Page MenuHomePhorge
Differential D3866 Diff 11009 pykolab/setup/setup_ldap.py

Changeset View

Standalone View

View Options

pykolab/setup/setup_ldap.py

Context not available.
from __future__ import print_function from __future__ import print_function
import sys
import ldap import ldap
import ldap.modlist import ldap.modlist
import os import os
Context not available.
# Pre-execution checks # Pre-execution checks
for path, directories, files in os.walk('/etc/dirsrv/'): for path, directories, files in os.walk('/etc/dirsrv/'):
for direct in directories: for direct in directories:
if direct.startswith('slapd-'): if direct.startswith('slapd-') and not direct.endswith('.removed'):
print(utils.multiline_message( print(utils.multiline_message(
_(""" _("""
It seems 389 Directory Server has an existing It seems 389 Directory Server has an existing
Context not available.
# TODO: Loudly complain if the fqdn does not resolve back to this system. # TODO: Loudly complain if the fqdn does not resolve back to this system.
# CentOS 8 for now # CentOS 8 for now, also Debian buster/bullseye, Ubuntu 20.04/22.04
"""
Check first for setup tool and exit, before writing into /tmp files with password
"""
"""
OBSOLETE Warning
dscreate will replace setup-ds*.pl
dscreate use lib389, which is python3.x only
admin package will be replaced by cockpit package
sample_entries = 001003006 # used as kolab server schema
dscreate beta still delivered with setup-ds*.pl
"""
dscreate_found = os.path.isfile("/usr/sbin/dscreate") dscreate_found = os.path.isfile("/usr/sbin/dscreate")
if dscreate_found: setup_ds_admin = None
"""If Perl Script exist, dscreate is beta"""
if os.path.isfile("/usr/sbin/setup-ds-admin.pl"):
setup_ds_admin = "/usr/sbin/setup-ds-admin.pl"
elif os.path.isfile("/usr/sbin/setup-ds-admin"):
setup_ds_admin = "/usr/sbin/setup-ds-admin"
elif os.path.isfile("/usr/sbin/setup-ds.pl"):
setup_ds_admin = "/usr/sbin/setup-ds.pl"
elif os.path.isfile("/usr/sbin/setup-ds"):
setup_ds_admin = "/usr/sbin/setup-ds"
elif dscreate_found and setup_ds_admin is None and sys.version_info.major >= 3:
setup_ds_admin = "/usr/sbin/dscreate"
dscreate = True
else:
log.error(_("No directory server setup tool available."))
sys.exit(1)
if dscreate:
data = """ data = """
[general] [general]
FullMachineName = %(fqdn)s config_version = 2
full_machine_name = %(fqdn)s
SuiteSpotUserID = %(userid)s SuiteSpotUserID = %(userid)s
SuiteSpotGroup = %(group)s SuiteSpotGroup = %(group)s
AdminDomain = %(domain)s AdminDomain = %(domain)s
Context not available.
full_machine_name = %(fqdn)s full_machine_name = %(fqdn)s
[slapd] [slapd]
SlapdConfigForMC = Yes instance_name = %(hostname)s
UseExistingMC = 0 port = 389
ServerPort = 389 root_password = %(dirmgr_pass)s
ServerIdentifier = %(hostname)s
Suffix = %(rootdn)s
RootDN = cn=Directory Manager RootDN = cn=Directory Manager
RootDNPwd = %(dirmgr_pass)s RootDNPwd = %(dirmgr_pass)s
ds_bename = %(nodotdomain)s ds_bename = %(nodotdomain)s
Context not available.
[backend-userroot] [backend-userroot]
suffix = %(rootdn)s suffix = %(rootdn)s
create_suffix_entry = True sample_entries = 001003006 #old Netscape server schema
require_index = yes
[admin] """ % (_input)
Port = 9830
ServerAdminID = admin
ServerAdminPwd = %(admin_pass)s
""" % (_input)
(fp, filename) = tempfile.mkstemp(dir="/tmp/")
os.write(fp, bytes(data.encode("UTF-8")))
os.close(fp)
command = [
'dscreate',
'from-file',
filename
]
print(utils.multiline_message(
_("""
Setup is now going to set up the 389 Directory Server. This
may take a little while (during which period there is no
output and no progress indication).
""")
), file=sys.stderr)
log.info(_("Setting up 389 Directory Server"))
setup_389 = subprocess.Popen(
command,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE
)
(stdoutdata, stderrdata) = setup_389.communicate()
if not setup_389.returncode == 0:
print(utils.multiline_message(
_("""
An error was detected in the setup procedure for 389
Directory Server. This setup will write out stderr and
stdout to /var/log/kolab/setup.error.log and
/var/log/kolab/setup.out.log respectively, before it
exits.
""")
), file=sys.stderr)
fp = open('/var/log/kolab/setup.error.log', 'w')
fp.write(utils.ensure_str(stderrdata, 'latin-1'))
fp.close()
fp = open('/var/log/kolab/setup.out.log', 'w')
fp.write(utils.ensure_str(stdoutdata, 'latin-1'))
fp.close()
log.debug(_("Setup DS stdout:"), level=8)
log.debug(stdoutdata, level=8)
log.debug(_("Setup DS stderr:"), level=8)
log.debug(stderrdata, level=8)
if not setup_389.returncode == 0:
sys.exit(1)
# dscreate does not seem to do this, but the old setup-ds did.
template = open('/usr/share/dirsrv/data/template.ldif', 'r').read().replace('%ds_suffix%', _input['rootdn']).replace('%rootdn%', 'cn=Directory Manager')
(fp, filename) = tempfile.mkstemp(dir="/tmp/")
os.write(fp, bytes(template.encode("UTF-8")))
os.close(fp)
command = [
'ldapadd',
'-x',
'-H', 'ldap://127.0.0.1:389/',
'-D', "cn=Directory Manager",
'-w', _input['dirmgr_pass'],
'-f', filename
]
ldapadd = subprocess.Popen(
command,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE
)
(stdoutdata, stderrdata) = ldapadd.communicate()
if not ldapadd.returncode == 0:
print(utils.multiline_message(
_("""
An error was detected in the setup procedure during ldapadd for 389
Directory Server. This setup will write out stderr and
stdout to /var/log/kolab/setup.error.log and
/var/log/kolab/setup.out.log respectively, before it
exits.
""")
), file=sys.stderr)
fp = open('/var/log/kolab/setup.error.log', 'w')
fp.write(stderrdata)
fp.close()
fp = open('/var/log/kolab/setup.out.log', 'w')
fp.write(stdoutdata)
fp.close()
log.debug(_("Setup DS stdout:"), level=8)
log.debug(stdoutdata, level=8)
log.debug(_("Setup DS stderr:"), level=8)
log.debug(stderrdata, level=8)
else: else:
data = """ data = """
[General] [General]
Context not available.
os.write(fp, bytes(data.encode("UTF-8"))) os.write(fp, bytes(data.encode("UTF-8")))
os.close(fp) os.close(fp)
if os.path.isfile("/usr/sbin/setup-ds-admin.pl"): if dscreate:
setup_ds_admin = "/usr/sbin/setup-ds-admin.pl" log.info(setup_ds_admin)
elif os.path.isfile("/usr/sbin/setup-ds-admin"): command = [
setup_ds_admin = "/usr/sbin/setup-ds-admin"
elif os.path.isfile("/usr/sbin/setup-ds.pl"):
setup_ds_admin = "/usr/sbin/setup-ds.pl"
elif os.path.isfile("/usr/sbin/setup-ds"):
setup_ds_admin = "/usr/sbin/setup-ds"
else:
log.error(_("No directory server setup tool available."))
sys.exit(1)
command = [
setup_ds_admin, setup_ds_admin,
'--debug', '-v',
'--silent', 'from-file',
'--force', filename
'--file=%s' % (filename)
] ]
else:
log.info(setup_ds_admin)
command = [
setup_ds_admin,
'--debug',
'--silent',
'--force',
'--file=%s' % (filename)
]
print(utils.multiline_message( print(utils.multiline_message(
_(""" _("""
Setup is now going to set up the 389 Directory Server. This Setup is now going to set up the 389 Directory Server. This
Context not available.
), file=sys.stderr) ), file=sys.stderr)
fp = open('/var/log/kolab/setup.error.log', 'w') fp = open('/var/log/kolab/setup.error.log', 'w')
fp.write(stderrdata) fp.write(utils.ensure_str(stderrdata))
fp.close() fp.close()
fp = open('/var/log/kolab/setup.out.log', 'w') fp = open('/var/log/kolab/setup.out.log', 'w')
fp.write(stdoutdata) fp.write(utils.ensure_str(stdoutdata))
fp.close() fp.close()
log.debug(_("Setup DS stdout:"), level=8) log.debug(_("Setup DS stdout:"), level=8)
Context not available.
dn = "cn=Account Policy Plugin,cn=plugins,cn=config" dn = "cn=Account Policy Plugin,cn=plugins,cn=config"
modlist = [] modlist = []
modlist.append((ldap.MOD_REPLACE, "nsslapd-pluginEnabled", b"on")) modlist.append((ldap.MOD_REPLACE, "nsslapd-pluginEnabled", b"on"))
if not dscreate_found: if not dscreate:
modlist.append((ldap.MOD_ADD, "nsslapd-pluginarg0", b"cn=config,cn=Account Policy Plugin,cn=plugins,cn=config")) modlist.append((ldap.MOD_ADD, "nsslapd-pluginarg0", b"cn=config,cn=Account Policy Plugin,cn=plugins,cn=config"))
auth._auth.ldap.modify_s(dn, modlist) auth._auth.ldap.modify_s(dn, modlist)
Context not available.