diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2007-08-19 11:00:48 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2007-08-19 11:00:48 +0000 |
| commit | 5593d70ef5b2a214d7b913ca70f4a0003e40327f (patch) | |
| tree | 53a1a06b1bc4504a11c2bf8f3d5178d051b3cfd0 | |
| parent | 7e5ad077f7fd4a147a5e3c212d0749e881f32e6f (diff) | |
remove passwords from configfile if the [root]binddn option was removed and always unset the passwd in the debconf database
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@352 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | debian/libnss-ldapd.postinst | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/debian/libnss-ldapd.postinst b/debian/libnss-ldapd.postinst index 0bc32ae..0a255fa 100644 --- a/debian/libnss-ldapd.postinst +++ b/debian/libnss-ldapd.postinst @@ -162,14 +162,17 @@ then cfg_set binddn "$RET" db_get libnss-ldapd/ldap-bindpw cfg_set bindpw "$RET" - # remove password from database - db_set libnss-ldapd/ldap-bindpw "" else # no binddn/pw, disable options cfg_disable binddn - cfg_disable bindpw - # FIXME: remove password value from config + if grep -i -q "^bindpw " $CONFFILE + then + cfg_set bindpw "*removed*" + cfg_disable bindpw + fi fi + # remove password from database + db_set libnss-ldapd/ldap-bindpw "" # set root bind dn/pw db_get libnss-ldapd/ldap-rootbinddn if [ -n "$RET" ] @@ -177,14 +180,17 @@ then cfg_set rootbinddn "$RET" db_get libnss-ldapd/ldap-rootbindpw cfg_set rootbindpw "$RET" - # remove password from database - db_set libnss-ldapd/ldap-rootbindpw "" else # no binddn/pw, disable options cfg_disable rootbinddn - cfg_disable rootbindpw - # FIXME: remove password value from config + if grep -i -q "^rootbindpw " $CONFFILE + then + cfg_set rootbindpw "*removed*" + cfg_disable rootbindpw + fi fi + # remove password from database + db_set libnss-ldapd/ldap-rootbindpw "" # modify /etc/nsswitch.conf db_get libnss-ldapd/nsswitch enablenss=`echo "$RET" | sed 's/,//g'` |