initial import

createlinks

@@ -0,0 +1,68 @@
+#!/usr/bin/perl -w
+
+use esmith::Build::CreateLinks qw(:all);
+
+foreach my $event (qw/user-create user-modify group-create group-modify group-delete ldap-update bootstrap-ldap-save/){
+    event_link("update-reverse-group", "$event", "85");
+}
+foreach my $event (qw/user-modify user-modify-admin pseudonym-create pseudonym-modify pseudonym-delete ldap-update bootstrap-ldap-save/){
+    event_link("update-ldap-pseudonyms", "$event", "86");
+}
+
+# Initialisation des comptes, partages et domaines
+foreach my $event (qw/ipasserelle-update bootstrap-ldap-save/){
+    event_link("ipasserelle-init-accounts", "$event", "10");
+    event_link("ipasserelle-init-shares", "$event", "15");
+    event_link("ipasserelle-init-domains", "$event", "20");
+}
+
+# Generateur de signature
+foreach my $event (qw/ipasserelle-update bootstrap-console-save user-create user-modify user-modify-admin ldap-update/){
+    event_link("generate-email-sign", "$event", "50");
+}
+
+# CAcert
+# Initialisation des domaines
+foreach my $event (qw/ipasserelle-update bootstrap-ldap-save/){
+    event_link("private-cacert", "$event", "25");
+}
+
+# Activation de qmail-notify
+templates2events("/etc/cron.hourly/qmail-notify", qw(email-update bootstrap-console-save));
+
+# Desactivation des checks RAID
+templates2events("/etc/sysconfig/raid-check", qw(ipasserelle-update bootstrap-console-save));
+
+# Config des panels
+event_link("conf-userpanelsymlinks", "ipasserelle-update", "60");
+
+# Reset unsavedchange
+event_link("reset-unsavedflag", "ipasserelle-update", "80");
+
+safe_symlink("sighup", "root/etc/e-smith/events/ipasserelle-update/services2adjust/smbd");
+
+# Permissions scan
+event_link("share-modify-scan", "user-create", "80");
+event_link("share-modify-scan", "user-delete", "80");
+event_link("share-modify-scan", "ipasserelle-update", "80");
+
+# Update LDAP attr on user-modify
+event_link("ldap-update-info", "user-modify", "89");
+event_link("ldap-update-info", "user-modify-admin", "89");
+event_link("ldap-update-info", "ldap-update", "89");
+event_link("ldap-update-info", "bootstrap-ldap-save", "89");
+
+# Init DB
+event_link("initialize-default-databases", "ipasserelle-update", "06");
+
+# Service IPMI
+service_link_enhanced("ipmi", "S26", "7");
+service_link_enhanced("ipmi", "K74", "6");
+# Autofs
+service_link_enhanced("autofs", "S28", "7");
+service_link_enhanced("autofs", "K72", "6");
+
+# Panels
+panel_link('userinfo','manager');
+panel_link('userpanel-viewgroups','user');
+

root/etc/cron.hourly/qpsmtpd-cleanup

@@ -0,0 +1,21 @@
+#!/usr/bin/perl
+
+use Sys::Syslog qw( :DEFAULT setlogsock);
+use Proc::ProcessTable;
+use Proc::ProcessTable::Process;
+
+setlogsock('unix');
+openlog($0,'','user');
+$t = new Proc::ProcessTable;
+foreach $p ( @{$t->table} ){
+    next unless $p->cmndline =~ m#^/usr/bin/qpsmtpd-forkserver#;
+    my $diff = time - $p->start;
+    # Process is more than 30 minutes old ?
+    if ($diff > 1800){
+        syslog('info', "Killing PID " . $p->pid . "(" . $p->cmndline . 
+            ") because it looks like a stalled qpsmtpd process");
+        $p->kill(9);
+    }
+}   
+closelog;
+

root/etc/cron.monthly/maillog-rotate

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+BCC=$(db configuration getprop qpsmtpd Bcc || echo 'disabled')
+ARCHIVE=$(db configuration getprop qpsmtpd ArchiveBcc || echo 'disabled')
+
+# Exit now if BCC is disabled
+if [ "$BCC" != "enabled" -o "$ARCHIVE" != "enabled" ]; then
+  exit 0
+fi
+
+USER=$(db configuration getprop qpsmtpd BccUser || echo 'maillog')
+HOME="/home/e-smith/files/users/$USER"
+
+MONTH=$(date +%m)
+YEAR=$(date +%Y)
+
+su - -s /bin/bash $USER -c "maildirmake -f $YEAR $HOME/Maildir"
+su - -s /bin/bash $USER -c "maildirmake -f $YEAR.$MONTH $HOME/Maildir"
+
+
+# Lock mail delivery
+chmod +t $HOME
+cd $HOME
+find Maildir/cur/ -type f | xargs -I __INPUT__ mv __INPUT__ Maildir/.$YEAR.$MONTH/cur/ 2>&1 > /dev/null
+find Maildir/new/ -type f | xargs -I __INPUT__ mv __INPUT__ Maildir/.$YEAR.$MONTH/new/ 2>&1 > /dev/null
+su - -s /bin/bash $USER -c "tar cjf $HOME/mails_$YEAR.$MONTH.tar.bz2 Maildir/.$YEAR.$MONTH/"
+su - -s /bin/bash $USER -c "rm -rf Maildir/.$YEAR.$MONTH/"
+# Unlock mail delivery
+chmod -t $HOME
+

root/etc/e-smith/db/accounts/defaults/scan/type

@@ -0,0 +1 @@
+ipstore

root/etc/e-smith/db/configuration/defaults/autofs/status

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/autofs/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/db/configuration/defaults/ipasserelle/LdapMailAlias

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/ipasserelle/LdapReverseGroups

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/ipasserelle/status

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/ipasserelle/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/db/configuration/defaults/ipmi/status

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/ipmi/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/events/actions/generate-email-sign

@@ -0,0 +1,129 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+#----------------------------------------------------------------------
+
+package esmith;
+
+use strict;
+use Errno;
+use esmith::ConfigDB;
+use esmith::AccountsDB;
+use esmith::templates;
+use User::pwent;
+use File::Path qw(mkpath);
+
+my $configdb = esmith::ConfigDB->open_ro or
+    die "Could not open configuration db\n";
+my $accountsdb = esmith::AccountsDB->open_ro or
+    die "Could not open accounts db\n";
+
+my $domain = $configdb->get('DomainName')->value();
+my $l = $configdb->get('ldap') or die 'Error reading ldap configuration';
+
+my $defCity = $l->prop('defaultCity') || '';
+my $defComp = $l->prop('defaultCompany') || '';
+my $defDep = $l->prop('defaultDepartment') || '';
+my $defTel = $l->prop('defaultPhoneNumber') || '';
+my $defStreet = $l->prop('defaultStreet') || '';
+
+my $event = shift;
+my $userName = shift;
+my @users;
+
+if (defined $userName)
+{
+    my $rec = $accountsdb->get($userName);
+    die 
+        "Account $userName is not a user account; signature generation failed.\n"
+        unless $userName eq 'admin' || ($rec && $rec->prop('type') eq "user");
+    @users = ($rec);
+}
+else
+{
+    @users = ( $accountsdb->users, $accountsdb->get('admin') );
+}
+
+foreach my $user (@users)
+{
+    $userName = $user->key;
+
+    setpwent();
+    my $home = getpwnam($userName)->dir;
+    my $uid = getpwnam($userName)->uid;
+    my $gid = getpwnam($userName)->gid;
+    my $dir = $home . '/home/signature';
+    mkpath "$dir";
+    chown $uid, $gid, $dir;
+
+    my $first = $user->prop('FirstName') || '';
+    my $last = $user->prop('LastName') || '';
+    my $mail = $user->prop('PreferredEmail') || "$userName\@$domain";
+    my $tel = $user->prop('Phone') || $defTel;
+    my $mob = $user->prop('Mobile') || '';
+    my $fax = $user->prop('Fax') || '';
+    my $func = $user->prop('Function1') || '';
+    my $func2 = $user->prop('Function2') || '';
+    my $func3 = $user->prop('Function3') || '';
+    my $func4 = $user->prop('Function4') || '';
+    my $comp = $user->prop('Company') || $defComp;
+    my $dep = $user->prop('Dept') || $defDep;
+    my $postalcode = $user->prop('PostalCode') || '';
+    my $street = $user->prop('Street') || $defStreet;
+    my $city = $user->prop('City') || $defCity;
+    my $url = $user->prop('Url') || '';
+    my $template = $user->prop('SignatureTemplate') || "email";
+
+    my $addr = "$street $postalcode $city";
+
+    $tel = ($tel eq '') ? '':"Tel: $tel";
+    $mob = ($mob eq '') ? '':"Mobile: $mob";
+    $fax = ($fax eq '') ? '':"Fax: $fax";
+    $url = ($url eq '') ? '':"Web: $url";
+
+    foreach my $ext (qw/txt html/){
+        open(R, '<', "/home/e-smith/files/shares/tools/files/templates_signatures/$template.$ext") ||
+            next;
+        open(W, '>', "$dir/email.$ext") || die "Error opening output file $dir/email.$ext\n";
+
+        foreach (<R>){
+            s/__NOM__/$last/g;
+            s/__PRENOM__/$first/g;
+            s/__EMAIL__/$mail/g;
+            s/__TEL__/$tel/g;
+            s/__MOBILE__/$mob/g;
+            s/__FAX__/$fax/g;
+            s/__FONCTION__/$func/g;
+            s/__FONCTION2__/$func2/g;
+            s/__FONCTION3__/$func3/g;
+            s/__FONCTION4__/$func4/g;
+            s/__SERVICE__/$dep/g;
+            s/__ENTREPRISE__/$comp/g;
+            s/__ADRESSE__/$addr/g;
+            s/__URL__/$url/g;
+            print W $_;
+        }
+        close R;
+        close W;
+    }
+}
+
+exit (0);
+

root/etc/e-smith/events/actions/ipasserelle-init-accounts

@@ -0,0 +1,130 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 2010 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use esmith::util;
+use esmith::AccountsDB;
+
+my $a = esmith::AccountsDB->open() or die "Couldn't open AccountsDB\n";
+
+# Check user fws
+my $fws = $a->get("fws");
+
+if (!$fws){
+    $a->new_record("fws", {
+        type           => 'user',
+        FirstName      => 'Firewall',
+        LastName       => 'Services',
+        Phone          => '0556641532',
+        EmailForward   => 'forward',
+        ForwardAddress => 'sme6admin@firewall-services.com',
+        Company        => 'Firewall-Services',
+        City           => 'Martillac',
+        Dept           => 'Administration',
+        Removable      => 'no'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "user-create", "fws") == 0 ){
+        die "Failed to create user account fws\n";
+    }
+}
+
+# Check user maillog
+my $maillog = $a->get("maillog");
+
+if (!$maillog){
+    $a->new_record("maillog", {
+        type           => 'user',
+        FirstName      => 'Mail',
+        LastName       => 'Log',
+        EmailForward   => 'local',
+        Removable      => 'no'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "user-create", "maillog") == 0 ){
+        die "Failed to create user account maillog\n";
+    }
+}
+
+# Check user scan
+my $scan = $a->get("scanner");
+
+if (!$scan){
+    $a->new_record("scanner", {
+        type           => 'user',
+        FirstName      => 'Network',
+        LastName       => 'Scan',
+        EmailForward   => 'local',
+        Removable      => 'no'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "user-create", "scanner") == 0 ){
+        die "Failed to create user account scanner\n";
+    }
+}
+
+# Check group mailadmin
+my $mailadm =  $a->get("mailadmin");
+
+if (!$mailadm){
+    $a->new_record("mailadmin", {
+        type    => 'group',
+        Description => 'Mail Admins',
+        Members => 'fws',
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "group-create", "mailadmin") == 0 ){
+        die "Failed to create group mailadmin\n";
+    }
+}
+
+# Check group admins
+my $admins =  $a->get("admins");
+
+if (!$admins){
+    $a->new_record("admins", {
+        type    => 'group',
+        Description => 'Domain Admins',
+        Members => 'fws',
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "group-create", "admins") == 0 ){
+        die "Failed to create group admins\n";
+    }
+}
+
+# Check group equipe
+my $equipe =  $a->get("equipe");
+
+if (!$equipe){
+    $a->new_record("equipe", {
+        type    => 'group',
+        Description => 'Utilisateurs internes',
+        Members => '',
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "group-create", "equipe") == 0 ){
+        die "Failed to create group admins\n";
+    }
+}
+

root/etc/e-smith/events/actions/ipasserelle-init-domains

@@ -0,0 +1,52 @@
+#!/usr/bin/perl -w
+#----------------------------------------------------------------------
+# copyright (C) 2010-2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use strict;
+use warnings;
+use esmith::DomainsDB;
+use esmith::ConfigDB;
+
+my $d = esmith::DomainsDB->open or die "Couldn't open DomainsDB\n";
+my $c = esmith::ConfigDB->open_ro() or die "Couldn't open ConfigDB\n";
+
+my $domain = $c->get('DomainName')->value;
+my $vhost;
+
+$vhost = $d->get("extranet.$domain");
+
+if (!$vhost){
+    $d->new_record("extranet.$domain",{
+        type         => 'domain',
+        Content      => 'Primary',
+        Description  => "Extranet",
+        Nameservers  => 'internet',
+        TemplatePath => 'WebAppVirtualHost',
+        DocumentRoot => '/home/e-smith/files/shares/extranet/files',
+        Removable    => 'yes',
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "domain-create", "extranet.$domain") == 0 ){
+        die "Failed to create domain extranet.$domain\n";
+    }
+}
+

root/etc/e-smith/events/actions/ipasserelle-init-shares

@@ -0,0 +1,95 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 2010 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use esmith::util;
+use esmith::AccountsDB;
+
+my $a = esmith::AccountsDB->open() or die "Couldn't open AccountsDB\n";
+
+# Check share intranet
+my $intranet = $a->get("intranet");
+
+if (!$intranet){
+    $a->new_record("intranet", {
+        type           => 'share',
+        Name           => 'Partage Commun',
+        WriteGroups    => 'admins,equipe',
+        smbAccess      => 'browseable',
+        httpAccess     => 'none',
+        RecycleBin     => 'disabled'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "share-create", "intranet") == 0 ){
+        die "Failed to create share intranet\n";
+    }
+}
+
+# Check share extranet
+my $extranet = $a->get("extranet");
+
+if (!$extranet){
+    $a->new_record("extranet", {
+        type           => 'share',
+        Name           => 'Partage Externe',
+        WriteGroups    => 'admins,equipe',
+        smbAccess      => 'browseable',
+        httpAccess     => 'global',
+        RequireSSL     => 'disabled',
+        Indexes        => 'enabled',
+        DynamicContent => 'disabled',
+        RecycleBin     => 'disabled'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "share-create", "extranet") == 0 ){
+        die "Failed to create share extranet\n";
+    }
+}
+
+# Check share tools
+my $tools = $a->get('tools');
+
+if (!$tools){
+    $a->new_record("tools", {
+        type           => 'share',
+        Name           => 'Outils iPasserelle',
+        WriteGroups    => 'admins',
+        ReadGroups     => 'equipe',
+        smbAccess      => 'non-browseable',
+        httpAccess     => 'local',
+        RequireSSL     => 'disabled',
+        Indexes        => 'enabled',
+        DynamicContent => 'disabled',
+        RecycleBin     => 'disabled'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "share-create", "tools") == 0 ){
+        die "Failed to create share tools\n";
+    }
+}
+else{
+    unless ( system("/sbin/e-smith/signal-event", "share-modify-files", "tools") == 0 ){
+        die "Failed to modify share tools\n";
+    }
+}
+

root/etc/e-smith/events/actions/ldap-update-info

@@ -0,0 +1,95 @@
+#!/usr/bin/perl -w
+
+package esmith;
+
+use strict;
+use Errno;
+use esmith::ConfigDB;
+use esmith::AccountsDB;
+use esmith::util;
+use Net::LDAP;
+use File::Temp;
+
+my $c = esmith::ConfigDB->open_ro;
+my $a = esmith::AccountsDB->open_ro;
+
+my $ldapauth = $c->get('ldap')->prop('Authentication') || 'disabled';
+my $x = 0; # exit value
+
+my $l = $c->get('ldap');
+my $status = $l->prop('status') || "disabled";
+unless ($status eq "enabled" )
+{
+    warn "Not running action script $0, LDAP service not enabled!\n";
+    exit(0);
+}
+
+my $domain = $c->get('DomainName')
+    || die("Couldn't determine domain name");
+$domain = $domain->value;
+
+my @accounts;
+my $account;
+my $event = shift || die "Event name is missing\n";
+if ($event eq 'ldap-update' or
+    $event eq 'bootstrap-ldap-save')
+{
+    @accounts = ($a->users);
+    push(@accounts, $a->get('admin'));
+}
+else
+{
+    my @name = @ARGV;
+    die "Account name argument missing." unless scalar (@name) >= 1;
+
+    foreach my $name (@name)
+    {
+        $account = $a->get($name);
+        die "Account $name not found.\n" unless defined $account;
+
+        push @accounts, $account;
+    }
+}
+
+foreach my $acc (@accounts){
+    my $user = $acc->key;
+    my $postalcode = $acc->prop('PostalCode') || '';
+    my $mobile = $acc->prop('Mobile') || '';
+    my $extension = $acc->prop('Extension') || '';
+    my $fax = $acc->prop('Fax') || '';
+    my $function1 = $acc->prop('Function1') || '';
+    my $function2 = $acc->prop('Function2') || '';
+    my $function3 = $acc->prop('Function3') || '';
+    my $function4 = $acc->prop('Function4') || '';
+    my $initials = $acc->prop('Initials') || '';
+    my $dshell = $acc->prop('DesktopShell') || '';
+    my $preferredemail = $acc->prop('PreferredEmail') || '';
+    $preferredemail = "$user\@$domain" if ($preferredemail eq '');
+
+    my $tmpattr = File::Temp->new();
+    print $tmpattr "postalCode: $postalcode\n";
+    print $tmpattr "mobile: $mobile\n";
+    print $tmpattr "extensionNumber: $extension\n";
+    print $tmpattr "facsimileTelephoneNumber: $fax\n";
+    print $tmpattr "title: $function1\n" if ($function1 ne '');
+    print $tmpattr "title: $function2\n" if ($function2 ne '');
+    print $tmpattr "title: $function3\n" if ($function3 ne '');
+    print $tmpattr "title: $function4\n" if ($function4 ne '');
+    # remove the emplyeeType attr if all 4 functions are empty
+    if ($function1 eq '' &&
+        $function2 eq '' &&
+        $function3 eq '' &&
+        $function4 eq ''){
+        print $tmpattr "title: \n";
+    }
+    print $tmpattr "initials: $initials\n";
+    print $tmpattr "desktopLoginShell: $dshell\n";
+    print $tmpattr "preferredMail: $preferredemail\n";
+    $tmpattr->flush();
+
+    system("/usr/sbin/cpu", "usermod", "-a", "$tmpattr", $user) == 0
+        or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify ldap informations for account $user.\n" );
+    undef $tmpattr;
+}
+
+exit ($x);

root/etc/e-smith/events/actions/private-cacert

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Copy PHPki CAcert in the global cert store
+# and run c_rehash
+
+if [ ! -e /etc/pki/tls/certs/cacert.pem -a -e /opt/phpki/phpki-store/CA/certs/cacert.pem ]; then
+  cp /opt/phpki/phpki-store/CA/certs/cacert.pem /etc/pki/tls/certs/cacert.pem
+  chmod 644 /etc/pki/tls/certs/cacert.pem
+  c_rehash /etc/pki/tls/certs/
+fi
+

root/etc/e-smith/events/actions/share-modify-scan

@@ -0,0 +1,46 @@
+#!/usr/bin/perl -w
+
+package esmith;
+use File::Path qw(mkpath rmtree);
+use esmith::AccountsDB;
+
+my $a = esmith::AccountsDB->open_ro();
+
+$ENV{'PATH'} = "/bin";
+my $setfacl = "/usr/bin/setfacl";
+
+my $event = $ARGV [0];
+my $name = $ARGV [1];
+
+if ($event eq 'user-create'){
+    mkpath "/home/e-smith/files/scan/$name";
+    system ("$setfacl",
+            '-m',
+            "u:scanner:w,u:$name:rwX,d:u:$name:rw",
+            '--',
+            "/home/e-smith/files/scan/$name");
+}
+elsif ($event eq 'user-delete'){
+    rmtree "/home/e-smith/files/scan/$name";
+}
+else {
+    system ("$setfacl",
+            '-R',
+            '--remove-all',
+            '--remove-default',
+            '--',
+            "/home/e-smith/files/scan/");
+
+    foreach ($a->users,$a->get('admin')){
+        my $name = $_->key;
+        mkdir "/home/e-smith/files/scan/$name", 0700
+            unless (-d "/home/e-smith/files/scan/$name");
+        system ("$setfacl",
+                '-m',
+                "u:scanner:rwX,u:$name:rwX,d:u:$name:rwX",
+                '--',
+                "/home/e-smith/files/scan/$name");
+    }
+}
+
+exit (0);

root/etc/e-smith/events/actions/update-ldap-pseudonyms

@@ -0,0 +1,149 @@
+#!/usr/bin/perl -w
+ 
+#----------------------------------------------------------------------
+# copyright (C) 20102011 Firewall Services
+# dani@firewall-services.com
+#               
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#               
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#               
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+#----------------------------------------------------------------------
+
+package esmith;
+
+use strict;
+use Errno;
+use esmith::ConfigDB;
+use esmith::AccountsDB;
+use esmith::util;
+use List::MoreUtils qw(uniq);
+use Net::LDAP;
+use Encode;
+use Text::Unaccent::PurePerl qw(unac_string);
+
+my $c = esmith::ConfigDB->open_ro;
+my $a = esmith::AccountsDB->open_ro;
+
+my $i = $c->get('ipasserelle');
+my $ip = $i->prop('status') || 'disabled';
+my $alias = $i->prop('LdapMailAlias') || 'disabled';
+
+if (($ip eq 'disabled') || ($alias eq 'disabled')){
+    exit (0);
+}
+    
+my $l = $c->get('ldap');
+my $status = $l->prop('status') || "disabled";
+unless ($status eq "enabled" )
+{   
+    warn "Not running action script $0, LDAP service not enabled!\n";
+    exit(0);
+}
+
+my $hostname = $c->get('SystemName')
+    || die("Couldn't determine system name");
+$hostname = $hostname->value;
+
+my $domain = $c->get('DomainName')
+    || die("Couldn't determine domain name");
+$domain = $domain->value;
+    
+my @accounts; 
+my $account;
+my $event = shift || die "Event name must be specified";
+if ($event eq 'ldap-update' or
+    $event eq 'bootstrap-ldap-save' or
+    $event =~ m/(pseudonym)\-(create|modify|delete)/)
+{
+    @accounts = ($a->users,$a->groups);
+    push(@accounts, $a->get('admin'));
+}
+else
+{
+    my @name = @ARGV;
+    die "Account name argument missing." unless scalar (@name) >= 1;
+
+    foreach my $name (@name)
+    {
+        $account = $a->get($name);
+        die "Account $name not found.\n" unless defined $account;
+
+        push @accounts, $account;
+    }
+}
+
+my $base = esmith::util::ldapBase ($domain);
+my $pw = esmith::util::LdapPassword();
+
+my $ldap = Net::LDAP->new('localhost')
+    or die "$@";
+
+$ldap->bind(
+    dn => "cn=root,$base",
+    password => $pw
+);
+
+my $result;
+foreach my $acct (@accounts)
+{
+    my $key = $acct->key;
+
+    my @pseudo = ("$key");
+
+    foreach my $pseudo ($a->pseudonyms){
+        push (@pseudo, $pseudo->key) if ($pseudo->prop('Account') eq $key);
+    }
+    # Do another loop to include pseudonyms of pseudonyms
+    foreach my $pseudo ($a->pseudonyms){
+        push (@pseudo, $pseudo->key) if (
+            grep { $_ eq $pseudo->prop('Account') } @pseudo
+        );
+    }
+
+    # Include AltEmailX addresses
+    foreach my $alt qw(1 2 3 4){
+        push (@pseudo, $acct->prop('AltEmail' . $alt)) if (
+            ($acct->prop('AltEmail' . $alt) || '') ne ''
+        );
+    }
+
+    # Put PreferredMail at the top of the list
+    @pseudo = ($acct->prop('PreferredEmail'), @pseudo) if (
+        ($acct->prop('PreferredEmail') || '') ne ''
+    );
+
+    my @alias = ();
+    foreach (@pseudo){
+        $_ = $_ . "\@$domain" if $_ !~ /\@/;
+        push (@alias, unac_string(decode('utf-8',$_)));
+    }
+    @alias = uniq(@alias);
+
+    my $ou = 'Users';
+    my $dn = 'uid';
+    if ($acct->prop('type') eq 'group'){
+        $ou = "Groups";
+        $dn = "cn";
+    }
+    $result = $ldap->modify(
+                     "$dn=$key,ou=$ou,$base",
+                         replace => {
+                             mail => \@alias
+                         }
+              );
+    $result->code && warn "failed to modify entry $dn=$key,ou=$ou,$base: ", $result->error;
+}
+
+$ldap->unbind;
+

root/etc/e-smith/events/actions/update-reverse-group

@@ -0,0 +1,140 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 2010 Firewall Services
+# dani@firewall-services.com
+#               
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#               
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#               
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from e-smith, inc.
+# For details, please visit our web site at www.e-smith.com or
+# call us on 1 888 ESMITH 1 (US/Canada toll free) or +1 613 564 8000
+#----------------------------------------------------------------------
+
+package esmith;
+
+use strict;
+use Errno;
+use esmith::ConfigDB;
+use esmith::AccountsDB;
+use esmith::util;
+use Net::LDAP;
+
+my $c = esmith::ConfigDB->open_ro;
+my $a = esmith::AccountsDB->open_ro;
+
+my $i = $c->get('ipasserelle');
+my $ip = $i->prop('status') || 'disabled';
+my $reverse = $i->prop('LdapReverseGroups') || 'disabled';
+
+if (($ip eq 'disabled') || ($reverse eq 'disabled')){
+    exit (0);
+}
+
+my $l = $c->get('ldap');
+my $status = $l->prop('status') || "disabled";
+unless ($status eq "enabled" )
+{
+    warn "Not running action script $0, LDAP service not enabled!\n";
+    exit(0);
+}
+
+my $hostname = $c->get('SystemName')
+    || die("Couldn't determine system name");
+$hostname = $hostname->value;
+
+my $domain = $c->get('DomainName')
+    || die("Couldn't determine domain name");
+$domain = $domain->value;
+
+my @accounts;
+my $account;
+my $event = shift || die "Event name must be specified";
+if ($event eq 'ldap-update' or
+    $event eq 'bootstrap-ldap-save' or
+    $event =~ m/group\-(create|modify|delete)/)
+{
+    @accounts = ($a->users);
+    push(@accounts, $a->get('admin'));
+}
+else
+{
+    my @name = @ARGV;
+    die "Account name argument missing." unless scalar (@name) >= 1;
+
+    foreach my $name (@name)
+    {
+        $account = $a->get($name);
+        die "Account $name not found.\n" unless defined $account;
+        my $type = $account->prop('type') || "unknown";
+
+        die "Account $name is not a user account; update LDAP entry failed.\n"
+            unless ($type eq 'user' or $name eq 'admin');
+        push @accounts, $account;
+    }
+}
+
+my $base = esmith::util::ldapBase ($domain);
+my $pw = esmith::util::LdapPassword();
+
+my $ldap = Net::LDAP->new('localhost')
+    or die "$@";
+
+$ldap->bind(
+    dn => "cn=root,$base",
+    password => $pw
+);
+
+my $result;
+foreach my $acct (@accounts)
+{
+    my $key = $acct->key;
+
+    # Ensure this account has the iPasserelleUser objectclass
+    $result = $ldap->search(
+                            base   => "ou=Users,". $base,
+                            scope  => 'sub',
+                            filter => "uid=$key"
+                             );
+    $result->code && warn "Error looking for entry uid=$key,ou=Users,$base: ", $result->error;
+    my @oc = ();
+    foreach my $entry ($result->all_entries()){
+        push @oc, $entry->get_value('objectClass');
+    }
+
+    push @oc, 'iPasserelleUser' unless (grep { $_ =~ /iPasserelleUser/i } @oc);
+
+    $result = $ldap->modify(
+                     "uid=$key,ou=Users,$base",
+                         replace => {
+                             objectClass => \@oc
+                         }
+              );
+    $result->code && warn "failed to modify entry uid=$key,ou=Users,$base: ", $result->error;
+
+
+    my @groups = $a->user_group_list($key);
+
+    $result = $ldap->modify(
+                     "uid=$key,ou=Users,$base",
+                         replace => {
+                             posixMemberOf => \@groups
+                         }
+              );
+    $result->code && warn "failed to modify entry uid=$key,ou=Users,$base: ", $result->error;
+}
+
+$ldap->unbind;
+

root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo

@@ -0,0 +1,102 @@
+<lexicon lang="fr">
+    <entry>
+        <base>User Informations</base>
+        <trans>Informations Utilisateurs</trans>
+    </entry>
+    <entry>
+        <base>FORM_TITLE</base>
+        <trans>Informations Utilisateurs</trans>
+    </entry>
+    <entry>
+        <base>FIRSTPAGE_DESC</base>
+        <trans>Cette page vous permet de modifier certaines informations liées aux utiliseurs. Ces informations seront publiées dans l'annuaire LDAP.</trans>
+    </entry>
+    <entry>
+        <base>USER_MODIFIED</base>
+        <trans>Utilisateur modifié avec succès</trans>
+    </entry>
+    <entry>
+        <base>CANNOT_MODIFY_USER</base>
+        <trans>Une erreur est survenue lors de la modification de l'utilisateur.</trans>
+    </entry>
+    <entry>
+        <base>MODIFY_DESC</base>
+        <trans>Modification des informations de l'utilisateur</trans>
+    </entry>
+    <entry>
+        <base>FIRSTNAME</base>
+        <trans>Prénom</trans>
+    </entry>
+    <entry>
+        <base>LASTNAME</base>
+        <trans>Nom</trans>
+    </entry>
+    <entry>
+        <base>DEPARTMENT</base>
+        <trans>Service</trans>
+    </entry>
+    <entry>
+        <base>COMPANY</base>
+        <trans>Société</trans>
+    </entry>
+    <entry>
+        <base>STREET_ADDRESS</base>
+        <trans>Adresse</trans>
+    </entry>
+    <entry>
+        <base>POSTAL_CODE</base>
+        <trans>Code postal</trans>
+    </entry>
+    <entry>
+        <base>CITY</base>
+        <trans>Ville</trans>
+    </entry>
+    <entry>
+        <base>PHONE_NUMBER</base>
+        <trans>Téléphone</trans>
+    </entry>
+    <entry>
+        <base>MOBILE_NUMBER</base>
+        <trans>Téléphone portable</trans>
+    </entry>
+    <entry>
+        <base>EXTENSION_NUMBER</base>
+        <trans>Téléphone interne</trans>
+    </entry>
+    <entry>
+        <base>FAX_NUMBER</base>
+        <trans>Fax</trans>
+    </entry>
+    <entry>
+        <base>FUNCTION</base>
+        <trans>Fonction</trans>
+    </entry>
+    <entry>
+        <base>INITIALS</base>
+        <trans>Initiales</trans>
+    </entry>
+    <entry>
+        <base>ALT_EMAIL</base>
+        <trans>Adresse Email alternative</trans>
+    </entry>
+    <entry>
+        <base>PREFERRED_EMAIL</base>
+        <trans>Adresse Email préférée</trans>
+    </entry>
+    <entry>
+        <base>BAD_SYNTAX</base>
+        <trans>Erreur de syntaxe</trans>
+    </entry>
+    <entry>
+        <base>URL</base>
+        <trans>Site web</trans>
+    </entry>
+    <entry>
+        <base>SHELL</base>
+        <trans>Shell de connexion au serveur</trans>
+    </entry>
+    <entry>
+        <base>DESKTOP_SHELL</base>
+        <trans>Shell de connexion aux postes de travail</trans>
+    </entry>
+</lexicon>

root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userpanel-viewgroups

@@ -0,0 +1,30 @@
+<lexicon lang="fr">
+    <entry>
+        <base>FORM_TITLE</base>
+        <trans>Liste des groupes d'utilisateurs</trans>
+    </entry>
+    <entry>
+        <base>CURRENT_LIST</base>
+        <trans>Liste des groupes existants</trans>
+    </entry>
+    <entry>
+        <base>VIEWGROUPS</base>
+        <trans>Liste des groupes d'utilisateurs</trans>
+    </entry>
+    <entry>
+        <base>VIEW</base>
+        <trans>Détails</trans>
+    </entry>
+    <entry>
+        <base>VIEW_USER_GROUP</base>
+        <trans>Détails du groupe</trans>
+    </entry>
+    <entry>
+        <base>GROUP_DESC</base>
+        <trans>Description</trans>
+    </entry>
+    <entry>
+        <base>GROUP_MAIL</base>
+        <trans>Adresses mail du groupe</trans>
+    </entry>
+</lexicon>

root/etc/e-smith/templates-custom/etc/syslog.conf/local5

@@ -0,0 +1,2 @@
+local5.=notice					-/var/log/smb_audit.log
+local5.*;local5.!=notice			-{ "${messages}" }

root/etc/e-smith/templates/etc/cpu.conf/16iPasserelleObjectClass

@@ -0,0 +1,6 @@
+{
+
+push @userObjectClass, 'iPasserelleUser';
+$OUT .= '';
+
+}

root/etc/e-smith/templates/etc/cron.hourly/qmail-notify/10All

@@ -0,0 +1,3 @@
+#!/bin/sh
+exec qmail-notify -r -m -f /var/qmail/control/queuenotifymsg
+

root/etc/e-smith/templates/etc/mail/spamassassin/local.cf/00setup

@@ -0,0 +1,10 @@
+{
+
+# Work arround a bug with some locales
+# See http://bugs.contribs.org/show_bug.cgi?id=4644
+
+use POSIX;
+setlocale LC_ALL, 'en_US';
+$OUT .= '';
+
+}

root/etc/e-smith/templates/etc/my.cnf/035openfiles

@@ -0,0 +1 @@
+open_files_limit = 4096

root/etc/e-smith/templates/etc/openldap/slapd.conf/10schema99iPasserelle

@@ -0,0 +1 @@
+include         /etc/openldap/schema/ipasserelle.schema

root/etc/e-smith/templates/etc/openldap/slapd.conf/90indexes99iPasserelle

@@ -0,0 +1,2 @@
+index   posixMemberOf                               eq
+index   preferredMail                               eq,subinitial

root/etc/e-smith/templates/etc/smb.conf/91scan

@@ -0,0 +1,16 @@
+[scan]
+comment = Scan Reseau
+path = /home/e-smith/files/scan/
+read only = no
+writable = yes
+printable = no
+browseable = no
+inherit permissions = yes
+create mode = 0660
+vfs objects = full_audit
+  full_audit:priority=notice
+  full_audit:success=opendir mkdir rmdir open write rename unlink
+  full_audit:failure=connect
+  full_audit:facility=local5
+  full_audit:prefix=%u|%I|%m|%S
+

root/etc/e-smith/templates/etc/squid/squid.conf/20ACL45yum

@@ -0,0 +1,6 @@
+
+acl yum url_regex repomd\.xml$
+acl yum url_regex sqlite\.bz2$
+acl yum url_regex xml\.gz$
+cache deny yum
+

root/etc/e-smith/templates/etc/squid/squid.conf/95cache

@@ -0,0 +1,5 @@
+
+cache_dir aufs /var/spool/squid {($squid{'CacheSize'} || '2000')} 16 256
+maximum_object_size {($squid{'MaxObjectSize'} || '15')} MB
+cache_mem {($squid{'CacheMemSize'} || '100')} MB
+

root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor

@@ -0,0 +1,6 @@
+
+acl localhost src 127.0.0.1
+follow_x_forwarded_for allow localhost
+forwarded_for off
+header_access X-Forwarded-For deny all
+

root/etc/e-smith/templates/etc/sysconfig/raid-check/10All

@@ -0,0 +1 @@
+ENABLED=no

root/etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/10greylisting

@@ -0,0 +1,5 @@
+{
+    my $grey = $qpsmtpd{'GreyListing'} || 'disabled';
+    return '' unless ($grey eq 'enabled');
+    return "greylisting black_timeout 60 db_dir /var/lib/qpsmtpd/greylisting sender";
+}

root/etc/e-smith/web/functions/userinfo

@@ -0,0 +1,148 @@
+#!/usr/bin/perl -wT
+
+# vim: ft=xml ts=4 sw=4 et:
+#----------------------------------------------------------------------
+# heading     : Collaboration
+# description : User Informations
+# navigation  : 2000 2100
+#----------------------------------------------------------------------
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use strict;
+use esmith::TestUtils;
+use esmith::FormMagick::Panel::userinfo;
+
+my $fm = esmith::FormMagick::Panel::userinfo->new();
+
+use CGI;
+my $q = new CGI;
+$fm->display();
+
+__DATA__
+<form title="FORM_TITLE" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
+    <page name="First" pre-event="print_status_message()">
+        <description>FIRSTPAGE_DESC</description>
+        <subroutine src="print_user_table()" />
+    </page>
+    <page name="Modify" pre-event="turn_off_buttons()" post-event="modify_user()">
+        <description>MODIFY_DESC</description>
+        <field type="text" size="30" id="FirstName" validation="nonblank, pseudonym_clash"
+            value="get_ldap_value('FirstName')">
+            <label>FIRSTNAME</label>
+        </field>
+        <field type="text" size="30" id="LastName" validation="nonblank"
+            value="get_ldap_value('LastName')">
+            <label>LASTNAME</label>
+        </field>
+        <field type="text" size="30" id="Dept" 
+            value="get_ldap_value('Dept')">
+            <label>DEPARTMENT</label>
+        </field>
+        <field type="text" size="30" id="Company"
+            value="get_ldap_value('Company')">
+            <label>COMPANY</label>
+        </field>
+        <field type="text" size="30" id="Street"
+            value="get_ldap_value('Street')">
+            <label>STREET_ADDRESS</label>
+        </field>
+        <field type="text" size="30" id="PostalCode" validation="numbers_or_empty"
+            value="get_ldap_value('PostalCode')">
+            <label>POSTAL_CODE</label>
+        </field>
+        <field type="text" size="30" id="City"
+            value="get_ldap_value('City')">
+            <label>CITY</label>
+        </field>
+        <field type="text" size="30" id="Phone" validation="numbers_or_empty"
+            value="get_ldap_value('Phone')">
+            <label>PHONE_NUMBER</label>
+        </field>
+        <field type="text" size="30" id="Mobile" validation="numbers_or_empty"
+            value="get_ldap_value('Mobile')">
+            <label>MOBILE_NUMBER</label>
+        </field>
+        <field type="text" size="30" id="Extension"
+            value="get_ldap_value('Extension')">
+            <label>EXTENSION_NUMBER</label>
+        </field>
+        <field type="text" size="30" id="Fax" validation="numbers_or_empty"
+            value="get_ldap_value('Fax')">
+            <label>FAX_NUMBER</label>
+        </field>
+        <field type="text" size="30" id="Function1"
+            value="get_ldap_value('Function1')">
+            <label>FUNCTION</label>
+        </field>
+        <field type="text" size="30" id="Function2"
+            value="get_ldap_value('Function2')">
+            <label>FUNCTION</label>
+        </field>
+        <field type="text" size="30" id="Function3"
+            value="get_ldap_value('Function3')">
+            <label>FUNCTION</label>
+        </field>
+        <field type="text" size="30" id="Function4"
+            value="get_ldap_value('Function4')">
+            <label>FUNCTION</label>
+        </field>
+        <field type="text" size="30" id="Initials"
+            value="get_ldap_value('Initials')">
+            <label>INITIALS</label>
+        </field>
+        <field type="text" size="30" id="AltEmail1" validation="email_or_empty"
+            value="get_ldap_value('AltEmail1')">
+            <label>ALT_EMAIL</label>
+        </field>
+        <field type="text" size="30" id="AltEmail2" validation="email_or_empty"
+            value="get_ldap_value('AltEmail2')">
+            <label>ALT_EMAIL</label>
+        </field>
+        <field type="text" size="30" id="AltEmail3" validation="email_or_empty"
+            value="get_ldap_value('AltEmail3')">
+            <label>ALT_EMAIL</label>
+        </field>
+        <field type="text" size="30" id="AltEmail4" validation="email_or_empty"
+            value="get_ldap_value('AltEmail4')">
+            <label>ALT_EMAIL</label>
+        </field>
+        <field type="text" size="30" id="PreferredEmail" validation="email_or_empty"
+            value="get_ldap_value('PreferredEmail')">
+            <label>PREFERRED_EMAIL</label>
+        </field>
+        <field type="text" size="30" id="Url"
+            value="get_ldap_value('Url')" validation="url_or_empty">
+            <label>URL</label>
+        </field>
+        <field type="text" size="30" id="Shell"
+            value="get_ldap_value('Shell')">
+            <label>SHELL</label>
+        </field>
+        <field type="text" size="30" id="DesktopShell"
+            value="get_ldap_value('DesktopShell')">
+            <label>DESKTOP_SHELL</label>
+        </field>
+        <subroutine src="print_save_button()" />
+    </page>
+</form>
+

root/etc/e-smith/web/functions/userpanel-viewgroups

@@ -0,0 +1,56 @@
+#!/usr/bin/perl -wT
+
+# vim: ft=xml ts=4 sw=4 et:
+#----------------------------------------------------------------------
+# heading     : Collaboration
+# description : VIEWGROUPS
+# navigation  : 2000 2200
+#----------------------------------------------------------------------
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#               
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#               
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+
+use strict;
+use esmith::FormMagick::Panel::userpanelViewgroups;
+my $f = esmith::FormMagick::Panel::userpanelViewgroups->new();
+$f->display();
+
+__DATA__
+<form title="FORM_TITLE"  header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
+    <page name="First" pre-event="turn_off_buttons()">
+        <subroutine src="show_initial()"/>
+    </page>
+    <page name="ViewGroup" pre-event="turn_off_buttons()">
+        <title>VIEW_USER_GROUP</title>
+        <field type="literal" id="groupName" value="$q->param('groupName')">
+            <label>GROUP_NAME</label>
+        </field>
+        <field type="literal" id="groupDesc" value="get_description()">
+            <label>GROUP_DESC</label>
+        </field>
+        <field type="literal" id="groupMail" value="get_group_mail()">
+            <label>GROUP_MAIL</label>
+        </field>
+        <subroutine src="genUsers()"/>
+    </page>
+</form>
+

root/etc/logrotate.d/samba-audit

@@ -0,0 +1,8 @@
+/var/log/smb_audit.log {
+    rotate 360
+    daily
+    compress
+    missingok
+    notifempty
+    copytruncate
+}

root/etc/openldap/schema/ipasserelle.schema

@@ -0,0 +1,26 @@
+attributetype ( 1.3.6.1.4.1.37518.1.1.2.1 NAME 'posixMemberOf'
+        EQUALITY caseExactIA5Match
+        SUBSTR caseExactIA5SubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.37518.1.1.2.2 NAME 'preferredMail'
+        EQUALITY caseIgnoreIA5Match
+        SUBSTR caseIgnoreIA5SubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} 
+        SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.37518.1.1.2.3 NAME 'extensionNumber'
+        DESC 'Internal Telephone Number'
+        EQUALITY telephoneNumberMatch
+        SUBSTR telephoneNumberSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
+
+attributetype ( 1.3.6.1.4.1.37518.1.1.2.4 NAME 'desktopLoginShell'
+        DESC 'The path to the login shell for desktop machines'
+        EQUALITY caseExactIA5Match
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+objectclass ( 1.3.6.1.4.1.37518.1.1.1.1 NAME 'iPasserelleUser'
+        DESC 'iPasserelle User'
+        SUP top AUXILIARY
+        MAY ( posixMemberOf $ preferredMail $ extensionNumber $ desktopLoginShell))

root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userinfo.pm

@@ -0,0 +1,244 @@
+#!/usr/bin/perl -w 
+
+#---------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#----------------------------------------------------------------------
+package    esmith::FormMagick::Panel::userinfo;
+
+use strict;
+
+use esmith::FormMagick;
+use esmith::AccountsDB;
+use esmith::ConfigDB;
+use esmith::cgi;
+use esmith::util;
+use File::Basename;
+use Exporter;
+use Carp qw(verbose);
+
+our @ISA = qw(esmith::FormMagick Exporter);
+
+our @EXPORT = qw(
+    print_user_table
+    get_ldap_value
+    print_save_button
+    get_prop
+);
+
+our $accountdb = esmith::AccountsDB->open();
+our $configdb = esmith::ConfigDB->open();
+
+sub new {
+    shift;
+    my $self = esmith::FormMagick->new();
+    $self->{calling_package} = (caller)[0];
+    bless $self;
+    return $self;
+}
+
+sub print_user_table {
+    my $self = shift;
+    my $q = $self->{cgi};
+    my $account = $self->localise('ACCOUNT');
+    my $acctName = $self->localise('USER_NAME');
+
+    my $modify  = $self->localise('MODIFY');
+
+    my @users = $accountdb->get('admin');
+    push @users, $accountdb->users();
+
+    unless ( scalar @users )
+    {   
+        print $q->Tr($q->td($self->localise('NO_USER_ACCOUNTS')));
+        return "";
+    }
+    print "  <tr>\n    <td colspan=\"2\">\n      ";
+    print $q->start_table ({-CLASS => "sme-border"}),"\n        ";
+    print $q->Tr(
+        esmith::cgi::genSmallCell($q, $self->localise($account),"header"),
+        esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"),
+        esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4));
+
+    my $scriptname = basename($0);
+    my $index=0;
+
+    foreach my $u (@users) {
+        my $username = $u->key();
+        my $first    = $u->prop('FirstName');
+        my $last     = $u->prop('LastName');
+
+        my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&Next=Next&action=modify&wherenext=Modify\">$modify</a>";
+
+        print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal"),"        ",
+        esmith::cgi::genSmallCell($q, "$first $last","normal"),"        ",
+        esmith::cgi::genSmallCell($q, "$action1","normal"));
+    }
+
+    print qq(</table></td></tr>\n);
+
+    return "";
+}
+
+sub get_ldap_value {
+    my ($self, $field) = @_;
+
+    my $user = $self->{cgi}->param('acctName');
+
+    return $accountdb->get("$user")->prop("$field") || '';
+}
+
+sub print_save_button {
+
+    my ($self) = @_;
+
+    my $cgi = $self->{cgi};
+
+    $self->print_button("SAVE");
+}
+
+sub modify_user {
+    my ($self) = @_;
+    my $acctName = $self->{cgi}->param('acctName');
+
+    unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]*)$/)) {
+        return $self->error($self->localise('TAINTED_USER',
+            { acctName => $acctName }));
+    }
+    # Untaint the username before use in system()
+    $acctName = $1;
+
+    my $acct = $accountdb->get($acctName);
+    my $acctType = $acct->prop('type');
+
+    if ($acctType eq "user" || $acctName eq 'admin')
+    {
+        $accountdb->remove_user_auto_pseudonyms($acctName);
+        my %newProperties = (
+            'FirstName'      => $self->{cgi}->param('FirstName'),
+            'LastName'       => $self->{cgi}->param('LastName'),
+            'Phone'          => $self->{cgi}->param('Phone'),
+            'Company'        => $self->{cgi}->param('Company'),
+            'Dept'           => $self->{cgi}->param('Dept'),
+            'City'           => $self->{cgi}->param('City'),
+            'Street'         => $self->{cgi}->param('Street'),
+            'PostalCode'     => $self->{cgi}->param('PostalCode'),
+            'Mobile'         => $self->{cgi}->param('Mobile'),
+            'Extension'      => $self->{cgi}->param('Extension'),
+            'Fax'            => $self->{cgi}->param('Fax'),
+            'Function1'      => $self->{cgi}->param('Function1'),
+            'Function2'      => $self->{cgi}->param('Function2'),
+            'Function3'      => $self->{cgi}->param('Function3'),
+            'Function4'      => $self->{cgi}->param('Function4'),
+            'Initials'       => $self->{cgi}->param('Initials'),
+            'AltEmail1'      => $self->{cgi}->param('AltEmail1'),
+            'AltEmail2'      => $self->{cgi}->param('AltEmail2'),
+            'AltEmail3'      => $self->{cgi}->param('AltEmail3'),
+            'AltEmail4'      => $self->{cgi}->param('AltEmail4'),
+            'PreferredEmail' => $self->{cgi}->param('PreferredEmail'),
+            'Url'            => $self->{cgi}->param('Url'),
+            'Shell'          => $self->{cgi}->param('Shell'),
+            'DesktopShell'   => $self->{cgi}->param('DesktopShell'),
+        );
+
+        $acct->merge_props(%newProperties);
+
+        $accountdb->create_user_auto_pseudonyms($acctName);
+
+        undef $accountdb;
+
+        my $event = ($acctName eq 'admin') ? 'user-modify-admin':'user-modify';
+        unless (system ("/sbin/e-smith/signal-event", "$event",
+                        $acctName) == 0) {
+            $accountdb = esmith::AccountsDB->open();
+            return $self->error('CANNOT_MODIFY_USER');
+        }
+        $accountdb = esmith::AccountsDB->open();
+    }
+    $self->success('USER_MODIFIED');
+}
+
+sub pseudonym_clash {
+    my ($self, $first) = @_;
+    $first ||= "";
+    my $last     = $self->{cgi}->param('LastName') || "";
+    my $acctName = $self->{cgi}->param('acctName') || "";
+
+    my $up = "$first $last";
+
+    $up =~ s/^\s+//;
+    $up =~ s/\s+$//;
+    $up =~ s/\s+/ /g;
+    $up =~ s/\s/_/g;
+
+    my $dp = $up;
+    $dp =~ s/_/./g;
+
+    $dp = $accountdb->get($dp);
+    $up = $accountdb->get($up);
+
+    my $da = $dp->prop('Account') if $dp;
+    my $ua = $up->prop('Account') if $up;
+    if ($dp and $da and $da ne $acctName)
+    {
+        return $self->localise('PSEUDONYM_CLASH',
+        {
+            acctName => $acctName,
+            clashName => $da,
+            pseudonym => $dp->key
+        });
+    }
+    elsif ($up and $ua and $ua ne $acctName)
+    {
+        return $self->localise('PSEUDONYM_CLASH',
+        {
+            acctName => $acctName,
+            clashName => $ua,
+            pseudonym => $up->key
+        });
+    }
+    else
+    {
+        return "OK";
+    }
+}
+
+sub numbers_or_empty {
+    my ($self, $field) = @_;
+    my $ret =  $self->localise('BAD_SYNTAX');
+
+    $ret = "OK" if (($field =~ m/\d+/) || ($field eq ''));
+    return $ret;
+}
+
+sub email_or_empty {
+    my ($self, $field) = @_;
+    my $ret =  $self->localise('BAD_SYNTAX');
+
+    $ret = "OK" if (($field =~ m/^[a-zA-Z][a-zA-Z0-9\._\-]*\@?([a-zA-Z0-9\._\-]*)?$/) || ($field eq ''));
+    return $ret;
+}
+
+sub url_or_empty {
+    my ($self, $field) = @_;
+    my $ret =  $self->localise('BAD_SYNTAX');
+
+    $ret = 'OK' if (($field =~ m/^https?:\/\/[a-zA-Z0-9\._\-\/]*/) || ($field eq ''));
+    return $ret;
+}
+
+1;

root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelViewgroups.pm

@@ -0,0 +1,191 @@
+#!/usr/bin/perl -w 
+
+package esmith::FormMagick::Panel::userpanelViewgroups;
+
+use strict;
+
+use esmith::FormMagick;
+use esmith::ConfigDB;
+use esmith::AccountsDB;
+use File::Basename;
+use Exporter;
+use Carp;
+    
+our @ISA = qw(esmith::FormMagick Exporter);
+
+our @EXPORT = qw(
+
+  show_initial
+  genUsers
+  get_accounts_prop
+  get_description
+  get_group_mail
+);  
+    
+our $accounts = esmith::AccountsDB->open() || die "Couldn't open accounts";
+our $db = esmith::ConfigDB->open || die "Couldn't open config db";
+
+our $VERSION = sprintf '%d.%03d', q$Revision: 1.38 $ =~ /: (\d+).(\d+)/;
+
+
+sub new {
+    shift;
+    my $self = esmith::FormMagick->new();
+    $self->{calling_package} = (caller)[0];
+    bless $self;
+    return $self;
+}
+
+
+=head2 get_accounts_prop ITEM PROP
+    
+A simple accessor for esmith::AccountsDB::Record::prop
+
+=cut
+
+sub get_accounts_prop {
+    my $fm   = shift;
+    my $item = shift;
+    my $prop = shift;
+
+    my $record = $accounts->get($item);
+
+    if ($record) {
+        return $record->prop($prop);
+    }   
+    else {
+        return '';
+    }
+}
+
+=head2 get_description
+
+Get the Description for the group named in the CGI argument "GroupName"
+
+=cut
+
+sub get_description {
+    my $fm    = shift;
+    my $group = $fm->{'cgi'}->param('groupName');
+    return ( $fm->get_accounts_prop( $group, 'Description' ) );
+}
+
+=head2 get_group_mail
+
+Get the mail address for the group named in the CGI argument "GroupName"
+
+=cut
+
+sub get_group_mail {
+    my $fm    = shift;
+    my $group = $fm->{'cgi'}->param('groupName');
+    # Get all the pseudonymes
+    my $domain = $db->get('DomainName')->value();
+    my @mails = ("$group\@$domain");
+    foreach ($accounts->pseudonyms()){
+        push @mails, $_->key . "\@$domain" if (($_->prop('Account') || '') eq $group);
+    }
+    return join("<br>",@mails);
+}
+
+=head1 ACTION
+
+
+=head2 show_initial FM
+
+Show the "start" page for this panel
+
+=cut
+
+sub show_initial () {
+    my $fm = shift;
+    my $q = $fm->{cgi};
+    $q->Delete('groupName');
+
+    my $params = $fm->build_cgi_params();
+
+    my $numGroups = $accounts->groups;
+
+    if ( $numGroups == 0 ) {
+        print $q->Tr($q->td(
+            '<p><b>' . $fm->localise("ACCOUNT_GROUP_NONE") . '</p></b>'));
+
+    }
+    else {
+        print $q->Tr($q->td({-colspan => 2}, $fm->localise('CURRENT_LIST')));
+        print $q->start_table({-CLASS => "sme-border"}),"\n";
+        print "<tr><th class=\"sme-border\">"
+            . $fm->localise("GROUP")
+            . "</th> <th class=\"sme-border\">"
+            . $fm->localise('DESCRIPTION')
+            . "</th><th class=\"sme-border\" colspan=\"2\">"
+            . $fm->localise('ACTION')
+            . "</th></tr>";
+        foreach my $group ( $accounts->groups() ) {
+            $params = $fm->build_cgi_params( $group->key );
+            print "<tr>" . "<td class=\"sme-border\">"
+              . $group->key . "</td>" . "<td class=\"sme-border\">"
+              . $group->prop('Description') . "</td>"
+              . "<td class=\"sme-border\"><a href=\"userpanel-viewgroups?$params&wherenext=ViewGroup\">"
+              . $fm->localise("VIEW") . "</a></td>"
+
+        }
+        print $q->end_table,"\n";
+    }
+    return;
+}
+
+=head2 build_cgi_params()
+
+Builds a CGI query string, using various sensible
+defaults and esmith::FormMagick's props_to_query_string() method.
+
+=cut
+
+sub build_cgi_params {
+    my ( $fm, $group ) = @_;
+
+    my %props = (
+        page       => 0,
+        page_stack => "",
+        ".id"      => $fm->{cgi}->param('.id') || "",
+        groupName  => $group,
+    );
+
+    return $fm->props_to_query_string( \%props );
+}
+
+=head2 genUsers MEMBERS
+
+Takes a comma delimited list of users and returns a string of 
+html checkboxes for all system users with the members of the group
+in $fm->{cgi}->parm('groupName')checked.
+
+=cut
+
+sub genUsers () {
+    my $fm      = shift;
+    my $members = "";
+    my $group = $fm->{'cgi'}->param('groupName');
+
+    if ($accounts->get($group)) {
+      $members = $accounts->get($group)->prop('Members');
+    }
+    my @members = split(/[,;]/, $members);
+
+    my $out = "<tr>\n        <td class=\"sme-noborders-label\">"
+      . $fm->localise('GROUP_MEMBERS')
+      . "</td>\n        <td>\n"
+      . "          <table border='0' cellspacing='0' cellpadding='0'>\n";
+    foreach my $user (@members) {
+        my $name = $accounts->get($user)->prop('FirstName') . " " . $accounts->get($user)->prop('LastName');
+
+        $out .="            <tr>\n"
+          . "<td>$name (".$user.")</td>\n            </tr>\n";
+
+    }
+
+    $out .= "          </table>\n        </td>\n    </tr>\n";
+    return $out;
+}
+

root/var/qmail/control/queuenotifymsg

@@ -0,0 +1,6 @@
+Le serveur %s a bien pris en compte votre message, mais n'a
+pas pu le remettre aux destinataires suivants au bout de %s de tentative.
+Le serveur de mail va continuer d'essayer de remettre votre message
+pendant %s (au total). Ceci n'est qu'un avertissement,
+vous n'avez pas besoin de renvoyer votre message pour le moment.
+