From 2388730502c5efed47ba808ff72abdedf20a3f2d Mon Sep 17 00:00:00 2001 From: marcelloc Date: Wed, 13 Feb 2013 16:03:18 -0200 Subject: dansguardian - fix groups acls cheks, rename template xmls to avoid boot warnings and include more debug messages on dansguardian_ldap.php --- config/dansguardian/dansguardian.inc | 17 +-- config/dansguardian/dansguardian.xml | 6 +- .../dansguardian/dansguardian_ips_header.template | 114 +++++++++++++++++++++ .../dansguardian_ips_header.xml.template | 114 --------------------- config/dansguardian/dansguardian_ldap.php | 12 ++- .../dansguardian_users_footer.template | 14 +++ .../dansguardian_users_footer.xml.template | 14 --- .../dansguardian_users_header.template | 99 ++++++++++++++++++ 8 files changed, 247 insertions(+), 143 deletions(-) create mode 100644 config/dansguardian/dansguardian_ips_header.template delete mode 100644 config/dansguardian/dansguardian_ips_header.xml.template create mode 100644 config/dansguardian/dansguardian_users_footer.template delete mode 100644 config/dansguardian/dansguardian_users_footer.xml.template create mode 100644 config/dansguardian/dansguardian_users_header.template (limited to 'config/dansguardian') diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index e3a9e87c..8177fe3f 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -765,6 +765,7 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) { $dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off"); } + #create group list files $lists=array("phraseacl" => array("bannedphrase","weightedphrase","exceptionphrase"), "siteacl" => array("bannedsite","greysite","exceptionsite","exceptionfilesite","logsite"), @@ -775,16 +776,16 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) { "searchacl" => array("searchengineregexp","bannedsearchterm","weightedsearchterm","exceptionsearchterm") ); foreach ($lists as $list_key => $list_array){ + // verify groups acls to avoid errors on empty acl group options + if (!preg_match("/\w+/",$dansguardian_groups[$list_key])){ + log_error("dansguardian - Config warning, Group {$dansguardian_group_name} {$list_key} cannot be empty! Trying to load sample values"); + } foreach ($list_array as $list_value){ #read all access lists applied tho this group option foreach (explode(",",$dansguardian_groups[$list_key]) as $dacl){ if (! is_array(${$list_value})) ${$list_value}=array(); - // try to avoid errors on empty acl group options - if (!preg_match("/\d+/",$dacl)){ - log_error("dansguardian - Config error, Group {$dansguardian_group_name} {$list_key} cannot be empty! Trying to load default acl values"); - $dacl=0; - } + $dacl=(preg_match("/\w+/",$dacl)? $dacl : "sample"); $file_temp=file_get_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.{$dacl}")."\n"; ${$list_value}=array_merge(explode("\n",$file_temp),${$list_value}); } @@ -907,9 +908,9 @@ EOF; #Create/update filtergroupsiplist file_put_contents($dansguardian_dir."/lists/authplugins/ipgroups",$filtergroupsiplist,LOCK_EX); #Create/update userlist xml file - $ips_xml_header=file_get_contents("/usr/local/pkg/dansguardian_ips_header.xml.template"); - $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.xml.template"); - $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.xml.template"); + $ips_xml_header=file_get_contents("/usr/local/pkg/dansguardian_ips_header.template"); + $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.template"); + $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.template"); file_put_contents("/usr/local/pkg/dansguardian_users.xml",$user_xml_header.$user_xml.$user_xml_footer,LOCK_EX); file_put_contents("/usr/local/pkg/dansguardian_ips.xml",$ips_xml_header.$ips_xml.$user_xml_footer,LOCK_EX); diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml index 26d87825..34d4156c 100644 --- a/config/dansguardian/dansguardian.xml +++ b/config/dansguardian/dansguardian.xml @@ -84,17 +84,17 @@ 0755 - http://www.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.xml.template + http://www.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.template /usr/local/pkg/ 0755 - http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.xml.template + http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.template /usr/local/pkg/ 0755 - http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.xml.template + http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.template /usr/local/pkg/ 0755 diff --git a/config/dansguardian/dansguardian_ips_header.template b/config/dansguardian/dansguardian_ips_header.template new file mode 100644 index 00000000..48eb3e68 --- /dev/null +++ b/config/dansguardian/dansguardian_ips_header.template @@ -0,0 +1,114 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + dansguardianips + 1.0 + Services: Dansguardian + /usr/local/pkg/dansguardian.inc + + Daemon + /pkg_edit.php?xml=dansguardian.xml&id=0 + + + General + /pkg_edit.php?xml=dansguardian_config.xml&id=0 + + + Limits + /pkg_edit.php?xml=dansguardian_limits.xml&id=0 + + + Blacklist + /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 + + + Access Lists + /pkg_edit.php?xml=dansguardian_site_acl.xml&id=0 + + + LDAP + /pkg.php?xml=dansguardian_ldap.xml + + + Groups + /pkg.php?xml=dansguardian_groups.xml + + + Users + /pkg_edit.php?xml=dansguardian_users.xml + + + IPs + /pkg_edit.php?xml=dansguardian_ips.xml + + + + Report and log + /pkg_edit.php?xml=dansguardian_log.xml&id=0 + + + Sync + /pkg_edit.php?xml=dansguardian_sync.xml&id=0 + + + Help + /dansguardian_about.php + + + + + Exception IP list + listtopic + + + exceptioniplist + Exception Ip List + + Leave empty to load dansguardian defaults.]]> + textarea + 80 + 12 + base64 + + \ No newline at end of file diff --git a/config/dansguardian/dansguardian_ips_header.xml.template b/config/dansguardian/dansguardian_ips_header.xml.template deleted file mode 100644 index 48eb3e68..00000000 --- a/config/dansguardian/dansguardian_ips_header.xml.template +++ /dev/null @@ -1,114 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - dansguardianips - 1.0 - Services: Dansguardian - /usr/local/pkg/dansguardian.inc - - Daemon - /pkg_edit.php?xml=dansguardian.xml&id=0 - - - General - /pkg_edit.php?xml=dansguardian_config.xml&id=0 - - - Limits - /pkg_edit.php?xml=dansguardian_limits.xml&id=0 - - - Blacklist - /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 - - - Access Lists - /pkg_edit.php?xml=dansguardian_site_acl.xml&id=0 - - - LDAP - /pkg.php?xml=dansguardian_ldap.xml - - - Groups - /pkg.php?xml=dansguardian_groups.xml - - - Users - /pkg_edit.php?xml=dansguardian_users.xml - - - IPs - /pkg_edit.php?xml=dansguardian_ips.xml - - - - Report and log - /pkg_edit.php?xml=dansguardian_log.xml&id=0 - - - Sync - /pkg_edit.php?xml=dansguardian_sync.xml&id=0 - - - Help - /dansguardian_about.php - - - - - Exception IP list - listtopic - - - exceptioniplist - Exception Ip List - - Leave empty to load dansguardian defaults.]]> - textarea - 80 - 12 - base64 - - \ No newline at end of file diff --git a/config/dansguardian/dansguardian_ldap.php b/config/dansguardian/dansguardian_ldap.php index beb57ee0..33cbee91 100644 --- a/config/dansguardian/dansguardian_ldap.php +++ b/config/dansguardian/dansguardian_ldap.php @@ -130,9 +130,11 @@ if (is_array($config['installedpackages']['dansguardiangroups']['config'])) } } if (empty($members)){ - $config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = NULL; - $apply_config++; - } + if (!is_null($config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])])){ + $config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = NULL; + $apply_config++; + } + } else{ $import_users = explode("\n", $members); asort($import_users); @@ -146,11 +148,13 @@ if (is_array($config['installedpackages']['dansguardiangroups']['config'])) $id++; } if ($apply_config > 0){ - print "user list from LDAP is different from current group, applying new configuration..."; + print "User list from LDAP is different from current group, applying new configuration..."; write_config(); include("/usr/local/pkg/dansguardian.inc"); sync_package_dansguardian(); print "done\n"; +}else { + print "User list from LDAP is already the same as current group, no changes made\n"; } #mount filesystem read-only diff --git a/config/dansguardian/dansguardian_users_footer.template b/config/dansguardian/dansguardian_users_footer.template new file mode 100644 index 00000000..1288b919 --- /dev/null +++ b/config/dansguardian/dansguardian_users_footer.template @@ -0,0 +1,14 @@ + + + dansguardian_php_install_command(); + + + dansguardian_php_deinstall_command(); + + + dansguardian_validate_input($_POST, &$input_errors); + + + sync_package_dansguardian(); + + diff --git a/config/dansguardian/dansguardian_users_footer.xml.template b/config/dansguardian/dansguardian_users_footer.xml.template deleted file mode 100644 index 1288b919..00000000 --- a/config/dansguardian/dansguardian_users_footer.xml.template +++ /dev/null @@ -1,14 +0,0 @@ - - - dansguardian_php_install_command(); - - - dansguardian_php_deinstall_command(); - - - dansguardian_validate_input($_POST, &$input_errors); - - - sync_package_dansguardian(); - - diff --git a/config/dansguardian/dansguardian_users_header.template b/config/dansguardian/dansguardian_users_header.template new file mode 100644 index 00000000..1cc038d5 --- /dev/null +++ b/config/dansguardian/dansguardian_users_header.template @@ -0,0 +1,99 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + dansguardianusers + 1.0 + Services: Dansguardian + /usr/local/pkg/dansguardian.inc + + Daemon + /pkg_edit.php?xml=dansguardian.xml&id=0 + + + General + /pkg_edit.php?xml=dansguardian_config.xml&id=0 + + + Limits + /pkg_edit.php?xml=dansguardian_limits.xml&id=0 + + + Blacklist + /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 + + + ACLs + /pkg.php?xml=dansguardian_site_acl.xml + + + LDAP + /pkg.php?xml=dansguardian_ldap.xml + + + Groups + /pkg.php?xml=dansguardian_groups.xml + + + Users + /pkg_edit.php?xml=dansguardian_users.xml + + + + IPs + /pkg_edit.php?xml=dansguardian_ips.xml + + + Report and log + /pkg_edit.php?xml=dansguardian_log.xml&id=0 + + + Sync + /pkg_edit.php?xml=dansguardian_sync.xml&id=0 + + + Help + /dansguardian_about.php + + + -- cgit v1.2.3