def __restore_config(self): port = self.restore_state('nsslapd-port') security = self.restore_state('nsslapd-security') global_lock = self.restore_state('nsslapd-global-backend-lock') ldif_outfile = "%s.modified.out" % self.filename with open(ldif_outfile, "wb") as out_file: with open(self.filename, "rb") as in_file: parser = installutils.ModifyLDIF(in_file, out_file) if port is not None: parser.replace_value("cn=config", "nsslapd-port", [port]) if security is not None: parser.replace_value("cn=config", "nsslapd-security", [security]) # disable global lock by default parser.remove_value("cn=config", "nsslapd-global-backend-lock") if global_lock is not None: parser.add_value("cn=config", "nsslapd-global-backend-lock", [global_lock]) parser.parse() shutil.copy2(ldif_outfile, self.filename)
def __update_dse_ldif(self): """ This method updates dse.ldif right after instance creation. This is supposed to allow admin modify configuration of the DS which has to be done before IPA is fully installed (for example: settings for replication on replicas) DS must be turned off. """ dse_filename = os.path.join( paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % self.serverid, 'dse.ldif' ) with tempfile.NamedTemporaryFile( mode='w', delete=False) as new_dse_ldif: temp_filename = new_dse_ldif.name with open(dse_filename, "r") as input_file: parser = installutils.ModifyLDIF(input_file, new_dse_ldif) parser.replace_value( 'cn=config,cn=ldbm database,cn=plugins,cn=config', 'nsslapd-db-locks', [b'50000'] ) if self.config_ldif: # parse modifications from ldif file supplied by the admin with open(self.config_ldif, "r") as config_ldif: parser.modifications_from_ldif(config_ldif) parser.parse() new_dse_ldif.flush() shutil.copy2(temp_filename, dse_filename) try: os.remove(temp_filename) except OSError as e: logger.debug("Failed to clean temporary file: %s", e)
def __disable_schema_compat(self): ldif_outfile = "%s.modified.out" % self.filename with open(self.filename, "r") as in_file: parser = GetEntryFromLDIF(in_file, entries_dn=[COMPAT_DN]) parser.parse() try: compat_entry = parser.get_results()[COMPAT_DN] except KeyError: return if not compat_entry.get('nsslapd-pluginEnabled'): return with open(ldif_outfile, "w") as out_file: with open(self.filename, "r") as in_file: parser = installutils.ModifyLDIF(in_file, out_file) parser.remove_value(COMPAT_DN, "nsslapd-pluginEnabled") parser.remove_value(COMPAT_DN, "nsslapd-pluginenabled") parser.add_value(COMPAT_DN, "nsslapd-pluginEnabled", [b"off"]) parser.parse() shutil.copy2(ldif_outfile, self.filename)
def __restore_config(self): port = self.restore_state('nsslapd-port') security = self.restore_state('nsslapd-security') global_lock = self.restore_state('nsslapd-global-backend-lock') schema_compat_enabled = self.restore_state('schema_compat_enabled') ldif_outfile = "%s.modified.out" % self.filename with open(ldif_outfile, "w") as out_file: with open(self.filename, "r") as in_file: parser = installutils.ModifyLDIF(in_file, out_file) if port is not None: parser.replace_value( "cn=config", "nsslapd-port", [port.encode('utf-8')]) if security is not None: parser.replace_value("cn=config", "nsslapd-security", [security.encode('utf-8')]) # disable global lock by default parser.remove_value("cn=config", "nsslapd-global-backend-lock") if global_lock is not None: parser.add_value("cn=config", "nsslapd-global-backend-lock", [global_lock.encode('utf-8')]) if schema_compat_enabled is not None: parser.replace_value( COMPAT_DN, "nsslapd-pluginEnabled", [schema_compat_enabled.encode('utf-8')]) parser.parse() shutil.copy2(ldif_outfile, self.filename)
def __enable_ds_global_write_lock(self): ldif_outfile = "%s.modified.out" % self.filename with open(ldif_outfile, "w") as out_file: with open(self.filename, "r") as in_file: parser = installutils.ModifyLDIF(in_file, out_file) parser.replace_value("cn=config", "nsslapd-global-backend-lock", [b"on"]) parser.parse() shutil.copy2(ldif_outfile, self.filename)
def __disable_listeners(self): ldif_outfile = "%s.modified.out" % self.filename with open(ldif_outfile, "w") as out_file: with open(self.filename, "r") as in_file: parser = installutils.ModifyLDIF(in_file, out_file) parser.replace_value("cn=config", "nsslapd-port", [b"0"]) parser.replace_value("cn=config", "nsslapd-security", [b"off"]) parser.remove_value("cn=config", "nsslapd-ldapientrysearchbase") parser.parse() shutil.copy2(ldif_outfile, self.filename)
def __restore_config(self): # peek the values during the restoration port = self.get_state('nsslapd-port') security = self.get_state('nsslapd-security') global_lock = self.get_state('nsslapd-global-backend-lock') schema_compat_enabled = self.get_state('schema_compat_enabled') ldif_outfile = "%s.modified.out" % self.filename with open(ldif_outfile, "w") as out_file: with open(self.filename, "r") as in_file: parser = installutils.ModifyLDIF(in_file, out_file) if port is not None: parser.replace_value("cn=config", "nsslapd-port", [port.encode('utf-8')]) if security is not None: parser.replace_value("cn=config", "nsslapd-security", [security.encode('utf-8')]) # disable global lock by default parser.remove_value("cn=config", "nsslapd-global-backend-lock") if global_lock is not None: parser.add_value("cn=config", "nsslapd-global-backend-lock", [global_lock.encode('utf-8')]) if schema_compat_enabled is not None: parser.replace_value( COMPAT_DN, "nsslapd-pluginEnabled", [schema_compat_enabled.encode('utf-8')]) parser.parse() shutil.copy2(ldif_outfile, self.filename) # Now the restore is really done, remove upgrade-in-progress self.restore_state('upgrade-in-progress') # the values are restored, remove from the state file self.restore_state('nsslapd-port') self.restore_state('nsslapd-security') self.restore_state('nsslapd-global-backend-lock') self.restore_state('schema_compat_enabled')