1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
#! /usr/bin/python2 -E
# Authors: Martin Nagy <mnagy@redhat.com>
# Based on ipa-server-install by Karl MacMillan <kmacmillan@mentalrootkit.com>
#
# Copyright (C) 2007 - 2009 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
from optparse import OptionGroup, SUPPRESS_HELP
from ipaserver.install import bindinstance, httpinstance
from ipaserver.install.installutils import *
from ipaserver.install import installutils
from ipapython import version
from ipalib import api
from ipaplatform.paths import paths
from ipapython.config import IPAOptionParser
from ipapython.ipa_log_manager import standard_logging_setup, root_logger
from ipaserver.install import dns as dns_installer
log_file_name = paths.IPASERVER_INSTALL_LOG
def parse_options():
parser = IPAOptionParser(version=version.VERSION)
parser.add_option("-p", "--ds-password", dest="dm_password",
sensitive=True, help=SUPPRESS_HELP)
parser.add_option("-d", "--debug", dest="debug", action="store_true",
default=False, help="print debugging information")
parser.add_option("--ip-address", dest="ip_addresses", metavar="IP_ADDRESS",
default=[], action="append",
type="ip", ip_local=True, help="Master Server IP Address. This option can be used multiple times")
parser.add_option("--forwarder", dest="forwarders", action="append",
type="ip", help="Add a DNS forwarder. This option can be used multiple times")
parser.add_option("--no-forwarders", dest="no_forwarders", action="store_true",
default=False, help="Do not add any DNS forwarders, use root servers instead")
parser.add_option("--reverse-zone", dest="reverse_zones",
default=[], action="append", metavar="REVERSE_ZONE",
help="The reverse DNS zone to use. This option can be used multiple times")
parser.add_option("--no-reverse", dest="no_reverse", action="store_true",
default=False, help="Do not create new reverse DNS zone")
parser.add_option("--no-dnssec-validation", dest="no_dnssec_validation", action="store_true",
default=False, help="Disable DNSSEC validation")
parser.add_option("--dnssec-master", dest="dnssec_master", action="store_true",
default=False, help="Setup server to be DNSSEC key master")
parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
type="string",
help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
default=False, help="unattended installation never prompts the user")
parser.add_option("--disable-dnssec-master", dest="disable_dnssec_master",
action="store_true", default=False, help="Disable the "
"DNSSEC master on this server")
parser.add_option("--kasp-db", dest="kasp_db_file", type="string",
metavar="FILE", action="store", help="Copy OpenDNSSEC "
"metadata from the specified file (will not create a new "
"kasp.db file)")
parser.add_option("--force", dest="force", action="store_true",
help="Force install")
options, args = parser.parse_args()
safe_options = parser.get_safe_opts(options)
if options.dnssec_master and options.disable_dnssec_master:
parser.error("Invalid combination of parameters: --dnssec-master and "
"--disable-dnssec-master")
if options.forwarders and options.no_forwarders:
parser.error("You cannot specify a --forwarder option together with --no-forwarders")
elif options.reverse_zones and options.no_reverse:
parser.error("You cannot specify a --reverse-zone option together with --no-reverse")
if options.unattended:
if not options.forwarders and not options.no_forwarders:
parser.error("You must specify at least one --forwarder option or --no-forwarders option")
if options.kasp_db_file and not ipautil.file_exists(options.kasp_db_file):
parser.error("File %s does not exist" % options.kasp_db_file)
if options.dm_password:
print ("WARNING: Option -p/--ds-password is deprecated "
"and should not be used anymore.")
return safe_options, options
def main():
safe_options, options = parse_options()
if os.getegid() != 0:
sys.exit("Must be root to setup server")
standard_logging_setup(log_file_name, debug=options.debug, filemode='a')
print "\nThe log file for this installation can be found in %s" % log_file_name
root_logger.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options))
root_logger.debug("missing options might be asked for interactively later\n")
root_logger.debug('IPA version %s' % version.VENDOR_VERSION)
installutils.check_server_configuration()
# Initialize the ipalib api
cfg = dict(
in_server=True,
debug=options.debug,
)
api.bootstrap(**cfg)
api.finalize()
api.Backend.ldap2.connect(autobind=True)
options.setup_ca = False
dns_installer.install_check(True, False, options, hostname=api.env.host)
dns_installer.install(True, False, options)
# Restart http instance to make sure that python-dns has the right resolver
# https://bugzilla.redhat.com/show_bug.cgi?id=800368
fstore = sysrestore.FileStore(paths.SYSRESTORE)
http = httpinstance.HTTPInstance(fstore)
service.print_msg("Restarting the web server")
http.restart()
return 0
if __name__ == '__main__':
installutils.run_script(main, log_file_name=log_file_name,
operation_name='ipa-dns-install')
|
