Installation de FusionDirectory depuis les sources sous Ubuntu 14.04

Posted by

Après qu’un collègue et ami m’ait vanté les mérites de fusion directory, j’ai eu envie d’y jeter un oeil à nouveau. La dernière fois que j’avais joué avec, le projet portait encore le nom de Gosa2. Il s’avère que FD n’est pas packagé pour Ubuntu 14.04 (bien que je soupçonne les paquets Debian d’être compatibles), du coup je suis parti des sources. La doc étant un peu imprécise, j’ai souhaité en faire une version succincte mais actualisée.

Tout d’abord, on installe les dépendances de FD, à savoir du Perl et un environnement d’exécution Apache/PHP :

apt-get -y install libpath-class-perl libnet-ldap-perl libcrypt-passwdmd5-perl libcrypt-cbc-perl libfile-copy-recursive-perl libarchive-extract-perl libxml-twig-perl libterm-readkey-perl
apt-get -y install libapache2-mod-php5 php5-curl php5-imap php5-imagick php5-ldap php5-gd
php5enmod imap
apt-get install libjs-scriptaculous libjs-prototype
apt-get install smarty3 smarty3-i18n php-mdb2

On récupère les packages FD :

wget http://repos.fusiondirectory.org/sources/1.0/schema2ldif/schema2ldif-1.1.tar.gz
tar -zxvf schema2ldif-1.1.tar.gz 
cp schema2ldif-1.1/bin/schema2ldif /usr/local/bin/
wget http://repos.fusiondirectory.org/sources/1.0/fusiondirectory/fusiondirectory-plugins-1.0.9.1.tar.gz
wget http://repos.fusiondirectory.org/sources/1.0/fusiondirectory/fusiondirectory-1.0.9.1.tar.gz

Que l’on extrait dans le répertoire par défaut de FD, /var/www/fusiondirectory :

tar -zxvf fusiondirectory-1.0.9.1.tar.gz 
mv fusiondirectory-1.0.9.1 /var/www/fusiondirectory
mv /var/www/fusiondirectory/contrib/bin/* /usr/local/bin/
chmod 774 /usr/local/bin/*
cp /var/www/fusiondirectory/contrib/fusiondirectory.conf  /var/cache/fusiondirectory/template/

On dispatche les plugins du moteur de template PHP Smarty :

mv /var/www/fusiondirectory/contrib/smarty/plugins/block.render.php /usr/share/php/smarty3/plugins/block.render.php
mv /var/www/fusiondirectory/contrib/smarty/plugins/function.msgPool.php /usr/share/php/smarty3/plugins/function.msgPool.php
mv /var/www/fusiondirectory/contrib/smarty/plugins/function.filePath.php /usr/share/php/smarty3/plugins/function.filePath.php
mv /var/www/fusiondirectory/contrib/smarty/plugins/function.iconPath.php /usr/share/php/smarty3/plugins/function.iconPath.php

Eventuellement, on installe les pages de man :

cd /var/www/fusiondirectory
gzip contrib/man/fusiondirectory.conf.5
gzip contrib/man/fusiondirectory-encrypt-passwords.1
gzip contrib/man/fusiondirectory-setup.1
gzip contrib/man/fusiondirectory-insert-schema.1
mv contrib/man/fusiondirectory-encrypt-passwords.1.gz /usr/local/man/man1
mv contrib/man/fusiondirectory-setup.1.gz /usr/local/man/man1
mv contrib/man/fusiondirectory-insert-schema.1.gz /usr/local/man/man1/
mv contrib/man/fusiondirectory.conf.5.gz /usr/local/man/man5

Pour faire bonne figure, on installe un serveur LDAP. Le base DN est construit tout seul depuis le suffixe DNS de la machine. Seule question posée, le mot de passe de l’admin LDAP.

apt-get -y install slapd ldap-utils

Puis on intègre les schémas FD, la commande fusiondirectory-insert-schema servant à les intégrer au format LDIF dans OpenLDAP.

mkdir /etc/ldap/schema/fusiondirectory
cp /var/www/fusiondirectory/contrib/openldap/*.schema /etc/ldap/schema/fusiondirectory
fusiondirectory-insert-schema /etc/ldap/schema/fusiondirectory/

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//core-fd.ldif'
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=core-fd,cn=schema,cn=config"


SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//core-fd-conf.ldif'
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=core-fd-conf,cn=schema,cn=config"


SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//ldapns.ldif'
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=ldapns,cn=schema,cn=config"


SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//template-fd.ldif'
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=template-fd,cn=schema,cn=config"

root@fusiondirectory:~# fusiondirectory-insert-schema -l
core
cosine
nis
inetorgperson
core-fd
core-fd-conf
ldapns
template-fd

On finalise l’installation :

fusiondirectory-setup --check-directories --update-cache --update-locales
Checking FusionDirectory's directories
/var/www/fusiondirectory exists…
/var/www/fusiondirectory is not set properly, do you want to fix it ?:  [Yes/No]?
Yes
Directory /etc/fusiondirectory doesn't exists, do you want to create it ?:  [Yes/No]?
Yes
Directory /var/spool/fusiondirectory doesn't exists, do you want to create it ?:  [Yes/No]?
Yes
Directory /var/cache/fusiondirectory doesn't exists, do you want to create it ?:  [Yes/No]?
Yes
Directory /var/cache/fusiondirectory/tmp doesn't exists, do you want to create it ?:  [Yes/No]?
Yes
Directory /var/cache/fusiondirectory/fai doesn't exists, do you want to create it ?:  [Yes/No]?
Yes
Directory /var/cache/fusiondirectory/template doesn't exists, do you want to create it ?:  [Yes/No]?
Yes
Updating class.cache
Updating translations

Puis la configuration Apache.

echo "Alias /fusiondirectory /var/www/fusiondirectory/html" > /etc/apache2/conf-available/fusiondirectory.conf
sed -i 's/#ServerName www.example.com/ServerName fusiondirectory.morot.test/g' sites-available/000-default.conf
2enconf fusiondirectory.conf
Enabling conf fusiondirectory.
To activate the new configuration, you need to run:
  service apache2 reload
root@fusiondirectory:/etc/apache2/conf-available# service apache2 reload
 * Reloading web server apache2                                                                                                                                                                                    * 

Finalement, il ne reste plus qu’à suivre les étapes fournies en se connectant via un navigateur via http:///etc/fusiondirectory/fusiondirectory.conf contenant le nécessaire pour se connecter à votre serveur LDAP.

Je vous recommande une petite correction des droits et de votre LDAP ensuite :

fusiondirectory-setup --check-config 
Checking FusionDirectory's config file
/etc/fusiondirectory/fusiondirectory.conf exists…
/etc/fusiondirectory/fusiondirectory.conf is not set properly, do you want to fix it ?:  [Yes/No]?
Y
fusiondirectory-setup  --check-ldap
Checking your LDAP tree
Role cn=admin,ou=aclroles,dc=morot,dc=test is an admin ACL role
uid=fd-admin,ou=people,dc=morot,dc=test is a valid admin
! ou=groups,dc=nodomain not found in your LDAP directory
Do you want to create it ?:  [Yes/No]?
Yes
fusiondirectory-setup --check-directories
Checking FusionDirectory's directories
/var/www/fusiondirectory exists…
Rights on /var/www/fusiondirectory are correct
/etc/fusiondirectory exists…
Rights on /etc/fusiondirectory are correct
/var/spool/fusiondirectory exists…
Rights on /var/spool/fusiondirectory are correct
/var/cache/fusiondirectory exists…
Rights on /var/cache/fusiondirectory are correct
/var/cache/fusiondirectory/tmp exists…
Rights on /var/cache/fusiondirectory/tmp are correct
/var/cache/fusiondirectory/fai exists…
Rights on /var/cache/fusiondirectory/fai are correct
/var/cache/fusiondirectory/template exists…
Rights on /var/cache/fusiondirectory/template are correct

FusionDirectory sans ses plugins ne vaut pas beaucoup mieux qu’un apache directory studio. Je vous propose donc d’installer très salement tout les plugins. Note, la commande attend l’archive TGZ et non l’archive extraite. Il faut également penser à adjoindre les schémas de chacun de ces plugins.

fusiondirectory-setup --install-plugins
Installing FusionDirectory's plugins
Where is your plugins archive ?:
/root/fusiondirectory-plugins-1.0.9.1.tar.gz
Installing plugins into /var/www/fusiondirectory, please wait..
tar -zxvf fusiondirectory-1.0.9.1.tar.gz
cd fusiondirectory-plugins-1.0.9.1/
for i in `  find . -name *.schema `  ; do cp $i /etc/ldap/schema/fusiondirectory/; done
for schema in `  ls /etc/ldap/schema/fusiondirectory/*.schema `  ; do fusiondirectory-insert-schema -i $schema; done
fusiondirectory-setup --update-cache

Have Fun!

One comment

Leave a Reply

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *