diff options
-rw-r--r-- | ipaserver/install/dsinstance.py | 48 | ||||
-rw-r--r-- | ipaserver/install/krbinstance.py | 32 | ||||
-rw-r--r-- | ipaserver/install/service.py | 32 |
3 files changed, 47 insertions, 65 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 53fca5af0..7bd9aa69e 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -139,9 +139,8 @@ info: IPA V1.0 class DsInstance(service.Service): def __init__(self, realm_name=None, domain_name=None, dm_password=None): - service.Service.__init__(self, "dirsrv") + service.Service.__init__(self, "dirsrv", dm_password=dm_password) self.realm_name = realm_name - self.dm_password = dm_password self.sub_dict = None self.domain = domain_name self.serverid = None @@ -287,38 +286,11 @@ class DsInstance(service.Service): # TODO: roll back here? logging.critical("Failed to restart the directory server. See the installation log for details.") - def __ldap_mod(self, ldif, sub_dict = None): - fd = None - path = ipautil.SHARE_DIR + ldif - - if not sub_dict is None: - txt = ipautil.template_file(path, sub_dict) - fd = ipautil.write_tmp_file(txt) - path = fd.name - - [pw_fd, pw_name] = tempfile.mkstemp() - os.write(pw_fd, self.dm_password) - os.close(pw_fd) - - args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", - "-D", "cn=Directory Manager", "-y", pw_name, "-f", path] - - try: - try: - ipautil.run(args) - except ipautil.CalledProcessError, e: - logging.critical("Failed to load %s: %s" % (ldif, str(e))) - finally: - os.remove(pw_name) - - if not fd is None: - fd.close() - def __add_memberof_module(self): - self.__ldap_mod("memberof-conf.ldif") + self._ldap_mod("memberof-conf.ldif") def init_memberof(self): - self.__ldap_mod("memberof-task.ldif", self.sub_dict) + self._ldap_mod("memberof-task.ldif", self.sub_dict) def apply_updates(self): ld = ldapupdate.LDAPUpdate(dm_password=self.dm_password) @@ -326,19 +298,19 @@ class DsInstance(service.Service): ld.update(files) def __add_referint_module(self): - self.__ldap_mod("referint-conf.ldif") + self._ldap_mod("referint-conf.ldif") def __set_unique_attrs(self): - self.__ldap_mod("unique-attributes.ldif", self.sub_dict) + self._ldap_mod("unique-attributes.ldif", self.sub_dict) def __config_uidgid_gen_first_master(self): - self.__ldap_mod("dna-posix.ldif", self.sub_dict) + self._ldap_mod("dna-posix.ldif", self.sub_dict) def __add_master_entry_first_master(self): - self.__ldap_mod("master-entry.ldif", self.sub_dict) + self._ldap_mod("master-entry.ldif", self.sub_dict) def __add_winsync_module(self): - self.__ldap_mod("ipa-winsync-conf.ldif") + self._ldap_mod("ipa-winsync-conf.ldif") def __enable_ssl(self): dirname = config_dirname(self.serverid) @@ -391,10 +363,10 @@ class DsInstance(service.Service): conn.unbind() def __add_default_layout(self): - self.__ldap_mod("bootstrap-template.ldif", self.sub_dict) + self._ldap_mod("bootstrap-template.ldif", self.sub_dict) def __create_indices(self): - self.__ldap_mod("indices.ldif") + self._ldap_mod("indices.ldif") def __certmap_conf(self): shutil.copyfile(ipautil.SHARE_DIR + "certmap.conf.template", diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 6a45d3456..66ee63f81 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -83,7 +83,7 @@ class KrbInstance(service.Service): self.ds_user = None self.fqdn = None self.realm = None - self.domain = None + self.domain = None self.host = None self.admin_password = None self.master_password = None @@ -108,6 +108,7 @@ class KrbInstance(service.Service): self.suffix = util.realm_to_suffix(self.realm) self.kdc_password = ipautil.ipa_generate_password() self.admin_password = admin_password + self.dm_password = admin_password self.__setup_sub_dict() @@ -212,27 +213,6 @@ class KrbInstance(service.Service): HOST=self.host, REALM=self.realm) - def __ldap_mod(self, ldif): - txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict) - fd = ipautil.write_tmp_file(txt) - - [pw_fd, pw_name] = tempfile.mkstemp() - os.write(pw_fd, self.admin_password) - os.close(pw_fd) - - args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", - "-D", "cn=Directory Manager", "-y", pw_name, "-f", fd.name] - - try: - try: - ipautil.run(args) - except ipautil.CalledProcessError, e: - logging.critical("Failed to load %s: %s" % (ldif, str(e))) - finally: - os.remove(pw_name) - - fd.close() - def __configure_sasl_mappings(self): # we need to remove any existing SASL mappings in the directory as otherwise they # they may conflict. There is no way to define the order they are used in atm. @@ -285,13 +265,13 @@ class KrbInstance(service.Service): raise e def __add_krb_entries(self): - self.__ldap_mod("kerberos.ldif") + self._ldap_mod("kerberos.ldif", self.sub_dict) def __add_default_acis(self): - self.__ldap_mod("default-aci.ldif") + self._ldap_mod("default-aci.ldif", self.sub_dict) def __add_default_keytypes(self): - self.__ldap_mod("default-keytypes.ldif") + self._ldap_mod("default-keytypes.ldif", self.sub_dict) def __create_replica_instance(self): self.__create_instance(replica=True) @@ -342,7 +322,7 @@ class KrbInstance(service.Service): #add the password extop module def __add_pwd_extop_module(self): - self.__ldap_mod("pwd-extop-conf.ldif") + self._ldap_mod("pwd-extop-conf.ldif", self.sub_dict) def __add_master_key(self): #get the Master Key from the stash file diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index ba539a210..41e77a73e 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -78,16 +78,46 @@ def print_msg(message, output_fd=sys.stdout): class Service: - def __init__(self, service_name, sstore=None): + def __init__(self, service_name, sstore=None, dm_password=None): self.service_name = service_name self.steps = [] self.output_fd = sys.stdout + self.dm_password = dm_password if sstore: self.sstore = sstore else: self.sstore = sysrestore.StateFile('/var/lib/ipa/sysrestore') + def _ldap_mod(self, ldif, sub_dict = None): + assert self.dm_password is not None + + fd = None + path = ipautil.SHARE_DIR + ldif + + if sub_dict is not None: + txt = ipautil.template_file(path, sub_dict) + fd = ipautil.write_tmp_file(txt) + path = fd.name + + [pw_fd, pw_name] = tempfile.mkstemp() + os.write(pw_fd, self.dm_password) + os.close(pw_fd) + + args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", + "-D", "cn=Directory Manager", "-y", pw_name, "-f", path] + + try: + try: + ipautil.run(args) + except ipautil.CalledProcessError, e: + logging.critical("Failed to load %s: %s" % (ldif, str(e))) + finally: + os.remove(pw_name) + + if fd is not None: + fd.close() + def set_output(self, fd): self.output_fd = fd |