Re: [Freeipa-users] KISS: DHCP from IPA
On 08/29/2012 03:52 PM, Rob Crittenden wrote:
Chris Evich wrote:
On 08/29/2012 11:57 AM, John Dennis wrote:
Thanks for the contribution Chris!
Just as an aside if you know Python you can call the IPA commands
directly and use Python to extract and reformat the data, it might be a
lot simpler than doing the bash/awk dance.
I agree that using bash/sed/awk is a bit clunky. I actually did stumble
on the python stuff by accident, but wasn't able to find much reference
/ examples for how to use it. At the time I just needed something quick
to toss-together. Maybe the python docs/examples are different today,
any links handy?
I seem to recall this came up on either freeipa-users or freeipa-devel
but I can't find the thread. Some decent examples got posted.
Here is something I've been twiddling with to add users from a
well-formatted passwd file:
import sys
import re
from ipalib import api
from ipalib import errors
filename='passwd'
name_pattern = re.compile('(\w+) \w (\w+)')
api.bootstrap(context='cli')
api.finalize()
api.Backend.xmlclient.connect()
count = 0
fd = open(filename, 'r')
while True:
line = fd.readline()
if not line:
break
line = unicode(line.strip())
try:
(login, passwd, uid, gid, gecos, dir, shell) = line.split(':')
except ValueError, e:
print mal-formed passwd entry: %s (%s) % (e, line)
continue
m = name_pattern.match(gecos)
if m:
first = m.group(1)
last = m.group(2)
else:
first = u'USER'
last = u'NAME'
try:
api.Command['user_add'](login, gidnumber=int(gid),
uidnumber=int(uid),
gecos=gecos.strip(), homedir=dir, shell=shell,
givenname=first, sn=last)
except errors.DuplicateEntry:
print %s already exists % login
continue
...
rob
Thanks! That helps. Still, one can only get so far by reading
docstrings :) More examples like this on the wiki, or (even better)
some API docs would be great!
--
Chris Evich, RHCA, RHCE, RHCDS, RHCSS
Quality Assurance Engineer
e-mail: cevich + `@' + redhat.com o: 1-888-RED-HAT1 x44214
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] KISS: DHCP from IPA
Kool Idm Simple Script :D
In case it's helpful to anyone else, I've been using a simple script to
keep my dhcp server's static entries in-sync with ipa host info.
Since I'm using IPA 2.1 on Fedora 16, I had to hijack the 'location'
host info. key to store the MAC address for each host. IIRC, IPA 2.2
and later can add custom keys, however 'location' works fine for my
purposes.
This is most probably the slowest way to do this, however it's simple
and works well for my very small setup. First I configured dhcpd
(/etc/dhcp/dhcpd.conf) similar to:
---cut---
authoritative;#we are the definitave DHCP server on network
ping-check true; #try to ping all hosts before committing
one-lease-per-client on;
ddns-update-style none;
max-lease-time 432000; #maximum lease time is 5 days
default-lease-time 86400; #default to 24 hour leases
pid-file-name /var/run/dhcpd.pid;
lease-file-name /var/lib/dhcpd/dhcpd.leases;
log-facility local5;
subnet subnet addr netmask 255.255.255.0 {
option domain-name fqdn.com;
option domain-name-servers ipa1 IP, ipa2 IP, ipa3 IP;
option subnet-mask 255.255.255.0;
option broadcast-address broadcast addr;
option routers gateway addr;
#pool of dynamically allocatable addresses 200 - 249
pool {
range addr.200 addr.249;
}
}
# static entries in separate file
include /etc/dhcp/dhcpd.known_hosts;
---cut---
Then, I stuck a cron entry to redirect the output from the script below,
into /etc/dhcp/dhcpd.known_hosts and it's been working beautifully. Enjoy!
---cut---
#!/bin/bash
KRBPRINC='host/fqdn@domain.com'
print_entry() {
hostinfo=$1
hostname=`echo $1 | awk '/Host name: /{print $3}'`
macaddr=`echo $1 | awk '/Location: /{print $2}'`
if [ -n $hostname ] [ -n $macaddr ]
then
shortname=`echo $hostname | cut -d . -f 1`
echo host $shortname { hardware ethernet $macaddr;
fixed-address $hostname; }
#else
#echo -e Error parsing entry:\n${hostinfo} /dev/stderr
fi
}
kinit -k $KRBPRINC
infoblock=
ipa host-find --all |
while read line
do
if ( echo $line | grep -q 'dn: fqdn=' ) || \
( echo $line | grep -q 'Number of entries returned' )
then
# parse last complete entry
print_entry $infoblock
# start recording new entry
infoblock=$line
else
# still getting lines for entry
# append to previous lines
infoblock=$infoblock
$line
fi
done
kdestroy
---cut---
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] KISS: DHCP from IPA
Thanks for the contribution Chris! Just as an aside if you know Python you can call the IPA commands directly and use Python to extract and reformat the data, it might be a lot simpler than doing the bash/awk dance. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] KISS: DHCP from IPA
On 08/29/2012 11:57 AM, John Dennis wrote: Thanks for the contribution Chris! Just as an aside if you know Python you can call the IPA commands directly and use Python to extract and reformat the data, it might be a lot simpler than doing the bash/awk dance. I agree that using bash/sed/awk is a bit clunky. I actually did stumble on the python stuff by accident, but wasn't able to find much reference / examples for how to use it. At the time I just needed something quick to toss-together. Maybe the python docs/examples are different today, any links handy? -- Chris Evich, RHCA, RHCE, RHCDS, RHCSS Quality Assurance Engineer e-mail: cevich + `@' + redhat.com o: 1-888-RED-HAT1 x44214 ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
