def _configureSudo(self): Util.appendOrReplaceInFile(self.sudoersFilePath, 'Defaults:%s !requiretty' % self.cloudUsername, 'Defaults:%s !requiretty' % self.cloudUsername) Util.appendOrReplaceInFile(self.sudoersFilePath, '%s ALL= NOPASSWD: %s' % (self.cloudUsername, self.firewall.binary), '%s ALL= NOPASSWD: %s' % (self.cloudUsername, self.firewall.binary))
def _writeTgtdConfig(self): iscsi_config_filename = os.path.join(Defaults.ETC_DIR, 'iscsi.conf') if not os.path.exists(iscsi_config_filename): with open(iscsi_config_filename, 'w') as config: config.write(' ') pattern = 'include %s' % iscsi_config_filename Util.appendOrReplaceInFile('/etc/tgt/targets.conf', pattern, pattern)
def _configure(self): Util.printStep('Configuring OpenLDAP server') Util.printStep('Updating sysconfig') shutil.copyfile(self._sysconfigLdapTemplate, self._sysconfigLdap) Util.appendOrReplaceInFile(self._sysconfigLdap, 'SLAPD_LDAP=', 'SLAPD_LDAP=yes') Util.printStep('Setting root account access') Util.appendOrReplaceMultilineBlockInFile(self._openLdapConfig, self._accessValue, start='olcAccess: {0}to *', until='olcAddContentAcl:') Util.printStep('(Re-)starting slapd') cmd = 'service %s restart' % self._serviceName self._executeExitOnError(cmd) Util.printStep('Generating test certificate and moving into place') self._executeExitOnError(self._testCertCmd) self._executeExitOnError('mkdir -p /etc/openldap/cacerts') self._executeExitOnError('mv -f cacrt.jks /etc/openldap/cacerts/cacrt.jks') self._executeExitOnError('mv -f cacrt.pem /etc/openldap/cacerts/cacrt.pem') self._executeExitOnError('mv -f serverkey.pem /etc/openldap/serverkey.pem') self._executeExitOnError('mv -f servercrt.pem /etc/openldap/servercrt.pem') os.chmod('/etc/openldap/serverkey.pem', stat.S_IRUSR | stat.S_IWUSR) self._executeExitOnError('chown ldap:ldap /etc/openldap/serverkey.pem') Util.printStep('Updating server config. for generated certs') cmd = "ldapmodify -Y EXTERNAL -H ldapi:/// -f %s" % self._certConfigLdif Util.execute(cmd.split(' ')) Util.printStep('Updating client config. for generated certs') Util.appendOrReplaceInFile(self._ldapClientConfig, 'TLS_CACERT', 'TLS_CACERT /etc/openldap/cacerts/cacrt.pem') Util.printStep('Creating o=cloud database') Util.filePutContent(self._completeDatabaseTemplate, Util.fileGetContent(self._databaseTemplate) % self.__dict__) cmd = "ldapadd -Y EXTERNAL -H ldapi:/// -f %s" % self._completeDatabaseTemplate Util.execute(cmd.split(' ')) Util.printStep('Adding cloud database entries') cmd = "ldapadd -x -H ldaps://%s -D %s -w %s -f %s" % (self._nodename, self._openLdapAdminDn, self.openldapPassword, self._cloudDatabaseSkeleton) self._executeExitOnError(cmd)
def _fixUdevForLvmMonitoring(self): """See the issue: https://bugzilla.redhat.com/show_bug.cgi?id=577798#c5 1. Modify 80-udisks.rules 2. Install a cron job to modify 80-udisks.rules file to safeguard against udev package updates. """ fileName = '/lib/udev/rules.d/80-udisks.rules' if not os.path.exists(fileName): return search = 'KERNEL=="dm-*", OPTIONS+="watch"' replace = '#KERNEL=="dm-*", OPTIONS+="watch"' if re.search('^KERNEL=="dm-\*", OPTIONS\+="watch"', Util.fileGetContent(fileName), re.MULTILINE): Util.appendOrReplaceInFile(fileName, search, replace) #self.system.restartService('udev') data = """*/15 * * * * root sed -i -e 's/^KERNEL==\"dm-\*\", OPTIONS+=\"watch\"/%s/' %s""" % \ (replace, fileName) Util.filePutContent('/etc/cron.d/fix-udev-for-lvm-monitoring.cron', data)
def _configureProxyDefaultUsersUsernamePassword(self): filename = Defaults.AUTHN_CONFIG_FILE search = self.oneUsername replace = '%(oneUsername)s=%(proxyOneadminPassword)s,cloud-access' % self.__dict__ Util.appendOrReplaceInFile(filename, search, replace)
def configureQuarantine(self): filename = os.path.join(Defaults.ETC_DIR, 'quarantine.cfg') search = '^PERIOD.*$' replace = 'PERIOD=%(quarantinePeriod)s' % self.__dict__ Util.appendOrReplaceInFile(filename, search, replace)