#include "sysdep.h"
#include "config.h"
#include "citadel_dirs.h"
+#if HAVE_BACKTRACE
+#include <execinfo.h>
+#endif
+
-#define MAXSETUP 6 /* How many setup questions to ask */
+#define MAXSETUP 11 /* How many setup questions to ask */
#define UI_TEXT 0 /* Default setup type -- text only */
#define UI_DIALOG 2 /* Use the 'dialog' program */
"Citadel User ID",
"Server IP address",
"Server port number",
- "Authentication mode"
+ "Authentication mode",
+ "LDAP host",
+ "LDAP port number",
+ "LDAP base DN",
+ "LDAP bind DN",
+ "LDAP bind password"
};
+/**
+ * \brief print the actual stack frame.
+ */
+void cit_backtrace(void)
+{
+#ifdef HAVE_BACKTRACE
+ void *stack_frames[50];
+ size_t size, i;
+ char **strings;
+
+
+ size = backtrace(stack_frames, sizeof(stack_frames) / sizeof(void*));
+ strings = backtrace_symbols(stack_frames, size);
+ for (i = 0; i < size; i++) {
+ if (strings != NULL)
+ fprintf(stderr, "%s\n", strings[i]);
+ else
+ fprintf(stderr, "%p\n", stack_frames[i]);
+ }
+ free(strings);
+#endif
+}
struct config config;
"of Citadel on the same computer and there is something else\n"
"already using port 504.\n",
-"Normally, a Citadel system uses a \"black box\" authentication mode.\n"
-"This means that users do not have accounts or home directories on\n"
-"the underlying host system -- Citadel manages its own user database.\n"
-"However, if you wish to override this behavior, you can enable the\n"
-"host based authentication mode which is traditional for Unix systems.\n"
+
+
+"How would you like to authenticate users on your Citadel system?\n"
+"\n"
+" 0. Self contained authentication - Citadel maintains its own user database\n"
+" (This mode is *strongly* recommended)\n"
+"\n"
+" 1. Authenticate users against the host system (unix or linux accounts)\n"
+"\n"
+" 2. Authenticate users against an external LDAP directory (RFC 2307 compliant)\n"
+"\n"
+" 3. Authenticate users against nonstandard MS Active Directory LDAP\n"
+"\n"
"WARNING: do *not* change this setting once your system is installed.\n"
"\n"
-"(Answer \"no\" unless you completely understand this option)\n"
-"Do you want to enable host based authentication mode?\n"
+"(Answer \"0\" unless you completely understand this option)\n"
+"Which authentication mode do you want to use?\n",
+
+"Please enter the host name or IP address of your LDAP server.\n",
+
+"Please enter the port number of the LDAP service (usually 389).\n",
+
+"Please enter the Base DN to search for authentication\n"
+"(for example: dc=example,dc=com)\n",
+
+"Please enter the DN of an account to use for binding to the LDAP server\n"
+"for performing queries. The account does not require any other\n"
+"privileges. If your LDAP server allows anonymous queries, you can.\n"
+"leave this blank.\n",
+
+"If you entered a Bind DN in the previous question, you must now enter\n"
+"the password associated with that account. Otherwise, you can leave this\n"
+"blank.\n"
};
void cleanup(int exitcode)
{
+// printf("Exitcode: %d\n", exitcode);
+// cit_backtrace();
exit(exitcode);
}
answer = 0;
}
break;
+ case UI_SILENT:
+ break;
}
return (answer);
msgtext);
system(buf);
break;
+ case UI_SILENT:
+ fprintf(stderr, "%s\n", msgtext);
+ break;
}
}
}
}
break;
+ case UI_SILENT:
+ break;
}
}
/* Offer to replace other MTA with the vastly superior Citadel :) */
- if (getenv("ACT_AS_MTA")) {
- if (strcasecmp(getenv("ACT_AS_MTA"), "yes")) {
- return;
- }
- }
- else {
- snprintf(buf, sizeof buf,
- "You appear to have the \"%s\" email program\n"
- "running on your system. If you want Citadel mail\n"
- "connected with %s, you will have to manually integrate\n"
- "them. It is preferable to disable %s, and use Citadel's\n"
- "SMTP, POP3, and IMAP services.\n\n"
- "May we disable %s so that Citadel has access to ports\n"
- "25, 110, and 143?\n",
- mta, mta, mta, mta
+ snprintf(buf, sizeof buf,
+ "You appear to have the \"%s\" email program\n"
+ "running on your system. If you want Citadel mail\n"
+ "connected with %s, you will have to manually integrate\n"
+ "them. It is preferable to disable %s, and use Citadel's\n"
+ "SMTP, POP3, and IMAP services.\n\n"
+ "May we disable %s so that Citadel has access to ports\n"
+ "25, 110, and 143?\n",
+ mta, mta, mta, mta
);
- if (yesno(buf, 1) == 0) {
- return;
- }
+ if (yesno(buf, 1) == 0) {
+ return;
}
+
sprintf(buf, "for x in /etc/rc*.d/S*%s; do mv $x `echo $x |sed s/S/K/g`; done >/dev/null 2>&1", mta);
system(buf);
/*
* Check to see if our server really works. Returns 0 on success.
*/
-int test_server(char *setup_directory) {
+int test_server(char *setup_directory, char *relhomestr, int relhome) {
char cmd[256];
char cookie[256];
FILE *fp;
*/
sprintf(cookie, "--test--%d--", getpid());
- sprintf(cmd, "%s/sendcommand -h%s ECHO %s 2>&1",
- ctdl_sbin_dir,
- setup_directory,
- cookie);
+ if (relhome)
+ sprintf(cmd, "%s/sendcommand -h%s ECHO %s 2>&1",
+ ctdl_sbin_dir,
+ relhomestr,
+ cookie);
+ else
+ sprintf(cmd, "%s/sendcommand ECHO %s 2>&1",
+ ctdl_sbin_dir,
+ cookie);
fp = popen(cmd, "r");
if (fp == NULL) return(errno);
unlink(dialog_result);
}
break;
-
+ case UI_SILENT:
+ break;
}
}
}
}
else {
- set_bool_val(curr, &config.c_auth_mode);
+ set_int_val(curr, &config.c_auth_mode);
+ }
+ break;
+
+ case 7:
+ if (setup_type == UI_SILENT)
+ {
+ if (getenv("LDAP_HOST")) {
+ strcpy(config.c_ldap_host, getenv("LDAP_HOST"));
+ }
+ }
+ else
+ {
+ set_str_val(curr, config.c_ldap_host);
+ }
+ break;
+
+ case 8:
+ if (setup_type == UI_SILENT)
+ {
+ if (getenv("LDAP_PORT")) {
+ config.c_ldap_port = atoi(getenv("LDAP_PORT"));
+ }
+ }
+ else
+ {
+ set_int_val(curr, &config.c_ldap_port);
+ }
+ break;
+
+ case 9:
+ if (setup_type == UI_SILENT)
+ {
+ if (getenv("LDAP_BASE_DN")) {
+ strcpy(config.c_ldap_base_dn, getenv("LDAP_BASE_DN"));
+ }
+ }
+ else
+ {
+ set_str_val(curr, config.c_ldap_base_dn);
+ }
+ break;
+
+ case 10:
+ if (setup_type == UI_SILENT)
+ {
+ if (getenv("LDAP_BIND_DN")) {
+ strcpy(config.c_ldap_bind_dn, getenv("LDAP_BIND_DN"));
+ }
+ }
+ else
+ {
+ set_str_val(curr, config.c_ldap_bind_dn);
+ }
+ break;
+
+ case 11:
+ if (setup_type == UI_SILENT)
+ {
+ if (getenv("LDAP_BIND_PW")) {
+ strcpy(config.c_ldap_bind_pw, getenv("LDAP_BIND_PW"));
+ }
+ }
+ else
+ {
+ set_str_val(curr, config.c_ldap_bind_pw);
}
break;
}
+
}
/*
if (yesno(question, 1)) {
sprintf(buf, "/bin/mv -f %s %s", new_filename, NSSCONF);
system(buf);
+ chmod(NSSCONF, 0644);
}
unlink(new_filename);
}
set_str_val(0, setup_directory);
}
- enable_home=(relh|home);
+ enable_home = ( relh | home );
- if (chdir(setup_directory) == 0) {
- strcpy(file_citadel_config, "./citadel.config");
- }
- else {
- important_message("Citadel Setup",
- "The directory you specified does not exist.");
+ if (chdir(setup_directory) != 0) {
+ char errmsg[SIZ];
+ sprintf(errmsg, "The directory you specified does not exist: [%s]\n", setup_directory);
+
+ important_message("Citadel Setup", errmsg);
cleanup(errno);
}
}
/* Make sure Citadel is not running. */
- if (test_server(setup_directory) == 0) {
+ if (test_server(setup_directory, relhome, enable_home) == 0) {
important_message("Citadel Setup",
"The Citadel service is still running.\n"
"Please stop the service manually and run "
/* Go through a series of dialogs prompting for config info */
for (curr = 1; curr <= MAXSETUP; ++curr) {
edit_value(curr);
+ if ((curr == 6) && (config.c_auth_mode != AUTHMODE_LDAP) && (config.c_auth_mode != AUTHMODE_LDAP_AD)) {
+ curr += 5; /* skip LDAP questions if we're not authenticating against LDAP */
+ }
}
/***** begin version update section ***** */
delete_inittab_entry(); /* Remove obsolete /etc/inittab entry */
check_xinetd_entry(); /* Check /etc/xinetd.d/telnet */
- /* Offer to disable other MTA's on the system. */
- disable_other_mta("courier-authdaemon");
- disable_other_mta("courier-imap");
- disable_other_mta("courier-imap-ssl");
- disable_other_mta("courier-pop");
- disable_other_mta("courier-pop3");
- disable_other_mta("courier-pop3d");
- disable_other_mta("cyrmaster");
- disable_other_mta("cyrus");
- disable_other_mta("dovecot");
- disable_other_mta("exim");
- disable_other_mta("exim4");
- disable_other_mta("imapd");
- disable_other_mta("mta");
- disable_other_mta("pop3d");
- disable_other_mta("popd");
- disable_other_mta("postfix");
- disable_other_mta("qmail");
- disable_other_mta("saslauthd");
- disable_other_mta("sendmail");
- disable_other_mta("vmailmgrd");
+ if ((getenv("ACT_AS_MTA") == NULL) ||
+ (getenv("ACT_AS_MTA") &&
+ strcasecmp(getenv("ACT_AS_MTA"), "yes") == 0)) {
+ /* Offer to disable other MTA's on the system. */
+ disable_other_mta("courier-authdaemon");
+ disable_other_mta("courier-imap");
+ disable_other_mta("courier-imap-ssl");
+ disable_other_mta("courier-pop");
+ disable_other_mta("courier-pop3");
+ disable_other_mta("courier-pop3d");
+ disable_other_mta("cyrmaster");
+ disable_other_mta("cyrus");
+ disable_other_mta("dovecot");
+ disable_other_mta("exim");
+ disable_other_mta("exim4");
+ disable_other_mta("imapd");
+ disable_other_mta("mta");
+ disable_other_mta("pop3d");
+ disable_other_mta("popd");
+ disable_other_mta("postfix");
+ disable_other_mta("qmail");
+ disable_other_mta("saslauthd");
+ disable_other_mta("sendmail");
+ disable_other_mta("vmailmgrd");
+ }
#endif
/* Check for the 'db' nss and offer to disable it */
sleep(3);
}
- if (test_server(setup_directory) == 0) {
- snprintf (admin_cmd, sizeof(admin_cmd), "%s/sendcommand \"CREU %s|%s\"", ctdl_utilbin_dir, config.c_sysadm, admin_pass);
- system(admin_cmd);
- important_message("Setup finished",
- "Setup of the Citadel server is complete.\n"
- "If you will be using WebCit, please run its\n"
- "setup program now; otherwise, run './citadel'\n"
- "to log in.\n");
+ if (test_server(setup_directory, relhome, enable_home) == 0) {
+ char buf[SIZ];
+ int found_it = 0;
+
+ snprintf (admin_cmd, sizeof(admin_cmd), "%s/sendcommand \"CREU %s|%s\" 2>&1",
+ ctdl_sbin_dir, config.c_sysadm, admin_pass);
+ fp = popen(admin_cmd, "r");
+ if (fp != NULL) {
+ while (fgets(buf, sizeof buf, fp) != NULL)
+ {
+ if ((atol(buf) == 574) || (atol(buf) == 200))
+ ++found_it;
+ }
+ pclose(fp);
+ }
+
+ if (found_it == 0)
+ important_message("Error","Setup failed to create your admin user");
+
+ if (setup_type != UI_SILENT)
+ important_message("Setup finished",
+ "Setup of the Citadel server is complete.\n"
+ "If you will be using WebCit, please run its\n"
+ "setup program now; otherwise, run './citadel'\n"
+ "to log in.\n");
}
else {
important_message("Setup failed",