- Merge all ldap actions into one action.
- Setup ldapscripts using augeas.
- Use the default mechanisms used by ldapscripts.
- Remove adding admin users to 'sudo' group. Mixing LDAP groups and
local groups is not a good practice. 'admin' LDAP group will be added
to sudoers in another patch to freedombox-setup.
- Make all users posixAccount and all groups posixGroup for simplicity.
Shell access can be restricted in other ways.
- Work around ldapscripts not able to set password using SASL auth.
- Work around ldapscripts having issues with current locale.
- Use webserver action utilites.
- Move status getting to module __init__.py so that it can be turned
into an API in future for further simplificaiton.
- Apply this to other modules too in future commits.
- To check whether a service is running does not require root
privileges. This can directly be done from a module without any
action.
- Since actions are allowed to be run using sudo, introducing
unnecessary sub-commands increases attack surface.
- Simple functions calls are unnecessarily being converted to command
line invocations and involve parsing response.
- There is a lot of repeated code because of this that can be
eliminated.
- To generalize this, we need to make all non-root system operations
directly from module instead of delegating to action commands.
- Merge actions/pagekite_util.py into plinth/modules/pagekite/util.py.
- Rename plinth/modules/pagekite/util.py to utils.py.
- Add python-augeus as dependency.
- Move actions/util.py to plinth/action_utils.py and update services
that use it.
- Rename _run() method to run() as it is being used publicly.
- Import the utils in a more conventional manner.
- Move all python2 bits to python3.
We should use on_install setups as sparingly as possible. We don't get
callbacks in cases where package is already installed. Until we
implement our versioned setup mechanism, doing some idempotent setup()
during enable() is much safer.
