[Fedora-directory-commits] adminserver/admserv/newinst/src AdminServer.pm.in, 1.12, 1.13 ConfigDSDialogs.pm, 1.6, 1.7 adminserver.map.in, 1.9, 1.10 dirserver.map.in, 1.9, 1.10 migrate-ds-admin.res.in, 1.2, 1.3 setup-ds-admin.pl.in, 1.11, 1.12 setup-ds-admin.res.in, 1.9, 1.10

Richard Allen Megginson (rmeggins) fedora-directory-commits at redhat.com
Mon Jul 14 18:43:04 UTC 2008


Author: rmeggins

Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11622/adminserver/admserv/newinst/src

Modified Files:
	AdminServer.pm.in ConfigDSDialogs.pm adminserver.map.in 
	dirserver.map.in migrate-ds-admin.res.in setup-ds-admin.pl.in 
	setup-ds-admin.res.in 
Log Message:
Resolves: bug 431103
Bug Description: Cannot setup ds with remote config DS
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: This fix has two main parts.  The first part is to fix setup.  I took parts out of the 01nsroot template and put them into the templates that set up the directory server and admin server.  So when those servers are registered, they will create those common entries if not present, or otherwise modify them to add the necessary information.  I had to add uname_m and uname_a and some other items to the mapping files.  I fixed a typo in one of the template files.  I changed setup to create new directory server instances shutdown, so that when they are configured for the passthrough auth plugin, it will be working when started.  Otherwise, directory servers you create with setup will not be manageable in the console until after they are restarted.  This is the same way that ds_create works.
The second part of the fix is to allow people to fix "broken" installs.  I added a -u (update) option to setup.  This will scan for exsiting installations are re-register all servers found.  The dialog flow is pretty simple - it just confirms that you want to run update mode, then asks for the config ds information, then re-registers all servers with the config ds, updating any information that is missing or outdated.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: Yes - need to document the new -u option.



Index: AdminServer.pm.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminServer.pm.in,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- AdminServer.pm.in	7 Dec 2007 00:09:36 -0000	1.12
+++ AdminServer.pm.in	14 Jul 2008 18:43:02 -0000	1.13
@@ -186,12 +186,37 @@
     return 1;
 }
 
+# sub addDefaultSecurityInfo {
+#     my $setup = shift;
+#     my $inf = $setup->{inf};
+#     my $configdir = shift;
+#     my $reconfig = shift;
+#     my @errs;
+
+#     my $admConf = getAdmConf($configdir);
+#     my $localconf = "$configdir/local.conf";
+#     if (!open(LOCALCONF, ">$localconf")) {
+#         $setup->msg($FATAL, 'error_updating_localconf', $localconf, $!);
+#         return 0;
+#     }
+
+#     if (!open(CONSOLECONF, "$admConf->{configdir}/console.conf")) {
+#         debug(0, "Error opening $admConf->{configdir}/console.conf: $!");
+#         return 0;
+#     }
+
+#     print LOCALCONF "configuration.Encryption\n";
+
+#     close(LOCALCONF);
+#     return 1;
+# }
+
 # This is how we extract the sie and isie as the as entries are
 # being added
 sub registercb {
     my ($context, $entry, $errs) = @_;
 
-    my $rc = check_and_add_entry([$context->{conn}, $context->{reconfig}], $entry, $errs);
+    my $rc = check_and_add_entry([$context->{conn}], $entry, $errs);
     my $setup = $context->{setup};
     if ($rc) {
         if ($entry->hasValue('objectclass', 'nsApplication', 1)) {
@@ -218,7 +243,6 @@
     my $setup = shift;
     my $inf = $setup->{inf};
     my $configdir = shift;
-    my $reconfig = shift;
     my @errs;
 
     $setup->msg('registering_adminserver');
@@ -261,7 +285,7 @@
         $setup->msg($FATAL, 'error_updating_localconf', $localconf, $!);
         return 0;
     }
-    my $context = {conn => $conn, localfh => \*LOCALCONF, setup => $setup, reconfig => $reconfig};
+    my $context = {conn => $conn, localfh => \*LOCALCONF, setup => $setup};
     getMappedEntries($mapper, \@ldiffiles, \@errs, \&registercb, $context);
     close(LOCALCONF);
 
@@ -418,6 +442,14 @@
         $ENV{ADMSERV_PID_DIR} ||
         "@piddir@";
 
+    # if we're just doing the update, just register and return
+    if ($setup->{update}) {
+        if (!registerASWithConfigDS($setup, $configdir)) {
+            return 0;
+        }
+        return 1;
+    }
+
     if (!createASFilesAndDirs($setup, $configdir, $securitydir, $logdir, $rundir)) {
         return 0;
     }
@@ -426,7 +458,7 @@
         return 0;
     }
 
-    if (!registerASWithConfigDS($setup, $configdir, $reconfig)) {
+    if (!registerASWithConfigDS($setup, $configdir)) {
         return 0;
     }
 


Index: ConfigDSDialogs.pm
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/ConfigDSDialogs.pm,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ConfigDSDialogs.pm	27 Jul 2007 01:42:46 -0000	1.6
+++ ConfigDSDialogs.pm	14 Jul 2008 18:43:02 -0000	1.7
@@ -409,6 +409,23 @@
     ['dialog_useconfigds_prompt'],
 );
 
+my $updatedialog = new DialogYesNo (
+    $EXPRESS,
+    'dialog_update_text',
+    1,
+    sub {
+        my $self = shift;
+        my $ans = shift;
+        my $res = $self->handleResponse($ans);
+        if ($res == $DialogManager::NEXT) {
+            $res = $DialogManager::ERR if (!$self->isYes());
+        }
+        return $res;
+    },
+    ['dialog_update_prompt'],
+);
+
+
 sub getDialogs {
     return ($useconfigds, $configdsinfo, $configdsadmin, $configdsadmindomain);
 }
@@ -417,4 +434,8 @@
     return ($regconfigdsinfo, $configdsadmindomain);
 }
 
+sub getUpdateDialogs {
+    return ($updatedialog, $configdsinfo);
+}
+
 1;


Index: adminserver.map.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/adminserver.map.in,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- adminserver.map.in	15 Aug 2007 22:08:14 -0000	1.9
+++ adminserver.map.in	14 Jul 2008 18:43:02 -0000	1.10
@@ -44,6 +44,8 @@
 vendor =		Vendor
 timestamp = 	`use Time::gmtime; my $gm = gmtime; $returnvalue = sprintf ("%04d%02d%02d%02d%02d%02dZ", 1900+$gm->year, 1+$gm->mon, $gm->mday, $gm->hour, $gm->min, $gm->sec);`
 
+uname_a =        `open(UNAMEA, "uname -a |"); $returnvalue = <UNAMEA>; chomp $returnvalue; close(UNAMEA);`
+uname_m =        `open(UNAMEM, "uname -m |"); $returnvalue = <UNAMEM>; chomp $returnvalue; close(UNAMEM);`
 asid =			`$returnvalue = $mapper->{fqdn}; $returnvalue =~ s/\..*$//;`
 as_port =		Port
 admpw =			"@configdir@/admpw"


Index: dirserver.map.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/dirserver.map.in,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- dirserver.map.in	17 Dec 2007 20:10:04 -0000	1.9
+++ dirserver.map.in	14 Jul 2008 18:43:02 -0000	1.10
@@ -43,6 +43,8 @@
 vendor =		Vendor
 timestamp = 	`use Time::gmtime; my $gm = gmtime; $returnvalue = sprintf ("%04d%02d%02d%02d%02d%02dZ", 1900+$gm->year, 1+$gm->mon, $gm->mday, $gm->hour, $gm->min, $gm->sec);`
 
+uname_a =        `open(UNAMEA, "uname -a |"); $returnvalue = <UNAMEA>; chomp $returnvalue; close(UNAMEA);`
+uname_m =        `open(UNAMEM, "uname -m |"); $returnvalue = <UNAMEM>; chomp $returnvalue; close(UNAMEM);`
 asid =		    `$returnvalue = $mapper->{fqdn}; $returnvalue =~ s/\..*$//;`
 as_uid =        ServerAdminID
 as_sie =		"cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot"


Index: migrate-ds-admin.res.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/migrate-ds-admin.res.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- migrate-ds-admin.res.in	15 Aug 2007 22:08:14 -0000	1.2
+++ migrate-ds-admin.res.in	14 Jul 2008 18:43:02 -0000	1.3
@@ -18,7 +18,6 @@
 
 error_opening_nssconf = Error: could not open NSS config file %s.  Error: %s\n
 error_writing_nssconf = Error: could not write NSS config file %s.  Error: %s\n
-registering_dirserver_instances = Registering the migrated directory server instances with the configuration directory server . . .\n
 error_creating_asmigration_maptbl = Error: could not create maptable for use in admin server migration.\n
 error_creating_updateconsole_maptbl = Error: could not create maptable for use in admin server console migration.\n
 error_migrating_console_entries = Error: Could not find the console customization entries under '%s'. Error: %s\n


Index: setup-ds-admin.pl.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/setup-ds-admin.pl.in,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- setup-ds-admin.pl.in	2 Aug 2007 14:44:10 -0000	1.11
+++ setup-ds-admin.pl.in	14 Jul 2008 18:43:02 -0000	1.12
@@ -54,6 +54,7 @@
         $setup->{inf}->{admin}->{Port} = $pset->{"configuration.nsserverport"};
         $setup->{asorigport} = $pset->{"configuration.nsserverport"}; # save orig. port
         $setup->{inf}->{admin}->{ServerIpAddress} = $pset->{"configuration.nsserveraddress"};
+        $setup->{inf}->{General}->{FullMachineName} = $pset->{"serverhostname"};
     }
     my $admpw = AdminUtil::getAdmpw($admConf);
     if ($admpw && %{$admpw}) {
@@ -67,6 +68,11 @@
     $setup->{reconfigas} = 1; # allow AS reconfig
 }
 
+# do not allow reconfig (setup -r) if no setup has been done
+if (! $setup->{reconfigas}) {
+    delete $setup->{update};
+}
+
 if (!$setup->{silent}) {
     my $dialogmgr = new DialogManager($setup, $res, $TYPICAL);
 
@@ -75,10 +81,15 @@
     require ConfigDSDialogs;
     require ASDialogs;
 
-    my @dialogs = SetupDialogs->getDialogs();
-    push @dialogs, ConfigDSDialogs->getDialogs();
-    push @dialogs, DSDialogs->getDialogs();
-    push @dialogs, ASDialogs->getDialogs();
+    my @dialogs;
+    if ($setup->{update}) {
+        push @dialogs, ConfigDSDialogs->getUpdateDialogs();
+    } else {
+        push @dialogs, SetupDialogs->getDialogs();
+        push @dialogs, ConfigDSDialogs->getDialogs();
+        push @dialogs, DSDialogs->getDialogs();
+        push @dialogs, ASDialogs->getDialogs();
+    }
 
     my $readytoproceed = new DialogYesNo (
         $EXPRESS,
@@ -123,46 +134,85 @@
 
 $setup->{inf}->write();
 
-$setup->msg('create_dirserver');
+my @errs;
 
-# create a directory server instance
-my @errs = createDSInstance($setup->{inf});
-if (@errs) {
-    $setup->msg(@errs);
-    $setup->msg($FATAL, 'error_creating_dsinstance', $setup->{inf}->{slapd}->{ServerIdentifier});
-    $setup->doExit(1);
-} else {
-    $setup->msg('created_dsinstance', $setup->{inf}->{slapd}->{ServerIdentifier});
-}
+if (!$setup->{update}) {
+    $setup->msg('create_dirserver');
 
-# setup directory server instance to be the configuration DS
-if ($createconfigds) {
-    $setup->msg('create_configds');
-    if (!createConfigDS($setup->{inf}, \@errs)) {
-        $setup->msg($FATAL, @errs);
-        $setup->msg($FATAL, 'error_create_configds');
+    # create a directory server instance
+    # if we are not creating the config DS instance, 
+    # create but do not start the server - start
+    # after createSubDS so the pta plugin will take effect
+    my $start_server_after_reg = 1; # default - start server after registration
+    if (!$createconfigds) {
+        if (exists($setup->{inf}->{slapd}->{start_server}) &&
+            defined($setup->{inf}->{slapd}->{start_server})) {
+            # user explicitly set this value
+            $start_server_after_reg = $setup->{inf}->{slapd}->{start_server};
+        }
+        $setup->{inf}->{slapd}->{start_server} = 0; # create server un-started
+    }
+
+    @errs = createDSInstance($setup->{inf});
+    if (@errs) {
+        $setup->msg(@errs);
+        $setup->msg($FATAL, 'error_creating_dsinstance', $setup->{inf}->{slapd}->{ServerIdentifier});
         $setup->doExit(1);
+    } else {
+        $setup->msg('created_dsinstance', $setup->{inf}->{slapd}->{ServerIdentifier});
+    }
+
+    # setup directory server instance to be the configuration DS
+    if ($createconfigds) {
+        $setup->msg('create_configds');
+        if (!createConfigDS($setup->{inf}, \@errs)) {
+            $setup->msg($FATAL, @errs);
+            $setup->msg($FATAL, 'error_create_configds');
+            $setup->doExit(1);
+        }
+    } else {
+        # set up directory server instance to be managed by the console/adminserver
+        $setup->msg('create_subds');
+        if (!createSubDSNoConn($setup->{inf}, \@errs)) {
+            $setup->msg($FATAL, @errs);
+            $setup->msg($FATAL, 'error_create_configds');
+            $setup->doExit(1);
+        }
+        if ($start_server_after_reg) {
+            delete $setup->{inf}->{slapd}->{start_server}; # remove to start server
+            if (@errs = DSCreate::startServer($setup->{inf})) {
+                $setup->msg(@errs);
+                $setup->doExit(1);
+            }
+            # add the aci that allows the admin user to administer the server
+            if (!addConfigACIsToSubDS($setup->{inf}, \@errs)) {
+                $setup->msg(@errs);
+                $setup->doExit(1);
+            }
+        }
     }
 }
-else
-{
-    $setup->msg('create_configds');
-    if (!createSubDS($setup->{inf}, \@errs)) {
+
+if (!$setup->{update}) {
+    # register ds instances with config DS
+    if (!registerDSWithConfigDS($setup->{inf}->{slapd}->{ServerIdentifier},
+                                \@errs,
+                                $setup->{inf})) {
+        $setup->msg(@errs);
+        $setup->msg($FATAL, 'error_register_dirserver');
+        $setup->doExit(1);
+    }
+} else {
+    # register all instances
+    $setup->msg('registering_dirserver_instances');
+    if (!registerManyDSWithConfigDS($setup->{inf}, \@errs,
+                                    $setup->{configdir},
+                                    $setup->getDirServers())) {
         $setup->msg($FATAL, @errs);
-        $setup->msg($FATAL, 'error_create_configds');
         $setup->doExit(1);
     }
 }
 
-# register ds instances with config DS
-if (!registerDSWithConfigDS($setup->{inf}->{slapd}->{ServerIdentifier},
-                            \@errs,
-                            $setup->{inf})) {
-    $setup->msg(@errs);
-    $setup->msg($FATAL, 'error_register_dirserver');
-    $setup->doExit(1);
-}
-
 
 # configure and register the admin server instance
 if (!$setup->{reconfigas}) {


Index: setup-ds-admin.res.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/setup-ds-admin.res.in,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- setup-ds-admin.res.in	11 Oct 2007 14:07:03 -0000	1.9
+++ setup-ds-admin.res.in	14 Jul 2008 18:43:02 -0000	1.10
@@ -63,6 +63,12 @@
 dialog_configdsadmin_invalid = The password contains invalid characters.  Please choose another one.\n\n
 dialog_configdsadmin_nomatch = The passwords do not match.  Please try again.\n\n
 
+# ----------- Update Intro Dialog Resource  ----------------
+dialog_update_text = The update option will allow you to re-register your servers with the\
+configuration directory server and update the information about your\
+servers that the console and admin server uses.  You will need your\
+configuration directory server admin ID and password to continue.\n\n
+dialog_update_prompt = Continue?
 
 # ----------- Config DS admin domain Dialog Resource  ----------------
 dialog_configdsadmindomain_text = The information stored in the configuration directory server can be\nseparated into different Administration Domains.  If you are managing\nmultiple software releases at the same time, or managing information\nabout multiple domains, you may use the Administration Domain to keep\nthem separate.\n\nIf you are not using administrative domains, press Enter to select the\ndefault.  Otherwise, enter some descriptive, unique name for the\nadministration domain, such as the name of the organization\nresponsible for managing the domain.\n\n
@@ -115,6 +121,7 @@
 end_reconfig_adminserver = Admin server was successfully reconfigured and started.\n
 create_dirserver = Creating directory server . . .\n
 create_configds = Creating the configuration directory server . . .\n
+create_subds = Creating the new directory server . . .\n
 setup_complete = Setup is complete.\n\n
 error_register_dirserver = Could not register the directory server with the configuration directory server.\n
 registering_dirserver = Registering directory server with the configuration directory server . . .\n
@@ -129,3 +136,4 @@
 error_return2_certutil = The certutil program returned error code '%s' from attempting to add the CA certificate.  Error: %s\nHere is the output of the command: %s
 cacert_already_exists = The certificate database in '%s' already contains a CA certificate.  Please remove it first, or use the certutil program to add the CA certificate with a different name.\n
 error_connection_failed = Error: failed to open an LDAP connection to host '%s' port '%s' as user '%s'.  Error: %s.\n
+registering_dirserver_instances = Registering the directory server instances with the configuration directory server . . .\n




More information about the Fedora-directory-commits mailing list