[Freeipa-devel] [PATCH 6 of 7] Re-work template substitution code
Mark McLoughlin
markmc at redhat.com
Wed Jan 23 16:01:10 UTC 2008
# HG changeset patch
# User Mark McLoughlin <markmc at redhat.com>
# Date 1201102495 0
# Node ID 72921ec04550af04a518218bac5440f4e1e6da96
# Parent 32943922b23b325fbc63527ba469c0a2fd0dd3d7
Re-work template substitution code
In several places, we currently set up a dictionary of
variables to substitute into template files and then
use that same dictionary for multiple files.
In terms of code reduction, this is convenient, but
it terms out to be a nightmare to verify what files
need what variables.
For example, if you wanted to be able to re-write
configuration files when the hostname changes, then
you can't tell from looking at the code which files
need the hostname.
This patch re-works the substitution code so that
only the variables that are actually needed for a
given file are substituted in e.g.
self.__ldap_mod("memberof-task.ldif", SUFFIX = self.suffix)
Signed-off-by: Mark McLoughlin <markmc at redhat.com>
diff -r 32943922b23b -r 72921ec04550 ipa-client/ipaclient/ntpconf.py
--- a/ipa-client/ipaclient/ntpconf.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-client/ipaclient/ntpconf.py Wed Jan 23 15:34:55 2008 +0000
@@ -71,10 +71,7 @@ keys /etc/ntp/keys
"""
def config_ntp(server_fqdn):
- sub_dict = { }
- sub_dict["SERVER"] = server_fqdn
-
- nc = template_str(ntp_conf, sub_dict)
+ nc = template_str(ntp_conf, SERVER = server_fqdn)
shutil.copy("/etc/ntp.conf", "/etc/ntp.conf.ipasave")
diff -r 32943922b23b -r 72921ec04550 ipa-python/ipautil.py
--- a/ipa-python/ipautil.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-python/ipautil.py Wed Jan 23 15:34:55 2008 +0000
@@ -56,12 +56,12 @@ def realm_to_suffix(realm_name):
terms = ["dc=" + x.lower() for x in s]
return ",".join(terms)
-def template_str(txt, vars):
+def template_str(txt, **vars):
return string.Template(txt).substitute(vars)
-def template_file(infilename, vars):
+def template_file(infilename, **vars):
txt = open(infilename).read()
- return template_str(txt, vars)
+ return template_str(txt, **vars)
def write_tmp_file(txt):
fd = tempfile.NamedTemporaryFile()
diff -r 32943922b23b -r 72921ec04550 ipa-server/ipaserver/bindinstance.py
--- a/ipa-server/ipaserver/bindinstance.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-server/ipaserver/bindinstance.py Wed Jan 23 15:34:55 2008 +0000
@@ -35,7 +35,6 @@ class BindInstance(service.Service):
self.host = None
self.ip_address = None
self.realm = None
- self.sub_dict = None
def setup(self, fqdn, ip_address, realm_name):
self.fqdn = fqdn
@@ -43,8 +42,6 @@ class BindInstance(service.Service):
self.realm = realm_name
self.domain = fqdn[fqdn.find(".")+1:]
self.host = fqdn[:fqdn.find(".")]
-
- self.__setup_sub_dict()
def check_inst(self):
# So far this file is always present in both RHEL5 and Fedora if all the necessary
@@ -55,7 +52,11 @@ class BindInstance(service.Service):
return True
def create_sample_bind_zone(self):
- bind_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template", self.sub_dict)
+ bind_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template",
+ REALM = self.realm,
+ HOST = self.host,
+ IP = self.ip_address,
+ DOMAIN = self.domain)
[bind_fd, bind_name] = tempfile.mkstemp(".db","sample.zone.")
os.write(bind_fd, bind_txt)
os.close(bind_fd)
@@ -77,16 +78,13 @@ class BindInstance(service.Service):
except:
print "named service failed to start"
- def __setup_sub_dict(self):
- self.sub_dict = dict(FQDN=self.fqdn,
- IP=self.ip_address,
- DOMAIN=self.domain,
- HOST=self.host,
- REALM=self.realm)
-
def __setup_zone(self):
self.backup_state("domain", self.domain)
- zone_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template", self.sub_dict)
+ zone_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template",
+ REALM = self.realm,
+ HOST = self.host,
+ IP = self.ip_address,
+ DOMAIN = self.domain)
sysrestore.backup_file('/var/named/'+self.domain+'.zone.db')
zone_fd = open('/var/named/'+self.domain+'.zone.db', 'w')
zone_fd.write(zone_txt)
@@ -94,7 +92,10 @@ class BindInstance(service.Service):
def __setup_named_conf(self):
sysrestore.backup_file('/etc/named.conf')
- named_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.named.conf.template", self.sub_dict)
+ named_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.named.conf.template",
+ FQDN = self.fqdn,
+ DOMAIN = self.domain,
+ REALM = self.realm)
named_fd = open('/etc/named.conf', 'w')
named_fd.seek(0)
named_fd.truncate(0)
diff -r 32943922b23b -r 72921ec04550 ipa-server/ipaserver/dsinstance.py
--- a/ipa-server/ipaserver/dsinstance.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-server/ipaserver/dsinstance.py Wed Jan 23 15:34:55 2008 +0000
@@ -105,7 +105,6 @@ class DsInstance(service.Service):
self.suffix = None
self.host_name = None
self.dm_password = None
- self.sub_dict = None
self.domain = None
self.pkcs12_info = None
@@ -118,7 +117,6 @@ class DsInstance(service.Service):
self.dm_password = dm_password
self.domain = host_name[host_name.find(".")+1:]
self.pkcs12_info = pkcs12_info
- self.__setup_sub_dict()
self.step("creating directory server user", self.__create_ds_user)
self.step("creating directory server instance", self.__create_instance)
@@ -146,13 +144,6 @@ class DsInstance(service.Service):
self.backup_state("enabled", self.is_enabled())
self.chkconfig_on()
- def __setup_sub_dict(self):
- server_root = find_server_root()
- self.sub_dict = dict(FQHN=self.host_name, SERVERID=self.serverid,
- PASSWORD=self.dm_password, SUFFIX=self.suffix.lower(),
- REALM=self.realm_name, USER=self.ds_user,
- SERVER_ROOT=server_root, DOMAIN=self.domain)
-
def __create_ds_user(self):
user_exists = True
try:
@@ -174,7 +165,13 @@ class DsInstance(service.Service):
def __create_instance(self):
self.backup_state("running", self.is_running())
self.backup_state("serverid", self.serverid)
- inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict)
+ inf_txt = ipautil.template_str(INF_TEMPLATE,
+ FQHN = self.host_name,
+ USER = self.ds_user,
+ SERVER_ROOT = find_server_root(),
+ SERVERID = self.serverid,
+ SUFFIX = self.suffix,
+ PASSWORD = self.dm_password)
logging.debug(inf_txt)
inf_fd = ipautil.write_tmp_file(inf_txt)
logging.debug("writing inf template")
@@ -214,12 +211,12 @@ class DsInstance(service.Service):
# TODO: roll back here?
logging.critical("Failed to restart the ds instance")
- def __ldap_mod(self, ldif, sub_dict = None):
+ def __ldap_mod(self, ldif, **kw):
fd = None
path = ipautil.SHARE_DIR + ldif
- if not sub_dict is None:
- txt = ipautil.template_file(path, sub_dict)
+ if kw:
+ txt = ipautil.template_file(path, **kw)
fd = ipautil.write_tmp_file(txt)
path = fd.name
@@ -238,7 +235,7 @@ class DsInstance(service.Service):
self.__ldap_mod("memberof-conf.ldif")
def __init_memberof(self):
- self.__ldap_mod("memberof-task.ldif", self.sub_dict)
+ self.__ldap_mod("memberof-task.ldif", SUFFIX = self.suffix)
def __add_referint_module(self):
self.__ldap_mod("referint-conf.ldif")
@@ -247,10 +244,12 @@ class DsInstance(service.Service):
self.__ldap_mod("dna-conf.ldif")
def __config_uidgid_gen_first_master(self):
- self.__ldap_mod("dna-posix.ldif", self.sub_dict)
+ self.__ldap_mod("dna-posix.ldif", SUFFIX = self.suffix)
def __add_master_entry_first_master(self):
- self.__ldap_mod("master-entry.ldif", self.sub_dict)
+ self.__ldap_mod("master-entry.ldif",
+ SUFFIX = self.suffix,
+ FQHN = self.host_name)
def __enable_ssl(self):
dirname = config_dirname(self.serverid)
@@ -290,7 +289,10 @@ class DsInstance(service.Service):
conn.unbind()
def __add_default_layout(self):
- self.__ldap_mod("bootstrap-template.ldif", self.sub_dict)
+ self.__ldap_mod("bootstrap-template.ldif",
+ SUFFIX = self.suffix,
+ REALM = self.realm_name,
+ DOMAIN = self.domain)
def __create_indeces(self):
self.__ldap_mod("indeces.ldif")
diff -r 32943922b23b -r 72921ec04550 ipa-server/ipaserver/httpinstance.py
--- a/ipa-server/ipaserver/httpinstance.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-server/ipaserver/httpinstance.py Wed Jan 23 15:34:55 2008 +0000
@@ -59,7 +59,6 @@ class HTTPInstance(service.Service):
self.fqdn = fqdn
self.realm = realm
self.domain = fqdn[fqdn.find(".")+1:]
- self.sub_dict = { "REALM" : realm, "FQDN": fqdn, "DOMAIN" : self.domain }
self.step("disabling mod_ssl in httpd", self.__disable_mod_ssl)
self.step("Setting mod_nss port to 443", self.__set_mod_nss_port)
@@ -116,7 +115,9 @@ class HTTPInstance(service.Service):
os.chown("/etc/httpd/conf/ipa.keytab", pent.pw_uid, pent.pw_gid)
def __configure_http(self):
- http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf", self.sub_dict)
+ http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf",
+ FQDN = self.fqdn,
+ REALM = self.realm)
sysrestore.backup_file("/etc/httpd/conf.d/ipa.conf")
http_fd = open("/etc/httpd/conf.d/ipa.conf", "w")
http_fd.write(http_txt)
@@ -142,7 +143,8 @@ class HTTPInstance(service.Service):
ca.create_signing_cert("Signing-Cert", "cn=%s,ou=Signing Certificate,o=Identity Policy Audit" % self.fqdn, ds_ca)
def __setup_autoconfig(self):
- prefs_txt = ipautil.template_file(ipautil.SHARE_DIR + "preferences.html.template", self.sub_dict)
+ prefs_txt = ipautil.template_file(ipautil.SHARE_DIR + "preferences.html.template",
+ DOMAIN = self.domain)
prefs_fd = open("/usr/share/ipa/html/preferences.html", "w")
prefs_fd.write(prefs_txt)
prefs_fd.close()
diff -r 32943922b23b -r 72921ec04550 ipa-server/ipaserver/krbinstance.py
--- a/ipa-server/ipaserver/krbinstance.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-server/ipaserver/krbinstance.py Wed Jan 23 15:34:55 2008 +0000
@@ -88,7 +88,6 @@ class KrbInstance(service.Service):
self.master_password = None
self.suffix = None
self.kdc_password = None
- self.sub_dict = None
self.kpasswd = KpasswdInstance()
@@ -103,8 +102,6 @@ class KrbInstance(service.Service):
self.kdc_password = ipautil.ipa_generate_password()
self.admin_password = admin_password
- self.__setup_sub_dict()
-
# get a connection to the DS
try:
self.conn = ipaldap.IPAdmin(self.fqdn)
@@ -190,17 +187,8 @@ class KrbInstance(service.Service):
except:
logging.critical("krb5kdc service failed to start")
- def __setup_sub_dict(self):
- self.sub_dict = dict(FQDN=self.fqdn,
- IP=self.ip,
- PASSWORD=self.kdc_password,
- SUFFIX=self.suffix,
- DOMAIN=self.domain,
- HOST=self.host,
- REALM=self.realm)
-
- def __ldap_mod(self, ldif):
- txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict)
+ def __ldap_mod(self, ldif, **kw):
+ txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, **kw)
fd = ipautil.write_tmp_file(txt)
args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv",
@@ -263,31 +251,49 @@ class KrbInstance(service.Service):
raise e
def __add_krb_entries(self):
- self.__ldap_mod("kerberos.ldif")
+ self.__ldap_mod("kerberos.ldif",
+ SUFFIX = self.suffix,
+ PASSWORD = self.kdc_password)
def __add_default_acis(self):
- self.__ldap_mod("default-aci.ldif")
+ self.__ldap_mod("default-aci.ldif",
+ SUFFIX = self.suffix,
+ REALM = self.realm,
+ FQDN = self.fqdn)
def __add_default_keytypes(self):
- self.__ldap_mod("default-keytypes.ldif")
+ self.__ldap_mod("default-keytypes.ldif",
+ REALM = self.realm,
+ SUFFIX = self.suffix)
def __create_replica_instance(self):
self.__create_instance(replica=True)
- def __template_file(self, path):
+ def __template_file(self, path, **kw):
template = os.path.join(ipautil.SHARE_DIR, os.path.basename(path) + ".template")
- conf = ipautil.template_file(template, self.sub_dict)
+ conf = ipautil.template_file(template, **kw)
sysrestore.backup_file(path)
fd = open(path, "w+")
fd.write(conf)
fd.close()
def __create_instance(self, replica=False):
- self.__template_file("/var/kerberos/krb5kdc/kdc.conf")
- self.__template_file("/etc/krb5.conf")
- self.__template_file("/usr/share/ipa/html/krb5.ini")
- self.__template_file("/usr/share/ipa/html/krb.con")
- self.__template_file("/usr/share/ipa/html/krbrealm.con")
+ self.__template_file("/var/kerberos/krb5kdc/kdc.conf",
+ REALM = self.realm)
+ self.__template_file("/etc/krb5.conf",
+ REALM = self.realm,
+ DOMAIN = self.domain,
+ FQDN = self.fqdn,
+ SUFFIX = self.suffix)
+ self.__template_file("/usr/share/ipa/html/krb5.ini",
+ REALM = self.realm,
+ DOMAIN = self.domain,
+ FQDN = self.fqdn)
+ self.__template_file("/usr/share/ipa/html/krb.con",
+ REALM = self.realm,
+ DOMAIN = self.domain)
+ self.__template_file("/usr/share/ipa/html/krbrealm.con",
+ REALM = self.realm)
if not replica:
#populate the directory with the realm structure
@@ -319,7 +325,7 @@ class KrbInstance(service.Service):
#add the password extop module
def __add_pwd_extop_module(self):
- self.__ldap_mod("pwd-extop-conf.ldif")
+ self.__ldap_mod("pwd-extop-conf.ldif", SUFFIX = self.suffix)
#get the Master Key from the stash file
try:
diff -r 32943922b23b -r 72921ec04550 ipa-server/ipaserver/ntpinstance.py
--- a/ipa-server/ipaserver/ntpinstance.py Tue Jan 22 16:42:45 2008 +0000
+++ b/ipa-server/ipaserver/ntpinstance.py Wed Jan 23 15:34:55 2008 +0000
@@ -39,12 +39,10 @@ class NTPInstance(service.Service):
elif ipautil.file_exists("/etc/redhat-release"):
os = "rhel."
- sub_dict = { }
- sub_dict["SERVERA"] = "0.%spool.ntp.org" % os
- sub_dict["SERVERB"] = "1.%spool.ntp.org" % os
- sub_dict["SERVERC"] = "2.%spool.ntp.org" % os
-
- ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template", sub_dict)
+ ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template",
+ SERVERA = "0.%spool.ntp.org" % os,
+ SERVERB = "1.%spool.ntp.org" % os,
+ SERVERC = "2.%spool.ntp.org" % os)
sysrestore.backup_file("/etc/ntp.conf")
More information about the Freeipa-devel
mailing list