Ganymede userKit Release 1.0.5 October 11, 2001 CHANGES --------------------------------------------- -------------------- Changes from 1.04 to 1.0.5 ------------------- RELEASE DATE: October 11, 2001 1. [NPASSWD] Fixed up the npasswd support code some The userCustom code that interacts with the npasswd-based external validator and saver now uses temp files to retrieve results. This avoids significant race conditions / leaks in Java's process execution code. Fixed the npasswd interfacing code in userCustom to actually use the right schema configuration fields for the npasswd validator and saver, and to use them rather than our hard-coded /opt/bin paths. Tweaked the schema.xml file to define a field in the schema configuration object to allow setting where the temp directory for the npasswd temp files should be. If not set, userCustom will default to "/tmp". 2. [DOCUMENTATION] Fixed a bash syntax error in README It's bin/runServer > server.log 2>&1 & not bin/runServer > server.log 2>1 & Reported by Steve.Lemons@arrisi.com. 3. [SOURCE] Made builder tasks log phase 2 execution Unlike the builder tasks we use at ARL, the userKit's builder tasks were not logging the start and completion of phase 2 external script execution. Now it should be clearly logged when the external builder scripts are run and stopped. 4. [SCRIPTS] Simplified directory setting in build scripts The unixBuild, bsdBuild, and ntSambaBuild scripts now use a very simple cd command to change directory to the proper directory, rather than the complex script location determination code that was there before. This is just to help simplify things in case problems arise with the builder scripts. -------------------- Changes from 1.03 to 1.0.4 ------------------- RELEASE DATE: July 27, 2001 1. [SCRIPT] Fixed loader.pl to specify proper permissions When I was working on Ganymede 1.0.5, I realized that the permissions system had an inappropriate hole, in which end users (who by fiat own their own user objects, and can edit them with whatever privileges are granted by the default role's "Objects Owned" permission matrix) were allowed to edit the Owner List, Notes, Expiration Date, and Removal Date fields. This happened because the Ganymede server was not tracking permissions for the "built-in" fields separately from that of the object itself. End users who could edit their user object (to change their password, say) were able to edit these fields, which should not have happened. Ganymede 1.0.5 now allows permissions for these fields to be manually edited in the permissions editor when editing Role objects. The change to userKit here was to make loader.pl set the default permissions for these four sensitive "built-in" fields so that end users will not have permission to edit these fields. If you are already running userKit 1.03, this upgrade is not needed. Just upgrade the server and clients to Ganymede 1.0.5 and go in and edit the Default Role's Objects Owned permission matrix and clear out privileges for editing the Owner List, Notes, Expiration Date, and Removal Date fields. -------------------- Changes from 1.0 to 1.03 ------------------- RELEASE DATE: June 22, 2001 1. [SCHEMA] Fixed schema.xml to define proper label field for persona The schema.xml file specified the wrong label field for the admin persona class, resulting in problems when trying to login with newly created admin personae. Reported by Miklos Muller, mmuller@lbcons.net. 2. [SCRIPT] Fixed loader.pl to set reasonable default admin privileges in 'GroupAdmin' The loader.pl script was emitting permissions for the 'GroupAdmin' role that didn't allow for the creation of new objects due to a lack of permission to add objects to owned 'Owner Group' objects. Reported by Miklos Muller, mmuller@lbcons.net. -----------------------------------------------------------------