Re: [Freeipa-devel] [PATCHES] Add ipa-dns-install
Martin Nagy wrote: On Thu, 2010-01-21 at 17:37 -0500, Rob Crittenden wrote: Rob Crittenden wrote: Martin Nagy wrote: Hi, with these patches, the user will be able to install DNS additionally, after ipa-server-install. No --uninstall yet, however. I do have it in my tree, but it causes a lot of problems. Hopefully, I'll manage to solve them later. Thanks. Martin Nack, it isn't working for me: # ipa-dns-install The log file for this installation can be found in /var/log/ipaserver-install.log == This program will setup DNS for the FreeIPA Server. This includes: * Configure DNS (bind) To accept the default shown in brackets, press the Enter key. Existing BIND configuration detected, overwrite? [no]: y Enter IP address for a DNS forwarder (empty to stop): No DNS forwarders configured Directory Manager password: The following operations may take some minutes to complete. Please wait until the prompt is returned. Unexpected error - see ipaserver-install.log for details: {'info': 'Unauthenticated binds are not allowed', 'desc': 'Server is unwilling to perform'} There is nothing in the install log, 389 access log had: [21/Jan/2010:16:50:37 -0500] conn=22 fd=70 slot=70 connection from localhost to localhost [21/Jan/2010:16:50:37 -0500] conn=22 op=0 BIND dn="cn=Directory Manager" method=128 version=3 [21/Jan/2010:16:50:37 -0500] conn=22 op=0 RESULT err=53 tag=97 nentries=0 etime=0 [21/Jan/2010:16:50:37 -0500] conn=22 op=1 UNBIND [21/Jan/2010:16:50:37 -0500] conn=22 op=1 fd=70 closed - U1 It also throws an exception if you press ^C at the prompts. rob I had a discussion with Martin in irc about this. The patch actually does work it just doesn't handle the case where you don't get a DM password. I'm still nacking this particular patch due to this but the first two patches are fine, so ack for those and I'm pushing them to master. rob New patch with fixed script. Martin ack, pushed to master rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCHES] Add ipa-dns-install
On Thu, 2010-01-21 at 17:37 -0500, Rob Crittenden wrote: > Rob Crittenden wrote: > > Martin Nagy wrote: > >> Hi, > >> with these patches, the user will be able to install DNS additionally, > >> after ipa-server-install. No --uninstall yet, however. I do have it in > >> my tree, but it causes a lot of problems. Hopefully, I'll manage to > >> solve them later. Thanks. > >> > >> Martin > >> > > > > Nack, it isn't working for me: > > > > # ipa-dns-install > > > > The log file for this installation can be found in > > /var/log/ipaserver-install.log > > == > > > > > > This program will setup DNS for the FreeIPA Server. > > > > This includes: > > * Configure DNS (bind) > > > > To accept the default shown in brackets, press the Enter key. > > > > Existing BIND configuration detected, overwrite? [no]: y > > Enter IP address for a DNS forwarder (empty to stop): > > No DNS forwarders configured > > Directory Manager password: > > > > The following operations may take some minutes to complete. > > Please wait until the prompt is returned. > > > > Unexpected error - see ipaserver-install.log for details: > > {'info': 'Unauthenticated binds are not allowed', 'desc': 'Server is > > unwilling to perform'} > > > > There is nothing in the install log, 389 access log had: > > > > [21/Jan/2010:16:50:37 -0500] conn=22 fd=70 slot=70 connection from > > localhost to localhost > > [21/Jan/2010:16:50:37 -0500] conn=22 op=0 BIND dn="cn=Directory Manager" > > method=128 version=3 > > [21/Jan/2010:16:50:37 -0500] conn=22 op=0 RESULT err=53 tag=97 > > nentries=0 etime=0 > > [21/Jan/2010:16:50:37 -0500] conn=22 op=1 UNBIND > > [21/Jan/2010:16:50:37 -0500] conn=22 op=1 fd=70 closed - U1 > > > > It also throws an exception if you press ^C at the prompts. > > > > rob > > I had a discussion with Martin in irc about this. The patch actually > does work it just doesn't handle the case where you don't get a DM > password. I'm still nacking this particular patch due to this but the > first two patches are fine, so ack for those and I'm pushing them to master. > > rob New patch with fixed script. Martin >From 349ed77f172f006c363e01f21bd5af7834f595c1 Mon Sep 17 00:00:00 2001 From: Martin Nagy Date: Mon, 23 Nov 2009 09:26:50 +0100 Subject: [PATCH] Add ipa-dns-install script Unfortunately, for now there is no --uninstall option. --- install/tools/Makefile.am |1 + install/tools/ipa-dns-install | 184 + ipa.spec.in |1 + 3 files changed, 186 insertions(+), 0 deletions(-) create mode 100755 install/tools/ipa-dns-install diff --git a/install/tools/Makefile.am b/install/tools/Makefile.am index 3af13dc..6c83868 100644 --- a/install/tools/Makefile.am +++ b/install/tools/Makefile.am @@ -5,6 +5,7 @@ SUBDIRS = \ $(NULL) sbin_SCRIPTS = \ + ipa-dns-install \ ipa-server-install \ ipa-replica-install \ ipa-replica-prepare \ diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install new file mode 100755 index 000..0656794 --- /dev/null +++ b/install/tools/ipa-dns-install @@ -0,0 +1,184 @@ +#! /usr/bin/python -E +# Authors: Martin Nagy +# Based on ipa-server-install by Karl MacMillan +# +# Copyright (C) 2007 - 2009 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from optparse import OptionParser +import traceback + +from ipaserver import ipaldap +from ipaserver.install import bindinstance, ntpinstance +from ipaserver.install.installutils import * +from ipapython import version +from ipapython import ipautil, sysrestore +from ipalib import api, util +import ldap + +def parse_options(): +parser = OptionParser(version=version.VERSION) +parser.add_option("-p", "--ds-password", dest="dm_password", + help="admin password") +parser.add_option("-d", "--debug", dest="debug", action="store_true", + default=False, help="print debugging information") +parser.add_option("--ip-address", dest="ip_address", help="Master Server IP Address") +parser.add_option("--forwarder", dest="forwarders", action="append", + help="Add a DNS forwarder") +parser.add_option("--no-forwarders", dest="no_forwarders", action="s
Re: [Freeipa-devel] [PATCHES] Add ipa-dns-install
Rob Crittenden wrote: Martin Nagy wrote: Hi, with these patches, the user will be able to install DNS additionally, after ipa-server-install. No --uninstall yet, however. I do have it in my tree, but it causes a lot of problems. Hopefully, I'll manage to solve them later. Thanks. Martin Nack, it isn't working for me: # ipa-dns-install The log file for this installation can be found in /var/log/ipaserver-install.log == This program will setup DNS for the FreeIPA Server. This includes: * Configure DNS (bind) To accept the default shown in brackets, press the Enter key. Existing BIND configuration detected, overwrite? [no]: y Enter IP address for a DNS forwarder (empty to stop): No DNS forwarders configured Directory Manager password: The following operations may take some minutes to complete. Please wait until the prompt is returned. Unexpected error - see ipaserver-install.log for details: {'info': 'Unauthenticated binds are not allowed', 'desc': 'Server is unwilling to perform'} There is nothing in the install log, 389 access log had: [21/Jan/2010:16:50:37 -0500] conn=22 fd=70 slot=70 connection from localhost to localhost [21/Jan/2010:16:50:37 -0500] conn=22 op=0 BIND dn="cn=Directory Manager" method=128 version=3 [21/Jan/2010:16:50:37 -0500] conn=22 op=0 RESULT err=53 tag=97 nentries=0 etime=0 [21/Jan/2010:16:50:37 -0500] conn=22 op=1 UNBIND [21/Jan/2010:16:50:37 -0500] conn=22 op=1 fd=70 closed - U1 It also throws an exception if you press ^C at the prompts. rob I had a discussion with Martin in irc about this. The patch actually does work it just doesn't handle the case where you don't get a DM password. I'm still nacking this particular patch due to this but the first two patches are fine, so ack for those and I'm pushing them to master. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCHES] Add ipa-dns-install
Martin Nagy wrote: Hi, with these patches, the user will be able to install DNS additionally, after ipa-server-install. No --uninstall yet, however. I do have it in my tree, but it causes a lot of problems. Hopefully, I'll manage to solve them later. Thanks. Martin Nack, it isn't working for me: # ipa-dns-install The log file for this installation can be found in /var/log/ipaserver-install.log == This program will setup DNS for the FreeIPA Server. This includes: * Configure DNS (bind) To accept the default shown in brackets, press the Enter key. Existing BIND configuration detected, overwrite? [no]: y Enter IP address for a DNS forwarder (empty to stop): No DNS forwarders configured Directory Manager password: The following operations may take some minutes to complete. Please wait until the prompt is returned. Unexpected error - see ipaserver-install.log for details: {'info': 'Unauthenticated binds are not allowed', 'desc': 'Server is unwilling to perform'} There is nothing in the install log, 389 access log had: [21/Jan/2010:16:50:37 -0500] conn=22 fd=70 slot=70 connection from localhost to localhost [21/Jan/2010:16:50:37 -0500] conn=22 op=0 BIND dn="cn=Directory Manager" method=128 version=3 [21/Jan/2010:16:50:37 -0500] conn=22 op=0 RESULT err=53 tag=97 nentries=0 etime=0 [21/Jan/2010:16:50:37 -0500] conn=22 op=1 UNBIND [21/Jan/2010:16:50:37 -0500] conn=22 op=1 fd=70 closed - U1 It also throws an exception if you press ^C at the prompts. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel