diff options
author | Rob Crittenden <rcritten@redhat.com> | 2008-03-27 09:33:01 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2008-03-27 09:33:01 -0400 |
commit | fd92652ace1ab95e850c256f0ecca50ded79debf (patch) | |
tree | dc900202332e7ab2a296a47ee360e9cecfe6a7f0 /ipa-server | |
parent | 1a1e02025824ba86ca847d59435541545b6f0aec (diff) | |
download | freeipa-fd92652ace1ab95e850c256f0ecca50ded79debf.tar.gz freeipa-fd92652ace1ab95e850c256f0ecca50ded79debf.tar.xz freeipa-fd92652ace1ab95e850c256f0ecca50ded79debf.zip |
Make the memberof task a public function.
This is used when a new replica is created as well as whenever a replica
is re-initialized from another master.
In order for this to work when not creating an instance the __init__
function needs to be able to determine the suffix and the dm_password
is needed.
I've also added the time to the RDN of the member task to ensure
uniqueness.
438222
Diffstat (limited to 'ipa-server')
-rw-r--r-- | ipa-server/ipa-install/ipa-replica-install | 9 | ||||
-rw-r--r-- | ipa-server/ipa-install/ipa-replica-manage | 6 | ||||
-rw-r--r-- | ipa-server/ipa-install/share/memberof-task.ldif | 3 | ||||
-rw-r--r-- | ipa-server/ipaserver/dsinstance.py | 25 |
4 files changed, 29 insertions, 14 deletions
diff --git a/ipa-server/ipa-install/ipa-replica-install b/ipa-server/ipa-install/ipa-replica-install index 4f94ceed3..47b9934b9 100644 --- a/ipa-server/ipa-install/ipa-replica-install +++ b/ipa-server/ipa-install/ipa-replica-install @@ -104,6 +104,8 @@ def install_ds(config): ds = dsinstance.DsInstance() ds.create_instance(config.ds_user, config.realm_name, config.host_name, config.domain_name, config.dirman_password, pkcs12_info) + return ds + def install_krb(config): krb = krbinstance.KrbInstance() ldappwd_filename = config.dir + "/ldappwd" @@ -134,7 +136,7 @@ def install_http(config): def main(): options, filename = parse_options() - installutils.standard_logging_setup("ipareplica-install.log", options.debug) + installutils.standard_logging_setup("/var/log/ipareplica-install.log", options.debug) top_dir, dir = expand_info(filename) @@ -180,7 +182,7 @@ def main(): ntp.create_instance() # Configure dirsrv - install_ds(config) + ds = install_ds(config) repl = replication.ReplicationManager(config.host_name, config.dirman_password) if repl is None: @@ -208,6 +210,9 @@ def main(): print "Configuration of client side components failed!" print "ipa-client-install returned: " + str(e) raise RuntimeError("Failed to configure the client") + + ds.init_memberof() + try: if not os.geteuid()==0: sys.exit("\nYou must be root to run this script.\n") diff --git a/ipa-server/ipa-install/ipa-replica-manage b/ipa-server/ipa-install/ipa-replica-manage index f5e93f41b..6761a0e53 100644 --- a/ipa-server/ipa-install/ipa-replica-manage +++ b/ipa-server/ipa-install/ipa-replica-manage @@ -78,7 +78,7 @@ def del_master(replman, hostname): def add_master(replman, hostname): replman.setup_replication(hostname, get_realm_name()) -def init_master(replman, hostname): +def init_master(replman, dirman_passwd, hostname): filter = "(&(nsDS5ReplicaHost=%s)(objectclass=nsds5ReplicationAgreement))" % hostname entry = replman.conn.search_s("cn=config", ldap.SCOPE_SUBTREE, filter) if len(entry) == 0: @@ -87,6 +87,8 @@ def init_master(replman, hostname): if len(entry) > 1: logging.error("Found multiple agreements for %s. Only initializing the first one returned: %s" % (hostname, entry[0].dn)) replman.initialize_replication(entry[0].dn, replman.conn) + ds = dsinstance.DsInstance(realm_name = get_realm_name(), dm_password = dirman_passwd) + ds.init_memberof() def synch_master(replman, hostname): filter = "(&(nsDS5ReplicaHost=%s)(objectclass=nsds5ReplicationAgreement))" % hostname @@ -130,7 +132,7 @@ def main(): if len(args) != 2: print "hostname of supplier to initialize from is required." sys.exit(1) - init_master(r, args[1]) + init_master(r, dirman_passwd, args[1]) elif args[0] == "synch": if len(args) != 2: print "must provide hostname of supplier to synchronize with" diff --git a/ipa-server/ipa-install/share/memberof-task.ldif b/ipa-server/ipa-install/share/memberof-task.ldif index fefabba88..827949e3e 100644 --- a/ipa-server/ipa-install/share/memberof-task.ldif +++ b/ipa-server/ipa-install/share/memberof-task.ldif @@ -1,7 +1,8 @@ -dn: cn=IPA install, cn=memberof task, cn=tasks, cn=config +dn: cn=IPA install $TIME, cn=memberof task, cn=tasks, cn=config changetype: add objectClass: top objectClass: extensibleObject cn: IPA install basedn: $SUFFIX filter: (objectclass=*) +ttl: 10 diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstance.py index 9eaf5be4a..cd89d31ec 100644 --- a/ipa-server/ipaserver/dsinstance.py +++ b/ipa-server/ipaserver/dsinstance.py @@ -25,6 +25,7 @@ import glob import sys import os import re +import time from ipa import ipautil @@ -110,16 +111,21 @@ info: IPA V1.0 """ class DsInstance(service.Service): - def __init__(self): + def __init__(self, realm_name=None, domain_name=None, dm_password=None): service.Service.__init__(self, "dirsrv") + self.realm_name = realm_name + self.dm_password = dm_password + self.sub_dict = None + self.domain = domain_name self.serverid = None - self.realm_name = None - self.suffix = None self.host_name = None - self.dm_password = None - self.sub_dict = None - self.domain = None self.pkcs12_info = None + self.ds_user = None + if realm_name: + self.suffix = realm_to_suffix(self.realm_name) + self.__setup_sub_dict() + else: + self.suffix = None def create_instance(self, ds_user, realm_name, host_name, domain_name, dm_password, pkcs12_info=None): self.ds_user = ds_user @@ -149,7 +155,7 @@ class DsInstance(service.Service): self.step("adding master entry as first master", self.__add_master_entry_first_master) self.step("initializing group membership", - self.__init_memberof) + self.init_memberof) self.step("configuring directory to start on boot", self.__enable) @@ -164,7 +170,8 @@ class DsInstance(service.Service): self.sub_dict = dict(FQHN=self.host_name, SERVERID=self.serverid, PASSWORD=self.dm_password, SUFFIX=self.suffix.lower(), REALM=self.realm_name, USER=self.ds_user, - SERVER_ROOT=server_root, DOMAIN=self.domain) + SERVER_ROOT=server_root, DOMAIN=self.domain, + TIME=int(time.time())) def __create_ds_user(self): user_exists = True @@ -262,7 +269,7 @@ class DsInstance(service.Service): def __add_memberof_module(self): self.__ldap_mod("memberof-conf.ldif") - def __init_memberof(self): + def init_memberof(self): self.__ldap_mod("memberof-task.ldif", self.sub_dict) def __add_referint_module(self): |