diff options
Diffstat (limited to 'ipa-server')
| -rw-r--r-- | ipa-server/ipa-install/share/bind.zone.db.template | 26 | ||||
| -rw-r--r-- | ipa-server/ipa-install/share/fedora-ds.init.patch | 12 | ||||
| -rw-r--r-- | ipa-server/ipaserver/krbinstance.py | 26 |
3 files changed, 48 insertions, 16 deletions
diff --git a/ipa-server/ipa-install/share/bind.zone.db.template b/ipa-server/ipa-install/share/bind.zone.db.template new file mode 100644 index 00000000..e846c4f2 --- /dev/null +++ b/ipa-server/ipa-install/share/bind.zone.db.template @@ -0,0 +1,26 @@ +$$ORIGIN $DOMAIN. +$$TTL 86400 +@ IN SOA $DOMAIN. root.$DOMAIN. ( + 01 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + IN NS $HOST +$HOST IN A $IP +; +; ldap servers +_ldap._tcp IN SRV 0 100 389 $HOST + +;kerberos realm +_kerberos IN TXT $REALM + +; kerberos servers +_kerberos._tcp IN SRV 0 100 88 $HOST +_kerberos._udp IN SRV 0 100 88 $HOST +_kerberos-master._tcp IN SRV 0 100 88 $HOST +_kerberos-master._udp IN SRV 0 100 88 $HOST +_kpasswd._tcp IN SRV 0 100 88 $HOST +_kpasswd._udp IN SRV 0 100 88 $HOST + diff --git a/ipa-server/ipa-install/share/fedora-ds.init.patch b/ipa-server/ipa-install/share/fedora-ds.init.patch new file mode 100644 index 00000000..88a04fc2 --- /dev/null +++ b/ipa-server/ipa-install/share/fedora-ds.init.patch @@ -0,0 +1,12 @@ +--- /etc/init.d/fedora-ds.orig 2007-07-06 18:21:30.000000000 -0400 ++++ /etc/init.d/fedora-ds 2007-05-18 19:36:24.000000000 -0400 +@@ -10,6 +10,9 @@ + # datadir: /var/lib/fedora-ds/slapd-<instance name> + # + ++# Get config. ++[ -r /etc/sysconfig/fedora-ds ] && . /etc/sysconfig/fedora-ds ++ + # Source function library. + if [ -f /etc/rc.d/init.d/functions ] ; then + . /etc/rc.d/init.d/functions diff --git a/ipa-server/ipaserver/krbinstance.py b/ipa-server/ipaserver/krbinstance.py index 131eee35..5a43617b 100644 --- a/ipa-server/ipaserver/krbinstance.py +++ b/ipa-server/ipaserver/krbinstance.py @@ -28,13 +28,7 @@ from time import gmtime import os import pwd import socket - -SHARE_DIR = "/usr/share/ipa/" - -def realm_to_suffix(realm_name): - s = realm_name.split(".") - terms = ["dc=" + x.lower() for x in s] - return ",".join(terms) +from util import * def host_to_domain(fqdn): s = fqdn.split(".") @@ -149,15 +143,15 @@ class KrbInstance: # TODO: NOT called yet, need to find out how to make sure the plugin is available first def __add_pwd_extop_module(self): - #add the password extop module - extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict) - extop_fd = write_tmp_file(extop_txt) - ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password) - extop_fd.close() - - #add an ACL to let the DS user read the master key - args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm] - run(args) + #add the password extop module + extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict) + extop_fd = write_tmp_file(extop_txt) + ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password) + extop_fd.close() + + #add an ACL to let the DS user read the master key + args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm] + run(args) def __create_sample_bind_zone(self): bind_txt = template_file(SHARE_DIR + "bind.zone.db.template", self.sub_dict) |