def init_info(self, realm_name, fqdn, domain_name, dm_password, subject_base, idstart, idmax, pkcs12_info, ca_file=None): self.realm = realm_name.upper() self.serverid = installutils.realm_to_serverid(self.realm) self.suffix = ipautil.realm_to_suffix(self.realm) self.fqdn = fqdn self.dm_password = dm_password self.domain = domain_name self.principal = "ldap/%s@%s" % (self.fqdn, self.realm) self.subject_base = subject_base self.idstart = idstart self.idmax = idmax self.pkcs12_info = pkcs12_info if pkcs12_info: self.ca_is_configured = False self.ca_file = ca_file self.__setup_sub_dict()
def __setup_sub_dict(self): if self.forwarders: fwds = "\n" for forwarder in self.forwarders: fwds += "\t\t%s;\n" % forwarder fwds += "\t" else: fwds = " " if self.ntp: optional_ntp = "\n;ntp server\n" optional_ntp += "_ntp._udp\t\tIN SRV 0 100 123\t%s" % self.host_in_rr else: optional_ntp = "" ipa_ca = "" for addr in self.ip_addresses: if addr.version in (4, 6): ipa_ca += "%s\t\t\tIN %s\t\t\t%s\n" % ( IPA_CA_RECORD, "A" if addr.version == 4 else "AAAA", str(addr)) self.sub_dict = dict( FQDN=self.fqdn, IP=[str(ip) for ip in self.ip_addresses], DOMAIN=self.domain, HOST=self.host, REALM=self.realm, SERVER_ID=installutils.realm_to_serverid(self.realm), FORWARDERS=fwds, SUFFIX=self.suffix, OPTIONAL_NTP=optional_ntp, ZONEMGR=self.zonemgr, IPA_CA_RECORD=ipa_ca, BINDKEYS_FILE=paths.NAMED_BINDKEYS_FILE, MANAGED_KEYS_DIR=paths.NAMED_MANAGED_KEYS_DIR, ROOT_KEY=paths.NAMED_ROOT_KEY, NAMED_KEYTAB=paths.NAMED_KEYTAB, RFC1912_ZONES=paths.NAMED_RFC1912_ZONES, NAMED_PID=paths.NAMED_PID, NAMED_VAR_DIR=paths.NAMED_VAR_DIR, )
the server.""" # first make sure we have a valid cacert_fname try: if not os.access(cacert_fname, os.R_OK): root_logger.critical("The given CA cert file named [%s] could not be read" % cacert_fname) return False except OSError, e: root_logger.critical("The given CA cert file named [%s] could not be read: %s" % (cacert_fname, str(e))) return False # ok - ca cert file can be read # shutdown the server self.stop() dirname = config_dirname(installutils.realm_to_serverid(self.realm)) certdb = certs.CertDB(self.realm, nssdir=dirname, subject_base=self.subject_base) if not cacert_name or len(cacert_name) == 0: cacert_name = "Imported CA" # we can't pass in the nickname, so we set the instance variable certdb.cacert_name = cacert_name status = True try: certdb.load_cacert(cacert_fname, 'C,,') except ipautil.CalledProcessError, e: root_logger.critical("Error importing CA cert file named [%s]: %s" % (cacert_fname, str(e))) status = False # restart the directory server self.start()