpages_lint_report:
stage: lint
only:
- branches
before_script:
- apt-get update -qq
- apt-get install -y -qq perl man-db
script:
- pod2man -c "FusionDirectory Documentation" -r "FusionDirectory 1.3" contrib/bin/fusiondirectory-insert-schema contrib/man/fusiondirectory-insert-schema.1
- pod2man -c "FusionDirectory Documentation" -r "FusionDirectory 1.3" contrib/bin/fusiondirectory-setup contrib/man/fusiondirectory-setup.1
- pod2man -c "FusionDirectory Documentation" -r "FusionDirectory 1.3" contrib/man/fusiondirectory.conf.pod contrib/man/fusiondirectory.conf.5
- lexgrog contrib/man/fusiondirectory-insert-schema.1
- lexgrog contrib/man/fusiondirectory-setup.1
- lexgrog contrib/man/fusiondirectory.conf.5
## Stage codestyle
# Generate perlcritic rapport
......@@ -59,7 +75,7 @@ create_perlcritic_rapport:
- perlcritic --quiet --verbose "%f~|~%s~|~%l~|~%c~|~%m~|~%e~|~%p~||~%n" contrib/bin
# PHP codesniffer
create_php_code_sniffer_rapport:
create_php_code_sniffer_rapport_13:
stage: codestyle
only:
- branches
......@@ -67,24 +83,44 @@ create_php_code_sniffer_rapport:
- apt-get update -qq
- apt-get install -y -qq git php-cli php-codesniffer
script:
- git clone https://gitlab.fusiondirectory.org/fusiondirectory/dev-tools.git ../dev-tools
- find . -type f -name '*.php' -o -name '*.inc' -exec phpcs --standard=../dev-tools/php-codesniffer-rules/FDStandard/ruleset.xml "{}" \;
- git clone https://gitlab.fusiondirectory.org/fusiondirectory/dev-tools.git -b 1.3 ../dev-tools
- find . -type f -name '*.php' -o -name '*.inc' > ./filelist
- phpcs --standard=../dev-tools/php-codesniffer-rules/FDStandard/ruleset.xml --file-list=./filelist
# generate man pages to test validity
create_manpages_lint_report:
stage: lint
# Sonar publishing
sonar_publish:
image: sonar-cli:3.1.0.1141
stage: codestyle
only:
- branches
before_script:
- apt-get update -qq
- apt-get install -y -qq perl man-db
- 1.3-dev
script:
- pod2man -c "FusionDirectory Documentation" -r "FusionDirectory 1.3" contrib/bin/fusiondirectory-insert-schema contrib/man/fusiondirectory-insert-schema.1
- pod2man -c "FusionDirectory Documentation" -r "FusionDirectory 1.3" contrib/bin/fusiondirectory-setup contrib/man/fusiondirectory-setup.1
- pod2man -c "FusionDirectory Documentation" -r "FusionDirectory 1.3" contrib/man/fusiondirectory.conf.pod contrib/man/fusiondirectory.conf.5
- lexgrog contrib/man/fusiondirectory-insert-schema.1
- lexgrog contrib/man/fusiondirectory-setup.1
- lexgrog contrib/man/fusiondirectory.conf.5
- /home/sonar/*/bin/sonar-scanner
-D sonar.projectKey=fusiondirectory-dev
-D sonar.projectName=FusionDirectory-Dev
-D sonar.projectVersion=1.3
-D sonar.sourceEncoding=UTF-8
-D sonar.exclusions='html/themes/legacy/**/*,include/class_xml.inc'
-D sonar.gitlab.project_id="$CI_PROJECT_PATH"
-D sonar.gitlab.commit_sha="$CI_COMMIT_SHA"
-D sonar.gitlab.ref_name="$CI_COMMIT_REF_NAME"
# Sonar preview
sonar_preview:
image: sonar-cli:3.1.0.1141
stage: codestyle
except:
- 1.3-dev
script:
- /home/sonar/*/bin/sonar-scanner
-D sonar.projectKey=fusiondirectory-dev
-D sonar.projectName=FusionDirectory-Dev
-D sonar.projectVersion=1.3
-D sonar.sourceEncoding=UTF-8
-D sonar.exclusions='html/themes/legacy/**/*,include/class_xml.inc'
-D sonar.gitlab.project_id="$CI_PROJECT_PATH"
-D sonar.gitlab.commit_sha="$CI_COMMIT_SHA"
-D sonar.gitlab.ref_name="$CI_COMMIT_REF_NAME"
-D sonar.analysis.mode=preview
# fusiondirectory-update-locale
fusiondirectory-update-locale:
......@@ -117,19 +153,27 @@ update-transifex:
build-tarballs:
stage: tarballs
only:
- /^1.*$/
script:
- tar -cvzf fusiondirectory-core.tar.gz *
- mkdir ../fusiondirectory-$(cut -d '-' -f1 <<< $CI_COMMIT_REF_NAME)
- cp -a ./* ../fusiondirectory-$(cut -d '-' -f1 <<< $CI_COMMIT_REF_NAME)
- mv ../fusiondirectory-$(cut -d '-' -f1 <<< $CI_COMMIT_REF_NAME) ./
artifacts:
name: fusiondirectory-$(cut -d '-' -f1 <<< $CI_COMMIT_REF_NAME)
paths:
- fusiondirectory-core.tar.gz
- ./fusiondirectory-$(cut -d '-' -f1 <<< $CI_COMMIT_REF_NAME)
expire_in: 1h
build-release:
stage: tarballs
only:
- tags
script:
- tar -cvzf fusiondirectory-core-$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"').tar.gz *
script:
- mkdir "../fusiondirectory-$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"')"
- cp -a ./* "../fusiondirectory-$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"')"
- mv "../fusiondirectory-$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"')" ./
artifacts:
name: fusiondirectory-"$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"')"
paths:
- fusiondirectory-core-$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"').tar.gz
- ./fusiondirectory-"$(grep '%' Changelog.md | head -n1 | cut -d ' ' -f3 | tr -d '"')"
### Description
<!-- Required -->
<!-- Description of the issue -->
### Source FusionDirectory Version
<!-- Required -->
<!-- FusionDirectory version where the code come from -->
### Destination FusionDirectory Version
<!-- Required -->
<!-- FusionDirectory version where the code sould go -->
### Plugin with the new code
<!-- Required -->
<!-- Name of the plugin -->
### Reason of Backporting code
<!-- Required -->
### What defect does it correct
<!-- Required -->
<!-- Why do we backport this code -->
### Additional Information
<!-- optional -->
<!-- Any additional information, configuration or data that might be necessary to reproduce the issue. -->
### Description
<!-- Required -->
<!-- Description of the issue -->
### Distribution Name and Version
<!-- Required -->
<!-- Debian, Centos -->
### FusionDirectory Version
<!-- Required -->
### PHP version used
<!-- Required -->
### Origin of php packages
<!-- Required -->
<!-- Distribution packages, Out of distribution -->
### Steps to Reproduce
<!-- Required -->
1. [First Step]
2. [Second Step]
3. [and so on...]
**Expected behavior:**
<!-- What you expect to happen-->
**Actual behavior:**
<!-- What actually happens -->
**Reproduces how often:**
<!-- What percentage of the time does it reproduce?-->
### Additional Information
<!-- optional -->
<!-- Any additional information, configuration or data that might be necessary to reproduce the issue. -->
\ No newline at end of file
### Requirements
* Filling out the template is required. Any Enhancement request that does not include enough information to be reviewed in a timely manner may be closed at the maintainers' discretion.
* All new code requires tests to ensure against regressions
## Descriptive title for this contribution
<!-- required -->
### Step by step description of this contribution
<!-- Required -->
1. [First Step]
2. [Second Step]
3. [and so on...]
### Schemas needed by this contribution
<!-- Describe if schema changes are needed by this contribution -->
<!-- Describe if new schemas are need for this contribution -->
### Benefits
<!-- Required -->
<!-- What benefits will be realized with this contribution ? -->
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of this contribution ? -->
### Actual use cases
<!-- optional -->
<!-- Enter any applicable Issues here -->
### Requirements
* Filling out the template is required. Any Enhancement request that does not include enough information to be reviewed in a timely manner may be closed at the maintainers' discretion.
* All new code requires tests to ensure against regressions
## Descriptive title for this enhancement
<!-- required -->
### Actual behavior
<!-- What actually happens -->
### Expected behavior
<!-- What you expect to happen-->
### Step by step description of new behaviour
<!-- Required -->
1. [First Step]
2. [Second Step]
3. [and so on...]
### Benefits
<!-- optional -->
<!-- What benefits will be realized by the code change? -->
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of the code change? -->
### Applicable Issues
<!-- optional -->
<!-- Enter any applicable Issues here -->
### Requirements
* Filling out the template is required. Any pull request that does not include enough information to be reviewed in a timely manner may be closed at the maintainers' discretion.
* All new code requires tests to ensure against regressions
## Title of the Pull Requests
<!-- required -->
### Description of the Change
<!-- required -->
<!-- can be an aglomeration of commits bodies -->
### Benefits
<!-- optional -->
<!-- What benefits will be realized by the code change? -->
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of the code change? -->
### Applicable Issues
<!-- optional -->
<!-- Enter any applicable Issues here -->
\ No newline at end of file
......@@ -2,7 +2,7 @@
host = https://www.transifex.com
type = PO
[fusiondirectory-12.core]
[FusionDirectory-13.core]
file_filter = locale/<lang>/fusiondirectory.po
source_file = locale/en/fusiondirectory.po
source_lang = en
......
......@@ -78,8 +78,10 @@ documentation and additional help.
accept-to-gettext code that helps for language conversation
* Antoine Gallavardin <antoine.gallavardin@free.fr>
Add support for social network ORCID in personal
Dhcp plugin patch to manage key and update zone in dhcp for dyndns
First version of the quota and supann plugin
First version of the quota plugin
First version of the supann plugin
First version of the board plugin
* Leonid Bogdanov <leonid_bogdanov@mail.ru>
......@@ -104,6 +106,7 @@ documentation and additional help.
* Alexis Michon <alexis.michon@ibcp.fr>
Testing, First version of Password reset
Support for two or more MAC address for a system
* Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Various patches from debian-edu
......@@ -209,3 +212,12 @@ documentation and additional help.
* Patzke Thomas <thomas.patzke2@thyssenkrupp.com>
Security and vulnerabitity testing
* Janne Heß
Enhance the login and password reset theme
* Peter Linss
Added catchall table to postfix plugin
* Renato Ramonda
Support for SSH ed25519 keys
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -87,7 +87,7 @@ If you like [FusionDirectory][FusionDirectory] and would like to [donate][donate
[FusionDirectory]: https://www.fusiondirectory.org/
[fusiondirectory-install]: http://documentation.fusiondirectory.org/en/documentation_admin
[fusiondirectory-install]: https://fusiondirectory-user-manual.readthedocs.io/en/1.3/install/index.html
[get help]: https://www.fusiondirectory.org/contact-us/
......
......@@ -3121,17 +3121,113 @@ apt-get install fusiondirectory-schema
```
## Migrate FusionDirectory from 1.2.3 to 1.3
### Upgrade FusionDirectory first
Upgrade FusionDirectory core package before other ones to avoid
dependencies errors:
``` {.sourceCode .shell}
apt-get install fusiondirectory
```
Upgrade FusionDirectory schema package too.
``` {.sourceCode .shell}
apt-get install fusiondirectory-schema
```
### Upgrade of LDAP directory
Upgrade core schema of FusionDirectory
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd-conf.schema
```
if you are using the audit plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/audit-fd.schema
```
if you are using the argonaut plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/argonaut-fd.schema
```
if you are using the community plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/community-fd.schema
```
if you are using the dhcp plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/dhcp-fd.schema
```
if you are using the ejbca plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/ejbca-fd.schema
```
if you are using the opsi plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/opsi-fd.schema
```
if you are using the postfix plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/postfix-fd.schema
```
if you are using the supann plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/supann-fd-conf.schema
```
if you are using the systems plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd.schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd-conf.schema
```
if you are using the user reminder plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/user-reminder-fd-conf.schema
```
if you are using the weblink plugin you have to update is schema
``` {.sourceCode .shell}
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/weblink-fd.schema
```
[php-cas]: http://packages.ubuntu.com/trusty/all/php-cas/download
[repo-urls]: https://documentation.fusiondirectory.org/en/dl_install
[repo-urls]: https://fusiondirectory-user-manual.readthedocs.io/en/1.3/install/index.html
---
* Further information
To improve this piece of software, please report all kind of errors using the bug tracker
on https://forge.fusiondirectory.org
on https://gitlab.fusiondirectory.org
Documentation: https://documentation.fusiondirectory.org/
Documentation: https://fusiondirectory-user-manual.readthedocs.io/en/1.3/index.html
Mailinglist: https://lists.fusiondirectory.org/
Irc: #fusiondirectory on freenode
......
# Include FusionDirectory to your web service
Alias /fusiondirectory /var/www/fusiondirectory/html
<IfModule mod_php5.c>
<Location /fusiondirectory>
php_admin_flag engine on
php_admin_flag register_globals off
php_admin_flag allow_call_time_pass_reference off
php_admin_flag expose_php off
php_admin_flag zend.ze1_compatibility_mode off
php_admin_flag register_long_arrays off
php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
php_admin_value session.cookie_lifetime 0
<Directory /var/www/fusiondirectory/html>
# Remove the comment from the line below if you use fusiondirectory-setup --encrypt-passwords
# include /etc/fusiondirectory/fusiondirectory.secrets
</Location>
</IfModule>
</Directory>
......@@ -278,24 +278,18 @@ sub encrypt_passwords {
# Print reminder
print "
Please adapt your http fusiondirectory location declaration to include the newly
Please adapt your http fusiondirectory declaration to include the newly
created $fd_secrets.
Example:
Alias /fusiondirectory /usr/share/fusiondirectory/html
# Include FusionDirectory to your web service
Alias /fusiondirectory $vars{fd_home}
<Location /fusiondirectory>
php_admin_flag engine on
php_admin_flag register_globals off
php_admin_flag allow_call_time_pass_reference off
php_admin_flag expose_php off
php_admin_flag zend.ze1_compatibility_mode off
php_admin_flag register_long_arrays off
php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
php_admin_value session.cookie_lifetime 0
include /etc/fusiondirectory/fusiondirectory.secrets
</Location>
<Directory $vars{fd_home}>
# Include the secrects file
include $fd_secrets
</Directory>
Please reload your httpd configuration after you've modified anything.\n";
......@@ -739,14 +733,18 @@ sub get_ldap_connexion {
my @locs = $twig->root->first_child('main')->children('location');
my %locations = ();
foreach my $loc (@locs) {
$loc->lc_attnames();
my $ref = $loc->first_child('referral');
# Ignore case
$ref->lc_attnames();
$locations{$loc->{'att'}->{'name'}} = {
'tls' => 0,
'uri' => $ref->{'att'}->{'URI'},
'bind_dn' => $ref->{'att'}->{'adminDn'},
'bind_pwd' => $ref->{'att'}->{'adminPassword'}
'uri' => $ref->{'att'}->{'uri'},
'base' => ($ref->{'att'}->{'base'} or $loc->{'att'}->{'base'} or ''),
'bind_dn' => $ref->{'att'}->{'admindn'},
'bind_pwd' => $ref->{'att'}->{'adminpassword'}
};
if (defined $loc->{'att'}->{'ldapTLS'} and $loc->{'att'}->{'ldapTLS'} =~ m/true/i) {
if (defined $loc->{'att'}->{'ldaptls'} and $loc->{'att'}->{'ldaptls'} =~ m/true/i) {
$locations{$loc->{'att'}->{'name'}}->{'tls'} = 1
}
}
......@@ -761,7 +759,11 @@ sub get_ldap_connexion {
$location = $answer;
}
if ($locations{$location}->{'uri'} =~ qr|^(.*)/([^/]+)$|) {
if ($locations{$location}->{'base'} ne '') {
$uri = $locations{$location}->{'uri'};
$base = $locations{$location}->{'base'};
} elsif ($locations{$location}->{'uri'} =~ qr|^(.*)/([^/]+)$|) {
# Format from FD<1.3
$uri = $1;
$base = $2;
} else {
......@@ -1602,6 +1604,47 @@ sub migrate_phones {
$unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
}
# function that migrates supannTypeEntite from FD<1.3 to FD>=1.3
sub migrate_supanntypeentite {
# initiate the LDAP connexion
my %hash_ldap_param = get_ldap_connexion();
# LDAP's connection's parameters
my $base = $hash_ldap_param{base};
my $ldap = $hash_ldap_param{ldap};
my $mesg = $ldap->search(
filter => '(&(supannTypeEntite=*)(!(supannTypeEntite={*}*)))',
base => $base
);
$mesg->code && die $mesg->error;
if ($mesg->count > 0) {
print ("The following entries are missing prefix in supannTypeEntite value:\n");
my @entries = $mesg->entries;
foreach my $entry (@entries) {
print $entry->dn().": ".$entry->get_value("supannTypeEntite")."\n";
}
if (ask_yn_question("Migrate these entries to add the {SUPANN} prefix?")) {
foreach my $entry (@entries) {
$entry->replace("supannTypeEntite" => "{SUPANN}".$entry->get_value("supannTypeEntite"));
$mesg = $entry->update($ldap);
if ($mesg->code) {
print $entry->dn().": ".$mesg->error."\n";
next;
}
}
}
}
# unbind to the LDAP server
my $unbind = $ldap->unbind;
$unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
}
# List LDAP attributes which have been deprecated
sub list_deprecated {
my ($obsolete_attrs, $obsolete_classes) = get_deprecated();
......@@ -1844,6 +1887,7 @@ die ("! You have to run this script as root\n") if ($<!=0);
$commands{"--migrate-systems"} = ["Migrating your systems from FD < 1.1", \&migrate_systems, 1];
$commands{"--migrate-winstations"} = ["Migrating your winstations from FD < 1.1", \&migrate_winstations, 1];
$commands{"--migrate-dhcp"} = ["Migrating DHCP configurations for FD >= 1.0.17",\&migrate_dhcp, 1];
$commands{"--migrate-supannentite"} = ["Fixing supannTypeEntite from FD < 1.3", \&migrate_supanntypeentite];
$commands{"--delete-gosa-locks"} = ["Delete lock tokens using old gosaLockEntry class", \&delete_gosa_locks];
$commands{"--install-plugins"} = ["Installing FusionDirectory's plugins", \&install_plugins];
$commands{"--encrypt-passwords"} = ["Encrypt passwords in fusiondirectory.conf", \&encrypt_passwords];
......@@ -1960,6 +2004,10 @@ This option replace old winstations objectClasses by new objectClasses from FD 1
This option moves DHCP configurations from systems branch to DHCP branch, which is necessary for FusionDirectory 1.0.17 and above.
=item --migrate-supannentite
This option adds the {SUPANN} prefix that was missing in supannTypeEntite values before FD 1.3.
=item --delete-gosa-locks
This option will delete old GOsa style lock tokens from 1.0.15 or older
......
......@@ -33,7 +33,7 @@
ldapTLS="TRUE"
{/if}
>
<referral URI="{$cv.connection}/{$cv.base}"
<referral URI="{$cv.connection}" base="{$cv.base}"
adminDn="{$cv.admin}"
adminPassword="{$cv.password}" />
</location>
......
......@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-INSERT-SCHEMA 1"