Fix the case where domain != lower(REALM)

add the domain to the ipa.conf file for apps that need to know This should fix a bug in the replica setup
2025-02-25 18:55:28 -06:00 · 2008-05-23 14:51:50 -04:00
parent c5d6ad5c6e
commit 53afb67537
5 changed files with 70 additions and 39 deletions
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -202,23 +202,26 @@ def main():
        return 1
    # Configure ipa.conf
-    ipaconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
+    if not options.on_master:
-    ipaconf.setOptionAssignment(" = ")
+        ipaconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
-    ipaconf.setSectionNameDelimiters(("[","]"))
+        ipaconf.setOptionAssignment(" = ")
        ipaconf.setSectionNameDelimiters(("[","]"))
-    opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'},
+        opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'},
-            {'name':'empty', 'type':'empty'}]
+                {'name':'empty', 'type':'empty'}]
-    #[defaults]
+        #[defaults]
-    defopts = [{'name':'server', 'type':'option', 'value':cli_server},
+        defopts = [{'name':'server', 'type':'option', 'value':cli_server},
-             {'name':'realm', 'type':'option', 'value':cli_realm}]
+                   {'name':'realm', 'type':'option', 'value':cli_realm},
                   {'name':'domain', 'type':'option', 'value':cli_domain}]
-    opts.append({'name':'defaults', 'type':'section', 'value':defopts})
+        opts.append({'name':'defaults', 'type':'section', 'value':defopts})
-    opts.append({'name':'empty', 'type':'empty'})
+        opts.append({'name':'empty', 'type':'empty'})
        fstore.backup_file("/etc/ipa/ipa.conf")
        ipaconf.newConf("/etc/ipa/ipa.conf", opts)
        print "Created /etc/ipa/ipa.conf"
    fstore.backup_file("/etc/ipa/ipa.conf")
    ipaconf.newConf("/etc/ipa/ipa.conf", opts)
    print "Created /etc/ipa/ipa.conf"
    # Configure ldap.conf
    ldapconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
--- a/ipa-python/config.py
+++ b/ipa-python/config.py
@@ -39,6 +39,7 @@ class IPAConfig:
    def __init__(self):
        self.default_realm = None
        self.default_server = []
        self.default_domain = None
    def get_realm(self):
        if self.default_realm:
@@ -52,6 +53,12 @@ class IPAConfig:
        else:
            raise IPAConfigError("no default server")
    def get_domain(self):
        if self.default_domain:
            return self.default_domain
        else:
            raise IPAConfigError("no default domain")
 # Global library config
 config = IPAConfig()
@@ -65,6 +72,8 @@ def __parse_config():
        if not len(config.default_server):
            s = p.get("defaults", "server")
            config.default_server = re.sub("\s+", "", s).split(',')
        if not config.default_domain:
            config.default_domain = p.get("defaults", "domain")
    except:
        pass
@@ -76,22 +85,29 @@ def __discover_config():
            if not config.default_realm:
                return False
-        #try once with REALM -> domain
+        if not config.default_domain:
-        name = "_ldap._tcp."+config.default_realm+"."
+            #try once with REALM -> domain
-        rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
+            dom_name = config.default_realm.lower()
-        rl = len(rs)
+            name = "_ldap._tcp."+dom_name+"."
-
+            rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
        #try cycling on domain components of FQDN
        if rl == 0:
            name = socket.getfqdn()
        while rl == 0:
            tok = name.find(".")
            if tok == -1:
                return False
            name = name[tok+1:]
            q = "_ldap._tcp." + name + "."
            rs = ipa.dnsclient.query(q, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
            rl = len(rs)
            if rl == 0:
                #try cycling on domain components of FQDN
                dom_name = socket.getfqdn()
            while rl == 0:
                tok = dom_name.find(".")
                if tok == -1:
                     return False
                dom_name = dom_name[tok+1:]
                name = "_ldap._tcp." + dom_name + "."
                rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
                rl = len(rs)
            config.default_domain = dom_name
        if rl == 0:
             name = "_ldap._tcp."+config.default_domain+"."
             rs = ipa.dnsclient.query(name, ipa.dnsclient.DNS_C_IN, ipa.dnsclient.DNS_T_SRV)
        for r in rs:
            if r.dns_type == ipa.dnsclient.DNS_T_SRV:
@@ -104,6 +120,7 @@ def __discover_config():
 def usage():
    return """  --realm\tset the IPA realm
  --server\tset the IPA server
  --domain\tset the IPA dns domain
 """
 def __parse_args(args):
@@ -126,11 +143,17 @@ def __parse_args(args):
            config.default_server.append(args[i + 1])
            i = i + 2
            continue
        if args[i] == "--domain":
            if i == len(args) - 1:
                raise IPAConfigError("missing argument to --domain")
            config.default_domain = args[i + 1]
            i = i + 2
            continue
        out_args.append(args[i])
        i = i + 1
-        
+
    return out_args
-                      
+
 def init_config(args=None):
    out_args = None
@@ -144,6 +167,8 @@ def init_config(args=None):
        raise IPAConfigError("IPA realm not found in DNS, in the config file (/etc/ipa/ipa.conf) or on the command line.")
    if not config.default_server:
        raise IPAConfigError("IPA server not found in DNS, in the config file (/etc/ipa/ipa.conf) or on the command line.")
    if not config.default_domain:
        raise IPAConfigError("IPA domain not found in the config file (/etc/ipa/ipa.conf) or on the command line.")
    if out_args:
        return out_args
--- a/ipa-server/ipa-install/ipa-replica-install
+++ b/ipa-server/ipa-install/ipa-replica-install
@@ -33,6 +33,7 @@ from ipaserver import version
 class ReplicaConfig:
    def __init__(self):
        self.realm_name = ""
        self.domain_name = ""
        self.master_host_name = ""
        self.dirman_password = ""
        self.ds_user = ""
@@ -232,6 +233,14 @@ def main():
    install_krb(config)
    install_http(config)
    # Create the config file
    fd = open("/etc/ipa/ipa.conf", "w")
    fd.write("[defaults]\n")
    fd.write("server=" + config.host_name + "\n")
    fd.write("realm=" + config.realm_name + "\n")
    fd.write("domain=" + config.domain_name + "\n")
    fd.close()
    # Create a Web Gui instance
    webgui = httpinstance.WebGuiInstance()
    webgui.create_instance()
--- a/ipa-server/ipa-install/ipa-replica-prepare
+++ b/ipa-server/ipa-install/ipa-replica-prepare
@@ -66,18 +66,11 @@ def get_realm_name():
 def get_domain_name():
    try:
-        conn = ipaldap.IPAdmin("127.0.0.1")
+        ipa.config.init_config()
-        conn.simple_bind_s("", "")
+        domain_name = ipa.config.config.get_domain()
        context = conn.getEntry("", ldap.SCOPE_BASE, '(objectclass=*)', [ 'namingContexts' ])
        conn.unbind()
    except Exception, e:
        return None
    domain_name = context.getValue('namingContexts')
    domain_name = domain_name.replace('dc=','')
    domain_name = domain_name.replace(',','.')
    return domain_name
 def check_ipa_configuration(realm_name):
--- a/ipa-server/ipa-install/ipa-server-install
+++ b/ipa-server/ipa-install/ipa-server-install
@@ -495,6 +495,7 @@ def main():
    fd.write("[defaults]\n")
    fd.write("server=" + host_name + "\n")
    fd.write("realm=" + realm_name + "\n")
    fd.write("domain=" + domain_name + "\n")
    fd.close()
    # Create a Web Gui instance