1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#! /usr/bin/python -E
# Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
#
# Copyright (C) 2007 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; version 2 only
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# requires the following packages:
# fedora-ds-base
# openldap-clients
# nss-tools
VERSION = "%prog .1"
import sys
sys.path.append("/usr/share/ipa")
import socket
import logging
from optparse import OptionParser
import ipaserver.dsinstance
import ipaserver.krbinstance
def parse_options():
parser = OptionParser(version=VERSION)
parser.add_option("-u", "--user", dest="ds_user",
help="ds user")
parser.add_option("-r", "--realm", dest="realm_name",
help="realm name")
parser.add_option("-p", "--password", dest="password",
help="admin password")
parser.add_option("-m", "--master-password", dest="master_password",
help="kerberos master password")
parser.add_option("-d", "--debug", dest="debug", action="store_true",
dest="debug", default=False, help="print debugging information")
parser.add_option("--hostname", dest="host_name", help="fully qualified name of server")
options, args = parser.parse_args()
if not options.ds_user or not options.realm_name or not options.password or not options.master_password:
parser.error("error: all options are required")
return options
def logging_setup(options):
# Always log everything (i.e., DEBUG) to the log
# file.
logging.basicConfig(level=logging.DEBUG,
format='%(asctime)s %(levelname)s %(message)s',
filename='ipaserver-install.log',
filemode='w')
console = logging.StreamHandler()
# If the debug option is set, also log debug messages to the console
if options.debug:
console.setLevel(logging.DEBUG)
else:
# Otherwise, log critical and error messages
console.setLevel(logging.ERROR)
formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s')
console.setFormatter(formatter)
logging.getLogger('').addHandler(console)
def main():
options = parse_options()
logging_setup(options)
# check the hostname is correctly configured, it must be as the kldap
# utilities just use the hostname as returned by gethostbyname to set
# up some of the standard entries
if options.host_name:
host_name = options.host_name
else:
host_name = socket.gethostname()
if len(host_name.split(".")) < 2:
print "Invalid hostname <"+host_name+">"
print "Check the /etc/hosts file and make sure to have a valid FQDN"
return "-Fatal Error-"
if socket.gethostbyname(host_name) == "127.0.0.1":
print "The hostname resolves to the localhost address (127.0.0.1)"
print "Please change your /etc/hosts file or your DNS so that the"
print "hostname resolves to the ip address of your network interface."
print "The KDC service does not listen on 127.0.0.1"
return "-Fatal Error-"
print "The Final KDC Host Name will be: " + host_name
# Create a directory server instance
ds = ipaserver.dsinstance.DsInstance()
ds.create_instance(options.ds_user, options.realm_name, host_name,
options.password)
# Create a kerberos instance
krb = ipaserver.krbinstance.KrbInstance()
krb.create_instance(options.ds_user, options.realm_name, host_name,
options.password, options.master_password)
#restart ds after the krb instance have add the sasl map
ds.restart()
return 0
main()
|
