diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py --- a/pykolab/setup/setup_ldap.py +++ b/pykolab/setup/setup_ldap.py @@ -19,6 +19,8 @@ from __future__ import print_function +import sys + import ldap import ldap.modlist import os @@ -167,7 +169,7 @@ # Pre-execution checks for path, directories, files in os.walk('/etc/dirsrv/'): for direct in directories: - if direct.startswith('slapd-'): + if direct.startswith('slapd-') and not direct.endswith('.removed'): print(utils.multiline_message( _(""" It seems 389 Directory Server has an existing @@ -318,12 +320,41 @@ # TODO: Loudly complain if the fqdn does not resolve back to this system. - # CentOS 8 for now + # CentOS 8 for now, also Debian buster/bullseye, Ubuntu 20.04/22.04 + """ + Check first for setup tool and exit, before writing into /tmp files with password + """ + """ + OBSOLETE Warning + dscreate will replace setup-ds*.pl + dscreate use lib389, which is python3.x only + admin package will be replaced by cockpit package + sample_entries = 001003006 # used as kolab server schema + dscreate beta still delivered with setup-ds*.pl + """ dscreate_found = os.path.isfile("/usr/sbin/dscreate") - if dscreate_found: + setup_ds_admin = None + """If Perl Script exist, dscreate is beta""" + if os.path.isfile("/usr/sbin/setup-ds-admin.pl"): + setup_ds_admin = "/usr/sbin/setup-ds-admin.pl" + elif os.path.isfile("/usr/sbin/setup-ds-admin"): + setup_ds_admin = "/usr/sbin/setup-ds-admin" + elif os.path.isfile("/usr/sbin/setup-ds.pl"): + setup_ds_admin = "/usr/sbin/setup-ds.pl" + elif os.path.isfile("/usr/sbin/setup-ds"): + setup_ds_admin = "/usr/sbin/setup-ds" + elif dscreate_found and setup_ds_admin is None and sys.version_info.major >= 3: + setup_ds_admin = "/usr/sbin/dscreate" + dscreate = True + else: + log.error(_("No directory server setup tool available.")) + sys.exit(1) + + if dscreate: data = """ [general] -FullMachineName = %(fqdn)s +config_version = 2 +full_machine_name = %(fqdn)s SuiteSpotUserID = %(userid)s SuiteSpotGroup = %(group)s AdminDomain = %(domain)s @@ -333,11 +364,9 @@ full_machine_name = %(fqdn)s [slapd] -SlapdConfigForMC = Yes -UseExistingMC = 0 -ServerPort = 389 -ServerIdentifier = %(hostname)s -Suffix = %(rootdn)s +instance_name = %(hostname)s +port = 389 +root_password = %(dirmgr_pass)s RootDN = cn=Directory Manager RootDNPwd = %(dirmgr_pass)s ds_bename = %(nodotdomain)s @@ -348,118 +377,9 @@ [backend-userroot] suffix = %(rootdn)s -create_suffix_entry = True - -[admin] -Port = 9830 -ServerAdminID = admin -ServerAdminPwd = %(admin_pass)s - """ % (_input) - - (fp, filename) = tempfile.mkstemp(dir="/tmp/") - os.write(fp, bytes(data.encode("UTF-8"))) - os.close(fp) - - command = [ - 'dscreate', - 'from-file', - filename - ] - - print(utils.multiline_message( - _(""" - Setup is now going to set up the 389 Directory Server. This - may take a little while (during which period there is no - output and no progress indication). - """) - ), file=sys.stderr) - - log.info(_("Setting up 389 Directory Server")) - - setup_389 = subprocess.Popen( - command, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE - ) - - (stdoutdata, stderrdata) = setup_389.communicate() - - if not setup_389.returncode == 0: - print(utils.multiline_message( - _(""" - An error was detected in the setup procedure for 389 - Directory Server. This setup will write out stderr and - stdout to /var/log/kolab/setup.error.log and - /var/log/kolab/setup.out.log respectively, before it - exits. - """) - ), file=sys.stderr) - - fp = open('/var/log/kolab/setup.error.log', 'w') - fp.write(utils.ensure_str(stderrdata, 'latin-1')) - fp.close() - - fp = open('/var/log/kolab/setup.out.log', 'w') - fp.write(utils.ensure_str(stdoutdata, 'latin-1')) - fp.close() - - log.debug(_("Setup DS stdout:"), level=8) - log.debug(stdoutdata, level=8) - - log.debug(_("Setup DS stderr:"), level=8) - log.debug(stderrdata, level=8) - - if not setup_389.returncode == 0: - sys.exit(1) - - # dscreate does not seem to do this, but the old setup-ds did. - template = open('/usr/share/dirsrv/data/template.ldif', 'r').read().replace('%ds_suffix%', _input['rootdn']).replace('%rootdn%', 'cn=Directory Manager') - (fp, filename) = tempfile.mkstemp(dir="/tmp/") - os.write(fp, bytes(template.encode("UTF-8"))) - os.close(fp) - - command = [ - 'ldapadd', - '-x', - '-H', 'ldap://127.0.0.1:389/', - '-D', "cn=Directory Manager", - '-w', _input['dirmgr_pass'], - '-f', filename - ] - - ldapadd = subprocess.Popen( - command, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE - ) - - (stdoutdata, stderrdata) = ldapadd.communicate() - - if not ldapadd.returncode == 0: - print(utils.multiline_message( - _(""" - An error was detected in the setup procedure during ldapadd for 389 - Directory Server. This setup will write out stderr and - stdout to /var/log/kolab/setup.error.log and - /var/log/kolab/setup.out.log respectively, before it - exits. - """) - ), file=sys.stderr) - - fp = open('/var/log/kolab/setup.error.log', 'w') - fp.write(stderrdata) - fp.close() - - fp = open('/var/log/kolab/setup.out.log', 'w') - fp.write(stdoutdata) - fp.close() - - log.debug(_("Setup DS stdout:"), level=8) - log.debug(stdoutdata, level=8) - - log.debug(_("Setup DS stderr:"), level=8) - log.debug(stderrdata, level=8) - +sample_entries = 001003006 #old Netscape server schema +require_index = yes + """ % (_input) else: data = """ [General] @@ -493,26 +413,25 @@ os.write(fp, bytes(data.encode("UTF-8"))) os.close(fp) - if os.path.isfile("/usr/sbin/setup-ds-admin.pl"): - setup_ds_admin = "/usr/sbin/setup-ds-admin.pl" - elif os.path.isfile("/usr/sbin/setup-ds-admin"): - setup_ds_admin = "/usr/sbin/setup-ds-admin" - elif os.path.isfile("/usr/sbin/setup-ds.pl"): - setup_ds_admin = "/usr/sbin/setup-ds.pl" - elif os.path.isfile("/usr/sbin/setup-ds"): - setup_ds_admin = "/usr/sbin/setup-ds" - else: - log.error(_("No directory server setup tool available.")) - sys.exit(1) - - command = [ + if dscreate: + log.info(setup_ds_admin) + command = [ setup_ds_admin, - '--debug', - '--silent', - '--force', - '--file=%s' % (filename) + '-v', + 'from-file', + filename ] + else: + log.info(setup_ds_admin) + command = [ + setup_ds_admin, + '--debug', + '--silent', + '--force', + '--file=%s' % (filename) + ] + print(utils.multiline_message( _(""" Setup is now going to set up the 389 Directory Server. This @@ -543,11 +462,11 @@ ), file=sys.stderr) fp = open('/var/log/kolab/setup.error.log', 'w') - fp.write(stderrdata) + fp.write(utils.ensure_str(stderrdata)) fp.close() fp = open('/var/log/kolab/setup.out.log', 'w') - fp.write(stdoutdata) + fp.write(utils.ensure_str(stdoutdata)) fp.close() log.debug(_("Setup DS stdout:"), level=8) @@ -803,7 +722,7 @@ dn = "cn=Account Policy Plugin,cn=plugins,cn=config" modlist = [] modlist.append((ldap.MOD_REPLACE, "nsslapd-pluginEnabled", b"on")) - if not dscreate_found: + if not dscreate: modlist.append((ldap.MOD_ADD, "nsslapd-pluginarg0", b"cn=config,cn=Account Policy Plugin,cn=plugins,cn=config")) auth._auth.ldap.modify_s(dn, modlist)