freeipa/ipa-server/ipa-install/ipa-server-install

147 lines
4.9 KiB
Plaintext
Raw Normal View History

0000-12-31 18:09:24 -05:50
#! /usr/bin/python -E
# Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
#
# Copyright (C) 2007 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; version 2 only
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# requires the following packages:
# fedora-ds-base
# openldap-clients
# nss-tools
VERSION = "%prog .1"
0000-12-31 18:09:24 -05:50
import sys
sys.path.append("/usr/share/ipa")
import socket
0000-12-31 18:09:24 -05:50
import logging
from optparse import OptionParser
0000-12-31 18:09:24 -05:50
import ipaserver.dsinstance
import ipaserver.krbinstance
from ipaserver.util import run
0000-12-31 18:09:24 -05:50
def parse_options():
parser = OptionParser(version=VERSION)
parser.add_option("-u", "--user", dest="ds_user",
help="ds user")
0000-12-31 18:09:24 -05:50
parser.add_option("-r", "--realm", dest="realm_name",
help="realm name")
parser.add_option("-p", "--password", dest="password",
help="admin password")
parser.add_option("-m", "--master-password", dest="master_password",
help="kerberos master password")
parser.add_option("-d", "--debug", dest="debug", action="store_true",
dest="debug", default=False, help="print debugging information")
parser.add_option("--hostname", dest="host_name", help="fully qualified name of server")
0000-12-31 18:09:24 -05:50
options, args = parser.parse_args()
if not options.ds_user or not options.realm_name or not options.password or not options.master_password:
parser.error("error: all options are required")
0000-12-31 18:09:24 -05:50
return options
def logging_setup(options):
# Always log everything (i.e., DEBUG) to the log
# file.
0000-12-31 18:09:24 -05:50
logging.basicConfig(level=logging.DEBUG,
format='%(asctime)s %(levelname)s %(message)s',
0000-12-31 18:09:24 -05:50
filename='ipaserver-install.log',
0000-12-31 18:09:24 -05:50
filemode='w')
console = logging.StreamHandler()
# If the debug option is set, also log debug messages to the console
if options.debug:
console.setLevel(logging.DEBUG)
else:
# Otherwise, log critical and error messages
console.setLevel(logging.ERROR)
formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s')
console.setFormatter(formatter)
logging.getLogger('').addHandler(console)
def main():
0000-12-31 18:09:24 -05:50
options = parse_options()
logging_setup(options)
# check the hostname is correctly configured, it must be as the kldap
# utilities just use the hostname as returned by gethostbyname to set
# up some of the standard entries
if options.host_name:
host_name = options.host_name
else:
host_name = socket.gethostname()
if len(host_name.split(".")) < 2:
print "Invalid hostname <"+host_name+">"
print "Check the /etc/hosts file and make sure to have a valid FQDN"
return "-Fatal Error-"
if socket.gethostbyname(host_name) == "127.0.0.1":
print "The hostname resolves to the localhost address (127.0.0.1)"
print "Please change your /etc/hosts file or your DNS so that the"
print "hostname resolves to the ip address of your network interface."
print "The KDC service does not listen on 127.0.0.1"
return "-Fatal Error-"
print "The Final KDC Host Name will be: " + host_name
# Create a directory server instance
0000-12-31 18:09:24 -05:50
ds = ipaserver.dsinstance.DsInstance()
ds.create_instance(options.ds_user, options.realm_name, host_name,
options.password)
0000-12-31 18:09:24 -05:50
# Create a kerberos instance
0000-12-31 18:09:24 -05:50
krb = ipaserver.krbinstance.KrbInstance()
krb.create_instance(options.ds_user, options.realm_name, host_name,
options.password, options.master_password)
# Restart ds after the krb instance has changed ds configurations
ds.restart()
# Restart apache
run(["/sbin/service", "httpd", "restart"])
2007-08-09 12:44:32 -05:00
# Set apache to start on boot
run(["/sbin/chkconfig", "httpd", "on"])
2007-08-09 12:44:32 -05:00
# Set fedora-ds to start on boot
run(["/sbin/chkconfig", "dirsrv", "on"])
2007-08-09 12:44:32 -05:00
# Set the KDC to start on boot
run(["/sbin/chkconfig", "krb5kdc", "on"])
# Set the Kpasswd to start on boot
run(["/sbin/chkconfig", "ipa-kpasswd", "on"])
# Start Kpasswd
2007-08-15 21:17:42 -05:00
run(["/sbin/service", "ipa-kpasswd", "start"])
# Create the config file
fd = open("/etc/ipa/ipa.conf", "w")
fd.write("[defaults]\n")
fd.write("server=" + host_name + "\n")
fd.write("realm=" + options.realm_name + "\n")
fd.close()
0000-12-31 18:09:24 -05:50
return 0
main()