#! /usr/bin/python -E # Authors: Karl MacMillan # # Copyright (C) 2007 Red Hat # see file 'COPYING' for use and warranty information # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License as # published by the Free Software Foundation; version 2 only # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # requires the following packages: # fedora-ds-base # openldap-clients # nss-tools VERSION = "%prog .1" import sys sys.path.append("/usr/share/ipa") import socket import logging from optparse import OptionParser import ipaserver.dsinstance import ipaserver.krbinstance from ipaserver.util import run def parse_options(): parser = OptionParser(version=VERSION) parser.add_option("-u", "--user", dest="ds_user", help="ds user") parser.add_option("-r", "--realm", dest="realm_name", help="realm name") parser.add_option("-p", "--password", dest="password", help="admin password") parser.add_option("-m", "--master-password", dest="master_password", help="kerberos master password") parser.add_option("-d", "--debug", dest="debug", action="store_true", dest="debug", default=False, help="print debugging information") parser.add_option("--hostname", dest="host_name", help="fully qualified name of server") options, args = parser.parse_args() if not options.ds_user or not options.realm_name or not options.password or not options.master_password: parser.error("error: all options are required") return options def logging_setup(options): # Always log everything (i.e., DEBUG) to the log # file. logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(levelname)s %(message)s', filename='ipaserver-install.log', filemode='w') console = logging.StreamHandler() # If the debug option is set, also log debug messages to the console if options.debug: console.setLevel(logging.DEBUG) else: # Otherwise, log critical and error messages console.setLevel(logging.ERROR) formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s') console.setFormatter(formatter) logging.getLogger('').addHandler(console) def main(): options = parse_options() logging_setup(options) # check the hostname is correctly configured, it must be as the kldap # utilities just use the hostname as returned by gethostbyname to set # up some of the standard entries if options.host_name: host_name = options.host_name else: host_name = socket.gethostname() if len(host_name.split(".")) < 2: print "Invalid hostname <"+host_name+">" print "Check the /etc/hosts file and make sure to have a valid FQDN" return "-Fatal Error-" if socket.gethostbyname(host_name) == "127.0.0.1": print "The hostname resolves to the localhost address (127.0.0.1)" print "Please change your /etc/hosts file or your DNS so that the" print "hostname resolves to the ip address of your network interface." print "The KDC service does not listen on 127.0.0.1" return "-Fatal Error-" print "The Final KDC Host Name will be: " + host_name # Create a directory server instance ds = ipaserver.dsinstance.DsInstance() ds.create_instance(options.ds_user, options.realm_name, host_name, options.password) # Create a kerberos instance krb = ipaserver.krbinstance.KrbInstance() krb.create_instance(options.ds_user, options.realm_name, host_name, options.password, options.master_password) # Restart ds after the krb instance has changed ds configurations ds.restart() # Restart apache run(["/sbin/service", "httpd", "restart"]) # Set apache to start on boot run(["/sbin/chkconfig", "httpd", "on"]) # Set fedora-ds to start on boot run(["/sbin/chkconfig", "dirsrv", "on"]) # Set the KDC to start on boot run(["/sbin/chkconfig", "krb5kdc", "on"]) # Set the Kpasswd to start on boot run(["/sbin/chkconfig", "ipa-kpasswd", "on"]) # Start Kpasswd # run(["/sbin/service", "ipa-kpasswd", "start"]) # Create the config file fd = open("/etc/ipa/ipa.conf", "w") fd.write("[defaults]\n") fd.write("server=" + host_name + "\n") fd.write("realm=" + options.realm_name + "\n") fd.close() return 0 main()