From 29a02a3530214d2e72667e98c5ecc25ebf5fad48 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Wed, 30 Jan 2013 07:51:46 -0500 Subject: Use IPAdmin rather than raw python-ldap in ipactl Add a new init argument, ldap_uri, to IPAdmin to make this possible. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660 --- install/tools/ipactl | 74 +++++++++++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 42 deletions(-) (limited to 'install/tools/ipactl') diff --git a/install/tools/ipactl b/install/tools/ipactl index c2f13c256..86632f886 100755 --- a/install/tools/ipactl +++ b/install/tools/ipactl @@ -19,33 +19,20 @@ # import sys -try: - import os - from ipaserver.install import service, installutils - from ipapython import services as ipaservices - from ipaserver.install.dsinstance import config_dirname, realm_to_serverid - from ipaserver.install.installutils import is_ipa_configured, ScriptError - from ipapython.ipautil import wait_for_open_ports, wait_for_open_socket - from ipalib import api, errors - from ipapython import sysrestore - from ipapython import config - from ipapython import dogtag - from ipapython.dn import DN - import ldap - import ldap.sasl - import ldapurl - import socket - import json -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -SASL_EXTERNAL = ldap.sasl.sasl({}, 'EXTERNAL') +import os +import json + +import ldapurl + +from ipaserver.install import service, installutils +from ipaserver.install.dsinstance import config_dirname, realm_to_serverid +from ipaserver.install.installutils import is_ipa_configured, ScriptError +from ipaserver.ipaldap import IPAdmin +from ipalib import api, errors +from ipapython.ipautil import wait_for_open_ports, wait_for_open_socket +from ipapython import services as ipaservices +from ipapython import config, dogtag +from ipapython.dn import DN class IpactlError(ScriptError): pass @@ -127,30 +114,33 @@ def get_config(dirsrv): if lurl.urlscheme == 'ldapi': wait_for_open_socket(lurl.hostport, timeout=api.env.startup_timeout) else: - (host,port) = lurl.hostport.split(':') + (host, port) = lurl.hostport.split(':') wait_for_open_ports(host, [int(port)], timeout=api.env.startup_timeout) - con = ldap.initialize(api.env.ldap_uri) - con.sasl_interactive_bind_s('', SASL_EXTERNAL) - res = con.search_st(str(base), - ldap.SCOPE_SUBTREE, - filterstr=srcfilter, - attrlist=attrs, - timeout=10) - except ldap.SERVER_DOWN, e: + con = IPAdmin(ldap_uri=api.env.ldap_uri) + con.do_external_bind() + res, truncated = con.find_entries( + filter=srcfilter, + attrs_list=attrs, + base_dn=base, + scope=con.SCOPE_SUBTREE, + time_limit=10) + if truncated: + raise errors.LimitsExceeded() + except errors.NetworkError: # LSB status code 3: program is not running raise IpactlError("Failed to get list of services to probe status:\n" + "Directory Server is stopped", 3) - except ldap.NO_SUCH_OBJECT: + except errors.NotFound: masters_list = [] dn = DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn) attrs = ['cn'] try: - entries = con.search_s(str(dn), ldap.SCOPE_ONELEVEL, attrlist=attrs) + entries = con.get_entries(dn, con.SCOPE_ONELEVEL, attrs_list=attrs) except Exception, e: masters_list.append("No master found because of error: %s" % str(e)) else: - for dn,master_entry in entries: - masters_list.append(master_entry.get('cn', [None])[0]) + for dn, master_entry in entries: + masters_list.append(master_entry.single_value('cn')) masters = "\n".join(masters_list) @@ -163,8 +153,8 @@ def get_config(dirsrv): svc_list = [] for entry in res: - name = entry[1]['cn'][0] - for p in entry[1]['ipaConfigString']: + name = entry.single_value('cn') + for p in entry['ipaConfigString']: if p.startswith('startOrder '): order = p.split()[1] svc_list.append([order, name]) -- cgit