1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
#!/bin/sh
exec smbscript "$0" ${1+"$@"}
/*
provision a Samba4 server
Copyright Andrew Tridgell 2005
Released under the GNU GPL v2 or later
*/
options = GetOptions(ARGV,
"POPT_AUTOHELP",
"POPT_COMMON_SAMBA",
"POPT_COMMON_VERSION",
"POPT_COMMON_CREDENTIALS",
'realm=s',
'host-name=s',
'ldap-manager-pass=s',
'root=s',
'quiet',
'ldap-backend-type=s',
'ldap-backend-port=i');
if (options == undefined) {
println("Failed to parse options");
return -1;
}
sys = sys_init();
libinclude("base.js");
libinclude("provision.js");
/*
print a message if quiet is not set
*/
function message()
{
if (options["quiet"] == undefined) {
print(vsprintf(arguments));
}
}
/*
show some help
*/
function ShowHelp()
{
print("
Samba4 provisioning
provision [options]
--realm REALM set realm
--host-name HOSTNAME set hostname
--ldap-manager-pass PASSWORD choose LDAP Manager password (otherwise random)
--root USERNAME choose 'root' unix username
--quiet Be quiet
--ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
--ldap-backend-port PORT Select the TCP port (if any) that the LDAP backend should listen on (Fedora DS only)
You must provide at least a realm and ldap-backend-type
");
exit(1);
}
if (options['host-name'] == undefined) {
options['host-name'] = hostname();
}
/*
main program
*/
if (options["realm"] == undefined ||
options["ldap-backend-type"] == undefined ||
options["host-name"] == undefined) {
ShowHelp();
}
/* cope with an initially blank smb.conf */
var lp = loadparm_init();
lp.set("realm", options.realm);
lp.reload();
var subobj = provision_guess();
for (r in options) {
var key = strupper(join("", split("-", r)));
subobj[key] = options[r];
}
var paths = provision_default_paths(subobj);
provision_fix_subobj(subobj, paths);
message("Provisioning LDAP backend for %s in realm %s into %s\n", subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR);
message("Using LDAP Manager password: %s\n", subobj.LDAPMANAGERPASS);
var tmp_schema_ldb = subobj.LDAPDIR + "/schema-tmp.ldb";
sys.mkdir(subobj.LDAPDIR, 0700);
provision_schema(subobj, message, tmp_schema_ldb, paths);
var mapping;
var ext;
if (options["ldap-backend-type"] == "fedora-ds") {
mapping = "schema-map-fedora-ds-1.0";
ext = "ldif";
if (options["ldap-backend-port"] != undefined) {
message("Will listen on TCP port " + options["ldap-backend-port"] + "\n");
subobj.SERVERPORT="ServerPort = " + options["ldap-backend-port"];
} else {
message("Will listen on LDAPI only\n");
subobj.SERVERPORT="";
}
setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
} else if (options["ldap-backend-type"] == "openldap") {
provision_ldapbase(subobj, message, paths);
mapping = "schema-map-openldap-2.3";
ext = "schema";
setup_file("slapd.conf", message, subobj.LDAPDIR + "/slapd.conf", subobj);
setup_file("modules.conf", message, subobj.LDAPDIR + "/modules.conf", subobj);
sys.mkdir(subobj.LDAPDIR + "/db", 0700);
subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/user";
sys.mkdir(subobj.LDAPDBDIR, 0700);
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/config";
sys.mkdir(subobj.LDAPDBDIR, 0700);
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/schema";
sys.mkdir(subobj.LDAPDBDIR, 0700);
sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
if (options["ldap-backend-port"] != undefined) {
message("NOTE: OpenLDAP TCP ports are controlled on the command line, not in the generated config file\n");
}
}
message("ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext + "\n");
message("All OK\n");
return 0;
|