diff options
author | Simo Sorce <ssorce@redhat.com> | 2010-12-04 15:42:14 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2010-12-10 12:28:38 -0500 |
commit | 2efc08a6fc8c0407ff2169e3ef7eed92eaaa6545 (patch) | |
tree | dfaed647e2746972026c0c134c7ce113c0e522f7 /ipaserver/install/service.py | |
parent | ded15c72fff4805e9a095c5a8f82b463603f5d1b (diff) | |
download | freeipa-2efc08a6fc8c0407ff2169e3ef7eed92eaaa6545.tar.gz freeipa-2efc08a6fc8c0407ff2169e3ef7eed92eaaa6545.tar.xz freeipa-2efc08a6fc8c0407ff2169e3ef7eed92eaaa6545.zip |
Introduce ipa control script that reads configuration off ldap
This replace the former ipactl script, as well as replace the current way ipa
components are started.
Instead of enabling each service in the system init scripts, enable only the
ipa script, and then let it start all components based on the configuration
read from the LDAP tree.
resolves: https://fedorahosted.org/freeipa/ticket/294
Diffstat (limited to 'ipaserver/install/service.py')
-rw-r--r-- | ipaserver/install/service.py | 51 |
1 files changed, 49 insertions, 2 deletions
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 43437306e..41b5455d3 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -29,6 +29,13 @@ import base64 import time import datetime +SERVICE_LIST = { + 'KDC':('krb5kdc', 10), + 'KPASSWD':('ipa_kpasswd', 20), + 'DNS':('named', 30), + 'HTTP':('httpd', 40), + 'CA':('pki_cad', 50) +} def stop(service_name, instance_name=""): ipautil.run(["/sbin/service", service_name, "stop", instance_name]) @@ -263,8 +270,44 @@ class Service: self.steps = [] + def __get_conn(self, dm_password): + try: + conn = ipaldap.IPAdmin("127.0.0.1") + conn.simple_bind_s("cn=directory manager", dm_password) + except Exception, e: + logging.critical("Could not connect to the Directory Server on %s: %s" % (self.fqdn, str(e))) + raise e + + return conn + + def ldap_enable(self, name, fqdn, dm_password, ldap_suffix): + self.chkconfig_off() + conn = self.__get_conn(dm_password) + + entry_name = "cn=%s,cn=%s,%s,%s" % (name, fqdn, + "cn=masters,cn=ipa,cn=etc", + ldap_suffix) + order = SERVICE_LIST[name][1] + entry = ipaldap.Entry(entry_name) + entry.setValues("objectclass", + "nsContainer", "ipaConfigObject") + entry.setValues("cn", name) + entry.setValues("ipaconfigstring", + "enabledService", "startOrder " + str(order)) + + try: + conn.add_s(entry) + except ldap.ALREADY_EXISTS: + logging.critical("failed to add %s Service startup entry" % name) + raise e + class SimpleServiceInstance(Service): - def create_instance(self): + def create_instance(self, gensvc_name=None, fqdn=None, dm_password=None, ldap_suffix=None): + self.gensvc_name = gensvc_name + self.fqdn = fqdn + self.dm_password = dm_password + self.suffix = ldap_suffix + self.step("starting %s " % self.service_name, self.__start) self.step("configuring %s to start on boot" % self.service_name, self.__enable) self.start_creation("Configuring %s" % self.service_name) @@ -276,7 +319,11 @@ class SimpleServiceInstance(Service): def __enable(self): self.chkconfig_add() self.backup_state("enabled", self.is_enabled()) - self.chkconfig_on() + if self.gensvc_name == None: + self.chkconfig_on() + else: + self.ldap_enable(self.gensvc_name, self.fqdn, + self.dm_password, self.suffix) def uninstall(self): if self.is_configured(): |