- Don't allow disabling the only available admin account.
- Don't allow deletion of the only available admin account.
- Don't allow removing admin privileges of the only available admin account.
Signed-off-by: Hemanth Kumar Veeranki <hems.india1997@gmail.com>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Instead of a separate action that is conditionally called for a version number,
we can check if the domain currently configured is what we want and then based
on the value do a reconfiguration. This approach will work better when Plinth
state is reset etc.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Increment users module version so existing users will get FreedomBox
copy of ldapscripts config file.
Avoid reconfiguration of slapd during module upgrade, because this
will move the existing database.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Edit user form fails because a 'wiki' group entry exists in the database
though the ikiwiki app hasn't been installed yet.
- Register group when a user group is created by an application, so that a
plinth restart can be avoided.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- More user-friendly treatment of groups and their permissions
Closes#690
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Apply the patch present in Debian packaging:
James Valleroy: When testing new image builds, I found users created through
plinth could not login through console or SSH. The reason is that slapd and
nslcd services were not enabled and not running. I don't know what is causing
this situation, so this is just a workaround.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Also wrote unit tests in users/tests/test_actions
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The changes made for system login will not be effective until a restart. This
includes SSH login, console login, getent answers, etc.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
LDAP admin and basic structure setup requires running slapd. Move this
to first-run so we don't have to start slapd during setup. This should
avoid issues when running setup in a chroot.
Preseeding settings with debconf won't have any effect if the packages
are already installed. Instead, provide an override database to
dpkg-reconfigure.
- Break down setup process into methods.
- Make sure that LDAP entity setup is idempotent.
- Peform all entry updates while slapd is running instead of using
slapadd.
- Start slapd only when necessary. Shutdown (only) if we have started
slapd.
