More reorgnization.

8 files changed, 0 insertions, 536 deletions

diff --git a/ipa-server/ipa-install/src/ipa-server-install b/ipa-server/ipa-install/ipa-server-install
index 74de5568..74de5568 100644
--- a/ipa-server/ipa-install/src/ipa-server-install
+++ b/ipa-server/ipa-install/ipa-server-install
diff --git a/ipa-server/ipa-install/src/ipa-server-setupssl b/ipa-server/ipa-install/ipa-server-setupssl
index f7532790..f7532790 100644
--- a/ipa-server/ipa-install/src/ipa-server-setupssl
+++ b/ipa-server/ipa-install/ipa-server-setupssl
diff --git a/ipa-server/ipa-install/src/Makefile b/ipa-server/ipa-install/src/Makefile
deleted file mode 100644
index b54ceb17..00000000
--- a/ipa-server/ipa-install/src/Makefile
+++ /dev/null
@@ -1,14 +0,0 @@
-PYTHONLIBDIR ?= /usr/share/ipa/python
-PACKAGEDIR ?= $(DESTDIR)/$(PYTHONLIBDIR)/ipainstall
-SBINDIR = $(DESTDIR)/usr/sbin
-
-all: ;
-
-install:
-	-mkdir -p $(PACKAGEDIR)
-	install -m 644 ipainstall/*.py $(PACKAGEDIR)
-	install -m 755 ipa-server-install $(SBINDIR)
-	install -m 755 ipa-server-setupssl $(SBINDIR)
-
-clean:
-	rm -f *~ *.pyc
\ No newline at end of file
diff --git a/ipa-server/ipa-install/src/ipa-server-install~ b/ipa-server/ipa-install/src/ipa-server-install~
deleted file mode 100644
index 52143eda..00000000
--- a/ipa-server/ipa-install/src/ipa-server-install~
+++ /dev/null
@@ -1,117 +0,0 @@
-#! /usr/bin/python -E
-# Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
-#
-# Copyright (C) 2007  Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; version 2 only
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-
-# requires the following packages:
-# fedora-ds-base
-# openldap-clients
-# nss-tools
-
-VERSION = "%prog .1"
-
-import socket
-import logging
-from optparse import OptionParser
-import ipa.dsinstance
-import ipa.krbinstance
-
-def parse_options():
-    parser = OptionParser(version=VERSION)
-    parser.add_option("-u", "--user", dest="ds_user",
-                      help="ds user")
-    parser.add_option("-r", "--realm", dest="realm_name",
-                      help="realm name")
-    parser.add_option("-p", "--password", dest="password",
-                      help="admin password")
-    parser.add_option("-m", "--master-password", dest="master_password",
-                      help="kerberos master password")
-    parser.add_option("-d", "--debug", dest="debug", action="store_true",
-                     dest="debug", default=False, help="print debugging information")
-    parser.add_option("--hostname", dest="host_name", help="fully qualified name of server")
-
-    options, args = parser.parse_args()
-
-    if not options.ds_user or not options.realm_name or not options.password or not options.master_password:
-        parser.error("error: all options are required")
-
-    return options
-
-def logging_setup(options):
-    # Always log everything (i.e., DEBUG) to the log
-    # file.
-    logging.basicConfig(level=logging.DEBUG,
-                        format='%(asctime)s %(levelname)s %(message)s',
-                        filename='ipa-install.log',
-                        filemode='w')
-
-    console = logging.StreamHandler()
-    # If the debug option is set, also log debug messages to the console
-    if options.debug:
-        console.setLevel(logging.DEBUG)
-    else:
-        # Otherwise, log critical and error messages
-        console.setLevel(logging.ERROR)
-    formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s')
-    console.setFormatter(formatter)
-    logging.getLogger('').addHandler(console)
-        
-def main():
-    options = parse_options()
-    logging_setup(options)
-
-    # check the hostname is correctly configured, it must be as the kldap
-    # utilities just use the hostname as returned by gethostbyname to set
-    # up some of the standard entries
-
-    if options.host_name:
-        host_name = options.host_name
-    else:
-        host_name = socket.gethostname()
-    if len(host_name.split(".")) < 2:
-        print "Invalid hostname <"+host_name+">"
-        print "Check the /etc/hosts file and make sure to have a valid FQDN"
-        return "-Fatal Error-"
-
-    if socket.gethostbyname(host_name) == "127.0.0.1":
-        print "The hostname resolves to the localhost address (127.0.0.1)"
-        print "Please change your /etc/hosts file or your DNS so that the"
-        print "hostname resolves to the ip address of your network interface."
-        print "The KDC service does not listen on 127.0.0.1"
-        return "-Fatal Error-"
-
-    print "The Final KDC Host Name will be: " + host_name
-
-
-    # Create a directory server instance
-    ds = ipa.dsinstance.DsInstance()
-    ds.create_instance(options.ds_user, options.realm_name, host_name,
-                       options.password)
-
-    # Create a kerberos instance
-    krb = ipa.krbinstance.KrbInstance()
-    krb.create_instance(options.ds_user, options.realm_name, host_name,
-                        options.password, options.master_password)
-
-    #restart ds after the krb instance have add the sasl map
-    ds.restart()
-
-    return 0
-
-main()
diff --git a/ipa-server/ipa-install/src/ipa/__init__.py b/ipa-server/ipa-install/src/ipa/__init__.py
deleted file mode 100644
index 8e20eb1b..00000000
--- a/ipa-server/ipa-install/src/ipa/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-__all__ = ["dsinstance", "krbinstance"]
diff --git a/ipa-server/ipa-install/src/ipa/dsinstance.py b/ipa-server/ipa-install/src/ipa/dsinstance.py
deleted file mode 100644
index b16aa7c5..00000000
--- a/ipa-server/ipa-install/src/ipa/dsinstance.py
+++ /dev/null
@@ -1,169 +0,0 @@
-#! /usr/bin/python -E
-# Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
-#
-# Copyright (C) 2007  Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; version 2 or later
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-import subprocess
-import string
-import tempfile
-import shutil
-import logging
-import pwd
-import os
-import stat
-from util import *
-
-
-SHARE_DIR = "/usr/share/ipa/"
-SERVER_ROOT_64 = "/usr/lib64/fedora-ds-base"
-SERVER_ROOT_32 = "/usr/lib/fedora-ds-base"
-
-
-def generate_serverid():
-    """Generate a UUID (universally unique identifier) suitable
-    for use as a unique identifier for a DS instance.
-    """
-    try:
-        import uuid
-        id = str(uuid.uuid1())
-    except ImportError:
-        import commands
-        id = commands.getoutput("/usr/bin/uuidgen")
-    return id
-
-def realm_to_suffix(realm_name):
-    s = realm_name.split(".")
-    terms = ["dc=" + x.lower() for x in s]
-    return ",".join(terms)
-
-def find_server_root():
-    try:
-        mode = os.stat(SERVER_ROOT_64)[ST_MODE]
-        if stat.IS_DIR(mode):
-            return SERVER_ROOT_64
-    except:
-        return SERVER_ROOT_32
-
-
-INF_TEMPLATE = """
-[General]
-FullMachineName=   $FQHN
-SuiteSpotUserID=   $USER
-ServerRoot=    $SERVER_ROOT
-[slapd]
-ServerPort=   389
-ServerIdentifier=   $SERVERID
-Suffix=   $SUFFIX
-RootDN=   cn=Directory Manager
-RootDNPwd= $PASSWORD
-"""
-
-class DsInstance:
-    def __init__(self):
-        self.serverid = None
-        self.realm_name = None
-        self.host_name = None
-        self.admin_password = None
-        self.sub_dict = None
-
-    def create_instance(self, ds_user, realm_name, host_name, admin_password):
-        self.ds_user = ds_user
-        self.serverid = generate_serverid()
-        self.realm_name = realm_name.upper()
-        self.host_name = host_name
-        self.admin_password = admin_password
-        self.__setup_sub_dict()
-
-        self.__create_ds_user()
-        self.__create_instance()
-        self.__add_default_schemas()
-        self.__enable_ssl()
-        self.restart()
-        self.__add_default_layout()
-
-    def config_dirname(self):
-        if not self.serverid:
-            raise RuntimeError("serverid not set")
-        return "/etc/fedora-ds/slapd-" + self.serverid + "/"
-
-    def schema_dirname(self):
-        return self.config_dirname() + "/schema/"
-
-    def stop(self):
-        run(["/sbin/service", "fedora-ds", "stop"])
-
-    def start(self):
-        run(["/sbin/service", "fedora-ds", "start"])
-
-    def restart(self):
-        run(["/sbin/service", "fedora-ds", "restart"])
-
-    def __setup_sub_dict(self):
-        suffix = realm_to_suffix(self.realm_name)
-        server_root = find_server_root()
-        self.sub_dict = dict(FQHN=self.host_name, SERVERID=self.serverid,
-                             PASSWORD=self.admin_password, SUFFIX=suffix,
-                             REALM=self.realm_name, USER=self.ds_user,
-                             SERVER_ROOT=server_root)
-
-    def __create_ds_user(self):
-	try:
-            pwd.getpwnam(self.ds_user)
-            logging.debug("ds user %s exists" % self.ds_user)
-	except KeyError:
-            logging.debug("adding ds user %s" % self.ds_user)
-            args = ["/usr/sbin/useradd", "-c", "DS System User", "-d", "/var/lib/fedora-ds", "-M", "-r", "-s", "/sbin/nologin", self.ds_user]
-            run(args)
-            logging.debug("done adding user")
-
-    def __create_instance(self):
-        logging.debug("creating ds instance . . . ")
-        inf_txt = template_str(INF_TEMPLATE, self.sub_dict)
-        logging.debug(inf_txt)
-        inf_fd = write_tmp_file(inf_txt)
-        logging.debug("writing inf template")
-        args = ["/usr/bin/ds_newinst.pl", inf_fd.name]
-        logging.debug("calling ds_newinst.pl")
-        run(args)
-        logging.debug("completed creating ds instance")
-        logging.debug("restarting ds instance")
-        self.restart()
-        logging.debug("done restarting ds instance")
-
-    def __add_default_schemas(self):
-        shutil.copyfile(SHARE_DIR + "60kerberos.ldif",
-                        self.schema_dirname() + "60kerberos.ldif")
-        shutil.copyfile(SHARE_DIR + "60samba.ldif",
-                        self.schema_dirname() + "60samba.ldif")
-
-    def __enable_ssl(self):
-        logging.debug("configuring ssl for ds instance")
-        dirname = self.config_dirname()
-        args = ["/usr/sbin/ipa-server-setupssl", self.admin_password,
-                dirname, self.host_name]
-        run(args)
-        logging.debug("done configuring ssl for ds instance")
-        
-    def __add_default_layout(self):
-        txt = template_file(SHARE_DIR + "bootstrap-template.ldif", self.sub_dict)
-        inf_fd = write_tmp_file(txt)
-        logging.debug("adding default ds layout")
-        args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager",
-                "-w", self.admin_password, "-f", inf_fd.name]
-        run(args)
-        logging.debug("done adding default ds layout")
diff --git a/ipa-server/ipa-install/src/ipa/krbinstance.py b/ipa-server/ipa-install/src/ipa/krbinstance.py
deleted file mode 100644
index 253c506f..00000000
--- a/ipa-server/ipa-install/src/ipa/krbinstance.py
+++ /dev/null
@@ -1,177 +0,0 @@
-#! /usr/bin/python -E
-# Authors: Simo Sorce <ssorce@redhat.com>
-#
-# Copyright (C) 2007  Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; version 2 or later
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-import subprocess
-import string
-import tempfile
-import shutil
-import logging
-from random import Random
-from time import gmtime
-import os
-import pwd
-import socket
-from util import *
-
-def host_to_domain(fqdn):
-    s = fqdn.split(".")
-    return ".".join(s[1:])
-
-def generate_kdc_password():
-    rndpwd = ''
-    r = Random()
-    r.seed(gmtime())
-    for x in range(12):
-#        rndpwd += chr(r.randint(32,126))
-        rndpwd += chr(r.randint(65,90)) #stricter set for testing
-    return rndpwd
-
-def ldap_mod(fd, dn, pwd):
-    args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", "-D", dn, "-w", pwd, "-f", fd.name]
-    run(args)
-
-class KrbInstance:
-    def __init__(self):
-        self.ds_user = None
-        self.fqdn = None
-        self.realm = None
-	self.domain = None
-        self.host = None
-        self.admin_password = None
-        self.master_password = None
-        self.suffix = None
-        self.kdc_password = None
-        self.sub_dict = None
-
-    def create_instance(self, ds_user, realm_name, host_name, admin_password, master_password):
-        self.ds_user = ds_user
-        self.fqdn = host_name
-        self.ip = socket.gethostbyname(host_name)
-        self.realm = realm_name.upper()
-        self.host = host_name.split(".")[0]
-        self.domain = host_to_domain(host_name)
-        self.admin_password = admin_password
-        self.master_password = master_password
-        
-	self.suffix = realm_to_suffix(self.realm)
-        self.kdc_password = generate_kdc_password()
-	self.__configure_kdc_account_password()
-
-        self.__setup_sub_dict()
-
-        self.__configure_ldap()
-
-        self.__create_instance()
-
-        self.__create_ds_keytab()
-
-        self.__create_sample_bind_zone()
-
-        self.start()
-
-    def stop(self):
-        run(["/sbin/service", "krb5kdc", "stop"])
-
-    def start(self):
-        run(["/sbin/service", "krb5kdc", "start"])
-
-    def restart(self):
-        run(["/sbin/service", "krb5kdc", "restart"])
-
-    def __configure_kdc_account_password(self):
-        hexpwd = ''
-	for x in self.kdc_password:
-            hexpwd += (hex(ord(x))[2:])
-        pwd_fd = open("/var/kerberos/krb5kdc/ldappwd", "a+")
-        pwd_fd.write("uid=kdc,cn=kerberos,"+self.suffix+"#{HEX}"+hexpwd+"\n")
-        pwd_fd.close()
-
-    def __setup_sub_dict(self):
-        self.sub_dict = dict(FQDN=self.fqdn,
-                             IP=self.ip,
-                             PASSWORD=self.kdc_password,
-                             SUFFIX=self.suffix,
-                             DOMAIN=self.domain,
-                             HOST=self.host,
-                             REALM=self.realm)
-
-    def __configure_ldap(self):
-
-	#TODO: test that the ldif is ok with any random charcter we may use in the password
-        kerberos_txt = template_file(SHARE_DIR + "kerberos.ldif", self.sub_dict)
-        kerberos_fd = write_tmp_file(kerberos_txt)
-        ldap_mod(kerberos_fd, "cn=Directory Manager", self.admin_password)
-        kerberos_fd.close()
-
-	#Change the default ACL to avoid anonimous access to kerberos keys and othe hashes
-        aci_txt = template_file(SHARE_DIR + "default-aci.ldif", self.sub_dict)
-        aci_fd = write_tmp_file(aci_txt) 
-        ldap_mod(aci_fd, "cn=Directory Manager", self.admin_password)
-        aci_fd.close()
-
-    def __create_instance(self):
-        kdc_conf = template_file(SHARE_DIR+"kdc.conf.template", self.sub_dict)
-        kdc_fd = open("/var/kerberos/krb5kdc/kdc.conf", "w+")
-        kdc_fd.write(kdc_conf)
-        kdc_fd.close()
-
-        krb5_conf = template_file(SHARE_DIR+"krb5.conf.template", self.sub_dict)
-        krb5_fd = open("/etc/krb5.conf", "w+")
-        krb5_fd.write(krb5_conf)
-        krb5_fd.close()
-
-        #populate the directory with the realm structure
-        args = ["/usr/kerberos/sbin/kdb5_ldap_util", "-D", "uid=kdc,cn=kerberos,"+self.suffix, "-w", self.kdc_password, "create", "-s", "-P", self.master_password, "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"]
-        run(args)
-
-    # TODO: NOT called yet, need to find out how to make sure the plugin is available first
-    def __add_pwd_extop_module(self):
-	#add the password extop module
-	extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict)
-	extop_fd = write_tmp_file(extop_txt)
-	ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password)
-	extop_fd.close()
-
-	#add an ACL to let the DS user read the master key
-	args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm]
-	run(args)
-
-    def __create_sample_bind_zone(self):
-        bind_txt = template_file(SHARE_DIR + "bind.zone.db.template", self.sub_dict)
-        [bind_fd, bind_name] = tempfile.mkstemp(".db","sample.zone.")
-        os.write(bind_fd, bind_txt)
-        os.close(bind_fd)
-        print "Sample zone file for bind has been created in "+bind_name
-
-    def __create_ds_keytab(self):
-        (kwrite, kread, kerr) = os.popen3("/usr/kerberos/sbin/kadmin.local")
-        kwrite.write("addprinc -randkey ldap/"+self.fqdn+"@"+self.realm+"\n")
-        kwrite.flush()
-        kwrite.write("ktadd -k /etc/fedora-ds/ds.keytab ldap/"+self.fqdn+"@"+self.realm+"\n")
-        kwrite.flush()
-        kwrite.close()
-        kread.close()
-        kerr.close()
-
-	cfg_fd = open("/etc/sysconfig/fedora-ds", "a")
-        cfg_fd.write("export KRB5_KTNAME=/etc/fedora-ds/ds.keytab\n")
-        cfg_fd.close()
-	pent = pwd.getpwnam(self.ds_user)
-        os.chown("/etc/sysconfig/fedora-ds", pent.pw_uid, pent.pw_gid)
diff --git a/ipa-server/ipa-install/src/ipa/util.py b/ipa-server/ipa-install/src/ipa/util.py
deleted file mode 100644
index 3dcfb760..00000000
--- a/ipa-server/ipa-install/src/ipa/util.py
+++ /dev/null
@@ -1,58 +0,0 @@
-#! /usr/bin/python -E
-# Authors: Simo Sorce <ssorce@redhat.com>
-#
-# Copyright (C) 2007  Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; version 2 or later
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-SHARE_DIR = "/usr/share/ipa/"
-
-import string
-import tempfile
-import logging
-import subprocess
-
-def realm_to_suffix(realm_name):
-    s = realm_name.split(".")
-    terms = ["dc=" + x.lower() for x in s]
-    return ",".join(terms)
-
-
-def template_str(txt, vars):
-    return string.Template(txt).substitute(vars)
-
-def template_file(infilename, vars):
-    txt = open(infilename).read()
-    return template_str(txt, vars)
-
-def write_tmp_file(txt):
-    fd = tempfile.NamedTemporaryFile()
-    fd.write(txt)
-    fd.flush()
-
-    return fd
-
-def run(args, stdin=None):
-    p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if stdin:
-        stdout,stderr = p.communicate(stdin)
-    else:
-        stdout,stderr = p.communicate()
-    logging.info(stdout)
-    logging.info(stderr)
-
-    if p.returncode != 0:
-        raise subprocess.CalledProcessError(p.returncode, args[0])