diff options
| author | Mark McLoughlin <markmc@redhat.com> | 2007-12-13 09:31:28 +0000 |
|---|---|---|
| committer | Mark McLoughlin <markmc@redhat.com> | 2007-12-13 09:31:28 +0000 |
| commit | 065827d6e135686c81194280cba442ca696cba9d (patch) | |
| tree | b32b2cb78a1e579d5baa6bab0458189ea44e86e7 /ipa-radius-server | |
| parent | 7ba901d7774d914e1fc4aa06855f3f9f7ae6a7c4 (diff) | |
| download | freeipa-065827d6e135686c81194280cba442ca696cba9d.tar.gz freeipa-065827d6e135686c81194280cba442ca696cba9d.tar.xz freeipa-065827d6e135686c81194280cba442ca696cba9d.zip | |
Refactor dsinstance ldap modify code
Just a patch to refactor lots of similar code in
dsinstance and krbinstance using a simple helper
method.
Note, there are some differences:
- Some code used to call ldapmodify without -h 127.0.0.1
- Some of the code used to just print an error rather than
using logging.critical()
- Some code used to log some extra debug
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Diffstat (limited to 'ipa-radius-server')
| -rw-r--r-- | ipa-radius-server/plugins/radiusinstance.py | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/ipa-radius-server/plugins/radiusinstance.py b/ipa-radius-server/plugins/radiusinstance.py index a330621d1..2d68adf7e 100644 --- a/ipa-radius-server/plugins/radiusinstance.py +++ b/ipa-radius-server/plugins/radiusinstance.py @@ -44,10 +44,6 @@ from ipaserver.funcs import DefaultUserContainer, DefaultGroupContainer #------------------------------------------------------------------------------- -def ldap_mod(fd, dn, pwd): - args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", "-D", dn, "-w", pwd, "-f", fd.name] - ipautil.run(args) - def get_radius_version(): version = None try: @@ -157,17 +153,26 @@ class RadiusInstance(service.Service): except Exception, e: logging.error("could not chown on %s to %s: %s", radius_util.RADIUS_IPA_KEYTAB_FILEPATH, radius_util.RADIUS_USER, e) - #FIXME, should use IPAdmin method - def __set_ldap_encrypted_attributes(self): - ldif_file = 'encrypted_attribute.ldif' - self.step("setting ldap encrypted attributes") - ldif_txt = ipautil.template_file(ipautil.SHARE_DIR + ldif_file, {'ENCRYPTED_ATTRIBUTE':'radiusClientSecret'}) - ldif_fd = ipautil.write_tmp_file(ldif_txt) + def __ldap_mod(self, step, ldif): + self.step(step) + + txt = iputil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict) + fd = ipautil.write_tmp_file(txt) + + args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", + "-D", "cn=Directory Manager", "-w", self.dm_password, "-f", fd.name] + try: - ldap_mod(ldif_fd, "cn=Directory Manager", self.dm_password) + ipautil.run(args) except ipautil.CalledProcessError, e: - logging.critical("Failed to load %s: %s" % (ldif_file, str(e))) - ldif_fd.close() + logging.critical("Failed to load %s: %s" % (ldif, str(e))) + + fd.close() + + #FIXME, should use IPAdmin method + def __set_ldap_encrypted_attributes(self): + self.__ldap_mod("setting ldap encrypted attributes", + "encrypted_attribute.ldif", {"ENCRYPTED_ATTRIBUTE" : "radiusClientSecret"}) #------------------------------------------------------------------------------- |