Make the memberof task a public function.

This is used when a new replica is created as well as whenever a replica
is re-initialized from another master.

In order for this to work when not creating an instance the __init__
function needs to be able to determine the suffix and the dm_password
is needed.

I've also added the time to the RDN of the member task to ensure
uniqueness.

438222

3 files changed, 13 insertions, 5 deletions

diff --git a/ipa-server/ipa-install/ipa-replica-install b/ipa-server/ipa-install/ipa-replica-install
index 4f94ceed3..47b9934b9 100644
--- a/ipa-server/ipa-install/ipa-replica-install
+++ b/ipa-server/ipa-install/ipa-replica-install
@@ -104,6 +104,8 @@ def install_ds(config):
     ds = dsinstance.DsInstance()
     ds.create_instance(config.ds_user, config.realm_name, config.host_name, config.domain_name, config.dirman_password, pkcs12_info)
 
+    return ds
+
 def install_krb(config):
     krb = krbinstance.KrbInstance()
     ldappwd_filename = config.dir + "/ldappwd"
@@ -134,7 +136,7 @@ def install_http(config):
 
 def main():
     options, filename = parse_options()
-    installutils.standard_logging_setup("ipareplica-install.log", options.debug)
+    installutils.standard_logging_setup("/var/log/ipareplica-install.log", options.debug)
 
     top_dir, dir = expand_info(filename)
 
@@ -180,7 +182,7 @@ def main():
         ntp.create_instance()
 
     # Configure dirsrv
-    install_ds(config)
+    ds = install_ds(config)
 
     repl = replication.ReplicationManager(config.host_name, config.dirman_password)
     if repl is None:
@@ -208,6 +210,9 @@ def main():
         print "Configuration of client side components failed!"
         print "ipa-client-install returned: " + str(e)
         raise RuntimeError("Failed to configure the client")
+
+    ds.init_memberof()
+
 try:
     if not os.geteuid()==0:
         sys.exit("\nYou must be root to run this script.\n")
diff --git a/ipa-server/ipa-install/ipa-replica-manage b/ipa-server/ipa-install/ipa-replica-manage
index f5e93f41b..6761a0e53 100644
--- a/ipa-server/ipa-install/ipa-replica-manage
+++ b/ipa-server/ipa-install/ipa-replica-manage
@@ -78,7 +78,7 @@ def del_master(replman, hostname):
 def add_master(replman, hostname):
     replman.setup_replication(hostname, get_realm_name())
 
-def init_master(replman, hostname):
+def init_master(replman, dirman_passwd, hostname):
     filter = "(&(nsDS5ReplicaHost=%s)(objectclass=nsds5ReplicationAgreement))" % hostname
     entry = replman.conn.search_s("cn=config", ldap.SCOPE_SUBTREE, filter)
     if len(entry) == 0:
@@ -87,6 +87,8 @@ def init_master(replman, hostname):
     if len(entry) > 1:
         logging.error("Found multiple agreements for %s. Only initializing the first one returned: %s" % (hostname, entry[0].dn))
     replman.initialize_replication(entry[0].dn, replman.conn)
+    ds = dsinstance.DsInstance(realm_name = get_realm_name(), dm_password = dirman_passwd)
+    ds.init_memberof()
 
 def synch_master(replman, hostname):
     filter = "(&(nsDS5ReplicaHost=%s)(objectclass=nsds5ReplicationAgreement))" % hostname
@@ -130,7 +132,7 @@ def main():
         if len(args) != 2:
             print "hostname of supplier to initialize from is required."
             sys.exit(1)
-        init_master(r, args[1])
+        init_master(r, dirman_passwd, args[1])
     elif args[0] == "synch":
         if len(args) != 2:
             print "must provide hostname of supplier to synchronize with"
diff --git a/ipa-server/ipa-install/share/memberof-task.ldif b/ipa-server/ipa-install/share/memberof-task.ldif
index fefabba88..827949e3e 100644
--- a/ipa-server/ipa-install/share/memberof-task.ldif
+++ b/ipa-server/ipa-install/share/memberof-task.ldif
@@ -1,7 +1,8 @@
-dn: cn=IPA install, cn=memberof task, cn=tasks, cn=config
+dn: cn=IPA install $TIME, cn=memberof task, cn=tasks, cn=config
 changetype: add
 objectClass: top
 objectClass: extensibleObject
 cn: IPA install
 basedn: $SUFFIX
 filter: (objectclass=*)
+ttl: 10