From b05f94fb4c747d924fe5c89472663ba9226d2db1 Mon Sep 17 00:00:00 2001 From: Martin Nagy Date: Mon, 23 Nov 2009 09:26:50 +0100 Subject: Add ipa-dns-install script Unfortunately, for now there is no --uninstall option. --- install/tools/Makefile.am | 1 + install/tools/ipa-dns-install | 184 ++++++++++++++++++++++++++++++++++++++++++ ipa.spec.in | 1 + 3 files changed, 186 insertions(+) create mode 100755 install/tools/ipa-dns-install diff --git a/install/tools/Makefile.am b/install/tools/Makefile.am index 3af13dc15..6c8386858 100644 --- a/install/tools/Makefile.am +++ b/install/tools/Makefile.am @@ -5,6 +5,7 @@ SUBDIRS = \ $(NULL) sbin_SCRIPTS = \ + ipa-dns-install \ ipa-server-install \ ipa-replica-install \ ipa-replica-prepare \ diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install new file mode 100755 index 000000000..0656794cd --- /dev/null +++ b/install/tools/ipa-dns-install @@ -0,0 +1,184 @@ +#! /usr/bin/python -E +# Authors: Martin Nagy +# Based on ipa-server-install by Karl MacMillan +# +# Copyright (C) 2007 - 2009 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from optparse import OptionParser +import traceback + +from ipaserver import ipaldap +from ipaserver.install import bindinstance, ntpinstance +from ipaserver.install.installutils import * +from ipapython import version +from ipapython import ipautil, sysrestore +from ipalib import api, util +import ldap + +def parse_options(): + parser = OptionParser(version=version.VERSION) + parser.add_option("-p", "--ds-password", dest="dm_password", + help="admin password") + parser.add_option("-d", "--debug", dest="debug", action="store_true", + default=False, help="print debugging information") + parser.add_option("--ip-address", dest="ip_address", help="Master Server IP Address") + parser.add_option("--forwarder", dest="forwarders", action="append", + help="Add a DNS forwarder") + parser.add_option("--no-forwarders", dest="no_forwarders", action="store_true", + default=False, help="Do not add any DNS forwarders, use root servers instead") + parser.add_option("-U", "--unattended", dest="unattended", action="store_true", + default=False, help="unattended installation never prompts the user") + + options, args = parser.parse_args() + + if options.forwarders and options.no_forwarders: + parser.error("You cannot specify a --forwarder option together with --no-forwarders") + + if options.unattended: + if not options.dm_password: + parser.error("In unattended mode you need to provide at least the -p option") + if not options.forwarders and not options.no_forwarders: + parser.error("You must specify at least one --forwarder option or --no-forwarders option") + + return options + +def resolve_host(host_name): + ip = None + try: + ip = socket.gethostbyname(host_name) + + if ip == "127.0.0.1" or ip == "::1": + print "The hostname resolves to the localhost address (127.0.0.1/::1)" + print "Please change your /etc/hosts file so that the hostname" + print "resolves to the ip address of your network interface." + print "" + print "Please fix your /etc/hosts file and restart the setup program" + return None + + except: + print "Unable to lookup the IP address of the provided host" + return ip + +def main(): + options = parse_options() + + if os.getegid() != 0: + print "Must be root to setup server" + return 1 + + standard_logging_setup("/var/log/ipaserver-install.log", options.debug, filemode='a') + print "\nThe log file for this installation can be found in /var/log/ipaserver-install.log" + + global fstore + fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore') + + print "==============================================================================" + print "This program will setup DNS for the FreeIPA Server." + print "" + print "This includes:" + print " * Configure DNS (bind)" + print "" + print "To accept the default shown in brackets, press the Enter key." + print "" + + # Check bind packages are installed + if not bindinstance.check_inst(options.unattended): + print "Aborting installation" + return 1 + + # Initialize the ipalib api + cfg = dict( + in_server=True, + debug=options.debug, + ) + api.bootstrap(**cfg) + api.finalize() + + # Check we have a public IP that is associated with the hostname + if options.ip_address: + ip_address = options.ip_address + else: + ip_address = resolve_host(api.env.host) + if not ip_address or not verify_ip_address(ip_address): + if options.unattended: + print "Unable to resolve IP address for host name" + return 1 + else: + ip_address = read_ip_address(api.env.host, fstore) + + if options.no_forwarders: + dns_forwarders = () + elif options.forwarders: + dns_forwarders = options.forwarders + else: + dns_forwarders = read_dns_forwarders() + + if not options.dm_password: + dm_password = read_password("Directory Manager", confirm=False, validate=False) + else: + dm_password = options.dm_password + + # Try out the password + try: + conn = ipaldap.IPAdmin(api.env.host) + conn.do_simple_bind(bindpw=dm_password) + conn.unbind() + except (ldap.CONNECT_ERROR, ldap.SERVER_DOWN), e: + sys.exit("\nUnable to connect to LDAP server %s" % api.env.host) + except ldap.INVALID_CREDENTIALS, e : + sys.exit("\nThe password provided is incorrect for LDAP server %s" % api.env.host) + + conf_ntp = ntpinstance.NTPInstance(fstore).is_enabled() + + if not options.unattended: + print "" + print "The following operations may take some minutes to complete." + print "Please wait until the prompt is returned." + print "" + + # Create a BIND instance + bind = bindinstance.BindInstance(fstore, dm_password) + bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp) + api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dm_password) + bind.create_instance() + + print "==============================================================================" + print "Setup complete" + print "" + print "\tYou must make sure these network ports are open:" + print "\t\tTCP Ports:" + print "\t\t * 53: bind" + print "\t\tUDP Ports:" + print "\t\t * 53: bind" + + return 0 + +try: + sys.exit(main()) +except SystemExit, e: + sys.exit(e) +except KeyboardInterrupt: + print "Installation cancelled." +except Exception, e: + message = "Unexpected error - see ipaserver-install.log for details:\n %s" % str(e) + print message + message = str(e) + for str in traceback.format_tb(sys.exc_info()[2]): + message = message + "\n" + str + logging.debug(message) + sys.exit(1) diff --git a/ipa.spec.in b/ipa.spec.in index 5071e5a2d..c264de143 100644 --- a/ipa.spec.in +++ b/ipa.spec.in @@ -366,6 +366,7 @@ fi %files server %doc LICENSE README %defattr(-,root,root,-) +%{_sbindir}/ipa-dns-install %{_sbindir}/ipa-server-install %{_sbindir}/ipa-replica-install %{_sbindir}/ipa-replica-prepare -- cgit