From fbfee8231722f0f3168dcfa3da2b804ca7c6a5e2 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Wed, 1 Aug 2007 15:58:52 -0400
Subject: Try to fix dir layout and recover missing files

---
 ipa-install/README                                 | 21 -----------
 ipa-install/share/bind.zone.db.template            | 26 --------------
 ipa-install/share/fedora-ds.init.patch             | 12 -------
 ipa-install/share/krb5.conf.template               | 42 ----------------------
 ipa-server/ipa-install/share/bind.zone.db.template | 26 ++++++++++++++
 ipa-server/ipa-install/share/fedora-ds.init.patch  | 12 +++++++
 ipa-server/ipaserver/krbinstance.py                | 26 ++++++--------
 7 files changed, 48 insertions(+), 117 deletions(-)
 delete mode 100644 ipa-install/README
 delete mode 100644 ipa-install/share/bind.zone.db.template
 delete mode 100644 ipa-install/share/fedora-ds.init.patch
 delete mode 100644 ipa-install/share/krb5.conf.template
 create mode 100644 ipa-server/ipa-install/share/bind.zone.db.template
 create mode 100644 ipa-server/ipa-install/share/fedora-ds.init.patch

diff --git a/ipa-install/README b/ipa-install/README
deleted file mode 100644
index 31e7375fb..000000000
--- a/ipa-install/README
+++ /dev/null
@@ -1,21 +0,0 @@
-
-Required packages:
-
-krb5-server
-fedora-ds-base
-openldap-clients
-krb5-server-ldap
-cyrus-sasl-gssapi
-
-
-Installation example:
-
-TEMPORARY: (until fedora ds scripts are fixed)
-please use the fedora-ds.init.patch under share/ to patch your init scripts before
-running ipa-server-install
-
-cd ipa-install
-make install
-cd ..
-/usr/sbin/ipa-server-install -u fds -r FREEIPA.ORG -p freeipa -m ipafree
-
diff --git a/ipa-install/share/bind.zone.db.template b/ipa-install/share/bind.zone.db.template
deleted file mode 100644
index e846c4f23..000000000
--- a/ipa-install/share/bind.zone.db.template
+++ /dev/null
@@ -1,26 +0,0 @@
-$$ORIGIN $DOMAIN.
-$$TTL	86400
-@			IN SOA	$DOMAIN. root.$DOMAIN. (
-				01		; serial (d. adams)
-				3H		; refresh
-				15M		; retry
-				1W		; expiry
-				1D )		; minimum
-
-        		IN NS			$HOST
-$HOST			IN A			$IP
-;
-; ldap servers
-_ldap._tcp		IN SRV 0 100 389	$HOST
-
-;kerberos realm
-_kerberos		IN TXT $REALM
-
-; kerberos servers
-_kerberos._tcp		IN SRV 0 100 88		$HOST
-_kerberos._udp		IN SRV 0 100 88		$HOST
-_kerberos-master._tcp	IN SRV 0 100 88		$HOST
-_kerberos-master._udp	IN SRV 0 100 88		$HOST
-_kpasswd._tcp		IN SRV 0 100 88		$HOST
-_kpasswd._udp		IN SRV 0 100 88		$HOST
-
diff --git a/ipa-install/share/fedora-ds.init.patch b/ipa-install/share/fedora-ds.init.patch
deleted file mode 100644
index 88a04fc25..000000000
--- a/ipa-install/share/fedora-ds.init.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- /etc/init.d/fedora-ds.orig	2007-07-06 18:21:30.000000000 -0400
-+++ /etc/init.d/fedora-ds	2007-05-18 19:36:24.000000000 -0400
-@@ -10,6 +10,9 @@
- # datadir:     /var/lib/fedora-ds/slapd-<instance name>
- #
- 
-+# Get config.
-+[ -r /etc/sysconfig/fedora-ds ] && . /etc/sysconfig/fedora-ds
-+
- # Source function library.
- if [ -f /etc/rc.d/init.d/functions ] ; then
- . /etc/rc.d/init.d/functions
diff --git a/ipa-install/share/krb5.conf.template b/ipa-install/share/krb5.conf.template
deleted file mode 100644
index 23a247034..000000000
--- a/ipa-install/share/krb5.conf.template
+++ /dev/null
@@ -1,42 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-[libdefaults]
- default_realm = $REALM
- dns_lookup_realm = true
- dns_lookup_kdc = true
- ticket_lifetime = 24h
- forwardable = yes
-
-[realms]
- $REALM = {
-  kdc = $FQDN:88
-  admin_server = $FQDN:749
-  default_domain = $DOMAIN
-}
-
-[domain_realm]
- .$DOMAIN = $REALM
- $DOMAIN = $REALM
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }
-
-[dbmodules]
-  $REALM = {
-    db_library = kldap
-    ldap_servers = ldap://127.0.0.1/
-    ldap_kerberos_container_dn = cn=kerberos,$SUFFIX
-    ldap_kdc_dn = uid=kdc,cn=kerberos,$SUFFIX
-    ldap_kadmind_dn = uid=kdc,cn=kerberos,$SUFFIX
-    ldap_service_password_file = /var/kerberos/krb5kdc/ldappwd
-  }
-
diff --git a/ipa-server/ipa-install/share/bind.zone.db.template b/ipa-server/ipa-install/share/bind.zone.db.template
new file mode 100644
index 000000000..e846c4f23
--- /dev/null
+++ b/ipa-server/ipa-install/share/bind.zone.db.template
@@ -0,0 +1,26 @@
+$$ORIGIN $DOMAIN.
+$$TTL	86400
+@			IN SOA	$DOMAIN. root.$DOMAIN. (
+				01		; serial (d. adams)
+				3H		; refresh
+				15M		; retry
+				1W		; expiry
+				1D )		; minimum
+
+        		IN NS			$HOST
+$HOST			IN A			$IP
+;
+; ldap servers
+_ldap._tcp		IN SRV 0 100 389	$HOST
+
+;kerberos realm
+_kerberos		IN TXT $REALM
+
+; kerberos servers
+_kerberos._tcp		IN SRV 0 100 88		$HOST
+_kerberos._udp		IN SRV 0 100 88		$HOST
+_kerberos-master._tcp	IN SRV 0 100 88		$HOST
+_kerberos-master._udp	IN SRV 0 100 88		$HOST
+_kpasswd._tcp		IN SRV 0 100 88		$HOST
+_kpasswd._udp		IN SRV 0 100 88		$HOST
+
diff --git a/ipa-server/ipa-install/share/fedora-ds.init.patch b/ipa-server/ipa-install/share/fedora-ds.init.patch
new file mode 100644
index 000000000..88a04fc25
--- /dev/null
+++ b/ipa-server/ipa-install/share/fedora-ds.init.patch
@@ -0,0 +1,12 @@
+--- /etc/init.d/fedora-ds.orig	2007-07-06 18:21:30.000000000 -0400
++++ /etc/init.d/fedora-ds	2007-05-18 19:36:24.000000000 -0400
+@@ -10,6 +10,9 @@
+ # datadir:     /var/lib/fedora-ds/slapd-<instance name>
+ #
+ 
++# Get config.
++[ -r /etc/sysconfig/fedora-ds ] && . /etc/sysconfig/fedora-ds
++
+ # Source function library.
+ if [ -f /etc/rc.d/init.d/functions ] ; then
+ . /etc/rc.d/init.d/functions
diff --git a/ipa-server/ipaserver/krbinstance.py b/ipa-server/ipaserver/krbinstance.py
index 131eee35a..5a43617bc 100644
--- a/ipa-server/ipaserver/krbinstance.py
+++ b/ipa-server/ipaserver/krbinstance.py
@@ -28,13 +28,7 @@ from time import gmtime
 import os
 import pwd
 import socket
-
-SHARE_DIR = "/usr/share/ipa/"
-
-def realm_to_suffix(realm_name):
-    s = realm_name.split(".")
-    terms = ["dc=" + x.lower() for x in s]
-    return ",".join(terms)
+from util import *
 
 def host_to_domain(fqdn):
     s = fqdn.split(".")
@@ -149,15 +143,15 @@ class KrbInstance:
 
     # TODO: NOT called yet, need to find out how to make sure the plugin is available first
     def __add_pwd_extop_module(self):
-	#add the password extop module
-	extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict)
-	extop_fd = write_tmp_file(extop_txt)
-	ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password)
-	extop_fd.close()
-
-	#add an ACL to let the DS user read the master key
-	args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm]
-	run(args)
+        #add the password extop module
+        extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict)
+        extop_fd = write_tmp_file(extop_txt)
+        ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password)
+        extop_fd.close()
+
+        #add an ACL to let the DS user read the master key
+        args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm]
+        run(args)
 
     def __create_sample_bind_zone(self):
         bind_txt = template_file(SHARE_DIR + "bind.zone.db.template", self.sub_dict)
-- 
cgit