Python wait_for_entry Exemples, ipaserver.install.replication.wait_for_entry Python Exemples

Exemple #1

0

Afficher le fichier

 def _wait_for_replica_kdc_entry(self):
     master_dn = self.api.Object.server.get_dn(self.fqdn)
     kdc_dn = DN(('cn', 'KDC'), master_dn)
     ldap_uri = ipaldap.get_ldap_uri(self.master_fqdn)
     with ipaldap.LDAPClient(ldap_uri,
                             cacert=paths.IPA_CA_CRT,
                             start_tls=True) as remote_ldap:
         remote_ldap.gssapi_bind()
         replication.wait_for_entry(
             remote_ldap, kdc_dn, timeout=api.env.replication_wait_timeout)

Exemple #2

0

Afficher le fichier

Fichier : krbinstance.py Projet : xiaoyinchong/freeipa

    def _wait_for_replica_kdc_entry(self):
        master_dn = self.api.Object.server.get_dn(self.fqdn)
        kdc_dn = DN(('cn', 'KDC'), master_dn)

        ldap_uri = 'ldap://{}'.format(self.master_fqdn)

        with ipaldap.LDAPClient(ldap_uri,
                                cacert=paths.IPA_CA_CRT) as remote_ldap:
            remote_ldap.gssapi_bind()
            replication.wait_for_entry(remote_ldap, kdc_dn, timeout=60)

Exemple #3

0

Afficher le fichier

Fichier : krbinstance.py Projet : infraredgirl/freeipa

    def _wait_for_replica_kdc_entry(self):
        master_dn = self.api.Object.server.get_dn(self.fqdn)
        kdc_dn = DN(('cn', 'KDC'), master_dn)

        ldap_uri = 'ldap://{}'.format(self.master_fqdn)

        with ipaldap.LDAPClient(
                ldap_uri, cacert=paths.IPA_CA_CRT) as remote_ldap:
            remote_ldap.gssapi_bind()
            replication.wait_for_entry(remote_ldap, kdc_dn, timeout=60)

Exemple #4

0

Afficher le fichier

Fichier : krbinstance.py Projet : encukou/freeipa

 def _wait_for_replica_kdc_entry(self):
     master_dn = self.api.Object.server.get_dn(self.fqdn)
     kdc_dn = DN(('cn', 'KDC'), master_dn)
     ldap_uri = ipaldap.get_ldap_uri(self.master_fqdn)
     with ipaldap.LDAPClient(
             ldap_uri, cacert=paths.IPA_CA_CRT, start_tls=True
     ) as remote_ldap:
         remote_ldap.gssapi_bind()
         replication.wait_for_entry(
             remote_ldap,
             kdc_dn,
             timeout=api.env.replication_wait_timeout
         )

Exemple #5

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : yuanlz/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = ipautil.ipa_generate_password()
        self.admin_dn = _person_dn(self.admin_user)

        result = self.create_user(
            uid=self.admin_user,
            cn=self.admin_user,
            sn=self.admin_user,
            user_type='adminType',
            groups=self.admin_groups,
            force=True,
        )
        if result is None:
            return None  # something went wrong
        else:
            self.admin_password = result

        # Now wait until the other server gets replicated this data
        master_conn = ipaldap.LDAPClient.from_hostname_secure(self.master_host)
        logger.debug("Waiting %s seconds for %s to appear on %s",
                     api.env.replication_wait_timeout, self.admin_dn,
                     master_conn)
        deadline = time.time() + api.env.replication_wait_timeout
        while time.time() < deadline:
            time.sleep(1)
            try:
                master_conn.simple_bind(self.admin_dn, self.admin_password)
            except errors.ACIError:
                # user not replicated yet
                pass
            else:
                logger.debug("Successfully logged in as %s", self.admin_dn)
                break
        else:
            logger.error("Unable to log in as %s on %s", self.admin_dn,
                         master_conn)
            logger.info("[hint] tune with replication_wait_timeout")
            raise errors.NotFound(reason="{} did not replicate to {}".format(
                self.admin_dn, master_conn))

        # wait for group membership
        for group_dn in (_group_dn(group) for group in self.admin_groups):
            replication.wait_for_entry(
                master_conn,
                group_dn,
                timeout=api.env.replication_wait_timeout,
                attr='uniqueMember',
                attrvalue=self.admin_dn)

Exemple #6

0

Afficher le fichier

Fichier : httpinstance.py Projet : strikerttd/freeipa

    def request_service_keytab(self):
        super(HTTPInstance, self).request_service_keytab()

        if self.master_fqdn is not None:
            service_dn = DN(('krbprincipalname', self.principal),
                            api.env.container_service, self.suffix)

            ldap_uri = ipaldap.get_ldap_uri(self.master_fqdn)
            with ipaldap.LDAPClient(ldap_uri,
                                    start_tls=not self.promote,
                                    cacert=paths.IPA_CA_CRT) as remote_ldap:
                if self.promote:
                    remote_ldap.gssapi_bind()
                else:
                    remote_ldap.simple_bind(ipaldap.DIRMAN_DN,
                                            self.dm_password)
                replication.wait_for_entry(remote_ldap, service_dn, timeout=60)

Exemple #7

0

Afficher le fichier

Fichier : httpinstance.py Projet : martbab/freeipa

    def request_service_keytab(self):
        super(HTTPInstance, self).request_service_keytab()

        if self.master_fqdn is not None:
            service_dn = DN(('krbprincipalname', self.principal),
                            api.env.container_service,
                            self.suffix)

            ldap_uri = ipaldap.get_ldap_uri(self.master_fqdn)
            with ipaldap.LDAPClient(ldap_uri,
                                    start_tls=not self.promote,
                                    cacert=paths.IPA_CA_CRT) as remote_ldap:
                if self.promote:
                    remote_ldap.gssapi_bind()
                else:
                    remote_ldap.simple_bind(ipaldap.DIRMAN_DN,
                                            self.dm_password)
                replication.wait_for_entry(remote_ldap, service_dn, timeout=60)

Exemple #8

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : shanyin/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = binascii.hexlify(os.urandom(16))

        if not self.admin_conn:
            self.ldap_connect()

        self.admin_dn = DN(('uid', self.admin_user), ('ou', 'people'),
                           ('o', 'ipaca'))

        # remove user if left-over exists
        try:
            entry = self.admin_conn.delete_entry(self.admin_dn)
        except errors.NotFound:
            pass

        # add user
        entry = self.admin_conn.make_entry(self.admin_dn,
                                           objectclass=[
                                               "top", "person",
                                               "organizationalPerson",
                                               "inetOrgPerson", "cmsuser"
                                           ],
                                           uid=[self.admin_user],
                                           cn=[self.admin_user],
                                           sn=[self.admin_user],
                                           usertype=['adminType'],
                                           mail=['root@localhost'],
                                           userPassword=[self.admin_password],
                                           userstate=['1'])
        self.admin_conn.add_entry(entry)

        for group in self.admin_groups:
            self.__add_admin_to_group(group)

        # Now wait until the other server gets replicated this data
        master_conn = ipaldap.IPAdmin(self.master_host,
                                      port=389,
                                      protocol='ldap')
        master_conn.do_sasl_gssapi_bind()
        replication.wait_for_entry(master_conn, entry)
        del master_conn

Exemple #9

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : guanwei/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = binascii.hexlify(os.urandom(16))

        if not self.admin_conn:
            self.ldap_connect()

        self.admin_dn = DN(('uid', self.admin_user),
                           ('ou', 'people'), ('o', 'ipaca'))

        # remove user if left-over exists
        try:
            entry = self.admin_conn.delete_entry(self.admin_dn)
        except errors.NotFound:
            pass

        # add user
        entry = self.admin_conn.make_entry(
            self.admin_dn,
            objectclass=["top", "person", "organizationalPerson",
                         "inetOrgPerson", "cmsuser"],
            uid=[self.admin_user],
            cn=[self.admin_user],
            sn=[self.admin_user],
            usertype=['adminType'],
            mail=['root@localhost'],
            userPassword=[self.admin_password],
            userstate=['1']
        )
        self.admin_conn.add_entry(entry)

        for group in self.admin_groups:
            self.__add_admin_to_group(group)

        # Now wait until the other server gets replicated this data
        master_conn = ipaldap.IPAdmin(self.master_host,
                                      port=389,
                                      protocol='ldap')
        master_conn.do_sasl_gssapi_bind()
        replication.wait_for_entry(master_conn, entry)
        del master_conn

Exemple #10

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : yangmulang/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = ipautil.ipa_generate_password()
        self.admin_dn = DN(('uid', self.admin_user), ('ou', 'people'),
                           ('o', 'ipaca'))

        # remove user if left-over exists
        try:
            entry = api.Backend.ldap2.delete_entry(self.admin_dn)
        except errors.NotFound:
            pass

        # add user
        entry = api.Backend.ldap2.make_entry(
            self.admin_dn,
            objectclass=[
                "top", "person", "organizationalPerson", "inetOrgPerson",
                "cmsuser"
            ],
            uid=[self.admin_user],
            cn=[self.admin_user],
            sn=[self.admin_user],
            usertype=['adminType'],
            mail=['root@localhost'],
            userPassword=[self.admin_password],
            userstate=['1'])
        api.Backend.ldap2.add_entry(entry)

        for group in self.admin_groups:
            self.__add_admin_to_group(group)

        # Now wait until the other server gets replicated this data
        ldap_uri = ipaldap.get_ldap_uri(self.master_host)
        master_conn = ipaldap.LDAPClient(ldap_uri)
        master_conn.gssapi_bind()
        replication.wait_for_entry(master_conn, entry.dn)
        del master_conn

Exemple #11

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : infraredgirl/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = ipautil.ipa_generate_password()
        self.admin_dn = DN(('uid', self.admin_user),
                           ('ou', 'people'), ('o', 'ipaca'))

        # remove user if left-over exists
        try:
            entry = api.Backend.ldap2.delete_entry(self.admin_dn)
        except errors.NotFound:
            pass

        # add user
        entry = api.Backend.ldap2.make_entry(
            self.admin_dn,
            objectclass=["top", "person", "organizationalPerson",
                         "inetOrgPerson", "cmsuser"],
            uid=[self.admin_user],
            cn=[self.admin_user],
            sn=[self.admin_user],
            usertype=['adminType'],
            mail=['root@localhost'],
            userPassword=[self.admin_password],
            userstate=['1']
        )
        api.Backend.ldap2.add_entry(entry)

        for group in self.admin_groups:
            self.__add_admin_to_group(group)

        # Now wait until the other server gets replicated this data
        ldap_uri = ipaldap.get_ldap_uri(self.master_host)
        master_conn = ipaldap.LDAPClient(ldap_uri)
        master_conn.gssapi_bind()
        replication.wait_for_entry(master_conn, entry.dn)
        del master_conn

Exemple #12

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : phoenixhadoop/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = ipautil.ipa_generate_password()
        self.admin_dn = DN(
            ('uid', self.admin_user), self.ipaca_people
        )
        # remove user if left-over exists
        try:
            api.Backend.ldap2.delete_entry(self.admin_dn)
        except errors.NotFound:
            pass

        # add user
        entry = api.Backend.ldap2.make_entry(
            self.admin_dn,
            objectclass=["top", "person", "organizationalPerson",
                         "inetOrgPerson", "cmsuser"],
            uid=[self.admin_user],
            cn=[self.admin_user],
            sn=[self.admin_user],
            usertype=['adminType'],
            mail=['root@localhost'],
            userPassword=[self.admin_password],
            userstate=['1']
        )
        api.Backend.ldap2.add_entry(entry)

        wait_groups = []
        for group in self.admin_groups:
            group_dn = DN(('cn', group), self.ipaca_groups)
            mod = [(ldap.MOD_ADD, 'uniqueMember', [self.admin_dn])]
            try:
                api.Backend.ldap2.modify_s(group_dn, mod)
            except ldap.TYPE_OR_VALUE_EXISTS:
                # already there
                return None
            else:
                wait_groups.append(group_dn)

        # Now wait until the other server gets replicated this data
        master_conn = ipaldap.LDAPClient.from_hostname_secure(
            self.master_host
        )
        logger.debug(
            "Waiting for %s to appear on %s", self.admin_dn, master_conn
        )
        deadline = time.time() + api.env.replication_wait_timeout
        while time.time() < deadline:
            time.sleep(1)
            try:
                master_conn.simple_bind(self.admin_dn, self.admin_password)
            except errors.ACIError:
                # user not replicated yet
                pass
            else:
                logger.debug("Successfully logged in as %s", self.admin_dn)
                break
        else:
            logger.error(
                "Unable to log in as %s on %s", self.admin_dn, master_conn
            )
            raise errors.NotFound(
                reason="{} did not replicate to {}".format(
                    self.admin_dn, master_conn
                )
            )

        # wait for group membership
        for group_dn in wait_groups:
            replication.wait_for_entry(
                master_conn,
                group_dn,
                timeout=api.env.replication_wait_timeout,
                attr='uniqueMember',
                attrvalue=self.admin_dn
            )

Exemple #13

0

Afficher le fichier

Fichier : dogtaginstance.py Projet : tiran/freeipa

    def setup_admin(self):
        self.admin_user = "******" % self.fqdn
        self.admin_password = ipautil.ipa_generate_password()
        self.admin_dn = DN(
            ('uid', self.admin_user), self.ipaca_people
        )
        # remove user if left-over exists
        try:
            api.Backend.ldap2.delete_entry(self.admin_dn)
        except errors.NotFound:
            pass

        # add user
        entry = api.Backend.ldap2.make_entry(
            self.admin_dn,
            objectclass=["top", "person", "organizationalPerson",
                         "inetOrgPerson", "cmsuser"],
            uid=[self.admin_user],
            cn=[self.admin_user],
            sn=[self.admin_user],
            usertype=['adminType'],
            mail=['root@localhost'],
            userPassword=[self.admin_password],
            userstate=['1']
        )
        api.Backend.ldap2.add_entry(entry)

        wait_groups = []
        for group in self.admin_groups:
            group_dn = DN(('cn', group), self.ipaca_groups)
            mod = [(ldap.MOD_ADD, 'uniqueMember', [self.admin_dn])]
            try:
                api.Backend.ldap2.modify_s(group_dn, mod)
            except ldap.TYPE_OR_VALUE_EXISTS:
                # already there
                return None
            else:
                wait_groups.append(group_dn)

        # Now wait until the other server gets replicated this data
        master_conn = ipaldap.LDAPClient.from_hostname_secure(
            self.master_host
        )
        logger.debug(
            "Waiting for %s to appear on %s", self.admin_dn, master_conn
        )
        deadline = time.time() + api.env.replication_wait_timeout
        while time.time() < deadline:
            time.sleep(1)
            try:
                master_conn.simple_bind(self.admin_dn, self.admin_password)
            except errors.ACIError:
                # user not replicated yet
                pass
            else:
                logger.debug("Successfully logged in as %s", self.admin_dn)
                break
        else:
            logger.error(
                "Unable to log in as %s on %s", self.admin_dn, master_conn
            )
            raise errors.NotFound(
                reason="{} did not replicate to {}".format(
                    self.admin_dn, master_conn
                )
            )

        # wait for group membership
        for group_dn in wait_groups:
            replication.wait_for_entry(
                master_conn,
                group_dn,
                timeout=api.env.replication_wait_timeout,
                attr='uniqueMember',
                attrvalue=self.admin_dn
            )