diff --git a/.vagrant-puppet/manifests/default.pp b/.vagrant-puppet/manifests/default.pp index 274595668..185772614 100644 --- a/.vagrant-puppet/manifests/default.pp +++ b/.vagrant-puppet/manifests/default.pp @@ -15,7 +15,7 @@ exec { 'create-mysql-icinga-db': exec{ 'create-pgsql-icinga-db': unless => 'sudo -u postgres psql -tAc "SELECT 1 FROM pg_roles WHERE rolname=\'icinga\'" | grep -q 1', - command => 'sudo -u postgres psql -c "CREATE ROLE icinga WITH LOGIN PASSWORD \'icinga\';" && \ + command => 'sudo -u postgres psql -c "CREATE ROLE icinga WITH LOGIN PASSWORD \'icingaweb\';" && \ sudo -u postgres createdb -O icinga -E UTF8 icinga && \ sudo -u postgres createlang plpgsql icinga', require => Service['postgresql'] @@ -340,7 +340,10 @@ configure { 'icingaweb': flags => '--prefix=/vagrant \ --with-icinga-commandpipe="/usr/local/icinga-mysql/var/rw/icinga.cmd" \ --with-statusdat-file="/usr/local/icinga-mysql/var/status.dat" \ - --with-httpd-config-path="/etc/httpd/conf.d"' + --with-httpd-config-path="/etc/httpd/conf.d" \ + --with-ldap-authentication \ + --with-internal-authentication \ + --with-livestatus-socket="/usr/local/icinga-mysql/var/rw/live"' } file { 'icingaweb-public': @@ -468,10 +471,10 @@ populate_monitoring_test_config_plugins{ ['test_hostcheck.pl', 'test_servicechec # Following section creates and populates MySQL and PostgreSQL Icinga 2 Web databases # exec { 'create-mysql-icingaweb-db': - unless => 'mysql -uicingaweb -picinga icingaweb', + unless => 'mysql -uicingaweb -picingaweb icingaweb', command => 'mysql -uroot -e "CREATE DATABASE icingaweb; \ GRANT ALL ON icingaweb.* TO icingaweb@localhost \ - IDENTIFIED BY \'icinga\';"', + IDENTIFIED BY \'icingaweb\';"', require => Service['mysqld'] } @@ -484,8 +487,8 @@ exec { 'create-pgsql-icingaweb-db': } exec { 'populate-icingaweb-mysql-db-accounts': - unless => 'mysql -uicingaweb -picinga icingaweb -e "SELECT * FROM account;" &> /dev/null', - command => 'mysql -uicingaweb -picinga icingaweb < /vagrant/etc/schema/accounts.mysql.sql', + unless => 'mysql -uicingaweb -picingaweb icingaweb -e "SELECT * FROM account;" &> /dev/null', + command => 'mysql -uicingaweb -picingaweb icingaweb < /vagrant/etc/schema/accounts.mysql.sql', require => [ Exec['create-mysql-icingaweb-db'] ] } @@ -496,8 +499,8 @@ exec { 'populate-icingweba-pgsql-db-accounts': } exec { 'populate-icingaweb-mysql-db-preferences': - unless => 'mysql -uicingaweb -picinga icingaweb -e "SELECT * FROM preference;" &> /dev/null', - command => 'mysql -uicingaweb -picinga icingaweb < /vagrant/etc/schema/preferences.mysql.sql', + unless => 'mysql -uicingaweb -picingaweb icingaweb -e "SELECT * FROM preference;" &> /dev/null', + command => 'mysql -uicingaweb -picingaweb icingaweb < /vagrant/etc/schema/preferences.mysql.sql', require => [ Exec['create-mysql-icingaweb-db'] ] } diff --git a/aclocal.m4 b/aclocal.m4 index 188b3a13a..ed4703fd0 100755 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -52,7 +52,6 @@ AC_DEFUN([AC_CHECK_BIN], [ test "XX${$1}" == "XXnot found" && $1="" ]) - AC_DEFUN([AC_PATH_GUESS], [ $2=$3 for x in $1; do @@ -63,3 +62,23 @@ AC_DEFUN([AC_PATH_GUESS], [ ) done ]) + +# ICINGA_CHECK_DBTYPE(DBTYPE, ARGUMENT_NAME) +# ------------------------------------------ +AC_DEFUN([ICINGA_CHECK_DBTYPE], [ + AC_MSG_CHECKING([Testing database type for $2]) + AS_IF(echo "$1" | $GREP -q "^\(my\|pg\)sql$", + AC_MSG_RESULT([OK ($1)]), + AC_MSG_ERROR([$1]) + ) +]) + +# ICINGA_CHECK_BACKENDTYPE(BACKENDTYPE, ARGUMENT_NAME) +# ------------------------------------------ +AC_DEFUN([ICINGA_CHECK_BACKENDTYPE], [ + AC_MSG_CHECKING([Testing backend type for $2]) + AS_IF(echo "$1" | $GREP -q "^\(ido\|statusdat\|livestatus\)$", + AC_MSG_RESULT([OK ($1)]), + AC_MSG_ERROR([$1]) + ) +]) diff --git a/config/authentication.ini.in b/config/authentication.ini.in index e65561981..aae7fee63 100755 --- a/config/authentication.ini.in +++ b/config/authentication.ini.in @@ -12,22 +12,24 @@ ; priority. -@use_ldap_auth@[ldap_authentication] -@use_ldap_auth@backend = "ldap" -@use_ldap_auth@target = "user" -@use_ldap_auth@hostname = "@ldap_host@" -@use_ldap_auth@port = "@ldap_port@" -@use_ldap_auth@root_dn = "@ldap_rootdn@" -@use_ldap_auth@bind_dn = "@ldap_binddn@" -@use_ldap_auth@bind_pw = "@ldap_bindpass@" +[ldap_authentication] +@ldap_auth_disabled@ +backend = "ldap" +target = "user" +hostname = "@ldap_host@" +port = "@ldap_port@" +root_dn = "@ldap_rootdn@" +bind_dn = "@ldap_binddn@" +bind_pw = "@ldap_bindpass@" -; Attributes for ldap user lookup -@use_ldap_auth@user_class = "@ldap_user_objectclass@" -@use_ldap_auth@user_name_attribute = "@ldap_attribute_username@" -@use_ldap_auth@user_password_attribute = "@ldap_attribute_password@" +; Object class of the user +user_class = "@ldap_user_objectclass@" +; Attribute name for username +user_name_attribute = "@ldap_attribute_username@" -@use_internal_auth@[internal_authentication] -@use_internal_auth@backend = db -@use_internal_auth@target = "user" -@use_internal_auth@resource = "internal_db" +[internal_authentication] +@internal_auth_disabled@ +backend = db +target = "user" +resource = "internal_db" diff --git a/config/modules/monitoring/backends.ini.in b/config/modules/monitoring/backends.ini.in index c763f076a..910f17f81 100644 --- a/config/modules/monitoring/backends.ini.in +++ b/config/modules/monitoring/backends.ini.in @@ -1,15 +1,17 @@ [localdb] -type = ido -resource = "ido" +@ido_enabled@ +type = ido +resource = "ido" [locallive] -type = livestatus -socket = @livestatus_socket@ +@livestatus_enabled@ +type = livestatus +resource = livestatus [localfile] -type = statusdat -status_file = @statusdat_file@ -objects_file = @objects_cache_file@ +@statusdat_enabled@ +type = statusdat +resource = statusdat ;[localfailsafe] ;enabled=false diff --git a/config/resources.ini.in b/config/resources.ini.in old mode 100644 new mode 100755 index 5cf86e817..1085fff94 --- a/config/resources.ini.in +++ b/config/resources.ini.in @@ -17,7 +17,8 @@ type = db db = @internal_db_type@ host = @internal_db_host@ -password = @internal_db_pass@ +port = @internal_db_port@ +password = @internal_db_password@ username = @internal_db_user@ dbname = @internal_db_name@ @@ -25,7 +26,16 @@ dbname = @internal_db_name@ type = db db = @ido_db_type@ host = @ido_host@ -password = @ido_user@ -username = @ido_user@ port = @ido_port@ -dbname = @ido_database@ +password = @ido_password@ +username = @ido_user@ +dbname = @ido_db_name@ + +[statusdat] +type = statusdat +status_file = @statusdat_file@ +object_file = @objects_cache_file@ + +[livestatus] +type = livestatus +socket = @livestatus_socket@ diff --git a/configure b/configure index 82f5a7b2a..07073a2de 100755 --- a/configure +++ b/configure @@ -590,22 +590,22 @@ ac_subst_vars='LTLIBOBJS LIBOBJS INSTALL_OPTS_WEB INSTALL_OPTS -use_internal_auth -use_ldap_auth +internal_auth_disabled +ldap_auth_disabled icinga_commandpipe +livestatus_enabled livestatus_socket objects_cache_file statusdat_file +statusdat_enabled ido_password ido_user -ido_database +ido_db_name ido_port ido_host ido_db_type +ido_enabled icinga_backend -ldap_attribute_groupname -ldap_group_objectclass -ldap_attribute_password ldap_attribute_username ldap_attribute_basedn ldap_user_objectclass @@ -614,7 +614,7 @@ ldap_binddn ldap_rootdn ldap_port ldap_host -internal_db_pass +internal_db_password internal_db_user internal_db_port internal_db_host @@ -688,7 +688,7 @@ with_internal_db_type with_internal_db_name with_internal_db_host with_internal_db_port -with_internal_db_pass +with_internal_db_password with_internal_db_user with_internal_authentication with_ldap_authentication @@ -699,14 +699,11 @@ with_ldap_bindpass with_ldap_rootdn with_ldap_user_objectclass with_ldap_attribute_username -with_ldap_attribute_password -with_ldap_group_objectclass -with_ldap_attribute_groupname with_icinga_backend with_ido_db_type with_ido_host with_ido_port -with_ido_database +with_ido_db_name with_ido_user with_ido_password with_statusdat_file @@ -1350,7 +1347,7 @@ Optional Packages: --with-internal-db-port=PORT database port to use for internal database (default: 3306 for mysql, 5432 for pgsql) - --with-internal-db-pass=PASS + --with-internal-db-password=PASS database pass to use for internal database (default icingaweb) --with-internal-db-user=USER @@ -1379,15 +1376,6 @@ Optional Packages: --with-ldap-attribute-username=LDAP_ATTRIBUTE user attribute to use for the username (default: uid) - --with-ldap-attribute-password=LDAP_ATTRIBUTE - user attribute to use for the password (default: - password) - --with-ldap-group-objectclass=LDAP_ATTRIBUTE - ldap object type to use for group authentication - (default: inetOrgPerson) - --with-ldap-attribute-groupname=LDAP_OBJECT_CLASS - user object type to use for the authentication - (default: inetOrgPerson) --with-icinga-backend=(ido, statusdat, livestatus) backend to use for rb (default: statusdat) --with-ido-db-type=(mysql, pgsql) @@ -1397,10 +1385,10 @@ Optional Packages: (default: localhost) --with-ido-port=PORT backend to use for retrieving data from the ido db (default: 3306 for mysql. 5432 for pgsql) - --with-ido-database=DATABASE + --with-ido-db-name=DATABASE database name to use for retrieving data from the ido db (default: icinga) - --with-ido-host=USER user to use for retrieving data from the ido db + --with-ido-user=USER user to use for retrieving data from the ido db (default: icinga) --with-ido-password=PASSWORD password to use for retrieving data from the ido db @@ -1409,7 +1397,7 @@ Optional Packages: location of the status.dat file when retrieving data from status.dat (default: /usr/local/icinga/var/status.dat) - --with-objects-file=FILE + --with-objects-cache-file=FILE location of the objects.cache file when retrieving data from status.dat (default: /usr/local/icinga/var/objects.cache) @@ -1420,6 +1408,10 @@ Optional Packages: location of the command pipe used for sending commands (default: /usr/local/icinga/var/rw/icinga.cmd) + --with-objects-file=FILE + location of the objects.cache file when retrieving + data from status.dat (default: + /usr/local/icinga/var/objects.cache) Some influential environment variables: PHP php cli binary @@ -2358,6 +2350,18 @@ fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking Testing database type for --with-internal-db-type" >&5 +$as_echo_n "checking Testing database type for --with-internal-db-type... " >&6; } + if echo "$internal_db_type" | $GREP -q "^\(my\|pg\)sql$"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: OK ($internal_db_type)" >&5 +$as_echo "OK ($internal_db_type)" >&6; } +else + as_fn_error $? "$internal_db_type" "$LINENO" 5 + +fi + + + # Check whether --with-internal_db_name was given. if test "${with_internal_db_name+set}" = set; then : withval=$with_internal_db_name; internal_db_name=$withval @@ -2388,11 +2392,11 @@ fi -# Check whether --with-internal_db_pass was given. -if test "${with_internal_db_pass+set}" = set; then : - withval=$with_internal_db_pass; internal_db_pass=$withval +# Check whether --with-internal_db_password was given. +if test "${with_internal_db_password+set}" = set; then : + withval=$with_internal_db_password; internal_db_password=$withval else - internal_db_pass=icingaweb + internal_db_password=icingaweb fi @@ -2414,7 +2418,7 @@ fi # Check whether --with-internal_authentication was given. if test "${with_internal_authentication+set}" = set; then : - withval=$with_internal_authentication; internal_authentication=yes + withval=$with_internal_authentication; internal_authentication=$withval else internal_authentication=yes @@ -2424,7 +2428,7 @@ fi # Check whether --with-ldap_authentication was given. if test "${with_ldap_authentication+set}" = set; then : - withval=$with_ldap_authentication; ldap_authentication=yes + withval=$with_ldap_authentication; ldap_authentication=$withval else ldap_authentication=no @@ -2505,36 +2509,6 @@ else fi - -# Check whether --with-ldap_attribute_password was given. -if test "${with_ldap_attribute_password+set}" = set; then : - withval=$with_ldap_attribute_password; ldap_attribute_password=$withval -else - ldap_attribute_password="password" - -fi - - - -# Check whether --with-ldap_group_objectclass was given. -if test "${with_ldap_group_objectclass+set}" = set; then : - withval=$with_ldap_group_objectclass; ldap_group_objectclass=$withval -else - ldap_group_objectclass="group" - -fi - - - -# Check whether --with-ldap_attribute_groupname was given. -if test "${with_ldap_attribute_groupname+set}" = set; then : - withval=$with_ldap_attribute_groupname; ldap_attribute_groupname=$withval -else - ldap_attribute_groupname="guid" - -fi - - # # Icinga backend selection # @@ -2549,6 +2523,18 @@ else fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking Testing backend type for --with-icinga-backend" >&5 +$as_echo_n "checking Testing backend type for --with-icinga-backend... " >&6; } + if echo "$icinga_backend" | $GREP -q "^\(ido\|statusdat\|livestatus\)$"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: OK ($icinga_backend)" >&5 +$as_echo "OK ($icinga_backend)" >&6; } +else + as_fn_error $? "$icinga_backend" "$LINENO" 5 + +fi + + # # Ido settings # @@ -2564,6 +2550,18 @@ fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking Testing database type for --with-ido-db-type" >&5 +$as_echo_n "checking Testing database type for --with-ido-db-type... " >&6; } + if echo "$ido_db_type" | $GREP -q "^\(my\|pg\)sql$"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: OK ($ido_db_type)" >&5 +$as_echo "OK ($ido_db_type)" >&6; } +else + as_fn_error $? "$ido_db_type" "$LINENO" 5 + +fi + + + # Check whether --with-ido_host was given. if test "${with_ido_host+set}" = set; then : withval=$with_ido_host; ido_host=$withval @@ -2584,11 +2582,11 @@ fi -# Check whether --with-ido_database was given. -if test "${with_ido_database+set}" = set; then : - withval=$with_ido_database; ido_database=$withval +# Check whether --with-ido_db_name was given. +if test "${with_ido_db_name+set}" = set; then : + withval=$with_ido_db_name; ido_db_name=$withval else - ido_database="icinga" + ido_db_name="icinga" fi @@ -2828,12 +2826,12 @@ fi fi # -# Comment out the disabled backends per default +# Disable authentication backends # -ido_enabled="disable=1" -statusdat_enabled="disable=1" -livestatus_enabled="disable=1" +ido_enabled="disabled = \"1\"" +statusdat_enabled="disabled = \"1\"" +livestatus_enabled="disabled = \"1\"" case $icinga_backend in #( "ido") : @@ -2846,7 +2844,7 @@ case $icinga_backend in #( statusdat_enabled="" ;; esac -use_ldap_auth=";" +ldap_auth_disabled="disabled = \"1\"" if test "x$ldap_authentication" != xno; then : for x in ldap;do @@ -2860,11 +2858,11 @@ else fi done - use_ldap_auth="" + ldap_auth_disabled="" fi -use_internal_auth=";" +internal_auth_disabled="disabled = \"1\"" if test "x$internal_authentication" != xno; then : for x in ldap;do @@ -2878,7 +2876,7 @@ else fi done - use_internal_auth="" + internal_auth_disabled="" fi @@ -2915,9 +2913,6 @@ fi - - - # backend setup @@ -2929,13 +2924,16 @@ fi + # status.dat backend + # livestatus backend + # command pipe diff --git a/configure.ac b/configure.ac index 19a1f5dcf..42a37f3dc 100755 --- a/configure.ac +++ b/configure.ac @@ -98,6 +98,8 @@ AC_ARG_WITH([internal_db_type], internal_db_type=mysql ) +ICINGA_CHECK_DBTYPE($internal_db_type, [--with-internal-db-type]) + AC_ARG_WITH([internal_db_name], AS_HELP_STRING([--with-internal-db-name=NAME], [database name to use for internal database (default icingaweb)]), internal_db_name=$withval, @@ -116,10 +118,10 @@ AC_ARG_WITH([internal_db_port], internal_db_port=db_default_port ) -AC_ARG_WITH([internal_db_pass], - AS_HELP_STRING([--with-internal-db-pass=PASS], [database pass to use for internal database (default icingaweb)]), - internal_db_pass=$withval, - internal_db_pass=icingaweb +AC_ARG_WITH([internal_db_password], + AS_HELP_STRING([--with-internal-db-password=PASS], [database pass to use for internal database (default icingaweb)]), + internal_db_password=$withval, + internal_db_password=icingaweb ) AC_ARG_WITH([internal_db_user], @@ -134,13 +136,13 @@ AC_ARG_WITH([internal_db_user], AC_ARG_WITH([internal_authentication], AC_HELP_STRING([--with-internal-authentication], [use the internal database for authentication (default: yes)]), - internal_authentication=yes, + internal_authentication=$withval, internal_authentication=yes ) AC_ARG_WITH([ldap_authentication], AC_HELP_STRING([--with-ldap-authentication], [use a ldap server for authentication (default: no)]), - ldap_authentication=yes, + ldap_authentication=$withval, ldap_authentication=no ) @@ -190,24 +192,6 @@ AC_ARG_WITH([ldap_attribute_username], ldap_attribute_username="uid" ) -AC_ARG_WITH([ldap_attribute_password], - AS_HELP_STRING([--with-ldap-attribute-password=LDAP_ATTRIBUTE], [user attribute to use for the password (default: password)]), - ldap_attribute_password=$withval, - ldap_attribute_password="password" -) - -AC_ARG_WITH([ldap_group_objectclass], - AS_HELP_STRING([--with-ldap-group-objectclass=LDAP_ATTRIBUTE], [ldap object type to use for group authentication (default: inetOrgPerson)]), - ldap_group_objectclass=$withval, - ldap_group_objectclass="group" -) - -AC_ARG_WITH([ldap_attribute_groupname], - AS_HELP_STRING([--with-ldap-attribute-groupname=LDAP_OBJECT_CLASS], [user object type to use for the authentication (default: inetOrgPerson)]), - ldap_attribute_groupname=$withval, - ldap_attribute_groupname="guid" -) - # # Icinga backend selection # @@ -218,6 +202,8 @@ AC_ARG_WITH([icinga_backend], icinga_backend="statusdat" ) +ICINGA_CHECK_BACKENDTYPE($icinga_backend, [--with-icinga-backend]) + # # Ido settings # @@ -228,6 +214,8 @@ AC_ARG_WITH([ido_db_type], ido_db_type="mysql" ) +ICINGA_CHECK_DBTYPE($ido_db_type, [--with-ido-db-type]) + AC_ARG_WITH([ido_host], AS_HELP_STRING([--with-ido-host=HOST], [host to use for retrieving data from the ido db (default: localhost)]), ido_host=$withval, @@ -240,14 +228,14 @@ AC_ARG_WITH([ido_port], ido_port=db_default_port ) -AC_ARG_WITH([ido_database], - AS_HELP_STRING([--with-ido-database=DATABASE], [database name to use for retrieving data from the ido db (default: icinga)]), - ido_database=$withval, - ido_database="icinga" +AC_ARG_WITH([ido_db_name], + AS_HELP_STRING([--with-ido-db-name=DATABASE], [database name to use for retrieving data from the ido db (default: icinga)]), + ido_db_name=$withval, + ido_db_name="icinga" ) AC_ARG_WITH([ido_user], - AS_HELP_STRING([--with-ido-host=USER], [user to use for retrieving data from the ido db (default: icinga)]), + AS_HELP_STRING([--with-ido-user=USER], [user to use for retrieving data from the ido db (default: icinga)]), ido_user=$withval, ido_user="icinga" ) @@ -269,7 +257,7 @@ AC_ARG_WITH([statusdat_file], ) AC_ARG_WITH([objects_cache_file], - AS_HELP_STRING([--with-objects-file=FILE], [location of the objects.cache file when retrieving data from status.dat (default: /usr/local/icinga/var/objects.cache)]), + AS_HELP_STRING([--with-objects-cache-file=FILE], [location of the objects.cache file when retrieving data from status.dat (default: /usr/local/icinga/var/objects.cache)]), objects_cache_file=$withval, objects_cache_file="/usr/local/icinga/var/objects.cache" ) @@ -349,12 +337,12 @@ AS_IF([test "x$ido_db_type" = xpgsql], [ ]) # -# Comment out the disabled backends per default +# Disable authentication backends # -ido_enabled="disable=1" -statusdat_enabled="disable=1" -livestatus_enabled="disable=1" +ido_enabled="disabled = \"1\"" +statusdat_enabled="disabled = \"1\"" +livestatus_enabled="disabled = \"1\"" AS_CASE([$icinga_backend], ["ido"], [ido_enabled=""], @@ -362,16 +350,16 @@ AS_CASE([$icinga_backend], ["livestatus"], [livestatus_enabled=""], [statusdat_enabled=""]) -use_ldap_auth=";" +ldap_auth_disabled="disabled = \"1\"" AS_IF([test "x$ldap_authentication" != xno], AC_CHECK_PHP_MODULE([ldap]) - use_ldap_auth="" + ldap_auth_disabled="" ) -use_internal_auth=";" +internal_auth_disabled="disabled = \"1\"" AS_IF([test "x$internal_authentication" != xno], AC_CHECK_PHP_MODULE([ldap]) - use_internal_auth="" + internal_auth_disabled="" ) # @@ -395,7 +383,7 @@ AC_SUBST(internal_db_name) AC_SUBST(internal_db_host) AC_SUBST(internal_db_port) AC_SUBST(internal_db_user) -AC_SUBST(internal_db_pass) +AC_SUBST(internal_db_password) # ldap setup AC_SUBST(ldap_host) @@ -406,35 +394,35 @@ AC_SUBST(ldap_bindpass) AC_SUBST(ldap_user_objectclass) AC_SUBST(ldap_attribute_basedn) AC_SUBST(ldap_attribute_username) -AC_SUBST(ldap_attribute_password) -AC_SUBST(ldap_group_objectclass) -AC_SUBST(ldap_attribute_groupname) # backend setup AC_SUBST(icinga_backend) # ido backend variables +AC_SUBST(ido_enabled) AC_SUBST(ido_db_type) AC_SUBST(ido_host) AC_SUBST(ido_port) -AC_SUBST(ido_database) +AC_SUBST(ido_db_name) AC_SUBST(ido_user) AC_SUBST(ido_password) # status.dat backend +AC_SUBST(statusdat_enabled) AC_SUBST(statusdat_file) AC_SUBST(objects_cache_file) # livestatus backend AC_SUBST(livestatus_socket) +AC_SUBST(livestatus_enabled) # command pipe AC_SUBST(icinga_commandpipe) # Comment placeholders for toggling backends -AC_SUBST(use_ldap_auth) -AC_SUBST(use_internal_auth) +AC_SUBST(ldap_auth_disabled) +AC_SUBST(internal_auth_disabled) # Application and installation AC_SUBST(PHP) diff --git a/library/Icinga/Application/DbAdapterFactory.php b/library/Icinga/Application/DbAdapterFactory.php index 92604f5ce..56ea4afd3 100644 --- a/library/Icinga/Application/DbAdapterFactory.php +++ b/library/Icinga/Application/DbAdapterFactory.php @@ -219,8 +219,10 @@ class DbAdapterFactory implements ConfigAwareFactory ); switch ($config->db) { case 'mysql': + $options['port'] = $config->get('port', 3306); return self::callFactory('Pdo_Mysql', $options); case 'pgsql': + $options['port'] = $config->get('port', 5432); return self::callFactory('Pdo_Pgsql', $options); default: if (!$config->db) { diff --git a/library/Icinga/Application/Logger.php b/library/Icinga/Application/Logger.php index e72554ab2..35d24e41c 100755 --- a/library/Icinga/Application/Logger.php +++ b/library/Icinga/Application/Logger.php @@ -49,12 +49,12 @@ final class Logger /** * Default log target */ - const DEFAULT_LOG_TARGET = "./var/log/icinga.log"; + const DEFAULT_LOG_TARGET = "./var/log/icingaweb.log"; /** * Default debug target */ - const DEFAULT_DEBUG_TARGET = "./var/log/icinga.debug.log"; + const DEFAULT_DEBUG_TARGET = "./var/log/icingaweb.debug.log"; /** * Array of writers diff --git a/library/Icinga/Authentication/Backend/LdapUserBackend.php b/library/Icinga/Authentication/Backend/LdapUserBackend.php index eade05e30..54378495e 100644 --- a/library/Icinga/Authentication/Backend/LdapUserBackend.php +++ b/library/Icinga/Authentication/Backend/LdapUserBackend.php @@ -70,7 +70,7 @@ class LdapUserBackend implements UserBackend */ public function __construct(Zend_Config $config) { - $this->connection = new Ldap\Connection($config); + $this->connection = new Connection($config); $this->config = $config; $this->name = $config->name; } diff --git a/library/Icinga/Authentication/Manager.php b/library/Icinga/Authentication/Manager.php index e9f8edd1e..66677cf10 100644 --- a/library/Icinga/Authentication/Manager.php +++ b/library/Icinga/Authentication/Manager.php @@ -163,6 +163,11 @@ class Manager private function setupBackends(Zend_Config $config) { foreach ($config as $name => $backendConfig) { + // We won't initialize disabled backends + if ($backendConfig->get('disabled') == '1') { + continue; + } + if ($backendConfig->name === null) { $backendConfig->name = $name; } diff --git a/library/Icinga/Data/ResourceFactory.php b/library/Icinga/Data/ResourceFactory.php index bfd5afcab..3d4343b1c 100644 --- a/library/Icinga/Data/ResourceFactory.php +++ b/library/Icinga/Data/ResourceFactory.php @@ -40,7 +40,7 @@ class ResourceFactory implements ConfigAwareFactory $resource = new StatusdatReader($config); break; default: - throw new ConfigurationError('Unsupported Backend "' + $config->type + '"'); + throw new ConfigurationError('Unsupported resource type "' . $config->type . '"'); } return $resource; diff --git a/library/Icinga/Protocol/Ldap/Connection.php b/library/Icinga/Protocol/Ldap/Connection.php index b434b656e..c240f9c57 100644 --- a/library/Icinga/Protocol/Ldap/Connection.php +++ b/library/Icinga/Protocol/Ldap/Connection.php @@ -1,13 +1,37 @@ + * @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2 + * @author Icinga Development Team */ +// {{{ICINGA_LICENSE_HEADER}}} + namespace Icinga\Protocol\Ldap; use Icinga\Application\Platform; -use \Icinga\Application\Config; +use Icinga\Application\Config; use Icinga\Application\Logger as Log; +use \Zend_Config; /** * Backend class managing all the LDAP stuff for you. @@ -89,14 +113,15 @@ class Connection * * TODO: Allow to pass port and SSL options * - * @param array LDAP connection credentials + * @param Zend_Config $config */ - public function __construct($config) + public function __construct(Zend_Config $config) { $this->hostname = $config->hostname; $this->bind_dn = $config->bind_dn; $this->bind_pw = $config->bind_pw; $this->root_dn = $config->root_dn; + $this->port = $config->get('port', $this->port); } diff --git a/modules/monitoring/library/Monitoring/Backend.php b/modules/monitoring/library/Monitoring/Backend.php index 500666f54..75a5e949e 100644 --- a/modules/monitoring/library/Monitoring/Backend.php +++ b/modules/monitoring/library/Monitoring/Backend.php @@ -128,8 +128,17 @@ class Backend implements ConfigAwareFactory, DatasourceInterface 'Cannot get default backend as no backend has been configured' ); } - reset($configs); - return key($configs); + + // We won't have disabled backends + foreach ($configs as $name => $config) { + if (!$config->get('disabled') == '1') { + return $name; + } + } + + throw new ConfigurationError( + 'All backends are disabled' + ); } /** @@ -149,11 +158,19 @@ class Backend implements ConfigAwareFactory, DatasourceInterface $name = self::getDefaultBackendName(); } + $config = null; + if (isset(self::$backendConfigs[$name])) { + /** @var Zend_Config $config */ $config = self::$backendConfigs[$name]; - } else { + if ($config->get('disabled') == '1') { + $config = null; + } + } + + if ($config === null) { throw new ConfigurationError( - 'No configuration for backend' . $name + 'No configuration for backend:' . $name ); } diff --git a/test/php/library/Icinga/Protocol/Ldap/QueryTest.php b/test/php/library/Icinga/Protocol/Ldap/QueryTest.php index 8f07dc5a5..c449243cb 100644 --- a/test/php/library/Icinga/Protocol/Ldap/QueryTest.php +++ b/test/php/library/Icinga/Protocol/Ldap/QueryTest.php @@ -3,6 +3,7 @@ namespace Tests\Icinga\Protocol\Ldap; require_once '../../library/Icinga/Protocol/Ldap/Query.php'; require_once '../../library/Icinga/Protocol/Ldap/Connection.php'; require_once '../../library/Icinga/Protocol/Ldap/LdapUtils.php'; +require_once('Zend/Config.php'); /** * * Test class for Query @@ -13,12 +14,16 @@ class QueryTest extends \PHPUnit_Framework_TestCase { private function emptySelect() { - $connection = new \Icinga\Protocol\Ldap\Connection((object) array( - 'hostname' => 'localhost', - 'root_dn' => 'dc=example,dc=com', - 'bind_dn' => 'cn=user,ou=users,dc=example,dc=com', - 'bind_pw' => '***' - )); + $config = new \Zend_Config( + array( + 'hostname' => 'localhost', + 'root_dn' => 'dc=example,dc=com', + 'bind_dn' => 'cn=user,ou=users,dc=example,dc=com', + 'bind_pw' => '***' + ) + ); + + $connection = new \Icinga\Protocol\Ldap\Connection($config); return $connection->select(); } diff --git a/test/php/regression/LoginMaskBroken4459Test.php b/test/php/regression/LoginMaskBroken4459Test.php index 724017609..76520f2cd 100644 --- a/test/php/regression/LoginMaskBroken4459Test.php +++ b/test/php/regression/LoginMaskBroken4459Test.php @@ -46,10 +46,13 @@ namespace Tests\Icinga\Regression { $request = $this->getRequest(); - $request->setMethod("POST")->setPost(array( - "username" => "test", - "password" => "test" - )); + $request->setMethod("POST")->setPost( + array( + "username" => "test", + "password" => "test", + "btn_submit" => "1" + ) + ); $view = new \Zend_View(); $form = new LoginForm();