Fix up new OpenLDAP MMR code.
authorAndrew Bartlett <abartlet@samba.org>
Tue, 19 Aug 2008 04:10:14 +0000 (14:10 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 19 Aug 2008 04:10:14 +0000 (14:10 +1000)
This changes the MMR password from hard-coded value of 'linux',
adds tests and fixes the Fedora DS backend.

Currently the MMR password matches the admin password, but we can
change this to be another random value if required.

Also require the port to be specified on the command line, so we don't
hard-code a port of 9000.

Andrew Bartlett
(This used to be commit 08257c6d6ce809fcd53f9b2b4d558fef616b74ce)

source4/scripting/python/samba/provision.py
source4/setup/mmr_serverids.conf
source4/setup/mmr_syncrepl.conf
source4/setup/slapd.conf
source4/setup/tests/blackbox_provision-backend.sh

index 8abcc2f2e330777a25600253ff03d54bfd51e696..f48a49dcfa59fb1a46aee0a27f33b6e75ae2f53f 100644 (file)
@@ -243,13 +243,13 @@ def provision_paths_from_lp(lp, dnsdomain):
     paths.memberofconf = os.path.join(paths.ldapdir, 
                                       "memberof.conf")
     paths.fedoradsinf = os.path.join(paths.ldapdir, 
     paths.memberofconf = os.path.join(paths.ldapdir, 
                                       "memberof.conf")
     paths.fedoradsinf = os.path.join(paths.ldapdir, 
-                                   "fedorads.inf")
+                                     "fedorads.inf")
+    paths.fedoradspartitions = os.path.join(paths.ldapdir, 
+                                            "fedorads-partitions.ldif")
     paths.olmmrserveridsconf = os.path.join(paths.ldapdir, 
     paths.olmmrserveridsconf = os.path.join(paths.ldapdir, 
-                                      "mmr_serverids.conf")
+                                            "mmr_serverids.conf")
     paths.olmmrsyncreplconf = os.path.join(paths.ldapdir, 
     paths.olmmrsyncreplconf = os.path.join(paths.ldapdir, 
-                                      "mmr_syncrepl.conf")
-    paths.olmmron = os.path.join(paths.ldapdir, 
-                                      "mmr_on.conf")
+                                           "mmr_syncrepl.conf")
     paths.hklm = "hklm.ldb"
     paths.hkcr = "hkcr.ldb"
     paths.hkcu = "hkcu.ldb"
     paths.hklm = "hklm.ldb"
     paths.hkcr = "hkcr.ldb"
     paths.hkcu = "hkcu.ldb"
@@ -1148,10 +1148,7 @@ def provision_backend(setup_dir=None, message=None,
                       rootdn=None, domaindn=None, schemadn=None, configdn=None,
                       domain=None, hostname=None, adminpass=None, root=None, serverrole=None, 
                       ldap_backend_type=None, ldap_backend_port=None,
                       rootdn=None, domaindn=None, schemadn=None, configdn=None,
                       domain=None, hostname=None, adminpass=None, root=None, serverrole=None, 
                       ldap_backend_type=None, ldap_backend_port=None,
-                     ol_mmr_urls=None, mmr_serverids_config=None, mmr_on_config=None, 
-                     mmr_syncrepl_schema_config=None,
-                     mmr_syncrepl_config_config=None,
-                     mmr_syncrepl_user_config=None ):
+                     ol_mmr_urls=None):
 
     def setup_path(file):
         return os.path.join(setup_dir, file)
 
     def setup_path(file):
         return os.path.join(setup_dir, file)
@@ -1266,61 +1263,48 @@ def provision_backend(setup_dir=None, message=None,
         refint_config = read_and_sub_file(setup_path("refint.conf"),
                                             { "LINK_ATTRS" : refint_attributes})
 
         refint_config = read_and_sub_file(setup_path("refint.conf"),
                                             { "LINK_ATTRS" : refint_attributes})
 
-########################################################
-### generate serverids and ldap-urls for mmr hosts   ###
-########################################################
-
-       mmr_on_config = " "
-       mmr_serverids_config = " "
-
+# generate serverids, ldap-urls and syncrepl-blocks for mmr hosts
+       mmr_on_config = ""
+       mmr_serverids_config = ""
+        mmr_syncrepl_schema_config = "" 
+       mmr_syncrepl_config_config = "" 
+       mmr_syncrepl_user_config = "" 
+       
        if ol_mmr_urls is not None:
        if ol_mmr_urls is not None:
-               mmr_hosts=ol_mmr_urls
-               mmr_hosts=filter(None,mmr_hosts.split(' ')) 
+               mmr_hosts=filter(None,ol_mmr_urls.split(' ')) 
+                if (len(mmr_hosts) == 1):
+                    mmr_hosts=filter(None,ol_mmr_urls.split(',')) 
+                     
+
+               mmr_on_config = "MirrorMode On"
                
                
-               mmr_serverids_config = "# Generated from template mmr_serverids.conf\n" 
                z=0
                for i in mmr_hosts:
                        z=z+1
                        mmr_serverids_config += read_and_sub_file(setup_path("mmr_serverids.conf"),
                                                                     { "SERVERID" : str(z),
                                                                       "LDAPSERVER" : i })
                z=0
                for i in mmr_hosts:
                        z=z+1
                        mmr_serverids_config += read_and_sub_file(setup_path("mmr_serverids.conf"),
                                                                     { "SERVERID" : str(z),
                                                                       "LDAPSERVER" : i })
-               mmr_on_config = "MirrorMode On"
-
-########################################################
-### generate syncrepl-blocks for mmr hosts           ###
-########################################################
 
 
-       mmr_syncrepl_schema_config = " " 
-       mmr_syncrepl_config_config = " " 
-       mmr_syncrepl_user_config = " " 
-       
-       if ol_mmr_urls is not None:
-               mmr_hosts=ol_mmr_urls
-               mmr_hosts=filter(None,mmr_hosts.split(' ')) 
-               mmr_syncrepl_schema_config = "# Generated from template mmr_syncrepl.conf\n" 
-               mmr_syncrepl_config_config = "# Generated from template mmr_syncrepl.conf\n" 
-               mmr_syncrepl_user_config = "# Generated from template mmr_syncrepl.conf\n" 
-               z=0
-               for i in mmr_hosts:
                        z=z+1
                        mmr_syncrepl_schema_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
                                                                     {  "RID" : str(z),
                                                                        "MMRDN": names.schemadn,
                        z=z+1
                        mmr_syncrepl_schema_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
                                                                     {  "RID" : str(z),
                                                                        "MMRDN": names.schemadn,
-                                                                       "LDAPSERVER" : i })
+                                                                       "LDAPSERVER" : i,
+                                                                        "MMR_PASSWORD": adminpass})
 
 
-               for i in mmr_hosts:
                        z=z+1
                        mmr_syncrepl_config_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
                                                                     {  "RID" : str(z),
                                                                        "MMRDN": names.configdn,
                        z=z+1
                        mmr_syncrepl_config_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
                                                                     {  "RID" : str(z),
                                                                        "MMRDN": names.configdn,
-                                                                       "LDAPSERVER" : i })
+                                                                       "LDAPSERVER" : i,
+                                                                        "MMR_PASSWORD": adminpass})
 
 
-               for i in mmr_hosts:
                        z=z+1
                        mmr_syncrepl_user_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
                                                                     {  "RID" : str(z),
                                                                        "MMRDN": names.domaindn,
                        z=z+1
                        mmr_syncrepl_user_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
                                                                     {  "RID" : str(z),
                                                                        "MMRDN": names.domaindn,
-                                                                       "LDAPSERVER" : i })
+                                                                       "LDAPSERVER" : i,
+                                                                        "MMR_PASSWORD": adminpass })
 
 
         setup_file(setup_path("slapd.conf"), paths.slapdconf,
 
 
         setup_file(setup_path("slapd.conf"), paths.slapdconf,
@@ -1335,6 +1319,7 @@ def provision_backend(setup_dir=None, message=None,
                     "MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
                     "MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
                     "MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
                     "MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
                     "MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
                     "MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
+                    "MMR_PASSWORD": adminpass,
                     "REFINT_CONFIG": refint_config})
        setup_file(setup_path("modules.conf"), paths.modulesconf,
                    {"REALM": names.realm})
                     "REFINT_CONFIG": refint_config})
        setup_file(setup_path("modules.conf"), paths.modulesconf,
                    {"REALM": names.realm})
index 863508d0d62971ba1f81a1700214ca3e5cfe0e40..c6d14010b4b7e7aaddbe5389f16f9c4b11530676 100644 (file)
@@ -1 +1,2 @@
-ServerID ${SERVERID} "${LDAPSERVER}:9000"
+# Generated from template mmr_serverids.conf
+ServerID ${SERVERID} "${LDAPSERVER}"
index 857f044ccd81e43071edfb1cde3b518ead60fc56..5fa8b8f8a090443290053d9e5ec300ecc8196a5c 100644 (file)
@@ -1,10 +1,12 @@
+# Generated from template mmr_syncrepl.conf 
+
 syncrepl rid=${RID} 
 syncrepl rid=${RID} 
-       provider="${LDAPSERVER}:9000"
+       provider="${LDAPSERVER}"
        searchbase="${MMRDN}"
        type=refreshAndPersist
        retry="10 +"
        bindmethod=simple
        binddn="CN=Manager,${MMRDN}"
        searchbase="${MMRDN}"
        type=refreshAndPersist
        retry="10 +"
        bindmethod=simple
        binddn="CN=Manager,${MMRDN}"
-       credentials="linux"
+       credentials="${MMR_PASSWORD}"
 
        
 
        
index be68ec258850d8912f521e882c540e8ce18a64e7..141c0cd27a641e4a754e83044411cc2fb6c8ee3a 100644 (file)
@@ -62,7 +62,7 @@ rootdn          cn=Manager,cn=Samba
 database        hdb
 suffix         ${SCHEMADN}
 rootdn          cn=Manager,${SCHEMADN}
 database        hdb
 suffix         ${SCHEMADN}
 rootdn          cn=Manager,${SCHEMADN}
-rootpw         linux
+rootpw         "${MMR_PASSWORD}"
 directory      ${LDAPDIR}/db/schema
 index           objectClass eq
 index           samAccountName eq
 directory      ${LDAPDIR}/db/schema
 index           objectClass eq
 index           samAccountName eq
@@ -89,7 +89,7 @@ ${MIRRORMODE}
 database        hdb
 suffix         ${CONFIGDN}
 rootdn          cn=Manager,${CONFIGDN}
 database        hdb
 suffix         ${CONFIGDN}
 rootdn          cn=Manager,${CONFIGDN}
-rootpw         linux
+rootpw         "${MMR_PASSWORD}"
 directory      ${LDAPDIR}/db/config
 index           objectClass eq
 index           samAccountName eq
 directory      ${LDAPDIR}/db/config
 index           objectClass eq
 index           samAccountName eq
@@ -118,7 +118,7 @@ ${MIRRORMODE}
 database        hdb
 suffix         ${DOMAINDN}
 rootdn          cn=Manager,${DOMAINDN}
 database        hdb
 suffix         ${DOMAINDN}
 rootdn          cn=Manager,${DOMAINDN}
-rootpw         linux
+rootpw         "${MMR_PASSWORD}"
 directory      ${LDAPDIR}/db/user
 index           objectClass eq
 index           samAccountName eq
 directory      ${LDAPDIR}/db/user
 index           objectClass eq
 index           samAccountName eq
index 312ca5c70e64b74d00918b3d225ad2a6bf08d7a5..04f22dbf1d973a9eed34c173182822061bb22023 100755 (executable)
@@ -13,6 +13,7 @@ shift 1
 . `dirname $0`/../../../testprogs/blackbox/subunit.sh
 
 testit "openldap-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend
 . `dirname $0`/../../../testprogs/blackbox/subunit.sh
 
 testit "openldap-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend
+testit "openldap-mmr-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls='ldap://localdc1:9000,ldap://localdc2:9000,ldap://localdc3:9000'
 testit "fedora-ds-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=fedora-ds --targetdir=$PREFIX/fedora-ds-backend
 
 reprovision() {
 testit "fedora-ds-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=fedora-ds --targetdir=$PREFIX/fedora-ds-backend
 
 reprovision() {