diff options
author | Ana Krivokapic <akrivoka@redhat.com> | 2013-10-25 12:41:25 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-01-14 16:37:56 +0100 |
commit | 689382dc833e687d30349b10a8fd7dc740d54d08 (patch) | |
tree | eaae5f062c8fe9a961697bb34b3a829f7190413f | |
parent | 3e1386a57e915a71c87471ee65877f3ab01fc724 (diff) | |
download | freeipa-689382dc833e687d30349b10a8fd7dc740d54d08.tar.gz freeipa-689382dc833e687d30349b10a8fd7dc740d54d08.tar.xz freeipa-689382dc833e687d30349b10a8fd7dc740d54d08.zip |
Enable Retro Changelog and Content Synchronization DS plugins
Enable Retro Changelog and Content Synchronization DS plugins which are required
for SyncRepl support.
Create a working directory /var/named/ipa required by bind-dyndb-ldap v4+.
https://fedorahosted.org/freeipa/ticket/3967
-rw-r--r-- | freeipa.spec.in | 1 | ||||
-rw-r--r-- | install/tools/ipa-upgradeconfig | 5 | ||||
-rw-r--r-- | install/updates/20-syncrepl.update | 9 | ||||
-rw-r--r-- | install/updates/Makefile.am | 1 | ||||
-rw-r--r-- | ipaserver/install/bindinstance.py | 13 |
5 files changed, 28 insertions, 1 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in index acbbcfcbe..81c967235 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -756,6 +756,7 @@ fi %{_mandir}/man1/ipa-backup.1.gz %{_mandir}/man1/ipa-restore.1.gz %{_mandir}/man1/ipa-advise.1.gz +%ghost %{_localstatedir}/named/ipa %files server-trust-ad %{_sbindir}/ipa-adtrust-install diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig index dec56c663..ed4852c0d 100644 --- a/install/tools/ipa-upgradeconfig +++ b/install/tools/ipa-upgradeconfig @@ -1079,6 +1079,10 @@ def main(): setup_firefox_extension(fstore) add_ca_dns_records() + bind = bindinstance.BindInstance(fstore) + if bind.is_configured(): + bind.create_dir('/var/named/ipa', 0700) + # Any of the following functions returns True iff the named.conf file # has been altered named_conf_changes = ( @@ -1092,7 +1096,6 @@ def main(): if any(named_conf_changes): # configuration has changed, restart the name server root_logger.info('Changes to named.conf have been made, restart named') - bind = bindinstance.BindInstance(fstore) try: bind.restart() except ipautil.CalledProcessError, e: diff --git a/install/updates/20-syncrepl.update b/install/updates/20-syncrepl.update new file mode 100644 index 000000000..c4158a163 --- /dev/null +++ b/install/updates/20-syncrepl.update @@ -0,0 +1,9 @@ +# Enable Retro changelog +dn: cn=Retro Changelog Plugin,cn=plugins,cn=config +only:nsslapd-pluginEnabled: on +add:nsslapd-attribute: nsuniqueid:targetUniqueId +add:nsslapd-changelogmaxage: 2d + +# Enable SyncRepl +dn: cn=Content Synchronization,cn=plugins,cn=config +only:nsslapd-pluginEnabled: on diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index 66f0cd576..67c33eef5 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -14,6 +14,7 @@ app_DATA = \ 20-indices.update \ 20-nss_ldap.update \ 20-replication.update \ + 20-syncrepl.update \ 20-user_private_groups.update \ 20-winsync_index.update \ 21-replicas_container.update \ diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 6d5a1d44d..4baeb4e07 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -22,6 +22,7 @@ import os import pwd import netaddr import re +import errno import ldap @@ -509,6 +510,16 @@ class BindInstance(service.Service): os.close(bind_fd) print "Sample zone file for bind has been created in "+bind_name + def create_dir(self, path, mode): + try: + os.makedirs(path, mode) + except OSError as e: + if e.errno != errno.EEXIST: + raise e + + pent = pwd.getpwnam(self.named_user or 'named') + os.chown(path, pent.pw_uid, pent.pw_gid) + def create_instance(self): try: @@ -519,6 +530,8 @@ class BindInstance(service.Service): # get a connection to the DS self.ldap_connect() + self.create_dir('/var/named/ipa', 0700) + if installutils.record_in_hosts(self.ip_address, self.fqdn) is None: installutils.add_record_to_hosts(self.ip_address, self.fqdn) |