2008-10-24 16:07:07 -05:00
|
|
|
# Authors:
|
2008-10-24 21:59:11 -05:00
|
|
|
# Martin Nagy <mnagy@redhat.com>
|
2008-10-24 16:07:07 -05:00
|
|
|
# Jason Gerard DeRose <jderose@redhat.com>
|
|
|
|
#
|
|
|
|
# Copyright (C) 2008 Red Hat
|
|
|
|
# see file 'COPYING' for use and warranty information
|
|
|
|
#
|
2010-12-09 06:59:11 -06:00
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
2008-10-24 16:07:07 -05:00
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
2010-12-09 06:59:11 -06:00
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2008-10-24 16:07:07 -05:00
|
|
|
|
|
|
|
"""
|
2008-12-10 22:14:05 -06:00
|
|
|
All constants centralised in one file.
|
2008-10-24 16:07:07 -05:00
|
|
|
"""
|
2011-06-23 01:06:49 -05:00
|
|
|
import socket
|
|
|
|
try:
|
|
|
|
FQDN = socket.getfqdn()
|
|
|
|
except:
|
|
|
|
try:
|
|
|
|
FQDN = socket.gethostname()
|
|
|
|
except:
|
|
|
|
FQDN = None
|
2008-10-24 16:07:07 -05:00
|
|
|
|
2008-12-10 22:14:05 -06:00
|
|
|
# The parameter system treats all these values as None:
|
|
|
|
NULLS = (None, '', u'', tuple(), [])
|
|
|
|
|
2008-12-30 01:45:48 -06:00
|
|
|
# regular expression NameSpace member names must match:
|
2010-02-12 10:01:23 -06:00
|
|
|
NAME_REGEX = r'^[a-z][_a-z0-9]*[a-z0-9]$|^[a-z]$'
|
2008-12-30 01:45:48 -06:00
|
|
|
|
|
|
|
# Format for ValueError raised when name does not match above regex:
|
|
|
|
NAME_ERROR = 'name must match %r; got %r'
|
|
|
|
|
2008-12-18 15:01:59 -06:00
|
|
|
# Standard format for TypeError message:
|
2008-12-30 01:45:48 -06:00
|
|
|
TYPE_ERROR = '%s: need a %r; got %r (a %r)'
|
2008-12-11 19:07:54 -06:00
|
|
|
|
2008-12-18 15:01:59 -06:00
|
|
|
# Stardard format for TypeError message when a callable is expected:
|
2008-12-18 03:08:41 -06:00
|
|
|
CALLABLE_ERROR = '%s: need a callable; got %r (which is a %r)'
|
2008-12-11 19:07:54 -06:00
|
|
|
|
2008-12-18 15:01:59 -06:00
|
|
|
# Standard format for StandardError message when overriding an attribute:
|
2008-12-22 18:29:11 -06:00
|
|
|
OVERRIDE_ERROR = 'cannot override %s.%s value %r with %r'
|
|
|
|
|
|
|
|
# Standard format for AttributeError message when a read-only attribute is
|
|
|
|
# already locked:
|
2008-12-22 22:02:43 -06:00
|
|
|
SET_ERROR = 'locked: cannot set %s.%s to %r'
|
2008-12-30 01:45:48 -06:00
|
|
|
DEL_ERROR = 'locked: cannot delete %s.%s'
|
2008-12-11 19:07:54 -06:00
|
|
|
|
2008-11-12 01:46:04 -06:00
|
|
|
# Used for a tab (or indentation level) when formatting for CLI:
|
|
|
|
CLI_TAB = ' ' # Two spaces
|
2008-10-31 19:55:32 -05:00
|
|
|
|
2008-10-24 21:02:14 -05:00
|
|
|
# The section to read in the config files, i.e. [global]
|
2008-10-24 16:07:07 -05:00
|
|
|
CONFIG_SECTION = 'global'
|
2008-10-24 21:02:14 -05:00
|
|
|
|
2009-01-22 10:58:35 -06:00
|
|
|
# Log format for stderr:
|
|
|
|
FORMAT_STDERR = ': '.join([
|
|
|
|
'ipa',
|
2008-10-31 19:55:32 -05:00
|
|
|
'%(levelname)s',
|
|
|
|
'%(message)s',
|
|
|
|
])
|
|
|
|
|
2009-01-22 10:58:35 -06:00
|
|
|
# Log format for log file:
|
|
|
|
FORMAT_FILE = '\t'.join([
|
|
|
|
'%(created)f',
|
|
|
|
'%(process)d',
|
|
|
|
'%(threadName)s',
|
2009-01-22 19:48:21 -06:00
|
|
|
'%(levelname)s',
|
2009-02-12 03:10:12 -06:00
|
|
|
'%(message)s',
|
2008-10-31 19:55:32 -05:00
|
|
|
])
|
|
|
|
|
|
|
|
|
2008-10-24 21:02:14 -05:00
|
|
|
# The default configuration for api.env
|
2008-10-24 21:59:11 -05:00
|
|
|
# This is a tuple instead of a dict so that it is immutable.
|
|
|
|
# To create a dict with this config, just "d = dict(DEFAULT_CONFIG)".
|
2008-10-24 21:02:14 -05:00
|
|
|
DEFAULT_CONFIG = (
|
2008-10-24 21:59:11 -05:00
|
|
|
# Domain, realm, basedn:
|
|
|
|
('domain', 'example.com'),
|
|
|
|
('realm', 'EXAMPLE.COM'),
|
|
|
|
('basedn', 'dc=example,dc=com'),
|
|
|
|
|
|
|
|
# LDAP containers:
|
|
|
|
('container_accounts', 'cn=accounts'),
|
|
|
|
('container_user', 'cn=users,cn=accounts'),
|
|
|
|
('container_group', 'cn=groups,cn=accounts'),
|
|
|
|
('container_service', 'cn=services,cn=accounts'),
|
|
|
|
('container_host', 'cn=computers,cn=accounts'),
|
2008-11-04 13:03:43 -06:00
|
|
|
('container_hostgroup', 'cn=hostgroups,cn=accounts'),
|
2010-12-01 10:23:52 -06:00
|
|
|
('container_rolegroup', 'cn=roles,cn=accounts'),
|
2010-12-22 10:11:29 -06:00
|
|
|
('container_permission', 'cn=permissions,cn=pbac'),
|
|
|
|
('container_privilege', 'cn=privileges,cn=pbac'),
|
2008-11-14 17:04:57 -06:00
|
|
|
('container_automount', 'cn=automount'),
|
2009-02-02 09:23:45 -06:00
|
|
|
('container_policies', 'cn=policies'),
|
|
|
|
('container_configs', 'cn=configs,cn=policies'),
|
|
|
|
('container_roles', 'cn=roles,cn=policies'),
|
|
|
|
('container_applications', 'cn=applications,cn=configs,cn=policies'),
|
|
|
|
('container_policygroups', 'cn=policygroups,cn=configs,cn=policies'),
|
|
|
|
('container_policylinks', 'cn=policylinks,cn=configs,cn=policies'),
|
2009-05-13 07:16:03 -05:00
|
|
|
('container_netgroup', 'cn=ng,cn=alt'),
|
2009-03-31 13:09:16 -05:00
|
|
|
('container_hbac', 'cn=hbac'),
|
2011-01-18 03:56:17 -06:00
|
|
|
('container_hbacservice', 'cn=hbacservices,cn=hbac'),
|
|
|
|
('container_hbacservicegroup', 'cn=hbacservicegroups,cn=hbac'),
|
2009-04-21 08:12:49 -05:00
|
|
|
('container_dns', 'cn=dns'),
|
2011-01-13 14:54:06 -06:00
|
|
|
('container_virtual', 'cn=virtual operations,cn=etc'),
|
2011-01-14 14:27:56 -06:00
|
|
|
('container_sudorule', 'cn=sudorules,cn=sudo'),
|
|
|
|
('container_sudocmd', 'cn=sudocmds,cn=sudo'),
|
|
|
|
('container_sudocmdgroup', 'cn=sudocmdgroups,cn=sudo'),
|
2011-02-01 13:24:46 -06:00
|
|
|
('container_entitlements', 'cn=entitlements,cn=etc'),
|
2011-08-30 19:48:15 -05:00
|
|
|
('container_automember', 'cn=automember,cn=etc'),
|
2008-10-24 21:59:11 -05:00
|
|
|
|
|
|
|
# Ports, hosts, and URIs:
|
2009-10-13 12:28:00 -05:00
|
|
|
# FIXME: let's renamed xmlrpc_uri to rpc_xml_uri
|
|
|
|
('xmlrpc_uri', 'http://localhost:8888/ipa/xml'),
|
|
|
|
('rpc_json_uri', 'http://localhost:8888/ipa/json'),
|
2008-10-24 21:59:11 -05:00
|
|
|
('ldap_uri', 'ldap://localhost:389'),
|
2008-10-24 21:02:14 -05:00
|
|
|
|
2009-10-13 12:28:00 -05:00
|
|
|
# Web Application mount points
|
|
|
|
('mount_ipa', '/ipa/'),
|
|
|
|
('mount_xmlserver', 'xml'),
|
|
|
|
('mount_jsonserver', 'json'),
|
|
|
|
|
|
|
|
# WebUI stuff:
|
|
|
|
('webui_prod', True),
|
|
|
|
('webui_assets_dir', None),
|
|
|
|
|
2008-10-24 21:59:11 -05:00
|
|
|
# Debugging:
|
2010-06-03 16:07:24 -05:00
|
|
|
('verbose', 0),
|
2008-10-24 21:02:14 -05:00
|
|
|
('debug', False),
|
2010-06-25 12:37:27 -05:00
|
|
|
('startup_traceback', False),
|
2008-10-28 00:30:55 -05:00
|
|
|
('mode', 'production'),
|
2008-10-24 21:02:14 -05:00
|
|
|
|
2009-01-22 11:59:46 -06:00
|
|
|
# CA plugin:
|
2011-06-23 01:06:49 -05:00
|
|
|
('ca_host', FQDN), # Set in Env._finalize_core()
|
2011-08-17 14:36:18 -05:00
|
|
|
('ca_port', 80),
|
|
|
|
('ca_agent_port', 443),
|
|
|
|
('ca_ee_port', 443),
|
|
|
|
('ca_install_port', 9180),
|
|
|
|
('ca_agent_install_port', 9443),
|
|
|
|
('ca_ee_install_port', 9444),
|
|
|
|
|
2009-01-22 11:59:46 -06:00
|
|
|
|
2009-01-28 14:05:26 -06:00
|
|
|
# Special CLI:
|
|
|
|
('prompt_all', False),
|
|
|
|
('interactive', True),
|
2010-07-26 16:54:38 -05:00
|
|
|
('fallback', True),
|
2009-01-28 14:05:26 -06:00
|
|
|
|
2009-02-11 14:07:19 -06:00
|
|
|
# Enable certain optional plugins:
|
|
|
|
('enable_ra', False),
|
2009-09-10 15:15:14 -05:00
|
|
|
('ra_plugin', 'selfsign'),
|
2011-07-01 14:32:31 -05:00
|
|
|
('wait_for_attr', False),
|
2009-02-11 14:07:19 -06:00
|
|
|
|
2011-01-13 13:29:16 -06:00
|
|
|
# Used when verifying that the API hasn't changed. Not for production.
|
|
|
|
('validate_api', False),
|
|
|
|
|
2008-10-24 21:59:11 -05:00
|
|
|
# ********************************************************
|
|
|
|
# The remaining keys are never set from the values here!
|
|
|
|
# ********************************************************
|
|
|
|
#
|
2009-05-11 03:34:52 -05:00
|
|
|
# Env._bootstrap() or Env._finalize_core() will have filled in all the keys
|
|
|
|
# below by the time DEFAULT_CONFIG is merged in, so the values below are
|
|
|
|
# never actually used. They are listed both to provide a big picture and
|
|
|
|
# also so DEFAULT_CONFIG contains at least all the keys that should be
|
|
|
|
# present after Env._finalize_core() is called.
|
2008-10-24 21:59:11 -05:00
|
|
|
#
|
2008-12-22 17:16:57 -06:00
|
|
|
# Each environment variable below is sent to ``object``, which just happens
|
|
|
|
# to be an invalid value for an environment variable, so if for some reason
|
|
|
|
# any of these keys were set from the values here, an exception will be
|
|
|
|
# raised.
|
2008-10-24 21:02:14 -05:00
|
|
|
|
2009-05-11 03:34:52 -05:00
|
|
|
# Non-overridable vars set in Env._bootstrap():
|
2011-06-23 01:06:49 -05:00
|
|
|
('host', FQDN),
|
2009-05-11 03:34:52 -05:00
|
|
|
('ipalib', object), # The directory containing ipalib/__init__.py
|
|
|
|
('site_packages', object), # The directory contaning ipalib
|
|
|
|
('script', object), # sys.argv[0]
|
|
|
|
('bin', object), # The directory containing the script
|
|
|
|
('home', object), # $HOME
|
|
|
|
|
|
|
|
# Vars set in Env._bootstrap():
|
|
|
|
('in_tree', object), # Whether or not running in-tree (bool)
|
|
|
|
('dot_ipa', object), # ~/.ipa directory
|
|
|
|
('context', object), # Name of context, default is 'default'
|
|
|
|
('confdir', object), # Directory containing config files
|
|
|
|
('conf', object), # File containing context specific config
|
|
|
|
('conf_default', object), # File containing context independent config
|
2008-10-24 21:02:14 -05:00
|
|
|
|
|
|
|
# Set in Env._finalize_core():
|
2009-05-11 03:34:52 -05:00
|
|
|
('in_server', object), # Whether or not running in-server (bool)
|
|
|
|
('logdir', object), # Directory containing log files
|
|
|
|
('log', object), # Path to context specific log file
|
2008-10-24 21:02:14 -05:00
|
|
|
|
|
|
|
)
|