def example():
# 1. Initialize ipalib
#
# Run ./python-api.py --help to see the global options. Some useful
# options:
#
# -v Produce more verbose output
# -d Produce full debugging output
# -e in_server=True Force running in server mode
# -e xmlrpc_uri=https://foo.com/ipa/xml # Connect to a specific server
api.bootstrap_with_global_options(context='example')
api.finalize()
# You will need to create a connection. If you're in_server, call
# Backend.ldap.connect(), otherwise Backend.rpcclient.connect().
if api.env.in_server:
api.Backend.ldap2.connect()
else:
api.Backend.rpcclient.connect()
# Now that you're connected, you can make calls to api.Command.whatever():
print('The admin user:'******'admin'))
def __init__(self, context, ldap_pass):
ipa_api.bootstrap_with_global_options(context=context)
ipa_api.finalize()
ipa_api.Backend.xmlclient.connect()
self.ldap_pass = ldap_pass
self.ldapmod = LDAPMOD + [ldap_pass, ]
def __init__(self):
if self.__kerberos_has_ticket() is False:
self.__kerberos_init()
if api.isdone('finalize') is False:
api.bootstrap_with_global_options(context='api')
api.finalize()
api.Backend.rpcclient.connect()
self.redis = redis.StrictRedis(host=settings.REDIS_HOST, port=settings.REDIS_PORT, db=settings.REDIS_DB, password=settings.REDIS_PASSWORD)
def main():
if os.getegid() != 0:
sys.exit("Must be root to run this script")
standard_logging_setup(verbose=True)
# In 3.0, restarting needs access to api.env
api.bootstrap_with_global_options(context='server', confdir=paths.ETC_IPA)
add_ca_schema()
restart_pki_ds()
root_logger.info('Schema updated successfully')
def main():
if os.getegid() != 0:
sys.exit("Must be root to run this script")
standard_logging_setup(verbose=True)
# In 3.0, restarting needs access to api.env
api.bootstrap_with_global_options(context="server", confdir=paths.ETC_IPA)
add_ca_schema()
restart_pki_ds()
root_logger.info("Schema updated successfully")
def main():
if os.getegid() != 0:
sys.exit("Must be root to run this script")
standard_logging_setup(verbose=True)
# In 3.0, restarting needs access to api.env
api.bootstrap_with_global_options(context='server')
add_ca_schema()
restart_pki_ds()
update_mod_nss_cipher_suite()
restart_http()
root_logger.info('Schema updated successfully')
def run(api):
error = None
try:
(_options, argv) = api.bootstrap_with_global_options(context='cli')
try:
check_client_configuration()
except ScriptError as e:
sys.exit(e)
for klass in cli_plugins:
api.add_plugin(klass)
api.finalize()
if not 'config_loaded' in api.env and not 'help' in argv:
raise NotConfiguredError()
sys.exit(api.Backend.cli.run(argv))
except KeyboardInterrupt:
print('')
logger.info('operation aborted')
except PublicError as e:
error = e
except Exception as e:
logger.exception('%s: %s', e.__class__.__name__, str(e))
error = InternalError()
if error is not None:
assert isinstance(error, PublicError)
logger.error(error.strerror)
sys.exit(error.rval)
def run(api):
error = None
try:
(_options, argv) = api.bootstrap_with_global_options(context='cli')
try:
check_client_configuration()
except ScriptError as e:
sys.exit(e)
for klass in cli_plugins:
api.add_plugin(klass)
api.finalize()
if not 'config_loaded' in api.env and not 'help' in argv:
raise NotConfiguredError()
sys.exit(api.Backend.cli.run(argv))
except KeyboardInterrupt:
print('')
logger.info('operation aborted')
except PublicError as e:
error = e
except Exception as e:
logger.exception('%s: %s', e.__class__.__name__, str(e))
error = InternalError()
if error is not None:
assert isinstance(error, PublicError)
logger.error(error.strerror)
sys.exit(error.rval)
def init_api():
"""Initialize FreeIPA API from command line
"""
parser = optparse.OptionParser()
parser.add_option(
'--dev',
help='Run WebUI in development mode',
default=True,
action='store_false',
dest='prod',
)
parser.add_option(
'--host',
help='Listen on address HOST (default 127.0.0.1)',
default='127.0.0.1',
)
parser.add_option(
'--port',
help='Listen on PORT (default 8888)',
default=8888,
type='int',
)
parser.add_option(
'--enable-profiler',
help="Path to WSGI profiler directory or '-' for stderr",
default=None,
type='str',
)
api.env.in_server = True
api.env.startup_traceback = True
# workaround for RefererError in rpcserver
api.env.in_tree = True
# workaround: AttributeError: locked: cannot set ldap2.time_limit to None
api.env.mode = 'production'
# pylint: disable=unused-variable
options, args = api.bootstrap_with_global_options(parser, context='lite')
api.env._merge(
lite_port=options.port,
lite_host=options.host,
webui_prod=options.prod,
lite_profiler=options.enable_profiler,
lite_pem=api.env._join('dot_ipa', 'lite.pem'),
)
api.finalize()
import copy
import json
import docopt # sudo dnf install python-docopt
from ipalib import parameters
from ipalib import api, errors
from ipalib.cli import cli_plugins
from ipapython import ipautil, ipaldap
from ipapython.dn import DN
from ipalib.rpc import json_encode_binary
argv = list(sys.argv[1:])
del sys.argv[1:]
api.bootstrap_with_global_options(context='cli')
api.load_plugins()
for cls in cli_plugins:
api.register(cls)
api.finalize()
try:
from ipalib.plugins.permission import DNOrURL
except ImportError:
class DNOrURL(object): pass
def shell_quote(string):
if re.match('^[-._~a-zA-Z0-9]+$', string):
return string
else:
return ipautil.shell_quote(string)
def init_api():
api.bootstrap_with_global_options(context="cli")
api.add_plugin(cli)
api.finalize()
api.Backend.cli.create_context()
import copy
import json
import docopt # sudo dnf install python-docopt
from ipalib import parameters
from ipalib import api, errors
from ipalib.cli import cli_plugins
from ipapython import ipautil, ipaldap
from ipapython.dn import DN
from ipalib.rpc import json_encode_binary
argv = list(sys.argv[1:])
del sys.argv[1:]
api.bootstrap_with_global_options(context='cli')
api.load_plugins()
for cls in cli_plugins:
api.register(cls)
api.finalize()
try:
from ipalib.plugins.permission import DNOrURL
except ImportError:
class DNOrURL(object):
pass
def shell_quote(string):
if re.match('^[-._~a-zA-Z0-9]+$', string):
import os
import pwd
import codecs
import sys
import getpass
import httplib2
import base64
from lxml import objectify
from lxml import etree
from ipaserver.plugins.ldap2 import ldap2
from ipalib import api
import ipalib.errors
"""
from ipalib import api
api.bootstrap_with_global_options(context='example', in_server=True)
api.finalize()
if api.env.in_server:
api.Backend.ldap2.connect(
ccache=api.Backend.krb.default_ccname()
)
else:
api.Backend.rpcclient.connect()
from ipalib.plugins.dns import DNSName
./.python_history:api.Command.dnsrecord_find(DNSName('test55.example.com'))
result = api.Command.dnsrecord_find(nnzone, u'test55')['result']
"""
def init_api(ccname):
"""Initialize FreeIPA API from command line
"""
parser = optparse.OptionParser()
parser.add_option(
'--dev',
help='Run WebUI in development mode',
default=True,
action='store_false',
dest='prod',
)
parser.add_option(
'--host',
help='Listen on address HOST (default 127.0.0.1)',
default='127.0.0.1',
)
parser.add_option(
'--port',
help='Listen on PORT (default 8888)',
default=8888,
type='int',
)
parser.add_option(
'--enable-profiler',
help="Path to WSGI profiler directory or '-' for stderr",
default=None,
type='str',
)
api.env.in_server = True
api.env.startup_traceback = True
# workaround for RefererError in rpcserver
api.env.in_tree = True
# workaround: AttributeError: locked: cannot set ldap2.time_limit to None
api.env.mode = 'production'
start_time = time.time()
# pylint: disable=unused-variable
options, args = api.bootstrap_with_global_options(parser, context='lite')
api.env._merge(
lite_port=options.port,
lite_host=options.host,
webui_prod=options.prod,
lite_profiler=options.enable_profiler,
lite_pem=api.env._join('dot_ipa', 'lite.pem'),
)
api.finalize()
api_time = time.time()
logger.info("API initialized in %03f sec", api_time - start_time)
# Validate LDAP connection and pre-fetch schema
# Pre-fetching makes the lite-server behave similar to mod_wsgi. werkzeug's
# multi-process WSGI server forks a new process for each request while
# mod_wsgi handles multiple request in a daemon process. Without schema
# cache, every lite server request would download the LDAP schema and
# distort performance profiles.
ldap2 = api.Backend.ldap2
try:
if not ldap2.isconnected():
ldap2.connect(ccache=ccname)
except NetworkError as e:
logger.error("Unable to connect to LDAP: %s", e)
logger.error("lite-server needs a working LDAP connect. Did you "
"configure ldap_uri in '%s'?", api.env.conf_default)
sys.exit(2)
else:
# prefetch schema
assert ldap2.schema
# Disconnect main process, each WSGI request handler subprocess will
# must have its own connection.
ldap2.disconnect()
ldap_time = time.time()
logger.info("LDAP schema retrieved %03f sec", ldap_time - api_time)
action='store_false',
dest='prod',
)
parser.add_option('--host',
help='Listen on address HOST (default 127.0.0.1)',
default='127.0.0.1',
)
parser.add_option('--port',
help='Listen on PORT (default 8888)',
default=8888,
type='int',
)
api.env.in_server = True
api.env.startup_traceback = True
(options, args) = api.bootstrap_with_global_options(parser, context='lite')
api.env._merge(
lite_port=options.port,
lite_host=options.host,
webui_prod=options.prod,
lite_pem=api.env._join('dot_ipa', 'lite.pem'),
)
api.finalize()
urlmap = URLMap()
apps = [
('IPA', KRBCheater(api.Backend.wsgi_dispatch)),
('webUI', KRBCheater(WebUIApp())),
]
for (name, app) in apps:
urlmap[app.url] = app
def init_api(ccname):
"""Initialize FreeIPA API from command line
"""
from ipalib import __file__ as ipalib_file
from ipalib import api
from ipalib.errors import NetworkError
importdir = os.path.dirname(os.path.dirname(os.path.abspath(ipalib_file)))
if importdir != BASEDIR:
warnings.warn(
"ipalib was imported from '{}' instead of '{}'!".format(
importdir, BASEDIR), RuntimeWarning)
parser = optparse.OptionParser()
parser.add_option(
'--dev',
help='Run WebUI in development mode',
default=True,
action='store_false',
dest='prod',
)
parser.add_option(
'--host',
help='Listen on address HOST (default 127.0.0.1)',
default='127.0.0.1',
)
parser.add_option(
'--port',
help='Listen on PORT (default 8888)',
default=8888,
type='int',
)
parser.add_option(
'--enable-profiler',
help="Path to WSGI profiler directory or '-' for stderr",
default=None,
type='str',
)
parser.add_option(
'--enable-tracemalloc',
help="Enable memory tracer",
default=0,
type='int',
)
api.env.in_server = True
api.env.startup_traceback = True
# workaround for RefererError in rpcserver
api.env.in_tree = True
# workaround: AttributeError: locked: cannot set ldap2.time_limit to None
api.env.mode = 'production'
start_time = time.time()
# pylint: disable=unused-variable
options, args = api.bootstrap_with_global_options(parser, context='lite')
api.env._merge(
lite_port=options.port,
lite_host=options.host,
webui_prod=options.prod,
lite_profiler=options.enable_profiler,
lite_tracemalloc=options.enable_tracemalloc,
lite_pem=api.env._join('dot_ipa', 'lite.pem'),
)
api.finalize()
api_time = time.time()
logger.info("API initialized in %0.3f sec", api_time - start_time)
# Validate LDAP connection and pre-fetch schema
# Pre-fetching makes the lite-server behave similar to mod_wsgi. werkzeug's
# multi-process WSGI server forks a new process for each request while
# mod_wsgi handles multiple request in a daemon process. Without schema
# cache, every lite server request would download the LDAP schema and
# distort performance profiles.
ldap2 = api.Backend.ldap2
try:
if not ldap2.isconnected():
ldap2.connect(ccache=ccname)
except NetworkError as e:
logger.error("Unable to connect to LDAP: %s", e)
logger.error(
"lite-server needs a working LDAP connect. Did you "
"configure ldap_uri in '%s'?", api.env.conf_default)
sys.exit(2)
else:
# prefetch schema
assert ldap2.schema
# Disconnect main process, each WSGI request handler subprocess will
# must have its own connection.
ldap2.disconnect()
ldap_time = time.time()
logger.info("LDAP schema retrieved %0.3f sec", ldap_time - api_time)
return api
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
from __future__ import print_function
from ipalib import api
# 1. Initialize ipalib
#
# Run ./python-api.py --help to see the global options. Some useful options:
#
# -v Produce more verbose output
# -d Produce full debugging output
# -e in_server=True Force running in server mode
# -e xmlrpc_uri=https://foo.com/ipa/xml # Connect to a specific server
api.bootstrap_with_global_options(context='example')
api.finalize()
# You will need to create a connection. If you're in_server, call
# Backend.ldap.connect(), otherwise Backend.rpcclient.connect().
if api.env.in_server:
api.Backend.ldap2.connect()
else:
api.Backend.rpcclient.connect()
# Now that you're connected, you can make calls to api.Command.whatever():
print('The admin user:'******'admin'))
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
from ipalib import api
# 1. Initialize ipalib
#
# Run ./python-api.py --help to see the global options. Some useful options:
#
# -v Produce more verbose output
# -d Produce full debugging output
# -e in_server=True Force running in server mode
# -e xmlrpc_uri=https://foo.com/ipa/xml # Connect to a specific server
api.bootstrap_with_global_options(context='example')
api.finalize()
# You will need to create a connection. If you're in_server, call
# Backend.ldap.connect(), otherwise Backend.rpcclient.connect().
if api.env.in_server:
api.Backend.ldap2.connect()
else:
api.Backend.rpcclient.connect()
# Now that you're connected, you can make calls to api.Command.whatever():
print('The admin user:'******'admin'))
)
parser.add_option(
'--host',
help='Listen on address HOST (default 127.0.0.1)',
default='127.0.0.1',
)
parser.add_option(
'--port',
help='Listen on PORT (default 8888)',
default=8888,
type='int',
)
api.env.in_server = True
api.env.startup_traceback = True
(options, args) = api.bootstrap_with_global_options(parser, context='lite')
api.env._merge(
lite_port=options.port,
lite_host=options.host,
webui_prod=options.prod,
lite_pem=api.env._join('dot_ipa', 'lite.pem'),
)
api.finalize()
urlmap = URLMap()
apps = [
('IPA', KRBCheater(api.Backend.wsgi_dispatch)),
('webUI', KRBCheater(WebUIApp())),
]
for (name, app) in apps:
urlmap[app.url] = app
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
from ipalib import api
# 1. Initialize ipalib
#
# Run ./python-api.py --help to see the global options. Some useful options:
#
# -v Produce more verbose output
# -d Produce full debugging output
# -e in_server=True Force running in server mode
# -e xmlrpc_uri=https://foo.com/ipa/xml # Connect to a specific server
api.bootstrap_with_global_options(context="example")
api.finalize()
# You will need to create a connection. If you're in_server, call
# Backend.ldap.connect(), otherwise Backend.rpcclient.connect().
if api.env.in_server:
api.Backend.ldap2.connect(ccache=api.Backend.krb.default_ccname())
else:
api.Backend.rpcclient.connect()
# Now that you're connected, you can make calls to api.Command.whatever():
print "The admin user:"******"admin")
