From cvs at kolab.org  Fri Oct 10 16:20:04 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:20:04 +0200 (CEST)
Subject: gunnar: server/perl-kolab/bin - New directory 
Message-ID: <20081010142004.2C2E8600BA9@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/bin
In directory doto:/tmp/cvs-serv20182/bin

Log Message:
Directory /kolabrepository/server/perl-kolab/bin added to the repository




From cvs at kolab.org  Fri Oct 10 16:20:10 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:20:10 +0200 (CEST)
Subject: gunnar: server/perl-kolab/data - New directory 
Message-ID: <20081010142010.5E5C9600BAF@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/data
In directory doto:/tmp/cvs-serv20220/data

Log Message:
Directory /kolabrepository/server/perl-kolab/data added to the repository




From cvs at kolab.org  Fri Oct 10 16:22:06 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:22:06 +0200 (CEST)
Subject: gunnar: server/perl-kolab/data quotawarning.txt,NONE,1.1 
Message-ID: <20081010142206.C1D15600BAF@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/data
In directory doto:/tmp/cvs-serv20319/data

Added Files:
	quotawarning.txt 
Log Message:
Merge all perl tools into the perl-kolab package.

--- NEW FILE: quotawarning.txt ---
[This is an automatically generated message.]

The mailbox for <user> is <percent>% full, please clean it up.
The size of the mailbox is currently <used> KB out of a total 
allowed <total> KB.

<admin>

[Dies ist eine automatisch generierte Nachricht]

Das Postfach für <user> ist zu <percent>% gefüllt. Bitte 
räumen Sie es auf.
Das Postfach belegt zurzeit <used> KB von erlaubten <total> KB.

<admin>



From cvs at kolab.org  Fri Oct 10 16:22:07 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:22:07 +0200 (CEST)
Subject: gunnar: server/perl-kolab/lib/Kolab Conf.pm,NONE,1.1 
Message-ID: <20081010142207.0431A600BAF@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/lib/Kolab
In directory doto:/tmp/cvs-serv20319/lib/Kolab

Added Files:
	Conf.pm 
Log Message:
Merge all perl tools into the perl-kolab package.

--- NEW FILE: Conf.pm ---
package Kolab::Conf;

##  COPYRIGHT
##  ---------
##
##  See AUTHORS file
##
##
##  LICENSE
##  -------
##
##  This  program is free  software; you can redistribute  it and/or
##  modify it  under the terms of the GNU  General Public License as
##  published by the  Free Software Foundation; either version 2, or
##  (at your option) any later version.
##
##  This program is  distributed in the hope that it will be useful,
##  but WITHOUT  ANY WARRANTY; without even the  implied warranty of
##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
##  General Public License for more details.
##
##  You can view the  GNU General Public License, online, at the GNU
##  Project's homepage; see <http://www.gnu.org/licenses/gpl.html>.
##
##  $Revision: 1.1 $

use 5.008;
use strict;
use warnings;

use IO::File;
use File::Copy;
use File::Temp;
use File::stat;
use Kolab;
use Kolab::Util;
use Kolab::LDAP;

require Exporter;

our @ISA = qw(Exporter);

our %EXPORT_TAGS = (
    'all' => [ qw(
        &buildPostfixTransportMap
        &buildCyrusGroups
        &buildLDAPReplicas
        &rebuildTemplates
	&checkPermissions
    ) ]
    );

our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );

our @EXPORT = qw(

);

my %templates = ();
my %ownership = ();
my %permissions = ();
my %templatehaschanged = ();
my %haschanged = ();
my %commentchar = ();

sub fixup {
    my $file = shift;
    my $ownership = shift;
    my $perm = shift;

    (my $owner, my $group) = split(/:/, $ownership, 2);
    my $uid = (getpwnam($owner))[2];
    my $gid = (getgrnam($group))[2];
    Kolab::log('T', sprintf("Changing permissions of %s to 0%o", $file, $perm ), KOLAB_DEBUG );
    if( chmod($perm, $file) != 1 ) {
	Kolab::log('T', "Unable to change permissions of `$file' to ".sprintf("0%o",$perm) . ": $!", KOLAB_ERROR);
	exit(1);
    }
    Kolab::log('T', "Changing owner of $file to $owner:$group ($uid:$gid)", KOLAB_DEBUG );
    if( chown($uid,$gid,$file) != 1 ) {
	Kolab::log('T', "Unable to change ownership of `$file' to $uid:$gid: $!", KOLAB_ERROR);
	exit(1);
    }
}

sub printWarning {

    my $stream = shift;
    my $templateFile = shift;
    my $cc = shift;

    $templateFile = "" if (!defined $templateFile);
    $cc = "#" if (!defined $cc);

    # Different warnings during bootstrapping and regular configuration
# $Kolab::config{"bootstrap_config"} = "true";
    if ((defined $Kolab::config{"bootstrap_config"}) &&
        ($Kolab::config{"bootstrap_config"} eq "true")) {

        print $stream "$cc=================================================================\n";
        print $stream "$cc This is a preliminary version of this configuration file and\n";
        print $stream "$cc only used for bootstrapping.  If you see this warning in your\n";
        print $stream "$cc configuration after bootstrapping the Kolab Server\n";
        print $stream "$cc SOMETHING WENT VERY WRONG !!!\n";
        print $stream "$cc=================================================================\n";

    } else {

        print $stream "$cc=================================================================\n";
        print $stream "$cc THIS FILE IS AUTOMATICALLY WRITTEN BY THE KOLAB CONFIG BACKEND.\n";
        print $stream "$cc MANUAL CHANGES ARE LOST UNLESS MADE IN THE TEMPLATE FILE:\n";
        print $stream "$cc\n";
        print $stream "$cc  $templateFile\n";
        print $stream "$cc\n";
        print $stream "$cc Changes can be activated by running ".$Kolab::config{'kolabconf_script'}."\n";
        print $stream "$cc=================================================================\n";

    }
}

sub build {
    my $tmpl = shift;
    my $cfg = shift;
    my $owner = shift;
    my $perm = shift;
    my $cchr = shift;  # comment character

    my $oldcfg = $cfg . '.old';
    my $templatedir = $Kolab::config{"templatedir"};

    my %special_templates = (
	"$templatedir/transport.template"      => 1,
	"$templatedir/virtual.template"        => 1,
	"$templatedir/imapd.group.template"    => 1,
	"$templatedir/slapd.access.template"   => 1,
	"$templatedir/slapd.replicas.template" => 1
	);

    my $oldmask = umask 077;
    copy($cfg, $oldcfg);
    #chown($Kolab::config{'kolab_uid'}, $Kolab::config{'kolab_gid'}, $oldcfg);
    # To avoid warnings, the backup files must be owned by root
    chown(0, 0, $oldcfg);
    umask $oldmask;
    #chmod(0600, $oldcfg) if ($oldcfg =~ /openldap/);

    Kolab::log('T', "Creating new configuration file `$cfg' from template `$tmpl'", KOLAB_DEBUG );
    #print STDERR "Creating new configuration file `$cfg' from template `$tmpl'\n";

    my $template;
    if (!($template = IO::File->new($tmpl, 'r'))) {
        Kolab::log('T', "Unable to open template file `$tmpl': $!", KOLAB_ERROR);
	# Error, fail gracefully
	return;
    }
    my $config;
    if (!($config = new File::Temp( TEMPLATE => 'tmpXXXXX',
				    DIR => $Kolab::config{"kolabdir"},
				    SUFFIX => '.kolabtmp',
				    UNLINK => 0 ))) {
        Kolab::log('T', "Unable to open configuration file `$cfg': $!", KOLAB_ERROR);
        exit(1);
    }

    #Kolab::log('T', "Using temporary file '".$config->filename."'", KOLAB_DEBUG );

    my $skip = 0;
    my $keep = 0;
    while (<$template>) {
    	#Eat the meta data sections
	if (/^KOLAB_META_START$/) {
	    my $found_end;
	    while (!$found_end) {	
		$_ = <$template>;
		$found_end = /^KOLAB_META_END$/;
	    }
	    $_ = <$template>;
	}

        if (/\@{3}if\s+exists\(\s*(\S+?)\s*\)\@{3}/) {
            # @@@if exists(/full/path/to/file)@@@
            # also possible: @@@if exists( /full/path/to/file )@@@
            if (-f $1) {
                # Keep text if searched file or symbolic link exists.
                $keep = 1;
            } else {
                # Skip text
                $skip++;
                $keep = 0;
            }
        } elsif (/\@{3}if\s+(\S+?)\@{3}/) {
            # @@@if some_variable@@@
            # The some_variable is a key in the $Kolab::config hash and has
            # its value set to either 'false' or 'true'
            if ($Kolab::config{$1} && lc($Kolab::config{$1}) ne "false" ) {
                # Keep text
		$keep = 1;
            } else {
                # Skip text
                $skip++;
		$keep = 0;
            }
            s/\@{3}if (\S+?)\@{3}\n?//;
	} elsif (/\@{3}else\@{3}/) {
	    if( $keep == 0 ) {
		# Now keep
		$keep = 1;
		$skip--;
	    } else {
		# Now skip
		$keep = 0;
                $skip++;
	    }
            s/\@{3}else\@{3}\n?//;

        } elsif (/\@{3}endif\@{3}/) {
            ($skip > 0) && $skip--;
            s/\@{3}endif\@{3}\n?//;

        } elsif (/\@{3}warning\@{3}/) { 

            printWarning($config, $tmpl, $cchr);

        } else {
            while (/\@{3}([^\s\@]+?)(\|(.+?)\((.*)\))?\@{3}/) {
		my $attr = $1;
		my $fct  = $3;
		my $args = $4;
		#print STDERR "attr=\"$attr\", fct=\"$fct\", args=\"$args\"\n";
		if ($Kolab::config{$attr}) {
		    my $val = "";
		    if( !$fct ) {
			if (ref $Kolab::config{$attr} eq "ARRAY") {
			    $val = $Kolab::config{$attr}->[0];
			} else {
			    $val = $Kolab::config{$attr};
			}
		    } else {
			# Modifier functions
		      SWITCH: {
			  # Join function 
			  $fct eq 'join' && do {
			      if (ref $Kolab::config{$attr} eq "ARRAY") {
				  my @vals = @{$Kolab::config{$attr}} ;
				  # We want to make sure subdomain.domain.tld comes before domain.tld
				  my @length_sorted_vals = sort {length $b cmp length $a} @vals;
				  $val = join ($args, @length_sorted_vals) ;
			      } else {
				  $val = $Kolab::config{$attr};
			      }
			      last SWITCH;
			  };
			  # Quote function
			  $fct eq 'quote' && do {
			      # slapd.conf compatible quoting
			      $val = $Kolab::config{$attr};
			      $val =~ s/"/\"/g;
			      $val = '"'.$val.'"';
			      last SWITCH;
			  }
			}
		    }
		    s/\@{3}([^\s\@]+?)(\|.+?)?\@{3}/$val/;
		    last if ( $val eq "\@\@\@$attr\@\@\@" ); # prevent endless loop
		} else {
		    # Only warn the user in case we are not skipping the section
		    ($skip == 0) && Kolab::log('T', "No configuration variable corresponding to `$1' exists", KOLAB_WARN);
		    s/\@{3}([^\s\@]+?)\@{3}//;
		}
	    }
	    ($skip == 0) && print $config $_;
	}
    }
    
    $template->close;
    $config->close;

    move($config->filename, $cfg) || Kolab::log('T', "Error moving configfile to $cfg, error: $!", KOLAB_ERROR );
    fixup( $cfg, $owner, $perm );
    #chown($Kolab::config{'kolab_uid'}, $Kolab::config{'kolab_gid'}, $cfg);
    #chmod(0600, $cfg) if ($cfg =~ /openldap/);

    if (-f $oldcfg && !defined $special_templates{$tmpl} ) {
        my $rc = `diff -q $cfg $oldcfg`;
        chomp($rc);
        if ($rc) {
            if ($cfg =~ /postfix/) {
                $haschanged{'postfix'} = 1;
            } elsif ($cfg =~ /saslauthd/) {
                $haschanged{'saslauthd'} = 1;
            } elsif ($cfg =~ /apache/) {
                $haschanged{'apache'} = 1;
            } elsif ($cfg =~ /openldap/) {
                $haschanged{'slapd'} = 1;
            } elsif ($cfg =~ /imapd/) {
                $haschanged{'imapd'} = 1;
	    } elsif ($cfg =~ /amavisd/) {
                $haschanged{'amavisd'} = 1;
	    } elsif ($cfg =~ /clamav/) {
                $haschanged{'clamav'} = 1;
#} elsif ($cfg =~ /example/) {
	    } else {
		Kolab::log('T', "`$cfg' change detected ", KOLAB_DEBUG );
		$templatehaschanged{$tmpl} = 1;
	    }

            Kolab::log('T', "`$cfg' change detected: $rc", KOLAB_DEBUG );
        }
    }

    Kolab::log('T', "Finished creating configuration file `$cfg'", KOLAB_DEBUG );
}

sub buildPostfixTransportMap
{
    buildPostfixMap( 'transport' );
}

sub buildPostfixVirtualMap
{
    buildPostfixMap( 'virtual' );
}

sub buildPostfixMap
{
    my $map = shift;
    Kolab::log('T', "Building Postfix $map map", KOLAB_DEBUG);

    my $templatedir = $Kolab::config{"templatedir"};

    my $keytemplate = "$templatedir/$map.template";
    my $cfg = $templates{$keytemplate};
    my $oldcfg = $cfg . '.old';

    #my $oldmask = umask 077;
    #copy($cfg, $oldcfg);
    #chown($Kolab::config{'kolab_uid'}, $Kolab::config{'kolab_gid'}, $oldcfg);
    #umask $oldmask;
    #delete $templates{$keytemplate};

    my $transport;
    if (!($transport = IO::File->new($cfg, 'a'))) {
        Kolab::log('T', "Unable to create Postfix $map map: $!", KOLAB_ERROR);
        exit(1);
    }

    my $ldap = Kolab::LDAP::create(
        $Kolab::config{'ldap_ip'},
        $Kolab::config{'ldap_port'},
        $Kolab::config{'bind_dn'},
        $Kolab::config{'bind_pw'}
	);

    my $mesg = $ldap->search(
        base    => 'k=kolab,'.$Kolab::config{'base_dn'},
        scope   => 'base',
        filter  => '(objectclass=*)'
	);
    if ($mesg->code) {
        Kolab::log('T', "Unable to locate Postfix $map map entries in LDAP", KOLAB_ERROR);
        exit(1);
    }

    my $ldapobject;
    if ($mesg->code <= 0) {
        foreach $ldapobject ($mesg->entries) {
            my $routes = $ldapobject->get_value("postfix-$map", asref => 1);
            foreach (@$routes) {
                $_ = trim($_);
                Kolab::log('T', "Adding entry `$_' to $map");
                print $transport $_ . "\n";
            }
        }
    } else {
        Kolab::log('T', "No Postfix $map map entries found");
    }

    Kolab::LDAP::destroy($ldap);
    $transport->close;

    # FIXME: bad way of doing things...
    #system("chown root:root @emailserver_confdir@/*");
    fixup( $cfg, $ownership{$cfg}, $permissions{$cfg});
    system("$Kolab::config{'postmapping'}/$map");

    if (-f $oldcfg) {
        my $rc = `diff -q $cfg $oldcfg`;
        chomp($rc);
        if ($rc) {
	    Kolab::log('T', "`$cfg' change detected: $rc", KOLAB_DEBUG);
	    $haschanged{'postfix'} = 1;
        }
    } else {
        $haschanged{'postfix'} = 1;
    }

    Kolab::log('T', 'Finished building Postfix $map map', KOLAB_DEBUG);
}

sub buildCyrusGroups
{
    Kolab::log('T', 'Building Cyrus groups', KOLAB_DEBUG);

    my $templatedir = $Kolab::config{"templatedir"};

    my $keytemplate = "$templatedir/imapd.group.template";
    my $cfg = $templates{$keytemplate};
    my $oldcfg = $cfg . '.old';
    #delete $templates{$keytemplate};

    #my $oldmask = umask 077;
    #copy($cfg, $oldcfg);
    #chown($Kolab::config{'kolab_uid'}, $Kolab::config{'kolab_gid'}, $oldcfg);
    #umask $oldmask;

    my $groupconf;
    if (!($groupconf = IO::File->new($cfg, 'a'))) {
        Kolab::log('T', "Unable to open configuration file `$cfg': $!", KOLAB_ERROR);
        exit(1);
    }

    my $ldap = Kolab::LDAP::create(
        $Kolab::config{'ldap_ip'},
        $Kolab::config{'ldap_port'},
        $Kolab::config{'bind_dn'},
        $Kolab::config{'bind_pw'}
	);

    my $mesg = $ldap->search(
        base    => $Kolab::config{'base_dn'},
        scope   => 'sub',
        filter  => '(&(mail=*)(objectclass=kolabgroupofnames))'
	);
    if ($mesg->code) {
        Kolab::log('T', 'Unable to locate Cyrus groups in LDAP', KOLAB_ERROR);
        exit(1);
    }

    my $ldapobject;
    my $count = 60000;
    if ($mesg->code <= 0) {
        foreach $ldapobject ($mesg->entries) {
            #my $group = $ldapobject->get_value('cn') . '@'.join('.',reverse(@dn)) . ":*:$count:";
	    my $group = lc($ldapobject->get_value('mail')).":*:$count:";
            my $userlist = $ldapobject->get_value('member', asref => 1);
            foreach (@$userlist) {
		my $uid = $_;
		my $umesg = $ldap->search( base => $uid,
					   scope => 'base', 
					   filter => '(objectClass=*)' );
		if ( $umesg && $umesg->code() <= 0 && $umesg->count() == 1 ) {
		    my $mail;
		    ($mail = $umesg->entry(0)->get_value('mail')) or
			($mail = $umesg->entry(0)->get_value('uid'));
		    $group .= lc($mail).',';		
		}
	    }
            $group =~ s/,$//;
            print $groupconf $group . "\n";
            Kolab::log('T', "Adding cyrus group `$group'");
            $count++;
        }
    } else {
        Kolab::log('T', 'No Cyrus groups found');
    }

    $groupconf->close;
    Kolab::LDAP::destroy($ldap);

    fixup( $cfg, $ownership{$cfg}, $permissions{$cfg});

    Kolab::log('T', 'Finished building Cyrus groups', KOLAB_DEBUG );
}

sub buildLDAPAccess
{
    Kolab::log('T', 'Building LDAP access file', KOLAB_DEBUG);

    my $templatedir = $Kolab::config{"templatedir"};

    my $keytemplate = "$templatedir/slapd.access.template";
    my $cfg = $templates{$keytemplate};
    my $oldcfg = $cfg . '.old';

    my $access;
    if (!($access = IO::File->new($cfg, 'a'))) {
        Kolab::log('T', "Unable to open configuration file `$cfg': $!", KOLAB_ERROR);
        exit(1);
    }

my $global_acl = <<'EOS';
# Domain specific access
access to filter=(&(objectClass=kolabInetOrgPerson)(mail=*@@@@domain@@@)(|(!(alias=*))(alias=*@@@@domain@@@)))
        by group/kolabGroupOfNames="cn=@@@domain@@@,cn=domains,cn=internal,@@@base_dn@@@" write
        by * break

access to filter=(&(objectClass=kolabGroupOfNames)(mail=*@@@@domain@@@))
        by group/kolabGroupOfNames="cn=@@@domain@@@,cn=domains,cn=internal,@@@base_dn@@@" write
        by * break

access to filter=(&(objectClass=kolabSharedFolder)(cn=*@@@@domain@@@))
        by group/kolabGroupOfNames="cn=@@@domain@@@,cn=domains,cn=internal,@@@base_dn@@@" write
        by * break

EOS

my $dom_acl1 = << 'EOS';
# Access to domain groups
access to dn.children="cn=domains,cn=internal,@@@base_dn@@@"
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by dn="cn=nobody,cn=internal,@@@base_dn@@@" read
EOS

my $dom_acl2 = << 'EOS';
        by group/kolabGroupOfNames="cn=@@@domain@@@,cn=domains,cn=internal,@@@base_dn@@@" read
EOS

my $dom_acl3 = << 'EOS';
         by * search stop
EOS

	my $str;
    my $domain;
    my @domains;
    if( ref($Kolab::config{'postfix-mydestination'}) eq 'ARRAY' ) {
	@domains = @{$Kolab::config{'postfix-mydestination'}};
    } else {
	@domains =( $Kolab::config{'postfix-mydestination'} );
    }

    ($str = $dom_acl1) =~ s/\@{3}base_dn\@{3}/$Kolab::config{'base_dn'}/g;
    print $access $str;

    foreach $domain (@domains) {
	($str = $dom_acl2) =~ s/\@{3}domain\@{3}/$domain/g;
	$str =~ s/\@{3}base_dn\@{3}/$Kolab::config{'base_dn'}/g;	
	print $access $str;
    }

    ($str = $dom_acl3) =~ s/\@{3}base_dn\@{3}/$Kolab::config{'base_dn'}/g;
    print $access $str;

    foreach $domain (@domains) {
	($str = $global_acl) =~ s/\@{3}domain\@{3}/$domain/g;
	$str =~ s/\@{3}base_dn\@{3}/$Kolab::config{'base_dn'}/g;	
	print $access $str;
	Kolab::log('T', "Adding acl for domain '$str'");
    }

    $access->close;

    if (-f $oldcfg) {
        my $rc = `diff -q $cfg $oldcfg`;
        chomp($rc);
        if ($rc) {
	    Kolab::log('T', "`$cfg' change detected: $rc", KOLAB_DEBUG);
	    $haschanged{'slapd'} = 1;
        }
    } else {
        $haschanged{'slapd'} = 1;
    }

    fixup( $cfg, $ownership{$cfg}, $permissions{$cfg});

    Kolab::log('T', 'Finished building LDAP access file', KOLAB_DEBUG );
}

sub buildLDAPReplicas
{
    Kolab::log('T', 'Building LDAP replicas', KOLAB_DEBUG);

    my $templatedir = $Kolab::config{"templatedir"};

    my $keytemplate = "$templatedir/slapd.replicas.template";
    my $cfg = $templates{$keytemplate};
    my $oldcfg = $cfg . '.old';

    my $repl;
    if (!($repl = IO::File->new($cfg, 'a'))) {
        Kolab::log('T', "Unable to open configuration file `$cfg': $!", KOLAB_ERROR);
        exit(1);
    }

    # directory_mode syncrepl is supported from openldap-2.3.x and beyond
    if ($Kolab::config{'directory_mode'} eq "syncrepl") {

      if ( $Kolab::config{'is_master'} eq "false" ) {
        # Output a syncrepl statement for database synchronisation
        print $repl "syncrepl rid=0 \n"
                 ."         provider=".$Kolab::config{"ldap_master_uri"}."\n"
                 ."         type=refreshAndPersist\n"
                 ."         searchbase=\"".$Kolab::config{'base_dn'}."\"\n"
                 ."         scope=sub\n"
                 ."         schemachecking=on\n"
                 ."         binddn=\"".$Kolab::config{"bind_dn"}."\"\n"
                 ."         credentials=\"".$Kolab::config{"bind_pw"}."\"\n"
                 ."         bindmethod=simple\n";
      }

    } else {

      if( $Kolab::config{'is_master'} eq "true" ) {
  	# Master setup
  	my @kh;
  	if( ref $Kolab::config{'kolabhost'} eq 'ARRAY' ) {
  	    @kh = @{$Kolab::config{'kolabhost'}};
  	} else {
  	    @kh = ( $Kolab::config{'kolabhost'} );
  	}
  	for my $h ( @kh ) {
  	    next if lc($h) eq lc($Kolab::config{'fqdnhostname'});
  	    print $repl "replica uri=ldaps://$h\n"
  		."  binddn=\"".$Kolab::config{'bind_dn'}."\"\n"
  		."  bindmethod=simple credentials=".$Kolab::config{'bind_pw'}."\n\n";
  	}
      } else {
  	# Slave setup
  	# Output an update dn statement instead
  	print $repl "updatedn ".$Kolab::config{'bind_dn'}."\n";
  	print $repl "updateref ".$Kolab::config{'ldap_master_uri'}."\n";
      }
    }

    $repl->close;

    fixup( $cfg, $ownership{$cfg}, $permissions{$cfg});

    if (-f $oldcfg) {
        my $rc = `diff -q $cfg $oldcfg`;
        chomp($rc);
        if ($rc) {
	    Kolab::log('T', "`$cfg' change detected: $rc", KOLAB_DEBUG);
	    $haschanged{'slapd'} = 1;
        }
    } else {
        $haschanged{'slapd'} = 1;
    }

    Kolab::log('T', 'Finished building LDAP replicas', KOLAB_DEBUG);
}

sub replaceMetaVar
{	
    my $var = shift;

    while ($var =~ /\@{3}([^\s\@]+?)\@{3}/) {
	my $attr = $1;
	if ($Kolab::config{$attr}) {
	    my $val = $Kolab::config{$attr};
	    $var =~ s/\@{3}([^\s\@]+?)\@{3}/$val/;
	} else {
	    Kolab::log('T', "No configuration variable corresponding to `$1' exists", KOLAB_WARN);
	}
    }
    return $var;
}


sub loadMetaTemplates
{	
    my $templatedir = shift;
    my ($tref, $pref, $oref, $cmdref, $ccharref) = @_;

    Kolab::log('T', 'Collecting template files', KOLAB_DEBUG );
    opendir(DIR, $templatedir) or Kolab::log('T', 'Given templatedir $templatedir does not exist!', KOLAB_ERROR );
    my @metatemplates = grep { /\.template$/ } readdir (DIR);
    closedir(DIR);

    foreach my $template (@metatemplates) {
	my $runonchange = undef;
	my $commentchar = undef;
	#Open each file and check for the META
	if (open (TEMPLATE, "$templatedir/$template" )) {
	    my $line = <TEMPLATE>;
	    if ($line =~ /^KOLAB_META_START$/) {
		Kolab::log('T', 'Processing META template :'.$template, KOLAB_DEBUG );
		my ($found_end, $target, $permissions, $ownership);
		while (<TEMPLATE>) {
		    $line = $_;
		    
		    if (!$found_end) {
			$found_end = $line =~ /^KOLAB_META_END$/;
			if (!$found_end && $line) {
			    my ($key,$value) = split(/=/,$line);
			    chomp($value);
			    Kolab::log('T', 'META Key: '.$key.' Value: '.$value, KOLAB_DEBUG );
			    if ($key =~ /^TARGET$/) {
				$target = replaceMetaVar($value);
				Kolab::log('T', 'META Target '.$target, KOLAB_DEBUG );
			    } elsif ($key =~ /^PERMISSIONS$/) {
				$permissions = replaceMetaVar($value);
				Kolab::log('T', 'META Permissions '.$permissions, KOLAB_DEBUG );
			    } elsif ($key =~ /^OWNERSHIP$/) {
				$ownership = replaceMetaVar($value);
				Kolab::log('T', 'META Ownership '.$ownership, KOLAB_DEBUG );
			    } elsif ($key =~ /^RUNONCHANGE$/) {
				$runonchange = replaceMetaVar($value);
				Kolab::log('T', 'META Cmd to execute '.$runonchange, KOLAB_DEBUG );
			    } elsif ($key =~ /^COMMENT_CHAR$/) {
			      $commentchar = replaceMetaVar($value);
			      Kolab::log('T', 'META CommentChar to use: '.$commentchar, KOLAB_DEBUG );
			    } else {
			        Kolab::log('T', 'incorrect META key "'.$key.'" in: '.$template, KOLAB_WARN );
			    }
			}
		    }
		}
		if ($found_end && $target && $permissions && $ownership) {
		    Kolab::log('T', 'All mandatory fields populated in '.$template, KOLAB_DEBUG );
		    $$tref{$templatedir . "/" . $template} = $target;
		    $$oref{$target} = $ownership;
		    $permissions = oct($permissions);
		    $$pref{$target} = $permissions;
		    my $runcmdtemplate = $templatedir."/".$template;
		    $$cmdref{$runcmdtemplate} = $runonchange if (defined $runonchange);
		    $$ccharref{$target} = $commentchar if (defined $commentchar);
		}
		
	    }
	} else {
	    Kolab::log('T', 'Could not open template file: '. $template, KOLAB_WARN);
	}
    }

}

sub rebuildTemplates
{
    my $key;
    my $value;
    my $section="";
    my %runonchange;

    my $templatedir = $Kolab::config{"templatedir"};

    Kolab::log('T', 'Regenerating configuration files', KOLAB_DEBUG );

    Kolab::log('T', 'Loading meta-template data', KOLAB_DEBUG );
    loadMetaTemplates( $templatedir, \%templates, \%permissions, \%ownership, \%runonchange, \%commentchar );

    my $cfg;
    my $tpl;
    foreach $tpl (keys %templates) {
        $cfg = $templates{$tpl};
        #print STDOUT "Rebuilding $tpl => $cfg\n";
        build($tpl, $cfg, $ownership{$cfg}, $permissions{$cfg}, $commentchar{$cfg});
     }

    buildPostfixTransportMap;
    buildPostfixVirtualMap;
    buildLDAPAccess;
    buildLDAPReplicas;
    buildCyrusGroups;

    Kolab::log('T', 'Finished regenerating configuration files', KOLAB_DEBUG );

    foreach $key (keys %runonchange) {
	if (defined $templatehaschanged{$key})
	{
	    Kolab::log('T', 'Actioning RUNONCHANGE for $key', KOLAB_DEBUG );
	    my $cmd = $runonchange{$key};
	    system($cmd);
	    Kolab::log('T', 'Executing command', KOLAB_DEBUG );
	}
    }
}

sub bootstrapConfig
{
    my $templatedir = $Kolab::config{"templatedir"};

    # FIXME: it would be better if the templates can be given as an
    # argument to this function.
    my @templ = ("$templatedir/slapd.access.template",
      "$templatedir/slapd.conf.template",
      "$templatedir/slapd.replicas.template");
 
    my %runonchange;

    loadMetaTemplates( $templatedir, \%templates, \%permissions, \%ownership, \%runonchange, \%commentchar );

    my $cfg;
    my $out;
    foreach my $tpl (@templ) {
      $cfg = $templates{$tpl};
      # print STDOUT "Rebuilding $tpl => $cfg\n";
      build($tpl, $cfg, $ownership{$cfg}, $permissions{$cfg}, $commentchar{$cfg});
    }
}

sub checkPermissions {
    my $key;
    my $value;

    my $templatedir = $Kolab::config{"templatedir"};

    Kolab::log('T', 'Checking generated config file permissions and ownership', KOLAB_DEBUG );

    loadMetaTemplates( $templatedir, \%templates, \%permissions, \%ownership );

    my $ok = 1;

    foreach $key (keys %templates) {
	my $tpl = $templates{$key};

	if (-r $tpl) {
	    my $st = stat($tpl);
	    my $owner = getpwuid($st->uid).':'.getgrgid($st->gid);
	    if( ( ($st->mode & 07777) != $permissions{$tpl}) ||
		($owner ne $ownership{$tpl}) ) {
		my $str = 'File '.$tpl.' has the wrong persmissions/owner. Found '
		    .sprintf("%lo", $st->mode&07777).' '.$owner.', expected '
		    .sprintf("%lo",$permissions{$tpl}).' '.$ownership{$tpl};
		print( "$str\n" );
		Kolab::log('T', $str, KOLAB_ERROR );
		$ok = 0;
	    }
	} else {
	    my $str = "File $tpl does not exist";
	    print "$str\n";
	    Kolab::log('T', "$str", KOLAB_ERROR );
	}
    }
    return $ok;
}

sub reload
{
    if ($haschanged{'slapd'}) {
        &Kolab::log('K', 'Restarting OpenLDAP...');
        system("$Kolab::config{'KOLABRC'} rc openldap restart &");
    }

    if ($haschanged{'saslauthd'}) {
        &Kolab::log('K', 'Restarting SASLAuthd...');
        system("$Kolab::config{'KOLABRC'} rc sasl stop; sleep 1; $Kolab::config{sbindir}/saslauthd -a ldap -n 5");
    }

    if ($haschanged{'apache'}) {
        &Kolab::log('K', 'Reloading Apache...');
        system("$Kolab::config{sbindir}/apachectl graceful");
    }

    if ($haschanged{'postfix'}) {
        &Kolab::log('K', 'Reloading Postfix...');
        system("$Kolab::config{sbindir}/postfix reload");
    }

    if ($haschanged{'imapd'}) {
        &Kolab::log('K', 'Restarting imapd...');
	# Would it be enough with a reload here? /steffen
        system("$Kolab::config{'KOLABRC'} rc imapd restart");
    }

    if ($haschanged{'amavisd'}) {
        &Kolab::log('K', 'Restarting amavisd...');
        system("$Kolab::config{'KOLABRC'} rc amavisd restart");
    }

    if ($haschanged{'clamav'}) {
        &Kolab::log('K', 'Restarting clamav...');
        system("$Kolab::config{'KOLABRC'} rc clamav restart");
    }

    %Kolab::Conf::haschanged = ();

    &Kolab::log('K', 'Reload finished');
}

1;
__END__
=head1 NAME

Kolab::Conf - Perl extension for Kolab template generation

=head1 ABSTRACT

  Kolab::Conf handles the generation of template files, used by
  kolabconf.

=head1 COPYRIGHT AND AUTHORS

Stuart Bingë and others (see AUTHORS file)

=head1 LICENSE

This  program is free  software; you can redistribute  it and/or
modify it  under the terms of the GNU  General Public License as
published by the  Free Software Foundation; either version 2, or
(at your option) any later version.

This program is  distributed in the hope that it will be useful,
but WITHOUT  ANY WARRANTY; without even the  implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.

You can view the  GNU General Public License, online, at the GNU
Project's homepage; see <http://www.gnu.org/licenses/gpl.html>.

=cut



From cvs at kolab.org  Fri Oct 10 16:22:07 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:22:07 +0200 (CEST)
Subject: gunnar: server/perl-kolab AUTHORS, 1.4, 1.5 ChangeLog, 1.39,
	1.40 MANIFEST, 1.4, 1.5 Makefile.PL, 1.7, 1.8 perl-kolab.spec,
	1.102, 1.103 
Message-ID: <20081010142207.381DF600BB0@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab
In directory doto:/tmp/cvs-serv20319

Modified Files:
	AUTHORS ChangeLog MANIFEST Makefile.PL perl-kolab.spec 
Log Message:
Merge all perl tools into the perl-kolab package.

Index: AUTHORS
===================================================================
RCS file: /kolabrepository/server/perl-kolab/AUTHORS,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- AUTHORS	6 Feb 2008 13:06:32 -0000	1.4
+++ AUTHORS	10 Oct 2008 14:22:03 -0000	1.5
@@ -8,11 +8,11 @@
   (c) 2003         Tassilo Erlewein     <tassilo.erlewein at erfrakon.de>
   (c) 2003         Achim Frank          <achim.frank at erfrakon.de>
   (c) 2004         Stephan Buys         <s.buys at codefusion.co.za>
-  (c) 2005 - 2006  Richard Bos          <richard at radoeka.nl>
-  (c) 2005 - 2006  Marcus Hüwe          <suse-tux at gmx.de>
+  (c) 2005 - 2008  Richard Bos          <richard at radoeka.nl>
+  (c) 2005 - 2008  Marcus Hüwe          <suse-tux at gmx.de>
   (c) 2004 - 2006  Steffen Hansen       <steffen at klaralvdalens-datakonsult.se>
   (c) 2007 - 2008  Thomas Arendsen Hein <thomas at intevation.de>
-  (c) 2006 - 2007  Gunnar Wrobel        <wrobel at pardus.de>
+  (c) 2006 - 2008  Gunnar Wrobel        <wrobel at pardus.de>
   (c) 2003 - 2007  Martin Konold        <martin.konold at erfrakon.de>
 
 
@@ -20,7 +20,7 @@
 
   (c) 2004 - 2006  Klaraelvdalens Datakonsult AB
   (c) 2007 - 2008  Intevation GmbH
-  (c) 2006 - 2007  p at rdus
+  (c) 2006 - 2008  p at rdus
   (c) 2003 - 2007  erfrakon Partnerschaftsgesellschaft
 
 

Index: ChangeLog
===================================================================
RCS file: /kolabrepository/server/perl-kolab/ChangeLog,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -d -r1.39 -r1.40
--- ChangeLog	14 Aug 2008 19:17:42 -0000	1.39
+++ ChangeLog	10 Oct 2008 14:22:03 -0000	1.40
@@ -1,10 +1,79 @@
+2008-10-03  Gunnar Wrobel  <p at rdus.de>
+
+	* bin/kolabquotawarn.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* bin/kolabpasswd.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* bin/kolab_bootstrap.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* bin/kolabd.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* bin/kolabcheckperm.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* bin/kolabquotareport.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* bin/kolab_smtpdpolicy.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* Makefile.PL: Added routines for script installations.
+
+2008-09-09 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm: updated to improve readability
+
+2008-09-08 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm: added code to include warnings in a configuration
+	  file, by replacing the macro @@@warning@@@ in the config file.
+	  See kolab/issue1671
+
+2008-09-06 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm:
+	  - changed if {}; if {}, etc into if {}; elsif {}, etc.
+	    Added a warning for incorrect keys in the META section
+	    of a template file.
+	  - Added support to define the comment character in the
+	    META part of a template file
+
+2008-09-01 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm: allow different spacing (multiple spaces or tabs)
+	  instead of only 1 space in the @@@if conditionals.
+
+2008-08-29 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm: added code to support the conditional:
+	  @@@if exists( /full/path/to/file )@@@ as proposed by Thomas in
+	  kolab/issue3006
+
+2008-08-27 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm: removed code specific for slapd.conf
+	  See kolab/issue3005
+
+2008-08-20 Richard Bos <richard at radoeka.nl>
+
+	* lib/Kolab/Conf.pm: added function bootstrapConfig to create config
+	  files needed during kolab bootstrapping, see kolab/issue1755
+
 2008-08-14  Richard Bos <richard at radoeka.nl>
 
-	* lib/Kolab.pm: add syncrepl support, see kolab/issue1755 
+	* lib/Kolab.pm: add syncrepl support, see kolab/issue1755
+
+2008-08-09 Richard Bos <richard at radoeka.nl>
+
+	* Kolab-Conf/Conf.pm.in: added syncrepl support (see kolab/issue1755)
 
 2008-07-17  Richard Bos <richard at radoeka.nl>
 
-	* lib/Kolab/LDAP/Backend/syncrepl.pm: add kolab/issue1755 
+	* lib/Kolab/LDAP/Backend/syncrepl.pm: add kolab/issue1755
 	* MANIFEST: added the file lib/Kolab/LDAP/Backend/syncrepl.pm
 	* lib/Kolab.pm: added supported backend types
 
@@ -66,6 +135,28 @@
 	* lib/Kolab/LDAP.pm: Fix synchronization of mailboxes with newer perl.
 	kolab/issue2411 (perl error in LDAP.pm)
 
+2008-01-07  Thomas Arendsen Hein <thomas at intevation.de>
+
+	* bin/kolabconf.in: Added missing newlines in kolabconf -h.
+
+2008-01-02  Marcus Hüwe   <suse-tux at gmx.de>
+
+	* Makefile.PL:
+
+	Fixed build for older versions of ExtUtils::MakeMaker.
+
+2008-01-01  Marcus Hüwe   <suse-tux at gmx.de>
+
+	* bin/kolabconf.in:
+
+	Removed superfluous print statement.
+
+2007-12-07  Gunnar Wrobel  <p at rdus.de>
+
+	* Makefile.PL (MY::postamble):
+
+	Fix the install location for kolabconf for the newest MakeMaker.
+
 2007-11-28  Gunnar Wrobel  <p at rdus.de>
 
 	* lib/Kolab/LDAP.pm (syncDomains, createObject):
@@ -85,8 +176,32 @@
 
 	* lib/Kolab.pm: kolab/issue934 (Remove FTP FreeBusy Service (proftpd))
 
+	* lib/Kolab/Conf.pm: kolab/issue934 (Remove FTP FreeBusy Service (proftpd))
+
+2007-09-06  Gunnar Wrobel  <p at rdus.de>
+
+	* Conf.pm:
+
+	Allowed config variable replacement within the META section of
+	the templates. This reduces our dependence on the dist_conf
+	mechanism and we can use variables from kolab.globals
+	instead. Now add on packages can install their own templates.
+
+	Whitespace cleanup.
+
+2007-08-07  Gunnar Wrobel  <p at rdus.de>
+
+	* Conf.pm:
+
+	Fixed kolab/issue1879 (kolabconf poor error message in buildCyrusConfig)
+	https://intevation.de/roundup/kolab/issue1879
+
 2007-08-01    Gunnar Wrobel  <p at rdus.de>
 
+	Created the kolabconf package by moving kolabconf and the
+	Conf.pm perl module into one package. The package is now a
+	clean perl package.
+
 	Converted the perl-kolab package into a standard perl library.
 
 2007-07-31    Gunnar Wrobel  <p at rdus.de>
@@ -136,12 +251,24 @@
 
 	* Makefile.am: added Makefile dependencies
 
+2007-01-06 Joergen Fjeld <jhf at linpro.no>
+
+	* Kolab-Conf/Conf.pm.in (build):
+
+	Patch applied by Martin Konold:
+
+	- fixes order of domains see also https://intevation.de/roundup/kolab/issue1550
+
 2006-12-04  Gunnar Wrobel  <wrobel at pardus.de>
 
 	* Kolab-Conf/Conf.pm.in (build): Only print "No configuration
 	variable corresponding to `$1' exists" in case we are NOT skipping
 	the section.
 
+	* Kolab-Conf/Conf.pm.in (build): Only print "No configuration
+	variable corresponding to `$1' exists" in case we are NOT skipping
+	the section.
+
 2006-03-20 Marcus Hüwe <suse-tux at gmx.de>
 	Patch commited by Richard Bos
 	* Kolab-Conf/Conf.pm.in: introduce a new variable phpinit_dir for the
@@ -157,6 +284,8 @@
 	  Added dist_conf file check.  If dist_conf file specified with
 	  --with-dist is not present fail configure.
 	* perl-kolab.spec.in: replaced --enable-dist with --with-dist
+	* Kolab-Conf/Conf.pm.in: introduce a new variable phpinit_dir for the
+	  directory that holds the php.ini file to be used.
 
 2006-01-14 Richard Bos <richard at radoeka.nl>
 	* Kolab/Kolab.pm.in: check for valid uid/gid values with perl define
@@ -248,4 +377,3 @@
 	  Kolab-LDAP-Backend-slurpd/Makefile.PL,
 	  Kolab-DirServ/Makefile.PL,
 	  Kolab-LDAP-Backend-dirservd/Makefile.PL: are removed
-	

Index: MANIFEST
===================================================================
RCS file: /kolabrepository/server/perl-kolab/MANIFEST,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- MANIFEST	17 Jul 2008 09:12:59 -0000	1.4
+++ MANIFEST	10 Oct 2008 14:22:03 -0000	1.5
@@ -1,7 +1,19 @@
 AUTHORS
 ChangeLog
 INSTALL
+bin/kolab_bootstrap.in
+bin/kolabcheckperm.in
+bin/kolabconf.in
+bin/kolabdcachetool.in
+bin/kolabd.in
+bin/kolabpasswd.in
+bin/kolabquotareport.in
+bin/kolabquotawarn.in
+bin/kolab_smtpdpolicy.in
+bin/kolab_upgrade.in
+data/quotawarning.txt
 lib/Kolab.pm
+lib/Kolab/Conf.pm
 lib/Kolab/Cyrus.pm
 lib/Kolab/LDAP.pm
 lib/Kolab/LDAP/Backend.pm

Index: Makefile.PL
===================================================================
RCS file: /kolabrepository/server/perl-kolab/Makefile.PL,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- Makefile.PL	13 Sep 2007 10:05:49 -0000	1.7
+++ Makefile.PL	10 Oct 2008 14:22:03 -0000	1.8
@@ -5,6 +5,38 @@
 use ExtUtils::MakeMaker;
 use Getopt::Long;
 
+my $HELP = 0;
+my $CONFIG = '/kolab/etc/kolab';
+my $INSTALLSCRIPT = '/kolab/bin';
+
+GetOptions(
+    "config=s" => \$CONFIG,
+    "bin=s" => \$INSTALLSCRIPT,
+    "help" => \$HELP
+    );
+
+if ($HELP) {
+  print <<'EOH';
+Usage: perl Makefile.PL [--config CONFIG_DIR] [--bin BIN_DIR] --help
+
+Option config
+
+  to specify the path to the kolab configuration directory. The
+  default is /kolab/etc/kolab/ but this may vary depending on your
+  installation.
+
+Option bin
+
+  to specify the path to the directory where scripts should be installed.
+
+Option help
+
+  to get this text.
+
+EOH
+exit 0;
+}
+
 # Add the dist_openpkg target to the dist target
 sub MY::dist {
     package MY;   # To help SUPER work right
@@ -37,7 +69,9 @@
 
 sub MY::postamble {
     
-    my $add = "
+    my $add = "bin/%: bin/%.in
+	cat \$< | sed -e 's#\@CONFIG_DIR@#$CONFIG#' > \$@
+
 ifeq \"x\$(RPM)\" \"x\"
   RPM = \$(HOME)/bin/openpkg rpm
 endif
@@ -86,10 +120,29 @@
 use lib "lib";
 require "Kolab.pm";
 
+# older versions of ExtUtils:MakeMaker don't support INSTALLVENDORSCRIPT
+my $installscript = "";
+if ($ExtUtils::MakeMaker::VERSION >= 6.42) {
+    $installscript = "INSTALLVENDORSCRIPT";
+} else {
+    $installscript = "INSTALLSCRIPT";
+}
+
 WriteMakefile(
     NAME              => 'perl-kolab',
     VERSION           => $Kolab::VERSION,
     INSTALLDIRS       => 'vendor',
+    EXE_FILES         => [ 'bin/kolab_smtpdpolicy',
+                           'bin/kolabquotareport',
+                           'bin/kolabcheckperm',
+                           'bin/kolabconf',
+                           'bin/kolabdcachetool',
+                           'bin/kolabd',
+                           'bin/kolab_bootstrap',
+                           'bin/kolabpasswd',
+                           'bin/kolabquotawarn',
+                           'bin/kolab_upgrade',],
+    $installscript    => $INSTALLSCRIPT,
     ABSTRACT          => 
 'perl-kolab provides a basic set of perl modules required for the
 Kolab Groupware server.',

Index: perl-kolab.spec
===================================================================
RCS file: /kolabrepository/server/perl-kolab/perl-kolab.spec,v
retrieving revision 1.102
retrieving revision 1.103
diff -u -d -r1.102 -r1.103
--- perl-kolab.spec	12 Oct 2007 16:30:35 -0000	1.102
+++ perl-kolab.spec	10 Oct 2008 14:22:03 -0000	1.103
@@ -72,8 +72,16 @@
 
 %install
     %{l_prefix}/bin/perl-openpkg prepare
-    %{l_prefix}/bin/perl-openpkg -d %{SOURCE0} configure build install
+    %{l_prefix}/bin/perl-openpkg -d %{SOURCE0}  -A "--config \"%{l_prefix}/etc/kolab\" --bin \"%{l_prefix}/bin\"" configure build install
     %{l_prefix}/bin/perl-openpkg -F perl-openpkg-files fixate cleanup
+    mkdir -p $RPM_BUILD_ROOT/%{l_prefix}/sbin
+    mv $RPM_BUILD_ROOT/%{l_prefix}/bin/kolabd $RPM_BUILD_ROOT/%{l_prefix}/sbin/kolabd
+    mv $RPM_BUILD_ROOT/%{l_prefix}/bin/kolabcheckperm $RPM_BUILD_ROOT/%{l_prefix}/sbin/kolabcheckperm
+    chmod 744 $RPM_BUILD_ROOT/%{l_prefix}/sbin/kolabd
+    chmod 744 $RPM_BUILD_ROOT/%{l_prefix}/sbin/kolabcheckperm
+    mkdir -p $RPM_BUILD_ROOT/%{l_prefix}/etc/kolab
+    cp $RPM_BUILD_DIR/%{V_package}-%{V_version}/%{V_package}-%{V_source_tag}/data/quotawarning.txt $RPM_BUILD_ROOT/%{l_prefix}/etc/kolab
+    sed -i -e 's#/bin/kolabd#/sbin/kolabd#' -e 's#/bin/kolabcheckperm#/sbin/kolabcheckperm#' perl-openpkg-files
     %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT %{l_files_std} `cat perl-openpkg-files`
 
 %files -f files



From cvs at kolab.org  Fri Oct 10 16:22:07 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:22:07 +0200 (CEST)
Subject: gunnar: server/perl-kolab/bin kolab_bootstrap.in, NONE,
	1.1 kolabcheckperm.in, NONE, 1.1 kolabconf.in, NONE,
	1.1 kolabdcachetool.in, NONE, 1.1 kolabd.in, NONE,
	1.1 kolabpasswd.in, NONE, 1.1 kolabquotareport.in, NONE,
	1.1 kolabquotawarn.in, NONE, 1.1 kolab_smtpdpolicy.in, NONE,
	1.1 kolab_upgrade.in, NONE, 1.1 
Message-ID: <20081010142207.323F0600BAF@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/bin
In directory doto:/tmp/cvs-serv20319/bin

Added Files:
	kolab_bootstrap.in kolabcheckperm.in kolabconf.in 
	kolabdcachetool.in kolabd.in kolabpasswd.in 
	kolabquotareport.in kolabquotawarn.in kolab_smtpdpolicy.in 
	kolab_upgrade.in 
Log Message:
Merge all perl tools into the perl-kolab package.

--- NEW FILE: kolab_bootstrap.in ---
#!perl

# (c) 2004-2005 Steffen Hansen <steffen at klaralvdalens-datakonsult.se>
# (c) 2003,2004 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
# (c) 2003-2005 Martin Konold <martin.konold at erfrakon.de>
# (c) 2003 Achim Frank <achim.frank at erfrakon.de>
#
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.

# kolab_bootstrap Version 0.93

use strict;
use vars qw($opt_b $opt_f);

use URI;
use Socket;
use IO::File;
use IO::Select;
use Kolab;
use Kolab::Conf;
use Net::Domain qw(hostfqdn);
use Net::LDAP;
use Net::LDAP::Entry;
use Net::Netmask;
use File::Copy;
use Getopt::Std;
use Term::ReadKey;
use Time::Local;
use Time::localtime;

# Reload only kolab.globals into our configuration.
Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals", 1);

my $kolab_config = ""@CONFIG_DIR@/kolab.conf";
my %kolab_config;

##### Utility Functions

# Shell double-quote a string
# Borrored from Sysadm::Install
sub qquote {
  my($str, $metas) = @_;
  $str =~ s/([\\"])/\\$1/g;
  if(defined $metas) {
    $metas = '$`' if $metas eq ":shell";
    $metas =~ s/\]/\\]/g;
    $str =~ s/([$metas])/\\$1/g;
  }
  return "\"$str\"";
}

# Connect to host,port and return 1 on success
sub tryConnect {
  my $host  = shift;
  my $port    = shift;
  if ($port =~ /\D/) { $port = getservbyname($port, 'tcp') }
  die "No port" unless $port;
  my $iaddr   = inet_aton($host)               || die "no host: $host";
  my $paddr   = sockaddr_in($port, $iaddr);
  my $proto   = getprotobyname('tcp');
  socket(SOCK, PF_INET, SOCK_STREAM, $proto)  || die "socket: $!";
  my $retval = connect(SOCK, $paddr) || 0;
  close( SOCK );
  return $retval;
}

# Check for running service
sub checkPort {
  my $name = shift; # Name of the service e.g. webserver
  my $port = shift; # tcp Port of the named service
  print ("Check for running $name on port $port\n");
  if (tryConnect("localhost",$port) == 1) {
    print ("Error: Found $name running on Port $port\n");
    print ("Check your installation!\n");
    print ("You must stop the service $name before running Kolab\n");
    print ("You may try to execute \"$Kolab::config{'KOLABRC'} rc all stop\" initially\n");
    exit 1;
  }
}

# Hash a password
sub hashPassword {
  my $pw = shift;
  my $hashcmd = "$Kolab::config{'hashmethod'} ".qquote($pw,":shell");
  (my $hashpw = `$hashcmd`) or die $@;
  chomp($hashpw);
  return $hashpw;
}

# Ask the user a question
sub getUserInput {
  my $text = shift;
  my $default = shift;
  my @values = @_;

  if( $default ) {
        $text = "$text [$default]";
  }
  if( @values ) {
        $text = "$text (".join('/', @values)."): ";
  } else {
        $text = "$text: ";
  }
AGAIN:
  print $text;
  my $tmp = ReadLine;
  chomp $tmp;
  if( $default && $tmp eq '' ) { $tmp = $default; }
  if( @values ) {
    foreach( @values ) { return $tmp if( $tmp eq $_ ); }
    goto AGAIN;
  }
  return $tmp;
}

# Like system() but echo the line before executing
sub kolab_system {
  my $arg = shift;
  print "$arg\n";
  system( $arg ) == 0
    or die "system $arg failed: $?";
};

# Usable chown
sub kolab_chown {
    my $u = shift;
    my $g = shift;
    my $uid = getpwnam($u);
    my $gid = getgrnam($g);
    while( my $file = shift ) {
	chown $uid,$gid,$file;
    }
}

# Fetch entry from ldap server or create new entry of none exist
sub newOrExistingLDAPEntry {
  my $ldap = shift;
  my $dn = shift;

  my $mesg = $ldap->search( base => $dn, scope => 'exact', filter => '(objectClass=*)' );
  if( $mesg && $mesg->count() > 0 ) {
    return $mesg->entry(0);
  } else {
    return Net::LDAP::Entry->new;
  }
}

sub newkolabgroupofnames {
  my $ldap = shift;
  my $basedn = shift;
  my $cn = shift;

  if( scalar(@_) < 1 ) {
    warn "kolabgroupofnames must contain at least one member";
  }

  my $ldapobject = newOrExistingLDAPEntry($ldap,"cn=$cn,$basedn");
  $ldapobject->replace('cn' => $cn, 'objectclass' => ['top','kolabgroupofnames'],
		       'member' => @_);
  $ldapobject->dn("cn=$cn,$basedn");
  my $mesg = $ldapobject->update($ldap);
  $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
  return $ldapobject;
}

print "\nKOLAB BOOTSTRAP\n\n";

# Check for already running services preventing proper operation of kolab_bootstrap and Kolab
checkPort("http webserver", 80);
checkPort("https webserver", 443);
checkPort("imap server", 143);
checkPort("imaps server", 993);
checkPort("pop3 server", 110);
checkPort("pop3s server", 995);
checkPort("smtp server", 25);
checkPort("smtps server", 465);
checkPort("amavis server", 10024);
checkPort("postfix reinjection from kolabfilter", 10025);
checkPort("postfix reinjection from amavis", 10026);
checkPort("kolab daemon", 9999);
checkPort("ldap server", 389);
checkPort("ldaps server", 636);
checkPort("sieve server", 2000);
checkPort("lmtp server", 2003);

print ("Excellent all required Ports are available!\n");

system("$Kolab::config{'sbindir'}/slapcat >/dev/null 2>&1");
if ($?==0) {
  print ("\nFound existing configuration\n");
  print "\nBootstrapping Kolab will overwrite old configuration\n";
  my $tmp = getUserInput( "\nContinue", "n", "y", "n" );
  if( (lc $tmp eq 'n') || ($tmp eq '')  ) {
    print "Bootstrapping aborted - not creating new configuration\n";
    exit 0;
  }
  print "Creating backup of old configuration (LDAP, kolab.conf and certificates)\n";

  my $backupfiles = "$Kolab::config{'backupfiles'}";
  if ($backupfiles ne "" && ! -s "$Kolab::config{'backupdir'}/kolab_backup-orig.tar.bz2") {
    # Do an one time backup.  This is to backup the original configuration
    # files that were configured by user.  The one time back is marked with
    # orig.
    system("tar cjPf $Kolab::config{'backupdir'}/kolab_backup-orig.tar.bz2 $backupfiles");
    print "The orginal configuration files have been backed up to:\n";
    print "  $Kolab::config{'backupdir'}/kolab_backup-orig.tar.bz2\n"
  }
  my $epochseconds = timelocal(gmtime);
  my $backupdir="$Kolab::config{'backupdir'}/backup".$epochseconds;
  mkdir($backupdir,0700) || die "cannot mkdir : $!";

  print "creating backup of LDAP repository\n";
  system("cp -pRP \"$Kolab::config{'ldapserver_dir'}\" \"$backupdir/openldap-data\"");

  print "creating backup of CA data\n";
  if (-d "@CONFIG_DIR@/ca") {
    system("mv \"@CONFIG_DIR@/ca\" $backupdir");
  }

  system("cd \"@CONFIG_DIR@\"; mv *.pem $backupdir");

  if (-f $kolab_config) {
    system("mv \"$kolab_config\" $backupdir");
  }

  print "Cleaning up LDAP\n";
  system("cd \"$Kolab::config{'ldapserver_dir'}\"; rm -f *");

} else {
  print "LDAP repository is empty - assuming fresh install\n";
}


# fetch fresh template
copy("@CONFIG_DIR@/templates/kolab.conf.template", $kolab_config);

%kolab_config = Kolab::readConfig(\%kolab_config, $kolab_config);

my $fqdnhostname = $kolab_config{'fqdnhostname'} || die "could not read fqdnhostname from $kolab_config";
my $is_master = $kolab_config{'is_master'} || "true";
my $bind_dn = $kolab_config{'bind_dn'} || die "could not read bind_dn from $kolab_config";
my $bind_pw = $kolab_config{'bind_pw'} || die "could not read bind_pw from $kolab_config";
my $bind_pw_hash = $kolab_config{'bind_pw_hash'} || hashPassword( $bind_pw );
my $ldap_uri = $kolab_config{'ldap_uri'} || die "could not read ldap_uri from $kolab_config";
my $base_dn = $kolab_config{'base_dn'} || die "could not read base_dn from $kolab_config";
my $php_dn = $kolab_config{'php_dn'} || die "could not read php_dn from $kolab_config";
my $php_pw = $kolab_config{'php_pw'} || die "could not read php_pw from $kolab_config";
my $calendar_id = $kolab_config{'calendar_id'};
my $calendar_pw = $kolab_config{'calendar_pw'};
my $slurpd_addr = $kolab_config{'slurpd_addr'} || die "could not read slurpd_addr from $kolab_config";
my $slurpd_port = $kolab_config{'slurpd_port'} || die "could not read slurpd_port from $kolab_config";
my @kolabhosts;
my $domain;

if (!$bind_dn || !$bind_pw || !$ldap_uri || !$base_dn) {
   print "Please check $kolab_config (seems to be incomplete)\n";
   die "and run kolab_bootstrap afterwards, manually";
}
my $fqdn;
if( $fqdnhostname =~ /\@\@\@/ ) {
  $fqdn = hostfqdn();
} else {
  $fqdn = $fqdnhostname;
}
chomp($fqdn);

$fqdn = getUserInput("Please enter Hostname including Domain Name (e.g. thishost.domain.tld)", $fqdn);
print "Proceeding with Hostname $fqdn\n";

my $tmp;
if( $is_master eq "false" ) {
  $tmp = "2";
} else {
  $tmp = "1";
}

my $tmp2 = getUserInput( "Do you want to set up (1) a master Kolab server or (2) a slave",
			 $tmp, "1", "2");
if ( $tmp2 eq "2" ) {
  $is_master = "false";
  print "Proceeding with slave server setup\n\n";
} else {
  $is_master = "true";
  print "Proceeding with master server setup\n\n";
}

if ( $is_master eq "true" ) {
  ##### Master server setup
  getopt('f');

  (my $dummy, $domain) = split(/\./, $fqdn, 2);
  if ($domain !~ /\./) {
    $domain = $fqdn;
  }

  $domain = getUserInput("Please enter your Maildomain - if you do not know your mail domain use the fqdn from above", $domain);
  print "proceeding with Maildomain $domain\n";
  print "Kolab primary email addresses will be of the type user\@$domain \n";
  

  if ( $opt_f || $base_dn =~ /\@\@\@/ || $bind_dn =~ /\@\@\@/ || $bind_pw =~ /\@\@\@/ ) {
    print "Generating default configuration:\n";
    if ($base_dn =~ /\@\@\@/) {
      $base_dn = "";
      foreach my $dc ((split(/\./,$domain))) {
        $base_dn .= "dc=$dc,";
      }
      chop $base_dn;
      $base_dn = getUserInput("Top level DN for Kolab", $base_dn);
      print " base_dn : $base_dn\n";
    }
    if ($bind_dn =~ /\@\@\@/) {
      $bind_dn =~ s/\@\@\@kolab_basedn\@\@\@/$base_dn/g;
      print " bind_dn : $bind_dn\n";
    }
    if ($bind_pw =~ /\@\@\@/) {
      $bind_pw = `$Kolab::config{'bindir'}/openssl rand -base64 12`;
      chomp $bind_pw;
      $bind_pw = getUserInput("Please choose a manager password", $bind_pw);
      print " bind_pw : $bind_pw\n";
      $bind_pw_hash = hashPassword($bind_pw);
    }

    # Generate passwords
    if ($php_dn =~ /\@\@\@/) {
      $php_dn =~ s/\@\@\@kolab_basedn\@\@\@/$base_dn/g;
    }
    if ($php_pw =~ /\@\@\@/) {
      $php_pw = `$Kolab::config{'bindir'}/openssl rand -base64 30`;
      chomp $php_pw;
    }

    if ($calendar_pw =~ /\@\@\@/) {
      $calendar_pw = `$Kolab::config{'bindir'}/openssl rand -base64 30`;
      chomp $calendar_pw;
    }

    my $fd = IO::File->new($kolab_config, "w+") || die "could not open $kolab_config";
    print $fd "fqdnhostname : $fqdn\n";
    print $fd "is_master : $is_master\n";
    print $fd "base_dn : $base_dn\n";
    print $fd "bind_dn : $bind_dn\n";
    print $fd "bind_pw : $bind_pw\n";
    print $fd "bind_pw_hash : $bind_pw_hash\n";
    print $fd "ldap_uri : $ldap_uri\n";
    print $fd "ldap_master_uri : $ldap_uri\n";
    print $fd "php_dn : $php_dn\n";
    print $fd "php_pw : $php_pw\n";
    print $fd "calendar_id : $calendar_id\n";
    print $fd "calendar_pw : $calendar_pw\n";
    print $fd "slurpd_addr : $slurpd_addr\n";
    print $fd "slurpd_port : $slurpd_port\n";
    undef $fd;
    print "done modifying $kolab_config\n\n";
    chmod 0600, $kolab_config;
    kolab_chown "$Kolab::config{'kolab_musr'}","$Kolab::config{'kolab_mgrp'}", $kolab_config;
    print "IMPORTANT NOTE:\n";
    print "use login=manager and passwd=$bind_pw when you log into the webinterface!\n\n";
  }

  # Set up slapd to replicate to slave server's kolabds
  @kolabhosts = ( $fqdn );
  while(1) {
    my $tmp = getUserInput("Enter fully qualified hostname of slave kolab server e.g. thishost.domain.tld [empty when done]");
    if( $tmp ) {
      push @kolabhosts, $tmp;
      #$cfg .= "replica host=$tmp\n";
      #$cfg .= "  binddn=\"cn=replicator\"\n";
      #$cfg .= "  bindmethod=simple credentials=secret\n\n";
    } else {
      last;
    }
  };

  my $confname = "$Kolab::config{'sasl_smtpconffile'}";
  copy("@CONFIG_DIR@/templates/smtpd.conf.template", $confname) || die "could not write to $confname";

  getopts('b');

  if ($opt_b) {
    print "prepare LDAP database...\n";
    if ($ldap_uri =~ /127\.0\.0\.1/ || $ldap_uri =~ /localhost/) {
      # Make sure that no rogue daemons are running
      tryConnect( '127.0.0.1', 389 ) && die "A process is already listening to port 389 (ldap)\n"
        ."Please stop any running ldap server and bootstrap again\n";
      tryConnect( '127.0.0.1', 9999 ) && die "A process is already listening to port 9999 (kolabd)\n"
        ."Please stop any running kolabd and bootstrap again\n";
      if( `ps -elf|grep 's[l]urpd'` ) {
        print "Error: Detected running slurpd processes.\n";
        print "Please make sure the OpenLDAP server is stopped properly!\n";
        exit 1;
      }

      $Kolab::config{'directory_replication_mode_is_syncrepl'} = 'true' if ($Kolab::config{'directory_mode'} eq 'syncrepl');
      $Kolab::config{"base_dn"} = $base_dn;
      $Kolab::config{"bind_dn"} = $bind_dn;
      $Kolab::config{"bind_pw_hash"} = $bind_pw;
      $Kolab::config{"slurpd_addr"} = $slurpd_addr;
      $Kolab::config{"slurpd_port"} = $slurpd_port;

      # During boot some settings like TLS certificates are not defined yet and
      # hence can't be used, these definitons are skipped when
      # bootstrap_config = true
      $Kolab::config{"bootstrap_config"} = 'true';
      Kolab::Conf::bootstrapConfig();
      $Kolab::config{"bootstrap_config"} = 'false';

      # now we must startup slapd
      print "temporarily starting slapd\n";
      $ldap_uri = "ldap://127.0.0.1:389/";
      # ensure that the database has correct permissions
      system("chown $Kolab::config{'ldapserver_rusr'}:$Kolab::config{'ldapserver_grp'} $Kolab::config{'ldapserver_dir'}/*");
      (system("$Kolab::config{'libexecdir'}/openldap/slapd -h ldap://127.0.0.1:389/ -f $Kolab::config{'ldapserver_confdir'}/slapd.conf -u $Kolab::config{'ldapserver_rusr'} -g $Kolab::config{'ldapserver_grp'}") == 0 ) || die( "Could not start temporary slapd: $!" );
      print ("Waiting for OpenLDAP to start\n");
      sleep 10;

    }

    my $ldapuri = URI->new($ldap_uri) || die "error: could not parse given uri";
    my $ldap = Net::LDAP->new($ldap_uri, verify => 'none' ) || die "could not connect ldap server $ldap_uri";
    if ($ldap) {
      $ldap->bind($bind_dn, password=> $bind_pw) || die "could not bind to ldap server $ldap_uri";
      my $mesg = $ldap->search(base=> "$base_dn", scope=> 'exact', filter=> "(objectclass=*)");
      if ($mesg && $mesg->count != 1) {
        print "no $base_dn object found, creating one\n";
        $base_dn =~ m/([^=]+)=([^,]+)/;
	my @attrs = ( $1 => $2, 'objectclass'=> ['top', 'domain'] );
	@attrs = ( @attrs, 'dc' => (split(/,/,$domain))[0] ) if( $1 ne 'dc' );
        $mesg = $ldap->add( $base_dn, attr=> \@attrs);
      }
      $mesg && $mesg->code && warn "failed to write basedn entry : ", $mesg->error;
      my $ldapobject = newOrExistingLDAPEntry( $ldap, "k=kolab,$base_dn" );

      # create kolab config object
      my $mynetworkinterfaces = "127.0.0.0/8";
      print "mynetworkinterfaces: ".$mynetworkinterfaces."\n";

      $ldapobject->replace(
        'k' => 'kolab',
        'kolabhost' => \@kolabhosts,
        'postfix-mydomain' => $domain,
        #'postfix-relaydomains' => "",
        'postfix-mydestination' => "$domain",
        'postfix-mynetworks' => $mynetworkinterfaces,
        #'postfix-relayhost' => "",
        #'postfix-transport' => "",
        'postfix-enable-virus-scan' => "TRUE",
        'cyrus-autocreatequota' => 100000,
        'cyrus-quotawarn' => 80,
        'cyrus-admins' => "manager",
        'cyrus-imap' => "TRUE",
        'cyrus-pop3' => "FALSE",
        'cyrus-imaps' => "TRUE",
        'cyrus-pop3s' => "TRUE",
        'cyrus-sieve' => "TRUE",
        'apache-http' => "FALSE",
        'apache-allow-unauthenticated-fb' => "FALSE",
        'uid' => "freebusy",
        'userPassword' => "freebusy",
        'objectclass' => ['top', 'kolab' ] );
      # Get rid of fqdnhostname, it will cause pain and suffering...
      #$ldapobject->delete( 'fqdnhostname' );
      $ldapobject->dn("k=kolab,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create internal user topnode
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=internal,$base_dn" );
      $ldapobject->replace('cn' => 'internal', 'objectclass' => ['top','kolabnamedobject']);
      $ldapobject->dn("cn=internal,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create domain groups topnode
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=domains,cn=internal,$base_dn" );
      $ldapobject->replace('cn' => 'domains', 'objectclass' => ['top','kolabnamedobject']);
      $ldapobject->dn("cn=domains,cn=internal,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create external user topnode
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=external,$base_dn" );
      $ldapobject->replace('cn' => 'external', 'objectclass' => ['top','kolabnamedobject']);
      $ldapobject->dn("cn=external,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create groups user topnode
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=groups,$base_dn" );
      $ldapobject->replace('cn' => 'groups', 'objectclass' => ['top','kolabnamedobject']);
      $ldapobject->dn("cn=groups,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create resources user topnode
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=resources,$base_dn" );
      $ldapobject->replace('cn' => 'resources', 'objectclass' => ['top','kolabnamedobject']);
      $ldapobject->dn("cn=resources,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create admin group
      newkolabgroupofnames( $ldap, "cn=internal,$base_dn", 'admin', $bind_dn );

      # create manager user
      $ldapobject = newOrExistingLDAPEntry( $ldap, $bind_dn );
      $ldapobject->replace('cn' => 'manager', 'sn' => 'n/a', 'uid' => 'manager',
                           'userPassword' => $bind_pw_hash, 'objectclass' => ['top','inetorgperson','kolabinetorgperson']);
      $ldapobject->dn($bind_dn);
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create php read-only user
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=nobody,cn=internal,$base_dn" );
      $ldapobject->replace('cn' => 'nobody', 'sn' => 'n/a n/a', 'uid' => 'nobody',
                           'userPassword' => hashPassword($php_pw), 
			   'objectclass' => ['top','inetorgperson','kolabinetorgperson']);
      $ldapobject->dn("cn=nobody,cn=internal,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create calendar user
      $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=$calendar_id@" . $domain . ",cn=internal,$base_dn" );
      $ldapobject->replace('cn' => $calendar_id . '@' . $domain, 'sn' => 'n/a n/a', 'uid' => $calendar_id . '@' . $domain,
                           'userPassword' => hashPassword($calendar_pw), 
			   'objectclass' => ['top','inetorgperson','kolabinetorgperson']);
      $ldapobject->dn("cn=$calendar_id@" . $domain . ",cn=internal,$base_dn");
      $mesg = $ldapobject->update($ldap);
      $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
      undef $ldapobject;

      # create mainainter group
      newkolabgroupofnames( $ldap, "cn=internal,$base_dn", 'maintainer', $bind_dn );

      # create domain-mainainter group
      newkolabgroupofnames( $ldap, "cn=internal,$base_dn", 'domain-maintainer', $bind_dn );

      $ldap->unbind;
   }

   print "LDAP setup finished\n\n";

   print "Create initial config files for postfix, apache, cyrus imap, saslauthd\n";

   if ("$Kolab::config{'WITHOPENPKG'}" eq "yes") {
     # $Kolab::config{'sysconfdir'}/rc.conf can be used to change the startup behaviour
     # of programs, that have been installed with openpkg. On non openpkg
     # this could be done with e.g. /etc/sysconfig/ldap.
     my $cfg;
     open(FH, "<$Kolab::config{'sysconfdir'}/rc.conf") || die;
     $cfg .= $_ while (<FH>);
     close(FH);

     $cfg =~ s/\n((openldap_url|sasl_authmech)\S*=[^\n]*)/#$1\n/sg;
     $cfg .= "openldap_url=\"ldap:// ldaps://\"\nsasl_authmech=\"ldap\"\n";

     open(FH, ">$Kolab::config{'sysconfdir'}/rc.conf") || die;
     print FH $cfg;
     close(FH);
     undef $cfg;
   }

   #print " running @CONFIG_DIR@/kolab -v -o -l$ldap_uri\n";
   print "running $Kolab::config{'sbindir'}/kolabconf -n\n";

   #system("@CONFIG_DIR@/kolab -v -o -l$ldap_uri");
   system("$Kolab::config{'sbindir'}/kolabconf -n");

   if ($ldap_uri =~ /127\.0\.0\.1/ || $ldap_uri =~ /localhost/) {
      print "\nkill temporary slapd\n\n";
      system("$Kolab::config{'KOLABRC'} rc $Kolab::config{'LDAPD'} stop");
      sleep 1; # actually race should be impossible
      system("killall -9 slapd >/dev/null 2>&1");
   }
  }

  print <<'EOS';
Kolab can create and manage a certificate authority that can be
used to create SSL certificates for use within the Kolab environment.
You can choose to skip this section if you already have certificates
for the Kolab server.
EOS

  my $tmp = getUserInput( "Do you want to create CA and certificates", "y", "y", "n");
  if( lc $tmp eq 'n' ) {
    print <<'EOS';
Skipping certificate creation. Please copy your certificate to
@CONFIG_DIR@/cert.pem and private key to
@CONFIG_DIR@/key.pem when the bootstrap script is finished.

EOS
  } else {
    print <<'EOS';
Now we need to create a cerificate authority (CA) for Kolab and a server
certificate. You will be prompted for a passphrase for the CA.
################################################################################
EOS
    kolab_system("$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -newca $fqdn");
    kolab_system("$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -newkey $fqdn @CONFIG_DIR@/key.pem");
    kolab_system("$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -newreq $fqdn @CONFIG_DIR@/key.pem @CONFIG_DIR@/newreq.pem ");
    kolab_system("$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -sign @CONFIG_DIR@/newreq.pem @CONFIG_DIR@/cert.pem");
    kolab_system("chgrp $Kolab::config{'pki_grp'} @CONFIG_DIR@/key.pem;");
    kolab_system("chmod 0640 @CONFIG_DIR@/key.pem;");
    kolab_system("chgrp $Kolab::config{'pki_grp'} @CONFIG_DIR@/cert.pem;");
    kolab_system("chmod 0640 @CONFIG_DIR@/cert.pem;");
    print <<'EOS';
################################################################################
CA and certificate creation complete.

You can install @CONFIG_DIR@/ca/cacert.pem on your clients to allow them
to verify the validity of your server certificates.

EOS
  }
} else {
  ##### Slave server setup

  print "stop running slapd (if any)\n";
  kolab_system("$Kolab::config{'KOLABRC'} rc $Kolab::config{'LDAPD'} stop");

  # Make sure that no rogue demons are running
  tryConnect( '127.0.0.1', 389 ) && die "A process is already listening to port 389 (ldap)\n"
    ."Please stop any running ldap server and bootstrap again\n";
  tryConnect( '127.0.0.1', 9999 ) && die "A process is already listening to port 9999 (kolabd)\n"
    ."Please stop any running kolabd and bootstrap again\n";
  # 051210: the check below used to be: if( `ps -elf|grep slurpd|grep -v grep` ) \rbos
  if( `ps -elf|grep s[l]urpd` ) {
    print "WARNING: Detected running slurpd processes.\n";
    print " Please make sure the OpenLDAP server is stopped properly!\n";
  }

  # For now we just connect to the remote slapd
 SLAVESTART:
  print "Now some information about the master LDAP server is required:\n\n";
  do { 
      $ldap_uri = getUserInput("URI of master LDAP server (for example ldaps://host.example.com)", 
			       "");
  } until $ldap_uri;
  my $ldapuri = URI->new($ldap_uri) || warn "error: could not parse given uri";
  if( $ldapuri ) {
    $base_dn = join( ',', map { "dc=$_" } split /\./, $ldapuri->host() ); #\./
  }
  $base_dn = getUserInput("Base DN of server", $base_dn);
  print "proceeding with base DN $base_dn\n";

  $bind_dn = "cn=manager,cn=internal,$base_dn";
  $bind_pw = getUserInput("Manager password");
  $bind_pw_hash = hashPassword($bind_pw);

  my $confname = "$Kolab::config{'sasl_smtpconffile'}";
  copy("@CONFIG_DIR@/templates/smtpd.conf.template", $confname) || die "could not write to $confname";

  print "Checking server info...\n";
  my $ldap = Net::LDAP->new($ldap_uri, verify => 'none', onerror => 'undef' );
  if (!defined($ldap)) {
    print "Could not connect to ldap server at $ldap_uri, please check your input\n";
    goto SLAVESTART;
  }
  $ldap->bind($bind_dn, password=> $bind_pw) || warn "could not bind to ldap";
  my $mesg = $ldap->search(base=> "$base_dn", scope=> 'exact', filter=> "(objectclass=*)");
  if ($mesg && $mesg->count != 1) {
    print "No $base_dn object found, please check your input\n";
    goto SLAVESTART;
  }
  $php_dn = "cn=nobody,cn=internal,$base_dn";
  $mesg = $ldap->search(base=> $php_dn, scope=> 'exact', filter=> "(objectclass=*)");
  if ($mesg && $mesg->count != 1) {
    print "Nobody object not found, please check your input\n";
    goto SLAVESTART;
  }
  #my $entry = $mesg->entry(0);
  #$php_pw = $entry->get_value( 'userPassword' );

  my $calendar_dn = "cn=$calendar_id@" . $domain . ",cn=internal,$base_dn";
  $mesg = $ldap->search(base=> $php_dn, scope=> 'exact', filter=> "(objectclass=*)");
  if ($mesg && $mesg->count != 1) {
    print "Calendar object not found, please check your input\n";
    goto SLAVESTART;
  }
  #$entry = $mesg->entry(0);
  #$calendar_pw = $entry->get_value( 'userPassword' );

  $mesg = $ldap->search(base=> "k=kolab,$base_dn", scope=> 'exact',
			filter=> "(objectClass=*)");
  if ($mesg && $mesg->count != 1) {
    print "No Kolab object found, please check your input\n";
    goto SLAVESTART;
  }
  my $kolabhosts = $mesg->entry(0)->get_value( 'kolabhost', asref => 1 );
  foreach(@$kolabhosts) {
    if( lc($_) eq lc($fqdn) ) {
	goto SLAVEOK;
    }
  }
  print "$fqdn is not listed on the master, please correct that and try again\n";
  goto SLAVESTART;
 SLAVEOK:

  my $master_host = $ldapuri->host();

  print "Reading nobody and calendar passwords from master, please type in master servers's root-password when asked\n";
  open( CONF, "ssh -C $master_host 'cat @CONFIG_DIR@/kolab.conf'|");
  my $conf;
  $conf .= $_ while(<CONF>);
  close(CONF);
  $conf =~ /php_pw : (.*)/;
  $php_pw = $1;
  $conf =~ /calendar_pw : (.*)/;
  $calendar_pw = $1;

  (print "Error reading nobody password" && goto SLAVESTART) unless( $php_pw );
  (print "Error reading calendar password" && goto SLAVESTART) unless( $calendar_pw );

  my $fd = IO::File->new($kolab_config, "w+") || die "could not open $kolab_config";
  print $fd "fqdnhostname : $fqdn\n";
  print $fd "is_master : $is_master\n";
  print $fd "base_dn : $base_dn\n";
  print $fd "bind_dn : $bind_dn\n";
  print $fd "bind_pw : $bind_pw\n";
  print $fd "bind_pw_hash : $bind_pw_hash\n";
  print $fd "ldap_uri : $ldap_uri\n";
  print $fd "ldap_master_uri : $ldap_uri\n";
  print $fd "php_dn : $php_dn\n";
  print $fd "php_pw : $php_pw\n";
  print $fd "calendar_id : $calendar_id\n";
  print $fd "calendar_pw : $calendar_pw\n";
  print $fd "slurpd_addr : $slurpd_addr\n";
  print $fd "slurpd_port : $slurpd_port\n";
  undef $fd;
  print "done modifying $kolab_config\n\n";
  chmod 0600, $kolab_config;
  kolab_chown "$Kolab::config{'kolab_musr'}","$Kolab::config{'kolab_mgrp'}",$kolab_config;

  if ($kolab_config{'directory_mode'} ne "syncrepl" ) {
    print << 'EOS';
Now the master server needs to be stopped briefly while the contents of the LDAP database
is copied over to this slave. Please make sure that this slave is entered into the list 
of kolabhosts on the master before proceeding.
EOS
    kolab_system("ssh -CA $master_host $Kolab::config{'KOLABRC'} rc $Kolab::config{'LDAPD'} stop");
    kolab_system("ssh -CA $master_host $Kolab::config{'TAR'} -C $Kolab::config{'ldapserver_statedir'} -pcf - openldap-data | $Kolab::config{'TAR'} -C $Kolab::config{'ldapserver_statedir'} -pxf -");
    kolab_system("ssh -CA $master_host $Kolab::config{'KOLABRC'} rc $Kolab::config{'LDAPD'} start");
  }

  # FIXME: we should get rid of this construct because it makes the code hard to read.
  #        A if (-e @sysconfdir@/rc.conf) statement should be enough.
  if ("$Kolab::config{'WITHOPENPKG'}" eq "yes") {
    print "Updating configuration, please ignore any initial errors from kolabconf\n\n";
    my $cfg;
    open(FH, "<$Kolab::config{'sysconfdir'}/rc.conf") || die;
    $cfg .= $_ while (<FH>);
    close(FH);
    
    $cfg =~ s/\n((openldap_url|sasl_authmech|openldap_enable)\S*=[^\n]*)/#$1\n/sg;
    # $cfg .= "openldap_enable=\"no\"\nopenldap_url=\"\"\nsasl_authmech=\"ldap\"\n";
    $cfg .= "\nopenldap_url=\"ldap:// ldaps://\"\nsasl_authmech=\"ldap\"\n";
    
    open(FH, ">$Kolab::config{'sysconfdir'}/rc.conf") || die;
    print FH $cfg;
    close(FH);
    undef $cfg;
  }
  
  print <<'EOS';
If you chose to create a CA on the master server, you will now need to create
a certificate request and copy it to the master to get it signed. If you already
have a certificate for this server, you can choose to skip this section.
EOS
  my $tmp = getUserInput( "Do you want to create a certificate request and sign it", 
			  "y", "y", "n");
  if( lc $tmp eq 'n' ) {
    print <<'EOS';
Skipping certificate creation. Please copy your certificate to
@CONFIG_DIR@/cert.pem and private key to
@CONFIG_DIR@/key.pem when the bootstrap script is finished.

EOS
  } else {
    
    print <<'EOS';
Now we need to create a cerificate request for this slave
and then ssh to the master server to have the request signed.
You will be asked multiple times for the root password of the
master server and the passphrase for the CA key on the master.
################################################################################
EOS

    # Create cert req
    kolab_system("$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -newkey $fqdn @CONFIG_DIR@/key.pem");
    kolab_system("$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -newreq $fqdn @CONFIG_DIR@/key.pem @CONFIG_DIR@/newreq.pem ");
    # Log into master and sign cert request
    kolab_system("scp @CONFIG_DIR@/newreq.pem $master_host:@CONFIG_DIR@/$fqdn-req.pem");
    kolab_system("ssh -CA $master_host \"$Kolab::config{'kolab_scriptsdir'}/kolab_ca.sh -sign @CONFIG_DIR@/$fqdn-req.pem @CONFIG_DIR@/$fqdn.pem;\"");
    kolab_system("scp $master_host:@CONFIG_DIR@/$fqdn.pem @CONFIG_DIR@/cert.pem");
    kolab_system("ssh -CA $master_host \"rm @CONFIG_DIR@/$fqdn.pem @CONFIG_DIR@/$fqdn-req.pem\"");
    die("Creation of @CONFIG_DIR@/cert.pem failed") unless -f "@CONFIG_DIR@/cert.pem";
    kolab_system("chgrp @ldapserver_rgrp@ @CONFIG_DIR@/key.pem;");
    kolab_system("chmod 0640 @CONFIG_DIR@/key.pem;");
    kolab_system("chgrp @ldapserver_rgrp@ @CONFIG_DIR@/cert.pem;");
    kolab_system("chmod 0640 @CONFIG_DIR@/cert.pem;");
    
    print <<'EOS';
################################################################################
Certificate creation done!

EOS
  }

  kolab_system("$Kolab::config{'sbindir'}/kolabconf -n");

  $fd = IO::File->new($kolab_config, "w+") || die "could not open $kolab_config";
  print $fd "fqdnhostname : $fqdn\n";
  print $fd "is_master : $is_master\n";
  print $fd "base_dn : $base_dn\n";
  print $fd "bind_dn : $bind_dn\n";
  print $fd "bind_pw : $bind_pw\n";
  print $fd "ldap_uri : ldap://127.0.0.1\n";
  print $fd "ldap_master_uri : $ldap_uri\n";
  print $fd "php_dn : $php_dn\n";
  print $fd "php_pw : $php_pw\n";
  print $fd "calendar_id : $calendar_id\n";
  print $fd "calendar_pw : $calendar_pw\n";
  print $fd "slurpd_addr : $slurpd_addr\n";
  print $fd "slurpd_port : $slurpd_port\n";
  undef $fd;
  print "done modifying $kolab_config\n\n";
  chmod 0600, $kolab_config;
}

#system("@CONFIG_DIR@/kolab_sslcert.sh $fqdn");
print "kolab is now ready to run!\n";
print "please run '$Kolab::config{'KOLABRC'} rc all start'\n";
print ("Use login=manager and passwd=$bind_pw when you log into\n");
print ("the webinterface https://$fqdn$Kolab::config{'kolab_wui'} !\n");

--- NEW FILE: kolabcheckperm.in ---
#!perl

# (c) 2004 Klaralvdalens Datakonsult AB
#
# Written by Steffen Hansen <steffen at klaralvdalens-datakonsult.se>
#
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.

use strict;
use Kolab;
use Kolab::Util;
use Kolab::Conf;

Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");

exit( Kolab::Conf::checkPermissions>0?0:-1 );

--- NEW FILE: kolabconf.in ---
#!perl

##  COPYRIGHT
##  ---------
##
##  See AUTHORS file
##
##
##  LICENSE
##  -------
##
##  This program is free software; you can redistribute it and/or modify
##  it under the terms of the GNU General Public License as published by
##  the Free Software Foundation; either version 2 of the License, or
##  (at your option) any later version.
##
##  This program is distributed in the hope that it will be useful,
##  but WITHOUT ANY WARRANTY; without even the implied warranty of
##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
##  GNU General Public License for more details.
##
##  You should have received a copy of the GNU General Public License
##  along with this program; if not, write to the Free Software
##  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
##
##  $Revision: 1.1 $

use 5.008;
use strict;
use warnings;

use Getopt::Std;
use Sys::Syslog;
use IO::File;
use Kolab;
use Kolab::Util;
use Kolab::Conf;
use Kolab::LDAP;
use vars qw($opt_d $opt_n $opt_h);

Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");

openlog('kolabconf', 'cons, pid', ($Kolab::config{'syslog_facility'} || 'user'));

getopts('dnh');
if ($opt_h) {
    print <<'EOS';
kolabconf - Version @VERSION@

Usage: kolabconf [-d] [-n] [-h]

    Option d (debug) to print out the current config.
    Option n (noreload) to skip reloading services after changing configuration.
    Option h (help) to get this text.
EOS
    exit 0;
}

if ($opt_d) {
    foreach my $key (sort keys %Kolab::config) {
	my $value;
	if( ref($Kolab::config{$key}) eq "ARRAY" ) {
	    $value = join( ", ", @{$Kolab::config{$key}});
	} else {
	    $value = $Kolab::config{$key};
	}
        print "$key : " . $value . "\n";
    }
    exit 0;
}

my $do_reload = 1;
if($opt_n) {
    $do_reload = 0;
}

if( !$Kolab::reloadOk ) {
    my $msg = "Error loading configuration. Maybe the LDAP server is not running. Please check the system log for errors.";
    print STDERR "$msg\n";
    Kolab::log('KC', $msg);
    exit(-1);
}

Kolab::log('KC', 'Rebuilding templates');
Kolab::Conf::rebuildTemplates;
Kolab::log('KC', 'Reloading kolab components');

if( $do_reload ) {
    Kolab::Conf::reload;
}

Kolab::log('KC', 'Finished');

--- NEW FILE: kolabdcachetool.in ---
#!perl

use strict;
use Getopt::Long;
use DB_File;
use POSIX qw(strftime);
use Kolab;

my $progname = `basename $0`;
chomp($progname);

sub usage
{
    print "Usage: $progname CACHE FUNCTION
  where CACHE is one of `mbox' or `gyard' (i.e. the cache to operate
  on) and FUNCION is one of `list', `delete' or `flush' (i.e. the
  function to perform on CACHE)\n";
    exit(1);
    1;
}

my $cache = shift || usage;
my $func = shift || usage;
my (%db, %db2, %sorted);

usage if ($func !~ /list/i && $func !~ /del/i && $func !~ /flush/i);

Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");

if ($cache =~ /mbox/i) {
    dbmopen(%db, $Kolab::config{'kolab_mailboxuiddb'}, 0666)
        || die "Unable to open mail uid cache";
} elsif ($cache =~ /gyard/i) {
    dbmopen(%db, $Kolab::config{'graveyard_uidcache'}, 0666)
        || die "Unable to open graveyard uid cache";

    dbmopen(%db2, $Kolab::config{'graveyard_tscache'}, 0666)
        || die "Unable to open graveyard timestamp cache";
} else { usage; }

my ($guid, $ts);
foreach $guid (keys %db) {
    #$sorted{
    $ts = "";
    $ts = ", deleted " . strftime("%F %T", localtime($db2{$guid})) if exists($db2{$guid});
    print "GUID: `$guid', mailbox: `" . $db{$guid} . "'$ts\n";
}

dbmclose(%db);
dbmclose(%db2);

--- NEW FILE: kolabd.in ---
#!perl

##
##  Copyright (c) 2004  Klaraelvdalens Datakonsult AB
##  Copyright (c) 2003  Code Fusion cc
##
##    Writen by Stuart Bing?<s.binge at codefusion.co.za>
##    Portions based on work by the following people:
##
##      (c) 2003  Tassilo Erlewein  <tassilo.erlewein at erfrakon.de>
##      (c) 2003  Martin Konold     <martin.konold at erfrakon.de>
##      (c) 2003  Achim Frank       <achim.frank at erfrakon.de>
##
##
##  This  program is free  software; you can redistribute  it and/or
##  modify it  under the terms of the GNU  General Public License as
##  published by the  Free Software Foundation; either version 2, or
##  (at your option) any later version.
##
##  This program is  distributed in the hope that it will be useful,
##  but WITHOUT  ANY WARRANTY; without even the  implied warranty of
##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
##  General Public License for more details.
##
##  You can view the  GNU General Public License, online, at the GNU
##  Project's homepage; see <http://www.gnu.org/licenses/gpl.html>.
##

#
#  Module prefixes in the logs:
#    K: kolabd
#    C: Config
#    T: Templates
#    L: LDAP
#    Y: Cyrus
#    B: Backend
#    KC: kolabconf
#    Anything else: the various backends
#

use strict;
use Sys::Syslog;
use IO::File;
use Kolab;
use Kolab::Util;
use Kolab::LDAP;
use Kolab::LDAP::Backend;
use vars qw(%pids);

Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");

openlog('kolabd', 'cons, pid', ($Kolab::config{'syslog_facility'} || 'user'));

# won't be needed now (i think)
# my $prefix = $Kolab::config{'prefix'};

my $pidfile = IO::File->new($Kolab::config{'kolab_pidfile'}, 'w+')
    || die "Unable to open PID file `$Kolab::config{'kolab_pidfile'}";
print $pidfile $$;
undef $pidfile;

sub sigInt
{
    Kolab::Util::superLog('Kolab is shutting down');

    Kolab::log('K', 'SIGINT/SIGTERM detected, kill()ing children');

    foreach my $pid (keys %pids) {
        kill('INT', $pid);
        waitpid($pid, 0);
    }

    Kolab::LDAP::shutdown;

    Kolab::log('K', 'Exiting');
    exit(0);
}

sub sigHup
{
    Kolab::log('K', 'Refreshing configuration');
    foreach my $pid (keys %pids) {
        kill('INT', $pid);
        waitpid($pid, 0);
    }
    %pids = ();
    Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");
    Kolab::log('K', 'Synchronising');
    Kolab::LDAP::sync;
    Kolab::log('K', 'Reloading addressbook.peers');
    Kolab::log('K', 'Finished refresh');
    &run;
}

sub sigDie {
  Kolab::log( 'K', $_[0], KOLAB_ERROR );
}

sub run
{
    my $pid;
    my $finished = 0;
    foreach my $backend (keys %Kolab::LDAP::Backend::backends) {
        Kolab::log('K', "Forking `$backend' listener");
        $pid = fork;
        if (!defined($pid)) {
	    Kolab::log('K', "Unable to fork `$backend' listener", KOLAB_ERROR);
            exit(1);
        }

        if ($pid) {
            $pids{$pid} = 1;
            $finished++;
            next;
        }
        Kolab::LDAP::Backend::run($backend);

        Kolab::log('K', "`$backend' returned");
	# exit with 0 status to avoid killing daemon
	exit(0);
    }

    $SIG{'INT'} = \&sigInt;
    $SIG{'TERM'} = \&sigInt;
    $SIG{'HUP'} = \&sigHup;
    $SIG{__DIE__} = \&sigDie;

    Kolab::log('K', 'Listeners spawned, wait()ing');

    while ($finished > 0) {
        wait;
        if ($?) {
            Kolab::log('K', 'Abnormal child exit status encountered, aborting');
            kill('INT', $$);
        } else {
            Kolab::log('K', 'Child terminated normally');
        }
    }
}

print 'kolabd - Kolab Backend Daemon

  Copyright (c) 2004  Klaraelvdalens Datakonsult AB
  Copyright (c) 2003  Code Fusion cc
  Copyright (c) 2003  Tassilo Erlewein, Martin Konold, Achim Frank

This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
';

Kolab::Util::superLog('Kolab is starting up');

eval {
  Kolab::LDAP::startup($Kolab::config{'kolab_statedir'});

  Kolab::log('K', 'Loading backends');
  Kolab::LDAP::Backend::load;
  Kolab::LDAP::Backend::load('user');
  Kolab::LDAP::Backend::load('sf');
  
  Kolab::log('K', 'Performing backend startup');
  &Kolab::LDAP::Backend::startup;
  
  Kolab::log('K', 'Synchronising');
  Kolab::LDAP::sync;
  
  Kolab::log('K', 'Synchronisation complete, starting up daemon');
  run;
}; Kolab::log( 'K', $@, KOLAB_ERROR ) if $@;


--- NEW FILE: kolabpasswd.in ---
#!perl

# The kolabpasswd script is used for changing the manager password on a Kolab Server.
# In multi-location Kolab setups the script must be run on each individual host 
# seperately.
# After changing the manager password it is highly recommended to restart 
# the Kolab server.
# In the future this utility may be enhanced to allow to change the passwords of 
# normal users and special system accounts.

##  Copyright (c) 2004  Erfrakon
##
##      (c) 2004  Tassilo Erlewein  <tassilo.erlewein at erfrakon.de>
##      (c) 2004  Martin Konold     <martin.konold at erfrakon.de>
##
##  This  program is free  software; you can redistribute  it and/or
##  modify it  under the terms of the GNU  General Public License as
##  published by the  Free Software Foundation; either version 2, or
##  (at your option) any later version.
##
##  This program is  distributed in the hope that it will be useful,
##  but WITHOUT  ANY WARRANTY; without even the  implied warranty of
##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
##  General Public License for more details.
##
##  You can view the  GNU General Public License, online, at the GNU
##  Project's homepage; see <http://www.gnu.org/licenses/gpl.html>.

use Term::ReadKey;
use IO::File;
use File::Temp;
use Net::LDAP;
use Kolab::Util;
use Kolab;

Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");

# won't be needed (i think)
# my $kolab_prefix = (getpwnam('kolab'))[7] || die "Error: could not determine the kolab directory prefix (e.g. /kolab)";

# Shell double-quote a string
# Borrored from Sysadm::Install
sub qquote {
  my($str, $metas) = @_;
  $str =~ s/([\\"])/\\$1/g;
  if(defined $metas) {
    $metas = '!$`' if $metas eq ":shell";
    $metas =~ s/\]/\\]/g;
    $str =~ s/([$metas])/\\$1/g;
  }
  return "\"$str\"";
}

# Hash a password
sub hashPassword {
  my $pw = shift;
  my $hashcmd = "$Kolab::config{'sbindir'}/slappasswd -s ".qquote($pw,":shell");
  (my $hashpw = `$hashcmd`) or die $@;
  chomp($hashpw);
  return $hashpw;
}

# open old kolab master config file
my $kolabconfname = "@CONFIG_DIR@/kolab.conf";

# read old config data
my %config = readConfig($kolabconfname);
my $kolabconf = IO::File->new('@CONFIG_DIR@/kolab.conf','r')
                || die "kolabpasswd: Fatal Error: could not open kolab config at $kolabconfname";

my $account = 'manager';
my $account_dn = $config{'bind_dn'};
if( $#ARGV == 0 ) {
    $account = $ARGV[0];
    if( $account ne 'calendar' and $account ne 'nobody' and $account ne 'manager' ) {
	die("$^X can only change the password for manager, nobody and calendar");
    }
    $account_dn =~ s/cn=manager/cn=$account/;
}
      
print "Changing password for $account";

# open ldap connection and verify old password
my $ldap = Net::LDAP->new( $config{'ldap_uri'})
         || die "\nkolabpasswd: Fatal Error: could not connect to LDAP Server";

do {
  print "\nOld Password: ";
  ReadMode 'noecho';
  my $old_password = ReadLine 0; chomp $old_password;

  $mesg = $ldap->bind( $account_dn, password => $old_password ) || die "\nkolabpasswd: Failed to bind to LDAP server";
  if( $mesg->code ) { print "\nError: ".$mesg->error.". Please try again\n"; }
} while ( $mesg->code );
   
# read in new password
print "\nNew Password for $account: ";
ReadMode 'noecho';
my $new_password = ReadLine 0; chomp $new_password;

print "\nRe-enter New Password: ";
my $new_password2 = ReadLine 0; chomp $new_password2;
print "\n";
ReadMode 'normal';
($new_password eq $new_password2) || die "Sorry, passwords do not match.\n";

my $bind_pw_hash;

# create temporary config file
my $tmp = new File::Temp( TEMPLATE => 'tempXXXXX', DIR => '@CONFIG_DIR@', UNLINK => 0, SUFFIX => '.conf')
     || die "Error: could not create temporary file under @CONFIG_DIR@";
$tmpfilename = $tmp->filename;
$bind_pw_hash = hashPassword($new_password);

# copy and replace old config to temporary file
foreach ($kolabconf->getlines()) {
    if( $account eq 'manager' ) {
	if (/^(bind_pw\s:\s).*$/) {
	    print $tmp $1.$new_password."\n";
	} else {
	    if (/^(bind_pw_hash\s:\s).*$/) {
		print $tmp $1.$bind_pw_hash."\n"; 
	    } else {
		print $tmp $_;
	    }
	}
    } elsif( $account eq 'calendar' ) {
	if (/^(calendar_pw\s:\s).*$/) {
	    print $tmp $1.$new_password."\n";
	} else {
	    print $tmp $_;
	}
    } elsif( $account eq 'nobody' ) {
	if (/^(php_pw\s:\s).*$/) {
	    print $tmp $1.$new_password."\n";
	} else {
	    print $tmp $_;  
	}
    }
}
undef $tmp;
undef $kolabconf;

# open ldap connection and update manager password
$ldap = Net::LDAP->new( $config{'ldap_uri'})
   || die "Error: could not connect LDAP Server";
$ldap->bind( $config{'bind_dn'}, password => $config{'bind_pw'} )
   || die "Error: Failed to bind as manager to LDAP Server";
$ldap->modify($account_dn, replace => {'userPassword' => $bind_pw_hash } )
   || die "Error: could not update LDAP with new manager password";
$ldap->unbind;
undef $ldap;

# move temporary file to kolab master config
rename($tmpfilename,$kolabconfname) || die "Error: could not install new $kolabconfname";
system("chown $Kolab::config{'ldapserver_usr'}:$Kolab::config{'ldapserver_grp'} $kolabconfname");

print "Password changed successfully, please be patient...\n";

# trigger kolabd to run update
system("$Kolab::config{'kolabconf_script'} > /dev/null 2>&1");
exit 0;

--- NEW FILE: kolabquotareport.in ---
(This appears to be a binary file; contents omitted.)

--- NEW FILE: kolabquotawarn.in ---
(This appears to be a binary file; contents omitted.)

--- NEW FILE: kolab_smtpdpolicy.in ---
#!perl

##  COPYRIGHT
##  ---------
##
##  See AUTHORS file
##
##
##  LICENSE
##  -------
##
##  This program is free software; you can redistribute it and/or modify
##  it under the terms of the GNU General Public License as published by
##  the Free Software Foundation; either version 2 of the License, or
##  (at your option) any later version.
##
##  This program is distributed in the hope that it will be useful,
##  but WITHOUT ANY WARRANTY; without even the implied warranty of
##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
##  GNU General Public License for more details.
##
##  You should have received a copy of the GNU General Public License
##  along with this program; if not, write to the Free Software
##  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
##
##  $Revision: 1.1 $

use strict;
use Fcntl;
use Sys::Syslog qw(:DEFAULT setlogsock);
use URI;
use Net::LDAP qw(LDAP_NO_SUCH_OBJECT);
use Net::LDAP::Entry;
use Net::hostent;
use Socket;
use Kolab::Util;

#
# Usage: kolab_smtpdpolicy [-v]
#
# kolabdelegated Postfix SMTPD policy server for Kolab. This server implements
# various policies for Kolab:
#
# 1) Only authenticated users can use sender <username>@$domain
# 2) Some distribution lists are only available to authenticated users
#
# Logging is sent to syslogd.
#
# How it works: each time a Postfix SMTP server process is started
# it connects to the policy service socket, and Postfix runs one
# instance of this PERL script.  By default, a Postfix SMTP server
# process terminates after 100 seconds of idle time, or after serving
# 100 clients. Thus, the cost of starting this PERL script is smoothed
# out over time.
#
# To run this from /etc/postfix/master.cf:
#
#    policy  unix  -       n       n       -       -       spawn
#      user=kolab-n argv=/usr/bin/perl /usr/libexec/postfix/kolab_smtpdpolicy
#
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
#
#    smtpd_recipient_restrictions =
#	...
#	reject_unauth_destination
#	check_policy_service unix:private/policy
#	...
#    smtpd_sender_restrictions =
#	...
#	check_policy_service unix:private/policy
#	...
#
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
#
# To test this script by hand, execute kolab_smtpdpolicy, optionally
# with the option -v to print debugging output.
# Example for OpenPKG based installations:
#
#    # su - kolab
#    $ /kolab/etc/kolab/kolab_smtpdpolicy -v
#
# Each query is a bunch of attributes. Order does not matter, and
# the demo script uses only a few of all the attributes shown below:
#
#    request=smtpd_access_policy
#    protocol_state=RCPT
#    protocol_name=SMTP
#    helo_name=some.domain.tld
#    queue_id=8045F2AB23
#    sender=foo at bar.tld
#    recipient=bar at foo.tld
#    client_address=1.2.3.4
#    client_name=another.domain.tld
#    instance=123.456.7
#    sasl_method=plain
#    sasl_username=you
#    sasl_sender=
#    size=12345
#    [empty line]
#
# The policy server script will answer in the same style, with an
# attribute list followed by a empty line:
#
#    action=DUNNO
#    [empty line]
#

#
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# work on your system.
#
my %conf;
my %attr;
my $ldap;
my $verbose;
my $syslog_socktype = 'unix'; # inet, unix, stream, console
my $syslog_facility="mail";
my $syslog_options="pid";
my $syslog_priority="info";

my $ldap_max_tries = 5;

#
# Read options from config-file
#
my $conf_allowunauth = 0;

%conf = readConfig( %conf, "@CONFIG_DIR@/kolab_smtpdpolicy.conf" );
my $conf_ldapuri = $conf{'ldap_uri'};
my $conf_basedn  = $conf{'basedn'};
my $conf_binddn   = $conf{'binddn'};
my $conf_bindpw  = $conf{'bindpw'};
my @conf_domain  = $conf{'domain'};
$conf_allowunauth = 1 if( $conf{'allow_unauth'} );
my @conf_permithosts = split /\s*,\s*/, $conf{'permithosts'};

sub mylog {
  my $prio = shift;
  my $fmt = shift;

  my $text = sprintf( $fmt, @_ );

  #Kolab::log( 'P', $text );
  syslog $prio, $text;
  print "$text\n";
}

sub contains {
  my $needle = lc(shift);
  my $haystack = shift;
  map { return 1 if $needle eq lc($_) } @$haystack;
  return 0;
}

sub ldap_connect {
    my $ldapuri = URI->new($conf_ldapuri) || fatal_exit("error: could not parse given uri $conf_ldapuri");
    $ldap = Net::LDAP->new($conf_ldapuri) || fatal_exit("could not connect ldap server $conf_ldapuri: $@");
    if ($ldap) {
	if( $conf_binddn ) {
	    $ldap->bind( $conf_binddn, password => $conf_bindpw ) 
	      || fatal_exit( "could not bind as $conf_binddn: $@" );
	} else {
	    $ldap->bind || fatal_exit("could not bind: $@");
	}
    } else {
	fatal_exit( "Could not contact LDAP server" );
    }
}

sub lookup_uid {
  my $tries = 0;
  my $uid = shift;
 AGAIN:
  my $mesg = $ldap->search( base=> $conf_basedn,
			    scope=> 'sub',
			    filter=> "(&(objectClass=kolabinetorgperson)(|(mail=$uid)(uid=$uid)))",
			    attrs => [ 'uid'] );
  if( !$mesg->code && $mesg->count() > 0 ) {
      mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
      my $ldapobject = $mesg->entry(0);
      $uid = lc($ldapobject->get_value('uid'));
      mylog($syslog_priority, "Translated username to $uid") if $verbose;
  } elsif( $mesg->code && $mesg->code != LDAP_NO_SUCH_OBJECT ) {
      if( $tries++ <= $ldap_max_tries ) {
	  ldap_connect;
	  goto AGAIN;
      } else {
	  mylog($syslog_priority, "LDAP Connection error during LOOKUPUID: ".
		$mesg->error." after $ldap_max_tries attempts to reconnect. Giving up!" );
	  die( "LDAP Error looking up uid: ".$mesg->error );
      }
  }
  return $uid;
}

sub check_permithosts {
  my $client_addr = shift;
  for my $host (@conf_permithosts) {
    my $h;
    unless ($h = gethost($host)) {
      mylog($syslog_priority,"No such host $host\n");
      next;
    }
    for my $addr ( @{$h->addr_list} ) {
      return 1 if inet_ntoa($addr) eq $client_addr;
    }
  }
  return undef;
}

sub lookup_sender_uids {
  my $sender = shift;
  my $tries = 0;
  my @result;
 AGAIN:
  my $mesg = $ldap->search( base=> $conf_basedn,
			    scope=> 'sub',
			    filter=> "(&(objectClass=kolabinetorgperson)(|(mail=$sender)(alias=$sender)))",
			    attrs => [ 'uid', 'kolabDelegate' ]);
  if( !$mesg->code && $mesg->count() > 0 ) {
    mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
    foreach my $entry ( $mesg->entries ) {
      mylog($syslog_priority, lc($entry->get_value('uid')." is the uid of ".$sender)) if $verbose;
      push @result, lc($entry->get_value('uid'));
      my $delegate;
      for $delegate ($entry->get_value('kolabDelegate')) {
	$delegate = lookup_uid($delegate);
        mylog($syslog_priority, lc($delegate)." is a delegate of ".$sender) if $verbose;
     	push @result, lc($delegate);
      }
    }
  } elsif( $mesg->code && $mesg->code != LDAP_NO_SUCH_OBJECT ) {
    if( $tries++ <= $ldap_max_tries ) {
      ldap_connect;
      goto AGAIN;
    } else {
      die( "LDAP Error looking up uid for sender: ".$mesg->error );
    }
  }
  return @result;
};

sub check_dist_list {
  my $username = shift;
  my $recipient = shift;
  my $tries = 0;
 AGAIN:
  if( !$username ) {
    my $mesg = $ldap->search( base=> "cn=internal,".$conf_basedn,
			   scope=> 'one', filter=> "(&(mail=$recipient)(objectClass=kolabgroupofnames))");
    if( !$mesg->code && $mesg->count() > 0 ) {
      # Ups, recipient is a restricted list, reject
      mylog( $syslog_priority, "Attempt from $username to access restricted list $recipient" ) if $verbose;	
      return undef;
    } elsif( $mesg->code && $mesg->code != LDAP_NO_SUCH_OBJECT && $tries++ <= $ldap_max_tries ) {
      mylog($syslog_priority, "LDAP Connection error during CHECKDISTLIST: ".$mesg->error.", trying to reconnect" );
      ldap_connect;
      goto AGAIN;
    } elsif( $mesg->code ) {
      mylog( $syslog_priority, "LDAP Error during CHECKDISTLIST: ".$mesg->error ) if $verbose;
      # Just fall through and accept the message in case there was an LDAP problem.
    }
  }
  return 1;
}

#
# SMTPD access policy routine. The result is an action just like
# it would be specified on the right-hand side of a Postfix access
# table.  Request attributes are available via the %attr hash.
#
sub smtpd_access_policy {

  # Get relevant attributes
  my $sender      = lc($attr{'sender'});
  my $recipient   = lc($attr{'recipient'});
  my $username    = lc($attr{'sasl_username'});
  my $client_addr = lc($attr{'client_address'});

  mylog($syslog_priority, "Checking sender=\"$sender\", recipient=\"$recipient\", username=\"$username\", domains=".join(',', at conf_domain)." permithosts=".join(',', at conf_permithosts).", conf_allowunauth=$conf_allowunauth") if $verbose;

  # First check if the sender is a privileged kolabhost
  # Kolab hosts use un-authenticated smtp currently
  # We also just accept the email here is conf_allowunauth is set
  return "DUNNO" if( !$username && ( $conf_allowunauth || check_permithosts($client_addr) ) );

  # Reject anything else from unauthenticated users
  # if conf_allowunauth is false
  return "REJECT Access denied" if( !$username && !$conf_allowunauth );

  eval{ $username = lookup_uid($username) }; return "DEFER_IF_PERMIT $@" if $@;

  # See if sender is owned by someone
  my @uids;
  eval { @uids = lookup_sender_uids($sender) }; return "DEFER_IF_PERMIT $@" if $@;
  if( scalar(@uids) > 0 ) {
    if( contains( $username, \@uids ) ) {
      mylog($syslog_priority, "$username using $sender is OK, accepting") if $verbose;
      return "DUNNO";
    } else {
      mylog($syslog_priority, "$username trying to use $sender is NOT OK, rejecting") if $verbose;
      return "REJECT Invalid sender";
    }
  } else {
    # OK, here things get fishy! The above check
    # ensures that nobody is using someone else's
    # email address. That is perfectly valid, but
    # people want tighter restrictions and disallow
    # use of _any_ (real or imagined) email address
    # that the user is not explicitly allowed to use.
    # Do _have_ to allow the empty sender though,
    # otherwise hell breaks loose...
    if( $username ne '' && $sender ne '' ) {
      mylog($syslog_priority, "$username trying to use $sender is NOT OK, rejecting") if $verbose;
      return "REJECT Invalid sender";
    }
  }

  # Check for valid access to restricted distribution lists
  return "REJECT Access denied" unless check_dist_list($username, $recipient);

  # The result can be any action that is allowed in a Postfix access(5) map.
  #
  # To label mail, return ``PREPEND'' headername: headertext
  #
  # In case of success, return ``DUNNO'' instead of ``OK'' so that the
  # check_policy_service restriction can be followed by other restrictions.
  #
  # In case of failure, specify ``DEFER_IF_PERMIT optional text...''
  # so that mail can still be blocked by other access restrictions.

  mylog($syslog_priority, "sender $sender, recipient $recipient seems ok") if $verbose;

  return "DUNNO";
}

#
# Log an error and abort.
#
sub fatal_exit {
    my($first) = shift(@_);
    mylog("err", "fatal: $first", @_);
    print STDOUT "action=DEFER_IF_PERMIT $first\n\n";
    exit 1;
}

#
# Signal 11 means that we have crashed perl
#
sub sigsegv_handler {
    fatal_exit "Caught signal 11;";
}

$SIG{'SEGV'} = 'sigsegv_handler';

#
# This process runs as a daemon, so it can't log to a terminal. Use
# syslog so that people can actually see our messages.
#
setlogsock $syslog_socktype;
openlog $0, $syslog_options, $syslog_facility;

#
# Allow user to override on commandline
#
while (my $option = shift(@ARGV)) {
  if ($option eq "-v") {
    $verbose = 1;
  } elsif ($option eq '-ldap') {
    $conf_ldapuri = shift(@ARGV);
  } elsif ($option eq '-basedn') {
    $conf_basedn = shift(@ARGV);
  } elsif ($option eq '-binddn' ) {
    $conf_binddn = shift(@ARGV);
  } elsif ($option eq '-bindpw' ) {
    $conf_bindpw = shift(@ARGV);
  } elsif ($option eq '-domain') {
    push @conf_domain, shift(@ARGV);
  } elsif ($option eq '-allow-unauth') {
    $conf_allowunauth = 1;
  } elsif ($option eq '-permithosts') {
    @conf_permithosts = ();
    for my $h (split /\s*,\s*/, shift(@ARGV)) {
      push @conf_permithosts, $h;
    }
  } else {
    mylog( $syslog_priority, "Invalid option: %s. Usage: %s [-v] -ldap <uri> -basedn <base_dn> [-binddn <bind_dn> -bindpw <bind_pw>] [-domain <domain>] [-permithosts <host,host,...>]",
	   $option, $0);
    exit 1;
  }
}

#
# Unbuffer standard output.
#
select((select(STDOUT), $| = 1)[0]);

if( $verbose ) {
  mylog( $syslog_priority, "ldap=$conf_ldapuri, basedn=$conf_basedn, binddn=$conf_binddn");
}

ldap_connect;

#
# Receive a bunch of attributes, evaluate the policy, send the result.
#
while (<STDIN>) {
    if (/([^=]+)=(.*)\n/) {
	$attr{substr($1, 0, 512)} = substr($2, 0, 512);
    } elsif ($_ eq "\n") {
	if ($verbose) {
	    for (keys %attr) {
		mylog( $syslog_priority, "Attribute: %s=%s", $_, $attr{$_});
	    }
	}
	fatal_exit("unrecognized request type: '".$attr{'request'}."'")
	    unless $attr{'request'} eq "smtpd_access_policy";
	my $action = smtpd_access_policy();
	mylog( $syslog_priority, "Action: %s", $action) if $verbose;
	print STDOUT "action=$action\n\n";
	%attr = ();
    } else {
	chop;
	mylog( $syslog_priority, "warning: ignoring garbage: %.100s", $_);
    }
}

--- NEW FILE: kolab_upgrade.in ---
#!perl

# (c) 2005 Steffen Hansen <steffen at klaralvdalens-datakonsult.se>
#
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.

use Term::ReadKey;
use Kolab;
use Kolab::Util;
use Kolab::LDAP;

Kolab::reloadConfig("@CONFIG_DIR@/kolab.globals");

Kolab::LDAP::startup($Kolab::config{'kolab_statedir'});

# Utility functions
sub getLdapEntry {
  my $ldap = shift;
  my $dn = shift;
  my $mesg = $ldap->search( base => $dn, scope => 'exact', filter => '(objectClass=*)' );
  if( $mesg && $mesg->count() > 0 ) {
    return $mesg->entry(0);
  }
}
sub newOrExistingLDAPEntry {
  my $ldap = shift;
  my $dn = shift;

  my $mesg = $ldap->search( base => $dn, scope => 'exact', filter => '(objectClass=*)' );
  if( $mesg && $mesg->count() > 0 ) {
    return $mesg->entry(0);
  } else {
    return Net::LDAP::Entry->new;
  }
}

sub newkolabgroupofnames {
  my $ldap = shift;
  my $basedn = shift;
  my $cn = shift;

  if( scalar(@_) < 1 ) {
    warn "kolabgroupofnames must contain at least one member";
  }

  my $ldapobject = newOrExistingLDAPEntry($ldap,"cn=$cn,$basedn");
  $ldapobject->replace('cn' => $cn, 'objectclass' => ['top','kolabgroupofnames'],
                       'member' => @_);
  $ldapobject->dn("cn=$cn,$basedn");
  my $mesg = $ldapobject->update($ldap);
  $mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;
  return $ldapobject;
}


print "Kolab Upgrade script from 2.0 to 2.1\n";
print "------------------------------------\n\n";
print "This will upgrade your Kolab LDAP database from version 2.0 to 2.1.\n";
print "Please back up everything before continuing\n\n";
print "Continue? [N/y]: ";
my $tmp = ReadLine;
chomp $tmp;
print "$tmp\n";
exit unless $tmp eq 'y';

# Connect to LDAP server
my $ldap_uri = $Kolab::config{'ldap_uri'};
my $ldap = Net::LDAP->new($ldap_uri, verify => 'none' ) || die "Could not connect ldap server $ldap_uri";
$ldap->bind($Kolab::config{'bind_dn'}, password=> $Kolab::config{'bind_pw'}) 
  || die "could not bind to ldap server $ldap_uri";

print "Fixing k=kolab object:\n";
my $kolab_object = getLdapEntry($ldap, 'k=kolab'.$Kolab::config{'base_dn'}) || die "Could not read Kolab LDAP object";
my $mydom = $kolab_object->get_value('postfix-mydomain');
my @mydest = @{$kolab_object->get_value('postfix-mydestination')};
foreach( @mydest ){
  if( $_ eq "\$mydomain" ) {
    print "Replacing postfix-mydestination: $_ with postfix-mydestination: $mydom\n";
    $_ = $mydom;
  }
}
$kolab_object->replace( 'postfix-mydestination' => \@mydest );
$kolab_object->update( $ldap );

print "Creating additional entries:\n";

# create domain groups topnode
print "Creating cn=domains,cn=internal,$base_dn\n";
my $ldapobject = newOrExistingLDAPEntry( $ldap, "cn=domains,cn=internal,$base_dn" );
$ldapobject->replace('cn' => 'domains', 'objectclass' => ['top','kolabnamedobject']);
$ldapobject->dn("cn=domains,cn=internal,$base_dn");
$mesg = $ldapobject->update($ldap);
$mesg && $mesg->code && warn "failed to write entry: ", $mesg->error;

# create domain-mainainter group
print "Creating cn=domain-maintainers,cn=internal,$base_dn\n";
newkolabgroupofnames( $ldap, "cn=internal,$base_dn", 'domain-maintainer', $Kolab::config{'bind_dn'} );



From cvs at kolab.org  Fri Oct 10 16:24:02 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:24:02 +0200 (CEST)
Subject: gunnar: server/perl-kolab/lib Kolab.pm,1.24,1.25 
Message-ID: <20081010142402.4DDDA600BA9@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/lib
In directory doto:/tmp/cvs-serv20490/lib

Modified Files:
	Kolab.pm 
Log Message:
Allow returning only the global information when bootstrapping. Removed prefix variable.

Index: Kolab.pm
===================================================================
RCS file: /kolabrepository/server/perl-kolab/lib/Kolab.pm,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- Kolab.pm	14 Aug 2008 19:17:42 -0000	1.24
+++ Kolab.pm	10 Oct 2008 14:24:00 -0000	1.25
@@ -83,6 +83,7 @@
 sub reloadConfig
 {
     my $kolab_globals = shift;
+    my $globals_only = shift || 0;
 
     my $tempval;
     my $ldap;
@@ -100,6 +101,11 @@
     # First read `kolab.globals'
     %config = readConfig(%config, $kolab_globals);
 
+    # Return if we should only read the base information.
+    if ($globals_only) {
+	return;
+    }
+
     # Determine the root of the kolab installation, and read `kolab.globals'
     # Notice that the location of the files is handled by dist_conf,
     # so we don't use $tempval for anything other than storing it in
@@ -110,8 +116,6 @@
         $config{'log_level'} = KOLAB_WARN;
         &log('C', 'Unable to determine the kolab user main directory', KOLAB_ERROR);	
 	$error = 1;
-    } else {
-       $config{'prefix'} = $tempval;
     }
 
     # Now read `kolab.conf', overwriting values read from `kolab.globals'



From cvs at kolab.org  Fri Oct 10 16:24:48 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:24:48 +0200 (CEST)
Subject: gunnar: server/perl-kolab/lib/Kolab Cyrus.pm,1.5,1.6 
Message-ID: <20081010142448.27710600BAA@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/lib/Kolab
In directory doto:/tmp/cvs-serv20548/Kolab

Modified Files:
	Cyrus.pm 
Log Message:
Remove prefix variable.

Index: Cyrus.pm
===================================================================
RCS file: /kolabrepository/server/perl-kolab/lib/Kolab/Cyrus.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- Cyrus.pm	15 Feb 2008 08:52:19 -0000	1.5
+++ Cyrus.pm	10 Oct 2008 14:24:46 -0000	1.6
@@ -163,7 +163,6 @@
     my $cyruid = &createUid($uid, $sf);
 
     Kolab::log('Y', "Setting up ACL of mailbox `$cyruid'");
-    my $prefix = $Kolab::config{'prefix'};
     my %acls = $cyrus->listacl( $cyruid );
     my ($user, $entry, $acl);
     Kolab::log('Y', "Removing users from ACL of $cyruid (users are \"".join(', ', keys %acls)."\")", KOLAB_DEBUG);



From cvs at kolab.org  Fri Oct 10 16:25:36 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:25:36 +0200 (CEST)
Subject: gunnar: server/perl-kolab/lib/Kolab LDAP.pm,1.6,1.7 
Message-ID: <20081010142536.BD72A600BB4@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab/lib/Kolab
In directory doto:/tmp/cvs-serv20655/Kolab

Modified Files:
	LDAP.pm 
Log Message:
Use the correct configuration variables for the cache files. Added experimental kolabimapserver entry.

Index: LDAP.pm
===================================================================
RCS file: /kolabrepository/server/perl-kolab/lib/Kolab/LDAP.pm,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- LDAP.pm	9 Jul 2008 14:00:15 -0000	1.6
+++ LDAP.pm	10 Oct 2008 14:25:34 -0000	1.7
@@ -29,6 +29,7 @@
 use warnings;
 use UNIVERSAL;
 use Time::Local;
+use Net::Domain qw(hostfqdn);
 use Net::LDAP qw( LDAP_SUCCESS LDAP_PROTOCOL_ERROR LDAP_REFERRAL );
 use Net::LDAPS;
 use Net::LDAP::Util;
@@ -95,7 +96,7 @@
     Kolab::log('L', 'Opening mailbox uid cache DB');
 
     my %uid_db;
-    if (!dbmopen(%uid_db, "$db_statedir/mailbox-uidcache.db", 0666)) {
+    if (!dbmopen(%uid_db, $Kolab::config{'kolab_mailboxuiddb'}, 0666)) {
         Kolab::log('L', 'Unable to open mailbox uid cache DB', KOLAB_ERROR);
         exit(1);
     }
@@ -151,13 +152,13 @@
     Kolab::log('L', 'Opening graveyard uid/timestamp cache DB');
 
     my %gyard_db;
-    if (!dbmopen(%gyard_db, "$db_statedir/graveyard-uidcache.db", 0666)) {
+    if (!dbmopen(%gyard_db, $Kolab::config{'graveyard_uidcache'}, 0666)) {
         Kolab::log('L', 'Unable to open graveyard uid cache DB', KOLAB_ERROR);
         exit(1);
     }
 
     my %gyard_ts_db;
-    if (!dbmopen(%gyard_ts_db, "$db_statedir/graveyard-tscache.db", 0666)) {
+    if (!dbmopen(%gyard_ts_db, $Kolab::config{'graveyard_tscache'}, 0666)) {
         Kolab::log('L', 'Unable to open graveyard timestamp cache DB', KOLAB_ERROR);
         exit(1);
     }
@@ -451,6 +452,7 @@
     return if( $objuidfield eq 'mail' && !$object->get_value('uid') );
 
     my $kolabhomeserver = lc($object->get_value('kolabhomeserver'));
+    my $kolabimapserver = lc($object->get_value('kolabimapserver'));
     my $islocal = 1;
     my $del = $object->get_value($Kolab::config{$p . '_field_deleted'}, asref => 1);
     if( ref($del) eq 'ARRAY' && @$del > 0 ) {
@@ -458,7 +460,8 @@
 		 ." because it is deleted", KOLAB_DEBUG);
       return;
     }
-    if( $kolabhomeserver && $kolabhomeserver ne lc($Kolab::config{'fqdnhostname'}) ) {
+    if( ($kolabhomeserver && $kolabhomeserver ne lc($Kolab::config{'fqdnhostname'})) 
+	|| $kolabimapserver && $kolabimapserver ne lc(hostfqdn()) ) {
       if( $p eq 'sf' ) {
 	# Dont create shared folders on other hosts than it's kolabhomeserver
 	Kolab::log('L', "Kolab::LDAP::createObject() skipping shared folder for other server $kolabhomeserver", KOLAB_DEBUG);



From cvs at kolab.org  Fri Oct 10 16:27:21 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:27:21 +0200 (CEST)
Subject: gunnar: server/perl-kolab ChangeLog,1.40,1.41 
Message-ID: <20081010142721.E6113600BB6@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/perl-kolab
In directory doto:/tmp/cvs-serv20737

Modified Files:
	ChangeLog 
Log Message:
Changelog.

Index: ChangeLog
===================================================================
RCS file: /kolabrepository/server/perl-kolab/ChangeLog,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -d -r1.40 -r1.41
--- ChangeLog	10 Oct 2008 14:22:03 -0000	1.40
+++ ChangeLog	10 Oct 2008 14:27:19 -0000	1.41
@@ -1,3 +1,13 @@
+2008-10-10  Gunnar Wrobel  <p at rdus.de>
+
+	* lib/Kolab.pm: Allow returning only the global information when
+	bootstrapping.
+
+	* lib/Kolab/LDAP.pm: Use the correct configuration variables for
+	the cache files. Added experimental kolabimapserver entry.
+
+	* bin/*: Collect all perl tools in this one single package.
+
 2008-10-03  Gunnar Wrobel  <p at rdus.de>
 
 	* bin/kolabquotawarn.in: Moved script from kolabd package into



From cvs at kolab.org  Fri Oct 10 16:29:13 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:29:13 +0200 (CEST)
Subject: gunnar: server/kolabconf .cvsignore, 1.1, NONE AUTHORS, 1.3,
	NONE COPYING, 1.1, NONE ChangeLog, 1.15, NONE DEVELOPMENT, 1.6,
	NONE INSTALL, 1.1, NONE MANIFEST, 1.3, NONE Makefile.PL, 1.25,
	NONE README, 1.1, NONE kolabconf.spec, 1.8, NONE 
Message-ID: <20081010142913.7A68F600BB7@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/kolabconf
In directory doto:/tmp/cvs-serv20897

Removed Files:
	.cvsignore AUTHORS COPYING ChangeLog DEVELOPMENT INSTALL 
	MANIFEST Makefile.PL README kolabconf.spec 
Log Message:
kolabconf has been collapsed into perl-kolab.

--- .cvsignore DELETED ---

--- AUTHORS DELETED ---

--- COPYING DELETED ---

--- ChangeLog DELETED ---

--- DEVELOPMENT DELETED ---

--- INSTALL DELETED ---

--- MANIFEST DELETED ---

--- Makefile.PL DELETED ---

--- README DELETED ---

--- kolabconf.spec DELETED ---



From cvs at kolab.org  Fri Oct 10 16:29:13 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:29:13 +0200 (CEST)
Subject: gunnar: server/kolabconf/bin .cvsignore, 1.1, NONE kolabconf.in, 1.8,
	NONE 
Message-ID: <20081010142913.7D224600BB8@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/kolabconf/bin
In directory doto:/tmp/cvs-serv20897/bin

Removed Files:
	.cvsignore kolabconf.in 
Log Message:
kolabconf has been collapsed into perl-kolab.

--- .cvsignore DELETED ---

--- kolabconf.in DELETED ---



From cvs at kolab.org  Fri Oct 10 16:29:13 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:29:13 +0200 (CEST)
Subject: gunnar: server/kolabconf/lib/Kolab Conf.pm,1.22,NONE 
Message-ID: <20081010142913.84DFA600BB9@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/kolabconf/lib/Kolab
In directory doto:/tmp/cvs-serv20897/lib/Kolab

Removed Files:
	Conf.pm 
Log Message:
kolabconf has been collapsed into perl-kolab.

--- Conf.pm DELETED ---



From cvs at kolab.org  Fri Oct 10 16:30:46 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Fri, 10 Oct 2008 16:30:46 +0200 (CEST)
Subject: gunnar: server/kolabd/kolabd ChangeLog, 1.194, 1.195 Makefile.am, 1.45,
	1.46 kolab.globals.in, 1.12, 1.13 kolab_bootstrap.in, 1.41,
	NONE kolab_smtpdpolicy.in, 1.11, NONE kolab_upgrade.in, 1.5,
	NONE kolabcheckperm.in, 1.4, NONE kolabd.in, 1.8,
	NONE kolabdcachetool.in, 1.2, NONE kolabpasswd.in, 1.5,
	NONE kolabquotareport.in, 1.5, NONE kolabquotawarn.in, 1.15,
	NONE quotawarning.txt, 1.2, NONE 
Message-ID: <20081010143046.430D9600BB8@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server/kolabd/kolabd
In directory doto:/tmp/cvs-serv21023

Modified Files:
	ChangeLog Makefile.am kolab.globals.in 
Removed Files:
	kolab_bootstrap.in kolab_smtpdpolicy.in kolab_upgrade.in 
	kolabcheckperm.in kolabd.in kolabdcachetool.in kolabpasswd.in 
	kolabquotareport.in kolabquotawarn.in quotawarning.txt 
Log Message:
Move perl tools over to perl-kolab.

Index: ChangeLog
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/ChangeLog,v
retrieving revision 1.194
retrieving revision 1.195
diff -u -d -r1.194 -r1.195
--- ChangeLog	23 Sep 2008 13:47:51 -0000	1.194
+++ ChangeLog	10 Oct 2008 14:30:44 -0000	1.195
@@ -1,3 +1,32 @@
+2008-10-03  Gunnar Wrobel  <p at rdus.de>
+
+	* kolab_upgrade.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolabquotawarn.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolabpasswd.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolab_bootstrap.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolabd.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolabdcachetool.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolabcheckperm.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolabquotareport.in: Moved script from kolabd package into
+	perl-kolab.
+
+	* kolab_smtpdpolicy.in: Moved script from kolabd package into
+	perl-kolab.
+
 2008-09-23  Gunnar Wrobel  <p at rdus.de>
 
 	* templates/master.cf.template.in: Updated the configuration

Index: Makefile.am
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/Makefile.am,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -d -r1.45 -r1.46
--- Makefile.am	6 Sep 2008 15:15:28 -0000	1.45
+++ Makefile.am	10 Oct 2008 14:30:44 -0000	1.46
@@ -19,14 +19,7 @@
 kolab_SCRIPTS = $(KOLAB_SCRIPTS_FILES) \
 	kolab_sslcert.sh \
 	kolab_ca.sh \
-	kolab_bootstrap \
-	workaround.sh \
-	kolabquotawarn \
-	kolabquotareport \
-	kolab_upgrade \
-	kolab_smtpdpolicy \
-	kolabdcachetool
-
+	workaround.sh
 
 kolabspecialdir = $(kolabconfdir)
 kolabspecial_DATA = kolab.globals
@@ -139,13 +132,8 @@
 kolabdocdir = $(pkgdocdir)/@PACKAGE@
 kolabdoc_DATA = $(kolabdoc_FILES) $(kolabdoc_GENERATED)
 
-if OPENPKG
-kolabsbin_FILES = kolabd \
-	kolabcheckperm
-else
-kolabsbin_FILES = kolabd \
-	kolabcheckperm \
-	dist_conf/kolabsrv
+if ! OPENPKG
+kolabsbin_FILES = dist_conf/kolabsrv
 endif	
 
 kolabsbindir = $(sbindir)/
@@ -158,7 +146,7 @@
   KOLABBIN_FILES = namespace/kolab
 endif
 
-kolabbin_DATA = kolabpasswd $(KOLABBIN_FILES)
+kolabbin_DATA = $(KOLABBIN_FILES)
 
 
 if OPENPKG
@@ -217,9 +205,6 @@
 	chmod 444 $(DESTDIR)$(kolabconfdir)/kolab.globals
 	chmod 775 $(DESTDIR)$(kolabdir)$(kolab_FILES)
 	chmod 744 $(DESTDIR)$(kolabnamespacedir)/*
-	chmod 744 $(DESTDIR)$(sbindir)/kolabd
-	chmod 744 $(DESTDIR)$(sbindir)/kolabcheckperm
-	chmod 755 $(DESTDIR)$(bindir)/kolabpasswd
 if ! OPENPKG
 	chmod 755 $(DESTDIR)$(sbindir)/kolabsrv
 endif

Index: kolab.globals.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/kolab.globals.in,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- kolab.globals.in	5 Mar 2008 18:10:09 -0000	1.12
+++ kolab.globals.in	10 Oct 2008 14:30:44 -0000	1.13
@@ -41,11 +41,31 @@
 kolabdir: @sysconfdir@/kolab/
 postmapping: @sbindir@/postmap -o @emailserver_confdir@
 KOLABRC: @KOLABRC@
+bindir: @bindir@
 sbindir: @sbindir@
 webserver_logdir: @webserver_logdir@
 webserver_document_root: @webserver_document_root@
+kolab_statedir: @kolab_statedir@
+kolab_pidfile: @kolab_pidfile@
+kolab_mailboxuiddb: @kolab_mailboxuiddb@
+graveyard_uidcache: @graveyard_uidcache@
+graveyard_tscache: @graveyard_tscache@
 local_addr : 127.0.0.1
 bind_any : TRUE
 bind_addr : 0.0.0.0
 calendar_id : calendar
 syslog_facility : user
+backupfiles : @backupfiles@
+backupdir : @backupdir@
+ldapserver_dir : @ldapserver_dir@
+sysconfdir : @sysconfdir@
+sasl_smtpconffile : @sasl_smtpconffile@
+ldapserver_rusr : @ldapserver_rusr@
+ldapserver_grp : @ldapserver_grp@
+libexecdir : @libexecdir@
+WITHOPENPKG : @WITHOPENPKG@
+LDAPD : @LDAPD@
+kolab_scriptsdir : @kolab_scriptsdir@
+pki_grp : @pki_grp@
+TAR : @TAR@
+kolab_wui : @kolab_wui@

--- kolab_bootstrap.in DELETED ---

--- kolab_smtpdpolicy.in DELETED ---

--- kolab_upgrade.in DELETED ---

--- kolabcheckperm.in DELETED ---

--- kolabd.in DELETED ---

--- kolabdcachetool.in DELETED ---

--- kolabpasswd.in DELETED ---

--- kolabquotareport.in DELETED ---

--- kolabquotawarn.in DELETED ---

--- quotawarning.txt DELETED ---



From cvs at kolab.org  Mon Oct 13 11:27:00 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Mon, 13 Oct 2008 11:27:00 +0200 (CEST)
Subject: bernhard: doc/www/src roadmap.html.m4,1.17,1.18 
Message-ID: <20081013092700.B3051600921@lists.intevation.de>

Author: bernhard

Update of /kolabrepository/doc/www/src
In directory doto:/tmp/cvs-serv18810

Modified Files:
	roadmap.html.m4 
Log Message:
Adapting roadmap a little bit.


Index: roadmap.html.m4
===================================================================
RCS file: /kolabrepository/doc/www/src/roadmap.html.m4,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- roadmap.html.m4	15 Jul 2008 16:22:59 -0000	1.17
+++ roadmap.html.m4	13 Oct 2008 09:26:58 -0000	1.18
@@ -28,19 +28,21 @@
 <!--KDE Kontact for Linux-->
 <h3>Kontact for GNU/Linux</h3>
 <h4>Enterprise35</h4>
-This series is in <b>beta quality</b> and contains a large number of improvements 
-over Proko2. Currently intermediate releases happen very few weeks for 
-testing. Packagers are already picking this up.
+This series is <b>almost production ready</b> 
+and contains a large number of improvements over Proko2. 
+Currently intermediate releases happen very few weeks to fix a few remaining
+issues. Packagers have already picked this up; a significant number of
+people are using this in production.
 <p>
-Stabilization to enterprise production quality is planned for Q2 2008.
+Until end of 2008 we plan to switch to maintenance mode.
 
 <h4>Enterprise4</h4>
-This is the next generation in <b>development</b>. The client will be based
-on KDE4 technology, but without Akonadi. We expect it to be in beta Q3 2008
-and production ready end of 2008.
+This is the next generation in <b>alpha</b> state. The client is based
+on KDE4 technology, but without Akonadi. We expect it to be in beta during 
+fall 2008 and production ready Q1 2009.
 
 <h4>Proko2</h4>
-This series is very <b>stable</b> and in in maintenance mode.
+This series is <b>very stable</b> and in in maintenance mode.
 Only very important updates will happen occasionally - governed
 by the urgency of the changes for enterprise users.
 </div>
@@ -54,8 +56,8 @@
 </div>
 <div class="logo-text-right">
 <h3>Kontact for Windows (enterprise4 | alpha)</h3>
-This version is in development. We expect it to be in beta Q3 2008
-and production ready end of 2008. 
+This version is in development. We expect it to be in beta end of 2008
+and production ready Q1 2009.
 </div>
 
 <!--Kontact for MacOSX-->
@@ -66,8 +68,8 @@
 </div>
 <div class="logo-text-right">
 <h3>Kontact for Mac OS X (enterprise4 | alpha)</h3>
-This version is in development. We expect it to be in beta Q3 2008
-and production ready end of 2008. 
+This version is in development. We expect it to be in beta end of 2008
+and production ready Q1 2009.
 </div>
 
 



From cvs at kolab.org  Tue Oct 14 07:40:04 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Tue, 14 Oct 2008 07:40:04 +0200 (CEST)
Subject: gunnar: server install-kolab.sh,1.44,1.45 
Message-ID: <20081014054004.DF26F600168@lists.intevation.de>

Author: gunnar

Update of /kolabrepository/server
In directory doto:/tmp/cvs-serv13339

Modified Files:
	install-kolab.sh 
Log Message:
Return to the source directory after creating the temporary directory.

Index: install-kolab.sh
===================================================================
RCS file: /kolabrepository/server/install-kolab.sh,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -d -r1.44 -r1.45
--- install-kolab.sh	18 Sep 2008 10:05:47 -0000	1.44
+++ install-kolab.sh	14 Oct 2008 05:40:02 -0000	1.45
@@ -195,6 +195,7 @@
 echo "Changing to temporary working directory $WORKDIR ..."
 cd "$WORKDIR"
 populate_workdir
+cd "$SRCDIR"
 
 echo
 echo "Kolab installation tag (TAG):       $TAG"



From cvs at kolab.org  Tue Oct 14 08:37:15 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Tue, 14 Oct 2008 08:37:15 +0200 (CEST)
Subject: thomas: server install-kolab.sh,1.45,1.46 
Message-ID: <20081014063715.7303F600168@lists.intevation.de>

Author: thomas

Update of /kolabrepository/server
In directory doto:/tmp/cvs-serv14681

Modified Files:
	install-kolab.sh 
Log Message:
Reverted wrong fix for upgrade problems reported in kolab/issue3138


Index: install-kolab.sh
===================================================================
RCS file: /kolabrepository/server/install-kolab.sh,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -d -r1.45 -r1.46
--- install-kolab.sh	14 Oct 2008 05:40:02 -0000	1.45
+++ install-kolab.sh	14 Oct 2008 06:37:13 -0000	1.46
@@ -195,7 +195,6 @@
 echo "Changing to temporary working directory $WORKDIR ..."
 cd "$WORKDIR"
 populate_workdir
-cd "$SRCDIR"
 
 echo
 echo "Kolab installation tag (TAG):       $TAG"



From cvs at kolab.org  Tue Oct 14 14:59:17 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Tue, 14 Oct 2008 14:59:17 +0200 (CEST)
Subject: bernhard: doc/architecture freebusy.txt,1.24,1.25 
Message-ID: <20081014125917.17C9D60016C@lists.intevation.de>

Author: bernhard

Update of /kolabrepository/doc/architecture
In directory doto:/tmp/cvs-serv26149

Modified Files:
	freebusy.txt 
Log Message:
* Clarified what constitutes an operation after which a client must trigger.
* Typo fixed.


Index: freebusy.txt
===================================================================
RCS file: /kolabrepository/doc/architecture/freebusy.txt,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- freebusy.txt	25 Sep 2008 09:23:40 -0000	1.24
+++ freebusy.txt	14 Oct 2008 12:59:14 -0000	1.25
@@ -176,13 +176,16 @@
 One successful trigger does both.
 
 In general all clients writing to calendar folders on the server
-must trigger the generation of pfbs. This include KDE Kontact,
+must trigger the generation of pfbs. This includes KDE Kontact,
 the Outlook Clients, the web client and the resource manager.
 They must trigger after one or more write operations to one folder.
 If a clients knows that it will do several write operations
 during a very short interval to one folder,
 it should delay the trigger until it has done the operations
 to avoid unnecessary triggers.
+Creation, deletion of a folder, 
+change of ACLs, annotations or non-local flags 
+also constitute a "write operation" making a trigger recessary.
 
 Pfb collector
 



From cvs at kolab.org  Wed Oct 15 11:56:56 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Wed, 15 Oct 2008 11:56:56 +0200 (CEST)
Subject: bernhard: doc/www/src kolab2-clients.html.m4,1.3,1.4 
Message-ID: <20081015095656.2114B60016C@lists.intevation.de>

Author: bernhard

Update of /kolabrepository/doc/www/src
In directory doto:/tmp/cvs-serv21467

Modified Files:
	kolab2-clients.html.m4 
Log Message:
Updating kolab clients. 
(Addresses kolab/issue2584 (www.kolab.org/kolab2-clients.html out of date))


Index: kolab2-clients.html.m4
===================================================================
RCS file: /kolabrepository/doc/www/src/kolab2-clients.html.m4,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- kolab2-clients.html.m4	8 Jan 2006 11:15:43 -0000	1.3
+++ kolab2-clients.html.m4	15 Oct 2008 09:56:53 -0000	1.4
@@ -4,18 +4,27 @@
 
 <h2>Kolab2 Clients</h2>
 
-Clients, fully compatible with Kolab2 and its storage format.
-Also see <a href="./about-kolab-clients.html">About Kolab Clients</a>.
+Clients, currently aiming to be fully compatible with the Kolab Concept 2 
+and its storage format.  For more details 
+see <a href="./about-kolab-clients.html">About Kolab Clients</a>.
 
 
 <ul>
 <li>
-	KDE Kolab2 Client 
-	(Kontact; proko2 Branch can be build for KDE 3.2., 3.3 and 3.4)
+	KDE Kolab Client 
+	(based on KDE Kontact; Branches: proko2 and enterprise35; 
+	possibly other KDE versions)
 <li> 
 	Outlook with the Toltec Connector (since version 2)
 <li>
 	Outlook with Konsec
+<li>  
+	Outlook with Bynari Insight Connector (since March 2008, 3.1.x)
+<li>
+	Kolab Webclient (based on Kolab PHP Modules from Horde,
+		since Kolab Server/OpenPKG 2.2.0, has some limitations)
+<li> 
+	SyncKolab Thunderbird Plugin (1.0.1 has some known limitations)
 
 </ul>
 



From cvs at kolab.org  Thu Oct 16 20:58:25 2008
From: cvs at kolab.org (cvs@kolab.org)
Date: Thu, 16 Oct 2008 20:58:25 +0200 (CEST)
Subject: richard: server/perl-kolab/lib/Kolab/LDAP/Backend syncrepl.pm, 1.3,
	1.4 
Message-ID: <20081016185825.B7B3F600939@lists.intevation.de>

Author: richard

Update of /kolabrepository/server/perl-kolab/lib/Kolab/LDAP/Backend
In directory doto:/tmp/cvs-serv31582/lib/Kolab/LDAP/Backend

Modified Files:
	syncrepl.pm 
Log Message:
Updated with changes provided by Mathieu Parent. See kolab/issue1755



Index: syncrepl.pm
===================================================================
RCS file: /kolabrepository/server/perl-kolab/lib/Kolab/LDAP/Backend/syncrepl.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- syncrepl.pm	17 Jul 2008 10:01:10 -0000	1.3
+++ syncrepl.pm	16 Oct 2008 18:58:23 -0000	1.4
@@ -21,8 +21,13 @@
 use warnings;
 use Kolab;
 use Kolab::LDAP;
-use Net::LDAP;
+use Net::LDAP qw(
+	LDAP_USER_CANCELED
+	LDAP_SYNC_REFRESH_ONLY
+	LDAP_SYNC_REFRESH_AND_PERSIST
+);
 use Net::LDAP::Control;
+use Net::LDAP::Control::SyncRequest;
 use Net::LDAP::Entry;
 use vars qw($ldap $cookie $disconnected);
 my $cookie = '';
@@ -45,97 +50,13 @@
     
 );
 
-our $VERSION = '0.1';
-
-# LDAP Content Synchronization Operation -- RFC 4533
-use constant LDAP_SYNC_OID => "1.3.6.1.4.1.4203.1.9.1";
-use constant {
-	LDAP_CONTROL_SYNC => LDAP_SYNC_OID.".1",
-	LDAP_CONTROL_SYNC_STATE => LDAP_SYNC_OID.".2",
-	LDAP_CONTROL_SYNC_DONE => LDAP_SYNC_OID.".3",
-	LDAP_SYNC_INFO => LDAP_SYNC_OID.".4",
-
-	LDAP_SYNC_NONE => 0x00,
-	LDAP_SYNC_REFRESH_ONLY => 0x01,
-	LDAP_SYNC_RESERVED => 0x02,
-	LDAP_