Page MenuHomePhorge
Files F117762526

D3202.1775216968.diff
No OneTemporary
Actions

Authored By
Unknown
Size
16 KB
Referenced Files
None
Subscribers
None

D3202.1775216968.diff
View Options

diff --git a/docker-compose.yml b/docker-compose.yml
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -29,6 +29,14 @@
environment:
- DB_HOST=${DB_HOST}
- DB_ROOT_PASSWORD=Welcome2KolabSystems
+ - DB_HKCCP_DATABASE=${DB_DATABASE}
+ - DB_HKCCP_USERNAME=${DB_USERNAME}
+ - DB_HKCCP_PASSWORD=${DB_PASSWORD}
+ - DB_KOLAB_DATABASE=kolab
+ - DB_KOLAB_USERNAME=kolab
+ - DB_KOLAB_PASSWORD=Welcome2KolabSystems
+ - DB_RC_USERNAME=roundcube
+ - DB_RC_PASSWORD=Welcome2KolabSystems
- IMAP_HOST=127.0.0.1
- IMAP_PORT=11993
- MAIL_HOST=127.0.0.1
diff --git a/docker/kolab/Dockerfile b/docker/kolab/Dockerfile
--- a/docker/kolab/Dockerfile
+++ b/docker/kolab/Dockerfile
@@ -43,7 +43,7 @@
RUN rpm --import https://mirror.kolabenterprise.com/maipo.asc
RUN yum -y install https://mirror.kolabenterprise.com/kolab-16-for-el7.rpm && \
- yum -y install kolab-16-release-development && \
+ yum -y install kolab-16-release-development patch && \
yum clean all
RUN yum -y --setopt tsflags= install kolab
diff --git a/docker/kolab/kolab-init.sh b/docker/kolab/kolab-init.sh
--- a/docker/kolab/kolab-init.sh
+++ b/docker/kolab/kolab-init.sh
@@ -30,5 +30,9 @@
./19-turn-on-vlv-in-roundcube.sh && echo "19 done"
./20-add-alias-attribute-index.sh && echo "20 done"
./21-adjust-postfix-config.sh && echo "21 done"
+# FIXME we can only create the resource once the owner exists
+#./22-create-resource.sh && echo "22 done"
+./23-patch-system.sh && echo "23 done"
+./24-roundcubeconfig.sh && echo "24 done"
touch /tmp/kolab-init.done
diff --git a/docker/kolab/utils/02-write-my.cnf.sh b/docker/kolab/utils/02-write-my.cnf.sh
--- a/docker/kolab/utils/02-write-my.cnf.sh
+++ b/docker/kolab/utils/02-write-my.cnf.sh
@@ -4,5 +4,5 @@
[client]
host=${DB_HOST:-127.0.0.1}
user=root
-password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems}
+password=${DB_ROOT_PASSWORD}
EOF
diff --git a/docker/kolab/utils/04-reset-mysql-kolab-password.sh b/docker/kolab/utils/04-reset-mysql-kolab-password.sh
--- a/docker/kolab/utils/04-reset-mysql-kolab-password.sh
+++ b/docker/kolab/utils/04-reset-mysql-kolab-password.sh
@@ -1,15 +1,20 @@
#!/bin/bash
-sqlpw=$(grep ^sql_uri /etc/kolab/kolab.conf | awk -F':' '{print $3}' | awk -F'@' '{print $1}')
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "SET PASSWORD FOR '${DB_HKCCP_USERNAME}'@'%' = PASSWORD('${DB_HKCCP_PASSWORD}');"
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
- -e "SET PASSWORD FOR '${DB_HKCCP_USERNAME:-kolabdev}'@'%' = PASSWORD('${DB_HKCCP_PASSWORD:-kolab}');"
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "SET PASSWORD FOR '${DB_KOLAB_USERNAME}'@'localhost' = PASSWORD('${DB_KOLAB_PASSWORD}');"
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
- -e "SET PASSWORD FOR '${DB_KOLAB_USERNAME:-kolab}'@'%' = PASSWORD('${DB_KOLAB_PASSWORD:=$sqlpw}');"
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "CREATE USER '${DB_KOLAB_USERNAME}'@'%' IDENTIFIED BY '${DB_KOLAB_PASSWORD}'; FLUSH PRIVILEGES;"
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
- -e "SET PASSWORD FOR '${DB_RC_USERNAME:-roundcube}'@'%' = PASSWORD('${DB_RC_PASSWORD:-Welcome2KolabSystems}');"
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "SET PASSWORD FOR '${DB_RC_USERNAME}'@'localhost' = PASSWORD('${DB_RC_PASSWORD}');"
+
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "CREATE USER '${DB_RC_USERNAME}'@'%' IDENTIFIED BY '${DB_RC_PASSWORD}'; FLUSH PRIVILEGES;"
+
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "SET PASSWORD FOR '${DB_RC_USERNAME}'@'%' = PASSWORD('${DB_RC_PASSWORD}');"
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
- -e "CREATE USER '${DB_RC_USERNAME:-roundcube}'@'%' IDENTIFIED BY '${DB_RC_PASSWORD:-Welcome2KolabSystems}'; FLUSH PRIVILEGES;"
diff --git a/docker/kolab/utils/05-replace-localhost.sh b/docker/kolab/utils/05-replace-localhost.sh
--- a/docker/kolab/utils/05-replace-localhost.sh
+++ b/docker/kolab/utils/05-replace-localhost.sh
@@ -1,25 +1,25 @@
#!/bin/bash
if [[ ${DB_HOST} == "localhost" || ${DB_HOST} == "127.0.0.1" ]]; then
- mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
+ mysql -h ${DB_HOST} -u root --password=${DB_ROOT_PASSWORD} \
-e "UPDATE mysql.db SET Host = '127.0.0.1' WHERE Host = 'localhost';"
- mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
+ mysql -h ${DB_HOST} -u root --password=${DB_ROOT_PASSWORD} \
-e "FLUSH PRIVILEGES;"
fi
sed -i -e "s#^ldap_servers:.*#ldap_servers: ldap://${LDAP_HOST:-127.0.0.1}:389#" /etc/imapd.conf
sed -i -e "/hosts/s/localhost/${LDAP_HOST:-127.0.0.1}/" /etc/iRony/dav.inc.php
sed -i -e "s#^ldap_uri.*#ldap_uri = ldap://${LDAP_HOST:-127.0.0.1}:389#" \
- -e "s#^cache_uri.*mysql://\(.*\):\(.*\)@\(.*\)\/\(.*\)#cache_uri = mysql://${DB_KOLAB_USERNAME:-\1}:${DB_KOLAB_PASSWORD:-\2}@${DB_HOST:-127.0.0.1}/${DB_KOLAB_DATABASE:-\4}#" \
- -e "s#^sql_uri.*mysql://\(.*\):\(.*\)@\(.*\)\/\(.*\)#sql_uri = mysql://${DB_KOLAB_USERNAME:-\1}:${DB_KOLAB_PASSWORD:-\2}@${DB_HOST:-127.0.0.1}/${DB_KOLAB_DATABASE:-\4}#" \
+ -e "s#^cache_uri.*mysql://\(.*\):\(.*\)@\(.*\)\/\(.*\)#cache_uri = mysql://${DB_KOLAB_USERNAME}:${DB_KOLAB_PASSWORD}@${DB_HOST}/${DB_KOLAB_DATABASE}#" \
+ -e "s#^sql_uri.*mysql://\(.*\):\(.*\)@\(.*\)\/\(.*\)#sql_uri = mysql://${DB_KOLAB_USERNAME}:${DB_KOLAB_PASSWORD}@${DB_HOST}/${DB_KOLAB_DATABASE}#" \
-e "s#^uri.*#uri = imaps://${IMAP_HOST:-127.0.0.1}:11993#" /etc/kolab/kolab.conf
sed -i -e "/host/s/localhost/${LDAP_HOST:-127.0.0.1}/g" \
-e "/fbsource/s/localhost/${IMAP_HOST:-127.0.0.1}/g" /etc/kolab-freebusy/config.ini
#sed -i -e "s/server_host.*/server_host = ${LDAP_HOST:-127.0.0.1}/g" /etc/postfix/ldap/*
sed -i -e "/password_ldap_host/s/localhost/${LDAP_HOST:-127.0.0.1}/" /etc/roundcubemail/password.inc.php
sed -i -e "/hosts/s/localhost/${LDAP_HOST:-127.0.0.1}/" /etc/roundcubemail/kolab_auth.inc.php
-sed -i -e "s#.*db_dsnw.*# \$config['db_dsnw'] = 'mysql://${DB_RC_USERNAME:-roundcube}:${DB_RC_PASSWORD:-Welcome2KolabSystems}@${DB_HOST:-127.0.0.1}/${DB_RC_DATABASE:-roundcube}';#" \
+sed -i -e "s#.*db_dsnw.*# \$config['db_dsnw'] = 'mysql://${DB_RC_USERNAME}:${DB_RC_PASSWORD}@${DB_HOST}/roundcube';#" \
-e "/default_host/s|= .*$|= 'ssl://${IMAP_HOST:-127.0.0.1}';|" \
-e "/default_port/s|= .*$|= ${IMAP_PORT:-11993};|" \
-e "/smtp_server/s|= .*$|= 'tls://${MAIL_HOST:-127.0.0.1}';|" \
diff --git a/docker/kolab/utils/06-mysql-for-kolabdev.sh b/docker/kolab/utils/06-mysql-for-kolabdev.sh
--- a/docker/kolab/utils/06-mysql-for-kolabdev.sh
+++ b/docker/kolab/utils/06-mysql-for-kolabdev.sh
@@ -1,11 +1,11 @@
#!/bin/bash
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
- -e "CREATE DATABASE IF NOT EXISTS ${DB_HKCCP_DATABASE:-kolabdev};"
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "CREATE DATABASE IF NOT EXISTS ${DB_HKCCP_DATABASE};"
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
- -e "GRANT ALL PRIVILEGES ON ${DB_HKCCP_DATABASE:-kolabdev}.* TO '${DB_HKCCP_USERNAME:-kolabdev}'@'%' IDENTIFIED BY '${DB_HKCCP_PASSWORD:-kolab}';"
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
+ -e "GRANT ALL PRIVILEGES ON ${DB_HKCCP_DATABASE}.* TO '${DB_HKCCP_USERNAME}'@'%' IDENTIFIED BY '${DB_HKCCP_PASSWORD}';"
-mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD:-Welcome2KolabSystems} \
+mysql -h ${DB_HOST:-127.0.0.1} -u root --password=${DB_ROOT_PASSWORD} \
-e "FLUSH PRIVILEGES;"
diff --git a/docker/kolab/utils/07-adjust-base-dns.sh b/docker/kolab/utils/07-adjust-base-dns.sh
--- a/docker/kolab/utils/07-adjust-base-dns.sh
+++ b/docker/kolab/utils/07-adjust-base-dns.sh
@@ -21,6 +21,7 @@
/etc/kolab-freebusy/config.ini \
/etc/postfix/ldap/*.cf \
/etc/roundcubemail/config.inc.php \
+ /etc/roundcubemail/calendar.inc.php \
/etc/roundcubemail/kolab_auth.inc.php
sed -i -r \
diff --git a/docker/kolab/utils/09-enable-debugging.sh b/docker/kolab/utils/09-enable-debugging.sh
--- a/docker/kolab/utils/09-enable-debugging.sh
+++ b/docker/kolab/utils/09-enable-debugging.sh
@@ -6,3 +6,6 @@
systemctl restart cyrus-imapd
sed -i -r -e "s/_debug'] = (.*);/_debug'] = true;/g" /etc/roundcubemail/config.inc.php
+
+echo "FLAGS=\"--fork -l debug -d 8\"" > /etc/sysconfig/wallace
+systemctl restart wallace
diff --git a/docker/kolab/utils/10-change-port-numbers.sh b/docker/kolab/utils/10-change-port-numbers.sh
--- a/docker/kolab/utils/10-change-port-numbers.sh
+++ b/docker/kolab/utils/10-change-port-numbers.sh
@@ -20,7 +20,7 @@
systemctl restart cyrus-imapd
# Remove the submission block, by matching from submission until the next empty line
-sed -e '/submission inet/,/^$/d' /etc/postfix/master.cf
+sed -i -e '/submission inet/,/^$/d' /etc/postfix/master.cf
# Insert a new submission block with a modified port
cat >> /etc/postfix/master.cf << EOF
diff --git a/docker/kolab/utils/21-adjust-postfix-config.sh b/docker/kolab/utils/21-adjust-postfix-config.sh
--- a/docker/kolab/utils/21-adjust-postfix-config.sh
+++ b/docker/kolab/utils/21-adjust-postfix-config.sh
@@ -19,8 +19,11 @@
# ldapready: (inetuserstatus:1.2.840.113556.1.4.803:=16)
# imapready: (inetuserstatus:1.2.840.113556.1.4.803:=32)
+# sed -i -r \
+# -e 's/^query_filter.*$/query_filter = (\&(|(mail=%s)(alias=%s))(|(objectclass=kolabinetorgperson)(|(objectclass=kolabgroupofuniquenames)(objectclass=kolabgroupofurls))(|(|(objectclass=groupofuniquenames)(objectclass=groupofurls))(objectclass=kolabsharedfolder))(objectclass=kolabsharedfolder))(inetuserstatus:1.2.840.113556.1.4.803:=50)(!(inetuserstatus:1.2.840.113556.1.4.803:=4)))/g' \
+# /etc/postfix/ldap/local_recipient_maps.cf
sed -i -r \
- -e 's/^query_filter.*$/query_filter = (\&(|(mail=%s)(alias=%s))(|(objectclass=kolabinetorgperson)(|(objectclass=kolabgroupofuniquenames)(objectclass=kolabgroupofurls))(|(|(objectclass=groupofuniquenames)(objectclass=groupofurls))(objectclass=kolabsharedfolder))(objectclass=kolabsharedfolder))(inetuserstatus:1.2.840.113556.1.4.803:=50)(!(inetuserstatus:1.2.840.113556.1.4.803:=4)))/g' \
+ -e 's/^query_filter.*$/query_filter = (\&(|(mail=%s)(alias=%s))(|(objectclass=kolabinetorgperson)(|(objectclass=kolabgroupofuniquenames)(objectclass=kolabgroupofurls))(|(|(objectclass=groupofuniquenames)(objectclass=groupofurls))(objectclass=kolabsharedfolder))(objectclass=kolabsharedfolder))(!(inetuserstatus:1.2.840.113556.1.4.803:=4)))/g' \
/etc/postfix/ldap/local_recipient_maps.cf
systemctl restart postfix
diff --git a/docker/kolab/utils/22-create-resource.sh b/docker/kolab/utils/22-create-resource.sh
new file mode 100755
--- /dev/null
+++ b/docker/kolab/utils/22-create-resource.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+ . ./settings.sh
+
+(
+ echo "dn: cn=TestResource,ou=Resources,ou=kolab.org,${hosted_domain_rootdn}"
+ echo "cn: TestResource"
+ echo "owner: uid=jack@kolab.org,ou=People,ou=kolab.org,${hosted_domain_rootdn}"
+ echo "kolabTargetFolder: shared/Resources/TestResource@kolab.org"
+ echo "mail: resource-confroom-testresource@kolab.org"
+ echo "objectClass: top"
+ echo "objectClass: kolabsharedfolder"
+ echo "objectClass: kolabresource"
+ echo "objectClass: mailrecipient"
+ echo "kolabFolderType: event"
+ echo "kolabInvitationPolicy: ACT_MANUAL"
+ echo ""
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
diff --git a/docker/kolab/utils/23-patch-system.sh b/docker/kolab/utils/23-patch-system.sh
new file mode 100755
--- /dev/null
+++ b/docker/kolab/utils/23-patch-system.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+ . ./settings.sh
+
+PATCHPATH=$(pwd)/patches
+
+pushd /usr/lib/python2.7/site-packages/ || exit
+patch -p1 < "$PATCHPATH/0001-Resolve-base_dn-in-kolab_user_base_dn-user_base_dn-a.patch"
+popd || exit
+systemctl restart kolabd
+systemctl restart wallace
diff --git a/docker/kolab/utils/24-roundcubeconfig.sh b/docker/kolab/utils/24-roundcubeconfig.sh
new file mode 100755
--- /dev/null
+++ b/docker/kolab/utils/24-roundcubeconfig.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+sed -i -r -e "s/\$config = array();/\$config = array();\r\$config['use_https'] = false;/g" /etc/roundcubemail/config.inc.php
+
+sed -i -r -e "s/\$config['kolab_files_url'] =.*$/\$config['kolab_files_url'] = 'https://' \. \$_SERVER['HTTP_HOST'] . '/chwala/';/g" /etc/roundcubemail/kolab_files.inc.php
diff --git a/docker/kolab/utils/patches/0001-Resolve-base_dn-in-kolab_user_base_dn-user_base_dn-a.patch b/docker/kolab/utils/patches/0001-Resolve-base_dn-in-kolab_user_base_dn-user_base_dn-a.patch
new file mode 100644
--- /dev/null
+++ b/docker/kolab/utils/patches/0001-Resolve-base_dn-in-kolab_user_base_dn-user_base_dn-a.patch
@@ -0,0 +1,92 @@
+From f0a02b4484360617baa434bada6c651b8b0b5d30 Mon Sep 17 00:00:00 2001
+From: Aleksander Machniak <machniak@kolabsys.com>
+Date: Fri, 1 Oct 2021 15:08:12 +0200
+Subject: [PATCH 1/2] Resolve %base_dn in kolab_user_base_dn, user_base_dn and
+ resource_base_dn
+
+Reviewers: #pykolab_developers, vanmeeuwen
+
+Reviewed By: #pykolab_developers, vanmeeuwen
+
+Subscribers: #pykolab_developers
+
+Differential Revision: https://git.kolab.org/D2900
+---
+ pykolab/auth/ldap/__init__.py | 40 ++++++++++++++++++++---------------
+ 1 file changed, 23 insertions(+), 17 deletions(-)
+
+diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
+index 5c8c668..046c30c 100644
+--- a/pykolab/auth/ldap/__init__.py
++++ b/pykolab/auth/ldap/__init__.py
+@@ -647,13 +647,7 @@ class LDAP(Base):
+ if len(_filter) <= 6:
+ return None
+
+- config_base_dn = self.config_get('resource_base_dn')
+- ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+-
+- if ldap_base_dn is not None and not ldap_base_dn == config_base_dn:
+- resource_base_dn = ldap_base_dn
+- else:
+- resource_base_dn = config_base_dn
++ resource_base_dn = self._object_base_dn('resource')
+
+ _results = self.ldap.search_s(
+ resource_base_dn,
+@@ -801,13 +795,7 @@ class LDAP(Base):
+ if len(_filter) <= 6:
+ return None
+
+- config_base_dn = self.config_get('resource_base_dn')
+- ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+-
+- if ldap_base_dn is not None and not ldap_base_dn == config_base_dn:
+- resource_base_dn = ldap_base_dn
+- else:
+- resource_base_dn = config_base_dn
++ resource_base_dn = self._object_base_dn('resource')
+
+ _results = self.ldap.search_s(
+ resource_base_dn,
+@@ -2470,9 +2458,7 @@ class LDAP(Base):
+
+ conf_prefix = 'kolab_' if kolabuser else ''
+
+- user_base_dn = self.config_get(conf_prefix + 'user_base_dn')
+- if user_base_dn is None:
+- user_base_dn = self.config_get('base_dn')
++ user_base_dn = self._object_base_dn('user', conf_prefix)
+
+ auth_attrs = self.config_get_list('auth_attributes')
+
+@@ -2684,6 +2670,26 @@ class LDAP(Base):
+
+ return domains
+
++ def _object_base_dn(self, objectType, prefix=''):
++ """
++ Get configured base DN for specified Kolab object type
++ """
++ object_base_dn = self.config_get(prefix + objectType + '_base_dn')
++ config_base_dn = self.config_get('base_dn')
++ ldap_base_dn = self._kolab_domain_root_dn(self.domain)
++
++ if ldap_base_dn is not None and not ldap_base_dn == config_base_dn:
++ base_dn = ldap_base_dn
++ else:
++ base_dn = config_base_dn
++
++ if object_base_dn is None:
++ object_base_dn = base_dn
++ else:
++ object_base_dn = object_base_dn % ({'base_dn': base_dn})
++
++ return object_base_dn
++
+ def _synchronize_callback(self, *args, **kw):
+ """
+ Determine the characteristics of the callback being placed, and
+--
+2.33.1
+

File Metadata

Mime Type
text/plain
Expires
Fri, Apr 3, 11:49 AM (17 h, 45 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18823900
Default Alt Text
D3202.1775216968.diff (16 KB)

Event Timeline