summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-03-20 17:48:41 +0100
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-03-20 17:48:41 +0100
commit796413f66f681d6735245f99fcb2c7c082f749de (patch)
treea22f509d85982a3a95b7f734ea04929b8726b7e5
parent812920a2077860091bd003956fdf4296d187b329 (diff)
downloadpykolab-796413f66f681d6735245f99fcb2c7c082f749de.tar.gz
Implement a version of setup-kolab.py around 389 Directory Server
-rw-r--r--pykolab/setup/components.py45
-rw-r--r--pykolab/setup/imap_setup.py0
-rw-r--r--pykolab/setup/ldap_setup.py64
-rw-r--r--pykolab/setup/setup_ldap.py137
-rwxr-xr-xsetup-kolab.py4
5 files changed, 176 insertions, 74 deletions
diff --git a/pykolab/setup/components.py b/pykolab/setup/components.py
index d17a357..bef460e 100644
--- a/pykolab/setup/components.py
+++ b/pykolab/setup/components.py
@@ -50,9 +50,9 @@ def __init__():
for dirname in dirnames:
register_group(components_path, dirname)
- register('help', list_setup, description=_("Display this help."))
+ register('help', list_components, description=_("Display this help."))
-def list_setup(*args, **kw):
+def list_components(*args, **kw):
"""
List components
"""
@@ -91,7 +91,41 @@ def list_setup(*args, **kw):
else:
print "%-4s%-21s" % ('',__component.replace('_','-'))
+def _list_components(*args, **kw):
+ """
+ List components and return API compatible, parseable lists and
+ dictionaries.
+ """
+
+ __components = {}
+
+ for component in components.keys():
+ if isinstance(component, tuple):
+ component_group, component = component
+ __components[component_group] = {
+ component: components[(component_group,component)]
+ }
+ else:
+ __components[component] = components[component]
+
+ _components = __components.keys()
+ _components.sort()
+
+ return _components
+
def execute(component_name, *args, **kw):
+ if component_name == '':
+ log.debug(
+ _("No component selected, continuing for all components"),
+ level=8
+ )
+
+ for component in _list_components():
+ if not component == 'help':
+ execute(component)
+
+ return
+
if not components.has_key(component_name):
log.error(_("No such component."))
sys.exit(1)
@@ -118,7 +152,12 @@ def execute(component_name, *args, **kw):
pass
conf.finalize_conf()
- _component_name = conf.cli_args.pop(0)
+
+ if len(conf.cli_args) >= 1:
+ _component_name = conf.cli_args.pop(0)
+ else:
+ _component_name = component_name
+
components[component_name]['function'](conf.cli_args, kw)
def register_group(dirname, module):
diff --git a/pykolab/setup/imap_setup.py b/pykolab/setup/imap_setup.py
deleted file mode 100644
index e69de29..0000000
--- a/pykolab/setup/imap_setup.py
+++ /dev/null
diff --git a/pykolab/setup/ldap_setup.py b/pykolab/setup/ldap_setup.py
deleted file mode 100644
index a99351f..0000000
--- a/pykolab/setup/ldap_setup.py
+++ /dev/null
@@ -1,64 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Copyright 2010-2012 Kolab Systems AG (http://www.kolabsys.com)
-#
-# Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen a kolabsys.com>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 3 or, at your option, any later version
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Library General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-#
-
-import logging
-import os
-import sys
-
-try:
- import ldap
-except ImportError, e:
- print >> sys.stderr, _("Cannot load Python LDAP libraries.")
-
-import pykolab
-from pykolab import constants
-from pykolab import utils
-from pykolab.setup import package
-from pykolab.translate import _
-
-log = pykolab.getLogger('pykolab.setup.ldap')
-conf = pykolab.getConf()
-
-def setup():
- """
- Setup LDAP from here.
- """
-
- (service, other_services) = utils.is_service([
- 'dirsrv',
- 'ldap',
- 'slapd'
- ])
-
- for item in other_services:
- log.warning(_("Warning: LDAP Service '%s' is available on " + \
- "this system as well.") % (item))
-
- if not service == None:
- log.info(_("Found system service %s.") % (service))
- else:
- package.Package('openldap-servers')
-
- standard_root_dn = utils.standard_root_dn(constants.domainname)
-
- root_dn = utils.ask_question("Root DN", standard_root_dn)
- manager_dn = utils.ask_question("Manager DN", "cn=manager")
- manager_pw = utils.ask_question("Manager Password", password=True)
-
diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py
index 1d85da7..f177c37 100644
--- a/pykolab/setup/setup_ldap.py
+++ b/pykolab/setup/setup_ldap.py
@@ -17,6 +17,13 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
+import ldap
+import ldap.modlist
+import os
+import shutil
+import subprocess
+import tempfile
+
import components
import pykolab
@@ -37,21 +44,30 @@ def description():
def execute(*args, **kw):
_input = {}
- _input['admin_pass'] = utils.ask_question(_("Administrator password"), password=True)
- _input['dirmgr_pass'] = utils.ask_question(_("Directory Manager password"), password=True)
+ _input['admin_pass'] = utils.ask_question(
+ _("Administrator password"),
+ default=utils.generate_password(),
+ password=True
+ )
+
+ _input['dirmgr_pass'] = utils.ask_question(
+ _("Directory Manager password"),
+ default=utils.generate_password(),
+ password=True
+ )
_input['userid'] = utils.ask_question(_("User"), default="nobody")
_input['group'] = utils.ask_question(_("Group"), default="nobody")
_input['fqdn'] = fqdn
- _input['hostname'] = hostname
+ _input['hostname'] = hostname.split('.')[0]
_input['domain'] = domainname
_input['nodotdomain'] = domainname.replace('.','_')
_input['rootdn'] = utils.standard_root_dn(domainname)
- print """
+ data = """
[General]
FullMachineName = %(fqdn)s
SuiteSpotUserID = %(userid)s
@@ -66,7 +82,7 @@ SlapdConfigForMC = Yes
UseExistingMC = 0
ServerPort = 389
ServerIdentifier = %(hostname)s
-Suffix = dc=test90,dc=kolabsys,dc=com
+Suffix = %(rootdn)s
RootDN = cn=Directory Manager
RootDNPwd = %(dirmgr_pass)s
ds_bename = %(nodotdomain)s
@@ -77,3 +93,114 @@ Port = 9830
ServerAdminID = admin
ServerAdminPwd = %(admin_pass)s
""" % (_input)
+
+ (fp, filename) = tempfile.mkstemp(dir="/tmp/")
+ os.write(fp, data)
+ os.close(fp)
+
+ command = [
+ '/usr/sbin/setup-ds-admin.pl',
+ '--silent',
+ '--file=%s' % (filename)
+ ]
+
+ setup_389 = subprocess.Popen(
+ command,
+ stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE
+ )
+
+ (stdoutdata, stderrdata) = setup_389.communicate()
+
+ # Copy in kolab schema
+ #
+ shutil.copy(
+ '/usr/share/doc/kolab-schema-3.0/kolab2.ldif',
+ '/etc/dirsrv/slapd-%s/schema/99kolab2.ldif' % (_input['hostname'])
+ )
+
+ subprocess.call(['service', 'dirsrv@%s' % (_input['hostname']), 'restart'])
+
+ # Write out kolab configuration
+ conf.command_set('kolab', 'primary_domain', _input['domain'])
+ conf.command_set('ldap', 'base_dn', _input['rootdn'])
+ conf.command_set('ldap', 'bind_dn', 'cn=Directory Manager')
+ conf.command_set('ldap', 'bind_pw', _input['dirmgr_pass'])
+
+ _input['cyrus_admin_pass'] = utils.ask_question(
+ _("Cyrus Administrator password"),
+ default=utils.generate_password(),
+ password=True
+ )
+
+ _input['kolab_service_pass'] = utils.ask_question(
+ _("Kolab Service password"),
+ default=utils.generate_password(),
+ password=True
+ )
+
+ # Insert service users
+ auth = pykolab.auth
+ auth.connect()
+ auth._auth._connect()
+ auth._auth._bind()
+
+ dn = 'uid=cyrus-admin,ou=Special Users,%s' % (_input['rootdn'])
+
+ # A dict to help build the "body" of the object
+ attrs = {}
+ attrs['objectclass'] = ['top','person','inetorgperson','organizationalperson']
+ attrs['uid'] = "cyrus-admin"
+ attrs['givenname'] = "Cyrus"
+ attrs['surname'] = "Administrator"
+ attrs['cn'] = "Cyrus Administrator"
+ attrs['userPassword'] = _input['cyrus_admin_pass']
+
+ # Convert our dict to nice syntax for the add-function using modlist-module
+ ldif = ldap.modlist.addModlist(attrs)
+
+ # Do the actual synchronous add-operation to the ldapserver
+ auth._auth.ldap.add_s(dn, ldif)
+
+ conf.command_set('cyrus-imap', 'admin_password', _input['cyrus_admin_pass'])
+
+ dn = 'uid=kolab-service,ou=Special Users,%s' % (_input['rootdn'])
+
+ # A dict to help build the "body" of the object
+ attrs = {}
+ attrs['objectclass'] = ['top','person','inetorgperson','organizationalperson']
+ attrs['uid'] = "kolab-service"
+ attrs['givenname'] = "Kolab"
+ attrs['surname'] = "Service"
+ attrs['cn'] = "Kolab Service"
+ attrs['userPassword'] = _input['kolab_service_pass']
+
+ # Convert our dict to nice syntax for the add-function using modlist-module
+ ldif = ldap.modlist.addModlist(attrs)
+
+ # Do the actual synchronous add-operation to the ldapserver
+ auth._auth.ldap.add_s(dn, ldif)
+
+ #dn: cn=kolab,cn=config
+ #objectClass: top
+ #objectClass: extensibleObject
+ #cn: kolab
+
+ dn = 'cn=kolab,cn=config'
+
+ # A dict to help build the "body" of the object
+ attrs = {}
+ attrs['objectclass'] = ['top','extensibleobject']
+ attrs['cn'] = "kolab"
+
+ # Convert our dict to nice syntax for the add-function using modlist-module
+ ldif = ldap.modlist.addModlist(attrs)
+
+ # Do the actual synchronous add-operation to the ldapserver
+ auth._auth.ldap.add_s(dn, ldif)
+
+ auth._auth._set_user_attribute(
+ dn,
+ 'aci',
+ '(targetattr = "*") (version 3.0;acl "Kolab Services";allow (read,compare,search)(userdn = "ldap:///%s");)' % ('uid=kolab-service,ou=Special Users,%s' % (_input['rootdn']))
+ )
diff --git a/setup-kolab.py b/setup-kolab.py
index bbbb445..edb9f90 100755
--- a/setup-kolab.py
+++ b/setup-kolab.py
@@ -38,5 +38,5 @@ except ImportError, e:
sys.exit(1)
if __name__ == "__main__":
- kolab = Setup()
- kolab.run()
+ setup = Setup()
+ setup.run()