+citadel (7.60-80) stable; urgency=low
+
+ * new upstream release
+ * add debconf code for ldap/ad auth
+
+ -- Wilfried Goesgens <w.goesgens@outgesourced.org> Tue, 28 Aug 2009 8:00:00 +0002
+
citadel (7.50-73) stable; urgency=low
* release
if test "$DO_CONFIGURE" = "yes"; then
STATE=1
- LASTSTATE=4
+ LASTSTATE=8
while [ "$STATE" != 0 -a "$STATE" -le "$LASTSTATE" ]; do
case "$STATE" in
;;
3)
db_input high citadel/LoginType || true
+ db_get citadel/LoginType
+ case "$RET" in
+ Internal)
+ STATE=8
+ ;;
+ Host)
+ STATE=8
+ ;;
+ esac
+ ;;
+
+ 4)
+ db_input citadel/LDAPServer || true
+ ;;
+
+ 5)
+ db_input citadel/LDAPServerPort || true
+ ;;
+
+ 6)
+ db_input citadel/LDAPBaseDN || true
+ ;;
+
+ 7)
+ db_input citadel/LDAPBindDN || true
+ ;;
+
+ 8)
+ db_input citadel/LDAPBindDNPassword || true
;;
move_file /etc/citadel/citadel.control /var/lib/citadel/data/citadel.control
move_file /etc/citadel/citadel.config /var/lib/citadel/data/citadel.config
- db_get citadel/Administrator && admin="$RET"
- db_get citadel/ServerIPAddress && ip_addr="$RET"
- db_get citadel/LoginType && deb_enable_unix_auth="$RET"
-
- if test "$deb_enable_unix_auth" = "true"; then
- export ENABLE_UNIX_AUTH=yes
- else
- export ENABLE_UNIX_AUTH=no
- fi
+ db_get citadel/Administrator && admin="$RET"
+ db_get citadel/ServerIPAddress && ip_addr="$RET"
+ db_get citadel/LoginType && deb_enable_unix_auth="$RET"
+ db_get citadel/LDAPServer && LDAP_HOST="$RET"; export LDAP_HOST
+ db_get citadel/LDAPServerPort && LDAP_PORT="$RET"; export LDAP_PORT
+ db_get citadel/LDAPBaseDN && LDAP_BASE_DN="$RET"; export LDAP_BASE_DN
+ db_get citadel/LDAPBindDN && LDAP_BIND_DN="$RET"; export LDAP_BIND_DN
+ db_get citadel/LDAPBindDNPassword && LDAP_BIND_PW="$RET"; export LDAP_BIND_PW
+
export IP_ADDR=$ip_addr
export CITADEL='/var/run/citadel'
of Citadel are running on the same computer.
Template: citadel/LoginType
-Type: boolean
-Default: false
+Type: select
+_Choices: Internal, Host, LDAP, Active Directory
+Default: Internal
_Description: Enable external authentication mode?
Please choose the user authentication mode. By default Citadel will
- use its own internal user accounts database. If you accept this
- option, Citadel users will have accounts on the host system,
- authenticated via /etc/passwd (or LDAP).
+ use its own internal user accounts database. If you choose Host,
+ Citadel users will have accounts on the host system,
+ authenticated via /etc/passwd or a PAM source.
+ LDAP chooses an RFC 2307 compliant directory server,
+ the last option chooses the nonstandard MS Active Directory LDAP scheme.
.
- Do not accept this option unless you are sure it is required, since
+ Do not change this option unless you are sure it is required, since
changing back requires a full reinstall of Citadel.
+
+Template: citadel/LDAPServer
+Type: string
+Default: 0.0.0.0
+_Description: LDAP host
+ Please enter the host name or IP address of your LDAP server.
+
+Template: citadel/LDAPServerPort
+Type: integer
+Default: 389
+_Description: LDAP port number
+ Please enter the port number of the LDAP service (usually 389).
+
+Template: citadel/LDAPBaseDN
+Type: string
+Default: dc=example,dc=com
+_Description: LDAP base DN
+ Please enter the Base DN to search for authentication
+ (for example: dc=example,dc=com),
+
+Template: citadel/LDAPBindDN
+Type: string
+Default:
+_Description: LDAP bind DN
+ Please enter the DN of an account to use for binding to the LDAP server
+ for performing queries. The account does not require any other
+ privileges. If your LDAP server allows anonymous queries, you can.
+ leave this blank.
+
+Template: citadel/LDAPBindDNPassword
+Type: string
+Default: OpenSesame
+_Description: LDAP bind password
+ If you entered a Bind DN in the previous question, you must now enter
+ the password associated with that account. Otherwise, you can leave this
+ blank.
+
Template: citadel/Administrator
Type: string
Default: Administrator
case 6:
if (setup_type == UI_SILENT)
{
- if (getenv("ENABLE_UNIX_AUTH")) {
- if (!strcasecmp(getenv("ENABLE_UNIX_AUTH"), "yes")) {
+ const char *auth;
+ config.c_auth_mode = AUTHMODE_NATIVE;
+ auth = getenv("ENABLE_UNIX_AUTH");
+ if (auth != NULL)
+ {
+ if ((strcasecmp(auth, "yes") == 0) ||
+ (strcasecmp(auth, "host") == 0))
+ {
config.c_auth_mode = AUTHMODE_HOST;
}
- else {
- config.c_auth_mode = AUTHMODE_NATIVE;
+ else if (strcasecmp(auth, "ldap") == 0){
+ config.c_auth_mode = AUTHMODE_LDAP;
+ }
+ else if ((strcasecmp(auth, "ldap_ad") == 0) ||
+ (strcasecmp(auth, "active directory") == 0)){
+ config.c_auth_mode = AUTHMODE_LDAP_AD;
}
}
}