19
19
# along with this program. If not, see <http://www.gnu.org/licenses/>.
24
22
from ipaserver.plugins.ldap2 import ldap2
25
from ipaserver.install import bindinstance, ntpinstance
23
from ipaserver.install import service, bindinstance, ntpinstance, httpinstance
26
24
from ipaserver.install.installutils import *
27
25
from ipaserver.install import installutils
28
26
from ipapython import version
29
27
from ipapython import ipautil, sysrestore
30
28
from ipalib import api, errors, util
31
29
from ipapython.config import IPAOptionParser
32
from ipalib.constants import DNS_ZONE_REFRESH
30
from optparse import OptionGroup, SUPPRESS_HELP
33
from ipapython.ipa_log_manager import *
35
log_file_name = "/var/log/ipaserver-install.log"
36
37
def parse_options():
37
38
parser = IPAOptionParser(version=version.VERSION)
47
48
default=False, help="Do not add any DNS forwarders, use root servers instead")
48
49
parser.add_option("--reverse-zone", dest="reverse_zone", help="The reverse DNS zone to use")
49
50
parser.add_option("--no-reverse", dest="no_reverse", action="store_true",
50
default=False, help="Do not create reverse DNS zone")
51
parser.add_option("--zonemgr", dest="zonemgr",
52
help="DNS zone manager e-mail address. Defaults to root")
51
default=False, help="Do not create new reverse DNS zone")
52
parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
54
help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
55
# this option name has been deprecated, persistent search has been enabled by default
53
56
parser.add_option("--zone-notif", dest="zone_notif",
54
action="store_true", default=False,
55
help="Let name server receive notification when a new zone is added." \
56
"Zone refresh is turned off when zone notification is enabled")
57
action="store_true", default=False, help=SUPPRESS_HELP)
58
parser.add_option("--no-persistent-search", dest="persistent_search",
59
default=True, action="store_false",
60
help="Do not enable persistent search feature in the name server")
57
61
parser.add_option("--zone-refresh", dest="zone_refresh",
58
default=DNS_ZONE_REFRESH, type="int",
59
help="A delay between checks for new DNS zones. Defaults to %d" \
62
default=0, type="int",
63
help="When set to non-zero the name server will use DNS zone "
64
"detection based on polling instead of a persistent search")
65
parser.add_option("--no-serial-autoincrement", dest="serial_autoincrement",
66
default=True, action="store_false",
67
help="Do not enable SOA serial autoincrement")
61
68
parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
62
69
default=False, help="unattended installation never prompts the user")
76
83
if options.zone_refresh < 0:
77
84
parser.error("negative numbers not allowed for --zone-refresh")
79
if options.zone_notif: # mutually exclusive features
80
options.zone_refresh = 0
85
elif options.zone_refresh > 0:
86
options.persistent_search = False # mutually exclusive features
88
if options.zone_notif:
89
print >>sys.stderr, "WARNING: --zone-notif option is deprecated and has no effect"
91
if options.serial_autoincrement and not options.persistent_search:
92
parser.error('persistent search feature is required for '
93
'DNS SOA serial autoincrement')
82
95
return safe_options, options
87
100
if os.getegid() != 0:
88
101
sys.exit("Must be root to setup server")
90
standard_logging_setup("/var/log/ipaserver-install.log", options.debug, filemode='a')
91
print "\nThe log file for this installation can be found in /var/log/ipaserver-install.log"
103
standard_logging_setup(log_file_name, debug=options.debug, filemode='a')
104
print "\nThe log file for this installation can be found in %s" % log_file_name
93
logging.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options))
94
logging.debug("missing options might be asked for interactively later\n")
106
root_logger.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options))
107
root_logger.debug("missing options might be asked for interactively later\n")
96
109
installutils.check_server_configuration()
146
159
hostaddr = resolve_host(api.env.host)
148
ip = hostaddr and ipautil.CheckedIPAddress(hostaddr, match_local=True)
161
if len(hostaddr) > 1:
162
print >> sys.stderr, "The server hostname resolves to more than one address:"
163
for addr in hostaddr:
164
print >> sys.stderr, " %s" % addr
166
if options.ip_address:
167
if str(options.ip_address) not in hostaddr:
168
print >> sys.stderr, "Address passed in --ip-address did not match any resolved"
169
print >> sys.stderr, "address!"
171
print "Selected IP address:", str(options.ip_address)
172
ip = options.ip_address
174
if options.unattended:
175
print >> sys.stderr, "Please use --ip-address option to specify the address"
178
ip = read_ip_address(api.env.host, fstore)
180
ip = hostaddr and ipautil.CheckedIPAddress(hostaddr[0], match_local=True)
149
181
except Exception, e:
150
182
print "Error: Invalid IP Address %s: %s" % (ip, e)
157
189
ip = read_ip_address(api.env.host, fstore)
158
190
ip_address = str(ip)
159
logging.debug("will use ip_address: %s\n", ip_address)
191
root_logger.debug("will use ip_address: %s\n", ip_address)
161
193
if options.reverse_zone and not bindinstance.verify_reverse_zone(options.reverse_zone, ip):
167
199
dns_forwarders = options.forwarders
169
201
dns_forwarders = read_dns_forwarders()
170
logging.debug("will use dns_forwarders: %s\n", str(dns_forwarders))
202
root_logger.debug("will use dns_forwarders: %s\n", str(dns_forwarders))
172
204
if bind.dm_password:
173
api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=bind.dm_password)
205
api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')), bind_pw=bind.dm_password)
175
207
# See if our LDAP server is up and we can talk to it over GSSAPI
176
208
ccache = krbV.default_context().default_ccache().name
182
214
reverse_zone = bindinstance.find_reverse_zone(ip)
183
215
if reverse_zone is None and not options.no_reverse:
184
reverse_zone = bindinstance.get_reverse_zone_default(ip)
185
if not options.unattended and bindinstance.create_reverse():
216
if options.unattended:
217
reverse_zone = util.get_reverse_zone_default(ip)
218
elif bindinstance.create_reverse():
219
reverse_zone = util.get_reverse_zone_default(ip)
186
220
reverse_zone = bindinstance.read_reverse_zone(reverse_zone, ip)
188
222
if reverse_zone is not None:
199
233
bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain,
200
234
dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr,
201
235
zone_refresh=options.zone_refresh,
202
zone_notif=options.zone_notif)
236
persistent_search=options.persistent_search,
237
serial_autoincrement=options.serial_autoincrement)
203
238
bind.create_instance()
240
# Restart http instance to make sure that python-dns has the right resolver
241
# https://bugzilla.redhat.com/show_bug.cgi?id=800368
242
http = httpinstance.HTTPInstance(fstore)
243
service.print_msg("Restarting the web server")
206
246
print "=============================================================================="
207
247
print "Setup complete"
249
bind.check_global_configuration()
209
252
print "\tYou must make sure these network ports are open:"
210
253
print "\t\tTCP Ports:"
211
254
print "\t\t * 53: bind"
219
except SystemExit, e:
221
except KeyboardInterrupt:
222
print "Installation cancelled."
223
except RuntimeError, e:
225
except HostnameLocalhost:
226
print "The hostname resolves to the localhost address (127.0.0.1/::1)"
227
print "Please change your /etc/hosts file so that the hostname"
228
print "resolves to the ip address of your network interface."
229
print "The KDC service does not listen on localhost"
231
print "Please fix your /etc/hosts file and restart the setup program"
233
message = "Unexpected error - see ipaserver-install.log for details:\n %s" % str(e)
236
for str in traceback.format_tb(sys.exc_info()[2]):
237
message = message + "\n" + str
238
logging.debug(message)
260
if __name__ == '__main__':
261
installutils.run_script(main, log_file_name=log_file_name,
262
operation_name='ipa-dns-install')