provision: Create instructions for enabling DNS GSS-TSIG updates.

Added code to the python provisioning to create the named.conf file that was previously generated by the EJS provisioning. Updated the named.conf template to provide the additional details necessary to get things working. (This used to be commit 0b7a6bfcba1b906dc4d461882b4c3fe3c91c44e0)
author: Andrew Kroeger <andrew@sprocks.gotdns.com> 2008-05-17 23:24:48 -0500
committer: Andrew Kroeger <andrew@sprocks.gotdns.com> 2008-05-18 01:54:57 -0500
commit: 25ea110c3814abcb824adb3619a44622ba8d2936 (patch)
tree: ab9db89ec83eb79e2049528cdf3ef7f708594074 /source4/scripting
parent: 18aa2d58ed684bd091084b87f7e93c4656ffaabe (diff)
download: samba-25ea110c3814abcb824adb3619a44622ba8d2936.tar.gz
samba-25ea110c3814abcb824adb3619a44622ba8d2936.tar.bz2
samba-25ea110c3814abcb824adb3619a44622ba8d2936.zip
1 files changed, 25 insertions, 7 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index ad8eb8bffd..4818a79f00 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -236,6 +236,7 @@ def provision_paths_from_lp(lp, dnsdomain):
     paths.secrets = os.path.join(paths.private_dir, lp.get("secrets database") or "secrets.ldb")
     paths.templates = os.path.join(paths.private_dir, "templates.ldb")
     paths.dns = os.path.join(paths.private_dir, dnsdomain + ".zone")
+    paths.namedconf = os.path.join(paths.private_dir, "named.conf")
     paths.winsdb = os.path.join(paths.private_dir, "wins.ldb")
     paths.s4_ldapi_path = os.path.join(paths.private_dir, "ldapi")
     paths.phpldapadminconfig = os.path.join(paths.private_dir, 
@@ -1059,12 +1060,14 @@ def provision(setup_dir, message, session_info,
                                        scope=SCOPE_SUBTREE)
             assert isinstance(hostguid, str)
             
-            create_zone_file(paths.dns, setup_path, samdb, 
+            create_zone_file(paths.dns, paths.namedconf, setup_path, samdb, 
                              hostname=names.hostname, hostip=hostip,
                              hostip6=hostip6, dnsdomain=names.dnsdomain,
                              domaindn=names.domaindn, dnspass=dnspass, realm=names.realm, 
-                             domainguid=domainguid, hostguid=hostguid)
+                             domainguid=domainguid, hostguid=hostguid,
+                             private_dir=paths.private_dir, keytab_name=paths.dns_keytab)
             message("Please install the zone located in %s into your DNS server" % paths.dns)
+            message("See %s if you want to use secure GSS-TSIG updates" % paths.namedconf)
             
     create_phpldapadmin_config(paths.phpldapadminconfig, setup_path, 
                                ldapi_url)
@@ -1281,12 +1284,18 @@ def create_phpldapadmin_config(path, setup_path, ldapi_uri):
             {"S4_LDAPI_URI": ldapi_uri})
 
 
-def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn, 
-                  hostip, hostip6, hostname, dnspass, realm, domainguid, hostguid):
+def create_zone_file(path_zone, path_conf, setup_path, samdb, dnsdomain, domaindn, 
+                  hostip, hostip6, hostname, dnspass, realm, domainguid, hostguid,
+                  private_dir, keytab_name):
     """Write out a DNS zone file, from the info in the current database.
+
+    Also writes a file with stubs appropriate for a DNS configuration file
+    (including GSS-TSIG configuration), and details as to some of the other
+    configuration changes that may be necessary.
     
-    :param path: Path of the new file.
-    :param setup_path": Setup path function.
+    :param path_zone: Path of the new zone file.
+    :param path_conf: Path of the config stubs file.
+    :param setup_path: Setup path function.
     :param samdb: SamDB object
     :param dnsdomain: DNS Domain name
     :param domaindn: DN of the Domain
@@ -1307,7 +1316,7 @@ def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn,
         hostip6_base_line = "			IN AAAA	" + hostip6
         hostip6_host_line = hostname + "		IN AAAA	" + hostip6
 
-    setup_file(setup_path("provision.zone"), path, {
+    setup_file(setup_path("provision.zone"), path_zone, {
             "DNSPASS_B64": b64encode(dnspass),
             "HOSTNAME": hostname,
             "DNSDOMAIN": dnsdomain,
@@ -1321,6 +1330,15 @@ def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn,
             "HOSTIP6_HOST_LINE": hostip6_host_line,
         })
 
+    setup_file(setup_path("named.conf"), path_conf, {
+            "DNSDOMAIN": dnsdomain,
+            "REALM": realm,
+            "REALM_WC": "*." + ".".join(realm.split(".")[1:]),
+            "HOSTNAME": hostname,
+            "DNS_KEYTAB": keytab_name,
+            "DNS_KEYTAB_ABS": os.path.join(private_dir, keytab_name),
+        })
+
 def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename):
     """Load schema for the SamDB.
author	Andrew Kroeger <andrew@sprocks.gotdns.com>	2008-05-17 23:24:48 -0500
committer	Andrew Kroeger <andrew@sprocks.gotdns.com>	2008-05-18 01:54:57 -0500
commit	25ea110c3814abcb824adb3619a44622ba8d2936 (patch)
tree	ab9db89ec83eb79e2049528cdf3ef7f708594074 /source4/scripting
parent	18aa2d58ed684bd091084b87f7e93c4656ffaabe (diff)
download	samba-25ea110c3814abcb824adb3619a44622ba8d2936.tar.gz samba-25ea110c3814abcb824adb3619a44622ba8d2936.tar.bz2 samba-25ea110c3814abcb824adb3619a44622ba8d2936.zip