summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2009-02-18 16:45:49 -0500
committerRob Crittenden <rcritten@redhat.com>2009-02-19 10:09:07 -0500
commit4476f6b939365fa11b3d3fc94763332b93821d96 (patch)
treea796aeab7c23e0d3f85e3907795fc0018a876546 /ipalib
parent5a6d2dd0d999d73b95e1738195cca32dab4fecc3 (diff)
downloadfreeipa-4476f6b939365fa11b3d3fc94763332b93821d96.tar.gz
freeipa-4476f6b939365fa11b3d3fc94763332b93821d96.tar.xz
freeipa-4476f6b939365fa11b3d3fc94763332b93821d96.zip
The start of machine join
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/plugins/join.py116
1 files changed, 116 insertions, 0 deletions
diff --git a/ipalib/plugins/join.py b/ipalib/plugins/join.py
new file mode 100644
index 000000000..1230d5bcc
--- /dev/null
+++ b/ipalib/plugins/join.py
@@ -0,0 +1,116 @@
+# Authors:
+# Rob Crittenden <rcritten@redhat.com>
+#
+# Copyright (C) 2009 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+"""
+Machine join
+"""
+
+from ipalib import api, util
+from ipalib import Command, Str, Int
+from ipalib import errors2
+import krbV
+import os, subprocess
+
+def get_realm():
+ krbctx = krbV.default_context()
+
+ return krbctx.default_realm
+
+def validate_host(ugettext, cn):
+ """
+ Require at least one dot in the hostname (to support localhost.localdomain)
+ """
+ dots = len(cn.split('.'))
+ if dots < 2:
+ return 'Fully-qualified hostname required'
+ return None
+
+class join(Command):
+ """Join an IPA domain"""
+
+ takes_args = (
+ Str('cn',
+ validate_host,
+ cli_name='hostname',
+ doc="The hostname to register as",
+ default_from=util.get_fqdn,
+ #normalizer=lamda value: value.lower(),
+ ),
+ )
+ takes_options= (
+ Str('realm',
+ doc="The IPA realm",
+ default_from=get_realm,
+ ),
+ )
+
+ def execute(self, hostname, **kw):
+ """
+ Execute the machine join operation.
+
+ Returns the entry as it will be created in LDAP.
+
+ :param hostname: The name of the host joined
+ :param kw: Keyword arguments for the other attributes.
+ """
+ assert 'cn' not in kw
+ ldap = self.api.Backend.ldap
+
+ try:
+ host = api.Command['host_show'](hostname)
+ except errors2.NotFound:
+ pass
+ else:
+ raise errors2.DuplicateEntry
+
+ return api.Command['host_add'](hostname)
+
+ def output_for_cli(self, textui, result, variables, **options):
+ textui.print_plain(result)
+
+ def run(self, *args, **options):
+ """
+ Dispatch to forward() and execute() to do work locally and on the
+ server.
+ """
+ if not self.env.in_server:
+# if os.getegid() != 0:
+# raise errors2.RequiresRoot
+ result = self.forward(*args, **options)
+ else:
+ return self.execute(*args, **options)
+
+ self.__get_keytab(result['krbprincipalname'])
+ import pdb
+ pdb.set_trace()
+ return "Welcome to the %s realm" % options['realm']
+
+ def __get_keytab(self, principal, stdin=None):
+ args = ["/usr/sbin/ipa-getkeytab", "-s", self.env.host, "-p", principal,"-k", "/tmp/kt"]
+ return self.__run(args, stdin)
+
+ def __run(self, args, stdin=None):
+ if stdin:
+ p = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True)
+ stdout,stderr = p.communicate(stdin)
+ else:
+ p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True)
+ stdout,stderr = p.communicate()
+
+api.register(join)