def init_info(self, realm_name, fqdn, domain_name, dm_password,
subject_base, idstart, idmax, pkcs12_info, ca_file=None):
self.realm = realm_name.upper()
self.serverid = installutils.realm_to_serverid(self.realm)
self.suffix = ipautil.realm_to_suffix(self.realm)
self.fqdn = fqdn
self.dm_password = dm_password
self.domain = domain_name
self.principal = "ldap/%s@%s" % (self.fqdn, self.realm)
self.subject_base = subject_base
self.idstart = idstart
self.idmax = idmax
self.pkcs12_info = pkcs12_info
if pkcs12_info:
self.ca_is_configured = False
self.ca_file = ca_file
self.__setup_sub_dict()
def __setup_sub_dict(self):
if self.forwarders:
fwds = "\n"
for forwarder in self.forwarders:
fwds += "\t\t%s;\n" % forwarder
fwds += "\t"
else:
fwds = " "
if self.ntp:
optional_ntp = "\n;ntp server\n"
optional_ntp += "_ntp._udp\t\tIN SRV 0 100 123\t%s" % self.host_in_rr
else:
optional_ntp = ""
ipa_ca = ""
for addr in self.ip_addresses:
if addr.version in (4, 6):
ipa_ca += "%s\t\t\tIN %s\t\t\t%s\n" % (
IPA_CA_RECORD,
"A" if addr.version == 4 else "AAAA",
str(addr))
self.sub_dict = dict(
FQDN=self.fqdn,
IP=[str(ip) for ip in self.ip_addresses],
DOMAIN=self.domain,
HOST=self.host,
REALM=self.realm,
SERVER_ID=installutils.realm_to_serverid(self.realm),
FORWARDERS=fwds,
SUFFIX=self.suffix,
OPTIONAL_NTP=optional_ntp,
ZONEMGR=self.zonemgr,
IPA_CA_RECORD=ipa_ca,
BINDKEYS_FILE=paths.NAMED_BINDKEYS_FILE,
MANAGED_KEYS_DIR=paths.NAMED_MANAGED_KEYS_DIR,
ROOT_KEY=paths.NAMED_ROOT_KEY,
NAMED_KEYTAB=paths.NAMED_KEYTAB,
RFC1912_ZONES=paths.NAMED_RFC1912_ZONES,
NAMED_PID=paths.NAMED_PID,
NAMED_VAR_DIR=paths.NAMED_VAR_DIR,
)
def __setup_sub_dict(self):
if self.forwarders:
fwds = "\n"
for forwarder in self.forwarders:
fwds += "\t\t%s;\n" % forwarder
fwds += "\t"
else:
fwds = " "
if self.ntp:
optional_ntp = "\n;ntp server\n"
optional_ntp += "_ntp._udp\t\tIN SRV 0 100 123\t%s" % self.host_in_rr
else:
optional_ntp = ""
ipa_ca = ""
for addr in self.ip_addresses:
if addr.version in (4, 6):
ipa_ca += "%s\t\t\tIN %s\t\t\t%s\n" % (
IPA_CA_RECORD,
"A" if addr.version == 4 else "AAAA",
str(addr))
self.sub_dict = dict(
FQDN=self.fqdn,
IP=[str(ip) for ip in self.ip_addresses],
DOMAIN=self.domain,
HOST=self.host,
REALM=self.realm,
SERVER_ID=installutils.realm_to_serverid(self.realm),
FORWARDERS=fwds,
SUFFIX=self.suffix,
OPTIONAL_NTP=optional_ntp,
ZONEMGR=self.zonemgr,
IPA_CA_RECORD=ipa_ca,
BINDKEYS_FILE=paths.NAMED_BINDKEYS_FILE,
MANAGED_KEYS_DIR=paths.NAMED_MANAGED_KEYS_DIR,
ROOT_KEY=paths.NAMED_ROOT_KEY,
NAMED_KEYTAB=paths.NAMED_KEYTAB,
RFC1912_ZONES=paths.NAMED_RFC1912_ZONES,
NAMED_PID=paths.NAMED_PID,
NAMED_VAR_DIR=paths.NAMED_VAR_DIR,
)
the server."""
# first make sure we have a valid cacert_fname
try:
if not os.access(cacert_fname, os.R_OK):
root_logger.critical("The given CA cert file named [%s] could not be read" %
cacert_fname)
return False
except OSError, e:
root_logger.critical("The given CA cert file named [%s] could not be read: %s" %
(cacert_fname, str(e)))
return False
# ok - ca cert file can be read
# shutdown the server
self.stop()
dirname = config_dirname(installutils.realm_to_serverid(self.realm))
certdb = certs.CertDB(self.realm, nssdir=dirname, subject_base=self.subject_base)
if not cacert_name or len(cacert_name) == 0:
cacert_name = "Imported CA"
# we can't pass in the nickname, so we set the instance variable
certdb.cacert_name = cacert_name
status = True
try:
certdb.load_cacert(cacert_fname, 'C,,')
except ipautil.CalledProcessError, e:
root_logger.critical("Error importing CA cert file named [%s]: %s" %
(cacert_fname, str(e)))
status = False
# restart the directory server
self.start()
