mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 08:00:02 -06:00
Move the __ldap_mod function to the Service class
We were duplicating it for KrbInstance and DsInstance. Since we will also need it for BindInstance as well, it will be better if it is in the Service class instead.
This commit is contained in:
parent
b29006dd0a
commit
d1b3f39258
@ -139,9 +139,8 @@ info: IPA V1.0
|
||||
|
||||
class DsInstance(service.Service):
|
||||
def __init__(self, realm_name=None, domain_name=None, dm_password=None):
|
||||
service.Service.__init__(self, "dirsrv")
|
||||
service.Service.__init__(self, "dirsrv", dm_password=dm_password)
|
||||
self.realm_name = realm_name
|
||||
self.dm_password = dm_password
|
||||
self.sub_dict = None
|
||||
self.domain = domain_name
|
||||
self.serverid = None
|
||||
@ -287,38 +286,11 @@ class DsInstance(service.Service):
|
||||
# TODO: roll back here?
|
||||
logging.critical("Failed to restart the directory server. See the installation log for details.")
|
||||
|
||||
def __ldap_mod(self, ldif, sub_dict = None):
|
||||
fd = None
|
||||
path = ipautil.SHARE_DIR + ldif
|
||||
|
||||
if not sub_dict is None:
|
||||
txt = ipautil.template_file(path, sub_dict)
|
||||
fd = ipautil.write_tmp_file(txt)
|
||||
path = fd.name
|
||||
|
||||
[pw_fd, pw_name] = tempfile.mkstemp()
|
||||
os.write(pw_fd, self.dm_password)
|
||||
os.close(pw_fd)
|
||||
|
||||
args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv",
|
||||
"-D", "cn=Directory Manager", "-y", pw_name, "-f", path]
|
||||
|
||||
try:
|
||||
try:
|
||||
ipautil.run(args)
|
||||
except ipautil.CalledProcessError, e:
|
||||
logging.critical("Failed to load %s: %s" % (ldif, str(e)))
|
||||
finally:
|
||||
os.remove(pw_name)
|
||||
|
||||
if not fd is None:
|
||||
fd.close()
|
||||
|
||||
def __add_memberof_module(self):
|
||||
self.__ldap_mod("memberof-conf.ldif")
|
||||
self._ldap_mod("memberof-conf.ldif")
|
||||
|
||||
def init_memberof(self):
|
||||
self.__ldap_mod("memberof-task.ldif", self.sub_dict)
|
||||
self._ldap_mod("memberof-task.ldif", self.sub_dict)
|
||||
|
||||
def apply_updates(self):
|
||||
ld = ldapupdate.LDAPUpdate(dm_password=self.dm_password)
|
||||
@ -326,19 +298,19 @@ class DsInstance(service.Service):
|
||||
ld.update(files)
|
||||
|
||||
def __add_referint_module(self):
|
||||
self.__ldap_mod("referint-conf.ldif")
|
||||
self._ldap_mod("referint-conf.ldif")
|
||||
|
||||
def __set_unique_attrs(self):
|
||||
self.__ldap_mod("unique-attributes.ldif", self.sub_dict)
|
||||
self._ldap_mod("unique-attributes.ldif", self.sub_dict)
|
||||
|
||||
def __config_uidgid_gen_first_master(self):
|
||||
self.__ldap_mod("dna-posix.ldif", self.sub_dict)
|
||||
self._ldap_mod("dna-posix.ldif", self.sub_dict)
|
||||
|
||||
def __add_master_entry_first_master(self):
|
||||
self.__ldap_mod("master-entry.ldif", self.sub_dict)
|
||||
self._ldap_mod("master-entry.ldif", self.sub_dict)
|
||||
|
||||
def __add_winsync_module(self):
|
||||
self.__ldap_mod("ipa-winsync-conf.ldif")
|
||||
self._ldap_mod("ipa-winsync-conf.ldif")
|
||||
|
||||
def __enable_ssl(self):
|
||||
dirname = config_dirname(self.serverid)
|
||||
@ -391,10 +363,10 @@ class DsInstance(service.Service):
|
||||
conn.unbind()
|
||||
|
||||
def __add_default_layout(self):
|
||||
self.__ldap_mod("bootstrap-template.ldif", self.sub_dict)
|
||||
self._ldap_mod("bootstrap-template.ldif", self.sub_dict)
|
||||
|
||||
def __create_indices(self):
|
||||
self.__ldap_mod("indices.ldif")
|
||||
self._ldap_mod("indices.ldif")
|
||||
|
||||
def __certmap_conf(self):
|
||||
shutil.copyfile(ipautil.SHARE_DIR + "certmap.conf.template",
|
||||
|
@ -83,7 +83,7 @@ class KrbInstance(service.Service):
|
||||
self.ds_user = None
|
||||
self.fqdn = None
|
||||
self.realm = None
|
||||
self.domain = None
|
||||
self.domain = None
|
||||
self.host = None
|
||||
self.admin_password = None
|
||||
self.master_password = None
|
||||
@ -108,6 +108,7 @@ class KrbInstance(service.Service):
|
||||
self.suffix = util.realm_to_suffix(self.realm)
|
||||
self.kdc_password = ipautil.ipa_generate_password()
|
||||
self.admin_password = admin_password
|
||||
self.dm_password = admin_password
|
||||
|
||||
self.__setup_sub_dict()
|
||||
|
||||
@ -212,27 +213,6 @@ class KrbInstance(service.Service):
|
||||
HOST=self.host,
|
||||
REALM=self.realm)
|
||||
|
||||
def __ldap_mod(self, ldif):
|
||||
txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict)
|
||||
fd = ipautil.write_tmp_file(txt)
|
||||
|
||||
[pw_fd, pw_name] = tempfile.mkstemp()
|
||||
os.write(pw_fd, self.admin_password)
|
||||
os.close(pw_fd)
|
||||
|
||||
args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv",
|
||||
"-D", "cn=Directory Manager", "-y", pw_name, "-f", fd.name]
|
||||
|
||||
try:
|
||||
try:
|
||||
ipautil.run(args)
|
||||
except ipautil.CalledProcessError, e:
|
||||
logging.critical("Failed to load %s: %s" % (ldif, str(e)))
|
||||
finally:
|
||||
os.remove(pw_name)
|
||||
|
||||
fd.close()
|
||||
|
||||
def __configure_sasl_mappings(self):
|
||||
# we need to remove any existing SASL mappings in the directory as otherwise they
|
||||
# they may conflict. There is no way to define the order they are used in atm.
|
||||
@ -285,13 +265,13 @@ class KrbInstance(service.Service):
|
||||
raise e
|
||||
|
||||
def __add_krb_entries(self):
|
||||
self.__ldap_mod("kerberos.ldif")
|
||||
self._ldap_mod("kerberos.ldif", self.sub_dict)
|
||||
|
||||
def __add_default_acis(self):
|
||||
self.__ldap_mod("default-aci.ldif")
|
||||
self._ldap_mod("default-aci.ldif", self.sub_dict)
|
||||
|
||||
def __add_default_keytypes(self):
|
||||
self.__ldap_mod("default-keytypes.ldif")
|
||||
self._ldap_mod("default-keytypes.ldif", self.sub_dict)
|
||||
|
||||
def __create_replica_instance(self):
|
||||
self.__create_instance(replica=True)
|
||||
@ -342,7 +322,7 @@ class KrbInstance(service.Service):
|
||||
|
||||
#add the password extop module
|
||||
def __add_pwd_extop_module(self):
|
||||
self.__ldap_mod("pwd-extop-conf.ldif")
|
||||
self._ldap_mod("pwd-extop-conf.ldif", self.sub_dict)
|
||||
|
||||
def __add_master_key(self):
|
||||
#get the Master Key from the stash file
|
||||
|
@ -78,16 +78,46 @@ def print_msg(message, output_fd=sys.stdout):
|
||||
|
||||
|
||||
class Service:
|
||||
def __init__(self, service_name, sstore=None):
|
||||
def __init__(self, service_name, sstore=None, dm_password=None):
|
||||
self.service_name = service_name
|
||||
self.steps = []
|
||||
self.output_fd = sys.stdout
|
||||
self.dm_password = dm_password
|
||||
|
||||
if sstore:
|
||||
self.sstore = sstore
|
||||
else:
|
||||
self.sstore = sysrestore.StateFile('/var/lib/ipa/sysrestore')
|
||||
|
||||
def _ldap_mod(self, ldif, sub_dict = None):
|
||||
assert self.dm_password is not None
|
||||
|
||||
fd = None
|
||||
path = ipautil.SHARE_DIR + ldif
|
||||
|
||||
if sub_dict is not None:
|
||||
txt = ipautil.template_file(path, sub_dict)
|
||||
fd = ipautil.write_tmp_file(txt)
|
||||
path = fd.name
|
||||
|
||||
[pw_fd, pw_name] = tempfile.mkstemp()
|
||||
os.write(pw_fd, self.dm_password)
|
||||
os.close(pw_fd)
|
||||
|
||||
args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv",
|
||||
"-D", "cn=Directory Manager", "-y", pw_name, "-f", path]
|
||||
|
||||
try:
|
||||
try:
|
||||
ipautil.run(args)
|
||||
except ipautil.CalledProcessError, e:
|
||||
logging.critical("Failed to load %s: %s" % (ldif, str(e)))
|
||||
finally:
|
||||
os.remove(pw_name)
|
||||
|
||||
if fd is not None:
|
||||
fd.close()
|
||||
|
||||
def set_output(self, fd):
|
||||
self.output_fd = fd
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user