Imported Upstream version 4.0.5
This commit is contained in:
Mario Fetka
@@ -18,24 +18,17 @@
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
from __future__ import print_function
|
||||
|
||||
import logging
|
||||
import os
|
||||
import re
|
||||
import sys
|
||||
from optparse import OptionParser # pylint: disable=deprecated-module
|
||||
from optparse import OptionParser
|
||||
|
||||
from ipaplatform.paths import paths
|
||||
from ipapython import config
|
||||
from ipapython import ipautil, config, ipaldap
|
||||
from ipaserver.install import installutils
|
||||
from ipalib import api, errors
|
||||
from ipapython.ipa_log_manager import standard_logging_setup
|
||||
from ipalib.constants import CACERT
|
||||
from ipapython.ipa_log_manager import *
|
||||
from ipapython.dn import DN
|
||||
|
||||
logger = logging.getLogger(os.path.basename(__file__))
|
||||
|
||||
|
||||
def parse_options():
|
||||
usage = "%prog [options] <status|enable|disable>\n"
|
||||
usage += "%prog [options]\n"
|
||||
@@ -48,7 +41,7 @@ def parse_options():
|
||||
help="DN for the Managed Entry Definition")
|
||||
parser.add_option("-l", "--list", dest="list_managed_entries",
|
||||
action="store_true",
|
||||
help="List available Managed Entries")
|
||||
help="DN for the Managed Entry Definition")
|
||||
parser.add_option("-p", "--password", dest="dirman_password",
|
||||
help="Directory Manager password")
|
||||
|
||||
@@ -68,9 +61,6 @@ def get_dirman_password():
|
||||
def main():
|
||||
retval = 0
|
||||
def_dn = None
|
||||
|
||||
installutils.check_server_configuration()
|
||||
|
||||
options, args = parse_options()
|
||||
|
||||
if options.list_managed_entries:
|
||||
@@ -81,13 +71,9 @@ def main():
|
||||
sys.exit("Unrecognized action [" + args[0] + "]")
|
||||
standard_logging_setup(None, debug=options.debug)
|
||||
|
||||
api.bootstrap(
|
||||
context='cli',
|
||||
in_server=True,
|
||||
debug=options.debug,
|
||||
confdir=paths.ETC_IPA)
|
||||
host = installutils.get_fqdn()
|
||||
api.bootstrap(context='cli', debug=options.debug)
|
||||
api.finalize()
|
||||
api.Backend.ldap2.connect(bind_pw=options.dirman_password)
|
||||
|
||||
managed_entry_definitions_dn = DN(
|
||||
('cn', 'Definitions'),
|
||||
@@ -96,22 +82,41 @@ def main():
|
||||
api.env.basedn
|
||||
)
|
||||
|
||||
filter = '(objectClass=extensibleObject)'
|
||||
conn = None
|
||||
try:
|
||||
filter = '(objectClass=extensibleObject)'
|
||||
conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
|
||||
|
||||
if options.dirman_password:
|
||||
conn.do_simple_bind(bindpw=options.dirman_password)
|
||||
else:
|
||||
conn.do_sasl_gssapi_bind()
|
||||
except errors.ACIError:
|
||||
dirman_password = get_dirman_password()
|
||||
if dirman_password is None:
|
||||
sys.exit("Directory Manager password required")
|
||||
try:
|
||||
conn.do_simple_bind(bindpw=dirman_password)
|
||||
except errors.ACIError:
|
||||
sys.exit("Invalid credentials")
|
||||
except errors.ExecutionError, lde:
|
||||
sys.exit("An error occurred while connecting to the server.\n%s\n" %
|
||||
str(lde))
|
||||
|
||||
if options.list_managed_entries:
|
||||
# List available Managed Entry Plugins
|
||||
managed_entries = None
|
||||
try:
|
||||
entries = api.Backend.ldap2.get_entries(
|
||||
managed_entry_definitions_dn, api.Backend.ldap2.SCOPE_SUBTREE, filter)
|
||||
except Exception as e:
|
||||
logger.debug("Search for managed entries failed: %s", str(e))
|
||||
entries = conn.get_entries(
|
||||
managed_entry_definitions_dn, conn.SCOPE_SUBTREE, filter)
|
||||
except Exception, e:
|
||||
root_logger.debug("Search for managed entries failed: %s" % str(e))
|
||||
sys.exit("Unable to find managed entries at %s" % managed_entry_definitions_dn)
|
||||
managed_entries = [entry.single_value['cn'] for entry in entries]
|
||||
if managed_entries:
|
||||
print("Available Managed Entry Definitions:")
|
||||
print "Available Managed Entry Definitions:"
|
||||
for managed_entry in managed_entries:
|
||||
print(managed_entry)
|
||||
print managed_entry
|
||||
retval = 0
|
||||
sys.exit()
|
||||
|
||||
@@ -122,7 +127,8 @@ def main():
|
||||
|
||||
disabled = True
|
||||
try:
|
||||
entry = api.Backend.ldap2.get_entry(def_dn)
|
||||
[entry] = conn.get_entries(def_dn, conn.SCOPE_BASE,
|
||||
filter, ['originfilter'])
|
||||
disable_attr = '(objectclass=disable)'
|
||||
try:
|
||||
org_filter = entry.single_value.get('originfilter')
|
||||
@@ -131,35 +137,35 @@ def main():
|
||||
sys.exit("%s is not a valid Managed Entry" % def_dn)
|
||||
except errors.NotFound:
|
||||
sys.exit("%s is not a valid Managed Entry" % def_dn)
|
||||
except errors.ExecutionError as lde:
|
||||
print("An error occurred while talking to the server.")
|
||||
print(lde)
|
||||
except errors.ExecutionError, lde:
|
||||
print "An error occurred while talking to the server."
|
||||
print lde
|
||||
|
||||
if args[0] == "status":
|
||||
if not disabled:
|
||||
print("Plugin Enabled")
|
||||
print "Plugin Enabled"
|
||||
else:
|
||||
print("Plugin Disabled")
|
||||
print "Plugin Disabled"
|
||||
return 0
|
||||
|
||||
if args[0] == "enable":
|
||||
try:
|
||||
if not disabled:
|
||||
print("Plugin already Enabled")
|
||||
print "Plugin already Enabled"
|
||||
retval = 2
|
||||
else:
|
||||
# Remove disable_attr from filter
|
||||
enable_attr = org_filter.replace(disable_attr, '')
|
||||
#enable_attr = {'originfilter': enable_attr}
|
||||
entry['originfilter'] = [enable_attr]
|
||||
api.Backend.ldap2.update_entry(entry)
|
||||
print("Enabling Plugin")
|
||||
conn.update_entry(entry)
|
||||
print "Enabling Plugin"
|
||||
retval = 0
|
||||
except errors.NotFound:
|
||||
print("Enabling Plugin")
|
||||
except errors.ExecutionError as lde:
|
||||
print("An error occurred while talking to the server.")
|
||||
print(lde)
|
||||
print "Enabling Plugin"
|
||||
except errors.ExecutionError, lde:
|
||||
print "An error occurred while talking to the server."
|
||||
print lde
|
||||
retval = 1
|
||||
|
||||
elif args[0] == "disable":
|
||||
@@ -168,7 +174,7 @@ def main():
|
||||
# disabling.
|
||||
try:
|
||||
if disabled:
|
||||
print("Plugin already disabled")
|
||||
print "Plugin already disabled"
|
||||
retval = 2
|
||||
else:
|
||||
if org_filter[:2] == '(&' and org_filter[-1] == ')':
|
||||
@@ -176,28 +182,24 @@ def main():
|
||||
else:
|
||||
disable_attr = '(&%s(%s))' % (disable_attr, org_filter)
|
||||
entry['originfilter'] = [disable_attr]
|
||||
api.Backend.ldap2.update_entry(entry)
|
||||
print("Disabling Plugin")
|
||||
conn.update_entry(entry)
|
||||
print "Disabling Plugin"
|
||||
except errors.NotFound:
|
||||
print("Plugin is already disabled")
|
||||
print "Plugin is already disabled"
|
||||
retval = 2
|
||||
except errors.DatabaseError as dbe:
|
||||
print("An error occurred while talking to the server.")
|
||||
print(dbe)
|
||||
except errors.DatabaseError, dbe:
|
||||
print "An error occurred while talking to the server."
|
||||
print dbe
|
||||
retval = 1
|
||||
except errors.ExecutionError as lde:
|
||||
print("An error occurred while talking to the server.")
|
||||
print(lde)
|
||||
except errors.ExecutionError, lde:
|
||||
print "An error occurred while talking to the server."
|
||||
print lde
|
||||
retval = 1
|
||||
|
||||
else:
|
||||
retval = 1
|
||||
|
||||
api.Backend.ldap2.disconnect()
|
||||
|
||||
return retval
|
||||
|
||||
if __name__ == '__main__':
|
||||
if not os.geteuid() == 0:
|
||||
sys.exit("\nMust be run as root\n")
|
||||
installutils.run_script(main, operation_name='ipa-managed-entries')
|
||||
|
||||
Reference in New Issue
Block a user