I’m sure I’m missing something very basic, but I haven’t been able to figure it out. I’m trying to build a template for the self-service-password local config file, but getting this error when expanding it:
ERROR in /etc/e-smith/templates//usr/share/self-service-password/conf/config.inc.local.php/10main: Program fragment delivered error <<syntax error at /etc/e-smith/templates//usr/share/self-service-password/conf/config.inc.local.php/10main line 24, near ") {">> at template line 1
The relevant line of the template fragment reads:
if ( $email eq "true" ) {
…and the whole fragment reads:
{
my @chars = ("A".."Z", "a".."z", "0".."9");
my $secret;
$secret .= $chars[rand @chars] for 1..12;
my $lang = ($ssp{'Lang'} || 'en');
my $email = ($ssp{'UseEmail'} || 'false');
$OUT .= <<EOF
#
# /usr/share/self-service-password/conf/config.inc.local.php
#
<?php
\$lang = "$lang";
\$show_menu = true;
\$use_questions = false;
\$use_sms = false;
\$pwd_show_policy = "always";
\$pwd_show_policy_pos = "above";
EOF
if ( $email eq "true" ) {
$OUT .= <<EOF
\$keyphrase = "$secret";
\$mail_address_use_ldap = true;
\$crypt_tokens = true;
\$token_lifetime = "1800";
\$mail_sendmailpath = '/usr/sbin/sendmail';
\$mail_protocol = 'smtp';
\$mail_smtp_debug = 0;
\$mail_debug_format = 'html';
\$mail_smtp_host = 'localhost';
\$mail_smtp_auth = false;
\$mail_smtp_user = '';
\$mail_smtp_pass = '';
\$mail_smtp_port = 25;
\$mail_smtp_timeout = 30;
\$mail_smtp_keepalive = false;
\$mail_smtp_secure = 'tls';
\$mail_smtp_autotls = true;
\$mail_contenttype = 'text/plain';
\$mail_wordwrap = 0;
\$mail_charset = 'utf-8';
\$mail_priority = 3;
\$mail_newline = PHP_EOL;
EOF
}
if ($passwordstrenth{'Users'} eq 'none') {
$OUT .= <<EOF
\$pwd_min_length = 7;
EOF
}
elsif ($passwordstrenth{'Users'} eq 'strong') {
$OUT .= <<EOF
\$pwd_min_length = 7;
\$pwd_min_lower = 1;
\$pwd_min_upper = 1;
\$pwd_min_digit = 1;
\$pwd_min_special = 1;
\$pwd_complexity = 4;
\$use_pwnedpasswords = true;
EOF
}
if ($sssd{'Provider'} eq 'ldap') {
$OUT .= <<EOF
\$ldap_binddn = "";
\$ldap_bindpw = "";
\$ldap_base = "dc=directory,dc=nh";
\$ldap_filter = "(&(objectClass=person)(uid={login})(!(uid=admin)))";
\$who_change_password = "user";
EOF
}
elsif ($sssd{'Provider'} eq 'ad') {
$OUT .= <<EOF
\$ad_mode = true;
\$ldap_starttls = false;
\$ldap_url = "[sssd][LdapURI]";
\$ldap_binddn = "[sssd][BindDN]";
\$ldap_bindpw = "[sssd][BindPassword]";
\$ldap_base = "dc=ad,dc=domain,dc=local";
\$ldap_login_attribute = "sAMAccountName";
\$ldap_fullname_attribute = "cn";
\$ldap_filter = "(&(objectClass=user)(sAMAccountName={login})(!(userAccountControl:1.2.840.113556.1.4.803:=2)))";
\$who_change_password = "manager";
EOF
}
}
What am I missing?