Esempio n. 1
0
    def ldap_disable(self, name, fqdn, ldap_suffix):
        assert isinstance(ldap_suffix, DN)

        entry_dn = DN(('cn', name), ('cn', fqdn), api.env.container_masters,
                      ldap_suffix)
        search_kw = {'ipaConfigString': ENABLED_SERVICE}
        filter = api.Backend.ldap2.make_filter(search_kw)
        try:
            entries, _truncated = api.Backend.ldap2.find_entries(
                filter=filter,
                attrs_list=['ipaConfigString'],
                base_dn=entry_dn,
                scope=api.Backend.ldap2.SCOPE_BASE)
        except errors.NotFound:
            logger.debug("service %s startup entry already disabled", name)
            return

        assert len(entries) == 1  # only one entry is expected
        entry = entries[0]

        # case insensitive
        for value in entry.get('ipaConfigString', []):
            if value.lower() == ENABLED_SERVICE.lower():
                entry['ipaConfigString'].remove(value)
                break

        try:
            api.Backend.ldap2.update_entry(entry)
        except errors.EmptyModlist:
            pass
        except BaseException:
            logger.debug("failed to disable service %s startup entry", name)
            raise

        logger.debug("service %s startup entry disabled", name)
Esempio n. 2
0
def _set_services_state(fqdn, dest_state):
    """Change all services of a host

    :param fqdn: hostname of server
    :param dest_state: destination state
    """
    ldap2 = api.Backend.ldap2
    search_base = DN(('cn', fqdn), api.env.container_masters, api.env.basedn)

    source_states = {
        CONFIGURED_SERVICE.lower(),
        ENABLED_SERVICE.lower(),
        HIDDEN_SERVICE.lower()
    }
    source_states.remove(dest_state.lower())

    search_filter = ldap2.combine_filters(
        [
            ldap2.make_filter({'objectClass': 'ipaConfigObject'}),
            ldap2.make_filter(
                {'ipaConfigString': list(source_states)},
                rules=ldap2.MATCH_ANY
            ),
        ],
        rules=ldap2.MATCH_ALL
    )

    entries = ldap2.get_entries(
        search_base,
        filter=search_filter,
        scope=api.Backend.ldap2.SCOPE_ONELEVEL,
        attrs_list=['cn', 'ipaConfigString']
    )
    for entry in entries:
        name = entry['cn']
        cfgstrings = entry.setdefault('ipaConfigString', [])
        for value in list(cfgstrings):
            if value.lower() in source_states:
                cfgstrings.remove(value)
        if not case_insensitive_attr_has_value(cfgstrings, dest_state):
            cfgstrings.append(dest_state)

        try:
            ldap2.update_entry(entry)
        except errors.EmptyModlist:
            logger.debug("Nothing to do for service %s", name)
        except Exception:
            logger.exception("failed to set service %s config values", name)
            raise
        else:
            logger.debug(
                "Set service %s for %s to %s", name, fqdn, dest_state
            )