use base qw(PVE::SectionConfig);
+my $inotify_file_id = 'pmg-ldap.conf';
+my $config_filename = '/etc/pmg/ldap.conf';
+
my $defaultData = {
propertyList => {
type => { description => "Section type." },
profile => {
- description => "Secion ID.",
+ description => "Profile ID.",
type => 'string', format => 'pve-configid',
},
},
},
accountattr => {
description => "Account attribute name name.",
- type => 'string',
+ type => 'string', format => 'string-list',
pattern => '[a-zA-Z0-9]+',
- default => 'sAMAccountName',
+ default => 'sAMAccountName, uid',
},
mailattr => {
description => "List of mail attribute names.",
pattern => '[a-zA-Z0-9]+',
default => "mail, userPrincipalName, proxyAddresses, othermailbox",
},
+ groupclass => {
+ description => "List of objectclasses for groups.",
+ type => 'string', format => 'string-list',
+ default => "group, univentionGroup, ipausergroup",
+ },
};
}
filter => { optional => 1 },
accountattr => { optional => 1 },
mailattr => { optional => 1 },
+ groupclass => { optional => 1 },
};
}
$class->SUPER::write_config($filename, $cfg);
}
+sub new {
+ my ($type) = @_;
+
+ my $class = ref($type) || $type;
+
+ my $cfg = PVE::INotify::read_file($inotify_file_id);
+
+ return bless $cfg, $class;
+}
+
+sub write {
+ my ($self) = @_;
+
+ PVE::INotify::write_file($inotify_file_id, $self);
+}
+
my $lockfile = "/var/lock/pmgldapconfig.lck";
sub lock_config {
local $/ = undef; # slurp mode
- my $raw = <$fh>;
+ my $raw = defined($fh) ? <$fh> : '';
return __PACKAGE__->parse_config($filename, $raw);
}
my $raw = __PACKAGE__->write_config($filename, $cfg);
- chmod(0600, $fh);
+ my $gid = getgrnam('www-data');
+ chown(0, $gid, $fh);
+ chmod(0640, $fh);
PVE::Tools::safe_print($filename, $fh, $raw);
}
-PVE::INotify::register_file('pmg-ldap.conf', "/etc/pmg/ldap.conf",
+PVE::INotify::register_file($inotify_file_id, $config_filename,
\&read_pmg_ldap_conf,
- \&write_pmg_ldap_conf);
+ \&write_pmg_ldap_conf,
+ undef,
+ always_call_parser => 1);
1;