IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge.

Browse Source
This commit is contained in:
Karl MacMillan 0001-01-01 00:00:00 +00:00
commit c397041bfa
2 changed files with 44 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ipa-python/ipautil.py
View File

@ -27,9 +27,7 @@ from random import Random
from time import gmtime from time import gmtime
import os import os
import stat import stat
import socket
from string import lower
import re import re
import xmlrpclib import xmlrpclib
import datetime import datetime
@ -79,7 +77,7 @@ def run(args, stdin=None):
logging.info(stderr) logging.info(stderr)
if p.returncode != 0: if p.returncode != 0:
raise self.CalledProcessError(p.returncode, ' '.join(args)) raise CalledProcessError(p.returncode, ' '.join(args))
def file_exists(filename): def file_exists(filename):
try: try:
@ -118,24 +116,24 @@ class CIDict(dict):
self.update(default or {}) self.update(default or {})
def __getitem__(self,key): def __getitem__(self,key):
return super(CIDict,self).__getitem__(lower(key)) return super(CIDict,self).__getitem__(string.lower(key))
def __setitem__(self,key,value): def __setitem__(self,key,value):
lower_key = lower(key) lower_key = string.lower(key)
self._keys[lower_key] = key self._keys[lower_key] = key
return super(CIDict,self).__setitem__(lower(key),value) return super(CIDict,self).__setitem__(string.lower(key),value)
def __delitem__(self,key): def __delitem__(self,key):
lower_key = lower(key) lower_key = string.lower(key)
del self._keys[lower_key] del self._keys[lower_key]
return super(CIDict,self).__delitem__(lower(key)) return super(CIDict,self).__delitem__(string.lower(key))
def update(self,dict): def update(self,dict):
for key in dict.keys(): for key in dict.keys():
self[key] = dict[key] self[key] = dict[key]
def has_key(self,key): def has_key(self,key):
return super(CIDict, self).has_key(lower(key)) return super(CIDict, self).has_key(string.lower(key))
def get(self,key,failobj=None): def get(self,key,failobj=None):
try: try:

75
ipa-server/ipaserver/dsinstance.py
View File

@ -18,16 +18,15 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# #
import subprocess
import string
import tempfile
import shutil import shutil
import logging import logging
import pwd import pwd
import glob import glob
import sys import sys
import os
from ipa import ipautil
from ipa.ipautil import *
import service import service
import installutils import installutils
@ -36,7 +35,7 @@ SERVER_ROOT_32 = "/usr/lib/dirsrv"
def ldap_mod(fd, dn, pwd): def ldap_mod(fd, dn, pwd):
args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", "-D", dn, "-w", pwd, "-f", fd.name] args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", "-D", dn, "-w", pwd, "-f", fd.name]
run(args) ipautil.run(args)
def realm_to_suffix(realm_name): def realm_to_suffix(realm_name):
s = realm_name.split(".") s = realm_name.split(".")
@ -44,7 +43,7 @@ def realm_to_suffix(realm_name):
return ",".join(terms) return ",".join(terms)
def find_server_root(): def find_server_root():
if dir_exists(SERVER_ROOT_64): if ipautil.dir_exists(SERVER_ROOT_64):
return SERVER_ROOT_64 return SERVER_ROOT_64
else: else:
return SERVER_ROOT_32 return SERVER_ROOT_32
@ -83,7 +82,7 @@ def check_existing_installation():
sys.exit(1) sys.exit(1)
try: try:
run(["/sbin/service", "dirsrv", "stop"]) ipautil.run(["/sbin/service", "dirsrv", "stop"])
except: except:
pass pass
for d in dirs: for d in dirs:
@ -185,25 +184,25 @@ class DsInstance(service.Service):
logging.debug("adding ds user %s" % self.ds_user) logging.debug("adding ds user %s" % self.ds_user)
args = ["/usr/sbin/useradd", "-c", "DS System User", "-d", "/var/lib/dirsrv", "-M", "-r", "-s", "/sbin/nologin", self.ds_user] args = ["/usr/sbin/useradd", "-c", "DS System User", "-d", "/var/lib/dirsrv", "-M", "-r", "-s", "/sbin/nologin", self.ds_user]
try: try:
run(args) ipautil.run(args)
logging.debug("done adding user") logging.debug("done adding user")
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
logging.critical("failed to add user %s" % e) logging.critical("failed to add user %s" % e)
def __create_instance(self): def __create_instance(self):
self.step("creating directory server instance") self.step("creating directory server instance")
inf_txt = template_str(INF_TEMPLATE, self.sub_dict) inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict)
logging.debug(inf_txt) logging.debug(inf_txt)
inf_fd = write_tmp_file(inf_txt) inf_fd = ipautil.write_tmp_file(inf_txt)
logging.debug("writing inf template") logging.debug("writing inf template")
if file_exists("/usr/sbin/setup-ds.pl"): if ipautil.file_exists("/usr/sbin/setup-ds.pl"):
args = ["/usr/sbin/setup-ds.pl", "--silent", "--logfile", "-", "-f", inf_fd.name] args = ["/usr/sbin/setup-ds.pl", "--silent", "--logfile", "-", "-f", inf_fd.name]
logging.debug("calling setup-ds.pl") logging.debug("calling setup-ds.pl")
else: else:
args = ["/usr/bin/ds_newinst.pl", inf_fd.name] args = ["/usr/bin/ds_newinst.pl", inf_fd.name]
logging.debug("calling ds_newinst.pl") logging.debug("calling ds_newinst.pl")
try: try:
run(args) ipautil.run(args)
logging.debug("completed creating ds instance") logging.debug("completed creating ds instance")
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
logging.critical("failed to restart ds instance %s" % e) logging.critical("failed to restart ds instance %s" % e)
@ -217,19 +216,19 @@ class DsInstance(service.Service):
def __add_default_schemas(self): def __add_default_schemas(self):
self.step("adding default schema") self.step("adding default schema")
shutil.copyfile(SHARE_DIR + "60kerberos.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60kerberos.ldif",
schema_dirname(self.realm_name) + "60kerberos.ldif") schema_dirname(self.realm_name) + "60kerberos.ldif")
shutil.copyfile(SHARE_DIR + "60samba.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60samba.ldif",
schema_dirname(self.realm_name) + "60samba.ldif") schema_dirname(self.realm_name) + "60samba.ldif")
shutil.copyfile(SHARE_DIR + "60radius.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60radius.ldif",
schema_dirname(self.realm_name) + "60radius.ldif") schema_dirname(self.realm_name) + "60radius.ldif")
shutil.copyfile(SHARE_DIR + "60ipaconfig.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60ipaconfig.ldif",
schema_dirname(self.realm_name) + "60ipaconfig.ldif") schema_dirname(self.realm_name) + "60ipaconfig.ldif")
def __add_memberof_module(self): def __add_memberof_module(self):
self.step("enabling memboerof plugin") self.step("enabling memboerof plugin")
memberof_txt = template_file(SHARE_DIR + "memberof-conf.ldif", self.sub_dict) memberof_txt = ipautil.template_file(ipautil.SHARE_DIR + "memberof-conf.ldif", self.sub_dict)
memberof_fd = write_tmp_file(memberof_txt) memberof_fd = ipautil.write_tmp_file(memberof_txt)
try: try:
ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password) ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
@ -238,8 +237,8 @@ class DsInstance(service.Service):
def __init_memberof(self): def __init_memberof(self):
self.step("initializing group membership") self.step("initializing group membership")
memberof_txt = template_file(SHARE_DIR + "memberof-task.ldif", self.sub_dict) memberof_txt = ipautil.template_file(ipautil.SHARE_DIR + "memberof-task.ldif", self.sub_dict)
memberof_fd = write_tmp_file(memberof_txt) memberof_fd = ipautil.write_tmp_file(memberof_txt)
try: try:
ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password) ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
@ -248,8 +247,8 @@ class DsInstance(service.Service):
def __add_referint_module(self): def __add_referint_module(self):
self.step("enabling referential integrity plugin") self.step("enabling referential integrity plugin")
referint_txt = template_file(SHARE_DIR + "referint-conf.ldif", self.sub_dict) referint_txt = ipautil.template_file(ipautil.SHARE_DIR + "referint-conf.ldif", self.sub_dict)
referint_fd = write_tmp_file(referint_txt) referint_fd = ipautil.write_tmp_file(referint_txt)
try: try:
ldap_mod(referint_fd, "cn=Directory Manager", self.dm_password) ldap_mod(referint_fd, "cn=Directory Manager", self.dm_password)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
@ -258,8 +257,8 @@ class DsInstance(service.Service):
def __add_dna_module(self): def __add_dna_module(self):
self.step("enabling distributed numeric assignment plugin") self.step("enabling distributed numeric assignment plugin")
dna_txt = template_file(SHARE_DIR + "dna-conf.ldif", self.sub_dict) dna_txt = ipautil.template_file(ipautil.SHARE_DIR + "dna-conf.ldif", self.sub_dict)
dna_fd = write_tmp_file(dna_txt) dna_fd = ipautil.write_tmp_file(dna_txt)
try: try:
ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password) ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
@ -268,8 +267,8 @@ class DsInstance(service.Service):
def __config_uidgid_gen_first_master(self): def __config_uidgid_gen_first_master(self):
self.step("configuring Posix uid/gid generation as first master") self.step("configuring Posix uid/gid generation as first master")
dna_txt = template_file(SHARE_DIR + "dna-posix.ldif", self.sub_dict) dna_txt = ipautil.template_file(ipautil.SHARE_DIR + "dna-posix.ldif", self.sub_dict)
dna_fd = write_tmp_file(dna_txt) dna_fd = ipautil.write_tmp_file(dna_txt)
try: try:
ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password) ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
@ -278,8 +277,8 @@ class DsInstance(service.Service):
def __add_master_entry_first_master(self): def __add_master_entry_first_master(self):
self.step("adding master entry as first master") self.step("adding master entry as first master")
master_txt = template_file(SHARE_DIR + "master-entry.ldif", self.sub_dict) master_txt = ipautil.template_file(ipautil.SHARE_DIR + "master-entry.ldif", self.sub_dict)
master_fd = write_tmp_file(master_txt) master_fd = ipautil.write_tmp_file(master_txt)
try: try:
ldap_mod(master_fd, "cn=Directory Manager", self.dm_password) ldap_mod(master_fd, "cn=Directory Manager", self.dm_password)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
@ -292,20 +291,20 @@ class DsInstance(service.Service):
args = ["/usr/share/ipa/ipa-server-setupssl", self.dm_password, args = ["/usr/share/ipa/ipa-server-setupssl", self.dm_password,
dirname, self.host_name] dirname, self.host_name]
try: try:
run(args) ipautil.run(args)
logging.debug("done configuring ssl for ds instance") logging.debug("done configuring ssl for ds instance")
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
logging.critical("Failed to configure ssl in ds instance %s" % e) logging.critical("Failed to configure ssl in ds instance %s" % e)
def __add_default_layout(self): def __add_default_layout(self):
self.step("adding default layout") self.step("adding default layout")
txt = template_file(SHARE_DIR + "bootstrap-template.ldif", self.sub_dict) txt = ipautil.template_file(ipautil.SHARE_DIR + "bootstrap-template.ldif", self.sub_dict)
inf_fd = write_tmp_file(txt) inf_fd = ipautil.write_tmp_file(txt)
logging.debug("adding default dfrom ipa.ipautil import *s layout") logging.debug("adding default dfrom ipa.ipautil import *s layout")
args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager", args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager",
"-w", self.dm_password, "-f", inf_fd.name] "-w", self.dm_password, "-f", inf_fd.name]
try: try:
run(args) ipautil.run(args)
logging.debug("done adding default ds layout") logging.debug("done adding default ds layout")
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
print "Failed to add default ds layout", e print "Failed to add default ds layout", e
@ -313,13 +312,13 @@ class DsInstance(service.Service):
def __create_indeces(self): def __create_indeces(self):
self.step("creating indeces") self.step("creating indeces")
txt = template_file(SHARE_DIR + "indeces.ldif", self.sub_dict) txt = ipautil.template_file(ipautil.SHARE_DIR + "indeces.ldif", self.sub_dict)
inf_fd = write_tmp_file(txt) inf_fd = ipautil.write_tmp_file(txt)
logging.debug("adding/updating indeces") logging.debug("adding/updating indeces")
args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager", args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager",
"-w", self.dm_password, "-f", inf_fd.name] "-w", self.dm_password, "-f", inf_fd.name]
try: try:
run(args) ipautil.run(args)
logging.debug("done adding/updating indeces") logging.debug("done adding/updating indeces")
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
logging.critical("Failed to add/update indeces %s" % str(e)) logging.critical("Failed to add/update indeces %s" % str(e))
@ -327,7 +326,7 @@ class DsInstance(service.Service):
def __certmap_conf(self): def __certmap_conf(self):
self.step("configuring certmap.conf") self.step("configuring certmap.conf")
dirname = config_dirname(self.realm_name) dirname = config_dirname(self.realm_name)
certmap_conf = template_file(SHARE_DIR+"certmap.conf.template", self.sub_dict) certmap_conf = ipautil.template_file(ipautil.SHARE_DIR + "certmap.conf.template", self.sub_dict)
certmap_fd = open(dirname+"certmap.conf", "w+") certmap_fd = open(dirname+"certmap.conf", "w+")
certmap_fd.write(certmap_conf) certmap_fd.write(certmap_conf)
certmap_fd.close() certmap_fd.close()
@ -335,7 +334,7 @@ class DsInstance(service.Service):
def change_admin_password(self, password): def change_admin_password(self, password):
logging.debug("Changing admin password") logging.debug("Changing admin password")
dirname = config_dirname(self.realm_name) dirname = config_dirname(self.realm_name)
if dir_exists("/usr/lib64/mozldap"): if ipautil.dir_exists("/usr/lib64/mozldap"):
app = "/usr/lib64/mozldap/ldappasswd" app = "/usr/lib64/mozldap/ldappasswd"
else: else:
app = "/usr/lib/mozldap/ldappasswd" app = "/usr/lib/mozldap/ldappasswd"
@ -344,7 +343,7 @@ class DsInstance(service.Service):
"-P", dirname+"/cert8.db", "-ZZZ", "-s", password, "-P", dirname+"/cert8.db", "-ZZZ", "-s", password,
"uid=admin,cn=sysaccounts,cn=etc,"+self.suffix] "uid=admin,cn=sysaccounts,cn=etc,"+self.suffix]
try: try:
run(args) ipautil.run(args)
logging.debug("ldappasswd done") logging.debug("ldappasswd done")
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
print "Unable to set admin password", e print "Unable to set admin password", e