From 679343594d86d57c85d1a6bb5333c83ca8bacd78 Mon Sep 17 00:00:00 2001 From: Karl MacMillan Date: Fri, 28 Sep 2007 16:46:12 -0400 Subject: Install the web gui Install the turbogears web gui including an init script. This patch includes a few related changes: * create a production configuration * rename the web gui startup scrip to ipa-webgui * add an init script * chkconfig on the ipa-webgui init script * make the start script properly daemonize the app when not in a development directory. * Install everything to the correct places (/usr/sbin/ipa-webgui and /usr/share/ipa/ipagui mainly). There are some things still left to do: * Sort out the logging - the config needs to be adjusted so that logging messages end up in /var/log. --- ipa-python/ipaclient.py | 3 +- ipa-server/Makefile | 2 +- ipa-server/freeipa-server.spec | 7 +- ipa-server/freeipa-server.spec.in | 7 +- ipa-server/ipa-gui/Makefile | 39 +++++++++ ipa-server/ipa-gui/ipa-webgui | 99 ++++++++++++++++++++++ ipa-server/ipa-gui/ipa-webgui.cfg | 97 +++++++++++++++++++++ ipa-server/ipa-gui/ipa-webgui.init | 71 ++++++++++++++++ ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt | 2 + .../ipa-gui/ipa_gui.egg-info/entry_points.txt | 2 +- ipa-server/ipa-gui/sample-prod.cfg | 45 +++++----- ipa-server/ipa-gui/setup.py | 20 ----- ipa-server/ipa-gui/start-ipagui.py | 25 ------ ipa-server/ipa-install/ipa-server-install | 8 +- 14 files changed, 350 insertions(+), 77 deletions(-) create mode 100644 ipa-server/ipa-gui/Makefile create mode 100644 ipa-server/ipa-gui/ipa-webgui create mode 100644 ipa-server/ipa-gui/ipa-webgui.cfg create mode 100644 ipa-server/ipa-gui/ipa-webgui.init diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py index 97792fdd..c653e0fa 100644 --- a/ipa-python/ipaclient.py +++ b/ipa-python/ipaclient.py @@ -21,7 +21,8 @@ #!/usr/bin/python import sys -sys.path.append("/usr/share/ipa") +if "/usr/share/ipa" not in sys.path: + sys.path.append("/usr/share/ipa") from ipaserver import funcs import ipa.rpcclient as rpcclient diff --git a/ipa-server/Makefile b/ipa-server/Makefile index 5ca5caf7..4b1fe14b 100644 --- a/ipa-server/Makefile +++ b/ipa-server/Makefile @@ -1,4 +1,4 @@ -SUBDIRS=ipa-install xmlrpc-server ipa-kpasswd ipa-slapi-plugins +SUBDIRS=ipa-install xmlrpc-server ipa-kpasswd ipa-slapi-plugins ipa-gui SHAREDIR=$(DESTDIR)/usr/share/ipa PYTHONDIR=$(SHAREDIR)/ipaserver diff --git a/ipa-server/freeipa-server.spec b/ipa-server/freeipa-server.spec index be16796e..2cfd3274 100755 --- a/ipa-server/freeipa-server.spec +++ b/ipa-server/freeipa-server.spec @@ -1,6 +1,6 @@ Name: freeipa-server Version: 0.4.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: FreeIPA authentication server Group: System Environment/Base @@ -42,7 +42,9 @@ rm -rf %{buildroot} %defattr(-,root,root,-) %{_sbindir}/ipa-server-install %{_sbindir}/ipa_kpasswd +%{_sbindir}/ipa-webgui %attr(755,root,root) %{_initrddir}/ipa-kpasswd +%attr(755,root,root) %{_initrddir}/ipa-webgui %dir %{_usr}/share/ipa %{_usr}/share/ipa/* @@ -53,6 +55,9 @@ rm -rf %{buildroot} %changelog +* Tue Sep 25 2007 Karl MacMillan - 0.4.0-2 +- Package ipa-webgui + * Fri Sep 7 2007 Karl MacMillan - 0.3.0-1 - Added support for libipa-dna-plugin diff --git a/ipa-server/freeipa-server.spec.in b/ipa-server/freeipa-server.spec.in index ac44e6d9..dbae4fed 100644 --- a/ipa-server/freeipa-server.spec.in +++ b/ipa-server/freeipa-server.spec.in @@ -1,6 +1,6 @@ Name: freeipa-server Version: VERSION -Release: 1%{?dist} +Release: 2%{?dist} Summary: FreeIPA authentication server Group: System Environment/Base @@ -42,7 +42,9 @@ rm -rf %{buildroot} %defattr(-,root,root,-) %{_sbindir}/ipa-server-install %{_sbindir}/ipa_kpasswd +%{_sbindir}/ipa-webgui %attr(755,root,root) %{_initrddir}/ipa-kpasswd +%attr(755,root,root) %{_initrddir}/ipa-webgui %dir %{_usr}/share/ipa %{_usr}/share/ipa/* @@ -53,6 +55,9 @@ rm -rf %{buildroot} %changelog +* Tue Sep 25 2007 Karl MacMillan - 0.4.0-2 +- Package ipa-webgui + * Fri Sep 7 2007 Karl MacMillan - 0.3.0-1 - Added support for libipa-dna-plugin diff --git a/ipa-server/ipa-gui/Makefile b/ipa-server/ipa-gui/Makefile new file mode 100644 index 00000000..ba641d28 --- /dev/null +++ b/ipa-server/ipa-gui/Makefile @@ -0,0 +1,39 @@ +SHAREDIR=$(DESTDIR)/usr/share/ipa +SBINDIR=$(DESTDIR)/usr/sbin +INITDIR = $(DESTDIR)/etc/rc.d/init.d + +IPAGUI_SUBDIRS=config forms helpers templates +STATIC_SUBDIRS=css images javascript + +all: ; + +install: + -mkdir -p $(SHAREDIR)/ipagui + install -m 644 ipagui/*.py $(SHAREDIR)/ipagui + + -mkdir -p $(SHAREDIR)/ipa_gui.egg-info + install -m 644 ipa_gui.egg-info/* $(SHAREDIR)/ipa_gui.egg-info + + @for subdir in $(IPAGUI_SUBDIRS); do \ + mkdir -p $(SHAREDIR)/ipagui/$$subdir; \ + install -m 644 ipagui/$$subdir/*.py $(SHAREDIR)/ipagui/$$subdir; \ + done + + install -m 644 ipagui/config/*.cfg $(SHAREDIR)/ipagui/config + + -mkdir -p $(SHAREDIR)/ipagui/static + @for subdir in $(STATIC_SUBDIRS); do \ + mkdir -p $(SHAREDIR)/ipagui/static/$$subdir; \ + install -m 644 ipagui/static/$$subdir/* $(SHAREDIR)/ipagui/static/$$subdir; \ + done + + install -m 644 ipa-webgui.cfg $(SHAREDIR) + + install -m 755 ipa-webgui $(SBINDIR) + + -mkdir -p $(INITDIR) + install -m 755 ipa-webgui.init $(INITDIR)/ipa-webgui + +clean: + find . -name "*.pyc" -exec rm -f {} \; + find . -name "*~" -exec rm -f {} \; diff --git a/ipa-server/ipa-gui/ipa-webgui b/ipa-server/ipa-gui/ipa-webgui new file mode 100644 index 00000000..9adb5fad --- /dev/null +++ b/ipa-server/ipa-gui/ipa-webgui @@ -0,0 +1,99 @@ +#! /usr/bin/python -E +# +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +import os, sys + +def daemonize(): + pid = os.fork() + if pid != 0: + os._exit(0) + # become session leader + os.setsid() + + # fork again to reparent to init + pid = os.fork() + if pid != 0: + os._exit(0) + + os.chdir("/") + os.umask(0) + + import resource + maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1] + if (maxfd == resource.RLIM_INFINITY): + maxfd = 1024 + + # close all file descriptors + for fd in range(0, maxfd): + try: + os.close(fd) + except OSError: + pass + + # stdin + os.open("/dev/null", os.O_RDWR) + # stdout + os.open("/dev/null", os.O_RDWR) + # stderr + os.open("/dev/null", os.O_RDWR) + +# To make development easier, we detect if we are in the development +# environment to load a different configuration and avoid becoming +# a daemon +devel = False +if os.path.exists(os.path.join(os.path.dirname(__file__), "Makefile")): + devel = True + +if not devel: + sys.path.append("/usr/share/ipa/") + +# this must be after sys.path is changed to work correctly +import pkg_resources +pkg_resources.require("TurboGears") +pkg_resources.require("ipa_gui") + + +from turbogears import update_config, start_server +import cherrypy +cherrypy.lowercase_api = True + +# Load the config - look for a local file first for development +# and then the system config file +if devel: + update_config(configfile="dev.cfg", + modulename="ipagui.config") +else: + update_config(configfile="/usr/share/ipa/ipa-webgui.cfg", + modulename="ipagui.config.app") + +from ipagui.controllers import Root + +if not devel: + try: + daemonize() + except Exception, e: + sys.stderr.write("error becoming daemon: " + str(e)) + sys.exit(1) + +start_server(Root()) + + + + + diff --git a/ipa-server/ipa-gui/ipa-webgui.cfg b/ipa-server/ipa-gui/ipa-webgui.cfg new file mode 100644 index 00000000..7970ab86 --- /dev/null +++ b/ipa-server/ipa-gui/ipa-webgui.cfg @@ -0,0 +1,97 @@ +[global] +# DATABASE + +# no database for ipa-webgui since everything is stored in LDAP + +# IDENTITY + +# Our our sqlobject-derived proxy provider +identity.provider='proxyprovider' + +# the first thing checked on any request. We want to short-circuit this +# as early as possible +identity.source = 'visit' + +# Turn on identity and visit (visit is required for identity) +identity.on=True +identity.failure_url="/loginfailed" +visit.on=True +visit.manager='proxyvisit' + +# SERVER + +server.environment="production" +autoreload.package="ipagui" +autoreload.on = False + +# Sets the number of threads the server uses +server.thread_pool = 10 + +# if this is part of a larger site, you can set the path +# to the TurboGears instance here +# server.webpath="" + +# Set to True if you are deploying your App behind a proxy +# e.g. Apache using mod_proxy +# base_url_filter.on = False + +# Set to True if your proxy adds the x_forwarded_host header +# base_url_filter.use_x_forwarded_host = True + +# If your proxy does not add the x_forwarded_host header, set +# the following to the *public* host url. +# (Note: This will be overridden by the use_x_forwarded_host option +# if it is set to True and the proxy adds the header correctly. +# base_url_filter.base_url = "http://www.example.com" + +# Set to True if you'd like to abort execution if a controller gets an +# unexpected parameter. False by default +# tg.strict_parameters = False + +# LOGGING +# Logging configuration generally follows the style of the standard +# Python logging module configuration. Note that when specifying +# log format messages, you need to use *() for formatting variables. +# Deployment independent log configuration is in ipagui/config/log.cfg +[logging] + +[[formatters]] +[[[message_only]]] +format='*(message)s' + +[[[full_content]]] +format='*(asctime)s *(name)s *(levelname)s *(message)s' + +[[handlers]] +[[[debug_out]]] +class='StreamHandler' +level='DEBUG' +args='(sys.stdout,)' +formatter='full_content' + +[[[access_out]]] +class='StreamHandler' +level='INFO' +args='(sys.stdout,)' +formatter='message_only' + +[[[error_out]]] +class='StreamHandler' +level='ERROR' +args='(sys.stdout,)' + +[[loggers]] +[[[ipagui]]] +level='DEBUG' +qualname='ipagui' +handlers=['debug_out'] + +[[[allinfo]]] +level='INFO' +handlers=['debug_out'] + +[[[access]]] +level='INFO' +qualname='turbogears.access' +handlers=['access_out'] +propagate=0 diff --git a/ipa-server/ipa-gui/ipa-webgui.init b/ipa-server/ipa-gui/ipa-webgui.init new file mode 100644 index 00000000..5bb0a558 --- /dev/null +++ b/ipa-server/ipa-gui/ipa-webgui.init @@ -0,0 +1,71 @@ +#!/bin/sh +# +# ipa-webgui This starts and stops ipa-webgui +# +# chkconfig: - 36 64 +# description: ipa-webgui IPA Web User Interface +# processname: /usr/sbin/ipa-webgui +# configdir: /etc/sysconfig/ipa-webgui +# + +# Source function library. +if [ -f /etc/rc.d/init.d/functions ] ; then +. /etc/rc.d/init.d/functions +fi +# Source networking configuration. +if [ -f /etc/sysconfig/network ] ; then +. /etc/sysconfig/network +fi + +# Check that networking is up. +if [ "${NETWORKING}" = "no" ] +then + echo "Networking is down" + exit 0 +fi + +NAME="ipa-webgui" + +start() { + echo -n $"Starting $NAME: " + daemon $NAME + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME || \ + RETVAL=1 + return $RETVAL +} + +stop() { + echo -n $"Shutting down $NAME: " + killproc $NAME + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME + return $RETVAL +} + +restart() { + stop + start +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + restart + ;; + condrestart) + [ -f /var/lock/subsys/$NAME ] && restart || : + ;; + *) + echo $"Usage: $0 {start|stop|restart|condrestart}" + exit 2 +esac + +exit $? diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt index 3bd84824..be2f0206 100644 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt +++ b/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt @@ -1,4 +1,5 @@ README.txt +ipa-webgui setup.py start-ipagui.py ipa_gui.egg-info/PKG-INFO @@ -19,6 +20,7 @@ ipagui/proxyvisit.py ipagui/release.py ipagui/config/__init__.py ipagui/forms/__init__.py +ipagui/forms/group.py ipagui/forms/user.py ipagui/helpers/__init__.py ipagui/helpers/userhelper.py diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt index 22c35bfd..baecc2ce 100644 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt +++ b/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt @@ -1,6 +1,6 @@ [turbogears.identity.provider] proxyprovider = ipagui.proxyprovider:ProxyIdentityProvider - [turbogears.visit.manager] proxyvisit = ipagui.proxyvisit:ProxyVisitManager + \ No newline at end of file diff --git a/ipa-server/ipa-gui/sample-prod.cfg b/ipa-server/ipa-gui/sample-prod.cfg index ffa684cc..a1266270 100644 --- a/ipa-server/ipa-gui/sample-prod.cfg +++ b/ipa-server/ipa-gui/sample-prod.cfg @@ -1,38 +1,31 @@ [global] -# This is where all of your settings go for your production environment. -# You'll copy this file over to your production server and provide it -# as a command-line option to your start script. -# Settings that are the same for both development and production -# (such as template engine, encodings, etc.) all go in -# ipagui/config/app.cfg - # DATABASE -# pick the form for your database -# sqlobject.dburi="postgres://username@hostname/databasename" -# sqlobject.dburi="mysql://username:password@hostname:port/databasename" -# sqlobject.dburi="sqlite:///file_name_and_path" - -# If you have sqlite, here's a simple default to get you started -# in development -sqlobject.dburi="sqlite://%(current_dir_uri)s/devdata.sqlite" +# no database for ipa-webgui since everything is stored in LDAP +# IDENTITY -# if you are using a database or table type without transactions -# (MySQL default, for example), you should turn off transactions -# by prepending notrans_ on the uri -# sqlobject.dburi="notrans_mysql://username:password@hostname:port/databasename" +# Our our sqlobject-derived proxy provider +identity.provider='proxyprovider' -# for Windows users, sqlite URIs look like: -# sqlobject.dburi="sqlite:///drive_letter:/path/to/file" +# the first thing checked on any request. We want to short-circuit this +# as early as possible +identity.source = 'visit' +# Turn on identity and visit (visit is required for identity) +identity.on=True +identity.failure_url="/loginfailed" +visit.on=True +visit.manager='proxyvisit' # SERVER server.environment="production" +autoreload.package="ipagui" +autoreload.on = False # Sets the number of threads the server uses -# server.thread_pool = 1 +server.thread_pool = 10 # if this is part of a larger site, you can set the path # to the TurboGears instance here @@ -66,7 +59,7 @@ server.environment="production" [[[access_out]]] # set the filename as the first argument below -args="('server.log',)" +args="('ipa-webgui',)" class='FileHandler' level='INFO' formatter='message_only' @@ -74,11 +67,11 @@ formatter='message_only' [[loggers]] [[[ipagui]]] level='ERROR' -qualname='ipagui' -handlers=['error_out'] +qualname='ipa-webgui' +handlers=['debug_out'] [[[access]]] level='INFO' -qualname='turbogears.access' +qualname='ipa-webgui.access' handlers=['access_out'] propagate=0 diff --git a/ipa-server/ipa-gui/setup.py b/ipa-server/ipa-gui/setup.py index 12381799..6b21712b 100644 --- a/ipa-server/ipa-gui/setup.py +++ b/ipa-server/ipa-gui/setup.py @@ -19,30 +19,10 @@ setup( install_requires = [ "TurboGears >= 1.0.2.2", ], - scripts = ["start-ipagui.py"], zip_safe=False, packages=find_packages(), package_data = find_package_data(where='ipagui', package='ipagui'), - keywords = [ - # Use keywords if you'll be adding your package to the - # Python Cheeseshop - - # if this has widgets, uncomment the next line - # 'turbogears.widgets', - - # if this has a tg-admin command, uncomment the next line - # 'turbogears.command', - - # if this has identity providers, uncomment the next line - # 'turbogears.identity.provider', - - # If this is a template plugin, uncomment the next line - # 'python.templating.engines', - - # If this is a full application, uncomment the next line - # 'turbogears.app', - ], classifiers = [ 'Development Status :: 3 - Alpha', 'Operating System :: OS Independent', diff --git a/ipa-server/ipa-gui/start-ipagui.py b/ipa-server/ipa-gui/start-ipagui.py index 2165e110..e69de29b 100644 --- a/ipa-server/ipa-gui/start-ipagui.py +++ b/ipa-server/ipa-gui/start-ipagui.py @@ -1,25 +0,0 @@ -#!/usr/bin/python -import pkg_resources -pkg_resources.require("TurboGears") - -from turbogears import update_config, start_server -import cherrypy -cherrypy.lowercase_api = True -from os.path import * -import sys - -# first look on the command line for a desired config file, -# if it's not on the command line, then -# look for setup.py in this directory. If it's not there, this script is -# probably installed -if len(sys.argv) > 1: - update_config(configfile=sys.argv[1], - modulename="ipagui.config") -elif exists(join(dirname(__file__), "setup.py")): - update_config(configfile="dev.cfg",modulename="ipagui.config") -else: - update_config(configfile="prod.cfg",modulename="ipagui.config") - -from ipagui.controllers import Root - -start_server(Root()) diff --git a/ipa-server/ipa-install/ipa-server-install b/ipa-server/ipa-install/ipa-server-install index 54da6856..b8b9805b 100644 --- a/ipa-server/ipa-install/ipa-server-install +++ b/ipa-server/ipa-install/ipa-server-install @@ -370,7 +370,13 @@ def main(): krb.restart() # Allow apache to connect to the turbogears web gui - run(["/usr/sbin/setsebool", "httpd_can_network", "true"]) + run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", "true"]) + + # Start the web gui + run(["/sbin/service", "ipa-webgui", "start"]) + + # Set the web gui to start on boot + run(["/sbin/chkconfig", "ipa-webgui", "on"]) # Restart apache run(["/sbin/service", "httpd", "restart"]) -- cgit