Author: rhafer
Date: Mon Nov 21 11:09:24 2011
New Revision: 66877
URL: http://svn.opensuse.org/viewcvs/yast?rev=66877&view=rev
Log:
merged SLE-11-SP2 changes to trunk
Added:
trunk/ldap-server/src/mirrormode-wizard.ycp
- copied, changed from r64416, branches/SuSE-Code-11-SP2-Branch/ldap-server/src/mirrormode-wizard.ycp
trunk/ldap-server/src/openldap-mirrormode.desktop
- copied unchanged from r65056, branches/SuSE-Code-11-SP2-Branch/ldap-server/src/openldap-mirrormode.desktop
trunk/ldap-server/src/openldap-mirrormode.ycp
- copied unchanged from r64417, branches/SuSE-Code-11-SP2-Branch/ldap-server/src/openldap-mirrormode.ycp
Modified:
trunk/ldap-server/ (props changed)
trunk/ldap-server/src/LdapDatabase.ycp
trunk/ldap-server/src/LdapServer.pm
trunk/ldap-server/src/Makefile.am
trunk/ldap-server/src/agent/SlapdConfigAgent.cc
trunk/ldap-server/src/agent/SlapdConfigAgent.h
trunk/ldap-server/src/complex.ycp
trunk/ldap-server/src/dialogs.ycp
trunk/ldap-server/src/helps.ycp
trunk/ldap-server/src/lib/slapd-config.cpp
trunk/ldap-server/src/lib/slapd-config.h
trunk/ldap-server/src/tree_structure.ycp
trunk/ldap-server/yast2-ldap-server.spec.in
Modified: trunk/ldap-server/src/LdapDatabase.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapDatabase.ycp?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/LdapDatabase.ycp (original)
+++ trunk/ldap-server/src/LdapDatabase.ycp Mon Nov 21 11:09:24 2011
@@ -1428,93 +1428,95 @@
{
term widget =
`Top(
- `HSquash(
- `VBox(
- `VSpacing(0.5),
- `Left(
- `CheckBox( `id( `cb_syncrepl ), `opt(`notify), _("This database is a Replication Consumer"), false )
- ),
- `VSpacing(0.3),
- `VBox( `id( `f_synccons ),
+ `ReplacePoint( `id( `syncConsWidget ),
+ `HSquash(
+ `VBox(
+ `VSpacing(0.5),
`Left(
- `VSquash(
- `HBox(
- `ComboBox( `id( `cb_sync_prot ), `opt(`notify), _("Protocol"), [ "ldap", "ldaps" ] ),
- `HSpacing(),
- `InputField( `id( `te_sync_target ), `opt(`hstretch), _("Provider Name"), "" ),
- `HSpacing(),
- `HSquash(
- `IntField( `id(`if_sync_port), _("Port"), 0, 65536, 389)
- ),
- `HSpacing(),
- `VBox(
- `Bottom(
- `CheckBox( `id( `cb_start_tls ), _("Use StartTLS"), true )
- ),
- `VSpacing(0.3)
- )
- )
- )
+ `CheckBox( `id( `cb_syncrepl ), `opt(`notify), _("This database is a Replication Consumer"), false )
),
`VSpacing(0.3),
- `Left(
- `HBox(
- `ComboBox( `id( `cb_sync_type ), `opt(`notify),
- _("Replication Type"), [ "refreshAndPersist", "refreshOnly" ] ),
- `HSpacing(),
+ `VBox( `id( `f_synccons ),
+ `Left(
`VSquash(
- `HBox( `id( `hb_rep_interval ),
- `VBox(
- `Bottom(
- `Label( _("Replication Interval") )
- )
- ),
+ `HBox(
+ `ComboBox( `id( `cb_sync_prot ), `opt(`notify), _("Protocol"), [ "ldap", "ldaps" ] ),
`HSpacing(),
- `HSquash(
- `IntField( `id(`if_sync_int_d), _("Days"), 0, 99, 0)
- ),
- `HSpacing(),
- `HSquash(
- `IntField( `id(`if_sync_int_h), _("Hours"), 0, 23, 0)
- ),
+ `InputField( `id( `te_sync_target ), `opt(`hstretch), _("Provider Name"), "" ),
`HSpacing(),
`HSquash(
- `IntField( `id(`if_sync_int_m), _("Minutes"), 0, 59, 0)
+ `IntField( `id(`if_sync_port), _("Port"), 0, 65536, 389)
),
`HSpacing(),
- `HSquash(
- `IntField( `id(`if_sync_int_s), _("Seconds"), 0, 59, 0)
- ),
- `HStretch()
+ `VBox(
+ `Bottom(
+ `CheckBox( `id( `cb_start_tls ), _("Use StartTLS"), true )
+ ),
+ `VSpacing(0.3)
+ )
)
)
- )
- ),
- `VSpacing(0.3),
- `Left(
- `HBox(
- `InputField( `id( `te_sync_binddn ), `opt(`hstretch), _("Authentication DN"), "" ),
- `HSpacing(),
- `Password( `id( `te_sync_cred ), `opt(`hstretch), _("Password"), "" )
- )
- ),
- `VSpacing(0.3),
- `Left(
- `VSquash(
+ ),
+ `VSpacing(0.3),
+ `Left(
`HBox(
- `VBox(
- `Bottom(
- `CheckBox( `id( `cb_update_ref ), `opt(`notify), _("Custom update referral") )
- ),
- `VSpacing(0.3)
- ),
- `HSpacing(),
- `ComboBox( `id( `cb_updateref_prot ), `opt(`notify), _("Protocol"), [ "ldap", "ldaps" ] ),
+ `ComboBox( `id( `cb_sync_type ), `opt(`notify),
+ _("Replication Type"), [ "refreshAndPersist", "refreshOnly" ] ),
`HSpacing(),
- `InputField( `id( `te_updateref_target ), `opt(`hstretch), _("Target Host"), "" ),
+ `VSquash(
+ `HBox( `id( `hb_rep_interval ),
+ `VBox(
+ `Bottom(
+ `Label( _("Replication Interval") )
+ )
+ ),
+ `HSpacing(),
+ `HSquash(
+ `IntField( `id(`if_sync_int_d), _("Days"), 0, 99, 0)
+ ),
+ `HSpacing(),
+ `HSquash(
+ `IntField( `id(`if_sync_int_h), _("Hours"), 0, 23, 0)
+ ),
+ `HSpacing(),
+ `HSquash(
+ `IntField( `id(`if_sync_int_m), _("Minutes"), 0, 59, 0)
+ ),
+ `HSpacing(),
+ `HSquash(
+ `IntField( `id(`if_sync_int_s), _("Seconds"), 0, 59, 0)
+ ),
+ `HStretch()
+ )
+ )
+ )
+ ),
+ `VSpacing(0.3),
+ `Left(
+ `HBox(
+ `InputField( `id( `te_sync_binddn ), `opt(`hstretch), _("Authentication DN"), "" ),
`HSpacing(),
- `HSquash(
- `IntField( `id(`if_updateref_port), _("Port"), 0, 65536, 389)
+ `Password( `id( `te_sync_cred ), `opt(`hstretch), _("Password"), "" )
+ )
+ ),
+ `VSpacing(0.3),
+ `Left(
+ `VSquash(
+ `HBox(
+ `VBox(
+ `Bottom(
+ `CheckBox( `id( `cb_update_ref ), `opt(`notify), _("Custom update referral") )
+ ),
+ `VSpacing(0.3)
+ ),
+ `HSpacing(),
+ `ComboBox( `id( `cb_updateref_prot ), `opt(`notify), _("Protocol"), [ "ldap", "ldaps" ] ),
+ `HSpacing(),
+ `InputField( `id( `te_updateref_target ), `opt(`hstretch), _("Target Host"), "" ),
+ `HSpacing(),
+ `HSquash(
+ `IntField( `id(`if_updateref_port), _("Port"), 0, 65536, 389)
+ )
)
)
)
@@ -1526,7 +1528,24 @@
return widget;
}
- global boolean DbSyncConsRead( integer index, map synccons )
+ boolean urlComponentsMatch( map url1, map url2 )
+ {
+ if ( (string)url1["protocol"]:"" != (string)url2["protocol"]:"" )
+ {
+ return false;
+ }
+ if ( (string)url1["target"]:"" != (string)url2["target"]:"" )
+ {
+ return false;
+ }
+ if ( (integer)url1["port"]:0 != (integer)url2["port"]:0 )
+ {
+ return false;
+ }
+ return true;
+ }
+
+ global boolean DbSyncConsRead( integer index, map synccons, map updateref )
{
y2milestone("DbSyncConsRead %1", index);
if ( size(synccons) == 0 )
@@ -1564,14 +1583,13 @@
}
UI::ChangeWidget( `te_sync_binddn, `Value, (string)synccons["binddn"]:"");
UI::ChangeWidget( `te_sync_cred, `Value, (string)synccons["credentials"]:"");
- map updateref = synccons["updateref"]:$[];
if (size(updateref) == 0 )
{
// no updateref
UI::ChangeWidget( `cb_update_ref, `Value, true );
UI::ChangeWidget( `te_updateref_target, `Value, "" );
}
- else if ( (boolean)updateref["use_provider"]:true )
+ else if ( urlComponentsMatch( provider, updateref ) )
{
UI::ChangeWidget( `cb_update_ref, `Value, false );
UI::ChangeWidget( `cb_updateref_prot, `Enabled, false );
@@ -1756,7 +1774,8 @@
global map DbSyncConsWrite( integer index )
{
y2milestone("DbSyncConsWrite %1", index);
- map result = $[];
+ map syncrepl = $[];
+ map updateref = $[];
if ( UI::QueryWidget( `cb_syncrepl, `Value ) == true )
{
string prot = (string)UI::QueryWidget( `cb_sync_prot, `Value );
@@ -1767,11 +1786,11 @@
"target" : target,
"port" : port
];
- result = add(result, "provider", provider );
- result = add(result, "starttls", (boolean)UI::QueryWidget(`cb_start_tls, `Value) );
+ syncrepl = add(syncrepl, "provider", provider );
+ syncrepl = add(syncrepl, "starttls", (boolean)UI::QueryWidget(`cb_start_tls, `Value) );
string type = (string)UI::QueryWidget( `cb_sync_type, `Value );
- result = add(result, "type", type );
+ syncrepl = add(syncrepl, "type", type );
if ( type == "refreshOnly" )
{
@@ -1781,7 +1800,7 @@
"mins" : (integer)UI::QueryWidget( `if_sync_int_m, `Value ),
"secs" : (integer)UI::QueryWidget( `if_sync_int_s, `Value ),
];
- result = add( result, "interval", iv );
+ syncrepl = add( syncrepl, "interval", iv );
}
map db = baseDb;
if ( index >= 0)
@@ -1791,23 +1810,25 @@
string basedn = (string)db["suffix"]:"";
string binddn = (string)UI::QueryWidget( `te_sync_binddn, `Value );
string cred = (string)UI::QueryWidget( `te_sync_cred, `Value );
- result = add(result, "basedn", basedn );
- result = add(result, "binddn", binddn );
- result = add(result, "credentials", cred );
+ syncrepl = add(syncrepl, "basedn", basedn );
+ syncrepl = add(syncrepl, "binddn", binddn );
+ syncrepl = add(syncrepl, "credentials", cred );
if ( (boolean) UI::QueryWidget( `cb_update_ref, `Value) )
{
- map updateref = $[];
if ( (string)UI::QueryWidget(`te_updateref_target, `Value) != "" )
{
updateref = add(updateref, "protocol", (string)UI::QueryWidget(`cb_updateref_prot, `Value) );
updateref = add(updateref, "target", (string)UI::QueryWidget(`te_updateref_target, `Value) );
updateref = add(updateref, "port", (integer)UI::QueryWidget(`if_updateref_port, `Value) );
}
- result = add(result, "updateref", updateref );
+ }
+ else
+ {
+ updateref = provider;
}
}
- y2milestone("DbSyncConsWrite result: %1", result);
- return result;
+ y2milestone("DbSyncConsWrite syncrepl: %1", syncrepl);
+ return $[ "syncrepl" : syncrepl, "updateref" : updateref ];
}
global term GetSyncProvWidget()
@@ -1989,7 +2010,7 @@
Wizard::SetContentsButtons(caption, contents, HELPS["synccons_edit"]:"",
Label::BackButton(), Label::NextButton());
symbol ret = `next;
- DbSyncConsRead(-1, $[] );
+ DbSyncConsRead(-1, $[], $[] );
while(true) {
ret = (symbol)UI::UserInput();
if (ret == `abort || ret == `cancel )
Modified: trunk/ldap-server/src/LdapServer.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Mon Nov 21 11:09:24 2011
@@ -45,6 +45,7 @@
my $overwriteConfig = 0;
my $setupSyncreplSlave = 0;
my $setupSyncreplMaster = 0;
+my $setupMirrorMode = 0;
my $modeInstProposal = 0;
my $serviceEnabled = 0;
my $serviceRunning = 1;
@@ -183,6 +184,15 @@
}
];
+my $dbconfig_defaults = [
+ "set_cachesize 0 15000000 1",
+ "set_lg_regionmax 262144",
+ "set_lg_bsize 2097152",
+ "set_flags DB_LOG_AUTOREMOVE",
+ "set_lk_max_locks 30000",
+ "set_lk_max_objects 30000"
+];
+
my @schema = ();
my @added_databases = ();
@@ -197,6 +207,7 @@
my $syncreplaccount = {};
my $syncreplbaseconfig = {};
+my $masterldif = "";
##
# Read all ldap-server settings
@@ -650,7 +661,7 @@
Progress->Finish();
return 0;
}
- elsif ( ! $serviceRunning && $serviceEnabled )
+ elsif ( (! $serviceRunning && $serviceEnabled) || $restartRequired )
{
my $progressItems = [_("Starting LDAP Server") ];
Progress->New(_("Restarting OpenLDAP Server"), "", 1, $progressItems, $progressItems, "");
@@ -735,12 +746,15 @@
my $tmpfile = $rc->{'stdout'};
chomp $tmpfile;
y2milestone("using tempfile: ".$tmpfile );
- my $overrideCsn = {};
+ my $ldif = "";
if ( $setupSyncreplSlave )
{
- $overrideCsn = { resetCsn => 0 };
+ $ldif = $masterldif;
+ }
+ else
+ {
+ $ldif = SCR->Read('.ldapserver.configAsLdif');
}
- my $ldif = SCR->Read('.ldapserver.configAsLdif', $overrideCsn );
y2debug($ldif);
if ( ! $ldif )
{
@@ -994,7 +1008,13 @@
# before restarting the server (bnc#450457)
Progress->NextStage();
y2milestone("slapd might be running a background task, waiting for completion");
- SCR->Execute('.ldapserver.waitForBackgroundTasks') ;
+ if (! SCR->Execute('.ldapserver.waitForBackgroundTasks') ) {
+ y2error("Error while waiting for background task.");
+ $self->SetError( _("An error happend while waiting for waiting for the OpenLDAP database indexer to finish.\n").
+ _("Please restart OpenLDAP manually.") );
+ Progress->Finish();
+ return 0;
+ }
y2milestone("background tasks completed");
Progress->NextStage();
Service->Restart("ldap");
@@ -1328,6 +1348,13 @@
return $serviceRunning;
}
+BEGIN { $TYPEINFO {WriteRestartRequired} = ["function", "boolean", "boolean"]; }
+sub WriteRestartRequired {
+ my $self = shift;
+ $restartRequired = shift;
+ return 1;
+}
+
BEGIN { $TYPEINFO {ReadSLPEnabled} = ["function", "boolean"]; }
sub ReadSLPEnabled {
y2milestone("ReadSLPEnabled");
@@ -1391,6 +1418,50 @@
return 1;
}
+BEGIN { $TYPEINFO {ReadServerIds} = ["function", [ "list", [ "map", "string", "any" ] ] ]; }
+sub ReadServerIds
+{
+ my $self = shift;
+
+ my $serverids = SCR->Read( '.ldapserver.global.serverIds' );
+ foreach my $sid ( @{$serverids} )
+ {
+ $sid->{'id'} = YaST::YCP::Integer( $sid->{'id'} );
+ }
+ return $serverids;
+}
+
+BEGIN { $TYPEINFO {WriteServerIds} = ["function", "boolean", [ "list", [ "map", "string", "any" ] ] ]; }
+sub WriteServerIds
+{
+ my ( $self, $serverids ) = @_;
+ y2milestone( "WriteServerIds" );
+ foreach my $sid ( @{$serverids} )
+ {
+ $sid->{'id'} = YaST::YCP::Integer( $sid->{'id'} );
+ }
+ my $ret = SCR->Write( '.ldapserver.global.serverIds', $serverids );
+ return $ret;
+}
+
+BEGIN { $TYPEINFO {AssignServerId} = ["function", "boolean" ]; }
+sub AssignServerId
+{
+ my ( $self, $fqdn ) = @_;
+ if ( ! $fqdn )
+ {
+ $fqdn = $self->ReadHostnameFQ();
+ }
+ if ( $fqdn eq "" )
+ {
+ y2error("Unable to determine full-qualified hostname");
+ return 0;
+ }
+
+ SCR->Execute('.ldapserver.assignServerId', "ldap://".$fqdn );
+ return 1;
+}
+
BEGIN { $TYPEINFO {ReadAllowFeatures} = ["function", [ "list", "string" ] ]; }
sub ReadAllowFeatures
{
@@ -1687,7 +1758,7 @@
sub ReadFromDefaults
{
my $self = shift;
-
+ y2milestone( "ReadFromDefaults" );
$self->WriteServiceEnabled( $dbDefaults{'serviceEnabled'} );
$self->WriteSLPEnabled( $dbDefaults{'slpRegister'} );
my $pwHash = "";
@@ -1710,15 +1781,9 @@
my $frontenddb = { 'type' => 'frontend' };
$self->InitGlobals();
-
- if ( $self->ReadSetupSlave() )
- {
- SCR->Execute('.ldapserver.initDatabases', [ $frontenddb, $cfgdatabase ] );
- SCR->Write(".ldapserver.database.{0}.syncrepl", $syncreplbaseconfig );
- my $ldif = SCR->Read('.ldapserver.configAsLdif' );
- y2debug($ldif);
- }
- else #master or standalone
+
+ if (! $self->ReadSetupSlave() ) # Slave setup was already initialized by dumping Master
+ # Database to $masterldif, nothing to do here.
{
SCR->Execute('.ldapserver.initSchema' );
my $rc = SCR->Write(".ldapserver.schema.addFromLdif", "/etc/openldap/schema/core.ldif" );
@@ -1791,6 +1856,10 @@
$self->UpdateDatabase(0 ,$changes);
if ( $self->ReadSetupMaster() )
{
+ if ( $self->ReadSetupMirrorMode() )
+ {
+ $self->AssignServerId();
+ }
# create helpful indexes for syncrepl
$self->ChangeDatabaseIndex(1, { "name" => "entryUUID", "eq" => 1 } );
$self->ChangeDatabaseIndex(1, { "name" => "entryCSN", "eq" => 1 } );
@@ -1856,7 +1925,16 @@
SCR->Write(".ldapserver.database.{1}.limits", \@newlimits );
}
}
-
+
+ # remove existing DB_CONFIG to have it regenerated at slapd startup from
+ # settings in the database object
+ my $db_config = $database->{'directory'}."/DB_CONFIG";
+ if ( SCR->Read(".target.size", $db_config) > 0 ) {
+ SCR->Execute('.target.bash', 'rm -f '.$db_config );
+ }
+ # add DB_CONFIG settings to the database object
+ $rc = SCR->Write(".ldapserver.database.{1}.dbconfig", $dbconfig_defaults );
+
# add default ACLs
$rc = SCR->Write(".ldapserver.database.{-1}.acl", $defaultGlobalAcls );
$rc = SCR->Write(".ldapserver.database.{1}.acl", $defaultDbAcls );
@@ -1981,8 +2059,9 @@
# syncrepl related ACL and move it to the top. This is to ensure
# that syncrepl clients have read access to everything
my $syncrepl = $self->ReadSyncRepl( $dbIndex );
- if ( $syncrepl && scalar(keys %{$syncrepl}) && $syncrepl->{'binddn'} ne "" )
+ if ( @$syncrepl > 0 && scalar(keys %{$syncrepl->[0]}) && $syncrepl->[0]->{'binddn'} ne "" )
{
+ my $binddn = $syncrepl->[0]->{'binddn'};
my $acllist_sorted=[];
my $syncacl={};
my $found=0;
@@ -1996,7 +2075,7 @@
foreach my $access ( @{$rule->{'access'}} )
{
if ( $access->{'type'} eq "dn.base" &&
- lc($access->{'value'}) eq lc($syncrepl->{'binddn'} ) &&
+ lc($access->{'value'}) eq lc( $binddn ) &&
($access->{'level'} eq "read" || $access->{'level'} eq "write")
)
{
@@ -2214,46 +2293,38 @@
return YaST::YCP::Boolean(1);
}
-BEGIN { $TYPEINFO {ReadSyncRepl} = ["function", [ "map" , "string", "any" ], "integer" ]; }
+BEGIN { $TYPEINFO {ReadSyncRepl} = ["function", [ "list" , [ "map", "string", "any" ] ], "integer" ]; }
sub ReadSyncRepl
{
my ($self, $index) = @_;
y2milestone("ReadSyncRepl ", $index);
- my $syncrepl = SCR->Read(".ldapserver.database.{".$index."}.syncrepl" );
- y2debug( "SyncRepl: ".Data::Dumper->Dump([$syncrepl]) );
- if ( ! $syncrepl )
+ my $syncreplList = SCR->Read(".ldapserver.database.{".$index."}.syncrepl" );
+ y2debug( "SyncRepl: ".Data::Dumper->Dump([$syncreplList]) );
+ if ( ! $syncreplList )
{
my $err = SCR->Error(".ldapserver");
$self->SetError( $err->{'summary'}, $err->{'description'} );
return undef;
}
- if (defined $syncrepl->{'provider'} && defined $syncrepl->{'provider'}->{'port'} )
- {
- $syncrepl->{'provider'}->{'port'} = YaST::YCP::Integer( $syncrepl->{'provider'}->{'port'} );
- }
- if (defined $syncrepl->{'updateref'} )
+ foreach my $syncrepl (@{$syncreplList})
{
- if ( defined $syncrepl->{'updateref'}->{'port'} )
+ if (defined $syncrepl->{'provider'} && defined $syncrepl->{'provider'}->{'port'} )
{
- $syncrepl->{'updateref'}->{'port'} = YaST::YCP::Integer( $syncrepl->{'updateref'}->{'port'} );
+ $syncrepl->{'provider'}->{'port'} = YaST::YCP::Integer( $syncrepl->{'provider'}->{'port'} );
}
- if ( defined $syncrepl->{'updateref'}->{'use_provider'} )
+ if ( defined $syncrepl->{'interval'} )
{
- $syncrepl->{'updateref'}->{'use_provider'} = YaST::YCP::Boolean( $syncrepl->{'updateref'}->{'use_provider'} );
+ $syncrepl->{'interval'}->{'days'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'days'} );
+ $syncrepl->{'interval'}->{'hours'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'hours'} );
+ $syncrepl->{'interval'}->{'mins'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'mins'} );
+ $syncrepl->{'interval'}->{'secs'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'secs'} );
+ }
+ if ( defined $syncrepl->{'starttls'} )
+ {
+ $syncrepl->{'starttls'} = YaST::YCP::Boolean( $syncrepl->{'starttls'} );
}
}
- if ( defined $syncrepl->{'interval'} )
- {
- $syncrepl->{'interval'}->{'days'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'days'} );
- $syncrepl->{'interval'}->{'hours'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'hours'} );
- $syncrepl->{'interval'}->{'mins'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'mins'} );
- $syncrepl->{'interval'}->{'secs'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'secs'} );
- }
- if ( defined $syncrepl->{'starttls'} )
- {
- $syncrepl->{'starttls'} = YaST::YCP::Boolean( $syncrepl->{'starttls'} );
- }
- return $syncrepl;
+ return $syncreplList;
}
BEGIN { $TYPEINFO {WriteSyncRepl} = ["function", "boolean" , "integer", ["map", "string", "any" ] ]; }
@@ -2265,17 +2336,6 @@
{
$syncrepl->{'provider'}->{'port'} = YaST::YCP::Integer( $syncrepl->{'provider'}->{'port'} );
}
- if (defined $syncrepl->{'updateref'} )
- {
- if ( defined $syncrepl->{'updateref'}->{'port'} )
- {
- $syncrepl->{'updateref'}->{'port'} = YaST::YCP::Integer( $syncrepl->{'updateref'}->{'port'} );
- }
- if ( defined $syncrepl->{'updateref'}->{'use_provider'} )
- {
- $syncrepl->{'updateref'}->{'use_provider'} = YaST::YCP::Boolean( $syncrepl->{'updateref'}->{'use_provider'} );
- }
- }
if ( defined $syncrepl->{'interval'} )
{
$syncrepl->{'interval'}->{'days'} = YaST::YCP::Integer( $syncrepl->{'interval'}->{'days'} );
@@ -2316,6 +2376,70 @@
return YaST::YCP::Boolean(1);
}
+##
+ # Remove the Syncrepl Configuration matching the supplied URI from all databases
+ #
+ # @param The LDAP Url of the syncrepl consumer configuration to be deleted
+ #
+ # @return boolean True on success
+ #
+BEGIN { $TYPEINFO {RemoveMMSyncrepl} = ["function", "boolean", "string" ]; }
+sub RemoveMMSyncrepl
+{
+ my ( $self, $uri ) = @_;
+
+ my $dbs = $self->ReadDatabaseList();
+ for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
+ {
+ my $type = $dbs->[$i+1]->{'type'};
+ if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
+ {
+ SCR->Write(".ldapserver.database.{".$i."}.syncrepl.del", $uri );
+ }
+ # Disable MirrorMode if needed
+ my $syncrepl = SCR->Read(".ldapserver.database.{".$i."}.syncrepl" );
+ if ( scalar( @{$syncrepl} ) <= 1 )
+ {
+ SCR->Write(".ldapserver.database.{".$i."}.mirrormode", YaST::YCP::Boolean(0) );
+ }
+ }
+ SCR->Execute(".ldapserver.commitChanges" );
+
+ return YaST::YCP::Boolean(1);
+}
+
+BEGIN { $TYPEINFO {ReadUpdateRef} = ["function", [ "map" , "string", "any" ], "integer" ]; }
+sub ReadUpdateRef
+{
+ my ($self, $index) = @_;
+ y2milestone("ReadUpdateRef ", $index);
+ my $updateref = SCR->Read(".ldapserver.database.{".$index."}.updateref" );
+ y2debug( "SyncRepl: ".Data::Dumper->Dump([$updateref]) );
+ if ( defined $updateref->{'port'} )
+ {
+ $updateref->{'port'} = YaST::YCP::Integer( $updateref->{'port'} );
+ }
+ return $updateref;
+}
+
+BEGIN { $TYPEINFO {WriteUpdateRef} = ["function", "boolean" , "integer", ["map", "string", "any" ] ]; }
+sub WriteUpdateRef
+{
+ my ( $self, $dbindex, $updateref) = @_;
+ y2milestone("WriteUpdateref");
+ if ( defined $updateref->{'port'} )
+ {
+ $updateref->{'port'} = YaST::YCP::Integer( $updateref->{'port'} );
+ }
+ y2debug("Updateref: ".Data::Dumper->Dump([$updateref]) );
+ if ( ! SCR->Write(".ldapserver.database.{".$dbindex."}.updateref", $updateref ) )
+ {
+ my $err = SCR->Error(".ldapserver");
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return YaST::YCP::Boolean(0);
+ }
+}
+
BEGIN { $TYPEINFO {ReadSchemaList} = ["function", [ "list" , "string"] ]; }
sub ReadSchemaList
{
@@ -2602,13 +2726,7 @@
}
# add some defaults to DB_CONFIG
- my $dbconfig = [
- "set_cachesize 0 15000000 1",
- "set_lg_regionmax 262144",
- "set_lg_bsize 2097152",
- "set_flags DB_LOG_AUTOREMOVE"
- ];
- $rc = SCR->Write(".ldapserver.database.{$index}.dbconfig", $dbconfig );
+ $rc = SCR->Write(".ldapserver.database.{$index}.dbconfig", $dbconfig_defaults );
if(! $rc ) {
my $err = SCR->Error(".ldapserver");
y2error("Adding DB_CONFIG failed: ".$err->{'summary'}." ".$err->{'description'});
@@ -2866,9 +2984,17 @@
{
my ( $self ) = @_;
+ if ( $self->ReadSetupMirrorMode() )
+ {
+ y2milestone("Assigning new ServerID");
+ $self->AssignServerId( $syncreplbaseconfig->{'provider'}->{'target'} );
+ $self->AssignServerId();
+ }
+
my $dbs = $self->ReadDatabaseList();
for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
{
+ y2milestone("Checking SyncProvider Overlay configuration");
my $type = $dbs->[$i+1]->{'type'};
my $suffix = $dbs->[$i+1]->{'suffix'};
if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
@@ -2892,58 +3018,96 @@
for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
{
+ y2milestone("Checking SyncConsumer configuration");
my $type = $dbs->[$i+1]->{'type'};
my $suffix = $dbs->[$i+1]->{'suffix'};
if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
{
- my $cons = SCR->Read(".ldapserver.database.{".$i."}.syncrepl" );
- my $needsyncrepl = 0;
- if ( keys %{$cons} == 0 )
- {
- y2milestone("Database $i needs syncrepl config");
- $needsyncrepl = 1;
- }
- else
+ my $conslist = SCR->Read(".ldapserver.database.{".$i."}.syncrepl" );
+ my $needsyncrepl = 1;
+ my $needsyncreplMM = 1;
+ my %syncReplMM = %{$syncreplbaseconfig};
+ my $mmprovider = { 'protocol' => $syncreplbaseconfig->{'provider'}->{'protocol'},
+ 'target' => $self->ReadHostnameFQ(),
+ 'port' => $syncreplbaseconfig->{'provider'}->{'port'}
+ };
+ $syncReplMM{'provider'} = $mmprovider;
+ $syncReplMM{'basedn'} = $suffix;
+ y2milestone("MM syncrepl: ". Data::Dumper->Dump( [\%syncReplMM] ));
+ foreach my $cons ( @{$conslist} )
{
- my $provider = $cons->{'provider'};
- if ( $provider->{'target'} ne $syncreplbaseconfig->{'provider'}->{'target'} )
- {
- y2milestone("Provider Hostname doesn't match");
- $needsyncrepl = 1;
- }
- elsif ( $provider->{'port'} ne $syncreplbaseconfig->{'provider'}->{'port'}->value )
+ if ( SyncReplMatch( $cons, $syncreplbaseconfig ) )
{
- y2milestone("Provider Port doesn't match");
- $needsyncrepl = 1;
+ y2milestone("Syncrepl defintion already present");
+ $needsyncrepl = 0;
}
- elsif ( $provider->{'protocol'} ne $syncreplbaseconfig->{'provider'}->{'protocol'} )
+ if ( $self->ReadSetupMirrorMode() )
{
- y2milestone("Provider Protocol doesn't match");
- $needsyncrepl = 1;
+ if ( SyncReplMatch( $cons, \%syncReplMM ) )
+ {
+ y2milestone("Syncrepl defintion for MirrorMode already present");
+ $needsyncreplMM = 0;
+ }
}
- elsif ( $cons->{'binddn'} ne $syncreplbaseconfig->{'binddn'} )
+ else
{
- y2milestone("binddn doesn't match syncreplbaseconfig");
- $needsyncrepl = 1;
+ $needsyncreplMM = 0;
}
- elsif ( $cons->{'credentials'} ne $syncreplbaseconfig->{'credentials'} )
+ if ( !$needsyncreplMM && !$needsyncrepl )
{
- y2milestone("credentials don't match syncreplbaseconfig");
- $needsyncrepl = 1;
+ last;
}
}
- if ( $needsyncrepl )
+ if ( $needsyncrepl )
{
y2milestone("Adding syncrepl consumer configuration for database $i");
$syncreplbaseconfig->{'basedn'} = $suffix;
- SCR->Write(".ldapserver.database.{".$i."}.syncrepl", $syncreplbaseconfig );
+ SCR->Write(".ldapserver.database.{".$i."}.syncrepl.add", $syncreplbaseconfig );
+ }
+ if ( $self->ReadSetupMirrorMode() )
+ {
+ SCR->Write(".ldapserver.database.{".$i."}.mirrormode", YaST::YCP::Boolean(1) );
+ # Remove any existing updateRef, they don't make sense in a mirrormode setup
+ SCR->Write(".ldapserver.database.{".$i."}.updateref", {} );
+ if ( $needsyncreplMM )
+ {
+ my $mmprovider = { 'protocol' => $syncreplbaseconfig->{'provider'}->{'protocol'},
+ 'target' => $self->ReadHostnameFQ(),
+ 'port' => $syncreplbaseconfig->{'provider'}->{'port'}
+ };
+ $syncReplMM{'provider'} = $mmprovider;
+ $syncReplMM{'basedn'} = $suffix;
+ y2milestone("Database $i needs MM syncrepl.". Data::Dumper->Dump( [\%syncReplMM] ));
+
+ SCR->Write(".ldapserver.database.{".$i."}.syncrepl.add", \%syncReplMM );
+ }
}
+ }
+ }
+ if ( ! $self->ReadSetupMirrorMode() )
+ {
+ for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
+ {
+ y2milestone("Checking Update Referral");
+ my $type = $dbs->[$i+1]->{'type'};
+ my $suffix = $dbs->[$i+1]->{'suffix'};
+ if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
+ {
+ my $updateref = SCR->Read(".ldapserver.database.{".$i."}.updateref" );
+ if ( ! defined $updateref )
+ {
+ y2milestone("Adding Update Referral");
+ SCR->Write(".ldapserver.database.{".$i."}.updateref",
+ $syncreplbaseconfig->{'provider'} );
+ }
+ }
}
}
for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
{
+ y2milestone("Checking Database ACLs");
my $type = $dbs->[$i+1]->{'type'};
my $suffix = $dbs->[$i+1]->{'suffix'};
if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
@@ -2957,6 +3121,10 @@
else
{
my $acl = SCR->Read(".ldapserver.database.{".$i."}.acl" );
+ if ( ! $acl )
+ {
+ next;
+ }
y2debug("Database $i acl:". Data::Dumper->Dump([ $acl ]) );
my $needacl = 1;
foreach my $rule ( @{$acl} )
@@ -3027,6 +3195,7 @@
}
for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
{
+ y2milestone("Checking Database Limits");
my $type = $dbs->[$i+1]->{'type'};
my $suffix = $dbs->[$i+1]->{'suffix'};
if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
@@ -3073,7 +3242,9 @@
}
}
}
+ y2milestone("Updating remote configuration");
SCR->Execute(".ldapserver.commitChanges" );
+ $masterldif = SCR->Execute(".ldapserver.dumpConfDb" );
SCR->Execute(".ldapserver.reset" );
$globals_initialized = 0;
@@ -3102,17 +3273,6 @@
{
$syncreplbaseconfig->{'starttls'} = YaST::YCP::Boolean($syncreplbaseconfig->{'starttls'} );
}
- if (defined $syncreplbaseconfig->{'updateref'} )
- {
- if ( defined $syncreplbaseconfig->{'updateref'}->{'port'} )
- {
- $syncreplbaseconfig->{'updateref'}->{'port'} = YaST::YCP::Integer( $syncreplbaseconfig->{'updateref'}->{'port'} );
- }
- if ( defined $syncreplbaseconfig->{'updateref'}->{'use_provider'} )
- {
- $syncreplbaseconfig->{'updateref'}->{'use_provider'} = YaST::YCP::Boolean( $syncreplbaseconfig->{'updateref'}->{'use_provider'} );
- }
- }
return 1;
}
@@ -3161,7 +3321,7 @@
}
##
- # @return true, if the current setup will creat a Syncrepl Master server
+ # @return true, if the current setup will create a Syncrepl Master server
# false otherwise
#
BEGIN { $TYPEINFO {ReadSetupMaster} = ["function", "boolean" ]; }
@@ -3171,6 +3331,40 @@
}
##
+ # Set "true" here if we are setting up a Syncrepl Master for acting as a
+ # MirrorMode Node. (it will result in a olcServerId being created)
+ # (this function is only useful for the installation wizards)
+ #
+ # @return true
+ #
+BEGIN { $TYPEINFO {WriteSetupMirrorMode} = ["function", "boolean", "boolean"]; }
+sub WriteSetupMirrorMode
+{
+ my ($self, $value) = @_;
+ $setupMirrorMode=$value;
+}
+
+##
+ # @return true, if the current setup will create a Syncrepl Mirror Mode Master
+ # false otherwise
+ #
+BEGIN { $TYPEINFO {ReadSetupMirrorMode} = ["function", "boolean" ]; }
+sub ReadSetupMirrorMode
+{
+ return $setupMirrorMode;
+}
+
+##
+ # @return true, if the currently connected server is member of a mirrormode setup
+ #
+BEGIN { $TYPEINFO {HasMirrorMode} = ["function", "boolean" ]; }
+sub HasMirrorMode
+{
+ my $self = shift;
+ return SCR->Read(".ldapserver.database.{0}.mirrormode" );
+}
+
+##
# Initializes the ldapserver agent to connect to a remote cn=config database
# @param A Map containing the details for the remote connections. Required keys:
# "provider": A Map with the keys "protocol" (can be "ldap" or "ldaps"),
@@ -3227,7 +3421,7 @@
if ( $rc->{'exit'} != 0 )
{
$self->SetError( _("Error while trying to verify the Server Certificate of the Provider server.\n").
- _("Please make sure that \"".$tls->{"caCertFile"}."\" constains the correct\nCA file to verify the remote Server Certificate."),
+ _("Please make sure that \"".$tls->{"caCertFile"}."\" contains the correct\nCA file to verify the remote Server Certificate."),
$rc->{'stderr'} );
return 0;
}
@@ -3246,5 +3440,39 @@
return 1;
}
+sub SyncReplMatch
+{
+ y2milestone("SyncReplMatch");
+ my ($syncrepl1, $syncrepl2) = @_;
+ my $ret = 1;
+
+ if ( $syncrepl1->{'provider'}->{'target'} ne $syncrepl2->{'provider'}->{'target'} )
+ {
+ y2debug("Provider Hostname doesn't match");
+ $ret = 0;
+ }
+ elsif ( $syncrepl1->{'provider'}->{'port'} ne $syncrepl2->{'provider'}->{'port'}->value )
+ {
+ y2debug("Provider Port doesn't match");
+ $ret = 0;
+ }
+ elsif ( $syncrepl1->{'provider'}->{'protocol'} ne $syncrepl2->{'provider'}->{'protocol'} )
+ {
+ y2debug("Provider Protocol doesn't match");
+ $ret = 0;
+ }
+ elsif ( $syncrepl1->{'binddn'} ne $syncrepl2->{'binddn'} )
+ {
+ y2debug("binddn doesn't match syncreplbaseconfig");
+ $ret = 0;
+ }
+ elsif ( $syncrepl1->{'credentials'} ne $syncrepl2->{'credentials'} )
+ {
+ y2debug("credentials don't match syncreplbaseconfig");
+ $ret = 0;
+ }
+ return $ret;
+}
+
1;
# EOF
Modified: trunk/ldap-server/src/Makefile.am
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/Makefile.am?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/Makefile.am (original)
+++ trunk/ldap-server/src/Makefile.am Mon Nov 21 11:09:24 2011
@@ -6,6 +6,7 @@
client_DATA = \
ldap-server.ycp \
+ openldap-mirrormode.ycp \
ldap-server_auto.ycp \
ldap-server_proposal.ycp
@@ -15,10 +16,12 @@
widgets.ycp \
dialogs.ycp \
complex.ycp \
- tree_structure.ycp
+ tree_structure.ycp \
+ mirrormode-wizard.ycp
desktop_DATA = \
- ldap-server.desktop
+ ldap-server.desktop \
+ openldap-mirrormode.desktop
module_DATA = \
LdapServer.pm \
Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.cc
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.cc?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Mon Nov 21 11:09:24 2011
@@ -15,7 +15,7 @@
#define ANSWER 42
#define MAX_LENGTH_ID 5
-class SaslExternalHandler : SaslInteractionHandler
+class SaslExternalHandler : SaslInteractionHandler
{
public:
virtual void handleInteractions(const std::list &cb );
@@ -113,14 +113,7 @@
}
else if ( path->component_str(0) == "configAsLdif" )
{
- if ( arg.isNull() || !arg->asMap()->size())
- {
- return ConfigToLdif();
- }
- else
- {
- return ConfigToLdif(true);
- }
+ return ConfigToLdif();
}
} catch ( std::runtime_error e ) {
y2error("Error during Read: %s", e.what() );
@@ -210,6 +203,11 @@
}
else
{
+ TlsOptions tls = m_lc->getTlsOptions();
+ if ( ! argMap->value(YCPString("cacert")).isNull() )
+ {
+ tls.setOption( TlsOptions::CACERTFILE, argMap->value( YCPString("cacert"))->asString()->value_cstr() );
+ }
if ( argMap->value(YCPString("starttls"))->asBoolean()->value() )
{
m_lc->start_tls();
@@ -409,10 +407,59 @@
return YCPBoolean(false);
}
}
+ else if ( path->component_str(0) == "dumpConfDb" )
+ {
+ try {
+ StringList attrs;
+ attrs.add("*");
+ attrs.add("structuralObjectClass");
+ attrs.add("entryUUID");
+ attrs.add("creatorsName");
+ attrs.add("createTimestamp");
+ attrs.add("entryCSN");
+ attrs.add("modifiersName");
+ attrs.add("modifyTimestamp");
+ attrs.add("contextCSN");
+ LDAPSearchResults *sr = m_lc->search( "cn=config", LDAPConnection::SEARCH_SUB,
+ "objectclass=*", attrs );
+ std::ostringstream ldifStream;
+ LdifWriter ldif(ldifStream);
+ while ( LDAPEntry *e = sr->getNext() )
+ {
+ ldif.writeRecord( *e );
+ }
+ return YCPString( ldifStream.str() );
+ } catch ( LDAPException e ) {
+ std::string errstring = "Error while reading remote Database";
+ std::string details = e.getResultMsg() + ": " + e.getServerMsg();
+
+ lastError->add(YCPString("summary"),
+ YCPString(errstring) );
+ lastError->add(YCPString("description"), YCPString( details ) );
+ return YCPBoolean(false);
+ } catch ( std::runtime_error e ) {
+ lastError->add(YCPString("summary"),
+ YCPString("Error while trying to read remote Database") );
+ lastError->add(YCPString("description"),
+ YCPString(std::string( e.what() ) ) );
+ return YCPBoolean(false);
+ }
+ }
+ else if ( path->component_str(0) == "assignServerId" )
+ {
+ std::string url( arg->asString()->value_cstr() );
+ this->assignServerId( url );
+ }
else if ( path->component_str(0) == "waitForBackgroundTasks" )
{
- olc.waitForBackgroundTasks();
- return YCPBoolean(true);
+ bool ret = true;
+ try {
+ olc.waitForBackgroundTasks();
+ } catch ( std::runtime_error e ) {
+ ret = false;
+ }
+
+ return YCPBoolean(ret);
}
else if ( path->component_str(0) == "addRootSaslRegexp" )
{
@@ -542,11 +589,14 @@
if ( path->component_str(0) == "serverIds" )
{
YCPList resList;
- StringList serverIds = globals->getStringValues("olcserverid");
- for ( StringList::const_iterator i = serverIds.begin();
+ std::vector<OlcServerId> serverIds = globals->getServerIds();
+ for ( std::vector<OlcServerId>::const_iterator i = serverIds.begin();
i != serverIds.end(); i++ )
{
- resList.add(YCPString(*i));
+ YCPMap idMap;
+ idMap.add( YCPString("id"), YCPInteger( i->getServerId() ) );
+ idMap.add( YCPString("uri"), YCPString( i->getServerUri() ) );
+ resList.add( idMap );
}
return resList;
}
@@ -884,31 +934,32 @@
}
else if ( dbComponent == "syncrepl" )
{
- YCPMap resMap;
+ YCPList resList;
OlcSyncReplList srl = (*i)->getSyncRepl();
- if ( ! srl.empty() )
+ OlcSyncReplList::const_iterator sr;
+ for ( sr = srl.begin(); sr != srl.end(); sr++ )
{
- boost::shared_ptr<OlcSyncRepl> sr = *srl.begin();
- resMap.add( YCPString(OlcSyncRepl::RID), YCPInteger( sr->getRid() ));
+ YCPMap resMap;
+ resMap.add( YCPString(OlcSyncRepl::RID), YCPInteger( (*sr)->getRid() ));
std::string proto,host;
int port;
- sr->getProviderComponents(proto, host, port);
+ (*sr)->getProviderComponents(proto, host, port);
YCPMap providerMap;
providerMap.add( YCPString("protocol"), YCPString(proto) );
providerMap.add( YCPString("target"), YCPString(host) );
providerMap.add( YCPString("port"), YCPInteger(port) );
resMap.add( YCPString(OlcSyncRepl::PROVIDER), providerMap );
- resMap.add( YCPString(OlcSyncRepl::TYPE), YCPString( sr->getType() ));
- if ( sr->getStartTls() != OlcSyncRepl::StartTlsNo )
+ resMap.add( YCPString(OlcSyncRepl::TYPE), YCPString( (*sr)->getType() ));
+ if ( (*sr)->getStartTls() != OlcSyncRepl::StartTlsNo )
{
resMap.add( YCPString(OlcSyncRepl::STARTTLS), YCPBoolean( true ));
}
- if ( sr->getType() == "refreshOnly" )
+ if ( (*sr)->getType() == "refreshOnly" )
{
YCPMap intervalMap;
int d,h,m,s;
- sr->getInterval(d, h, m, s);
+ (*sr)->getInterval(d, h, m, s);
intervalMap.add( YCPString("days"), YCPInteger(d) );
intervalMap.add( YCPString("hours"), YCPInteger(h) );
intervalMap.add( YCPString("mins"), YCPInteger(m) );
@@ -916,41 +967,36 @@
resMap.add( YCPString( OlcSyncRepl::INTERVAL ), intervalMap );
}
- resMap.add( YCPString(OlcSyncRepl::BINDDN), YCPString( sr->getBindDn() ));
- resMap.add( YCPString(OlcSyncRepl::CREDENTIALS), YCPString( sr->getCredentials()));
- resMap.add( YCPString(OlcSyncRepl::BASE), YCPString( sr->getSearchBase()));
- std::string updateref((*i)->getStringValue("olcUpdateRef"));
- if (! updateref.empty() )
- {
- LDAPUrl updateUrl(updateref);
- YCPMap updaterefMap;
- std::string updateHost(updateUrl.getHost() );
- std::string updateProt(updateUrl.getScheme() );
- int updatePort(updateUrl.getPort() );
-
- // don't set updateref when using updateref == provideruri
- if ( updatePort != updatePort ||
- updateHost != host ||
- updateProt != proto )
- {
- updaterefMap.add( YCPString("protocol"), YCPString( updateUrl.getScheme() ) );
- updaterefMap.add( YCPString("target"), YCPString( updateUrl.getHost() ) );
- updaterefMap.add( YCPString("port"), YCPInteger( updateUrl.getPort() ) );
- updaterefMap.add( YCPString("use_provider"), YCPBoolean( false ) );
- }
- else
- {
- updaterefMap.add( YCPString("use_provider"), YCPBoolean( true ) );
- }
- resMap.add( YCPString("updateref"), updaterefMap );
- }
- else
- {
- resMap.add( YCPString("updateref"), YCPMap() );
- }
+ resMap.add( YCPString(OlcSyncRepl::BINDDN), YCPString( (*sr)->getBindDn() ));
+ resMap.add( YCPString(OlcSyncRepl::CREDENTIALS), YCPString( (*sr)->getCredentials()));
+ resMap.add( YCPString(OlcSyncRepl::BASE), YCPString( (*sr)->getSearchBase()));
+ resList.add(resMap);
+ }
+ return resList;
+ }
+ else if ( dbComponent == "updateref" )
+ {
+ YCPMap resMap;
+ std::string updateRefAttr( (*i)->getStringValue( "olcUpdateRef" ) );
+
+ if (! updateRefAttr.empty() )
+ {
+ LDAPUrl updateUrl(updateRefAttr);
+
+ resMap.add( YCPString("protocol"), YCPString( updateUrl.getScheme() ) );
+ resMap.add( YCPString("target"), YCPString( updateUrl.getHost() ) );
+ resMap.add( YCPString("port"), YCPInteger( updateUrl.getPort() ) );
+ }
+ else
+ {
+ resMap = YCPNull();
}
return resMap;
}
+ else if ( dbComponent == "mirrormode" )
+ {
+ return YCPBoolean((*i)->getMirrorMode());
+ }
else
{
lastError->add(YCPString("summary"), YCPString("Read Failed") );
@@ -1221,13 +1267,16 @@
if ( path->component_str(0) == "serverIds" )
{
YCPList ycpServerIds = arg->asList();
- StringList values;
+ std::vector<OlcServerId> serverids;
+
YCPList::const_iterator i;
for ( i = ycpServerIds.begin(); i != ycpServerIds.end(); i++ )
{
- values.add( (*i)->asString()->value_cstr() );
+ YCPMap yServerId = (*i)->asMap();
+ serverids.push_back( OlcServerId( yServerId->value( YCPString("id") )->asInteger()->value(),
+ yServerId->value( YCPString("uri") )->asString()->value_cstr() ) );
}
- globals->setStringValues("olcServerId", values);
+ globals->setServerIds(serverids);
}
}
@@ -1723,143 +1772,113 @@
ret = true;
}
else if ( dbComponent == "syncrepl" )
- {
- YCPMap argMap = arg->asMap();
- if ( argMap->size() > 0 )
+ {
+ if ( path->length() == 3 )
{
- ret = true;
- OlcSyncReplList srl = (*i)->getSyncRepl();
- boost::shared_ptr<OlcSyncRepl> sr;
- if ( srl.empty() )
- {
- sr = boost::shared_ptr<OlcSyncRepl>(new OlcSyncRepl());
- srl.push_back(sr);
-
- // find available rid (rid must be unique accross the server)
- OlcDatabaseList::const_iterator k;
- int largest_rid=0;
- for ( k = databases.begin(); k != databases.end() ; k++ )
+ std::string srComp = path->component_str(2);
+ y2milestone("Component '%s'", srComp.c_str());
+ if ( srComp == "add" )
+ {
+ YCPMap argMap = arg->asMap();
+ boost::shared_ptr<OlcSyncRepl> sr( new OlcSyncRepl() );
+ ret = this->ycpMap2SyncRepl( argMap, sr );
+ if ( ret )
{
- OlcSyncReplList srl1 = (*k)->getSyncRepl();
- if ( srl1.empty() )
- {
- continue;
- }
- boost::shared_ptr<OlcSyncRepl> sr1;
- int currid = (*srl1.begin())->getRid();
- if ( currid > largest_rid )
+ int rid = this->getNextRid();
+ y2milestone( "New Rid: %d", rid );
+ if ( rid )
{
- largest_rid=currid;
+ sr->setRid( rid );
+ (*i)->addSyncRepl(sr);
}
}
- sr->setRid(largest_rid+1);
}
- else
+ else if ( srComp == "del" )
{
- sr = *srl.begin();
- }
- YCPMap providerMap = argMap->value(YCPString("provider"))->asMap();
- std::string protocol( providerMap->value(YCPString("protocol"))->asString()->value_cstr() );
- std::string target( providerMap->value(YCPString("target"))->asString()->value_cstr() );
- int port = providerMap->value(YCPString("port"))->asInteger()->value();
- std::string type( argMap->value(YCPString("type"))->asString()->value_cstr() );
- std::string basedn( argMap->value(YCPString("basedn"))->asString()->value_cstr() );
- std::string binddn( argMap->value(YCPString("binddn"))->asString()->value_cstr() );
- std::string cred( argMap->value(YCPString("credentials"))->asString()->value_cstr() );
- bool starttls = argMap->value(YCPString("starttls"))->asBoolean()->value();
-
- LDAPUrl prvuri;
- prvuri.setScheme(protocol);
- prvuri.setHost(target);
- if ( ( protocol == "ldap" && port != 389 ) || ( protocol == "ldaps" && port != 636 ) )
- {
- prvuri.setPort(port);
- }
-
- sr->setType( type );
- sr->setProvider( prvuri );
- sr->setSearchBase( basedn );
- sr->setBindDn( binddn );
- sr->setCredentials( cred );
- // default retry (every 120 seconds)
- sr->setRetryString( "120 +" );
- sr->setTlsReqCert("demand");
-
- if ( starttls )
- {
- sr->setStartTls( OlcSyncRepl::StartTlsCritical );
- }
- else
- {
- sr->setStartTls( OlcSyncRepl::StartTlsNo );
- }
-
- if ( type == "refreshOnly" )
- {
- if ( argMap->value(YCPString("interval")).isNull() )
- {
- lastError->add(YCPString("summary"), YCPString("Writing SyncRepl config failed") );
- lastError->add(YCPString("description"), YCPString("\"RefreshOnly needs Interval\"") );
- ret = false;
- }
- else
+ LDAPUrl destUrl( std::string( arg->asString()->value_cstr() ) );
+ OlcSyncReplList srl = (*i)->getSyncRepl();
+ OlcSyncReplList::iterator j;
+ for ( j = srl.begin(); j != srl.end(); j++ )
{
- YCPMap ivMap = argMap->value(YCPString("interval"))->asMap();
- int days = ivMap->value(YCPString("days"))->asInteger()->value();
- int hours = ivMap->value(YCPString("hours"))->asInteger()->value();
- int mins = ivMap->value(YCPString("mins"))->asInteger()->value();
- int secs = ivMap->value(YCPString("secs"))->asInteger()->value();
-
- if ( days == 0 && hours == 0 && mins == 0 && secs == 0 )
+ std::string proto, target;
+ int port;
+ (*j)->getProviderComponents( proto, target, port );
+ if ( proto == destUrl.getScheme() &&
+ target == destUrl.getHost() &&
+ port == destUrl.getPort() )
{
- lastError->add(YCPString("summary"), YCPString("Writing SyncRepl config failed") );
- lastError->add(YCPString("description"), YCPString("\"Syncrepl Interval is 00:00:00\"") );
- ret = false;
- }
- else
- {
- sr->setInterval( days, hours, mins, secs );
+ srl.erase(j);
+ break;
}
}
+ (*i)->setSyncRepl( srl );
+ ret = true;
}
- (*i)->setSyncRepl(srl);
- if ( argMap->value(YCPString("updateref")).isNull() )
- {
- // set provider URL as updateref if no customer URI was supplied
- (*i)->setStringValue("olcUpdateRef", prvuri.getURLString() );
- }
- else
- {
- YCPMap updaterefMap = argMap->value(YCPString("updateref"))->asMap();
- if ( updaterefMap.size() > 0 )
+ }
+ else
+ {
+ // for backwards compatiblity
+ YCPMap argMap = arg->asMap();
+ if ( argMap->size() > 0 )
+ {
+ ret = true;
+ OlcSyncReplList srl = (*i)->getSyncRepl();
+ boost::shared_ptr<OlcSyncRepl> sr;
+ if ( srl.empty() )
{
- if ( !updaterefMap->value(YCPString("use_provider")).isNull() &&
- updaterefMap->value(YCPString("use_provider"))->asBoolean()->value() )
- {
- (*i)->setStringValue("olcUpdateRef", prvuri.getURLString() );
- }
- else
+ sr = boost::shared_ptr<OlcSyncRepl>(new OlcSyncRepl());
+ srl.push_back(sr);
+
+ // find available rid (rid must be unique accross the server)
+ OlcDatabaseList::const_iterator k;
+ int largest_rid=0;
+ for ( k = databases.begin(); k != databases.end() ; k++ )
{
- LDAPUrl updaterefUrl;
- updaterefUrl.setScheme( updaterefMap->value(YCPString("protocol"))->asString()->value_cstr() );
- updaterefUrl.setHost( updaterefMap->value(YCPString("target"))->asString()->value_cstr() );
- updaterefUrl.setPort( updaterefMap->value(YCPString("port"))->asInteger()->value() );
- (*i)->setStringValue("olcUpdateRef", updaterefUrl.getURLString() );
+ OlcSyncReplList srl1 = (*k)->getSyncRepl();
+ if ( srl1.empty() )
+ {
+ continue;
+ }
+ boost::shared_ptr<OlcSyncRepl> sr1;
+ int currid = (*srl1.begin())->getRid();
+ if ( currid > largest_rid )
+ {
+ largest_rid=currid;
+ }
}
+ sr->setRid(largest_rid+1);
}
else
{
- (*i)->setStringValue("olcUpdateRef", "" );
+ sr = *srl.begin();
}
+ ret = this->ycpMap2SyncRepl( argMap, sr );
+ (*i)->setSyncRepl(srl);
}
+ else
+ {
+ // clear syncrepl config
+ (*i)->setStringValue("olcSyncRepl", "" );
+ ret = true;
+ }
+ }
+ }
+ else if ( dbComponent == "updateref" )
+ {
+ YCPMap updaterefMap = arg->asMap();
+ if ( updaterefMap.size() > 0 )
+ {
+ LDAPUrl updaterefUrl;
+ updaterefUrl.setScheme( updaterefMap->value(YCPString("protocol"))->asString()->value_cstr() );
+ updaterefUrl.setHost( updaterefMap->value(YCPString("target"))->asString()->value_cstr() );
+ updaterefUrl.setPort( updaterefMap->value(YCPString("port"))->asInteger()->value() );
+ (*i)->setStringValue("olcUpdateRef", updaterefUrl.getURLString() );
}
else
{
- // clear syncrepl config
- (*i)->setStringValue("olcSyncRepl", "" );
(*i)->setStringValue("olcUpdateRef", "" );
- ret = true;
}
+ ret = true;
}
else if ( dbComponent == "dbconfig" )
{
@@ -1872,6 +1891,12 @@
(*i)->setStringValues("olcDbConfig", dbConfList );
ret = true;
}
+ else if ( dbComponent == "mirrormode" )
+ {
+ YCPBoolean argVal = arg->asBoolean();
+ (*i)->setMirrorMode( argVal->value() );
+ ret = true;
+ }
else
{
lastError->add(YCPString("summary"), YCPString("Write Failed") );
@@ -2113,7 +2138,7 @@
return YCPBoolean(false);
}
-YCPString SlapdConfigAgent::ConfigToLdif( bool resetCsn ) const
+YCPString SlapdConfigAgent::ConfigToLdif() const
{
y2milestone("ConfigToLdif");
std::ostringstream ldif;
@@ -2121,34 +2146,19 @@
{
throw std::runtime_error("Configuration not initialized. Can't create LDIF dump." );
}
- if ( resetCsn )
- {
- globals->setStringValue("entryCSN", "19700101000000.000000Z#000000#000#000000");
- // schemaBase entryCSN won't be resetted as it cause trouble during replication
- // of hardcoded schema values
- }
ldif << globals->toLdif() << std::endl;
if ( schemaBase )
{
- if ( resetCsn )
- schemaBase->setStringValue("entryCSN", "19700101000000.000000Z#000000#000#000000");
-
ldif << schemaBase->toLdif() << std::endl;
OlcSchemaList::const_iterator j;
for ( j = schema.begin(); j != schema.end() ; j++ )
{
- if ( resetCsn )
- (*j)->setStringValue("entryCSN", "19700101000000.000000Z#000000#000#000000");
-
ldif << (*j)->toLdif() << std::endl;
}
}
OlcDatabaseList::const_iterator i = databases.begin();
for ( ; i != databases.end(); i++ )
{
- if ( resetCsn )
- (*i)->setStringValue("entryCSN", "19700101000000.000000Z#000000#000#000000");
-
ldif << (*i)->toLdif() << std::endl;
OlcOverlayList overlays = (*i)->getOverlays();
OlcOverlayList::iterator k;
@@ -2297,3 +2307,171 @@
throw;
}
}
+
+class CompareUri
+{
+ private:
+ const std::string &theUri;
+
+ public:
+ CompareUri( const std::string &val ) : theUri(val) {}
+
+ bool operator() ( const OlcServerId &id ) const
+ {
+ return theUri == id.getServerUri();
+ }
+};
+
+class CompareId
+{
+ private:
+ int theId;
+
+ public:
+ CompareId( int val ) : theId(val) {}
+
+ bool operator() ( const OlcServerId &id ) const
+ {
+ return theId == id.getServerId();
+ }
+};
+
+void SlapdConfigAgent::assignServerId( const std::string &uri )
+{
+ // check if uri has already a Id assigned
+ std::vector<OlcServerId> serverIds = globals->getServerIds();
+
+ std::vector<OlcServerId>::const_iterator found;
+ found = find_if(serverIds.begin(), serverIds.end(), CompareUri(uri) );
+ if ( found != serverIds.end() )
+ {
+ y2milestone("Found ServerId %s", found->toStringVal().c_str() );
+ return;
+ }
+
+ for ( int j=1; j < 999; j++ )
+ {
+ found = find_if(serverIds.begin(), serverIds.end(), CompareId(j) );
+ if ( found == serverIds.end() )
+ {
+ y2milestone( "Free ServerId %d", j);
+ globals->addServerId( OlcServerId( j, uri ) );
+ return;
+ }
+ }
+}
+
+class CompareRid
+{
+ private:
+ int theRid;
+
+ public:
+ CompareRid( int val ) : theRid(val) {}
+
+ bool operator() ( const boost::shared_ptr<OlcSyncRepl> sr ) const
+ {
+ return theRid == sr->getRid();
+ }
+};
+
+int SlapdConfigAgent::getNextRid() const
+{
+ OlcDatabaseList::const_iterator i;
+ int rid;
+ for ( rid = 1; rid < 999; rid++ )
+ {
+ bool isFree = true;
+
+ for ( i = databases.begin(); i != databases.end() ; i++ )
+ {
+ OlcSyncReplList::const_iterator found;
+ OlcSyncReplList srl = (*i)->getSyncRepl();
+ found = find_if( srl.begin(), srl.end(), CompareRid(rid) );
+ if ( found != srl.end() )
+ {
+ isFree = false;
+ break;
+ }
+ }
+ if ( isFree )
+ {
+ return rid;
+ }
+ }
+ return 0;
+}
+
+bool SlapdConfigAgent::ycpMap2SyncRepl( const YCPMap &srMap, boost::shared_ptr<OlcSyncRepl> sr )
+{
+ bool ret = true;
+ YCPMap providerMap = srMap->value(YCPString("provider"))->asMap();
+ std::string protocol( providerMap->value(YCPString("protocol"))->asString()->value_cstr() );
+ std::string target( providerMap->value(YCPString("target"))->asString()->value_cstr() );
+ int port = providerMap->value(YCPString("port"))->asInteger()->value();
+ std::string type( srMap->value(YCPString("type"))->asString()->value_cstr() );
+ std::string basedn( srMap->value(YCPString("basedn"))->asString()->value_cstr() );
+ std::string binddn( srMap->value(YCPString("binddn"))->asString()->value_cstr() );
+ std::string cred( srMap->value(YCPString("credentials"))->asString()->value_cstr() );
+ bool starttls = false;
+ if (! srMap->value(YCPString("starttls")).isNull() )
+ {
+ starttls = srMap->value(YCPString("starttls"))->asBoolean()->value();
+ }
+
+ LDAPUrl prvuri;
+ prvuri.setScheme(protocol);
+ prvuri.setHost(target);
+ if ( ( protocol == "ldap" && port != 389 ) || ( protocol == "ldaps" && port != 636 ) )
+ {
+ prvuri.setPort(port);
+ }
+
+ sr->setType( type );
+ sr->setProvider( prvuri );
+ sr->setSearchBase( basedn );
+ sr->setBindDn( binddn );
+ sr->setCredentials( cred );
+ // default retry (every 120 seconds)
+ sr->setRetryString( "120 +" );
+ sr->setTlsReqCert("demand");
+
+ if ( starttls )
+ {
+ sr->setStartTls( OlcSyncRepl::StartTlsCritical );
+ }
+ else
+ {
+ sr->setStartTls( OlcSyncRepl::StartTlsNo );
+ }
+
+ if ( type == "refreshOnly" )
+ {
+ if ( srMap->value(YCPString("interval")).isNull() )
+ {
+ lastError->add(YCPString("summary"), YCPString("Writing SyncRepl config failed") );
+ lastError->add(YCPString("description"), YCPString("\"RefreshOnly needs Interval\"") );
+ ret = false;
+ }
+ else
+ {
+ YCPMap ivMap = srMap->value(YCPString("interval"))->asMap();
+ int days = ivMap->value(YCPString("days"))->asInteger()->value();
+ int hours = ivMap->value(YCPString("hours"))->asInteger()->value();
+ int mins = ivMap->value(YCPString("mins"))->asInteger()->value();
+ int secs = ivMap->value(YCPString("secs"))->asInteger()->value();
+
+ if ( days == 0 && hours == 0 && mins == 0 && secs == 0 )
+ {
+ lastError->add(YCPString("summary"), YCPString("Writing SyncRepl config failed") );
+ lastError->add(YCPString("description"), YCPString("\"Syncrepl Interval is 00:00:00\"") );
+ ret = false;
+ }
+ else
+ {
+ sr->setInterval( days, hours, mins, secs );
+ }
+ }
+ }
+ return ret;
+}
Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.h
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.h?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/agent/SlapdConfigAgent.h (original)
+++ trunk/ldap-server/src/agent/SlapdConfigAgent.h Mon Nov 21 11:09:24 2011
@@ -67,7 +67,7 @@
YCPBoolean WriteSchema( const YCPPath &path,
const YCPValue &arg = YCPNull(),
const YCPValue &opt = YCPNull());
- YCPString ConfigToLdif( bool resetCsn = false ) const;
+ YCPString ConfigToLdif() const;
bool remoteBindCheck( const YCPValue &arg );
bool remoteSyncCheck( const YCPValue &arg );
void startTlsCheck( LDAPConnection &c);
@@ -76,6 +76,9 @@
const std::string &bindpw);
void syncCheck( LDAPConnection &c,
const std::string &basedn );
+ void assignServerId( const std::string &uri );
+ int getNextRid() const;
+ bool ycpMap2SyncRepl( const YCPMap &srMap, boost::shared_ptr<OlcSyncRepl> sr );
private:
YCPMap lastError;
Modified: trunk/ldap-server/src/complex.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/complex.ycp?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/complex.ycp (original)
+++ trunk/ldap-server/src/complex.ycp Mon Nov 21 11:09:24 2011
@@ -99,7 +99,7 @@
LdapServer::InitDbDefaults();
return `initial;
}
- else if ( !serviceEnabled || !serviceRunning )
+ else if ( !serviceRunning )
{
symbol ret = Popup::AnyQuestion3( _("Existing configuration detected."),
_("You have an existing configuration, but the LDAP server is currently not running.
@@ -108,7 +108,7 @@
_("Restart"), Label::CancelButton(), _("New Configuration"), `focus_yes );
if ( ret == `yes )
{
- LdapServer::WriteServiceEnabled( true );
+ LdapServer::WriteRestartRequired( true );
return `reread;
}
else if (ret == `no )
Modified: trunk/ldap-server/src/dialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/dialogs.ycp?rev=66877&r1=66876&r2=66877&view=diff
==============================================================================
--- trunk/ldap-server/src/dialogs.ycp (original)
+++ trunk/ldap-server/src/dialogs.ycp Mon Nov 21 11:09:24 2011
@@ -112,14 +112,7 @@
{
//create new item
term widget = nil;
- if ( !LdapServer::ReadServiceEnabled() )
- {
- if ( name != "daemon" ) {
- Popup::Error( _("The LDAP Server is currently disabled, no configuration changes are possible.") );
- name = "daemon";
- }
- }
- else if ( !LdapServer::ReadServiceRunning() )
+ if ( !LdapServer::ReadServiceRunning() )
{
if ( name != "daemon" ) {
symbol ret = Popup::AnyQuestion3( _("The LDAP Server is not running."),
@@ -778,7 +771,8 @@
term widget =
`HSquash(
`VBox(
- `Heading( _("Slave server setup") ),
+ `Heading( _("Provider details") ),
+ `VSpacing(0.3),
`VSpacing(),
`VSquash(
`HBox(
@@ -799,7 +793,17 @@
)
),
`VSpacing(0.3),
- `Password( `id( `te_config_cred ), `opt(`hstretch), _("Administration Password for the \"cn=config\" Database"), "" )
+ `Password( `id( `te_config_cred ), `opt(`hstretch), _("Administration Password for the \"cn=config\" Database"), "" ),
+ `VSpacing(0.3),
+ `VSquash(
+ `HBox(
+ `InputField( `id( `te_ca_file ), `opt( `hstretch ), _("C&A Certificate File (PEM Format)") ),
+ `HSpacing( 0.5 ),
+ `Bottom(
+ `PushButton( `id( `pb_ca_file ), _("Bro&wse...") )
+ )
+ )
+ )
)
);
@@ -809,9 +813,12 @@
Label::BackButton(),
Label::NextButton() );
any ret = nil;
+ string cacert = "/etc/ssl/certs/YaST-CA.pem";
+
while ( true )
{
UI::ChangeWidget(`cb_start_tls, `Enabled, false );
+ UI::ChangeWidget(`te_ca_file, `Value, cacert );
map synbase = LdapServer::ReadSyncreplBaseConfig();
if ( size(synbase) > 0 )
{
@@ -829,8 +836,23 @@
ret = UI::UserInput();
}
y2milestone( "SlaveSetupDialog: seeing return value '%1'", ret );
- if ( ret == `next )
+ if( ret == `pb_ca_file )
+ {
+ string name = UI::AskForExistingFile( "/etc/ssl/certs", "*.pem *.crt *", _("Select CA Certificate File") );
+ if( name != nil )
+ {
+ cacert = name;
+ }
+ continue;
+ }
+ else if ( ret == `next )
{
+ if ( cacert == "" || cacert == nil )
+ {
+ Popup::Error( _("Please select a valid CA Certificate File") );
+ continue;
+ }
+
// test connection
map provider = $[
"protocol" : (string)UI::QueryWidget( `cb_sync_prot, `Value ),
@@ -851,6 +873,11 @@
testparm = add(testparm, "basedn", "cn=config" );
testparm = add(testparm, "binddn", "cn=config" );
testparm = add(testparm, "credentials", (string)UI::QueryWidget(`te_config_cred, `Value) );
+ if ( cacert != "" && cacert != nil )
+ {
+ testparm = add( testparm, "cacert", cacert );
+ }
+
if (! LdapServer::ReadModeInstProposal() ) // Doing these checks during installation will
// most probably fail
{
@@ -876,13 +903,20 @@
continue;
}
// Check if the syncrepl config of cn=config makes sense
- map syncrepl = LdapServer::ReadSyncRepl(0);
+ list