Hi,

Adds a new simple service called OtpdInstance, that manages
ipa-otpd.socket service. Added to server/replica installer
and ipa-upgradeconfig script.

https://fedorahosted.org/freeipa/ticket/3680

Tomas
From 75f60ae7dcba5af8e0b055c971a970662120cf3c Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Wed, 5 Jun 2013 15:48:35 +0200
Subject: [PATCH] Manage ipa-otpd.socket by IPA

Adds a new simple service called OtpdInstance, that manages
ipa-otpd.socket service. Added to server/replica installer
and ipa-upgradeconfig script.

https://fedorahosted.org/freeipa/ticket/3680
---
 install/tools/ipa-replica-install      |  6 ++++++
 install/tools/ipa-server-install       | 12 +++++++++---
 install/tools/ipa-upgradeconfig        | 29 ++++++++++++++++++-----------
 ipapython/platform/fedora16/service.py |  1 +
 ipaserver/install/otpdinstance.py      | 25 +++++++++++++++++++++++++
 ipaserver/install/service.py           | 17 +++++++++--------
 6 files changed, 68 insertions(+), 22 deletions(-)
 create mode 100644 ipaserver/install/otpdinstance.py

diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 04cad42f6e4c16ee8e4b5076e96dc24bd887828f..209ca850f6c559c28ab8f3f6b4686234a04d0892 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -35,6 +35,7 @@ from ipapython import ipautil
 from ipaserver.install import dsinstance, installutils, krbinstance, service
 from ipaserver.install import bindinstance, httpinstance, ntpinstance, certs
 from ipaserver.install import memcacheinstance
+from ipaserver.install import otpdinstance
 from ipaserver.install.replication import replica_conn_check, ReplicationManager
 from ipaserver.install.installutils import (HostnameLocalhost, resolve_host,
         ReplicaConfig, expand_replica_info, read_replica_info ,get_host_name,
@@ -667,6 +668,11 @@ def main():
 
     krb = install_krb(config, setup_pkinit=options.setup_pkinit)
     http = install_http(config, auto_redirect=options.ui_redirect)
+
+    otpd = otpdinstance.OtpdInstance()
+    otpd.create_instance('OTPD', config.host_name, config.dirman_password,
+                         ipautil.realm_to_suffix(config.realm_name))
+
     if CA:
         CA.configure_certmonger_renewal()
         CA.import_ra_cert(dir + "/ra.p12")
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 3e18c8e002275d984fbb81a0a46f81b38e49916e..b90613295a2e9744575e9313929816e50e298926 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -49,6 +49,7 @@ from ipaserver.install import ntpinstance
 from ipaserver.install import certs
 from ipaserver.install import cainstance
 from ipaserver.install import memcacheinstance
+from ipaserver.install import otpdinstance
 from ipaserver.install import sysupgrade
 
 from ipaserver.install import service, installutils
@@ -513,6 +514,7 @@ def uninstall():
     krbinstance.KrbInstance(fstore).uninstall()
     dsinstance.DsInstance(fstore=fstore).uninstall()
     memcacheinstance.MemcacheInstance().uninstall()
+    otpdinstance.OtpdInstance().uninstall()
     ipaservices.restore_network_configuration(fstore, sstore)
     fstore.restore_all_files()
     try:
@@ -1092,11 +1094,15 @@ def main():
     # generated
     ds.add_cert_to_service()
 
-    # Create a HTTP instance
-
     memcache = memcacheinstance.MemcacheInstance()
-    memcache.create_instance('MEMCACHE', host_name, dm_password, ipautil.realm_to_suffix(realm_name))
+    memcache.create_instance('MEMCACHE', host_name, dm_password,
+                             ipautil.realm_to_suffix(realm_name))
 
+    otpd = otpdinstance.OtpdInstance()
+    otpd.create_instance('OTPD', host_name, dm_password,
+                         ipautil.realm_to_suffix(realm_name))
+
+    # Create a HTTP instance
     http = httpinstance.HTTPInstance(fstore)
     if options.http_pkcs12:
         http.create_instance(
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
index 8e9357f20fe7c9a88908def6a2e3b2104f07d73a..4e9216964a045b5a87c22f6eb87bb1844f4adce9 100644
--- a/install/tools/ipa-upgradeconfig
+++ b/install/tools/ipa-upgradeconfig
@@ -48,6 +48,7 @@ from ipaserver.install import bindinstance
 from ipaserver.install import service
 from ipaserver.install import cainstance
 from ipaserver.install import certs
+from ipaserver.install import otpdinstance
 from ipaserver.install import sysupgrade
 
 
@@ -925,17 +926,23 @@ def main():
 
     uninstall_selfsign(ds, http)
 
-    memcache = memcacheinstance.MemcacheInstance()
-    memcache.ldapi = True
-    memcache.realm = api.env.realm
-    try:
-        if not memcache.is_configured():
-            # 389-ds needs to be running to create the memcache instance
-            # because we record the new service in cn=masters.
-            ds.start()
-            memcache.create_instance('MEMCACHE', fqdn, None, ipautil.realm_to_suffix(api.env.realm))
-    except ipalib.errors.DuplicateEntry:
-        pass
+    simple_service_list = (
+        (memcacheinstance.MemcacheInstance(), 'MEMCACHE'),
+        (otpdinstance.OtpdInstance(), 'OTPD'),
+    )
+
+    for service, ldap_name in simple_service_list:
+        service.ldapi = True
+        try:
+            if not service.is_configured():
+                # 389-ds needs to be running to create the memcache instance
+                # because we record the new service in cn=masters.
+                ds.start()
+                service.create_instance(ldap_name, fqdn, None,
+                                        ipautil.realm_to_suffix(api.env.realm),
+                                        realm=api.env.realm)
+        except ipalib.errors.DuplicateEntry:
+            pass
 
     cleanup_kdc(fstore)
     setup_firefox_extension(fstore)
diff --git a/ipapython/platform/fedora16/service.py b/ipapython/platform/fedora16/service.py
index f8026b9f2bae9a70cc67ce56d7ae6915f1424a47..bceb87cd5bb2111d5c3460ddcd9940edee5443f4 100644
--- a/ipapython/platform/fedora16/service.py
+++ b/ipapython/platform/fedora16/service.py
@@ -53,6 +53,7 @@ system_units['pki_cad'] = system_units['pki-cad']
 # Our PKI instance is pki-tomcatd@pki-tomcat.service
 system_units['pki-tomcatd'] = 'pki-tomcatd@pki-tomcat.service'
 system_units['pki_tomcatd'] = system_units['pki-tomcatd']
+system_units['ipa-otpd'] = 'ipa-otpd.socket'
 
 class Fedora16Service(systemd.SystemdService):
     def __init__(self, service_name):
diff --git a/ipaserver/install/otpdinstance.py b/ipaserver/install/otpdinstance.py
new file mode 100644
index 0000000000000000000000000000000000000000..2eed3f8a273ed2dc4b0c9f9d1d7ea5979a8e47d3
--- /dev/null
+++ b/ipaserver/install/otpdinstance.py
@@ -0,0 +1,25 @@
+# Authors: Tomas Babej <tba...@redhat.com>
+#
+# Copyright (C) 2013  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+import service
+
+
+class OtpdInstance(service.SimpleServiceInstance):
+    def __init__(self):
+        service.SimpleServiceInstance.__init__(self, "ipa-otpd")
\ No newline at end of file
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 8f4a7dbb042b232bbda33d3288cfbbe86cbd6cde..f3cd1897f114c1d3b5efce04290f8947b812fbda 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -40,14 +40,15 @@ DISABLED = 3
 # The service name as stored in cn=masters,cn=ipa,cn=etc. In the tuple
 # the first value is the *nix service name, the second the start order.
 SERVICE_LIST = {
-    'KDC':('krb5kdc', 10),
-    'KPASSWD':('kadmin', 20),
-    'DNS':('named', 30),
-    'MEMCACHE':('ipa_memcached', 39),
-    'HTTP':('httpd', 40),
-    'CA':('%sd' % dogtag.configured_constants().PKI_INSTANCE_NAME, 50),
-    'ADTRUST':('smb', 60),
-    'EXTID':('winbind', 70)
+    'KDC': ('krb5kdc', 10),
+    'KPASSWD': ('kadmin', 20),
+    'DNS': ('named', 30),
+    'MEMCACHE': ('ipa_memcached', 39),
+    'HTTP': ('httpd', 40),
+    'CA': ('%sd' % dogtag.configured_constants().PKI_INSTANCE_NAME, 50),
+    'ADTRUST': ('smb', 60),
+    'EXTID': ('winbind', 70),
+    'OTPD': ('ipa-otpd', 80),
 }
 
 def print_msg(message, output_fd=sys.stdout):
-- 
1.8.1.4

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to