Set SuiteSpotGroup when setting up our 389-ds instances.

The group is now required because 389-ds has tightened the permissions on /var/run/dirsrv. We use the same group for both our LDAP instances and /var/run/dirsrv ends up as root:dirsrv mode 0770. ticket 1010
2025-02-16 18:35:01 -06:00 · 2011-02-24 14:45:46 -05:00 · 2011-02-24 14:45:46 -05:00 · 99d6e0883a
commit 99d6e0883a
parent 22a503785e
2 changed files with 5 additions and 1 deletions
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@ -72,6 +72,7 @@ INF_TEMPLATE = """
 [General]
 FullMachineName=   $FQHN
 SuiteSpotUserID=   $USER
+SuiteSpotGroup=    $GROUP
 ServerRoot=    $SERVER_ROOT
 [slapd]
 ServerPort=   $DSPORT
@ -255,7 +256,8 @@ class CADSInstance(service.Service):
                             PASSWORD=self.dm_password, SUFFIX=self.suffix.lower(),
                             REALM=self.realm_name, USER=PKI_DS_USER,
                             SERVER_ROOT=server_root, DOMAIN=self.domain,
-                             TIME=int(time.time()), DSPORT=self.ds_port)
+                             TIME=int(time.time()), DSPORT=self.ds_port,
+                             GROUP=dsinstance.DS_GROUP)

    def __create_ds_user(self):
        user_exists = True
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@ -149,6 +149,7 @@ INF_TEMPLATE = """
 [General]
 FullMachineName=   $FQHN
 SuiteSpotUserID=   $USER
+SuiteSpotGroup=    $GROUP
 ServerRoot=    $SERVER_ROOT
 [slapd]
 ServerPort=   389
@ -319,6 +320,7 @@ class DsInstance(service.Service):
                             TIME=int(time.time()), IDSTART=self.idstart,
                             IDMAX=self.idmax, HOST=self.fqdn,
                             ESCAPED_SUFFIX= escape_dn_chars(self.suffix.lower()),
+                             GROUP=DS_GROUP,
                         )

    def __create_ds_user(self):