[Ovirt-devel] Re: [PATCH] [REPOST] set ldap.yml from dns srv during ovirt-wui-install
Hugh O. Brock
hbrock at redhat.com
Fri May 23 14:09:18 UTC 2008
On Fri, May 23, 2008 at 01:15:40AM -0400, Perry N. Myers wrote:
>
> Subject: [PATCH] This patch adds logic to the ovirt-wui-install script to attempt to determine
> the ldap server information from dns srv records and then write that info
> to the ldap.yml file.
>
> Signed-off-by: Perry Myers <pmyers at redhat.com>
> ---
> wui/scripts/ovirt-wui-install | 66 ++++++++++++++++++++++++++++++++++++++++-
> 1 files changed, 65 insertions(+), 1 deletions(-)
>
> diff --git a/wui/scripts/ovirt-wui-install b/wui/scripts/ovirt-wui-install
> index e0cbbc0..6285b3c 100755
> --- a/wui/scripts/ovirt-wui-install
> +++ b/wui/scripts/ovirt-wui-install
> @@ -11,6 +11,7 @@ PW_FILE=${OVIRT_CFG}/db/dbaccess
> STEP_TICKER=0.fedora.pool.ntp.org
> STEP_FILE=/etc/ntp/step-tickers
> SASL_FILE=/etc/sasl2/libvirt.conf
> +LDAP_CFG=${OVIRT_DIR}/config/ldap.yml
>
> DISABLE_SVCS="libvirtd" ENABLE_SVCS="ntpd httpd postgresql
> ovirt-host-browser ovirt-host-status \
> @@ -23,6 +24,52 @@ usage() {
> exit 1
> } >&2
>
> +find_srv() {
> + local dnsreply
> + + # This checks to see if we're running on a bundled/developer
> install. + # If so, the server queried is localhost instead of using
> resolv.conf. + if [ "$(hostname)" == "management.priv.ovirt.org" ];
> then
> + local server_flag=@localhost
> + fi
> +
> + dnsreply=$(dig $server_flag +short -t srv _$1._$2.$(dnsdomainname))
> + if [ $? -eq 0 ]; then
> + set _ $dnsreply; shift
> + SRV_HOST=$4; SRV_PORT=$3
> + else
> + SRV_HOST=; SRV_PORT=
> + fi
> +}
> +
> +find_ldap_base() {
> + local found=0
> + + domain=$(echo $SRV_HOST | cut -d. -f 2-)
> + while [ -n "$domain" ]; do
> + base=$(echo $domain | awk -F. '{ for(i=1; i <= NF; i++) { printf("dc=%s", $(i)); if(i<NF) printf(","); } }')
> + ldapsearch -h $SRV_HOST -p $SRV_PORT -x \
> + -b "cn=users,cn=accounts,$base" -LLL uid > /dev/null 2>&1
> + if [ $? -eq 0 ]; then
> + found=1
> + break
> + fi
> + + if ! echo $domain | grep "\." > /dev/null 2>&1 ; then
> + domain=""
> + else
> + domain=$(echo $domain | cut -d. -f 2-)
> + fi
> + done
> + + if [ $found -eq 1 ]; then
> + echo $base
> + return 0
> + else
> + return 1
> + fi +}
> +
> PASSWD=
> for i ; do
> case $1 in
> @@ -46,10 +93,27 @@ for svc in $ENABLE_SVCS ; do
> done
> } > /dev/null 2>&1
>
> +# grab ldap server from DNS
> +find_srv ldap tcp
> +if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
> + SRV_HOST=${SRV_HOST%.}
> + srv_base=$(find_ldap_base)
> + [ $? != 0 ] && echo "Failed to determine base for ldap" && exit 1
> + + sed -i -e "s/host: .*/host: $SRV_HOST/g" \
> + -e "s/port: .*/port: $SRV_PORT/g" \
> + -e "s/base: .*/base: $srv_base/g" \
> + $LDAP_CFG
> +else
> + # FIXME: Eventually this script should prompt for things that can't
> + # be found in DNS SRV records.
> + echo "Failed to get ldap host/port" && exit 1
> +fi
> +
> # setup an NTP step-ticker
> if [ -f $STEP_FILE ]; then
> if ! grep "^$${STEP_TICKER}$" $STEP_FILE > /dev/null 2>&1 ; then
> - echo $STEP_TICKER >> $STEP_FILE
> + echo $STEP_TICKER >> $STEP_FILE
> fi
> fi
ACK... but I think your mailer mangled it. We have got to get this mailman problem fixed.
--Hugh
More information about the ovirt-devel
mailing list