IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Make --setup-dns work on replica installation

Browse Source 
The ipa-replica-install script will setup the DNS if user specifies the
--setup-dns option. It will only add the zone into LDAP if the
cn=dns,$SUFFIX container doesn't exist. For now, however, we do not add
the records.
This commit is contained in:
Martin Nagy
2009-06-26 19:37:49 +02:00
parent a09d2c3498
commit de53d0a26e
4 changed files with 79 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
install/share/Makefile.am
View File

@@ -14,8 +14,9 @@ app_DATA = \
caJarSigningCert.cfg.template \
default-aci.ldif \
default-keytypes.ldif \
delegation.ldif \
delegation.ldif \
dns.ldif \
dns_reverse.ldif \
kerberos.ldif \
indices.ldif \
bind.named.conf.template \

41
install/tools/ipa-replica-install
View File

@@ -19,6 +19,7 @@
#
import sys
import socket
import tempfile, os, pwd, traceback, logging, shutil
from ConfigParser import SafeConfigParser
@@ -27,13 +28,16 @@ import ldap
from ipapython import ipautil
from ipaserver.install import dsinstance, replication, installutils, krbinstance, service
from ipaserver.install import httpinstance, ntpinstance, certs
from ipaserver.install import bindinstance, httpinstance, ntpinstance, certs
from ipaserver import ipaldap
from ipapython import version
from ipalib import util
CACERT="/usr/share/ipa/html/ca.crt"
class HostnameLocalhost(Exception):
pass
class ReplicaConfig:
def __init__(self):
self.realm_name = ""
@@ -54,6 +58,8 @@ def parse_options():
default=False, help="gather extra debugging information")
parser.add_option("-p", "--password", dest="password",
help="Directory Manager (existing master) password")
parser.add_option("--setup-dns", dest="setup_dns", action="store_true",
default=False, help="configure bind with our zone")
options, args = parser.parse_args()
@@ -97,6 +103,14 @@ def get_host_name():
return hostname
def resolve_host(host_name):
ip = socket.gethostbyname(host_name)
if ip == "127.0.0.1" or ip == "::1":
raise HostnameLocalhost
return ip
def set_owner(config, dir):
pw = pwd.getpwnam(config.ds_user)
os.chown(dir, pw.pw_uid, pw.pw_gid)
@@ -175,6 +189,12 @@ def install_http(config):
print "error copying files: " + str(e)
sys.exit(1)
def install_bind(config):
bind = bindinstance.BindInstance(dm_password=config.dirman_password)
ip_address = resolve_host(config.host_name)
bind.setup(config.host_name, ip_address, config.realm_name, config.domain_name)
bind.create_instance()
def check_dirsrv():
serverids = dsinstance.check_existing_installation()
if serverids:
@@ -204,6 +224,13 @@ def check_dirsrv():
print "\t636"
sys.exit(1)
def check_bind():
if not bindinstance.check_inst():
print "--setup-dns was specified but bind or the BIND LDAP plug-in"
print "is not installed on the system"
print "Please install bind and the LDAP plug-in and restart the setup program"
sys.exit(1)
def main():
options, filename = parse_options()
installutils.standard_logging_setup("/var/log/ipareplica-install.log", options.debug)
@@ -211,6 +238,8 @@ def main():
if not ipautil.file_exists(filename):
sys.exit("Replica file %s does not exist" % filename)
if options.setup_dns:
check_bind()
check_dirsrv()
# get the directory manager password
@@ -281,6 +310,8 @@ def main():
install_krb(config)
install_http(config)
if options.setup_dns:
install_bind(config)
if CA:
CA.import_ra_cert(dir + "/ra.p12")
CA.fix_ra_perms()
@@ -330,6 +361,14 @@ try:
sys.exit(0)
except SystemExit, e:
sys.exit(e)
except socket.error, (errno, errstr):
print errstr
except HostnameLocalhost:
print "The hostname resolves to the localhost address (127.0.0.1/::1)"
print "Please change your /etc/hosts file so that the hostname"
print "resolves to the ip address of your network interface."
print ""
print "Please fix your /etc/hosts file and restart the setup program"
except Exception, e:
print "creation of replica failed: %s" % str(e)
message = str(e)

3
install/tools/man/ipa-replica-install.1
View File

@@ -35,6 +35,9 @@ Do not configure NTP
.TP
\fB\-p\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
Directory Manager (existing master) password
.TP
\fB\-\-setup\-dns\fR
Generate a DNS zone if it does not exist already and configure the DNS server
.SH "EXIT STATUS"
0 if the command was successful

38
ipaserver/install/bindinstance.py
View File

@@ -93,10 +93,7 @@ class BindInstance(service.Service):
except:
pass
# FIXME: this need to be split off, as only the first server can do
# this operation
self.step("Setting up our zone", self.__setup_zone)
self.step("setting up reverse zone", self.__setup_reverse_zone)
self.__add_zone_steps()
self.step("setting up kerberos principal", self.__setup_principal)
self.step("setting up named.conf", self.__setup_named_conf)
@@ -107,6 +104,39 @@ class BindInstance(service.Service):
self.step("changing resolv.conf to point to ourselves", self.__setup_resolv_conf)
self.start_creation("Configuring named:")
def __add_zone_steps(self):
"""
Add steps necessary to add records and zones, if they don't exist
already.
"""
def object_exists(dn):
"""
Test whether the given object exists in LDAP.
"""
try:
server.search_ext_s(dn, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
return False
else:
return True
zone_dn = "idnsName=%s,cn=dns,%s" % (self.domain, self.suffix)
reverse_zone_dn = "idnsName=%s.in-addr.arpa,cn=dns,%s" % (self.reverse_subnet, self.suffix)
server = ldap.initialize("ldap://" + self.fqdn)
server.simple_bind_s()
if object_exists(zone_dn):
pass # TODO: Add dns records to the zone
else:
self.step("setting up our zone", self.__setup_zone)
if object_exists(reverse_zone_dn):
pass # TODO: Add dns records to the reverse zone
else:
self.step("setting up reverse zone", self.__setup_reverse_zone)
server.unbind_s()
def __start(self):
try:
self.backup_state("running", self.is_running())