Add option to the installer for uid/gid starting numbers.

This also adds a new option to the template system. If you include eval(string) in a file that goes through the templater then the string in the eval will be evaluated by the Python interpreter. This is used so one can do $UIDSTART+1. If any errors occur during the evaluation the original string is is returned, eval() and all so it is up to the developer to make sure the evaluation passes. The default value for uid and gid is now a random value between 1,000,000 and (2^31 - 1,000,000)
2025-02-25 18:55:28 -06:00 · 2009-08-27 14:12:55 -04:00
parent cab5525076
commit 559c76f761
6 changed files with 37 additions and 11 deletions
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -36,6 +36,7 @@ import shutil
 import glob
 import traceback
 from optparse import OptionParser
+import random

 from ipaserver.install import dsinstance
 from ipaserver.install import krbinstance
@@ -54,7 +55,11 @@ from ipalib import util

 pw_name = None

+# Used to determine the the highest possible uid/gid
+MAXINT_32BIT = 2147483648
+
 def parse_options():
+    namespace = random.randint(1000000, (MAXINT_32BIT - 1000000))
    parser = OptionParser(version=version.VERSION)
    parser.add_option("-u", "--user", dest="ds_user",
                      help="ds user")
@@ -97,6 +102,10 @@ def parse_options():
                      default=False,
                      help="Do not use DNS for hostname lookup during installation")

+    parser.add_option("--uidstart", dest="uidstart", default=namespace, type=int,
+                      help="The starting uid value (default random)")
+    parser.add_option("--gidstart", dest="gidstart", default=namespace, type=int,
+                      help="The starting gid value (default random)")
    options, args = parser.parse_args()

    if options.uninstall:
@@ -537,7 +546,7 @@ def main():
        finally:
            os.remove(pw_name)
    else:
-        ds.create_instance(ds_user, realm_name, host_name, domain_name, dm_password, self_signed_ca=not options.ca)
+        ds.create_instance(ds_user, realm_name, host_name, domain_name, dm_password, self_signed_ca=not options.ca, uidstart=options.uidstart, gidstart=options.gidstart)

    # Create a kerberos instance
    krb = krbinstance.KrbInstance(fstore)
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -75,6 +75,12 @@ The password of the Directory Server PKCS#12 file
 \fB\-\-http_pin\fR=\fIHTTP_PIN\fR
 The password of the Apache Server PKCS#12 file
 .PP 
+\fB\-\-uidstart\fR=\fIUIDSTART\fR
+The starting user id number (default random)
+.PP 
+\fB\-\-gidstart\fR=\fIGIDSTART\fR
+The starting group id number (default random)
+.PP 
 .SH "EXIT STATUS"
 0 if the installation was successful