[Freeipa-devel] [PATCH] post install memberof task

Karl MacMillan kmacmill at redhat.com
Thu Nov 15 16:09:05 UTC 2007 

On Tue, 2007-11-13 at 11:31 -0800, Pete Rowley wrote:
> Karl MacMillan wrote:
> > On Fri, 2007-11-09 at 11:30 -0800, Pete Rowley wrote:
> >   
> >> Karl MacMillan wrote:
> >>     
> >>>> I didn't try it but our call to ldapmodify doesn't include -a and the 
> >>>> ldif doesn't have a changetype, so I assumed it would crap out.
> >>>>     
> >>>>         
> >>> Pete - any resolution on this? Should I import the patch or not?
> >>>   
> >>>       
> >> It worked ok when I tested it so lets import.
> >>
> >>     
> >
> > Doesn't work for me - I get:
> >
> >   [14/11]: initializing group membership
> > root        : CRITICAL Failed to load memberof-conf.ldif: Command
> > '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w box
> > -f /tmp/tmp_sqh6R' returned non-zero exit status 32
> >   
> Does the behavior change when you insert changetype: add?
> 

Yes - actually committed the attached which also updates the number of
tasks.
-------------- next part --------------
# HG changeset patch
# User "Karl MacMillan <kmacmill at redhat.com>"
# Date 1195142883 18000
# Node ID 499535ab1275e620e58f23dc4b6853966fa989f9
# Parent  195a46fc42ce03467937518f2d222efdda6fe363
Initialize memberof patch from Pete Rowley.

diff -r 195a46fc42ce -r 499535ab1275 ipa-server/ipa-install/share/Makefile.am
--- a/ipa-server/ipa-install/share/Makefile.am	Wed Nov 14 14:11:29 2007 -0500
+++ b/ipa-server/ipa-install/share/Makefile.am	Thu Nov 15 11:08:03 2007 -0500
@@ -22,6 +22,7 @@ app_DATA =				\
 	referint-conf.ldif		\
 	dna-posix.ldif			\
 	master-entry.ldif		\
+	memberof-task.ldif		\
 	$(NULL)
 
 EXTRA_DIST =				\
diff -r 195a46fc42ce -r 499535ab1275 ipa-server/ipaserver/dsinstance.py
--- a/ipa-server/ipaserver/dsinstance.py	Wed Nov 14 14:11:29 2007 -0500
+++ b/ipa-server/ipaserver/dsinstance.py	Thu Nov 15 11:08:03 2007 -0500
@@ -34,6 +34,9 @@ def ldap_mod(fd, dn, pwd):
 def ldap_mod(fd, dn, pwd):
     args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", "-D", dn, "-w", pwd, "-f", fd.name]
     run(args)
+
+    text = fd.read()
+    print text
 
 def realm_to_suffix(realm_name):
     s = realm_name.split(".")
@@ -78,7 +81,7 @@ class DsInstance(service.Service):
         self.dm_password = dm_password
         self.__setup_sub_dict()
 
-        self.start_creation(11, "Configuring directory server:")
+        self.start_creation(15, "Configuring directory server:")
         self.__create_ds_user()
         self.__create_instance()
         self.__add_default_schemas()
@@ -97,6 +100,7 @@ class DsInstance(service.Service):
 	self.__config_uidgid_gen_first_master()
         self.__add_default_layout()
 	self.__add_master_entry_first_master()
+        self.__init_memberof()
 
 
         self.step("configuring directoy to start on boot")
@@ -177,6 +181,16 @@ class DsInstance(service.Service):
             logging.critical("Failed to load memberof-conf.ldif: %s" % str(e))
         memberof_fd.close()
 
+    def __init_memberof(self):
+        self.step("initializing group membership")
+        memberof_txt = template_file(SHARE_DIR + "memberof-task.ldif", self.sub_dict)
+        memberof_fd = write_tmp_file(memberof_txt)
+        try:
+            ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password)
+        except subprocess.CalledProcessError, e:
+            logging.critical("Failed to load memberof-conf.ldif: %s" % str(e))
+        memberof_fd.close()
+
     def __add_referint_module(self):
         self.step("enabling referential integrity plugin")
         referint_txt = template_file(SHARE_DIR + "referint-conf.ldif", self.sub_dict)

More information about the Freeipa-devel mailing list