mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Fix the case where domain != lower(REALM)
add the domain to the ipa.conf file for apps that need to know This should fix a bug in the replica setup
This commit is contained in:
parent
c5d6ad5c6e
commit
53afb67537
@ -202,23 +202,26 @@ def main():
|
||||
return 1
|
||||
|
||||
# Configure ipa.conf
|
||||
ipaconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
|
||||
ipaconf.setOptionAssignment(" = ")
|
||||
ipaconf.setSectionNameDelimiters(("[","]"))
|
||||
if not options.on_master:
|
||||
ipaconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
|
||||
ipaconf.setOptionAssignment(" = ")
|
||||
ipaconf.setSectionNameDelimiters(("[","]"))
|
||||
|
||||
opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'},
|
||||
{'name':'empty', 'type':'empty'}]
|
||||
opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'},
|
||||
{'name':'empty', 'type':'empty'}]
|
||||
|
||||
#[defaults]
|
||||
defopts = [{'name':'server', 'type':'option', 'value':cli_server},
|
||||
{'name':'realm', 'type':'option', 'value':cli_realm}]
|
||||
#[defaults]
|
||||
defopts = [{'name':'server', 'type':'option', 'value':cli_server},
|
||||
{'name':'realm', 'type':'option', 'value':cli_realm},
|
||||
{'name':'domain', 'type':'option', 'value':cli_domain}]
|
||||
|
||||
opts.append({'name':'defaults', 'type':'section', 'value':defopts})
|
||||
opts.append({'name':'empty', 'type':'empty'})
|
||||
opts.append({'name':'defaults', 'type':'section', 'value':defopts})
|
||||
opts.append({'name':'empty', 'type':'empty'})
|
||||
|
||||
fstore.backup_file("/etc/ipa/ipa.conf")
|
||||
ipaconf.newConf("/etc/ipa/ipa.conf", opts)
|
||||
print "Created /etc/ipa/ipa.conf"
|
||||
|
||||
fstore.backup_file("/etc/ipa/ipa.conf")
|
||||
ipaconf.newConf("/etc/ipa/ipa.conf", opts)
|
||||
print "Created /etc/ipa/ipa.conf"
|
||||
|
||||
# Configure ldap.conf
|
||||
ldapconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
|
||||
|
@ -39,6 +39,7 @@ class IPAConfig:
|
||||
def __init__(self):
|
||||
self.default_realm = None
|
||||
self.default_server = []
|
||||
self.default_domain = None
|
||||
|
||||
def get_realm(self):
|
||||
if self.default_realm:
|
||||
@ -52,6 +53,12 @@ class IPAConfig:
|
||||
else:
|
||||
raise IPAConfigError("no default server")
|
||||
|
||||
def get_domain(self):
|
||||
if self.default_domain:
|
||||
return self.default_domain
|
||||
else:
|
||||
raise IPAConfigError("no default domain")
|
||||
|
||||
# Global library config
|
||||
config = IPAConfig()
|
||||
|
||||
@ -65,6 +72,8 @@ def __parse_config():
|
||||
if not len(config.default_server):
|
||||
s = p.get("defaults", "server")
|
||||
config.default_server = re.sub("\s+", "", s).split(',')
|
||||
if not config.default_domain:
|
||||
config.default_domain = p.get("defaults", "domain")
|
||||
except:
|
||||
pass
|
||||
|
||||
@ -76,22 +85,29 @@ def __discover_config():
|
||||
if not config.default_realm:
|
||||
return False
|
||||
|
||||
#try once with REALM -> domain
|
||||
name = "_ldap._tcp."+config.default_realm+"."
|
||||
rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
|
||||
rl = len(rs)
|
||||
|
||||
#try cycling on domain components of FQDN
|
||||
if rl == 0:
|
||||
name = socket.getfqdn()
|
||||
while rl == 0:
|
||||
tok = name.find(".")
|
||||
if tok == -1:
|
||||
return False
|
||||
name = name[tok+1:]
|
||||
q = "_ldap._tcp." + name + "."
|
||||
rs = ipa.dnsclient.query(q, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
|
||||
if not config.default_domain:
|
||||
#try once with REALM -> domain
|
||||
dom_name = config.default_realm.lower()
|
||||
name = "_ldap._tcp."+dom_name+"."
|
||||
rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
|
||||
rl = len(rs)
|
||||
if rl == 0:
|
||||
#try cycling on domain components of FQDN
|
||||
dom_name = socket.getfqdn()
|
||||
while rl == 0:
|
||||
tok = dom_name.find(".")
|
||||
if tok == -1:
|
||||
return False
|
||||
dom_name = dom_name[tok+1:]
|
||||
name = "_ldap._tcp." + dom_name + "."
|
||||
rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
|
||||
rl = len(rs)
|
||||
|
||||
config.default_domain = dom_name
|
||||
|
||||
if rl == 0:
|
||||
name = "_ldap._tcp."+config.default_domain+"."
|
||||
rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
|
||||
|
||||
for r in rs:
|
||||
if r.dns_type == ipa.dnsclient.DNS_T_SRV:
|
||||
@ -104,6 +120,7 @@ def __discover_config():
|
||||
def usage():
|
||||
return """ --realm\tset the IPA realm
|
||||
--server\tset the IPA server
|
||||
--domain\tset the IPA dns domain
|
||||
"""
|
||||
|
||||
def __parse_args(args):
|
||||
@ -126,11 +143,17 @@ def __parse_args(args):
|
||||
config.default_server.append(args[i + 1])
|
||||
i = i + 2
|
||||
continue
|
||||
if args[i] == "--domain":
|
||||
if i == len(args) - 1:
|
||||
raise IPAConfigError("missing argument to --domain")
|
||||
config.default_domain = args[i + 1]
|
||||
i = i + 2
|
||||
continue
|
||||
out_args.append(args[i])
|
||||
i = i + 1
|
||||
|
||||
|
||||
return out_args
|
||||
|
||||
|
||||
|
||||
def init_config(args=None):
|
||||
out_args = None
|
||||
@ -144,6 +167,8 @@ def init_config(args=None):
|
||||
raise IPAConfigError("IPA realm not found in DNS, in the config file (/etc/ipa/ipa.conf) or on the command line.")
|
||||
if not config.default_server:
|
||||
raise IPAConfigError("IPA server not found in DNS, in the config file (/etc/ipa/ipa.conf) or on the command line.")
|
||||
if not config.default_domain:
|
||||
raise IPAConfigError("IPA domain not found in the config file (/etc/ipa/ipa.conf) or on the command line.")
|
||||
|
||||
if out_args:
|
||||
return out_args
|
||||
|
@ -33,6 +33,7 @@ from ipaserver import version
|
||||
class ReplicaConfig:
|
||||
def __init__(self):
|
||||
self.realm_name = ""
|
||||
self.domain_name = ""
|
||||
self.master_host_name = ""
|
||||
self.dirman_password = ""
|
||||
self.ds_user = ""
|
||||
@ -232,6 +233,14 @@ def main():
|
||||
install_krb(config)
|
||||
install_http(config)
|
||||
|
||||
# Create the config file
|
||||
fd = open("/etc/ipa/ipa.conf", "w")
|
||||
fd.write("[defaults]\n")
|
||||
fd.write("server=" + config.host_name + "\n")
|
||||
fd.write("realm=" + config.realm_name + "\n")
|
||||
fd.write("domain=" + config.domain_name + "\n")
|
||||
fd.close()
|
||||
|
||||
# Create a Web Gui instance
|
||||
webgui = httpinstance.WebGuiInstance()
|
||||
webgui.create_instance()
|
||||
|
@ -66,18 +66,11 @@ def get_realm_name():
|
||||
|
||||
def get_domain_name():
|
||||
try:
|
||||
conn = ipaldap.IPAdmin("127.0.0.1")
|
||||
conn.simple_bind_s("", "")
|
||||
|
||||
context = conn.getEntry("", ldap.SCOPE_BASE, '(objectclass=*)', [ 'namingContexts' ])
|
||||
conn.unbind()
|
||||
ipa.config.init_config()
|
||||
domain_name = ipa.config.config.get_domain()
|
||||
except Exception, e:
|
||||
return None
|
||||
|
||||
domain_name = context.getValue('namingContexts')
|
||||
domain_name = domain_name.replace('dc=','')
|
||||
domain_name = domain_name.replace(',','.')
|
||||
|
||||
return domain_name
|
||||
|
||||
def check_ipa_configuration(realm_name):
|
||||
|
@ -495,6 +495,7 @@ def main():
|
||||
fd.write("[defaults]\n")
|
||||
fd.write("server=" + host_name + "\n")
|
||||
fd.write("realm=" + realm_name + "\n")
|
||||
fd.write("domain=" + domain_name + "\n")
|
||||
fd.close()
|
||||
|
||||
# Create a Web Gui instance
|
||||
|
Loading…
Reference in New Issue
Block a user