mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
parent
206d2d48fa
commit
8fd41d0434
@ -27,7 +27,8 @@ import krbV
|
|||||||
from optparse import OptionParser
|
from optparse import OptionParser
|
||||||
|
|
||||||
from ipapython import ipautil
|
from ipapython import ipautil
|
||||||
from ipaserver.install import dsinstance, installutils, certs, httpinstance
|
from ipaserver.install import bindinstance, dsinstance, installutils, certs, httpinstance
|
||||||
|
from ipaserver.install.bindinstance import add_zone, add_reverze_zone, add_rr, add_ptr_rr
|
||||||
from ipaserver import ipaldap
|
from ipaserver import ipaldap
|
||||||
from ipapython import version
|
from ipapython import version
|
||||||
from ipalib import api
|
from ipalib import api
|
||||||
@ -48,6 +49,8 @@ def parse_options():
|
|||||||
help="PIN for the Apache Server PKCS#12 file")
|
help="PIN for the Apache Server PKCS#12 file")
|
||||||
parser.add_option("-p", "--password", dest="password",
|
parser.add_option("-p", "--password", dest="password",
|
||||||
help="Directory Manager (existing master) password")
|
help="Directory Manager (existing master) password")
|
||||||
|
parser.add_option("--ip-address", dest="ip_address",
|
||||||
|
help="Add A and PTR records of the future replica")
|
||||||
|
|
||||||
options, args = parser.parse_args()
|
options, args = parser.parse_args()
|
||||||
|
|
||||||
@ -206,6 +209,11 @@ def main():
|
|||||||
api.bootstrap(in_server=True)
|
api.bootstrap(in_server=True)
|
||||||
api.finalize()
|
api.finalize()
|
||||||
|
|
||||||
|
if options.ip_address:
|
||||||
|
if not bindinstance.dns_container_exists(api.env.host, api.env.realm):
|
||||||
|
print "You can't add a DNS record because DNS is not set up."
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
if not certs.ipa_self_signed() and not ipautil.file_exists("/var/lib/pki-ca/conf/CS.cfg") and not options.dirsrv_pin:
|
if not certs.ipa_self_signed() and not ipautil.file_exists("/var/lib/pki-ca/conf/CS.cfg") and not options.dirsrv_pin:
|
||||||
sys.exit("The replica must be created on the primary IPA server.\nIf you installed IPA with your own certificates using PKCS#12 files you must provide PKCS#12 files for any replicas you create as well.")
|
sys.exit("The replica must be created on the primary IPA server.\nIf you installed IPA with your own certificates using PKCS#12 files you must provide PKCS#12 files for any replicas you create as well.")
|
||||||
|
|
||||||
@ -314,6 +322,19 @@ def main():
|
|||||||
remove_file(replicafile)
|
remove_file(replicafile)
|
||||||
shutil.rmtree(dir)
|
shutil.rmtree(dir)
|
||||||
|
|
||||||
|
if options.ip_address:
|
||||||
|
print "Adding DNS records for %s" % replica_fqdn
|
||||||
|
api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dirman_password)
|
||||||
|
|
||||||
|
domain = replica_fqdn.split(".")
|
||||||
|
name = domain.pop(0)
|
||||||
|
domain = ".".join(domain)
|
||||||
|
|
||||||
|
zone = add_zone(domain)
|
||||||
|
add_rr(zone, name, "A", options.ip_address)
|
||||||
|
add_reverze_zone(options.ip_address)
|
||||||
|
add_ptr_rr(options.ip_address, replica_fqdn)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if not os.geteuid()==0:
|
if not os.geteuid()==0:
|
||||||
sys.exit("\nYou must be root to run this script.\n")
|
sys.exit("\nYou must be root to run this script.\n")
|
||||||
|
@ -42,6 +42,9 @@ The password of the Directory Server PKCS#12 file
|
|||||||
.TP
|
.TP
|
||||||
\fB\-\-http_pin\fR=\fIHTTP_PIN\fR
|
\fB\-\-http_pin\fR=\fIHTTP_PIN\fR
|
||||||
The password of the Apache Server PKCS#12 file
|
The password of the Apache Server PKCS#12 file
|
||||||
|
.TP
|
||||||
|
\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR
|
||||||
|
IP address of the replica server. If you provide this option, the A and PTR records will be added to the DNS.
|
||||||
.SH "EXIT STATUS"
|
.SH "EXIT STATUS"
|
||||||
0 if the command was successful
|
0 if the command was successful
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user