Add posix auto gen for single master case

author: Pete Rowley <prowley@redhat.com> 2007-11-06 15:57:15 -0800
committer: Pete Rowley <prowley@redhat.com> 2007-11-06 15:57:15 -0800
commit: 24d5777bd682636b36b96193c2ec2c8bcb6f684f (patch)
tree: c0beab7c5fc76b4447b3ed6acd960614f684c0d8 /ipa-server
parent: 22493d9b9fbc0b6a2e35397ab7b6a62740fcfe7a (diff)
download: freeipa-24d5777bd682636b36b96193c2ec2c8bcb6f684f.tar.gz
freeipa-24d5777bd682636b36b96193c2ec2c8bcb6f684f.tar.xz
freeipa-24d5777bd682636b36b96193c2ec2c8bcb6f684f.zip
7 files changed, 106 insertions, 13 deletions
diff --git a/ipa-server/ipa-install/share/Makefile.am b/ipa-server/ipa-install/share/Makefile.am
index cbb2e149..b103d567 100644
--- a/ipa-server/ipa-install/share/Makefile.am
+++ b/ipa-server/ipa-install/share/Makefile.am
@@ -20,6 +20,8 @@ app_DATA =				\
 	ntp.conf.server.template 	\
 	radius.radiusd.conf.template	\
 	referint-conf.ldif		\
+	dna-posix.ldif			\
+	master-entry.ldif		\
 	$(NULL)
 
 EXTRA_DIST =				\
diff --git a/ipa-server/ipa-install/share/bootstrap-template.ldif b/ipa-server/ipa-install/share/bootstrap-template.ldif
index d793dd9e..ca8bdcb6 100644
--- a/ipa-server/ipa-install/share/bootstrap-template.ldif
+++ b/ipa-server/ipa-install/share/bootstrap-template.ldif
@@ -39,6 +39,18 @@ objectClass: nsContainer
 objectClass: top
 cn: sysaccounts
 
+dn: cn=ipa,cn=etc,$SUFFIX
+changetype: add
+objectClass: nsContainer
+objectClass: top
+cn: ipa
+
+dn: cn=masters,cn=ipa,cn=etc,$SUFFIX
+changetype: add
+objectClass: nsContainer
+objectClass: top
+cn: masters
+
 dn: uid=admin,cn=sysaccounts,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
@@ -50,7 +62,7 @@ uid: admin
 krbPrincipalName: admin@$REALM
 cn: Administrator
 sn: Administrator
-uidNumber: 1000
+uidNumber: 999
 gidNumber: 1001
 homeDirectory: /home/admin
 loginShell: /bin/bash
diff --git a/ipa-server/ipa-install/share/dna-posix.ldif b/ipa-server/ipa-install/share/dna-posix.ldif
new file mode 100644
index 00000000..e999b209
--- /dev/null
+++ b/ipa-server/ipa-install/share/dna-posix.ldif
@@ -0,0 +1,37 @@
+# add container for posix configuration
+
+dn: cn=Posix,cn=ipa-dna,cn=plugins,cn=config
+changetype: add
+objectclass: top
+objectclass: nsContainer
+objectclass: extensibleObject
+cn: Posix
+
+# add plugin configuration for posix users
+
+dn: cn=Accounts,cn=Posix,cn=ipa-dna,cn=plugins,cn=config
+changetype: add
+objectclass: top
+objectclass: extensibleObject
+cn: Accounts
+dnaType: uidNumber
+dnaNextValue: 1100
+dnaInterval: 4
+dnaMagicRegen: 999
+dnaFilter: (objectclass=posixAccount)
+dnaScope: $SUFFIX
+
+# add plugin configuration for posix groups
+
+dn: cn=Groups,cn=Posix,cn=ipa-dna,cn=plugins,cn=config
+changetype: add
+objectclass: top
+objectclass: extensibleObject
+cn: Groups
+dnaType: gidNumber
+dnaNextValue: 1100
+dnaInterval: 4
+dnaMagicRegen: 999
+dnaFilter: (objectclass=posixGroup)
+dnaScope: $SUFFIX
+
diff --git a/ipa-server/ipa-install/share/master-entry.ldif b/ipa-server/ipa-install/share/master-entry.ldif
new file mode 100644
index 00000000..09c1d44f
--- /dev/null
+++ b/ipa-server/ipa-install/share/master-entry.ldif
@@ -0,0 +1,7 @@
+dn: cn=$FQHN,cn=masters,cn=ipa,cn=etc,$SUFFIX
+changetype: add
+objectclass: top
+objectclass: extensibleObject
+cn: $FQHN
+dnabase: 1100
+dnainterval: 4
diff --git a/ipa-server/ipa-slapi-plugins/dna/dna-conf.ldif b/ipa-server/ipa-slapi-plugins/dna/dna-conf.ldif
index a133fcf4..02532b4e 100644
--- a/ipa-server/ipa-slapi-plugins/dna/dna-conf.ldif
+++ b/ipa-server/ipa-slapi-plugins/dna/dna-conf.ldif
@@ -1,13 +1,14 @@
 dn: cn=ipa-dna,cn=plugins,cn=config
+changetype: add
 objectclass: top
 objectclass: nsSlapdPlugin
 objectclass: extensibleObject
 cn: ipa-dna
 nsslapd-pluginpath: libipa-dna-plugin
-nsslapd-plugininitfunc: dna_init
-nsslapd-plugintype: postoperation
+nsslapd-plugininitfunc: ipa_dna_init
+nsslapd-plugintype: preoperation
 nsslapd-pluginenabled: on
 nsslapd-pluginid: ipa-dna
 nsslapd-pluginversion: 1.0
 nsslapd-pluginvendor: Red Hat
-nsslapd-plugindescription: Distributed numeric assignment plugin
+nsslapd-plugindescription: IPA Distributed numeric assignment plugin
diff --git a/ipa-server/ipa-slapi-plugins/dna/dna.c b/ipa-server/ipa-slapi-plugins/dna/dna.c
index 7c8dad1a..bafe4410 100644
--- a/ipa-server/ipa-slapi-plugins/dna/dna.c
+++ b/ipa-server/ipa-slapi-plugins/dna/dna.c
@@ -65,7 +65,7 @@
 #include <sys/stat.h>
 #endif
 
-#define DNA_PLUGIN_SUBSYSTEM			"dna-plugin"
+#define DNA_PLUGIN_SUBSYSTEM			"ipa-dna-plugin"
 #define DNA_PLUGIN_VERSION				0x00010000
 
 #define DNA_DN							"cn=ipa-dna,cn=plugins,cn=config" /* temporary */
@@ -84,8 +84,8 @@
 #define DNA_FILTER	"dnaFilter"
 #define DNA_SCOPE	"dnaScope"
 
-#define FEATURE_DESC	"Distributed Numeric Assignment"
-#define PLUGIN_DESC	"Distributed Numeric Assignment plugin"
+#define FEATURE_DESC	"IPA Distributed Numeric Assignment"
+#define PLUGIN_DESC	"IPA Distributed Numeric Assignment plugin"
 
 static Slapi_PluginDesc pdesc = { 	FEATURE_DESC,
 					"FreeIPA project", "FreeIPA/1.0",
@@ -125,7 +125,7 @@ static Slapi_Mutex *g_new_value_lock;
  * DNA plug-in management functions
  *
  */
-int dna_init(Slapi_PBlock *pb); 
+int ipa_dna_init(Slapi_PBlock *pb); 
 static int dna_start(Slapi_PBlock *pb);
 static int dna_close(Slapi_PBlock *pb);
 static int dna_postop_init(Slapi_PBlock *pb);
@@ -235,12 +235,12 @@ char * getPluginDN()
 	-------------
 	adds our callbacks to the list
 */
-int dna_init( Slapi_PBlock *pb )
+int ipa_dna_init( Slapi_PBlock *pb )
 {
 	int status = DNA_SUCCESS;
 	char * plugin_identity=NULL;
 
-	slapi_log_error( SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM , "--> dna_init\n");
+	slapi_log_error( SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM , "--> ipa_dna_init\n");
 
 	/**
 	 * Store the plugin identity for later use.
@@ -267,7 +267,7 @@ int dna_init( Slapi_PBlock *pb )
 		slapi_register_plugin(
 			"postoperation",	/* op type */
 			1, 			/* Enabled */ 
-			"dna_init", 		/* this function desc */
+			"ipa_dna_init", 		/* this function desc */
 			dna_postop_init,	/* init func for post op */ 
 			PLUGIN_DESC,		/* plugin desc */
 			NULL,			/* ? */
@@ -276,11 +276,11 @@ int dna_init( Slapi_PBlock *pb )
 	)
 	{
 		slapi_log_error( SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
-                     "dna_init: failed to register plugin\n" );
+                     "ipa_dna_init: failed to register plugin\n" );
 		status = DNA_FAILURE;
 	}
 
-	slapi_log_error( SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM , "<-- dna_init\n");
+	slapi_log_error( SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM , "<-- ipa_dna_init\n");
 	return status;
 }
 
diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstance.py
index 284ad3a6..9a539470 100644
--- a/ipa-server/ipaserver/dsinstance.py
+++ b/ipa-server/ipaserver/dsinstance.py
@@ -84,6 +84,7 @@ class DsInstance(service.Service):
         self.__add_default_schemas()
         self.__add_memberof_module()
         self.__add_referint_module()
+        self.__add_dna_module()
         self.__create_indeces()
         self.__enable_ssl()
         self.__certmap_conf()
@@ -93,7 +94,10 @@ class DsInstance(service.Service):
         except:
             # TODO: roll back here?
             logging.critical("Failed to restart the ds instance")
+	self.__config_uidgid_gen_first_master()
         self.__add_default_layout()
+	self.__add_master_entry_first_master()
+
 
         self.step("configuring directoy to start on boot")
         self.chkconfig_on()
@@ -183,6 +187,36 @@ class DsInstance(service.Service):
             print "Failed to load referint-conf.ldif", e
         referint_fd.close()
 
+    def __add_dna_module(self):
+        self.step("enabling distributed numeric assignment plugin")
+        dna_txt = template_file(SHARE_DIR + "dna-conf.ldif", self.sub_dict)
+        dna_fd = write_tmp_file(dna_txt)
+        try:
+            ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password)
+        except subprocess.CalledProcessError, e:
+            print "Failed to load dna-conf.ldif", e
+        dna_fd.close()
+
+    def __config_uidgid_gen_first_master(self):
+        self.step("configuring Posix uid/gid generation as first master")
+        dna_txt = template_file(SHARE_DIR + "dna-posix.ldif", self.sub_dict)
+        dna_fd = write_tmp_file(dna_txt)
+        try:
+            ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password)
+        except subprocess.CalledProcessError, e:
+            print "Failed to configure Posix uid/gid generation with dna-posix.ldif", e
+        dna_fd.close()
+
+    def __add_master_entry_first_master(self):
+        self.step("adding master entry as first master")
+        master_txt = template_file(SHARE_DIR + "master-entry.ldif", self.sub_dict)
+        master_fd = write_tmp_file(master_txt)
+        try:
+            ldap_mod(master_fd, "cn=Directory Manager", self.dm_password)
+        except subprocess.CalledProcessError, e:
+            print "Failed to add master-entry.ldif", e
+        master_fd.close()
+
     def __enable_ssl(self):
         self.step("configuring ssl for ds instance")
         dirname = self.config_dirname()
author	Pete Rowley <prowley@redhat.com>	2007-11-06 15:57:15 -0800
committer	Pete Rowley <prowley@redhat.com>	2007-11-06 15:57:15 -0800
commit	24d5777bd682636b36b96193c2ec2c8bcb6f684f (patch)
tree	c0beab7c5fc76b4447b3ed6acd960614f684c0d8 /ipa-server
parent	22493d9b9fbc0b6a2e35397ab7b6a62740fcfe7a (diff)
download	freeipa-24d5777bd682636b36b96193c2ec2c8bcb6f684f.tar.gz freeipa-24d5777bd682636b36b96193c2ec2c8bcb6f684f.tar.xz freeipa-24d5777bd682636b36b96193c2ec2c8bcb6f684f.zip